Malware Analysis Report

2024-10-10 07:21

Sample ID 240611-b9pdxszbqf
Target inst.exe
SHA256 7953e2ba8611e6323b96df91a87cc162b3d1933e83d745b862c8c6704bb947c9
Tags
upx evasion
score
7/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
7/10

SHA256

7953e2ba8611e6323b96df91a87cc162b3d1933e83d745b862c8c6704bb947c9

Threat Level: Shows suspicious behavior

The file inst.exe was found to be: Shows suspicious behavior.

Malicious Activity Summary

upx evasion

UPX packed file

Resource Forking

Unsigned PE

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-06-11 01:50

Signatures

UPX packed file

upx
Description Indicator Process Target
N/A N/A N/A N/A

Unsigned PE

Description Indicator Process Target
N/A N/A N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-11 01:50

Reported

2024-06-11 02:08

Platform

macos-20240410-en

Max time kernel

928s

Max time network

1053s

Command Line

[sh -c sudo /bin/zsh -c "/Users/run/inst.exe"]

Signatures

Resource Forking

evasion
Description Indicator Process Target
N/A /System/Library/PrivateFrameworks/CommerceKit.framework/Versions/A/Resources/storedownloadd N/A N/A
N/A /System/Library/PreferencePanes/ClassroomSettings.prefPane/Contents/Resources/ClassroomSettingsVisibilityCheckTool N/A N/A
N/A /System/Library/Frameworks/ApplicationServices.framework/Frameworks/SpeechSynthesis.framework/Resources/com.apple.speech.speechsynthesisd N/A N/A
N/A "/System/Library/CoreServices/Software Update.app/Contents/Resources/suhelperd" N/A N/A
N/A /System/Library/PrivateFrameworks/SystemMigration.framework/Resources/systemmigrationd N/A N/A
N/A /System/Library/PrivateFrameworks/PackageKit.framework/Resources/install_monitor -t /private/var/run/installd.commit.pid N/A N/A
N/A /System/Library/PrivateFrameworks/PackageKit.framework/Resources/efw_cache_update -c N/A N/A
N/A /System/Library/PreferencePanes/TouchID.prefPane/Contents/Resources/AllowPasswordPref N/A N/A
N/A /System/Library/PreferencePanes/DesktopScreenEffectsPref.prefPane/Contents/Resources/DesktopPictures.prefPane/Contents/XPCServices/com.apple.preference.desktopscreeneffect.desktop.remoteservice.xpc/Contents/MacOS/com.apple.preference.desktopscreeneffect.desktop.remoteservice N/A N/A
N/A /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd N/A N/A
N/A /System/Library/PrivateFrameworks/CommerceKit.framework/Versions/A/Resources/storeuid.app/Contents/MacOS/storeuid N/A N/A
N/A /System/Library/PrivateFrameworks/PackageKit.framework/Resources/system_installd N/A N/A
N/A /System/Library/PreferencePanes/Sidecar.prefPane/Contents/Resources/sidecarPrefCheck N/A N/A
N/A /System/Library/PreferencePanes/Wallet.prefPane/Contents/Resources/walletAvailabilityCheckTool N/A N/A
N/A "/System/Library/CoreServices/Software Update.app/Contents/Resources/softwareupdated" N/A N/A
N/A /System/Library/PreferencePanes/Profiles.prefPane/Contents/Resources/CPPrefPaneEnabledTool N/A N/A
N/A /System/Library/PrivateFrameworks/StorageKit.framework/Resources/storagekitd N/A N/A
N/A /System/Library/PrivateFrameworks/PackageKit.framework/Resources/shove -f -s /Library/Apple/System/Library/InstallerSandboxes/.PKInstallSandboxManager-SystemSoftware/28534241-DEAC-48CB-BF15-5B052D1381FC.activeSandbox/Root / N/A N/A

Processes

/bin/sh

[sh -c sudo /bin/zsh -c "/Users/run/inst.exe"]

/bin/bash

[sh -c sudo /bin/zsh -c "/Users/run/inst.exe"]

/usr/bin/sudo

[sudo /bin/zsh -c /Users/run/inst.exe]

/bin/zsh

[/bin/zsh -c /Users/run/inst.exe]

/Users/run/inst.exe

[/Users/run/inst.exe]

/usr/libexec/xpcproxy

[xpcproxy com.apple.systempreferences.2140]

/System/Applications/System Preferences.app/Contents/MacOS/System Preferences

[/System/Applications/System Preferences.app/Contents/MacOS/System Preferences]

/usr/libexec/xpcproxy

[xpcproxy com.apple.AccountProfileRemoteViewService 519]

/System/Library/PrivateFrameworks/AOSUI.framework/Versions/A/XPCServices/AccountProfileRemoteViewService.xpc/Contents/MacOS/AccountProfileRemoteViewService

[/System/Library/PrivateFrameworks/AOSUI.framework/Versions/A/XPCServices/AccountProfileRemoteViewService.xpc/Contents/MacOS/AccountProfileRemoteViewService]

/System/Library/PreferencePanes/ClassroomSettings.prefPane/Contents/Resources/ClassroomSettingsVisibilityCheckTool

[/System/Library/PreferencePanes/ClassroomSettings.prefPane/Contents/Resources/ClassroomSettingsVisibilityCheckTool]

/System/Library/PreferencePanes/Profiles.prefPane/Contents/Resources/CPPrefPaneEnabledTool

[/System/Library/PreferencePanes/Profiles.prefPane/Contents/Resources/CPPrefPaneEnabledTool]

/System/Library/PreferencePanes/Sidecar.prefPane/Contents/Resources/sidecarPrefCheck

[/System/Library/PreferencePanes/Sidecar.prefPane/Contents/Resources/sidecarPrefCheck]

/System/Library/PreferencePanes/TouchID.prefPane/Contents/Resources/AllowPasswordPref

[/System/Library/PreferencePanes/TouchID.prefPane/Contents/Resources/AllowPasswordPref]

/System/Library/PreferencePanes/Wallet.prefPane/Contents/Resources/walletAvailabilityCheckTool

[/System/Library/PreferencePanes/Wallet.prefPane/Contents/Resources/walletAvailabilityCheckTool]

/usr/libexec/xpcproxy

[xpcproxy com.apple.nfcd]

/usr/libexec/nfcd

[/usr/libexec/nfcd]

/usr/libexec/xpcproxy

[xpcproxy com.apple.studentd]

/usr/libexec/studentd

[/usr/libexec/studentd]

/usr/libexec/xpcproxy

[xpcproxy com.apple.preference.general.remoteservice 519]

/System/Library/PreferencePanes/Appearance.prefPane/Contents/XPCServices/com.apple.preference.general.remoteservice.xpc/Contents/MacOS/com.apple.preference.general.remoteservice

