Analysis Overview
SHA256
fe3c2e5c8d18becaa0e8e9b14b31faaeabe1cf2ee7bcc8c4e47e8c6d3a8f0f1a
Threat Level: Likely benign
The file Product information_tesafilm® 57315_de-DE.pdf was found to be: Likely benign.
Malicious Activity Summary
Resource Forking
One or more HTTP URLs in PDF identified
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-06-18 20:30
Signatures
One or more HTTP URLs in PDF identified
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-18 20:30
Reported
2024-06-18 20:36
Platform
macos-20240611-en
Max time kernel
308s
Max time network
311s
Command Line
Signatures
Resource Forking
| Description | Indicator | Process | Target |
| N/A | /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd | N/A | N/A |
| N/A | /System/Library/PrivateFrameworks/PackageKit.framework/Resources/system_installd | N/A | N/A |
| N/A | /System/Library/PreferencePanes/TouchID.prefPane/Contents/Resources/AllowPasswordPref | N/A | N/A |
| N/A | "/System/Library/CoreServices/Software Update.app/Contents/Resources/softwareupdated" | N/A | N/A |
| N/A | /System/Library/PrivateFrameworks/DesktopServicesPriv.framework/Resources/DesktopServicesHelper | N/A | N/A |
| N/A | /System/Library/PreferencePanes/Sidecar.prefPane/Contents/Resources/sidecarPrefCheck | N/A | N/A |
| N/A | /System/Library/PrivateFrameworks/CommerceKit.framework/Versions/A/Resources/storedownloadd | N/A | N/A |
| N/A | /System/Library/PreferencePanes/Profiles.prefPane/Contents/Resources/CPPrefPaneEnabledTool | N/A | N/A |
| N/A | /System/Library/PrivateFrameworks/DesktopServicesPriv.framework/Resources/DesktopServicesHelper | N/A | N/A |
| N/A | /System/Library/Frameworks/Quartz.framework/Frameworks/QuickLookUI.framework/Resources/QuickLookUIHelper.app/Contents/MacOS/QuickLookUIHelper | N/A | N/A |
| N/A | /System/Library/PrivateFrameworks/DesktopServicesPriv.framework/Resources/DesktopServicesHelper | N/A | N/A |
| N/A | /System/Library/PrivateFrameworks/DesktopServicesPriv.framework/Resources/DesktopServicesHelper | N/A | N/A |
| N/A | /System/Library/PrivateFrameworks/DesktopServicesPriv.framework/Resources/DesktopServicesHelper | N/A | N/A |
| N/A | /System/Library/PreferencePanes/ClassroomSettings.prefPane/Contents/Resources/ClassroomSettingsVisibilityCheckTool | N/A | N/A |
| N/A | /System/Library/PreferencePanes/Sidecar.prefPane/Contents/Resources/sidecarPrefCheck | N/A | N/A |
| N/A | /System/Library/PreferencePanes/Wallet.prefPane/Contents/Resources/walletAvailabilityCheckTool | N/A | N/A |
| N/A | /System/Library/PrivateFrameworks/SoftwareUpdate.framework/Resources/SoftwareUpdateNotificationManager.app/Contents/MacOS/SoftwareUpdateNotificationManager | N/A | N/A |
| N/A | /System/Library/PreferencePanes/ClassroomSettings.prefPane/Contents/Resources/ClassroomSettingsVisibilityCheckTool | N/A | N/A |
| N/A | /System/Library/PreferencePanes/Profiles.prefPane/Contents/Resources/CPPrefPaneEnabledTool | N/A | N/A |
| N/A | /System/Library/PreferencePanes/TouchID.prefPane/Contents/Resources/AllowPasswordPref | N/A | N/A |
| N/A | /System/Library/PreferencePanes/Wallet.prefPane/Contents/Resources/walletAvailabilityCheckTool | N/A | N/A |
| N/A | /System/Library/Frameworks/Security.framework/Versions/A/Resources/CloudKeychainProxy.bundle/Contents/MacOS/CloudKeychainProxy | N/A | N/A |
| N/A | "/System/Library/CoreServices/Software Update.app/Contents/Resources/suhelperd" | N/A | N/A |
Processes
/bin/sh
[sh -c sudo /bin/zsh -c "/Users/run/Product information_tesafilm® 57315_de-DE.pdf"]
/bin/bash
[sh -c sudo /bin/zsh -c "/Users/run/Product information_tesafilm® 57315_de-DE.pdf"]
/usr/bin/sudo
[sudo /bin/zsh -c /Users/run/Product information_tesafilm® 57315_de-DE.pdf]
/usr/libexec/xpcproxy
[xpcproxy com.apple.pluginkit.pkd]
/usr/libexec/pkd
[/usr/libexec/pkd]
/bin/zsh
[/bin/zsh -c /Users/run/Product information_tesafilm® 57315_de-DE.pdf]
/Users/run/Product
[/Users/run/Product information_tesafilm® 57315_de-DE.pdf]
/usr/libexec/xpcproxy
[xpcproxy com.apple.sysmond]
/usr/libexec/sysmond
[/usr/libexec/sysmond]
/usr/libexec/xpcproxy
[xpcproxy com.apple.security.cloudkeychainproxy3]
/usr/libexec/xpcproxy
[xpcproxy com.apple.audio.systemsoundserverd]
/usr/sbin/systemsoundserverd
[/usr/sbin/systemsoundserverd]
/usr/libexec/xpcproxy
[xpcproxy com.apple.pbs]
/System/Library/Frameworks/Security.framework/Versions/A/Resources/CloudKeychainProxy.bundle/Contents/MacOS/CloudKeychainProxy
[/System/Library/Frameworks/Security.framework/Versions/A/Resources/CloudKeychainProxy.bundle/Contents/MacOS/CloudKeychainProxy]
/System/Library/CoreServices/pbs
[/System/Library/CoreServices/pbs]
/usr/libexec/xpcproxy
