File name:

bittorent.exe

Full analysis: https://app.any.run/tasks/e82783db-7e02-443d-a512-5ce192a31d86
Verdict: Malicious activity
Threats:

A loader is malicious software that infiltrates devices to deliver malicious payloads. This malware is capable of infecting victims’ computers, analyzing their system information, and installing other types of threats, such as trojans or stealers. Criminals usually deliver loaders through phishing emails and links by relying on social engineering to trick users into downloading and running their executables. Loaders employ advanced evasion and persistence tactics to avoid detection.

Malware Trends Tracker     >>>
Analysis date: May 13, 2025, 15:34:39
OS: Windows 10 Professional (build: 19044, 64 bit)
Tags:
upx
bittorrent
loader
arch-scr
arch-doc
arch-html
Indicators:
MIME: application/vnd.microsoft.portable-executable
File info: PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed, 3 sections
MD5:

BBC8B5312995F09ADAA689AA374445F0

SHA1:

3C7EFFD6644D7C7E235F7C819A8AAD9A4F937353

SHA256:

778A64B10325DB83DBE6DBDC7A45DD392AC624DD556180EA5054FBC4A9A0416A

SSDEEP:

98304:+fzXRhXX3Qo/g9fdAEnNCML8+TN03t3SOjAyo4sy8j2nX+XxQv+lQiF0R2m6ljyP:q6GJ854Ky

ANY.RUN is an interactive service which provides full access to the guest system. Information in this report could be distorted by user actions and is provided for user acknowledgement as it is. ANY.RUN does not guarantee maliciousness or safety of the content.

  • MALICIOUS

    • Changes the autorun value in the registry

      • bittorent.exe (PID: 7556)
      • MicrosoftEdgeUpdate.exe (PID: 5728)

    • BITTORRENT has been detected (SURICATA)

      • BitTorrent.exe (PID: 7944)

  • SUSPICIOUS

    • Executable content was dropped or overwritten

      • bittorent.exe (PID: 7300)
      • bittorent.exe (PID: 7556)
      • MicrosoftEdgeWebView2Setup.exe (PID: 2140)
      • BitTorrent.exe (PID: 7944)
      • MicrosoftEdgeUpdate.exe (PID: 5728)
      • MicrosoftEdge_X64_136.0.3240.64.exe (PID: 8572)
      • setup.exe (PID: 8608)

    • Reads security settings of Internet Explorer

      • bittorent.exe (PID: 7300)
      • bittorent.exe (PID: 7556)
      • BitTorrent.exe (PID: 7944)
      • bittorrentie.exe (PID: 8116)
      • bittorrentie.exe (PID: 4300)
      • bittorrentie.exe (PID: 1660)
      • bittorrentie.exe (PID: 3884)
      • MicrosoftEdgeUpdate.exe (PID: 5728)
      • bittorrentie.exe (PID: 8128)

    • Application launched itself

      • bittorent.exe (PID: 7300)
      • setup.exe (PID: 8608)
      • MicrosoftEdgeUpdate.exe (PID: 5324)

    • Creates a software uninstall entry

      • bittorent.exe (PID: 7556)

    • Searches for installed software

      • bittorent.exe (PID: 7556)
      • BitTorrent.exe (PID: 7944)

    • Starts itself from another location

      • bittorent.exe (PID: 7300)
      • MicrosoftEdgeUpdate.exe (PID: 5728)

    • There is functionality for taking screenshot (YARA)

      • bittorent.exe (PID: 7300)
      • BitTorrent.exe (PID: 7944)
      • bittorrentie.exe (PID: 3884)
      • bittorrentie.exe (PID: 4300)

    • Process drops legitimate windows executable

      • BitTorrent.exe (PID: 7944)
      • MicrosoftEdgeWebView2Setup.exe (PID: 2140)
      • MicrosoftEdgeUpdate.exe (PID: 5728)
      • MicrosoftEdge_X64_136.0.3240.64.exe (PID: 8572)
      • setup.exe (PID: 8608)

    • Reads Microsoft Outlook installation path

      • bittorrentie.exe (PID: 8116)
      • bittorrentie.exe (PID: 1660)
      • bittorrentie.exe (PID: 4300)
      • bittorrentie.exe (PID: 3884)
      • bittorrentie.exe (PID: 8128)

    • Reads Internet Explorer settings

      • bittorrentie.exe (PID: 8116)
      • bittorrentie.exe (PID: 1660)
      • bittorrentie.exe (PID: 4300)
      • bittorrentie.exe (PID: 3884)
      • bittorrentie.exe (PID: 8128)