[/System/Library/PreferencePanes/Appearance.prefPane/Contents/XPCServices/com.apple.preference.general.remoteservice.xpc/Contents/MacOS/com.apple.preference.general.remoteservice]

/usr/libexec/xpcproxy

[xpcproxy com.apple.metadata.mdwrite]

/usr/libexec/xpcproxy

[xpcproxy com.apple.preference.desktopscreeneffect.desktop.remoteservice 519]

/System/Library/PreferencePanes/DesktopScreenEffectsPref.prefPane/Contents/Resources/DesktopPictures.prefPane/Contents/XPCServices/com.apple.preference.desktopscreeneffect.desktop.remoteservice.xpc/Contents/MacOS/com.apple.preference.desktopscreeneffect.desktop.remoteservice

[/System/Library/PreferencePanes/DesktopScreenEffectsPref.prefPane/Contents/Resources/DesktopPictures.prefPane/Contents/XPCServices/com.apple.preference.desktopscreeneffect.desktop.remoteservice.xpc/Contents/MacOS/com.apple.preference.desktopscreeneffect.desktop.remoteservice]

/usr/libexec/xpcproxy

[xpcproxy com.apple.coremedia.videodecoder 535]

/System/Library/Frameworks/VideoToolbox.framework/Versions/A/XPCServices/VTDecoderXPCService.xpc/Contents/MacOS/VTDecoderXPCService

[/System/Library/Frameworks/VideoToolbox.framework/Versions/A/XPCServices/VTDecoderXPCService.xpc/Contents/MacOS/VTDecoderXPCService]

/usr/libexec/xpcproxy

[xpcproxy com.apple.coremedia.videodecoder 282]

/System/Library/Frameworks/VideoToolbox.framework/Versions/A/XPCServices/VTDecoderXPCService.xpc/Contents/MacOS/VTDecoderXPCService

[/System/Library/Frameworks/VideoToolbox.framework/Versions/A/XPCServices/VTDecoderXPCService.xpc/Contents/MacOS/VTDecoderXPCService]

/usr/libexec/xpcproxy

[xpcproxy com.apple.ReportMemoryException]

/usr/libexec/ReportMemoryException

[/usr/libexec/ReportMemoryException]

/usr/libexec/xpcproxy

[xpcproxy com.apple.siri.launcher.1708]

/System/Applications/Siri.app/Contents/MacOS/Siri

[/System/Applications/Siri.app/Contents/MacOS/Siri]

/usr/libexec/xpcproxy

[xpcproxy com.apple.Siri.2292]

/System/Library/CoreServices/Siri.app/Contents/MacOS/Siri

[/System/Library/CoreServices/Siri.app/Contents/MacOS/Siri]

/usr/libexec/xpcproxy

[xpcproxy com.apple.SiriUI.SiriUISetupXPC 542]

/System/Library/PrivateFrameworks/SiriUI.framework/Versions/A/XPCServices/SiriUISetupXPC.xpc/Contents/MacOS/SiriUISetupXPC

[/System/Library/PrivateFrameworks/SiriUI.framework/Versions/A/XPCServices/SiriUISetupXPC.xpc/Contents/MacOS/SiriUISetupXPC]

/usr/libexec/xpcproxy

[xpcproxy com.apple.Siri.agent]

/System/Library/CoreServices/Siri.app/Contents/MacOS/Siri

[/System/Library/CoreServices/Siri.app/Contents/MacOS/Siri launchd]

/usr/libexec/xpcproxy

[xpcproxy com.apple.siriknowledged]

/usr/libexec/xpcproxy

[xpcproxy com.apple.SiriUI.SiriUISetupXPC 545]

/System/Library/PrivateFrameworks/SiriUI.framework/Versions/A/XPCServices/SiriUISetupXPC.xpc/Contents/MacOS/SiriUISetupXPC

[/System/Library/PrivateFrameworks/SiriUI.framework/Versions/A/XPCServices/SiriUISetupXPC.xpc/Contents/MacOS/SiriUISetupXPC]

/usr/libexec/siriknowledged

[/usr/libexec/siriknowledged]

/usr/libexec/xpcproxy

[xpcproxy com.apple.audio.AudioComponentRegistrar]

/System/Library/Frameworks/AudioToolbox.framework/AudioComponentRegistrar

[/System/Library/Frameworks/AudioToolbox.framework/AudioComponentRegistrar]

/usr/libexec/xpcproxy

[xpcproxy com.apple.audio.SandboxHelper 391]

/System/Library/Frameworks/AudioToolbox.framework/XPCServices/com.apple.audio.SandboxHelper.xpc/Contents/MacOS/com.apple.audio.SandboxHelper

[/System/Library/Frameworks/AudioToolbox.framework/XPCServices/com.apple.audio.SandboxHelper.xpc/Contents/MacOS/com.apple.audio.SandboxHelper]

/usr/libexec/xpcproxy

[xpcproxy com.apple.SiriNCService 545]

/System/Library/CoreServices/Siri.app/Contents/XPCServices/SiriNCService.xpc/Contents/MacOS/SiriNCService

[/System/Library/CoreServices/Siri.app/Contents/XPCServices/SiriNCService.xpc/Contents/MacOS/SiriNCService]

/usr/libexec/xpcproxy

[xpcproxy com.apple.audio.SandboxHelper 314]

/System/Library/Frameworks/AudioToolbox.framework/XPCServices/com.apple.audio.SandboxHelper.xpc/Contents/MacOS/com.apple.audio.SandboxHelper

[/System/Library/Frameworks/AudioToolbox.framework/XPCServices/com.apple.audio.SandboxHelper.xpc/Contents/MacOS/com.apple.audio.SandboxHelper]

/usr/libexec/xpcproxy

[xpcproxy com.apple.speech.speechsynthesisd]

/System/Library/Frameworks/ApplicationServices.framework/Frameworks/SpeechSynthesis.framework/Resources/com.apple.speech.speechsynthesisd

[/System/Library/Frameworks/ApplicationServices.framework/Frameworks/SpeechSynthesis.framework/Resources/com.apple.speech.speechsynthesisd]

/usr/libexec/xpcproxy

[xpcproxy com.apple.speech.speechdatainstallerd]

/System/Library/PrivateFrameworks/SpeechObjects.framework/Versions/A/SpeechDataInstallerd.app/Contents/MacOS/SpeechDataInstallerd

[/System/Library/PrivateFrameworks/SpeechObjects.framework/Versions/A/SpeechDataInstallerd.app/Contents/MacOS/SpeechDataInstallerd]

/usr/libexec/xpcproxy

[xpcproxy com.apple.softwareupdated]

/System/Library/CoreServices/Software Update.app/Contents/Resources/softwareupdated

[/System/Library/CoreServices/Software Update.app/Contents/Resources/softwareupdated]

/usr/libexec/xpcproxy

[xpcproxy com.apple.suhelperd]

