Analysis Overview
SHA256
7953e2ba8611e6323b96df91a87cc162b3d1933e83d745b862c8c6704bb947c9
Threat Level: Shows suspicious behavior
The file inst.exe was found to be: Shows suspicious behavior.
Malicious Activity Summary
UPX packed file
Resource Forking
Unsigned PE
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-06-11 01:50
Signatures
UPX packed file
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Unsigned PE
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-11 01:50
Reported
2024-06-11 02:08
Platform
macos-20240410-en
Max time kernel
928s
Max time network
1053s
Command Line
Signatures
Resource Forking
| Description | Indicator | Process | Target |
| N/A | /System/Library/PrivateFrameworks/CommerceKit.framework/Versions/A/Resources/storedownloadd | N/A | N/A |
| N/A | /System/Library/PreferencePanes/ClassroomSettings.prefPane/Contents/Resources/ClassroomSettingsVisibilityCheckTool | N/A | N/A |
| N/A | /System/Library/Frameworks/ApplicationServices.framework/Frameworks/SpeechSynthesis.framework/Resources/com.apple.speech.speechsynthesisd | N/A | N/A |
| N/A | "/System/Library/CoreServices/Software Update.app/Contents/Resources/suhelperd" | N/A | N/A |
| N/A | /System/Library/PrivateFrameworks/SystemMigration.framework/Resources/systemmigrationd | N/A | N/A |
| N/A | /System/Library/PrivateFrameworks/PackageKit.framework/Resources/install_monitor -t /private/var/run/installd.commit.pid | N/A | N/A |
| N/A | /System/Library/PrivateFrameworks/PackageKit.framework/Resources/efw_cache_update -c | N/A | N/A |
| N/A | /System/Library/PreferencePanes/TouchID.prefPane/Contents/Resources/AllowPasswordPref | N/A | N/A |
| N/A | /System/Library/PreferencePanes/DesktopScreenEffectsPref.prefPane/Contents/Resources/DesktopPictures.prefPane/Contents/XPCServices/com.apple.preference.desktopscreeneffect.desktop.remoteservice.xpc/Contents/MacOS/com.apple.preference.desktopscreeneffect.desktop.remoteservice | N/A | N/A |
| N/A | /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd | N/A | N/A |
| N/A | /System/Library/PrivateFrameworks/CommerceKit.framework/Versions/A/Resources/storeuid.app/Contents/MacOS/storeuid | N/A | N/A |
| N/A | /System/Library/PrivateFrameworks/PackageKit.framework/Resources/system_installd | N/A | N/A |
| N/A | /System/Library/PreferencePanes/Sidecar.prefPane/Contents/Resources/sidecarPrefCheck | N/A | N/A |
| N/A | /System/Library/PreferencePanes/Wallet.prefPane/Contents/Resources/walletAvailabilityCheckTool | N/A | N/A |
| N/A | "/System/Library/CoreServices/Software Update.app/Contents/Resources/softwareupdated" | N/A | N/A |
| N/A | /System/Library/PreferencePanes/Profiles.prefPane/Contents/Resources/CPPrefPaneEnabledTool | N/A | N/A |
| N/A | /System/Library/PrivateFrameworks/StorageKit.framework/Resources/storagekitd | N/A | N/A |
| N/A | /System/Library/PrivateFrameworks/PackageKit.framework/Resources/shove -f -s /Library/Apple/System/Library/InstallerSandboxes/.PKInstallSandboxManager-SystemSoftware/28534241-DEAC-48CB-BF15-5B052D1381FC.activeSandbox/Root / | N/A | N/A |
Processes
/bin/sh
[sh -c sudo /bin/zsh -c "/Users/run/inst.exe"]
/bin/bash
[sh -c sudo /bin/zsh -c "/Users/run/inst.exe"]
/usr/bin/sudo
[sudo /bin/zsh -c /Users/run/inst.exe]
/bin/zsh
[/bin/zsh -c /Users/run/inst.exe]
/Users/run/inst.exe
[/Users/run/inst.exe]
/usr/libexec/xpcproxy
[xpcproxy com.apple.systempreferences.2140]
/System/Applications/System Preferences.app/Contents/MacOS/System Preferences
[/System/Applications/System Preferences.app/Contents/MacOS/System Preferences]
/usr/libexec/xpcproxy
[xpcproxy com.apple.AccountProfileRemoteViewService 519]
/System/Library/PrivateFrameworks/AOSUI.framework/Versions/A/XPCServices/AccountProfileRemoteViewService.xpc/Contents/MacOS/AccountProfileRemoteViewService
[/System/Library/PrivateFrameworks/AOSUI.framework/Versions/A/XPCServices/AccountProfileRemoteViewService.xpc/Contents/MacOS/AccountProfileRemoteViewService]
/System/Library/PreferencePanes/ClassroomSettings.prefPane/Contents/Resources/ClassroomSettingsVisibilityCheckTool
[/System/Library/PreferencePanes/ClassroomSettings.prefPane/Contents/Resources/ClassroomSettingsVisibilityCheckTool]
/System/Library/PreferencePanes/Profiles.prefPane/Contents/Resources/CPPrefPaneEnabledTool
[/System/Library/PreferencePanes/Profiles.prefPane/Contents/Resources/CPPrefPaneEnabledTool]
/System/Library/PreferencePanes/Sidecar.prefPane/Contents/Resources/sidecarPrefCheck
[/System/Library/PreferencePanes/Sidecar.prefPane/Contents/Resources/sidecarPrefCheck]
/System/Library/PreferencePanes/TouchID.prefPane/Contents/Resources/AllowPasswordPref
[/System/Library/PreferencePanes/TouchID.prefPane/Contents/Resources/AllowPasswordPref]
/System/Library/PreferencePanes/Wallet.prefPane/Contents/Resources/walletAvailabilityCheckTool
[/System/Library/PreferencePanes/Wallet.prefPane/Contents/Resources/walletAvailabilityCheckTool]
/usr/libexec/xpcproxy
[xpcproxy com.apple.nfcd]
/usr/libexec/nfcd
[/usr/libexec/nfcd]
/usr/libexec/xpcproxy
[xpcproxy com.apple.studentd]
/usr/libexec/studentd
[/usr/libexec/studentd]
/usr/libexec/xpcproxy
[xpcproxy com.apple.preference.general.remoteservice 519]
/System/Library/PreferencePanes/Appearance.prefPane/Contents/XPCServices/com.apple.preference.general.remoteservice.xpc/Contents/MacOS/com.apple.preference.general.remoteservice
