Analysis Overview
SHA256
9e9b9352d3b6aed9f9a5e7376009771260e9a35c6ee31a73433e755b8a841ac6
Threat Level: Likely benign
The file Badmashlaunda was found to be: Likely benign.
Malicious Activity Summary
Resource Forking
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-03-12 15:38
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-03-12 15:38
Reported
2024-03-12 15:41
Platform
macos-20240214-en
Max time kernel
149s
Max time network
152s
Command Line
Signatures
Resource Forking
| Description | Indicator | Process | Target |
| N/A | /System/Library/Frameworks/ApplicationServices.framework/Frameworks/SpeechSynthesis.framework/Resources/com.apple.speech.speechsynthesisd | N/A | N/A |
Processes
/usr/libexec/xpcproxy
[xpcproxy com.apple.pluginkit.pkd]
/usr/libexec/pkd
[/usr/libexec/pkd]
/bin/sh
[sh -c sudo /bin/zsh -c "/Users/run/Badmashlaunda.html"]
/bin/bash
[sh -c sudo /bin/zsh -c "/Users/run/Badmashlaunda.html"]
/usr/bin/sudo
[sudo /bin/zsh -c /Users/run/Badmashlaunda.html]
/bin/zsh
[/bin/zsh -c /Users/run/Badmashlaunda.html]
/Users/run/Badmashlaunda.html
[/Users/run/Badmashlaunda.html]
/bin/sh
[sh /Users/run/Badmashlaunda.html]
/bin/bash
[sh /Users/run/Badmashlaunda.html]
/usr/libexec/xpcproxy
[xpcproxy com.apple.sysmond]
/usr/libexec/sysmond
[/usr/libexec/sysmond]
/usr/libexec/xpcproxy
[xpcproxy com.apple.Safari.2028]
/Applications/Safari.app/Contents/MacOS/Safari
[/Applications/Safari.app/Contents/MacOS/Safari]
/usr/libexec/xpcproxy
[xpcproxy com.apple.Safari.History]
/System/Library/PrivateFrameworks/SafariShared.framework/Versions/A/XPCServices/com.apple.Safari.History.xpc/Contents/MacOS/com.apple.Safari.History
[/System/Library/PrivateFrameworks/SafariShared.framework/Versions/A/XPCServices/com.apple.Safari.History.xpc/Contents/MacOS/com.apple.Safari.History]
/usr/libexec/xpcproxy
[xpcproxy com.apple.siri.context.service]
/System/Library/PrivateFrameworks/ContextKit.framework/Versions/A/XPCServices/ContextService.xpc/Contents/MacOS/ContextService
[/System/Library/PrivateFrameworks/ContextKit.framework/Versions/A/XPCServices/ContextService.xpc/Contents/MacOS/ContextService]
/usr/libexec/xpcproxy
[xpcproxy com.apple.WebKit.WebContent.BA457BAE-A853-4462-B822-06066E13D5A6 550]
/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
[/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent]
/usr/libexec/xpcproxy
[xpcproxy com.apple.geod]
/System/Library/PrivateFrameworks/GeoServices.framework/Versions/A/XPCServices/com.apple.geod.xpc/Contents/MacOS/com.apple.geod
[/System/Library/PrivateFrameworks/GeoServices.framework/Versions/A/XPCServices/com.apple.geod.xpc/Contents/MacOS/com.apple.geod]
/usr/libexec/xpcproxy
[xpcproxy com.apple.SafariLaunchAgent]
/Library/Apple/System/Library/CoreServices/SafariSupport.bundle/Contents/MacOS/SafariLaunchAgent
[/Library/Apple/System/Library/CoreServices/SafariSupport.bundle/Contents/MacOS/SafariLaunchAgent]
/usr/libexec/xpcproxy
[xpcproxy com.apple.akd]
/System/Library/PrivateFrameworks/AuthKit.framework/Versions/A/Support/akd
[/System/Library/PrivateFrameworks/AuthKit.framework/Versions/A/Support/akd]
/usr/libexec/xpcproxy
[xpcproxy com.apple.WebKit.WebContent.12F18BFD-7927-4F3F-9ACE-6EAC576D8344 550]
/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
[/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent]
/usr/libexec/xpcproxy
[xpcproxy com.apple.CoreAuthentication.agent]
/System/Library/Frameworks/LocalAuthentication.framework/Support/coreauthd
[/System/Library/Frameworks/LocalAuthentication.framework/Support/coreauthd]
/usr/bin/pluginkit
[/usr/bin/pluginkit -e ignore -i com.microsoft.OneDrive.FinderSync]
/usr/sbin/spctl
[/usr/sbin/spctl --assess --type execute /var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/T/OneDriveUpdaterDA6CE80A/OneDrive.app]
