× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 12614117f2f101bfb549e9b9913892828f60c0baf3c4c3a769bb975b01d72b48
File name: bittorent-284-jetelecharge.exe
Detection ratio: 3 / 69
Analysis date: 2018-09-26 02:16:00 UTC ( 1 month, 3 weeks ago )
Antivirus Result Update
Cyren W32/GenPua.36E2393C!Olympus 20180926
DrWeb Program.Unwanted.2818 20180926
ESET-NOD32 a variant of MSIL/WebCompanion.B potentially unwanted 20180926
Ad-Aware 20180926
AegisLab 20180926
AhnLab-V3 20180925
Alibaba 20180921
ALYac 20180926
Antiy-AVL 20180926
Arcabit 20180926
Avast 20180926
Avast-Mobile 20180925
AVG 20180926
Avira (no cloud) 20180925
AVware 20180925
Babable 20180918
Baidu 20180925
BitDefender 20180926
Bkav 20180925
CAT-QuickHeal 20180923
ClamAV 20180924
CMC 20180925
Comodo 20180926
CrowdStrike Falcon (ML) 20180723
Cybereason 20180225
Cylance 20180926
eGambit 20180926
Emsisoft 20180925
Endgame 20180730
F-Prot 20180926
F-Secure 20180926
Fortinet 20180926
GData 20180926
Ikarus 20180925
Sophos ML 20180717
Jiangmin 20180926
K7AntiVirus 20180925
K7GW 20180926
Kaspersky 20180926
Kingsoft 20180926
Malwarebytes 20180926
MAX 20180926
McAfee 20180926
McAfee-GW-Edition 20180926
Microsoft 20180926
eScan 20180926
NANO-Antivirus 20180925
Palo Alto Networks (Known Signatures) 20180926
Panda 20180925
Qihoo-360 20180926
Rising 20180926
SentinelOne (Static ML) 20180925
Sophos AV 20180925
SUPERAntiSpyware 20180907
Symantec 20180925
Symantec Mobile Insight 20180924
TACHYON 20180926
Tencent 20180926
TheHacker 20180924
TotalDefense 20180925
TrendMicro 20180925
TrendMicro-HouseCall 20180925
Trustlook 20180926
VBA32 20180925
VIPRE 20180925
ViRobot 20180925
Webroot 20180926
Yandex 20180925
Zillya 20180925
ZoneAlarm by Check Point 20180925
Zoner 20180925
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Authenticode signature block and FileVersionInfo properties
Copyright
©2016 BitTorrent, Inc. All Rights Reserved.