[xpcproxy com.apple.audio.AudioComponentRegistrar]
/System/Library/Frameworks/AudioToolbox.framework/AudioComponentRegistrar
[/System/Library/Frameworks/AudioToolbox.framework/AudioComponentRegistrar -daemon]
/usr/bin/pluginkit
[/usr/bin/pluginkit -e ignore -i com.microsoft.OneDrive.FinderSync]
/usr/sbin/spctl
[/usr/sbin/spctl --assess --type execute /var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/T/OneDriveUpdater66017B75/OneDrive.app]
/usr/libexec/xpcproxy
[xpcproxy com.apple.TextInputMenuAgent]
/System/Library/CoreServices/TextInputMenuAgent.app/Contents/MacOS/TextInputMenuAgent
[/System/Library/CoreServices/TextInputMenuAgent.app/Contents/MacOS/TextInputMenuAgent]
/usr/libexec/xpcproxy
[xpcproxy com.apple.TextInputSwitcher]
/System/Library/CoreServices/TextInputSwitcher.app/Contents/MacOS/TextInputSwitcher
[/System/Library/CoreServices/TextInputSwitcher.app/Contents/MacOS/TextInputSwitcher]
/usr/libexec/xpcproxy
[xpcproxy com.apple.systemprofiler]
/System/Applications/Utilities/System Information.app/Contents/MacOS/System Information
[/System/Applications/Utilities/System Information.app/Contents/MacOS/System Information]
/usr/libexec/xpcproxy
[xpcproxy com.apple.replayd]
/usr/libexec/replayd
[/usr/libexec/replayd]
/usr/libexec/xpcproxy
[xpcproxy com.apple.storedownloadd]
/usr/libexec/xpcproxy
[xpcproxy com.apple.ReportMemoryException]
/System/Library/PrivateFrameworks/CommerceKit.framework/Versions/A/Resources/storedownloadd
[/System/Library/PrivateFrameworks/CommerceKit.framework/Versions/A/Resources/storedownloadd]
/usr/libexec/xpcproxy
[xpcproxy com.apple.installd]
/usr/libexec/ReportMemoryException
[/usr/libexec/ReportMemoryException]
/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
[/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd]
/usr/libexec/xpcproxy
[xpcproxy com.apple.system_installd]
/System/Library/PrivateFrameworks/PackageKit.framework/Resources/system_installd
[/System/Library/PrivateFrameworks/PackageKit.framework/Resources/system_installd]
/usr/libexec/xpcproxy
[xpcproxy com.apple.Safari.CacheDeleteExtension 597]
/Applications/Safari.app/Contents/PlugIns/CacheDeleteExtension.appex/Contents/MacOS/CacheDeleteExtension
[/Applications/Safari.app/Contents/PlugIns/CacheDeleteExtension.appex/Contents/MacOS/CacheDeleteExtension]
/usr/libexec/xpcproxy
[xpcproxy com.apple.geod]
/System/Library/PrivateFrameworks/GeoServices.framework/Versions/A/XPCServices/com.apple.geod.xpc/Contents/MacOS/com.apple.geod
[/System/Library/PrivateFrameworks/GeoServices.framework/Versions/A/XPCServices/com.apple.geod.xpc/Contents/MacOS/com.apple.geod]
/usr/libexec/xpcproxy
[xpcproxy com.apple.geod]
/System/Library/PrivateFrameworks/GeoServices.framework/Versions/A/XPCServices/com.apple.geod.xpc/Contents/MacOS/com.apple.geod
[/System/Library/PrivateFrameworks/GeoServices.framework/Versions/A/XPCServices/com.apple.geod.xpc/Contents/MacOS/com.apple.geod]
/usr/libexec/xpcproxy
[xpcproxy com.apple.secinitd]
/usr/libexec/secinitd
[/usr/libexec/secinitd]
/usr/libexec/xpcproxy
[xpcproxy com.apple.AddressBook.ContactsAccountsService]
/System/Library/Frameworks/AddressBook.framework/Executables/ContactsAccountsService
[/System/Library/Frameworks/AddressBook.framework/Executables/ContactsAccountsService]
/usr/libexec/xpcproxy
[xpcproxy com.apple.routined]
/usr/libexec/routined
[/usr/libexec/routined LAUNCHED_BY_LAUNCHD]
/usr/libexec/xpcproxy
[xpcproxy com.apple.Maps.mapspushd]
/System/Library/CoreServices/mapspushd
[/System/Library/CoreServices/mapspushd]
/usr/libexec/xpcproxy
[xpcproxy com.apple.neagent.878568F8-CCE5-4157-8315-22F20DC8FB0A]
/usr/libexec/neagent
[/usr/libexec/neagent]
/usr/libexec/xpcproxy
[xpcproxy com.apple.systempreferences.2140]
/System/Applications/System Preferences.app/Contents/MacOS/System Preferences
[/System/Applications/System Preferences.app/Contents/MacOS/System Preferences]
/usr/libexec/xpcproxy
[xpcproxy com.apple.metadata.mdwrite]
/usr/libexec/xpcproxy
[xpcproxy com.apple.siri.context.service]
/System/Library/PrivateFrameworks/ContextKit.framework/Versions/A/XPCServices/ContextService.xpc/Contents/MacOS/ContextService
[/System/Library/PrivateFrameworks/ContextKit.framework/Versions/A/XPCServices/ContextService.xpc/Contents/MacOS/ContextService]
/usr/libexec/xpcproxy
[xpcproxy com.apple.AccountProfileRemoteViewService 627]
/System/Library/PrivateFrameworks/AOSUI.framework/Versions/A/XPCServices/AccountProfileRemoteViewService.xpc/Contents/MacOS/AccountProfileRemoteViewService
[/System/Library/PrivateFrameworks/AOSUI.framework/Versions/A/XPCServices/AccountProfileRemoteViewService.xpc/Contents/MacOS/AccountProfileRemoteViewService]
