sample-report.json

1. {
2. "info": {
3. "added": 1554049000.272661,
4. "started": 1554049851.168716,
5. "duration": 191,
6. "ended": 1554050042.948136,
7. "owner": null,
8. "score": 0.4,
9. "id": 2,
10. "category": "file",
11. "git": {
12. "head": "c41c7c5cb09416b7cfc6159811792679e20762f2",
13. "fetch_head": "c41c7c5cb09416b7cfc6159811792679e20762f2"
14. },
15. "monitor": "e071e63a66e831163a40abc45109fdf71fee829e",
16. "package": "exe",
17. "route": "none",
18. "custom": null,
19. "machine": {
20. "status": "stopped",
21. "name": "cuckoo1",
22. "label": "cuckoo1",
23. "manager": "VirtualBox",
24. "started_on": "2019-03-31 16:30:51",
25. "shutdown_on": "2019-03-31 16:34:02"
26. },
27. "platform": "windows",
28. "version": "2.0.6",
29. "options": "procmemdump=yes,route=none"
30. },
31. "signatures": [
32. {
33. "markcount": 0,
34. "families": [],
35. "description": "This executable is signed",
36. "severity": 1,
37. "marks": [],
38. "references": [],
39. "name": "has_authenticode"
40. },
41. {
42. "markcount": 2,
43. "families": [],
44. "description": "The executable contains unknown PE section names indicative of a packer (could be a false positive)",
45. "severity": 1,
46. "marks": [
47. {
48. "category": "section",
49. "ioc": ".00cfg",
50. "type": "ioc",
51. "description": null
52. },
53. {
54. "category": "section",
55. "ioc": ".gfids",
56. "type": "ioc",
57. "description": null
58. }
59. ],
60. "references": [],
61. "name": "pe_features"
62. }
63. ],
64. "target": {
65. "category": "file",
66. "file": {
67. "yara": [],
68. "sha1": "5ef9515e8fd92a254dd2dcdd9c4b50afa8007b8f",
69. "name": "putty.exe",
70. "type": "PE32 executable (GUI) Intel 80386, for MS Windows",
71. "sha256": "81de431987304676134138705fc1c21188ad7f27edf6b77a6551aa693194485e",
72. "urls": [
73. "http://llvm.org/git/llvm.git",
74. "http://www.usertrust.com1",
75. "http://llvm.org/git/clang.git",
76. "http://ocsp.comodoca.com0",
77. "http://crt.comodoca.com/COMODOSHA256CodeSigningCA.crt0",
78. "http://crl.usertrust.com/UTN-USERFirst-Object.crl05",
79. "http://crl.usertrust.com/AddTrustExternalCARoot.crl05",
80. "http://crl.comodoca.com/COMODOSHA256CodeSigningCA.crl0w",
81. "http://ocsp.usertrust.com0",
82. "https://secure.comodo.net/CPS0F",
83. "https://www.chiark.greenend.org.uk/"
84. ],
85. "crc32": "59307220",
86. "path": "/home/student/.cuckoo/storage/binaries/81de431987304676134138705fc1c21188ad7f27edf6b77a6551aa693194485e",
87. "ssdeep": null,
88. "size": 774200,
89. "sha512": "e174ecf4fffb36d30c2cc66b37f82877d421244c924d5c9f39f2e0f37d85332b7d107d5ac5bd19cb7ffdcdbdd8b506d488faa30664ef610f62f3970c163cca76",
90. "md5": "b6c12d88eeb910784d75a5e4df954001"
91. }
92. },
93. "network": {
94. "tls": [],
95. "udp": [
96. {
97. "src": "192.168.56.102",
98. "dst": "192.168.56.1",
99. "offset": 4533,
100. "time": 72.29419708251953,
101. "dport": 53,
102. "sport": 51582
103. },
104. {
105. "src": "192.168.56.102",
106. "dst": "192.168.56.1",
107. "offset": 4634,
108. "time": 110.20807218551636,
109. "dport": 53,
110. "sport": 54256
111. },
112. {
113. "src": "192.168.56.102",
114. "dst": "192.168.56.1",
115. "offset": 4735,
116. "time": 142.4610412120819,
117. "dport": 53,
118. "sport": 61553
119. },
120. {
121. "src": "192.168.56.102",
122. "dst": "192.168.56.1",
123. "offset": 4836,
124. "time": 75.12887907028198,
125. "dport": 53,
126. "sport": 64809
127. },
128. {
129. "src": "192.168.56.102",
130. "dst": "192.168.56.255",
131. "offset": 4928,
132. "time": 60.57342505455017,
133. "dport": 137,
134. "sport": 137
135. },
136. {
137. "src": "192.168.56.102",
138. "dst": "192.168.56.255",
139. "offset": 15512,
140. "time": 66.17611002922058,
141. "dport": 138,
142. "sport": 138
143. },
144. {
145. "src": "192.168.56.102",
146. "dst": "224.0.0.252",
147. "offset": 23902,
148. "time": 72.07005715370178,
149. "dport": 5355,
150. "sport": 50760
151. },
152. {
153. "src": "192.168.56.102",
154. "dst": "224.0.0.252",
155. "offset": 24222,
156. "time": 71.07651400566101,
157. "dport": 5355,
158. "sport": 54585
159. },
160. {
161. "src": "192.168.56.102",
162. "dst": "224.0.0.252",
163. "offset": 24550,
164. "time": 65.58512115478516,
165. "dport": 5355,
166. "sport": 57390
167. },
168. {
169. "src": "192.168.56.102",
170. "dst": "224.0.0.252",
171. "offset": 24878,
172. "time": 62.31640601158142,
173. "dport": 5355,
174. "sport": 58529
175. },
176. {
177. "src": "192.168.56.102",
178. "dst": "224.0.0.252",
179. "offset": 25206,
180. "time": 59.30796003341675,
181. "dport": 5355,
182. "sport": 59218
183. },
184. {
185. "src": "192.168.56.102",
186. "dst": "224.0.0.252",
187. "offset": 25534,
188. "time": 76.32314920425415,
189. "dport": 5355,
190. "sport": 61815
191. },
192. {
193. "src": "192.168.56.102",
194. "dst": "224.0.0.252",
195. "offset": 25862,
196. "time": 73.63178205490112,
197. "dport": 5355,
198. "sport": 61908
199. },
200. {
201. "src": "192.168.56.102",
202. "dst": "224.0.0.252",
203. "offset": 26190,
204. "time": 68.24074602127075,
205. "dport": 5355,
206. "sport": 65105
207. },
208. {
209. "src": "192.168.56.102",
210. "dst": "239.255.255.250",
211. "offset": 26518,
212. "time": 61.92230010032654,
213. "dport": 3702,
214. "sport": 59219
215. }
216. ],
217. "dns_servers": [
218. "192.168.56.1"
219. ],
220. "http": [],
221. "icmp": [],
222. "smtp": [],
223. "tcp": [],
224. "smtp_ex": [],
225. "mitm": [],
226. "hosts": [],
227. "pcap_sha256": "ee7958a9156941c699ec42e026c77e4f47d9bdebc419290211297ef7a859f7a9",
228. "dns": [
229. {
230. "type": "A",
231. "request": "www.msftncsi.com",
232. "answers": []
233. },
234. {
235. "type": "A",
236. "request": "teredo.ipv6.microsoft.com",
237. "answers": []
238. }
239. ],
240. "http_ex": [],
241. "domains": [
242. {
243. "ip": "",
244. "domain": "teredo.ipv6.microsoft.com"
245. },
246. {
247. "ip": "",
248. "domain": "www.msftncsi.com"
249. }
250. ],
251. "dead_hosts": [],
252. "sorted_pcap_sha256": "8c43c36a4ede9d59606920170cfb3f7eb84defd13bbb15876c802597b33d4486",
253. "irc": [],
254. "https_ex": []
255. },
256. "static": {
257. "pdb_path": null,
258. "pe_imports": [
259. {
260. "imports": [
261. {
262. "name": "CreateBitmap",
263. "address": "0x4b95c0"
264. },
265. {
266. "name": "CreateCompatibleBitmap",
267. "address": "0x4b95c4"
268. },
269. {
270. "name": "CreateCompatibleDC",
271. "address": "0x4b95c8"
272. },
273. {
274. "name": "CreateFontA",
275. "address": "0x4b95cc"
276. },
277. {
278. "name": "CreateFontIndirectA",
279. "address": "0x4b95d0"
280. },
281. {
282. "name": "CreatePalette",
283. "address": "0x4b95d4"
284. },
285. {
286. "name": "CreatePen",
287. "address": "0x4b95d8"
288. },
289. {
290. "name": "CreateSolidBrush",
291. "address": "0x4b95dc"
292. },
293. {
294. "name": "DeleteDC",
295. "address": "0x4b95e0"
296. },
297. {
298. "name": "DeleteObject",
299. "address": "0x4b95e4"
300. },
301. {
302. "name": "ExcludeClipRect",
303. "address": "0x4b95e8"
304. },
305. {
306. "name": "ExtTextOutA",
307. "address": "0x4b95ec"
308. },
309. {
310. "name": "ExtTextOutW",
311. "address": "0x4b95f0"
312. },
313. {
314. "name": "GetBkMode",
315. "address": "0x4b95f4"
316. },
317. {
318. "name": "GetCharABCWidthsFloatA",
319. "address": "0x4b95f8"
320. },
321. {
322. "name": "GetCharWidth32A",
323. "address": "0x4b95fc"
324. },
325. {
326. "name": "GetCharWidth32W",
327. "address": "0x4b9600"
328. },
329. {
330. "name": "GetCharWidthA",
331. "address": "0x4b9604"
332. },
333. {
334. "name": "GetCharWidthW",
335. "address": "0x4b9608"
336. },
337. {
338. "name": "GetCharacterPlacementW",
339. "address": "0x4b960c"
340. },
341. {
342. "name": "GetDeviceCaps",
343. "address": "0x4b9610"
344. },
345. {
346. "name": "GetObjectA",
347. "address": "0x4b9614"
348. },
349. {
350. "name": "GetPixel",
351. "address": "0x4b9618"
352. },
353. {
354. "name": "GetStockObject",
355. "address": "0x4b961c"
356. },
357. {
358. "name": "GetTextExtentExPointA",
359. "address": "0x4b9620"
360. },
361. {
362. "name": "GetTextExtentPoint32A",
363. "address": "0x4b9624"
364. },
365. {
366. "name": "GetTextMetricsA",
367. "address": "0x4b9628"
368. },
369. {
370. "name": "IntersectClipRect",
371. "address": "0x4b962c"
372. },
373. {
374. "name": "LineTo",
375. "address": "0x4b9630"
376. },
377. {
378. "name": "MoveToEx",
379. "address": "0x4b9634"
380. },
381. {
382. "name": "Polyline",
383. "address": "0x4b9638"
384. },
385. {
386. "name": "RealizePalette",
387. "address": "0x4b963c"
388. },
389. {
390. "name": "Rectangle",
391. "address": "0x4b9640"
392. },
393. {
394. "name": "SelectObject",
395. "address": "0x4b9644"
396. },
397. {
398. "name": "SelectPalette",
399. "address": "0x4b9648"
400. },
401. {
402. "name": "SetBkColor",
403. "address": "0x4b964c"
404. },
405. {
406. "name": "SetBkMode",
407. "address": "0x4b9650"
408. },
409. {
410. "name": "SetMapMode",
411. "address": "0x4b9654"
412. },
413. {
414. "name": "SetPaletteEntries",
415. "address": "0x4b9658"
416. },
417. {
418. "name": "SetPixel",
419. "address": "0x4b965c"
420. },
421. {
422. "name": "SetTextAlign",
423. "address": "0x4b9660"
424. },
425. {
426. "name": "SetTextColor",
427. "address": "0x4b9664"
428. },
429. {
430. "name": "TextOutA",
431. "address": "0x4b9668"
432. },
433. {
434. "name": "TranslateCharsetInfo",
435. "address": "0x4b966c"
436. },
437. {
438. "name": "UnrealizeObject",
439. "address": "0x4b9670"
440. },
441. {
442. "name": "UpdateColors",
443. "address": "0x4b9674"
444. }
445. ],
446. "dll": "GDI32.dll"
447. },
448. {
449. "imports": [
450. {
451. "name": "AppendMenuA",
452. "address": "0x4b967c"
453. },
454. {
455. "name": "BeginPaint",
456. "address": "0x4b9680"
457. },
458. {
459. "name": "CheckDlgButton",
460. "address": "0x4b9684"
461. },
462. {
463. "name": "CheckMenuItem",
464. "address": "0x4b9688"
465. },
466. {
467. "name": "CheckRadioButton",
468. "address": "0x4b968c"
469. },
470. {
471. "name": "CloseClipboard",
472. "address": "0x4b9690"
473. },
474. {
475. "name": "CreateCaret",
476. "address": "0x4b9694"
477. },
478. {
479. "name": "CreateDialogParamA",
480. "address": "0x4b9698"
481. },
482. {
483. "name": "CreateMenu",
484. "address": "0x4b969c"
485. },
486. {
487. "name": "CreatePopupMenu",
488. "address": "0x4b96a0"
489. },
490. {
491. "name": "CreateWindowExA",
492. "address": "0x4b96a4"
493. },
494. {
495. "name": "CreateWindowExW",
496. "address": "0x4b96a8"
497. },
498. {
499. "name": "DefDlgProcA",
500. "address": "0x4b96ac"
501. },
502. {
503. "name": "DefWindowProcA",
504. "address": "0x4b96b0"
505. },
506. {
507. "name": "DefWindowProcW",
508. "address": "0x4b96b4"
509. },
510. {
511. "name": "DeleteMenu",
512. "address": "0x4b96b8"
513. },
514. {
515. "name": "DestroyCaret",
516. "address": "0x4b96bc"
517. },
518. {
519. "name": "DestroyWindow",
520. "address": "0x4b96c0"
521. },
522. {
523. "name": "DialogBoxParamA",
524. "address": "0x4b96c4"
525. },
526. {
527. "name": "DispatchMessageA",
528. "address": "0x4b96c8"
529. },
530. {
531. "name": "DispatchMessageW",
532. "address": "0x4b96cc"
533. },
534. {
535. "name": "DrawEdge",
536. "address": "0x4b96d0"
537. },
538. {
539. "name": "EmptyClipboard",
540. "address": "0x4b96d4"
541. },
542. {
543. "name": "EnableMenuItem",
544. "address": "0x4b96d8"
545. },
546. {
547. "name": "EnableWindow",
548. "address": "0x4b96dc"
549. },
550. {
551. "name": "EndDialog",
552. "address": "0x4b96e0"
553. },
554. {
555. "name": "EndPaint",
556. "address": "0x4b96e4"
557. },
558. {
559. "name": "FindWindowA",
560. "address": "0x4b96e8"
561. },
562. {
563. "name": "FlashWindow",
564. "address": "0x4b96ec"
565. },
566. {
567. "name": "GetCapture",
568. "address": "0x4b96f0"
569. },
570. {
571. "name": "GetCaretBlinkTime",
572. "address": "0x4b96f4"
573. },
574. {
575. "name": "GetClientRect",
576. "address": "0x4b96f8"
577. },
578. {
579. "name": "GetClipboardData",
580. "address": "0x4b96fc"
581. },
582. {
583. "name": "GetClipboardOwner",
584. "address": "0x4b9700"
585. },
586. {
587. "name": "GetCursorPos",
588. "address": "0x4b9704"
589. },
590. {
591. "name": "GetDC",
592. "address": "0x4b9708"
593. },
594. {
595. "name": "GetDesktopWindow",
596. "address": "0x4b970c"
597. },
598. {
599. "name": "GetDlgItem",
600. "address": "0x4b9710"
601. },
602. {
603. "name": "GetDlgItemTextA",
604. "address": "0x4b9714"
605. },
606. {
607. "name": "GetDoubleClickTime",
608. "address": "0x4b9718"
609. },
610. {
611. "name": "GetForegroundWindow",
612. "address": "0x4b971c"
613. },
614. {
615. "name": "GetKeyboardLayout",
616. "address": "0x4b9720"
617. },
618. {
619. "name": "GetKeyboardState",
620. "address": "0x4b9724"
621. },
622. {
623. "name": "GetMessageA",
624. "address": "0x4b9728"
625. },
626. {
627. "name": "GetMessageTime",
628. "address": "0x4b972c"
629. },
630. {
631. "name": "GetParent",
632. "address": "0x4b9730"
633. },
634. {
635. "name": "GetQueueStatus",
636. "address": "0x4b9734"
637. },
638. {
639. "name": "GetScrollInfo",
640. "address": "0x4b9738"
641. },
642. {
643. "name": "GetSysColor",
644. "address": "0x4b973c"
645. },
646. {
647. "name": "GetSystemMenu",
648. "address": "0x4b9740"
649. },
650. {
651. "name": "GetSystemMetrics",
652. "address": "0x4b9744"
653. },
654. {
655. "name": "GetWindowLongA",
656. "address": "0x4b9748"
657. },
658. {
659. "name": "GetWindowPlacement",
660. "address": "0x4b974c"
661. },
662. {
663. "name": "GetWindowRect",
664. "address": "0x4b9750"
665. },
666. {
667. "name": "GetWindowTextA",
668. "address": "0x4b9754"
669. },
670. {
671. "name": "GetWindowTextLengthA",
672. "address": "0x4b9758"
673. },
674. {
675. "name": "HideCaret",
676. "address": "0x4b975c"
677. },
678. {
679. "name": "InsertMenuA",
680. "address": "0x4b9760"
681. },
682. {
683. "name": "InvalidateRect",
684. "address": "0x4b9764"
685. },
686. {
687. "name": "IsDialogMessageA",
688. "address": "0x4b9768"
689. },
690. {
691. "name": "IsDlgButtonChecked",
692. "address": "0x4b976c"
693. },
694. {
695. "name": "IsIconic",
696. "address": "0x4b9770"
697. },
698. {
699. "name": "IsWindow",
700. "address": "0x4b9774"
701. },
702. {
703. "name": "IsZoomed",
704. "address": "0x4b9778"
705. },
706. {
707. "name": "KillTimer",
708. "address": "0x4b977c"
709. },
710. {
711. "name": "LoadCursorA",
712. "address": "0x4b9780"
713. },
714. {
715. "name": "LoadIconA",
716. "address": "0x4b9784"
717. },
718. {
719. "name": "MapDialogRect",
720. "address": "0x4b9788"
721. },
722. {
723. "name": "MessageBeep",
724. "address": "0x4b978c"
725. },
726. {
727. "name": "MessageBoxA",
728. "address": "0x4b9790"
729. },
730. {
731. "name": "MessageBoxIndirectA",
732. "address": "0x4b9794"
733. },
734. {
735. "name": "MoveWindow",
736. "address": "0x4b9798"
737. },
738. {
739. "name": "MsgWaitForMultipleObjects",
740. "address": "0x4b979c"
741. },
742. {
743. "name": "OpenClipboard",
744. "address": "0x4b97a0"
745. },
746. {
747. "name": "PeekMessageA",
748. "address": "0x4b97a4"
749. },
750. {
751. "name": "PeekMessageW",
752. "address": "0x4b97a8"
753. },
754. {
755. "name": "PostMessageA",
756. "address": "0x4b97ac"
757. },
758. {
759. "name": "PostQuitMessage",
760. "address": "0x4b97b0"
761. },
762. {
763. "name": "RegisterClassA",
764. "address": "0x4b97b4"
765. },
766. {
767. "name": "RegisterClassW",
768. "address": "0x4b97b8"
769. },
770. {
771. "name": "RegisterClipboardFormatA",
772. "address": "0x4b97bc"
773. },
774. {
775. "name": "RegisterWindowMessageA",
776. "address": "0x4b97c0"
777. },
778. {
779. "name": "ReleaseCapture",
780. "address": "0x4b97c4"
781. },
782. {
783. "name": "ReleaseDC",
784. "address": "0x4b97c8"
785. },
786. {
787. "name": "ScreenToClient",
788. "address": "0x4b97cc"
789. },
790. {
791. "name": "SendDlgItemMessageA",
792. "address": "0x4b97d0"
793. },
794. {
795. "name": "SendMessageA",
796. "address": "0x4b97d4"
797. },
798. {
799. "name": "SetActiveWindow",
800. "address": "0x4b97d8"
801. },
802. {
803. "name": "SetCapture",
