× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: dd065e79628e348ec446c825a210c27e4d6275cc1864e8435c68620afb41c60a
File name: zsh
Detection ratio: 0 / 56
Analysis date: 2017-07-03 10:53:04 UTC ( 1 year, 8 months ago ) View latest
Antivirus Result Update
Ad-Aware 20170703
AegisLab 20170703
AhnLab-V3 20170703
Alibaba 20170703
ALYac 20170703
Antiy-AVL 20170703
Arcabit 20170703
Avast 20170703
AVG 20170703
Avira (no cloud) 20170703
AVware 20170703
Baidu 20170703
BitDefender 20170703
Bkav 20170703
CAT-QuickHeal 20170703
ClamAV 20170703
CMC 20170701
Comodo 20170702
CrowdStrike Falcon (ML) 20170420
Cyren 20170703
DrWeb 20170703
Emsisoft 20170703
Endgame 20170629
ESET-NOD32 20170703
F-Prot 20170703
F-Secure 20170703
Fortinet 20170629
GData 20170703
Ikarus 20170703
Sophos ML 20170607
Jiangmin 20170703
K7AntiVirus 20170703
K7GW 20170703
Kaspersky 20170703
Kingsoft 20170703
Malwarebytes 20170703
McAfee 20170703
McAfee-GW-Edition 20170702
Microsoft 20170703
eScan 20170703
NANO-Antivirus 20170703
nProtect 20170703
Palo Alto Networks (Known Signatures) 20170703
Panda 20170702
Qihoo-360 20170703
Rising 20170703
SentinelOne (Static ML) 20170516
Sophos AV 20170703
SUPERAntiSpyware 20170703
Symantec 20170703
Symantec Mobile Insight 20170630
Tencent 20170703
TheHacker 20170702
TrendMicro 20170703
TrendMicro-HouseCall 20170703
Trustlook 20170703
VBA32 20170630
VIPRE 20170703
ViRobot 20170703
Webroot 20170703
WhiteArmor 20170627
Yandex 20170630
Zillya 20170701
ZoneAlarm by Check Point 20170703
Zoner 20170703
The file being studied is a Mac OS X executable! More specifically it is a executable file Mach-O for x86_64 based machines.
File header
File type executable file
Magic 0xfeedfacf
Required architecture x86_64
Sub-architecture X86_64_ALL
Entry point 0x1dd0
Reserved 0x0
Load commands 21
Load commands size 2384
Flags DYLDLINK
NOUNDEFS
PIE
TWOLEVEL
File segments
Shared libraries
Load commands
File identification
MD5 a6b5a543c92ca99e69b07fb655777a09
SHA1 dda6def8933c69c20185e9aeded28bb8c3cf1bbf
SHA256 dd065e79628e348ec446c825a210c27e4d6275cc1864e8435c68620afb41c60a
ssdeep
384:CMHzh+ch5kH29swIoksY4sJw4lQ1IXo/GBpm/6Xycq/IPTBRCKutWKThdaG/XrTd:CMHzYLH2S2ksY4fJ1iGuAQG/7WVQ

File size 28.3 KB ( 28928 bytes )
File type Mach-O
Magic literal
Mach-O 64-bit executable

TrID Mac OS X Mach-O 64bit Intel executable (100.0%)
Tags
64bits macho

VirusTotal metadata
First submission 2017-06-30 06:47:10 UTC ( 1 year, 8 months ago )
Last submission 2017-07-07 09:58:14 UTC ( 1 year, 8 months ago )
File names dda6def8933c69c20185e9aeded28bb8c3cf1bbf_zsh
dd065e79628e348ec446c825a210c27e4d6275cc1864e8435c68620afb41c60a.bin
zsh
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Created processes