× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 81de431987304676134138705fc1c21188ad7f27edf6b77a6551aa693194485e
File name: putty.exe
Detection ratio: 0 / 67
Analysis date: 2018-11-17 22:31:05 UTC ( 5 months ago ) View latest
Trusted source! This file belongs to the Microsoft Corporation software catalogue.
Antivirus Result Update
ALYac 20181117
AVG 20181117
Ad-Aware 20181117
AegisLab 20181117
AhnLab-V3 20181117
Alibaba 20180921
Antiy-AVL 20181117
Arcabit 20181117
Avast 20181117
Avast-Mobile 20181117
Avira (no cloud) 20181117
Babable 20180918
Baidu 20181116
BitDefender 20181117
Bkav 20181116
CAT-QuickHeal 20181117
CMC 20181117
ClamAV 20181117
CrowdStrike Falcon (ML) 20181022
Cybereason 20180225
Cylance 20181117
Cyren 20181117
DrWeb 20181117
ESET-NOD32 20181117
Emsisoft 20181117
Endgame 20181108
F-Prot 20181117
F-Secure 20181117
Fortinet 20181117
GData 20181117
Ikarus 20181117
Sophos ML 20181108
Jiangmin 20181117
K7AntiVirus 20181117
K7GW 20181117
Kaspersky 20181117
Kingsoft 20181117
MAX 20181117
Malwarebytes 20181117
McAfee 20181117
McAfee-GW-Edition 20181117
eScan 20181117
Microsoft 20181117
NANO-Antivirus 20181117
Palo Alto Networks (Known Signatures) 20181117
Panda 20181117
Qihoo-360 20181117
Rising 20181117
SUPERAntiSpyware 20181114
SentinelOne (Static ML) 20181011
Sophos AV 20181117
Symantec 20181117
TACHYON 20181117
Tencent 20181117
TheHacker 20181117
TotalDefense 20181117
TrendMicro 20181117
TrendMicro-HouseCall 20181117
Trustlook 20181117
VBA32 20181116
ViRobot 20181117
Webroot 20181117
Yandex 20181116
Zillya 20181116
ZoneAlarm by Check Point 20181117
Zoner 20181117
eGambit 20181117
Symantec Mobile Insight 20181108
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file.
Authenticode signature block and FileVersionInfo properties
Copyright
Copyright © 1997-2017 Simon Tatham.

Product PuTTY suite
Original name PuTTY
Internal name PuTTY
File version Release 0.70
Description SSH, Telnet and Rlogin client
Signature verification Signed file, verified signature
Signing date 7:34 PM 7/4/2017
Signers
[+] Simon Tatham
Status This certificate or one of the certificates in the certificate chain is not time valid.
Issuer COMODO SHA-256 Code Signing CA
Valid from 12:00 AM 12/10/2015
Valid to 11:59 PM 12/01/2018
Valid usage Code Signing
Algorithm sha256RSA
Thumbprint 4022BB3C0398D595623A5380D5EEB520FC6150AA
Serial number 6C D2 82 A2 D9 A2 C1 58 50 5B 17 8D 59 51 8B 7B
[+] COMODO SHA-256 Code Signing CA
Status Valid
Issuer AddTrust External CA Root
Valid from 12:00 AM 12/22/2014
Valid to 10:48 AM 05/30/2020
Valid usage Code Signing
Algorithm sha256RSA
Thumbprint D09E349FD5615F147CF855ACCD3C03B0833A2BC4
Serial number 00 ED 72 DF 71 20 8F 78 36 D0 AB 00 9F CA 97 E0 1F
[+] Sectigo (AddTrust)
Status Valid
Issuer AddTrust External CA Root
Valid from 10:48 AM 05/30/2000
Valid to 10:48 AM 05/30/2020
Valid usage Server Auth, Client Auth, Email Protection, Code Signing, Timestamp Signing, EFS, IPSEC Tunnel, IPSEC User
Algorithm sha1RSA
Thumbprint 02FAF3E291435468607857694DF5E45B68851868
Serial number 01
Counter signers
[+] COMODO SHA-1 Time Stamping Signer
Status Valid
Issuer UTN-USERFirst-Object
Valid from 12:00 AM 12/31/2015
Valid to 06:40 PM 07/09/2019
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint 03A5B14663EB12023091B84A6D6A68BC871DE66B
Serial number 16 88 F0 39 25 5E 63 8E 69 14 39 07 E6 33 0B
[+] Sectigo (UTN Object)
Status Valid
Issuer UTN-USERFirst-Object
Valid from 06:31 PM 07/09/1999
