6cf0d447c0666444ffd6c5614d55841554df372e8ac5e1beb245f878b3bd2b5d

Analysis

max time kernel
921s
max time network
1055s
platform
macos-10.15_amd64
resource
macos-20240711.1-en
resource tags

arch:amd64arch:i386image:macos-20240711.1-enkernel:19b77alocale:en-usos:macos-10.15-amd64system
submitted
27/07/2024, 20:55

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

bloodstrike_global_beta_1.003.650000.1712034038.exe
Size

249.3MB
MD5

170e94233d2669d48476f97b76b6a861
SHA1

db803c9712f9ecb51cea733debdbf8c39e4ea0d7
SHA256

6cf0d447c0666444ffd6c5614d55841554df372e8ac5e1beb245f878b3bd2b5d
SHA512

4395e158eb4702b46fbf714e8a9b0a098a5a01670554239ade782ab2db6e71dbb8f4e5b93a412e2fd897899325a5eafb95c90832e2a2f1102dad8c57f495e746
SSDEEP

6291456:017q2tlOv5/BzuNis+Xio3Ad5/wRPmCiZnASXBs1qSAXbGqtatP:yq2bOv5/ByNxeioQdK8xXBAoLGqCP

Score

4^/10

evasion

Malware Config

Signatures

Resource Forking 1 TTPs 4 IoCs

Adversaries may abuse resource forks to hide malicious code or executables to evade detection and bypass security applications. A resource fork provides applications a structured way to store resources such as thumbnail images, menu definitions, icons, dialog boxes, and code.

evasion

Resource Forking

T1564.009

ioc	Process
/System/Library/CoreServices/loginwindow.app/Contents/Resources/LWWeeklyMessageTracer	Process not Found
"/Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Resources/Java Updater.app/Contents/MacOS/Java Updater" -bgcheck	Process not Found
/System/Library/Frameworks/ApplicationServices.framework/Frameworks/SpeechSynthesis.framework/Resources/com.apple.speech.speechsynthesisd	Process not Found
/System/Applications/Chess.app/Contents/Resources/sjeng.ChessEngine "sjeng (Chess Engine)"	Process not Found

/bin/sh
sh -c "sudo /bin/zsh -c \"/Users/run/bloodstrike_global_beta_1.003.650000.1712034038.exe\""
1⤵
PID:485

/bin/bash
sh -c "sudo /bin/zsh -c \"/Users/run/bloodstrike_global_beta_1.003.650000.1712034038.exe\""
1⤵
PID:485

/usr/bin/sudo
sudo /bin/zsh -c /Users/run/bloodstrike_global_beta_1.003.650000.1712034038.exe
1⤵
PID:485
- /bin/zsh
  /bin/zsh -c /Users/run/bloodstrike_global_beta_1.003.650000.1712034038.exe
  2⤵
  PID:487
- /Users/run/bloodstrike_global_beta_1.003.650000.1712034038.exe
  /Users/run/bloodstrike_global_beta_1.003.650000.1712034038.exe
  2⤵
  PID:487

/System/Library/CoreServices/Applications/Feedback Assistant.app/Contents/Library/LaunchServices/seedusaged
"/System/Library/CoreServices/Applications/Feedback Assistant.app/Contents/Library/LaunchServices/seedusaged"
1⤵
PID:471

/System/Library/PrivateFrameworks/SpeechObjects.framework/Versions/A/SpeechDataInstallerd.app/Contents/MacOS/SpeechDataInstallerd
/System/Library/PrivateFrameworks/SpeechObjects.framework/Versions/A/SpeechDataInstallerd.app/Contents/MacOS/SpeechDataInstallerd
1⤵
PID:473

/System/Library/CoreServices/loginwindow.app/Contents/Resources/LWWeeklyMessageTracer
/System/Library/CoreServices/loginwindow.app/Contents/Resources/LWWeeklyMessageTracer
1⤵
PID:475

/Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Resources/Java Updater.app/Contents/MacOS/Java Updater
"/Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Resources/Java Updater.app/Contents/MacOS/Java Updater" -bgcheck
1⤵
PID:476