/usr/libexec/xpcproxy
[xpcproxy com.apple.nehelper]
/usr/libexec/nehelper
[/usr/libexec/nehelper]
/usr/libexec/xpcproxy
[xpcproxy com.apple.Safari.SearchHelper 550]
/System/Library/PrivateFrameworks/SafariShared.framework/Versions/A/XPCServices/com.apple.Safari.SearchHelper.xpc/Contents/MacOS/com.apple.Safari.SearchHelper
[/System/Library/PrivateFrameworks/SafariShared.framework/Versions/A/XPCServices/com.apple.Safari.SearchHelper.xpc/Contents/MacOS/com.apple.Safari.SearchHelper]
/usr/libexec/xpcproxy
[xpcproxy com.apple.Safari.SafeBrowsing.Service]
/System/Library/PrivateFrameworks/SafariSafeBrowsing.framework/com.apple.Safari.SafeBrowsing.Service
[/System/Library/PrivateFrameworks/SafariSafeBrowsing.framework/com.apple.Safari.SafeBrowsing.Service]
/usr/libexec/xpcproxy
[xpcproxy com.apple.WebKit.WebContent.52415089-DECF-405E-8B38-B3547D383DC9 550]
/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
[/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent]
/usr/libexec/xpcproxy
[xpcproxy com.apple.neagent.878568F8-CCE5-4157-8315-22F20DC8FB0A]
/usr/libexec/neagent
[/usr/libexec/neagent]
/usr/libexec/xpcproxy
[xpcproxy com.apple.pbs]
/System/Library/CoreServices/pbs
[/System/Library/CoreServices/pbs]
/usr/libexec/xpcproxy
[xpcproxy com.apple.WebKit.WebContent.EBA89BC8-E806-432B-9F4B-574A406397DD 550]
/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
[/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent]
/usr/libexec/xpcproxy
[xpcproxy com.apple.AddressBook.ContactsAccountsService]
/System/Library/Frameworks/AddressBook.framework/Executables/ContactsAccountsService
[/System/Library/Frameworks/AddressBook.framework/Executables/ContactsAccountsService]
/usr/libexec/xpcproxy
[xpcproxy com.apple.WebKit.WebContent.F5A2832D-547B-4CFD-B524-AC62984E9977 550]
/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
[/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent]
/usr/libexec/xpcproxy
[xpcproxy com.apple.WebKit.WebContent.636CEB02-2734-42D5-BA80-EAA916D32F5F 550]
/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
[/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent]
/usr/libexec/xpcproxy
[xpcproxy com.apple.mediaremoted]
/System/Library/PrivateFrameworks/MediaRemote.framework/Support/mediaremoted
[/System/Library/PrivateFrameworks/MediaRemote.framework/Support/mediaremoted]
/usr/libexec/xpcproxy
[xpcproxy com.apple.audio.AudioComponentRegistrar]
/System/Library/Frameworks/AudioToolbox.framework/AudioComponentRegistrar
[/System/Library/Frameworks/AudioToolbox.framework/AudioComponentRegistrar]
/usr/libexec/xpcproxy
[xpcproxy com.apple.audio.SandboxHelper 581]
/System/Library/Frameworks/AudioToolbox.framework/XPCServices/com.apple.audio.SandboxHelper.xpc/Contents/MacOS/com.apple.audio.SandboxHelper
[/System/Library/Frameworks/AudioToolbox.framework/XPCServices/com.apple.audio.SandboxHelper.xpc/Contents/MacOS/com.apple.audio.SandboxHelper]
/usr/libexec/xpcproxy
[xpcproxy com.apple.accessibility.mediaaccessibilityd]
/System/Library/Frameworks/MediaAccessibility.framework/Versions/A/XPCServices/com.apple.accessibility.mediaaccessibilityd.xpc/Contents/MacOS/com.apple.accessibility.mediaaccessibilityd
[/System/Library/Frameworks/MediaAccessibility.framework/Versions/A/XPCServices/com.apple.accessibility.mediaaccessibilityd.xpc/Contents/MacOS/com.apple.accessibility.mediaaccessibilityd]
/usr/libexec/xpcproxy
[xpcproxy com.apple.routined]
/usr/libexec/routined
[/usr/libexec/routined LAUNCHED_BY_LAUNCHD]
/usr/libexec/xpcproxy
[xpcproxy com.apple.knowledge-agent]
/usr/libexec/knowledge-agent
[/usr/libexec/knowledge-agent]
/usr/libexec/xpcproxy
[xpcproxy com.apple.Maps.mapspushd]
/System/Library/CoreServices/mapspushd
