× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: ba6ca0ad6fdf66def8fbbfbde6138024c5b4f52038b932fba4047785454bc25a
File name: AdobeFlashPlayer.dmg
Detection ratio: 13 / 53
Analysis date: 2016-06-30 13:37:26 UTC ( 2 years, 10 months ago ) View latest
Antivirus Result Update
Ad-Aware Gen:Variant.Adware.MAC.OSX.Genieo.11 20160630
Arcabit Trojan.Adware.MAC.OSX.Genieo.11 20160630
Avast MacOS:Genieo-BD [Adw] 20160630
AVG OSX/Genieo.J 20160630
Avira (no cloud) ADWARE/OSX.Geonei.mfxg 20160630
BitDefender Gen:Variant.Adware.MAC.OSX.Genieo.11 20160630
DrWeb Mac.Trojan.Genieo.33 20160630
Emsisoft Gen:Variant.Adware.MAC.OSX.Genieo.11 (B) 20160630
F-Secure Gen:Variant.Adware.MAC 20160630
GData Gen:Variant.Adware.MAC.OSX.Genieo.11 20160630
Kaspersky not-a-virus:HEUR:AdWare.OSX.Geonei.l 20160630
eScan Gen:Variant.Adware.MAC.OSX.Genieo.11 20160630
Sophos AV Genieo (PUA) 20160630
AegisLab 20160630
Yandex 20160629
AhnLab-V3 20160630
Alibaba 20160630
Antiy-AVL 20160630
AVware 20160630
Baidu 20160630
Bkav 20160630
CAT-QuickHeal 20160630
ClamAV 20160630
CMC 20160630
Comodo 20160630
Cyren 20160630
ESET-NOD32 20160630
F-Prot 20160630
Fortinet 20160630
Ikarus 20160630
Jiangmin 20160630
K7AntiVirus 20160630
K7GW 20160630
Kingsoft 20160630
Malwarebytes 20160630
McAfee 20160630
McAfee-GW-Edition 20160630
Microsoft 20160630
NANO-Antivirus 20160630
nProtect 20160630
Panda 20160630
Qihoo-360 20160630
SUPERAntiSpyware 20160630
Symantec 20160630
Tencent 20160630
TheHacker 20160630
TrendMicro 20160630
TrendMicro-HouseCall 20160630
VBA32 20160630
VIPRE 20160630
ViRobot 20160630
Yandex 20160630
Zoner 20160629
The file being studied is an Apple Disk Image! More specifically it follows the Universal Disk Image Format, commonly found with the DMG extension.
File signature
Identifier com.fuzeday.Installer
Format bundle with Mach-O thin (x86_64)
CDHash 0917f4ec028cbe4a7e0f52f86d4ac4e226680004
Signature size 8926
Authority Developer ID Application: Gulchera Kuntcevich (Z2NQTKDS35)
Authority Developer ID Certification Authority
Authority Apple Root CA
Timestamp Jun 28, 2016, 2:51:21 PM
Info.plist entries 26
TeamIdentifier Z2NQTKDS35
Signature verification Valid Signature
Signing Certificates
[+] Gulchera Kuntcevich
Status Valid
Issuer Apple Inc.
Valid from 11:31 AM 05/29/2016
Valid to 11:31 AM 05/30/2021
Valid usage Digital Signature, Code Signing
Algorithm sha256WithRSAEncryption
Thumbprint E10E9BFF1218B49D4AA5D10E99771DEB5B6095C6
Serial number CE 9E C8 8D F8 F4 6A
[+] Apple Inc.
Status Valid
Issuer Apple Inc.
Valid from 10:12 PM 02/01/2012
Valid to 10:12 PM 02/01/2027
Valid usage Digital Signature, Certificate Sign, CRL Sign
Algorithm sha256WithRSAEncryption
Thumbprint 3B166C3B7DC4B751C9FE2AFAB9135641E388E186
Serial number 18 7A A9 A8 C2 96 21 0C
[+] Apple Inc.
Status Valid
Issuer Apple Inc.
Valid from 09:40 PM 04/25/2006
Valid to 09:40 PM 02/09/2035
Valid usage Certificate Sign, CRL Sign
Algorithm sha1WithRSAEncryption
Thumbprint 611E5B662C593A08FF58D14AE22452D198DF6C60
Serial number 2
Main executable
Package path /Installer.app/Contents/MacOS/Installer
Detection ratio 23 / 57 when this report was generated
File size 433616 Bytes
HFS File ID 172
DMG HFS Property List
CFBundleInfoDictionaryVersion 1000013_1
NSHumanReadableCopyright Copyright © 2014 ___fuzeday___. All rights reserved.
DTXcodeBuild 7C68
CFBundleSupportedPlatforms MacOSX
CFBundleIdentifier com.fuzeday.Installer
DTSDKName macosx10.11
DTPlatformVersion GM
CFBundleShortVersionString 1.0
BuildMachineOSBuild 15F34
LSUIElement True
CFBundleExecutable Installer
LSMinimumSystemVersion 10.6
NSAppTransportSecurity NSAllowsArbitraryLoads: True
CFBundleVersion 1
CFBundleIconFile App.icns
DTPlatformBuild 7C68
NSMainNibFile MainMenu
DTXcode 0720
CFBundleDevelopmentRegion en
LSApplicationCategoryType
DTCompiler com.apple.compilers.llvm.clang.1_0
CFBundleSignature ????
DTSDKBuild 15C43
CFBundleName Installer
CFBundlePackageType APPL
NSPrincipalClass NSApplication
Contained Mac OS X executables
Contained file bundles
BLKX Table
Entry Attributes
whole disk (Apple_HFS : 0) 0x0050
DMG XML Property List
Entry Attributes
ID:0 0x0050
DMG structural properties
DMG version
4
Data fork offset
0x0
Data fork length
298486
Resource fork offset
0x0
Resource fork length
0
Resource fork keys
blkx, plst
Running data fork offset
0x0
XML offset
0x298486
XML length
3342
PLST keys
resource-fork, operator-fork
File identification
MD5 5fcb90e0559cc9d2d960369c4db32be1
SHA1 a370a1f5a2cb6dc43882eec7adcac5e308222691
SHA256 ba6ca0ad6fdf66def8fbbfbde6138024c5b4f52038b932fba4047785454bc25a
ssdeep
6144:up4cYsQbjBuKabWdcmZYwrBPhTp7wrKYopznjKGS+6mPoGq4aa//AT3NB:y4cYsQRfabXOrBP9VmKvjbS+bPRDv/Q

File size 295.3 KB ( 302339 bytes )
File type Macintosh Disk Image
Magic literal
VAX COFF executable - version 3344

TrID ZLIB compressed data (var. 1) (100.0%)
Tags
dmg

VirusTotal metadata
First submission 2016-06-28 20:20:10 UTC ( 2 years, 10 months ago )
Last submission 2019-04-09 08:09:10 UTC ( 1 month, 1 week ago )
File names output.95850271.txt
AdobeFlashPlayer.dmg
VirusShare_5fcb90e0559cc9d2d960369c4db32be1
output.95733552.txt
output.95733551.txt
aa
output.95159889.txt
81a463ee0d34eed73fe1be76acfd847686b635cc
b1eMz1IL_.com
ic.php
output.108950712.txt
output.95548426.txt
LCJe_V.msi
localfile~
output.95941772.txt
output.95548427.txt
output.95159859.txt
AdobeFlashPlayer.dmg
AdobeFlashPlayer (1).dmg
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Moved files
Created processes
HTTP requests
DNS requests
TCP connections