    • Potential Corporate Privacy Violation

      • BitTorrent.exe (PID: 7944)

    • Starts a Microsoft application from unusual location

      • MicrosoftEdgeUpdate.exe (PID: 5728)

    • Process requests binary or script from the Internet

      • bittorrentie.exe (PID: 1660)
      • BitTorrent.exe (PID: 7944)

    • Creates/Modifies COM task schedule object

      • MicrosoftEdgeUpdateComRegisterShell64.exe (PID: 7692)
      • MicrosoftEdgeUpdateComRegisterShell64.exe (PID: 2420)
      • MicrosoftEdgeUpdateComRegisterShell64.exe (PID: 2616)
      • MicrosoftEdgeUpdate.exe (PID: 6184)

  • INFO

    • Reads the computer name

      • bittorent.exe (PID: 7300)
      • BitTorrent.exe (PID: 7944)
      • bittorent.exe (PID: 7556)
      • bittorrentie.exe (PID: 8116)
      • bittorrentie.exe (PID: 3884)
      • MicrosoftEdgeUpdate.exe (PID: 5728)
      • bittorrentie.exe (PID: 4300)
      • bittorrentie.exe (PID: 1660)
      • MicrosoftEdgeUpdateComRegisterShell64.exe (PID: 7692)
      • MicrosoftEdgeUpdate.exe (PID: 6184)
      • MicrosoftEdgeUpdateComRegisterShell64.exe (PID: 2616)
      • MicrosoftEdgeUpdateComRegisterShell64.exe (PID: 2420)
      • MicrosoftEdgeUpdate.exe (PID: 7288)
      • MicrosoftEdgeUpdate.exe (PID: 1188)
      • MicrosoftEdgeUpdate.exe (PID: 5324)
      • identity_helper.exe (PID: 7788)
      • bittorrentie.exe (PID: 8128)
      • helper.exe (PID: 5392)

    • Creates files or folders in the user directory

      • bittorent.exe (PID: 7300)
      • bittorent.exe (PID: 7556)
      • bittorrentie.exe (PID: 8116)
      • BitTorrent.exe (PID: 7944)
      • bittorrentie.exe (PID: 3884)
      • bittorrentie.exe (PID: 4300)
      • MicrosoftEdgeUpdate.exe (PID: 5728)
      • bittorrentie.exe (PID: 1660)
      • bittorrentie.exe (PID: 8128)

    • The sample compiled with english language support

      • bittorent.exe (PID: 7300)
      • bittorent.exe (PID: 7556)
      • BitTorrent.exe (PID: 7944)
      • MicrosoftEdgeWebView2Setup.exe (PID: 2140)
      • MicrosoftEdgeUpdate.exe (PID: 5728)
      • MicrosoftEdge_X64_136.0.3240.64.exe (PID: 8572)
      • setup.exe (PID: 8608)

    • Reads the machine GUID from the registry

      • bittorent.exe (PID: 7300)
      • bittorent.exe (PID: 7556)
      • BitTorrent.exe (PID: 7944)
      • bittorrentie.exe (PID: 1660)
      • bittorrentie.exe (PID: 3884)
      • bittorrentie.exe (PID: 4300)
      • bittorrentie.exe (PID: 8128)

    • Checks supported languages

      • bittorent.exe (PID: 7556)
      • bittorent.exe (PID: 7300)
      • BitTorrent.exe (PID: 7944)
      • bittorrentie.exe (PID: 8116)
      • MicrosoftEdgeWebView2Setup.exe (PID: 2140)
      • bittorrentie.exe (PID: 3884)
      • bittorrentie.exe (PID: 1660)
      • MicrosoftEdgeUpdate.exe (PID: 5728)
      • bittorrentie.exe (PID: 4300)
      • MicrosoftEdgeUpdate.exe (PID: 6184)
      • MicrosoftEdgeUpdateComRegisterShell64.exe (PID: 7692)
      • MicrosoftEdgeUpdateComRegisterShell64.exe (PID: 2616)
      • MicrosoftEdgeUpdate.exe (PID: 7288)
      • MicrosoftEdgeUpdate.exe (PID: 1188)
      • MicrosoftEdgeUpdateComRegisterShell64.exe (PID: 2420)
      • MicrosoftEdgeUpdate.exe (PID: 5324)
      • identity_helper.exe (PID: 7788)
      • bittorrentie.exe (PID: 8128)

