Manalyze report for 03cf11324f0bd4cdd4dc8f59ca697354

Summary

Architecture	`IMAGE_FILE_MACHINE_I386`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
Compilation Date	1970-Jan-01 00:00:00
Detected languages	English - United Kingdom English - United States
CompanyName	Simon Tatham
ProductName	PuTTY suite
FileDescription	SSH, Telnet and Rlogin client
InternalName	PuTTY
OriginalFilename	PuTTY
FileVersion	`Release 0.70`
ProductVersion	`Release 0.70`
LegalCopyright	Copyright © 1997-2017 Simon Tatham.

Plugin Output

Info	Matching compiler(s):	`Microsoft Visual C++ 6.0 - 8.0`
Info	Cryptographic algorithms detected in the binary:	`Uses constants related to CRC32` `Uses constants related to MD5` `Uses constants related to SHA1` `Uses constants related to SHA256` `Uses constants related to AES` `Uses constants related to Blowfish` `Uses known Diffie-Helman primes`
Suspicious	The PE is possibly packed.	`Unusual section name found: .xdata`
Malicious	The PE contains functions mostly used by malware.	`[!] The program may be hiding some of its imports: GetProcAddress LoadLibraryA LoadLibraryExA LoadLibraryExW` `Functions which can be used for anti-debugging purposes: FindWindowA` `Code injection capabilities (PowerLoader): FindWindowA GetWindowLongA` `Can access the registry: RegCloseKey RegCreateKeyA RegCreateKeyExA RegDeleteKeyA RegDeleteValueA RegEnumKeyA RegOpenKeyA RegQueryValueExA RegSetValueExA` `Possibly launches other programs: ShellExecuteA CreateProcessA` `Manipulates other processes: OpenProcess` `Can take screenshots: CreateCompatibleDC FindWindowA GetDC` `Reads the contents of the clipboard: GetClipboardData`
Suspicious	No VirusTotal score.	`This file has never been scanned on VirusTotal.`

Hashes

MD5	`03cf11324f0bd4cdd4dc8f59ca697354`
SHA1	`02fe56ae2b31987d706a9ee4ab6d8719703ee70d`
SHA256	`c700838d62d2945c87a9112bfb150715aec05ffd4d89595c394ea2077f413cc2`
SHA3	`3195946df9c3e28559fefadfa8b345f858fb4ada6196e2536a1f688e9189927a`
SSDeep	`12288:CeqW86Tf7xglFIV/4Zf8FkKBPFrmtJxv/znLABkeGevRcAqn9LqgqmlrexDvBIRz:CV6fxg7IeEOKXrmtJx3rLABk1eFElrec`
Imports Hash	`63e5ceb1f07221fa9448d107ccf4ab5f`

DOS Header

e_magic	`MZ`
e_cblp	`0`
e_cp	`0`
e_crlc	`0`
e_cparhdr	`0`
e_minalloc	`0`
e_maxalloc	`0`
e_ss	`0`
e_sp	`0`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0x40`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_I386`
NumberofSections	`10`
TimeDateStamp	1970-Jan-01 00:00:00
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xe0`
Characteristics	`IMAGE_FILE_32BIT_MACHINE` `IMAGE_FILE_EXECUTABLE_IMAGE`

Image Optional Header

Magic	`PE32`
LinkerVersion	`14.0`
SizeOfCode	`0x87c00`
SizeOfInitializedData	`0x32000`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x00097FD6 (Section: .text)`
BaseOfCode	`0x30000`
BaseOfData	`0`
ImageBase	`0x400000`
SectionAlignment	`0x1000`
FileAlignment	`0x200`
OperatingSystemVersion	`5.1`
ImageVersion	`0.0`
SubsystemVersion	`5.1`
Win32VersionValue	`0`
SizeOfImage	`0xc2400`
SizeOfHeaders	`0x400`
Checksum	`0xc3524`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
DllCharacteristics	`IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE` `IMAGE_DLLCHARACTERISTICS_NO_BIND` `IMAGE_DLLCHARACTERISTICS_NX_COMPAT` `IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE`
SizeofStackReserve	`0x100000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.00cfg

