Analysis Overview
SHA256
dc0826657a005009f43bdc3a0933d08352f8b22b2b9b961697a2db6e9913e871
Threat Level: Likely benign
The file VencordInstaller.exe was found to be: Likely benign.
Malicious Activity Summary
Resource Forking
Unsigned PE
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-06-18 12:59
Signatures
Unsigned PE
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-18 12:59
Reported
2024-06-18 13:03
Platform
macos-20240611-en
Max time kernel
147s
Max time network
140s
Command Line
Signatures
Resource Forking
| Description | Indicator | Process | Target |
| N/A | /System/Library/Frameworks/Security.framework/Versions/A/Resources/CloudKeychainProxy.bundle/Contents/MacOS/CloudKeychainProxy | N/A | N/A |
Processes
/bin/sh
[sh -c sudo /bin/zsh -c "/Users/run/VencordInstaller.exe"]
/bin/bash
[sh -c sudo /bin/zsh -c "/Users/run/VencordInstaller.exe"]
/usr/bin/sudo
[sudo /bin/zsh -c /Users/run/VencordInstaller.exe]
/bin/zsh
[/bin/zsh -c /Users/run/VencordInstaller.exe]
/Users/run/VencordInstaller.exe
[/Users/run/VencordInstaller.exe]
/usr/libexec/xpcproxy
[xpcproxy com.apple.sysmond]
/usr/libexec/sysmond
[/usr/libexec/sysmond]
/usr/libexec/xpcproxy
[xpcproxy com.apple.security.cloudkeychainproxy3]
/System/Library/Frameworks/Security.framework/Versions/A/Resources/CloudKeychainProxy.bundle/Contents/MacOS/CloudKeychainProxy
[/System/Library/Frameworks/Security.framework/Versions/A/Resources/CloudKeychainProxy.bundle/Contents/MacOS/CloudKeychainProxy]
/usr/bin/pluginkit
[/usr/bin/pluginkit -e ignore -i com.microsoft.OneDrive.FinderSync]
/usr/sbin/spctl
[/usr/sbin/spctl --assess --type execute /var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/T/OneDriveUpdater2E18A62F/OneDrive.app]
/usr/libexec/xpcproxy
[xpcproxy com.apple.TextEdit.2092]
/System/Applications/TextEdit.app/Contents/MacOS/TextEdit
[/System/Applications/TextEdit.app/Contents/MacOS/TextEdit]
/usr/libexec/xpcproxy
[xpcproxy com.apple.siri.context.service]
/System/Library/PrivateFrameworks/ContextKit.framework/Versions/A/XPCServices/ContextService.xpc/Contents/MacOS/ContextService
[/System/Library/PrivateFrameworks/ContextKit.framework/Versions/A/XPCServices/ContextService.xpc/Contents/MacOS/ContextService]
/usr/libexec/xpcproxy
[xpcproxy com.apple.bird]
/System/Library/PrivateFrameworks/CloudDocsDaemon.framework/Versions/A/Support/bird
[/System/Library/PrivateFrameworks/CloudDocsDaemon.framework/Versions/A/Support/bird]
/usr/libexec/xpcproxy
[xpcproxy com.apple.pbs]
/System/Library/CoreServices/pbs
[/System/Library/CoreServices/pbs]
/usr/libexec/xpcproxy
[xpcproxy com.apple.suggestd]
/System/Library/PrivateFrameworks/CoreSuggestions.framework/Versions/A/Support/suggestd
[/System/Library/PrivateFrameworks/CoreSuggestions.framework/Versions/A/Support/suggestd]
/usr/libexec/xpcproxy
[xpcproxy com.apple.knowledge-agent]
/usr/libexec/knowledge-agent
[/usr/libexec/knowledge-agent]
/usr/libexec/xpcproxy
[xpcproxy com.apple.AddressBook.ContactsAccountsService]
/System/Library/Frameworks/AddressBook.framework/Executables/ContactsAccountsService
[/System/Library/Frameworks/AddressBook.framework/Executables/ContactsAccountsService]
/usr/libexec/xpcproxy
[xpcproxy com.apple.appkit.xpc.openAndSavePanelService 589]