/usr/libexec/pkreporter
/usr/libexec/pkreporter
1⤵
PID:474

/usr/libexec/xpcproxy
xpcproxy com.apple.audio.AudioComponentRegistrar
1⤵
PID:513

/System/Library/Frameworks/AudioToolbox.framework/AudioComponentRegistrar
/System/Library/Frameworks/AudioToolbox.framework/AudioComponentRegistrar -daemon
1⤵
PID:513

/usr/libexec/xpcproxy
xpcproxy com.apple.Safari.2028
1⤵
PID:526

/Applications/Safari.app/Contents/MacOS/Safari
/Applications/Safari.app/Contents/MacOS/Safari
1⤵
PID:526

/usr/libexec/xpcproxy
xpcproxy com.apple.Safari.History
1⤵
PID:527

/System/Library/PrivateFrameworks/SafariShared.framework/Versions/A/XPCServices/com.apple.Safari.History.xpc/Contents/MacOS/com.apple.Safari.History
/System/Library/PrivateFrameworks/SafariShared.framework/Versions/A/XPCServices/com.apple.Safari.History.xpc/Contents/MacOS/com.apple.Safari.History
1⤵
PID:527

/usr/libexec/xpcproxy
xpcproxy com.apple.WebKit.WebContent.F201E4BA-3CE6-4C5C-9EDC-349FE0192D50 526
1⤵
PID:528

/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
1⤵
PID:528

/usr/libexec/xpcproxy
xpcproxy com.apple.SafariLaunchAgent
1⤵
PID:533

/Library/Apple/System/Library/CoreServices/SafariSupport.bundle/Contents/MacOS/SafariLaunchAgent
/Library/Apple/System/Library/CoreServices/SafariSupport.bundle/Contents/MacOS/SafariLaunchAgent
1⤵
PID:533

/usr/libexec/xpcproxy
xpcproxy com.apple.WebKit.WebContent.F30CF9B1-5177-4D30-A132-E5EDD89475A0 526
1⤵
PID:534

/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
1⤵
PID:534

/usr/libexec/xpcproxy
xpcproxy com.apple.Safari.SearchHelper 526
1⤵
PID:535

/System/Library/PrivateFrameworks/SafariShared.framework/Versions/A/XPCServices/com.apple.Safari.SearchHelper.xpc/Contents/MacOS/com.apple.Safari.SearchHelper
/System/Library/PrivateFrameworks/SafariShared.framework/Versions/A/XPCServices/com.apple.Safari.SearchHelper.xpc/Contents/MacOS/com.apple.Safari.SearchHelper
1⤵
PID:535

/usr/libexec/xpcproxy
xpcproxy com.apple.Safari.SafeBrowsing.Service
1⤵
PID:539

/System/Library/PrivateFrameworks/SafariSafeBrowsing.framework/com.apple.Safari.SafeBrowsing.Service
/System/Library/PrivateFrameworks/SafariSafeBrowsing.framework/com.apple.Safari.SafeBrowsing.Service
1⤵
PID:539

/usr/libexec/xpcproxy
xpcproxy com.apple.WebKit.WebContent.2A154BBE-7E60-45D0-B138-A9D246B2EDB7 526
1⤵
PID:541

/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
1⤵
PID:541

/System/Applications/TV.app/Contents/MacOS/TV
/System/Applications/TV.app/Contents/MacOS/TV
1⤵
PID:550

/usr/libexec/xpcproxy
xpcproxy com.apple.accessibility.mediaaccessibilityd
1⤵
PID:552

/System/Library/Frameworks/MediaAccessibility.framework/Versions/A/XPCServices/com.apple.accessibility.mediaaccessibilityd.xpc/Contents/MacOS/com.apple.accessibility.mediaaccessibilityd
/System/Library/Frameworks/MediaAccessibility.framework/Versions/A/XPCServices/com.apple.accessibility.mediaaccessibilityd.xpc/Contents/MacOS/com.apple.accessibility.mediaaccessibilityd
1⤵
PID:552

