× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 52d39cfe711606e6f8248a917564126587503474d971b2cabcd92b830563607c
File name: PSCP
Detection ratio: 0 / 58
Analysis date: 2017-02-10 10:20:05 UTC ( 1 měsíc, 2 týdny ago )
Antivirus Result Update
Ad-Aware 20170210
AegisLab 20170210
AhnLab-V3 20170209
Alibaba 20170122
ALYac 20170210
Antiy-AVL 20170210
Arcabit 20170210
Avast 20170210
AVG 20170210
Avira (no cloud) 20170210
AVware 20170210
Baidu 20170210
BitDefender 20170210
Bkav 20170210
CAT-QuickHeal 20170210
ClamAV 20170210
CMC 20170210
Comodo 20170210
CrowdStrike Falcon (ML) 20170130
Cyren 20170210
DrWeb 20170210
Emsisoft 20170210
Endgame 20170208
ESET-NOD32 20170210
F-Prot 20170210
F-Secure 20170210
Fortinet 20170210
GData 20170210
Ikarus 20170210
Invincea 20170203
Jiangmin 20170210
K7AntiVirus 20170210
K7GW 20170210
Kaspersky 20170210
Kingsoft 20170210
Malwarebytes 20170210
McAfee 20170210
McAfee-GW-Edition 20170210
Microsoft 20170210
eScan 20170210
NANO-Antivirus 20170210
nProtect 20170210
Panda 20170209
Qihoo-360 20170210
Rising 20170210
Sophos 20170210
SUPERAntiSpyware 20170210
Symantec 20170209
Tencent 20170210
TheHacker 20170209
TotalDefense 20170210
TrendMicro 20170210
TrendMicro-HouseCall 20170210
Trustlook 20170210
VBA32 20170209
VIPRE 20170210
ViRobot 20170210
WhiteArmor 20170202
Yandex 20170209
Zillya 20170209
Zoner 20170210
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows command line subsystem.
FileVersionInfo properties
Copyright
Copyright © 1997-2016 Simon Tatham.

Product PuTTY suite
Original name PSCP
Internal name PSCP
File version Development snapshot 2016-03-18.0fadffe (file config 0.10.1)
Description Command-line SCP/SFTP client
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2016-11-05 23:10:49
Entry Point 0x000A8D10
Number of sections 6
PE sections
PE imports
SetSecurityDescriptorDacl
SetSecurityDescriptorOwner
RegOpenKeyA
RegCloseKey
RegSetValueExA
CopySid
RegQueryValueExA
AllocateAndInitializeSid
InitializeSecurityDescriptor
GetUserNameA
RegDeleteKeyA
RegEnumKeyA
EqualSid
GetLengthSid
RegDeleteValueA
GetStdHandle
ReleaseMutex
GetOverlappedResult
WaitForSingleObject
HeapDestroy
EncodePointer
GetLocalTime
CreatePipe
GetCurrentProcess
GetConsoleMode
GetLocaleInfoA
LocalAlloc
FreeEnvironmentStringsW
GetLocaleInfoW
SetStdHandle
GetFileTime
WideCharToMultiByte
GetFileAttributesA
InterlockedExchange
WriteFile
GetSystemTimeAsFileTime
GetThreadTimes
HeapReAlloc
GetStringTypeW
SetEvent
LocalFree
ConnectNamedPipe
GetEnvironmentVariableA
OutputDebugStringW
FindClose
InterlockedDecrement
FormatMessageA
OutputDebugStringA
IsBadReadPtr
SetLastError
GetSystemTime
GetModuleFileNameW
IsDebuggerPresent
ExitProcess
FlushFileBuffers
GetModuleFileNameA
HeapSetInformation
EnumSystemLocalesA
SetConsoleCtrlHandler
UnhandledExceptionFilter
TlsGetValue
MultiByteToWideChar
FatalAppExitA
CreateMutexA
CreateThread
DeleteCriticalSection
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
GetSystemDirectoryA
DecodePointer
SetEnvironmentVariableA
GlobalMemoryStatus
VirtualQuery
SetEndOfFile
GetCurrentThreadId
GetProcAddress
SetCurrentDirectoryA
WriteConsoleW
InitializeCriticalSectionAndSpinCount
HeapFree
EnterCriticalSection
SetHandleCount
LoadLibraryW
FreeLibrary
QueryPerformanceCounter
GetTickCount
TlsAlloc
GetVersionExA
LoadLibraryA
RtlUnwind
LeaveCriticalSection
GetDateFormatA
SetHandleInformation
GetFileSize
OpenProcess
CreateDirectoryA
DeleteFileA
GetWindowsDirectoryA
GetStartupInfoW
GetCPInfo
GetUserDefaultLCID
GetProcessHeap
CompareStringW
FindFirstFileA
WaitNamedPipeA
HeapValidate
GetTimeFormatA
CreateFileMappingA
FindNextFileA
IsValidLocale
WaitForMultipleObjects
HeapCreate
ExpandEnvironmentStringsA
GetTimeZoneInformation
CreateFileW
CreateEventA
GetFileType
TlsSetValue
CreateFileA
HeapAlloc
InterlockedIncrement
GetLastError
LCMapStringW
SetConsoleMode
lstrlenA
GetConsoleCP
GetProcessTimes
GetEnvironmentStringsW
CreateNamedPipeA
GetCurrentProcessId
SetFileTime
HeapQueryInformation
GetCurrentDirectoryA
HeapSize
GetCommandLineA
GetCurrentThread
RaiseException
MapViewOfFile
TlsFree
SetFilePointer
ReadFile
CloseHandle
GetACP
GetModuleHandleW
GetSystemTimeAdjustment
CreateProcessA
IsValidCodePage
UnmapViewOfFile
TerminateProcess
GetOEMCP
GetCursorPos
GetCapture
GetForegroundWindow
GetActiveWindow
GetLastActivePopup
SendMessageA
MessageBoxA
GetClipboardOwner
GetQueueStatus
FindWindowA
Number of PE resources by type
RT_ICON 6
RT_MANIFEST 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH UK 8
ENGLISH US 1
PE resources
Debug information
ExifTool file metadata
SubsystemVersion
5.1

