puttygen[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

puttygen.exe
Size

300KB
MD5

e5109458d81922c93c1e0e311f790867
SHA1

fccc9a505c5339fd00d59987d5711da7b0855f81
SHA256

21dca8f4c5d7efd3777a7738c54b150ccec9c7574c9a9194b9b80daf6bb55f18
SHA512

a6bfdd94acc4fba4ab9a07a315e98b3ba5d3d2f8929aed1b56f0ae1b086732cc91231ebcf723f2248c4d75d8a81fc7abde61a5f15642cee7d16be4496cb92a81
SSDEEP

6144:qDdQFX4Jfq0pwj/UZKKy7feLGMhTC02T+INaN3eBf:qDds0I/0zGtNIN3eBf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
puttygen.exe

Files

puttygen.exe
.exe windows:5 windows x64

416e2ad4dfc03bdea2243637c97a2fd8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

advapi32

CopySid
GetLengthSid
AllocateAndInitializeSid
RegCloseKey
RegOpenKeyA
RegQueryValueExA

comdlg32

GetOpenFileNameA
GetSaveFileNameA

shell32

ShellExecuteA

user32

GetWindowLongPtrA
LoadIconA
CreateMenu
AppendMenuA
SetMenu
SetDlgItemInt
GetWindowTextLengthA
GetWindowTextA
GetDlgItemInt
GetMessageTime
CheckMenuRadioItem
EnableMenuItem
ShowWindow
PostMessageA
EnableWindow
DialogBoxParamA
SetActiveWindow
EndDialog
SetForegroundWindow
GetDesktopWindow
GetWindowRect
MoveWindow
GetForegroundWindow
GetCapture
GetQueueStatus
GetCursorPos
WinHelpA
GetDlgItemTextA
MessageBoxA
GetDlgItem
SetDlgItemTextA
IsDlgButtonChecked
CheckRadioButton
SetWindowLongPtrA
MessageBeep
SendDlgItemMessageA
CreateWindowExA
SetWindowPos
SendMessageA
GetClientRect
MapDialogRect
MessageBoxIndirectA
GetClipboardOwner

kernel32

GetProcessHeap
SetEndOfFile
SetEnvironmentVariableA
CompareStringW
WriteConsoleW
HeapSize
GetStringTypeW
FlushFileBuffers
SetStdHandle
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetTimeZoneInformation
Sleep
GetConsoleMode
GetConsoleCP
SetFilePointer
MultiByteToWideChar
LCMapStringW
WideCharToMultiByte
HeapCreate
GetVersion
HeapSetInformation
GetModuleFileNameW
LoadLibraryW
DeleteCriticalSection
GetFileType
GetStdHandle
SetHandleCount
InitializeCriticalSectionAndSpinCount
FlsAlloc
GetCurrentThreadId
SetLastError
FlsFree
FlsSetValue
FlsGetValue
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
LeaveCriticalSection
EnterCriticalSection
RtlUnwindEx
TerminateProcess
EncodePointer
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
GetProcAddress
FreeLibrary
GetModuleFileNameA
LoadLibraryA
GetSystemDirectoryA
GetLastError
FormatMessageA
GetSystemTimeAdjustment
GetSystemTime
GetProcessTimes
GetCurrentProcess
GetThreadTimes
GetCurrentThread
GlobalMemoryStatus
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
FindClose
FindNextFileA
FindFirstFileA
GetWindowsDirectoryA
CreateThread
LocalFree
CloseHandle
LocalAlloc
OpenProcess
SetCurrentDirectoryA
ReadFile
CreateFileA
GetCurrentDirectoryA
WriteFile
DeleteFileA
GetEnvironmentVariableA
GetLocalTime
GetModuleHandleW
ExitProcess
DecodePointer
HeapAlloc
HeapReAlloc
HeapFree
GetDateFormatA
GetTimeFormatA
GetCommandLineA
GetStartupInfoW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
CreateFileW

Sections

.text
Size: 202KB - Virtual size: 202KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 69KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

416e2ad4dfc03bdea2243637c97a2fd8

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

comdlg32

shell32

user32

kernel32

Sections

.text Size: 202KB - Virtual size: 202KB

.rdata Size: 69KB - Virtual size: 68KB

.data Size: 7KB - Virtual size: 20KB

.pdata Size: 10KB - Virtual size: 10KB

.rsrc Size: 7KB - Virtual size: 7KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 202KB - Virtual size: 202KB

.rdata
Size: 69KB - Virtual size: 68KB

.data
Size: 7KB - Virtual size: 20KB

.pdata
Size: 10KB - Virtual size: 10KB

.rsrc
Size: 7KB - Virtual size: 7KB

.reloc
Size: 2KB - Virtual size: 2KB