MD5	`f259dc71989c087d773bb22d98d00c08`
SHA1	`2d550b45afa79728f20a6056a861a0459070e360`
SHA256	`124260008a5195caf63beac4b1e3c56656efe047f9d5b00c0f7d130c77d32ab1`
SHA3	`a4fcc2d7f3cf5e310175cb82ae79ec92dda4573a546c9f0049aca545aba9d7c2`
VirtualSize	`0x4`
VirtualAddress	`0x1000`
SizeOfRawData	`0x200`
PointerToRawData	`0x400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`0.0611629`

.rdata

MD5	`6137a1e1e40b38a858e1dbcdc94bb9b3`
SHA1	`477fa6d292789ed21ba13d636edbbb3063a826e2`
SHA256	`3ec184532f07244c04f6e68da188771567ac16b102fc15e353e7b304a0a83886`
SHA3	`fc21675d36a201f45abf7ea9454990f9209c81b9b5bd3089bcf3bdf629915c93`
VirtualSize	`0x24720`
VirtualAddress	`0x2000`
SizeOfRawData	`0x24800`
PointerToRawData	`0x600`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`6.00749`

.bss

MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
SHA3	`a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a`
VirtualSize	`0x3aa4`
VirtualAddress	`0x27000`
SizeOfRawData	`0`
PointerToRawData	`0`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_UNINITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`

.data

MD5	`b0e12d1ecfd795d5b2233397803ff781`
SHA1	`33d195ed91ee36d9eaa28f5c9fce977fd0b12fe2`
SHA256	`7545b9c58bb5ed3b34d19bcc415ca9fb606f95dd1106adcb2d9862291647eeba`
SHA3	`0db263c81d214e1587e9a2cfbdf2e1209f975215f2c5e0958df7e82012fe83cf`
VirtualSize	`0xb90`
VirtualAddress	`0x2b000`
SizeOfRawData	`0xc00`
PointerToRawData	`0x24e00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`2.7255`

.gfids

MD5	`8f4f081c51c6c085fbd11bbb240d8cc3`
SHA1	`c05023eb811da7484263015e94ef09d681b02ad8`
SHA256	`bb1e5445adfd0dd3c1402f876052e022b641e4a72eae0246ef2d26ba3ed18d6d`
SHA3	`44850d24195cacf0b5db58f0d4890c428bd93ab2c510fafa1ddf69adb1168572`
VirtualSize	`0xb4`
VirtualAddress	`0x2c000`
SizeOfRawData	`0x200`
PointerToRawData	`0x25a00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`1.96867`

.rsrc

MD5	`ab42cc7cf75d482537eed8f768de3eea`
SHA1	`173dfb545db28c0d6ff095b5b3bf7cc967a1dd86`
SHA256	`a49cf2a7ac5d293d16f0f42e4101fbea32ce4b4aa267be054c7071e9e17312c6`
SHA3	`ecb25dda4cb0cf3fa2909db0c2f73ffac68bf3072770377e12cfb42350201814`
VirtualSize	`0x2eb0`
VirtualAddress	`0x2d000`
SizeOfRawData	`0x3000`
PointerToRawData	`0x25c00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`3.93376`

.text

MD5	`a3d8e799589afc96dc60ae9d72edf9ce`
SHA1	`75eada43c7aa5074f3b3e518f9963fb1bc447393`
SHA256	`50f3546f3c0462e88f927a1aaced059c53086d0f57faaf341f8246c90b6e7ff8`
SHA3	`37ba93484641f45791d3a9f7315542adb6404886c9abc13aa007ea46be190ae1`
VirtualSize	`0x87ba6`
VirtualAddress	`0x30000`
SizeOfRawData	`0x87c00`
PointerToRawData	`0x28c00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`6.58712`