/System/Library/PreferencePanes/ClassroomSettings.prefPane/Contents/Resources/ClassroomSettingsVisibilityCheckTool
[/System/Library/PreferencePanes/ClassroomSettings.prefPane/Contents/Resources/ClassroomSettingsVisibilityCheckTool]
/System/Library/PreferencePanes/Profiles.prefPane/Contents/Resources/CPPrefPaneEnabledTool
[/System/Library/PreferencePanes/Profiles.prefPane/Contents/Resources/CPPrefPaneEnabledTool]
/usr/libexec/xpcproxy
[xpcproxy com.apple.studentd]
/System/Library/PreferencePanes/Sidecar.prefPane/Contents/Resources/sidecarPrefCheck
[/System/Library/PreferencePanes/Sidecar.prefPane/Contents/Resources/sidecarPrefCheck]
/usr/libexec/studentd
[/usr/libexec/studentd]
/System/Library/PreferencePanes/TouchID.prefPane/Contents/Resources/AllowPasswordPref
[/System/Library/PreferencePanes/TouchID.prefPane/Contents/Resources/AllowPasswordPref]
/System/Library/PreferencePanes/Wallet.prefPane/Contents/Resources/walletAvailabilityCheckTool
[/System/Library/PreferencePanes/Wallet.prefPane/Contents/Resources/walletAvailabilityCheckTool]
/usr/libexec/xpcproxy
[xpcproxy com.apple.CoreAuthentication.agent]
/usr/libexec/xpcproxy
[xpcproxy com.apple.nfcd]
/usr/libexec/nfcd
[/usr/libexec/nfcd]
/System/Library/Frameworks/LocalAuthentication.framework/Support/coreauthd
[/System/Library/Frameworks/LocalAuthentication.framework/Support/coreauthd]
/usr/libexec/xpcproxy
[xpcproxy com.apple.preferences.softwareupdate.remoteservice 627]
/System/Library/PreferencePanes/SoftwareUpdate.prefPane/Contents/XPCServices/com.apple.preferences.softwareupdate.remoteservice.xpc/Contents/MacOS/com.apple.preferences.softwareupdate.remoteservice
[/System/Library/PreferencePanes/SoftwareUpdate.prefPane/Contents/XPCServices/com.apple.preferences.softwareupdate.remoteservice.xpc/Contents/MacOS/com.apple.preferences.softwareupdate.remoteservice]
/usr/libexec/xpcproxy
[xpcproxy com.apple.softwareupdated]
/System/Library/CoreServices/Software Update.app/Contents/Resources/softwareupdated
[/System/Library/CoreServices/Software Update.app/Contents/Resources/softwareupdated]
/usr/libexec/xpcproxy
[xpcproxy com.apple.suhelperd]
/System/Library/CoreServices/Software Update.app/Contents/Resources/suhelperd
[/System/Library/CoreServices/Software Update.app/Contents/Resources/suhelperd]
/System/Library/SystemConfiguration/PrinterNotifications.bundle/Contents/MacOS/makequeues
[/System/Library/SystemConfiguration/PrinterNotifications.bundle/Contents/MacOS/makequeues -z]
/usr/libexec/xpcproxy
[xpcproxy com.apple.SoftwareUpdateNotificationManager]
/System/Library/PrivateFrameworks/SoftwareUpdate.framework/Resources/SoftwareUpdateNotificationManager.app/Contents/MacOS/SoftwareUpdateNotificationManager
[/System/Library/PrivateFrameworks/SoftwareUpdate.framework/Resources/SoftwareUpdateNotificationManager.app/Contents/MacOS/SoftwareUpdateNotificationManager]
/usr/libexec/xpcproxy
[xpcproxy com.apple.rtcreportingd]
/usr/libexec/rtcreportingd
[/usr/libexec/rtcreportingd]
/usr/libexec/xpcproxy
[xpcproxy com.apple.ReportCrash]
/System/Library/CoreServices/ReportCrash
[/System/Library/CoreServices/ReportCrash agent]
/System/Library/SystemConfiguration/PrinterNotifications.bundle/Contents/MacOS/makequeues
[/System/Library/SystemConfiguration/PrinterNotifications.bundle/Contents/MacOS/makequeues -z]
/usr/libexec/xpcproxy
[xpcproxy com.apple.Safari.2028]
/Applications/Safari.app/Contents/MacOS/Safari
[/Applications/Safari.app/Contents/MacOS/Safari]
/usr/libexec/xpcproxy
[xpcproxy com.apple.Safari.History]
/System/Library/PrivateFrameworks/SafariShared.framework/Versions/A/XPCServices/com.apple.Safari.History.xpc/Contents/MacOS/com.apple.Safari.History
[/System/Library/PrivateFrameworks/SafariShared.framework/Versions/A/XPCServices/com.apple.Safari.History.xpc/Contents/MacOS/com.apple.Safari.History]
/usr/libexec/xpcproxy
[xpcproxy com.apple.WebKit.WebContent.DA2E99D9-2F6A-466F-9856-64FB125BDDEE 663]
/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
[/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent]
/usr/libexec/xpcproxy
[xpcproxy com.apple.SafariLaunchAgent]
/Library/Apple/System/Library/CoreServices/SafariSupport.bundle/Contents/MacOS/SafariLaunchAgent
[/Library/Apple/System/Library/CoreServices/SafariSupport.bundle/Contents/MacOS/SafariLaunchAgent]
/usr/libexec/xpcproxy
[xpcproxy com.apple.akd]
/System/Library/PrivateFrameworks/AuthKit.framework/Versions/A/Support/akd
[/System/Library/PrivateFrameworks/AuthKit.framework/Versions/A/Support/akd]
/usr/libexec/xpcproxy
[xpcproxy com.apple.WebKit.WebContent.04BE9D84-D45A-4E9A-8114-B9E97ADC15DE 663]
/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
