f838fdafd0881cf1e6040a07d78e840d

Summary

Architecture IMAGE_FILE_MACHINE_AMD64
Subsystem IMAGE_SUBSYSTEM_WINDOWS_GUI
Compilation Date 2022-Oct-28 17:25:37
Detected languages English - United Kingdom
English - United States
CompanyName Simon Tatham
ProductName PuTTY suite
FileDescription SSH, Telnet, Rlogin, and SUPDUP client
InternalName PuTTY
OriginalFilename PuTTY
FileVersion Release 0.78 (with embedded help)
ProductVersion Release 0.78
LegalCopyright Copyright © 1997-2022 Simon Tatham.

Plugin Output

Info Interesting strings found in the binary: Contains domain names:
  • chiark.greenend.org.uk
  • demo-server.example.com
  • example.com
  • greenend.org.uk
  • https://www.chiark.greenend.org.uk
  • https://www.chiark.greenend.org.uk/
  • libssh.org
  • lysator.liu.se
  • openssh.com
  • projects.tartarus.org
  • putty.projects.tartarus.org
  • server.example.com
  • tartarus.org
  • www.chiark.greenend.org.uk
Info Cryptographic algorithms detected in the binary: Uses constants related to MD5
Uses constants related to SHA1
Uses constants related to SHA256
Uses constants related to SHA512
Uses constants related to Blowfish
Uses known Diffie-Helman primes
Suspicious The PE is possibly packed. Unusual section name found: .gxfg
Suspicious The PE contains functions most legitimate programs don't use. [!] The program may be hiding some of its imports:
  • GetProcAddress
  • LoadLibraryA
  • LoadLibraryExA
  • LoadLibraryExW
 Functions which can be used for anti-debugging purposes:
  • FindWindowA
 Can access the registry:
  • RegCloseKey
  • RegCreateKeyExA
  • RegDeleteKeyA
  • RegEnumKeyA
  • RegOpenKeyA
  • RegOpenKeyExA
  • RegQueryValueExA
  • RegSetValueExA
 Possibly launches other programs:
  • CreateProcessA
  • ShellExecuteA
 Can create temporary files:
  • CreateFileA
  • CreateFileW
  • GetTempPathA
 Manipulates other processes:
  • OpenProcess
 Can take screenshots:
  • BitBlt
  • CreateCompatibleDC
  • FindWindowA
  • GetDC
 Reads the contents of the clipboard:
  • GetClipboardData
Info The PE is digitally signed. Signer: Simon Tatham
Issuer: Sectigo Public Code Signing CA R36
Suspicious VirusTotal score: 1/56 (Scanned on 2022-12-16 15:37:02) Zillya: Trojan.GenCBL.Win32.10232

Hashes

MD5 f838fdafd0881cf1e6040a07d78e840d
SHA1 2a35456b2f67bd12905378beb6eaf373f6a0d0d1
SHA256 fc6f9dbdf4b9f8dd1f5f3a74cb6e55119d3fe2c9db52436e10ba07842e6c3d7c
SHA3 05622bca1e5b21a623934e89fc3dae795f1ac03a4bbc5a1d83fa3a47026cadf8
SSDeep 49152:TDXOPFJK9bbYF8paMB8QMy3bHwPXNg/7UyW+ekBeZmn:T0WhreNg/X
Imports Hash 69573714e11441683ea863c40a1c0d54

DOS Header

e_magic MZ
e_cblp 0x78
e_cp 0x1
e_crlc 0
e_cparhdr 0x4
e_minalloc 0
e_maxalloc 0
e_ss 0
e_sp 0
e_csum 0
e_ip 0
e_cs 0
e_ovno 0
e_oemid 0
e_oeminfo 0
e_lfanew 0x78

PE Header

Signature PE
Machine IMAGE_FILE_MACHINE_AMD64
NumberofSections 10
TimeDateStamp 2022-Oct-28 17:25:37
PointerToSymbolTable 0
NumberOfSymbols 0
SizeOfOptionalHeader 0xf0
Characteristics IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Image Optional Header

