× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: a21762dbc5cec3787e30af68daf8c2d361defc435cbf35142dbde6df2289afa0
File name: 958030
Detection ratio: 0 / 56
Analysis date: 2017-01-11 23:52:05 UTC ( 1 year ago ) View latest
Antivirus Result Update
Ad-Aware 20170111
AegisLab 20170111
AhnLab-V3 20170111
Alibaba 20170111
ALYac 20170112
Antiy-AVL 20170112
Arcabit 20170112
Avast 20170112
AVG 20170112
Avira (no cloud) 20170111
AVware 20170112
Baidu 20170111
BitDefender 20170111
Bkav 20170111
CAT-QuickHeal 20170111
ClamAV 20170111
CMC 20170111
Comodo 20170111
CrowdStrike Falcon (ML) 20161024
Cyren 20170112
DrWeb 20170112
Emsisoft 20170112
ESET-NOD32 20170111
F-Prot 20170112
F-Secure 20170111
Fortinet 20170112
GData 20170111
Ikarus 20170111
Sophos ML 20170111
Jiangmin 20170111
K7AntiVirus 20170111
K7GW 20170111
Kaspersky 20170111
Kingsoft 20170112
Malwarebytes 20170111
McAfee 20170108
McAfee-GW-Edition 20170111
Microsoft 20170111
eScan 20170111
NANO-Antivirus 20170111
nProtect 20170111
Panda 20170111
Qihoo-360 20170112
Rising 20170111
Sophos AV 20170111
SUPERAntiSpyware 20170111
Symantec 20170111
Tencent 20170112
TheHacker 20170111
TotalDefense 20170111
TrendMicro 20170111
TrendMicro-HouseCall 20170111
Trustlook 20170112
VBA32 20170110
VIPRE 20170111
ViRobot 20170111
WhiteArmor 20170111
Yandex 20170111
Zillya 20170111
Zoner 20170111
The file being studied is an Apple Disk Image! More specifically it follows the Universal Disk Image Format, commonly found with the DMG extension.
File signature
Identifier tenorshare.com. UltData
Format bundle with Mach-O thin (i386)
CDHash 35b8789f6b15dfe68986f9e6faf839478d844fae
Signature size 8914
Authority Developer ID Application: Tenorshare Co., Ltd.
Authority Developer ID Certification Authority
Authority Apple Root CA
Timestamp Jan 4, 2017, 8:11:44 AM
Info.plist entries 8
TeamIdentifier RSKV7TG784
Signature verification Valid Signature
Signing Certificates
[+] Tenorshare Co., Ltd.
Status Valid
Issuer Apple Inc.
Valid from 01:16 AM 12/20/2012
Valid to 01:16 AM 12/21/2017
Valid usage Digital Signature, Code Signing
Algorithm sha256WithRSAEncryption
Thumbprint 867718A6AAAC89807809B5024A9E4925C290255F
Serial number 3D DD 5C C0 BA 8D E8 65
[+] Apple Inc.
Status Valid
Issuer Apple Inc.
Valid from 10:12 PM 02/01/2012
Valid to 10:12 PM 02/01/2027
Valid usage Digital Signature, Certificate Sign, CRL Sign
Algorithm sha256WithRSAEncryption
Thumbprint 3B166C3B7DC4B751C9FE2AFAB9135641E388E186
Serial number 18 7A A9 A8 C2 96 21 0C
[+] Apple Inc.
Status Valid
Issuer Apple Inc.
Valid from 09:40 PM 04/25/2006
Valid to 09:40 PM 02/09/2035
Valid usage Certificate Sign, CRL Sign
Algorithm sha1WithRSAEncryption
Thumbprint 611E5B662C593A08FF58D14AE22452D198DF6C60
Serial number 2
Main executable
Package path /UltData.app/Contents/MacOS/UltData
Detection ratio 0 / 56 when this report was generated
File size 4098752 Bytes
HFS File ID 21381
DMG HFS Property List
CFBundleSignature ????
CFBundleIconFile logo.icns
CFBundleGetInfoString Created by Qt/QMake
CFBundleIdentifier tenorshare.com. UltData
CFBundleExecutable UltData
NSAppTransportSecurity NSAllowsArbitraryLoads: True
CFBundlePackageType APPL
NSPrincipalClass NSApplication
Contained Mac OS X executables
BLKX Table
Entry Attributes
Ê雷∏™Á£ÅÁõòÔºàApple_HFSÔºö0Ôºâ 整个磁盘(Apple_HFS:0) 0x0050
DMG XML Property List
Entry Attributes
ID:0 0x0050
DMG structural properties
DMG version
Data fork offset
Data fork length
Resource fork offset
Resource fork length
Resource fork keys
blkx, plst
Running data fork offset
XML offset
XML length
PLST keys
File identification
MD5 37cc8c72fe7c3de98142350bb4a606a4
SHA1 5b00a123a91598ecc57083cfbb6a6cd38665f924
SHA256 a21762dbc5cec3787e30af68daf8c2d361defc435cbf35142dbde6df2289afa0

File size 26.7 MB ( 27990449 bytes )
File type Macintosh Disk Image
Magic literal
VAX COFF executable - version 8482

TrID ZLIB compressed data (var. 1) (100.0%)

VirusTotal metadata
First submission 2017-01-05 14:16:32 UTC ( 1 year ago )
Last submission 2017-01-05 14:16:32 UTC ( 1 year ago )
File names tenorshare-iphone-data-recovery-for-mac-trial301.dmg
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Moved files
Created processes
HTTP requests
DNS requests
TCP connections