804. "address": "0x4b97dc"
805. },
806. {
807. "name": "SetCaretPos",
808. "address": "0x4b97e0"
809. },
810. {
811. "name": "SetClassLongA",
812. "address": "0x4b97e4"
813. },
814. {
815. "name": "SetClipboardData",
816. "address": "0x4b97e8"
817. },
818. {
819. "name": "SetCursor",
820. "address": "0x4b97ec"
821. },
822. {
823. "name": "SetDlgItemTextA",
824. "address": "0x4b97f0"
825. },
826. {
827. "name": "SetFocus",
828. "address": "0x4b97f4"
829. },
830. {
831. "name": "SetForegroundWindow",
832. "address": "0x4b97f8"
833. },
834. {
835. "name": "SetKeyboardState",
836. "address": "0x4b97fc"
837. },
838. {
839. "name": "SetScrollInfo",
840. "address": "0x4b9800"
841. },
842. {
843. "name": "SetTimer",
844. "address": "0x4b9804"
845. },
846. {
847. "name": "SetWindowLongA",
848. "address": "0x4b9808"
849. },
850. {
851. "name": "SetWindowPlacement",
852. "address": "0x4b980c"
853. },
854. {
855. "name": "SetWindowPos",
856. "address": "0x4b9810"
857. },
858. {
859. "name": "SetWindowTextA",
860. "address": "0x4b9814"
861. },
862. {
863. "name": "ShowCaret",
864. "address": "0x4b9818"
865. },
866. {
867. "name": "ShowCursor",
868. "address": "0x4b981c"
869. },
870. {
871. "name": "ShowWindow",
872. "address": "0x4b9820"
873. },
874. {
875. "name": "SystemParametersInfoA",
876. "address": "0x4b9824"
877. },
878. {
879. "name": "ToAsciiEx",
880. "address": "0x4b9828"
881. },
882. {
883. "name": "TrackPopupMenu",
884. "address": "0x4b982c"
885. },
886. {
887. "name": "TranslateMessage",
888. "address": "0x4b9830"
889. },
890. {
891. "name": "UpdateWindow",
892. "address": "0x4b9834"
893. },
894. {
895. "name": "WinHelpA",
896. "address": "0x4b9838"
897. }
898. ],
899. "dll": "USER32.dll"
900. },
901. {
902. "imports": [
903. {
904. "name": "ChooseColorA",
905. "address": "0x4b9840"
906. },
907. {
908. "name": "ChooseFontA",
909. "address": "0x4b9844"
910. },
911. {
912. "name": "GetOpenFileNameA",
913. "address": "0x4b9848"
914. },
915. {
916. "name": "GetSaveFileNameA",
917. "address": "0x4b984c"
918. }
919. ],
920. "dll": "COMDLG32.dll"
921. },
922. {
923. "imports": [
924. {
925. "name": "ShellExecuteA",
926. "address": "0x4b9854"
927. }
928. ],
929. "dll": "SHELL32.dll"
930. },
931. {
932. "imports": [
933. {
934. "name": "CoCreateInstance",
935. "address": "0x4b985c"
936. },
937. {
938. "name": "CoInitialize",
939. "address": "0x4b9860"
940. },
941. {
942. "name": "CoUninitialize",
943. "address": "0x4b9864"
944. }
945. ],
946. "dll": "ole32.dll"
947. },
948. {
949. "imports": [
950. {
951. "name": "ImmGetCompositionStringW",
952. "address": "0x4b986c"
953. },
954. {
955. "name": "ImmGetContext",
956. "address": "0x4b9870"
957. },
958. {
959. "name": "ImmReleaseContext",
960. "address": "0x4b9874"
961. },
962. {
963. "name": "ImmSetCompositionFontA",
964. "address": "0x4b9878"
965. },
966. {
967. "name": "ImmSetCompositionWindow",
968. "address": "0x4b987c"
969. }
970. ],
971. "dll": "IMM32.dll"
972. },
973. {
974. "imports": [
975. {
976. "name": "AllocateAndInitializeSid",
977. "address": "0x4b9884"
978. },
979. {
980. "name": "CopySid",
981. "address": "0x4b9888"
982. },
983. {
984. "name": "EqualSid",
985. "address": "0x4b988c"
986. },
987. {
988. "name": "GetLengthSid",
989. "address": "0x4b9890"
990. },
991. {
992. "name": "GetUserNameA",
993. "address": "0x4b9894"
994. },
995. {
996. "name": "InitializeSecurityDescriptor",
997. "address": "0x4b9898"
998. },
999. {
1000. "name": "RegCloseKey",
1001. "address": "0x4b989c"
1002. },
1003. {
1004. "name": "RegCreateKeyA",
1005. "address": "0x4b98a0"
1006. },
1007. {
1008. "name": "RegCreateKeyExA",
1009. "address": "0x4b98a4"
1010. },
1011. {
1012. "name": "RegDeleteKeyA",
1013. "address": "0x4b98a8"
1014. },
1015. {
1016. "name": "RegDeleteValueA",
1017. "address": "0x4b98ac"
1018. },
1019. {
1020. "name": "RegEnumKeyA",
1021. "address": "0x4b98b0"
1022. },
1023. {
1024. "name": "RegOpenKeyA",
1025. "address": "0x4b98b4"
1026. },
1027. {
1028. "name": "RegQueryValueExA",
1029. "address": "0x4b98b8"
1030. },
1031. {
1032. "name": "RegSetValueExA",
1033. "address": "0x4b98bc"
1034. },
1035. {
1036. "name": "SetSecurityDescriptorDacl",
1037. "address": "0x4b98c0"
1038. },
1039. {
1040. "name": "SetSecurityDescriptorOwner",
1041. "address": "0x4b98c4"
1042. }
1043. ],
1044. "dll": "ADVAPI32.dll"
1045. },
1046. {
1047. "imports": [
1048. {
1049. "name": "Beep",
1050. "address": "0x4b98cc"
1051. },
1052. {
1053. "name": "ClearCommBreak",
1054. "address": "0x4b98d0"
1055. },
1056. {
1057. "name": "CloseHandle",
1058. "address": "0x4b98d4"
1059. },
1060. {
1061. "name": "CompareStringW",
1062. "address": "0x4b98d8"
1063. },
1064. {
1065. "name": "ConnectNamedPipe",
1066. "address": "0x4b98dc"
1067. },
1068. {
1069. "name": "CreateEventA",
1070. "address": "0x4b98e0"
1071. },
1072. {
1073. "name": "CreateFileA",
1074. "address": "0x4b98e4"
1075. },
1076. {
1077. "name": "CreateFileMappingA",
1078. "address": "0x4b98e8"
1079. },
1080. {
1081. "name": "CreateFileW",
1082. "address": "0x4b98ec"
1083. },
1084. {
1085. "name": "CreateMutexA",
1086. "address": "0x4b98f0"
1087. },
1088. {
1089. "name": "CreateNamedPipeA",
1090. "address": "0x4b98f4"
1091. },
1092. {
1093. "name": "CreatePipe",
1094. "address": "0x4b98f8"
1095. },
1096. {
1097. "name": "CreateProcessA",
1098. "address": "0x4b98fc"
1099. },
1100. {
1101. "name": "CreateThread",
1102. "address": "0x4b9900"
1103. },
1104. {
1105. "name": "DecodePointer",
1106. "address": "0x4b9904"
1107. },
1108. {
1109. "name": "DeleteCriticalSection",
1110. "address": "0x4b9908"
1111. },
1112. {
1113. "name": "DeleteFileA",
1114. "address": "0x4b990c"
1115. },
1116. {
1117. "name": "EnterCriticalSection",
1118. "address": "0x4b9910"
1119. },
1120. {
1121. "name": "ExitProcess",
1122. "address": "0x4b9914"
1123. },
1124. {
1125. "name": "FindClose",
1126. "address": "0x4b9918"
1127. },
1128. {
1129. "name": "FindFirstFileA",
1130. "address": "0x4b991c"
1131. },
1132. {
1133. "name": "FindFirstFileExA",
1134. "address": "0x4b9920"
1135. },
1136. {
1137. "name": "FindNextFileA",
1138. "address": "0x4b9924"
1139. },
1140. {
1141. "name": "FlushFileBuffers",
1142. "address": "0x4b9928"
1143. },
1144. {
1145. "name": "FormatMessageA",
1146. "address": "0x4b992c"
1147. },
1148. {
1149. "name": "FreeEnvironmentStringsW",
1150. "address": "0x4b9930"
1151. },
1152. {
1153. "name": "FreeLibrary",
1154. "address": "0x4b9934"
1155. },
1156. {
1157. "name": "GetACP",
1158. "address": "0x4b9938"
1159. },
1160. {
1161. "name": "GetCPInfo",
1162. "address": "0x4b993c"
1163. },
1164. {
1165. "name": "GetCommState",
1166. "address": "0x4b9940"
1167. },
1168. {
1169. "name": "GetCommandLineA",
1170. "address": "0x4b9944"
1171. },
1172. {
1173. "name": "GetCommandLineW",
1174. "address": "0x4b9948"
1175. },
1176. {
1177. "name": "GetConsoleCP",
1178. "address": "0x4b994c"
1179. },
1180. {
1181. "name": "GetConsoleMode",
1182. "address": "0x4b9950"
1183. },
1184. {
1185. "name": "GetCurrentDirectoryA",
1186. "address": "0x4b9954"
1187. },
1188. {
1189. "name": "GetCurrentProcess",
1190. "address": "0x4b9958"
1191. },
1192. {
1193. "name": "GetCurrentProcessId",
1194. "address": "0x4b995c"
1195. },
1196. {
1197. "name": "GetCurrentThread",
1198. "address": "0x4b9960"
1199. },
1200. {
1201. "name": "GetCurrentThreadId",
1202. "address": "0x4b9964"
1203. },
1204. {
1205. "name": "GetDateFormatW",
1206. "address": "0x4b9968"
1207. },
1208. {
1209. "name": "GetEnvironmentStringsW",
1210. "address": "0x4b996c"
1211. },
1212. {
1213. "name": "GetEnvironmentVariableA",
1214. "address": "0x4b9970"
1215. },
1216. {
1217. "name": "GetFileType",
1218. "address": "0x4b9974"
1219. },
1220. {
1221. "name": "GetLastError",
1222. "address": "0x4b9978"
1223. },
1224. {
1225. "name": "GetLocalTime",
1226. "address": "0x4b997c"
1227. },
1228. {
1229. "name": "GetLocaleInfoA",
1230. "address": "0x4b9980"
1231. },
1232. {
1233. "name": "GetModuleFileNameA",
1234. "address": "0x4b9984"
1235. },
1236. {
1237. "name": "GetModuleFileNameW",
1238. "address": "0x4b9988"
1239. },
1240. {
1241. "name": "GetModuleHandleA",
1242. "address": "0x4b998c"
1243. },
1244. {
1245. "name": "GetModuleHandleExW",
1246. "address": "0x4b9990"
1247. },
1248. {
1249. "name": "GetModuleHandleW",
1250. "address": "0x4b9994"
1251. },
1252. {
1253. "name": "GetOEMCP",
1254. "address": "0x4b9998"
1255. },
1256. {
1257. "name": "GetOverlappedResult",
1258. "address": "0x4b999c"
1259. },
1260. {
1261. "name": "GetProcAddress",
1262. "address": "0x4b99a0"
1263. },
1264. {
1265. "name": "GetProcessHeap",
1266. "address": "0x4b99a4"
1267. },
1268. {
1269. "name": "GetProcessTimes",
1270. "address": "0x4b99a8"
1271. },
1272. {
1273. "name": "GetStartupInfoW",
1274. "address": "0x4b99ac"
1275. },
1276. {
1277. "name": "GetStdHandle",
1278. "address": "0x4b99b0"
1279. },
1280. {
1281. "name": "GetStringTypeW",
1282. "address": "0x4b99b4"
1283. },
1284. {
1285. "name": "GetSystemDirectoryA",
1286. "address": "0x4b99b8"
1287. },
1288. {
1289. "name": "GetSystemTime",
1290. "address": "0x4b99bc"
1291. },
1292. {
1293. "name": "GetSystemTimeAdjustment",
1294. "address": "0x4b99c0"
1295. },
1296. {
1297. "name": "GetSystemTimeAsFileTime",
1298. "address": "0x4b99c4"
1299. },
1300. {
1301. "name": "GetThreadTimes",
1302. "address": "0x4b99c8"
1303. },
1304. {
1305. "name": "GetTickCount",
1306. "address": "0x4b99cc"
1307. },
1308. {
1309. "name": "GetTimeFormatW",
1310. "address": "0x4b99d0"
1311. },
1312. {
1313. "name": "GetTimeZoneInformation",
1314. "address": "0x4b99d4"
1315. },
1316. {
1317. "name": "GetVersionExA",
1318. "address": "0x4b99d8"
1319. },
1320. {
1321. "name": "GetWindowsDirectoryA",
1322. "address": "0x4b99dc"
1323. },
1324. {
1325. "name": "GlobalAlloc",
1326. "address": "0x4b99e0"
1327. },
1328. {
1329. "name": "GlobalFree",
1330. "address": "0x4b99e4"
1331. },
1332. {
1333. "name": "GlobalLock",
1334. "address": "0x4b99e8"
1335. },
1336. {
1337. "name": "GlobalMemoryStatus",
1338. "address": "0x4b99ec"
1339. },
1340. {
1341. "name": "GlobalUnlock",
1342. "address": "0x4b99f0"
1343. },
1344. {
1345. "name": "HeapAlloc",
1346. "address": "0x4b99f4"
1347. },
1348. {
1349. "name": "HeapFree",
1350. "address": "0x4b99f8"
1351. },
1352. {
1353. "name": "HeapReAlloc",
1354. "address": "0x4b99fc"
1355. },
1356. {
1357. "name": "HeapSize",
1358. "address": "0x4b9a00"
1359. },
1360. {
1361. "name": "InitializeCriticalSectionAndSpinCount",
1362. "address": "0x4b9a04"
1363. },
1364. {
1365. "name": "InitializeSListHead",
1366. "address": "0x4b9a08"
1367. },
1368. {
1369. "name": "IsDBCSLeadByteEx",
1370. "address": "0x4b9a0c"
1371. },
1372. {
1373. "name": "IsDebuggerPresent",
1374. "address": "0x4b9a10"
1375. },
1376. {
1377. "name": "IsProcessorFeaturePresent",
1378. "address": "0x4b9a14"
1379. },
1380. {
1381. "name": "IsValidCodePage",
1382. "address": "0x4b9a18"
1383. },
1384. {
1385. "name": "LCMapStringW",
1386. "address": "0x4b9a1c"
1387. },
1388. {
1389. "name": "LeaveCriticalSection",
1390. "address": "0x4b9a20"
1391. },
1392. {
1393. "name": "LoadLibraryA",
1394. "address": "0x4b9a24"
1395. },
1396. {
1397. "name": "LoadLibraryExA",
1398. "address": "0x4b9a28"
1399. },
1400. {
1401. "name": "LoadLibraryExW",
1402. "address": "0x4b9a2c"
1403. },
1404. {
1405. "name": "LocalAlloc",
1406. "address": "0x4b9a30"
1407. },
1408. {
1409. "name": "LocalFree",
1410. "address": "0x4b9a34"
1411. },
1412. {
1413. "name": "MapViewOfFile",
1414. "address": "0x4b9a38"
1415. },
1416. {
1417. "name": "MulDiv",
1418. "address": "0x4b9a3c"
1419. },
1420. {
1421. "name": "MultiByteToWideChar",
1422. "address": "0x4b9a40"
1423. },
1424. {
1425. "name": "OpenProcess",
1426. "address": "0x4b9a44"
1427. },
1428. {
1429. "name": "OutputDebugStringW",
1430. "address": "0x4b9a48"
1431. },
1432. {
1433. "name": "QueryPerformanceCounter",
1434. "address": "0x4b9a4c"
1435. },
1436. {
1437. "name": "RaiseException",
1438. "address": "0x4b9a50"
1439. },
1440. {
1441. "name": "ReadConsoleW",
1442. "address": "0x4b9a54"
1443. },
1444. {
1445. "name": "ReadFile",
1446. "address": "0x4b9a58"
1447. },
1448. {
1449. "name": "ReleaseMutex",
1450. "address": "0x4b9a5c"
1451. },
1452. {
1453. "name": "RtlUnwind",
1454. "address": "0x4b9a60"
1455. },
1456. {
1457. "name": "SetCommBreak",
1458. "address": "0x4b9a64"
1459. },
1460. {
1461. "name": "SetCommState",
1462. "address": "0x4b9a68"
1463. },
1464. {
1465. "name": "SetCommTimeouts",
1466. "address": "0x4b9a6c"
1467. },
1468. {
1469. "name": "SetCurrentDirectoryA",
1470. "address": "0x4b9a70"
1471. },
1472. {
1473. "name": "SetEndOfFile",
1474. "address": "0x4b9a74"
1475. },
1476. {
1477. "name": "SetEnvironmentVariableA",
1478. "address": "0x4b9a78"
1479. },
1480. {
1481. "name": "SetEvent",
1482. "address": "0x4b9a7c"
1483. },
1484. {
1485. "name": "SetFilePointerEx",
1486. "address": "0x4b9a80"
1487. },
1488. {
1489. "name": "SetHandleInformation",
1490. "address": "0x4b9a84"
1491. },
1492. {
1493. "name": "SetLastError",
1494. "address": "0x4b9a88"
1495. },
1496. {
1497. "name": "SetStdHandle",
1498. "address": "0x4b9a8c"
1499. },
1500. {
1501. "name": "SetUnhandledExceptionFilter",
1502. "address": "0x4b9a90"
1503. },
1504. {
1505. "name": "TerminateProcess",
1506. "address": "0x4b9a94"
1507. },
1508. {
1509. "name": "TlsAlloc",
1510. "address": "0x4b9a98"
1511. },
1512. {
1513. "name": "TlsFree",
1514. "address": "0x4b9a9c"
1515. },
1516. {
1517. "name": "TlsGetValue",
1518. "address": "0x4b9aa0"
1519. },
1520. {
1521. "name": "TlsSetValue",
1522. "address": "0x4b9aa4"
1523. },
1524. {
1525. "name": "UnhandledExceptionFilter",
1526. "address": "0x4b9aa8"
1527. },
1528. {
1529. "name": "UnmapViewOfFile",
1530. "address": "0x4b9aac"
1531. },
1532. {
1533. "name": "WaitForSingleObject",
1534. "address": "0x4b9ab0"
1535. },
1536. {
1537. "name": "WaitForSingleObjectEx",
1538. "address": "0x4b9ab4"
1539. },
1540. {
1541. "name": "WaitNamedPipeA",
1542. "address": "0x4b9ab8"
1543. },
1544. {
1545. "name": "WideCharToMultiByte",
1546. "address": "0x4b9abc"
1547. },
1548. {
1549. "name": "WriteConsoleW",
1550. "address": "0x4b9ac0"
1551. },
1552. {
1553. "name": "WriteFile",
1554. "address": "0x4b9ac4"
1555. }
1556. ],
1557. "dll": "KERNEL32.dll"
1558. }
1559. ],
1560. "peid_signatures": null,
1561. "keys": [],
1562. "signature": [
1563. {
1564. "organization": "Simon Tatham",
1565. "country": "GB",
1566. "common_name": "Simon Tatham",
1567. "serial_number": "6cd282a2d9a2c158505b178d59518b7b",
1568. "locality": "Cambridge",
1569. "email": null,
1570. "md5": "78989302406896b6dc127192d368f10d",
1571. "sha1": "4022bb3c0398d595623a5380d5eeb520fc6150aa"
1572. }
1573. ],
1574. "pe_timestamp": "1970-01-01 01:00:00",
1575. "pe_exports": [],
1576. "imported_dll_count": 8,
1577. "pe_imphash": "63e5ceb1f07221fa9448d107ccf4ab5f",
1578. "pe_resources": [
1579. {
1580. "name": "RT_ICON",
1581. "language": "LANG_ENGLISH",
1582. "filetype": "data",
1583. "sublanguage": "SUBLANG_ENGLISH_US",
1584. "offset": "0x0002f028",
1585. "size": "0x00000330"
1586. },
1587. {
1588. "name": "RT_ICON",
1589. "language": "LANG_ENGLISH",
1590. "filetype": "data",
1591. "sublanguage": "SUBLANG_ENGLISH_US",
1592. "offset": "0x0002f028",
1593. "size": "0x00000330"
1594. },
1595. {
1596. "name": "RT_ICON",
1597. "language": "LANG_ENGLISH",
1598. "filetype": "data",
1599. "sublanguage": "SUBLANG_ENGLISH_US",
1600. "offset": "0x0002f028",
1601. "size": "0x00000330"
1602. },
1603. {
1604. "name": "RT_ICON",
1605. "language": "LANG_ENGLISH",
1606. "filetype": "data",
1607. "sublanguage": "SUBLANG_ENGLISH_US",
1608. "offset": "0x0002f028",
1609. "size": "0x00000330"
1610. },
1611. {
1612. "name": "RT_ICON",
1613. "language": "LANG_ENGLISH",
1614. "filetype": "data",
1615. "sublanguage": "SUBLANG_ENGLISH_US",
1616. "offset": "0x0002f028",
1617. "size": "0x00000330"
1618. },
1619. {
1620. "name": "RT_ICON",
