× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 889ebb4def568f673d2f52a0583b87821e917a41b3e4d7b8dad87f221654d8bd
File name: Plink
Detection ratio: 0 / 57
Analysis date: 2017-02-19 10:11:47 UTC ( 4 měsíce ago )
Antivirus Result Update
Ad-Aware 20170219
AegisLab 20170219
AhnLab-V3 20170219
Alibaba 20170217
ALYac 20170219
Antiy-AVL 20170219
Arcabit 20170219
Avast 20170219
AVG 20170219
Avira (no cloud) 20170219
AVware 20170219
Baidu 20170217
BitDefender 20170219
CAT-QuickHeal 20170218
ClamAV 20170219
CMC 20170219
Comodo 20170219
CrowdStrike Falcon (ML) 20170130
Cyren 20170219
DrWeb 20170219
Emsisoft 20170219
Endgame 20170217
ESET-NOD32 20170219
F-Prot 20170219
F-Secure 20170219
Fortinet 20170219
GData 20170219
Ikarus 20170219
Invincea 20170203
Jiangmin 20170218
K7AntiVirus 20170219
K7GW 20170219
Kaspersky 20170219
Kingsoft 20170219
Malwarebytes 20170219
McAfee 20170219
McAfee-GW-Edition 20170219
Microsoft 20170219
eScan 20170219
NANO-Antivirus 20170219
nProtect 20170219
Panda 20170219
Qihoo-360 20170219
Rising 20170219
Sophos 20170219
SUPERAntiSpyware 20170219
Symantec 20170218
Tencent 20170219
TheHacker 20170218
TotalDefense 20170219
TrendMicro-HouseCall 20170219
Trustlook 20170219
VBA32 20170217
VIPRE 20170219
ViRobot 20170218
Webroot 20170219
WhiteArmor 20170215
Yandex 20170218
Zillya 20170218
Zoner 20170219
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows command line subsystem.
FileVersionInfo properties
Copyright
Copyright © 1997-2016 Simon Tatham.

Product PuTTY suite
Original name Plink
Internal name Plink
File version Development snapshot 2016-03-18.0fadffe (file config 0.10.1)
Description Command-line SSH, Telnet, and Rlogin client
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2016-11-05 23:10:51
Entry Point 0x000A4DC0
Number of sections 6
PE sections
PE imports
SetSecurityDescriptorDacl
SetSecurityDescriptorOwner
RegOpenKeyA
RegCloseKey
RegSetValueExA
CopySid
RegQueryValueExA
AllocateAndInitializeSid
InitializeSecurityDescriptor
GetUserNameA
RegDeleteKeyA
RegEnumKeyA
EqualSid
GetLengthSid
RegDeleteValueA
GetStdHandle
ReleaseMutex
GetOverlappedResult
WaitForSingleObject
HeapDestroy
EncodePointer
GetLocalTime
CreatePipe
GetCurrentProcess
GetConsoleMode
GetLocaleInfoA
LocalAlloc
SetHandleCount
GetLocaleInfoW
SetStdHandle
WideCharToMultiByte
InterlockedExchange
WriteFile
GetSystemTimeAsFileTime
GetThreadTimes
HeapReAlloc
GetStringTypeW
SetEvent
LocalFree
ConnectNamedPipe
GetEnvironmentVariableA
OutputDebugStringW
FindClose
InterlockedDecrement
FormatMessageA
OutputDebugStringA
IsBadReadPtr
SetLastError
GetSystemTime
GetModuleFileNameW
IsDebuggerPresent
ExitProcess
FlushFileBuffers
GetModuleFileNameA
HeapSetInformation
EnumSystemLocalesA
SetConsoleCtrlHandler
GetUserDefaultLCID
UnhandledExceptionFilter
TlsGetValue
MultiByteToWideChar
FatalAppExitA
CreateMutexA
CreateThread
DeleteCriticalSection
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
GetSystemDirectoryA
SetHandleInformation
SetEnvironmentVariableA
GlobalMemoryStatus
GetCommState
SetEndOfFile
GetCurrentThreadId
InterlockedIncrement
SetCurrentDirectoryA
WriteConsoleW
InitializeCriticalSectionAndSpinCount
HeapFree
EnterCriticalSection
SetCommBreak
LoadLibraryW
FreeLibrary
QueryPerformanceCounter
GetTickCount
TlsAlloc
GetVersionExA
LoadLibraryA
RtlUnwind
GetDateFormatA
DecodePointer
GetFileSize
OpenProcess
CreateDirectoryA
DeleteFileA
GetWindowsDirectoryA
GetStartupInfoW
GetCPInfo
GetProcAddress
GetProcessHeap
CompareStringW
FreeEnvironmentStringsW
FindFirstFileA
WaitNamedPipeA
HeapValidate
GetTimeFormatA
CreateFileMappingA
FindNextFileA
IsValidLocale
HeapCreate
ExpandEnvironmentStringsA
SetCommTimeouts
GetTimeZoneInformation
SetCommState
CreateFileW
CreateEventA
GetFileType
TlsSetValue
CreateFileA
HeapAlloc
LeaveCriticalSection
GetLastError
LCMapStringW
UnmapViewOfFile
lstrlenA
GetConsoleCP
GetProcessTimes
GetEnvironmentStringsW
VirtualQuery
CreateNamedPipeA
GetCurrentProcessId
HeapQueryInformation
GetCurrentDirectoryA
ClearCommBreak
HeapSize
GetCommandLineA
GetCurrentThread
RaiseException
MapViewOfFile
TlsFree
SetFilePointer
ReadFile
CloseHandle
GetACP
GetModuleHandleW
GetSystemTimeAdjustment
CreateProcessA
IsValidCodePage
SetConsoleMode
TerminateProcess
GetOEMCP
GetCursorPos
GetCapture
GetForegroundWindow
GetClipboardOwner
GetActiveWindow
GetLastActivePopup
SendMessageA
MessageBoxA
PeekMessageA
MsgWaitForMultipleObjects
GetQueueStatus
FindWindowA
PostThreadMessageA
Number of PE resources by type
RT_ICON 6
RT_MANIFEST 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH UK 8
ENGLISH US 1
PE resources
Debug information
ExifTool file metadata
SubsystemVersion
5.1

