Resubmissions

12/03/2024, 15:38

240312-s3a2dsef79 4

12/03/2024, 15:37

240312-s2wlpsef65 1

12/03/2024, 15:34

240312-sz841sce5t 1

Analysis

  • max time kernel
    149s
  • max time network
    152s
  • platform
    macos-10.15_amd64
  • resource
    macos-20240214-en
  • resource tags

    arch:amd64arch:i386image:macos-20240214-enkernel:19b77alocale:en-usos:macos-10.15-amd64system
  • submitted
    12/03/2024, 15:38

General

  • Target

    Badmashlaunda.html

  • Size

    14KB

  • MD5

    4e66cc0f8f5abcefb93aafe97fe8d374

  • SHA1

    d30c9649c5f09cac390720f85cab6235c0c5d3f5

  • SHA256

    9e9b9352d3b6aed9f9a5e7376009771260e9a35c6ee31a73433e755b8a841ac6

  • SHA512

    818549ea39f88c2debf5db7d5ae2081a51166cda7315ea2d55be5054a3cd9c5e830266e6fb77f8e6d87562e321c1dc1ebae64b11f4a28dd2a608cdb576dc0945

  • SSDEEP

    192:PNx5Ssv99qXoqTJkNr723HJpJEZMAVp1c/Mhu3gzNanaymBZWQe4KFQ3VUf8y1Ji:5Ssl9qYoJkN/dzXjknyBheQ3VS4N