1621. "language": "LANG_ENGLISH",
1622. "filetype": "data",
1623. "sublanguage": "SUBLANG_ENGLISH_US",
1624. "offset": "0x0002f028",
1625. "size": "0x00000330"
1626. },
1627. {
1628. "name": "RT_ICON",
1629. "language": "LANG_ENGLISH",
1630. "filetype": "data",
1631. "sublanguage": "SUBLANG_ENGLISH_US",
1632. "offset": "0x0002f028",
1633. "size": "0x00000330"
1634. },
1635. {
1636. "name": "RT_ICON",
1637. "language": "LANG_ENGLISH",
1638. "filetype": "data",
1639. "sublanguage": "SUBLANG_ENGLISH_US",
1640. "offset": "0x0002f028",
1641. "size": "0x00000330"
1642. },
1643. {
1644. "name": "RT_ICON",
1645. "language": "LANG_ENGLISH",
1646. "filetype": "data",
1647. "sublanguage": "SUBLANG_ENGLISH_US",
1648. "offset": "0x0002f028",
1649. "size": "0x00000330"
1650. },
1651. {
1652. "name": "RT_ICON",
1653. "language": "LANG_ENGLISH",
1654. "filetype": "data",
1655. "sublanguage": "SUBLANG_ENGLISH_US",
1656. "offset": "0x0002f028",
1657. "size": "0x00000330"
1658. },
1659. {
1660. "name": "RT_ICON",
1661. "language": "LANG_ENGLISH",
1662. "filetype": "data",
1663. "sublanguage": "SUBLANG_ENGLISH_US",
1664. "offset": "0x0002f028",
1665. "size": "0x00000330"
1666. },
1667. {
1668. "name": "RT_ICON",
1669. "language": "LANG_ENGLISH",
1670. "filetype": "data",
1671. "sublanguage": "SUBLANG_ENGLISH_US",
1672. "offset": "0x0002f028",
1673. "size": "0x00000330"
1674. },
1675. {
1676. "name": "RT_DIALOG",
1677. "language": "LANG_ENGLISH",
1678. "filetype": "data",
1679. "sublanguage": "SUBLANG_ENGLISH_US",
1680. "offset": "0x0002f590",
1681. "size": "0x0000008a"
1682. },
1683. {
1684. "name": "RT_DIALOG",
1685. "language": "LANG_ENGLISH",
1686. "filetype": "data",
1687. "sublanguage": "SUBLANG_ENGLISH_US",
1688. "offset": "0x0002f590",
1689. "size": "0x0000008a"
1690. },
1691. {
1692. "name": "RT_DIALOG",
1693. "language": "LANG_ENGLISH",
1694. "filetype": "data",
1695. "sublanguage": "SUBLANG_ENGLISH_US",
1696. "offset": "0x0002f590",
1697. "size": "0x0000008a"
1698. },
1699. {
1700. "name": "RT_DIALOG",
1701. "language": "LANG_ENGLISH",
1702. "filetype": "data",
1703. "sublanguage": "SUBLANG_ENGLISH_US",
1704. "offset": "0x0002f590",
1705. "size": "0x0000008a"
1706. },
1707. {
1708. "name": "RT_GROUP_ICON",
1709. "language": "LANG_ENGLISH",
1710. "filetype": "MS Windows icon resource - 6 icons, 16x16, 16 colors",
1711. "sublanguage": "SUBLANG_ENGLISH_US",
1712. "offset": "0x0002f680",
1713. "size": "0x0000005a"
1714. },
1715. {
1716. "name": "RT_GROUP_ICON",
1717. "language": "LANG_ENGLISH",
1718. "filetype": "MS Windows icon resource - 6 icons, 16x16, 16 colors",
1719. "sublanguage": "SUBLANG_ENGLISH_US",
1720. "offset": "0x0002f680",
1721. "size": "0x0000005a"
1722. },
1723. {
1724. "name": "RT_VERSION",
1725. "language": "LANG_ENGLISH",
1726. "filetype": "data",
1727. "sublanguage": "SUBLANG_ENGLISH_US",
1728. "offset": "0x0002f6e0",
1729. "size": "0x000002fc"
1730. },
1731. {
1732. "name": "RT_MANIFEST",
1733. "language": "LANG_ENGLISH",
1734. "filetype": "XML 1.0 document, ASCII text",
1735. "sublanguage": "SUBLANG_ENGLISH_US",
1736. "offset": "0x0002f9e0",
1737. "size": "0x000004cf"
1738. }
1739. ],
1740. "pe_versioninfo": [
1741. {
1742. "name": "LegalCopyright",
1743. "value": "Copyright \\xa9 1997-2017 Simon Tatham."
1744. },
1745. {
1746. "name": "InternalName",
1747. "value": "PuTTY"
1748. },
1749. {
1750. "name": "FileVersion",
1751. "value": "Release 0.70"
1752. },
1753. {
1754. "name": "CompanyName",
1755. "value": "Simon Tatham"
1756. },
1757. {
1758. "name": "ProductName",
1759. "value": "PuTTY suite"
1760. },
1761. {
1762. "name": "ProductVersion",
1763. "value": "Release 0.70"
1764. },
1765. {
1766. "name": "FileDescription",
1767. "value": "SSH, Telnet and Rlogin client"
1768. },
1769. {
1770. "name": "OriginalFilename",
1771. "value": "PuTTY"
1772. },
1773. {
1774. "name": "Translation",
1775. "value": "0x0809 0x04b0"
1776. }
1777. ],
1778. "pe_sections": [
1779. {
1780. "size_of_data": "0x00000200",
1781. "virtual_address": "0x00001000",
1782. "entropy": 0.06116285224115448,
1783. "name": ".00cfg",
1784. "virtual_size": "0x00000004"
1785. },
1786. {
1787. "size_of_data": "0x00024800",
1788. "virtual_address": "0x00002000",
1789. "entropy": 6.007486449013696,
1790. "name": ".rdata",
1791. "virtual_size": "0x00024720"
1792. },
1793. {
1794. "size_of_data": "0x00000000",
1795. "virtual_address": "0x00027000",
1796. "entropy": 0.0,
1797. "name": ".bss",
1798. "virtual_size": "0x00003aa4"
1799. },
1800. {
1801. "size_of_data": "0x00000c00",
1802. "virtual_address": "0x0002b000",
1803. "entropy": 2.7255018866081344,
1804. "name": ".data",
1805. "virtual_size": "0x00000b90"
1806. },
1807. {
1808. "size_of_data": "0x00000200",
1809. "virtual_address": "0x0002c000",
1810. "entropy": 1.9686687662684679,
1811. "name": ".gfids",
1812. "virtual_size": "0x000000b4"
1813. },
1814. {
1815. "size_of_data": "0x00003000",
1816. "virtual_address": "0x0002d000",
1817. "entropy": 3.933756989544843,
1818. "name": ".rsrc",
1819. "virtual_size": "0x00002eb0"
1820. },
1821. {
1822. "size_of_data": "0x00087c00",
1823. "virtual_address": "0x00030000",
1824. "entropy": 6.587120514679129,
1825. "name": ".text",
1826. "virtual_size": "0x00087ba6"
1827. },
1828. {
1829. "size_of_data": "0x00000800",
1830. "virtual_address": "0x000b8000",
1831. "entropy": 2.018747025647326,
1832. "name": ".xdata",
1833. "virtual_size": "0x0000060c"
1834. },
1835. {
1836. "size_of_data": "0x00002200",
1837. "virtual_address": "0x000b9000",
1838. "entropy": 5.563814568751843,
1839. "name": ".idata",
1840. "virtual_size": "0x000020d0"
1841. },
1842. {
1843. "size_of_data": "0x00006e00",
1844. "virtual_address": "0x000bc000",
1845. "entropy": 6.728714608895855,
1846. "name": ".reloc",
1847. "virtual_size": "0x00006db4"
1848. }
1849. ]
1850. },
1851. "debug": {
1852. "action": [
1853. "vmrouting"
1854. ],
1855. "dbgview": [],
1856. "errors": [
1857. "Error from machine 'cuckoo1': it appears that this Virtual Machine hasn't been configured properly as the Cuckoo Host wasn't able to connect to the Guest. There could be a few reasons for this, please refer to our documentation on the matter: https://cuckoo.sh/docs/faq/index.html#troubleshooting-vm-network-configuration",
1858. "Error processing task #2: it appears that the Virtual Machine hasn't been able to contact back to the Cuckoo Host. There could be a few reasons for this, please refer to our documentation on the matter: https://cuckoo.sh/docs/faq/index.html#troubleshooting-vm-network-configuration"
1859. ],
1860. "log": [],
1861. "cuckoo": [
1862. "2019-03-31 16:30:51,359 [cuckoo.core.scheduler] INFO: Task #2: acquired machine cuckoo1 (label=cuckoo1)\n",
1863. "2019-03-31 16:30:51,501 [cuckoo.auxiliary.sniffer] INFO: Started sniffer with PID 20880 (interface=vboxnet0, host=192.168.56.102)\n",
1864. "2019-03-31 16:30:51,502 [cuckoo.core.plugins] DEBUG: Started auxiliary module: Sniffer\n",
1865. "2019-03-31 16:30:51,936 [cuckoo.machinery.virtualbox] DEBUG: Starting vm cuckoo1\n",
1866. "2019-03-31 16:30:52,981 [cuckoo.machinery.virtualbox] DEBUG: Restoring virtual machine cuckoo1 to its current snapshot\n",
1867. "2019-03-31 16:31:00,318 [cuckoo.core.guest] INFO: Starting analysis on guest (id=cuckoo1, ip=192.168.56.102)\n",
1868. "2019-03-31 16:31:01,323 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
1869. "2019-03-31 16:31:02,327 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
1870. "2019-03-31 16:31:03,331 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
1871. "2019-03-31 16:31:04,341 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
1872. "2019-03-31 16:31:05,348 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
1873. "2019-03-31 16:31:06,357 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
1874. "2019-03-31 16:31:07,361 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
1875. "2019-03-31 16:31:08,365 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
1876. "2019-03-31 16:31:09,369 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
1877. "2019-03-31 16:31:10,373 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
1878. "2019-03-31 16:31:11,363 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
1879. "2019-03-31 16:31:13,368 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
1880. "2019-03-31 16:31:14,373 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
1881. "2019-03-31 16:31:15,367 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
1882. "2019-03-31 16:31:17,378 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
1883. "2019-03-31 16:31:18,646 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
1884. "2019-03-31 16:31:19,647 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
1885. "2019-03-31 16:31:21,653 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
1886. "2019-03-31 16:31:22,656 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
1887. "2019-03-31 16:31:23,655 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
1888. "2019-03-31 16:31:25,660 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
1889. "2019-03-31 16:31:26,664 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
1890. "2019-03-31 16:31:27,663 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
1891. "2019-03-31 16:31:29,671 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
1892. "2019-03-31 16:31:30,663 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
1893. "2019-03-31 16:31:32,668 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
1894. "2019-03-31 16:31:33,672 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
1895. "2019-03-31 16:31:34,663 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
1896. "2019-03-31 16:31:36,669 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
1897. "2019-03-31 16:31:37,674 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
1898. "2019-03-31 16:31:38,672 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
1899. "2019-03-31 16:31:40,677 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
1900. "2019-03-31 16:31:41,680 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
1901. "2019-03-31 16:31:42,680 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
1902. "2019-03-31 16:31:44,684 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
1903. "2019-03-31 16:31:45,689 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
1904. "2019-03-31 16:31:46,684 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
1905. "2019-03-31 16:31:48,690 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
1906. "2019-03-31 16:31:49,694 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
1907. "2019-03-31 16:31:50,691 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
1908. "2019-03-31 16:31:52,696 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
1909. "2019-03-31 16:31:53,932 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
1910. "2019-03-31 16:31:54,931 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
1911. "2019-03-31 16:31:57,132 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
1912. "2019-03-31 16:31:57,425 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
1913. "2019-03-31 16:31:58,431 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
1914. "2019-03-31 16:31:59,473 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
1915. "2019-03-31 16:32:00,622 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
1916. "2019-03-31 16:32:01,958 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
1917. "2019-03-31 16:32:02,963 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
1918. "2019-03-31 16:32:03,972 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
1919. "2019-03-31 16:32:04,977 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
1920. "2019-03-31 16:32:05,981 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
1921. "2019-03-31 16:32:06,986 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
1922. "2019-03-31 16:32:07,991 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
1923. "2019-03-31 16:32:09,218 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
1924. "2019-03-31 16:32:10,223 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
1925. "2019-03-31 16:32:11,228 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
1926. "2019-03-31 16:32:12,233 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
1927. "2019-03-31 16:32:13,240 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
1928. "2019-03-31 16:32:14,245 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
1929. "2019-03-31 16:32:15,249 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
1930. "2019-03-31 16:32:16,396 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
1931. "2019-03-31 16:32:17,402 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
1932. "2019-03-31 16:32:18,411 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
1933. "2019-03-31 16:32:19,426 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
1934. "2019-03-31 16:32:20,443 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
1935. "2019-03-31 16:32:21,459 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
1936. "2019-03-31 16:32:22,523 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
1937. "2019-03-31 16:32:23,555 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
1938. "2019-03-31 16:32:24,580 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
1939. "2019-03-31 16:32:25,605 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
1940. "2019-03-31 16:32:26,612 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
1941. "2019-03-31 16:32:27,624 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
1942. "2019-03-31 16:32:28,645 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
1943. "2019-03-31 16:32:29,917 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
1944. "2019-03-31 16:32:30,931 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
1945. "2019-03-31 16:32:31,944 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
1946. "2019-03-31 16:32:32,958 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
1947. "2019-03-31 16:32:33,966 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
1948. "2019-03-31 16:32:34,977 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
1949. "2019-03-31 16:32:35,992 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
1950. "2019-03-31 16:32:37,005 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
1951. "2019-03-31 16:32:38,016 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
1952. "2019-03-31 16:32:39,030 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
1953. "2019-03-31 16:32:40,040 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
1954. "2019-03-31 16:32:41,051 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
1955. "2019-03-31 16:32:42,070 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
1956. "2019-03-31 16:32:43,086 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
1957. "2019-03-31 16:32:44,099 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
1958. "2019-03-31 16:32:45,111 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
1959. "2019-03-31 16:32:46,125 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
1960. "2019-03-31 16:32:47,132 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
1961. "2019-03-31 16:32:48,146 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
1962. "2019-03-31 16:32:49,166 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
1963. "2019-03-31 16:32:50,178 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
1964. "2019-03-31 16:32:51,436 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
1965. "2019-03-31 16:32:52,466 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
1966. "2019-03-31 16:32:53,498 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
1967. "2019-03-31 16:32:54,538 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
1968. "2019-03-31 16:32:55,559 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
1969. "2019-03-31 16:32:56,616 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