[/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent]
/usr/libexec/xpcproxy
[xpcproxy com.apple.Safari.SafeBrowsing.Service]
/System/Library/PrivateFrameworks/SafariSafeBrowsing.framework/com.apple.Safari.SafeBrowsing.Service
[/System/Library/PrivateFrameworks/SafariSafeBrowsing.framework/com.apple.Safari.SafeBrowsing.Service]
/usr/libexec/xpcproxy
[xpcproxy com.apple.mediaremoted]
/System/Library/PrivateFrameworks/MediaRemote.framework/Support/mediaremoted
[/System/Library/PrivateFrameworks/MediaRemote.framework/Support/mediaremoted]
/usr/libexec/xpcproxy
[xpcproxy com.apple.WebKit.WebContent.64281237-A8E3-4704-A3EB-8B00EA0F3ED3 663]
/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
[/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent]
/usr/libexec/xpcproxy
[xpcproxy com.apple.assistantd]
/System/Library/PrivateFrameworks/AssistantServices.framework/Versions/A/Support/assistantd
[/System/Library/PrivateFrameworks/AssistantServices.framework/Versions/A/Support/assistantd]
/usr/libexec/xpcproxy
[xpcproxy com.apple.accessibility.mediaaccessibilityd]
/System/Library/Frameworks/MediaAccessibility.framework/Versions/A/XPCServices/com.apple.accessibility.mediaaccessibilityd.xpc/Contents/MacOS/com.apple.accessibility.mediaaccessibilityd
[/System/Library/Frameworks/MediaAccessibility.framework/Versions/A/XPCServices/com.apple.accessibility.mediaaccessibilityd.xpc/Contents/MacOS/com.apple.accessibility.mediaaccessibilityd]
/usr/libexec/xpcproxy
[xpcproxy com.apple.coremedia.videodecoder 670]
/System/Library/Frameworks/VideoToolbox.framework/Versions/A/XPCServices/VTDecoderXPCService.xpc/Contents/MacOS/VTDecoderXPCService
[/System/Library/Frameworks/VideoToolbox.framework/Versions/A/XPCServices/VTDecoderXPCService.xpc/Contents/MacOS/VTDecoderXPCService]
/usr/libexec/xpcproxy
[xpcproxy com.apple.corespotlightservice.725FD30A-6064-6C02-CC51-5DDB8891B57E]
/System/Library/Frameworks/CoreSpotlight.framework/CoreSpotlightService
[/System/Library/Frameworks/CoreSpotlight.framework/CoreSpotlightService]
/usr/libexec/xpcproxy
[xpcproxy com.apple.quicklook.satellite.AF32497B-4799-421C-A27F-8EB4E23E2FBC 604]
/System/Library/Frameworks/QuickLook.framework/Versions/A/XPCServices/QuickLookSatellite.xpc/Contents/MacOS/QuickLookSatellite
[/System/Library/Frameworks/QuickLook.framework/Versions/A/XPCServices/QuickLookSatellite.xpc/Contents/MacOS/QuickLookSatellite]
/usr/libexec/xpcproxy
[xpcproxy com.apple.DesktopServicesHelper.233DE54A-C02C-4BF9-8843-E1C12F7628AF]
/System/Library/PrivateFrameworks/DesktopServicesPriv.framework/Resources/DesktopServicesHelper
[/System/Library/PrivateFrameworks/DesktopServicesPriv.framework/Resources/DesktopServicesHelper]
/usr/libexec/xpcproxy
[xpcproxy com.apple.quicklook.ui.helper]
/System/Library/Frameworks/Quartz.framework/Frameworks/QuickLookUI.framework/Resources/QuickLookUIHelper.app/Contents/MacOS/QuickLookUIHelper
[/System/Library/Frameworks/Quartz.framework/Frameworks/QuickLookUI.framework/Resources/QuickLookUIHelper.app/Contents/MacOS/QuickLookUIHelper]
/usr/libexec/xpcproxy
[xpcproxy com.apple.xpc.launchd.oneshot.0x10000001.Archive Utility]
/System/Library/CoreServices/Applications/Archive Utility.app/Contents/MacOS/Archive Utility
[/System/Library/CoreServices/Applications/Archive Utility.app/Contents/MacOS/Archive Utility -psn_0_233529]
/usr/libexec/xpcproxy
[xpcproxy com.apple.XprotectFramework.AnalysisService 596]
/System/Library/PrivateFrameworks/XprotectFramework.framework/Versions/A/XPCServices/XprotectService.xpc/Contents/MacOS/XprotectService
[/System/Library/PrivateFrameworks/XprotectFramework.framework/Versions/A/XPCServices/XprotectService.xpc/Contents/MacOS/XprotectService]
/usr/bin/macbinary
[/usr/bin/macbinary probe --verbose /Users/run/Desktop/payload.zip]
/usr/bin/file
[/usr/bin/file -b /Users/run/Desktop/payload.zip]
/usr/libexec/xpcproxy
[xpcproxy com.apple.archiveutility.auhelperservice 688]
/System/Library/CoreServices/Applications/Archive Utility.app/Contents/XPCServices/AUHelperService.xpc/Contents/MacOS/AUHelperService
[/System/Library/CoreServices/Applications/Archive Utility.app/Contents/XPCServices/AUHelperService.xpc/Contents/MacOS/AUHelperService]
/System/Library/Frameworks/FileProvider.framework/XPCServices/ArchiveService.xpc/Contents/MacOS/ArchiveService
[/System/Library/Frameworks/FileProvider.framework/XPCServices/ArchiveService.xpc/Contents/MacOS/ArchiveService]
/usr/libexec/xpcproxy
[xpcproxy com.apple.appkit.xpc.sandboxedServiceRunner 688]
/System/Library/Frameworks/AppKit.framework/Versions/C/XPCServices/SandboxedServiceRunner.xpc/Contents/MacOS/SandboxedServiceRunner
