× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 9f616617838e6180879e6f4816049830b96d5450cf18de2500e06836cd424013
File name: winzip.dmg
Detection ratio: 0 / 59
Analysis date: 2017-11-26 00:09:48 UTC ( 1 year, 2 months ago ) View latest
Antivirus Result Update
Ad-Aware 20171125
AegisLab 20171125
AhnLab-V3 20171125
Alibaba 20171124
Antiy-AVL 20171125
Arcabit 20171126
Avast 20171125
Avast-Mobile 20171125
AVG 20171125
Avira (no cloud) 20171125
AVware 20171126
Baidu 20171124
BitDefender 20171125
Bkav 20171124
CAT-QuickHeal 20171125
ClamAV 20171125
CMC 20171125
Comodo 20171126
CrowdStrike Falcon (ML) 20171016
Cybereason 20171103
Cylance 20171126
Cyren 20171125
DrWeb 20171125
eGambit 20171126
Emsisoft 20171125
Endgame 20171024
ESET-NOD32 20171125
F-Prot 20171125
F-Secure 20171125
Fortinet 20171125
GData 20171125
Ikarus 20171125
Sophos ML 20170914
Jiangmin 20171125
K7AntiVirus 20171124
K7GW 20171125
Kaspersky 20171126
Kingsoft 20171126
Malwarebytes 20171125
MAX 20171125
McAfee 20171125
McAfee-GW-Edition 20171125
Microsoft 20171125
eScan 20171125
NANO-Antivirus 20171125
nProtect 20171125
Palo Alto Networks (Known Signatures) 20171126
Panda 20171125
Qihoo-360 20171126
Rising 20171126
SentinelOne (Static ML) 20171113
Sophos AV 20171125
SUPERAntiSpyware 20171125
Symantec 20171125
Symantec Mobile Insight 20171124
Tencent 20171126
TheHacker 20171121
TotalDefense 20171125
TrendMicro 20171125
TrendMicro-HouseCall 20171125
Trustlook 20171126
VBA32 20171124
VIPRE 20171125
ViRobot 20171125
Webroot 20171126
WhiteArmor 20171104
Yandex 20171120
Zillya 20171124
ZoneAlarm by Check Point 20171125
Zoner 20171125
The file being studied is an Apple Disk Image! More specifically it follows the Universal Disk Image Format, commonly found with the DMG extension.
File signature
Identifier com.winzip.WinZip-Mac
Format bundle with Mach-O thin (x86_64)
CDHash df53a167c4edb9f0f8ef958337e1a7100cf2e67d
Signature size 8562
Authority Developer ID Application: WinZip Computing LLC
Authority Developer ID Certification Authority
Authority Apple Root CA
Timestamp Jun 8, 2016, 7:10:09 AM
Info.plist entries 32
TeamIdentifier BMU44B99F8
Signature verification Valid Signature
Signing Certificates
[+] WinZip Computing LLC
Status Valid
Issuer Apple Inc.
Valid from 07:03 AM 02/18/2013
Valid to 07:03 AM 02/19/2018
Valid usage Digital Signature, Code Signing
Algorithm sha256WithRSAEncryption
Thumbprint 77FDCFCAF5D570097083388599C704100334898E
Serial number 37 4C CA D1 39 38 6A 25
[+] Apple Inc.
Status Valid
Issuer Apple Inc.
Valid from 10:12 PM 02/01/2012
Valid to 10:12 PM 02/01/2027
Valid usage Digital Signature, Certificate Sign, CRL Sign
Algorithm sha256WithRSAEncryption
Thumbprint 3B166C3B7DC4B751C9FE2AFAB9135641E388E186
Serial number 18 7A A9 A8 C2 96 21 0C
[+] Apple Inc.
Status Valid
Issuer Apple Inc.
Valid from 09:40 PM 04/25/2006
Valid to 09:40 PM 02/09/2035
Valid usage Certificate Sign, CRL Sign
Algorithm sha1WithRSAEncryption
Thumbprint 611E5B662C593A08FF58D14AE22452D198DF6C60
Serial number 2
DMG HFS Property List
CFBundleHelpBookName WinZip Help
NSHumanReadableCopyright Copyright © 2016 WinZip International LLC All rights reserved.
