× Sütik letiltva! Az oldal helyes működéséhez engedélyezni kell a sütiket.
SHA256: 4ed39c44dc6062c013178da7823f77b69d5df10d418a3ffaff695779f29153d6
Fájl neve: plink.exe
Észlelési arány: 15 / 56
Elemzés ideje: 2016-11-05 22:33:51 UTC ( 1 év, 1 hónap ezelőtt )
Vírusirtó Eredmény Utolsó frissítés
AhnLab-V3 Trojan/Win32.Puty.C1573607 20161105
Antiy-AVL Trojan/Win32.BTSGeneric 20161105
Avast Win32:Malware-gen 20161105
AVG PSW.Generic13.KND 20161105
Avira (no cloud) TR/Spy.Skeeyah.ejlo 20161105
AVware Trojan.Win32.Generic!BT 20161105
DrWeb Trojan.PWS.Siggen1.54299 20161105
K7AntiVirus Riskware ( 0040eff71 ) 20161105
K7GW Riskware ( 0040eff71 ) 20161105
NANO-Antivirus Trojan.Win32.Siggen1.eeuvfq 20161105
Panda Trj/GdSda.A 20161105
Qihoo-360 HEUR/QVM10.1.0000.Malware.Gen 20161105
Rising Malware.Generic!uGDblEHO6mD@5 (thunder) 20161105
VBA32 TrojanPSW.Puty 20161105
Yandex Trojan.PWS.Puty! 20161105
Ad-Aware 20161105
AegisLab 20161105
Alibaba 20161104
ALYac 20161105
Arcabit 20161105
Baidu 20161104
BitDefender 20161105
Bkav 20161105
CAT-QuickHeal 20161105
ClamAV 20161105
CMC 20161105
Comodo 20161105
CrowdStrike Falcon (ML) 20161024
Cyren 20161105
Emsisoft 20161105
ESET-NOD32 20161105
F-Prot 20161105
F-Secure 20161105
Fortinet 20161105
GData 20161105
Ikarus 20161105
Sophos ML 20161018
Jiangmin 20161105
Kaspersky 20161105
Kingsoft 20161105
Malwarebytes 20161105
McAfee 20161105
McAfee-GW-Edition 20161105
Microsoft 20161105
eScan 20161105
nProtect 20161105
Sophos AV 20161105
SUPERAntiSpyware 20161105
Symantec 20161105
Tencent 20161105
TheHacker 20161104
TrendMicro 20161105
TrendMicro-HouseCall 20161105
VIPRE 20161105
ViRobot 20161105
Zillya 20161105
Zoner 20161105
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows command line subsystem.
FileVersionInfo properties
Copyright
Copyright © 1997-2016 Simon Tatham.

Product PuTTY suite
Original name Plink
Internal name Plink
File version Release 0.67 (file config 0.10)
Description Command-line SSH, Telnet, and Rlogin client
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2016-11-05 22:27:58
Entry Point 0x00041F68
Number of sections 5
PE sections
PE imports
SetSecurityDescriptorDacl
SetSecurityDescriptorOwner
RegOpenKeyA
RegCloseKey
RegSetValueExA
CopySid
RegQueryValueExA
AllocateAndInitializeSid
InitializeSecurityDescriptor
GetUserNameA
EqualSid
GetLengthSid
RegDeleteValueA
GetStdHandle
ReleaseMutex
GetOverlappedResult
WaitForSingleObject
EncodePointer
GetLocalTime
CreatePipe
GetCurrentProcess
GetConsoleMode
LocalAlloc
SetHandleCount
SetStdHandle
GetCPInfo
WriteFile
GetSystemTimeAsFileTime
GetThreadTimes
HeapReAlloc
GetStringTypeW
FreeLibrary
LocalFree
ConnectNamedPipe
GetEnvironmentVariableA
FindClose
InterlockedDecrement
FormatMessageA
SetLastError
GetSystemTime
GetModuleFileNameW
IsDebuggerPresent
HeapAlloc
GetModuleFileNameA
HeapSetInformation
UnhandledExceptionFilter
TlsGetValue
MultiByteToWideChar
CreateMutexA
CreateThread
DeleteCriticalSection
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
GetSystemDirectoryA
DecodePointer
SetEnvironmentVariableA
GlobalMemoryStatus
GetCommState
SetEndOfFile
GetCurrentThreadId
InterlockedIncrement
SetCurrentDirectoryA
WriteConsoleW
InitializeCriticalSectionAndSpinCount
HeapFree
EnterCriticalSection
SetCommBreak
LoadLibraryW
SetEvent
QueryPerformanceCounter
GetTickCount
TlsAlloc
FlushFileBuffers
LoadLibraryA
RtlUnwind
GetDateFormatA
SetHandleInformation
GetFileSize
OpenProcess
CreateDirectoryA
DeleteFileA
GetWindowsDirectoryA
GetStartupInfoW
GetProcAddress
GetProcessHeap
CompareStringW
FreeEnvironmentStringsW
FindFirstFileA
WaitNamedPipeA
GetTimeFormatA
CreateFileMappingA
FindNextFileA
TerminateProcess
HeapCreate
ExpandEnvironmentStringsA
SetCommTimeouts
GetTimeZoneInformation
SetCommState
CreateFileW
CreateEventA
GetFileType
TlsSetValue
CreateFileA
ExitProcess
LeaveCriticalSection
GetLastError
LCMapStringW
SetConsoleMode
GetConsoleCP
GetProcessTimes
GetEnvironmentStringsW
CreateNamedPipeA
GetCurrentProcessId
GetCurrentDirectoryA
ClearCommBreak
HeapSize
GetCommandLineA
GetCurrentThread
MapViewOfFile
TlsFree
SetFilePointer
ReadFile
CloseHandle
GetACP
GetModuleHandleW
GetSystemTimeAdjustment
CreateProcessA
WideCharToMultiByte
IsValidCodePage
UnmapViewOfFile
Sleep
GetOEMCP
GetCursorPos
GetCapture
GetForegroundWindow
GetClipboardOwner
GetActiveWindow
GetLastActivePopup
SendMessageA
MessageBoxA
PeekMessageA
MsgWaitForMultipleObjects
GetQueueStatus
FindWindowA
Number of PE resources by type
RT_ICON 6
RT_MANIFEST 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH UK 8
ENGLISH US 1
PE resources
ExifTool file metadata
SubsystemVersion
5.1

