× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 3f1b6ae4bd3b2f3297bf722012b01fe8d8c0bb2d6899dbad24c7510096dfb689
File name: Unflod.dylib
Detection ratio: 1 / 50
Analysis date: 2014-04-18 15:57:47 UTC ( 3 years, 8 months ago ) View latest
Antivirus Result Update
DrWeb IPhoneOS.PWS.Stealer.1 20140418
Ad-Aware 20140418
AegisLab 20140418
Yandex 20140417
AhnLab-V3 20140418
AntiVir 20140418
Antiy-AVL 20140418
Avast 20140418
AVG 20140418
Baidu-International 20140418
BitDefender 20140418
Bkav 20140418
ByteHero 20140418
CAT-QuickHeal 20140418
ClamAV 20140418
CMC 20140417
Commtouch 20140418
Comodo 20140418
Emsisoft 20140418
ESET-NOD32 20140418
F-Prot 20140418
F-Secure 20140418
Fortinet 20140418
GData 20140418
Ikarus 20140418
Jiangmin 20140418
K7AntiVirus 20140418
K7GW 20140418
Kaspersky 20140418
Kingsoft 20140418
Malwarebytes 20140418
McAfee 20140418
McAfee-GW-Edition 20140418
Microsoft 20140418
eScan 20140418
NANO-Antivirus 20140418
Norman 20140418
nProtect 20140418
Panda 20140418
Qihoo-360 20140411
Rising 20140418
Sophos AV 20140418
SUPERAntiSpyware 20140418
Symantec 20140418
TheHacker 20140417
TotalDefense 20140417
TrendMicro 20140418
TrendMicro-HouseCall 20140418
VBA32 20140418
VIPRE 20140418
ViRobot 20140418
The file being studied is a Mac OS X executable! More specifically it is a dynamically bound shared library Mach-O for ARM based machines.
File signature
Identifier com.your.framework
Format Mach-O thin (armv7)
CDHash da792624675e82b3460b426f869fbe718abea3f9
Signature size 4322
Authority iPhone Developer: WANG XIN (P5KFURM8M8)
Authority Apple Worldwide Developer Relations Certification Authority
Authority Apple Root CA
Signed Time Feb 13, 2014, 10:32:58 PM
Info.plist not bound
TeamIdentifier not set
Sealed Resources none
Signers
[+] WANG XIN
Status NotTrusted
Issuer Apple Inc.
Valid from 04:08 AM 01/10/2014
Valid to 04:08 AM 01/10/2015
Valid usage Digital Signature, Code Signing
Algorithm sha1WithRSAEncryption
Thumbprint 2425D538EF18FE7B6C6A122D2B261223590106AE
Serial number 6D 0F 3B A4 E5 7A 8C A2
[+] Apple Inc.
Status Certificate out of its validity period
Issuer Apple Inc.
Valid from 06:56 PM 02/14/2008
Valid to 06:56 PM 02/14/2016
Valid usage Digital Signature, Certificate Sign, CRL Sign
Algorithm sha1WithRSAEncryption
Thumbprint 0950B6CD3D2F37EA246A1AAA20DFAADBD6FE1F75
Serial number 19
[+] Apple Inc.
Status Valid
Issuer Apple Inc.
Valid from 09:40 PM 04/25/2006
Valid to 09:40 PM 02/09/2035
Valid usage Certificate Sign, CRL Sign
Algorithm sha1WithRSAEncryption
Thumbprint 611E5B662C593A08FF58D14AE22452D198DF6C60
Serial number 2
File header
File type dynamically bound shared library
Magic 0xfeedface
Required architecture ARM
Sub-architecture ARM_V7
Load commands 24
Load commands size 2080
Flags DYLDLINK
NOUNDEFS
NO_REEXPORTED_DYLIBS
TWOLEVEL
File segments
Shared libraries
Load commands
Compressed bundles
File identification
MD5 d482f43bac6af8e56f20097308164328
SHA1 9774998422a984816fe4eea1138df1a7401eff98
SHA256 3f1b6ae4bd3b2f3297bf722012b01fe8d8c0bb2d6899dbad24c7510096dfb689
ssdeep
192:sIwJZeHbsXTZv7BsMYM5afsBc3CAcAIW8P04cj/15HIc3qDO:svZesFrzWZCm8keD

File size 20.6 KB ( 21072 bytes )
File type Mach-O
Magic literal
Mach-O dynamically linked shared library acorn

TrID Mac OS X Mach-O 32bit ARM executable (little endian) (50.0%)
Mac OS X Mach-O 32bit Intel executable (49.9%)
Tags
macho arm lib

VirusTotal metadata
First submission 2014-04-18 06:59:49 UTC ( 3 years, 8 months ago )
Last submission 2016-09-04 04:20:37 UTC ( 1 year, 3 months ago )
File names i (1)
3f1b6ae4bd3b2f3297bf722012b01fe8d8c0bb2d6899dbad24c7510096dfb689_
3F1B6AE4BD3B2F3297BF722012B01FE8D8C0BB2D6899DBAD24C7510096DFB689
wX2R.hta
Unflod.dylib
d482f43bac6af8e56f20097308164328.dylib
Unflod.exe
file-7559393_
3f1b6ae4bd3b2f3297bf722012b01fe8d8c0bb2d6899dbad24c7510096dfb689.bin
i (1).dmg
vti-rescan
Unflod 3.dylib
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!