Analysis Overview
SHA256
ef8aaed1c045940a3ffb77151586b7af057a5445f7debb1e2b04225b2f9415ad
Threat Level: Shows suspicious behavior
The file af7d5280ce29a8e77d97d9003fe55fb2_JaffaCakes118 was found to be: Shows suspicious behavior.
Malicious Activity Summary
Installer Packages
File Deletion
Resource Forking
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-06-15 17:09
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-15 17:09
Reported
2024-06-15 17:12
Platform
macos-20240611-en
Max time kernel
122s
Max time network
134s
Command Line
Signatures
Installer Packages
| Description | Indicator | Process | Target |
| N/A | /tmp/PKInstallSandbox.Y3qo6z/Scripts/com.pcvark.advancedMacCleaner.Root.pkg.MVqKBn/postinstall /Users/run/setup.pkg / / / | N/A | N/A |
File Deletion
Resource Forking
| Description | Indicator | Process | Target |
| N/A | /System/Library/PrivateFrameworks/PackageKit.framework/Resources/shove -f -s /Library/InstallerSandboxes/.PKInstallSandboxManager/10A341B6-0337-4729-A0E6-9963BAE7E235.activeSandbox/Root / | N/A | N/A |
| N/A | /System/Library/Frameworks/Security.framework/Versions/A/Resources/CloudKeychainProxy.bundle/Contents/MacOS/CloudKeychainProxy | N/A | N/A |
| N/A | /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd | N/A | N/A |
| N/A | /System/Library/PrivateFrameworks/PackageKit.framework/Resources/install_monitor -t /private/var/run/installd.commit.pid | N/A | N/A |
Processes
/bin/sh
[sh -c sudo /bin/zsh -c "installer -pkg /Users/run/setup.pkg -target /"]
/bin/bash
[sh -c sudo /bin/zsh -c "installer -pkg /Users/run/setup.pkg -target /"]
/usr/bin/sudo
[sudo /bin/zsh -c installer -pkg /Users/run/setup.pkg -target /]
/bin/zsh
[/bin/zsh -c installer -pkg /Users/run/setup.pkg -target /]
/usr/sbin/installer
[installer -pkg /Users/run/setup.pkg -target /]
/usr/libexec/xpcproxy
[xpcproxy com.apple.sysmond]
/usr/libexec/xpcproxy
[xpcproxy com.apple.installd]
/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
[/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd]
/usr/libexec/sysmond
[/usr/libexec/sysmond]
/System/Library/PrivateFrameworks/PackageKit.framework/Resources/install_monitor
[/System/Library/PrivateFrameworks/PackageKit.framework/Resources/install_monitor -t /private/var/run/installd.commit.pid]
/tmp/PKInstallSandbox.Y3qo6z/Scripts/com.pcvark.advancedMacCleaner.Root.pkg.MVqKBn/preinstall
[/tmp/PKInstallSandbox.Y3qo6z/Scripts/com.pcvark.advancedMacCleaner.Root.pkg.MVqKBn/preinstall /Users/run/setup.pkg / / /]
/usr/bin/sudo
[sudo killall Advanced Mac Cleaner]
/usr/bin/killall
[killall Advanced Mac Cleaner]
/bin/sleep
[sleep 1]
/usr/bin/sudo
[sudo rm -rf /Applications/Advanced Mac Cleaner.app]
/bin/rm
[rm -rf /Applications/Advanced Mac Cleaner.app]
/usr/bin/sudo
[sudo rm -rf /Library/Application Support/amc]
/bin/rm
[rm -rf /Library/Application Support/amc]
/usr/bin/sudo
[sudo rm -rf /Users/run/Library/Application Support/amc]
/bin/rm
[rm -rf /Users/run/Library/Application Support/amc]
/usr/bin/sudo
[sudo rm -rf /Users/run/Library/Advanced Mac Cleaner/msets.plist]
/bin/rm
[rm -rf /Users/run/Library/Advanced Mac Cleaner/msets.plist]
/usr/bin/sudo
[sudo rm -rf /Users/run/Library/Advanced Mac Cleaner/params.plist]
/bin/rm
[rm -rf /Users/run/Library/Advanced Mac Cleaner/params.plist]
/System/Library/PrivateFrameworks/PackageKit.framework/Resources/shove
[/System/Library/PrivateFrameworks/PackageKit.framework/Resources/shove -f -s /Library/InstallerSandboxes/.PKInstallSandboxManager/10A341B6-0337-4729-A0E6-9963BAE7E235.activeSandbox/Root /]
/tmp/PKInstallSandbox.Y3qo6z/Scripts/com.pcvark.advancedMacCleaner.Root.pkg.MVqKBn/postinstall
[/tmp/PKInstallSandbox.Y3qo6z/Scripts/com.pcvark.advancedMacCleaner.Root.pkg.MVqKBn/postinstall /Users/run/setup.pkg / / /]
/usr/bin/sudo
[sudo mkdir -p /Users/run/Library/Application Support/Advanced Mac Cleaner]
/bin/mkdir
[mkdir -p /Users/run/Library/Application Support/Advanced Mac Cleaner]
/usr/bin/sudo
