× Les cookies sont désactivés ! Ce site exige que les cookies soient activés pour fonctionner correctement
SHA256: 4475de83de02cb6c8e0be61a8eef8ff1e5c3e8aaa08c27d6416a96e8935f548d
Nom du fichier : AdwareMedic.dmg
Ratio de détection : 0 / 57
Date d'analyse : 2018-02-25 08:00:33 UTC (il y a 11 mois) Voir les derniers
Antivirus Résultat Mise à jour
Ad-Aware 20180225
AegisLab 20180225
AhnLab-V3 20180224
Alibaba 20180224
ALYac 20180225
Antiy-AVL 20180224
Arcabit 20180225
Avast 20180225
Avast-Mobile 20180224
AVG 20180225
Avira (no cloud) 20180224
AVware 20180225
Baidu 20180208
BitDefender 20180225
Bkav 20180224
CAT-QuickHeal 20180224
ClamAV 20180225
CMC 20180225
Comodo 20180225
CrowdStrike Falcon (ML) 20170201
Cybereason None
Cylance 20180225
Cyren 20180225
DrWeb 20180225
eGambit 20180225
Emsisoft 20180225
Endgame 20180223
ESET-NOD32 20180225
F-Prot 20180225
F-Secure 20180225
Fortinet 20180225
GData 20180225
Ikarus 20180224
Sophos ML 20180121
Jiangmin 20180225
K7AntiVirus 20180225
K7GW 20180225
Kaspersky 20180225
Kingsoft 20180225
Malwarebytes 20180225
MAX 20180225
McAfee 20180225
McAfee-GW-Edition 20180225
Microsoft 20180225
eScan 20180225
NANO-Antivirus 20180225
nProtect 20180225
Palo Alto Networks (Known Signatures) 20180225
Panda 20180224
Qihoo-360 20180225
Rising 20180225
SentinelOne (Static ML) 20180115
Sophos AV 20180225
SUPERAntiSpyware 20180224
Symantec 20180224
Symantec Mobile Insight 20180220
Tencent 20180225
TheHacker 20180224
Trustlook 20180225
VBA32 20180223
VIPRE 20180225
ViRobot 20180224
Webroot 20180225
WhiteArmor 20180223
Yandex 20180222
Zillya 20180223
ZoneAlarm by Check Point 20180225
Zoner 20180225
The file being studied is an Apple Disk Image! More specifically it follows the Universal Disk Image Format, commonly found with the DMG extension.
File signature
Identifier com.thesafemac.adwaremedic
Format bundle with Mach-O thin (i386)
CDHash 701fb754c6936fdddee154d122cf7f4b9dda4426
Signature size 8521
Authority Developer ID Application: Thomas Reed (DKYMKWTFCU)
Authority Developer ID Certification Authority
Authority Apple Root CA
Timestamp Jun 10, 2015, 2:35:02 PM
Info.plist entries 14
TeamIdentifier DKYMKWTFCU
Main executable
Package path /AdwareMedic.app/Contents/Frameworks/Sparkle.framework/Versions/A/Resources/Autoupdate.app/Contents/MacOS/Autoupdate
Detection ratio 0 / 55 when this report was generated
File size 197920 Bytes
HFS File ID 5299
Contained Mac OS X executables
Contained file bundles
BLKX Table
Entry Attributes
Protective Master Boot Record (MBR : 0) 0x0050
GPT Header (Primary GPT Header : 1) 0x0050
GPT Partition Data (Primary GPT Table : 2) 0x0050
(Apple_Free : 3) 0x0050
disk image (Apple_HFS : 4) 0x0050
(Apple_Free : 5) 0x0050
GPT Partition Data (Backup GPT Table : 6) 0x0050
GPT Header (Backup GPT Header : 7) 0x0050
DMG XML Property List
Entry Attributes
ID:0 0x0050
DMG structural properties
DMG version
4
Data fork offset
0x0
Data fork length
7058820
Resource fork offset
0x0
Resource fork length
0
Resource fork keys
blkx, plst
Running data fork offset
0x0
XML offset
0x7058820
XML length
9216
PLST keys
resource-fork
File identification
MD5 219c3e34efaecddf9969570c0064ed0a
SHA1 20363e27dd391aafafa19ac9ba42a4b6ac4ada38
SHA256 4475de83de02cb6c8e0be61a8eef8ff1e5c3e8aaa08c27d6416a96e8935f548d
ssdeep
196608:kIl9i77b5GUgbQ0NXdJ+GKQ57vdpmwWaycEi:ki9iT5GZgGKE7vmLa0

File size 6.7 MB ( 7068548 bytes )
File type Macintosh Disk Image
Magic literal
VAX COFF executable not stripped - version 16959

TrID Macintosh Disk image (BZlib compressed) (97.6%)
ZLIB compressed data (var. 1) (2.3%)
Tags
dmg

VirusTotal metadata
First submission 2015-06-14 07:42:51 UTC (il y a 3 ans, 7 mois)
Last submission 2018-02-25 08:00:33 UTC (il y a 11 mois)
Noms du fichier filename
AdwareMedic.dmg
Aucun commentaire. Aucun membre de la communauté VirusTotal n'a encore commenté cet élément, soyez le premier à le faire !

Laissez votre commentaire...

?
Poster un commentaire

Vous n'êtes pas connecté. Seuls les utilisateurs enregistrés peuvent laisser des commentaires, connectez-vous pour commenter !

Aucun vote. Personne n'a encore voté pour cet élément, soyez le premier à le faire !
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Created processes
HTTP requests
DNS requests
TCP connections