× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 03c220ff4fe4aa44ba2ad1e1e0d41d56279e9e09d5605f08e2bce929e8fc1ece
File name: output.13670713.txt
Detection ratio: 26 / 56
Analysis date: 2016-04-25 03:41:12 UTC ( 1 month ago )
Antivirus Result Update
ALYac Adware.MAC.OSX.Genieo.A 20160425
AVG OSX/AdLoad.C 20160425
Ad-Aware Adware.MAC.OSX.Genieo.A 20160425
Arcabit Adware.MAC.OSX.Genieo.A 20160425
Avast MacOS:Genieo-AB [Adw] 20160425
Avira (no cloud) ADWARE/OSX.Genieo.199 20160424
BitDefender Adware.MAC.OSX.Genieo.A 20160425
CAT-QuickHeal Adware.MacOSX.Geonei.A 20160423
ClamAV Osx.Malware.Agent-1396617 20160425
Comodo ApplicUnwnt 20160425
DrWeb Trojan.Genieo.1 20160425
ESET-NOD32 OSX/Adware.Genieo.A 20160424
Emsisoft Adware.MAC.OSX.Genieo.A (B) 20160425
F-Secure Adware.MAC.OSX 20160425
Fortinet Adware/OSX_Geonei 20160425
GData Adware.MAC.OSX.Genieo.A 20160425
Ikarus AdWare.OSX.Genieo 20160424
Kaspersky not-a-virus:HEUR:AdWare.OSX.Geonei.i 20160425
McAfee OSX/Genieo.gen.a 20160425
McAfee-GW-Edition OSX/Genieo.gen.a 20160425
eScan Adware.MAC.OSX.Genieo.A 20160424
NANO-Antivirus Riskware.Mac.Genieo.dnxdpy 20160425
Sophos Genieo (PUA) 20160425
Symantec Trojan.Gen.2 20160425
Tencent Win32.Adware.Genieo.Hoyc 20160425
nProtect Adware.MAC.OSX.Genieo.A 20160422
AVware 20160424
AegisLab 20160425
AhnLab-V3 20160425
Alibaba 20160425
Antiy-AVL 20160425
Baidu 20160422
Baidu-International 20160424
Bkav 20160423
CMC 20160421
Cyren 20160425
F-Prot 20160425
K7AntiVirus 20160424
K7GW 20160423
Kingsoft 20160425
Malwarebytes 20160425
Microsoft 20160424
Panda 20160424
Qihoo-360 20160425
Rising 20160425
SUPERAntiSpyware 20160425
TheHacker 20160424
TotalDefense 20160421
TrendMicro 20160425
TrendMicro-HouseCall 20160425
VBA32 20160423
VIPRE 20160424
ViRobot 20160425
Yandex 20160424
Zillya 20160425
Zoner 20160425
The file being studied is an Apple Disk Image! More specifically it follows the Universal Disk Image Format, commonly found with the DMG extension.
File signature
Identifier com.yourcompany.Installer
Format bundle with Mach-O universal (i386 ppc7400 x86_64)
CDHash 72ae26c41d22315a807f604d361ee8c245388275
Signature size 4238
Authority Developer ID Application: Genieo Innovation Ltd.
Authority Developer ID Certification Authority
Authority Apple Root CA
Signed Time Nov 25, 2013, 6:01:17 PM
Info.plist entries 14
TeamIdentifier not set
Main executable
Package path /InstallGenieo.app/Contents/MacOS/Installer
Detection ratio 9 / 47 when this report was generated
File size 253472 Bytes
HFS File ID 29
DMG HFS Property List
Java JVMVersion: 1.6+
MainClass: com.genieo.RemoveGenieoMac
ClassPath: $JAVAROOT/uninstall_genieo_mac.jar
CFBundleSignature ????
CFBundleInfoDictionaryVersion 6.0
CFBundleIconFile uninstall.icns
CFBundleAllowMixedLocalizations true
CFBundleIdentifier com.genieo.RemoveGenieoMac
CFBundleDevelopmentRegion English
CFBundleExecutable JavaApplicationStub
CFBundleName Uninstall Genieo
CFBundleVersion 100.0
CFBundlePackageType APPL
Contained Mac OS X executables
Contained file bundles
BLKX Table
Entry Attributes
Driver Descriptor Map (DDM : 0) 0x0050
Apple (Apple_partition_map : 1) 0x0050
disk image (Apple_HFS : 2) 0x0050
(Apple_Free : 3) 0x0050
DMG XML Property List
Entry Attributes
ID:0 0x0050
DMG structural properties
DMG version
Data fork offset
Data fork length
Resource fork offset
Resource fork length
Resource fork keys
blkx, plst
Running data fork offset
XML offset
XML length
PLST keys
File identification
MD5 26223e30584b68ebc5b213621381d14c
SHA1 52888d8600b0817070eb632cb90a3542e966621c
SHA256 03c220ff4fe4aa44ba2ad1e1e0d41d56279e9e09d5605f08e2bce929e8fc1ece

File size 775.4 KB ( 794021 bytes )
File type Macintosh Disk Image
Magic literal

TrID pzip compressed (66.6%)
Disk Image (Macintosh) (33.3%)

VirusTotal metadata
First submission 2013-11-28 21:50:07 UTC ( 2 years, 6 months ago )
Last submission 2016-04-25 03:41:12 UTC ( 1 month ago )
File names 2
ExifTool file metadata
2014:07:28 09:21:11+01:00

2014:07:28 09:21:11+01:00

No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Created processes
HTTP requests
DNS requests
TCP connections