.xdata

MD5	`3f543047b90105493a0dd96bda226c5c`
SHA1	`20d305d70568cf6f05d13666bd040a36bc571e49`
SHA256	`ce349f8f4063be7cb833ea2ec62362c1c0265fd978a296e34a3e6ca15e6a91e5`
SHA3	`8a8ac958d24945443796bc42649dd129eabde2bd9cf48ee54a6a9db25610d0a4`
VirtualSize	`0x60c`
VirtualAddress	`0xb8000`
SizeOfRawData	`0x800`
PointerToRawData	`0xb0800`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`2.01875`

.idata

MD5	`1ef597bde49856f2412923dd8d705766`
SHA1	`8d7567546ef090a466005ac22e4cb8276d884496`
SHA256	`fb709f9708a4f0421c604392b037c12081ce010011e3a33a18cc45a297acf60f`
SHA3	`6546d0b19c05f1193b1504df2b283ba1a95f22b4ec8e66324d505daf18f0786f`
VirtualSize	`0x20d0`
VirtualAddress	`0xb9000`
SizeOfRawData	`0x2200`
PointerToRawData	`0xb1000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`5.56381`

.reloc

MD5	`a7e511e35001dbff70a33cf799883d1c`
SHA1	`f363600044340241e0711377ac9530a1e6ee88b5`
SHA256	`eaedf0bea6437cb78ca5449d35fa27b09e513f8d0ec128c686002dcbf38e1145`
SHA3	`97c6bd7c5bfc938d36551cf11d3494805159e6cf71bc31435b5f6f8be1b38bde`
VirtualSize	`0x6db4`
VirtualAddress	`0xbc000`
SizeOfRawData	`0x6e00`
PointerToRawData	`0xb3200`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_DISCARDABLE` `IMAGE_SCN_MEM_READ`
Entropy	`6.72871`

