× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 35b161dc0b9b47bb7c1cebcdada07860029839a5fe486ac71a755635f52c4386
File name: vti-rescan
Detection ratio: 18 / 50
Analysis date: 2014-03-27 19:58:17 UTC ( 5 years, 2 months ago ) View latest
Antivirus Result Update
Ad-Aware MAC.OSX.Backdoor.Wirenet.C 20140327
AntiVir MACOS/Wirenet.A.2 20140327
Avast Multi:Wirenet-B [Trj] 20140327
AVG OSX/Stealer 20140327
BitDefender MAC.OSX.Backdoor.Wirenet.C 20140327
ClamAV Osx.Backdoor.Wirenet-3 20140327
Comodo UnclassifiedMalware 20140327
DrWeb BackDoor.Wirenet.2 20140327
Emsisoft MAC.OSX.Backdoor.Wirenet.C (B) 20140327
ESET-NOD32 a variant of OSX/Netweird.A 20140327
F-Secure Backdoor:OSX/NetWeirdRC.A 20140327
GData MAC.OSX.Backdoor.Wirenet.C 20140327
Ikarus MacOS 20140327
Kaspersky Backdoor.OSX.Wirenet.c 20140327
eScan MAC.OSX.Backdoor.Wirenet.C 20140327
NANO-Antivirus Trojan.Mac.Wirenet.cutlvj 20140327
nProtect MAC.OSX.Backdoor.Wirenet.C 20140327
Sophos AV OSX/NetWrdRC-A 20140327
AegisLab 20140327
Yandex 20140327
AhnLab-V3 20140327
Antiy-AVL 20140327
Baidu-International 20140327
Bkav 20140327
ByteHero 20140327
CAT-QuickHeal 20140327
CMC 20140326
Commtouch 20140327
F-Prot 20140327
Fortinet 20140327
Jiangmin 20140327
K7AntiVirus 20140327
K7GW 20140326
Kingsoft 20140327
Malwarebytes 20140327
McAfee 20140327
McAfee-GW-Edition 20140327
Microsoft 20140327
Norman 20140327
Panda 20140327
Qihoo-360 20140327
Rising 20140327
SUPERAntiSpyware 20140327
Symantec 20140327
TheHacker 20140327
TotalDefense 20140327
TrendMicro 20140327
TrendMicro-HouseCall 20140327
VBA32 20140327
VIPRE 20140327
ViRobot 20140327
The file being studied is a compressed stream! More specifically, it is a ZIP file. It seems to be a bundled Mac OS X application.
Interesting properties
The studied file contains at least one Mac OS X executable.
Contained files
Compression metadata
Contained files
5
Uncompressed size
59191
Highest datetime
2013-07-04 20:58:06
Lowest datetime
2013-07-04 20:58:06
Contained files by type
directory
3
XML
1
Mac OS X Executable
1
ExifTool file metadata
MIMEType
application/zip

ZipRequiredVersion
10

ZipCRC
0x00000000

FileType
ZIP

ZipCompression
None

ZipUncompressedSize
0

ZipCompressedSize
0

FileTypeExtension
zip

ZipFileName
cracker.app/

ZipBitFlag
0

ZipModifyDate
2013:07:04 20:58:06

File identification
MD5 8a8d6f50dd6baf29f031b6547146f4d9
SHA1 dcfb31d6a3ccb3593f847260d8f8dfe2bb54a8ac
SHA256 35b161dc0b9b47bb7c1cebcdada07860029839a5fe486ac71a755635f52c4386
ssdeep
768:JeSOQhAOh2hjJn7OqNiZ6vyTVuVjfXqWB5TOIB:JeSphAvhjt3QEoVofdTOIB

File size 29.8 KB ( 30494 bytes )
File type ZIP
Magic literal
Zip archive data, at least v1.0 to extract

TrID ZIP compressed archive (80.0%)
PrintFox/Pagefox bitmap (var. P) (20.0%)
Tags
mac-app contains-macho zip

VirusTotal metadata
First submission 2013-07-06 23:46:03 UTC ( 5 years, 10 months ago )
Last submission 2014-11-09 22:06:56 UTC ( 4 years, 6 months ago )
File names cracker.app.zip
8a8d6f50dd6baf29f031b6547146f4d9.apk
vti-rescan
8a8d6f50dd6baf29f031b6547146f4d9.vir
file-6829761_zip
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Created processes
DNS requests
TCP connections