Magic PE32+
LinkerVersion 14.0
SizeOfCode 0xe5a00
SizeOfInitializedData 0xa7000
SizeOfUninitializedData 0
AddressOfEntryPoint 0x00000000000B8814 (Section: .text)
BaseOfCode 0x1000
ImageBase 0x140000000
SectionAlignment 0x1000
FileAlignment 0x200
OperatingSystemVersion 6.0
ImageVersion 0.0
SubsystemVersion 6.0
Win32VersionValue 0
SizeOfImage 0x196000
SizeOfHeaders 0x400
Checksum 0x19a844
Subsystem IMAGE_SUBSYSTEM_WINDOWS_GUI
DllCharacteristics IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
SizeofStackReserve 0x100000
SizeofStackCommit 0x1000
SizeofHeapReserve 0x100000
SizeofHeapCommit 0x1000
LoaderFlags 0
NumberOfRvaAndSizes 16

.text

MD5 5f769ef8c49ab49fcaaf4201519b5fcb
SHA1 0c5d01476632e62875242dcae11c7c56ed329f46
SHA256 bf9d3034228cddf0437afc7d6b8532ec02b8839ff4fd50d3d09810ae7ebd7ee3
SHA3 dd4375b79bfc3b036e8c56c4e0c48b57294c923a5b95327b3bf26fed8e119848
VirtualSize 0xe5966
VirtualAddress 0x1000
SizeOfRawData 0xe5a00
PointerToRawData 0x400
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
Entropy 6.4513

.rdata

MD5 228a69366bb3b0ca24b9bb33e23f209d
SHA1 4efe89a368da0813be67995396c41b0c6766b7fa
SHA256 742b83ffd91d023c407fc1509cc320ea03e92b3651bfa357f11969fb3203b85f
SHA3 69567ad30d0df372f3b1a78c7063ea3ee4040ecd66369c56c0f9c6927de61833
VirtualSize 0x3ffbc
VirtualAddress 0xe7000
SizeOfRawData 0x40000
PointerToRawData 0xe5e00
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Entropy 5.48873

.data

MD5 4552ecc4335e4e6c837f618d7665b75c
SHA1 448f016cf868272090de0b8c6afeedf0e5d1cc0e
SHA256 5cb8269c3e5fd02f9cf282cbc74c5a1a0cb59f63475f5457dcbfdabc1711a857
SHA3 5fa501b340bd22b71fbabd7818295bc099845e25a2e930267a86ffebcd396b08
VirtualSize 0x559c
VirtualAddress 0x127000
SizeOfRawData 0x1000
PointerToRawData 0x125e00
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Entropy 2.10101

.pdata

MD5 c26d83979f377ef59900bfe49426a79b
SHA1 1646128f49c3b76fa26ce937ee05f9083347a550
SHA256 f7018191db2730f4f120633886d6ef0b314d0df8331300f0ba544034b864eb7f
SHA3 cb421175019a1a13e078b41e19bbb980cec090dd71a47b41b3f3b4440dd730d3
VirtualSize 0x6c78
VirtualAddress 0x12d000
SizeOfRawData 0x6e00
PointerToRawData 0x126e00
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Entropy 5.80987

.00cfg

MD5 40f36a6b3af5d5530c69bfdecf864b10
SHA1 fedeac3565eba5b9b7af3443d9ea72558569754f
SHA256 df889ca747385eb0cf307c90589a4616c95779cb068a627a121514b1f6271e80
SHA3 7d7bd50683e2d042eba16ea6c9efa33f5389313ee29569dde7493067f952fad4
VirtualSize 0x38
VirtualAddress 0x134000
SizeOfRawData 0x200
PointerToRawData 0x12dc00
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Entropy 0.509186

.gxfg

MD5 ba6aa0a7bdc8ed78db6dee460f93c19c
SHA1 db1617623ea4714660fec9e14b0b915925eb1af0
SHA256 134968cfefa4b1c00991e617c983c7e1c9c3956193538a9e9e38d54b485b0610
SHA3 e72a87b8275cfec21e75685a5e92e28e16ce7bf7bba4312f49e2f8ab22f9567e
VirtualSize 0x2a60
VirtualAddress 0x135000
SizeOfRawData 0x2c00
PointerToRawData 0x12de00
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Entropy 5.09922

.tls

MD5 bf619eac0cdf3f68d496ea9344137e8b
SHA1 5c3eb80066420002bc3dcc7ca4ab6efad7ed4ae5
SHA256 076a27c79e5ace2a3d47f9dd2e83e4ff6ea8872b3c2218f66c92b89b55f36560
SHA3 622de1e1568ddef36c4b89b706b05201c13481c3575d0fc804ff8224787fcb59
VirtualSize 0x11
VirtualAddress 0x138000
SizeOfRawData 0x200
PointerToRawData 0x130a00
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Entropy 0