/System/Library/CoreServices/Software Update.app/Contents/Resources/suhelperd

[/System/Library/CoreServices/Software Update.app/Contents/Resources/suhelperd]

/usr/libexec/xpcproxy

[xpcproxy com.apple.AppStore.1900]

/System/Applications/App Store.app/Contents/MacOS/App Store

[/System/Applications/App Store.app/Contents/MacOS/App Store]

/usr/libexec/xpcproxy

[xpcproxy com.apple.assistant_service]

/System/Library/PrivateFrameworks/AssistantServices.framework/Versions/A/Support/assistant_service

[/System/Library/PrivateFrameworks/AssistantServices.framework/Versions/A/Support/assistant_service]

/usr/libexec/xpcproxy

[xpcproxy com.apple.storeuid]

/System/Library/PrivateFrameworks/CommerceKit.framework/Versions/A/Resources/storeuid.app/Contents/MacOS/storeuid

[/System/Library/PrivateFrameworks/CommerceKit.framework/Versions/A/Resources/storeuid.app/Contents/MacOS/storeuid]

/usr/libexec/xpcproxy

[xpcproxy com.apple.AddressBook.AssistantService]

/System/Library/Frameworks/AddressBook.framework/Versions/A/Helpers/ABAssistantService.app/Contents/MacOS/ABAssistantService

[/System/Library/Frameworks/AddressBook.framework/Versions/A/Helpers/ABAssistantService.app/Contents/MacOS/ABAssistantService]

/usr/libexec/xpcproxy

[xpcproxy com.apple.PerformanceAnalysis.animationperfd]

/System/Library/PrivateFrameworks/PerformanceAnalysis.framework/Versions/A/XPCServices/com.apple.PerformanceAnalysis.animationperfd.xpc/Contents/MacOS/com.apple.PerformanceAnalysis.animationperfd

[/System/Library/PrivateFrameworks/PerformanceAnalysis.framework/Versions/A/XPCServices/com.apple.PerformanceAnalysis.animationperfd.xpc/Contents/MacOS/com.apple.PerformanceAnalysis.animationperfd]

/usr/libexec/xpcproxy

[xpcproxy com.apple.rtcreportingd]

/usr/libexec/rtcreportingd

[/usr/libexec/rtcreportingd]

/usr/libexec/xpcproxy

[xpcproxy com.apple.coremedia.videodecoder 564]

/System/Library/Frameworks/VideoToolbox.framework/Versions/A/XPCServices/VTDecoderXPCService.xpc/Contents/MacOS/VTDecoderXPCService

[/System/Library/Frameworks/VideoToolbox.framework/Versions/A/XPCServices/VTDecoderXPCService.xpc/Contents/MacOS/VTDecoderXPCService]

/usr/libexec/xpcproxy

[xpcproxy com.apple.accessibility.mediaaccessibilityd]

/System/Library/Frameworks/MediaAccessibility.framework/Versions/A/XPCServices/com.apple.accessibility.mediaaccessibilityd.xpc/Contents/MacOS/com.apple.accessibility.mediaaccessibilityd

[/System/Library/Frameworks/MediaAccessibility.framework/Versions/A/XPCServices/com.apple.accessibility.mediaaccessibilityd.xpc/Contents/MacOS/com.apple.accessibility.mediaaccessibilityd]

/usr/libexec/xpcproxy

[xpcproxy com.apple.icloud.FMIPClientXPCService 565]

/System/Library/PrivateFrameworks/FMClient.framework/Versions/A/XPCServices/FMIPClientXPCService.xpc/Contents/MacOS/FMIPClientXPCService

[/System/Library/PrivateFrameworks/FMClient.framework/Versions/A/XPCServices/FMIPClientXPCService.xpc/Contents/MacOS/FMIPClientXPCService]

/usr/libexec/xpcproxy

[xpcproxy com.apple.systemprofiler]

/System/Applications/Utilities/System Information.app/Contents/MacOS/System Information

[/System/Applications/Utilities/System Information.app/Contents/MacOS/System Information]

/usr/libexec/xpcproxy

[xpcproxy com.apple.replayd]

/usr/libexec/replayd

[/usr/libexec/replayd]

/usr/libexec/xpcproxy

[xpcproxy com.apple.system_installd]

/System/Library/PrivateFrameworks/PackageKit.framework/Resources/system_installd

[/System/Library/PrivateFrameworks/PackageKit.framework/Resources/system_installd]

/usr/libexec/xpcproxy

[xpcproxy com.apple.storedownloadd]

/usr/libexec/xpcproxy

[xpcproxy com.apple.installd]

/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd

[/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd]

/System/Library/PrivateFrameworks/CommerceKit.framework/Versions/A/Resources/storedownloadd

[/System/Library/PrivateFrameworks/CommerceKit.framework/Versions/A/Resources/storedownloadd]

/usr/libexec/xpcproxy

[xpcproxy com.apple.Safari.CacheDeleteExtension 579]

/Applications/Safari.app/Contents/PlugIns/CacheDeleteExtension.appex/Contents/MacOS/CacheDeleteExtension

[/Applications/Safari.app/Contents/PlugIns/CacheDeleteExtension.appex/Contents/MacOS/CacheDeleteExtension]

/usr/libexec/xpcproxy

[xpcproxy com.apple.Photos.StorageManagementExtension 578]

/System/Applications/Photos.app/Contents/PlugIns/PhotosStorageExtension.appex/Contents/MacOS/PhotosStorageExtension

[/System/Applications/Photos.app/Contents/PlugIns/PhotosStorageExtension.appex/Contents/MacOS/PhotosStorageExtension]

/usr/libexec/xpcproxy

[xpcproxy com.apple.STMExtension.iOSFiles 578]

/System/Applications/TV.app/Contents/PlugIns/TVStorageExtension.appex/Contents/MacOS/TVStorageExtension

[/System/Applications/TV.app/Contents/PlugIns/TVStorageExtension.appex/Contents/MacOS/TVStorageExtension]

/usr/libexec/xpcproxy

[xpcproxy com.apple.STMExtension.GarageBand 578]

/System/Library/PrivateFrameworks/StorageManagement.framework/PlugIns/iOSFilesStorageExtension.appex/Contents/MacOS/iOSFilesStorageExtension

[/System/Library/PrivateFrameworks/StorageManagement.framework/PlugIns/iOSFilesStorageExtension.appex/Contents/MacOS/iOSFilesStorageExtension]

/System/Library/PrivateFrameworks/StorageManagement.framework/PlugIns/GarageBandStorageExtension.appex/Contents/MacOS/GarageBandStorageExtension

[/System/Library/PrivateFrameworks/StorageManagement.framework/PlugIns/GarageBandStorageExtension.appex/Contents/MacOS/GarageBandStorageExtension]

/usr/libexec/xpcproxy

[xpcproxy com.apple.messages.StorageManagementExtension 578]