Imports

GDI32.dll	`CreateBitmap` `CreateCompatibleBitmap` `CreateCompatibleDC` `CreateFontA` `CreateFontIndirectA` `CreatePalette` `CreatePen` `CreateSolidBrush` `DeleteDC` `DeleteObject` `ExcludeClipRect` `ExtTextOutA` `ExtTextOutW` `GetBkMode` `GetCharABCWidthsFloatA` `GetCharWidth32A` `GetCharWidth32W` `GetCharWidthA` `GetCharWidthW` `GetCharacterPlacementW` `GetDeviceCaps` `GetObjectA` `GetPixel` `GetStockObject` `GetTextExtentExPointA` `GetTextExtentPoint32A` `GetTextMetricsA` `IntersectClipRect` `LineTo` `MoveToEx` `Polyline` `RealizePalette` `Rectangle` `SelectObject` `SelectPalette` `SetBkColor` `SetBkMode` `SetMapMode` `SetPaletteEntries` `SetPixel` `SetTextAlign` `SetTextColor` `TextOutA` `TranslateCharsetInfo` `UnrealizeObject` `UpdateColors`
USER32.dll	`AppendMenuA` `BeginPaint` `CheckDlgButton` `CheckMenuItem` `CheckRadioButton` `CloseClipboard` `CreateCaret` `CreateDialogParamA` `CreateMenu` `CreatePopupMenu` `CreateWindowExA` `CreateWindowExW` `DefDlgProcA` `DefWindowProcA` `DefWindowProcW` `DeleteMenu` `DestroyCaret` `DestroyWindow` `DialogBoxParamA` `DispatchMessageA` `DispatchMessageW` `DrawEdge` `EmptyClipboard` `EnableMenuItem` `EnableWindow` `EndDialog` `EndPaint` `FindWindowA` `FlashWindow` `GetCapture` `GetCaretBlinkTime` `GetClientRect` `GetClipboardData` `GetClipboardOwner` `GetCursorPos` `GetDC` `GetDesktopWindow` `GetDlgItem` `GetDlgItemTextA` `GetDoubleClickTime` `GetForegroundWindow` `GetKeyboardLayout` `GetKeyboardState` `GetMessageA` `GetMessageTime` `GetParent` `GetQueueStatus` `GetScrollInfo` `GetSysColor` `GetSystemMenu` `GetSystemMetrics` `GetWindowLongA` `GetWindowPlacement` `GetWindowRect` `GetWindowTextA` `GetWindowTextLengthA` `HideCaret` `InsertMenuA` `InvalidateRect` `IsDialogMessageA` `IsDlgButtonChecked` `IsIconic` `IsWindow` `IsZoomed` `KillTimer` `LoadCursorA` `LoadIconA` `MapDialogRect` `MessageBeep` `MessageBoxA` `MessageBoxIndirectA` `MoveWindow` `MsgWaitForMultipleObjects` `OpenClipboard` `PeekMessageA` `PeekMessageW` `PostMessageA` `PostQuitMessage` `RegisterClassA` `RegisterClassW` `RegisterClipboardFormatA` `RegisterWindowMessageA` `ReleaseCapture` `ReleaseDC` `ScreenToClient` `SendDlgItemMessageA` `SendMessageA` `SetActiveWindow` `SetCapture` `SetCaretPos` `SetClassLongA` `SetClipboardData` `SetCursor` `SetDlgItemTextA` `SetFocus` `SetForegroundWindow` `SetKeyboardState` `SetScrollInfo` `SetTimer` `SetWindowLongA` `SetWindowPlacement` `SetWindowPos` `SetWindowTextA` `ShowCaret` `ShowCursor` `ShowWindow` `SystemParametersInfoA` `ToAsciiEx` `TrackPopupMenu` `TranslateMessage` `UpdateWindow` `WinHelpA`
COMDLG32.dll	`ChooseColorA` `ChooseFontA` `GetOpenFileNameA` `GetSaveFileNameA`
SHELL32.dll	`ShellExecuteA`
ole32.dll	`CoCreateInstance` `CoInitialize` `CoUninitialize`
IMM32.dll	`ImmGetCompositionStringW` `ImmGetContext` `ImmReleaseContext` `ImmSetCompositionFontA` `ImmSetCompositionWindow`
ADVAPI32.dll	`AllocateAndInitializeSid` `CopySid` `EqualSid` `GetLengthSid` `GetUserNameA` `InitializeSecurityDescriptor` `RegCloseKey` `RegCreateKeyA` `RegCreateKeyExA` `RegDeleteKeyA` `RegDeleteValueA` `RegEnumKeyA` `RegOpenKeyA` `RegQueryValueExA` `RegSetValueExA` `SetSecurityDescriptorDacl` `SetSecurityDescriptorOwner`
KERNEL32.dll	`Beep` `ClearCommBreak` `CloseHandle` `CompareStringW` `ConnectNamedPipe` `CreateEventA` `CreateFileA` `CreateFileMappingA` `CreateFileW` `CreateMutexA` `CreateNamedPipeA` `CreatePipe` `CreateProcessA` `CreateThread` `DecodePointer` `DeleteCriticalSection` `DeleteFileA` `EnterCriticalSection` `ExitProcess` `FindClose` `FindFirstFileA` `FindFirstFileExA` `FindNextFileA` `FlushFileBuffers` `FormatMessageA` `FreeEnvironmentStringsW` `FreeLibrary` `GetACP` `GetCPInfo` `GetCommState` `GetCommandLineA` `GetCommandLineW` `GetConsoleCP` `GetConsoleMode` `GetCurrentDirectoryA` `GetCurrentProcess` `GetCurrentProcessId` `GetCurrentThread` `GetCurrentThreadId` `GetDateFormatW` `GetEnvironmentStringsW` `GetEnvironmentVariableA` `GetFileType` `GetLastError` `GetLocalTime` `GetLocaleInfoA` `GetModuleFileNameA` `GetModuleFileNameW` `GetModuleHandleA` `GetModuleHandleExW` `GetModuleHandleW` `GetOEMCP` `GetOverlappedResult` `GetProcAddress` `GetProcessHeap` `GetProcessTimes` `GetStartupInfoW` `GetStdHandle` `GetStringTypeW` `GetSystemDirectoryA` `GetSystemTime` `GetSystemTimeAdjustment` `GetSystemTimeAsFileTime` `GetThreadTimes` `GetTickCount` `GetTimeFormatW` `GetTimeZoneInformation` `GetVersionExA` `GetWindowsDirectoryA` `GlobalAlloc` `GlobalFree` `GlobalLock` `GlobalMemoryStatus` `GlobalUnlock` `HeapAlloc` `HeapFree` `HeapReAlloc` `HeapSize` `InitializeCriticalSectionAndSpinCount` `InitializeSListHead` `IsDBCSLeadByteEx` `IsDebuggerPresent` `IsProcessorFeaturePresent` `IsValidCodePage` `LCMapStringW` `LeaveCriticalSection` `LoadLibraryA` `LoadLibraryExA` `LoadLibraryExW` `LocalAlloc` `LocalFree` `MapViewOfFile` `MulDiv` `MultiByteToWideChar` `OpenProcess` `OutputDebugStringW` `QueryPerformanceCounter` `RaiseException` `ReadConsoleW` `ReadFile` `ReleaseMutex` `RtlUnwind` `SetCommBreak` `SetCommState` `SetCommTimeouts` `SetCurrentDirectoryA` `SetEndOfFile` `SetEnvironmentVariableA` `SetEvent` `SetFilePointerEx` `SetHandleInformation` `SetLastError` `SetStdHandle` `SetUnhandledExceptionFilter` `TerminateProcess` `TlsAlloc` `TlsFree` `TlsGetValue` `TlsSetValue` `UnhandledExceptionFilter` `UnmapViewOfFile` `WaitForSingleObject` `WaitForSingleObjectEx` `WaitNamedPipeA` `WideCharToMultiByte` `WriteConsoleW` `WriteFile`