_RDATA

MD5 753e5628bf2dcb4275789c2fc7e2e79e
SHA1 e11a0ef757b79dea492f90b9d897d15ae9bb6d7e
SHA256 a25cb00b899f12bed3111f31b22a67fe206c7832b2b895ae218314661ca1662a
SHA3 283f098501ba742404a34ddeec20ef9b2123950070aac9fe755aaa622b7988e9
VirtualSize 0x15c
VirtualAddress 0x139000
SizeOfRawData 0x200
PointerToRawData 0x130c00
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Entropy 3.31688

.rsrc

MD5 dfbd22fca67f9611b87ddddd71534df4
SHA1 105827717afb06758e6196007fdcd4732e98df5f
SHA256 bbe50bcfa331ee2b27f6e2ce1815b9b215c620d5bfb989bef2f8e726c7bcfb14
SHA3 c97ec63b0f8303bf96aba80474c9e9a3b79e22b0098dbd601f7ddfd679826e27
VirtualSize 0x59f58
VirtualAddress 0x13a000
SizeOfRawData 0x5a000
PointerToRawData 0x130e00
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Entropy 7.82481

.reloc

MD5 88eac11a0a4c1e5b663c8d97c226e5b9
SHA1 16aadccd67409ca099042a09b74d14919eb82e97
SHA256 79d823557fbfdb4ff7c841ac41cf1ea6d788afffdfc2abe54bb4a57ed7621467
SHA3 216fd9f7f9e9a72a4b9c6906fc0f5d5600f4dc45e939a45b94a5af52dc2dbb58
VirtualSize 0x1ea8
VirtualAddress 0x194000
SizeOfRawData 0x2000
PointerToRawData 0x18ae00
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Entropy 5.39031

