home

pe.exe

µTorrent

BitTorrent, Inc.

The executable pe.exe has been detected as malware by 40 anti-virus scanners. Accoriding to the detections, this has been classified as a kyelogger which is capable of recoring a user's keystrokes.
Publisher:
BitTorrent, Inc.

Product:
µTorrent

Version:
2.0.0.18620

MD5:
95ee736c55d2c2d3856644f864e7a784

SHA-1:
b85586d5ff668505c18b1e3bf249416b751ab7c7

SHA-256:
218df078f53a588c9a191102b08aa1d4c11a5a0e9648364270bc415a5387b779

Scanner detections:
40 / 68

Status:
Malware

Explanation:
The software cotains keystroke monitoring/logging capablities which may or may not be installed without the user's knowledge.

Analysis date:
4/28/2024 2:37:27 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Heur.MSIL.Krypt.3
-40

AegisLab AV Signature
Troj.W32.Gen.llMu
2.1.4+

AhnLab V3 Security
Trojan/Win32.Keylogger.R1460
3.8.3.16

Avira AntiVirus
TR/Spy.VB.M.186
8.3.3.4

Arcabit
Trojan.MSIL.Krypt.3
1.0.0.798

avast!
MSIL:GenMalicious-EQC [Trj]
2014.9-170316

AVG
PSW.ILSpy
2018.0.2438

Baidu Antivirus
MSIL.Trojan.Keylogger
4.0.3.17316

Bitdefender
Gen:Heur.MSIL.Krypt.3
1.0.20.375

Bkav FE
W32.OnGamesLTKVPOAJ.Trojan
1.3.0.8876

Clam AntiVirus
Win.Trojan.Keylogger-779
0.99.211

Comodo Security
TrojWare.Win32.KeyLogger.Agent.~das
26753

Dr.Web
Trojan.AVKill.17208
9.0.1.075

Emsisoft Anti-Malware
Gen:Heur.MSIL.Krypt
8.17.03.16.10

ESET NOD32
MSIL/Spy.Keylogger.DN
11.15085

Fortinet FortiGate
MSIL/AntiAV.NET!tr
3/16/2017

F-Prot
W32/Trojan2.MYNE
v6.4.7.1.166

F-Secure
Gen:Heur.MSIL.Krypt.3
11.2017-16-03_5

G Data
Gen:Heur.MSIL.Krypt
17.3.A:25.11175B:25.9080

IKARUS anti.virus
Trojan.MSIL.Spy
0.2.1.2

K7 AntiVirus
Trojan
13.10.5.22706

Kaspersky
HEUR:Trojan.Win32.Generic
14.0.0.-1317

Malwarebytes
Trojan.Agent.MSIL
v2017.03.16.10

McAfee
Generic MSIL.a
5600.6094

Microsoft Security Essentials
MonitoringTool:MSIL/Emissary
1.1.13504.0

MicroWorld eScan
Gen:Heur.MSIL.Krypt.3
18.0.0.225

NANO AntiVirus
Trojan.Win32.Katusha.tbpwk
1.0.70.15657

Panda Antivirus
Generic Malware
17.03.16.10

Qihoo 360 Security
Win32/Trojan.Spy.e26
1.0.0.1120

Quick Heal
TrojanSpy.VB.M4
3.17.14.00

Rising Antivirus
Malware.Generic.c!tfe (cloud:Xn0sIrgX5SN)
23.00.65.17314

Sophos
Troj/PWS-BIT
4.98

SUPERAntiSpyware
Trojan.Agent/Gen-KeyLogger
8532

Total Defense
Win32/Sipay.YK
37.1.62.1

Trend Micro House Call
TROJ_MSIL_0000029.TOMA
7.2.75

Trend Micro
TROJ_MSIL_0000029.TOMA
10.465.16

Vba32 AntiVirus
TrojanSpy.MSIL.KeyLogger
3.12.26.4

VIPRE Antivirus
Trojan.Win32.Generic
56634

ViRobot
Trojan.Win32.Z.Keylogger.158608[h]
2014.3.20.0

Zillya! Antivirus
Trojan.Keylogger.Win32.2988
2.0.0.3231

File size:
154.9 KB (158,608 bytes)

Product version:
2.0.0.18620

Copyright:
©2010 BitTorrent, Inc. All Rights Reserved.

Original file name:
uTorrent.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

File PE Metadata
Compilation timestamp:
4/4/2010 9:30:51 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

Entry address:
0xD29E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
5.8574

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
45 KB (46,080 bytes)

Remove pe.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.