× Cookies zijn uitgeschakeld! Voor een goede werking van deze website moeten cookies zijn ingeschakeld
SHA256: f51e07ceac3ca56560f8472d0b70f4db4af3480c547a5c423ab485dd05c78d2a
Bestandsnaam: flash player.dmg
Detectieverhouding: 12 / 59
Datum van analyse: 2017-11-27 13:04:30 UTC (10 maanden geleden) Laatste weergeven
Virusscanner Resultaat Versie
Arcabit Trojan.Adware.MAC.OSX.BundloreCA.1 20171127
Avast MacOS:Bundlore-AG [Adw] 20171127
AVG MacOS:Bundlore-AG [Adw] 20171127
BitDefender Gen:Variant.Adware.MAC.OSX.BundloreCA.1 20171127
Emsisoft Gen:Variant.Adware.MAC.OSX.BundloreCA.1 (B) 20171127
GData Gen:Variant.Adware.MAC.OSX.BundloreCA.1 20171127
Ikarus AdWare.OSX.Adware 20171127
Kaspersky not-a-virus:HEUR:AdWare.OSX.Bnodlero.i 20171127
MAX malware (ai score=84) 20171127
eScan Gen:Variant.Adware.MAC.OSX.BundloreCA.1 20171127
NANO-Antivirus Riskware.Mac.Bundlore.euwbwf 20171127
ZoneAlarm by Check Point not-a-virus:HEUR:AdWare.OSX.Bnodlero.i 20171127
Ad-Aware 20171127
AegisLab 20171127
AhnLab-V3 20171127
Alibaba 20171127
ALYac 20171127
Antiy-AVL 20171127
Avast-Mobile 20171127
Avira (no cloud) 20171127
AVware 20171127
Baidu 20171127
Bkav 20171127
CAT-QuickHeal 20171125
ClamAV 20171127
CMC 20171126
Comodo 20171127
CrowdStrike Falcon (ML) 20171016
Cybereason 20171103
Cylance 20171127
Cyren 20171127
DrWeb 20171127
eGambit 20171127
Endgame 20171024
ESET-NOD32 20171127
F-Prot 20171127
F-Secure 20171127
Fortinet 20171127
Sophos ML 20170914
Jiangmin 20171127
K7AntiVirus 20171127
K7GW 20171127
Kingsoft 20171127
Malwarebytes 20171127
McAfee 20171127
McAfee-GW-Edition 20171127
Microsoft 20171127
nProtect 20171127
Palo Alto Networks (Known Signatures) 20171127
Panda 20171126
Qihoo-360 20171127
Rising 20171127
SentinelOne (Static ML) 20171113
Sophos AV 20171127
SUPERAntiSpyware 20171127
Symantec 20171127
Symantec Mobile Insight 20171124
Tencent 20171127
TheHacker 20171126
TrendMicro 20171127
TrendMicro-HouseCall 20171127
Trustlook 20171127
VBA32 20171127
VIPRE 20171127
ViRobot 20171127
Webroot 20171127
WhiteArmor 20171104
Yandex 20171120
Zillya 20171124
Zoner 20171127
The file being studied is an Apple Disk Image! More specifically it follows the Universal Disk Image Format, commonly found with the DMG extension.
File signature
Identifier com.stubberify.mym
Format bundle with Mach-O universal (i386 x86_64)
CDHash e456b7aab6c4046333823e00776fa6a5dcd109bc
Signature size 8529
Authority Developer ID Application: Sergii Bezugly (MM5WJ5XLNX)
Authority Developer ID Certification Authority
Authority Apple Root CA
Timestamp Nov 27, 2017, 7:37:11 AM
Info.plist entries 11
TeamIdentifier MM5WJ5XLNX
Signature verification Valid Signature
Signing Certificates
[+] Sergii Bezugly
Status Valid
Issuer Apple Inc.
Valid from 03:40 PM 07/31/2017
Valid to 03:40 PM 08/01/2022
Valid usage Digital Signature, Code Signing
Algorithm sha256WithRSAEncryption
Thumbprint BD2A9035709B2FE94AAD4BF5F7AFAF5FED8318E6