[sudo /usr/libexec/PlistBuddy -c Add :Disabled bool '0' /Users/run/Library/LaunchAgents/com.pcv.hlpramcn.plist]
/usr/libexec/PlistBuddy
[/usr/libexec/PlistBuddy -c Add :Disabled bool '0' /Users/run/Library/LaunchAgents/com.pcv.hlpramcn.plist]
/usr/bin/sudo
[sudo /usr/libexec/PlistBuddy -c Add :KeepAlive bool '1' /Users/run/Library/LaunchAgents/com.pcv.hlpramcn.plist]
/usr/libexec/PlistBuddy
[/usr/libexec/PlistBuddy -c Add :KeepAlive bool '1' /Users/run/Library/LaunchAgents/com.pcv.hlpramcn.plist]
/usr/bin/sudo
[sudo /usr/libexec/PlistBuddy -c Add :Label string 'com.pcv.hlpramcn' /Users/run/Library/LaunchAgents/com.pcv.hlpramcn.plist]
/usr/libexec/PlistBuddy
[/usr/libexec/PlistBuddy -c Add :Label string 'com.pcv.hlpramcn' /Users/run/Library/LaunchAgents/com.pcv.hlpramcn.plist]
/usr/bin/sudo
[sudo /usr/libexec/PlistBuddy -c Add :LimitLoadToSessionType string 'Aqua' /Users/run/Library/LaunchAgents/com.pcv.hlpramcn.plist]
/usr/libexec/PlistBuddy
[/usr/libexec/PlistBuddy -c Add :LimitLoadToSessionType string 'Aqua' /Users/run/Library/LaunchAgents/com.pcv.hlpramcn.plist]
/usr/bin/sudo
[sudo /usr/libexec/PlistBuddy -c Add :Program string '/Users/run/Library/Application Support/amc/helperamc.app/Contents/MacOS/helperamc' /Users/run/Library/LaunchAgents/com.pcv.hlpramcn.plist]
/usr/libexec/xpcproxy
[xpcproxy com.apple.secinitd]
/usr/libexec/PlistBuddy
[/usr/libexec/PlistBuddy -c Add :Program string '/Users/run/Library/Application Support/amc/helperamc.app/Contents/MacOS/helperamc' /Users/run/Library/LaunchAgents/com.pcv.hlpramcn.plist]
/usr/bin/sudo
[sudo /usr/libexec/PlistBuddy -c Add :buynow string 'http://advancedmaccleaner.safecart.store/amc/price' /Users/run/Library/Application Support/Advanced Mac Cleaner/settings.plist]
/usr/libexec/PlistBuddy
[/usr/libexec/PlistBuddy -c Add :buynow string 'http://advancedmaccleaner.safecart.store/amc/price' /Users/run/Library/Application Support/Advanced Mac Cleaner/settings.plist]
/usr/bin/sudo
[sudo /usr/libexec/PlistBuddy -c Add :urlsFileUrl string 'http://cdn2121.advancedmaccleaner.com/amc/prefs/appurls.plist' /Users/run/Library/Application Support/Advanced Mac Cleaner/settings.plist]
/usr/libexec/PlistBuddy
[/usr/libexec/PlistBuddy -c Add :urlsFileUrl string 'http://cdn2121.advancedmaccleaner.com/amc/prefs/appurls.plist' /Users/run/Library/Application Support/Advanced Mac Cleaner/settings.plist]
/usr/libexec/xpcproxy
[xpcproxy com.apple.metadata.mdwrite]
/usr/bin/sudo
[sudo /usr/libexec/PlistBuddy -c Add :afterinstall string 'http://www.advancedmaccleaner.com/amc/afterinstall.asp' /Users/run/Library/Application Support/Advanced Mac Cleaner/settings.plist]
/usr/libexec/PlistBuddy
[/usr/libexec/PlistBuddy -c Add :afterinstall string 'http://www.advancedmaccleaner.com/amc/afterinstall.asp' /Users/run/Library/Application Support/Advanced Mac Cleaner/settings.plist]
/usr/bin/sudo
[sudo /usr/libexec/PlistBuddy -c Add :uninstall string 'http://www.advancedmaccleaner.com/amc/afteruninstall.asp' /Users/run/Library/Application Support/Advanced Mac Cleaner/settings.plist]
/usr/libexec/secinitd
[/usr/libexec/secinitd]
/usr/libexec/PlistBuddy
[/usr/libexec/PlistBuddy -c Add :uninstall string 'http://www.advancedmaccleaner.com/amc/afteruninstall.asp' /Users/run/Library/Application Support/Advanced Mac Cleaner/settings.plist]
/usr/bin/sudo
[sudo /usr/libexec/PlistBuddy -c Add :afterexpire string 'http://advancedmaccleaner.safecart.store/amc/renewal' /Users/run/Library/Application Support/Advanced Mac Cleaner/settings.plist]
/usr/libexec/PlistBuddy
[/usr/libexec/PlistBuddy -c Add :afterexpire string 'http://advancedmaccleaner.safecart.store/amc/renewal' /Users/run/Library/Application Support/Advanced Mac Cleaner/settings.plist]
/usr/bin/sudo
[sudo /usr/libexec/PlistBuddy -c Add :trackscan string 'http://www.advancedmaccleaner.com/trackscan/' /Users/run/Library/Application Support/Advanced Mac Cleaner/settings.plist]
/usr/libexec/PlistBuddy