[/System/Library/CoreServices/mapspushd]
/usr/libexec/xpcproxy
[xpcproxy com.apple.speech.speechsynthesisd]
/System/Library/Frameworks/ApplicationServices.framework/Frameworks/SpeechSynthesis.framework/Resources/com.apple.speech.speechsynthesisd
[/System/Library/Frameworks/ApplicationServices.framework/Frameworks/SpeechSynthesis.framework/Resources/com.apple.speech.speechsynthesisd]
/usr/libexec/xpcproxy
[xpcproxy com.apple.tailspind]
/usr/libexec/tailspind
[/usr/libexec/tailspind]
/usr/libexec/xpcproxy
[xpcproxy com.apple.assistantd]
/System/Library/PrivateFrameworks/AssistantServices.framework/Versions/A/Support/assistantd
[/System/Library/PrivateFrameworks/AssistantServices.framework/Versions/A/Support/assistantd]
/usr/libexec/xpcproxy
[xpcproxy com.apple.corespotlightservice.725FD30A-6064-6C02-CC51-5DDB8891B57E]
/System/Library/Frameworks/CoreSpotlight.framework/CoreSpotlightService
[/System/Library/Frameworks/CoreSpotlight.framework/CoreSpotlightService]
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 2-courier.push.apple.com | udp |
| GB | 17.57.146.12:5223 | 2-courier.push.apple.com | tcp |
| US | 8.8.8.8:53 | a1366.dscapi6.akamai.net | udp |
| GB | 104.91.71.85:443 | a1366.dscapi6.akamai.net | tcp |
| GB | 104.91.71.86:443 | a1366.dscapi6.akamai.net | tcp |
| US | 8.8.8.8:53 | mobile.events.data.trafficmanager.net | udp |
| GB | 51.105.71.136:443 | tcp | |
| US | 8.8.8.8:53 | api2.smoot.apple.com | udp |
| US | 8.8.8.8:53 | gspe21-ssl.ls-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | gspe21-ssl.ls-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | gspe21-ssl.ls-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | clients1.google.com | udp |
| NL | 142.251.39.110:443 | clients1.google.com | tcp |
| NL | 142.251.39.110:443 | clients1.google.com | tcp |
| NL | 142.251.39.110:443 | clients1.google.com | tcp |
| US | 8.8.8.8:53 | safebrowsing.googleapis.com | udp |
| NL | 172.217.23.202:443 | safebrowsing.googleapis.com | tcp |
| US | 8.8.8.8:53 | www.oracle.com | udp |
| US | 8.8.8.8:53 | gspe21-ssl.ls-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | gspe21-ssl.ls-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | gspe21-ssl.ls-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | gspe21-ssl.ls-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | gspe21-ssl.ls-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | a68.dscw27.akamai.net | udp |
| US | 8.8.8.8:53 | gspe21-ssl.ls-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | gspe21-ssl.ls-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | gspe21-ssl.ls-apple.com.akadns.net | udp |
| GB | 173.222.14.94:443 | www.oracle.com | tcp |
| GB | 173.222.14.94:443 | www.oracle.com | tcp |
| US | 8.8.8.8:53 | gspe21-ssl.ls-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | gspe21-ssl.ls-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | tms.oracle.com | udp |
| US | 8.8.8.8:53 | d.oracleinfinity.io | udp |
| US | 8.8.8.8:53 | dc.oracleinfinity.io | udp |
| US | 8.8.8.8:53 | s.go-mpulse.net | udp |
| US | 8.8.8.8:53 | oracle.112.2o7.net | udp |
| US | 8.8.8.8:53 | c.go-mpulse.net | udp |
| US | 8.8.8.8:53 | tags.tiqcdn.com | udp |
| US | 8.8.8.8:53 | consent.trustarc.com | udp |
| GB | 92.123.128.157:443 | d.oracleinfinity.io | tcp |
| DE | 147.154.150.92:443 | dc.oracleinfinity.io | tcp |
| FR | 3.162.38.103:443 | tags.tiqcdn.com | tcp |
| FR | 52.222.201.12:443 | consent.trustarc.com | tcp |
| FR | 3.162.38.111:443 | tags.tiqcdn.com | tcp |
| FR | 52.222.201.16:443 | consent.trustarc.com | tcp |
| US | 8.8.8.8:53 | gspe21-ssl.ls-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | gspe21-ssl.ls-apple.com.akadns.net | udp |
| FR | 52.84.174.33:443 | tms.oracle.com | tcp |