Score
4/10

Malware Config

Signatures

  • Resource Forking 1 TTPs 1 IoCs

Processes

  • /usr/libexec/xpcproxy
    xpcproxy com.apple.pluginkit.pkd
    1⤵
      PID:520
    • /usr/libexec/pkd
      /usr/libexec/pkd
      1⤵
        PID:520
      • /bin/sh
        sh -c "sudo /bin/zsh -c \"/Users/run/Badmashlaunda.html\""
        1⤵
          PID:523
        • /bin/bash
          sh -c "sudo /bin/zsh -c \"/Users/run/Badmashlaunda.html\""
          1⤵
            PID:523
          • /usr/bin/sudo
            sudo /bin/zsh -c /Users/run/Badmashlaunda.html
            1⤵
              PID:523
              • /bin/zsh
                /bin/zsh -c /Users/run/Badmashlaunda.html
                2⤵
                  PID:524
                • /Users/run/Badmashlaunda.html
                  /Users/run/Badmashlaunda.html
                  2⤵
                    PID:524
                  • /bin/sh
                    sh /Users/run/Badmashlaunda.html
                    2⤵
                      PID:524
                    • /bin/bash
                      sh /Users/run/Badmashlaunda.html
                      2⤵
                        PID:524
                    • /usr/libexec/xpcproxy
                      xpcproxy com.apple.sysmond
                      1⤵
                        PID:528
                      • /usr/libexec/sysmond
                        /usr/libexec/sysmond
                        1⤵
                          PID:528
                        • /usr/libexec/xpcproxy
                          xpcproxy com.apple.Safari.2028
                          1⤵
                            PID:550
                          • /Applications/Safari.app/Contents/MacOS/Safari
                            /Applications/Safari.app/Contents/MacOS/Safari
                            1⤵
                              PID:550
                            • /usr/libexec/xpcproxy
                              xpcproxy com.apple.Safari.History
                              1⤵
                                PID:553
                              • /System/Library/PrivateFrameworks/SafariShared.framework/Versions/A/XPCServices/com.apple.Safari.History.xpc/Contents/MacOS/com.apple.Safari.History
                                /System/Library/PrivateFrameworks/SafariShared.framework/Versions/A/XPCServices/com.apple.Safari.History.xpc/Contents/MacOS/com.apple.Safari.History
                                1⤵
                                  PID:553
                                • /usr/libexec/xpcproxy
                                  xpcproxy com.apple.siri.context.service
                                  1⤵
                                    PID:555
                                  • /System/Library/PrivateFrameworks/ContextKit.framework/Versions/A/XPCServices/ContextService.xpc/Contents/MacOS/ContextService
                                    /System/Library/PrivateFrameworks/ContextKit.framework/Versions/A/XPCServices/ContextService.xpc/Contents/MacOS/ContextService
                                    1⤵
                                      PID:555
                                    • /usr/libexec/xpcproxy
                                      xpcproxy com.apple.WebKit.WebContent.BA457BAE-A853-4462-B822-06066E13D5A6 550
                                      1⤵
                                        PID:556
                                      • /System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
                                        /System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
                                        1⤵
                                          PID:556
                                        • /usr/libexec/xpcproxy
                                          xpcproxy com.apple.geod
                                          1⤵
                                            PID:559
                                          • /System/Library/PrivateFrameworks/GeoServices.framework/Versions/A/XPCServices/com.apple.geod.xpc/Contents/MacOS/com.apple.geod
                                            /System/Library/PrivateFrameworks/GeoServices.framework/Versions/A/XPCServices/com.apple.geod.xpc/Contents/MacOS/com.apple.geod
                                            1⤵
                                              PID:559
                                            • /usr/libexec/xpcproxy
                                              xpcproxy com.apple.SafariLaunchAgent
                                              1⤵
                                                PID:562
                                              • /Library/Apple/System/Library/CoreServices/SafariSupport.bundle/Contents/MacOS/SafariLaunchAgent
                                                /Library/Apple/System/Library/CoreServices/SafariSupport.bundle/Contents/MacOS/SafariLaunchAgent
                                                1⤵
                                                  PID:562
                                                • /usr/libexec/xpcproxy
                                                  xpcproxy com.apple.akd
                                                  1⤵
                                                    PID:563
                                                  • /System/Library/PrivateFrameworks/AuthKit.framework/Versions/A/Support/akd
                                                    /System/Library/PrivateFrameworks/AuthKit.framework/Versions/A/Support/akd
                                                    1⤵
                                                      PID:563
                                                    • /usr/libexec/xpcproxy
                                                      xpcproxy com.apple.WebKit.WebContent.12F18BFD-7927-4F3F-9ACE-6EAC576D8344 550
                                                      1⤵
                                                        PID:564
                                                      • /System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
                                                        /System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
                                                        1⤵
                                                          PID:564
                                                        • /usr/libexec/xpcproxy
                                                          xpcproxy com.apple.CoreAuthentication.agent
                                                          1⤵
                                                            PID:566
                                                          • /System/Library/Frameworks/LocalAuthentication.framework/Support/coreauthd
                                                            /System/Library/Frameworks/LocalAuthentication.framework/Support/coreauthd
                                                            1⤵
                                                              PID:566
                                                            • /usr/bin/pluginkit
                                                              /usr/bin/pluginkit -e ignore -i com.microsoft.OneDrive.FinderSync
                                                              1⤵
                                                                PID:567
                                                              • /usr/sbin/spctl
                                                                /usr/sbin/spctl --assess --type execute /var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/T/OneDriveUpdaterDA6CE80A/OneDrive.app
                                                                1⤵
                                                                  PID:568
                                                                • /usr/libexec/xpcproxy
                                                                  xpcproxy com.apple.nehelper
                                                                  1⤵
                                                                    PID:569
                                                                  • /usr/libexec/nehelper
                                                                    /usr/libexec/nehelper
                                                                    1⤵
                                                                      PID:569
                                                                    • /usr/libexec/xpcproxy
                                                                      xpcproxy com.apple.Safari.SearchHelper 550
                                                                      1⤵
                                                                        PID:571
                                                                      • /System/Library/PrivateFrameworks/SafariShared.framework/Versions/A/XPCServices/com.apple.Safari.SearchHelper.xpc/Contents/MacOS/com.apple.Safari.SearchHelper
                                                                        /System/Library/PrivateFrameworks/SafariShared.framework/Versions/A/XPCServices/com.apple.Safari.SearchHelper.xpc/Contents/MacOS/com.apple.Safari.SearchHelper
                                                                        1⤵
                                                                          PID:571
                                                                        • /usr/libexec/xpcproxy
                                                                          xpcproxy com.apple.Safari.SafeBrowsing.Service
                                                                          1⤵
                                                                            PID:572
                                                                          • /System/Library/PrivateFrameworks/SafariSafeBrowsing.framework/com.apple.Safari.SafeBrowsing.Service
                                                                            /System/Library/PrivateFrameworks/SafariSafeBrowsing.framework/com.apple.Safari.SafeBrowsing.Service
                                                                            1⤵
                                                                              PID:572