LinkerVersion
10.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
0.67.1018.0

UninitializedDataSize
0

LanguageCode
English (British)

FileFlagsMask
0x000b

CharacterSet
Unicode

InitializedDataSize
278016

EntryPoint
0xa4dc0

OriginalFileName
Plink

MIMEType
application/octet-stream

LegalCopyright
Copyright 1997-2016 Simon Tatham.

FileVersion
Development snapshot 2016-03-18.0fadffe (file config 0.10.1)

TimeStamp
2016:11:06 00:10:51+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
Plink

ProductVersion
Development snapshot 2016-03-18.0fadffe (file config 0.10.1)

FileDescription
Command-line SSH, Telnet, and Rlogin client

OSVersion
5.1

FileOS
Win32

Subsystem
Windows command line

MachineType
Intel 386 or later, and compatibles

CompanyName
Simon Tatham

CodeSize
1026560

ProductName
PuTTY suite

ProductVersionNumber
0.67.1018.0

FileTypeExtension
exe

ObjectFileType
Executable application

Compressed bundles
File identification
MD5 260650be78f3b44440d0d858b4b24a50
SHA1 cf85c7775cdfe1417293bd14eb46d3ae78e6cd5e
SHA256 889ebb4def568f673d2f52a0583b87821e917a41b3e4d7b8dad87f221654d8bd
ssdeep
24576:FFKe3GxmfymL7b5dKo7thk9YEDQzH+ZXM0l:nXZym3bO9gV0

authentihash eefb55327e529427b2f215ab32a725b843e0b797053cee4aefaa5a181966182d
imphash bfe41781f7cb96bb578181aa365d504a
File size 1.2 MB ( 1288704 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (console) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (42.2%)
Win64 Executable (generic) (37.3%)
Win32 Dynamic Link Library (generic) (8.8%)
Win32 Executable (generic) (6.0%)
Generic Win/DOS Executable (2.7%)
Tags
peexe

VirusTotal metadata
First submission 2016-11-05 23:25:58 UTC ( 7 měsíců, 2 týdny ago )
Last submission 2016-11-05 23:25:58 UTC ( 7 měsíců, 2 týdny ago )
File names plink.exe
Plink
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
UDP communications