1970. "2019-03-31 16:32:57,642 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
1971. "2019-03-31 16:32:58,671 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
1972. "2019-03-31 16:32:59,690 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
1973. "2019-03-31 16:33:00,703 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
1974. "2019-03-31 16:33:01,713 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
1975. "2019-03-31 16:33:02,725 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
1976. "2019-03-31 16:33:03,738 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
1977. "2019-03-31 16:33:04,754 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
1978. "2019-03-31 16:33:05,769 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
1979. "2019-03-31 16:33:06,782 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
1980. "2019-03-31 16:33:07,792 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
1981. "2019-03-31 16:33:08,804 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
1982. "2019-03-31 16:33:09,814 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
1983. "2019-03-31 16:33:10,825 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
1984. "2019-03-31 16:33:11,834 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
1985. "2019-03-31 16:33:12,846 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
1986. "2019-03-31 16:33:13,858 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
1987. "2019-03-31 16:33:14,870 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
1988. "2019-03-31 16:33:15,884 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
1989. "2019-03-31 16:33:16,898 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
1990. "2019-03-31 16:33:17,912 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
1991. "2019-03-31 16:33:18,926 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
1992. "2019-03-31 16:33:19,938 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
1993. "2019-03-31 16:33:20,951 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
1994. "2019-03-31 16:33:21,963 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
1995. "2019-03-31 16:33:22,978 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
1996. "2019-03-31 16:33:23,989 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
1997. "2019-03-31 16:33:25,002 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
1998. "2019-03-31 16:33:26,013 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
1999. "2019-03-31 16:33:27,025 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
2000. "2019-03-31 16:33:28,039 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
2001. "2019-03-31 16:33:29,052 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
2002. "2019-03-31 16:33:30,063 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
2003. "2019-03-31 16:33:31,074 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
2004. "2019-03-31 16:33:32,086 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
2005. "2019-03-31 16:33:33,097 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
2006. "2019-03-31 16:33:34,109 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
2007. "2019-03-31 16:33:35,121 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
2008. "2019-03-31 16:33:36,133 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
2009. "2019-03-31 16:33:37,150 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
2010. "2019-03-31 16:33:38,164 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
2011. "2019-03-31 16:33:39,176 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
2012. "2019-03-31 16:33:40,191 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
2013. "2019-03-31 16:33:41,206 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
2014. "2019-03-31 16:33:42,218 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
2015. "2019-03-31 16:33:43,228 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
2016. "2019-03-31 16:33:44,242 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
2017. "2019-03-31 16:33:45,256 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
2018. "2019-03-31 16:33:46,268 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
2019. "2019-03-31 16:33:47,275 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
2020. "2019-03-31 16:33:48,280 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
2021. "2019-03-31 16:33:49,291 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
2022. "2019-03-31 16:33:50,301 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
2023. "2019-03-31 16:33:51,308 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
2024. "2019-03-31 16:33:52,318 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
2025. "2019-03-31 16:33:53,326 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
2026. "2019-03-31 16:33:54,338 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
2027. "2019-03-31 16:33:55,349 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
2028. "2019-03-31 16:33:56,362 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
2029. "2019-03-31 16:33:57,377 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
2030. "2019-03-31 16:33:58,389 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
2031. "2019-03-31 16:33:59,402 [cuckoo.core.guest] DEBUG: cuckoo1: not ready yet\n",
2032. "2019-03-31 16:34:00,406 [cuckoo.core.scheduler] ERROR: Error from machine 'cuckoo1': it appears that this Virtual Machine hasn't been configured properly as the Cuckoo Host wasn't able to connect to the Guest. There could be a few reasons for this, please refer to our documentation on the matter: https://cuckoo.sh/docs/faq/index.html#troubleshooting-vm-network-configuration\n",
2033. "2019-03-31 16:34:00,472 [cuckoo.core.plugins] DEBUG: Stopped auxiliary module: Sniffer\n",
2034. "2019-03-31 16:34:00,473 [cuckoo.machinery.virtualbox] DEBUG: Stopping vm cuckoo1\n",
2035. "2019-03-31 16:34:02,892 [cuckoo.core.scheduler] DEBUG: Released database task #2\n",
2036. "2019-03-31 16:34:03,006 [cuckoo.core.plugins] DEBUG: Executed processing module \"AnalysisInfo\" for task #2\n",
2037. "2019-03-31 16:34:03,008 [cuckoo.processing.behavior] WARNING: Analysis results folder does not exist at path '/home/student/.cuckoo/storage/analyses/2/logs'.\n",
2038. "2019-03-31 16:34:03,009 [cuckoo.core.plugins] DEBUG: Executed processing module \"BehaviorAnalysis\" for task #2\n",
2039. "2019-03-31 16:34:03,010 [cuckoo.core.plugins] DEBUG: Executed processing module \"Dropped\" for task #2\n",
2040. "2019-03-31 16:34:03,011 [cuckoo.core.plugins] DEBUG: Executed processing module \"DroppedBuffer\" for task #2\n",
2041. "2019-03-31 16:34:03,015 [cuckoo.core.plugins] DEBUG: Executed processing module \"MetaInfo\" for task #2\n",
2042. "2019-03-31 16:34:03,016 [cuckoo.core.plugins] DEBUG: Executed processing module \"ProcessMemory\" for task #2\n",
2043. "2019-03-31 16:34:03,017 [cuckoo.core.plugins] DEBUG: Executed processing module \"Procmon\" for task #2\n",
2044. "2019-03-31 16:34:03,018 [cuckoo.core.plugins] DEBUG: Executed processing module \"Screenshots\" for task #2\n",
2045. "2019-03-31 16:34:05,511 [cuckoo.core.plugins] DEBUG: Executed processing module \"Static\" for task #2\n",
2046. "2019-03-31 16:34:05,571 [cuckoo.core.plugins] DEBUG: Executed processing module \"Strings\" for task #2\n",
2047. "2019-03-31 16:34:05,603 [cuckoo.core.plugins] DEBUG: Executed processing module \"TargetInfo\" for task #2\n",
2048. "2019-03-31 16:34:05,639 [cuckoo.core.plugins] DEBUG: Executed processing module \"NetworkAnalysis\" for task #2\n",
2049. "2019-03-31 16:34:05,655 [cuckoo.processing.virustotal] WARNING: Error fetching results from VirusTotal for \"81de431987304676134138705fc1c21188ad7f27edf6b77a6551aa693194485e\": Unable to fetch VirusTotal results: MaxRetryError(\"HTTPSConnectionPool(host='www.virustotal.com', port=443): Max retries exceeded with url: /vtapi/v2/file/report (Caused by NewConnectionError('<requests.packages.urllib3.connection.VerifiedHTTPSConnection object at 0x7ffb8447a2d0>: Failed to establish a new connection: [Errno -3] Temporary failure in name resolution',))\",)\n",
2050. "2019-03-31 16:34:05,655 [cuckoo.core.plugins] DEBUG: Executed processing module \"VirusTotal\" for task #2\n",
2051. "2019-03-31 16:34:05,656 [cuckoo.core.plugins] DEBUG: Executed processing module \"Extracted\" for task #2\n",
2052. "2019-03-31 16:34:05,656 [cuckoo.core.plugins] DEBUG: Executed processing module \"TLSMasterSecrets\" for task #2\n",
2053. "2019-03-31 16:34:05,656 [cuckoo.processing.debug] ERROR: Error processing task #2: it appears that the Virtual Machine hasn't been able to contact back to the Cuckoo Host. There could be a few reasons for this, please refer to our documentation on the matter: https://cuckoo.sh/docs/faq/index.html#troubleshooting-vm-network-configuration\n",
2054. "2019-03-31 16:34:05,673 [cuckoo.core.plugins] DEBUG: Executed processing module \"Debug\" for task #2\n",
2055. "2019-03-31 16:34:05,675 [cuckoo.core.plugins] DEBUG: Running 540 signatures\n",
2056. "2019-03-31 16:34:05,824 [cuckoo.core.plugins] DEBUG: Analysis matched signature: has_authenticode\n",
2057. "2019-03-31 16:34:05,824 [cuckoo.core.plugins] DEBUG: Analysis matched signature: pe_features\n"
2058. ]
2059. },
2060. "strings": [
2061. ".00cfg",
2062. "@.rdata",
2063. ".gfids",
2064. "@.rsrc",
2065. "`.xdata",
2066. "@.idata",
2067. "@.reloc",
2068. "Connecting to %s port %d",
2069. "Connecting to %s",
2070. "Failed to connect to %s: %s",
2071. "proxy: %s",
2072. "-telnet",
2073. "-rlogin",
2074. "-serial",
2075. "-loghost",
2076. "-hostkey",
2077. "'%s' is not a valid format for a manual host key specification",
2078. "-%c expects at least two colons in its argument",
2079. "%c%.*s",
2080. "-nc expects argument of form 'host:port'",
2081. "unable to open command file \"%s\"",
2082. "the -pw option can only be used with the SSH protocol",
2083. "-agent",
2084. "-pagent",
2085. "-pageant",
2086. "-noagent",
2087. "-nopagent",
2088. "-nopageant",
2089. "-sercfg",
2090. "the -sercfg option can only be used with the serial protocol",
2091. "Unrecognised suboption \"-sercfg %c\"",
2092. "Unrecognised suboption \"-sercfg %s\"",
2093. "-sessionlog",
2094. "-sshlog",
2095. "-sshrawlog",
2096. "-proxycmd",
2097. "-restrict-acl",
2098. "-restrict_acl",
2099. "-restrictacl",
2100. "option \"%s\" not available in this tool",
2101. "Cancel",
2102. "Basic options for your %s session",
2103. "Session",
2104. "Specify the destination you want to connect to",
2105. "hostport",
2106. "session.hostname:config-hostname",
2107. "Host Name (or IP address)",
2108. "Rlogin",
2109. "Telnet",
2110. "Connection type:",
2111. "Save the current session settings",
2112. "Load, save or delete a stored session",
2113. "savedsessions",
2114. "session.saved:config-saving",
2115. "Saved Sessions",
2116. "Delete",
2117. "otheropts",
2118. "Only on clean exit",
2119. "Always",
2120. "session.coe:config-closeonexit",
2121. "Close window on exit:",
2122. "Options controlling session logging",
2123. "Session/Logging",
2124. "SSH packets",
2125. "SSH packets and raw data",
2126. "All session output",
2127. "Printable output",
2128. "logging.main:config-logging",
2129. "Session logging:",
2130. "logging.filename:config-logfilename",
2131. "Select session log file name",
2132. "Log file name:",
2133. "(Log file name can contain &Y, &M, &D for date, &T for time, &H for host name, and &P for port number)",
2134. "Ask the user every time",
2135. "Always append to the end of it",
2136. "Always overwrite it",
2137. "logging.exists:config-logfileexists",
2138. "What to do if the log file already exists:",
2139. "logging.flush:config-logflush",
2140. "Flush log file frequently",
2141. "Options specific to SSH packet logging",
2142. "logging.ssh.omitpassword:config-logssh",
2143. "Omit known password fields",
2144. "logging.ssh.omitdata:config-logssh",
2145. "Omit session data",
2146. "Options controlling the terminal emulation",
2147. "Terminal",
2148. "Set various terminal options",
2149. "general",
2150. "terminal.autowrap:config-autowrap",
2151. "Auto wrap mode initially on",
2152. "terminal.decom:config-decom",
2153. "DEC Origin Mode initially on",
2154. "terminal.lfhascr:config-crlf",
2155. "Implicit CR in every LF",
2156. "terminal.crhaslf:config-lfcr",
2157. "Implicit LF in every CR",
2158. "terminal.bce:config-erase",
2159. "Use background colour to erase screen",
2160. "terminal.blink:config-blink",
2161. "Enable blinking text",
2162. "terminal.answerback:config-answerback",
2163. "Answerback to ^E:",
2164. "Line discipline options",
2165. "Force off",
2166. "Force on",
2167. "terminal.localecho:config-localecho",
2168. "Local echo:",
2169. "terminal.localedit:config-localedit",
2170. "Local line editing:",
2171. "Remote-controlled printing",
2172. "printing",
2173. "terminal.printing:config-printing",
2174. "Printer to send ANSI printer output to:",
2175. "Options controlling the effects of keys",
2176. "Terminal/Keyboard",
2177. "Change the sequences sent by:",
2178. "mappings",
2179. "Control-? (127)",
2180. "Control-H",
2181. "keyboard.backspace:config-backspace",
2182. "The Backspace key",
2183. "Standard",
2184. "keyboard.homeend:config-homeend",
2185. "The Home and End keys",
2186. "VT100+",
2187. "Xterm R6",
2188. "ESC[n~",
2189. "keyboard.funkeys:config-funkeys",
2190. "The Function keys and keypad",
2191. "Application keypad settings:",
2192. "appkeypad",
2193. "Application",
2194. "Normal",
2195. "keyboard.appcursor:config-appcursor",
2196. "Initial state of cursor keys:",
2197. "NetHack",
2198. "keyboard.appkeypad:config-appkeypad",
2199. "Initial state of numeric keypad:",
2200. "Options controlling the terminal bell",
2201. "Terminal/Bell",
2202. "Set the style of bell",
2203. "Visual bell (flash window)",
2204. "Make default system alert sound",
2205. "None (bell disabled)",
2206. "bell.style:config-bellstyle",
2207. "Action to happen when a bell occurs:",
2208. "Control the bell overload behaviour",
2209. "overload",
2210. "bell.overload:config-bellovl",
2211. "Bell is temporarily disabled when over-used",
2212. "Over-use means this many bells...",
2213. "... in this many seconds",
2214. "The bell is re-enabled after a few seconds of silence.",
2215. "Seconds of silence required",
2216. "Enabling and disabling advanced terminal features",
2217. "Terminal/Features",
2218. "features.application:config-features-application",
2219. "Disable application cursor keys mode",
2220. "Disable application keypad mode",
2221. "features.mouse:config-features-mouse",
2222. "Disable xterm-style mouse reporting",
2223. "features.resize:config-features-resize",
2224. "Disable remote-controlled terminal resizing",
2225. "features.altscreen:config-features-altscreen",
2226. "Disable switching to alternate terminal screen",
2227. "features.retitle:config-features-retitle",
2228. "Disable remote-controlled window title changing",
2229. "features.clearscroll:config-features-clearscroll",
2230. "Disable remote-controlled clearing of scrollback",
2231. "Window title",
2232. "Empty string",
2233. "features.qtitle:config-features-qtitle",
2234. "Response to remote title query (SECURITY):",
2235. "features.dbackspace:config-features-dbackspace",
2236. "Disable destructive backspace on server sending ^?",
2237. "features.charset:config-features-charset",
2238. "Disable remote-controlled character set configuration",
2239. "features.arabicshaping:config-features-shaping",
2240. "Disable Arabic text shaping",
2241. "features.bidi:config-features-bidi",
2242. "Disable bidirectional text display",
2243. "Options controlling %s's window",
2244. "Window",
2245. "Set the size of the window",
2246. "window.size:config-winsize",
2247. "Columns",
2248. "Control the scrollback in the window",
2249. "scrollback",
2250. "window.scrollback:config-scrollback",
2251. "Lines of scrollback",
2252. "Display scrollbar",
