× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 2e4ac223d713344e1e4c72a175c24341785ae32ffba34d28ecb2a5c5a3e8380a
File name: 821193
Detection ratio: 0 / 57
Analysis date: 2016-04-03 04:39:04 UTC ( 1 year, 5 months ago )
Antivirus Result Update
Ad-Aware 20160403
AegisLab 20160403
AhnLab-V3 20160402
Alibaba 20160401
ALYac 20160403
Antiy-AVL 20160403
Arcabit 20160403
Avast 20160403
AVG 20160403
Avira (no cloud) 20160402
AVware 20160403
Baidu 20160402
Baidu-International 20160402
BitDefender 20160403
Bkav 20160402
CAT-QuickHeal 20160402
ClamAV 20160402
CMC 20160401
Comodo 20160402
Cyren 20160403
DrWeb 20160403
Emsisoft 20160403
ESET-NOD32 20160403
F-Prot 20160403
F-Secure 20160403
Fortinet 20160402
GData 20160403
Ikarus 20160402
Jiangmin 20160403
K7AntiVirus 20160403
K7GW 20160403
Kaspersky 20160402
Kingsoft 20160403
Malwarebytes 20160403
McAfee 20160403
McAfee-GW-Edition 20160403
Microsoft 20160402
eScan 20160403
NANO-Antivirus 20160403
nProtect 20160401
Panda 20160402
Qihoo-360 20160403
Rising 20160403
Sophos AV 20160403
SUPERAntiSpyware 20160403
Symantec 20160331
Tencent 20160403
TheHacker 20160330
TotalDefense 20160402
TrendMicro 20160403
TrendMicro-HouseCall 20160403
VBA32 20160401
VIPRE 20160403
ViRobot 20160402
Yandex 20160316
Zillya 20160402
Zoner 20160403
The file being studied is an Apple Disk Image! More specifically it follows the Universal Disk Image Format, commonly found with the DMG extension.
File signature
Identifier com.tuneskit.ibookcopy
Format bundle with Mach-O thin (x86_64)
CDHash 3af0c5c4b4d5f64361251bc98d3b6d5a9182fb0c
Signature size 4590
Authority Developer ID Application: li mi (MPJ28528EU)
Authority Developer ID Certification Authority
Authority Apple Root CA
Signed Time Mar 17, 2016, 8:58:11 AM
Info.plist entries 28
TeamIdentifier MPJ28528EU
Main executable
Package path /iBookCopy.app/Contents/Frameworks/AUHelper.framework/Versions/A/Resources/InstallTool.app/Contents/MacOS/InstallTool
Detection ratio 0 / 56 when this report was generated
File size 120308 Bytes
HFS File ID 83
DMG HFS Property List
SUFeedURL http://www.tuneskit.com/app_update_files/ibookcopy/mac_update.xml
CFBundleInfoDictionaryVersion 6.0
NSHumanReadableCopyright Copyright © 2016 TunesKit Studio. All Rights Reserved.
DTXcodeBuild 7C1002
CFBundleSupportedPlatforms MacOSX
CFBundleIdentifier com.tuneskit.ibookcopy
DTSDKName macosx10.11
DTSDKBuild 15C43
CFBundleShortVersionString 1.3
CFBundleDisplayName iBookCopy
BuildMachineOSBuild 15E64a
CFBundleExecutable iBookCopy
LSMinimumSystemVersion 10.8
NSAppTransportSecurity NSAllowsArbitraryLoads: True
CFBundleVersion 1.3.5
SUPublicDSAKeyFile icon_update.png
CFBundleIconFile AppIcon
DTPlatformBuild 7C1002
NSMainNibFile MMMainController
DTXcode 0721
CFBundleDevelopmentRegion en
DTCompiler com.apple.compilers.llvm.clang.1_0
CFBundleSignature ????
DTPlatformVersion GM
CFBundleName iBookCopy
SUEnableSystemProfiling True
CFBundlePackageType APPL
NSPrincipalClass NSApplication
Contained Mac OS X executables
Contained file bundles
BLKX Table
Entry Attributes
Driver Descriptor Map (DDM : 0) 0x0050
Apple (Apple_partition_map : 1) 0x0050
disk image (Apple_HFS : 2) 0x0050
(Apple_Free : 3) 0x0050
DMG XML Property List
Entry Attributes
ID:0 0x0050
DMG structural properties
DMG version
4
Data fork offset
0x0
Data fork length
2632550
Resource fork offset
0x0
Resource fork length
0
Resource fork keys
blkx, plst
Running data fork offset
0x0
XML offset
0x2632550
XML length
5709
PLST keys
resource-fork
File identification
MD5 96f16e1117c73561f6468580cbcd0d93
SHA1 d9ca7598aee1d53b0c249af7cdb36a90ea97b6e2
SHA256 2e4ac223d713344e1e4c72a175c24341785ae32ffba34d28ecb2a5c5a3e8380a
ssdeep
49152:sdFkUl9ECkQggOdwmvNkPrU6wS/PMMdiuuAE7x7ivumplp/0Wgwxk5P8:sLkKWoOdwUNkPI6zNM179iv/IGxc8

File size 2.5 MB ( 2638771 bytes )
File type Macintosh Disk Image
Magic literal
data

TrID ZLIB compressed data (66.6%)
Disk Image (Macintosh) (33.3%)
Tags
dmg

VirusTotal metadata
First submission 2016-03-19 17:59:15 UTC ( 1 year, 6 months ago )
Last submission 2016-03-19 17:59:15 UTC ( 1 year, 6 months ago )
File names 821193
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Moved files
Created processes
HTTP requests
DNS requests
TCP connections