× Cookies zijn uitgeschakeld! Voor een goede werking van deze website moeten cookies zijn ingeschakeld
SHA256: 3b3dcd9da31a9c6a64fcbdcc8e5c865fac1c630ab55e7c926dfeb96f62f6d719
Bestandsnaam: plink.exe
Detectieverhouding: 0 / 56
Datum van analyse: 2016-11-05 22:37:18 UTC (9 maanden, 2 weken geleden) Laatste weergeven
Virusscanner Resultaat Versie
Ad-Aware 20161105
AegisLab 20161105
AhnLab-V3 20161105
Alibaba 20161104
ALYac 20161105
Antiy-AVL 20161105
Arcabit 20161105
Avast 20161105
AVG 20161105
Avira (no cloud) 20161105
AVware 20161105
Baidu 20161104
BitDefender 20161105
Bkav 20161105
CAT-QuickHeal 20161105
ClamAV 20161105
CMC 20161105
Comodo 20161105
CrowdStrike Falcon (ML) 20161024
Cyren 20161105
DrWeb 20161105
Emsisoft 20161105
ESET-NOD32 20161105
F-Prot 20161105
F-Secure 20161105
Fortinet 20161105
GData 20161105
Ikarus 20161105
Sophos ML 20161018
Jiangmin 20161105
K7AntiVirus 20161105
K7GW 20161105
Kaspersky 20161105
Kingsoft 20161105
Malwarebytes 20161105
McAfee 20161105
McAfee-GW-Edition 20161105
Microsoft 20161105
eScan 20161105
NANO-Antivirus 20161105
nProtect 20161105
Panda 20161105
Qihoo-360 20161105
Rising 20161105
Sophos AV 20161105
SUPERAntiSpyware 20161105
Symantec 20161105
Tencent 20161105
TheHacker 20161104
TrendMicro 20161105
TrendMicro-HouseCall 20161105
VBA32 20161105
VIPRE 20161105
ViRobot 20161105
Yandex 20161105
Zillya 20161105
Zoner 20161105
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows command line subsystem.
FileVersionInfo properties
Copyright
Copyright © 1997-2016 Simon Tatham.

Product PuTTY suite
Original name Plink
Internal name Plink
File version Release 0.67 (file config 0.10)
Description Command-line SSH, Telnet, and Rlogin client
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2016-11-05 22:36:37
Entry Point 0x00094A20
Number of sections 6
PE sections
PE imports
SetSecurityDescriptorDacl
SetSecurityDescriptorOwner
RegOpenKeyA
RegCloseKey
RegSetValueExA
CopySid
RegQueryValueExA
AllocateAndInitializeSid
InitializeSecurityDescriptor
GetUserNameA
RegDeleteKeyA
RegEnumKeyA
EqualSid
GetLengthSid
RegDeleteValueA
GetStdHandle
ReleaseMutex
GetOverlappedResult
WaitForSingleObject
HeapDestroy
EncodePointer
GetLocalTime
CreatePipe
GetCurrentProcess
GetConsoleMode
GetLocaleInfoA
LocalAlloc
SetHandleCount
GetLocaleInfoW
SetStdHandle
WideCharToMultiByte
InterlockedExchange
WriteFile
GetSystemTimeAsFileTime
GetThreadTimes
HeapReAlloc
GetStringTypeW
SetEvent
LocalFree
ConnectNamedPipe
GetEnvironmentVariableA
OutputDebugStringW
FindClose
InterlockedDecrement
FormatMessageA
OutputDebugStringA
IsBadReadPtr
SetLastError
GetSystemTime
GetModuleFileNameW
IsDebuggerPresent
ExitProcess
FlushFileBuffers
GetModuleFileNameA
HeapSetInformation
EnumSystemLocalesA
SetConsoleCtrlHandler
UnhandledExceptionFilter
TlsGetValue
MultiByteToWideChar
FatalAppExitA
CreateMutexA
CreateThread
DeleteCriticalSection
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
GetSystemDirectoryA
SetHandleInformation
SetEnvironmentVariableA
GlobalMemoryStatus
GetCommState
SetEndOfFile
GetCurrentThreadId
GetProcAddress
SetCurrentDirectoryA
WriteConsoleW
InitializeCriticalSectionAndSpinCount
HeapFree
EnterCriticalSection
SetCommBreak
LoadLibraryW
FreeLibrary
QueryPerformanceCounter
GetTickCount
TlsAlloc
GetVersionExA
LoadLibraryA
RtlUnwind
GetDateFormatA
DecodePointer
GetFileSize
OpenProcess
CreateDirectoryA
DeleteFileA
GetWindowsDirectoryA
GetStartupInfoW
GetCPInfo
GetUserDefaultLCID
GetProcessHeap
CompareStringW
FreeEnvironmentStringsW
FindFirstFileA
WaitNamedPipeA
InterlockedIncrement
HeapValidate
GetTimeFormatA
CreateFileMappingA
FindNextFileA
IsValidLocale
HeapCreate
ExpandEnvironmentStringsA
SetCommTimeouts
GetTimeZoneInformation
SetCommState
CreateFileW
CreateEventA
GetFileType
TlsSetValue
CreateFileA
HeapAlloc
LeaveCriticalSection
GetLastError
LCMapStringW
UnmapViewOfFile
lstrlenA
GetConsoleCP
GetProcessTimes
GetEnvironmentStringsW
VirtualQuery
CreateNamedPipeA
GetCurrentProcessId
HeapQueryInformation
GetCurrentDirectoryA
ClearCommBreak
HeapSize
GetCommandLineA
GetCurrentThread
RaiseException
MapViewOfFile
TlsFree
SetFilePointer
ReadFile
CloseHandle
GetACP
GetModuleHandleW
GetSystemTimeAdjustment
CreateProcessA
IsValidCodePage
SetConsoleMode
TerminateProcess
GetOEMCP
GetCursorPos
GetCapture
GetForegroundWindow
GetClipboardOwner
GetActiveWindow
GetLastActivePopup
SendMessageA
MessageBoxA
PeekMessageA
MsgWaitForMultipleObjects
GetQueueStatus
FindWindowA
PostThreadMessageA
Number of PE resources by type
RT_ICON 6
RT_MANIFEST 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH UK 8
ENGLISH US 1
PE resources
Debug information
ExifTool file metadata
SubsystemVersion
5.1

