× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: f6b336f9595d24f77e7956b0c7a9de64ce505be5124aa1670c5a55e230ef1dc3
File name: FotoSketcher.app.zip
Detection ratio: 1 / 56
Analysis date: 2017-04-22 19:40:33 UTC ( 1 month ago )
Antivirus Result Update
TheHacker Trojan/Jorik.Gbot.rdq 20170420
Ad-Aware 20170422
AegisLab 20170422
AhnLab-V3 20170422
Alibaba 20170421
ALYac 20170422
Antiy-AVL 20170422
Arcabit 20170422
AVG 20170422
Avira (no cloud) 20170422
AVware 20170422
Baidu 20170421
BitDefender 20170422
Bkav 20170422
CAT-QuickHeal 20170422
ClamAV 20170422
Comodo 20170422
CrowdStrike Falcon (ML) 20170130
Cyren 20170422
DrWeb 20170422
Emsisoft 20170422
Endgame 20170419
ESET-NOD32 20170422
F-Prot 20170422
F-Secure 20170422
Fortinet 20170422
GData 20170422
Ikarus 20170422
Invincea 20170413
Jiangmin 20170422
K7AntiVirus 20170422
K7GW 20170422
Kaspersky 20170422
Kingsoft 20170422
Malwarebytes 20170422
McAfee 20170422
McAfee-GW-Edition 20170422
Microsoft 20170422
eScan 20170422
NANO-Antivirus 20170422
nProtect 20170422
Palo Alto Networks (Known Signatures) 20170422
Panda 20170422
Qihoo-360 20170422
Rising 20170422
SentinelOne (Static ML) 20170330
Sophos 20170422
SUPERAntiSpyware 20170422
Symantec 20170422
Symantec Mobile Insight 20170422
Tencent 20170422
TrendMicro 20170422
TrendMicro-HouseCall 20170422
Trustlook 20170422
VBA32 20170421
VIPRE 20170422
ViRobot 20170422
Webroot 20170422
WhiteArmor 20170409
Yandex 20170421
Zillya 20170421
ZoneAlarm by Check Point 20170422
Zoner 20170422
The file being studied is a compressed stream! More specifically, it is a ZIP file. It seems to be a bundled Mac OS X application.
Interesting properties
The studied file contains at least one Portable Executable.
The studied file contains at least one Mac OS X executable.
Contained files
Compression metadata
Contained files
15249
Uncompressed size
24991820
Highest datetime
2017-04-22 15:37:56
Lowest datetime
2015-12-14 08:25:58
Contained files by extension
h
119
nib
59
txt
28
jpg
16
sh
16
png
6
d/
3
_A
3
exe
2
d
2
os2
2
23/
2
pem
2
pl
2
FAQ
2
aix
2
23
1
Contained files by type
unknown
731
directory
127
Mac OS X Executable
82
script
35
XML
10
JPG
8
HTML
3
PNG
3
Portable Executable
1
ExifTool file metadata
MIMEType
application/zip

ZipRequiredVersion
10

ZipCRC
0x00000000

FileType
ZIP

ZipCompression
None

ZipUncompressedSize
0

ZipCompressedSize
0

FileTypeExtension
zip

ZipFileName
FotoSketcher.app/

ZipBitFlag
0

ZipModifyDate
2017:03:02 10:08:17

File identification
MD5 199d2c7697f4712a7164e111607ab4fd
SHA1 629135620b3a32adfa8110c6a0ad1c013392f0ec
SHA256 f6b336f9595d24f77e7956b0c7a9de64ce505be5124aa1670c5a55e230ef1dc3
ssdeep
1572864:QL5EKvkCfQinGnYPBlLrkKKYYw0Xe1UhXpXOW2yXtGRmy0BRxobzWqO:nYPBFrkXYXXUGYERmy0nqO

File size 75.2 MB ( 78891728 bytes )
File type ZIP
Magic literal
Zip archive data, at least v1.0 to extract

TrID Konfabulator widget (29.6%)
foobar2000 component (29.6%)
Mozilla Archive Format (gen) (25.9%)
ZIP compressed archive (14.8%)
Tags
mac-app contains-pe contains-macho zip

VirusTotal metadata
First submission 2017-04-22 19:40:33 UTC ( 1 month ago )
Last submission 2017-04-22 19:40:33 UTC ( 1 month ago )
File names FotoSketcher.app.zip
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!