× В вашем браузере отключены куки (cookie). Для полноценной работы сайта необходимо включить сохранение файлов cookie.
SHA256: 8439f7ed52aed8e32118aa164bf5048525bb5350cc8207f3fe69b5245d599679
Имя файла: utorrent_2.0.4_build_22967.exe
Показатель выявления: 1 / 66
Дата анализа: 2018-10-13 08:23:14 UTC (6 месяцев, 1 неделя назад) Показать последний анализ
Антивирус Результат Дата обновления
ESET-NOD32 a variant of Win32/Toolbar.Conduit.AX potentially unwanted 20181013
Ad-Aware 20181013
AegisLab 20181013
AhnLab-V3 20181012
Alibaba 20180921
ALYac 20181013
Antiy-AVL 20181013
Arcabit 20181013
Avast 20181013
Avast-Mobile 20181013
AVG 20181013
Avira (no cloud) 20181012
Babable 20180918
Baidu 20181012
BitDefender 20181013
Bkav 20181013
CAT-QuickHeal 20181011
ClamAV 20181013
CMC 20181012
Comodo 20181013
CrowdStrike Falcon (ML) 20180723
Cybereason 20180225
Cylance 20181013
Cyren 20181013
DrWeb 20181013
eGambit 20181013
Emsisoft 20181013
Endgame 20180730
F-Prot 20181013
F-Secure 20181013
Fortinet 20181013
GData 20181013
Ikarus 20181012
Sophos ML 20180717
Jiangmin 20181013
K7AntiVirus 20181013
K7GW 20181013
Kaspersky 20181013
Kingsoft 20181013
Malwarebytes 20181013
MAX 20181013
McAfee 20181013
McAfee-GW-Edition 20181013
Microsoft 20181013
eScan 20181013
NANO-Antivirus 20181013
Palo Alto Networks (Known Signatures) 20181013
Panda 20181013
Qihoo-360 20181013
Rising 20181012
SentinelOne (Static ML) 20181011
Sophos AV 20181013
SUPERAntiSpyware 20181013
Symantec 20181012
Symantec Mobile Insight 20181001
TACHYON 20181013
Tencent 20181013
TheHacker 20181011
TrendMicro 20181010
TrendMicro-HouseCall 20181010
Trustlook 20181013
VBA32 20181012
ViRobot 20181012
Webroot 20181013
Yandex 20181012
Zillya 20181012
ZoneAlarm by Check Point 20181013
Zoner 20181012
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Authenticode signature block and FileVersionInfo properties
Copyright
©2010 BitTorrent, Inc. All Rights Reserved.

Product µTorrent
Original name uTorrent.exe
Internal name uTorrent.exe
File version 2.0.4.22967
Description µTorrent
Signature verification Signed file, verified signature
Signing date 6:43 PM 11/4/2010
Signers
[+] BitTorrent Inc
Status This certificate or one of the certificates in the certificate chain is not time valid., Trust for this certificate or one of the certificates in the certificate chain has been revoked.
Issuer VeriSign Class 3 Code Signing 2009-2 CA
Valid from 12:00 AM 06/21/2010
Valid to 11:59 PM 07/26/2013
Valid usage Code Signing
Algorithm sha1RSA
Thumbprint 1D132064BA317AC022DF309CCC750DA6E6A7A144
Serial number 36 BC 30 56 2A 65 0A FA A5 AD 10 1E CD 64 3A B4
[+] VeriSign Class 3 Code Signing 2009-2 CA
Status Valid
Issuer Class 3 Public Primary Certification Authority
Valid from 12:00 AM 05/21/2009
Valid to 11:59 PM 05/20/2019
Valid usage Client Auth, Code Signing
Algorithm sha1RSA
Thumbprint 12D4872BC3EF019E7E0B6F132480AE29DB5B1CA3
Serial number 65 52 26 E1 B2 2E 18 E1 59 0F 29 85 AC 22 E7 5C
[+] VeriSign Class 3 Public Primary CA
Status Valid
Issuer Class 3 Public Primary Certification Authority
Valid from 12:00 AM 01/29/1996
Valid to 11:59 PM 08/01/2028
Valid usage Server Auth, Client Auth, Email Protection, Code Signing
Algorithm md2RSA
Thumbprint 742C3192E607E424EB4549542BE1BBC53E6174E2
Serial number 70 BA E4 1D 10 D9 29 34 B6 38 CA 7B 03 CC BA BF
Counter signers
[+] VeriSign Time Stamping Services Signer - G2
Status This certificate or one of the certificates in the certificate chain is not time valid., The revocation status of the certificate or one of the certificates in the certificate chain is unknown., Error 65536 (0x10000), The revocation status of the certificate or one of the certificates in the certificate chain is either offline or stale.
Issuer VeriSign Time Stamping Services CA
Valid from 12:00 AM 06/15/2007
Valid to 11:59 PM 06/14/2012
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint ADA8AAA643FF7DC38DD40FA4C97AD559FF4846DE
Serial number 38 25 D7 FA F8 61 AF 9E F4 90 E7 26 B5 D6 5A D5
[+] VeriSign Time Stamping Services CA
Status This certificate or one of the certificates in the certificate chain is not time valid.
Issuer Thawte Timestamping CA
Valid from 12:00 AM 12/04/2003
Valid to 11:59 PM 12/03/2013
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint F46AC0C6EFBB8C6A14F55F09E2D37DF4C0DE012D
Serial number 47 BF 19 95 DF 8D 52 46 43 F7 DB 6D 48 0D 31 A4
[+] Thawte Timestamping CA
Status Valid
Issuer Thawte Timestamping CA
Valid from 12:00 AM 01/01/1997
Valid to 11:59 PM 12/31/2020
Valid usage Timestamp Signing
Algorithm md5RSA
Thumbrint BE36A4562FB2EE05DBB3D32323ADF445084ED656
Serial number 00
Packers identified
F-PROT UPX_LZMA
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2010-11-04 17:42:29
Entry Point 0x000CC4D0
Number of sections 3
PE sections
Overlays
MD5 169c1de41936f78d3680535d42ef3c60
File type data
Offset 323072
Size 5496
Entropy 7.19
PE imports
LineTo
VirtualFree
ExitProcess
VirtualProtect
LoadLibraryA
VirtualAlloc
GetProcAddress
DragFinish
GetSaveFileNameW
Number of PE resources by type
RT_DIALOG 52
RT_ICON 12
RT_GROUP_ICON 9
RT_MANIFEST 1
RT_BITMAP 1
RT_VERSION 1
Number of PE resources by language
SWEDISH 76
PE resources
ExifTool file metadata
UninitializedDataSize
528384