Imports

GDI32.dll BitBlt
CreateBitmap
CreateCompatibleBitmap
CreateCompatibleDC
CreateFontA
CreateFontIndirectA
CreatePalette
CreatePen
CreateSolidBrush
DeleteDC
DeleteObject
ExcludeClipRect
ExtTextOutA
ExtTextOutW
GetBkMode
GetCharABCWidthsFloatA
GetCharWidth32A
GetCharWidth32W
GetCharWidthA
GetCharWidthW
GetCharacterPlacementW
GetCurrentObject
GetDIBits
GetDeviceCaps
GetObjectA
GetOutlineTextMetricsA
GetPixel
GetStockObject
GetTextExtentExPointA
GetTextExtentPoint32A
GetTextMetricsA
IntersectClipRect
LineTo
MoveToEx
Polyline
RealizePalette
Rectangle
SelectObject
SelectPalette
SetBkColor
SetBkMode
SetMapMode
SetPaletteEntries
SetPixel
SetTextAlign
SetTextColor
TextOutA
TranslateCharsetInfo
UnrealizeObject
UpdateColors
IMM32.dll ImmGetCompositionStringW
ImmGetContext
ImmReleaseContext
ImmSetCompositionFontA
ImmSetCompositionWindow
ole32.dll CoCreateInstance
CoInitialize
CoUninitialize
USER32.dll AppendMenuA
BeginPaint
CheckDlgButton
CheckMenuItem
CheckRadioButton
CloseClipboard
CreateCaret
CreateDialogParamA
CreateMenu
CreatePopupMenu
CreateWindowExA
CreateWindowExW
DefDlgProcA
DefWindowProcA
DefWindowProcW
DeleteMenu
DestroyCaret
DestroyIcon
DestroyWindow
DialogBoxParamA
DispatchMessageA
DispatchMessageW
DrawEdge
DrawIconEx
EmptyClipboard
EnableMenuItem
EnableWindow
EndDialog
EndPaint
FindWindowA
FlashWindow
GetCapture
GetCaretBlinkTime
GetClientRect
GetClipboardData
GetClipboardOwner
GetCursorPos
GetDC
GetDesktopWindow
GetDlgItem
GetDlgItemTextA
GetDoubleClickTime
GetForegroundWindow
GetKeyboardLayout
GetKeyboardState
GetMessageA
GetMessageTime
GetParent
GetQueueStatus
GetScrollInfo
GetSysColor
GetSysColorBrush
GetSystemMenu
GetSystemMetrics
GetWindowLongPtrA
GetWindowPlacement
GetWindowRect
GetWindowTextA
GetWindowTextLengthA
HideCaret
InsertMenuA
InvalidateRect
IsDialogMessageA
IsDlgButtonChecked
IsIconic
IsWindow
IsZoomed
KillTimer
LoadCursorA
LoadIconA
LoadImageA
MapDialogRect
MessageBeep
MessageBoxA
MessageBoxIndirectA
MoveWindow
MsgWaitForMultipleObjects
OffsetRect
OpenClipboard
PeekMessageA
PeekMessageW
PostMessageA
PostQuitMessage
RegisterClassA
RegisterClassW
RegisterClipboardFormatA
RegisterWindowMessageA
ReleaseCapture
ReleaseDC
ScreenToClient
SendDlgItemMessageA
SendMessageA
SetActiveWindow
SetCapture
SetCaretPos
SetClassLongPtrA
SetClipboardData
SetCursor
SetDlgItemTextA
SetFocus
SetForegroundWindow
SetKeyboardState
SetScrollInfo
SetTimer
SetWindowLongPtrA
SetWindowPlacement
SetWindowPos
SetWindowTextA
SetWindowTextW
ShowCaret
ShowCursor
ShowWindow
SystemParametersInfoA
ToAsciiEx
TrackPopupMenu
TranslateMessage
UpdateWindow
KERNEL32.dll Beep
ClearCommBreak
CloseHandle
CompareStringW
ConnectNamedPipe
CreateEventA
CreateFileA
CreateFileMappingA
CreateFileW
CreateMutexA
CreateNamedPipeA
CreatePipe
CreateProcessA
CreateThread
DeleteCriticalSection
DeleteFileA
EncodePointer
EnterCriticalSection
EnumSystemLocalesW
ExitProcess
FindClose
FindFirstFileA
FindFirstFileExW
FindNextFileA
FindNextFileW
FindResourceA
FlsAlloc
FlsFree
FlsGetValue
FlsSetValue
FlushFileBuffers
FormatMessageA
FreeEnvironmentStringsW
FreeLibrary
GetACP
GetCPInfo
GetCommState
GetCommandLineA
GetCommandLineW
GetConsoleMode
GetConsoleOutputCP
GetCurrentDirectoryA
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetDateFormatW
GetEnvironmentStringsW
GetEnvironmentVariableA
GetFileSizeEx
GetFileType
GetLastError
GetLocalTime
GetLocaleInfoA
GetLocaleInfoW
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleExW
GetModuleHandleW
GetOEMCP
GetOverlappedResult
GetProcAddress
GetProcessHeap
GetProcessTimes
GetStartupInfoW
GetStdHandle
GetStringTypeW
GetSystemDirectoryA
GetSystemTimeAsFileTime
GetTempPathA
GetThreadTimes
GetTickCount
GetTimeFormatW
GetTimeZoneInformation
GetUserDefaultLCID
GetWindowsDirectoryA
GlobalAlloc
GlobalFree
GlobalLock
GlobalMemoryStatus
GlobalUnlock
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
InitializeSListHead
IsDBCSLeadByteEx
IsDebuggerPresent
IsProcessorFeaturePresent
IsValidCodePage
IsValidLocale
LCMapStringW
LeaveCriticalSection
LoadLibraryA
LoadLibraryExA
LoadLibraryExW
LoadResource
LocalAlloc
LocalFileTimeToFileTime
LocalFree
LockResource
MapViewOfFile
MulDiv
MultiByteToWideChar
OpenProcess
OutputDebugStringW
QueryPerformanceCounter
RaiseException
ReadConsoleW
ReadFile
ReleaseMutex
RtlCaptureContext
RtlLookupFunctionEntry
RtlPcToFileHeader
RtlUnwind
RtlUnwindEx
RtlVirtualUnwind
SetCommBreak
SetCommState
SetCommTimeouts
SetCurrentDirectoryA
SetEndOfFile
SetEnvironmentVariableW
SetEvent
SetFilePointerEx
SetHandleInformation
SetLastError
SetStdHandle
SetUnhandledExceptionFilter
SizeofResource
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
UnmapViewOfFile
WaitForSingleObject
WaitNamedPipeA
WideCharToMultiByte
WriteConsoleW
WriteFile
SHELL32.dll ShellExecuteA
COMDLG32.dll ChooseColorA
ChooseFontA
GetOpenFileNameA
GetSaveFileNameA
ADVAPI32.dll AllocateAndInitializeSid
CopySid
EqualSid
GetLengthSid
GetUserNameA
InitializeSecurityDescriptor
RegCloseKey
RegCreateKeyExA
RegDeleteKeyA
RegEnumKeyA
RegOpenKeyA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
SetSecurityDescriptorDacl
SetSecurityDescriptorOwner