/System/Applications/Messages.app/Contents/PlugIns/Messages Storage Management Extension.appex/Contents/MacOS/Messages Storage Management Extension

[/System/Applications/Messages.app/Contents/PlugIns/Messages Storage Management Extension.appex/Contents/MacOS/Messages Storage Management Extension]

/usr/libexec/xpcproxy

[xpcproxy com.apple.STMExtension.CloudFiles 578]

/System/Library/PrivateFrameworks/StorageManagement.framework/PlugIns/CloudFilesStorageExtension.appex/Contents/MacOS/CloudFilesStorageExtension

[/System/Library/PrivateFrameworks/StorageManagement.framework/PlugIns/CloudFilesStorageExtension.appex/Contents/MacOS/CloudFilesStorageExtension]

/System/Applications/Music.app/Contents/PlugIns/MusicStorageExtension.appex/Contents/MacOS/MusicStorageExtension

[/System/Applications/Music.app/Contents/PlugIns/MusicStorageExtension.appex/Contents/MacOS/MusicStorageExtension]

/usr/libexec/xpcproxy

[xpcproxy com.apple.STMExtension.Trash 578]

/System/Library/PrivateFrameworks/StorageManagement.framework/PlugIns/TrashStorageExtension.appex/Contents/MacOS/TrashStorageExtension

[/System/Library/PrivateFrameworks/StorageManagement.framework/PlugIns/TrashStorageExtension.appex/Contents/MacOS/TrashStorageExtension]

/usr/libexec/xpcproxy

[xpcproxy com.apple.iBooksX.DiskSpaceEfficiency]

/System/Applications/Books.app/Contents/PlugIns/DiskSpaceEfficiency.appex/Contents/MacOS/DiskSpaceEfficiency

[/System/Applications/Books.app/Contents/PlugIns/DiskSpaceEfficiency.appex/Contents/MacOS/DiskSpaceEfficiency]

/System/Applications/Podcasts.app/Contents/PlugIns/MacPodcastsStorageExtension.appex/Contents/MacOS/MacPodcastsStorageExtension

[/System/Applications/Podcasts.app/Contents/PlugIns/MacPodcastsStorageExtension.appex/Contents/MacOS/MacPodcastsStorageExtension]

/usr/libexec/xpcproxy

[xpcproxy com.apple.STMExtension.Applications 578]

/System/Library/PrivateFrameworks/StorageManagement.framework/PlugIns/ApplicationsStorageExtension.appex/Contents/MacOS/ApplicationsStorageExtension

[/System/Library/PrivateFrameworks/StorageManagement.framework/PlugIns/ApplicationsStorageExtension.appex/Contents/MacOS/ApplicationsStorageExtension]

/usr/libexec/xpcproxy

[xpcproxy com.apple.STMExtension.OtherUsers 578]

/System/Library/PrivateFrameworks/StorageManagement.framework/PlugIns/OtherUsersStorageExtension.appex/Contents/MacOS/OtherUsersStorageExtension

[/System/Library/PrivateFrameworks/StorageManagement.framework/PlugIns/OtherUsersStorageExtension.appex/Contents/MacOS/OtherUsersStorageExtension]

/usr/libexec/xpcproxy

[xpcproxy com.apple.STMExtension.AppleInternal 578]

/usr/libexec/xpcproxy

[xpcproxy com.apple.CloudDocsDaemon.StorageManagement 578]

/usr/libexec/xpcproxy

[xpcproxy com.apple.STMExtension.Mail 578]

/System/Library/PrivateFrameworks/StorageManagement.framework/PlugIns/AppleInternalStorageExtension.appex/Contents/MacOS/AppleInternalStorageExtension

[/System/Library/PrivateFrameworks/StorageManagement.framework/PlugIns/AppleInternalStorageExtension.appex/Contents/MacOS/AppleInternalStorageExtension]

/System/Library/PrivateFrameworks/CloudDocsDaemon.framework/PlugIns/CloudDocsStorageManagement.appex/Contents/MacOS/CloudDocsStorageManagement

[/System/Library/PrivateFrameworks/CloudDocsDaemon.framework/PlugIns/CloudDocsStorageManagement.appex/Contents/MacOS/CloudDocsStorageManagement]

/System/Applications/Mail.app/Contents/PlugIns/MailStorageManagement.appex/Contents/MacOS/MailStorageManagement

[/System/Applications/Mail.app/Contents/PlugIns/MailStorageManagement.appex/Contents/MacOS/MailStorageManagement]

/usr/libexec/xpcproxy

[xpcproxy com.apple.CloudPhotosConfiguration]

/System/Library/PrivateFrameworks/CloudPhotoServices.framework/Versions/A/XPCServices/com.apple.CloudPhotosConfiguration.xpc/Contents/MacOS/com.apple.CloudPhotosConfiguration

[/System/Library/PrivateFrameworks/CloudPhotoServices.framework/Versions/A/XPCServices/com.apple.CloudPhotosConfiguration.xpc/Contents/MacOS/com.apple.CloudPhotosConfiguration]

/usr/libexec/xpcproxy

[xpcproxy com.apple.automountd]

/usr/libexec/automountd

[automountd]

/usr/libexec/od_user_homes

[/usr/libexec/od_user_homes .localized]

/usr/libexec/xpcproxy

[xpcproxy com.apple.installandsetup.systemmigrationd]

/System/Library/PrivateFrameworks/SystemMigration.framework/Resources/systemmigrationd

[/System/Library/PrivateFrameworks/SystemMigration.framework/Resources/systemmigrationd]

/usr/libexec/xpcproxy

[xpcproxy com.apple.storagekitd]

/System/Library/PrivateFrameworks/StorageKit.framework/Resources/storagekitd

[/System/Library/PrivateFrameworks/StorageKit.framework/Resources/storagekitd]

/usr/libexec/xpcproxy

[xpcproxy com.apple.iconservices.iconservicesagent]

/System/Library/CoreServices/iconservicesagent

[/System/Library/CoreServices/iconservicesagent runAsRoot]

/usr/libexec/xpcproxy

[xpcproxy com.apple.quicklook.satellite.4BF31A6D-30A3-474E-BB1F-307515DB1769 584]

/System/Library/Frameworks/QuickLook.framework/Versions/A/XPCServices/QuickLookSatellite.xpc/Contents/MacOS/QuickLookSatellite

[/System/Library/Frameworks/QuickLook.framework/Versions/A/XPCServices/QuickLookSatellite.xpc/Contents/MacOS/QuickLookSatellite]

/usr/libexec/od_user_homes

[/usr/libexec/od_user_homes .localized]

/usr/libexec/xpcproxy

[xpcproxy com.apple.AddressBook.AssistantService]

/System/Library/Frameworks/AddressBook.framework/Versions/A/Helpers/ABAssistantService.app/Contents/MacOS/ABAssistantService

[/System/Library/Frameworks/AddressBook.framework/Versions/A/Helpers/ABAssistantService.app/Contents/MacOS/ABAssistantService]