                                                                            • /usr/libexec/xpcproxy
                                                                              xpcproxy com.apple.WebKit.WebContent.52415089-DECF-405E-8B38-B3547D383DC9 550
                                                                              1⤵
                                                                                PID:573
                                                                              • /System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
                                                                                /System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
                                                                                1⤵
                                                                                  PID:573
                                                                                • /usr/libexec/xpcproxy
                                                                                  xpcproxy com.apple.neagent.878568F8-CCE5-4157-8315-22F20DC8FB0A
                                                                                  1⤵
                                                                                    PID:574
                                                                                  • /usr/libexec/neagent
                                                                                    /usr/libexec/neagent
                                                                                    1⤵
                                                                                      PID:574
                                                                                    • /usr/libexec/xpcproxy
                                                                                      xpcproxy com.apple.pbs
                                                                                      1⤵
                                                                                        PID:575
                                                                                      • /System/Library/CoreServices/pbs
                                                                                        /System/Library/CoreServices/pbs
                                                                                        1⤵
                                                                                          PID:575
                                                                                        • /usr/libexec/xpcproxy
                                                                                          xpcproxy com.apple.WebKit.WebContent.EBA89BC8-E806-432B-9F4B-574A406397DD 550
                                                                                          1⤵
                                                                                            PID:576
                                                                                          • /System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
                                                                                            /System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
                                                                                            1⤵
                                                                                              PID:576
                                                                                            • /usr/libexec/xpcproxy
                                                                                              xpcproxy com.apple.AddressBook.ContactsAccountsService
                                                                                              1⤵
                                                                                                PID:580
                                                                                              • /System/Library/Frameworks/AddressBook.framework/Executables/ContactsAccountsService
                                                                                                /System/Library/Frameworks/AddressBook.framework/Executables/ContactsAccountsService
                                                                                                1⤵
                                                                                                  PID:580
                                                                                                • /usr/libexec/xpcproxy
                                                                                                  xpcproxy com.apple.WebKit.WebContent.F5A2832D-547B-4CFD-B524-AC62984E9977 550
                                                                                                  1⤵
                                                                                                    PID:581
                                                                                                  • /System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
                                                                                                    /System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
                                                                                                    1⤵
                                                                                                      PID:581
                                                                                                    • /usr/libexec/xpcproxy
                                                                                                      xpcproxy com.apple.WebKit.WebContent.636CEB02-2734-42D5-BA80-EAA916D32F5F 550
                                                                                                      1⤵
                                                                                                        PID:585
                                                                                                      • /System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
                                                                                                        /System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
                                                                                                        1⤵
                                                                                                          PID:585
                                                                                                        • /usr/libexec/xpcproxy
                                                                                                          xpcproxy com.apple.mediaremoted
                                                                                                          1⤵
                                                                                                            PID:588
                                                                                                          • /System/Library/PrivateFrameworks/MediaRemote.framework/Support/mediaremoted
                                                                                                            /System/Library/PrivateFrameworks/MediaRemote.framework/Support/mediaremoted
                                                                                                            1⤵
                                                                                                              PID:588
                                                                                                            • /usr/libexec/xpcproxy
                                                                                                              xpcproxy com.apple.audio.AudioComponentRegistrar
                                                                                                              1⤵
                                                                                                                PID:589
                                                                                                              • /System/Library/Frameworks/AudioToolbox.framework/AudioComponentRegistrar
                                                                                                                /System/Library/Frameworks/AudioToolbox.framework/AudioComponentRegistrar
                                                                                                                1⤵
                                                                                                                  PID:589
                                                                                                                • /usr/libexec/xpcproxy
                                                                                                                  xpcproxy com.apple.audio.SandboxHelper 581
                                                                                                                  1⤵
                                                                                                                    PID:590
                                                                                                                  • /System/Library/Frameworks/AudioToolbox.framework/XPCServices/com.apple.audio.SandboxHelper.xpc/Contents/MacOS/com.apple.audio.SandboxHelper
                                                                                                                    /System/Library/Frameworks/AudioToolbox.framework/XPCServices/com.apple.audio.SandboxHelper.xpc/Contents/MacOS/com.apple.audio.SandboxHelper
                                                                                                                    1⤵
                                                                                                                      PID:590
                                                                                                                    • /usr/libexec/xpcproxy
