× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 8d466251e695854501c565d81a1af36165c1589e4fa8d3fb5eb8155ac34a35a7
File name: Mp3tag.app.zip
Detection ratio: 2 / 58
Analysis date: 2017-07-02 02:04:00 UTC ( 1 year, 1 month ago )
Antivirus Result Update
Baidu Multi.Threats.InArchive 20170630
TheHacker Trojan/Jorik.Gbot.rdq 20170628
Ad-Aware 20170702
AegisLab 20170702
AhnLab-V3 20170701
Alibaba 20170701
ALYac 20170702
Antiy-AVL 20170630
Arcabit 20170702
Avast 20170701
AVG 20170701
Avira (no cloud) 20170701
AVware 20170701
BitDefender 20170701
Bkav 20170701
CAT-QuickHeal 20170701
ClamAV 20170701
CMC 20170701
Comodo 20170702
CrowdStrike Falcon (ML) 20170420
Cyren 20170701
DrWeb 20170701
Emsisoft 20170701
Endgame 20170629
ESET-NOD32 20170701
F-Prot 20170702
F-Secure 20170701
Fortinet 20170629
GData 20170701
Ikarus 20170701
Sophos ML 20170607
Jiangmin 20170701
K7AntiVirus 20170701
K7GW 20170702
Kaspersky 20170702
Kingsoft 20170702
Malwarebytes 20170702
McAfee 20170701
McAfee-GW-Edition 20170701
Microsoft 20170701
eScan 20170702
NANO-Antivirus 20170701
nProtect 20170702
Palo Alto Networks (Known Signatures) 20170702
Panda 20170701
Qihoo-360 20170702
Rising 20170702
SentinelOne (Static ML) 20170516
Sophos AV 20170702
SUPERAntiSpyware 20170701
Symantec 20170701
Symantec Mobile Insight 20170630
Tencent 20170702
TrendMicro 20170702
TrendMicro-HouseCall 20170702
Trustlook 20170702
VBA32 20170630
VIPRE 20170702
ViRobot 20170701
Webroot 20170702
WhiteArmor 20170627
Yandex 20170630
Zillya 20170701
ZoneAlarm by Check Point 20170702
Zoner 20170702
The file being studied is a compressed stream! More specifically, it is a ZIP file. It seems to be a bundled Mac OS X application.
File signature
Identifier de.mp3tag.Mp3tag_149821222732322
Format bundle with generic
CDHash 40a731de65921c0b97ae6751697e6b0ca06d2945
Signature size 8925
Authority Developer ID Application: Florian Heidenreich (SX5YR25689)
Authority Developer ID Certification Authority
Authority Apple Root CA
Timestamp Jun 23, 2017, 11:07:04 AM
Info.plist entries 15
TeamIdentifier SX5YR25689
Signers
[+] Florian Heidenreich
Status Valid
Issuer Apple Inc.
Valid from 10:33 AM 02/23/2016
Valid to 10:33 AM 02/23/2021
Valid usage Digital Signature, Code Signing
Algorithm sha256WithRSAEncryption
Thumbprint BEC5FCF9A8BC8F2668BA3937BDCFD0B05B8E98D4
Serial number 68 C1 0B 59 FA 07 53 D8
[+] Apple Inc.
Status Valid
Issuer Apple Inc.
Valid from 10:12 PM 02/01/2012
Valid to 10:12 PM 02/01/2027
Valid usage Digital Signature, Certificate Sign, CRL Sign
Algorithm sha256WithRSAEncryption
Thumbprint 3B166C3B7DC4B751C9FE2AFAB9135641E388E186
Serial number 18 7A A9 A8 C2 96 21 0C
[+] Apple Inc.
Status Valid
Issuer Apple Inc.
Valid from 09:40 PM 04/25/2006
Valid to 09:40 PM 02/09/2035
Valid usage Certificate Sign, CRL Sign
Algorithm sha1WithRSAEncryption
Thumbprint 611E5B662C593A08FF58D14AE22452D198DF6C60
Serial number 2
Interesting properties
The studied file contains at least one Portable Executable.
The studied file contains at least one Mac OS X executable.
Contained files
Compression metadata
Contained files
2270
Uncompressed size
23169302
Highest datetime
2017-07-01 19:03:22
Lowest datetime
2015-12-14 07:02:02
Contained files by extension
dll
561
exe
88
png
27
h
24
nib
22
sh
18
drv
14
vxd
10
sys
6
acm
5
cpl
4
ocx
4
reg
3
tlb
3
ini
2
ds
2
nls
1
log
1
id
1
mod
1
Contained files by type
Portable Executable
698
directory
118
unknown
77
XML
33
PNG
27
Mac OS X Executable
25
script
18
HTML
4
ExifTool file metadata
MIMEType
application/zip

ZipRequiredVersion
20

ZipCRC
0x00000000

FileType
ZIP

ZipCompression
Deflated

ZipUncompressedSize
0

ZipCompressedSize
2

FileTypeExtension
zip

ZipFileName
Mp3tag.app/

ZipBitFlag
0x0800

ZipModifyDate
2017:06:23 03:03:23

File identification
MD5 e0d20d4ce55591b1837577b7ef7ecd69
SHA1 5344d727f521eb9e5eedd881a77f649874ffb2ed
SHA256 8d466251e695854501c565d81a1af36165c1589e4fa8d3fb5eb8155ac34a35a7
ssdeep
393216:oRTIT1T7l3ZKCT9XUPbFdJxb7s7Bmzz9RvKCTskU1HmStxb7s7BGis:0ORV8bb7s7oZgfb7s74x

File size 18.6 MB ( 19457024 bytes )
File type ZIP
Magic literal
Zip archive data, at least v2.0 to extract

TrID Mozilla Archive Format (gen) (63.6%)
ZIP compressed archive (36.3%)
Tags
mac-app contains-pe contains-macho signed zip

VirusTotal metadata
First submission 2017-07-02 02:04:00 UTC ( 1 year, 1 month ago )
Last submission 2017-07-02 02:04:00 UTC ( 1 year, 1 month ago )
File names Mp3tag.app.zip
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Created processes
HTTP requests
DNS requests
TCP connections