| FR | 52.84.174.33:443 | tms.oracle.com | tcp |
| US | 8.8.8.8:53 | cdn2.smoot.apple.com | udp |
| US | 8.8.8.8:53 | cdn.smoot.apple.com | udp |
| US | 8.8.8.8:53 | gspe21-ssl.ls-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | gspe21-ssl.ls-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | gspe21-ssl.ls-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | gspe21-ssl.ls-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | gspe21-ssl.ls-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | gspe21-ssl.ls-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | gspe21-ssl.ls-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | gspe21-ssl.ls-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | gspe21-ssl.ls-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | gspe21-ssl.ls-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | gspe21-ssl.ls-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | gspe21-ssl.ls-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | gspe21-ssl.ls-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | gspe21-ssl.ls-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | gspe21-ssl.ls-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | e6858.dscx.akamaiedge.net | udp |
| US | 8.8.8.8:53 | gspe21-ssl.ls-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | gspe21-ssl.ls-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | gspe21-ssl.ls-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | gspe21-ssl.ls-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | gspe21-ssl.ls-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | gspe21-ssl.ls-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | gspe21-ssl.ls-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | gspe21-ssl.ls-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | gspe21-ssl.ls-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | gspe21-ssl.ls-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | gspe21-ssl.ls-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | gspe21-ssl.ls-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | only-fans.uk | udp |
| US | 104.21.41.236:80 | only-fans.uk | tcp |
| US | 104.21.41.236:80 | only-fans.uk | tcp |
| US | 8.8.8.8:53 | gspe21-ssl.ls-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | www.cloudflare.com | udp |
| US | 8.8.8.8:53 | challenges.cloudflare.com | udp |
| US | 8.8.8.8:53 | gspe21-ssl.ls-apple.com.akadns.net | udp |
| US | 104.21.41.236:443 | only-fans.uk | tcp |
| US | 172.67.196.185:443 | only-fans.uk | tcp |
| US | 8.8.8.8:53 | gspe21-ssl.ls-apple.com.akadns.net | udp |
| US | 104.17.3.184:443 | challenges.cloudflare.com | tcp |
| US | 8.8.8.8:53 | gspe21-ssl.ls-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | gspe21-ssl.ls-apple.com.akadns.net | udp |
| US | 104.17.3.184:443 | challenges.cloudflare.com | tcp |
| US | 104.21.41.236:80 | only-fans.uk | tcp |
| US | 8.8.8.8:53 | gspe21-ssl.ls-apple.com.akadns.net | udp |
| US | 104.21.41.236:443 | only-fans.uk | tcp |
| US | 8.8.8.8:53 | gspe21-ssl.ls-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | gspe21-ssl.ls-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | gspe21-ssl.ls-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | gspe21-ssl.ls-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | gspe21-ssl.ls-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | gspe21-ssl.ls-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | gspe21-ssl.ls-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | gspe21-ssl.ls-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | gspe21-ssl.ls-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | gspe21-ssl.ls-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | gspe21-ssl.ls-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | gspe21-ssl.ls-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | gspe21-ssl.ls-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | gspe21-ssl.ls-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | gspe21-ssl.ls-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | gspe21-ssl.ls-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | gspe21-ssl.ls-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | gspe21-ssl.ls-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | gspe21-ssl.ls-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | gspe21-ssl.ls-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | gspe21-ssl.ls-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | gspe21-ssl.ls-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | gspe21-ssl.ls-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | gspe21-ssl.ls-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | gspe21-ssl.ls-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | www.paypal.com | udp |
| US | 8.8.8.8:53 | ajax.googleapis.com | udp |
| NL | 216.58.214.10:443 | ajax.googleapis.com | tcp |
| US | 8.8.8.8:53 | gspe21-ssl.ls-apple.com.akadns.net | udp |
| US | 151.101.1.21:443 | www.paypal.com | tcp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| NL | 142.251.36.34:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| NL | 142.250.179.129:443 | tpc.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | e10499.dsce9.akamaiedge.net | udp |
| US | 8.8.8.8:53 | e4686.dsce9.akamaiedge.net | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| NL | 142.250.179.196:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | e4686.dsce9.akamaiedge.net | udp |
| US | 8.8.8.8:53 | gsp-ssl.ls.apple.com | udp |
| GB | 17.253.37.220:443 | gsp-ssl.ls.apple.com | tcp |
| US | 8.8.8.8:53 | cds.apple.com | udp |
| US | 8.8.8.8:53 | help.apple.com | udp |
| GB | 23.44.233.108:443 | help.apple.com | tcp |
| GB | 23.44.233.108:443 | help.apple.com | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | 47.courier-push-apple.com.akadns.net | udp |
| GB | 17.57.146.12:5223 | 47.courier-push-apple.com.akadns.net | tcp |
| US | 8.8.8.8:53 | 41-courier.push.apple.com | udp |
| GB | 17.57.146.12:5223 | 41-courier.push.apple.com | tcp |
| US | 8.8.8.8:53 | 8-courier.push.apple.com | udp |
Files
/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C/com.apple.Safari//mds/mdsObject.db
| MD5 | d3a1859e6ec593505cc882e6def48fc8 |
| SHA1 | f8e6728e3e9de477a75706faa95cead9ce13cb32 |
| SHA256 | 3ebafa97782204a4a1d75cfec22e15fcdeab45b65bab3b3e65508707e034a16c |
| SHA512 | ea2a749b105759ea33408186b417359deffb4a3a5ed0533cb26b459c16bb3524d67ede5c9cf0d5098921c0c0a9313fb9c2672f1e5ba48810eda548fa3209e818 |
/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C/com.apple.Safari//mds/mdsDirectory.db
| MD5 | 0e4a0d1ceb2af6f0f8d0167ce77be2d3 |
| SHA1 | 414ba4c1dc5fc8bf53d550e296fd6f5ad669918c |
| SHA256 | cca093bcfc65e25dd77c849866e110df72526dffbe29d76e11e29c7d888a4030 |
| SHA512 | 1dc5282d27c49a4b6f921ba5dfc88b8c1d32289df00dd866f9ac6669a5a8d99afeda614bffc7cf61a44375ae73e09cd52606b443b63636977c9cd2ef4fa68a20 |
/Library/Preferences/com.apple.networkextension.uuidcache.plist
| MD5 | 79701da921a609cdeefa7a94aea0e4de |
| SHA1 | 56f3c6bc18ea0d5ad7c3f38ddcc71d73d46ab494 |
| SHA256 | c18ec90be42d1861c5fc1e7ccf95f4b0bf5b64ac503730c5b59d637062da1610 |
| SHA512 | 37c1f78ee93902d3db02b8c2fc98b43ada02c86a997a6f5deb7e275de8c8fc034647a24d815b3dfa9802a3ab1773be7baf4af290664820f3b5f0959f0fe0093b |
/Library/Preferences/com.apple.networkextension.uuidcache.plist
| MD5 | d5c88055bb725414f2e6679ed2df4510 |
| SHA1 | 1586c986a5531d9933a9702520ebaa3d86186b49 |
| SHA256 | 64218c90179befa33176d0e4fab02e3426fb216d9977ba06dca17aa94ccb8de5 |
