popup

Report - uTorrent.exe

UPX PE File PE32
  1. Resubmit analysis
  2. Detailed report
ScreenShot
Created 2025.01.02 05:19 Machine s1_win7_x6401
Filename uTorrent.exe
Type PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed
AI Score Not founds Behavior Score
1.0
ZERO API file : clean
VT API (file)
md5 cbdb9a7ab738a9db5d7dac92fdc5f412
sha256 a2ddaf2bffe582232faf1db05e8e376d8b65472286109034c25664627e5ebd87
ssdeep 49152:ch4PNRa0SVkzJyDJshEQcjqWheSwE0G57yGD1:ch4lxSVkcshEQcWWtw+/D1
imphash e7dea94ec97c7a70ffe4ca3af6dc04db
impfuzzy 12:VA/DzqYOZjR2cQ5XgS5DCcNITQQXGrxMn:V0DBa16X2cNsGr+n
  Network IP location

Signature (3cnts)

Level Description
notice The binary likely contains encrypted or compressed data indicative of a packer
notice The executable is compressed using UPX
info The file contains an unknown PE resource name possibly indicative of a packer

Rules (3cnts)

Level Name Description Collection
watch UPX_Zero UPX packed file binaries (upload)
info IsPE32 (no description) binaries (upload)
info PE_Header_Zero PE File Signature binaries (upload)

Network (0cnts) ?

Request CC ASN Co IP4 Rule ? ZERO ?

Suricata ids

PE API

IAT(Import Address Table) Library

KERNEL32.DLL
 0x9c2b58 LoadLibraryA
 0x9c2b5c GetProcAddress
 0x9c2b60 VirtualProtect
 0x9c2b64 VirtualAlloc
 0x9c2b68 VirtualFree
 0x9c2b6c ExitProcess
ADVAPI32.dll
 0x9c2b74 FreeSid
t_datachannel.dll
 0x9c2b7c BTDC_Close
COMCTL32.dll
 0x9c2b84 None
COMDLG32.dll
 0x9c2b8c GetSaveFileNameW
DNSAPI.dll
 0x9c2b94 DnsFree
GDI32.dll
 0x9c2b9c BitBlt
gdiplus.dll
 0x9c2ba4 GdipFree
IPHLPAPI.DLL
 0x9c2bac GetExtendedTcpTable
MSIMG32.dll
 0x9c2bb4 AlphaBlend
ole32.dll
 0x9c2bbc OleRun
OLEAUT32.dll
 0x9c2bc4 SafeArrayGetUBound
SETUPAPI.dll
 0x9c2bcc SetupDiGetClassDevsW
SHELL32.dll
 0x9c2bd4 DragFinish
SHLWAPI.dll
 0x9c2bdc StrStrIA
USER32.dll
 0x9c2be4 GetDC
VERSION.dll
 0x9c2bec VerQueryValueW
WININET.dll
 0x9c2bf4 FindCloseUrlCache
WS2_32.dll
 0x9c2bfc WSAGetLastError

EAT(Export Address Table) is none


Similarity measure (PE file only) - Checking for service failure