Delayed Imports

1

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x128
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.74321
MD5 84660bec1eeebe3ad61960f5b6785077
SHA1 38a40c423383d9e79664115cf1bfea6369e82dad
SHA256 89101ef80cb32eccdb988e8ea35f93fe4c04923023ad5c9d09d6dbaadd238073
SHA3 c423144290bb9d9273fb83be08980440a3c2cbb0dca4e170f8a7db81b2bedbfb

2

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x2e8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.98271
MD5 7d4cff360d2871fed319ecef64aa7d3d
SHA1 d7b7f55cbc2db4fad3018b6f068f1d56b1b2f88b
SHA256 8130832a780a7c334abfaaf3fce44fd99b2b8cff2e6d652764f4180472aeba74
SHA3 74045787c0b1a9cd244e4915f8121f761c4f3bd3afadaf720da5cef4eb4be380

3

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x668
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.67905
MD5 401c9b96e28a617d87b18f017e47e714
SHA1 15e92225acb8fb97731c2bf55b7ae535d1a04043
SHA256 fcab313f71a454c02f47579f088001b972056019c2077da20c54473def350549
SHA3 d464f12be5ff5584404967fabd1c380a396908062b4823eb99e7e122dbc236d7

4

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0xb0
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.38964
MD5 1899fdd1a312061843a64f2dc3fb9bd2
SHA1 5c81855117b20af2a5b7405a3a875564b7601d33
SHA256 549e2b61d82d10da12bc640ff22dbe352087d641c391fe382f7665847066c31a
SHA3 3909e0f0041a56a52ec3a2094d2fb33cd7389b68f551ce4b94300f66e5427bac

5

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x130
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.48609
MD5 ff8720e524b5fd54f831d5051e37017a
SHA1 eb680d020357a6a7aea93e8c617205a9bd673b58
SHA256 14528797e8c9c18854e9e5340c0453f608f83f63de0961e25c0528583c9fe781
SHA3 90860f98bb96b9bc2d537ab29e9063690a553019ceb55d6f2721edb5d06a9a7f

6

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x330
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.62978
MD5 cec32b23e7b9942c91b7d943369d82d3
SHA1 cc936495e775e943954d3e0209ec87c715abe110
SHA256 90ce310a4f670171b69ba82f780064dccd25c92ff92cfeebb41f69b19008111a
SHA3 6450647b46175493d84ba14b12f84928309b81f4618d95a94df980c75acd565a

7

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x128
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.16607
MD5 24fa9e5d440f1eb2741c3ff69bcf0066
SHA1 176a233a5af1f19b578f4ff28b30abb5b35703fa
SHA256 ca6932144ee553c7df83805a932ca120d4a6458fda707ad92b758ade870bbff5
SHA3 7d89863c42b1bfcef049d2b1f9f3e295d8ad4d08d4d0b8f91ccdc89b8f2fd684

8

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x2e8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.57192
MD5 88ae047b639324c0c2532300cce7761e
SHA1 db8418aeb902e55c805617aaca62b5148f25f385
SHA256 40d176e64a8772483202fa25b4d7ef89341ddfb3b0c168d762fc1f86c35abae7
SHA3 aff6159d87a79321c53dfba65f1fa7d25cf1cd9fbc98c136cef94bf0b69ef0f4

9

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x668
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.24629
MD5 d814ed55a8ec423c506a097ed5452e1c
SHA1 3199ef73669357b3176967cf729689ffdf506b12
SHA256 a8085f0bf68db8adc5aab891081cb87d3089a4dff05d3359047c503f17510559
SHA3 547ea078849cd72726d9b23aa04f61023fa4e6ae2796cacb09a42449f51eec44

10

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0xb0
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.59447
MD5 1bcd2ac1427e73b3a2616488fcb926e9
SHA1 41f1b135dba51510b2eb89108500a54d624107b9
SHA256 0fee484eb60dac53c69ca37b3d0fe76d75a1c927f5adc1db82949a3fd63c116c
SHA3 a94d7c044505574da9e6396e020e037b4ec017ea42434110be12eeba60cc7773

