× В вашем браузере отключены куки (cookie). Для полноценной работы сайта необходимо включить сохранение файлов cookie.
SHA256: 6acd92d0dfe3e298d73b78a3dcc6d52ff4f85a70a9f2d0dcfe7ae4af2dd685cc
Имя файла: macs
Показатель выявления: 38 / 57
Дата анализа: 2017-04-17 10:58:20 UTC (1 месяц, 1 неделя назад)
Антивирус Результат Дата обновления
Ad-Aware MAC.OSX.Backdoor.KitM.A 20170417
AegisLab Backdoor.OSX.Kitm.a!c 20170417
AhnLab-V3 OSX64-Trojan/Kitm 20170417
ALYac MAC.OSX.Backdoor.KitM.A 20170417
Arcabit MAC.OSX.Backdoor.KitM.A 20170417
Avast MacOS:Kitmos-A [Spy] 20170417
AVG BackDoor.Generic_c.FFY 20170417
Avira (no cloud) OSX/Kitm.B 20170417
AVware Trojan.OSX.Generic (v) 20170410
BitDefender MAC.OSX.Backdoor.KitM.A 20170417
CAT-QuickHeal Backdoor.MacOSX.Kitmos.A 20170417
ClamAV Osx.Trojan.KitM-1 20170417
Comodo UnclassifiedMalware 20170417
Cyren MacOS/Kitmos.A 20170417
DrWeb Trojan.HackBack.2 20170417
Emsisoft MAC.OSX.Backdoor.KitM.A (B) 20170417
ESET-NOD32 OSX/Kitm.A 20170417
F-Prot MacOS/Kitmos.A 20170417
F-Secure MAC.OSX.Backdoor.KitM.A 20170417
Fortinet OSX/Kitm.A!tr.bdr 20170417
GData MAC.OSX.Backdoor.KitM.A 20170417
Ikarus Backdoor.OSX.Kitm 20170417
Kaspersky Backdoor.OSX.Kitm.a 20170417
McAfee OSX/Kitmos 20170417
McAfee-GW-Edition OSX/Kitmos 20170417
Microsoft Backdoor:MacOS_X/Kitmos.A 20170417
eScan MAC.OSX.Backdoor.KitM.A 20170417
NANO-Antivirus Trojan.Mac.HackBack.culozj 20170416
Qihoo-360 Win32/Backdoor.3d9 20170417
Sophos OSX/Kitm-A 20170417
Symantec OSX.Kitmos 20170416
Tencent Win32.Backdoor.Kitm.Ehhy 20170417
TotalDefense MacOS/Kitmos.A 20170417
TrendMicro OSX_KITM.A 20170417
TrendMicro-HouseCall OSX_KITM.A 20170417
VIPRE Trojan.OSX.Generic (v) 20170417
Zillya Trojan.Kitm..2 20170414
ZoneAlarm by Check Point Backdoor.OSX.Kitm.a 20170417
Alibaba 20170417
Antiy-AVL 20170417
Baidu 20170417
Bkav 20170415
CMC 20170417
CrowdStrike Falcon (ML) 20170130
Endgame 20170413
Invincea 20170413
Jiangmin 20170417
K7AntiVirus 20170417
K7GW 20170417
Kingsoft 20170417
Malwarebytes 20170417
nProtect 20170417
Palo Alto Networks (Known Signatures) 20170417
Panda 20170417
Rising 20170417
SentinelOne (Static ML) 20170330
SUPERAntiSpyware 20170417
Symantec Mobile Insight 20170414
TheHacker 20170416
Trustlook 20170417
VBA32 20170417
ViRobot 20170417
Webroot 20170417
WhiteArmor 20170409
Yandex 20170417
Zoner 20170417
The file being studied is a Mac OS X executable! More specifically it is a FAT multi-architecture binary, either a PPC/PPC64 binary or a universal package made up of 2 Mach-O files.
File signature
Identifier com.util.file
Format Mach-O universal (i386 x86_64)
CDHash b0aa57a281c2d8cce6c9a09568c6e3fea52ff80e
Signature size 8514
Authority Developer ID Application: Rajinder Kumar
Authority Developer ID Certification Authority
Authority Apple Root CA
Timestamp Apr 8, 2013, 9:52:49 AM
Info.plist not bound
TeamIdentifier not set
Sealed Resources none
FAT multi-architecture binary
This file targets more than one architecture, this is done by packaging up 2 Mach-Os in a FAT binary. Details about each Mach-O file follow.
Interesting properties
This file is signed by Apple's Root Certificate Authority.
File header
File type executable file
Magic 0xfeedfacf
Required architecture x86_64
Sub-architecture X86_64_ALL
Entry point 0x100001ee0
Reserved 0x0
Load commands 22
Load commands size 3968
Flags DYLDLINK
NOUNDEFS
TWOLEVEL
File segments
Shared libraries
Load commands
Interesting properties
This file is signed by Apple's Root Certificate Authority.
File header
File type executable file
Magic 0xfeedface
Required architecture i386
Sub-architecture I386_ALL
Entry point 0x1e00
Load commands 23
Load commands size 3392
Flags DYLDLINK
NOUNDEFS
NO_HEAP_EXECUTION
TWOLEVEL
File segments
Shared libraries
Load commands
File identification
MD5 f9fabd1637d190e0e0a5c117c71921fc
SHA1 4395a2da164e09721700815ea3f816cddb9d676e
SHA256 6acd92d0dfe3e298d73b78a3dcc6d52ff4f85a70a9f2d0dcfe7ae4af2dd685cc
ssdeep
12288:TMGSQliDiNZZrF7PXKxXG5HX/MO4t9p8:wGSQl3apcXNur

Размер файла 460.2 KБ ( 471232 bytes )
Тип файла Mach-O
Описание
Mach-O fat file with 2 architectures

TrID Mac OS X Universal Binary executable (100.0%)
Tags
64bits multi-arch macho signed

VirusTotal metadata
First submission 2013-05-13 14:48:59 UTC (4 лет назад)
Last submission 2014-01-08 16:27:22 UTC (3 лет, 4 месяцев назад)
Имена файлов 1
vti-rescan
macs
4395a2da164e09721700815ea3f816cddb9d676e.fat
6acd92d0dfe3e298d73b78a3dcc6d52ff4f85a70a9f2d0dcfe7ae4af2dd685cc
Нет комментариев. Из участников сообщества VirusTotal ещё пока никто не оставил комментарий по поводу результатов анализа. Станьте первым!

Оставьте свой комментарий...

?
Отправить

Вы не выполнили вход. Только зарегистрированные пользователи могут оставлять комментарии. Выполните вход и получите право голоса!

Нет голосов. Ещё пока никто не проголосовал за результаты анализа. Станьте первым!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Output
Opened files
Read files
Written files
Created processes