LinkerVersion
10.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
0.67.1018.0

UninitializedDataSize
0

LanguageCode
English (British)

FileFlagsMask
0x000b

CharacterSet
Unicode

InitializedDataSize
284160

EntryPoint
0xa8d10

OriginalFileName
PSCP

MIMEType
application/octet-stream

LegalCopyright
Copyright 1997-2016 Simon Tatham.

FileVersion
Development snapshot 2016-03-18.0fadffe (file config 0.10.1)

TimeStamp
2016:11:06 00:10:49+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
PSCP

ProductVersion
Development snapshot 2016-03-18.0fadffe (file config 0.10.1)

FileDescription
Command-line SCP/SFTP client

OSVersion
5.1

FileOS
Win32

Subsystem
Windows command line

MachineType
Intel 386 or later, and compatibles

CompanyName
Simon Tatham

CodeSize
1068544

ProductName
PuTTY suite

ProductVersionNumber
0.67.1018.0

FileTypeExtension
exe

ObjectFileType
Executable application

Compressed bundles
File identification
MD5 1ef8181006f7aedbf9c5399fe5a26c58
SHA1 4666a9d3187d777afee4846829ed4448177e8896
SHA256 52d39cfe711606e6f8248a917564126587503474d971b2cabcd92b830563607c
ssdeep
24576:2p9S5ceOIWICHtFC1I70LvDwjBQEy2TSZ6wUM:sIZWVN4XUJoT

authentihash df1cae9638376a585c9ed952c9c3f132f05c61dc379a69fa218f62ce8822780a
imphash ff37a92a1b209164c7e4a25e4b81da92
File size 1.3 MB ( 1336320 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (console) Intel 80386 32-bit

TrID InstallShield setup (36.8%)
Win32 Executable MS Visual C++ (generic) (26.6%)
Win64 Executable (generic) (23.6%)
Win32 Dynamic Link Library (generic) (5.6%)
Win32 Executable (generic) (3.8%)
Tags
peexe

VirusTotal metadata
First submission 2016-11-05 23:25:58 UTC ( 4 měsíce, 2 týdny ago )
Last submission 2016-11-05 23:25:58 UTC ( 4 měsíce, 2 týdny ago )
File names PSCP
pscp.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Runtime DLLs
UDP communications