DTXcodeBuild 7C68
UTImportedTypeDeclarations {u'UTTypeConformsTo': [u'public.data', u'public.archive'], u'UTTypeIconName': u'file-rar.icns', u'UTTypeDescription': u'RAR archive', u'UTTypeIdentifier': u'com.rarlab.rar-archive', u'UTTypeTagSpecification': {u'public.mime-type': [u'application/x-rar-compressed', u'application/rar', u'application/x-rar'], u'public.filename-extension': [u'rar', u'cbr'], u'com.apple.macos.ostype': u'RARf'}, u'UTTypeReferenceURL': u'http://www.rarlab.com/'}
{u'UTTypeConformsTo': [u'public.data', u'public.archive'], u'UTTypeIconName': u'file-7z.icns', u'UTTypeDescription': u'7z archive', u'UTTypeIdentifier': u'org.7-zip.7-zip-archive', u'UTTypeTagSpecification': {u'public.mime-type': [u'application/x-7z-compressed', u'application/7z', u'application/x-7z'], u'public.filename-extension': [u'7z']}, u'UTTypeReferenceURL': u'http://www.7-zip.org'}
{u'UTTypeIdentifier': u'public.archive.lha', u'UTTypeIconName': u'file-lha.icns', u'UTTypeTagSpecification': {u'public.mime-type': [u'application/lzh'], u'public.filename-extension': [u'lha', u'lzh'], u'com.apple.macos.ostype': u'LHA '}, u'UTTypeDescription': u'LHA archive', u'UTTypeConformsTo': [u'public.data', u'public.archive']}
CFBundleSupportedPlatforms MacOSX
CFBundleIdentifier com.winzip.WinZip-Mac
CFBundleDocumentTypes {u'CFBundleTypeRole': u'Editor', u'CFBundleTypeIconFile': u'file-lha.icns', u'LSItemContentTypes': [u'com.winzip.lha-archive', u'public.archive.lha'], u'CFBundleTypeExtensions': [u'lha', u'lzh'], u'CFBundleTypeName': u'LHa Archive', u'NSDocumentClass': u'MZZipArchive', u'NSPersistentStoreTypeKey': u'Binary', u'LSTypeIsPackage': False}
{u'CFBundleTypeRole': u'Editor', u'CFBundleTypeIconFile': u'file-zipx.icns', u'LSItemContentTypes': [u'com.winzip.zipx-archive'], u'CFBundleTypeExtensions': [u'zipx'], u'CFBundleTypeName': u'Zipx Archive', u'NSDocumentClass': u'MZZipArchive', u'NSPersistentStoreTypeKey': u'Binary', u'LSTypeIsPackage': False}
{u'CFBundleTypeRole': u'Editor', u'CFBundleTypeIconFile': u'file-zip.icns', u'LSItemContentTypes': [u'com.winzip.zip-archive', u'public.zip-archive', u'com.pkware.zip-archive'], u'CFBundleTypeExtensions': [u'zip'], u'CFBundleTypeName': u'Zip Archive', u'NSDocumentClass': u'MZZipArchive', u'NSPersistentStoreTypeKey': u'Binary', u'LSTypeIsPackage': False}
{u'CFBundleTypeRole': u'Viewer', u'CFBundleTypeIconFile': u'file-rar.icns', u'LSItemContentTypes': [u'com.rarlab.rar-archive'], u'CFBundleTypeExtensions': [u'rar'], u'CFBundleTypeName': u'Rar Archive', u'NSDocumentClass': u'MZZipArchive', u'NSPersistentStoreTypeKey': u'Binary', u'LSTypeIsPackage': False}
{u'CFBundleTypeRole': u'Viewer', u'CFBundleTypeIconFile': u'file-7z.icns', u'LSItemContentTypes': [u'org.7-zip.7-zip-archive'], u'CFBundleTypeExtensions': [u'7z'], u'CFBundleTypeName': u'7z Archive', u'NSDocumentClass': u'MZZipArchive', u'NSPersistentStoreTypeKey': u'Binary', u'LSTypeIsPackage': False}
{u'CFBundleTypeRole': u'None', u'CFBundleTypeExtensions': [u'*'], u'CFBundleTypeName': u'Dragged Files', u'NSPersistentStoreTypeKey': u'Binary', u'LSTypeIsPackage': False, u'CFBundleTypeOSTypes': [u'****']}