    • Process checks computer location settings

      • bittorent.exe (PID: 7300)
      • MicrosoftEdgeUpdate.exe (PID: 5728)

    • Checks proxy server information

      • bittorent.exe (PID: 7556)
      • bittorent.exe (PID: 7300)
      • bittorrentie.exe (PID: 8116)
      • BitTorrent.exe (PID: 7944)
      • bittorrentie.exe (PID: 1660)
      • bittorrentie.exe (PID: 4300)
      • MicrosoftEdgeUpdate.exe (PID: 7288)
      • MicrosoftEdgeUpdate.exe (PID: 5324)
      • bittorrentie.exe (PID: 3884)
      • bittorrentie.exe (PID: 8128)

    • Create files in a temporary directory

      • bittorent.exe (PID: 7300)
      • BitTorrent.exe (PID: 7944)
      • bittorent.exe (PID: 7556)
      • MicrosoftEdgeUpdate.exe (PID: 5728)
      • MicrosoftEdgeWebView2Setup.exe (PID: 2140)

    • UPX packer has been detected

      • bittorent.exe (PID: 7300)
      • BitTorrent.exe (PID: 7944)

    • Reads the software policy settings

      • bittorrentie.exe (PID: 1660)
      • bittorrentie.exe (PID: 3884)
      • MicrosoftEdgeUpdate.exe (PID: 5324)
      • bittorrentie.exe (PID: 4300)
      • MicrosoftEdgeUpdate.exe (PID: 7288)
      • BitTorrent.exe (PID: 7944)
      • bittorrentie.exe (PID: 8128)

    • Application launched itself

      • msedge.exe (PID: 6972)
      • msedge.exe (PID: 4652)
      • msedge.exe (PID: 2800)

    • Reads Environment values

      • MicrosoftEdgeUpdate.exe (PID: 7288)
      • identity_helper.exe (PID: 7788)

    • Manual execution by a user

      • mmc.exe (PID: 5344)
      • mmc.exe (PID: 4868)
Find more information about signature artifacts and mapping to MITRE ATT&CK™ MATRIX at the full report
No Malware configuration.

TRiD

.exe | UPX compressed Win32 Executable (43.5)
.exe | Win32 EXE Yoda's Crypter (42.7)
.exe | Win32 Executable (generic) (7.2)
.exe | Generic Win/DOS Executable (3.2)
.exe | DOS Executable Generic (3.2)

EXIF

EXE

MachineType: Intel 386 or later, and compatibles
TimeStamp: 2025:01:08 02:07:32+00:00
ImageFileCharacteristics: No relocs, Executable, 32-bit
PEType: PE32
LinkerVersion: 14.29
CodeSize: 3547136
InitializedDataSize: 122880
UninitializedDataSize: 5861376
EntryPoint: 0x8f7af0
OSVersion: 6
ImageVersion: -
SubsystemVersion: 6
Subsystem: Windows GUI
FileVersionNumber: 7.11.0.47197
ProductVersionNumber: 7.11.0.47197
FileFlagsMask: 0x002b
FileFlags: Special build
FileOS: Unknown (0)
ObjectFileType: Unknown
FileSubtype: -
LanguageCode: English (U.S.)
CharacterSet: Windows, Latin1
CompanyName: BitTorrent Limited
FileDescription: BitTorrent
FileVersion: 7.11.0.47197
InternalName: BitTorrent.exe
OriginalFileName: BitTorrent.exe
LegalCopyright: ©2023 BitTorrent Limited All Rights Reserved.
ProductName: BitTorrent
ProductVersion: 7.11.0.47197
SpecialBuild: stable34 stable
No data.
screenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshot
All screenshots are available in the full report
All screenshots are available in the full report
Total processes
232
Monitored processes
94
Malicious processes
7
Suspicious processes
4

Behavior graph

Click at the process to see the details
start bittorent.exe sppextcomobj.exe no specs slui.exe bittorent.exe HNetCfg.FwPolicy2 no specs #BITTORRENT bittorrent.exe bittorrentie.exe no specs microsoftedgewebview2setup.exe bittorrentie.exe bittorrentie.exe bittorrentie.exe microsoftedgeupdate.exe msedge.exe microsoftedgeupdate.exe no specs msedge.exe no specs microsoftedgeupdatecomregistershell64.exe no specs microsoftedgeupdatecomregistershell64.exe no specs msedge.exe no specs msedge.exe msedge.exe no specs microsoftedgeupdatecomregistershell64.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs microsoftedgeupdate.exe microsoftedgeupdate.exe no specs msedge.exe no specs microsoftedgeupdate.exe msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe msedge.exe no specs msedge.exe no specs msedge.exe msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs identity_helper.exe no specs identity_helper.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs bittorrentie.exe helper.exe mmc.exe no specs mmc.exe slui.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs microsoftedge_x64_136.0.3240.64.exe setup.exe setup.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe msedge.exe no specs msedge.exe no specs msedge.exe msedge.exe no specs msedge.exe no specs msedge.exe no specs identity_helper.exe no specs identity_helper.exe no specs bittorrentie.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs microsoftedgeupdate.exe bittorrentie.exe no specs bittorrentie.exe no specs