                                                                                                                      xpcproxy com.apple.accessibility.mediaaccessibilityd
                                                                                                                      1⤵
                                                                                                                        PID:591
                                                                                                                      • /System/Library/Frameworks/MediaAccessibility.framework/Versions/A/XPCServices/com.apple.accessibility.mediaaccessibilityd.xpc/Contents/MacOS/com.apple.accessibility.mediaaccessibilityd
                                                                                                                        /System/Library/Frameworks/MediaAccessibility.framework/Versions/A/XPCServices/com.apple.accessibility.mediaaccessibilityd.xpc/Contents/MacOS/com.apple.accessibility.mediaaccessibilityd
                                                                                                                        1⤵
                                                                                                                          PID:591
                                                                                                                        • /usr/libexec/xpcproxy
                                                                                                                          xpcproxy com.apple.routined
                                                                                                                          1⤵
                                                                                                                            PID:592
                                                                                                                          • /usr/libexec/routined
                                                                                                                            /usr/libexec/routined LAUNCHED_BY_LAUNCHD
                                                                                                                            1⤵
                                                                                                                              PID:592
                                                                                                                            • /usr/libexec/xpcproxy
                                                                                                                              xpcproxy com.apple.knowledge-agent
                                                                                                                              1⤵
                                                                                                                                PID:593
                                                                                                                              • /usr/libexec/knowledge-agent
                                                                                                                                /usr/libexec/knowledge-agent
                                                                                                                                1⤵
                                                                                                                                  PID:593
                                                                                                                                • /usr/libexec/xpcproxy
                                                                                                                                  xpcproxy com.apple.Maps.mapspushd
                                                                                                                                  1⤵
                                                                                                                                    PID:594
                                                                                                                                  • /System/Library/CoreServices/mapspushd
                                                                                                                                    /System/Library/CoreServices/mapspushd
                                                                                                                                    1⤵
                                                                                                                                      PID:594
                                                                                                                                    • /usr/libexec/xpcproxy
                                                                                                                                      xpcproxy com.apple.speech.speechsynthesisd
                                                                                                                                      1⤵
                                                                                                                                        PID:596
                                                                                                                                      • /System/Library/Frameworks/ApplicationServices.framework/Frameworks/SpeechSynthesis.framework/Resources/com.apple.speech.speechsynthesisd
                                                                                                                                        /System/Library/Frameworks/ApplicationServices.framework/Frameworks/SpeechSynthesis.framework/Resources/com.apple.speech.speechsynthesisd
                                                                                                                                        1⤵
                                                                                                                                          PID:596
                                                                                                                                        • /usr/libexec/xpcproxy
                                                                                                                                          xpcproxy com.apple.tailspind
                                                                                                                                          1⤵
                                                                                                                                            PID:606
                                                                                                                                          • /usr/libexec/tailspind
                                                                                                                                            /usr/libexec/tailspind
                                                                                                                                            1⤵
                                                                                                                                              PID:606
                                                                                                                                            • /usr/libexec/xpcproxy
                                                                                                                                              xpcproxy com.apple.assistantd
                                                                                                                                              1⤵
                                                                                                                                                PID:609
                                                                                                                                              • /System/Library/PrivateFrameworks/AssistantServices.framework/Versions/A/Support/assistantd
                                                                                                                                                /System/Library/PrivateFrameworks/AssistantServices.framework/Versions/A/Support/assistantd
                                                                                                                                                1⤵
                                                                                                                                                  PID:609
                                                                                                                                                • /usr/libexec/xpcproxy
                                                                                                                                                  xpcproxy com.apple.corespotlightservice.725FD30A-6064-6C02-CC51-5DDB8891B57E
                                                                                                                                                  1⤵
                                                                                                                                                    PID:612
                                                                                                                                                  • /System/Library/Frameworks/CoreSpotlight.framework/CoreSpotlightService
                                                                                                                                                    /System/Library/Frameworks/CoreSpotlight.framework/CoreSpotlightService
                                                                                                                                                    1⤵
                                                                                                                                                      PID:612

