× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: f87df65ef6dd29ad63a812bcac484b2639be98a32db572ee08ecdc576b5799cd
File name: Winbox-mac.app.zip
Detection ratio: 1 / 50
Analysis date: 2017-11-08 22:48:34 UTC ( 6 months, 2 weeks ago )
Antivirus Result Update
Jiangmin Trojan/Genome.dlco 20171110
Ad-Aware 20171110
AegisLab 20171110
AhnLab-V3 20171110
Alibaba 20170911
ALYac 20171110
Antiy-AVL 20171110
Arcabit 20171110
Avast 20171110
Avast-Mobile 20171109
AVG 20171110
Avira (no cloud) 20171110
Baidu 20171109
BitDefender 20171110
Bkav 20171109
CAT-QuickHeal 20171109
ClamAV 20171109
CMC 20171109
Comodo 20171110
CrowdStrike Falcon (ML) 20171016
Cybereason 20171030
DrWeb 20171110
eGambit 20171110
Emsisoft 20171110
Endgame 20171024
ESET-NOD32 20171110
F-Secure 20171110
Fortinet 20171110
GData 20171110
Sophos ML 20170914
K7AntiVirus 20171109
K7GW 20171110
Kaspersky 20171110
Kingsoft 20171110
Malwarebytes 20171110
MAX 20171110
McAfee-GW-Edition 20171110
eScan 20171110
NANO-Antivirus 20171110
nProtect 20171110
Palo Alto Networks (Known Signatures) 20171110
Panda 20171109
Qihoo-360 20171110
SentinelOne (Static ML) 20171019
Sophos AV 20171110
SUPERAntiSpyware 20171110
Symantec 20171109
Symantec Mobile Insight 20171110
Tencent 20171110
TheHacker 20171102
TotalDefense 20171109
TrendMicro-HouseCall 20171110
Trustlook 20171110
VBA32 20171109
ViRobot 20171110
WhiteArmor 20171104
Yandex 20171109
ZoneAlarm by Check Point 20171110
Zoner 20171110
The file being studied is a compressed stream! More specifically, it is a ZIP file. It seems to be a bundled Mac OS X application.
Interesting properties
The studied file contains at least one Portable Executable.
The studied file contains at least one Mac OS X executable.
Contained files
Compression metadata
Contained files
15117
Uncompressed size
13329076
Highest datetime
2017-10-15 14:17:24
Lowest datetime
2015-12-19 00:22:18
Contained files by extension
dll
378
ttf
146
exe
72
nib
13
png
12
h
12
drv
12
sh
12
sys
10
reg
6
tlb
6
ini
4
cpl
4
_A
3
id
2
log
2
vxd
2
ocx
2
ds
2
_c:
1
app
1
_z:
1
Contained files by type
unknown
581
Portable Executable
244
directory
135
XML
18
Mac OS X Executable
8
script
7
PNG
6
HTML
1
ExifTool file metadata
MIMEType
application/zip

ZipRequiredVersion
10

ZipCRC
0x00000000

FileType
ZIP

ZipCompression
None

ZipUncompressedSize
0

ZipCompressedSize
0

FileTypeExtension
zip

ZipFileName
Winbox-mac.app/

ZipBitFlag
0

ZipModifyDate
2017:10:12 19:00:12

File identification
MD5 fbf843451541fa8f81edac4e531611c1
SHA1 1a643c7150d070cedc491957f6843b4aa1f23d14
SHA256 f87df65ef6dd29ad63a812bcac484b2639be98a32db572ee08ecdc576b5799cd
ssdeep
1572864:uCcr5EKvkarLyptiRzChafdYn8MG18u932D9mLQbwPFbVyas:Jp8uaX3fl24LQ8NbVyas

File size 67.7 MB ( 70988346 bytes )
File type ZIP
Magic literal
Zip archive data, at least v1.0 to extract

TrID Konfabulator widget (42.1%)
Mozilla Archive Format (gen) (36.8%)
ZIP compressed archive (21.0%)
Tags
mac-app contains-pe contains-macho zip

VirusTotal metadata
First submission 2017-10-15 11:17:51 UTC ( 7 months, 1 week ago )
Last submission 2017-11-08 22:48:34 UTC ( 6 months, 2 weeks ago )
File names Winbox-mac.app.zip
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Moved files
Created processes
HTTP requests
DNS requests
TCP connections