[/System/Library/PreferencePanes/Appearance.prefPane/Contents/XPCServices/com.apple.preference.general.remoteservice.xpc/Contents/MacOS/com.apple.preference.general.remoteservice]
/usr/libexec/xpcproxy
[xpcproxy com.apple.metadata.mdwrite]
/usr/libexec/xpcproxy
[xpcproxy com.apple.preference.desktopscreeneffect.desktop.remoteservice 519]
/System/Library/PreferencePanes/DesktopScreenEffectsPref.prefPane/Contents/Resources/DesktopPictures.prefPane/Contents/XPCServices/com.apple.preference.desktopscreeneffect.desktop.remoteservice.xpc/Contents/MacOS/com.apple.preference.desktopscreeneffect.desktop.remoteservice
[/System/Library/PreferencePanes/DesktopScreenEffectsPref.prefPane/Contents/Resources/DesktopPictures.prefPane/Contents/XPCServices/com.apple.preference.desktopscreeneffect.desktop.remoteservice.xpc/Contents/MacOS/com.apple.preference.desktopscreeneffect.desktop.remoteservice]
/usr/libexec/xpcproxy
[xpcproxy com.apple.coremedia.videodecoder 535]
/System/Library/Frameworks/VideoToolbox.framework/Versions/A/XPCServices/VTDecoderXPCService.xpc/Contents/MacOS/VTDecoderXPCService
[/System/Library/Frameworks/VideoToolbox.framework/Versions/A/XPCServices/VTDecoderXPCService.xpc/Contents/MacOS/VTDecoderXPCService]
/usr/libexec/xpcproxy
[xpcproxy com.apple.coremedia.videodecoder 282]
/System/Library/Frameworks/VideoToolbox.framework/Versions/A/XPCServices/VTDecoderXPCService.xpc/Contents/MacOS/VTDecoderXPCService
[/System/Library/Frameworks/VideoToolbox.framework/Versions/A/XPCServices/VTDecoderXPCService.xpc/Contents/MacOS/VTDecoderXPCService]
/usr/libexec/xpcproxy
[xpcproxy com.apple.ReportMemoryException]
/usr/libexec/ReportMemoryException
[/usr/libexec/ReportMemoryException]
/usr/libexec/xpcproxy
[xpcproxy com.apple.siri.launcher.1708]
/System/Applications/Siri.app/Contents/MacOS/Siri
[/System/Applications/Siri.app/Contents/MacOS/Siri]
/usr/libexec/xpcproxy
[xpcproxy com.apple.Siri.2292]
/System/Library/CoreServices/Siri.app/Contents/MacOS/Siri
[/System/Library/CoreServices/Siri.app/Contents/MacOS/Siri]
/usr/libexec/xpcproxy
[xpcproxy com.apple.SiriUI.SiriUISetupXPC 542]
/System/Library/PrivateFrameworks/SiriUI.framework/Versions/A/XPCServices/SiriUISetupXPC.xpc/Contents/MacOS/SiriUISetupXPC
[/System/Library/PrivateFrameworks/SiriUI.framework/Versions/A/XPCServices/SiriUISetupXPC.xpc/Contents/MacOS/SiriUISetupXPC]
/usr/libexec/xpcproxy
[xpcproxy com.apple.Siri.agent]
/System/Library/CoreServices/Siri.app/Contents/MacOS/Siri
[/System/Library/CoreServices/Siri.app/Contents/MacOS/Siri launchd]
/usr/libexec/xpcproxy
[xpcproxy com.apple.siriknowledged]
/usr/libexec/xpcproxy
[xpcproxy com.apple.SiriUI.SiriUISetupXPC 545]
/System/Library/PrivateFrameworks/SiriUI.framework/Versions/A/XPCServices/SiriUISetupXPC.xpc/Contents/MacOS/SiriUISetupXPC
[/System/Library/PrivateFrameworks/SiriUI.framework/Versions/A/XPCServices/SiriUISetupXPC.xpc/Contents/MacOS/SiriUISetupXPC]
/usr/libexec/siriknowledged
[/usr/libexec/siriknowledged]
/usr/libexec/xpcproxy
[xpcproxy com.apple.audio.AudioComponentRegistrar]
/System/Library/Frameworks/AudioToolbox.framework/AudioComponentRegistrar
[/System/Library/Frameworks/AudioToolbox.framework/AudioComponentRegistrar]
/usr/libexec/xpcproxy
[xpcproxy com.apple.audio.SandboxHelper 391]
/System/Library/Frameworks/AudioToolbox.framework/XPCServices/com.apple.audio.SandboxHelper.xpc/Contents/MacOS/com.apple.audio.SandboxHelper
[/System/Library/Frameworks/AudioToolbox.framework/XPCServices/com.apple.audio.SandboxHelper.xpc/Contents/MacOS/com.apple.audio.SandboxHelper]
/usr/libexec/xpcproxy
[xpcproxy com.apple.SiriNCService 545]
/System/Library/CoreServices/Siri.app/Contents/XPCServices/SiriNCService.xpc/Contents/MacOS/SiriNCService
[/System/Library/CoreServices/Siri.app/Contents/XPCServices/SiriNCService.xpc/Contents/MacOS/SiriNCService]
/usr/libexec/xpcproxy
[xpcproxy com.apple.audio.SandboxHelper 314]
/System/Library/Frameworks/AudioToolbox.framework/XPCServices/com.apple.audio.SandboxHelper.xpc/Contents/MacOS/com.apple.audio.SandboxHelper
[/System/Library/Frameworks/AudioToolbox.framework/XPCServices/com.apple.audio.SandboxHelper.xpc/Contents/MacOS/com.apple.audio.SandboxHelper]
/usr/libexec/xpcproxy
[xpcproxy com.apple.speech.speechsynthesisd]
/System/Library/Frameworks/ApplicationServices.framework/Frameworks/SpeechSynthesis.framework/Resources/com.apple.speech.speechsynthesisd
[/System/Library/Frameworks/ApplicationServices.framework/Frameworks/SpeechSynthesis.framework/Resources/com.apple.speech.speechsynthesisd]
/usr/libexec/xpcproxy
[xpcproxy com.apple.speech.speechdatainstallerd]
/System/Library/PrivateFrameworks/SpeechObjects.framework/Versions/A/SpeechDataInstallerd.app/Contents/MacOS/SpeechDataInstallerd
[/System/Library/PrivateFrameworks/SpeechObjects.framework/Versions/A/SpeechDataInstallerd.app/Contents/MacOS/SpeechDataInstallerd]
/usr/libexec/xpcproxy
[xpcproxy com.apple.softwareupdated]
/System/Library/CoreServices/Software Update.app/Contents/Resources/softwareupdated
[/System/Library/CoreServices/Software Update.app/Contents/Resources/softwareupdated]
/usr/libexec/xpcproxy
[xpcproxy com.apple.suhelperd]
/System/Library/CoreServices/Software Update.app/Contents/Resources/suhelperd
[/System/Library/CoreServices/Software Update.app/Contents/Resources/suhelperd]
/usr/libexec/xpcproxy
[xpcproxy com.apple.AppStore.1900]
/System/Applications/App Store.app/Contents/MacOS/App Store
[/System/Applications/App Store.app/Contents/MacOS/App Store]
