× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 049db432b05055bdf0152b82cb7939982d38067da364cee2fdbed6ceb5f60cde
File name: 049db432b05055bdf0152b82cb7939982d38067da364cee2fdbed6ceb5f60cde
Detection ratio: 34 / 57
Analysis date: 2015-08-29 15:40:03 UTC ( 14 hours, 10 minutes ago )
Antivirus Result Update
ALYac MAC.OSX.Backdoor.KitM.A 20150829
AVG BackDoor.Generic_c.FGZ 20150829
AVware Trojan.OSX.Generic (v) 20150829
Ad-Aware MAC.OSX.Backdoor.KitM.A 20150829
AhnLab-V3 OSX32-Trojan/Kitm 20150829
Arcabit MAC.OSX.Backdoor.KitM.A 20150829
Avast MacOS:Kitmos-A [Spy] 20150829
Avira MACOS/Kitm.A 20150829
BitDefender MAC.OSX.Backdoor.KitM.A 20150829
CAT-QuickHeal Backdoor.MacOSX.Kitmos.A 20150829
ClamAV OSX.Trojan.KitM-1 20150829
Comodo UnclassifiedMalware 20150829
Cyren MacOS/Kitmos.A 20150829
DrWeb Trojan.HackBack.2 20150829
ESET-NOD32 OSX/Kitm.A 20150829
Emsisoft MAC.OSX.Backdoor.KitM.A (B) 20150829
F-Prot MacOS/Kitmos.A 20150829
F-Secure Backdoor:OSX/KitM.A 20150829
GData MAC.OSX.Backdoor.KitM.A 20150829
Ikarus Backdoor.OSX.Kitm 20150829
Kaspersky Backdoor.OSX.Kitm.a 20150829
McAfee OSX/Kitmos 20150829
McAfee-GW-Edition OSX/Kitmos 20150829
MicroWorld-eScan MAC.OSX.Backdoor.KitM.A 20150829
Microsoft Backdoor:MacOS_X/Kitmos.A 20150829
NANO-Antivirus Trojan.Mac.Kitm.bsoppq 20150829
Qihoo-360 Trojan.Generic 20150829
Sophos OSX/HackBack-B 20150829
Symantec OSX.Kitmos 20150828
Tencent Win32.Backdoor.Kitm.Wozl 20150829
TrendMicro OSX_KITMOS.A 20150829
TrendMicro-HouseCall OSX_KITMOS.A 20150829
VIPRE Trojan.OSX.Generic (v) 20150829
nProtect MAC.OSX.Backdoor.KitM.A 20150828
AegisLab 20150829
Agnitum 20150828
Alibaba 20150828
Antiy-AVL 20150829
Baidu-International 20150829
Bkav 20150829
ByteHero 20150829
CMC 20150827
Fortinet 20150829
Jiangmin 20150828
K7AntiVirus 20150829
K7GW 20150829
Kingsoft 20150829
Malwarebytes 20150829
Panda 20150829
Rising 20150826
SUPERAntiSpyware 20150829
TheHacker 20150828
TotalDefense 20150829
VBA32 20150828
ViRobot 20150829
Zillya 20150829
Zoner 20150829
The file being studied is a Mac OS X executable! More specifically it is a executable file Mach-O for i386 based machines.
File header
File type executable file
Magic 0xfeedface
Required architecture i386
Sub-architecture I386_ALL
Entry point 0x1e00
Load commands 23
Load commands size 3392
Flags DYLDLINK
NOUNDEFS
NO_HEAP_EXECUTION
TWOLEVEL
Interesting properties
This file is signed by Apple's Root Certificate Authority.
File signature
Developer ID Application Rajinder Kumar
Identifier com.util.file
File segments
Shared libraries
Load commands
File identification
MD5 d43dec59fa8e6629ff46ae9e56f698d8
SHA1 a262769648b307dc9105bc3aa7dbf97bbcf35613
SHA256 049db432b05055bdf0152b82cb7939982d38067da364cee2fdbed6ceb5f60cde
ssdeep
3072:zG8OXwYd3/aH6+YJ8LeEBcdp4PKE6t/quUVjWm03ByKAtNwApVuPV:zG5JVX/MO/Ziju3BfAtNwAp8PV

File size 204.2 KB ( 209088 bytes )
File type Mach-O
Magic literal
Mach-O executable i386

TrID Mac OS X Mach-O 32bit Intel executable (100.0%)
Tags
macho signed

VirusTotal metadata
First submission 2013-05-16 17:34:44 UTC ( 2 years, 3 months ago )
Last submission 2013-05-21 12:15:25 UTC ( 2 years, 3 months ago )
File names 049db432b05055bdf0152b82cb7939982d38067da364cee2fdbed6ceb5f60cde
32bit
vti-rescan
5
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!