× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: d42b34695e833e27c67bec623fcbbfef8dd3d93e4b29a79d951447078eb44e0c
File name: stanjamesgib.app.zip
Detection ratio: 0 / 57
Analysis date: 2017-12-07 15:53:47 UTC ( 2 months, 2 weeks ago )
Antivirus Result Update
Ad-Aware 20171207
AegisLab 20171207
AhnLab-V3 20171207
Alibaba 20171207
ALYac 20171207
Antiy-AVL 20171207
Arcabit 20171207
Avast 20171207
Avast-Mobile 20171207
AVG 20171207
Avira (no cloud) 20171207
AVware 20171207
Baidu 20171207
BitDefender 20171207
Bkav 20171207
CAT-QuickHeal 20171206
ClamAV 20171207
Comodo 20171207
CrowdStrike Falcon (ML) 20171016
Cybereason None
Cyren 20171207
DrWeb 20171207
eGambit 20171207
Emsisoft 20171207
Endgame 20171130
ESET-NOD32 20171207
F-Prot 20171207
F-Secure 20171207
Fortinet 20171207
GData 20171207
Ikarus 20171207
Sophos ML 20170914
Jiangmin 20171207
K7AntiVirus 20171205
K7GW 20171207
Kingsoft 20171207
Malwarebytes 20171207
MAX 20171207
McAfee 20171207
McAfee-GW-Edition 20171207
Microsoft 20171207
eScan 20171207
NANO-Antivirus 20171207
nProtect 20171207
Palo Alto Networks (Known Signatures) 20171207
Panda 20171207
Qihoo-360 20171207
Rising 20171207
SentinelOne (Static ML) 20171207
Sophos AV 20171207
SUPERAntiSpyware 20171207
Symantec 20171207
Symantec Mobile Insight 20171207
Tencent 20171207
TheHacker 20171205
TrendMicro-HouseCall 20171207
Trustlook 20171207
VBA32 20171207
VIPRE 20171207
ViRobot 20171207
Webroot 20171207
WhiteArmor 20171204
Yandex 20171207
Zillya 20171206
ZoneAlarm by Check Point 20171207
Zoner 20171207
The file being studied is a compressed stream! More specifically, it is a ZIP file. It seems to be a bundled Mac OS X application.
File signature
Identifier com.stanjamesgib.mpn.stanjamesgibMPP.wine
Format bundle with generic
CDHash efe329f4aa1bb2cd80d2ecd87741694b03fd5123
Signature size 8921
Authority Developer ID Application: Ludologic Limited (4LG7A36D2S)
Authority Developer ID Certification Authority
Authority Apple Root CA
Timestamp Oct 4, 2017, 2:51:38 PM
Info.plist entries 15
TeamIdentifier 4LG7A36D2S
Signers
[+] Ludologic Limited
Status Valid
Issuer Apple Inc.
Valid from 11:33 AM 05/22/2013
Valid to 11:33 AM 05/23/2018
Valid usage Digital Signature, Code Signing
Algorithm sha256WithRSAEncryption
Thumbprint 628D5E862164CC5705244562992775830BB910D2
Serial number 43 DA 22 E2 F3 FA E6 F1
[+] Apple Inc.
Status Valid
Issuer Apple Inc.
Valid from 10:12 PM 02/01/2012
Valid to 10:12 PM 02/01/2027
Valid usage Digital Signature, Certificate Sign, CRL Sign
Algorithm sha256WithRSAEncryption
Thumbprint 3B166C3B7DC4B751C9FE2AFAB9135641E388E186
Serial number 18 7A A9 A8 C2 96 21 0C
[+] Apple Inc.
Status Valid
Issuer Apple Inc.
Valid from 09:40 PM 04/25/2006
Valid to 09:40 PM 02/09/2035
Valid usage Certificate Sign, CRL Sign
Algorithm sha1WithRSAEncryption
Thumbprint 611E5B662C593A08FF58D14AE22452D198DF6C60
Serial number 2
Interesting properties
The studied file contains at least one Portable Executable.
The studied file contains at least one Mac OS X executable.
Contained files
Compression metadata
Contained files
21462
Uncompressed size
48716949
Highest datetime
2017-12-07 16:52:02
Lowest datetime
2011-10-21 15:02:02
Contained files by extension
dat
626
dll
68
inf
52
gif
14
reg
8
enc
6
exe
4
bin
2
_en
2
nib
2
css
2
app
1
Contained files by type
unknown
607
PNG
201
directory
116
Portable Executable
37
Mac OS X Executable
13
JPG
12
GIF
7
XML
3
script
2
BMP
2
ExifTool file metadata
MIMEType
application/zip

ZipRequiredVersion
10

ZipCRC
0x00000000

FileType
ZIP

ZipCompression
None

ZipUncompressedSize
0

ZipCompressedSize
0

FileTypeExtension
zip

ZipFileName
stanjamesgib.app/

ZipBitFlag
0

ZipModifyDate
2017:10:04 20:49:22

File identification
MD5 52a8572adab4bf4a8589ac505696b5d5
SHA1 0796cca2ea86897fbadaef2d2332660796a7e0e7
SHA256 d42b34695e833e27c67bec623fcbbfef8dd3d93e4b29a79d951447078eb44e0c
ssdeep
3145728:9RZkH09CW3KefG+s8UDe95EYAhJcsL9HwmgMh403xAdQm0HLRBRs9dvq9JgCn0Ds:KPW3Kefq65heJNQsBFHVBRs9NnCn0D5S

File size 191.1 MB ( 200349593 bytes )
File type ZIP
Magic literal
Zip archive data, at least v1.0 to extract

TrID Konfabulator widget (42.1%)
Mozilla Archive Format (gen) (36.8%)
ZIP compressed archive (21.0%)
Tags
contains-macho contains-pe mac-app zip signed

VirusTotal metadata
First submission 2017-12-07 15:53:47 UTC ( 2 months, 2 weeks ago )
Last submission 2017-12-07 15:53:47 UTC ( 2 months, 2 weeks ago )
File names stanjamesgib.app.zip
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!