/usr/libexec/xpcproxy
[xpcproxy com.apple.assistant_service]
/System/Library/PrivateFrameworks/AssistantServices.framework/Versions/A/Support/assistant_service
[/System/Library/PrivateFrameworks/AssistantServices.framework/Versions/A/Support/assistant_service]
/usr/libexec/xpcproxy
[xpcproxy com.apple.storeuid]
/System/Library/PrivateFrameworks/CommerceKit.framework/Versions/A/Resources/storeuid.app/Contents/MacOS/storeuid
[/System/Library/PrivateFrameworks/CommerceKit.framework/Versions/A/Resources/storeuid.app/Contents/MacOS/storeuid]
/usr/libexec/xpcproxy
[xpcproxy com.apple.AddressBook.AssistantService]
/System/Library/Frameworks/AddressBook.framework/Versions/A/Helpers/ABAssistantService.app/Contents/MacOS/ABAssistantService
[/System/Library/Frameworks/AddressBook.framework/Versions/A/Helpers/ABAssistantService.app/Contents/MacOS/ABAssistantService]
/usr/libexec/xpcproxy
[xpcproxy com.apple.PerformanceAnalysis.animationperfd]
/System/Library/PrivateFrameworks/PerformanceAnalysis.framework/Versions/A/XPCServices/com.apple.PerformanceAnalysis.animationperfd.xpc/Contents/MacOS/com.apple.PerformanceAnalysis.animationperfd
[/System/Library/PrivateFrameworks/PerformanceAnalysis.framework/Versions/A/XPCServices/com.apple.PerformanceAnalysis.animationperfd.xpc/Contents/MacOS/com.apple.PerformanceAnalysis.animationperfd]
/usr/libexec/xpcproxy
[xpcproxy com.apple.rtcreportingd]
/usr/libexec/rtcreportingd
[/usr/libexec/rtcreportingd]
/usr/libexec/xpcproxy
[xpcproxy com.apple.coremedia.videodecoder 564]
/System/Library/Frameworks/VideoToolbox.framework/Versions/A/XPCServices/VTDecoderXPCService.xpc/Contents/MacOS/VTDecoderXPCService
[/System/Library/Frameworks/VideoToolbox.framework/Versions/A/XPCServices/VTDecoderXPCService.xpc/Contents/MacOS/VTDecoderXPCService]
/usr/libexec/xpcproxy
[xpcproxy com.apple.accessibility.mediaaccessibilityd]
/System/Library/Frameworks/MediaAccessibility.framework/Versions/A/XPCServices/com.apple.accessibility.mediaaccessibilityd.xpc/Contents/MacOS/com.apple.accessibility.mediaaccessibilityd
[/System/Library/Frameworks/MediaAccessibility.framework/Versions/A/XPCServices/com.apple.accessibility.mediaaccessibilityd.xpc/Contents/MacOS/com.apple.accessibility.mediaaccessibilityd]
/usr/libexec/xpcproxy
[xpcproxy com.apple.icloud.FMIPClientXPCService 565]
/System/Library/PrivateFrameworks/FMClient.framework/Versions/A/XPCServices/FMIPClientXPCService.xpc/Contents/MacOS/FMIPClientXPCService
[/System/Library/PrivateFrameworks/FMClient.framework/Versions/A/XPCServices/FMIPClientXPCService.xpc/Contents/MacOS/FMIPClientXPCService]
/usr/libexec/xpcproxy
[xpcproxy com.apple.systemprofiler]
/System/Applications/Utilities/System Information.app/Contents/MacOS/System Information
[/System/Applications/Utilities/System Information.app/Contents/MacOS/System Information]
/usr/libexec/xpcproxy
[xpcproxy com.apple.replayd]
/usr/libexec/replayd
[/usr/libexec/replayd]
/usr/libexec/xpcproxy
[xpcproxy com.apple.system_installd]
/System/Library/PrivateFrameworks/PackageKit.framework/Resources/system_installd
[/System/Library/PrivateFrameworks/PackageKit.framework/Resources/system_installd]
/usr/libexec/xpcproxy
[xpcproxy com.apple.storedownloadd]
/usr/libexec/xpcproxy
[xpcproxy com.apple.installd]
/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
[/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd]
/System/Library/PrivateFrameworks/CommerceKit.framework/Versions/A/Resources/storedownloadd
[/System/Library/PrivateFrameworks/CommerceKit.framework/Versions/A/Resources/storedownloadd]
/usr/libexec/xpcproxy
[xpcproxy com.apple.Safari.CacheDeleteExtension 579]
/Applications/Safari.app/Contents/PlugIns/CacheDeleteExtension.appex/Contents/MacOS/CacheDeleteExtension
[/Applications/Safari.app/Contents/PlugIns/CacheDeleteExtension.appex/Contents/MacOS/CacheDeleteExtension]
/usr/libexec/xpcproxy
[xpcproxy com.apple.Photos.StorageManagementExtension 578]
/System/Applications/Photos.app/Contents/PlugIns/PhotosStorageExtension.appex/Contents/MacOS/PhotosStorageExtension
[/System/Applications/Photos.app/Contents/PlugIns/PhotosStorageExtension.appex/Contents/MacOS/PhotosStorageExtension]
/usr/libexec/xpcproxy
[xpcproxy com.apple.STMExtension.iOSFiles 578]
/System/Applications/TV.app/Contents/PlugIns/TVStorageExtension.appex/Contents/MacOS/TVStorageExtension
[/System/Applications/TV.app/Contents/PlugIns/TVStorageExtension.appex/Contents/MacOS/TVStorageExtension]
/usr/libexec/xpcproxy
[xpcproxy com.apple.STMExtension.GarageBand 578]
/System/Library/PrivateFrameworks/StorageManagement.framework/PlugIns/iOSFilesStorageExtension.appex/Contents/MacOS/iOSFilesStorageExtension
[/System/Library/PrivateFrameworks/StorageManagement.framework/PlugIns/iOSFilesStorageExtension.appex/Contents/MacOS/iOSFilesStorageExtension]
/System/Library/PrivateFrameworks/StorageManagement.framework/PlugIns/GarageBandStorageExtension.appex/Contents/MacOS/GarageBandStorageExtension
[/System/Library/PrivateFrameworks/StorageManagement.framework/PlugIns/GarageBandStorageExtension.appex/Contents/MacOS/GarageBandStorageExtension]
/usr/libexec/xpcproxy
[xpcproxy com.apple.messages.StorageManagementExtension 578]
/System/Applications/Messages.app/Contents/PlugIns/Messages Storage Management Extension.appex/Contents/MacOS/Messages Storage Management Extension
[/System/Applications/Messages.app/Contents/PlugIns/Messages Storage Management Extension.appex/Contents/MacOS/Messages Storage Management Extension]