Delayed Imports

1

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x128`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.74321`
MD5	`84660bec1eeebe3ad61960f5b6785077`
SHA1	`38a40c423383d9e79664115cf1bfea6369e82dad`
SHA256	`89101ef80cb32eccdb988e8ea35f93fe4c04923023ad5c9d09d6dbaadd238073`
SHA3	`c423144290bb9d9273fb83be08980440a3c2cbb0dca4e170f8a7db81b2bedbfb`

2

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x2e8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.98271`
MD5	`7d4cff360d2871fed319ecef64aa7d3d`
SHA1	`d7b7f55cbc2db4fad3018b6f068f1d56b1b2f88b`
SHA256	`8130832a780a7c334abfaaf3fce44fd99b2b8cff2e6d652764f4180472aeba74`
SHA3	`74045787c0b1a9cd244e4915f8121f761c4f3bd3afadaf720da5cef4eb4be380`

3

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x668`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.67905`
MD5	`401c9b96e28a617d87b18f017e47e714`
SHA1	`15e92225acb8fb97731c2bf55b7ae535d1a04043`
SHA256	`fcab313f71a454c02f47579f088001b972056019c2077da20c54473def350549`
SHA3	`d464f12be5ff5584404967fabd1c380a396908062b4823eb99e7e122dbc236d7`

4

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0xb0`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.38964`
MD5	`1899fdd1a312061843a64f2dc3fb9bd2`
SHA1	`5c81855117b20af2a5b7405a3a875564b7601d33`
SHA256	`549e2b61d82d10da12bc640ff22dbe352087d641c391fe382f7665847066c31a`
SHA3	`3909e0f0041a56a52ec3a2094d2fb33cd7389b68f551ce4b94300f66e5427bac`

5

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x130`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.48609`
MD5	`ff8720e524b5fd54f831d5051e37017a`
SHA1	`eb680d020357a6a7aea93e8c617205a9bd673b58`
SHA256	`14528797e8c9c18854e9e5340c0453f608f83f63de0961e25c0528583c9fe781`
SHA3	`90860f98bb96b9bc2d537ab29e9063690a553019ceb55d6f2721edb5d06a9a7f`

6

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x330`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.62978`
MD5	`cec32b23e7b9942c91b7d943369d82d3`
SHA1	`cc936495e775e943954d3e0209ec87c715abe110`
SHA256	`90ce310a4f670171b69ba82f780064dccd25c92ff92cfeebb41f69b19008111a`
SHA3	`6450647b46175493d84ba14b12f84928309b81f4618d95a94df980c75acd565a`

