× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: e344a0ab500fc5c86777d7f230175edb62d676b29fad27ec7547bd9b1e63969d
File name: 449390
Detection ratio: 0 / 59
Analysis date: 2018-01-07 06:11:03 UTC ( 6 months, 1 week ago ) View latest
Antivirus Result Update
Ad-Aware 20180107
AegisLab 20180105
AhnLab-V3 20180106
Alibaba 20180105
ALYac 20180107
Antiy-AVL 20180107
Arcabit 20180107
Avast 20180107
Avast-Mobile 20180105
AVG 20180107
Avira (no cloud) 20180106
AVware 20180103
Baidu 20180105
BitDefender 20180107
Bkav 20180106
CAT-QuickHeal 20180106
ClamAV 20180107
CMC 20180106
Comodo 20180107
CrowdStrike Falcon (ML) 20171016
Cybereason 20171103
Cylance 20180107
Cyren 20180107
DrWeb 20180107
eGambit 20180107
Emsisoft 20180107
Endgame 20171130
ESET-NOD32 20180106
F-Prot 20180107
F-Secure 20180107
Fortinet 20180107
GData 20180107
Sophos ML 20170914
Jiangmin 20180107
K7AntiVirus 20180107
K7GW 20180107
Kaspersky 20180107
Kingsoft 20180107
Malwarebytes 20180107
MAX 20180107
McAfee 20180102
McAfee-GW-Edition 20180107
Microsoft 20180107
eScan 20180107
NANO-Antivirus 20180107
nProtect 20180107
Palo Alto Networks (Known Signatures) 20180107
Panda 20180106
Qihoo-360 20180107
Rising 20180106
SentinelOne (Static ML) 20171224
Sophos AV 20180107
SUPERAntiSpyware 20180107
Symantec 20180106
Tencent 20180107
TheHacker 20180103
TotalDefense 20180106
TrendMicro 20180107
TrendMicro-HouseCall 20180107
Trustlook 20180107
VBA32 20180105
VIPRE 20180107
ViRobot 20180106
Webroot 20180107
WhiteArmor 20171226
Yandex 20171229
Zillya 20180105
ZoneAlarm by Check Point 20180107
Zoner 20180107
The file being studied is an Apple Disk Image! More specifically it follows the Universal Disk Image Format, commonly found with the DMG extension.
DMG HFS Property List
IFPkgFlagRootVolumeOnly True
CFBundleShortVersionString 1.0.0.0
IFMajorVersion 1
IFPkgFormatVersion 0.10000000149
IFPkgFlagRestartAction None
IFPkgFlagInstallFat False
IFPkgFlagAllowBackRev False
IFPkgFlagIsRequired False
CFBundleIdentifier net.videosurgeon.Video-Snooper.pkg
IFMinorVersion 0
IFPkgFlagFollowLinks True
IFPkgFlagAuthorizationAction RootAuthorization
IFPkgFlagInstalledSize 7700
IFPkgFlagDefaultLocation /
IFPkgFlagRelocatable False
IFPkgFlagUpdateInstalledLanguages False
IFPkgFlagOverwritePermissions False
Contained Mac OS X executables
Contained file bundles
BLKX Table
Entry Attributes
Driver Descriptor Map (DDM : 0) 0x0050
Apple (Apple_partition_map : 1) 0x0050
disk image (Apple_HFS : 2) 0x0050
(Apple_Free : 3) 0x0050
DMG XML Property List
Entry Attributes
ID:0 0x0050
DMG structural properties
DMG version
4
Data fork offset
0x0
Data fork length
3493239
Resource fork offset
0x0
Resource fork length
0
Resource fork keys
blkx, plst
Running data fork offset
0x0
XML offset
0x3493239
XML length
7020
PLST keys
resource-fork
File identification
MD5 e1e7b63091035399c87ff53443ce529b
SHA1 f322463f3934859c721292b11b2c9b7f96bfaa14
SHA256 e344a0ab500fc5c86777d7f230175edb62d676b29fad27ec7547bd9b1e63969d
ssdeep
98304:vo0Jt38xEo8UIwvroc89z3gTjgJC1dPRHPFvC:vwxEo/IwvrK9Yjgo1j

File size 3.3 MB ( 3500771 bytes )
File type Macintosh Disk Image
Magic literal
VAX COFF executable not stripped - version 11080

TrID ZLIB compressed data (var. 1) (100.0%)
Tags
dmg

VirusTotal metadata
First submission 2015-07-01 16:51:27 UTC ( 3 years ago )
Last submission 2018-05-23 14:45:03 UTC ( 1 month, 3 weeks ago )
File names VideoSnooper-EMC.dmg
449390
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Moved files
Created processes