» putty.exe
Overview
Analysis
File Details
Downloads (1)

putty.exe

PuTTY suite

Christopher West

File name:

putty.exe

Publisher:

Simon Tatham (signed by Christopher West)

Product:

PuTTY suite

Description:

SSH, Telnet and Rlogin client

Version:

PuTTYTray p0.65-t026

MD5:

449e93d7d0d8ed653a0a098b4dfab395

SHA-1:

b01f4185e6220b67a339d399f66ce0d5358f133e

SHA-256:

51bb7302285d6f7f1310f10fa3b9a5695111a29d210dc87d67f7c7b982c0d5d9

Scanner detections:

1 / 68

Status:

Clean (1 probable false positive detection)

Explanation:

This is mosty likely a false positive detection, the file is probably clean.

Analysis date:

4/27/2024 9:23:32 AM UTC (today)

Scan engine

Detection

Engine version

Baidu Antivirus

Adware.Win32.Agent

4.0.3.151027

File size:

1.2 MB (1,262,184 bytes)

Product version:

PuTTYTray p0.65-t026

Original file name:

PuTTY

File type:

Executable application (Win32 EXE)

Language:

English (United Kingdom)

Common path:

C:\users\{user}\downloads\putty.exe

Digital Signature

Signed by:

Christopher West

Authority:

StartCom Ltd.

Valid from:

2/25/2014 10:22:24 PM

Valid to:

2/26/2016 5:05:17 AM

Subject:

E=pfx-startssl@goeswhere.com, CN=Christopher West, L=London, S=Greater London, C=GB, Description=3sPtYo6SpQnnhM9l

Issuer:

CN=StartCom Class 2 Primary Intermediate Object CA, OU=Secure Digital Certificate Signing, O=StartCom Ltd., C=IL

Serial number:

0D3B

File PE Metadata

Compilation timestamp:

9/21/2015 10:48:48 PM

OS version:

6.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

14.0

CTPH (ssdeep):

24576:vHlbvenHFq9LIA0+86x1vVWo93vavwfguvWaws6e2hj7/:tC6BWMYwou2hj7/

Entry address:

0x68FB0

Entry point:

E8, CE, 03, 00, 00, E9, 42, FE, FF, FF, 55, 8B, EC, A1, 04, A0, 4E, 00, 8B, C8, 33, 45, 08, 83, E1, 1F, D3, C8, 5D, C3, 55, 8B, EC, A1, 04, A0, 4E, 00, 83, E0, 1F, 6A, 20, 59, 2B, C8, 8B, 45, 08, D3, C8, 33, 05, 04, A0, 4E, 00, 5D, C3, 55, 8B, EC, 8B, 45, 08, 8B, 4D, 0C, D3, C8, 5D, C3, 55, 8B, EC, 8B, 45, 08, 56, 8B, 48, 3C, 03, C8, 0F, B7, 41, 14, 8D, 51, 18, 03, D0, 0F, B7, 41, 06, 6B, F0, 28, 03, F2, 3B, D6, 74, 19, 8B, 4D, 0C, 3B, 4A, 0C, 72, 0A, 8B, 42, 08, 03, 42, 0C, 3B, C8, 72, 0C, 83, C2, 28, 3B... 
[+]

Entropy:

6.6854

Code size:

744 KB (761,856 bytes)

The file putty.exe has been seen being distributed by the following URL.

http://the.earth.li/~sgtatham/putty/0.62/.../putty.exe

Scan putty.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.