2253. "Reset scrollback on keypress",
2254. "Reset scrollback on display activity",
2255. "window.erased:config-erasetoscrollback",
2256. "Push erased text into scrollback",
2257. "Configure the appearance of %s's window",
2258. "Window/Appearance",
2259. "Adjust the use of the cursor",
2260. "cursor",
2261. "Vertical line",
2262. "Underline",
2263. "appearance.cursor:config-cursor",
2264. "Cursor appearance:",
2265. "Cursor blinks",
2266. "Font settings",
2267. "appearance.font:config-font",
2268. "Font used in the terminal window",
2269. "Adjust the use of the mouse pointer",
2270. "appearance.hidemouse:config-mouseptr",
2271. "Hide mouse pointer when typing in window",
2272. "Adjust the window border",
2273. "border",
2274. "appearance.border:config-winborder",
2275. "Gap between text and window edge:",
2276. "Configure the behaviour of %s's window",
2277. "Window/Behaviour",
2278. "Adjust the behaviour of the window title",
2279. "appearance.title:config-title",
2280. "Window title:",
2281. "Separate window and icon titles",
2282. "behaviour.closewarn:config-warnonclose",
2283. "Warn before closing window",
2284. "Options controlling character set translation",
2285. "Window/Translation",
2286. "Character set translation",
2287. "translation.codepage:config-charset",
2288. "Remote character set:",
2289. "tweaks",
2290. "translation.cjkambigwide:config-cjk-ambig-wide",
2291. "Treat CJK ambiguous characters as wide",
2292. "Adjust how %s handles line drawing characters",
2293. "linedraw",
2294. "Poor man's line drawing (+, - and |)",
2295. "Use Unicode line drawing code points",
2296. "translation.linedraw:config-linedraw",
2297. "Handling of line drawing characters:",
2298. "selection.linedraw:config-linedrawpaste",
2299. "Copy and paste line drawing characters as lqqqk",
2300. "Options controlling copy and paste",
2301. "Window/Selection",
2302. "Control use of mouse",
2303. "selection.shiftdrag:config-mouseshift",
2304. "Shift overrides application's use of mouse",
2305. "Rectangular block",
2306. "selection.rect:config-rectselect",
2307. "Default selection mode (Alt+drag does the other one):",
2308. "Control the select-one-word-at-a-time mode",
2309. "charclass",
2310. "selection.charclasses:config-charclasses",
2311. "Character classes:",
2312. "Set to class",
2313. "Options controlling use of colours",
2314. "Window/Colours",
2315. "General options for colour usage",
2316. "colours.ansi:config-ansicolour",
2317. "Allow terminal to specify ANSI colours",
2318. "colours.xterm256:config-xtermcolour",
2319. "Allow terminal to use xterm 256-colour mode",
2320. "The colour",
2321. "The font",
2322. "colours.bold:config-boldcolour",
2323. "Indicate bolded text by changing:",
2324. "Adjust the precise colours %s displays",
2325. "adjust",
2326. "colours.config:config-colourcfg",
2327. "Select a colour from the list, and then click the Modify button to change its appearance.",
2328. "Select a colour to adjust:",
2329. "RGB value:",
2330. "Modify",
2331. "Options controlling the connection",
2332. "Connection",
2333. "Sending of null packets to keep session active",
2334. "keepalive",
2335. "connection.keepalive:config-keepalive",
2336. "Seconds between keepalives (0 to turn off)",
2337. "Low-level TCP connection options",
2338. "connection.nodelay:config-nodelay",
2339. "Disable Nagle's algorithm (TCP_NODELAY option)",
2340. "connection.tcpkeepalive:config-tcp-keepalives",
2341. "Enable TCP keepalives (SO_KEEPALIVE option)",
2342. "Internet protocol version",
2343. "ipversion",
2344. "connection.ipversion:config-address-family",
2345. "Logical name of remote host (e.g. for SSH key lookup):",
2346. "Logical name of remote host:",
2347. "Logical name of remote host",
2348. "identity",
2349. "connection.loghost:config-loghost",
2350. "Data to send to the server",
2351. "Connection/Data",
2352. "Login details",
2353. "connection.username:config-username",
2354. "Auto-login username",
2355. "Use system username (%s)",
2356. "Prompt",
2357. "connection.usernamefromenv:config-username-from-env",
2358. "When username is not specified:",
2359. "Terminal details",
2360. "connection.termtype:config-termtype",
2361. "Terminal-type string",
2362. "connection.termspeed:config-termspeed",
2363. "Terminal speeds",
2364. "Environment variables",
2365. "telnet.environ:config-environ",
2366. "Variable",
2367. "Remove",
2368. "Options controlling proxy usage",
2369. "Connection/Proxy",
2370. "basics",
2371. "SOCKS 5",
2372. "SOCKS 4",
2373. "proxy.type:config-proxy-type",
2374. "Proxy type:",
2375. "proxy.main:config-proxy",
2376. "Proxy hostname",
2377. "proxy.exclude:config-proxy-exclude",
2378. "Exclude Hosts/IPs",
2379. "Consider proxying local host connections",
2380. "proxy.dns:config-proxy-dns",
2381. "Do DNS name lookup at proxy end:",
2382. "proxy.auth:config-proxy-auth",
2383. "Username",
2384. "Password",
2385. "proxy.command:config-proxy-command",
2386. "Telnet command",
2387. "Only until session starts",
2388. "proxy.logging:config-proxy-logging",
2389. "Print proxy diagnostics in the terminal window",
2390. "Options controlling Telnet connections",
2391. "Connection/Telnet",
2392. "Telnet protocol adjustments",
2393. "protocol",
2394. "RFC 1408 (unusual)",
2395. "BSD (commonplace)",
2396. "telnet.oldenviron:config-oldenviron",
2397. "Handling of OLD_ENVIRON ambiguity:",
2398. "Active",
2399. "Passive",
2400. "telnet.passive:config-ptelnet",
2401. "Telnet negotiation mode:",
2402. "telnet.specialkeys:config-telnetkey",
2403. "Keyboard sends Telnet special commands",
2404. "telnet.newline:config-telnetnl",
2405. "Return key sends Telnet New Line instead of ^M",
2406. "Options controlling Rlogin connections",
2407. "Connection/Rlogin",
2408. "rlogin.localuser:config-rlogin-localuser",
2409. "Local username:",
2410. "Options controlling SSH connections",
2411. "Connection/SSH",
2412. "disclaimer",
2413. "Nothing on this panel may be reconfigured in mid-session; it is only here so that sub-panels of it can exist without looking strange.",
2414. "ssh.command:config-command",
2415. "Remote command:",
2416. "Protocol options",
2417. "ssh.noshell:config-ssh-noshell",
2418. "Don't start a shell or command at all",
2419. "ssh.compress:config-ssh-comp",
2420. "Enable compression",
2421. "Sharing an SSH connection between PuTTY tools",
2422. "sharing",
2423. "ssh.sharing:config-ssh-sharing",
2424. "Share SSH connections if possible",
2425. "Permitted roles in a shared connection:",
2426. "Upstream (connecting to the real server)",
2427. "Downstream (connecting to the upstream PuTTY)",
2428. "1 (INSECURE)",
2429. "ssh.protocol:config-ssh-prot",
2430. "SSH protocol version:",
2431. "Options controlling SSH key exchange",
2432. "Connection/SSH/Kex",
2433. "Key exchange algorithm options",
2434. "ssh.kex.order:config-ssh-kex-order",
2435. "Algorithm selection policy:",
2436. "Options controlling key re-exchange",
2437. "repeat",
2438. "ssh.kex.repeat:config-ssh-kex-rekey",
2439. "Max minutes before rekey (0 for no limit)",
2440. "Max data before rekey (0 for no limit)",
2441. "(Use 1M for 1 megabyte, 1G for 1 gigabyte etc)",
2442. "Options controlling SSH host keys",
2443. "Connection/SSH/Host keys",
2444. "Host key algorithm preference",
2445. "ssh.hostkey.order:config-ssh-hostkey-order",
2446. "Manually configure host keys for this connection",
2447. "hostkeys",
2448. "ssh.kex.manualhostkeys:config-ssh-kex-manual-hostkeys",
2449. "Host keys or fingerprints to accept:",
2450. "Add key",
2451. "Options controlling SSH encryption",
2452. "Connection/SSH/Cipher",
2453. "Encryption options",
2454. "encryption",
2455. "ssh.ciphers:config-ssh-encryption",
2456. "Encryption cipher selection policy:",
2457. "Enable legacy use of single-DES in SSH-2",
2458. "Options controlling SSH authentication",
2459. "Connection/SSH/Auth",
2460. "ssh.auth.banner:config-ssh-banner",
2461. "Display pre-authentication banner (SSH-2 only)",
2462. "ssh.auth.bypass:config-ssh-noauth",
2463. "Bypass authentication entirely (SSH-2 only)",
2464. "Authentication methods",
2465. "methods",
2466. "ssh.auth.pageant:config-ssh-tryagent",
2467. "Attempt authentication using Pageant",
2468. "ssh.auth.tis:config-ssh-tis",
2469. "Attempt TIS or CryptoCard auth (SSH-1)",
2470. "ssh.auth.ki:config-ssh-ki",
2471. "Attempt \"keyboard-interactive\" auth (SSH-2)",
2472. "Authentication parameters",
2473. "params",
2474. "ssh.auth.agentfwd:config-ssh-agentfwd",
2475. "Allow agent forwarding",
2476. "ssh.auth.changeuser:config-ssh-changeuser",
2477. "Allow attempted changes of username in SSH-2",
2478. "ssh.auth.privkey:config-ssh-privkey",
2479. "Select private key file",
2480. "PuTTY Private Key Files (*.ppk)",
2481. "All Files (*.*)",
2482. "Private key file for authentication:",
2483. "Options controlling GSSAPI authentication",
2484. "Connection/SSH/Auth/GSSAPI",
2485. "gssapi",
2486. "ssh.auth.gssapi:config-ssh-auth-gssapi",
2487. "Attempt GSSAPI authentication (SSH-2 only)",
2488. "ssh.auth.gssapi.delegation:config-ssh-auth-gssapi-delegation",
2489. "Allow GSSAPI credential delegation",
2490. "ssh.auth.gssapi.libraries:config-ssh-auth-gssapi-libraries",
2491. "Preference order for GSSAPI libraries:",
2492. "Select library file",
2493. "Dynamic Library Files (*.dll)",
2494. "All Files (*.*)",
2495. "User-supplied GSSAPI library path:",
2496. "Remote terminal settings",
2497. "Connection/SSH/TTY",
2498. "sshtty",
2499. "ssh.nopty:config-ssh-pty",
2500. "Don't allocate a pseudo-terminal",
2501. "Terminal modes",
2502. "ttymodes",
2503. "ssh.ttymodes:config-ttymodes",
2504. "Terminal modes to send:",
2505. "For selected mode, send:",
2506. "Nothing",
2507. "Options controlling SSH X11 forwarding",
2508. "Connection/SSH/X11",
2509. "X11 forwarding",
2510. "ssh.tunnels.x11:config-ssh-x11",
2511. "Enable X11 forwarding",
2512. "X display location",
2513. "XDM-Authorization-1",
2514. "MIT-Magic-Cookie-1",
2515. "ssh.tunnels.x11auth:config-ssh-x11auth",
2516. "Remote X11 authentication protocol",
2517. "Options controlling SSH port forwarding",
2518. "Connection/SSH/Tunnels",
2519. "Port forwarding",
2520. "portfwd",
2521. "ssh.tunnels.portfwd.localhost:config-ssh-portfwd-localhost",
2522. "Local ports accept connections from other hosts",
2523. "Remote ports do the same (SSH-2 only)",
2524. "ssh.tunnels.portfwd:config-ssh-portfwd",
2525. "Forwarded ports:",
2526. "Add new forwarded port:",
2527. "Source port",
2528. "Destination",
2529. "Dynamic",
2530. "Remote",
2531. "ssh.tunnels.portfwd.ipversion:config-ssh-portfwd-address-family",
2532. "Workarounds for SSH server bugs",
2533. "Connection/SSH/Bugs",
2534. "Detection of known bugs in SSH servers",
2535. "ssh.bugs.ignore2:config-ssh-bug-ignore2",
2536. "Chokes on SSH-2 ignore messages",
2537. "ssh.bugs.rekey2:config-ssh-bug-rekey",
2538. "Handles SSH-2 key re-exchange badly",
2539. "ssh.bugs.winadj:config-ssh-bug-winadj",
2540. "Chokes on PuTTY's SSH-2 'winadj' requests",
2541. "ssh.bugs.winadj:config-ssh-bug-chanreq",
2542. "Replies to requests on closed channels",
2543. "ssh.bugs.maxpkt2:config-ssh-bug-maxpkt2",
2544. "Ignores SSH-2 maximum packet size",
2545. "Further workarounds for SSH server bugs",
2546. "Connection/SSH/More bugs",
2547. "ssh.bugs.rsapad2:config-ssh-bug-sig",
2548. "Requires padding on SSH-2 RSA signatures",
2549. "ssh.bugs.oldgex2:config-ssh-bug-oldgex2",
2550. "Only supports pre-RFC4419 SSH-2 DH GEX",
2551. "ssh.bugs.hmac2:config-ssh-bug-hmac2",
2552. "Miscomputes SSH-2 HMAC keys",
2553. "ssh.bugs.pksessid2:config-ssh-bug-pksessid2",
2554. "Misuses the session ID in SSH-2 PK auth",
2555. "ssh.bugs.derivekey2:config-ssh-bug-derivekey2",
2556. "Miscomputes SSH-2 encryption keys",
2557. "ssh.bugs.ignore1:config-ssh-bug-ignore1",
2558. "Chokes on SSH-1 ignore messages",
2559. "ssh.bugs.plainpw1:config-ssh-bug-plainpw1",
2560. "Refuses all SSH-1 password camouflage",
2561. "ssh.bugs.rsa1:config-ssh-bug-rsa1",
2562. "Chokes on SSH-1 RSA authentication",
2563. "Default Settings",
2564. "Serial line",
2565. "None (printing disabled)",
2566. "(0x%02X)",
2567. "ANVDefault Foreground",
2568. "Default Bold Foreground",
2569. "Default Background",
2570. "Default Bold Background",
2571. "Cursor Text",
2572. "Cursor Colour",
2573. "ANSI Black",
2574. "ANSI Black Bold",
2575. "ANSI Red",
2576. "ANSI Red Bold",
2577. "ANSI Green",
2578. "ANSI Green Bold",
2579. "ANSI Yellow",
2580. "ANSI Yellow Bold",
2581. "ANSI Blue",
2582. "ANSI Blue Bold",
2583. "ANSI Magenta",
2584. "ANSI Magenta Bold",
2585. "ANSI Cyan",
2586. "ANSI Cyan Bold",
2587. "ANSI White",
2588. "ANSI White Bold",
2589. "Diffie-Hellman group 1",
2590. "Diffie-Hellman group 14",
2591. "Diffie-Hellman group exchange",
2592. "RSA-based key exchange",
2593. "ECDH key exchange",
2594. "-- warn below here --",
2595. "Ed25519",
2596. "You need to specify a host key or fingerprint",
2597. "Host key is not in a valid format",
2598. "Specified host key is already listed",
2599. "ChaCha20 (SSH-2 only)",
2600. "Blowfish",
2601. "AES (SSH-2 only)",
2602. "Arcfour (SSH-2 only)",
2603. "(auto)",
2604. "(don't send)",
2605. "You need to specify a source port number",
2606. "You need to specify a destination address",
2607. "in the form \"host.name:port\"",
2608. "Specified forwarding already exists",
2609. "Proxy error: SOCKS proxy wants a different CHAP version",
2610. "Proxy error: SOCKS proxy won't negotiate CHAP with us",
2611. "Proxy error: SOCKS proxy refused CHAP authentication",
2612. "Proxy error: Server chose CHAP of other than HMAC-MD5 but we didn't offer it!",
2613. "Proxy error: Server chose CHAP authentication but we didn't offer it!",
2614. "<%02X>",
2615. "Event Log: %s",
2616. "Incoming",
2617. "Outgoing",
2618. "%s packet ",
2619. "#0x%lx, ",
2620. "type %d / 0x%02x (%s)",
2621. " on behalf of downstream #%u",
2622. "%Y-%m-%d %H:%M:%S",
2623. "%s raw data at %s",
2624. " (%d byte%s omitted)",
2625. " %08x%*s",
2626. "%Y.%m.%d %H:%M:%S",
2627. "=~=~=~=~=~=~=~=~=~=~=~= PuTTY log %s =~=~=~=~=~=~=~=~=~=~=~=",
2628. "SSH raw data",
2629. "unknown",
2630. "Disabled writing",
2631. "Error writing",
2632. "Appending",
2633. "Writing new",
2634. "%s session log (%s mode) to file: %s",
2635. "Disabled writing session log due to error while writing",
2636. "%H%M%S",
2637. "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/",
2638. "Out of memory!",
2639. "0123456789abcdefABCDEF:",
2640. "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz+/=",
2641. "Windows",
2642. "Build platform: %d-bit %s",
2643. "5.0.0 (http://llvm.org/git/clang.git dba970f4d143480b964f77b363ec23f22cea0390) (http://llvm.org/git/llvm.git 52ebe03cb0a728134e66d04f85281bc5a60d7091)",
2644. "%sCompiler: clang %s",
2645. ", emulating ",
2646. "Visual Studio",
2647. " 2013 / MSVC++ 12.0",
2648. " (_MSC_VER=%d)",
2649. "%sSource commit: %s",
2650. "%d.%d.%d.%d",
2651. "forwarding from %s",
2652. "forwarding",
2653. "Leaving host lookup to proxy of \"%s\" (for %s)",
2654. "Proxy error: Unknown proxy method",
2655. "Will use %s proxy at %s:%d to connect to %s:%d",
2656. "Proxy error: Unable to resolve proxy host name",
2657. "Connecting to %s proxy at %s port %d",
2658. "CONNECT %s:%i HTTP/1.1",
2659. "Host: %s:%i",
2660. "Proxy-Authorization: Basic ",
2661. "HTTP/%i.%i %n",
2662. "Proxy error: HTTP response was absent",
2663. "Proxy error: %s",
2664. "Proxy error: unexpected proxy error",
2665. "Proxy error: SOCKS version 4 does not support IPv6",
2666. "Proxy error: SOCKS proxy responded with unexpected reply code version",
2667. "Proxy error: SOCKS server wanted IDENTD on client",
2668. "Proxy error: Username and IDENTD on client don't agree",
2669. "Proxy error: Error while communicating with proxy",
2670. "Proxy error: SOCKS proxy returned unexpected version",
2671. "Proxy error: SOCKS proxy did not accept our authentication",
2672. "Proxy error: SOCKS password subnegotiation contained wrong version number",