/usr/libexec/xpcproxy
[xpcproxy com.apple.STMExtension.CloudFiles 578]
/System/Library/PrivateFrameworks/StorageManagement.framework/PlugIns/CloudFilesStorageExtension.appex/Contents/MacOS/CloudFilesStorageExtension
[/System/Library/PrivateFrameworks/StorageManagement.framework/PlugIns/CloudFilesStorageExtension.appex/Contents/MacOS/CloudFilesStorageExtension]
/System/Applications/Music.app/Contents/PlugIns/MusicStorageExtension.appex/Contents/MacOS/MusicStorageExtension
[/System/Applications/Music.app/Contents/PlugIns/MusicStorageExtension.appex/Contents/MacOS/MusicStorageExtension]
/usr/libexec/xpcproxy
[xpcproxy com.apple.STMExtension.Trash 578]
/System/Library/PrivateFrameworks/StorageManagement.framework/PlugIns/TrashStorageExtension.appex/Contents/MacOS/TrashStorageExtension
[/System/Library/PrivateFrameworks/StorageManagement.framework/PlugIns/TrashStorageExtension.appex/Contents/MacOS/TrashStorageExtension]
/usr/libexec/xpcproxy
[xpcproxy com.apple.iBooksX.DiskSpaceEfficiency]
/System/Applications/Books.app/Contents/PlugIns/DiskSpaceEfficiency.appex/Contents/MacOS/DiskSpaceEfficiency
[/System/Applications/Books.app/Contents/PlugIns/DiskSpaceEfficiency.appex/Contents/MacOS/DiskSpaceEfficiency]
/System/Applications/Podcasts.app/Contents/PlugIns/MacPodcastsStorageExtension.appex/Contents/MacOS/MacPodcastsStorageExtension
[/System/Applications/Podcasts.app/Contents/PlugIns/MacPodcastsStorageExtension.appex/Contents/MacOS/MacPodcastsStorageExtension]
/usr/libexec/xpcproxy
[xpcproxy com.apple.STMExtension.Applications 578]
/System/Library/PrivateFrameworks/StorageManagement.framework/PlugIns/ApplicationsStorageExtension.appex/Contents/MacOS/ApplicationsStorageExtension
[/System/Library/PrivateFrameworks/StorageManagement.framework/PlugIns/ApplicationsStorageExtension.appex/Contents/MacOS/ApplicationsStorageExtension]
/usr/libexec/xpcproxy
[xpcproxy com.apple.STMExtension.OtherUsers 578]
/System/Library/PrivateFrameworks/StorageManagement.framework/PlugIns/OtherUsersStorageExtension.appex/Contents/MacOS/OtherUsersStorageExtension
[/System/Library/PrivateFrameworks/StorageManagement.framework/PlugIns/OtherUsersStorageExtension.appex/Contents/MacOS/OtherUsersStorageExtension]
/usr/libexec/xpcproxy
[xpcproxy com.apple.STMExtension.AppleInternal 578]
/usr/libexec/xpcproxy
[xpcproxy com.apple.CloudDocsDaemon.StorageManagement 578]
/usr/libexec/xpcproxy
[xpcproxy com.apple.STMExtension.Mail 578]
/System/Library/PrivateFrameworks/StorageManagement.framework/PlugIns/AppleInternalStorageExtension.appex/Contents/MacOS/AppleInternalStorageExtension
[/System/Library/PrivateFrameworks/StorageManagement.framework/PlugIns/AppleInternalStorageExtension.appex/Contents/MacOS/AppleInternalStorageExtension]
/System/Library/PrivateFrameworks/CloudDocsDaemon.framework/PlugIns/CloudDocsStorageManagement.appex/Contents/MacOS/CloudDocsStorageManagement
[/System/Library/PrivateFrameworks/CloudDocsDaemon.framework/PlugIns/CloudDocsStorageManagement.appex/Contents/MacOS/CloudDocsStorageManagement]
/System/Applications/Mail.app/Contents/PlugIns/MailStorageManagement.appex/Contents/MacOS/MailStorageManagement
[/System/Applications/Mail.app/Contents/PlugIns/MailStorageManagement.appex/Contents/MacOS/MailStorageManagement]
/usr/libexec/xpcproxy
[xpcproxy com.apple.CloudPhotosConfiguration]
/System/Library/PrivateFrameworks/CloudPhotoServices.framework/Versions/A/XPCServices/com.apple.CloudPhotosConfiguration.xpc/Contents/MacOS/com.apple.CloudPhotosConfiguration
[/System/Library/PrivateFrameworks/CloudPhotoServices.framework/Versions/A/XPCServices/com.apple.CloudPhotosConfiguration.xpc/Contents/MacOS/com.apple.CloudPhotosConfiguration]
/usr/libexec/xpcproxy
[xpcproxy com.apple.automountd]
/usr/libexec/automountd
[automountd]
/usr/libexec/od_user_homes
[/usr/libexec/od_user_homes .localized]
/usr/libexec/xpcproxy
[xpcproxy com.apple.installandsetup.systemmigrationd]
/System/Library/PrivateFrameworks/SystemMigration.framework/Resources/systemmigrationd
[/System/Library/PrivateFrameworks/SystemMigration.framework/Resources/systemmigrationd]
/usr/libexec/xpcproxy
[xpcproxy com.apple.storagekitd]
/System/Library/PrivateFrameworks/StorageKit.framework/Resources/storagekitd
[/System/Library/PrivateFrameworks/StorageKit.framework/Resources/storagekitd]
/usr/libexec/xpcproxy
[xpcproxy com.apple.iconservices.iconservicesagent]
/System/Library/CoreServices/iconservicesagent
[/System/Library/CoreServices/iconservicesagent runAsRoot]
/usr/libexec/xpcproxy
[xpcproxy com.apple.quicklook.satellite.4BF31A6D-30A3-474E-BB1F-307515DB1769 584]
/System/Library/Frameworks/QuickLook.framework/Versions/A/XPCServices/QuickLookSatellite.xpc/Contents/MacOS/QuickLookSatellite
[/System/Library/Frameworks/QuickLook.framework/Versions/A/XPCServices/QuickLookSatellite.xpc/Contents/MacOS/QuickLookSatellite]
/usr/libexec/od_user_homes
[/usr/libexec/od_user_homes .localized]
/usr/libexec/xpcproxy
[xpcproxy com.apple.AddressBook.AssistantService]
/System/Library/Frameworks/AddressBook.framework/Versions/A/Helpers/ABAssistantService.app/Contents/MacOS/ABAssistantService
[/System/Library/Frameworks/AddressBook.framework/Versions/A/Helpers/ABAssistantService.app/Contents/MacOS/ABAssistantService]
/usr/libexec/xpcproxy
[xpcproxy com.apple.Safari.2028]
/Applications/Safari.app/Contents/MacOS/Safari
[/Applications/Safari.app/Contents/MacOS/Safari]