                                                                                                                                                    Network

                                                                                                                                                          MITRE ATT&CK Enterprise v15

                                                                                                                                                          Replay Monitor

                                                                                                                                                          Loading Replay Monitor...

                                                                                                                                                          Downloads

                                                                                                                                                          • /Library/Preferences/com.apple.networkextension.uuidcache.plist

                                                                                                                                                            Filesize

                                                                                                                                                            285B

                                                                                                                                                            MD5

                                                                                                                                                            79701da921a609cdeefa7a94aea0e4de

                                                                                                                                                            SHA1

                                                                                                                                                            56f3c6bc18ea0d5ad7c3f38ddcc71d73d46ab494

                                                                                                                                                            SHA256

                                                                                                                                                            c18ec90be42d1861c5fc1e7ccf95f4b0bf5b64ac503730c5b59d637062da1610

                                                                                                                                                            SHA512

                                                                                                                                                            37c1f78ee93902d3db02b8c2fc98b43ada02c86a997a6f5deb7e275de8c8fc034647a24d815b3dfa9802a3ab1773be7baf4af290664820f3b5f0959f0fe0093b

                                                                                                                                                          • /Library/Preferences/com.apple.networkextension.uuidcache.plist

                                                                                                                                                            Filesize

                                                                                                                                                            285B

                                                                                                                                                            MD5

                                                                                                                                                            d5c88055bb725414f2e6679ed2df4510

                                                                                                                                                            SHA1

                                                                                                                                                            1586c986a5531d9933a9702520ebaa3d86186b49

                                                                                                                                                            SHA256

                                                                                                                                                            64218c90179befa33176d0e4fab02e3426fb216d9977ba06dca17aa94ccb8de5

                                                                                                                                                            SHA512

                                                                                                                                                            31bf93b595ade2a539790932542cb9ef0ecab6079d3a61d4bb764eb70bbb6331b5975c6ce345b458352eeb59f09c2f5084ed1abe5daddaa5230d47789e5e40da

                                                                                                                                                          • /Library/Preferences/com.apple.networkextension.uuidcache.plist

                                                                                                                                                            Filesize

                                                                                                                                                            333B

                                                                                                                                                            MD5

                                                                                                                                                            d3c3ba0218c6811b32db59f995699f1d

                                                                                                                                                            SHA1

                                                                                                                                                            efb9bbfe3ecfd9383cda4617341e8d557e40aef1

                                                                                                                                                            SHA256

                                                                                                                                                            2ca2562ff218940615d20ed1a89bc225f7057b919ce2975e902648d17867561a

                                                                                                                                                            SHA512

                                                                                                                                                            154de70edd58262426591aca7d97822bb7ac1d4f71033b0243876aed5d4be9e989a22cb3b368a98d80d14c256ffdf46fa2ac5303c202edef6c6f441bfc453713

                                                                                                                                                          • /Library/Preferences/com.apple.networkextension.uuidcache.plist

                                                                                                                                                            Filesize

                                                                                                                                                            381B

                                                                                                                                                            MD5

                                                                                                                                                            669ba4f46287f857f962ec3164723dec

                                                                                                                                                            SHA1

                                                                                                                                                            aec42a380eca3928aa190859f4ccc7faa81dead4

                                                                                                                                                            SHA256

                                                                                                                                                            9fb536e1f696d34d75232e41cd7b96ba08235e7185f26722e85eec90f13b5374

                                                                                                                                                            SHA512

                                                                                                                                                            fcbd7df87e78ea789935e45619177d87c5f4a10c8742d84c88d5d658939377b6d83c0afd9dae0463a15374f5950b5d19d3f3b98c90c74fa8ffe06ed7b03b8999