2673. "Proxy error: SOCKS proxy refused password authentication",
2674. "Proxy error: SOCKS proxy returned wrong version number",
2675. "General SOCKS server failure",
2676. "Connection not allowed by ruleset",
2677. "Network unreachable",
2678. "Host unreachable",
2679. "Connection refused",
2680. "Command not supported",
2681. "Address type not supported",
2682. "Unrecognised SOCKS error code %d",
2683. "Proxy error: SOCKS proxy returned unrecognised address format",
2684. "Proxy error: We don't support GSSAPI authentication",
2685. "Proxy error: Server chose username/password authentication but we didn't offer it!",
2686. "Proxy error: Unexpected proxy error",
2687. "proxyhost",
2688. "proxyport",
2689. "\\x%02X",
2690. "Sending Telnet proxy command: %s",
2691. " (IPv4)",
2692. " (IPv6)",
2693. "Looking up host \"%s\"%s for %s",
2694. "main connection",
2695. "rlogin",
2696. "rlogin connection",
2697. "Rlogin login name",
2698. "rlogin username: ",
2699. "0123456789",
2700. "Serial",
2701. "Options controlling local serial lines",
2702. "Connection/Serial",
2703. "Select a serial line",
2704. "serline",
2705. "serial.line:config-serial-line",
2706. "Serial line to connect to",
2707. "Configure the serial line",
2708. "sercfg",
2709. "serial.speed:config-serial-speed",
2710. "Speed (baud)",
2711. "serial.databits:config-serial-databits",
2712. "Data bits",
2713. "serial.stopbits:config-serial-stopbits",
2714. "Stop bits",
2715. "serial.parity:config-serial-parity",
2716. "Parity",
2717. "serial.flow:config-serial-flow",
2718. "Flow control",
2719. "XON/XOFF",
2720. "RTS/CTS",
2721. "DSR/DTR",
2722. "REPRINT",
2723. "WERASE",
2724. "STATUS",
2725. "DISCARD",
2726. "IGNPAR",
2727. "PARMRK",
2728. "ISTRIP",
2729. "IMAXBEL",
2730. "ICANON",
2731. "ECHONL",
2732. "NOFLSH",
2733. "TOSTOP",
2734. "IEXTEN",
2735. "ECHOCTL",
2736. "ECHOKE",
2737. "PENDIN",
2738. "ONLRET",
2739. "PARENB",
2740. "PARODD",
2741. "Present",
2742. "HostName",
2743. "LogFileName",
2744. "LogType",
2745. "LogFileClash",
2746. "LogFlush",
2747. "SSHLogOmitPasswords",
2748. "SSHLogOmitData",
2749. "Protocol",
2750. "PortNumber",
2751. "CloseOnExit",
2752. "WarnOnClose",
2753. "PingInterval",
2754. "PingIntervalSecs",
2755. "TCPNoDelay",
2756. "TCPKeepalives",
2757. "TerminalType",
2758. "TerminalSpeed",
2759. "TerminalModes",
2760. "AddressFamily",
2761. "ProxyExcludeList",
2762. "ProxyDNS",
2763. "ProxyLocalhost",
2764. "ProxyMethod",
2765. "ProxyHost",
2766. "ProxyPort",
2767. "ProxyUsername",
2768. "ProxyPassword",
2769. "ProxyTelnetCommand",
2770. "ProxyLogToTerm",
2771. "Environment",
2772. "UserName",
2773. "UserNameFromEnvironment",
2774. "LocalUserName",
2775. "Compression",
2776. "TryAgent",
2777. "AgentFwd",
2778. "GssapiFwd",
2779. "ChangeUsername",
2780. "Cipher",
2781. "HostKey",
2782. "RekeyTime",
2783. "RekeyBytes",
2784. "SshNoAuth",
2785. "SshBanner",
2786. "AuthTIS",
2787. "AuthKI",
2788. "AuthGSSAPI",
2789. "GSSLibs",
2790. "GSSCustom",
2791. "SshNoShell",
2792. "SshProt",
2793. "LogHost",
2794. "SSH2DES",
2795. "PublicKeyFile",
2796. "RemoteCommand",
2797. "RFCEnviron",
2798. "PassiveTelnet",
2799. "BackspaceIsDelete",
2800. "RXVTHomeEnd",
2801. "LinuxFunctionKeys",
2802. "NoApplicationKeys",
2803. "NoApplicationCursors",
2804. "NoMouseReporting",
2805. "NoRemoteResize",
2806. "NoAltScreen",
2807. "NoRemoteWinTitle",
2808. "NoRemoteClearScroll",
2809. "RemoteQTitleAction",
2810. "NoDBackspace",
2811. "NoRemoteCharset",
2812. "ApplicationCursorKeys",
2813. "ApplicationKeypad",
2814. "NetHackKeypad",
2815. "AltSpace",
2816. "AltOnly",
2817. "ComposeKey",
2818. "CtrlAltKeys",
2819. "TelnetKey",
2820. "TelnetRet",
2821. "LocalEcho",
2822. "LocalEdit",
2823. "Answerback",
2824. "AlwaysOnTop",
2825. "FullScreenOnAltEnter",
2826. "HideMousePtr",
2827. "SunkenEdge",
2828. "WindowBorder",
2829. "CurType",
2830. "BlinkCur",
2831. "BeepInd",
2832. "BellWaveFile",
2833. "BellOverload",
2834. "BellOverloadN",
2835. "BellOverloadT",
2836. "BellOverloadS",
2837. "ScrollbackLines",
2838. "DECOriginMode",
2839. "AutoWrapMode",
2840. "LFImpliesCR",
2841. "CRImpliesLF",
2842. "DisableArabicShaping",
2843. "DisableBidi",
2844. "WinNameAlways",
2845. "WinTitle",
2846. "TermWidth",
2847. "TermHeight",
2848. "FontQuality",
2849. "FontVTMode",
2850. "UseSystemColours",
2851. "TryPalette",
2852. "ANSIColour",
2853. "Xterm256Colour",
2854. "BoldAsColour",
2855. "Colour%d",
2856. "%d,%d,%d",
2857. "RawCNP",
2858. "PasteRTF",
2859. "MouseIsXterm",
2860. "RectSelect",
2861. "MouseOverride",
2862. "Wordness%d",
2863. "LineCodePage",
2864. "CJKAmbigWide",
2865. "UTF8Override",
2866. "Printer",
2867. "CapsLockCyr",
2868. "ScrollBar",
2869. "ScrollBarFullScreen",
2870. "ScrollOnKey",
2871. "ScrollOnDisp",
2872. "EraseToScrollback",
2873. "LockSize",
2874. "BlinkText",
2875. "X11Forward",
2876. "X11Display",
2877. "X11AuthType",
2878. "X11AuthFile",
2879. "LocalPortAcceptAll",
2880. "RemotePortAcceptAll",
2881. "PortForwardings",
2882. "BugIgnore1",
2883. "BugPlainPW1",
2884. "BugRSA1",
2885. "BugIgnore2",
2886. "BugHMAC2",
2887. "BugDeriveKey2",
2888. "BugRSAPad2",
2889. "BugPKSessID2",
2890. "BugRekey2",
2891. "BugMaxPkt2",
2892. "BugOldGex2",
2893. "BugWinadj",
2894. "BugChanReq",
2895. "StampUtmp",
2896. "LoginShell",
2897. "ScrollbarOnLeft",
2898. "BoldFont",
2899. "WideFont",
2900. "WideBoldFont",
2901. "ShadowBold",
2902. "ShadowBoldOffset",
2903. "SerialLine",
2904. "SerialSpeed",
2905. "SerialDataBits",
2906. "SerialStopHalfbits",
2907. "SerialParity",
2908. "SerialFlowControl",
2909. "WindowClass",
2910. "ConnectionSharing",
2911. "ConnectionSharingUpstream",
2912. "ConnectionSharingDownstream",
2913. "SSHManualHostKeys",
2914. "default",
2915. "38400,38400",
2916. "ProxyType",
2917. "ProxySOCKSVersion",
2918. "connect %host %port\\n",
2919. "ecdh,dh-gex-sha1,dh-group14-sha1,rsa,WARN,dh-group1-sha1",
2920. "ecdh,dh-group14-sha1,rsa,WARN,dh-group1-sha1,dh-gex-sha1",
2921. "BugDHGEx2",
2922. "dh-group14-sha1,dh-group1-sha1,rsa,WARN,dh-gex-sha1",
2923. "dh-gex-sha1,dh-group14-sha1,dh-group1-sha1,rsa,WARN",
2924. "ed25519,ecdsa,rsa,dsa,WARN",
2925. "NoRemoteQTitle",
2926. "187,187,187",
2927. "255,255,255",
2928. "85,85,85",
2929. "0,255,0",
2930. "187,0,0",
2931. "255,85,85",
2932. "0,187,0",
2933. "85,255,85",
2934. "187,187,0",
2935. "255,255,85",
2936. "0,0,187",
2937. "85,85,255",
2938. "187,0,187",
2939. "255,85,255",
2940. "0,187,187",
2941. "85,255,255",
2942. "0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0",
2943. "0,1,2,1,1,1,1,1,1,1,1,1,1,2,2,2,2,2,2,2,2,2,2,2,2,2,1,1,1,1,1,1",
2944. "1,2,2,2,2,2,2,2,2,2,2,2,2,2,2,2,2,2,2,2,2,2,2,2,2,2,2,1,1,1,1,2",
2945. "1,2,2,2,2,2,2,2,2,2,2,2,2,2,2,2,2,2,2,2,2,2,2,2,2,2,2,1,1,1,1,1",
2946. "1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1",
2947. "2,2,2,2,2,2,2,2,2,2,2,2,2,2,2,2,2,2,2,2,2,2,2,1,2,2,2,2,2,2,2,2",
2948. "BuggyMAC",
2949. "chacha20",
2950. "blowfish",
2951. "arcfour",
2952. "dh-gex-sha1",
2953. "dh-group14-sha1",
2954. "dh-group1-sha1",
2955. "ed25519",
2956. "SizeTipClass",
2957. "Could not set up connection sharing: %s",
2958. "Could not set up connection sharing as downstream: %s",
2959. "Could not set up connection sharing as upstream: %s",
2960. "Using existing shared connection at %s",
2961. "Reusing a shared connection to this server.",
2962. "Sharing this connection at %s",
2963. "0123456789abcdef:",
2964. "due to local error: %s",
2965. "Connection sharing downstream #%u connected from %s",
2966. "Connection sharing downstream #%u connected",
2967. "Connection sharing downstream #%u disconnected",
2968. "Connection sharing downstream #%u: %s",
2969. "Connection sharing: %s",
2970. "Opening connection to %s:%d for %s",
2971. "direct-tcpip",
2972. "0.0.0.0",
2973. "All channels closed",
2974. "Disconnected: %s",
2975. "Disconnected",
2976. "too much data sent",
2977. "password",
2978. "x11-req",
2979. "SSH2_MSG_USERAUTH_GSSAPI_RESPONSE",
2980. "SSH2_MSG_USERAUTH_GSSAPI_TOKEN",
2981. "SSH2_MSG_USERAUTH_GSSAPI_EXCHANGE_COMPLETE",
2982. "SSH2_MSG_USERAUTH_GSSAPI_ERROR",
2983. "SSH2_MSG_USERAUTH_GSSAPI_ERRTOK",
2984. "SSH2_MSG_USERAUTH_GSSAPI_MIC",
2985. "SSH2_MSG_DISCONNECT",
2986. "SSH2_MSG_IGNORE",
2987. "SSH2_MSG_UNIMPLEMENTED",
2988. "SSH2_MSG_DEBUG",
2989. "SSH2_MSG_SERVICE_REQUEST",
2990. "SSH2_MSG_SERVICE_ACCEPT",
2991. "SSH2_MSG_KEXINIT",
2992. "SSH2_MSG_NEWKEYS",
2993. "SSH2_MSG_KEXDH_INIT",
2994. "SSH2_MSG_KEXDH_REPLY",
2995. "SSH2_MSG_KEX_DH_GEX_REQUEST_OLD",
2996. "SSH2_MSG_KEX_DH_GEX_REQUEST",
2997. "SSH2_MSG_KEX_DH_GEX_GROUP",
2998. "SSH2_MSG_KEX_DH_GEX_INIT",
2999. "SSH2_MSG_KEX_DH_GEX_REPLY",
3000. "SSH2_MSG_KEXRSA_PUBKEY",
3001. "SSH2_MSG_KEXRSA_SECRET",
3002. "SSH2_MSG_KEXRSA_DONE",
3003. "SSH2_MSG_KEX_ECDH_INIT",
3004. "SSH2_MSG_KEX_ECDH_REPLY",
3005. "SSH2_MSG_USERAUTH_REQUEST",
3006. "SSH2_MSG_USERAUTH_FAILURE",
3007. "SSH2_MSG_USERAUTH_SUCCESS",
3008. "SSH2_MSG_USERAUTH_BANNER",
3009. "SSH2_MSG_USERAUTH_PK_OK",
3010. "SSH2_MSG_USERAUTH_PASSWD_CHANGEREQ",
3011. "SSH2_MSG_USERAUTH_INFO_REQUEST",
3012. "SSH2_MSG_USERAUTH_INFO_RESPONSE",
3013. "SSH2_MSG_GLOBAL_REQUEST",
3014. "SSH2_MSG_REQUEST_SUCCESS",
3015. "SSH2_MSG_REQUEST_FAILURE",
3016. "SSH2_MSG_CHANNEL_OPEN",
3017. "SSH2_MSG_CHANNEL_OPEN_CONFIRMATION",
3018. "SSH2_MSG_CHANNEL_OPEN_FAILURE",
3019. "SSH2_MSG_CHANNEL_WINDOW_ADJUST",
3020. "SSH2_MSG_CHANNEL_DATA",
3021. "SSH2_MSG_CHANNEL_EXTENDED_DATA",
3022. "SSH2_MSG_CHANNEL_EOF",
3023. "SSH2_MSG_CHANNEL_CLOSE",
3024. "SSH2_MSG_CHANNEL_REQUEST",
3025. "SSH2_MSG_CHANNEL_SUCCESS",
3026. "SSH2_MSG_CHANNEL_FAILURE",
3027. "key exchange algorithm",
3028. "host key algorithm",
3029. "client-to-server cipher",
3030. "server-to-client cipher",
3031. "client-to-server MAC",
3032. "server-to-client MAC",
3033. "client-to-server compression method",
3034. "server-to-client compression method",
3035. "SSHCONNECTION@putty.projects.tartarus.org-",
3036. "expected key exchange packet from server",
3037. "KEXINIT packet was incomplete",
3038. "Couldn't agree a %s (available: %.*s)",
3039. "Server supports delayed compression; will try this later",
3040. "key-exchange algorithm",
3041. "Unexpected data from server while waiting for user response",
3042. "User aborted at kex warning",
3043. "host key type",
3044. "User aborted at host key warning",
3045. "User aborted at cipher warning",
3046. "Doing Diffie-Hellman group exchange",
3047. "expected key exchange group packet from server",
3048. "unable to read mp-ints from incoming group packet",
3049. "Using Diffie-Hellman with standard group \"%s\"",
3050. "Doing Diffie-Hellman key exchange with hash %s",
3051. "expected key exchange reply packet from server",
3052. "unable to parse key exchange reply packet",
3053. "key exchange reply failed validation: %s",
3054. "Doing ECDH key exchange with curve %s and hash %s",
3055. "Unable to generate key for ECDH",
3056. "Unable to encode public key for ECDH",
3057. "expected ECDH reply packet from server",
3058. "unable to parse ECDH reply packet",
3059. "Unable to encode public key for ECDH hash",
3060. "point received in ECDH was not valid",
3061. "Doing RSA key exchange with hash %s",
3062. "expected RSA public key packet from server",
3063. "unable to parse RSA public key packet",
3064. "unable to parse RSA public key from server",
3065. "expected signature packet from server",
3066. "unable to parse signature packet",
3067. "Server's host key is invalid",
3068. "Server's host key did not match the signature supplied",
3069. "any of them",
3070. "Server also has %s host key%s, but we don't know %s",
3071. "Host key fingerprint is:",
3072. "Host key did not appear in manually configured list",
3073. "Unexpected data from server while waiting for user host key response",
3074. "Aborted at host key verification",
3075. "Storing additional host key for this host:",
3076. "Host key was different in repeat key exchange",
3077. "Initialised %.200s client->server encryption",
3078. " (required by cipher)",
3079. " (in ETM mode)",
3080. "Initialised %.200s client->server MAC algorithm%s%s",
3081. "Initialised %s compression",
3082. "expected new-keys packet from server",
3083. "Initialised %.200s server->client encryption",
3084. "Initialised %.200s server->client MAC algorithm%s%s",
3085. "Initialised %s decompression",
3086. "Server initiated key re-exchange",
3087. "Server bug prevents key re-exchange (%s)",
3088. "Initiating key re-exchange (%s)",
3089. "Public key packet not received",
3090. "Received public keys",
3091. "SSH-1 public key packet stopped before random cookie",
3092. "Failed to read SSH-1 public keys from public key packet",
3093. "SSH-1 public keys were badly formatted",
3094. "User aborted at host key verification",
3095. "SSH-1 public key encryptions failed due to bad formatting",
3096. "Encrypted session key",
3097. "AES not supported in SSH-1, skipping",
3098. "single-DES",
3099. "Server violates SSH-1 protocol by not supporting 3DES encryption",
3100. "No supported ciphers found",
3101. "cipher",
3102. "Using 3DES encryption",
3103. "Using single-DES encryption",
3104. "Using Blowfish encryption",
3105. "Trying to enable encryption...",
3106. "Initialised %s encryption",
3107. "Installing CRC compensation attack detector",
3108. "Encryption not successfully enabled",
3109. "Successfully started encryption",
3110. "SSH login name",
3111. "login as: ",
3112. "No username provided",
3113. "Sent username \"%s\"",
3114. "Reading key file \"%.150s\"",
3115. "Key file contains public key only",
3116. "Unable to load key (%s)",
3117. "Unable to load key file \"%.150s\" (%s)",
3118. "Unable to use this key file (%s)",
3119. "Unable to use key file \"%.150s\" (%s)",
3120. "Pageant is running. Requesting keys.",
3121. "Unexpected data from server while waiting for agent response",
3122. "Pageant reported negative key count %d",
3123. "Pageant has %d SSH-1 keys",
3124. "Pageant key list packet was truncated",
3125. "Pageant key #%d matches configured key file",
3126. "Trying Pageant key #%d",
3127. "Key refused",
3128. "Received RSA challenge",
3129. "Server's RSA challenge was badly formatted",
3130. "Sending Pageant's response",
3131. "Pageant's response accepted",
3132. "Authenticated using RSA key \"",
3133. "\" from agent",
3134. "Pageant's response not accepted",
3135. "Pageant failed to answer challenge",
3136. "No reply received from Pageant",
3137. "Configured key file not in Pageant",
3138. "Failed to get reply from Pageant",
3139. "Trying public key authentication.",
3140. "Trying public key \"%s\"",
3141. "No passphrase required.",
3142. "SSH key passphrase",
3143. "Passphrase for key \"%.100s\": ",
3144. "Unable to authenticate",
3145. "Couldn't load private key from ",
3146. "Wrong passphrase.",
3147. "Server refused our public key.",
3148. "Bizarre response to offer of public key",
3149. "Failed to authenticate with our public key.",
3150. "Bizarre response to RSA authentication response",
3151. "Requested TIS authentication",
3152. "TIS authentication declined",
3153. "TIS authentication refused.",
3154. "TIS challenge packet was badly formed",
3155. "Received TIS challenge",
3156. "SSH TIS authentication",
3157. "Response: ",
3158. "Using TIS authentication.%s%s",
3159. "Requested CryptoCard authentication",
3160. "CryptoCard authentication declined",
3161. "CryptoCard authentication refused.",
3162. "CryptoCard challenge packet was badly formed",
3163. "Received CryptoCard challenge",
3164. "SSH CryptoCard authentication",
3165. "Using CryptoCard authentication.%s%s",
3166. "No supported authentication methods available",
3167. "SSH password",
3168. "%s@%s's password: ",
3169. "Sending password with camouflage packets",
3170. "Sending length-padded password",
3171. "Sending unpadded password",
3172. "Sent password",
3173. "Access denied",
3174. "Authentication refused",
3175. "Strange packet received, type %d",
