× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 639b389a513b4fef117ba42fcd9019d9b93d49cda9e3ed09a4cd2dbfdf6f20f2
File name: pscp.exe
Detection ratio: 0 / 57
Analysis date: 2017-01-11 21:12:55 UTC ( 4 měsíce, 1 týden ago )
Antivirus Result Update
Ad-Aware 20170111
AegisLab 20170111
AhnLab-V3 20170111
Alibaba 20170111
ALYac 20170111
Antiy-AVL 20170111
Arcabit 20170111
Avast 20170111
AVG 20170111
Avira (no cloud) 20170111
AVware 20170111
Baidu 20170111
BitDefender 20170111
Bkav 20170111
CAT-QuickHeal 20170111
ClamAV 20170111
CMC 20170111
Comodo 20170111
CrowdStrike Falcon (ML) 20161024
Cyren 20170111
DrWeb 20170111
Emsisoft 20170111
ESET-NOD32 20170111
F-Prot 20170111
F-Secure 20170111
Fortinet 20170111
GData 20170111
Ikarus 20170111
Invincea 20170111
Jiangmin 20170111
K7AntiVirus 20170111
K7GW 20170111
Kaspersky 20170111
Kingsoft 20170111
Malwarebytes 20170111
McAfee 20170108
McAfee-GW-Edition 20170111
Microsoft 20170111
eScan 20170111
NANO-Antivirus 20170111
nProtect 20170111
Panda 20170111
Qihoo-360 20170111
Rising 20170111
Sophos 20170111
SUPERAntiSpyware 20170111
Symantec 20170111
Tencent 20170111
TheHacker 20170111
TrendMicro 20170111
TrendMicro-HouseCall 20170111
Trustlook 20170111
VBA32 20170110
VIPRE 20170111
ViRobot 20170111
WhiteArmor 20170111
Yandex 20170111
Zillya 20170111
Zoner 20170111
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows command line subsystem.
FileVersionInfo properties
Copyright
Copyright © 1997-2016 Simon Tatham.

Product PuTTY suite
Original name PSCP
Internal name PSCP
File version Release 0.67 (file config 0.10)
Description Command-line SCP/SFTP client
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2016-11-05 23:00:23
Entry Point 0x00098810
Number of sections 6
PE sections
PE imports
SetSecurityDescriptorDacl
SetSecurityDescriptorOwner
RegOpenKeyA
RegCloseKey
RegSetValueExA
CopySid
RegQueryValueExA
AllocateAndInitializeSid
InitializeSecurityDescriptor
GetUserNameA
RegDeleteKeyA
RegEnumKeyA
EqualSid
GetLengthSid
RegDeleteValueA
GetStdHandle
ReleaseMutex
GetOverlappedResult
WaitForSingleObject
HeapDestroy
EncodePointer
GetLocalTime
CreatePipe
GetCurrentProcess
GetConsoleMode
GetLocaleInfoA
LocalAlloc
FreeEnvironmentStringsW
GetLocaleInfoW
SetStdHandle
GetFileTime
WideCharToMultiByte
GetFileAttributesA
InterlockedExchange
WriteFile
GetSystemTimeAsFileTime
GetThreadTimes
HeapReAlloc
GetStringTypeW
SetEvent
LocalFree
ConnectNamedPipe
GetEnvironmentVariableA
OutputDebugStringW
FindClose
InterlockedDecrement
FormatMessageA
OutputDebugStringA
IsBadReadPtr
SetLastError
GetSystemTime
GetModuleFileNameW
IsDebuggerPresent
ExitProcess
FlushFileBuffers
GetModuleFileNameA
HeapSetInformation
EnumSystemLocalesA
SetConsoleCtrlHandler
UnhandledExceptionFilter
TlsGetValue
MultiByteToWideChar
FatalAppExitA
CreateMutexA
CreateThread
DeleteCriticalSection
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
GetSystemDirectoryA
DecodePointer
SetEnvironmentVariableA
GlobalMemoryStatus
VirtualQuery
SetEndOfFile
GetCurrentThreadId
GetProcAddress
SetCurrentDirectoryA
WriteConsoleW
InitializeCriticalSectionAndSpinCount
HeapFree
EnterCriticalSection
SetHandleCount
LoadLibraryW
FreeLibrary
QueryPerformanceCounter
GetTickCount
TlsAlloc
GetVersionExA
LoadLibraryA
RtlUnwind
LeaveCriticalSection
GetDateFormatA
SetHandleInformation
GetFileSize
OpenProcess
CreateDirectoryA
DeleteFileA
GetWindowsDirectoryA
GetStartupInfoW
GetCPInfo
GetUserDefaultLCID
GetProcessHeap
CompareStringW
FindFirstFileA
WaitNamedPipeA
HeapValidate
GetTimeFormatA
CreateFileMappingA
FindNextFileA
IsValidLocale
WaitForMultipleObjects
HeapCreate
ExpandEnvironmentStringsA
GetTimeZoneInformation
CreateFileW
CreateEventA
GetFileType
TlsSetValue
CreateFileA
HeapAlloc
InterlockedIncrement
GetLastError
LCMapStringW
SetConsoleMode
lstrlenA
GetConsoleCP
GetProcessTimes
GetEnvironmentStringsW
CreateNamedPipeA
GetCurrentProcessId
SetFileTime
HeapQueryInformation
GetCurrentDirectoryA
HeapSize
GetCommandLineA
GetCurrentThread
RaiseException
MapViewOfFile
TlsFree
SetFilePointer
ReadFile
CloseHandle
GetACP
GetModuleHandleW
GetSystemTimeAdjustment
CreateProcessA
IsValidCodePage
UnmapViewOfFile
TerminateProcess
GetOEMCP
GetCursorPos
GetCapture
GetForegroundWindow
GetActiveWindow
GetLastActivePopup
SendMessageA
MessageBoxA
GetClipboardOwner
GetQueueStatus
FindWindowA
Number of PE resources by type
RT_ICON 6
RT_MANIFEST 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH UK 8
ENGLISH US 1
PE resources
Debug information
ExifTool file metadata
SubsystemVersion
5.1