/usr/libexec/xpcproxy
xpcproxy com.apple.WebKit.WebContent.DDD1B0EA-EBD4-4399-84DC-C501D3B40AC3 550
1⤵
PID:555

/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
1⤵
PID:555

/usr/libexec/xpcproxy
xpcproxy com.apple.siri.launcher.1708
1⤵
PID:558

/System/Applications/Siri.app/Contents/MacOS/Siri
/System/Applications/Siri.app/Contents/MacOS/Siri
1⤵
PID:558

/usr/libexec/xpcproxy
xpcproxy com.apple.Siri.2292
1⤵
PID:559

/System/Library/CoreServices/Siri.app/Contents/MacOS/Siri
/System/Library/CoreServices/Siri.app/Contents/MacOS/Siri
1⤵
PID:559

/usr/libexec/xpcproxy
xpcproxy com.apple.ReportMemoryException
1⤵
PID:560

/usr/libexec/ReportMemoryException
/usr/libexec/ReportMemoryException
1⤵
PID:560

/usr/libexec/xpcproxy
xpcproxy com.apple.SiriUI.SiriUISetupXPC 559
1⤵
PID:562

/System/Library/PrivateFrameworks/SiriUI.framework/Versions/A/XPCServices/SiriUISetupXPC.xpc/Contents/MacOS/SiriUISetupXPC
/System/Library/PrivateFrameworks/SiriUI.framework/Versions/A/XPCServices/SiriUISetupXPC.xpc/Contents/MacOS/SiriUISetupXPC
1⤵
PID:562

/usr/libexec/xpcproxy
xpcproxy com.apple.Siri.agent
1⤵
PID:563

/System/Library/CoreServices/Siri.app/Contents/MacOS/Siri
/System/Library/CoreServices/Siri.app/Contents/MacOS/Siri launchd
1⤵
PID:563

/usr/libexec/xpcproxy
xpcproxy com.apple.siriknowledged
1⤵
PID:565

/usr/libexec/xpcproxy
xpcproxy com.apple.SiriUI.SiriUISetupXPC 563
1⤵
PID:566

/System/Library/PrivateFrameworks/SiriUI.framework/Versions/A/XPCServices/SiriUISetupXPC.xpc/Contents/MacOS/SiriUISetupXPC
/System/Library/PrivateFrameworks/SiriUI.framework/Versions/A/XPCServices/SiriUISetupXPC.xpc/Contents/MacOS/SiriUISetupXPC
1⤵
PID:566

/usr/libexec/siriknowledged
/usr/libexec/siriknowledged
1⤵
PID:565

/usr/libexec/xpcproxy
xpcproxy com.apple.audio.AudioComponentRegistrar
1⤵
PID:567

/System/Library/Frameworks/AudioToolbox.framework/AudioComponentRegistrar
/System/Library/Frameworks/AudioToolbox.framework/AudioComponentRegistrar
1⤵
PID:567

/usr/libexec/xpcproxy
xpcproxy com.apple.audio.SandboxHelper 390
1⤵
PID:568

/System/Library/Frameworks/AudioToolbox.framework/XPCServices/com.apple.audio.SandboxHelper.xpc/Contents/MacOS/com.apple.audio.SandboxHelper
/System/Library/Frameworks/AudioToolbox.framework/XPCServices/com.apple.audio.SandboxHelper.xpc/Contents/MacOS/com.apple.audio.SandboxHelper
1⤵
PID:568

/usr/libexec/xpcproxy
xpcproxy com.apple.SiriNCService 563
1⤵
PID:569

/System/Library/CoreServices/Siri.app/Contents/XPCServices/SiriNCService.xpc/Contents/MacOS/SiriNCService
/System/Library/CoreServices/Siri.app/Contents/XPCServices/SiriNCService.xpc/Contents/MacOS/SiriNCService
1⤵
PID:569

