× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: ee6409be3374200b92ac9c85ff2647ab498ce03116d665985481a4a025a13ad0
File name: Uninstall Mainorne.app.zip
Detection ratio: 15 / 54
Analysis date: 2015-11-18 15:35:15 UTC ( 2 years ago )
Antivirus Result Update
ALYac Adware.MAC.OSX.Genieo.KP 20151118
Arcabit Adware.MAC.OSX.Genieo.KP 20151118
Avast MacOS:Genieo-AU [Adw] 20151118
AVG OSX/Genieo 20151118
Avira (no cloud) PUA/OSX.Genieo.633 20151118
BitDefender Adware.MAC.OSX.Genieo.KP 20151118
DrWeb Mac.Trojan.Genieo.8 20151118
Emsisoft Adware.MAC.OSX.Genieo.KP (B) 20151118
ESET-NOD32 a variant of OSX/Adware.Genieo.R 20151118
F-Secure Adware.MAC.OSX 20151118
GData Adware.MAC.OSX.Genieo.KP 20151118
eScan Adware.MAC.OSX.Genieo.KP 20151118
NANO-Antivirus Riskware.Mac.MLW.dxzdho 20151118
nProtect Adware.MAC.OSX.Genieo.KP 20151118
Sophos AV Generic PUA PD (PUA) 20151118
AegisLab 20151118
Yandex 20151118
AhnLab-V3 20151118
Alibaba 20151118
Antiy-AVL 20151118
AVware 20151118
Baidu-International 20151118
Bkav 20151118
ByteHero 20151118
CAT-QuickHeal 20151118
ClamAV 20151118
CMC 20151118
Comodo 20151118
Cyren 20151118
F-Prot 20151118
Fortinet 20151118
Ikarus 20151118
Jiangmin 20151117
K7AntiVirus 20151118
K7GW 20151118
Kaspersky 20151118
Malwarebytes 20151118
McAfee 20151118
McAfee-GW-Edition 20151118
Microsoft 20151118
Panda 20151117
Qihoo-360 20151118
Rising 20151117
SUPERAntiSpyware 20151118
Symantec 20151117
Tencent 20151118
TheHacker 20151118
TrendMicro 20151118
TrendMicro-HouseCall 20151118
VBA32 20151117
VIPRE 20151118
ViRobot 20151118
Zillya 20151117
Zoner 20151118
The file being studied is a compressed stream! More specifically, it is a ZIP file.
File signature
Identifier com.nibrahim.AppNIB
Format bundle with Mach-O thin (x86_64)
CDHash 04ae4a2ea4e3d683057dca0f1c10f9d6371adeef
Signature size 8524
Authority Developer ID Application: Nadav Ibrahim (ZK66LRKQ9N)
Authority Developer ID Certification Authority
Authority Apple Root CA
Timestamp Oct 8, 2015, 10:22:22 AM
Info.plist entries 23
TeamIdentifier ZK66LRKQ9N
Interesting properties
The studied file contains at least one Mac OS X executable.
Contained files
Compression metadata
Contained files
20
Uncompressed size
648084
Highest datetime
2015-11-06 18:32:26
Lowest datetime
2015-11-06 18:32:26
Contained files by extension
nib
3
png
2
Contained files by type
unknown
8
directory
6
XML
3
PNG
2
Mac OS X Executable
1
ExifTool file metadata
MIMEType
application/zip

ZipRequiredVersion
10

ZipCRC
0x00000000

FileType
ZIP

ZipCompression
None

ZipUncompressedSize
0

ZipCompressedSize
0

FileTypeExtension
zip

ZipFileName
Uninstall Mainorne.app/

ZipBitFlag
0

ZipModifyDate
2015:11:06 18:32:13

File identification
MD5 0550a96161a81ad23271612cb6331aa3
SHA1 f059ac6b4be5f7f4884fb2909c54ca4e7d2a75cf
SHA256 ee6409be3374200b92ac9c85ff2647ab498ce03116d665985481a4a025a13ad0
ssdeep
6144:XVZF5KT8olfAGmVNjj56WoOUTERsRXvOb2oWraH8Nb06XU0wrPPh17:fF4T8otAGENSOUAiRXvNVU8NRXURPPhB

File size 311.3 KB ( 318810 bytes )
File type ZIP
Magic literal
Zip archive data, at least v1.0 to extract

TrID ZIP compressed archive (99.8%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.1%)
Tags
contains-macho zip

VirusTotal metadata
First submission 2015-11-08 09:13:04 UTC ( 2 years ago )
Last submission 2015-11-18 15:35:15 UTC ( 2 years ago )
File names Uninstall Mainorne.app.zip
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Moved files
Created processes
HTTP requests
DNS requests
TCP connections