/System/Library/Frameworks/AppKit.framework/Versions/C/XPCServices/com.apple.appkit.xpc.openAndSavePanelService.xpc/Contents/MacOS/com.apple.appkit.xpc.openAndSavePanelService
[/System/Library/Frameworks/AppKit.framework/Versions/C/XPCServices/com.apple.appkit.xpc.openAndSavePanelService.xpc/Contents/MacOS/com.apple.appkit.xpc.openAndSavePanelService]
/usr/libexec/xpcproxy
[xpcproxy com.apple.quicklook.QuickLookUIService 601]
/System/Library/Frameworks/Quartz.framework/Versions/A/Frameworks/QuickLookUI.framework/Versions/A/XPCServices/QuickLookUIService.xpc/Contents/MacOS/QuickLookUIService
[/System/Library/Frameworks/Quartz.framework/Versions/A/Frameworks/QuickLookUI.framework/Versions/A/XPCServices/QuickLookUIService.xpc/Contents/MacOS/QuickLookUIService]
/usr/libexec/od_user_homes
[/usr/libexec/od_user_homes .localized]
/usr/libexec/xpcproxy
[xpcproxy com.apple.spindump]
/usr/sbin/spindump
[/usr/sbin/spindump]
/usr/libexec/xpcproxy
[xpcproxy com.apple.tailspind]
/usr/libexec/tailspind
[/usr/libexec/tailspind]
/usr/libexec/xpcproxy
[xpcproxy com.apple.spindump_agent]
/usr/libexec/spindump_agent
[/usr/libexec/spindump_agent]
/usr/libexec/xpcproxy
[xpcproxy com.apple.geod]
/System/Library/PrivateFrameworks/GeoServices.framework/Versions/A/XPCServices/com.apple.geod.xpc/Contents/MacOS/com.apple.geod
[/System/Library/PrivateFrameworks/GeoServices.framework/Versions/A/XPCServices/com.apple.geod.xpc/Contents/MacOS/com.apple.geod]
/usr/libexec/xpcproxy
[xpcproxy com.apple.Safari.2028]
/Applications/Safari.app/Contents/MacOS/Safari
[/Applications/Safari.app/Contents/MacOS/Safari]
/usr/libexec/xpcproxy
[xpcproxy com.apple.Safari.History]
/System/Library/PrivateFrameworks/SafariShared.framework/Versions/A/XPCServices/com.apple.Safari.History.xpc/Contents/MacOS/com.apple.Safari.History
[/System/Library/PrivateFrameworks/SafariShared.framework/Versions/A/XPCServices/com.apple.Safari.History.xpc/Contents/MacOS/com.apple.Safari.History]
/usr/libexec/xpcproxy
[xpcproxy com.apple.WebKit.WebContent.A7F7B0E8-4E36-4D1D-809F-E6902890DB12 614]
/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
[/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent]
/usr/libexec/xpcproxy
[xpcproxy com.apple.SafariLaunchAgent]
/Library/Apple/System/Library/CoreServices/SafariSupport.bundle/Contents/MacOS/SafariLaunchAgent
[/Library/Apple/System/Library/CoreServices/SafariSupport.bundle/Contents/MacOS/SafariLaunchAgent]
/usr/libexec/xpcproxy
[xpcproxy com.apple.akd]
/System/Library/PrivateFrameworks/AuthKit.framework/Versions/A/Support/akd
[/System/Library/PrivateFrameworks/AuthKit.framework/Versions/A/Support/akd]
/usr/libexec/xpcproxy
[xpcproxy com.apple.WebKit.WebContent.9B057933-5886-4DCA-8346-C0167C9FCDA4 614]
/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
[/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent]
/usr/libexec/xpcproxy
[xpcproxy com.apple.CoreAuthentication.agent]
/System/Library/Frameworks/LocalAuthentication.framework/Support/coreauthd
[/System/Library/Frameworks/LocalAuthentication.framework/Support/coreauthd]
/usr/libexec/xpcproxy
[xpcproxy com.apple.neagent.878568F8-CCE5-4157-8315-22F20DC8FB0A]
/usr/libexec/neagent
[/usr/libexec/neagent]
/usr/libexec/xpcproxy
[xpcproxy com.apple.Safari.SearchHelper 614]