Process information

PID
CMD
Path
Indicators
Parent process
1088"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --mojo-platform-channel-handle=4416 --field-trial-handle=1556,i,1783958859644535988,9290924043963192939,262144 --variations-seed-version /prefetch:8C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exemsedge.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
LOW
Description:
Microsoft Edge
Exit code:
0
Version:
122.0.2365.59
1188"C:\Users\admin\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /handoff "appguid={F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}&appname=Microsoft%20Edge%20Webview2%20Runtime&needsadmin=false" /installsource otherinstallcmd /sessionid "{2F85B41B-6F75-4E83-8935-AAF482B4BA91}" /silentC:\Users\admin\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exeMicrosoftEdgeUpdate.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
MEDIUM
Description:
Microsoft Edge Update
Exit code:
0
Version:
1.3.195.57
1196"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=122.0.6261.70 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=122.0.2365.59 --initial-client-data=0x2ac,0x2b0,0x2b4,0x2a4,0x2bc,0x7ffc89cc5fd8,0x7ffc89cc5fe4,0x7ffc89cc5ff0C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exemsedge.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
MEDIUM
Description:
Microsoft Edge
Version:
122.0.2365.59
1240"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --mojo-platform-channel-handle=4528 --field-trial-handle=1556,i,1783958859644535988,9290924043963192939,262144 --variations-seed-version /prefetch:8C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exemsedge.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
LOW
Description:
Microsoft Edge
Exit code:
0
Version:
122.0.2365.59
1300"C:\Users\admin\AppData\Roaming\BitTorrent\updates\7.11.0_47197\bittorrentie.exe" BitTorrent_7944_03E57260_1920516928 BT4823DF041B09 BitTorrent ce unpC:\Users\admin\AppData\Roaming\BitTorrent\updates\7.11.0_47197\bittorrentie.exeBitTorrent.exe
User:
admin
Company:
BitTorrent Inc.
Integrity Level:
MEDIUM
Description:
WebHelper
Version:
1.0.0
1660"C:\Users\admin\AppData\Roaming\BitTorrent\updates\7.11.0_47197\bittorrentie.exe" BitTorrent_7944_03E56658_966170790 BT4823DF041B09 BitTorrent ie unpC:\Users\admin\AppData\Roaming\BitTorrent\updates\7.11.0_47197\bittorrentie.exe
BitTorrent.exe
User:
admin
Company:
BitTorrent Inc.
Integrity Level:
LOW
Description:
WebHelper
Exit code:
0
Version:
1.0.0
2096"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --mojo-platform-channel-handle=2688 --field-trial-handle=2436,i,3486071427001346056,10206993579525940358,262144 --variations-seed-version /prefetch:3C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
msedge.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
MEDIUM
Description:
Microsoft Edge
Exit code:
0
Version:
122.0.2365.59
2140MicrosoftEdgeWebView2Setup.exe /silent /installC:\Users\admin\AppData\Roaming\BitTorrent\MicrosoftEdgeWebView2Setup.exe
BitTorrent.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
MEDIUM
Description:
Microsoft Edge Update Setup
Exit code:
0
Version:
1.3.195.57
2420"C:\Users\admin\AppData\Local\Microsoft\EdgeUpdate\1.3.195.57\MicrosoftEdgeUpdateComRegisterShell64.exe" /user C:\Users\admin\AppData\Local\Microsoft\EdgeUpdate\1.3.195.57\MicrosoftEdgeUpdateComRegisterShell64.exeMicrosoftEdgeUpdate.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
MEDIUM
Description:
Microsoft Edge Update COM Registration Helper
Exit code:
0
Version:
1.3.195.57
2568"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=2388 --field-trial-handle=2392,i,6882207516321783295,8682963840661461070,262144 --variations-seed-version /prefetch:2C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exemsedge.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
LOW
Description:
Microsoft Edge
Version:
122.0.2365.59
Total events
0
Read events
0
Write events
0
Delete events
0