LinkerVersion
10.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
0.67.0.0

UninitializedDataSize
0

LanguageCode
English (British)

FileFlagsMask
0x000b

CharacterSet
Unicode

InitializedDataSize
103424

EntryPoint
0x41f68

OriginalFileName
Plink

MIMEType
application/octet-stream

LegalCopyright
Copyright 1997-2016 Simon Tatham.

FileVersion
Release 0.67 (file config 0.10)

TimeStamp
2016:11:05 23:27:58+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
Plink

ProductVersion
Release 0.67 (file config 0.10)

FileDescription
Command-line SSH, Telnet, and Rlogin client

OSVersion
5.1

FileOS
Win32

Subsystem
Windows command line

MachineType
Intel 386 or later, and compatibles

CompanyName
Simon Tatham

CodeSize
306176

ProductName
PuTTY suite

ProductVersionNumber
0.67.0.0

FileTypeExtension
exe

ObjectFileType
Executable application

Compressed bundles
File identification
MD5 d3dcdd35371536927a757792d8dad489
SHA1 137b1f74060251db5a469a8195dfd0cf3da6dade
SHA256 4ed39c44dc6062c013178da7823f77b69d5df10d418a3ffaff695779f29153d6
ssdeep
12288:cdt0DAqhMRDY0gu0TnEPyo6lhk9MDaNM2jmyd5WDfWneiH9FZN:cdt0DbGkrtEPyo6lhk9MDai415WaLXZN

authentihash d8c09e5e417f269e9d4f9f35e39fd7745bc10f25738e39e2f4ab2d13c851d8c8
imphash 15c4c55c6c64c11813b9398779df2e96
Fájl méret 401.0 KB ( 410624 bytes )
Fájl típus Win32 EXE
Magic literal
PE32 executable for MS Windows (console) Intel 80386 32-bit

TrID InstallShield setup (36.8%)
Win32 Executable MS Visual C++ (generic) (26.6%)
Win64 Executable (generic) (23.6%)
Win32 Dynamic Link Library (generic) (5.6%)
Win32 Executable (generic) (3.8%)
Tags
peexe

VirusTotal metadata
First submission 2016-11-05 22:33:51 UTC ( 1 év, 1 hónap ezelőtt )
Last submission 2016-11-05 22:33:51 UTC ( 1 év, 1 hónap ezelőtt )
Fájl nevek plink.exe
Plink
Nincsenek hozzászólások. Még egy VirusTotal felhasználó sem írt bejegyzést ehhez, legyél te az első!

Hozzászólás írása...

?
Hozzászólás elküldése

Nem vagy bejelentkezve. Csak regisztrált felhasználók írhatnak hozzászólást, jelentkezz be és oszd meg a véleményed!

Nincsenek szavazatok. Még senki nem szavazott, legyél te az első!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
UDP communications