× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 013623e5e50449bbdf6943549d8224a122aa6c42bd3300a1bd2b743b01ae6793
File name: Handbrake.dmg
Detection ratio: 28 / 59
Analysis date: 2017-10-01 16:07:04 UTC ( 3 weeks ago )
Antivirus Result Update
Ad-Aware Trojan.MAC.Proton.A 20171001
AhnLab-V3 BinImage/Proton 20171001
ALYac Trojan.OSX.Proton 20171001
Antiy-AVL Trojan[Backdoor]/OSX.Proton 20171001
Arcabit Trojan.MAC.Proton.A 20171001
Avast MacOS:Proton-A [Trj] 20171001
AVG MacOS:Proton-A [Trj] 20171001
Avira (no cloud) OSX/Proton.uoopm 20171001
BitDefender Trojan.MAC.Proton.A 20171001
ClamAV Osx.Trojan.Proton-6316148-0 20171001
Cyren Trojan.INJM-7 20171001
DrWeb Mac.BackDoor.Proton.1 20171001
Emsisoft Trojan.MAC.Proton.A (B) 20171001
ESET-NOD32 OSX/Proton.A 20171001
F-Secure Backdoor:OSX/Proton.A 20171001
GData Trojan.MAC.Proton.A 20171001
Ikarus Trojan.OSX.Proton.A 20171001
Kaspersky HEUR:Backdoor.OSX.Proton.b 20171001
MAX malware (ai score=86) 20171001
McAfee OSX/Generics.p 20171001
McAfee-GW-Edition OSX/Generics.p 20171001
eScan Trojan.MAC.Proton.A 20171001
NANO-Antivirus Trojan.Mac.Proton.eokpjt 20171001
Sophos AV OSX/Proton-A 20171001
Symantec OSX.Dropper 20170930
TrendMicro OSX_PROTON.A 20171001
TrendMicro-HouseCall OSX_PROTON.A 20171001
ZoneAlarm by Check Point HEUR:Backdoor.OSX.Proton.b 20171001
AegisLab 20171001
Alibaba 20170911
Avast-Mobile 20171001
AVware 20171001
Baidu 20170930
CAT-QuickHeal 20170930
CMC 20170928
Comodo 20171001
CrowdStrike Falcon (ML) 20170804
Cylance 20171001
Endgame 20170821
F-Prot 20171001
Fortinet 20170929
Sophos ML 20170914
Jiangmin 20171001
K7AntiVirus 20170928
K7GW 20171001
Kingsoft 20171001
Malwarebytes 20171001
Microsoft 20171001
nProtect 20171001
Palo Alto Networks (Known Signatures) 20171001
Panda 20171001
Qihoo-360 20171001
Rising 20171001
SentinelOne (Static ML) 20171001
SUPERAntiSpyware 20171001
Symantec Mobile Insight 20170928
Tencent 20171001
TheHacker 20170928
TotalDefense 20171001
Trustlook 20171001
VBA32 20170929
VIPRE 20171001
ViRobot 20171001
Webroot 20171001
WhiteArmor 20170927
Yandex 20170908
Zillya 20170929
Zoner 20171001
The file being studied is an Apple Disk Image! More specifically it follows the Universal Disk Image Format, commonly found with the DMG extension.
Main executable
Package path /HandBrake.app/Contents/Frameworks/Sparkle.framework/Versions/A/Resources/Autoupdate.app/Contents/MacOS/Autoupdate
Detection ratio 0 / 57 when this report was generated
File size 166964 Bytes
HFS File ID 80
DMG HFS Property List
SUFeedURL https://handbrake.fr/appcast.x86_64.xml
CFBundleInfoDictionaryVersion 6.0
NSHumanReadableCopyright Copyright © 2003-2017 HandBrake Team. GPLv2 license.
CFBundleGetInfoString 2017042800
CFBundleIdentifier fr.handbrake.HandBrake
CFBundleDocumentTypes {u'CFBundleTypeName': u'All files', u'CFBundleTypeRole': u'Viewer', u'CFBundleTypeExtensions': [u'*']}
{u'CFBundleTypeRole': u'Viewer', u'LSItemContentTypes': [u'public.movie']}
SUAllowsAutomaticUpdates False
CFBundleShortVersionString 1.0.7
CFBundleDisplayName HandBrake
BuildMachineOSBuild 15F34
CFBundleExecutable HandBrake
LSMinimumSystemVersion 10.7
CFBundleVersion 2017042800
SUPublicDSAKeyFile dsa_pub.pem
CFBundleIconFile HandBrake
NSMainNibFile MainMenu
CFBundleDevelopmentRegion en
CFBundleSupportedPlatforms MacOSX
CFBundleSignature ????
CFBundleName HandBrake
CFBundlePackageType APPL
NSPrincipalClass HBApplication
Contained Mac OS X executables
Contained file bundles
BLKX Table
Entry Attributes
Protective Master Boot Record (MBR : 0) 0x0050
GPT Header (Primary GPT Header : 1) 0x0050
GPT Partition Data (Primary GPT Table : 2) 0x0050
(Apple_Free : 3) 0x0050
disk image (Apple_HFS : 4) 0x0050
(Apple_Free : 5) 0x0050
GPT Partition Data (Backup GPT Table : 6) 0x0050
GPT Header (Backup GPT Header : 7) 0x0050
DMG XML Property List
Entry Attributes
ID:0 0x0050
DMG structural properties
DMG version
Data fork offset
Data fork length
Resource fork offset
Resource fork length
Resource fork keys
blkx, plst
Running data fork offset
XML offset
XML length
PLST keys
Compressed bundles
File identification
MD5 e420a2dfb206c8777002583637037d29
SHA1 0935a43ca90c6c419a49e4f8f1d75e68cd70b274
SHA256 013623e5e50449bbdf6943549d8224a122aa6c42bd3300a1bd2b743b01ae6793

File size 15.8 MB ( 16593112 bytes )
File type Macintosh Disk Image
Magic literal
ID=0xee, starthead 254, startsector 1, 89371 sectors, code offset 0x1

TrID Macintosh Disk image (BZlib compressed) (99.9%)
Master Boot Record dump (0.0%)

VirusTotal metadata
First submission 2017-05-03 19:01:45 UTC ( 5 months, 3 weeks ago )
Last submission 2017-07-18 10:08:27 UTC ( 3 months ago )
File names HandBrake-1.0.7.dmg
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Moved files
Created processes
HTTP requests
DNS requests
TCP connections