/usr/libexec/xpcproxy

[xpcproxy com.apple.Safari.2028]

/Applications/Safari.app/Contents/MacOS/Safari

[/Applications/Safari.app/Contents/MacOS/Safari]

/usr/libexec/xpcproxy

[xpcproxy com.apple.Safari.History]

/System/Library/PrivateFrameworks/SafariShared.framework/Versions/A/XPCServices/com.apple.Safari.History.xpc/Contents/MacOS/com.apple.Safari.History

[/System/Library/PrivateFrameworks/SafariShared.framework/Versions/A/XPCServices/com.apple.Safari.History.xpc/Contents/MacOS/com.apple.Safari.History]

/usr/libexec/xpcproxy

[xpcproxy com.apple.WebKit.WebContent.7E8A2862-E100-49FB-8756-E8BB4D98202C 619]

/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent

[/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent]

/usr/libexec/xpcproxy

[xpcproxy com.apple.spindump]

/usr/sbin/spindump

[/usr/sbin/spindump]

/usr/libexec/xpcproxy

[xpcproxy com.apple.spindump_agent]

/usr/libexec/spindump_agent

[/usr/libexec/spindump_agent]

/usr/libexec/xpcproxy

[xpcproxy com.apple.SafariLaunchAgent]

/Library/Apple/System/Library/CoreServices/SafariSupport.bundle/Contents/MacOS/SafariLaunchAgent

[/Library/Apple/System/Library/CoreServices/SafariSupport.bundle/Contents/MacOS/SafariLaunchAgent]

/usr/libexec/xpcproxy

[xpcproxy com.apple.WebKit.WebContent.2FD72F59-22C8-4BFD-970D-4EBD5202F779 619]

/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent

[/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent]

/System/Library/PrivateFrameworks/PackageKit.framework/Resources/install_monitor

[/System/Library/PrivateFrameworks/PackageKit.framework/Resources/install_monitor -t /private/var/run/installd.commit.pid]

/System/Library/PrivateFrameworks/PackageKit.framework/Resources/shove

[/System/Library/PrivateFrameworks/PackageKit.framework/Resources/shove -f -s /Library/Apple/System/Library/InstallerSandboxes/.PKInstallSandboxManager-SystemSoftware/28534241-DEAC-48CB-BF15-5B052D1381FC.activeSandbox/Root /]

/System/Library/PrivateFrameworks/PackageKit.framework/Resources/efw_cache_update

[/System/Library/PrivateFrameworks/PackageKit.framework/Resources/efw_cache_update -c]

/usr/libexec/xpcproxy

[xpcproxy com.apple.Safari.SearchHelper 619]

/System/Library/PrivateFrameworks/SafariShared.framework/Versions/A/XPCServices/com.apple.Safari.SearchHelper.xpc/Contents/MacOS/com.apple.Safari.SearchHelper

[/System/Library/PrivateFrameworks/SafariShared.framework/Versions/A/XPCServices/com.apple.Safari.SearchHelper.xpc/Contents/MacOS/com.apple.Safari.SearchHelper]

/usr/libexec/xpcproxy

[xpcproxy com.apple.corespotlightservice.725FD30A-6064-6C02-CC51-5DDB8891B57E]

/usr/libexec/xpcproxy

[xpcproxy com.apple.ReportMemoryException]

/usr/libexec/ReportMemoryException

[/usr/libexec/ReportMemoryException]

/System/Library/Frameworks/CoreSpotlight.framework/CoreSpotlightService

[/System/Library/Frameworks/CoreSpotlight.framework/CoreSpotlightService]

/usr/libexec/xpcproxy

[xpcproxy com.apple.Safari.SafeBrowsing.Service]

/System/Library/PrivateFrameworks/SafariSafeBrowsing.framework/com.apple.Safari.SafeBrowsing.Service

[/System/Library/PrivateFrameworks/SafariSafeBrowsing.framework/com.apple.Safari.SafeBrowsing.Service]

/usr/libexec/xpcproxy

[xpcproxy com.apple.WebKit.WebContent.C072A2FB-2053-4FEB-9375-B62358A9E01F 619]

/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent

[/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent]

/usr/libexec/xpcproxy

[xpcproxy com.apple.WebKit.WebContent.0FA2929B-AEBA-4415-8732-52250E9931E2 619]

/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent

[/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent]

/usr/libexec/xpcproxy

[xpcproxy com.apple.WebKit.WebContent.6128CA4E-90FD-4070-9798-0C7E4F8DBB98 619]

/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent

[/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent]

/usr/libexec/xpcproxy

[xpcproxy com.apple.WebKit.WebContent.3CCCCD5C-4668-4C99-AAAF-83EF84D7B094 619]

/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent

[/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent]

/usr/libexec/xpcproxy

[xpcproxy com.apple.WebKit.WebContent.47545438-C72E-4B87-A59F-D59DABE0B0A2 619]

/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent

[/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent]

/usr/libexec/xpcproxy

[xpcproxy com.apple.WebKit.WebContent.120E3038-F18D-47AE-B3F9-8D57E2BE642B 619]

/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent

[/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent]

/usr/libexec/xpcproxy

[xpcproxy com.apple.WebKit.WebContent.1AA5E554-27EF-442F-B057-2E2C1B999B4C 619]

/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent

[/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent]

/usr/libexec/xpcproxy

[xpcproxy com.apple.WebKit.WebContent.57634756-AED3-47DA-B901-7BB9ACCD8D40 619]

/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent

[/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent]

/usr/libexec/xpcproxy

[xpcproxy com.apple.audio.SandboxHelper 649]

/System/Library/Frameworks/AudioToolbox.framework/XPCServices/com.apple.audio.SandboxHelper.xpc/Contents/MacOS/com.apple.audio.SandboxHelper

[/System/Library/Frameworks/AudioToolbox.framework/XPCServices/com.apple.audio.SandboxHelper.xpc/Contents/MacOS/com.apple.audio.SandboxHelper]

/usr/libexec/xpcproxy

[xpcproxy com.apple.WebKit.WebContent.F28060AD-AAF8-40E4-8270-AFF3E70D27EB 619]

/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent

[/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent]

/usr/libexec/xpcproxy

[xpcproxy com.apple.WebKit.WebContent.D9C19E32-FEBA-4D47-9E70-8880B8CCEF48 619]

/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent

[/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent]

/usr/libexec/xpcproxy

[xpcproxy com.apple.coremedia.videodecoder 649]

/System/Library/Frameworks/VideoToolbox.framework/Versions/A/XPCServices/VTDecoderXPCService.xpc/Contents/MacOS/VTDecoderXPCService

[/System/Library/Frameworks/VideoToolbox.framework/Versions/A/XPCServices/VTDecoderXPCService.xpc/Contents/MacOS/VTDecoderXPCService]