/usr/libexec/xpcproxy
[xpcproxy com.apple.Safari.History]
/System/Library/PrivateFrameworks/SafariShared.framework/Versions/A/XPCServices/com.apple.Safari.History.xpc/Contents/MacOS/com.apple.Safari.History
[/System/Library/PrivateFrameworks/SafariShared.framework/Versions/A/XPCServices/com.apple.Safari.History.xpc/Contents/MacOS/com.apple.Safari.History]
/usr/libexec/xpcproxy
[xpcproxy com.apple.WebKit.WebContent.7E8A2862-E100-49FB-8756-E8BB4D98202C 619]
/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
[/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent]
/usr/libexec/xpcproxy
[xpcproxy com.apple.spindump]
/usr/sbin/spindump
[/usr/sbin/spindump]
/usr/libexec/xpcproxy
[xpcproxy com.apple.spindump_agent]
/usr/libexec/spindump_agent
[/usr/libexec/spindump_agent]
/usr/libexec/xpcproxy
[xpcproxy com.apple.SafariLaunchAgent]
/Library/Apple/System/Library/CoreServices/SafariSupport.bundle/Contents/MacOS/SafariLaunchAgent
[/Library/Apple/System/Library/CoreServices/SafariSupport.bundle/Contents/MacOS/SafariLaunchAgent]
/usr/libexec/xpcproxy
[xpcproxy com.apple.WebKit.WebContent.2FD72F59-22C8-4BFD-970D-4EBD5202F779 619]
/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
[/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent]
/System/Library/PrivateFrameworks/PackageKit.framework/Resources/install_monitor
[/System/Library/PrivateFrameworks/PackageKit.framework/Resources/install_monitor -t /private/var/run/installd.commit.pid]
/System/Library/PrivateFrameworks/PackageKit.framework/Resources/shove
[/System/Library/PrivateFrameworks/PackageKit.framework/Resources/shove -f -s /Library/Apple/System/Library/InstallerSandboxes/.PKInstallSandboxManager-SystemSoftware/28534241-DEAC-48CB-BF15-5B052D1381FC.activeSandbox/Root /]
/System/Library/PrivateFrameworks/PackageKit.framework/Resources/efw_cache_update
[/System/Library/PrivateFrameworks/PackageKit.framework/Resources/efw_cache_update -c]
/usr/libexec/xpcproxy
[xpcproxy com.apple.Safari.SearchHelper 619]
/System/Library/PrivateFrameworks/SafariShared.framework/Versions/A/XPCServices/com.apple.Safari.SearchHelper.xpc/Contents/MacOS/com.apple.Safari.SearchHelper
[/System/Library/PrivateFrameworks/SafariShared.framework/Versions/A/XPCServices/com.apple.Safari.SearchHelper.xpc/Contents/MacOS/com.apple.Safari.SearchHelper]
/usr/libexec/xpcproxy
[xpcproxy com.apple.corespotlightservice.725FD30A-6064-6C02-CC51-5DDB8891B57E]
/usr/libexec/xpcproxy
[xpcproxy com.apple.ReportMemoryException]
/usr/libexec/ReportMemoryException
[/usr/libexec/ReportMemoryException]
/System/Library/Frameworks/CoreSpotlight.framework/CoreSpotlightService
[/System/Library/Frameworks/CoreSpotlight.framework/CoreSpotlightService]
/usr/libexec/xpcproxy
[xpcproxy com.apple.Safari.SafeBrowsing.Service]
/System/Library/PrivateFrameworks/SafariSafeBrowsing.framework/com.apple.Safari.SafeBrowsing.Service
[/System/Library/PrivateFrameworks/SafariSafeBrowsing.framework/com.apple.Safari.SafeBrowsing.Service]
/usr/libexec/xpcproxy
[xpcproxy com.apple.WebKit.WebContent.C072A2FB-2053-4FEB-9375-B62358A9E01F 619]
/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
[/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent]
/usr/libexec/xpcproxy
[xpcproxy com.apple.WebKit.WebContent.0FA2929B-AEBA-4415-8732-52250E9931E2 619]
/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
[/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent]
/usr/libexec/xpcproxy
[xpcproxy com.apple.WebKit.WebContent.6128CA4E-90FD-4070-9798-0C7E4F8DBB98 619]
/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
[/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent]
/usr/libexec/xpcproxy
[xpcproxy com.apple.WebKit.WebContent.3CCCCD5C-4668-4C99-AAAF-83EF84D7B094 619]
/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
[/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent]
/usr/libexec/xpcproxy
[xpcproxy com.apple.WebKit.WebContent.47545438-C72E-4B87-A59F-D59DABE0B0A2 619]
/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
[/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent]
/usr/libexec/xpcproxy
[xpcproxy com.apple.WebKit.WebContent.120E3038-F18D-47AE-B3F9-8D57E2BE642B 619]
/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
[/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent]
/usr/libexec/xpcproxy
[xpcproxy com.apple.WebKit.WebContent.1AA5E554-27EF-442F-B057-2E2C1B999B4C 619]
/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
[/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent]
/usr/libexec/xpcproxy
[xpcproxy com.apple.WebKit.WebContent.57634756-AED3-47DA-B901-7BB9ACCD8D40 619]
/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
[/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent]
/usr/libexec/xpcproxy
[xpcproxy com.apple.audio.SandboxHelper 649]
/System/Library/Frameworks/AudioToolbox.framework/XPCServices/com.apple.audio.SandboxHelper.xpc/Contents/MacOS/com.apple.audio.SandboxHelper
[/System/Library/Frameworks/AudioToolbox.framework/XPCServices/com.apple.audio.SandboxHelper.xpc/Contents/MacOS/com.apple.audio.SandboxHelper]
/usr/libexec/xpcproxy
[xpcproxy com.apple.WebKit.WebContent.F28060AD-AAF8-40E4-8270-AFF3E70D27EB 619]
/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
[/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent]
/usr/libexec/xpcproxy
[xpcproxy com.apple.WebKit.WebContent.D9C19E32-FEBA-4D47-9E70-8880B8CCEF48 619]