/System/Library/PrivateFrameworks/SafariShared.framework/Versions/A/XPCServices/com.apple.Safari.SearchHelper.xpc/Contents/MacOS/com.apple.Safari.SearchHelper
[/System/Library/PrivateFrameworks/SafariShared.framework/Versions/A/XPCServices/com.apple.Safari.SearchHelper.xpc/Contents/MacOS/com.apple.Safari.SearchHelper]
/usr/libexec/xpcproxy
[xpcproxy com.apple.Safari.SafeBrowsing.Service]
/System/Library/PrivateFrameworks/SafariSafeBrowsing.framework/com.apple.Safari.SafeBrowsing.Service
[/System/Library/PrivateFrameworks/SafariSafeBrowsing.framework/com.apple.Safari.SafeBrowsing.Service]
/usr/libexec/xpcproxy
[xpcproxy com.apple.WebKit.WebContent.CE45AD59-DF7E-4497-BD73-67ABF7AB75C6 614]
/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
[/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent]
/usr/libexec/xpcproxy
[xpcproxy com.apple.mediaremoted]
/System/Library/PrivateFrameworks/MediaRemote.framework/Support/mediaremoted
[/System/Library/PrivateFrameworks/MediaRemote.framework/Support/mediaremoted]
/usr/libexec/xpcproxy
[xpcproxy com.apple.mobile.keybagd]
/usr/libexec/keybagd
[/usr/libexec/keybagd -t 15]
/usr/libexec/xpcproxy
[xpcproxy com.apple.audio.AudioComponentRegistrar]
/System/Library/Frameworks/AudioToolbox.framework/AudioComponentRegistrar
[/System/Library/Frameworks/AudioToolbox.framework/AudioComponentRegistrar]
/usr/libexec/xpcproxy
[xpcproxy com.apple.audio.SandboxHelper 627]
/System/Library/Frameworks/AudioToolbox.framework/XPCServices/com.apple.audio.SandboxHelper.xpc/Contents/MacOS/com.apple.audio.SandboxHelper
[/System/Library/Frameworks/AudioToolbox.framework/XPCServices/com.apple.audio.SandboxHelper.xpc/Contents/MacOS/com.apple.audio.SandboxHelper]
/usr/libexec/xpcproxy
[xpcproxy com.apple.WebKit.WebContent.00CB43F9-6482-4EF3-9597-9E08331E4888 614]
/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
[/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent]
/usr/libexec/xpcproxy
[xpcproxy com.apple.accessibility.mediaaccessibilityd]
/System/Library/Frameworks/MediaAccessibility.framework/Versions/A/XPCServices/com.apple.accessibility.mediaaccessibilityd.xpc/Contents/MacOS/com.apple.accessibility.mediaaccessibilityd
[/System/Library/Frameworks/MediaAccessibility.framework/Versions/A/XPCServices/com.apple.accessibility.mediaaccessibilityd.xpc/Contents/MacOS/com.apple.accessibility.mediaaccessibilityd]
/usr/libexec/xpcproxy
[xpcproxy com.apple.WebKit.WebContent.68873D0F-6F1D-4F46-AD2D-B7630761BB2F 614]
/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
[/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent]
/usr/libexec/xpcproxy
[xpcproxy com.apple.routined]
/usr/libexec/routined
[/usr/libexec/routined LAUNCHED_BY_LAUNCHD]
/usr/libexec/xpcproxy
[xpcproxy com.apple.Maps.mapspushd]
/System/Library/CoreServices/mapspushd
[/System/Library/CoreServices/mapspushd]
/usr/libexec/xpcproxy
[xpcproxy com.apple.ReportCrash.Root]
/System/Library/CoreServices/ReportCrash
[/System/Library/CoreServices/ReportCrash daemon]
/usr/libexec/xpcproxy
[xpcproxy com.apple.ReportMemoryException]
/usr/libexec/ReportMemoryException
[/usr/libexec/ReportMemoryException]
/bin/sh
[sh -c /usr/sbin/kextstat]
/bin/bash
[sh -c /usr/sbin/kextstat]
/usr/sbin/kextstat
[/usr/sbin/kextstat]