LinkerVersion
10.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
0.67.0.0

UninitializedDataSize
0

LanguageCode
English (British)

FileFlagsMask
0x000b

CharacterSet
Unicode

InitializedDataSize
274944

EntryPoint
0x98810

OriginalFileName
PSCP

MIMEType
application/octet-stream

LegalCopyright
Copyright 1997-2016 Simon Tatham.

FileVersion
Release 0.67 (file config 0.10)

TimeStamp
2016:11:06 00:00:23+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
PSCP

ProductVersion
Release 0.67 (file config 0.10)

FileDescription
Command-line SCP/SFTP client

OSVersion
5.1

FileOS
Win32

Subsystem
Windows command line

MachineType
Intel 386 or later, and compatibles

CompanyName
Simon Tatham

CodeSize
1001472

ProductName
PuTTY suite

ProductVersionNumber
0.67.0.0

FileTypeExtension
exe

ObjectFileType
Executable application

Compressed bundles
File identification
MD5 7731b1869cda2c2f707540830eff1575
SHA1 896e39b37cfcfe324218df65cfc192061787cb3a
SHA256 639b389a513b4fef117ba42fcd9019d9b93d49cda9e3ed09a4cd2dbfdf6f20f2
ssdeep
24576:00e/GBpMO5JeONqd6/nBDVnOIMcnEZUtr:0tkNJeOQGvR9

authentihash 7bfe0648904af60f7a93845057f7ec93e2b971a9eb7a3017fb975f4840e1b6e2
imphash b571cc47c1c5b7f0eb1a0ac2ee21e19f
File size 1.2 MB ( 1260032 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (console) Intel 80386 32-bit

TrID InstallShield setup (36.8%)
Win32 Executable MS Visual C++ (generic) (26.6%)
Win64 Executable (generic) (23.6%)
Win32 Dynamic Link Library (generic) (5.6%)
Win32 Executable (generic) (3.8%)
Tags
peexe

VirusTotal metadata
First submission 2016-11-05 23:06:14 UTC ( 6 měsíců, 2 týdny ago )
Last submission 2017-01-11 21:12:55 UTC ( 4 měsíce, 1 týden ago )
File names PSCP
pscp.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Runtime DLLs
UDP communications