» 7d070b4c9a48245d7002336fde286b44
Overview
Analysis
File Details

7d070b4c9a48245d7002336fde286b44

PuTTY suite

Simon Tatham

The file 7d070b4c9a48245d7002336fde286b44, “Telnet and Rlogin client” has been detected as malware by 32 anti-virus scanners.

File name:

Publisher:

Simon Tatham

Product:

PuTTY suite

Description:

Telnet and Rlogin client

Version:

Release 0.60

MD5:

7d070b4c9a48245d7002336fde286b44

SHA-1:

1cbd44b3ef54639069ef61fe66a016055190e7bc

SHA-256:

cea6d9a07d7c40382a9e287b6845ff690c004becff2927539c84effa43d65403

Scanner detections:

32 / 68

Status:

Malware

Analysis date:

4/23/2024 3:37:31 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Trojan.Heur.TP.sq0@bG050fli

804

AhnLab V3 Security

Backdoor/Win32.Bifrose

2014.11.20

Avira AntiVirus

TR/Crypt.EPACK.Gen2

7.11.187.70

avast!

Win32:MalOb-FE [Cryp]

2014.9-141123

AVG

Win32/Heur

2015.0.3282

Baidu Antivirus

Backdoor.Win32.Generic

4.0.3.141123

Bitdefender

Gen:Trojan.Heur.TP.sq0@bG050fli

1.0.20.1635

Comodo Security

TrojWare.Win32.Rozena.A

20132

Dr.Web

Trojan.Swrort.1

9.0.1.0327

Emsisoft Anti-Malware

Gen:Trojan.Heur.TP.sq0@bG050fli

8.14.11.23.09

ESET NOD32

Win32/Rozena.ED (variant)

8.10748

Fortinet FortiGate

W32/Swrort.C!tr

11/23/2014

F-Prot

W32/Rozena.B.gen

v6.4.7.1.166

F-Secure

Gen:Trojan.Heur.TP.sq0@bG050fli

11.2014-23-11_1

G Data

Gen:Trojan.Heur.TP.sq0@bG050fli

14.11.24

IKARUS anti.virus

Trojan.Win32.Genome

t3scan.1.8.3.0

Kaspersky

HEUR:Backdoor.Win32.Generic

14.0.0.2903

Malwarebytes

Trojan.Swrort

v2014.11.23.09

McAfee

Swrort.c

5600.6938

Microsoft Security Essentials

Trojan:Win32/Swrort.A

1.11202

MicroWorld eScan

Gen:Trojan.Heur.TP.sq0@bG050fli

15.0.0.981

NANO AntiVirus

Virus.Win32.Gen-Crypt.ccnc

0.28.6.63474

Norman

Swrort.S

11.20141123

Panda Antivirus

Trj/Genetic.gen

14.11.23.09

Qihoo 360 Security

HEUR/QVM20.1.Malware.Gen

1.0.0.1015

Quick Heal

Trojan.Swrort.A

11.14.14.00

Rising Antivirus

PE:HackTool.Swrort!1.6477

23.00.65.141121

Sophos

Mal/Swrort-D

4.98

SUPERAntiSpyware

Trojan.Agent/Gen-Rozena

10220

Trend Micro House Call

TROJ_GEN.R047C0DKJ14

7.2.327

Trend Micro

TROJ_GEN.R047C0DKJ14

10.465.23

VIPRE Antivirus

Trojan.Win32.Swrort.B

34928

File size:

288 KB (294,912 bytes)

Product version:

Release 0.60

Original file name:

PuTTYtel

Language:

English (United Kingdom)

Common path:

C:\users\{user}\downloads\91\7d070b4c9a48245d7002336fde286b44

File PE Metadata

Compilation timestamp:

1/12/2007 12:48:19 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

7.10

CTPH (ssdeep):

6144:sYRJfD3I5cXmp61vNlPMyOwa8yp5cX1y67cK:5Db3I5R61vPkyTa8ycX1y6

Entry address:

0x27DC2

Entry point:

B4, 3C, A8, 71, 43, 3F, 6B, D6, 3D, 0D, 10, FC, 7B, 42, 7E, 2B, D5, 0C, A9, 7C, 4A, 80, E2, 66, 93, B2, 70, 49, 78, 14, 7B, 15, 7E, 27, 92, 77, 2C, 71, 05, B0, B9, B5, 7F, 37, 9B, 7D, 1D, 76, 18, D4, 75, 34, 88, D5, 74, 24, B3, 7A, 05, 8D, 89, D1, EB, 27, B8, 4A, 85, E0, 2C, 72, 04, 84, E1, 1C, E3, 15, 99, 42, 73, 00, F8, 40, 79, 0C, 14, B2, 92, B0, F5, 91, 48, 09, F9, BB, 67, B7, 35, B1, D6, 25, 3D, 49, BA, A8, 3B, FC, 93, 20, FD, 1D, 34, 90, 4B, B5, 3C, 3F, A9, B6, D4, 43, 9F, B9, 9B, 41, 0D, 37, 2D, B4... 
[+]

Entropy:

6.7705

Code size:

200 KB (204,800 bytes)

Remove 7d070b4c9a48245d7002336fde286b44 - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.