Description

• For sure real name: uTorrent
• A normal capture of the download and execution the utorrent program from www.utorrent.com
• MD5: 14ee6c0e28d6e407db35f7b12e3fac03
  
• SHA1: 9ad3ff714d627fff64a4a0ae28dd0873b41fd67a
  
• SHA256: 64d7da86d5fee292b2186c3f6ce59c88ed42725427c48a7d3384e4e5679b20b3
  
• VirusTotal
• HybridAnalysis
• RobotHash

Timeline

Wed Sep 23 17:56:41 CEST 2015

started win5

Wed Sep 23 17:57:56 CEST 2015

google.com

Wed Sep 23 17:58:21 CEST 2015

search for "utorrent"

Wed Sep 23 17:59:06 CEST 2015

access www.utorrent.com

Wed Sep 23 17:59:38 CEST 2015

download utorrent for windows

Wed Sep 23 18:01:29 CEST 2015

Executed the file utorrent.exe

Wed Sep 23 18:04:02 CEST 2015

Continue with the install, clicking all yes.

It opened the utorrent program I can see requests in the traffic to api.opencandy.com!

Thu Oct 22 18:50:00 CEST 2015 approx

Vm was stopped