It's in the signature., (Sun, Oct 15th)

We were contacted by a worried reader: he had found 2 seemingly identical µTorrent executables, with valid digital signatures, but different cryptographic hashes. With CCLeaner’s compromise in mind, this reader wanted to know why these 2 executables were different.

Article Link: https://isc.sans.edu/diary/rss/22928