[/usr/libexec/PlistBuddy -c Add :trackscan string 'http://www.advancedmaccleaner.com/trackscan/' /Users/run/Library/Application Support/Advanced Mac Cleaner/settings.plist]
/usr/bin/sudo
[sudo /usr/libexec/PlistBuddy -c Add :allowedCC string 'us,uk,au,de,fr,ja,es,pt-br,fi,it,no,ru,da,nl,sv' /Users/run/Library/Application Support/Advanced Mac Cleaner/settings.plist]
/usr/libexec/PlistBuddy
[/usr/libexec/PlistBuddy -c Add :allowedCC string 'us,uk,au,de,fr,ja,es,pt-br,fi,it,no,ru,da,nl,sv' /Users/run/Library/Application Support/Advanced Mac Cleaner/settings.plist]
/usr/bin/sudo
[sudo /usr/libexec/PlistBuddy -c Add :showPhone string '1' /Users/run/Library/Application Support/Advanced Mac Cleaner/settings.plist]
/usr/libexec/xpcproxy
[xpcproxy com.apple.assistantd]
/usr/libexec/xpcproxy
[xpcproxy com.apple.bird]
/usr/libexec/PlistBuddy
[/usr/libexec/PlistBuddy -c Add :showPhone string '1' /Users/run/Library/Application Support/Advanced Mac Cleaner/settings.plist]
/usr/bin/sudo
[sudo /usr/libexec/PlistBuddy -c Add :urlgetip string 'http://advancedmaccleaner.com/getIpAddress.asp' /Users/run/Library/Application Support/Advanced Mac Cleaner/settings.plist]
/usr/libexec/PlistBuddy
[/usr/libexec/PlistBuddy -c Add :urlgetip string 'http://advancedmaccleaner.com/getIpAddress.asp' /Users/run/Library/Application Support/Advanced Mac Cleaner/settings.plist]
/usr/bin/sudo
[sudo /usr/libexec/PlistBuddy -c Add :urlruntimefile string 'http://trkr.advancedmaccleaner.com/ipfiles' /Users/run/Library/Application Support/Advanced Mac Cleaner/settings.plist]
/usr/libexec/PlistBuddy
[/usr/libexec/PlistBuddy -c Add :urlruntimefile string 'http://trkr.advancedmaccleaner.com/ipfiles' /Users/run/Library/Application Support/Advanced Mac Cleaner/settings.plist]
/usr/bin/sudo
[sudo /usr/libexec/PlistBuddy -c Add :runtimerequired string '1' /Users/run/Library/Application Support/Advanced Mac Cleaner/settings.plist]
/usr/libexec/PlistBuddy
[/usr/libexec/PlistBuddy -c Add :runtimerequired string '1' /Users/run/Library/Application Support/Advanced Mac Cleaner/settings.plist]
/usr/bin/sudo
[sudo /usr/libexec/PlistBuddy -c Add :utm_source string 'mclkibm' /Users/run/Library/Application Support/Advanced Mac Cleaner/params.plist]
/usr/libexec/PlistBuddy
[/usr/libexec/PlistBuddy -c Add :utm_source string 'mclkibm' /Users/run/Library/Application Support/Advanced Mac Cleaner/params.plist]
/usr/bin/sudo
[sudo /usr/libexec/PlistBuddy -c Add :utm_campaign string 'mclkibm' /Users/run/Library/Application Support/Advanced Mac Cleaner/params.plist]
/System/Library/PrivateFrameworks/AssistantServices.framework/Versions/A/Support/assistantd
[/System/Library/PrivateFrameworks/AssistantServices.framework/Versions/A/Support/assistantd]
/usr/libexec/PlistBuddy
[/usr/libexec/PlistBuddy -c Add :utm_campaign string 'mclkibm' /Users/run/Library/Application Support/Advanced Mac Cleaner/params.plist]
/usr/bin/sudo
[sudo /usr/libexec/PlistBuddy -c Add :utm_medium string 'mclkibm' /Users/run/Library/Application Support/Advanced Mac Cleaner/params.plist]
/System/Library/PrivateFrameworks/CloudDocsDaemon.framework/Versions/A/Support/bird
[/System/Library/PrivateFrameworks/CloudDocsDaemon.framework/Versions/A/Support/bird]
/usr/libexec/PlistBuddy
[/usr/libexec/PlistBuddy -c Add :utm_medium string 'mclkibm' /Users/run/Library/Application Support/Advanced Mac Cleaner/params.plist]
/usr/bin/sudo
[sudo /usr/libexec/PlistBuddy -c Add :utm_content string '' /Users/run/Library/Application Support/Advanced Mac Cleaner/params.plist]
/usr/libexec/PlistBuddy
[/usr/libexec/PlistBuddy -c Add :utm_content string '' /Users/run/Library/Application Support/Advanced Mac Cleaner/params.plist]
/usr/bin/sudo
[sudo /usr/libexec/PlistBuddy -c Add :affiliateid string '' /Users/run/Library/Application Support/Advanced Mac Cleaner/params.plist]
/usr/libexec/PlistBuddy
[/usr/libexec/PlistBuddy -c Add :affiliateid string '' /Users/run/Library/Application Support/Advanced Mac Cleaner/params.plist]
/usr/bin/sudo
[sudo /usr/libexec/PlistBuddy -c Add :x-at string '' /Users/run/Library/Application Support/Advanced Mac Cleaner/params.plist]
