× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 03c220ff4fe4aa44ba2ad1e1e0d41d56279e9e09d5605f08e2bce929e8fc1ece
File name: InstallGenieo.dmg
Detection ratio: 27 / 56
Analysis date: 2016-06-08 18:05:11 UTC ( 3 months, 3 weeks ago )
Antivirus Result Update
ALYac Adware.MAC.OSX.Genieo.A 20160608
AVG OSX/AdLoad.C 20160608
Ad-Aware Adware.MAC.OSX.Genieo.A 20160608
AegisLab Adware.Osx.Geonei!c 20160608
Arcabit Adware.MAC.OSX.Genieo.A 20160608
Avast MacOS:Genieo-AB [Adw] 20160608
Avira (no cloud) ADWARE/OSX.Genieo.199 20160608
BitDefender Adware.MAC.OSX.Genieo.A 20160608
CAT-QuickHeal Adware.MacOSX.Geonei.A 20160608
ClamAV Osx.Malware.Agent-1396617 20160608
Comodo ApplicUnwnt 20160608
DrWeb Trojan.Genieo.1 20160608
ESET-NOD32 OSX/Adware.Genieo.A 20160608
Emsisoft Adware.MAC.OSX.Genieo.A (B) 20160608
F-Secure Adware.MAC.OSX 20160608
Fortinet Adware/OSX_Geonei 20160608
GData Adware.MAC.OSX.Genieo.A 20160608
Ikarus AdWare.OSX.Genieo 20160608
Kaspersky not-a-virus:HEUR:AdWare.OSX.Geonei.i 20160608
McAfee OSX/Genieo.gen.a 20160608
McAfee-GW-Edition OSX/Genieo.gen.a 20160608
eScan Adware.MAC.OSX.Genieo.A 20160608
NANO-Antivirus Riskware.Mac.Genieo.dnxdpy 20160608
Sophos Genieo (PUA) 20160608
Symantec Trojan.Gen.2 20160608
Tencent Win32.Adware.Genieo.Hoyc 20160608
nProtect Adware.MAC.OSX.Genieo.A 20160608
AVware 20160608
AhnLab-V3 20160608
Alibaba 20160608
Antiy-AVL 20160608
Baidu 20160608
Baidu-International 20160606
Bkav 20160608
CMC 20160607
Cyren 20160608
F-Prot 20160608
Jiangmin 20160608
K7AntiVirus 20160608
K7GW 20160608
Kingsoft 20160608
Malwarebytes 20160608
Microsoft 20160608
Panda 20160608
Qihoo-360 20160608
Rising 20160608
SUPERAntiSpyware 20160608
TheHacker 20160607
TrendMicro 20160608
TrendMicro-HouseCall 20160608
VBA32 20160608
VIPRE 20160608
ViRobot 20160608
Yandex 20160607
Zillya 20160607
Zoner 20160608
The file being studied is an Apple Disk Image! More specifically it follows the Universal Disk Image Format, commonly found with the DMG extension.
File signature
Identifier com.yourcompany.Installer
Format bundle with Mach-O universal (i386 ppc7400 x86_64)
CDHash 72ae26c41d22315a807f604d361ee8c245388275
Signature size 4238
Authority Developer ID Application: Genieo Innovation Ltd.
Authority Developer ID Certification Authority
Authority Apple Root CA
Signed Time Nov 25, 2013, 6:01:17 PM
Info.plist entries 14
TeamIdentifier not set
Main executable
Package path /InstallGenieo.app/Contents/MacOS/Installer
Detection ratio 9 / 47 when this report was generated
File size 253472 Bytes
HFS File ID 29
DMG HFS Property List
Java JVMVersion: 1.6+
MainClass: com.genieo.RemoveGenieoMac
ClassPath: $JAVAROOT/uninstall_genieo_mac.jar
CFBundleSignature ????
CFBundleInfoDictionaryVersion 6.0
CFBundleIconFile uninstall.icns
CFBundleAllowMixedLocalizations true
CFBundleIdentifier com.genieo.RemoveGenieoMac
CFBundleDevelopmentRegion English
CFBundleExecutable JavaApplicationStub
CFBundleName Uninstall Genieo
CFBundleVersion 100.0
CFBundlePackageType APPL
Contained Mac OS X executables
Contained file bundles
BLKX Table
Entry Attributes
Driver Descriptor Map (DDM : 0) 0x0050
Apple (Apple_partition_map : 1) 0x0050
disk image (Apple_HFS : 2) 0x0050
(Apple_Free : 3) 0x0050
DMG XML Property List
Entry Attributes
ID:0 0x0050
DMG structural properties
DMG version
Data fork offset
Data fork length
Resource fork offset
Resource fork length
Resource fork keys
blkx, plst
Running data fork offset
XML offset
XML length
PLST keys
File identification
MD5 26223e30584b68ebc5b213621381d14c
SHA1 52888d8600b0817070eb632cb90a3542e966621c
SHA256 03c220ff4fe4aa44ba2ad1e1e0d41d56279e9e09d5605f08e2bce929e8fc1ece

File size 775.4 KB ( 794021 bytes )
File type Macintosh Disk Image
Magic literal

TrID pzip compressed (66.6%)
Disk Image (Macintosh) (33.3%)

VirusTotal metadata
First submission 2013-11-28 21:50:07 UTC ( 2 years, 10 months ago )
Last submission 2016-06-08 18:05:11 UTC ( 3 months, 3 weeks ago )
File names 2
ExifTool file metadata
2014:07:28 09:21:11+01:00

2014:07:28 09:21:11+01:00

No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Created processes
HTTP requests
DNS requests
TCP connections