× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: ff4a91e6fc6cf098cc8db24f5a77cc1e85749119da4fdcf456e7ac979f268314
File name: excavator-1.0.11-mac-x64.zip
Detection ratio: 0 / 60
Analysis date: 2018-02-20 19:09:48 UTC ( 9 months, 3 weeks ago )
Antivirus Result Update
Ad-Aware 20180220
AegisLab 20180220
AhnLab-V3 20180220
Alibaba 20180216
ALYac 20180220
Antiy-AVL 20180220
Arcabit 20180220
Avast 20180220
Avast-Mobile 20180220
AVG 20180220
Avira (no cloud) 20180220
AVware 20180220
Baidu 20180208
BitDefender 20180220
Bkav 20180212
CAT-QuickHeal 20180220
ClamAV 20180220
CMC 20180220
Comodo 20180220
CrowdStrike Falcon (ML) 20170201
Cybereason None
Cylance 20180220
Cyren 20180220
DrWeb 20180220
eGambit 20180220
Emsisoft 20180220
Endgame 20180216
ESET-NOD32 20180220
F-Prot 20180220
F-Secure 20180220
Fortinet 20180220
GData 20180220
Ikarus 20180220
Sophos ML 20180121
Jiangmin 20180220
K7AntiVirus 20180220
K7GW 20180220
Kaspersky 20180220
Kingsoft 20180220
Malwarebytes 20180220
MAX 20180220
McAfee 20180220
McAfee-GW-Edition 20180220
Microsoft 20180220
eScan 20180220
NANO-Antivirus 20180220
nProtect 20180220
Palo Alto Networks (Known Signatures) 20180220
Panda 20180220
Qihoo-360 20180220
Rising 20180220
SentinelOne (Static ML) 20180115
Sophos AV 20180220
SUPERAntiSpyware 20180220
Symantec 20180220
Symantec Mobile Insight 20180220
Tencent 20180220
TheHacker 20180219
TrendMicro 20180220
TrendMicro-HouseCall 20180220
Trustlook 20180220
VBA32 20180220
VIPRE 20180220
ViRobot 20180220
Webroot 20180220
WhiteArmor 20180205
Yandex 20180220
Zillya 20180220
ZoneAlarm by Check Point 20180220
Zoner 20180220
The file being studied is a compressed stream! More specifically, it is a ZIP file. It seems to be a bundled Mac OS X application.
Interesting properties
The studied file contains at least one Mac OS X executable.
Contained files
Compression metadata
Contained files
401
Uncompressed size
188351924
Highest datetime
2018-02-17 23:42:18
Lowest datetime
2018-02-17 23:42:10
Contained files by extension
pak
56
nib
35
js
29
css
20
png
10
eot
4
ttf
4
bin
3
svg
3
txt
1
ico
1
otf
1
dat
1
sh
1
nw/
1
Contained files by type
unknown
231
directory
139
XML
10
PNG
10
Mac OS X Executable
8
script
1
JSON
1
HTML
1
ExifTool file metadata
MIMEType
application/zip

ZipRequiredVersion
10

ZipCRC
0x00000000

FileType
ZIP

ZipCompression
None

ZipUncompressedSize
0

ZipCompressedSize
0

FileTypeExtension
zip

ZipFileName
Excavator.app/

ZipBitFlag
0

ZipModifyDate
2018:02:17 23:42:05

File identification
MD5 6cdf6fc5d1008f53048d6054833b5875
SHA1 3f2f5075058b4886a33c79554a5e684c0e3864c8
SHA256 ff4a91e6fc6cf098cc8db24f5a77cc1e85749119da4fdcf456e7ac979f268314
ssdeep
1572864:IpplSChZcvYySn0Ap/7cxPJkZjOdtDIvJv9nHV5Kmu3DD1+i:cplSChmw0Ah7c5J7d5Ivt11RolN

File size 72.0 MB ( 75492819 bytes )
File type ZIP
Magic literal
Zip archive data, at least v1.0 to extract

TrID Mozilla Firefox browser extension (42.1%)
Mozilla Archive Format (gen) (36.8%)
ZIP compressed archive (21.0%)
Tags
contains-macho mac-app zip

VirusTotal metadata
First submission 2018-02-20 19:09:48 UTC ( 9 months, 3 weeks ago )
Last submission 2018-02-20 19:09:48 UTC ( 9 months, 3 weeks ago )
File names excavator-1.0.11-mac-x64.zip
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Moved files
Created processes
HTTP requests
DNS requests
TCP connections
UDP communications