Network

Country Destination Domain Proto
DE 20.52.64.201:443 tcp
DE 51.116.246.105:443 tcp
US 8.8.8.8:53 bag-cdn-lb.itunes-apple.com.akadns.net udp
US 8.8.8.8:53 e6858.dscx.akamaiedge.net udp
BE 23.55.96.225:443 e6858.dscx.akamaiedge.net tcp
GB 17.250.81.67:443 tcp
US 8.8.8.8:53 seed.siri.apple.com udp
US 13.59.48.42:443 seed.siri.apple.com tcp
US 13.59.48.42:443 seed.siri.apple.com tcp
US 13.59.48.42:443 seed.siri.apple.com tcp
SE 192.229.221.95:80 tcp
US 8.8.8.8:53 h3.apis.apple.map.fastly.net udp
US 8.8.8.8:53 apps.mzstatic.com udp
US 8.8.8.8:53 s.mzstatic.com udp
US 8.8.8.8:53 radio.itunes.apple.com udp
US 8.8.8.8:53 play.itunes.apple.com udp
US 8.8.8.8:53 buy.itunes.apple.com udp
US 17.156.128.10:443 buy.itunes.apple.com tcp
BE 2.17.107.202:443 play.itunes.apple.com tcp
BE 2.17.107.186:443 play.itunes.apple.com tcp
US 8.8.8.8:53 sf-api-token-service.itunes.apple.com udp
US 8.8.8.8:53 amp-api-edge.apps.apple.com udp
NL 23.63.101.152:443 amp-api-edge.apps.apple.com tcp
US 8.8.8.8:53 is1-ssl.mzstatic.com udp
US 8.8.8.8:53 amp-api.apps.apple.com udp
US 8.8.8.8:53 apptrailers.itunes.apple.com udp
BE 23.55.96.123:443 amp-api.apps.apple.com tcp
DE 17.253.73.202:443 apptrailers.itunes.apple.com tcp
DE 17.253.73.206:443 apptrailers.itunes.apple.com tcp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 cds.apple.com udp
IE 17.57.146.88:5223 tcp
BE 104.68.86.71:443 cds.apple.com tcp
US 8.8.8.8:53 help.apple.com udp
SE 23.34.233.79:443 help.apple.com tcp
SE 23.34.233.79:443 help.apple.com tcp
US 8.8.8.8:53 e673.dsce9.akamaiedge.net udp
US 8.8.8.8:53 a1806.dscw154.akamai.net udp
BE 2.17.107.202:443 a1806.dscw154.akamai.net tcp
BE 2.17.107.186:443 a1806.dscw154.akamai.net tcp
US 8.8.8.8:53 api-glb-aeuw3b.smoot.apple.com udp
FR 15.237.18.235:443 api-glb-aeuw3b.smoot.apple.com tcp
US 8.8.8.8:53 gateway.fe2.apple-dns.net udp
SE 192.229.221.95:80 tcp
US 8.8.8.8:53 e17437.dsct.akamaiedge.net udp
US 8.8.8.8:53 swcdn.apple.com udp
US 151.101.3.8:80 swcdn.apple.com tcp
US 151.101.67.8:80 swcdn.apple.com tcp
US 8.8.8.8:53 e10499.dsce9.akamaiedge.net udp
US 8.8.8.8:53 clients1.google.com udp
US 8.8.8.8:53 clients1.google.com udp
GB 142.250.187.238:443 clients1.google.com tcp
GB 142.250.187.238:443 clients1.google.com tcp
US 8.8.8.8:53 cdn2.smoot.apple.com udp
US 8.8.8.8:53 cdn.smoot.apple.com udp
DE 17.253.73.202:443 cdn2.smoot.apple.com tcp
GB 17.253.77.201:443 cdn.smoot.apple.com tcp
GB 142.250.187.238:443 clients1.google.com tcp
DE 17.253.73.202:443 cdn2.smoot.apple.com tcp
GB 142.250.187.238:443 clients1.google.com tcp
GB 142.250.187.238:443 clients1.google.com tcp
GB 142.250.187.238:443 clients1.google.com tcp
GB 142.250.187.238:443 clients1.google.com tcp
GB 142.250.187.238:443 clients1.google.com tcp
GB 142.250.187.238:443 clients1.google.com tcp
GB 142.250.187.238:443 clients1.google.com tcp
US 8.8.8.8:53 e6858.dscx.akamaiedge.net udp
US 8.8.8.8:53 e673.dsce9.akamaiedge.net udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.187.196:443 www.google.com tcp
US 8.8.8.8:53 safebrowsing.googleapis.com udp
US 8.8.8.8:53 gsp64-ssl.ls-apple.com.akadns.net udp
US 8.8.8.8:53 29-courier.push.apple.com udp
GB 17.57.146.12:5223 29-courier.push.apple.com tcp
GB 17.57.146.7:5223 29-courier.push.apple.com tcp
GB 17.57.146.9:5223 29-courier.push.apple.com tcp
GB 142.250.187.196:443 www.google.com tcp
GB 142.250.187.196:443 www.google.com tcp
GB 142.250.187.238:443 clients1.google.com tcp
US 8.8.8.8:53 probe.icloud.com udp
PT 104.30.128.90:443 probe.icloud.com tcp
US 8.8.8.8:53 e17437.dsct.akamaiedge.net udp
BG 104.30.128.188:443 probe.icloud.com tcp
PT 104.30.128.90:443 probe.icloud.com tcp
PT 104.30.128.90:443 probe.icloud.com tcp
US 64.60.134.93:80 utm.com tcp
GB 17.253.77.201:80 mesu-cdn.origin-apple.com.akadns.net tcp
GB 142.250.187.238:443 clients1.google.com tcp
US 8.8.8.8:53 youtubeyoutube.com udp
NL 95.211.189.137:80 youtubeyoutube.com tcp
US 8.8.8.8:53 ww1.youtubeyoutube.com udp
US 199.59.243.225:80 ww1.youtubeyoutube.com tcp
US 199.59.243.225:80 ww1.youtubeyoutube.com tcp
US 8.8.8.8:53 syndicatedsearch.goog udp
GB 172.217.16.238:443 syndicatedsearch.goog tcp
US 8.8.8.8:53 partner.googleadservices.com udp
GB 142.250.178.2:443 partner.googleadservices.com tcp
US 8.8.8.8:53 afs.googleusercontent.com udp
GB 172.217.16.225:443 afs.googleusercontent.com tcp
US 8.8.8.8:53 www.adsensecustomsearchads.com udp
GB 142.250.187.238:443 www.adsensecustomsearchads.com tcp
US 8.8.8.8:53 itunes.apple.com udp
US 8.8.8.8:53 e17437.dsct.akamaiedge.net udp
GB 142.250.187.238:443 www.adsensecustomsearchads.com tcp
NL 95.211.189.137:80 youtubeyoutube.com tcp
NL 95.211.189.137:80 youtubeyoutube.com tcp
US 199.59.243.225:80 ww1.youtubeyoutube.com tcp
GB 142.250.187.238:443 www.adsensecustomsearchads.com tcp
GB 172.217.16.225:443 afs.googleusercontent.com tcp
NL 95.211.189.137:80 youtubeyoutube.com tcp
NL 95.211.189.137:80 youtubeyoutube.com tcp
NL 95.211.189.137:80 youtubeyoutube.com tcp
NL 95.211.189.137:80 youtubeyoutube.com tcp
NL 95.211.189.137:80 youtubeyoutube.com tcp
NL 95.211.189.137:80 youtubeyoutube.com tcp
GB 142.250.187.238:443 www.adsensecustomsearchads.com tcp
NL 95.211.189.137:80 youtubeyoutube.com tcp
NL 95.211.189.137:80 youtubeyoutube.com tcp
US 8.8.8.8:53 www.youtube.com udp
GB 142.250.178.14:443 www.youtube.com tcp
US 8.8.8.8:53 i.ytimg.com udp
GB 172.217.169.22:443 i.ytimg.com tcp
US 8.8.8.8:53 accounts.google.com udp
NL 142.250.27.84:443 accounts.google.com tcp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
GB 142.250.187.194:443 googleads.g.doubleclick.net tcp
GB 142.250.178.14:443 www.youtube.com tcp
US 8.8.8.8:53 rr1---sn-hgn7yn7e.googlevideo.com udp
FR 74.125.11.134:443 rr1---sn-hgn7yn7e.googlevideo.com tcp
FR 74.125.11.134:443 rr1---sn-hgn7yn7e.googlevideo.com tcp
FR 74.125.11.134:443 rr1---sn-hgn7yn7e.googlevideo.com tcp
FR 74.125.11.134:443 rr1---sn-hgn7yn7e.googlevideo.com tcp
FR 74.125.11.134:443 rr1---sn-hgn7yn7e.googlevideo.com tcp
FR 74.125.11.134:443 rr1---sn-hgn7yn7e.googlevideo.com tcp
GB 142.250.178.14:443 www.youtube.com tcp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
US 8.8.8.8:53 static.doubleclick.net udp
GB 216.58.213.6:443 static.doubleclick.net tcp
US 8.8.8.8:53 suggestqueries-clients6.youtube.com udp
GB 172.217.16.238:443 suggestqueries-clients6.youtube.com tcp
GB 172.217.16.238:443 suggestqueries-clients6.youtube.com tcp
US 8.8.8.8:53 youtube.com udp
GB 142.250.200.46:443 youtube.com tcp
US 8.8.8.8:53 yt3.ggpht.com udp
GB 142.250.180.1:443 yt3.ggpht.com tcp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 rr1---sn-aigl6nsk.googlevideo.com udp
GB 74.125.105.102:443 rr1---sn-aigl6nsk.googlevideo.com tcp
GB 74.125.105.102:443 rr1---sn-aigl6nsk.googlevideo.com tcp
GB 142.250.179.238:443 play.google.com tcp
GB 142.250.179.238:443 play.google.com tcp
US 8.8.8.8:53 tpc.googlesyndication.com udp
US 8.8.8.8:53 rr2---sn-aigl6nzs.googlevideo.com udp
GB 74.125.105.102:443 rr1---sn-aigl6nsk.googlevideo.com tcp
US 8.8.8.8:53 lh3.googleusercontent.com udp
GB 74.125.175.71:443 rr2---sn-aigl6nzs.googlevideo.com tcp
US 8.8.8.8:53 ade.googlesyndication.com udp
GB 142.250.200.2:443 ade.googlesyndication.com tcp
US 8.8.8.8:53 lb._dns-sd._udp.0.0.127.10.in-addr.arpa udp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
GB 142.250.187.194:443 googleads.g.doubleclick.net tcp
US 8.8.8.8:53 rr4---sn-aigl6nsd.googlevideo.com udp
GB 74.125.105.41:443 rr4---sn-aigl6nsd.googlevideo.com tcp
US 8.8.8.8:53 tpc.googlesyndication.com udp
GB 172.217.16.225:443 tpc.googlesyndication.com tcp
US 8.8.8.8:53 ade.googlesyndication.com udp
GB 142.250.200.2:443 ade.googlesyndication.com tcp
GB 74.125.105.102:443 rr1---sn-aigl6nsk.googlevideo.com tcp
US 8.8.8.8:53 rr1---sn-aigl6nl7.googlevideo.com udp
GB 173.194.183.198:443 rr1---sn-aigl6nl7.googlevideo.com tcp
US 8.8.8.8:53 yt3.ggpht.com udp
GB 142.250.180.1:443 yt3.ggpht.com tcp
US 8.8.8.8:53 i.ytimg.com udp
GB 172.217.169.22:443 i.ytimg.com tcp
US 8.8.8.8:53 rr3---sn-aigl6nzk.googlevideo.com udp
GB 74.125.175.104:443 rr3---sn-aigl6nzk.googlevideo.com tcp
US 8.8.8.8:53 lh6.googleusercontent.com udp
GB 172.217.16.225:443 lh6.googleusercontent.com tcp
US 8.8.8.8:53 play.google.com udp
GB 142.250.179.238:443 play.google.com tcp
GB 142.250.179.238:443 play.google.com tcp

