Architecture |
IMAGE_FILE_MACHINE_I386
|
---|---|
Subsystem |
IMAGE_SUBSYSTEM_WINDOWS_GUI
|
Compilation Date | 2011-Apr-18 18:54:06 |
Detected languages |
English - United States
|
CompanyName | BitTorrent Inc. |
FileDescription | µTorrent |
FileVersion | 3.5.5.44994 |
InternalName | uTorrent.exe |
LegalCopyright | ©2018 BitTorrent, Inc. All Rights Reserved. |
OriginalFilename | uTorrent.exe |
ProductName | µTorrent |
ProductVersion | 3.5.5.44994 |
Info | Matching compiler(s): |
Microsoft Visual C++ 6.0 - 8.0
Microsoft Visual C++ Microsoft Visual C++ v6.0 |
Info | The PE contains common functions which appear in legitimate applications. |
[!] The program may be hiding some of its imports:
|
Info | The PE is digitally signed. |
Signer: BitTorrent Inc
Issuer: Symantec Class 3 SHA256 Code Signing CA |
Malicious | VirusTotal score: 4/71 (Scanned on 2019-03-08 21:26:30) |
DrWeb:
Program.Unwanted.3640
Cyren: W32/Trojan.TBZW-2482 Antiy-AVL: GrayWare/Win32.Generic ESET-NOD32: a variant of MSIL/WebCompanion.A potentially unwanted |
e_magic | MZ |
---|---|
e_cblp | 0x90 |
e_cp | 0x3 |
e_crlc | 0 |
e_cparhdr | 0x4 |
e_minalloc | 0 |
e_maxalloc | 0xffff |
e_ss | 0 |
e_sp | 0xb8 |
e_csum | 0 |
e_ip | 0 |
e_cs | 0 |
e_ovno | 0 |
e_oemid | 0 |
e_oeminfo | 0 |
e_lfanew | 0xf0 |
Signature | PE |
---|---|
Machine |
IMAGE_FILE_MACHINE_I386
|
NumberofSections | 5 |
TimeDateStamp | 2011-Apr-18 18:54:06 |
PointerToSymbolTable | 0 |
NumberOfSymbols | 0 |
SizeOfOptionalHeader | 0xe0 |
Characteristics |
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_RELOCS_STRIPPED
|
Magic | PE32 |
---|---|
LinkerVersion | 6.0 |
SizeOfCode | 0x19800 |
SizeOfInitializedData | 0x14800 |
SizeOfUninitializedData | 0 |
AddressOfEntryPoint | 0x000148D4 (Section: .text) |
BaseOfCode | 0x1000 |
BaseOfData | 0x1b000 |
ImageBase | 0x400000 |
SectionAlignment | 0x1000 |
FileAlignment | 0x200 |
OperatingSystemVersion | 4.0 |
ImageVersion | 0.0 |
SubsystemVersion | 4.0 |
Win32VersionValue | 0 |
SizeOfImage | 0x34000 |
SizeOfHeaders | 0x400 |
Checksum | 0x2c9c49 |
Subsystem |
IMAGE_SUBSYSTEM_WINDOWS_GUI
|
SizeofStackReserve | 0x100000 |
SizeofStackCommit | 0x1000 |
SizeofHeapReserve | 0x100000 |
SizeofHeapCommit | 0x1000 |
LoaderFlags | 0 |
NumberOfRvaAndSizes | 16 |
OLEAUT32.dll |
#9
#2 |
---|---|
USER32.dll |
SendMessageA
SetTimer DialogBoxParamW DialogBoxParamA SetWindowLongA GetWindowLongA SetWindowTextW LoadIconA LoadStringW LoadStringA CharUpperW CharUpperA DestroyWindow EndDialog PostMessageA ShowWindow MessageBoxW GetDlgItem KillTimer SetWindowTextA |
SHELL32.dll |
ShellExecuteExA
|
KERNEL32.dll |
GetCurrentDirectoryA
GetStringTypeW GetStringTypeA LCMapStringW LCMapStringA InterlockedIncrement InterlockedDecrement GetProcAddress GetOEMCP GetACP GetCPInfo IsBadCodePtr IsBadReadPtr GetFileType SetHandleCount GetEnvironmentStringsW GetEnvironmentStrings FreeEnvironmentStringsW FreeEnvironmentStringsA UnhandledExceptionFilter HeapSize GetCurrentProcess TerminateProcess IsBadWritePtr HeapCreate HeapDestroy GetEnvironmentVariableA SetUnhandledExceptionFilter TlsAlloc ExitProcess GetVersion GetCommandLineA GetStartupInfoA GetModuleHandleA WaitForSingleObject CloseHandle CreateProcessA GetCommandLineW GetVersionExA LeaveCriticalSection EnterCriticalSection DeleteCriticalSection MultiByteToWideChar WideCharToMultiByte GetLastError LoadLibraryA GetModuleFileNameW GetModuleFileNameA LocalFree FormatMessageW FormatMessageA SetFileTime CreateFileW SetLastError SetFileAttributesW SetFileAttributesA RemoveDirectoryW RemoveDirectoryA CreateDirectoryW CreateDirectoryA DeleteFileW DeleteFileA GetFullPathNameW GetFullPathNameA SetCurrentDirectoryW SetCurrentDirectoryA GetCurrentDirectoryW GetTempPathW GetTempPathA GetCurrentProcessId GetTickCount GetCurrentThreadId FindClose FindFirstFileW FindFirstFileA FindNextFileW FindNextFileA CreateFileA GetFileSize SetFilePointer ReadFile WriteFile SetEndOfFile GetStdHandle WaitForMultipleObjects Sleep VirtualAlloc VirtualFree CreateEventA SetEvent ResetEvent InitializeCriticalSection RtlUnwind RaiseException HeapAlloc HeapFree HeapReAlloc CreateThread TlsSetValue TlsGetValue ExitThread |
Extraction Failed |
File is corrupt |
Cannot create folder '{0}' |
Extracting |
Signature | 0xfeef04bd |
---|---|
StructVersion | 0x10000 |
FileVersion | 3.5.5.44994 |
ProductVersion | 3.5.5.44994 |
FileFlags | (EMPTY) |
FileOs |
VOS_DOS_WINDOWS32
VOS_NT
VOS_NT_WINDOWS32
VOS_WINCE
VOS__WINDOWS32
|
FileType |
VFT_APP
|
Language | English - United States |
CompanyName | BitTorrent Inc. |
FileDescription | µTorrent |
FileVersion (#2) | 3.5.5.44994 |
InternalName | uTorrent.exe |
LegalCopyright | ©2018 BitTorrent, Inc. All Rights Reserved. |
OriginalFilename | uTorrent.exe |
ProductName | µTorrent |
ProductVersion (#2) | 3.5.5.44994 |
Resource LangID | English - United States |
---|
XOR Key | 0x4737f9d |
---|---|
Unmarked objects | 0 |
14 (7299) | 25 |
C objects (VS98 SP6 build 8804) | 64 |
C objects (2190) | 1 |
Total imports | 178 |
Imports (2179) | 9 |
C++ objects (VS98 SP6 build 8804) | 77 |
C objects (VS2010 build 30319) | 7 |
ASM objects (VS2010 build 30319) | 1 |
Resource objects (VS98 SP6 cvtres build 1736) | 1 |