Serial number 5B 24 CA 24 8B 0F 52 E0
[+] Apple Inc.
Status Valid
Issuer Apple Inc.
Valid from 10:12 PM 02/01/2012
Valid to 10:12 PM 02/01/2027
Valid usage Digital Signature, Certificate Sign, CRL Sign
Algorithm sha256WithRSAEncryption
Thumbprint 3B166C3B7DC4B751C9FE2AFAB9135641E388E186
Serial number 18 7A A9 A8 C2 96 21 0C
[+] Apple Inc.
Status Valid
Issuer Apple Inc.
Valid from 09:40 PM 04/25/2006
Valid to 09:40 PM 02/09/2035
Valid usage Certificate Sign, CRL Sign
Algorithm sha1WithRSAEncryption
Thumbprint 611E5B662C593A08FF58D14AE22452D198DF6C60
Serial number 2
Main executable
Package path /Install.app/Contents/MacOS/applet
Detection ratio 13 / 44 when this report was generated
File size 42656 Bytes
HFS File ID 36
DMG HFS Property List
LSMinimumSystemVersionByArchitecture x86_64: 10.6
CFBundleSignature aplt
CFBundleInfoDictionaryVersion 6.0
CFBundleAllowMixedLocalizations True
CFBundleIconFile applet
LSRequiresCarbon True
CFBundleIdentifier com.stubberify.mym
CFBundleDevelopmentRegion English
CFBundleExecutable applet
CFBundleName stubInstaller
CFBundlePackageType APPL
Contained Mac OS X executables
Contained file bundles
BLKX Table
Entry Attributes
Protective Master Boot Record (MBR : 0) 0x0050
GPT Header (Primary GPT Header : 1) 0x0050
GPT Partition Data (Primary GPT Table : 2) 0x0050
(Apple_Free : 3) 0x0050
disk image (Apple_HFS : 4) 0x0050
(Apple_Free : 5) 0x0050
GPT Partition Data (Backup GPT Table : 6) 0x0050
GPT Header (Backup GPT Header : 7) 0x0050
DMG XML Property List
Entry Attributes
ID:0 0x0050
DMG structural properties
DMG version
4
Data fork offset
0x0
Data fork length
131540
Resource fork offset
0x0
Resource fork length
0
Resource fork keys
blkx, plst
Running data fork offset
0x0
XML offset
0x131540
XML length
8089
PLST keys
resource-fork
File identification
MD5 4f06b31356adc7b0657d1e7632500e2c
SHA1 f4dc6e6edf66500657f739d2a3cc7f71def49985
SHA256 f51e07ceac3ca56560f8472d0b70f4db4af3480c547a5c423ab485dd05c78d2a
ssdeep
3072:+BTffhA+Vwgke3lyEHNlzbUkJHvF0/XVZf0hMgPphqg2BfsK06q4mK:+BTfJXEe3gYNbJPmNZcCg6qnK

Bestandsgrootte 136.9 KB ( 140141 bytes )
Bestandstype Macintosh Disk Image
Magic literal
bzip2 compressed data, block size = 100k

TrID Macintosh Disk image (BZ2 compressed) (95.1%)
bzip2 compressed archive (3.6%)
PrintFox/Pagefox bitmap (var. B) (1.2%)
Tags
dmg

VirusTotal metadata
First submission 2017-11-27 13:04:30 UTC (10 maanden geleden)
Last submission 2017-11-27 13:04:30 UTC (10 maanden geleden)
Bestandsnamen flash player.dmg
Geen reactie. Er heeft nog geen VirusTotal-communitylid gereageerd op dit item. Wees de eerste!

Laat een reactie achter...

?
Reactie plaatsen

U bent niet ingelogd. Alleen geregistreerde gebruikers kunnen reacties plaatsen. Log in en discussieer mee!

Geen stemmen. Er heeft nog niemand gestemd op dit item. U kunt de eerste zijn!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Moved files
Created processes
HTTP requests
DNS requests
TCP connections