[/System/Library/Frameworks/AppKit.framework/Versions/C/XPCServices/SandboxedServiceRunner.xpc/Contents/MacOS/SandboxedServiceRunner]
/usr/libexec/xpcproxy
[xpcproxy com.apple.DesktopServicesHelper.B1A0E531-4B91-4804-AF93-96D7472736C5]
/System/Library/PrivateFrameworks/DesktopServicesPriv.framework/Resources/DesktopServicesHelper
[/System/Library/PrivateFrameworks/DesktopServicesPriv.framework/Resources/DesktopServicesHelper]
/usr/libexec/xpcproxy
[xpcproxy com.apple.DesktopServicesHelper.4C3D6614-91CE-4E12-89BA-605AF628BD36]
/System/Library/PrivateFrameworks/DesktopServicesPriv.framework/Resources/DesktopServicesHelper
[/System/Library/PrivateFrameworks/DesktopServicesPriv.framework/Resources/DesktopServicesHelper]
/usr/libexec/xpcproxy
[xpcproxy com.apple.DesktopServicesHelper.3FFA618A-42D2-4956-AB5C-B5D2ACC31778]
/System/Library/PrivateFrameworks/DesktopServicesPriv.framework/Resources/DesktopServicesHelper
[/System/Library/PrivateFrameworks/DesktopServicesPriv.framework/Resources/DesktopServicesHelper]
/usr/libexec/xpcproxy
[xpcproxy com.apple.DesktopServicesHelper.3C38E088-8AF2-4D1D-9594-AD70CB2CFA40]
/System/Library/PrivateFrameworks/DesktopServicesPriv.framework/Resources/DesktopServicesHelper
[/System/Library/PrivateFrameworks/DesktopServicesPriv.framework/Resources/DesktopServicesHelper]
/usr/libexec/xpcproxy
[xpcproxy com.apple.systempreferences.2140]
/System/Applications/System Preferences.app/Contents/MacOS/System Preferences
[/System/Applications/System Preferences.app/Contents/MacOS/System Preferences]
/usr/libexec/xpcproxy
[xpcproxy com.apple.AccountProfileRemoteViewService 705]
/System/Library/PrivateFrameworks/AOSUI.framework/Versions/A/XPCServices/AccountProfileRemoteViewService.xpc/Contents/MacOS/AccountProfileRemoteViewService
[/System/Library/PrivateFrameworks/AOSUI.framework/Versions/A/XPCServices/AccountProfileRemoteViewService.xpc/Contents/MacOS/AccountProfileRemoteViewService]
/System/Library/PreferencePanes/ClassroomSettings.prefPane/Contents/Resources/ClassroomSettingsVisibilityCheckTool
[/System/Library/PreferencePanes/ClassroomSettings.prefPane/Contents/Resources/ClassroomSettingsVisibilityCheckTool]
/System/Library/PreferencePanes/Profiles.prefPane/Contents/Resources/CPPrefPaneEnabledTool
[/System/Library/PreferencePanes/Profiles.prefPane/Contents/Resources/CPPrefPaneEnabledTool]
/System/Library/PreferencePanes/Sidecar.prefPane/Contents/Resources/sidecarPrefCheck
[/System/Library/PreferencePanes/Sidecar.prefPane/Contents/Resources/sidecarPrefCheck]
/System/Library/PreferencePanes/TouchID.prefPane/Contents/Resources/AllowPasswordPref
[/System/Library/PreferencePanes/TouchID.prefPane/Contents/Resources/AllowPasswordPref]
/System/Library/PreferencePanes/Wallet.prefPane/Contents/Resources/walletAvailabilityCheckTool
[/System/Library/PreferencePanes/Wallet.prefPane/Contents/Resources/walletAvailabilityCheckTool]
/usr/libexec/xpcproxy
[xpcproxy com.apple.PerformanceAnalysis.animationperfd]
/System/Library/PrivateFrameworks/PerformanceAnalysis.framework/Versions/A/XPCServices/com.apple.PerformanceAnalysis.animationperfd.xpc/Contents/MacOS/com.apple.PerformanceAnalysis.animationperfd
[/System/Library/PrivateFrameworks/PerformanceAnalysis.framework/Versions/A/XPCServices/com.apple.PerformanceAnalysis.animationperfd.xpc/Contents/MacOS/com.apple.PerformanceAnalysis.animationperfd]
/usr/libexec/xpcproxy
[xpcproxy com.apple.preferences.sharing.remoteservice 705]
/System/Library/PreferencePanes/SharingPref.prefPane/Contents/XPCServices/com.apple.preferences.sharing.remoteservice.xpc/Contents/MacOS/com.apple.preferences.sharing.remoteservice
[/System/Library/PreferencePanes/SharingPref.prefPane/Contents/XPCServices/com.apple.preferences.sharing.remoteservice.xpc/Contents/MacOS/com.apple.preferences.sharing.remoteservice]
/usr/libexec/xpcproxy
[xpcproxy com.apple.systemadministration.writeconfig]
/System/Library/PrivateFrameworks/SystemAdministration.framework/XPCServices/writeconfig.xpc/Contents/MacOS/writeconfig
[/System/Library/PrivateFrameworks/SystemAdministration.framework/XPCServices/writeconfig.xpc/Contents/MacOS/writeconfig]
/usr/libexec/xpcproxy
[xpcproxy com.apple.AssetCacheManagerService]
/System/Library/PrivateFrameworks/AssetCacheServicesExtensions.framework/XPCServices/AssetCacheManagerService.xpc/Contents/MacOS/AssetCacheManagerService
[/System/Library/PrivateFrameworks/AssetCacheServicesExtensions.framework/XPCServices/AssetCacheManagerService.xpc/Contents/MacOS/AssetCacheManagerService]
/usr/libexec/xpcproxy
[xpcproxy com.apple.preferences.sharing.SharingPrefsExtension 714]
/System/Library/PrivateFrameworks/AMPSharing.framework/Versions/A/PlugIns/SharingPrefsExtension.appex/Contents/MacOS/SharingPrefsExtension
