× В вашем браузере отключены куки (cookie). Для полноценной работы сайта необходимо включить сохранение файлов cookie.
SHA256: 6acd92d0dfe3e298d73b78a3dcc6d52ff4f85a70a9f2d0dcfe7ae4af2dd685cc
Имя файла: macs
Показатель выявления: 36 / 55
Дата анализа: 2016-11-27 15:05:21 UTC (4 месяцев назад)
Антивирус Результат Дата обновления
Ad-Aware MAC.OSX.Backdoor.KitM.A 20161127
AegisLab Backdoor.OSX.Kitm.a!c 20161127
AhnLab-V3 OSX64-Trojan/Kitm 20161127
ALYac MAC.OSX.Backdoor.KitM.A 20161127
Arcabit MAC.OSX.Backdoor.KitM.A 20161127
Avast MacOS:Kitmos-A [Spy] 20161127
AVG BackDoor.Generic_c.FFY 20161127
Avira (no cloud) OSX/Kitm.A 20161127
AVware Trojan.OSX.Generic (v) 20161127
BitDefender MAC.OSX.Backdoor.KitM.A 20161127
CAT-QuickHeal Backdoor.MacOSX.Kitmos.A 20161126
ClamAV Osx.Trojan.KitM-1 20161127
Comodo UnclassifiedMalware 20161127
Cyren MacOS/Kitmos.A 20161127
DrWeb Trojan.HackBack.2 20161127
Emsisoft MAC.OSX.Backdoor.KitM.A (B) 20161127
ESET-NOD32 OSX/Kitm.A 20161127
F-Prot MacOS/Kitmos.A 20161127
F-Secure MAC.OSX.Backdoor.KitM.A 20161127
Fortinet OSX/Kitm.A!tr.bdr 20161127
GData MAC.OSX.Backdoor.KitM.A 20161127
Ikarus Backdoor.OSX.Kitm 20161127
Kaspersky Backdoor.OSX.Kitm.a 20161127
McAfee OSX/Kitmos 20161127
McAfee-GW-Edition OSX/Kitmos 20161127
Microsoft Backdoor:MacOS_X/Kitmos.A 20161127
eScan MAC.OSX.Backdoor.KitM.A 20161127
NANO-Antivirus Trojan.Mac.HackBack.culozj 20161127
Qihoo-360 Win32/Backdoor.3d9 20161127
Sophos OSX/Kitm-A 20161127
Symantec OSX.Kitmos 20161127
Tencent Win32.Backdoor.Kitm.Ehhy 20161127
TotalDefense MacOS/Kitmos.A 20161127
TrendMicro OSX_KITM.A 20161127
TrendMicro-HouseCall OSX_KITM.A 20161127
VIPRE Trojan.OSX.Generic (v) 20161127
Alibaba 20161125
Antiy-AVL 20161127
Baidu 20161126
Bkav 20161126
CMC 20161127
CrowdStrike Falcon (ML) 20161024
Invincea 20161018
Jiangmin 20161124
K7AntiVirus 20161127
K7GW 20161127
Kingsoft 20161127
Malwarebytes 20161127
nProtect 20161127
Panda 20161127
Rising 20161127
SUPERAntiSpyware 20161127
TheHacker 20161126
Trustlook 20161127
VBA32 20161125
ViRobot 20161127
WhiteArmor 20161125
Yandex 20161127
Zillya 20161125
Zoner 20161127
The file being studied is a Mac OS X executable! More specifically it is a FAT multi-architecture binary, either a PPC/PPC64 binary or a universal package made up of 2 Mach-O files.
File signature
Identifier com.util.file
Format Mach-O universal (i386 x86_64)
CDHash b0aa57a281c2d8cce6c9a09568c6e3fea52ff80e
Signature size 8514
Authority Developer ID Application: Rajinder Kumar
Authority Developer ID Certification Authority
Authority Apple Root CA
Timestamp Apr 8, 2013, 9:52:49 AM
Info.plist not bound
TeamIdentifier not set
Sealed Resources none
FAT multi-architecture binary
This file targets more than one architecture, this is done by packaging up 2 Mach-Os in a FAT binary. Details about each Mach-O file follow.
Interesting properties
This file is signed by Apple's Root Certificate Authority.
File header
File type executable file
Magic 0xfeedfacf
Required architecture x86_64
Sub-architecture X86_64_ALL
Entry point 0x100001ee0
Reserved 0x0
Load commands 22
Load commands size 3968
Flags DYLDLINK
NOUNDEFS
TWOLEVEL
File segments
Shared libraries
Load commands
Interesting properties
This file is signed by Apple's Root Certificate Authority.
File header
File type executable file
Magic 0xfeedface
Required architecture i386
Sub-architecture I386_ALL
Entry point 0x1e00
Load commands 23
Load commands size 3392
Flags DYLDLINK
NOUNDEFS
NO_HEAP_EXECUTION
TWOLEVEL
File segments
Shared libraries
Load commands
File identification
MD5 f9fabd1637d190e0e0a5c117c71921fc
SHA1 4395a2da164e09721700815ea3f816cddb9d676e
SHA256 6acd92d0dfe3e298d73b78a3dcc6d52ff4f85a70a9f2d0dcfe7ae4af2dd685cc
ssdeep
12288:TMGSQliDiNZZrF7PXKxXG5HX/MO4t9p8:wGSQl3apcXNur

Размер файла 460.2 KБ ( 471232 bytes )
Тип файла Mach-O
Описание
Mach-O fat file with 2 architectures

TrID Mac OS X Universal Binary executable (100.0%)
Tags
64bits multi-arch macho signed

VirusTotal metadata
First submission 2013-05-13 14:48:59 UTC (3 лет, 10 месяцев назад)
Last submission 2014-01-08 16:27:22 UTC (3 лет, 2 месяцев назад)
Имена файлов 1
vti-rescan
macs
4395a2da164e09721700815ea3f816cddb9d676e.fat
6acd92d0dfe3e298d73b78a3dcc6d52ff4f85a70a9f2d0dcfe7ae4af2dd685cc
Нет комментариев. Из участников сообщества VirusTotal ещё пока никто не оставил комментарий по поводу результатов анализа. Станьте первым!

Оставьте свой комментарий...

?
Отправить

Вы не выполнили вход. Только зарегистрированные пользователи могут оставлять комментарии. Выполните вход и получите право голоса!

Нет голосов. Ещё пока никто не проголосовал за результаты анализа. Станьте первым!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Output
Opened files
Read files
Written files
Created processes