/usr/libexec/PlistBuddy
[/usr/libexec/PlistBuddy -c Add :x-at string '' /Users/run/Library/Application Support/Advanced Mac Cleaner/params.plist]
/usr/bin/sudo
[sudo /usr/libexec/PlistBuddy -c Add :utm_term string '' /Users/run/Library/Application Support/Advanced Mac Cleaner/params.plist]
/usr/libexec/xpcproxy
[xpcproxy com.apple.nsurlstoraged]
/usr/libexec/nsurlstoraged
[/usr/libexec/nsurlstoraged]
/usr/libexec/PlistBuddy
[/usr/libexec/PlistBuddy -c Add :utm_term string '' /Users/run/Library/Application Support/Advanced Mac Cleaner/params.plist]
/usr/bin/pluginkit
[/usr/bin/pluginkit -e ignore -i com.microsoft.OneDrive.FinderSync]
/usr/bin/sudo
[sudo /usr/libexec/PlistBuddy -c Add :pxl string 'MCL874_MCL857_RUNT' /Users/run/Library/Application Support/Advanced Mac Cleaner/params.plist]
/usr/sbin/spctl
[/usr/sbin/spctl --assess --type execute /var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/T/OneDriveUpdater2E18A62F/OneDrive.app]
/usr/libexec/PlistBuddy
[/usr/libexec/PlistBuddy -c Add :pxl string 'MCL874_MCL857_RUNT' /Users/run/Library/Application Support/Advanced Mac Cleaner/params.plist]
/usr/bin/sudo
[sudo /usr/libexec/PlistBuddy -c Add :lpid string '0' /Users/run/Library/Application Support/Advanced Mac Cleaner/params.plist]
/usr/libexec/PlistBuddy
[/usr/libexec/PlistBuddy -c Add :lpid string '0' /Users/run/Library/Application Support/Advanced Mac Cleaner/params.plist]
/usr/bin/sudo
[sudo /usr/libexec/PlistBuddy -c Add :btnid string '0' /Users/run/Library/Application Support/Advanced Mac Cleaner/params.plist]
/usr/libexec/PlistBuddy
[/usr/libexec/PlistBuddy -c Add :btnid string '0' /Users/run/Library/Application Support/Advanced Mac Cleaner/params.plist]
/usr/bin/sudo
[sudo open /Applications/Advanced Mac Cleaner.app --args -af_ins -fire_ai]
/usr/bin/open
[open /Applications/Advanced Mac Cleaner.app --args -af_ins -fire_ai]
/usr/libexec/xpcproxy
[xpcproxy com.techyutils.cleaner.2304]
/Applications/Advanced Mac Cleaner.app/Contents/MacOS/Advanced Mac Cleaner
[/Applications/Advanced Mac Cleaner.app/Contents/MacOS/Advanced Mac Cleaner -af_ins -fire_ai]
/usr/libexec/xpcproxy
[xpcproxy com.apple.ReportCrash]
/System/Library/CoreServices/ReportCrash
[/System/Library/CoreServices/ReportCrash agent]
/usr/libexec/xpcproxy
[xpcproxy com.apple.security.cloudkeychainproxy3]
/System/Library/Frameworks/Security.framework/Versions/A/Resources/CloudKeychainProxy.bundle/Contents/MacOS/CloudKeychainProxy
[/System/Library/Frameworks/Security.framework/Versions/A/Resources/CloudKeychainProxy.bundle/Contents/MacOS/CloudKeychainProxy]
/usr/libexec/xpcproxy
[xpcproxy com.apple.metadata.mdwrite]
/usr/libexec/xpcproxy
[xpcproxy com.apple.pbs]
/System/Library/CoreServices/pbs
[/System/Library/CoreServices/pbs]
/usr/libexec/xpcproxy
[xpcproxy com.apple.xpc.launchd.oneshot.0x10000001.Problem Reporter]
/System/Library/CoreServices/Problem Reporter.app/Contents/MacOS/Problem Reporter
[/System/Library/CoreServices/Problem Reporter.app/Contents/MacOS/Problem Reporter -psn_0_163880]
/usr/libexec/xpcproxy
[xpcproxy com.apple.icloud.findmydeviced]
/usr/libexec/findmydeviced
[/usr/libexec/findmydeviced]
/usr/libexec/xpcproxy
[xpcproxy com.apple.geod]
/System/Library/PrivateFrameworks/GeoServices.framework/Versions/A/XPCServices/com.apple.geod.xpc/Contents/MacOS/com.apple.geod
[/System/Library/PrivateFrameworks/GeoServices.framework/Versions/A/XPCServices/com.apple.geod.xpc/Contents/MacOS/com.apple.geod]
/usr/libexec/xpcproxy
[xpcproxy com.apple.suggestd]
/System/Library/PrivateFrameworks/CoreSuggestions.framework/Versions/A/Support/suggestd
[/System/Library/PrivateFrameworks/CoreSuggestions.framework/Versions/A/Support/suggestd]
/usr/libexec/xpcproxy
[xpcproxy com.apple.AddressBook.ContactsAccountsService]
/System/Library/Frameworks/AddressBook.framework/Executables/ContactsAccountsService
[/System/Library/Frameworks/AddressBook.framework/Executables/ContactsAccountsService]