Valid to 06:40 PM 07/09/2019
Valid usage EFS, Timestamp Signing, Code Signing
Algorithm sha1RSA
Thumbrint E12DFB4B41D7D9C32B30514BAC1D81D8385E2D46
Serial number 44 BE 0C 8B 50 00 24 B4 11 D3 36 2D E0 B3 5F 1B
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Entry Point 0x00097FD6
Number of sections 10
PE sections
Overlays
MD5 bb2f7e860c76d27a1497e1c6a9ce96ae
File type data
Offset 761856
Size 12344
Entropy 7.43
PE imports
RegDeleteKeyA
SetSecurityDescriptorDacl
RegOpenKeyA
RegCloseKey
RegDeleteValueA
RegSetValueExA
CopySid
RegQueryValueExA
AllocateAndInitializeSid
InitializeSecurityDescriptor
GetUserNameA
RegEnumKeyA
EqualSid
RegCreateKeyExA
GetLengthSid
RegCreateKeyA
SetSecurityDescriptorOwner
GetOpenFileNameA
ChooseColorA
GetSaveFileNameA
ChooseFontA
SetMapMode
CreatePen
GetBkMode
TextOutA
CreateFontIndirectA
GetCharABCWidthsFloatA
UpdateColors
GetPixel
Rectangle
GetDeviceCaps
ExcludeClipRect
TranslateCharsetInfo
LineTo
GetTextExtentExPointA
DeleteDC
SetBkMode
GetCharacterPlacementW
GetCharWidthW
SetPixel
GetTextMetricsA
IntersectClipRect
GetCharWidthA
RealizePalette
SetTextColor
GetObjectA
MoveToEx
ExtTextOutW
SetPaletteEntries
CreateBitmap
CreateFontA
CreatePalette
GetStockObject
SelectPalette
ExtTextOutA
UnrealizeObject
SetTextAlign
CreateCompatibleDC
SelectObject
GetTextExtentPoint32A
GetCharWidth32W
CreateSolidBrush
Polyline
SetBkColor
GetCharWidth32A
DeleteObject
CreateCompatibleBitmap
ImmReleaseContext
ImmSetCompositionFontA
ImmGetCompositionStringW
ImmSetCompositionWindow
ImmGetContext
GetStdHandle
ReleaseMutex
GetOverlappedResult
SetEvent
SetEndOfFile
GetLocalTime
CreatePipe
GetCurrentProcess
GetConsoleMode
GetLocaleInfoA
LocalAlloc
FreeEnvironmentStringsW
InitializeSListHead
SetStdHandle
IsDBCSLeadByteEx
GetCPInfo
WriteFile
WaitForSingleObject
GetSystemTimeAsFileTime
GetThreadTimes
HeapReAlloc
GetStringTypeW
GetOEMCP
LocalFree
ConnectNamedPipe
GetEnvironmentVariableA
OutputDebugStringW
FindClose
TlsGetValue
FormatMessageA
SetLastError
GetSystemTime
GetModuleFileNameW
Beep
IsDebuggerPresent
ExitProcess
FlushFileBuffers
GetModuleFileNameA
LoadLibraryExA
UnhandledExceptionFilter
LoadLibraryExW
MultiByteToWideChar
SetFilePointerEx
CreateMutexA
CreateThread
DeleteCriticalSection
SetUnhandledExceptionFilter
MulDiv
IsProcessorFeaturePresent
GetSystemDirectoryA
DecodePointer
SetEnvironmentVariableA
GlobalMemoryStatus
GetModuleHandleExW
GlobalAlloc
ReadConsoleW
GetCurrentThreadId
SetCurrentDirectoryA
WriteConsoleW
InitializeCriticalSectionAndSpinCount
HeapFree
EnterCriticalSection
SetCommBreak
FreeLibrary
QueryPerformanceCounter
GetTickCount
TlsAlloc
GetVersionExA
LoadLibraryA
RtlUnwind
SetHandleInformation
OpenProcess
DeleteFileA
GetWindowsDirectoryA
GetDateFormatW
GetStartupInfoW
GetProcAddress
GetProcessHeap
GetTimeFormatW
FindFirstFileExA
FindFirstFileA
WaitNamedPipeA
CreateFileMappingA
FindNextFileA
TerminateProcess
GlobalLock
SetCommTimeouts
GetTimeZoneInformation
SetCommState
CreateFileW
CreateEventA
GetFileType
TlsSetValue
CreateFileA
HeapAlloc
LeaveCriticalSection
GetLastError
LCMapStringW
GlobalFree
GetConsoleCP
CompareStringW
GetProcessTimes
GetEnvironmentStringsW
GlobalUnlock
GetCommState
CreateNamedPipeA
WaitForSingleObjectEx
GetCurrentProcessId
GetCommandLineW
GetCurrentDirectoryA
ClearCommBreak
HeapSize
GetCommandLineA
GetCurrentThread
RaiseException
MapViewOfFile
TlsFree
GetModuleHandleA
ReadFile
CloseHandle
GetACP
GetModuleHandleW
GetSystemTimeAdjustment
CreateProcessA
WideCharToMultiByte
