× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 013623e5e50449bbdf6943549d8224a122aa6c42bd3300a1bd2b743b01ae6793
File name: Handbrake.dmg.exe
Detection ratio: 30 / 58
Analysis date: 2018-03-28 06:05:22 UTC ( 3 weeks, 3 days ago )
Antivirus Result Update
Ad-Aware Trojan.MAC.Proton.A 20180328
AhnLab-V3 BinImage/Proton 20180328
ALYac Trojan.OSX.Proton 20180328
Antiy-AVL Trojan[Backdoor]/OSX.Proton 20180327
Arcabit Trojan.MAC.Proton.A 20180328
Avast MacOS:Proton-A [Trj] 20180328
AVG MacOS:Proton-A [Trj] 20180328
Avira (no cloud) OSX/Proton.uoopm 20180328
BitDefender Trojan.MAC.Proton.A 20180328
ClamAV Osx.Trojan.Proton-6316148-0 20180328
Comodo UnclassifiedMalware 20180328
Cyren Trojan.INJM-7 20180328
DrWeb Mac.BackDoor.Proton.1 20180328
Emsisoft Trojan.MAC.Proton.A (B) 20180328
ESET-NOD32 OSX/Proton.A 20180328
F-Secure Backdoor:OSX/Proton.A 20180328
GData Trojan.MAC.Proton.A 20180328
Ikarus Trojan.OSX.Proton.A 20180327
Kaspersky HEUR:Backdoor.OSX.Proton.b 20180328
MAX malware (ai score=86) 20180328
McAfee OSX/Generics.p 20180328
McAfee-GW-Edition OSX/Generics.p 20180328
eScan Trojan.MAC.Proton.A 20180328
NANO-Antivirus Trojan.Mac.Proton.eokpjt 20180328
Sophos AV OSX/Proton-A 20180328
Symantec OSX.Dropper 20180328
TrendMicro OSX_PROTON.A 20180328
TrendMicro-HouseCall OSX_PROTON.A 20180328
Zillya Backdoor.Proton.OSX.8 20180327
ZoneAlarm by Check Point HEUR:Backdoor.OSX.Proton.b 20180328
AegisLab 20180328
Alibaba 20180328
Avast-Mobile 20180327
AVware 20180328
Baidu 20180328
Bkav 20180327
CAT-QuickHeal 20180327
CMC 20180327
CrowdStrike Falcon (ML) 20170201
Cybereason None
Cylance 20180328
eGambit 20180328
Endgame 20180316
F-Prot 20180328
Fortinet 20180328
Sophos ML 20180121
Jiangmin 20180328
K7AntiVirus 20180328
K7GW 20180328
Kingsoft 20180328
Malwarebytes 20180328
Microsoft 20180328
nProtect 20180328
Palo Alto Networks (Known Signatures) 20180328
Panda 20180327
Qihoo-360 20180328
Rising 20180328
SentinelOne (Static ML) 20180225
SUPERAntiSpyware 20180328
Symantec Mobile Insight 20180311
Tencent 20180328
TheHacker 20180327
Trustlook 20180328
VBA32 20180327
VIPRE 20180328
ViRobot 20180328
WhiteArmor 20180324
Yandex 20180327
Zoner 20180327
The file being studied is an Apple Disk Image! More specifically it follows the Universal Disk Image Format, commonly found with the DMG extension.
Main executable
Package path /HandBrake.app/Contents/Frameworks/Sparkle.framework/Versions/A/Resources/Autoupdate.app/Contents/MacOS/Autoupdate
Detection ratio 0 / 57 when this report was generated
File size 166964 Bytes
HFS File ID 80
DMG HFS Property List
SUFeedURL https://handbrake.fr/appcast.x86_64.xml
CFBundleInfoDictionaryVersion 6.0
NSHumanReadableCopyright Copyright © 2003-2017 HandBrake Team. GPLv2 license.
CFBundleGetInfoString 2017042800
CFBundleIdentifier fr.handbrake.HandBrake
CFBundleDocumentTypes {u'CFBundleTypeName': u'All files', u'CFBundleTypeRole': u'Viewer', u'CFBundleTypeExtensions': [u'*']}
{u'CFBundleTypeRole': u'Viewer', u'LSItemContentTypes': [u'public.movie']}
SUAllowsAutomaticUpdates False
CFBundleShortVersionString 1.0.7
CFBundleDisplayName HandBrake
BuildMachineOSBuild 15F34
CFBundleExecutable HandBrake
LSMinimumSystemVersion 10.7
CFBundleVersion 2017042800
SUPublicDSAKeyFile dsa_pub.pem
CFBundleIconFile HandBrake
NSMainNibFile MainMenu
CFBundleDevelopmentRegion en
CFBundleSupportedPlatforms MacOSX
CFBundleSignature ????
CFBundleName HandBrake
CFBundlePackageType APPL
NSPrincipalClass HBApplication
Contained Mac OS X executables
Contained file bundles
BLKX Table
Entry Attributes
Protective Master Boot Record (MBR : 0) 0x0050
GPT Header (Primary GPT Header : 1) 0x0050
GPT Partition Data (Primary GPT Table : 2) 0x0050
(Apple_Free : 3) 0x0050
disk image (Apple_HFS : 4) 0x0050
(Apple_Free : 5) 0x0050
GPT Partition Data (Backup GPT Table : 6) 0x0050
GPT Header (Backup GPT Header : 7) 0x0050
DMG XML Property List
Entry Attributes
ID:0 0x0050
DMG structural properties
DMG version
4
Data fork offset
0x0
Data fork length
16581841
Resource fork offset
0x0
Resource fork length
0
Resource fork keys
blkx, plst
Running data fork offset
0x0
XML offset
0x16581841
XML length
10759
PLST keys
resource-fork
File identification
MD5 e420a2dfb206c8777002583637037d29
SHA1 0935a43ca90c6c419a49e4f8f1d75e68cd70b274
SHA256 013623e5e50449bbdf6943549d8224a122aa6c42bd3300a1bd2b743b01ae6793
ssdeep
393216:Sgr4rKkDy6ZThgZzDw/i0X71Oxf3pi0SZH+x96:JrEK3+hgN2BsMeD6

File size 15.8 MB ( 16593112 bytes )
File type Macintosh Disk Image
Magic literal
x86 boot sector

TrID Macintosh Disk image (BZlib compressed) (97.6%)
ZLIB compressed data (var. 1) (2.3%)
Master Boot Record dump (0.0%)
Tags
dmg

VirusTotal metadata
First submission 2017-05-03 19:01:45 UTC ( 11 months, 3 weeks ago )
Last submission 2018-03-28 06:05:22 UTC ( 3 weeks, 3 days ago )
File names HandBrake-1.0.7.dmg
Handbrake.dmg
e420a2dfb206c8777002583637037d29.virus
Handbrake.dmg.exe
HandBrake-1.0.7-2.dmg
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Moved files
Created processes
HTTP requests
DNS requests
TCP connections