LinkerVersion
9.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
2.0.4.22967

LanguageCode
English (U.S.)

FileFlagsMask
0x0000

FileDescription
Torrent

ImageFileCharacteristics
No relocs, Executable, 32-bit

CharacterSet
Windows, Latin1

InitializedDataSize
16384

EntryPoint
0xcc4d0

OriginalFileName
uTorrent.exe

MIMEType
application/octet-stream

LegalCopyright
2010 BitTorrent, Inc. All Rights Reserved.

FileVersion
2.0.4.22967

TimeStamp
2010:11:04 18:42:29+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
uTorrent.exe

ProductVersion
2.0.4.22967

SubsystemVersion
5.0

OSVersion
5.0

FileOS
Unknown (0)

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
BitTorrent, Inc.

CodeSize
311296

ProductName
Torrent

ProductVersionNumber
2.0.4.22967

FileTypeExtension
exe

ObjectFileType
Unknown

CarbonBlack CarbonBlack acts as a surveillance camera for computers
While monitoring an end-user machine in-the-wild, CarbonBlack noticed the following files in execution wrote this sample to disk.
Execution parents
Compressed bundles
File identification
MD5 44a7d7ba01f438714eafb84684d2a99a
SHA1 263a91693d0976473cd321cd6f1b0103a814f3ad
SHA256 8439f7ed52aed8e32118aa164bf5048525bb5350cc8207f3fe69b5245d599679
ssdeep
6144:eBtY2F/PWgWheZgVgk7qo6MKqt+yXLlmDmNK3jH9X2/Z946C1DzMAmhCwoSVj:YXaeZgVglwKqX833jH92Z946aDzMAmhF

authentihash 24ec396c0d8cf90b3d133754a220707e051e8911f7edb4091e888273a88ece2b
imphash a6ce508155055b8e9712afddd71d5e05
Размер файла 320.9 KБ ( 328568 bytes )
Тип файла Win32 EXE
Описание
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID UPX compressed Win32 Executable (31.0%)
Win32 EXE Yoda's Crypter (30.4%)
Microsoft Visual C++ compiled executable (generic) (18.9%)
Win32 Dynamic Link Library (generic) (7.5%)
Win32 Executable (generic) (5.1%)
Tags
peexe overlay revoked-cert signed via-tor software-collection

VirusTotal metadata
First submission 2010-11-04 18:53:26 UTC (8 лет, 5 месяцев назад)
Last submission 2019-04-14 15:03:40 UTC (5 дней, 23 часов назад)
Имена файлов 2.0.4.22967_utorrent.exe
204.exe
utorrent 2.0.4.22967_Portable.exe
utorrent2.04.exe
utorrent_2.0.4%2Bsetup.exe
Torrent.2.0.4.(Build.22967) (Bester Client).exe
uTorrent204b22967.exe
uTorrent 2.0.4 (22967).exe
utorrent_2.0.4_build_22967 (1).exe
utorrent22967.exe
utorrent(1).exe
111f75c14a1d6e7ad5298a3fa5a459e7.safe
utorrent 2.0.4 (22967).exe
utorrent204-ufanet.exe
utorrent oldversion.exe
smona131636805398928108328
uTorrent-2-0-4-Build-22967.exe
XAdkDpV7.exe.part
1.exe
utorrent 2.0.4 Build 22967.exe
uTorrent_v.2.0.4.22967_2010_x32_(virustotal.com_67=No-Virus).exe
uTorrent 2.0.4 Build 22967(filehippo.com).exe
Utorrent.exe
?Torrent.exe
uTorrent (1).exe
Software collections
website http://oldapps.com/utorrent.php?old_utorrent=8133
oldapps http://oldapps.com/utorrent.php?old_utorrent=8133?download
product uTorrent 2.0.4 Build 22967
developer BitTorrent, Inc.
Advanced heuristic and reputation engines
ClamAV
Possibly Unwanted Application. While not necessarily malicious, the scanned file presents certain characteristics which depending on the user policies and environment may or may not represent a threat. For full details see: https://www.clamav.net/documents/potentially-unwanted-applications-pua .

Symantec reputation Suspicious.Insight
Нет комментариев. Из участников сообщества VirusTotal ещё пока никто не оставил комментарий по поводу результатов анализа. Станьте первым!

Оставьте свой комментарий...

?
Отправить

Вы не выполнили вход. Только зарегистрированные пользователи могут оставлять комментарии. Выполните вход и получите право голоса!

Нет голосов. Ещё пока никто не проголосовал за результаты анализа. Станьте первым!