11

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x130
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 4.131
MD5 000e79a9829ed30a66c9e9f46b630867
SHA1 bb080b9a8f1c3e44cfc93651bc84841615278c5a
SHA256 09aeee834e20c34531786e0db7a69eb388d3365b1f06d2e9bfea30c6fe2a49e5
SHA3 d19f1f5d1aa0c4262c651cf72b30b46493c9f0e8451e57e795cb476c9e03a3c1

12

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x330
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.12285
MD5 6d9fd0eb34bb2598e10c2885d4c4a74e
SHA1 70a4473f857c959408dafba7a616c9baaf4626b7
SHA256 a0ac1114637fa796329b357fda4dcb1d6986ee0c8735b6072439322e86eb1a21
SHA3 a1d3545ab5b2416703e70ff48f8ecbca04edee92410cd2513444b4d7aded867d

102

Type RT_DIALOG
Language English - United States
Codepage UNKNOWN
Size 0x76
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.03977
MD5 0a2c5ab8767275738e79922a882de64a
SHA1 31720966b798968da9f39f54de0ef3dd1ebc1f8a
SHA256 351948a69293ee808ea5d6189f242fc5789dd7dc7ecd64a4401c1d21bb35f16b
SHA3 826048c4e8bd66d10c2a5d9e048c341a3c7cc4f57e05b9ea0a727def01f9c4b1

110

Type RT_DIALOG
Language English - United States
Codepage UNKNOWN
Size 0xba
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.31878
MD5 1e765c553e8c1c3c6ec35855247b47a9
SHA1 10510dc04fc29b33943420c9399fcb8d9154ab59
SHA256 0d9e394d80fc7df4aa10f0e96cad4a477a035a250fcfb59a91cd16dbca8381a8
SHA3 5de7600840998959a30322eea3f0737518fea3a747285077fac90f372b4ce968

111

Type RT_DIALOG
Language English - United States
Codepage UNKNOWN
Size 0xfa
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.42355
MD5 940958bf7a44fe1b07800f9254d0e246
SHA1 0f1f143f42ad6fa17f488325753b8e4d2f4cb893
SHA256 9dd425f4a7be20de7b1ec5dbee63b3ab01863475847f68235e79c5b6656fe9de
SHA3 3c0b7b13f0f138095a4769703de13ea54499ac83107e4e00fc62e247c52c930b

113

Type RT_DIALOG
Language English - United States
Codepage UNKNOWN
Size 0x8a
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.27848
MD5 bbeef4707528834d9d145e7da5539109
SHA1 27a33fbb492a18eb28fd87f617cca24d26688257
SHA256 0e2ec7f3cf311724ba1021fc77efb9e95fa1f390a11cd830915b3b79ab8f843a
SHA3 ad1e6593041c8fd182db3b5628bb99cca61100e08f30890649334b0d1e8b7b1a

114

Type RT_DIALOG
Language English - United States
Codepage UNKNOWN
Size 0x1ae
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.44456
MD5 d926af68d3f47fac953a171c70342146
SHA1 bc1436fcf202edd544b78ddf8a2a08192ca5efdd
SHA256 adf1c4c1ebbd6459d183b17f4f5d4c4198de4e894c5736c3f7877ca30ff4a2b2
SHA3 6cec50f0dd5c73f80a62d2c78c0b0c1c58454d6a06b2cc2c1726eeabfd862f04

116

Type RT_DIALOG
Language English - United States
Codepage UNKNOWN
Size 0xde
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.43732
MD5 72838f04c596a295f460976cfe0042bf
SHA1 9586479afec0bd490fa0315856b0fc8de248d0e7
SHA256 1ab3e57d80640451d8a740855e7428cec54efc6e944f535050579553de386df4
SHA3 9544d2bad8448b93d80c44a9f8d21cf5f425a90e1abaea867109b125f73f4651

117

Type RT_DIALOG
Language English - United States
Codepage UNKNOWN
Size 0xa8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.18061
MD5 a9296f891d93d8716dc4dd38fc5f7a91
SHA1 fc4c987dd4e9ed81e4bfdbc037d9f95b1e065cac
SHA256 339d96b395e4251932e37fa9a4626724f41bac230c4f06ce0179ee1d9b52c4fc
SHA3 1e9d0c1be773ecd9d4d67ae378aca1f8ff8f45bafa4301fdbd05533d1245a8e0