7

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x128`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.16607`
MD5	`24fa9e5d440f1eb2741c3ff69bcf0066`
SHA1	`176a233a5af1f19b578f4ff28b30abb5b35703fa`
SHA256	`ca6932144ee553c7df83805a932ca120d4a6458fda707ad92b758ade870bbff5`
SHA3	`7d89863c42b1bfcef049d2b1f9f3e295d8ad4d08d4d0b8f91ccdc89b8f2fd684`

8

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x2e8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.57192`
MD5	`88ae047b639324c0c2532300cce7761e`
SHA1	`db8418aeb902e55c805617aaca62b5148f25f385`
SHA256	`40d176e64a8772483202fa25b4d7ef89341ddfb3b0c168d762fc1f86c35abae7`
SHA3	`aff6159d87a79321c53dfba65f1fa7d25cf1cd9fbc98c136cef94bf0b69ef0f4`

9

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x668`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.24629`
MD5	`d814ed55a8ec423c506a097ed5452e1c`
SHA1	`3199ef73669357b3176967cf729689ffdf506b12`
SHA256	`a8085f0bf68db8adc5aab891081cb87d3089a4dff05d3359047c503f17510559`
SHA3	`547ea078849cd72726d9b23aa04f61023fa4e6ae2796cacb09a42449f51eec44`

10

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0xb0`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.59447`
MD5	`1bcd2ac1427e73b3a2616488fcb926e9`
SHA1	`41f1b135dba51510b2eb89108500a54d624107b9`
SHA256	`0fee484eb60dac53c69ca37b3d0fe76d75a1c927f5adc1db82949a3fd63c116c`
SHA3	`a94d7c044505574da9e6396e020e037b4ec017ea42434110be12eeba60cc7773`

11

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x130`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.131`
MD5	`000e79a9829ed30a66c9e9f46b630867`
SHA1	`bb080b9a8f1c3e44cfc93651bc84841615278c5a`
SHA256	`09aeee834e20c34531786e0db7a69eb388d3365b1f06d2e9bfea30c6fe2a49e5`
SHA3	`d19f1f5d1aa0c4262c651cf72b30b46493c9f0e8451e57e795cb476c9e03a3c1`

12

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x330`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.12285`
MD5	`6d9fd0eb34bb2598e10c2885d4c4a74e`
SHA1	`70a4473f857c959408dafba7a616c9baaf4626b7`
SHA256	`a0ac1114637fa796329b357fda4dcb1d6986ee0c8735b6072439322e86eb1a21`
SHA3	`a1d3545ab5b2416703e70ff48f8ecbca04edee92410cd2513444b4d7aded867d`

102

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0x76`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.184`
MD5	`9254cdf0aa451e7695a1b3cb40a73f8b`
SHA1	`20895d821e46563f997390aab74b99348fe069c6`
SHA256	`19f2770133fd7e108702dc59f40e20533acc8943ef54161dda46ea18781963e9`
SHA3	`b4f2cc49026812096abc69a426862e01c3393cc1ef21cdc24375173132a92448`

110

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0xba`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.31878`
MD5	`1e765c553e8c1c3c6ec35855247b47a9`
SHA1	`10510dc04fc29b33943420c9399fcb8d9154ab59`
SHA256	`0d9e394d80fc7df4aa10f0e96cad4a477a035a250fcfb59a91cd16dbca8381a8`
SHA3	`5de7600840998959a30322eea3f0737518fea3a747285077fac90f372b4ce968`

111

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0xfa`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.42355`
MD5	`940958bf7a44fe1b07800f9254d0e246`
SHA1	`0f1f143f42ad6fa17f488325753b8e4d2f4cb893`
SHA256	`9dd425f4a7be20de7b1ec5dbee63b3ab01863475847f68235e79c5b6656fe9de`
SHA3	`3c0b7b13f0f138095a4769703de13ea54499ac83107e4e00fc62e247c52c930b`