Modification events

No data
Executable files
229
Suspicious files
445
Text files
139
Unknown types
2

Dropped files

PID
Process
Filename
Type
7300bittorent.exeC:\Users\admin\AppData\Local\Temp\uttBBA1.tmp
MD5:
SHA256:
7556bittorent.exeC:\Users\admin\AppData\Local\Temp\uttC2E4.tmp
MD5:
SHA256:
7300bittorent.exeC:\Users\admin\AppData\Local\Temp\utt127C.tmp
MD5:
SHA256:
7300bittorent.exeC:\Users\admin\AppData\Local\Temp\utt127D.tmp
MD5:
SHA256:
7944BitTorrent.exeC:\Users\admin\AppData\Local\Temp\utt13D3.tmp
MD5:
SHA256:
7300bittorent.exeC:\Users\admin\AppData\Roaming\BitTorrent\updates.dattext
MD5:FA2CF3DD2FBB004BB9DF81E3F2E0464E
SHA256:75CA92B9EDE6A6A9C68799361A829EC41112CA94AED4591D2C84418FCCFCF401
7300bittorent.exeC:\Users\admin\AppData\Roaming\Microsoft\Crypto\RSA\S-1-5-21-1693682860-607145093-2874071422-1001\9d1627c087e30ee6fe8c9cce3c77e841_bb926e54-e3ca-40fd-ae90-2764341e7792binary
MD5:01C3EFB82AEB2BFBFBBE3FB2A9615CBC
SHA256:7D72FF63EA2406DDA8FE99B98943412E8D909AC463C1809D24F05E6F136039A5
7556bittorent.exeC:\Users\admin\AppData\Roaming\BitTorrent\BitTorrent.exeexecutable
MD5:BBC8B5312995F09ADAA689AA374445F0
SHA256:778A64B10325DB83DBE6DBDC7A45DD392AC624DD556180EA5054FBC4A9A0416A
7300bittorent.exeC:\Users\admin\AppData\Roaming\BitTorrent\settings.dat.newbinary
MD5:F04C18B21ADDCD586F47D17F2B87EFE2
SHA256:9C6159589E277E1200E67CE846572FDE8EFDC9905C00F88523133C587ACF7660
7556bittorent.exeC:\Users\admin\AppData\Roaming\Microsoft\Crypto\RSA\S-1-5-21-1693682860-607145093-2874071422-1001\393d40f2a8d5c0751c6a6728805b7d18_bb926e54-e3ca-40fd-ae90-2764341e7792binary
MD5:DFE91569DB1AF36254448C214042E15A
SHA256:F1E6005C96BCC2042FFD7BC2052C3B158039288A730394EFD71069AA4757F450
Download PCAP, analyze network streams, HTTP content and a lot more at the full report
HTTP(S) requests
93
TCP/UDP connections
294
DNS requests
153
Threats
20

HTTP requests

PID
Process
Method
HTTP Code
IP
URL
CN
Type
Size
Reputation
7300
bittorent.exe
POST
200
44.195.152.203:80
http://i-50.b-47197.bt.bench.utorrent.com/e?i=50
unknown
whitelisted
7556
bittorent.exe
GET
200
82.221.103.246:80
http://update.utorrent.li/installstats.php?cl=BitTorrent&v=258062429&h=TRl267mTTmnkhcsT&w=4A65000A&bu=0&pr=0&cmp=0&ocmp=0&showtorrentoffer&pid=7556&cau=0&lunv=0&toroffer=0&torofferid=<NULL>&view=win32
unknown
whitelisted
7944
BitTorrent.exe
GET
301
34.201.157.226:80
http://utorrent.com/download/langpacks/dl.php?build=47197&ref=client&client=bittorrent&sys_l=en&sel_l=-1&tk=stable34
unknown
whitelisted
7300
bittorent.exe
POST
200
54.173.115.243:80
http://i-21.b-47197.bt.bench.utorrent.com/e?i=21
unknown
whitelisted
7300
bittorent.exe
POST
200
54.173.115.243:80
http://i-21.b-47197.bt.bench.utorrent.com/e?i=21
unknown
whitelisted
7944
BitTorrent.exe
POST
200
50.16.57.59:80
http://i-70.b-47197.bt.bench.utorrent.com/e?i=70
unknown
whitelisted
7944
BitTorrent.exe
POST
200
107.23.11.163:80
http://i-29.b-47197.bt.bench.utorrent.com/e?i=29
unknown
whitelisted
7944
BitTorrent.exe
POST
200
44.195.152.203:80
http://i-32.b-47197.bt.bench.utorrent.com/e?i=32
unknown
whitelisted
7944
BitTorrent.exe
POST
200
107.23.11.163:80
http://i-29.b-47197.bt.bench.utorrent.com/e?i=29
unknown
whitelisted
7944
BitTorrent.exe
POST
200
34.193.7.160:80
http://i-49.b-47197.bt.bench.utorrent.com/e?i=49
unknown
whitelisted
Download PCAP, analyze network streams, HTTP content and a lot more at the full report

