× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 8f5d8748a66e7b54aeaafc1b65b974db31fe8403c9d39b187fd54943c6d97d98
File name: 8f5d8748a66e7b54aeaafc1b65b974db31fe8403c9d39b187fd54943c6d97d98.bin
Detection ratio: 33 / 55
Analysis date: 2016-09-10 20:52:34 UTC ( 2 weeks, 3 days ago )
Antivirus Result Update
ALYac Backdoor.MAC.Pintsized.A 20160910
AVG BackDoor.Generic_c.FDT 20160910
Ad-Aware Backdoor.MAC.Pintsized.A 20160910
AegisLab Backdoor.Osx.Pintsized!c 20160910
AhnLab-V3 OSX-Trojan/Pintsized 20160910
Arcabit Backdoor.MAC.Pintsized.A 20160910
Avast MacOS:Pintsized-A [Trj] 20160910
Avira (no cloud) OSX/Pintsized.A 20160910
BitDefender Backdoor.MAC.Pintsized.A 20160910
CAT-QuickHeal Backdoor.MacOSX.PintSized.A 20160910
ClamAV Osx.Trojan.Pintsized-3 20160910
Comodo UnclassifiedMalware 20160908
DrWeb BackDoor.Pintsized.2 20160910
ESET-NOD32 OSX/Pintsized.A 20160910
Emsisoft Backdoor.MAC.Pintsized.A (B) 20160910
Fortinet W32/OSX_Pintsized.A!tr.bdr 20160910
GData Backdoor.MAC.Pintsized.A 20160910
Ikarus MAC.OSX.Backdoor.Pintsized 20160910
K7AntiVirus Trojan ( 0001140e1 ) 20160910
K7GW Trojan ( 0001140e1 ) 20160910
Kaspersky Backdoor.OSX.Pintsized.a 20160910
McAfee OSX/PintSized 20160910
McAfee-GW-Edition OSX/PintSized 20160910
eScan Backdoor.MAC.Pintsized.A 20160910
Microsoft Backdoor:MacOS_X/PintSized.A 20160910
NANO-Antivirus Trojan.Mac.Pintsized.bhdxta 20160910
Qihoo-360 Win32/Backdoor.3d2 20160910
Sophos OSX/Bckdr-ROZ 20160910
Symantec OSX.Pintsized 20160910
Tencent Win32.Backdoor.Pintsized.fpl 20160910
TrendMicro OSX_PINTSIZED.ENV 20160910
TrendMicro-HouseCall OSX_PINTSIZED.ENV 20160910
Zillya Trojan.Pintsized..1 20160910
AVware 20160910
Alibaba 20160910
Antiy-AVL 20160910
Baidu 20160910
Bkav 20160910
CMC 20160908
Cyren 20160910
F-Prot 20160910
Invincea 20160830
Jiangmin 20160910
Kingsoft 20160910
Malwarebytes 20160910
Panda 20160910
Rising 20160910
SUPERAntiSpyware 20160910
TheHacker 20160909
TotalDefense 20160907
VBA32 20160909
VIPRE 20160910
ViRobot 20160910
Yandex 20160910
Zoner 20160910
nProtect 20160910
The file being studied is a Mac OS X executable! More specifically it is a executable file Mach-O for x86_64 based machines.
File header
File type executable file
Magic 0xfeedfacf
Required architecture x86_64
Sub-architecture X86_64_ALL
Entry point 0x100001240
Reserved 0x0
Load commands 16
Load commands size 2128
Flags DYLDLINK
NOUNDEFS
PIE
TWOLEVEL
File segments
Shared libraries
Load commands
File identification
MD5 0ec55685affc322a5d7be2e9ca1f9cbf
SHA1 7150474c9f5a9c12a740c793c39ab974eb9b9d2b
SHA256 8f5d8748a66e7b54aeaafc1b65b974db31fe8403c9d39b187fd54943c6d97d98
ssdeep
12288:MdOY+U0FhjJ2RtjI2OShWbDb812rbYxXhBzQuTcGU:fS0PdOtDOScQxRJQ+cZ

File size 678.8 KB ( 695044 bytes )
File type Mach-O
Magic literal
Mach-O 64-bit executable

TrID Mac OS X Mach-O 64bit Intel executable (100.0%)
Tags
64bits macho

VirusTotal metadata
First submission 2013-01-31 19:57:07 UTC ( 3 years, 8 months ago )
Last submission 2014-05-08 19:42:26 UTC ( 2 years, 4 months ago )
File names 0ec55685affc322a5d7be2e9ca1f9cbf.vir
cupsd
vti-rescan
8f5d8748a66e7b54aeaafc1b65b974db31fe8403c9d39b187fd54943c6d97d98.bin
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Created processes
DNS requests
TCP connections