The putty exe Simon Tatham File Malware Analysis

The putty.exe File Analysis

Updated 1 month ago

Checked by Malware Check

putty.exe

Hash Type	Value	Action
MD5	36e31f610eef3223154e6e8fd074190f
SHA1	1f2800382cd71163c10e5ce0a32b60297489fbb5
SHA256	16cbe40fb24ce2d422afddb5a90a5801ced32ef52c22c2fc77b25a90837f28ad
SHA512	6971943ccf351e480745362a4c589bd0b3e07a86f76aa77831fd1bfa9c701aadcb4efe97ae4baa0558980e2309a5ff4fce42172b836955f073a15512a6486f0f
ImpHash	aa2128f23bdddd707adc570f98d82415

Hash Type

Value

Action

MD5

36e31f610eef3223154e6e8fd074190f

SHA1

1f2800382cd71163c10e5ce0a32b60297489fbb5

SHA256

16cbe40fb24ce2d422afddb5a90a5801ced32ef52c22c2fc77b25a90837f28ad

SHA512

6971943ccf351e480745362a4c589bd0b3e07a86f76aa77831fd1bfa9c701aadcb4efe97ae4baa0558980e2309a5ff4fce42172b836955f073a15512a6486f0f

ImpHash

aa2128f23bdddd707adc570f98d82415

PE Analysis

Basic Information

▼

Icon	Hash: bcac48e087f1dc6c5a808a84205bfc75 Fuzzy: 8f9d5ea21bf06396dd364157254ed6fb dHash: c49081903c52b2b6
Image Base	`0x140000000`
Entry Point	`0x1400be504`
Compilation Time	2025-02-01 11:27:29
Checksum	0x001a8146 (Actual: 0x001a8146)
OS Version	6.0
PEiD Signatures	`PE32+ executable (GUI) x86-64, for MS Windows`
Digital Signature	OK
Imports	8 libraries GDI32, IMM32, ole32, USER32, KERNEL32, SHELL32, COMDLG32, ADVAPI32
Exports	0 functions
Resources	24 Resources
Sections	10 Sections

Version Information

▼

CompanyName	Simon Tatham
ProductName	PuTTY suite
FileDescription	SSH, Telnet, Rlogin, and SUPDUP client
InternalName	PuTTY
OriginalFilename	PuTTY
FileVersion	Release 0.83 (with embedded help)
ProductVersion	Release 0.83
LegalCopyright	Copyright © 1997-2025 Simon Tatham.
Translation	0x0809 0x04b0

PE Sections

▼

Name	Virtual Address	Virtual Size	Raw Size	Entropy	Characteristics	MD5
`.text`	`0x00001000`	965,670 bytes	966,144 bytes	6.45 (Normal)	`IMAGE_SCN_CNT_CODE\|IMAGE_SCN_MEM_EXECUTE\|IMAGE_SCN_MEM_READ`	`186AD8441ED39D3670B909687F469DC2`
`.rdata`	`0x000ed000`	280,140 bytes	280,576 bytes	5.40 (Normal)	`IMAGE_SCN_CNT_INITIALIZED_DATA\|IMAGE_SCN_MEM_READ`	`927EF87564955A9F0CD57D3FFE45F834`
`.data`	`0x00132000`	16,892 bytes	4,096 bytes	2.07 (Normal)	`IMAGE_SCN_CNT_INITIALIZED_DATA\|IMAGE_SCN_MEM_READ\|IMAGE_SCN_MEM_WRITE`	`61A1B36FAFA42E50581C3A38E5ABF54B`
`.pdata`	`0x00137000`	28,920 bytes	29,184 bytes	5.88 (Normal)	`IMAGE_SCN_CNT_INITIALIZED_DATA\|IMAGE_SCN_MEM_READ`	`84BB85C02B0E8D0320C8664591EE0AB1`
`.00cfg`	`0x0013f000`	56 bytes	512 bytes	0.50 (Normal)	`IMAGE_SCN_CNT_INITIALIZED_DATA\|IMAGE_SCN_MEM_READ`	`C790180ADEBD196C4F716BA05F7B888F`
`.gxfg`	`0x00140000`	10,976 bytes	11,264 bytes	5.14 (Normal)	`IMAGE_SCN_CNT_INITIALIZED_DATA\|IMAGE_SCN_MEM_READ`	`87D7F2C19D2F352F334A58576949BD1B`
`.tls`	`0x00143000`	17 bytes	512 bytes	0.00 (Normal)	`IMAGE_SCN_CNT_INITIALIZED_DATA\|IMAGE_SCN_MEM_READ\|IMAGE_SCN_MEM_WRITE`	`BF619EAC0CDF3F68D496EA9344137E8B`
`_RDATA`	`0x00144000`	348 bytes	512 bytes	3.38 (Normal)	`IMAGE_SCN_CNT_INITIALIZED_DATA\|IMAGE_SCN_MEM_READ`	`C11F8F64FA649E52252BD2B23520593C`
`.rsrc`	`0x00145000`	380,432 bytes	380,928 bytes	7.84 (Packed/Encrypted)	`IMAGE_SCN_CNT_INITIALIZED_DATA\|IMAGE_SCN_MEM_READ`	`F63FF126564E8E886595555015112B66`
`.reloc`	`0x001a2000`	8,632 bytes	8,704 bytes	5.44 (Normal)	`IMAGE_SCN_CNT_INITIALIZED_DATA\|IMAGE_SCN_MEM_DISCARDABLE\|IMAGE_SCN_MEM_READ`	`AE80E9B66495204A863629D4AF5A2968`

Entropy Analysis Alert

1 section(s) with high entropy (≥7.5) detected - possible packing/encryption

Resource Analysis

▼

Total Resources: 24 (379,076 bytes)

Resource Type	Count	Total Size	Percentage
RT_ICON	12	7,952 bytes	2.1%
RT_DIALOG	7	1,512 bytes	0.4%
RT_GROUP_ICON	2	180 bytes	0%
RT_VERSION	1	824 bytes	0.2%
RT_MANIFEST	1	1,369 bytes	0.4%
None	1	367,239 bytes	96.9%

Certificate Chain Analysis

▼

No Digital Signatures

This file is not digitally signed.

Security Implications:

Cannot verify the publisher's identity
Increased security risk when running this file
May trigger security warnings on some systems

⚠ This file either lacks a digital signature or the certificate chain could not be verified
Exercise caution when executing unsigned files from unknown sources

File Name	putty.exe
File Type	PE32+ executable (GUI) x86-64, for MS Windows
Scanner Version	1.0.229.174
Database Version	2025-11-30 09:00:43 UTC

The putty.exe File Analysis

Technical Analysis

Clean File

Scan Another File

File Identification

PE Analysis

Basic Information

Version Information

PE Sections

Entropy Analysis Alert

Resource Analysis

Certificate Chain Analysis

No Digital Signatures

Security Implications:

Certificate Verification Status

Remember: This is Result of Online Virus Scanner

Keep Your System Protected

Leave a Comment

Gridinsoft Anti-Malware