/usr/libexec/xpcproxy
[xpcproxy com.apple.corespotlightservice.725FD30A-6064-6C02-CC51-5DDB8891B57E]
/System/Library/Frameworks/CoreSpotlight.framework/CoreSpotlightService
[/System/Library/Frameworks/CoreSpotlight.framework/CoreSpotlightService]
/usr/libexec/xpcproxy
[xpcproxy com.apple.ReportCrash]
/System/Library/CoreServices/ReportCrash
[/System/Library/CoreServices/ReportCrash agent]
/usr/libexec/xpcproxy
[xpcproxy com.apple.TextInputMenuAgent]
/System/Library/CoreServices/TextInputMenuAgent.app/Contents/MacOS/TextInputMenuAgent
[/System/Library/CoreServices/TextInputMenuAgent.app/Contents/MacOS/TextInputMenuAgent]
/usr/libexec/xpcproxy
[xpcproxy com.apple.TextInputSwitcher]
/System/Library/CoreServices/TextInputSwitcher.app/Contents/MacOS/TextInputSwitcher
[/System/Library/CoreServices/TextInputSwitcher.app/Contents/MacOS/TextInputSwitcher]
/usr/libexec/xpcproxy
[xpcproxy com.apple.WebKit.WebContent.15B559FA-E89E-4C57-9B52-8B791BA5F253 614]
/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
[/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent]
/usr/libexec/xpcproxy
[xpcproxy com.apple.WebKit.WebContent.08DA07FB-43BE-42C1-AA94-452963A96BC0 614]
/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
[/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent]
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | mobile.events.data.trafficmanager.net | udp |
| US | 20.189.173.6:443 | tcp | |
| US | 8.8.8.8:53 | api.apple-cloudkit.fe2.apple-dns.net | udp |
| US | 8.8.8.8:53 | bag-cdn.itunes-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | b._dns-sd._udp.0.0.127.10.in-addr.arpa | udp |
| US | 8.8.8.8:53 | db._dns-sd._udp.0.0.127.10.in-addr.arpa | udp |
| US | 8.8.8.8:53 | b._dns-sd._udp.0.0.127.10.in-addr.arpa | udp |
| US | 8.8.8.8:53 | db._dns-sd._udp.0.0.127.10.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | gspe1-ssl.ls.apple.com.edgesuite.net | udp |
| GB | 104.77.118.129:443 | gspe1-ssl.ls.apple.com.edgesuite.net | tcp |
| US | 8.8.8.8:53 | e4686.dsce9.akamaiedge.net | udp |
| US | 8.8.8.8:53 | gateway.fe2.apple-dns.net | udp |
| US | 8.8.8.8:53 | api-glb-aeuw3b.smoot.apple.com | udp |
| FR | 15.237.18.235:443 | api-glb-aeuw3b.smoot.apple.com | tcp |
| US | 8.8.8.8:53 | clients1.google.com | udp |
| US | 8.8.8.8:53 | clients1.google.com | udp |
| GB | 142.250.187.206:443 | clients1.google.com | tcp |
| GB | 142.250.187.206:443 | clients1.google.com | tcp |
| US | 8.8.8.8:53 | www.yelp.com | udp |
| US | 151.101.64.116:443 | www.yelp.com | tcp |
| US | 8.8.8.8:53 | safebrowsing.googleapis.com | udp |
| US | 8.8.8.8:53 | cdn2.smoot.apple.com | udp |
| US | 8.8.8.8:53 | cdn.smoot.apple.com | udp |
| US | 8.8.8.8:53 | www.yelp.co.uk | udp |
| GB | 54.230.10.110:443 | www.yelp.co.uk | tcp |
| US | 8.8.8.8:53 | s3-media0.fl.yelpcdn.com | udp |
| US | 151.101.129.91:443 | s3-media0.fl.yelpcdn.com | tcp |
| US | 8.8.8.8:53 | itunes.apple.com | udp |
| US | 8.8.8.8:53 | cdn.cookielaw.org | udp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| GB | 172.217.169.46:443 | www.youtube.com | tcp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| GB | 172.217.169.86:443 | i.ytimg.com | tcp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| GB | 142.250.200.34:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| GB | 172.217.169.46:443 | www.youtube.com | tcp |
