× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 8f5d8748a66e7b54aeaafc1b65b974db31fe8403c9d39b187fd54943c6d97d98
File name: 8f5d8748a66e7b54aeaafc1b65b974db31fe8403c9d39b187fd54943c6d97d98.bin
Detection ratio: 29 / 48
Analysis date: 2016-06-13 18:59:19 UTC ( 1 month, 1 week ago )
Antivirus Result Update
ALYac MAC.OSX.Backdoor.Pintsized.A 20160613
Ad-Aware MAC.OSX.Backdoor.Pintsized.A 20160613
AegisLab Backdoor.Osx.Pintsized!c 20160613
AhnLab-V3 OSX-Trojan/Pintsized 20160613
Arcabit MAC.OSX.Backdoor.Pintsized.A 20160613
Avast MacOS:Pintsized-A [Trj] 20160613
ClamAV Osx.Trojan.Pintsized-3 20160613
Comodo UnclassifiedMalware 20160613
DrWeb BackDoor.Pintsized.2 20160613
ESET-NOD32 OSX/Pintsized.A 20160613
Emsisoft MAC.OSX.Backdoor.Pintsized.A (B) 20160613
F-Secure MAC.OSX.Backdoor.Pintsized.A 20160613
Fortinet OSX/Pintsized.A!tr 20160613
GData MAC.OSX.Backdoor.Pintsized.A 20160613
Ikarus MAC.OSX.Backdoor.Pintsized 20160613
K7AntiVirus Trojan ( 0001140e1 ) 20160613
K7GW Trojan ( 0001140e1 ) 20160613
Kaspersky Backdoor.OSX.Pintsized.a 20160613
McAfee OSX/PintSized 20160613
McAfee-GW-Edition OSX/PintSized 20160613
eScan MAC.OSX.Backdoor.Pintsized.A 20160613
Microsoft Backdoor:MacOS_X/PintSized.A 20160613
NANO-Antivirus Trojan.Mac.Pintsized.bhdxta 20160613
Qihoo-360 Win32/Backdoor.3d2 20160613
Sophos OSX/Bckdr-ROZ 20160613
Symantec OSX.Pintsized 20160613
Tencent Win32.Backdoor.Pintsized.fpl 20160613
TrendMicro-HouseCall OSX_PINTSIZED.ENV 20160613
nProtect MAC.OSX.Backdoor.Pintsized.A 20160613
AVware 20160613
Alibaba 20160613
Antiy-AVL 20160613
Avira (no cloud) 20160614
Baidu 20160612
BitDefender 20160613
CAT-QuickHeal 20160613
Cyren 20160613
F-Prot 20160613
Jiangmin 20160613
Kingsoft 20160613
Malwarebytes 20160613
Panda 20160612
TheHacker 20160612
TotalDefense 20160613
VBA32 20160611
VIPRE 20160613
ViRobot 20160613
Yandex 20160612
The file being studied is a Mac OS X executable! More specifically it is a executable file Mach-O for x86_64 based machines.
File header
File type executable file
Magic 0xfeedfacf
Required architecture x86_64
Sub-architecture X86_64_ALL
Entry point 0x100001240
Reserved 0x0
Load commands 16
Load commands size 2128
Flags DYLDLINK
NOUNDEFS
PIE
TWOLEVEL
File segments
Shared libraries
Load commands
File identification
MD5 0ec55685affc322a5d7be2e9ca1f9cbf
SHA1 7150474c9f5a9c12a740c793c39ab974eb9b9d2b
SHA256 8f5d8748a66e7b54aeaafc1b65b974db31fe8403c9d39b187fd54943c6d97d98
ssdeep
12288:MdOY+U0FhjJ2RtjI2OShWbDb812rbYxXhBzQuTcGU:fS0PdOtDOScQxRJQ+cZ

File size 678.8 KB ( 695044 bytes )
File type Mach-O
Magic literal
Mach-O 64-bit executable

TrID Mac OS X Mach-O 64bit Intel executable (100.0%)
Tags
64bits macho

VirusTotal metadata
First submission 2013-01-31 19:57:07 UTC ( 3 years, 5 months ago )
Last submission 2014-05-08 19:42:26 UTC ( 2 years, 2 months ago )
File names 0ec55685affc322a5d7be2e9ca1f9cbf.vir
cupsd
vti-rescan
8f5d8748a66e7b54aeaafc1b65b974db31fe8403c9d39b187fd54943c6d97d98.bin
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Created processes
DNS requests
TCP connections