3176. "Authentication successful",
3177. "SSH1_MSG_DISCONNECT",
3178. "SSH1_SMSG_PUBLIC_KEY",
3179. "SSH1_CMSG_SESSION_KEY",
3180. "SSH1_CMSG_USER",
3181. "SSH1_CMSG_AUTH_RSA",
3182. "SSH1_SMSG_AUTH_RSA_CHALLENGE",
3183. "SSH1_CMSG_AUTH_RSA_RESPONSE",
3184. "SSH1_CMSG_AUTH_PASSWORD",
3185. "SSH1_CMSG_REQUEST_PTY",
3186. "SSH1_CMSG_WINDOW_SIZE",
3187. "SSH1_CMSG_EXEC_SHELL",
3188. "SSH1_CMSG_EXEC_CMD",
3189. "SSH1_SMSG_SUCCESS",
3190. "SSH1_SMSG_FAILURE",
3191. "SSH1_CMSG_STDIN_DATA",
3192. "SSH1_SMSG_STDOUT_DATA",
3193. "SSH1_SMSG_STDERR_DATA",
3194. "SSH1_CMSG_EOF",
3195. "SSH1_SMSG_EXIT_STATUS",
3196. "SSH1_MSG_CHANNEL_OPEN_CONFIRMATION",
3197. "SSH1_MSG_CHANNEL_OPEN_FAILURE",
3198. "SSH1_MSG_CHANNEL_DATA",
3199. "SSH1_MSG_CHANNEL_CLOSE",
3200. "SSH1_MSG_CHANNEL_CLOSE_CONFIRMATION",
3201. "SSH1_SMSG_X11_OPEN",
3202. "SSH1_CMSG_PORT_FORWARD_REQUEST",
3203. "SSH1_MSG_PORT_OPEN",
3204. "SSH1_CMSG_AGENT_REQUEST_FORWARDING",
3205. "SSH1_SMSG_AGENT_OPEN",
3206. "SSH1_MSG_IGNORE",
3207. "SSH1_CMSG_EXIT_CONFIRMATION",
3208. "SSH1_CMSG_X11_REQUEST_FORWARDING",
3209. "SSH1_CMSG_AUTH_RHOSTS_RSA",
3210. "SSH1_MSG_DEBUG",
3211. "SSH1_CMSG_REQUEST_COMPRESSION",
3212. "SSH1_CMSG_AUTH_TIS",
3213. "SSH1_SMSG_AUTH_TIS_CHALLENGE",
3214. "SSH1_CMSG_AUTH_TIS_RESPONSE",
3215. "SSH1_CMSG_AUTH_CCARD",
3216. "SSH1_SMSG_AUTH_CCARD_CHALLENGE",
3217. "SSH1_CMSG_AUTH_CCARD_RESPONSE",
3218. "timeout",
3219. "ssh-userauth",
3220. "ssh-connection",
3221. "Server refused service request",
3222. "Pageant response contained a negative key count %d",
3223. "Pageant response was truncated",
3224. "Pageant has %d SSH-2 keys",
3225. "Using username \"%s\".",
3226. "Access granted",
3227. "Strange packet received during authentication: type %d",
3228. "Server refused our key",
3229. "Server refused our key",
3230. "Server refused public-key signature despite accepting key!",
3231. "Server refused public-key signature despite accepting key!",
3232. "Server refused keyboard-interactive authentication",
3233. "Keyboard-interactive authentication failed",
3234. "Password authentication failed",
3235. "Further authentication required",
3236. "Further authentication required",
3237. "publickey",
3238. "keyboard-interactive",
3239. "gssapi-with-mic",
3240. "Authenticating with public key \"",
3241. "Offered public key",
3242. "Offer of public key accepted",
3243. "Wrong passphrase",
3244. "Unable to load private key (",
3245. "Sent public key signature",
3246. "Attempting GSSAPI authentication",
3247. "GSSAPI authentication request refused",
3248. "GSSAPI authentication - wrong response from server",
3249. "GSSAPI import name failed - Bad service name",
3250. "GSSAPI import name failed",
3251. "GSSAPI authentication failed to get credentials",
3252. "GSSAPI authentication initialisation failed",
3253. "GSSAPI authentication initialised",
3254. "GSSAPI authentication - bad server response",
3255. "GSSAPI authentication loop finished OK",
3256. "Attempting keyboard-interactive authentication",
3257. "SSH server: %.*s",
3258. "SSH server authentication",
3259. "Using keyboard-interactive authentication.%s%.*s",
3260. "Server requested password change",
3261. "Server rejected new password",
3262. "New SSH password",
3263. "Current password (blank for previously entered password): ",
3264. "Enter new password: ",
3265. "Confirm new password: ",
3266. "Passwords do not match",
3267. "Sent new password",
3268. "No supported authentication methods available (server sent: %.*s)",
3269. "enabling delayed compression",
3270. "main channel",
3271. "session",
3272. "Opening session as main channel",
3273. "Server sent strange packet %d in response to main channel open request",
3274. "Server's response to main channel open cited wrong channel number",
3275. "Server refused to open main channel: %s",
3276. "Opened main channel",
3277. "simple@putty.projects.tartarus.org",
3278. "X11 forwarding not enabled: unable to initialise X display",
3279. "subsystem",
3280. "Unexpected response to shell/command request: packet type %d",
3281. "Primary command failed; attempting fallback",
3282. "Server refused to start a shell/command",
3283. "Started a shell/command",
3284. "Strange packet received: type %d",
3285. "ssh-rsa",
3286. "nonexistent",
3287. "half-open",
3288. "Received %s for %s channel %u",
3289. "Administratively prohibited",
3290. "Connect failed",
3291. "Unknown channel type",
3292. "Resource shortage",
3293. "unknown reason code %#x",
3294. "%s [%.*s]",
3295. "Forwarded connection refused by server: %s",
3296. "exit-status",
3297. "Server sent command exit status %d",
3298. "exit-signal",
3299. " \"%.*s\"",
3300. " (\"%.*s\")",
3301. " (core dumped)",
3302. "Server exited on signal%s%s%s",
3303. "Received X11 connect request from %s:%d",
3304. "X11 forwarding is not enabled",
3305. "Opened X11 forward channel",
3306. "forwarded-tcpip",
3307. "Received remote port %s:%d open request from %.*s:%d",
3308. "Remote port is not recognised",
3309. "Attempting to forward remote port to %s:%d",
3310. "Port open failed: %s",
3311. "Port open failed",
3312. "Forwarded port opened successfully",
3313. "auth-agent@openssh.com",
3314. "Agent forwarding is not enabled",
3315. "Unsupported channel type requested",
3316. "Rejected channel open: %s",
3317. "Server protocol violation: unexpected %s packet",
3318. "Service lookup failed for source port \"%s\"",
3319. "Service lookup failed for destination port \"%s\"",
3320. "remote",
3321. "dynamic",
3322. "%s port forwarding from %s%s%d",
3323. "%s to %s:%d",
3324. "Cancelling %s",
3325. "cancel-tcpip-forward",
3326. "localhost",
3327. "%s%s%s%s%d%s",
3328. "%s:%s%s%d%s",
3329. " failed: ",
3330. "Local %sport %s forwarding to %s%s%s",
3331. "Local %sport %s SOCKS dynamic forwarding%s%s",
3332. "Duplicate remote port forwarding to %s:%d",
3333. "Requesting remote port %s forward to %s",
3334. "tcpip-forward",
3335. "Remote port forwarding from %s enabled",
3336. "Remote port forwarding from %s refused",
3337. "Requesting X11 forwarding",
3338. "X11 forwarding enabled",
3339. "X11 forwarding refused",
3340. "Requesting OpenSSH-style agent forwarding",
3341. "auth-agent-req@openssh.com",
3342. "Agent forwarding enabled",
3343. "Agent forwarding refused",
3344. "pty-req",
3345. "Allocated pty (ospeed %dbps, ispeed %dbps)",
3346. "Server refused to allocate pty",
3347. "Sent %d environment variables",
3348. "All environment variables successfully set",
3349. "All environment variables refused",
3350. "Server refused to set environment variables",
3351. "%d environment variables refused",
3352. "Server refused to set all environment variables",
3353. "Server unexpectedly closed network connection",
3354. "Server closed network connection",
3355. "Forwarded X11 connection terminated",
3356. "Agent-forwarding connection closed",
3357. "Forwarded port closed",
3358. "winadj@putty.projects.tartarus.org",
3359. "SSH connection",
3360. "Server version: %s",
3361. "Server announces compatibility with SSH-1 in bare ssh-connection protocol",
3362. "Bare ssh-connection protocol cannot be run in SSH-1-only mode",
3363. "Using bare ssh-connection protocol",
3364. "1.2.18",
3365. "1.2.19",
3366. "1.2.20",
3367. "1.2.21",
3368. "1.2.22",
3369. "Cisco-1.25",
3370. "OSU_1.4alpha3",
3371. "OSU_1.5alpha4",
3372. "We believe remote version has SSH-1 ignore bug",
3373. "We believe remote version needs a plain SSH-1 password",
3374. "We believe remote version can't handle SSH-1 RSA authentication",
3375. "* VShell",
3376. "2.1.0*",
3377. "2.2.0*",
3378. "2.3.0*",
3379. "We believe remote version has SSH-2 HMAC bug",
3380. "2.0.0*",
3381. "2.0.10*",
3382. "We believe remote version has SSH-2 key-derivation bug",
3383. "OpenSSH_2.[5-9]*",
3384. "OpenSSH_3.[0-2]*",
3385. "mod_sftp/0.[0-8]*",
3386. "mod_sftp/0.9.[0-8]",
3387. "We believe remote version has SSH-2 RSA padding bug",
3388. "OpenSSH_2.[0-2]*",
3389. "We believe remote version has SSH-2 public-key-session-ID bug",
3390. "DigiSSH_2.0",
3391. "OpenSSH_2.[0-4]*",
3392. "OpenSSH_2.5.[0-3]*",
3393. "Sun_SSH_1.0",
3394. "Sun_SSH_1.0.1",
3395. "WeOnlyDo-*",
3396. "We believe remote version has SSH-2 rekey bug",
3397. "1.36_sshlib GlobalSCAPE",
3398. "1.36 sshlib: GlobalScape",
3399. "We believe remote version ignores SSH-2 maximum packet size",
3400. "We believe remote version has SSH-2 ignore bug",
3401. "OpenSSH_2.[235]*",
3402. "We believe remote version has outdated SSH-2 GEX",
3403. "We believe remote version has winadj bug",
3404. "OpenSSH_[2-5].*",
3405. "OpenSSH_6.[0-6]*",
3406. "dropbear_0.[2-4][0-9]*",
3407. "dropbear_0.5[01]*",
3408. "We believe remote version has SSH-2 channel request bug",
3409. "Received disconnect message (%s)",
3410. "Received disconnect message (unknown type %d)",
3411. "Disconnection message text: %.*s",
3412. "Server sent disconnect message",
3413. "type %d (%s):",
3414. "\"%.*s\"",
3415. "host not allowed to connect",
3416. "protocol error",
3417. "key exchange failed",
3418. "host authentication failed",
3419. "MAC error",
3420. "compression error",
3421. "service not available",
3422. "protocol version not supported",
3423. "host key not verifiable",
3424. "connection lost",
3425. "by application",
3426. "too many connections",
3427. "auth cancelled by user",
3428. "no more auth methods available",
3429. "illegal user name",
3430. "Remote debug message: %.*s",
3431. "Invalid packet length received",
3432. "SSH protocol version 1 required by our configuration but not provided by server",
3433. "SSH protocol version 2 required by our configuration but server only provides (old, insecure) SSH-1",
3434. "Using SSH protocol version %d",
3435. "too much data received",
3436. "No valid incoming packet found",
3437. "Incoming packet length field was garbled",
3438. "Incorrect MAC received on packet",
3439. "Incoming packet was garbled on decryption",
3440. "Invalid padding length on received packet",
3441. "Requesting agent forwarding",
3442. "Protocol confusion",
3443. "Server refused to compress",
3444. "Started compression",
3445. "Initialised zlib (RFC1950) compression",
3446. "Initialised zlib (RFC1950) decompression",
3447. "Started session",
3448. "Incoming terminal data packet was badly formed",
3449. "Forwarded connection refused by server",
3450. "Received CHANNEL_CLOSE_CONFIRMATION for channel %u for which we never sent CHANNEL_CLOSE",
3451. "Received X11 connect request",
3452. "Rejected X11 connect request",
3453. "Rejected remote port open request for %s:%d",
3454. "Received remote port open request for %s:%d",
3455. "Server sent disconnect message:",
3456. "\"%.*s\"",
3457. "Extremely large packet length from server suggests data stream corruption",
3458. "Network attack (CRC compensation) detected!",
3459. "Incorrect CRC received on packet",
3460. "Zlib decompression encountered invalid data",
3461. "%s2.0-%s",
3462. "SSH-%s-%s",
3463. "We claim version: %.*s",
3464. "timeout shortened",
3465. "data limit lowered",
3466. "compression setting changed",
3467. "cipher settings changed",
3468. "window-change",
3469. "Sent EOF message",
3470. "at user request",
3471. "cross-certifying new host key",
3472. "Unable to send BREAK signal in SSH-1",
3473. "signal",
3474. "Sent signal SIG%s",
3475. "IGNORE message",
3476. "Repeat key exchange",
3477. "SIGINT (Interrupt)",
3478. "SIGTERM (Terminate)",
3479. "SIGKILL (Kill)",
3480. "SIGQUIT (Quit)",
3481. "SIGHUP (Hangup)",
3482. "More signals",
3483. "SIGABRT",
3484. "SIGALRM",
3485. "SIGFPE",
3486. "SIGILL",
3487. "SIGPIPE",
3488. "SIGSEGV",
3489. "SIGUSR1",
3490. "SIGUSR2",
3491. "Cache new host key type",
3492. "='9-6d",
3493. "_jbF~T",
3494. "11#?*0",
3495. ",4$8_@",
3496. "t\\lHBW",
3497. "QPeA~S",
3498. ">4$8,@",
3499. "p\\lHtW",
3500. "+HpXhE",
3501. "T[$:.6",
3502. "=j&&LZ66lA??~",
3503. "}{))R>",
3504. "f\"\"D~**T",
3505. "V22dN::t",
3506. "o%%Jr..\\$",
3507. "&&Lj66lZ??~A",
3508. "99rKJJ",
3509. "==zGdd",
3510. "\"\"Df**T~",
3511. ";22dV::tN",
3512. "$$Hl\\\\",
3513. "C77nYmm",
3514. "%%Jo..\\r",
3515. "\u001f\u001f>!KK",
3516. "55j_WW",
3517. "&Lj&6lZ6?~A?",
3518. "~=zG=d",
3519. "\"Df\"*T~*",
3520. "2dV2:tN:",
3521. "x%Jo%.\\r.",
3522. "t\u001f>!\u001fK",
3523. "a5j_5W",
3524. "ggV}++",
3525. "Lj&&lZ66~A??",
3526. "bS11*?",
3527. "Xt,,4.",
3528. "RRvM;;",
3529. "MMfU33",
3530. "PPxD<<%",
3531. "Bc!! 0",
3532. "~~zG==",
3533. "Df\"\"T~**;",
3534. "dV22tN::",
3535. "xxJo%%\\r..8$",
3536. "tt>!\u001f\u001f",
3537. "pp|B>>q",
3538. "aaj_55",
3539. "UUPx((",
3540. "aes256-ctr",
3541. "AES-256 SDCTR",
3542. "aes256-cbc",
3543. "AES-256 CBC",
3544. "rijndael-cbc@lysator.liu.se",
3545. "aes192-ctr",
3546. "AES-192 SDCTR",
3547. "aes192-cbc",
3548. "AES-192 CBC",
3549. "aes128-ctr",
3550. "AES-128 SDCTR",
3551. "aes128-cbc",
3552. "AES-128 CBC",
3553. "arcfour128",
3554. "Arcfour-128",
3555. "arcfour256",
3556. "Arcfour-256",
3557. " iciNWq",
3558. "Ze2Zh@",
3559. "A4x{%`",
3560. "BFUa.X",
3561. "w``u N",
3562. "Blowfish-128 CBC",
3563. "blowfish-ctr",
3564. "Blowfish-256 SDCTR",
3565. "blowfish-cbc",
3566. "expand 32-byte k",
3567. "chacha20-poly1305@openssh.com",
3568. "ChaCha20",
3569. "Poly1305",
3570. "Qkkbal",
3571. "triple-DES inner-CBC",
3572. "single-DES CBC",
3573. "3des-ctr",
3574. "triple-DES SDCTR",
3575. "3des-cbc",
3576. "triple-DES CBC",
3577. "des-cbc",
3578. "des-cbc@ssh.com",
3579. "f value received is too small",
3580. "f value received is too large",
3581. "diffie-hellman-group1-sha1",
3582. "group1",
3583. "diffie-hellman-group14-sha1",
3584. "group14",
3585. "diffie-hellman-group-exchange-sha256",
3586. "diffie-hellman-group-exchange-sha1",
3587. "ssh-dss",
3588. "0123456789abcdef",
3589. "DSA deterministic k generator",
3590. "fffffffffffffffffffffffffffffffX0123456789abcdef",
3591. "U)l:T^8rv",
3592. "ssh-ed25519",
3593. "ecdsa-sha2-nistp256",
3594. "ecdsa-sha2-nistp384",
3595. "ecdsa-sha2-nistp521",
3596. "ECDSA deterministic k generator",
3597. "nistp256",
3598. "nistp384",
3599. "nistp521",
3600. "curve25519-sha256@libssh.org",
3601. "Curve25519",
3602. "ecdh-sha2-nistp256",
3603. "ecdh-sha2-nistp384",
3604. "ecdh-sha2-nistp521",
3605. "6666666666666666\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\hmac-md5",
3606. "hmac-md5-etm@openssh.com",
3607. "HMAC-MD5",
3608. "can't open file",
3609. "SSH PRIVATE KEY FILE FORMAT 1.1",
3610. "not an SSH-1 RSA file",
3611. "key bit count does not match in SSH-1 public key file",
3612. "PuTTY-User-Key-File-2",
3613. "PuTTY-User-Key-File-1",
3614. "PuTTY-User-Key-File-",
3615. "PuTTY key format too new",
3616. "not a PuTTY SSH-2 private key",
3617. "file format error",
3618. "Encryption",
3619. "Comment",
3620. "Public-Lines",
3621. "Private-Lines",
3622. "Private-MAC",
3623. "Private-Hash",
3624. "wrong passphrase",
3625. "MAC failed",
3626. "createkey failed",
3627. "---- BEGIN SSH2 PUBLIC KEY ----",
3628. "invalid begin line in SSH-2 public key file",
3629. "truncated SSH-2 public key file",
3630. "Subject",
3631. "unrecognised header in SSH-2 public key file",
3632. "---- END SSH2 PUBLIC KEY ----",
3633. "invalid end line in SSH-2 public key file",
3634. "not enough data in SSH-2 public key file",
3635. "invalid algorithm prefix in SSH-2 public key file",
3636. "no key blob in OpenSSH public key file",
3637. "invalid length for base64 data in OpenSSH public key file",
3638. "key algorithms do not match in OpenSSH public key file",
3639. "putty-private-key-file-mac-key",
3640. "---- BEGIN SSH2 PUBLIC KEY",
3641. "PuTTY-User-Key-File-",
3642. "---- BEGIN SSH2 ENCRYPTED PRIVAT",
3643. "-----BEGIN OPENSSH PRIVATE KEY",
3644. "-----BEGIN ",
3645. "%02x%s",
3646. "%.*s %d %s",
3647. "%.*s %s",
3648. "unable to open file",
3649. "not a recognised key file format",
3650. "SSH-1 public key",
3651. "SSH-2 public key (RFC 4716 format)",
3652. "SSH-2 public key (OpenSSH format)",
3653. "SSH-1 private key",
3654. "PuTTY SSH-2 private key",
