× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 1358aff08399d84c6af8499102a2c80d840953b7f46162338ddaf6f2a2277173
File name: juchuangye~.cpu16777228
Detection ratio: 22 / 57
Analysis date: 2018-10-10 13:53:18 UTC ( 5 months, 1 week ago ) View latest
Antivirus Result Update
Ad-Aware Gen:Variant.Trojan.MAC.OSX.XcodeGhost.1 20181010
ALYac Gen:Variant.Trojan.MAC.OSX.XcodeGhost.1 20181010
Arcabit Trojan.Trojan.MAC.OSX.XcodeGhost.1 20181010
Avast MacOS:XcodeGhost-F [Trj] 20181010
AVG MacOS:XcodeGhost-F [Trj] 20181010
Avira (no cloud) OSX/XCodeGhost.sgsg 20181010
BitDefender Gen:Variant.Trojan.MAC.OSX.XcodeGhost.1 20181010
CAT-QuickHeal Trojan.OSX.XCodeGhost.A 20181008
DrWeb IPhoneOS.Trojan.XcodeGhost.3 20181010
Emsisoft Gen:Variant.Trojan.MAC.OSX.XcodeGhost.1 (B) 20181010
ESET-NOD32 a variant of iOS/XcodeGhost.B 20181010
F-Secure Backdoor:OSX/XCodeGhost.Q 20181010
GData Gen:Variant.Trojan.MAC.OSX.XcodeGhost.1 20181010
Kaspersky HEUR:Trojan.OSX.XcodeGhost.a 20181010
MAX malware (ai score=85) 20181010
Microsoft TrojanSpy:iOS/XcodeGhost.A 20181010
eScan Gen:Variant.Trojan.MAC.OSX.XcodeGhost.1 20181010
Qihoo-360 virus.ios.xcodeghost.a 20181010
Sophos AV iPh/XcdGhost-C 20181010
TrendMicro IOS_XCODEGHOST.A 20181010
TrendMicro-HouseCall IOS_XCODEGHOST.A 20181010
ZoneAlarm by Check Point HEUR:Trojan.OSX.XcodeGhost.a 20181010
AegisLab 20181010
AhnLab-V3 20181010
Alibaba 20180921
Antiy-AVL 20181010
Avast-Mobile 20181010
Babable 20180918
Baidu 20181010
Bkav 20181009
ClamAV 20181010
CMC 20181010
Comodo 20181010
CrowdStrike Falcon (ML) 20180723
Cybereason 20180225
Cylance 20181010
Cyren 20181010
eGambit 20181010
Endgame 20180730
F-Prot 20181010
Fortinet 20181010
Ikarus 20181010
Sophos ML 20180717
Jiangmin 20181009
K7AntiVirus 20181010
K7GW 20181010
Kingsoft 20181010
Malwarebytes 20181010
McAfee 20181010
McAfee-GW-Edition 20181010
NANO-Antivirus 20181010
Palo Alto Networks (Known Signatures) 20181010
Panda 20181009
Rising 20181010
SentinelOne (Static ML) 20180926
SUPERAntiSpyware 20181006
Symantec 20181010
Symantec Mobile Insight 20181001
TACHYON 20181010
Tencent 20181010
TheHacker 20181008
TotalDefense 20181010
Trustlook 20181010
VBA32 20181010
ViRobot 20181010
Webroot 20181010
Yandex 20181010
Zillya 20181010
Zoner 20181010
The file being studied is a Mac OS X executable! More specifically it is a executable file Mach-O for ARM64 based machines.
File signature
Identifier com.juchuangye
Format Mach-O thin (arm64)
CandidateCDHash sha1 0b2050d57db5f3fbc2895a60a1ba3391dec5228e
Hash choices sha1
Page size 4096
CDHash 0b2050d57db5f3fbc2895a60a1ba3391dec5228e
Signature size 3487
Authority (unavailable)
Info.plist not bound
TeamIdentifier N56V8A2H9S
Sealed Resources none
File header
File type executable file
Magic 0xfeedfacf
Required architecture ARM64
Sub-architecture 0
Entry point 0x8770c
Reserved 0x0
Load commands 42
Load commands size 5120
Flags BINDS_TO_WEAK
DYLDLINK
NOUNDEFS
PIE
TWOLEVEL
WEAK_DEFINES
File segments
Shared libraries
Load commands
Compressed bundles
File identification
MD5 1a2313ddd17f2c329effcd69025195fa
SHA1 49ea4edc4c00dc37e7d262f4cb72d06688d9376b
SHA256 1358aff08399d84c6af8499102a2c80d840953b7f46162338ddaf6f2a2277173
ssdeep
49152:C7BVboWAZcEIZYJQbdF1qLWvEHATcN/D+QlBK3LEPyaZPB1aSpF5j5NK1Cp2Sbr1:C8W1EIiJQbXDvEFxlBTDZ

File size 6.8 MB ( 7160128 bytes )
File type Mach-O
Magic literal
Mach-O 64-bit executable

TrID Mac OS X Mach-O 64bit Intel executable (100.0%)
Tags
64bits macho arm

VirusTotal metadata
First submission 2015-09-02 21:57:47 UTC ( 3 years, 6 months ago )
Last submission 2015-09-02 21:57:47 UTC ( 3 years, 6 months ago )
File names juchuangye~.cpu16777228
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!