LinkerVersion
10.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
0.67.0.0

UninitializedDataSize
0

LanguageCode
English (British)

FileFlagsMask
0x000b

CharacterSet
Unicode

InitializedDataSize
268800

EntryPoint
0x94a20

OriginalFileName
Plink

MIMEType
application/octet-stream

LegalCopyright
Copyright 1997-2016 Simon Tatham.

FileVersion
Release 0.67 (file config 0.10)

TimeStamp
2016:11:05 23:36:37+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
Plink

ProductVersion
Release 0.67 (file config 0.10)

FileDescription
Command-line SSH, Telnet, and Rlogin client

OSVersion
5.1

FileOS
Win32

Subsystem
Windows command line

MachineType
Intel 386 or later, and compatibles

CompanyName
Simon Tatham

CodeSize
960000

ProductName
PuTTY suite

ProductVersionNumber
0.67.0.0

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 7e098b75e9594ed19d2e79365ba17ab1
SHA1 88b05c0044a8932f2bacfbeb04820cf0cea234c5
SHA256 3b3dcd9da31a9c6a64fcbdcc8e5c865fac1c630ab55e7c926dfeb96f62f6d719
ssdeep
12288:XJW6QERbVid70ASSeTCE5DQO0nRObAgVPRQzQa54gH+zAGms7by25SkvWxUrsyZV:XSERu0ASSxE5DEn6GzNomSyUvyyZXSm

authentihash 601478572940129a96b29a67f0d09166383e2fce0f916e04c1d4ed8f381a2909
imphash 5ef80d867b8a79a94c18340b5cdf443c
Bestandsgrootte 1.2 MB ( 1212928 bytes )
Bestandstype Win32 EXE
Magic literal
PE32 executable for MS Windows (console) Intel 80386 32-bit

TrID InstallShield setup (36.8%)
Win32 Executable MS Visual C++ (generic) (26.6%)
Win64 Executable (generic) (23.6%)
Win32 Dynamic Link Library (generic) (5.6%)
Win32 Executable (generic) (3.8%)
Tags
peexe

VirusTotal metadata
First submission 2016-11-05 22:37:18 UTC (9 maanden, 2 weken geleden)
Last submission 2016-11-05 22:37:18 UTC (9 maanden, 2 weken geleden)
Bestandsnamen plink.exe
Plink
Geen reactie. Er heeft nog geen VirusTotal-communitylid gereageerd op dit item. Wees de eerste!

Laat een reactie achter...

?
Reactie plaatsen

U bent niet ingelogd. Alleen geregistreerde gebruikers kunnen reacties plaatsen. Log in en discussieer mee!

Geen stemmen. Er heeft nog niemand gestemd op dit item. U kunt de eerste zijn!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
UDP communications