                                                                                                                                                          • /Library/Preferences/com.apple.networkextension.uuidcache.plist

                                                                                                                                                            Filesize

                                                                                                                                                            381B

                                                                                                                                                            MD5

                                                                                                                                                            6523a084f3df0e178935981daaba52bc

                                                                                                                                                            SHA1

                                                                                                                                                            0df70617639ec931f92089bf14ef6a785d483d56

                                                                                                                                                            SHA256

                                                                                                                                                            45b6028b88f774baf7a9c00d2c009c7bdca28f4d236b641535dbf31a566919a1

                                                                                                                                                            SHA512

                                                                                                                                                            fb2528c34e1384678ed815e9e3117872b7ad2d4870de1711de4a3f3663a3acd16764b2d299c8f88ba939bd0b65b6300a4ac9ae0e981abddc63ac3d1ae96ef4be

                                                                                                                                                          • /Users/run/Library/Caches/GeoServices/ActiveTileGroup.pbd

                                                                                                                                                            Filesize

                                                                                                                                                            124KB

                                                                                                                                                            MD5

                                                                                                                                                            ecf35e85dcbaf12cf6a859909abb78bd

                                                                                                                                                            SHA1

                                                                                                                                                            680eaeb2f629d99834b3b25c77476eda0eb3e0c0

                                                                                                                                                            SHA256

                                                                                                                                                            8c0cd579524e78a5c25504930bc9e77293cbc4c548a05c152c24a4c5cd6257ff

                                                                                                                                                            SHA512

                                                                                                                                                            d4b5d4327fc7183636551624018f8c8ec720512132e05f008e85fe9266b23bf5542406f2424776572d0a1ec136707316864d6a4d6a61073a89e601510d0debe6

                                                                                                                                                          • /Users/run/Library/Caches/GeoServices/Experiments.pbd

                                                                                                                                                            Filesize

                                                                                                                                                            137B

                                                                                                                                                            MD5

                                                                                                                                                            eac2b090ed9700b9ddf7f9617d3621b6

                                                                                                                                                            SHA1

                                                                                                                                                            a91b08b2b39ab253b1e6525d43e83d0d39131f8a

                                                                                                                                                            SHA256

                                                                                                                                                            e522d702c821111481390458c77d521ce5dca4f4b24f7fd34c07858c59a945d0

                                                                                                                                                            SHA512

                                                                                                                                                            7c0fa4f1829ddfcf0fe76db64e26ac1dc334cac6d13ba1dbe39680e3e24e0d07366bcd73d351faf394eed4b4acccb2aefae9bd7e61303019c79357f27262a9c8

                                                                                                                                                          • /Users/run/Library/Caches/GeoServices/Resources/altitude-1202.xml

                                                                                                                                                            Filesize

                                                                                                                                                            157KB

                                                                                                                                                            MD5

                                                                                                                                                            f627cf4820da06be8e6ff3fdec6ebfee

                                                                                                                                                            SHA1

                                                                                                                                                            993d8ec88721b9e76c3fe1f5987338a61b452bf8

                                                                                                                                                            SHA256

                                                                                                                                                            f1d2905b871b9b80172b7c9dc298c1a3dd355e6ae633f77562f4e06ed52a54e7

                                                                                                                                                            SHA512

                                                                                                                                                            bf698aa0eee296df872b91432670af719bda88be3b6d210a567b500da1cedc0e07055a805c2331ccacea0a8a17396e2e37b4bf70894b9052723049c96083001f

                                                                                                                                                          • /var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C/com.apple.Safari.SafeBrowsing/Google/malware,osx,url_expression

