× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: d0e6dde42506f5d2f7e926de20e88c8f75a430d23e4f079d3f3bbd1919230e83
File name: filename
Detection ratio: 25 / 56
Analysis date: 2015-12-05 10:03:33 UTC ( 8 months, 3 weeks ago )
Antivirus Result Update
ALYac Adware.MAC.OSX.Genieo.A 20151204
AVG OSX/AdLoad.C 20151205
Ad-Aware Adware.MAC.OSX.Genieo.A 20151205
Arcabit Adware.MAC.OSX.Genieo.A 20151205
Avast MacOS:Genieo-AB [Adw] 20151205
BitDefender Adware.MAC.OSX.Genieo.A 20151205
CAT-QuickHeal Adware.MacOSX.Geonei.A 20151205
ClamAV Osx.Trojan.Genieo-1 20151204
Comodo ApplicUnwnt 20151202
DrWeb Trojan.Genieo.1 20151205
ESET-NOD32 OSX/Adware.Genieo.A 20151205
Emsisoft Adware.MAC.OSX.Genieo.A (B) 20151205
F-Secure Application:OSX/Genieo 20151205
GData Adware.MAC.OSX.Genieo.A 20151205
Ikarus AdWare.MAC.OSX.Genieo 20151205
Kaspersky not-a-virus:AdWare.OSX.Geonei.d 20151205
McAfee OSX/Genieo.gen.a 20151205
McAfee-GW-Edition OSX/Genieo.gen.a 20151205
eScan Adware.MAC.OSX.Genieo.A 20151205
NANO-Antivirus Riskware.Mac.Genieo.dusarr 20151205
Qihoo-360 Win32/Trojan.Adware.523 20151205
Sophos OSX/Geonei-A 20151205
Symantec OSX.Malcol 20151204
Tencent Win32.Adware.Genieo.Dztm 20151205
nProtect Adware.MAC.OSX.Genieo.A 20151204
AVware 20151205
AegisLab 20151205
Yandex 20151204
AhnLab-V3 20151204
Alibaba 20151204
Antiy-AVL 20151205
Avira (no cloud) 20151205
Baidu-International 20151205
Bkav 20151204
ByteHero 20151205
CMC 20151201
Cyren 20151205
F-Prot 20151205
Fortinet 20151204
Jiangmin 20151204
K7AntiVirus 20151202
K7GW 20151202
Malwarebytes 20151205
Microsoft 20151205
Panda 20151204
Rising 20151203
SUPERAntiSpyware 20151205
TheHacker 20151205
TotalDefense 20151205
TrendMicro 20151205
TrendMicro-HouseCall 20151205
VBA32 20151204
VIPRE 20151205
ViRobot 20151205
Zillya 20151205
Zoner 20151205
The file being studied is an Apple Disk Image! More specifically it follows the Universal Disk Image Format, commonly found with the DMG extension.
File signature
Identifier com.yourcompany.Installer
Format bundle with Mach-O universal (i386 ppc7400 x86_64)
CDHash eaf9dd4ef17def38cfbdba2f3c6601065173de1a
Signature size 4238
Authority Developer ID Application: Genieo Innovation Ltd.
Authority Developer ID Certification Authority
Authority Apple Root CA
Signed Time Jun 17, 2013, 12:53:39 PM
Info.plist entries 14
TeamIdentifier not set
Main executable
Package path /InstallGenieo.app/Contents/MacOS/Installer
Detection ratio 15 / 50 when this report was generated
File size 227216 Bytes
HFS File ID 29
DMG HFS Property List
Java JVMVersion: 1.6+
MainClass: com.genieo.RemoveGenieoMac
ClassPath: $JAVAROOT/uninstall_genieo_mac.jar
CFBundleSignature ????
CFBundleInfoDictionaryVersion 6.0
CFBundleIconFile uninstall.icns
CFBundleAllowMixedLocalizations true
CFBundleIdentifier com.genieo.RemoveGenieoMac
CFBundleDevelopmentRegion English
CFBundleExecutable JavaApplicationStub
CFBundleName Uninstall Genieo
CFBundleVersion 100.0
CFBundlePackageType APPL
Contained Mac OS X executables
Contained file bundles
BLKX Table
Entry Attributes
Driver Descriptor Map (DDM : 0) 0x0050
Apple (Apple_partition_map : 1) 0x0050
disk image (Apple_HFS : 2) 0x0050
(Apple_Free : 3) 0x0050
DMG XML Property List
Entry Attributes
ID:0 0x0050
DMG structural properties
DMG version
Data fork offset
Data fork length
Resource fork offset
Resource fork length
Resource fork keys
blkx, plst
Running data fork offset
XML offset
XML length
PLST keys
File identification
MD5 856674274661ce3883045b1431cabf1f
SHA1 7c9a133140a3fd284da618adf536291a891387d4
SHA256 d0e6dde42506f5d2f7e926de20e88c8f75a430d23e4f079d3f3bbd1919230e83

File size 630.9 KB ( 646085 bytes )
File type Macintosh Disk Image
Magic literal

TrID pzip compressed (50.0%)
Disk Image (Macintosh) (25.0%)
XMill compressed XML (25.0%)
dmg signed

VirusTotal metadata
First submission 2013-06-20 00:45:24 UTC ( 3 years, 2 months ago )
Last submission 2015-12-05 10:03:33 UTC ( 8 months, 3 weeks ago )
File names f0b204bec83b734dfa2c1e318ea322e0
ExifTool file metadata
2014:04:15 21:34:16+01:00

2014:04:15 21:34:16+01:00

No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Moved files
Created processes
HTTP requests
DNS requests
TCP connections