113

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0x8a`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.27848`
MD5	`27fe04e4fd30bd7b72bb11fbc744a4f7`
SHA1	`e8ae1d7a18b0285949a147d353462aca89e5bb34`
SHA256	`283c94e4e8421ef31e30a6178d3f4af99d9c7d02d0fb8dc75d972d648fc44928`
SHA3	`5bb93de7d72d6d11eb0945b1b8bbe93a167948c129685e06a2369540824d9ea1`

200

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x5a`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.74417`
Detected Filetype	Icon file
MD5	`d148c75e59377aa79c180396f45f355c`
SHA1	`b0b26cad3bc43856c4de4bcb92e54dce6bf1f6f7`
SHA256	`ef77555c4d1e769f6748372d39d8422b85e6af8f11c8a811c82ce78a87cc8c9d`
SHA3	`e87f2a758ae18abe7e030c83b7d0b1e53c08b6b448376f9e954b53967f547bf5`

201

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x5a`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.92968`
Detected Filetype	Icon file
MD5	`9e81388befd1d4f93e209377728cb884`
SHA1	`4f7f26481375e507ac0045c531d8080586cc00f4`
SHA256	`383ca4cb5b95add3073e2cd86e4c5d62477d81bc80e0066da0919a1005f5033c`
SHA3	`29e35edf9c489ed74f8ae22c4e8ffc50cf11c6ca7607012da0ddcae96c53ba71`

1 (#2)

Type	`RT_VERSION`
Language	English - United States
Codepage	UNKNOWN
Size	`0x2fc`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.36208`
MD5	`7c0e20cd2d1a058de8d25d884a685c28`
SHA1	`faa5373acb04a7a3808cf08713d1797c71037d06`
SHA256	`73dbb62a2ee25074ba7c0a82d4c47410edc638aa50822fc58f75e6946b6e159f`
SHA3	`04a5b9bde466ba0b7b2ddfa64ab9222d214c1825b57cefe72e8acb3a49040a9c`

1 (#3)

Type	`RT_MANIFEST`
Language	English - United States
Codepage	UNKNOWN
Size	`0x4cf`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.83462`
MD5	`44a9b9ab353aa5b1e1603e9dbc36673e`
SHA1	`43a593bd6e37c94a81072ebd92d10d6c0c8328d6`
SHA256	`d28a8a17e97e518e79e3f52ba939687e23d93bf1ed788f30dbd7b210531cfd59`
SHA3	`25eb878fbeefa665dc228c7cd52f1ef8f150827841b33fa74a142e20e1da7c08`

Version Info

Signature	`0xfeef04bd`
StructVersion	`0x10000`
FileVersion	0.70.0.0
ProductVersion	0.70.0.0
FileFlags	`(EMPTY)`
FileOs	`VOS_DOS_WINDOWS32` `VOS_NT_WINDOWS32` `VOS__WINDOWS32`
FileType	`VFT_APP`
Language	English - United Kingdom
CompanyName	Simon Tatham
ProductName	PuTTY suite
FileDescription	SSH, Telnet and Rlogin client
InternalName	PuTTY
OriginalFilename	PuTTY
FileVersion (#2)	Release 0.70
ProductVersion (#2)	Release 0.70
LegalCopyright	Copyright © 1997-2017 Simon Tatham.

Resource LangID	English - United States

TLS Callbacks

Load Configuration

Size	`0x5c`
TimeDateStamp	`1970-Jan-01 00:00:00`
Version	`0.0`
GlobalFlagsClear	`(EMPTY)`
GlobalFlagsSet	`(EMPTY)`
CriticalSectionDefaultTimeout	`0`
DeCommitFreeBlockThreshold	`0`
DeCommitTotalFreeThreshold	`0`
LockPrefixTable	`0`
MaximumAllocationSize	`0`
VirtualMemoryThreshold	`0`
ProcessAffinityMask	`0`
ProcessHeapFlags	`(EMPTY)`
CSDVersion	`0`
Reserved1	`0`
EditList	`0`
SecurityCookie	`0x42b238`
SEHandlerTable	`0x400000`
SEHandlerCount	`0`

RICH Header

Errors

[!] Error: Could not read a WIN_CERTIFICATE's data.
[*] Warning: Section .bss has a size of 0!