home

putty.exe

PuTTY suite

Christopher West

Publisher:
Simon Tatham  (signed by Christopher West)

Product:
PuTTY suite

Description:
SSH, Telnet and Rlogin client

Version:
Release p0.63-t020

MD5:
bb06dc80e61f7fb0f4c0522bfda51522

SHA-1:
27382a62b269efbf44076ada729461d845ac0a26

SHA-256:
aeccb1778ea780f3dc6b4dee8e085d1ad1724a8d9515baaa8a2a576109040660

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
5/10/2024 8:34:51 PM UTC  (today)

File size:
972.9 KB (996,248 bytes)

Product version:
Release p0.63-t020

Copyright:
Copyright © 1997-2013 Simon Tatham.

Original file name:
PuTTY

File type:
Executable application (Win32 EXE)

Language:
English (United Kingdom)

Common path:
C:\users\{user}\downloads\putty.exe

Digital Signature
Signed by:
Christopher West

Authority:
StartCom Ltd.

Valid from:
1/22/2012 9:54:46 AM

Valid to:
1/22/2014 8:33:09 AM

Subject:
E=pfx-startssl@goeswhere.com, CN=Christopher West, L=Ealing, S=Ealing, C=GB, Description=w6i3l6U4bJtXr93N

Issuer:
CN=StartCom Class 2 Primary Intermediate Object CA, OU=Secure Digital Certificate Signing, O=StartCom Ltd., C=IL

Serial number:
050C

File PE Metadata
Compilation timestamp:
12/22/2013 12:59:20 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
12288:rr4o+kmk1+GT1RzqK0wZlcRlGrkRe/QH6y6SeZfYpLx5jmaG6JKcmvdLWD2/nV:a81+I1NqK0wIXGrkReQHKGLx1maG6V4V

Entry address:
0x67E6F

Entry point:
E8, 8A, C9, 00, 00, E9, 89, FE, FF, FF, 8B, FF, 55, 8B, EC, 81, EC, 28, 03, 00, 00, A3, F0, BD, 4A, 00, 89, 0D, EC, BD, 4A, 00, 89, 15, E8, BD, 4A, 00, 89, 1D, E4, BD, 4A, 00, 89, 35, E0, BD, 4A, 00, 89, 3D, DC, BD, 4A, 00, 66, 8C, 15, 08, BE, 4A, 00, 66, 8C, 0D, FC, BD, 4A, 00, 66, 8C, 1D, D8, BD, 4A, 00, 66, 8C, 05, D4, BD, 4A, 00, 66, 8C, 25, D0, BD, 4A, 00, 66, 8C, 2D, CC, BD, 4A, 00, 9C, 8F, 05, 00, BE, 4A, 00, 8B, 45, 00, A3, F4, BD, 4A, 00, 8B, 45, 04, A3, F8, BD, 4A, 00, 8D, 45, 08, A3, 04, BE, 4A...
 
[+]

Entropy:
6.6163

Code size:
523 KB (535,552 bytes)

The file putty.exe has been seen being distributed by the following 4 URLs.

http://puttytray.goeswhere.com/.../putty.exe

https://puttytray.goeswhere.com/download/.../putty.exe

http://puttytray.goeswhere.com/download/.../putty.exe

https://puttytray.goeswhere.com/.../putty.exe

Scan putty.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.