× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 049db432b05055bdf0152b82cb7939982d38067da364cee2fdbed6ceb5f60cde
File name: 049db432b05055bdf0152b82cb7939982d38067da364cee2fdbed6ceb5f60cde
Detection ratio: 33 / 55
Analysis date: 2016-02-07 18:17:09 UTC ( 13 hours, 42 minutes ago )
Antivirus Result Update
ALYac MAC.OSX.Backdoor.KitM.A 20160207
AVG BackDoor.Generic_c.FGZ 20160207
Ad-Aware MAC.OSX.Backdoor.KitM.A 20160207
AhnLab-V3 OSX32-Trojan/Kitm 20160207
Arcabit MAC.OSX.Backdoor.KitM.A 20160207
Avast MacOS:Kitmos-A [Spy] 20160207
Avira OSX/Kitm.A 20160207
BitDefender MAC.OSX.Backdoor.KitM.A 20160207
CAT-QuickHeal Backdoor.MacOSX.Kitmos.A 20160206
ClamAV OSX.Trojan.KitM-1 20160206
Comodo UnclassifiedMalware 20160207
Cyren MacOS/Kitmos.A 20160207
DrWeb Trojan.HackBack.2 20160207
ESET-NOD32 OSX/Kitm.A 20160207
Emsisoft MAC.OSX.Backdoor.KitM.A (B) 20160207
F-Prot MacOS/Kitmos.A 20160129
F-Secure Backdoor:OSX/KitM.A 20160206
GData MAC.OSX.Backdoor.KitM.A 20160207
Ikarus Backdoor.OSX.Kitm 20160207
Kaspersky Backdoor.OSX.Kitm.a 20160207
McAfee OSX/Kitmos 20160207
McAfee-GW-Edition OSX/Kitmos 20160207
MicroWorld-eScan MAC.OSX.Backdoor.KitM.A 20160207
Microsoft Backdoor:MacOS_X/Kitmos.A 20160207
NANO-Antivirus Trojan.Mac.Kitm.bsoppq 20160207
Qihoo-360 Win32/Backdoor.c80 20160207
Sophos OSX/HackBack-B 20160207
Symantec OSX.Kitmos 20160207
Tencent Win32.Backdoor.Kitm.Wozl 20160207
TrendMicro OSX_KITMOS.A 20160207
TrendMicro-HouseCall OSX_KITMOS.A 20160207
VIPRE Trojan.OSX.Generic (v) 20160207
nProtect MAC.OSX.Backdoor.KitM.A 20160205
AegisLab 20160207
Agnitum 20160206
Alibaba 20160204
Antiy-AVL 20160207
Baidu-International 20160207
Bkav 20160204
ByteHero 20160207
CMC 20160205
Fortinet 20160207
Jiangmin 20160207
K7AntiVirus 20160207
K7GW 20160207
Malwarebytes 20160207
Panda 20160207
Rising 20160207
SUPERAntiSpyware 20160207
TheHacker 20160206
TotalDefense 20160207
VBA32 20160204
ViRobot 20160207
Zillya 20160206
Zoner 20160207
The file being studied is a Mac OS X executable! More specifically it is a executable file Mach-O for i386 based machines.
File signature
Identifier com.util.file
Format Mach-O thin (i386)
CDHash 4953b9013d6515dc9b46dbf3881cb4115fd1ba7d
Signature size 8514
Authority Developer ID Application: Rajinder Kumar
Authority Developer ID Certification Authority
Authority Apple Root CA
Timestamp Apr 8, 2013, 9:52:49 AM
Info.plist not bound
TeamIdentifier not set
Sealed Resources none
Interesting properties
This file is signed by Apple's Root Certificate Authority.
File header
File type executable file
Magic 0xfeedface
Required architecture i386
Sub-architecture I386_ALL
Entry point 0x1e00
Load commands 23
Load commands size 3392
Flags DYLDLINK
NOUNDEFS
NO_HEAP_EXECUTION
TWOLEVEL
File segments
Shared libraries
Load commands
File identification
MD5 d43dec59fa8e6629ff46ae9e56f698d8
SHA1 a262769648b307dc9105bc3aa7dbf97bbcf35613
SHA256 049db432b05055bdf0152b82cb7939982d38067da364cee2fdbed6ceb5f60cde
ssdeep
3072:zG8OXwYd3/aH6+YJ8LeEBcdp4PKE6t/quUVjWm03ByKAtNwApVuPV:zG5JVX/MO/Ziju3BfAtNwAp8PV

File size 204.2 KB ( 209088 bytes )
File type Mach-O
Magic literal
Mach-O executable i386

TrID Mac OS X Mach-O 32bit Intel executable (100.0%)
Tags
macho signed

VirusTotal metadata
First submission 2013-05-16 17:34:44 UTC ( 2 years, 8 months ago )
Last submission 2013-05-21 12:15:25 UTC ( 2 years, 8 months ago )
File names 049db432b05055bdf0152b82cb7939982d38067da364cee2fdbed6ceb5f60cde
32bit
vti-rescan
5
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Output
Opened files
Read files
Written files
Created processes