                                                                                                                                                            Filesize

                                                                                                                                                            221KB

                                                                                                                                                            MD5

                                                                                                                                                            bf100ccf8235e9546fc38e01f83061f9

                                                                                                                                                            SHA1

                                                                                                                                                            7f5d5e0061d788a86e610334372f80d360558fa4

                                                                                                                                                            SHA256

                                                                                                                                                            4717074a948bd5fd3d170c15c5f5aaf7fc90b885ae1a44d5d57615daa4ed89d6

                                                                                                                                                            SHA512

                                                                                                                                                            34657c88c30326bf0f927d6c43490f410d5749f953fe501465d3c1fe377e690c3cf104eaaeda2efe1d5641d4cee1bc15f515025263dfe5dbb6c5207752a03dc6

                                                                                                                                                          • /var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C/com.apple.Safari.SafeBrowsing/Google/social_engineering,osx,url_expression

                                                                                                                                                            Filesize

                                                                                                                                                            3.2MB

                                                                                                                                                            MD5

                                                                                                                                                            fdc1213eec00ae7806622464b98a5b9f

                                                                                                                                                            SHA1

                                                                                                                                                            bb2c6e63387a5b0b70f06383395e06ceee7704a1

                                                                                                                                                            SHA256

                                                                                                                                                            071e421c03a7770d3f0a4adb98eb36d5fcd9a01c9140f67c4e2de715e0de911b

                                                                                                                                                            SHA512

                                                                                                                                                            8e11971af89ba1f85ecd0153b9dd346cac54867eb2fb557715c1080d87d9527fffe084f4ba80c6f6474ee42389710b4de97ec483007e35f034b1ca6f53bcbacd

                                                                                                                                                          • /var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C/com.apple.Safari.SafeBrowsing/Google/unwanted_software,osx,url_expression

                                                                                                                                                            Filesize

                                                                                                                                                            267KB

                                                                                                                                                            MD5

                                                                                                                                                            6d523c8b847b950d5bb35bea8999d5e6

                                                                                                                                                            SHA1

                                                                                                                                                            0b4f0793b0ab374e78c84331d4d47254e6fe4bbf

                                                                                                                                                            SHA256

                                                                                                                                                            444d12e19b104ff27b3604c9d37065d43f54a041da10dfb9244504598bc15369

                                                                                                                                                            SHA512

                                                                                                                                                            5f8dd0537e116a33b7913c75b2016fcec96e2701ee7a7aedb8d90e14a9cbe4475482f0c9228ef1228eced3fdfaf97a40066efd8c803db279ddb717484484b4ab

                                                                                                                                                          • /var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C/com.apple.Safari//mds/mdsDirectory.db

                                                                                                                                                            Filesize

                                                                                                                                                            47KB

                                                                                                                                                            MD5

                                                                                                                                                            0e4a0d1ceb2af6f0f8d0167ce77be2d3

                                                                                                                                                            SHA1

                                                                                                                                                            414ba4c1dc5fc8bf53d550e296fd6f5ad669918c

                                                                                                                                                            SHA256

                                                                                                                                                            cca093bcfc65e25dd77c849866e110df72526dffbe29d76e11e29c7d888a4030

                                                                                                                                                            SHA512

                                                                                                                                                            1dc5282d27c49a4b6f921ba5dfc88b8c1d32289df00dd866f9ac6669a5a8d99afeda614bffc7cf61a44375ae73e09cd52606b443b63636977c9cd2ef4fa68a20

                                                                                                                                                          • /var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C/com.apple.Safari//mds/mdsObject.db

                                                                                                                                                            Filesize

                                                                                                                                                            4KB

                                                                                                                                                            MD5

                                                                                                                                                            d3a1859e6ec593505cc882e6def48fc8

                                                                                                                                                            SHA1

                                                                                                                                                            f8e6728e3e9de477a75706faa95cead9ce13cb32

                                                                                                                                                            SHA256

                                                                                                                                                            3ebafa97782204a4a1d75cfec22e15fcdeab45b65bab3b3e65508707e034a16c

                                                                                                                                                            SHA512

                                                                                                                                                            ea2a749b105759ea33408186b417359deffb4a3a5ed0533cb26b459c16bb3524d67ede5c9cf0d5098921c0c0a9313fb9c2672f1e5ba48810eda548fa3209e818