× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 6f1e9d7dc6b52af887b5e1bee6e0d0366345fb53c752ca23b98a9cf9b647fd49
File name: MPlayerX-1.1.0.dmg
Detection ratio: 14 / 55
Analysis date: 2015-09-05 11:06:28 UTC ( 3 years, 8 months ago ) View latest
Antivirus Result Update
Ad-Aware Application.MAC.OSX.InstallMiez.DO 20150905
Arcabit Application.MAC.OSX.InstallMiez.DO 20150905
Avast MacOS:InstallCore-I [Adw] 20150905
AVG OSX/InstallCore 20150905
BitDefender Application.MAC.OSX.InstallMiez.DO 20150905
CAT-QuickHeal AdWare.OSX.InstallMiez.DA 20150904
DrWeb Tool.Mac.ExtInstall.4 20150905
F-Secure Application.MAC.OSX 20150905
GData Application.MAC.OSX.InstallMiez.DO 20150905
Kaspersky not-a-virus:AdWare.OSX.Dynji.a 20150905
eScan Application.MAC.OSX.InstallMiez.DO 20150905
NANO-Antivirus Riskware.Mac.MLW.dtkjjh 20150905
Sophos AV InstallCore (PUA) 20150905
Tencent Win32.Adware.Dynji.Tcvx 20150905
AegisLab 20150905
Yandex 20150904
AhnLab-V3 20150905
Alibaba 20150902
ALYac 20150905
Antiy-AVL 20150905
AVware 20150901
Baidu-International 20150905
Bkav 20150905
ByteHero 20150905
ClamAV 20150905
CMC 20150902
Comodo 20150905
Cyren 20150905
Emsisoft 20150905
ESET-NOD32 20150905
F-Prot 20150905
Fortinet 20150905
Ikarus 20150905
Jiangmin 20150904
K7AntiVirus 20150905
K7GW 20150905
Kingsoft 20150905
Malwarebytes 20150905
McAfee 20150905
McAfee-GW-Edition 20150905
Microsoft 20150905
nProtect 20150904
Panda 20150905
Qihoo-360 20150905
Rising 20150904
SUPERAntiSpyware 20150905
Symantec 20150904
TheHacker 20150904
TrendMicro 20150905
TrendMicro-HouseCall 20150905
VBA32 20150905
VIPRE 20150905
ViRobot 20150905
Zillya 20150905
Zoner 20150905
The file being studied is an Apple Disk Image! More specifically it follows the Universal Disk Image Format, commonly found with the DMG extension.
File signature
Identifier com.ucQNUg.hZtszfB
Format bundle with Mach-O thin (x86_64)
CDHash 61fb9b0eb2bdeed0654cacea4e7aaf1deb5b22d1
Signature size 8519
Authority Developer ID Application: Zongyao Qu (JQRW8D24U4)
Authority Developer ID Certification Authority
Authority Apple Root CA
Timestamp Jun 24, 2015, 4:09:34 PM
Info.plist entries 24
TeamIdentifier JQRW8D24U4
Main executable
Package path /MPlayerX.app/Contents/MacOS/txalKp
Detection ratio 25 / 61 when this report was generated
File size 201568 Bytes
HFS File ID 29
DMG HFS Property List
CFBundleInfoDictionaryVersion 6.0
NSHumanReadableCopyright Copyright © 2014. All rights reserved.
DTXcodeBuild 6D2105
CFBundleIdentifier com.ucQNUg.hZtszfB
DTSDKName macosx10.10
DTSDKBuild 14D125
CFBundleShortVersionString 104.1403
BuildMachineOSBuild 14D136
makedate 201502091500
CFBundleExecutable txalKp
LSMinimumSystemVersion 10.7
CFBundleVersion 1
CFBundleIconFile installer
DTPlatformBuild 6D2105
NSMainNibFile MainMenu
DTXcode 0632
CFBundleDevelopmentRegion en
LSApplicationCategoryType public.app-category.utilities
DTCompiler com.apple.compilers.llvm.clang.1_0
CFBundleSignature ????
DTPlatformVersion GM
CFBundleName Installer
CFBundlePackageType APPL
NSPrincipalClass NSApplication
Contained Mac OS X executables
Contained file bundles
BLKX Table
Entry Attributes
Protective Master Boot Record (MBR : 0) 0x0050
GPT Header (Primary GPT Header : 1) 0x0050
GPT Partition Data (Primary GPT Table : 2) 0x0050
(Apple_Free : 3) 0x0050
disk image (Apple_HFS : 4) 0x0050
(Apple_Free : 5) 0x0050
GPT Partition Data (Backup GPT Table : 6) 0x0050
GPT Header (Backup GPT Header : 7) 0x0050
DMG XML Property List
Entry Attributes
ID:0 0x0050
DMG structural properties
DMG version
Data fork offset
Data fork length
Resource fork offset
Resource fork length
Resource fork keys
blkx, plst
Running data fork offset
XML offset
XML length
PLST keys
Compressed bundles
File identification
MD5 cdc9d4c76ba4b1c57b934cc4b1376833
SHA1 49482030383c1f8b8436928a97b7c5bddc69da70
SHA256 6f1e9d7dc6b52af887b5e1bee6e0d0366345fb53c752ca23b98a9cf9b647fd49

File size 1.4 MB ( 1493402 bytes )
File type Macintosh Disk Image
Magic literal

TrID Macintosh Disk image (BZlib compressed) (97.6%)
ZLIB compressed data (var. 4) (2.3%)

VirusTotal metadata
First submission 2015-07-01 08:07:26 UTC ( 3 years, 11 months ago )
Last submission 2017-11-08 22:52:13 UTC ( 1 year, 6 months ago )
File names MPlayerX-1.1.0.dmg
Advanced heuristic and reputation engines
Possibly Unwanted Application labelled as InstallCore. This is a term used to describe applications that, while not malicious, are generally considered unsuitable for business networks. More details about Sophos PUA classifications can be found at: https://www.sophos.com/en-us/support/knowledgebase/14887.aspx .

TrendMicro's heuristic engine has flagged this file as: Suspicious_GEN.F47V0701.

No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Created processes
DNS requests
TCP connections
UDP communications