3655. "OpenSSH SSH-2 private key (old PEM format)",
3656. "OpenSSH SSH-2 private key (new format)",
3657. "ssh.com SSH-2 private key",
3658. "INTERNAL ERROR (OPENSSH_AUTO)",
3659. "INTERNAL ERROR",
3660. "error reading file",
3661. "rsa_verify failed",
3662. "0123456789abcdef",
3663. "%s%02x",
3664. "RSA deterministic blinding",
3665. "rsa2048-sha256",
3666. "rsa1024-sha1",
3667. "SHA-256",
3668. "hmac-sha2-256",
3669. "hmac-sha2-256-etm@openssh.com",
3670. "HMAC-SHA-256",
3671. "SHA-512",
3672. "AQLwH'",
3673. "XGJSHA-384",
3674. "hmac-sha1",
3675. "hmac-sha1-etm@openssh.com",
3676. "HMAC-SHA1",
3677. "hmac-sha1-96",
3678. "hmac-sha1-96-etm@openssh.com",
3679. "HMAC-SHA1-96",
3680. "bug-compatible HMAC-SHA1",
3681. "bug-compatible HMAC-SHA1-96",
3682. "downstream refused X channel open",
3683. "window adjustment after downstream accepted X channel",
3684. "%s@%s:%d",
3685. "PuTTY downstream no longer available",
3686. "cancel-tcpip-forward",
3687. "SSHCONNECTION@putty.projects.tartarus.org-2.0-",
3688. "cleanup after downstream went away",
3689. "SSHCONNECTION@putty.projects.tartarus.org-2.0-",
3690. "listening socket: %s",
3691. "Socket error: %s",
3692. "Version string far too long",
3693. "Version string did not have expected prefix",
3694. "Downstream version string: %.*s",
3695. "Bad packet length %u",
3696. "Truncated GLOBAL_REQUEST packet",
3697. "upstream added want_reply flag",
3698. "Truncated CHANNEL_OPEN packet",
3699. "Truncated CHANNEL_OPEN_CONFIRMATION packet",
3700. "CHANNEL_OPEN_CONFIRMATION packet cited unknown channel %u",
3701. "Initial window size for x11 channel must be at least 256 (got %u)",
3702. "Truncated CHANNEL_OPEN_FAILURE packet",
3703. "CHANNEL_OPEN_FAILURE packet cited unknown channel %u",
3704. "Agent forwarding request for unrecognised channel %u",
3705. "X11 forwarding request for unrecognised channel %u",
3706. "Truncated CHANNEL_REQUEST(\"x11\") packet",
3707. "Unexpected packet type %d",
3708. "zlib@openssh.com",
3709. "zlib (RFC1950)",
3710. "telnet",
3711. "Telnet connection",
3712. "server",
3713. "BINARY",
3714. "NAOCRD",
3715. "NAOHTS",
3716. "NAOHTD",
3717. "NAOFFD",
3718. "NAOVTS",
3719. "NAOVTD",
3720. "NAOLFD",
3721. "XASCII",
3722. "LOGOUT",
3723. "SUPDUP",
3724. "SUPDUPOUTPUT",
3725. "SNDLOC",
3726. "OUTMRK",
3727. "TTYLOC",
3728. "3270REGIME",
3729. "TSPEED",
3730. "LINEMODE",
3731. "XDISPLOC",
3732. "OLD_ENVIRON",
3733. "AUTHENTICATION",
3734. "ENCRYPT",
3735. "NEW_ENVIRON",
3736. "TN3270E",
3737. "CHARSET",
3738. "COM_PORT_OPTION",
3739. "STARTTLS",
3740. "KERMIT",
3741. "SEND_URL",
3742. "FORWARD_X",
3743. "PRAGMA_LOGON",
3744. "SSPI_LOGON",
3745. "PRAGMA_HEARTBEAT",
3746. "<unknown>",
3747. "server:",
3748. "SB TSPEED SEND",
3749. "client:",
3750. "SB TSPEED IS %s",
3751. "server:",
3752. "SB TSPEED <something weird>",
3753. "server:",
3754. "SB TTYPE SEND",
3755. "client:",
3756. "SB TTYPE IS %s",
3757. "server:",
3758. "SB TTYPE <something weird>",
3759. "server:",
3760. "SB %s SEND",
3761. "client:",
3762. "SB %s IS <nothing>",
3763. "client:",
3764. "SB %s IS:",
3765. "USER=%s",
3766. "client",
3767. "client:",
3768. "SB NAWS %d,%d",
3769. "Are You There",
3770. "Erase Character",
3771. "Erase Line",
3772. "Go Ahead",
3773. "No Operation",
3774. "Abort Process",
3775. "Abort Output",
3776. "Interrupt Process",
3777. "Suspend Process",
3778. "End Of Record",
3779. "End Of File",
3780. "[<%d;%d;%d%c",
3781. "[%d;%d;%dM",
3782. "[M%c%c%c",
3783. "line==NULL in terminal.c",
3784. "lineno=%d y=%d w=%d h=%d",
3785. "count(scrollback=%p)=%d",
3786. "count(screen=%p)=%d",
3787. "count(alt=%p)=%d alt_sblines=%d",
3788. "whichtree=%p treeindex=%d",
3789. "Please contact <putty@projects.tartarus.org> and pass on the above information.",
3790. "[>0;136;0c",
3791. "[%d;%dR",
3792. "[3;%u;%ut",
3793. "[4;%d;%dt",
3794. "[8;%d;%dt",
3795. "[2;1;1;112;112;1;0x",
3796. "Release 0.70",
3797. "PuTTY-Release-0.70",
3798. "3cd10509a51edf5a21cdc80aabf7e6a934522d47",
3799. "'' occurred at end of string (expected another character)",
3800. "expected ']' to close character class",
3801. "character range was not terminated (']' just after '-')",
3802. "crypt32.dll",
3803. "CryptProtectMemory",
3804. "Display scrollbar in full screen mode",
3805. "Enable extra keyboard features:",
3806. "features",
3807. "keyboard.compose:config-compose",
3808. "AltGr acts as Compose key",
3809. "keyboard.ctrlalt:config-ctrlalt",
3810. "Control-Alt is different from AltGr",
3811. "Play a custom sound file",
3812. "Beep using the PC speaker",
3813. "Select bell sound file",
3814. "Wave Files (*.wav)",
3815. "All Files (*.*)",
3816. "Custom sound file to play as a bell:",
3817. "Steady",
3818. "Flashing",
3819. "Disabled",
3820. "bell.taskbar:config-belltaskbar",
3821. "Taskbar/caption indication on bell:",
3822. "Sunken-edge border (slightly thicker)",
3823. "Allow selection of variable-pitch fonts",
3824. "Default",
3825. "ClearType",
3826. "Non-Antialiased",
3827. "Antialiased",
3828. "Font quality:",
3829. "translation.cyrillic:config-cyr",
3830. "Caps Lock acts as Cyrillic switch",
3831. "Character set translation on received data",
3832. "(Codepages supported by Windows but not listed here, such as CP866 on many systems, can be entered manually)",
3833. "Adjust how %s displays line drawing characters",
3834. "Font has XWindows encoding",
3835. "Use font in both ANSI and OEM modes",
3836. "Use font in OEM mode only",
3837. "Formatting of pasted characters",
3838. "format",
3839. "selection.rtf:config-rtfpaste",
3840. "Paste to clipboard in RTF as well as plain text",
3841. "xterm (Right extends, Middle pastes)",
3842. "Compromise (Middle extends, Right pastes)",
3843. "Windows (Middle extends, Right brings up menu)",
3844. "selection.buttons:config-mouse",
3845. "Action of mouse buttons:",
3846. "colours.logpal:config-logpalette",
3847. "Attempt to use logical palettes",
3848. "colours.system:config-syscolour",
3849. "Use system colours",
3850. "Forbid resizing completely",
3851. "Change font size only when maximised",
3852. "Change the size of the font",
3853. "Change the number of rows and columns",
3854. "window.resize:config-winsizelock",
3855. "When window is resized:",
3856. "behaviour.altf4:config-altf4",
3857. "Window closes on ALT-F4",
3858. "behaviour.altspace:config-altspace",
3859. "System menu appears on ALT-Space",
3860. "behaviour.altonly:config-altonly",
3861. "System menu appears on ALT alone",
3862. "behaviour.alwaysontop:config-alwaysontop",
3863. "Ensure window is always on top",
3864. "behaviour.altenter:config-fullscreen",
3865. "Full screen on Alt-Enter",
3866. "Telnet command, or local proxy command",
3867. "ssh.tunnels.xauthority:config-ssh-xauthority",
3868. "Select X authority file",
3869. "X authority file for local display",
3870. "comctl32.dll",
3871. "InitCommonControls",
3872. "MakeDragList",
3873. "LBItemFromPt",
3874. "DrawInsert",
3875. "LISTBOX",
3876. "STATIC",
3877. "BUTTON",
3878. "COMBOBOX",
3879. "Bro&wse...",
3880. "Change...",
3881. "commctrl_DragListMsg",
3882. "All Files (*.*)",
3883. "bold, ",
3884. "Font: %s, %sdefault height",
3885. "Font: %s, %s%d-%s",
3886. "Courier New",
3887. "putty.log",
3888. "%s Configuration",
3889. "%s Error",
3890. "%s Reconfiguration",
3891. "%Y-%m-%d %H:%M:%S",
3892. "The server's host key is not cached in the registry. You",
3893. "have no guarantee that the server is the computer you",
3894. "think it is.",
3895. "The server's %s key fingerprint is:",
3896. "If you trust this host, hit Yes to add the key to",
3897. "%s's cache and carry on connecting.",
3898. "If you want to carry on connecting just once, without",
3899. "adding the key to the cache, hit No.",
3900. "If you do not trust this host, hit Cancel to abandon the",
3901. "connection.",
3902. "WARNING - POTENTIAL SECURITY BREACH!",
3903. "The server's host key does not match the one %s has",
3904. "cached in the registry. This means that either the",
3905. "server administrator has changed the host key, or you",
3906. "have actually connected to another computer pretending",
3907. "to be the server.",
3908. "The new %s key fingerprint is:",
3909. "If you were expecting this change and trust the new key,",
3910. "hit Yes to update %s's cache and continue connecting.",
3911. "If you want to carry on connecting but without updating",
3912. "the cache, hit No.",
3913. "If you want to abandon the connection completely, hit",
3914. "Cancel. Hitting Cancel is the ONLY guaranteed safe",
3915. "choice.",
3916. "%s Security Alert",
3917. "%s Security Alert",
3918. "The first %s supported by the server",
3919. "is %.64s, which is below the configured",
3920. "warning threshold.",
3921. "Do you want to continue with this connection?",
3922. "%s Security Alert",
3923. "The first host key type we have stored for this server",
3924. "is %s, which is below the configured warning threshold.",
3925. "The server also provides the following types of host key",
3926. "above the threshold, which we do not have stored:",
3927. "Do you want to continue with this connection?",
3928. "The session log file \"%.*s\" already exists.",
3929. "You can overwrite it with a new session log,",
3930. "append your session log to the end of it,",
3931. "or disable session logging for this session.",
3932. "Hit Yes to wipe the file, No to append to it,",
3933. "or Cancel to disable logging.",
3934. "%s Key File Warning",
3935. "You are loading an SSH-2 private key which has an",
3936. "old version of the file format. This means your key",
3937. "file is not fully tamperproof. Future versions of",
3938. "%s may stop supporting this private key format,",
3939. "so we recommend you convert your key to the new",
3940. "format.",
3941. "You can perform this conversion by loading the key",
3942. "into PuTTYgen and then saving it again.",
3943. "%s Log to File",
3944. "About %s",
3945. " 1997-2017 Simon Tatham. All rights reserved.",
3946. "https://www.chiark.greenend.org.uk/~sgtatham/putty/",
3947. "%s Licence",
3948. "PuTTY is copyright 1997-2017 Simon Tatham.",
3949. "Portions copyright Robert de Bath, Joris van Rantwijk, Delian Delchev, Andreas Schultz, Jeroen Massar, Wez Furlong, Nicolas Barry, Justin Bradford, Ben Harris, Malcolm Smith, Ahmad Khalifa, Markus Kuhn, Colin Watson, Christopher Staite, and CORE SDI S.A.",
3950. "Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the \"Software\"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:",
3951. "The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.",
3952. "THE SOFTWARE IS PROVIDED \"AS IS\", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.",
3953. "PuTTYConfigBox",
3954. "Cate&gory:",
3955. "SysTreeView32",
3956. "%s Event Log",
3957. "?USER32",
3958. "GetSystemMetrics",
3959. "MonitorFromWindow",
3960. "MonitorFromRect",
3961. "MonitorFromPoint",
3962. "EnumDisplayMonitors",
3963. "GetMonitorInfoA",
3964. "EnumDisplayDevicesA",
3965. "DISPLAY",
3966. "MNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz@[\\]^_`{",
3967. "HL.FIG",
3968. "%s Fatal Error",
3969. "Windows refuses to report a version",
3970. "MSWHEEL_ROLLMSG",
3971. "Failed to initialize COM subsystem",
3972. "option \"%s\" requires an argument",
3973. "-cleanup",
3974. "This procedure will remove ALL Registry entries",
3975. "associated with %s, and will also remove",
3976. "the random seed file. (This only affects the",
3977. "currently logged-in user.)",
3978. "THIS PROCESS WILL DESTROY YOUR SAVED SESSIONS.",
3979. "Are you really sure you want to continue?",
3980. "%s Warning",
3981. "-pgpfp",
3982. "telnet:",
3983. "unknown option \"%s\"",
3984. "&Paste",
3985. "&Event Log",
3986. "Ne&w Session...",
3987. "&Duplicate Session",
3988. "Sa&ved Sessions",
3989. "Chan&ge Settings...",
3990. "C&opy All to Clipboard",
3991. "C&lear Scrollback",
3992. "Rese&t Terminal",
3993. "&Full Screen",
3994. "&About %s",
3995. "Running with restricted process ACL",
3996. "do_select(): internal error (hwnd==NULL)",
3997. "Network is down",
3998. "WSAAsyncSelect(): unknown error",
3999. "S&pecial Command",
4000. "%.70s Fatal Error",
4001. "%.70s Command Line Error",
4002. "Connection closed by remote host",
4003. "{\\rtf1\\ansi\\deff0{\\fonttbl\\f0\\fmodern %s;}\\f0\\fs%d",
4004. "\\red%d\\green%d\\blue%d;",
4005. "\\cf%d ",
4006. "\\highlight%d ",
4007. "\\ulnone ",
4008. "{\\uc%d\\u%d",
4009. "\\'%02x",
4010. "Rich Text Format",
4011. "%.70s Error",
4012. "Unable to play sound file",
4013. "Using default sound instead",
4014. "%.70s Sound Error",
4015. "%s Internal Error",
4016. "Unsupported protocol number found",
4017. "Unable to open connection to",
4018. "%.800s",
4019. "%s - %s",
4020. "(No sessions)",
4021. "%.70s (inactive)",
4022. "&Restart Session",
4023. "%s Exit Confirmation",
4024. "Are you sure you want to close this session?",
4025. "putty %s&%p:%u",
4026. "putty %s@%s",
4027. "putty%s%s",
4028. "----- Session restarted -----",
4029. " HLMEIG",
4030. "user32.dll",
4031. "winmm.dll",
4032. "FlashWindowEx",
4033. "ToUnicodeEx",
4034. "PlaySoundA",
4035. "MIT Kerberos GSSAPI32.DLL",
4036. "Microsoft SSPI SECUR32.DLL",
4037. "User-specified GSSAPI DLL",
4038. "gssapi32",
4039. "custom",
4040. "kernel32.dll",
4041. "AddDllDirectory",
4042. "SOFTWARE\\MIT\\Kerberos",
4043. "InstallDir",
4044. "Using GSSAPI from GSSAPI32.DLL",
4045. "gss_delete_sec_context",
4046. "gss_display_status",
4047. "gss_get_mic",
4048. "gss_import_name",
4049. "gss_init_sec_context",
4050. "gss_release_buffer",
4051. "gss_release_cred",
4052. "gss_release_name",
4053. "secur32.dll",
4054. "Using SSPI from SECUR32.DLL",
4055. "AcquireCredentialsHandleA",
4056. "InitializeSecurityContextA",
4057. "FreeContextBuffer",
4058. "FreeCredentialsHandle",
4059. "DeleteSecurityContext",
4060. "QueryContextAttributesA",
4061. "MakeSignature",
4062. "Using GSSAPI from user-specified library '%s'",
4063. "Kerberos",
4064. "SSPI status OK",
4065. "The handle passed to the function is invalid.",
4066. "The target was not recognized.",
4067. "The logon failed.",
4068. "The Local Security Authority cannot be contacted.",
4069. "No credentials are available in the security package.",
4070. "No authority could be contacted for authentication.The domain name of the authenticating party could be wrong, the domain could be unreachable, or there might have been a trust relationship failure.",
4071. "One or more of the SecBufferDesc structures passed as an OUT parameter has a buffer that is too small.",
4072. "The error is due to a malformed input token, such as a token corrupted in transit, a token of incorrect size, or a token passed into the wrong security package. Passing a token to the wrong package can happen if client and server did not negotiate the proper security package.",
4073. "Internal SSPI error",
4074. "hhctrl.ocx",
4075. "HtmlHelpA",
4076. "%s::/%s.html>main",
4077. "JI(`',`%.*s')",
4078. "GetNamedPipeClientProcessId",
4079. "process id %lu",
4080. "Read error from handle",
4081. "Shell32.dll",
4082. "SetCurrentProcessExplicitAppUserModelID",
4083. "Pageant.exe",
4084. "PuTTYgen.exe",
4085. "%.*s%s",
4086. "Connect to PuTTY session '",
4087. "Run %.*s",
4088. "<>:\"/\\|?*",
4089. "sspicli.dll",
4090. "GetUserNameExA",
4091. "SetDefaultDllDirectories",
4092. "(unable to format: FormatMessage returned %u)",
4093. "Error %d: %s",
4094. "Network error: ",
4095. "ws2_32.dll",
4096. "wsock32.dll",
4097. "Unable to load any WinSock library",
4098. "getaddrinfo",
4099. "freeaddrinfo",
4100. "getnameinfo",
4101. "gai_strerror",
4102. "wship6.dll",
4103. "WSAAddressToStringA",
4104. "WSAAsyncSelect",
4105. "WSAEventSelect",
4106. "select",
4107. "WSAGetLastError",
4108. "WSAEnumNetworkEvents"
4109. ],
4110. "metadata": {
4111. "output": {
4112. "pcap": {
4113. "basename": "dump.pcap",
4114. "sha256": "ee7958a9156941c699ec42e026c77e4f47d9bdebc419290211297ef7a859f7a9",
4115. "dirname": ""
4116. }
4117. }
4118. }
4119. }