[/System/Library/PrivateFrameworks/AMPSharing.framework/Versions/A/PlugIns/SharingPrefsExtension.appex/Contents/MacOS/SharingPrefsExtension]
/usr/libexec/xpcproxy
[xpcproxy com.apple.preferences.sharing.SharingBluetoothService 714]
/System/Library/PrivateFrameworks/PreferencePanesSupport.framework/PlugIns/SharingBluetoothService.appex/Contents/MacOS/SharingBluetoothService
[/System/Library/PrivateFrameworks/PreferencePanesSupport.framework/PlugIns/SharingBluetoothService.appex/Contents/MacOS/SharingBluetoothService]
/usr/libexec/xpcproxy
[xpcproxy com.apple.spindump]
/usr/sbin/spindump
[/usr/sbin/spindump]
/usr/libexec/xpcproxy
[xpcproxy com.apple.tailspind]
/usr/libexec/tailspind
[/usr/libexec/tailspind]
/usr/libexec/xpcproxy
[xpcproxy com.apple.spindump_agent]
/usr/libexec/spindump_agent
[/usr/libexec/spindump_agent]
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | lb._dns-sd._udp.0.0.127.10.in-addr.arpa | udp |
| US | 8.8.8.8:53 | mobile.events.data.trafficmanager.net | udp |
| US | 20.189.173.6:443 | tcp | |
| US | 8.8.8.8:53 | api.apple-cloudkit.fe2.apple-dns.net | udp |
| US | 8.8.8.8:53 | h3.apis.apple.map.fastly.net | udp |
| US | 8.8.8.8:53 | a1366.dscapi6.akamai.net | udp |
| US | 8.8.8.8:53 | e4686.dsce9.akamaiedge.net | udp |
| GB | 104.91.71.16:443 | tcp | |
| DE | 2.21.20.152:443 | a1366.dscapi6.akamai.net | tcp |
| US | 8.8.8.8:53 | e6858.dscx.akamaiedge.net | udp |
| US | 8.8.8.8:53 | e673.dsce9.akamaiedge.net | udp |
| US | 8.8.8.8:53 | swdist.apple.com | udp |
| US | 8.8.8.8:53 | swcdn.apple.com | udp |
| US | 151.101.195.8:80 | swcdn.apple.com | tcp |
| US | 151.101.195.8:80 | swcdn.apple.com | tcp |
| US | 151.101.195.8:80 | swcdn.apple.com | tcp |
| US | 151.101.195.8:80 | swcdn.apple.com | tcp |
| US | 151.101.195.8:80 | swcdn.apple.com | tcp |
| US | 151.101.195.8:80 | swcdn.apple.com | tcp |
| US | 151.101.195.8:80 | swcdn.apple.com | tcp |
| BE | 23.55.96.225:443 | e6858.dscx.akamaiedge.net | tcp |
| US | 8.8.8.8:53 | api-glb-aeuw3b.smoot.apple.com | udp |
| FR | 15.237.18.235:443 | api-glb-aeuw3b.smoot.apple.com | tcp |
| US | 8.8.8.8:53 | gateway.fe2.apple-dns.net | udp |
| US | 8.8.8.8:53 | e6858.dscx.akamaiedge.net | udp |
| BE | 23.55.96.225:443 | e6858.dscx.akamaiedge.net | tcp |
| US | 8.8.8.8:53 | safebrowsing.googleapis.com | udp |
| GB | 216.58.204.74:443 | safebrowsing.googleapis.com | tcp |
| US | 8.8.8.8:53 | e673.dsce9.akamaiedge.net | udp |
| US | 8.8.8.8:53 | securemvt.apple.com | udp |
| IE | 17.8.130.172:443 | securemvt.apple.com | tcp |
| US | 8.8.8.8:53 | is1-ssl.mzstatic.com | udp |
| BE | 23.55.96.225:443 | e6858.dscx.akamaiedge.net | tcp |
| BE | 23.55.96.225:443 | e6858.dscx.akamaiedge.net | tcp |
| US | 8.8.8.8:53 | cds.apple.com | udp |
| BE | 104.68.86.71:443 | cds.apple.com | tcp |
| US | 8.8.8.8:53 | help.apple.com | udp |
| US | 23.220.113.166:443 | help.apple.com | tcp |
| US | 23.220.113.166:443 | help.apple.com | tcp |
| US | 8.8.8.8:53 | b._dns-sd._udp.0.0.127.10.in-addr.arpa | udp |
| US | 8.8.8.8:53 | db._dns-sd._udp.0.0.127.10.in-addr.arpa | udp |
| US | 8.8.8.8:53 | b._dns-sd._udp.0.0.127.10.in-addr.arpa | udp |
| US | 8.8.8.8:53 | db._dns-sd._udp.0.0.127.10.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | itunes.apple.com | udp |
| US | 8.8.8.8:53 | b._dns-sd._udp.0.0.127.10.in-addr.arpa | udp |
| US | 8.8.8.8:53 | db._dns-sd._udp.0.0.127.10.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 7.0.127.10.in-addr.arpa | udp |
Files
/var/folders/zz/zyxvpxvq6csfxvn_n00000sm00006d/C//mds/mdsObject.db
| MD5 | d3a1859e6ec593505cc882e6def48fc8 |
| SHA1 | f8e6728e3e9de477a75706faa95cead9ce13cb32 |
| SHA256 | 3ebafa97782204a4a1d75cfec22e15fcdeab45b65bab3b3e65508707e034a16c |
| SHA512 | ea2a749b105759ea33408186b417359deffb4a3a5ed0533cb26b459c16bb3524d67ede5c9cf0d5098921c0c0a9313fb9c2672f1e5ba48810eda548fa3209e818 |
/var/folders/zz/zyxvpxvq6csfxvn_n00000sm00006d/C//mds/mdsDirectory.db
| MD5 | 0e4a0d1ceb2af6f0f8d0167ce77be2d3 |
| SHA1 | 414ba4c1dc5fc8bf53d550e296fd6f5ad669918c |
| SHA256 | cca093bcfc65e25dd77c849866e110df72526dffbe29d76e11e29c7d888a4030 |
| SHA512 | 1dc5282d27c49a4b6f921ba5dfc88b8c1d32289df00dd866f9ac6669a5a8d99afeda614bffc7cf61a44375ae73e09cd52606b443b63636977c9cd2ef4fa68a20 |
/Users/run/Library/Caches/GeoServices/ActiveTileGroup.pbd
| MD5 | 6c515e6608e16cc97bf768d132939a62 |
| SHA1 | 5de9eeb0718a9a0ab3aedc6a24ef1c95ec681bea |
| SHA256 | 1cc436e06df3ee5b3640aa05ad791efb03a0c50d5f2b3479a5e380a24e859d2a |
| SHA512 | 3815e51172bef1474801855ba0423af9c1d62688edad9776917c4ba4fe4492a868324206881cf5432b905dea278f1f16dd34e805abd580b8efe37a35cf219ca9 |