Product BitTorrent
Original name BitTorrent.exe
Internal name BitTorrent.exe
File version 7.10.0.43917
Description BitTorrent
Signature verification Signed file, verified signature
Signing date 9:45 PM 7/20/2017
Signers
[+] BitTorrent Inc
Status Valid
Issuer Symantec Class 3 SHA256 Code Signing CA
Valid from 1:00 AM 8/18/2016
Valid to 12:59 AM 10/13/2019
Valid usage Code Signing
Algorithm sha256RSA
Thumbprint 7BA078D02030B5F520CEC1D9232864495A8F5DA0
Serial number 0C F3 53 69 A9 71 07 62 C3 6F 68 05 FC 9E 45 D6
[+] Symantec Class 3 SHA256 Code Signing CA
Status Valid
Issuer VeriSign Class 3 Public Primary Certification Authority - G5
Valid from 1:00 AM 12/10/2013
Valid to 12:59 AM 12/10/2023
Valid usage Client Auth, Code Signing
Algorithm sha256RSA
Thumbprint 007790F6561DAD89B0BCD85585762495E358F8A5
Serial number 3D 78 D7 F9 76 49 60 B2 61 7D F4 F0 1E CA 86 2A
[+] VeriSign
Status Valid
Issuer VeriSign Class 3 Public Primary Certification Authority - G5
Valid from 1:00 AM 11/8/2006
Valid to 12:59 AM 7/17/2036
Valid usage Server Auth, Client Auth, Email Protection, Code Signing
Algorithm sha1RSA
Thumbprint 4EB6D578499B1CCF5F581EAD56BE3D9B6744A5E5
Serial number 18 DA D1 9E 26 7D E8 BB 4A 21 58 CD CC 6B 3B 4A
Counter signers
[+] GlobalSign TSA for MS Authenticode - G2
Status Valid
Issuer GlobalSign Timestamping CA - G2
Valid from 1:00 AM 5/24/2016
Valid to 1:00 AM 6/24/2027
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint 63B82FAB61F583909695050B00249C502933EC79
Serial number 11 21 D6 99 A7 64 97 3E F1 F8 42 7E E9 19 CC 53 41 14
[+] GlobalSign Timestamping CA - G2
Status Valid
Issuer GlobalSign Root CA
Valid from 11:00 AM 4/13/2011
Valid to 1:00 PM 1/28/2028
Valid usage All
Algorithm sha1RSA
Thumbrint C0E49D2D7D90A5CD427F02D9125694D5D6EC5B71
Serial number 04 00 00 00 00 01 2F 4E E1 52 D7
[+] GlobalSign Root CA - R1
Status Valid
Issuer GlobalSign Root CA
Valid from 1:00 PM 9/1/1998
Valid to 1:00 PM 1/28/2028
Valid usage Server Auth, Client Auth, Code Signing, Email Protection, Timestamp Signing, OCSP Signing, EFS, IPSEC Tunnel, IPSEC User, IPSEC IKE Intermediate
Algorithm sha1RSA
Thumbrint B1BC968BD4F49D622AA89A81F2150152A41D829C
Serial number 04 00 00 00 00 01 15 4B 5A C3 94
Packers identified
F-PROT UPX_LZMA, 7Z, UTF-8
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2011-04-18 18:54:06
Entry Point 0x000148D4
Number of sections 5
PE sections
Overlays
MD5 9c87e0005e2ccdff5b32e44c11fbdb04
File type data
Offset 151040
Size 2964632
Entropy 8.00
PE imports
GetStdHandle
WaitForSingleObject
FindFirstFileW
HeapDestroy
FreeEnvironmentStringsA
DeleteCriticalSection
GetCurrentProcess
FreeEnvironmentStringsW
SetFileAttributesA
GetTempPathA
GetCPInfo
GetStringTypeA
GetTempPathW
HeapReAlloc
GetStringTypeW
GetFullPathNameA
SetEvent
LocalFree
FormatMessageW
GetEnvironmentVariableA
FindClose
InterlockedDecrement
FormatMessageA
GetFullPathNameW
SetLastError
InitializeCriticalSection
GetModuleFileNameW
ExitProcess
GetModuleFileNameA
UnhandledExceptionFilter
TlsGetValue
MultiByteToWideChar
GetModuleHandleA
SetFileAttributesW
CreateThread
SetUnhandledExceptionFilter
ExitThread
TerminateProcess
SetCurrentDirectoryW
SetEndOfFile
GetCurrentThreadId
InterlockedIncrement
SetCurrentDirectoryA
CloseHandle
HeapFree
EnterCriticalSection
SetHandleCount
GetOEMCP
GetTickCount
IsBadWritePtr
TlsAlloc
GetVersionExA
LoadLibraryA
RtlUnwind
GetStartupInfoA
GetFileSize
CreateDirectoryA
DeleteFileA
CreateDirectoryW
DeleteFileW
GetProcAddress
RemoveDirectoryW
FindNextFileW
ResetEvent
FindNextFileA
WaitForMultipleObjects
CreateFileW
CreateEventA
GetFileType
TlsSetValue
CreateFileA
HeapAlloc
LeaveCriticalSection
GetLastError
LCMapStringW
LCMapStringA
GetEnvironmentStringsW
RemoveDirectoryA
GetEnvironmentStrings
GetCurrentDirectoryW
GetCurrentProcessId
SetFileTime
GetCommandLineW
GetCurrentDirectoryA
HeapSize
GetCommandLineA
RaiseException
SetFilePointer
ReadFile
FindFirstFileA
GetACP
GetVersion
CreateProcessA
WideCharToMultiByte
HeapCreate
WriteFile
VirtualFree
Sleep
IsBadReadPtr
IsBadCodePtr
VirtualAlloc
VariantClear
SysAllocString
ShellExecuteExA
GetWindowLongA
SetTimer
MessageBoxW
LoadIconA
LoadStringA
SetWindowTextA
EndDialog
PostMessageA
CharUpperW
DialogBoxParamW
SendMessageA
LoadStringW
SetWindowTextW
GetDlgItem
SetWindowLongA
KillTimer
DialogBoxParamA
ShowWindow
CharUpperA
DestroyWindow
Number of PE resources by type
RT_ICON 3
RT_STRING 2
RT_GROUP_ICON 2
RT_DIALOG 1
RT_MANIFEST 1
RT_VERSION 1
Number of PE resources by language
ENGLISH US 8
NEUTRAL 2
PE resources
ExifTool file metadata
UninitializedDataSize
0