IsValidCodePage
UnmapViewOfFile
ShellExecuteA
SetDlgItemTextA
GetForegroundWindow
PostQuitMessage
SetWindowPos
IsWindow
SetTimer
DispatchMessageA
EndPaint
GetMessageTime
SetActiveWindow
GetDC
GetCursorPos
MapDialogRect
SendMessageA
GetClientRect
SetCaretPos
GetWindowTextLengthA
TrackPopupMenu
ShowCursor
MsgWaitForMultipleObjects
GetWindowTextA
DestroyWindow
DrawEdge
GetParent
UpdateWindow
CheckRadioButton
CreateCaret
ShowWindow
SetClassLongA
PeekMessageW
EnableWindow
SetWindowPlacement
GetDlgItemTextA
PeekMessageA
TranslateMessage
DestroyCaret
SetClipboardData
GetQueueStatus
RegisterClassW
IsZoomed
GetWindowPlacement
IsIconic
RegisterClassA
GetWindowLongA
CreateWindowExA
GetKeyboardLayout
FlashWindow
CreateWindowExW
IsDialogMessageA
SetFocus
GetMessageA
SetCapture
BeginPaint
DefWindowProcW
KillTimer
GetClipboardOwner
RegisterWindowMessageA
DefWindowProcA
ToAsciiEx
GetClipboardData
SendDlgItemMessageA
GetSystemMetrics
EnableMenuItem
GetWindowRect
PostMessageA
ReleaseCapture
SetWindowLongA
SetKeyboardState
GetScrollInfo
CreatePopupMenu
CheckMenuItem
CreateMenu
GetDlgItem
CreateDialogParamA
ScreenToClient
InsertMenuA
LoadCursorA
LoadIconA
GetKeyboardState
IsDlgButtonChecked
CheckDlgButton
GetDesktopWindow
GetSystemMenu
DispatchMessageW
SetForegroundWindow
OpenClipboard
EmptyClipboard
GetCaretBlinkTime
ReleaseDC
EndDialog
HideCaret
GetCapture
FindWindowA
MessageBeep
ShowCaret
AppendMenuA
RegisterClipboardFormatA
MessageBoxIndirectA
MoveWindow
MessageBoxA
DialogBoxParamA
GetSysColor
SetScrollInfo
SystemParametersInfoA
GetDoubleClickTime
WinHelpA
DeleteMenu
InvalidateRect
SetWindowTextA
DefDlgProcA
CloseClipboard
SetCursor
CoUninitialize
CoCreateInstance
CoInitialize
Number of PE resources by type
RT_ICON 12
RT_DIALOG 4
RT_GROUP_ICON 2
RT_VERSION 1
RT_MANIFEST 1
Number of PE resources by language
ENGLISH US 20
PE resources
Execution parents
PE resource-wise parents
Overlay parents
Compressed bundles
File identification
MD5 b6c12d88eeb910784d75a5e4df954001
SHA1 5ef9515e8fd92a254dd2dcdd9c4b50afa8007b8f
SHA256 81de431987304676134138705fc1c21188ad7f27edf6b77a6551aa693194485e
ssdeep
12288:CeqW86Tf7xglFIV/4Zf8FkKBPFrmtJxv/znLABkeGevRcAqn9LqgqmlrexDvBIRF:CV6fxg7IeEOKXrmtJx3rLABk1eFElree

authentihash 89c9f98e747f34f39624318fab7e4524a502409067276409f8e32638117820c5
imphash 63e5ceb1f07221fa9448d107ccf4ab5f
File size 756.1 KB ( 774200 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable (generic) (38.9%)
OS/2 Executable (generic) (17.5%)
Generic Win/DOS Executable (17.2%)
DOS Executable Generic (17.2%)
Music Craft Score (8.6%)
Tags
peexe via-tor signed trusted overlay

Trusted verdicts
This file belongs to the Microsoft Corporation software catalogue. The file is often found with PUTTY.EXE as its name.
VirusTotal metadata
First submission 2017-07-08 08:25:09 UTC ( 1 year, 9 months ago )
Last submission 2019-04-18 12:59:17 UTC ( 1 day, 3 hours ago )
File names dwm.exe
15455234918160.exe
16477935.exe
kc.jpg
dd.exe
b6c12d88eeb910784d75a5e4df954001-fp-pe
putty(2).exe
2018_10_25_09_26_16.000833
put.exe
svchost32.exe
download.exe
PUTTY.EXE
putty.jpg
putty.exe
vvc.exe
file77.exe
hyinkx.exe
xzglpw.exe
81de431987304676134138705fc1c21188ad7f27edf6b77a6551aa693194485e.exe
putty.exe
a313ce4f-ef38-11e7-b8f1-80e65024849a.file
02d2175191ef666a1be03251d492eaf1c768099c941ed11ff918adb0bad5bf0c
3_9656f1a0-9c01-4a90-84b4-4f4607509b3e_putty.zip
vbc.exe
obcuuj.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Runtime DLLs
UDP communications