200

Type RT_GROUP_ICON
Language English - United States
Codepage UNKNOWN
Size 0x5a
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.74417
Detected Filetype Icon file
MD5 d148c75e59377aa79c180396f45f355c
SHA1 b0b26cad3bc43856c4de4bcb92e54dce6bf1f6f7
SHA256 ef77555c4d1e769f6748372d39d8422b85e6af8f11c8a811c82ce78a87cc8c9d
SHA3 e87f2a758ae18abe7e030c83b7d0b1e53c08b6b448376f9e954b53967f547bf5

201

Type RT_GROUP_ICON
Language English - United States
Codepage UNKNOWN
Size 0x5a
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.92968
Detected Filetype Icon file
MD5 9e81388befd1d4f93e209377728cb884
SHA1 4f7f26481375e507ac0045c531d8080586cc00f4
SHA256 383ca4cb5b95add3073e2cd86e4c5d62477d81bc80e0066da0919a1005f5033c
SHA3 29e35edf9c489ed74f8ae22c4e8ffc50cf11c6ca7607012da0ddcae96c53ba71

1 (#2)

Type RT_VERSION
Language English - United States
Codepage UNKNOWN
Size 0x338
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.42072
MD5 92eb029fc5f0c51c32c8d88739427137
SHA1 ce50893ad302e3f653b5291db6130463f03bd334
SHA256 e0453fb70fda3c59bd2766fbd4d6bd77d03ea6f5e434cd8fba9c3ef4523f45f0
SHA3 f961dc6a7c71b0ff704da286a2aaa6d7b5e01455b08a54f4a88bb21ee7d66e8d

1 (#3)

Type RT_MANIFEST
Language English - United States
Codepage UNKNOWN
Size 0x559
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 4.83039
MD5 30d8f5958f077d3bfa0c2a5a524e39cb
SHA1 330d87b5196ababbc9680cf74b38a9e283b7b449
SHA256 998b3d94f46beec7085a426a39f242ff732c689c73c74e4ee8bb171c5d70d183
SHA3 830938f58d0a5f9ddb477a1cc6f70753a845abc09e69bfedff5800a635da9fe0

2000

Type UNKNOWN
Language English - United States
Codepage UNKNOWN
Size 0x56bcf
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.89081
Detected Filetype Microsoft Compiled HTML Help File
MD5 049ea3a7026e81a5bfc6c72f9882ebc1
SHA1 376a8da7de27ec78d3f49d7a24ef314cf5940216
SHA256 43dc8c2f70a22e1e5dbb0e5fb71bad60eb97eb0bb3b28a18a7a6233375ca17dd
SHA3 9b6e925bf1e9118c44661e2bcd4a7e4f6ca5d41dfc9525d374648cb8f1e00d73

Version Info

Signature 0xfeef04bd
StructVersion 0x10000
FileVersion 0.78.0.0
ProductVersion 0.78.0.0
FileFlags (EMPTY)
FileOs VOS_DOS_WINDOWS32
VOS_NT_WINDOWS32
VOS__WINDOWS32
FileType VFT_APP
Language English - United Kingdom
CompanyName Simon Tatham
ProductName PuTTY suite
FileDescription SSH, Telnet, Rlogin, and SUPDUP client
InternalName PuTTY
OriginalFilename PuTTY
FileVersion (#2) Release 0.78 (with embedded help)
ProductVersion (#2) Release 0.78
LegalCopyright Copyright © 1997-2022 Simon Tatham.
Resource LangID English - United States

TLS Callbacks

StartAddressOfRawData 0x140138000
EndAddressOfRawData 0x140138010
AddressOfIndex 0x14012b540
AddressOfCallbacks 0x140121150
SizeOfZeroFill 0
Characteristics IMAGE_SCN_ALIGN_8BYTES
Callbacks (EMPTY)

Load Configuration

Size 0x140
TimeDateStamp 1970-Jan-01 00:00:00
Version 0.0
GlobalFlagsClear (EMPTY)
GlobalFlagsSet (EMPTY)
CriticalSectionDefaultTimeout 0
DeCommitFreeBlockThreshold 0
DeCommitTotalFreeThreshold 0
LockPrefixTable 0
MaximumAllocationSize 0
VirtualMemoryThreshold 0
ProcessAffinityMask 0
ProcessHeapFlags (EMPTY)
CSDVersion 0
Reserved1 0
EditList 0
SecurityCookie 0x140127050

RICH Header

Errors

<-- -->