/usr/libexec/xpcproxy
[xpcproxy com.apple.knowledge-agent]
/usr/libexec/knowledge-agent
[/usr/libexec/knowledge-agent]
/usr/libexec/xpcproxy
[xpcproxy com.apple.routined]
/usr/libexec/routined
[/usr/libexec/routined LAUNCHED_BY_LAUNCHD]
/usr/libexec/xpcproxy
[xpcproxy com.apple.Maps.mapspushd]
/System/Library/CoreServices/mapspushd
[/System/Library/CoreServices/mapspushd]
/usr/libexec/xpcproxy
[xpcproxy com.apple.neagent.878568F8-CCE5-4157-8315-22F20DC8FB0A]
/usr/libexec/neagent
[/usr/libexec/neagent]
/usr/libexec/xpcproxy
[xpcproxy com.apple.siri.context.service]
/System/Library/PrivateFrameworks/ContextKit.framework/Versions/A/XPCServices/ContextService.xpc/Contents/MacOS/ContextService
[/System/Library/PrivateFrameworks/ContextKit.framework/Versions/A/XPCServices/ContextService.xpc/Contents/MacOS/ContextService]
/usr/libexec/xpcproxy
[xpcproxy com.apple.corespotlightservice.725FD30A-6064-6C02-CC51-5DDB8891B57E]
/System/Library/Frameworks/CoreSpotlight.framework/CoreSpotlightService
[/System/Library/Frameworks/CoreSpotlight.framework/CoreSpotlightService]
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | api.apple-cloudkit.fe2.apple-dns.net | udp |
| US | 8.8.8.8:53 | mobile.events.data.trafficmanager.net | udp |
| US | 20.189.173.6:443 | tcp | |
| US | 8.8.8.8:53 | bag-cdn.itunes-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | gspe1-ssl.ls.apple.com.edgesuite.net | udp |
| US | 8.8.8.8:53 | e4686.dsce9.akamaiedge.net | udp |
| GB | 104.77.118.129:443 | tcp | |
| GB | 17.253.77.202:80 | valid.apple.com | tcp |
| US | 8.8.8.8:53 | gsp64-ssl.ls-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | cds.apple.com | udp |
| BE | 104.68.86.71:443 | cds.apple.com | tcp |
| US | 8.8.8.8:53 | help.apple.com | udp |
| GB | 2.21.189.171:443 | help.apple.com | tcp |
| GB | 2.21.189.171:443 | help.apple.com | tcp |
| N/A | 224.0.0.251:5353 | udp |
Files
/private/var/run/installd.commit.pid
| MD5 | 1bb91f73e9d31ea2830a5e73ce3ed328 |
| SHA1 | 9d6ad3cc125c3c4d07b17f6aac6ff9ebf9a338c8 |
| SHA256 | dd8e8c8c9dae8978f122d7bcf3d0d49f6a0e86b9fc35528f55e78f7408927bb1 |
| SHA512 | 2570d9315c878c26607216dd43925eea48f9909eac7b7ca6d01ed6f393da4bee023858315ed6be2ca07dc763b99da4abb44524f0106f9e39ce15559104f5382e |
/tmp/PKInstallSandbox.Y3qo6z/Scripts/com.pcvark.advancedMacCleaner.Root.pkg.MVqKBn/preinstall
| MD5 | cd9b48ef81256a964b8f59bf0848283f |
| SHA1 | 1b2348281249bd202b41a8d27547e0567f6db782 |
| SHA256 | 27125201f918d5c6ba017acf585967f5da2820430d71ffc61af063fa2e67c39b |
| SHA512 | 761d0a4cefa17e43a5e54208a75eb87d2c0be9bf60101f36f2c0951a91a00c4dc931feb7b3ffb65314c7b82932d0001831d20fd38ba02fb9b27ac06a7fdd065b |
/tmp/PKInstallSandbox.Y3qo6z/Scripts/com.pcvark.advancedMacCleaner.Root.pkg.MVqKBn/postinstall
| MD5 | 38d4f310e9d388c3e139646988dc1985 |
| SHA1 | 358042308acc17de4891680eb8f8d7e00613aaae |
| SHA256 | 8944a12a2d09570e58e62fb31e4e6377ad1802de31f641b1d628de301dbb1cf8 |
| SHA512 | b40f36a341508f8caf26e634fd60413d73f06aa25f162af43da1bd9ab49da3ce9a37ae04781134066f9f93a4f34d88d6ecd97ddfaee5d9723c06ef5944f11522 |
/Users/run/Library/LaunchAgents/com.pcv.hlpramcn.plist
| MD5 | f12494347f18900ea8e2d2d9acae1216 |
| SHA1 | 222ea6460d84115f186e831063a3b9b32b304ddf |
| SHA256 | 1922a2fa60046e0d03c979b9dd637ceb8f8ae5055d9471a0f8977e67eb18ded7 |
| SHA512 | e3eb38b378d1a139c96411a10479b6ef82ed07a75886bb844eed9c6bffcb733f114754f909a9e4595d93b20b685df562b9a581f0b498acddeda3201492cbd866 |
/Users/run/Library/LaunchAgents/com.pcv.hlpramcn.plist
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
/Users/run/Library/LaunchAgents/com.pcv.hlpramcn.plist
| MD5 | 85aa1670e170dc96084805cc58044f95 |
| SHA1 | 792bf1bbc8e483de10326cad99a869535cd0f7bb |
| SHA256 | ed02a3cb0bdfef9d6e122036a49981fb74c1e8c8d7c9c9a53957b517d67c179a |
| SHA512 | f3c1fe70ef3fe25c56484ee919894913f879df359f4d4b36d20b29ddae40de8abd72df1f45329a98e47bfad3aa27aeab2896fabc0c59f15d7c51c93e55a40f34 |
/Users/run/Library/LaunchAgents/com.pcv.hlpramcn.plist
