× Cookie が無効になっています。 このサイトを正しく動作させるには、Cookie を有効にする必要があります
SHA256: 013623e5e50449bbdf6943549d8224a122aa6c42bd3300a1bd2b743b01ae6793
ファイル名: Handbrake.dmg
検出率: 29 / 59
分析日時: 2017-11-02 11:50:21 UTC (2 週間, 4 日前)
ウイルス対策ソフト 結果 更新日
Ad-Aware Trojan.MAC.Proton.A 20171102
AhnLab-V3 BinImage/Proton 20171102
ALYac Trojan.OSX.Proton 20171102
Antiy-AVL Trojan[Backdoor]/OSX.Proton 20171102
Arcabit Trojan.MAC.Proton.A 20171102
Avast MacOS:Proton-A [Trj] 20171102
AVG MacOS:Proton-A [Trj] 20171102
Avira (no cloud) OSX/Proton.uoopm 20171102
BitDefender Trojan.MAC.Proton.A 20171102
ClamAV Osx.Trojan.Proton-6316148-0 20171102
Comodo UnclassifiedMalware 20171102
Cyren Trojan.INJM-7 20171102
DrWeb Mac.BackDoor.Proton.1 20171102
Emsisoft Trojan.MAC.Proton.A (B) 20171102
ESET-NOD32 OSX/Proton.A 20171102
F-Secure Backdoor:OSX/Proton.A 20171102
GData Trojan.MAC.Proton.A 20171102
Ikarus Trojan.OSX.Proton.A 20171102
Kaspersky HEUR:Backdoor.OSX.Proton.b 20171102
MAX malware (ai score=86) 20171102
McAfee OSX/Generics.p 20171031
McAfee-GW-Edition OSX/Generics.p 20171102
eScan Trojan.MAC.Proton.A 20171102
NANO-Antivirus Trojan.Mac.Proton.eokpjt 20171102
Sophos AV OSX/Proton-A 20171102
Symantec OSX.Dropper 20171102
TrendMicro OSX_PROTON.A 20171102
TrendMicro-HouseCall OSX_PROTON.A 20171102
ZoneAlarm by Check Point HEUR:Backdoor.OSX.Proton.b 20171102
AegisLab 20171102
Alibaba 20170911
Avast-Mobile 20171102
AVware 20171102
Baidu 20171101
Bkav 20171102
CAT-QuickHeal 20171102
CMC 20171102
CrowdStrike Falcon (ML) 20171016
Cybereason None
Cylance 20171102
eGambit 20171102
Endgame 20171024
F-Prot 20171102
Fortinet 20171102
Sophos ML 20170914
Jiangmin 20171102
K7AntiVirus 20171102
K7GW 20171102
Kingsoft 20171102
Malwarebytes 20171102
Microsoft 20171102
nProtect 20171102
Palo Alto Networks (Known Signatures) 20171102
Panda 20171101
Qihoo-360 20171102
Rising 20171102
SentinelOne (Static ML) 20171019
SUPERAntiSpyware 20171102
Symantec Mobile Insight 20171101
Tencent 20171102
TheHacker 20171031
Trustlook 20171102
VBA32 20171102
VIPRE 20171102
ViRobot 20171102
Webroot 20171102
WhiteArmor 20171024
Yandex 20171101
Zillya 20171102
Zoner 20171102
The file being studied is an Apple Disk Image! More specifically it follows the Universal Disk Image Format, commonly found with the DMG extension.
Main executable
Package path /HandBrake.app/Contents/Frameworks/Sparkle.framework/Versions/A/Resources/Autoupdate.app/Contents/MacOS/Autoupdate
Detection ratio 0 / 57 when this report was generated
File size 166964 Bytes
HFS File ID 80
DMG HFS Property List
SUFeedURL https://handbrake.fr/appcast.x86_64.xml
CFBundleInfoDictionaryVersion 6.0
NSHumanReadableCopyright Copyright © 2003-2017 HandBrake Team. GPLv2 license.
CFBundleGetInfoString 2017042800
CFBundleIdentifier fr.handbrake.HandBrake
CFBundleDocumentTypes {u'CFBundleTypeName': u'All files', u'CFBundleTypeRole': u'Viewer', u'CFBundleTypeExtensions': [u'*']}
{u'CFBundleTypeRole': u'Viewer', u'LSItemContentTypes': [u'public.movie']}
SUAllowsAutomaticUpdates False
CFBundleShortVersionString 1.0.7
CFBundleDisplayName HandBrake
BuildMachineOSBuild 15F34
CFBundleExecutable HandBrake
LSMinimumSystemVersion 10.7
CFBundleVersion 2017042800
SUPublicDSAKeyFile dsa_pub.pem
CFBundleIconFile HandBrake
NSMainNibFile MainMenu
CFBundleDevelopmentRegion en
CFBundleSupportedPlatforms MacOSX
CFBundleSignature ????
CFBundleName HandBrake
CFBundlePackageType APPL
NSPrincipalClass HBApplication
Contained Mac OS X executables
Contained file bundles
BLKX Table
Entry Attributes
Protective Master Boot Record (MBR : 0) 0x0050
GPT Header (Primary GPT Header : 1) 0x0050
GPT Partition Data (Primary GPT Table : 2) 0x0050
(Apple_Free : 3) 0x0050
disk image (Apple_HFS : 4) 0x0050
(Apple_Free : 5) 0x0050
GPT Partition Data (Backup GPT Table : 6) 0x0050
GPT Header (Backup GPT Header : 7) 0x0050
DMG XML Property List
Entry Attributes
ID:0 0x0050
DMG structural properties
DMG version
4
Data fork offset
0x0
Data fork length
16581841
Resource fork offset
0x0
Resource fork length
0
Resource fork keys
blkx, plst
Running data fork offset
0x0
XML offset
0x16581841
XML length
10759
PLST keys
resource-fork
File identification
MD5 e420a2dfb206c8777002583637037d29
SHA1 0935a43ca90c6c419a49e4f8f1d75e68cd70b274
SHA256 013623e5e50449bbdf6943549d8224a122aa6c42bd3300a1bd2b743b01ae6793
ssdeep
393216:Sgr4rKkDy6ZThgZzDw/i0X71Oxf3pi0SZH+x96:JrEK3+hgN2BsMeD6

File size 15.8 MB ( 16593112 bytes )
File type Macintosh Disk Image
Magic literal
ID=0xee, starthead 254, startsector 1, 89371 sectors, code offset 0x1

TrID Macintosh Disk image (BZlib compressed) (97.6%)
ZLIB compressed data (var. 1) (2.3%)
Master Boot Record dump (0.0%)
Tags
dmg

VirusTotal metadata
First submission 2017-05-03 19:01:45 UTC (6 ヶ月, 3 週間前)
Last submission 2017-10-31 12:32:18 UTC (2 週間, 6 日前)
ファイル名 HandBrake-1.0.7.dmg
Handbrake.dmg
e420a2dfb206c8777002583637037d29.virus
HandBrake-1.0.7-2.dmg
コメントはありません. この項目について、VirusTotal コミュニティのメンバーはまだ誰もコメントしていません。是非、コメントしてください。

コメントを投稿してください...

?
コメントを投稿

サインインしていません。登録ユーザーのみがコメントを投稿できます。サインインして意見をお聞かせください。

投票はありません. この項目に対してまだ誰も投票していません。是非、投票してください。
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Moved files
Created processes
HTTP requests
DNS requests
TCP connections