/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
[/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent]
/usr/libexec/xpcproxy
[xpcproxy com.apple.coremedia.videodecoder 649]
/System/Library/Frameworks/VideoToolbox.framework/Versions/A/XPCServices/VTDecoderXPCService.xpc/Contents/MacOS/VTDecoderXPCService
[/System/Library/Frameworks/VideoToolbox.framework/Versions/A/XPCServices/VTDecoderXPCService.xpc/Contents/MacOS/VTDecoderXPCService]
Network
| Country | Destination | Domain | Proto |
| DE | 20.52.64.201:443 | tcp | |
| DE | 51.116.246.105:443 | tcp | |
| US | 8.8.8.8:53 | bag-cdn-lb.itunes-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | e6858.dscx.akamaiedge.net | udp |
| BE | 23.55.96.225:443 | e6858.dscx.akamaiedge.net | tcp |
| GB | 17.250.81.67:443 | tcp | |
| US | 8.8.8.8:53 | seed.siri.apple.com | udp |
| US | 13.59.48.42:443 | seed.siri.apple.com | tcp |
| US | 13.59.48.42:443 | seed.siri.apple.com | tcp |
| US | 13.59.48.42:443 | seed.siri.apple.com | tcp |
| SE | 192.229.221.95:80 | tcp | |
| US | 8.8.8.8:53 | h3.apis.apple.map.fastly.net | udp |
| US | 8.8.8.8:53 | apps.mzstatic.com | udp |
| US | 8.8.8.8:53 | s.mzstatic.com | udp |
| US | 8.8.8.8:53 | radio.itunes.apple.com | udp |
| US | 8.8.8.8:53 | play.itunes.apple.com | udp |
| US | 8.8.8.8:53 | buy.itunes.apple.com | udp |
| US | 17.156.128.10:443 | buy.itunes.apple.com | tcp |
| BE | 2.17.107.202:443 | play.itunes.apple.com | tcp |
| BE | 2.17.107.186:443 | play.itunes.apple.com | tcp |
| US | 8.8.8.8:53 | sf-api-token-service.itunes.apple.com | udp |
| US | 8.8.8.8:53 | amp-api-edge.apps.apple.com | udp |
| NL | 23.63.101.152:443 | amp-api-edge.apps.apple.com | tcp |
| US | 8.8.8.8:53 | is1-ssl.mzstatic.com | udp |
| US | 8.8.8.8:53 | amp-api.apps.apple.com | udp |
| US | 8.8.8.8:53 | apptrailers.itunes.apple.com | udp |
| BE | 23.55.96.123:443 | amp-api.apps.apple.com | tcp |
| DE | 17.253.73.202:443 | apptrailers.itunes.apple.com | tcp |
| DE | 17.253.73.206:443 | apptrailers.itunes.apple.com | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | cds.apple.com | udp |
| IE | 17.57.146.88:5223 | tcp | |
| BE | 104.68.86.71:443 | cds.apple.com | tcp |
| US | 8.8.8.8:53 | help.apple.com | udp |
| SE | 23.34.233.79:443 | help.apple.com | tcp |
| SE | 23.34.233.79:443 | help.apple.com | tcp |
| US | 8.8.8.8:53 | e673.dsce9.akamaiedge.net | udp |
| US | 8.8.8.8:53 | a1806.dscw154.akamai.net | udp |
| BE | 2.17.107.202:443 | a1806.dscw154.akamai.net | tcp |
| BE | 2.17.107.186:443 | a1806.dscw154.akamai.net | tcp |
| US | 8.8.8.8:53 | api-glb-aeuw3b.smoot.apple.com | udp |
| FR | 15.237.18.235:443 | api-glb-aeuw3b.smoot.apple.com | tcp |
| US | 8.8.8.8:53 | gateway.fe2.apple-dns.net | udp |
| SE | 192.229.221.95:80 | tcp | |
| US | 8.8.8.8:53 | e17437.dsct.akamaiedge.net | udp |
| US | 8.8.8.8:53 | swcdn.apple.com | udp |
| US | 151.101.3.8:80 | swcdn.apple.com | tcp |
| US | 151.101.67.8:80 | swcdn.apple.com | tcp |
| US | 8.8.8.8:53 | e10499.dsce9.akamaiedge.net | udp |
| US | 8.8.8.8:53 | clients1.google.com | udp |
| US | 8.8.8.8:53 | clients1.google.com | udp |
| GB | 142.250.187.238:443 | clients1.google.com | tcp |
| GB | 142.250.187.238:443 | clients1.google.com | tcp |
| US | 8.8.8.8:53 | cdn2.smoot.apple.com | udp |
| US | 8.8.8.8:53 | cdn.smoot.apple.com | udp |
| DE | 17.253.73.202:443 | cdn2.smoot.apple.com | tcp |
| GB | 17.253.77.201:443 | cdn.smoot.apple.com | tcp |
| GB | 142.250.187.238:443 | clients1.google.com | tcp |
| DE | 17.253.73.202:443 | cdn2.smoot.apple.com | tcp |
| GB | 142.250.187.238:443 | clients1.google.com | tcp |
| GB | 142.250.187.238:443 | clients1.google.com | tcp |
| GB | 142.250.187.238:443 | clients1.google.com | tcp |
| GB | 142.250.187.238:443 | clients1.google.com | tcp |
| GB | 142.250.187.238:443 | clients1.google.com | tcp |
| GB | 142.250.187.238:443 | clients1.google.com | tcp |
| GB | 142.250.187.238:443 | clients1.google.com | tcp |
| US | 8.8.8.8:53 | e6858.dscx.akamaiedge.net | udp |
| US | 8.8.8.8:53 | e673.dsce9.akamaiedge.net | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | safebrowsing.googleapis.com | udp |
| US | 8.8.8.8:53 | gsp64-ssl.ls-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 29-courier.push.apple.com | udp |
| GB | 17.57.146.12:5223 | 29-courier.push.apple.com | tcp |
| GB | 17.57.146.7:5223 | 29-courier.push.apple.com | tcp |
| GB | 17.57.146.9:5223 | 29-courier.push.apple.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| GB | 142.250.187.238:443 | clients1.google.com | tcp |
| US | 8.8.8.8:53 | probe.icloud.com | udp |
| PT | 104.30.128.90:443 | probe.icloud.com | tcp |
| US | 8.8.8.8:53 | e17437.dsct.akamaiedge.net | udp |
| BG | 104.30.128.188:443 | probe.icloud.com | tcp |
| PT | 104.30.128.90:443 | probe.icloud.com | tcp |
| PT | 104.30.128.90:443 | probe.icloud.com | tcp |
| US | 64.60.134.93:80 | utm.com | tcp |
| GB | 17.253.77.201:80 | mesu-cdn.origin-apple.com.akadns.net | tcp |
| GB | 142.250.187.238:443 | clients1.google.com | tcp |
| US | 8.8.8.8:53 | youtubeyoutube.com | udp |
| NL | 95.211.189.137:80 | youtubeyoutube.com | tcp |
| US | 8.8.8.8:53 | ww1.youtubeyoutube.com | udp |
| US | 199.59.243.225:80 | ww1.youtubeyoutube.com | tcp |
| US | 199.59.243.225:80 | ww1.youtubeyoutube.com | tcp |
| US | 8.8.8.8:53 | syndicatedsearch.goog | udp |
| GB | 172.217.16.238:443 | syndicatedsearch.goog | tcp |
