× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: f3ac26abdb36ebaae8e00b8b9f21a9c5f41ec817b1a82922ee72be90a63d909a
File name: libgenkit.dylib
Detection ratio: 2 / 47
Analysis date: 2014-01-06 13:19:31 UTC ( 1 year, 8 months ago ) View latest
Antivirus Result Update
Avast MacOS:Genieo-L [PUP] 20140106
ESET-NOD32 a variant of OSX/Adware.Genieo.A 20140106
AVG 20140106
Ad-Aware 20140106
Agnitum 20140106
AhnLab-V3 20140106
AntiVir 20140106
Antiy-AVL 20140106
Baidu-International 20131213
BitDefender 20140106
Bkav 20140106
ByteHero 20131226
CAT-QuickHeal 20140106
ClamAV 20140102
Commtouch 20140106
Comodo 20140106
DrWeb 20140106
Emsisoft 20140106
F-Prot 20140106
F-Secure 20140106
Fortinet 20140106
GData 20140106
Ikarus 20140106
Jiangmin 20140106
K7AntiVirus 20140106
K7GW 20140106
Kaspersky 20140106
Kingsoft 20130829
Malwarebytes 20140106
McAfee 20140106
McAfee-GW-Edition 20140106
MicroWorld-eScan 20140106
Microsoft 20140106
NANO-Antivirus 20140106
Norman 20140106
Panda 20140106
Rising 20140106
SUPERAntiSpyware 20140106
Sophos 20140106
Symantec 20140105
TheHacker 20140105
TotalDefense 20140105
TrendMicro 20140106
TrendMicro-HouseCall 20140106
VBA32 20140105
VIPRE 20140106
ViRobot 20140106
nProtect 20140106
The file being studied is a Mac OS X executable! More specifically it is a FAT multi-architecture binary, either a PPC/PPC64 binary or a universal package made up of 3 Mach-O files.
FAT multi-architecture binary
This file targets more than one architecture, this is done by packaging up 3 Mach-Os in a FAT binary. Details about each Mach-O file follow.
File header
File type dynamically bound shared library
Magic 0xfeedfacf
Required architecture x86_64
Sub-architecture X86_64_ALL
Reserved 0x0
Load commands 12
Load commands size 1528
Flags DYLDLINK
NOUNDEFS
NO_REEXPORTED_DYLIBS
TWOLEVEL
Interesting properties
This file is signed by Apple's Root Certificate Authority.
File signature
Developer ID Application Genieo Innovation Ltd.
File segments
Shared libraries
Load commands
File header
File type dynamically bound shared library
Magic 0xfeedface
Required architecture i386
Sub-architecture I386_ALL
Load commands 12
Load commands size 1400
Flags DYLDLINK
NOUNDEFS
NO_REEXPORTED_DYLIBS
TWOLEVEL
Interesting properties
This file is signed by Apple's Root Certificate Authority.
File signature
Developer ID Application Genieo Innovation Ltd.
File segments
Shared libraries
Load commands
File header
File type 0x6000000
Magic 0xcefaedfe
Required architecture 0x12000000
Sub-architecture 167772160
Load commands 184549376
Load commands size 3221487616
Flags 0x84000000
ALLMODSBOUND
NO_HEAP_EXECUTION
Load commands
File identification
MD5 464c74dcdc59c997711ae29926aea9ce
SHA1 7dbb08b0d35749e3890c17b16c848a657130ed71
SHA256 f3ac26abdb36ebaae8e00b8b9f21a9c5f41ec817b1a82922ee72be90a63d909a
ssdeep
384:1X2mUSzzEVYHkr+Q81r1NrG991rcabTTAxruFkr+Q81r1Nr+YJ16UI7Gkr+Q81rK:1mkO87MxnFO877tO87o

File size 51.0 KB ( 52224 bytes )
File type Mach-O
Magic literal
Mach-O fat file with 3 architectures

TrID Mac OS X Universal Binary executable (75.9%)
HSC music composer song (24.0%)
Tags
64bits multi-arch macho signed lib

VirusTotal metadata
First submission 2014-01-06 13:19:31 UTC ( 1 year, 8 months ago )
Last submission 2014-01-06 13:19:31 UTC ( 1 year, 8 months ago )
File names libgenkit.dylib
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!