× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 8f5d8748a66e7b54aeaafc1b65b974db31fe8403c9d39b187fd54943c6d97d98
File name: 8f5d8748a66e7b54aeaafc1b65b974db31fe8403c9d39b187fd54943c6d97d98.bin
Detection ratio: 35 / 55
Analysis date: 2016-08-10 06:30:54 UTC ( 2 weeks, 2 days ago )
Antivirus Result Update
ALYac Backdoor.MAC.Pintsized.A 20160810
AVG BackDoor.Generic_c.FDT 20160810
Ad-Aware Backdoor.MAC.Pintsized.A 20160810
AegisLab Backdoor.Osx.Pintsized!c 20160810
AhnLab-V3 OSX-Trojan/Pintsized 20160810
Arcabit Backdoor.MAC.Pintsized.A 20160810
Avast MacOS:Pintsized-A [Trj] 20160810
Avira (no cloud) OSX/Pintsized.A 20160810
BitDefender Backdoor.MAC.Pintsized.A 20160810
CAT-QuickHeal Backdoor.MacOSX.PintSized.A 20160810
ClamAV Osx.Trojan.Pintsized-3 20160810
Comodo UnclassifiedMalware 20160810
DrWeb BackDoor.Pintsized.2 20160810
ESET-NOD32 OSX/Pintsized.A 20160810
Emsisoft Backdoor.MAC.Pintsized.A (B) 20160810
F-Secure Backdoor.MAC.Pintsized.A 20160810
Fortinet OSX/Pintsized.A!tr 20160810
GData Backdoor.MAC.Pintsized.A 20160810
Ikarus MAC.OSX.Backdoor.Pintsized 20160809
K7AntiVirus Trojan ( 0001140e1 ) 20160809
K7GW Trojan ( 0001140e1 ) 20160810
Kaspersky Backdoor.OSX.Pintsized.a 20160810
McAfee OSX/PintSized 20160810
McAfee-GW-Edition OSX/PintSized 20160810
eScan Backdoor.MAC.Pintsized.A 20160810
Microsoft Backdoor:MacOS_X/PintSized.A 20160810
NANO-Antivirus Trojan.Mac.Pintsized.bhdxta 20160810
Qihoo-360 Win32/Backdoor.3d2 20160810
Sophos OSX/Bckdr-ROZ 20160810
Symantec OSX.Pintsized 20160810
Tencent Win32.Backdoor.Pintsized.fpl 20160810
TrendMicro OSX_PINTSIZED.ENV 20160810
TrendMicro-HouseCall OSX_PINTSIZED.ENV 20160810
Zillya Trojan.Pintsized..1 20160809
nProtect Backdoor.MAC.Pintsized.A 20160809
AVware 20160810
Alibaba 20160810
Antiy-AVL 20160810
Baidu 20160809
Bkav 20160809
CMC 20160804
Cyren 20160810
F-Prot 20160810
Jiangmin 20160810
Kingsoft 20160810
Malwarebytes 20160810
Panda 20160809
SUPERAntiSpyware 20160810
TheHacker 20160809
TotalDefense 20160808
VBA32 20160809
VIPRE 20160810
ViRobot 20160810
Yandex 20160809
Zoner 20160810
The file being studied is a Mac OS X executable! More specifically it is a executable file Mach-O for x86_64 based machines.
File header
File type executable file
Magic 0xfeedfacf
Required architecture x86_64
Sub-architecture X86_64_ALL
Entry point 0x100001240
Reserved 0x0
Load commands 16
Load commands size 2128
Flags DYLDLINK
NOUNDEFS
PIE
TWOLEVEL
File segments
Shared libraries
Load commands
File identification
MD5 0ec55685affc322a5d7be2e9ca1f9cbf
SHA1 7150474c9f5a9c12a740c793c39ab974eb9b9d2b
SHA256 8f5d8748a66e7b54aeaafc1b65b974db31fe8403c9d39b187fd54943c6d97d98
ssdeep
12288:MdOY+U0FhjJ2RtjI2OShWbDb812rbYxXhBzQuTcGU:fS0PdOtDOScQxRJQ+cZ

File size 678.8 KB ( 695044 bytes )
File type Mach-O
Magic literal
Mach-O 64-bit executable

TrID Mac OS X Mach-O 64bit Intel executable (100.0%)
Tags
64bits macho

VirusTotal metadata
First submission 2013-01-31 19:57:07 UTC ( 3 years, 6 months ago )
Last submission 2014-05-08 19:42:26 UTC ( 2 years, 3 months ago )
File names 0ec55685affc322a5d7be2e9ca1f9cbf.vir
cupsd
vti-rescan
8f5d8748a66e7b54aeaafc1b65b974db31fe8403c9d39b187fd54943c6d97d98.bin
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Created processes
DNS requests
TCP connections