| NL | 142.250.27.84:443 | accounts.google.com | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| GB | 142.250.200.3:443 | www.google.co.uk | tcp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 172.217.169.46:443 | play.google.com | tcp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | static.doubleclick.net | udp |
| GB | 142.250.178.10:443 | jnn-pa.googleapis.com | tcp |
| GB | 216.58.213.6:443 | static.doubleclick.net | tcp |
| US | 8.8.8.8:53 | gsp64-ssl.ls-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | youtube.com | udp |
| GB | 142.250.200.46:443 | youtube.com | tcp |
| US | 8.8.8.8:53 | e10499.dsce9.akamaiedge.net | udp |
| US | 8.8.8.8:53 | e4686.dsce9.akamaiedge.net | udp |
| US | 8.8.8.8:53 | suggestqueries-clients6.youtube.com | udp |
| GB | 172.217.16.238:443 | suggestqueries-clients6.youtube.com | tcp |
| GB | 172.217.16.238:443 | suggestqueries-clients6.youtube.com | tcp |
| US | 8.8.8.8:53 | cds.apple.com | udp |
| BE | 104.68.86.71:443 | cds.apple.com | tcp |
| US | 8.8.8.8:53 | help.apple.com | udp |
| SE | 23.34.233.79:443 | help.apple.com | tcp |
| SE | 23.34.233.79:443 | help.apple.com | tcp |
| US | 8.8.8.8:53 | yt3.ggpht.com | udp |
| GB | 142.250.180.1:443 | yt3.ggpht.com | tcp |
| GB | 142.250.187.206:443 | www.youtube.com | tcp |
| US | 8.8.8.8:53 | cdn.smoot.g.aaplimg.com | udp |
| US | 8.8.8.8:53 | consent.google.com | udp |
| GB | 142.250.187.238:443 | consent.google.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
Files
/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C/com.apple.Safari//mds/mdsObject.db
| MD5 | d3a1859e6ec593505cc882e6def48fc8 |
| SHA1 | f8e6728e3e9de477a75706faa95cead9ce13cb32 |
| SHA256 | 3ebafa97782204a4a1d75cfec22e15fcdeab45b65bab3b3e65508707e034a16c |
| SHA512 | ea2a749b105759ea33408186b417359deffb4a3a5ed0533cb26b459c16bb3524d67ede5c9cf0d5098921c0c0a9313fb9c2672f1e5ba48810eda548fa3209e818 |
/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C/com.apple.Safari//mds/mdsDirectory.db
| MD5 | 0e4a0d1ceb2af6f0f8d0167ce77be2d3 |
| SHA1 | 414ba4c1dc5fc8bf53d550e296fd6f5ad669918c |
| SHA256 | cca093bcfc65e25dd77c849866e110df72526dffbe29d76e11e29c7d888a4030 |
| SHA512 | 1dc5282d27c49a4b6f921ba5dfc88b8c1d32289df00dd866f9ac6669a5a8d99afeda614bffc7cf61a44375ae73e09cd52606b443b63636977c9cd2ef4fa68a20 |
/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C/com.apple.Safari.SafeBrowsing/Google/malware,osx,url_expression
| MD5 | be9b479019fdcb957670aea931baef49 |
| SHA1 | 6c3c630341d0e6dd0215cccdb82dc50ca12a170a |
| SHA256 | 6e11fe06c6e58c342f98b4e0eddb44d43f957631fd52210245a0eed50c8fc47d |
| SHA512 | a00129f51b6fc10828f18e44165302a4d5b3152111b25dbcc07a4ee7cad5e721dbffc90f0414e096ef2bd14cad84fcff6366a5c6ea58fc6e888ada0f4501c409 |
/Users/run/Library/Safari/Favicon Cache/favicons/0A381517FF65E8DB5EAA3B6E281F9E08
| MD5 | 9909227b6fd2415ccb9a276d99632243 |
| SHA1 | c21dfda1e925054b0d6c882e43f87dbe1222a933 |
| SHA256 | af7282a5f1a3c7a62bda5f2265b1254d420ba7b5aab58023df705dd6064d2ac9 |
| SHA512 | 9705d6811e00ee5f616ead194484f00df7fd5033e6bbea784c02438b87774a3e60ece7e2fb6e23486eec43743d642a105a16a615b3a5d5ee32d49b8f77814e5c |