/Library/Printers/InstalledPrinters.plist
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
/Library/Printers/InstalledPrinters.plist
| MD5 | 3439dcb6d4ce19d3ea022b8bb17cba7a |
| SHA1 | e412c16548b6fcc5fd488315cd70b324ca4d782e |
| SHA256 | aec405d7619e28da751fafd97782015affebdb36e863c58eea2b658551a59e7b |
| SHA512 | 8ca944a1a157f6933a5efeea35aa7626d0dd5f6fd4b5d9fe08c3760b39b6f54289e502923ca7616110c468173f0389f2ce1e35899d171bd08873678759aba93b |
/var/folders/zz/zyxvpxvq6csfxvn_n00000s0000068/C/softwareupdated/com.apple.SoftwareUpdate/swcdn.apple.com/content/downloads/47/55/002-90015-A_VSZB7DY8DG/a3aeutlgmbhbfj02uok0g73k9h4i9uz50h/InstallAssistant.pkg.partialState
| MD5 | bee738fe24d4bf464db35f2ae59ed5e4 |
| SHA1 | dbc21cd86bf8d454e2c9f57608dec00f80c97da1 |
| SHA256 | 26864b81a5a8f59b44b81242e3076fafd457f550706a0849dd2486cad5c19283 |
| SHA512 | d4126beb637859f7d74e79c5a17cb05c2c0de5859b83a216ae931b67ed96892d85b6359fb29758e4fd7c7ee29db20673805c583d8f5ff748bbe0795ffebcdd37 |
/var/folders/zz/zyxvpxvq6csfxvn_n00000s0000068/T/softwareupdated/ProductMetadata.plist
| MD5 | 9ad2d94b5e92326943ebb00f86af4943 |
| SHA1 | 87b2c89c0b2616ceeb9979497b683178b9e0703d |
| SHA256 | 0b3da297d821b43ef6ffe40b4627ce4294b7e3c9d52064495b6d3cf354bc5cea |
| SHA512 | c1ac631f03c49834e5374030bb6ce164000e5afc90f2789b8a6afc86ac4906453d9b2eb7167756e4d2e568cca9aa966afbc1a28e0b013079407c420bb54491f0 |
/var/folders/zz/zyxvpxvq6csfxvn_n00000s0000068/T/softwareupdated/062-01946_45A4618B-3C0B-4F73-8CB8-55C57DF005DF/MajorOSInfo.pkg
| MD5 | d9612033a0bb5c1947be8c6d961e8dff |
| SHA1 | 89c0cdaa99797d57448dde971d42f77243881ff8 |
| SHA256 | e28ab534af7c6c3e135800e7f83d8c979227d8553b767a998574bf8c63a7d31c |
| SHA512 | dae630a872b120f404abed9f8274393591ef6e30caed5579041b6878c5b2cbb24800be26666291e8c094fd4639c030155bd753f6a7bd4e84c4658b4f84cf5f37 |
/var/folders/zz/zyxvpxvq6csfxvn_n00000s0000068/T/softwareupdated/062-01946_45A4618B-3C0B-4F73-8CB8-55C57DF005DF/Payload/System/Library/CoreServices/MajorOSInfo.bundle/Contents/Info.plist
| MD5 | 333836a7eb95f49b44940b2080fb9fc2 |
| SHA1 | 3a3ae4545749d078fb34d7c01afedb11798ca663 |
| SHA256 | f2cb9f107ce5e2593dac1643c9d69f9cf0f191a97f8e26c346765653dfec9685 |
| SHA512 | 2034e64024ae56149f4a0b10b2a3c625863efb341d91a473692f58ca495c55b0943f275a63b2a483fb3f78ca52d42b971b361905abcd3777938456aa1c30e2d9 |
/var/folders/zz/zyxvpxvq6csfxvn_n00000s0000068/T/softwareupdated/062-01946_45A4618B-3C0B-4F73-8CB8-55C57DF005DF/Payload/System/Library/CoreServices/MajorOSInfo.bundle/Contents/Resources/en.lproj/Localizable.strings
| MD5 | 8b4ece7adf04487c3c0892458e42d9de |
| SHA1 | 5f54a72c67c2d88ff32b57ff5b24a919e872286c |
| SHA256 | 525c6efad03dab0004451911c0ef31599085c1a260472b5f0bf995f86f2b16bb |
| SHA512 | 57edaf2820cf8a541bec262a3872213a3abf1b87d32cce0e9c02d8df3601d21eb8cee02914775ca7a64585bec0f3da45791475122538e8716920848e0496d3c7 |
/var/folders/zz/zyxvpxvq6csfxvn_n00000s0000068/T/softwareupdated/062-01946_45A4618B-3C0B-4F73-8CB8-55C57DF005DF/Payload/System/Library/CoreServices/MajorOSInfo.bundle/Contents/Resources/OSBadge.icns
| MD5 | 6691db1a52f872d5e2558838b1300191 |
| SHA1 | 1aae9d9580239f60271c9221dd07e45fe672ef76 |
| SHA256 | 0dcf31da652109b8f6c02f07085dd415256b8f75fe284dfc4cf1f59df16e05f7 |
| SHA512 | 39a515bcfb179000d824b504874ed5c23bd4fde10c87b6792ddf33990f35e53253e0864b7be76804acfdca4c3549a0e424b4db2086c74594a47436b39c10dcd5 |
/var/root/Library/Caches/rtcreportingd/events/NRM_Events_2024-06-18-20-31-46.event
| MD5 | 497da707fedea8441e87850568537ce2 |
| SHA1 | 9ca3e46b64f68a1e1e538e723c06574b6e91a1a0 |
| SHA256 | 702dc0e9c7768a36a924bd00886d81d49ed993108d5cc554069ebe599e70df41 |
| SHA512 | 4a2df162994d4694326de8a84a11ad4867ddaf23aac98fcc0c6f447f2a1a864fcf225f9ca678dbcc10b96e11170349b85c369119aad58498361a760163793339 |
/var/folders/zz/zyxvpxvq6csfxvn_n00000s0000068/C/softwareupdated/com.apple.SoftwareUpdate.SUCatalogDataManager/f/062-14334/062-14334.English.dist
| MD5 | a7b653470ef625dad0c284de32caf4ce |
| SHA1 | 0dc4203bb17860eb9b65e8b2cbe58d5e2b029e2a |
| SHA256 | 67b630ec1b4682b514a42255ee4e21a1d5099fb7ea3ce93603cb7b550f8fced0 |
| SHA512 | 3568f9d7e5c2623d77351210bbf1b5b0339a5aa2f623aed005d8eeb05210338d65625f07a724b6682d2761f41140aa3bbf8f532d542257f602633f675097d6a0 |
/var/folders/zz/zyxvpxvq6csfxvn_n00000s0000068/C/softwareupdated/com.apple.SoftwareUpdate.SUCatalogDataManager/e/052-25574/052-25574.English.dist
| MD5 | 968ab128ea706e0998a0f477b93b35d5 |
| SHA1 | 5290f79457ceaca10f86b870175e5096de273281 |
| SHA256 | 275cccf0e27e7b1a61f26a627c778bc3a8078d953b3896f39f3fb734957361a8 |
| SHA512 | 0298a3ff7a8b2c9919b10b2452b9550a9138730241f75fbab35fe2db3d778a1293aff4940148101f45a81532979f6c8d0f119924fc1f4dd8dce976909bdd0964 |
