× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 7c201bfe37cc3e670a200a60a72caf298036a6335b237bf04e17efdd9ff879ab
File name: Flux30.zip
Detection ratio: 0 / 53
Analysis date: 2014-06-15 20:01:10 UTC ( 3 years, 4 months ago ) View latest
Antivirus Result Update
Ad-Aware 20140615
AegisLab 20140615
Yandex 20140614
AhnLab-V3 20140615
AntiVir 20140615
Antiy-AVL 20140611
Avast 20140615
AVG 20140615
Baidu-International 20140615
BitDefender 20140615
Bkav 20140614
ByteHero 20140615
CAT-QuickHeal 20140615
ClamAV 20140615
CMC 20140615
Commtouch 20140615
Comodo 20140615
DrWeb 20140615
Emsisoft 20140615
ESET-NOD32 20140615
F-Prot 20140615
F-Secure 20140615
Fortinet 20140615
GData 20140615
Ikarus 20140615
Jiangmin 20140615
K7AntiVirus 20140613
K7GW 20140613
Kaspersky 20140615
Kingsoft 20140615
Malwarebytes 20140615
McAfee 20140615
McAfee-GW-Edition 20140615
Microsoft 20140615
eScan 20140615
NANO-Antivirus 20140615
Norman 20140615
nProtect 20140615
Panda 20140615
Qihoo-360 20140615
Rising 20140615
Sophos AV 20140615
SUPERAntiSpyware 20140614
Symantec 20140615
Tencent 20140615
TheHacker 20140612
TotalDefense 20140615
TrendMicro 20140615
TrendMicro-HouseCall 20140615
VBA32 20140613
VIPRE 20140615
ViRobot 20140615
Zillya 20140615
Zoner 20140613
The file being studied is a compressed stream! More specifically, it is a ZIP file. It seems to be a bundled Mac OS X application.
File signature
Identifier org.herf.Flux
Format bundle with Mach-O universal (i386 x86_64)
CDHash b72fe78ae99b6ffa7308ba167b441c51b56acbe6
Signature size 8510
Authority Developer ID Application: Michael Herf
Authority Developer ID Certification Authority
Authority Apple Root CA
Timestamp Mar 17, 2014, 12:46:08 AM
Info.plist entries 27
TeamIdentifier not set
Interesting properties
The studied file contains at least one Mac OS X executable.
Contained files
Compression metadata
Contained files
158
Uncompressed size
2509158
Highest datetime
2014-03-16 17:46:08
Lowest datetime
2014-03-16 17:45:50
Contained files by extension
nib
76
h
5
png
3
txt
1
Contained files by type
XML
54
unknown
52
directory
46
Mac OS X Executable
3
PNG
3
ExifTool file metadata
MIMEType
application/zip

ZipRequiredVersion
10

ZipCRC
0x00000000

FileType
ZIP

ZipCompression
None

ZipUncompressedSize
0

ZipCompressedSize
0

FileTypeExtension
zip

ZipFileName
Flux.app/

ZipBitFlag
0

ZipModifyDate
2014:03:16 17:45:26

File identification
MD5 5ea0b6e38a2d82506493f4ec5dea2f8b
SHA1 775cbad8540e6764e6eb05950e35ee22e36b8ea0
SHA256 7c201bfe37cc3e670a200a60a72caf298036a6335b237bf04e17efdd9ff879ab
ssdeep
24576:dfEpjifXq7dzKqPepa2kC1sw5ZBFWYCC2fvf0ysY3b4rwK:dfEBbROqQaTCVNWY8VB4kK

File size 1.3 MB ( 1359383 bytes )
File type ZIP
Magic literal
Zip archive data, at least v1.0 to extract

TrID ZIP compressed archive (100.0%)
Tags
contains-macho mac-app zip

VirusTotal metadata
First submission 2014-03-21 01:37:47 UTC ( 3 years, 7 months ago )
Last submission 2016-04-15 00:01:05 UTC ( 1 year, 6 months ago )
File names 437431
Flux30.zip
Flux.zip
Flux30.zip
Flux.zip
file
Flux30.zip
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Moved files
Created processes
DNS requests
TCP connections