| MD5 | c9c66501a0578b81f4a92878490e3004 |
| SHA1 | 6e04a70037c0c4f9750c91c3418f322d1c3bfffc |
| SHA256 | ca9d3411b463a196f3de5eff3b140224d32cc9b00f3cd725628e0d4dfc7c0aa7 |
| SHA512 | 4eed26e240094cef547a14dc2d0f3690cbbf66b3b14e8ba69745b249ec49f4cf5f0979688a56dfae34d8fb37fb1f9261593c859303e464bfee2ed57da39b9650 |
/Users/run/Library/LaunchAgents/com.pcv.hlpramcn.plist
| MD5 | 98535aa524096dc2e3708c2079c4ceb9 |
| SHA1 | 72db15b3f8125d27c88ebddae04380e93e785670 |
| SHA256 | a86702f891958b9afaeb4208c324266526d7afb92e140304dabd62dcf6d0e3ab |
| SHA512 | 2b1656c6c3b1af8ccd4924dbdc9412528139295377942b357cc0818b6346a6ba746b90fb9e42612435870794e58f2adddb02f1c00960900c0c3773c20c5c26ef |
/Users/run/Library/Application Support/Advanced Mac Cleaner/settings.plist
| MD5 | a8f9bc5e4c0c86198617f4be4e5ce5de |
| SHA1 | fe2e04a39712d3e23aa54c672350ecab8af6df38 |
| SHA256 | ecf2e9c05149568b33f2583b1acfa461bdde5513a248d9a6fdafc4a14c21f73e |
| SHA512 | bac9e995353f07134910cac29879fc4902e7b28f59793f677373428e40fae8675c4be523052bd17c279679ea30fd4debc9ba23658315bb2540606577ae8a56af |
/Users/run/Library/Application Support/Advanced Mac Cleaner/settings.plist
| MD5 | 81be8390addb493b1f3274e635e917e2 |
| SHA1 | a30869bb3c867502b95a1df488466d38bbf36763 |
| SHA256 | ac33dff0f0cfa9f943f30e082dfa2c399245699ebae697cb7a03373ff421af11 |
| SHA512 | d809ca82f74f6133da7ca9795db6a9c4587687f711a1559612b1aff1cd601ab5ef92c7fb58aa2b08c66bf955a3e8dfa3c75100ae09d8c88d37859ecb76cb0036 |
/Users/run/Library/Application Support/Advanced Mac Cleaner/settings.plist
| MD5 | d44f106586ab553a692e5bf5ffe0aec7 |
| SHA1 | eeff7a0dd19d08dff6c3568ec4733392dd4196d7 |
| SHA256 | d69fca2b7da745f317bc482a80dba39dd60f2a70c3145dfcec7bdbdd867189d5 |
| SHA512 | 34913e3e6327b7ac47c17848ce46acc02d2d6b9195c7f91ffd45c214c56428db3ca1db0158c4079ab2d24286f80c7d614e1b87db0b2c77fce61ed295a5036256 |
/Users/run/Library/Application Support/Advanced Mac Cleaner/settings.plist
| MD5 | acb00bd85f7ec052ddff30c5eb150c83 |
| SHA1 | 0ad52b90ce7d8af4a8d0d15ddc677badd4e21087 |
| SHA256 | 6c5467b45f0c821fe7c2e8715eaade371ffda1662de109f3b3e2ac8b13437140 |
| SHA512 | f0a7a347fc3c4fa9f3d1b1ddf050357cae41b6f95c846d5a09fadb9c842396a3ab7b4caea7a8dbe23712b1ddf17884d2208bd430604149ccb8543566530f8a33 |
/Users/run/Library/Application Support/Advanced Mac Cleaner/settings.plist
| MD5 | 9ea668045068cddc8780d928f0bacca9 |
| SHA1 | 77d4deb0eab8dc6e860f69c6e98910f154f5b458 |
| SHA256 | bf8a0a0f2c1c2c5c03b199d6aa642c070f0c31367fd23cf3431ea0e4d753c0b7 |
| SHA512 | 23d7e9b3f0050066a610f5ad2bb9becbddaea069595ab21a2995cceb9f3375be169401ea86ce7ff11325d98c7dd9175c2e2163689ca032f27b547a34dd7a0d88 |
/Users/run/Library/Application Support/Advanced Mac Cleaner/settings.plist
| MD5 | d861af7d1b5f4a5833787c5648e2d4e9 |
| SHA1 | ae32513e65cfcbe51ddc6425b7b00d2894207ba0 |
| SHA256 | 698693279fbaea687250dbb7b7745959f9c01368b352e8e27273f9d66af54ac0 |
| SHA512 | 6d0f04c1c672810784717cac0d7dd2bf3c8eb4ca132588243b2b29859f252e413168268bad2921a071b88f0c33b1b003102e6bef3a63db62a0580d24663f0849 |
/Users/run/Library/Application Support/Advanced Mac Cleaner/settings.plist
| MD5 | 93cafd1e2efe8a2ba38e874928ee6fa2 |
| SHA1 | 4c7b92bb57afe1b301a7549c3b8ebd92c39b4d24 |
| SHA256 | e07ac1c252817ba801dde27c05f4d49648f6273c4b720154c10c08bba9bf152a |
| SHA512 | 6599b3fbc67ece4d910b7a4710bb00f7500b12dc5608f528171740221fd0b9c50e2a866235137bd950360ea4e1c2e9c786e92baed9689187c3027d9b3c83427a |
/Users/run/Library/Application Support/Advanced Mac Cleaner/settings.plist
| MD5 | 3c1c68148b1e470652d731ce5d184821 |
| SHA1 | 9346a491941b7a673033294c7684040d8491d7d7 |
| SHA256 | c39124f9c4e8738f1067df1b039d52e319bdca9596be6926a66a910ddec86a9f |
| SHA512 | 625c08f692c2b4247fa78a2a1b23d542afd704b2707c0b348e725fc17bb7b2df989135488e5192b56c53dd8e64278c02f0b330ff4850d1416d9ce8660fed330e |
/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C//mds/mdsObject.db
| MD5 | d3a1859e6ec593505cc882e6def48fc8 |
| SHA1 | f8e6728e3e9de477a75706faa95cead9ce13cb32 |