/Users/run/Library/Safari/Favicon Cache/favicons/4C54E8E84B26D2AE63CAA95A6A008AE8
| MD5 | f00ffb858024f95fbde9c8ef2a62c4bc |
| SHA1 | ca0fc41d59a2d8bd769f2376d1fd828912bb3c76 |
| SHA256 | 0a3ba6c9348a3d6a485cb00c88ad6b04be11e61d9c0150558003e9f8502939c3 |
| SHA512 | 1a666cbd95a5c09f30c862dbabe6784ca87856d23ef0d2a289bc94eb991aea268b39d423fc317bd00b7e9816a45f8bd5df2ca75b24361a203f64a7bf0ff51fbf |
/Users/run/Library/Safari/Favicon Cache/favicons/DE1ED6E3454D1321D08961D539435046
| MD5 | c51bd7dbb85f0faa1f44e01aae7d74a8 |
| SHA1 | bde21653b3d1176ffdb60f797b09fafadc67669c |
| SHA256 | 61f8e1e6a14f8405364678a7d593b6893a1c5619afde92fc0c0c7c82f71a3eee |
| SHA512 | 8c1f0983547559975aec0a34f8a72f2afea85013eb9bf6e1e50d2516ea18266beefcbaa8ab2ca90dd14bad31c559fd57e79c7eca4906e9adcde5ea37829a1db0 |
/Users/run/Library/Safari/Favicon Cache/favicons/FAB47A8AF24C6B1A7C3A1E0B3965C6F9
| MD5 | 80f7367cb52983d2b58c2570460a9e9b |
| SHA1 | 8b1020b84f2c57bc43c0b0e504529fbd176fc694 |
| SHA256 | d7dd223f488a3dc314edecff758abc774093909d8cdaabb5c6b3f5a84a6f4be7 |
| SHA512 | ec16f486883b31551597eaa82406989c159a5e186ec33fcc8fbc85093d1ac758bfab065a9a8f91ef3087456cc2a0b2b097dbb074f567280f5ccf8f3838eaceb3 |
/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C/com.apple.Safari.SafeBrowsing/Google/social_engineering,osx,url_expression
| MD5 | c371319ba70e9ab61b2f91cadb62a53f |
| SHA1 | ffbffc907c024e0b4cc2042d94b72fab74329424 |
| SHA256 | 3ca5f3e0290f212b68785e943cd448a4ce77b0c1fd979255404be9d2ebf8b274 |
| SHA512 | 7533107869a2e7d80225c1d1e580f39a43be35fb5bde0553875152230b3d9258e2c614d0dffbc8e926e80ba5f7de18fe3b702d5601f514830e88a984007bb6a1 |
/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C/com.apple.Safari.SafeBrowsing/Google/unwanted_software,osx,url_expression
| MD5 | 00d4ec9ab54b7f68cf543e39694fdcc3 |
| SHA1 | 9999d1f4fdf7e027b24977f8ba7508903e3385de |
| SHA256 | 2b42df9af55d87d88e8beae2f01de6bf082b0ee3ca85641188210ec222e14395 |
| SHA512 | 7b383be03cddbf0a4a6f2b7c073da5d64112ef62271c7ae9e065cceba9704b2b67b04175d246c6c44cd0888c4580a3bc63838acea23200fc453353837e2f8719 |
/Users/run/Library/Caches/GeoServices/ActiveTileGroup.pbd
| MD5 | 92a8614e598c1853fdda2fde75ef2504 |
| SHA1 | 0c9a40fbaaccc713338b5cee815c4eb57125ff84 |
| SHA256 | f4fa58087ac1a015defdbc52f8216269e68833630cb28a2ba3f8c32b03d8739d |
| SHA512 | e878eaa713c249f9ef2d7f02274e78fd5ba079cd0457a789808ef28b1abf79e968f81249d79f3a09d24aeeccb0ca1c0b2934b4dd7361d7f925bd1e7da62c51c8 |
/private/var/db/spindump/tailspin-trace.2024-06-18_13-01-07.tailspin
| MD5 | ac4e6c90e69a927ce57a65fa314cc619 |
| SHA1 | 0393bf3685e39549fbc9782487753ecda7a602df |
| SHA256 | 983ab89db7111dd46d3f4704aed05faf3a6104a4743c05748864e1b8785502cb |
| SHA512 | 141ed93ae8a4a95b0268414addef592000a89f7c8aa1481da81168d713b2801a1281e00f99f274be421294ab219c06786a135532a2b942a0051621a7ca15379b |
/Users/run/Library/Safari/Favicon Cache/favicons/AAF566CE8C9F3945E734DFDA985B799F
| MD5 | f3418a443e7d841097c714d69ec4bcb8 |
| SHA1 | 49263695f6b0cdd72f45cf1b775e660fdc36c606 |
| SHA256 | 6da5620880159634213e197fafca1dde0272153be3e4590818533fab8d040770 |
| SHA512 | 82d017c4b7ec8e0c46e8b75da0ca6a52fd8bce7fcf4e556cbdf16b49fc81be9953fe7e25a05f63ecd41c7272e8bb0a9fd9aedf0ac06cb6032330b096b3702563 |