Connections

PID
Process
IP
Domain
ASN
CN
Reputation
51.104.136.2:443
MICROSOFT-CORP-MSN-AS-BLOCK
IE
whitelisted
4
System
192.168.100.255:137
whitelisted
4
System
192.168.100.255:138
whitelisted
7300
bittorent.exe
54.173.115.243:80
i-21.b-47197.bt.bench.utorrent.com
AMAZON-AES
US
whitelisted
7300
bittorent.exe
44.195.152.203:80
i-21.b-47197.bt.bench.utorrent.com
AMAZON-AES
US
whitelisted
7556
bittorent.exe
82.221.103.246:80
update.utorrent.com
Advania Island ehf
IS
whitelisted
2104
svchost.exe
40.127.240.158:443
settings-win.data.microsoft.com
MICROSOFT-CORP-MSN-AS-BLOCK
IE
whitelisted
3216
svchost.exe
172.211.123.249:443
client.wns.windows.com
MICROSOFT-CORP-MSN-AS-BLOCK
FR
whitelisted
7944
BitTorrent.exe
192.168.100.2:5351
whitelisted
7300
bittorent.exe
82.221.103.246:80
update.utorrent.com
Advania Island ehf
IS
whitelisted

DNS requests

Domain
IP
Reputation
router.bittorrent.com
  • 67.215.246.10
whitelisted
router.utorrent.com
  • 82.221.103.244
whitelisted
i-21.b-47197.bt.bench.utorrent.com
  • 54.173.115.243
  • 107.23.11.163
  • 44.195.152.203
  • 34.193.7.160
  • 50.16.57.59
  • 3.216.34.61
whitelisted
i-50.b-47197.bt.bench.utorrent.com
  • 44.195.152.203
  • 50.16.57.59
  • 3.216.34.61
  • 34.193.7.160
  • 107.23.11.163
  • 54.173.115.243
whitelisted
update.utorrent.com
  • 82.221.103.246
  • 82.221.103.245
whitelisted
settings-win.data.microsoft.com
  • 40.127.240.158
whitelisted
client.wns.windows.com
  • 172.211.123.249
whitelisted
update.utorrent.li
  • 82.221.103.246
  • 82.221.103.245
whitelisted
utorrent.com
  • 34.201.157.226
whitelisted
go.microsoft.com
  • 23.35.238.131
whitelisted

Threats

PID
Process
Class
Message
7944
BitTorrent.exe
Potential Corporate Privacy Violation
ET P2P BTWebClient UA uTorrent in use
7944
BitTorrent.exe
Potential Corporate Privacy Violation
ET P2P BTWebClient UA uTorrent in use
7944
BitTorrent.exe
Misc activity
INFO [ANY.RUN] P2P BitTorrent Protocol
2196
svchost.exe
Not Suspicious Traffic
INFO [ANY.RUN] Cloudflare content delivery network (cdnjs .cloudflare .com)
2196
svchost.exe
Not Suspicious Traffic
INFO [ANY.RUN] Google Tag Manager analytics (googletagmanager .com)
7944
BitTorrent.exe
Potential Corporate Privacy Violation
ET P2P BTWebClient UA uTorrent in use
7944
BitTorrent.exe
Potential Corporate Privacy Violation
ET P2P BTWebClient UA uTorrent in use
2096
msedge.exe
Not Suspicious Traffic
INFO [ANY.RUN] Google Tag Manager analytics (googletagmanager .com)
2096
msedge.exe
Not Suspicious Traffic
INFO [ANY.RUN] Google Tag Manager analytics (googletagmanager .com)
2096
msedge.exe
Not Suspicious Traffic
INFO [ANY.RUN] Google Tag Manager analytics (googletagmanager .com)
No debug info
Interactive malware hunting service ANY.RUN
© 2017-2026 ANY.RUN ALL RIGHTS RESERVED
ANY.RUN
Reports
bittorent.exe