× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 6fa9ad7af84e034ef95fd6b8c9de347d2c8de77131204ca46e39039b48baba77
File name: 3327
Detection ratio: 0 / 57
Analysis date: 2016-04-02 21:19:04 UTC ( 3 years ago ) View latest
Antivirus Result Update
Ad-Aware 20160402
AegisLab 20160402
AhnLab-V3 20160402
Alibaba 20160401
ALYac 20160402
Antiy-AVL 20160402
Arcabit 20160402
Avast 20160402
AVG 20160402
Avira (no cloud) 20160402
AVware 20160402
Baidu 20160402
Baidu-International 20160402
BitDefender 20160402
Bkav 20160402
CAT-QuickHeal 20160402
ClamAV 20160402
CMC 20160401
Comodo 20160402
Cyren 20160402
DrWeb 20160402
Emsisoft 20160402
ESET-NOD32 20160402
F-Prot 20160402
F-Secure 20160402
Fortinet 20160402
GData 20160402
Ikarus 20160402
Jiangmin 20160402
K7AntiVirus 20160402
K7GW 20160402
Kaspersky 20160402
Kingsoft 20160402
Malwarebytes 20160402
McAfee 20160402
McAfee-GW-Edition 20160402
Microsoft 20160402
eScan 20160402
NANO-Antivirus 20160402
nProtect 20160401
Panda 20160402
Qihoo-360 20160402
Rising 20160402
Sophos AV 20160402
SUPERAntiSpyware 20160402
Symantec 20160331
Tencent 20160402
TheHacker 20160330
TotalDefense 20160402
TrendMicro 20160402
TrendMicro-HouseCall 20160402
VBA32 20160401
VIPRE 20160402
ViRobot 20160402
Yandex 20160316
Zillya 20160402
Zoner 20160402
The file being studied is an Apple Disk Image! More specifically it follows the Universal Disk Image Format, commonly found with the DMG extension.
Main executable
Package path /WizSolitaire/DeckEditor.app/Contents/MacOS/DeckEditor
Detection ratio 0 / 56 when this report was generated
File size 133128 Bytes
HFS File ID 7265
DMG HFS Property List
CFBundleHelpBookName Wiz Solitaire Help
DTXcodeBuild 10M2518
CFBundleIdentifier info.tellini.mac.WizSolitaire
CFBundleDocumentTypes {u'CFBundleTypeRole': u'Editor', u'CFBundleTypeIconFile': u'KeyFileIcon.icns', u'CFBundleTypeExtensions': [u'wizsolitairekey'], u'CFBundleTypeName': u'Wiz Solitaire License', u'NSDocumentClass': u'LicenseDocument', u'NSPersistentStoreTypeKey': u'Binary', u'LSTypeIsPackage': True}
DTSDKName macosx10.4
DTSDKBuild 8S2167
WUUpdateURL http://www.tellini.org/mac/updates/wizsolitaire.plist
BuildMachineOSBuild 10J4138
CFBundleInfoDictionaryVersion 6.0
CFBundleExecutable WizSolitaire
CFBundleVersion 1.52
CFBundleIconFile WizSolitaireIcon
DTPlatformBuild 10M2518
FRFeedbackReporter.targetURL http://www.tellini.org/mac/feedback/submit.php?project=Wiz+Solitaire+(MacOS+X)
DTXcode 0400
CFBundleDevelopmentRegion English
NSMainNibFile MainMenu
DTCompiler 4.0
CFBundleSignature ITST
CFBundleHelpBookFolder WizSolitaire Help
DTPlatformVersion PG
CFBundlePackageType APPL
NSPrincipalClass NSApplication
Contained Mac OS X executables
Contained file bundles
BLKX Table
Entry Attributes
Driver Descriptor Map (DDM : 0) 0x0050
Apple (Apple_partition_map : 1) 0x0050
disk image (Apple_HFS : 2) 0x0050
(Apple_Free : 3) 0x0050
DMG XML Property List
Entry Attributes
ID:0 0x0050
DMG structural properties
DMG version
4
Data fork offset
0x0
Data fork length
2767048
Resource fork offset
0x0
Resource fork length
0
Resource fork keys
blkx, plst
Running data fork offset
0x0
XML offset
0x2767048
XML length
7375
PLST keys
resource-fork
Compressed bundles
File identification
MD5 21d95b34a852c9d0bc4c7c1e0fa508ec
SHA1 20acd6fc9540f8c2296c49f2833d881360f33c30
SHA256 6fa9ad7af84e034ef95fd6b8c9de347d2c8de77131204ca46e39039b48baba77
ssdeep
49152:z5FAoC6gPPUU2UthVN8xnG9RGuCoFGx0ELMmL5qvNBVl1iIIlPWR/3X4+9:zHW6gnUU2GhjineRGuCjVM25qVuItP4y

File size 2.6 MB ( 2774935 bytes )
File type Macintosh Disk Image
Magic literal
VAX COFF executable not stripped

TrID ZLIB compressed data (var. 1) (100.0%)
Tags
dmg

VirusTotal metadata
First submission 2011-12-26 06:25:40 UTC ( 7 years, 3 months ago )
Last submission 2018-05-06 00:17:13 UTC ( 11 months, 3 weeks ago )
File names WizSolitaire-1.52.dmg
21d95b34a852c9d0bc4c7c1e0fa508ec
3327
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
HTTP requests
DNS requests
TCP connections