| SHA256 | 3ebafa97782204a4a1d75cfec22e15fcdeab45b65bab3b3e65508707e034a16c |
| SHA512 | ea2a749b105759ea33408186b417359deffb4a3a5ed0533cb26b459c16bb3524d67ede5c9cf0d5098921c0c0a9313fb9c2672f1e5ba48810eda548fa3209e818 |
/Users/run/Library/Application Support/Advanced Mac Cleaner/settings.plist
| MD5 | d8fba0896ead5c339a8ed3da6b5a30ca |
| SHA1 | e7bde31866a0c341a55fba291bcba2b89e41b92f |
| SHA256 | 7f8165dceaf280c28b145418c946be79d3aee6e39ad6b72137c5ddc5441514e0 |
| SHA512 | 6cbfa0fbbc13f8f93d01e6fa0ccd9bcaba68e8f9d0171025e99094dad7a7b44383f594ed6ede95e83d0ca8e32c0aabd7541359b025f0e31134e525ad4448db41 |
/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C//mds/mdsDirectory.db
| MD5 | 0e4a0d1ceb2af6f0f8d0167ce77be2d3 |
| SHA1 | 414ba4c1dc5fc8bf53d550e296fd6f5ad669918c |
| SHA256 | cca093bcfc65e25dd77c849866e110df72526dffbe29d76e11e29c7d888a4030 |
| SHA512 | 1dc5282d27c49a4b6f921ba5dfc88b8c1d32289df00dd866f9ac6669a5a8d99afeda614bffc7cf61a44375ae73e09cd52606b443b63636977c9cd2ef4fa68a20 |
/Users/run/Library/Application Support/Advanced Mac Cleaner/settings.plist
| MD5 | 08b4580388a353c340d38cde850bbd6c |
| SHA1 | c51f0e4c0f90dd330c840ea3fa35c88445658e84 |
| SHA256 | 98b959d843a59ecdfa83f7bc58cfa9b7fb5b1f509a156a8f4874eeeeb4494741 |
| SHA512 | b9d1e9d3057929d5d4cdaa110e2256de6edbb5bb305827b06ade8e2fa522af6e050c6f61ed1f9e3ebd84cf2db261cc0e3b2b0f10e877b4dc2bc27480288fba5b |
/Users/run/Library/Application Support/Advanced Mac Cleaner/params.plist
| MD5 | 5c908ed1b976c241d32f7f129a61f5a0 |
| SHA1 | 4017cdd82400aa9327642aec0f02c5521563fe19 |
| SHA256 | 15b4dde54cdafd9f49c7def3910c0d33941e4afef12ea88fcaa82e466e2dcbc7 |
| SHA512 | 3d3026c37e019ba7f6372825e7e73365ab9d582fb9f58df441017df74450a7999e55ea9ea0e5c5ad335e69372fce783b3b96914db39be8704a38d732a084b608 |
/Users/run/Library/Application Support/Advanced Mac Cleaner/params.plist
| MD5 | 8b08547d261c74926b3f3759bbae1f49 |
| SHA1 | d03a8fec1cfaa3bad8f4e4e8d884bc0c722db17a |
| SHA256 | 1cb19b98da0c35e1fd97b5175a6125296b7aefcfc3fc08b93bb3c269dfff5164 |
| SHA512 | 363e7f0c97d4546736e22364222e72373b485f3c3d4c12af22b06213e1270fc5d161b0d342026a6a254ae55c675e9025a4b7a7b728204d6f1cd8a208e445837c |
/Users/run/Library/Application Support/Advanced Mac Cleaner/params.plist
| MD5 | 39035b07e777652557671c282053bf86 |
| SHA1 | 26fd118e82156aa9108d4251d31ecff286b82528 |
| SHA256 | 5d1908948ab1200f7c3180bb1edbef3e136269bff640593e903bc83710ed1675 |
| SHA512 | c55cef2211df5c2738a54a13682f37287de772aef671e89aec751929284529deb01a02be6e9bc0872e5ec35c2099dc3f79b8813627c3c7b43dfc96e8062cdef7 |
/Users/run/Library/Application Support/Advanced Mac Cleaner/params.plist
| MD5 | fa35525385f30ee4be5ffd4061060f2c |
| SHA1 | 8fb3846e9e261c9ddc9251407127a8b2d06dc2d8 |
| SHA256 | 04ad9a1d2e992a0ad0a4d35b5a4cba0a1c7e141c8a754985a7097e493e3a5585 |
| SHA512 | 5108c8f3e1df473222ecbb9699931ca0a8f3eaa6fd02ba2d3199249952426acc5b0eeb6bd6d99c7e35bc9add4ff3c7139b94f2cf132add1ec988e35e783a304f |
/Users/run/Library/Application Support/Advanced Mac Cleaner/params.plist
| MD5 | 315466df72faaa7fae455bfbd0737e05 |
| SHA1 | 445594ffa69ede13fc02c06085f090d34c52897d |
| SHA256 | 382faea470e8567ed99a20149a1fdbfaaa94a446595697e7f11b4e04c9cd1db9 |
| SHA512 | 134b8dc28994a8f2d9484df0d273ee4947623e3d8272a7b0d324dbfc7ba959d467974b71209f5a635309fe792ef48804911f4a091f96f8622b835388e1d19434 |
/Users/run/Library/Application Support/Advanced Mac Cleaner/params.plist
| MD5 | 51994b1cbefa511b23b65ef71e0e3e3e |
| SHA1 | d3ec2decade1c1f4ffbf27af854e6dbf848760c7 |
| SHA256 | 5c577f133b84c8281b5b5a51094398ba68ff13be3f43b59dfc48cc47247a5ce2 |
| SHA512 | a38dbb54f6645813dcfcc00cc6bb1362438fb0e466bc587e27ca7b66e3c57d9068dfd7d9ee7ac436efe254ddf6e51b2d17659c84b1feecfa3c0af9b2add9b3a7 |
/Users/run/Library/Application Support/Advanced Mac Cleaner/params.plist
| MD5 | 3aeec3cfc35cc8fb42030786fc36181a |
| SHA1 | 7242088274b54e70da671792ec06ce3365a370c8 |
| SHA256 | 801ae3a0890b15198d3b0f67c84d116dde1c57f241bad2508be560d709f93f46 |