Files

/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C//mds/mdsObject.db

MD5 d3a1859e6ec593505cc882e6def48fc8
SHA1 f8e6728e3e9de477a75706faa95cead9ce13cb32
SHA256 3ebafa97782204a4a1d75cfec22e15fcdeab45b65bab3b3e65508707e034a16c
SHA512 ea2a749b105759ea33408186b417359deffb4a3a5ed0533cb26b459c16bb3524d67ede5c9cf0d5098921c0c0a9313fb9c2672f1e5ba48810eda548fa3209e818

/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C//mds/mdsDirectory.db

MD5 0e4a0d1ceb2af6f0f8d0167ce77be2d3
SHA1 414ba4c1dc5fc8bf53d550e296fd6f5ad669918c
SHA256 cca093bcfc65e25dd77c849866e110df72526dffbe29d76e11e29c7d888a4030
SHA512 1dc5282d27c49a4b6f921ba5dfc88b8c1d32289df00dd866f9ac6669a5a8d99afeda614bffc7cf61a44375ae73e09cd52606b443b63636977c9cd2ef4fa68a20

/Users/run/Library/Application Support/AddressBook/Metadata/.info

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

/Users/run/Library/Application Support/AddressBook/Metadata/.info

MD5 365fd4cba360ec7549dc7bc899c28fcd
SHA1 47fb870cee2f4705f5af17c4cd2eec336b198a84
SHA256 4b539a9e6a299ff267a248d01b96fd45489f1a549d0105e3e5093f62fffc70bb
SHA512 b3afb6b57493734c9edc58054ef365587de56af102a0be78a99c08c888a704cd597572c769cda35c1c8e30ad3f8b9a0808c46656f2da9f48d202c89f4a94e453