| US | 8.8.8.8:53 | partner.googleadservices.com | udp |
| GB | 142.250.178.2:443 | partner.googleadservices.com | tcp |
| US | 8.8.8.8:53 | afs.googleusercontent.com | udp |
| GB | 172.217.16.225:443 | afs.googleusercontent.com | tcp |
| US | 8.8.8.8:53 | www.adsensecustomsearchads.com | udp |
| GB | 142.250.187.238:443 | www.adsensecustomsearchads.com | tcp |
| US | 8.8.8.8:53 | itunes.apple.com | udp |
| US | 8.8.8.8:53 | e17437.dsct.akamaiedge.net | udp |
| GB | 142.250.187.238:443 | www.adsensecustomsearchads.com | tcp |
| NL | 95.211.189.137:80 | youtubeyoutube.com | tcp |
| NL | 95.211.189.137:80 | youtubeyoutube.com | tcp |
| US | 199.59.243.225:80 | ww1.youtubeyoutube.com | tcp |
| GB | 142.250.187.238:443 | www.adsensecustomsearchads.com | tcp |
| GB | 172.217.16.225:443 | afs.googleusercontent.com | tcp |
| NL | 95.211.189.137:80 | youtubeyoutube.com | tcp |
| NL | 95.211.189.137:80 | youtubeyoutube.com | tcp |
| NL | 95.211.189.137:80 | youtubeyoutube.com | tcp |
| NL | 95.211.189.137:80 | youtubeyoutube.com | tcp |
| NL | 95.211.189.137:80 | youtubeyoutube.com | tcp |
| NL | 95.211.189.137:80 | youtubeyoutube.com | tcp |
| GB | 142.250.187.238:443 | www.adsensecustomsearchads.com | tcp |
| NL | 95.211.189.137:80 | youtubeyoutube.com | tcp |
| NL | 95.211.189.137:80 | youtubeyoutube.com | tcp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| GB | 142.250.178.14:443 | www.youtube.com | tcp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| GB | 172.217.169.22:443 | i.ytimg.com | tcp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| NL | 142.250.27.84:443 | accounts.google.com | tcp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| GB | 142.250.187.194:443 | googleads.g.doubleclick.net | tcp |
| GB | 142.250.178.14:443 | www.youtube.com | tcp |
| US | 8.8.8.8:53 | rr1---sn-hgn7yn7e.googlevideo.com | udp |
| FR | 74.125.11.134:443 | rr1---sn-hgn7yn7e.googlevideo.com | tcp |
| FR | 74.125.11.134:443 | rr1---sn-hgn7yn7e.googlevideo.com | tcp |
| FR | 74.125.11.134:443 | rr1---sn-hgn7yn7e.googlevideo.com | tcp |
| FR | 74.125.11.134:443 | rr1---sn-hgn7yn7e.googlevideo.com | tcp |
| FR | 74.125.11.134:443 | rr1---sn-hgn7yn7e.googlevideo.com | tcp |
| FR | 74.125.11.134:443 | rr1---sn-hgn7yn7e.googlevideo.com | tcp |
| GB | 142.250.178.14:443 | www.youtube.com | tcp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | static.doubleclick.net | udp |
| GB | 216.58.213.6:443 | static.doubleclick.net | tcp |
| US | 8.8.8.8:53 | suggestqueries-clients6.youtube.com | udp |
| GB | 172.217.16.238:443 | suggestqueries-clients6.youtube.com | tcp |
| GB | 172.217.16.238:443 | suggestqueries-clients6.youtube.com | tcp |
| US | 8.8.8.8:53 | youtube.com | udp |
| GB | 142.250.200.46:443 | youtube.com | tcp |
| US | 8.8.8.8:53 | yt3.ggpht.com | udp |
| GB | 142.250.180.1:443 | yt3.ggpht.com | tcp |
| US | 8.8.8.8:53 | play.google.com | udp |
| US | 8.8.8.8:53 | rr1---sn-aigl6nsk.googlevideo.com | udp |
| GB | 74.125.105.102:443 | rr1---sn-aigl6nsk.googlevideo.com | tcp |
| GB | 74.125.105.102:443 | rr1---sn-aigl6nsk.googlevideo.com | tcp |
| GB | 142.250.179.238:443 | play.google.com | tcp |
| GB | 142.250.179.238:443 | play.google.com | tcp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | rr2---sn-aigl6nzs.googlevideo.com | udp |
| GB | 74.125.105.102:443 | rr1---sn-aigl6nsk.googlevideo.com | tcp |
| US | 8.8.8.8:53 | lh3.googleusercontent.com | udp |
| GB | 74.125.175.71:443 | rr2---sn-aigl6nzs.googlevideo.com | tcp |
| US | 8.8.8.8:53 | ade.googlesyndication.com | udp |
| GB | 142.250.200.2:443 | ade.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | lb._dns-sd._udp.0.0.127.10.in-addr.arpa | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| GB | 142.250.187.194:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | rr4---sn-aigl6nsd.googlevideo.com | udp |
| GB | 74.125.105.41:443 | rr4---sn-aigl6nsd.googlevideo.com | tcp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| GB | 172.217.16.225:443 | tpc.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | ade.googlesyndication.com | udp |
| GB | 142.250.200.2:443 | ade.googlesyndication.com | tcp |
| GB | 74.125.105.102:443 | rr1---sn-aigl6nsk.googlevideo.com | tcp |
| US | 8.8.8.8:53 | rr1---sn-aigl6nl7.googlevideo.com | udp |
| GB | 173.194.183.198:443 | rr1---sn-aigl6nl7.googlevideo.com | tcp |
| US | 8.8.8.8:53 | yt3.ggpht.com | udp |
| GB | 142.250.180.1:443 | yt3.ggpht.com | tcp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| GB | 172.217.169.22:443 | i.ytimg.com | tcp |
| US | 8.8.8.8:53 | rr3---sn-aigl6nzk.googlevideo.com | udp |
| GB | 74.125.175.104:443 | rr3---sn-aigl6nzk.googlevideo.com | tcp |
| US | 8.8.8.8:53 | lh6.googleusercontent.com | udp |
| GB | 172.217.16.225:443 | lh6.googleusercontent.com | tcp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 142.250.179.238:443 | play.google.com | tcp |
| GB | 142.250.179.238:443 | play.google.com | tcp |
Files
/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C//mds/mdsObject.db
| MD5 | d3a1859e6ec593505cc882e6def48fc8 |
| SHA1 | f8e6728e3e9de477a75706faa95cead9ce13cb32 |
| SHA256 | 3ebafa97782204a4a1d75cfec22e15fcdeab45b65bab3b3e65508707e034a16c |
| SHA512 | ea2a749b105759ea33408186b417359deffb4a3a5ed0533cb26b459c16bb3524d67ede5c9cf0d5098921c0c0a9313fb9c2672f1e5ba48810eda548fa3209e818 |
/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C//mds/mdsDirectory.db
