× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: e5eb77045df64e46f7979c6c90d1a6d09db2fffc8017aa904d57e880c479b1b2
File name: MBUninstallMonitor
Detection ratio: 8 / 59
Analysis date: 2018-10-11 01:28:16 UTC ( 5 months, 1 week ago ) View latest
Antivirus Result Update
Ad-Aware Gen:Variant.Application.MAC.BecCA.1 20181011
Arcabit Trojan.Application.MAC.BecCA.1 20181010
BitDefender Gen:Variant.Application.MAC.BecCA.1 20181010
Emsisoft Gen:Variant.Application.MAC.BecCA.1 (B) 20181010
F-Secure Gen:Variant.Application.MAC 20181010
GData Gen:Variant.Application.MAC.BecCA.1 20181010
MAX malware (ai score=71) 20181011
eScan Gen:Variant.Application.MAC.BecCA.1 20181011
AegisLab 20181011
AhnLab-V3 20181010
Alibaba 20180921
ALYac 20181010
Antiy-AVL 20181011
Avast 20181010
Avast-Mobile 20181010
AVG 20181010
Avira (no cloud) 20181010
Babable 20180918
Baidu 20181010
Bkav 20181009
CAT-QuickHeal 20181010
ClamAV 20181010
CMC 20181010
Comodo 20181011
CrowdStrike Falcon (ML) 20180723
Cybereason 20180225
Cylance 20181011
Cyren 20181010
DrWeb 20181010
eGambit 20181011
Endgame 20180730
ESET-NOD32 20181011
F-Prot 20181010
Fortinet 20181010
Ikarus 20181010
Sophos ML 20180717
Jiangmin 20181009
K7AntiVirus 20181010
K7GW 20181010
Kaspersky 20181011
Kingsoft 20181011
Malwarebytes 20181011
McAfee 20181011
McAfee-GW-Edition 20181011
Microsoft 20181011
NANO-Antivirus 20181011
Palo Alto Networks (Known Signatures) 20181011
Panda 20181010
Qihoo-360 20181011
Rising 20181011
SentinelOne (Static ML) 20180926
Sophos AV 20181010
SUPERAntiSpyware 20181006
Symantec 20181010
Symantec Mobile Insight 20181001
TACHYON 20181010
Tencent 20181011
TheHacker 20181008
TotalDefense 20181010
TrendMicro 20181010
TrendMicro-HouseCall 20181010
Trustlook 20181011
VBA32 20181010
VIPRE 20181008
ViRobot 20181010
Webroot 20181011
Yandex 20181010
Zillya 20181010
ZoneAlarm by Check Point 20181011
Zoner 20181010
The file being studied is a Mac OS X executable! More specifically it is a executable file Mach-O for x86_64 based machines.
File signature
Identifier com.iobit.MBUninstallMonitor
Format Mach-O thin (x86_64)
CandidateCDHash sha1 4b044507c824b4ff590b24520db494be1194c1dc
CandidateCDHash sha256 a21b25bce3ee290a8a97df8cd8c9f73af612d547
Hash choices sha1,sha256
Page size 4096
CDHash a21b25bce3ee290a8a97df8cd8c9f73af612d547
Signature size 4624
Authority Developer ID Application: Apperience Corporation (MA9EDUZPCW)
Authority Developer ID Certification Authority
Authority Apple Root CA
Signed Time Jan 2, 2018 at 11:44:47 PM
Info.plist not bound
TeamIdentifier MA9EDUZPCW
Sealed Resources none
Signature verification Invalid
Signing Certificates
[+] Apple Inc.
Status Valid
Issuer Apple Inc.
Valid from 09:40 PM 04/25/2006
Valid to 09:40 PM 02/09/2035
Valid usage Certificate Sign, CRL Sign
Algorithm sha1WithRSAEncryption
Thumbprint 611E5B662C593A08FF58D14AE22452D198DF6C60
Serial number 2
[+] Apple Inc.
Status Valid
Issuer Apple Inc.
Valid from 10:12 PM 02/01/2012
Valid to 10:12 PM 02/01/2027
Valid usage Digital Signature, Certificate Sign, CRL Sign
Algorithm sha256WithRSAEncryption
Thumbprint 3B166C3B7DC4B751C9FE2AFAB9135641E388E186
Serial number 18 7A A9 A8 C2 96 21 0C
[+] Apperience Corporation
Status Valid
Issuer Apple Inc.
Valid from 05:36 AM 06/24/2013
Valid to 05:36 AM 06/25/2018
Valid usage Digital Signature, Code Signing
Algorithm sha256WithRSAEncryption
Thumbprint A25971C4356BEB1FE288CE5479F6052A0294F10C
Serial number 1C 95 9D 34 37 62 D3 7C
Interesting properties
This file is signed by Apple's Root Certificate Authority.
File header
File type executable file
Magic 0xfeedfacf
Required architecture x86_64
Sub-architecture X86_64_ALL
Entry point 0x100000e70
Reserved 0x0
Load commands 21
Load commands size 3536
Flags DYLDLINK
NOUNDEFS
PIE
TWOLEVEL
File segments
Shared libraries
Load commands
Compressed bundles
File identification
MD5 39acb7881c8196601f0444e460d49cd8
SHA1 e024cd796b03dfa2e16f6492b6ac0e92e878db22
SHA256 e5eb77045df64e46f7979c6c90d1a6d09db2fffc8017aa904d57e880c479b1b2
ssdeep
768:8RvHwpBlzXvRZ1SdlbYufJp5nASy3UrlUXyXU0fUAw2N6QljlzCINI6IDInGgYyQ:wohvf4YuBVy3EJzZqTIRnPXS969PY

File size 78.6 KB ( 80528 bytes )
File type Mach-O
Magic literal
Mach-O 64-bit executable

TrID Mac OS X Mach-O 64bit Intel executable (100.0%)
Tags
64bits macho signed

VirusTotal metadata
First submission 2018-01-09 10:10:19 UTC ( 1 year, 2 months ago )
Last submission 2018-01-09 10:10:19 UTC ( 1 year, 2 months ago )
File names MBUninstallMonitor
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Output
Opened files
Read files
Written files
Created processes
HTTP requests
DNS requests
TCP connections