LinkerVersion
6.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
7.10.0.43917

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
BitTorrent

ImageFileCharacteristics
No relocs, Executable, No line numbers, No symbols, Large address aware, 32-bit

CharacterSet
Unicode

InitializedDataSize
45568

EntryPoint
0x148d4

OriginalFileName
BitTorrent.exe

MIMEType
application/octet-stream

LegalCopyright
2016 BitTorrent, Inc. All Rights Reserved.

FileVersion
7.10.0.43917

TimeStamp
2011:04:18 19:54:06+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
BitTorrent.exe

ProductVersion
7.10.0.43917

SubsystemVersion
4.0

OSVersion
4.0

FileOS
Windows NT 32-bit

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
BitTorrent Inc.

CodeSize
104448

ProductName
BitTorrent

ProductVersionNumber
7.10.0.43917

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 36e2393cf607d2943761fe7c7347f134
SHA1 9a8a0de49b2f7b7e4da4b327fa4a43bd810ef69c
SHA256 12614117f2f101bfb549e9b9913892828f60c0baf3c4c3a769bb975b01d72b48
ssdeep
49152:cG5UfghJnBABNnQvd9uG5k4W7jvuMxoEoWHgmjdc270+kUhz0He/XCJBJri/V/IJ:cG5QgTnBAHnwB5fEFxDoHmjX0cz7/SJ9

authentihash f70a21de91b4e16fcaaec24477e4f147ac5c40998971541c468782ffe1314197
imphash e00de6e48b9b06aceb12a81e7bf494c9
File size 3.0 MB ( 3115672 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID InstallShield setup (36.1%)
Win32 Executable MS Visual C++ (generic) (26.2%)
Win64 Executable (generic) (23.2%)
Win32 Dynamic Link Library (generic) (5.5%)
Win32 Executable (generic) (3.7%)
Tags
peexe signed overlay

VirusTotal metadata
First submission 2017-07-21 01:37:53 UTC ( 1 year, 3 months ago )
Last submission 2018-09-26 02:16:00 UTC ( 1 month, 3 weeks ago )
File names BitTorrent.exe
BitTorrent.exe
BitTorrent.exe
BitTorrent.exe
BitTorrent (1).exe
BitTorrent Free 7.10.0 Build 43917.exe
BitTorrent.exe
BitTorrent.exe
BitTorrent.exe
bittorrent.exe
BitTorrent.exe
BitTorrent.exe
BitTorrent.exe
BitTorrent.exe
bittorent-284-jetelecharge.exe
BitTorrent.exe
bittorent-284-jetelecharge.exe
BitTorrent.exe
BitTorrent Stable (7.10.0 build 43917).exe
BitTorrent.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
UDP communications