| SHA512 | 31bf93b595ade2a539790932542cb9ef0ecab6079d3a61d4bb764eb70bbb6331b5975c6ce345b458352eeb59f09c2f5084ed1abe5daddaa5230d47789e5e40da |
/Library/Preferences/com.apple.networkextension.uuidcache.plist
| MD5 | d3c3ba0218c6811b32db59f995699f1d |
| SHA1 | efb9bbfe3ecfd9383cda4617341e8d557e40aef1 |
| SHA256 | 2ca2562ff218940615d20ed1a89bc225f7057b919ce2975e902648d17867561a |
| SHA512 | 154de70edd58262426591aca7d97822bb7ac1d4f71033b0243876aed5d4be9e989a22cb3b368a98d80d14c256ffdf46fa2ac5303c202edef6c6f441bfc453713 |
/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C/com.apple.Safari.SafeBrowsing/Google/malware,osx,url_expression
| MD5 | bf100ccf8235e9546fc38e01f83061f9 |
| SHA1 | 7f5d5e0061d788a86e610334372f80d360558fa4 |
| SHA256 | 4717074a948bd5fd3d170c15c5f5aaf7fc90b885ae1a44d5d57615daa4ed89d6 |
| SHA512 | 34657c88c30326bf0f927d6c43490f410d5749f953fe501465d3c1fe377e690c3cf104eaaeda2efe1d5641d4cee1bc15f515025263dfe5dbb6c5207752a03dc6 |
/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C/com.apple.Safari.SafeBrowsing/Google/social_engineering,osx,url_expression
| MD5 | fdc1213eec00ae7806622464b98a5b9f |
| SHA1 | bb2c6e63387a5b0b70f06383395e06ceee7704a1 |
| SHA256 | 071e421c03a7770d3f0a4adb98eb36d5fcd9a01c9140f67c4e2de715e0de911b |
| SHA512 | 8e11971af89ba1f85ecd0153b9dd346cac54867eb2fb557715c1080d87d9527fffe084f4ba80c6f6474ee42389710b4de97ec483007e35f034b1ca6f53bcbacd |
/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C/com.apple.Safari.SafeBrowsing/Google/unwanted_software,osx,url_expression
| MD5 | 6d523c8b847b950d5bb35bea8999d5e6 |
| SHA1 | 0b4f0793b0ab374e78c84331d4d47254e6fe4bbf |
| SHA256 | 444d12e19b104ff27b3604c9d37065d43f54a041da10dfb9244504598bc15369 |
| SHA512 | 5f8dd0537e116a33b7913c75b2016fcec96e2701ee7a7aedb8d90e14a9cbe4475482f0c9228ef1228eced3fdfaf97a40066efd8c803db279ddb717484484b4ab |
/Library/Preferences/com.apple.networkextension.uuidcache.plist
| MD5 | 669ba4f46287f857f962ec3164723dec |
| SHA1 | aec42a380eca3928aa190859f4ccc7faa81dead4 |
| SHA256 | 9fb536e1f696d34d75232e41cd7b96ba08235e7185f26722e85eec90f13b5374 |
| SHA512 | fcbd7df87e78ea789935e45619177d87c5f4a10c8742d84c88d5d658939377b6d83c0afd9dae0463a15374f5950b5d19d3f3b98c90c74fa8ffe06ed7b03b8999 |
/Users/run/Library/Caches/GeoServices/Resources/altitude-1202.xml
| MD5 | f627cf4820da06be8e6ff3fdec6ebfee |
| SHA1 | 993d8ec88721b9e76c3fe1f5987338a61b452bf8 |
| SHA256 | f1d2905b871b9b80172b7c9dc298c1a3dd355e6ae633f77562f4e06ed52a54e7 |
| SHA512 | bf698aa0eee296df872b91432670af719bda88be3b6d210a567b500da1cedc0e07055a805c2331ccacea0a8a17396e2e37b4bf70894b9052723049c96083001f |
/Users/run/Library/Caches/GeoServices/ActiveTileGroup.pbd
| MD5 | ecf35e85dcbaf12cf6a859909abb78bd |
| SHA1 | 680eaeb2f629d99834b3b25c77476eda0eb3e0c0 |
| SHA256 | 8c0cd579524e78a5c25504930bc9e77293cbc4c548a05c152c24a4c5cd6257ff |
| SHA512 | d4b5d4327fc7183636551624018f8c8ec720512132e05f008e85fe9266b23bf5542406f2424776572d0a1ec136707316864d6a4d6a61073a89e601510d0debe6 |
/Users/run/Library/Caches/GeoServices/Experiments.pbd
| MD5 | eac2b090ed9700b9ddf7f9617d3621b6 |
| SHA1 | a91b08b2b39ab253b1e6525d43e83d0d39131f8a |
| SHA256 | e522d702c821111481390458c77d521ce5dca4f4b24f7fd34c07858c59a945d0 |
| SHA512 | 7c0fa4f1829ddfcf0fe76db64e26ac1dc334cac6d13ba1dbe39680e3e24e0d07366bcd73d351faf394eed4b4acccb2aefae9bd7e61303019c79357f27262a9c8 |
/Library/Preferences/com.apple.networkextension.uuidcache.plist
| MD5 | 6523a084f3df0e178935981daaba52bc |
| SHA1 | 0df70617639ec931f92089bf14ef6a785d483d56 |
| SHA256 | 45b6028b88f774baf7a9c00d2c009c7bdca28f4d236b641535dbf31a566919a1 |
| SHA512 | fb2528c34e1384678ed815e9e3117872b7ad2d4870de1711de4a3f3663a3acd16764b2d299c8f88ba939bd0b65b6300a4ac9ae0e981abddc63ac3d1ae96ef4be |