| SHA512 | 5d0c541776caf87d89462aa52568726d133c10965ff904273ffbec86446fa157fe653f2cf68e12454d9c86ba3b949ca32a3fbee51e01605460c4ecaffc859399 |
/Users/run/Library/Application Support/Advanced Mac Cleaner/params.plist
| MD5 | 49782efe1b581005f2883874d0dad980 |
| SHA1 | a4598cb83292556fd4a3381ecb035814fd5479d9 |
| SHA256 | b671552029216b70afec7ddc7ce58af6123ca55dd29e093547e67136c134963a |
| SHA512 | ae024ccbe835900891ed3de4939b32bcc692bdfe06dc718a4f470837429207181917e5c61a9d9fe6eca7e771d4ce9813dd41fbff4bf26061be0caf4bf14c8df1 |
/Users/run/Library/Application Support/Advanced Mac Cleaner/params.plist
| MD5 | 7c76bd66af515b7b6fd41218befe4c78 |
| SHA1 | 6ca29bb47629e29885d5f6f6a1f0126366f08588 |
| SHA256 | 2a3af68fb7a2cc70cfc309748417aaa315d2cb0a53486a5b1fea6555e5f62063 |
| SHA512 | eb6557954e74ec9663cde20ee744e3783c99c7d4a26aa8f361a9d5bcc65c49c82e60fa15787236ccbcd75a7d0d592cbad1534ffd58ba94880cc0c7b3acacfa5a |
/Applications/Advanced Mac Cleaner.app/Contents/Info.plist
| MD5 | bae7dc2c382b52daeb0763128644abfd |
| SHA1 | 517a6c99e77e3b59de2db60c84591387ec931c28 |
| SHA256 | ab636985d2b0d007cfbc383ce99b43aba5bbc7872dc2a56d2a46abc4315bec30 |
| SHA512 | 78616eeaa810a8873dde92b4b78c27fcbc9bf15e3ce0d10a0180e19fb1ea95a3773facd97773ccc9e86611c670026c4cdd202214d95b2463ebe3920a7bbcad63 |
/Applications/Advanced Mac Cleaner.app/Contents/MacOS/Advanced Mac Cleaner
| MD5 | a7ca1ad096729e89a618cbf7afac8bc0 |
| SHA1 | cef9676f56d16ee422dcde60ddcbd07ff8828420 |
| SHA256 | 0ed883d533f8356c2b1f9e1dfe98cd3212a75139daf1a2e679418780f58cc16e |
| SHA512 | ec63ea4feebb6c2e8cd2c00796e42728960e4c356a7b7cd698bed40cd16fa298ca1cc84db445442f1c1efae315af80f3ea0c889c71e3e507681cd06f3b0b129c |
/Users/run/Library/Keychains/metadata.keychain-db
| MD5 | 14dd69c7307554854fa743d1cf32a003 |
| SHA1 | cad88195bd23f802d349fc246c9872ba4f71e8de |
| SHA256 | 80e6d7939f56a14255cefba14cd8fc679d3701b14c4aaecf0b052eb850ccadb0 |
| SHA512 | fe1ec6c7658285891c0229e76ce1158e4861d0c36343e8bb3fa1af3c3aae2239ac34f1b502bf315290495e028850ac7258de36d1fd3c5ef56ccdb8c0e78685bd |
/Users/run/Library/Keychains/metadata.keychain-db
| MD5 | b6cf0252e5ba31860fa2d9e3120a3986 |
| SHA1 | 5dc9ef33562801c9fe61888fc865d6c491de0e04 |
| SHA256 | a5ea9bc3b9aa63b0e6bba12efab3cce1927c385820c22ea4ed750e16f2b4ba13 |
| SHA512 | 7fd6ed4221d0d0b51cf8be567f72314929fc17c235d74cfbc77cf724d3e73da88b97aa4e884181dd9965eb339e8c8dea4400480534a6480e25e1b98a117c631a |
/Users/run/Library/Logs/DiagnosticReports/Advanced Mac Cleaner_2024-06-15-170930_tests-iMac.crash
| MD5 | 80ea17096bb83cf1689276c3e29670b7 |
| SHA1 | 5803460b41ca5a5d9b5aa4a72f9ee0b7257a3f82 |
| SHA256 | e55ca80e7e612372558ade15ba0a4d924e08d4c1bfda45b6faefaf063f074628 |
| SHA512 | d4b2af337196ece18b85bcf4becacaede0ffde3fe1dc652a9899e61dbc92dba97e21ef0603ad93309c5aa7d8583e5687714e3dc90e750b0ac2e3e7fc85178e93 |
/Users/run/Library/Caches/GeoServices/ActiveTileGroup.pbd
| MD5 | 50e07abef86d4a0776feb952d0800e34 |
| SHA1 | 91d17a599f6e1af6c64993ab85afcf20d70344e1 |
| SHA256 | 5d9aedaa776f07c835e19b00483f7b0e5e31ffb5b0b3ca95b2a4b120f06e487a |
| SHA512 | 1492d435dac4bc5ab3395c8453a56e240b9d33a73eaa8040bfa8b542ab94432c6b1f41f9858020c693b936173edd44474537640acff344ac38a660eef1a3b8d8 |
/Users/run/Library/Logs/DiagnosticReports/mdwrite_2024-06-15-171003_tests-iMac.crash
| MD5 | 82ad9c1d1b5a24213ba08a1df877da54 |
| SHA1 | a9c0525c29602808d37419c992f6e1b8664a8ef3 |
| SHA256 | 17269a7ef325d71130773790ff5bcf68d2feb44e45e96ee0a5666b76eb8b7bdd |
| SHA512 | 955a5414b1c0056ef1b681a7cddbb155c46e3dd17e0f0131588eee83e3669c1513c68134186b35801fc5f59a491cd9ece226f35fb0df3884b399eb0b7170aa5d |
/Users/run/Library/Application Support/CrashReporter/mdwrite_79C87F0E-9227-5AAD-AA91-25F794E1F52E.plist
| MD5 | 72c10804a8f96fcb26d7f91037bbd81e |
| SHA1 | 5438b8df4339d5b55673916254278fc773e6f895 |
| SHA256 | b181e5aa48aa032113ff75f54c52303982c3322b7631451afc80b8a9f84fb905 |
| SHA512 | b4f62af91b9d54c2f7f97128a81c431f01e6e93b146b9fb8c28c0400702dd041e865398d765e31858cc4520a66dbf58d3de497bcae30ae160bf1d89972b35016 |