| MD5 | 0e4a0d1ceb2af6f0f8d0167ce77be2d3 |
| SHA1 | 414ba4c1dc5fc8bf53d550e296fd6f5ad669918c |
| SHA256 | cca093bcfc65e25dd77c849866e110df72526dffbe29d76e11e29c7d888a4030 |
| SHA512 | 1dc5282d27c49a4b6f921ba5dfc88b8c1d32289df00dd866f9ac6669a5a8d99afeda614bffc7cf61a44375ae73e09cd52606b443b63636977c9cd2ef4fa68a20 |
/Users/run/Library/Application Support/AddressBook/Metadata/.info
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
/Users/run/Library/Application Support/AddressBook/Metadata/.info
| MD5 | 365fd4cba360ec7549dc7bc899c28fcd |
| SHA1 | 47fb870cee2f4705f5af17c4cd2eec336b198a84 |
| SHA256 | 4b539a9e6a299ff267a248d01b96fd45489f1a549d0105e3e5093f62fffc70bb |
| SHA512 | b3afb6b57493734c9edc58054ef365587de56af102a0be78a99c08c888a704cd597572c769cda35c1c8e30ad3f8b9a0808c46656f2da9f48d202c89f4a94e453 |
/Users/run/Library/Assistant/com.apple.siri.applications.laststate.plist
| MD5 | e520d4c4a609ff7645c66e9c486da585 |
| SHA1 | db0debe2629ebd4a32165912cc2c7637c33768de |
| SHA256 | 5b03476bef689626419bb1d57f5a14a679faeb3e8863170bda6a47023bfd56b3 |
| SHA512 | 4af280e197aed9642865feeabba63933329cf1d1df03d2f1810cb4793d15ffb504579d5a78d75cc5d4d296eb56e50c03d0df7bc17a3d4db8bb89baefe286dfa7 |
/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/T/SMIncompatibleAppUpdate/CFNetworkDownload_vjaACa.tmp
| MD5 | 8ac8e766276bb799857b359b3a4f2347 |
| SHA1 | 075fe1052e1e6de0a38aaa7711a54e8a77bb65f8 |
| SHA256 | a0ee16e403dd8609ce56b56a111b2926b591d368b6e99a41c836beb280dcf687 |
| SHA512 | 60f88aacc4d89e7a52aa30a469b430f781006fac52b320c2acd05d8f3ace9638a042fa0b0000885293cf6ee391915e7d68ffc656f4056fcb6de3b638d52a6439 |
/Library/Apple/System/Library/InstallerSandboxes/.PKInstallSandboxManager-SystemSoftware/28534241-DEAC-48CB-BF15-5B052D1381FC.activeSandbox/Boms/com.apple.pkg.IncompatibleAppList.10_15.16U1923.bom
| MD5 | 2f0f49de9ad6128f83b55002ddc0c733 |
| SHA1 | 348b668dd78199b508fa73253568f3024a03410f |
| SHA256 | 4bde0dc120c8239b758f62e655e23be5f09b41f32f666bffa05e0104e8109d46 |
| SHA512 | 6ed163e207886dd7661e67944197ef84c663eb129ca8c988d2fade90fa7e626b581627165521b3e9a8be77c04c12936ac40e1311750c2ad0aae4f6707910a4aa |
/private/var/run/installd.commit.pid
| MD5 | 9ad6aaed513b73148b7d49f70afcfb32 |
| SHA1 | 9c676e003b8932ac49d4d3a18467c0b59e3e3fb6 |
| SHA256 | 62bfa285013f08807d394266cdf8261dd060a704959ae9c20e4ad262b65da12a |
| SHA512 | 8a841e1a8e168b69a8eb463f07c4468d9ee75edd1dec54ea534207241c52d292cd4f288867594586fda76025ed6ff62b6c161b30a8b219bd679b29825f9f2283 |
/Users/run/Library/Safari/Favicon Cache/favicons/2529545429CE075A4E64DE7DAA3D4C27
| MD5 | f3418a443e7d841097c714d69ec4bcb8 |
| SHA1 | 49263695f6b0cdd72f45cf1b775e660fdc36c606 |
| SHA256 | 6da5620880159634213e197fafca1dde0272153be3e4590818533fab8d040770 |
| SHA512 | 82d017c4b7ec8e0c46e8b75da0ca6a52fd8bce7fcf4e556cbdf16b49fc81be9953fe7e25a05f63ecd41c7272e8bb0a9fd9aedf0ac06cb6032330b096b3702563 |
/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C/com.apple.Safari.SafeBrowsing/Google/malware,osx,url_expression
| MD5 | ad218ee681f87845fa3a31e83881fb54 |
| SHA1 | ff26d6ca3c83f32d07bd5bed42a1e14e4b29b468 |
| SHA256 | e065886c47738c8da3c2057a353975aca2a0f3e52e2ce301abf1f332e37abbc0 |
| SHA512 | 827c4c1c0fa291dd9dee101c70b2302a1c14e36b522111806a7452f1c4f0cebf73a711f87a170968484de7de3be0d877c95d09a67b1ee197b8e791586d2a710a |
/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C/com.apple.Safari.SafeBrowsing/Google/social_engineering,osx,url_expression
| MD5 | a5ffe9992be5918a3596925fd8526588 |
| SHA1 | 388d55c007f522a5ebfe16124a708f2a4b4e1aed |
| SHA256 | 847d20a1c5e7c877e6c804ccf32e121f30a577e2c9be9c088ac0645a1592382e |
| SHA512 | b5040dd8bc8298d0a00312cf488ab082141f439018825bcc7dd06bfb17e6be6279c5ca024908eaea0d57843683f6dc8dd356e2e68b8c2e288d1d1473495139a8 |
/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C/com.apple.Safari.SafeBrowsing/Google/unwanted_software,osx,url_expression
| MD5 | 6d4e871063f2ef425e4eca4a9d153501 |
| SHA1 | c49db69b93e06b7b50fcd34dce0252e2690715e0 |
| SHA256 | 44a589022407ce6b68f5aaedd237c0ba5c131b443ade2d5c65766b24da59bd5c |
| SHA512 | 87567a344aa846789ec70048a488b0b531be8a8f8be1e92d1e493a7dcdfb05c1663ee6b65afbf6e9d7761d5c2a5d101dcfc4bcf5cf07bf9887228f6632585f6b |
/Users/run/Library/Safari/Favicon Cache/favicons/D9442CDF22B6D9B600B66E05227F6F56
| MD5 | 9909227b6fd2415ccb9a276d99632243 |
| SHA1 | c21dfda1e925054b0d6c882e43f87dbe1222a933 |
| SHA256 | af7282a5f1a3c7a62bda5f2265b1254d420ba7b5aab58023df705dd6064d2ac9 |
| SHA512 | 9705d6811e00ee5f616ead194484f00df7fd5033e6bbea784c02438b87774a3e60ece7e2fb6e23486eec43743d642a105a16a615b3a5d5ee32d49b8f77814e5c |
/Users/run/Library/Safari/Favicon Cache/favicons/B26EFA6F784A0B8880BAE32003619202
| MD5 | b1d93af012a8b948b8eaebe20a4ca838 |
| SHA1 | c3d1a9778e88922c38152b08700a90a8ff9c083c |
| SHA256 | 32d88e1590bd2714c7552c028eb4e40537606857a799a91d23333454c508c246 |
| SHA512 | d173c4ffcbd42af35a571a3fc5fefb14fe9304edd365e5e573788aff5a9722ed4a1636af3d9f4d904cb3bd5207c6d680f95c91ffb4701ecbad52438b6eabbb74 |
/Users/run/Library/Safari/Favicon Cache/favicons/77062AACE1E23EF21EEC0A74B19F66DC
| MD5 | 80f7367cb52983d2b58c2570460a9e9b |
| SHA1 | 8b1020b84f2c57bc43c0b0e504529fbd176fc694 |
| SHA256 | d7dd223f488a3dc314edecff758abc774093909d8cdaabb5c6b3f5a84a6f4be7 |
| SHA512 | ec16f486883b31551597eaa82406989c159a5e186ec33fcc8fbc85093d1ac758bfab065a9a8f91ef3087456cc2a0b2b097dbb074f567280f5ccf8f3838eaceb3 |