× Колачићи су онемогућени. Овај сајт захтева колачиће како би нормално функционисао
SHA256: 6acd92d0dfe3e298d73b78a3dcc6d52ff4f85a70a9f2d0dcfe7ae4af2dd685cc
Име датотеке: macs
Однос откривања: 36 / 57
Датум анализе: 2018-11-17 04:11:55 UTC (пре 8 сати, 35 минута)
Антивирус Резултат Ажурирање
Ad-Aware MAC.OSX.Backdoor.KitM.A 20181117
AhnLab-V3 OSX64-Trojan/Kitm 20181116
ALYac MAC.OSX.Backdoor.KitM.A 20181117
Arcabit MAC.OSX.Backdoor.KitM.A 20181117
Avast MacOS:Kitmos-A [Spy] 20181117
AVG MacOS:Kitmos-A [Spy] 20181117
Avira (no cloud) OSX/Kitm.B 20181116
BitDefender MAC.OSX.Backdoor.KitM.A 20181117
CAT-QuickHeal Backdoor.MacOSX.Kitmos.A 20181116
ClamAV Osx.Trojan.KitM-1 20181116
Cyren MacOS/Kitmos.A 20181117
DrWeb Trojan.HackBack.2 20181117
Emsisoft MAC.OSX.Backdoor.KitM.A (B) 20181117
Endgame malicious (high confidence) 20181108
ESET-NOD32 OSX/Kitm.A 20181117
F-Prot MacOS/Kitmos.A 20181117
F-Secure MAC.OSX.Backdoor.KitM.A 20181116
Fortinet OSX/Kitm.A!tr.bdr 20181117
GData MAC.OSX.Backdoor.KitM.A 20181117
Ikarus Backdoor.OSX.Kitm 20181116
Kaspersky Backdoor.OSX.Kitm.a 20181117
MAX malware (ai score=98) 20181117
McAfee OSX/Kitmos 20181117
McAfee-GW-Edition OSX/Kitmos 20181117
Microsoft Backdoor:MacOS_X/Kitmos.A 20181117
eScan MAC.OSX.Backdoor.KitM.A 20181117
NANO-Antivirus Trojan.Mac.HackBack.culozj 20181117
Qihoo-360 Win32/Backdoor.3d9 20181117
Sophos AV OSX/Kitm-A 20181117
Symantec OSX.Kitmos 20181116
Tencent Win32.Backdoor.Kitm.Ehhy 20181117
TotalDefense MacOS/Kitmos.A 20181116
TrendMicro OSX_KITM.A 20181117
TrendMicro-HouseCall OSX_KITM.A 20181117
Zillya Trojan.Kitm..2 20181116
ZoneAlarm by Check Point Backdoor.OSX.Kitm.a 20181117
AegisLab 20181117
Alibaba 20180921
Antiy-AVL 20181117
Avast-Mobile 20181116
Babable 20180918
Baidu 20181116
Bkav 20181116
CMC 20181116
CrowdStrike Falcon (ML) 20181022
Cybereason 20180225
Cylance 20181117
eGambit 20181117
Sophos ML 20181108
Jiangmin 20181117
K7AntiVirus 20181116
K7GW 20181116
Kingsoft 20181117
Malwarebytes 20181117
Palo Alto Networks (Known Signatures) 20181117
Panda 20181116
Rising 20181117
SentinelOne (Static ML) 20181011
SUPERAntiSpyware 20181114
Symantec Mobile Insight 20181108
TACHYON 20181117
TheHacker 20181113
Trustlook 20181117
VBA32 20181116
ViRobot 20181116
Webroot 20181117
Yandex 20181116
Zoner 20181117
The file being studied is a Mac OS X executable! More specifically it is a FAT multi-architecture binary, either a PPC/PPC64 binary or a universal package made up of 2 Mach-O files.
File signature
Identifier com.util.file
Format Mach-O universal (i386 x86_64)
CDHash b0aa57a281c2d8cce6c9a09568c6e3fea52ff80e
Signature size 8514
Authority Developer ID Application: Rajinder Kumar
Authority Developer ID Certification Authority
Authority Apple Root CA
Timestamp Apr 8, 2013, 9:52:49 AM
Info.plist not bound
TeamIdentifier not set
Sealed Resources none
FAT multi-architecture binary
This file targets more than one architecture, this is done by packaging up 2 Mach-Os in a FAT binary. Details about each Mach-O file follow.
Interesting properties
This file is signed by Apple's Root Certificate Authority.
File header
File type executable file
Magic 0xfeedfacf
Required architecture x86_64
Sub-architecture X86_64_ALL
Entry point 0x100001ee0
Reserved 0x0
Load commands 22
Load commands size 3968
Flags DYLDLINK
NOUNDEFS
TWOLEVEL
File segments
Shared libraries
Load commands
Interesting properties
This file is signed by Apple's Root Certificate Authority.
File header
File type executable file
Magic 0xfeedface
Required architecture i386
Sub-architecture I386_ALL
Entry point 0x1e00
Load commands 23
Load commands size 3392
Flags DYLDLINK
NOUNDEFS
NO_HEAP_EXECUTION
TWOLEVEL
File segments
Shared libraries
Load commands
File identification
MD5 f9fabd1637d190e0e0a5c117c71921fc
SHA1 4395a2da164e09721700815ea3f816cddb9d676e
SHA256 6acd92d0dfe3e298d73b78a3dcc6d52ff4f85a70a9f2d0dcfe7ae4af2dd685cc
ssdeep
12288:TMGSQliDiNZZrF7PXKxXG5HX/MO4t9p8:wGSQl3apcXNur

File size 460.2 KB ( 471232 bytes )
File type Mach-O
Magic literal
Mach-O fat file with 2 architectures

TrID Mac OS X Mach-O universal Dynamically linked shared Library (94.7%)
Mac OS X Universal Binary executable (5.2%)
Tags
64bits multi-arch macho signed

VirusTotal metadata
First submission 2013-05-13 14:48:59 UTC (пре 5 година, 6 месеци)
Last submission 2018-04-02 22:28:10 UTC (пре 7 месеци, 2 недеље)
Имена датотека 1
vti-rescan
macs
4395a2da164e09721700815ea3f816cddb9d676e.fat
6acd92d0dfe3e298d73b78a3dcc6d52ff4f85a70a9f2d0dcfe7ae4af2dd685cc
Нема коментара.. Ниједан члан заједнице Вајрустотала још није прокоментарисао ову ставку. Будите први који ће то урадити!

Оставите коментар…

?
Постави коментар

Нисте пријављени. Само регистровани корисници могу да остављају коментаре. Отворите налог и разгласите се!

Нема гласова.. Још нико није гласао за ову ставку. Будите први који ће то учинити!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Output
Opened files
Read files
Written files
Created processes