/var/folders/zz/zyxvpxvq6csfxvn_n00000s0000068/C/softwareupdated/com.apple.SoftwareUpdate.SUCatalogDataManager/x/062-16716/062-16716.English.dist
| MD5 | 178f5ebbf05b005bdd36e0cddd2f4440 |
| SHA1 | dbccafe49f3bbf0e19c490ffdd43a349306617a8 |
| SHA256 | 549acf5e9d84473c115122702794b29e794e99b00eee289c4426379d0c5afbdb |
| SHA512 | dd55dec93677c3247cb16f0f22a1ffedd33a762b54e338573b29b4c19eddfe49f2ca5233c116b57a16be3082c3d1f54df736000fc76284cd215f1df4ccb362b4 |
/var/folders/zz/zyxvpxvq6csfxvn_n00000s0000068/C/softwareupdated/com.apple.SoftwareUpdate.SUCatalogDataManager/g/012-04872/012-04872.English.dist
| MD5 | 84af1f7a03435cfef5fbcffb7a3c58c4 |
| SHA1 | 966643bdee53124295304e3fc6ad4e09a988222a |
| SHA256 | 4286594444bfc059d0fc98d4048ba91b4aba3c5072dcda73c8851e650b836166 |
| SHA512 | 0ced3739663a028a1a3dd6155e64650454a0967573fc42c64862fab7355c4e682477a7a3fd56ce2a151a33baa8dd8fa3749e7ff543c1d49c10e3198267fafbcf |
/var/folders/zz/zyxvpxvq6csfxvn_n00000s0000068/T/softwareupdated/ProductMetadata.plist
| MD5 | 9ac377316f06c6a6fd99ee3e07593b87 |
| SHA1 | 1dbea8980aff3e7d370a7d5599897d8ae0809da2 |
| SHA256 | 0694f19b95b76c8cf749a539321a09c173543f9d5a0b12140ebe8e84c53248b7 |
| SHA512 | b9284cb2dfc836ccb6f5c5b4badbf2ca454c3da16a30030ea0b671213e7f31387046b834f9c14b6122bce94b78611e620cdea24107625ab7a3aa2e8bcd398432 |
/var/root/Library/Caches/rtcreportingd/events/NRM_Events_2024-06-18-20-31-46.event
| MD5 | 08f2f5910f1ecebc80c74258e1ff295c |
| SHA1 | 44d460a6de4aedca1c4742f31c2d590eb6487545 |
| SHA256 | 21f34a1b54ddbea266e1a210e1523f8063282258e625b2cced855ab32969e524 |
| SHA512 | c95bb3f412fe3be4208bdb5995c26729512c65448a34e9164c47e500a482cfbf55447dae011213719ff4beee7c2032c1919abff3429aff5cafb542e3c5f3e8fe |
/Users/run/Library/Safari/Favicon Cache/favicons/98FF4077638C1BA5BBBD6CA020AD796A
| MD5 | 38cfdb248210ffd12a6e774119609de8 |
| SHA1 | d10a44e5d06c8a95e4c61ae770cc8f0c8d372253 |
| SHA256 | 5493c61cf725cf3a1d63cd9d07de75b0d6faa5564e772f7d0a6074f341442938 |
| SHA512 | 7d0ae6125e5c10d52847ac10e5200f2aaa84932ea5d10af54440c0abc27af19285cb760f0e8dad0bac4371e4b384ffaddcf235f9f1ba29e6dc41ef29deac4fba |
/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C/com.apple.Safari.SafeBrowsing/Google/malware,osx,url_expression
| MD5 | 355d837549cee18c4a84a77a70a2756b |
| SHA1 | 33c5de31fda7ac065b17b89a6fc9e644a03c078c |
| SHA256 | d2547621952f15189bd0b01868fdfa09350acce54562ee432c458f664a102d44 |
| SHA512 | d4afd49ba36e5759516ac96feb0b4919a1f0bfac4c5b2c2d5f51cd35c0a17ff5a8d8a3dc117611e513be8541ef694566b540671b7b9736a8385a157e5ba5ce11 |
/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C/com.apple.Safari.SafeBrowsing/Google/social_engineering,osx,url_expression
| MD5 | 0bcc4233ff947f08d3d87d0a1632992f |
| SHA1 | dbe83745fbf6dfb824d65a810111dafce5856ffe |
| SHA256 | cb77635c5059038c7db8ad61a8b7c5acf5a6e752ead26e8cc9e2e83207b105b5 |
| SHA512 | eeb41e036563bd1f36d58849e9f2c3c313d1e84c61d505d5ce50ce81fb21100f66f6035a214900eb7cb363533a06485c2a1bc799faf7d7eb1624b750fb3467eb |
/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C/com.apple.Safari.SafeBrowsing/Google/unwanted_software,osx,url_expression
| MD5 | 43e320fb688db6b017a0c447a99f2e3c |
| SHA1 | 449e3aba77122668547c8b557fd473b4ea1ef72f |
| SHA256 | 5cfc622fbee9ba615c9a2a4a4c0733b1950cce10ddd18b0b7fa8b4ec60eb453e |
| SHA512 | 82b69433eed63ffd12506961eeef3bc9d4b7f65b3639393f2d6ef14a67165b19e9c0b41ec68c55e683251592bb5239127616da5408aba76d6757007435633531 |
/Users/run/Desktop/payload/settings.json
| MD5 | b35182a5d0722d6f81654bbf9755bb77 |
| SHA1 | 05203798855cfdf6f32161189ee340efe27386fb |
| SHA256 | f9169b9b0d3706f8622513a6be8a722cdcef97826f1e71476439cb387792416c |
| SHA512 | 584f5d1afd86c2492a344447039c34b2239903af5b27590371226a13bc8668afa106af8bbefcfd75ed61a247ab251c93c51ce8192347b6d5ac53bf2b44bf89f9 |
/Users/run/Library/Caches/com.apple.systempreferences.imageCache
| MD5 | ce9032fc27dc24f38c40c4116b2aec09 |
| SHA1 | 617bf0e6e5838af3740393cedbf38307b7248371 |
| SHA256 | 7bff5dd79349e4e42419a9f1720119cc19767df0ec1bedd6fada6a28a8be3749 |
| SHA512 | a1883e330fd3483da59388e16da1f392af2174170700093f213a1b218f3d04ae9b1d3f6d3bc9ebeb69324440de414f7a92b92739e98e5880f3b7b078b9676af1 |
/Users/run/Library/Saved Application State/com.apple.systempreferences.savedState/data.data
| MD5 | 660f24d2556cea09d277fe75fceea086 |
| SHA1 | 834d7f6a4d044d2000a4276435e47f626679a04a |
| SHA256 | 33cfc68d173d8a73bbefd7fc035f747f0dd90d669721ac6fb7cf822fe19088f0 |
| SHA512 | 379a768bdeee988b34a817d114df99d06dfe993cdaab913c9d675489f0196ad05e044e2bc02d48b8db615cc19474f2f1f99433359a3fc5863e771337a15cf2e3 |