/Users/run/Library/Assistant/com.apple.siri.applications.laststate.plist

MD5 e520d4c4a609ff7645c66e9c486da585
SHA1 db0debe2629ebd4a32165912cc2c7637c33768de
SHA256 5b03476bef689626419bb1d57f5a14a679faeb3e8863170bda6a47023bfd56b3
SHA512 4af280e197aed9642865feeabba63933329cf1d1df03d2f1810cb4793d15ffb504579d5a78d75cc5d4d296eb56e50c03d0df7bc17a3d4db8bb89baefe286dfa7

/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/T/SMIncompatibleAppUpdate/CFNetworkDownload_vjaACa.tmp

MD5 8ac8e766276bb799857b359b3a4f2347
SHA1 075fe1052e1e6de0a38aaa7711a54e8a77bb65f8
SHA256 a0ee16e403dd8609ce56b56a111b2926b591d368b6e99a41c836beb280dcf687
SHA512 60f88aacc4d89e7a52aa30a469b430f781006fac52b320c2acd05d8f3ace9638a042fa0b0000885293cf6ee391915e7d68ffc656f4056fcb6de3b638d52a6439

/Library/Apple/System/Library/InstallerSandboxes/.PKInstallSandboxManager-SystemSoftware/28534241-DEAC-48CB-BF15-5B052D1381FC.activeSandbox/Boms/com.apple.pkg.IncompatibleAppList.10_15.16U1923.bom

MD5 2f0f49de9ad6128f83b55002ddc0c733
SHA1 348b668dd78199b508fa73253568f3024a03410f
SHA256 4bde0dc120c8239b758f62e655e23be5f09b41f32f666bffa05e0104e8109d46
SHA512 6ed163e207886dd7661e67944197ef84c663eb129ca8c988d2fade90fa7e626b581627165521b3e9a8be77c04c12936ac40e1311750c2ad0aae4f6707910a4aa

/private/var/run/installd.commit.pid

MD5 9ad6aaed513b73148b7d49f70afcfb32
SHA1 9c676e003b8932ac49d4d3a18467c0b59e3e3fb6
SHA256 62bfa285013f08807d394266cdf8261dd060a704959ae9c20e4ad262b65da12a
SHA512 8a841e1a8e168b69a8eb463f07c4468d9ee75edd1dec54ea534207241c52d292cd4f288867594586fda76025ed6ff62b6c161b30a8b219bd679b29825f9f2283

/Users/run/Library/Safari/Favicon Cache/favicons/2529545429CE075A4E64DE7DAA3D4C27

MD5 f3418a443e7d841097c714d69ec4bcb8
SHA1 49263695f6b0cdd72f45cf1b775e660fdc36c606
SHA256 6da5620880159634213e197fafca1dde0272153be3e4590818533fab8d040770
SHA512 82d017c4b7ec8e0c46e8b75da0ca6a52fd8bce7fcf4e556cbdf16b49fc81be9953fe7e25a05f63ecd41c7272e8bb0a9fd9aedf0ac06cb6032330b096b3702563

/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C/com.apple.Safari.SafeBrowsing/Google/malware,osx,url_expression

MD5 ad218ee681f87845fa3a31e83881fb54
SHA1 ff26d6ca3c83f32d07bd5bed42a1e14e4b29b468
SHA256 e065886c47738c8da3c2057a353975aca2a0f3e52e2ce301abf1f332e37abbc0
SHA512 827c4c1c0fa291dd9dee101c70b2302a1c14e36b522111806a7452f1c4f0cebf73a711f87a170968484de7de3be0d877c95d09a67b1ee197b8e791586d2a710a

/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C/com.apple.Safari.SafeBrowsing/Google/social_engineering,osx,url_expression

MD5 a5ffe9992be5918a3596925fd8526588
SHA1 388d55c007f522a5ebfe16124a708f2a4b4e1aed
SHA256 847d20a1c5e7c877e6c804ccf32e121f30a577e2c9be9c088ac0645a1592382e
SHA512 b5040dd8bc8298d0a00312cf488ab082141f439018825bcc7dd06bfb17e6be6279c5ca024908eaea0d57843683f6dc8dd356e2e68b8c2e288d1d1473495139a8

/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C/com.apple.Safari.SafeBrowsing/Google/unwanted_software,osx,url_expression

MD5 6d4e871063f2ef425e4eca4a9d153501
SHA1 c49db69b93e06b7b50fcd34dce0252e2690715e0
SHA256 44a589022407ce6b68f5aaedd237c0ba5c131b443ade2d5c65766b24da59bd5c
SHA512 87567a344aa846789ec70048a488b0b531be8a8f8be1e92d1e493a7dcdfb05c1663ee6b65afbf6e9d7761d5c2a5d101dcfc4bcf5cf07bf9887228f6632585f6b

/Users/run/Library/Safari/Favicon Cache/favicons/D9442CDF22B6D9B600B66E05227F6F56

MD5 9909227b6fd2415ccb9a276d99632243
SHA1 c21dfda1e925054b0d6c882e43f87dbe1222a933
SHA256 af7282a5f1a3c7a62bda5f2265b1254d420ba7b5aab58023df705dd6064d2ac9
SHA512 9705d6811e00ee5f616ead194484f00df7fd5033e6bbea784c02438b87774a3e60ece7e2fb6e23486eec43743d642a105a16a615b3a5d5ee32d49b8f77814e5c

/Users/run/Library/Safari/Favicon Cache/favicons/B26EFA6F784A0B8880BAE32003619202

MD5 b1d93af012a8b948b8eaebe20a4ca838
SHA1 c3d1a9778e88922c38152b08700a90a8ff9c083c
SHA256 32d88e1590bd2714c7552c028eb4e40537606857a799a91d23333454c508c246
SHA512 d173c4ffcbd42af35a571a3fc5fefb14fe9304edd365e5e573788aff5a9722ed4a1636af3d9f4d904cb3bd5207c6d680f95c91ffb4701ecbad52438b6eabbb74

/Users/run/Library/Safari/Favicon Cache/favicons/77062AACE1E23EF21EEC0A74B19F66DC

MD5 80f7367cb52983d2b58c2570460a9e9b
SHA1 8b1020b84f2c57bc43c0b0e504529fbd176fc694
SHA256 d7dd223f488a3dc314edecff758abc774093909d8cdaabb5c6b3f5a84a6f4be7
SHA512 ec16f486883b31551597eaa82406989c159a5e186ec33fcc8fbc85093d1ac758bfab065a9a8f91ef3087456cc2a0b2b097dbb074f567280f5ccf8f3838eaceb3