DTSDKName macosx10.11
DTSDKBuild 15C43
OSAScriptingDefinition WinZip.sdef
CFBundleShortVersionString 5.0
BuildMachineOSBuild 15A284
CFBundleInfoDictionaryVersion 6.0
CFBundleExecutable WinZip
LSMinimumSystemVersion 10.8
NSAppTransportSecurity NSAllowsArbitraryLoads: True
CFBundleVersion 5.0.3160
CFBundleIconFile WinZip-Icon.icns
DTPlatformBuild 7C68
NSMainNibFile MainMenu
DTXcode 0720
CFBundleDevelopmentRegion English
CFBundleURLTypes {u'CFBundleURLName': u'com.winzip.WinZip-Mac', u'CFBundleURLSchemes': [u'db-a4091okatd17nfc'], u'CFBundleTypeRole': u'Viewer', u'CFBundleURLIconFile': u'WinZip-Icon'}
DTCompiler com.apple.compilers.llvm.clang.1_0
NSAppleScriptEnabled True
CFBundleSignature wzip
CFBundleHelpBookFolder Help
UTExportedTypeDeclarations {u'UTTypeIdentifier': u'com.winzip.zip-archive', u'UTTypeTagSpecification': {u'public.filename-extension': [u'zip']}, u'UTTypeConformsTo': [u'public.data'], u'UTTypeDescription': u'WinZip Zip Archive', u'UTTypeReferenceURL': u'http://winzip.com'}
{u'UTTypeIdentifier': u'com.winzip.zipx-archive', u'UTTypeTagSpecification': {u'public.filename-extension': [u'zipx']}, u'UTTypeConformsTo': [u'public.data'], u'UTTypeDescription': u'WinZip Zipx Archive', u'UTTypeReferenceURL': u'http://winzip.com'}
{u'UTTypeIdentifier': u'com.winzip.lha-archive', u'UTTypeTagSpecification': {u'public.mime-type': [u'application/lzh'], u'public.filename-extension': [u'lha', u'lzh']}, u'UTTypeConformsTo': [u'public.data', u'public.archive', u'public.archive.lha'], u'UTTypeDescription': u'WinZip LHA Archive', u'UTTypeReferenceURL': u'http://winzip.com'}
DTPlatformVersion GM
CFBundleName WinZip
CFBundlePackageType APPL
NSPrincipalClass NSApplication
Contained Mac OS X executables
Contained file bundles
BLKX Table
Entry Attributes
Driver Descriptor Map (DDM : 0) 0x0050
Apple (Apple_partition_map : 1) 0x0050
disk image (Apple_HFS : 2) 0x0050
DMG XML Property List
Entry Attributes
ID:0 0x0050
DMG structural properties
DMG version
4
Data fork offset
0x0
Data fork length
13354548
Resource fork offset
0x0
Resource fork length
0
Resource fork keys
blkx, plst
Running data fork offset
0x0
XML offset
0x13354548
XML length
6250
PLST keys
resource-fork
File identification
MD5 d63c398f1654da2b5146fb22d4d6f260
SHA1 0e57dfac984b6c165b604197a4489a0e5ea35e8b
SHA256 9f616617838e6180879e6f4816049830b96d5450cf18de2500e06836cd424013
ssdeep
393216:Rdt12WMqksKEie4bBLC7WIJelTFNn7jjq4n:JRMVsKrVL/TFNnr

File size 12.7 MB ( 13361310 bytes )
File type Macintosh Disk Image
Magic literal
bzip2 compressed data, block size = 100k

TrID Macintosh Disk image (BZ2 compressed) (95.1%)
bzip2 compressed archive (3.6%)
PrintFox/Pagefox bitmap (var. B) (1.2%)
Tags
dmg

VirusTotal metadata
First submission 2016-07-05 17:37:30 UTC ( 2 years, 7 months ago )
Last submission 2017-07-09 04:04:17 UTC ( 1 year, 7 months ago )
File names winzipmacedition50.dmg
931842
winzip.dmg
winzipmacedition50.dmg
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Moved files
Created processes
HTTP requests
DNS requests
TCP connections