/usr/libexec/xpcproxy
xpcproxy com.apple.audio.SandboxHelper 315
1⤵
PID:570

/System/Library/Frameworks/AudioToolbox.framework/XPCServices/com.apple.audio.SandboxHelper.xpc/Contents/MacOS/com.apple.audio.SandboxHelper
/System/Library/Frameworks/AudioToolbox.framework/XPCServices/com.apple.audio.SandboxHelper.xpc/Contents/MacOS/com.apple.audio.SandboxHelper
1⤵
PID:570

/usr/libexec/xpcproxy
xpcproxy com.apple.speech.speechsynthesisd
1⤵
PID:571

/System/Library/Frameworks/ApplicationServices.framework/Frameworks/SpeechSynthesis.framework/Resources/com.apple.speech.speechsynthesisd
/System/Library/Frameworks/ApplicationServices.framework/Frameworks/SpeechSynthesis.framework/Resources/com.apple.speech.speechsynthesisd
1⤵
PID:571

/usr/libexec/xpcproxy
xpcproxy com.apple.siri.ClientFlow.ClientScripter 390
1⤵
PID:572

/usr/libexec/xpcproxy
xpcproxy com.apple.assistant_service
1⤵
PID:573

/System/Library/PrivateFrameworks/AssistantServices.framework/Versions/A/XPCServices/com.apple.siri.ClientFlow.ClientScripter.xpc/Contents/MacOS/com.apple.siri.ClientFlow.ClientScripter
/System/Library/PrivateFrameworks/AssistantServices.framework/Versions/A/XPCServices/com.apple.siri.ClientFlow.ClientScripter.xpc/Contents/MacOS/com.apple.siri.ClientFlow.ClientScripter
1⤵
PID:572

/System/Library/PrivateFrameworks/AssistantServices.framework/Versions/A/Support/assistant_service
/System/Library/PrivateFrameworks/AssistantServices.framework/Versions/A/Support/assistant_service
1⤵
PID:573

/usr/libexec/xpcproxy
xpcproxy com.apple.speech.speechdatainstallerd
1⤵
PID:575

/System/Library/PrivateFrameworks/SpeechObjects.framework/Versions/A/SpeechDataInstallerd.app/Contents/MacOS/SpeechDataInstallerd
/System/Library/PrivateFrameworks/SpeechObjects.framework/Versions/A/SpeechDataInstallerd.app/Contents/MacOS/SpeechDataInstallerd
1⤵
PID:575

/usr/libexec/xpcproxy
xpcproxy com.apple.AddressBook.AssistantService
1⤵
PID:576

/System/Library/Frameworks/AddressBook.framework/Versions/A/Helpers/ABAssistantService.app/Contents/MacOS/ABAssistantService
/System/Library/Frameworks/AddressBook.framework/Versions/A/Helpers/ABAssistantService.app/Contents/MacOS/ABAssistantService
1⤵
PID:576

/usr/libexec/xpcproxy
xpcproxy com.apple.StreamingUnzipService 198
1⤵
PID:580

/System/Library/PrivateFrameworks/StreamingZip.framework/Versions/A/XPCServices/com.apple.StreamingUnzipService.xpc/Contents/MacOS/com.apple.StreamingUnzipService
/System/Library/PrivateFrameworks/StreamingZip.framework/Versions/A/XPCServices/com.apple.StreamingUnzipService.xpc/Contents/MacOS/com.apple.StreamingUnzipService
1⤵
PID:580

/usr/libexec/xpcproxy
xpcproxy com.apple.icloud.FMIPClientXPCService 573
1⤵
PID:583

/System/Library/PrivateFrameworks/FMClient.framework/Versions/A/XPCServices/FMIPClientXPCService.xpc/Contents/MacOS/FMIPClientXPCService
/System/Library/PrivateFrameworks/FMClient.framework/Versions/A/XPCServices/FMIPClientXPCService.xpc/Contents/MacOS/FMIPClientXPCService
1⤵
PID:583

/usr/libexec/xpcproxy
xpcproxy com.apple.AddressBook.AssistantService
1⤵
PID:584

/System/Library/Frameworks/AddressBook.framework/Versions/A/Helpers/ABAssistantService.app/Contents/MacOS/ABAssistantService
/System/Library/Frameworks/AddressBook.framework/Versions/A/Helpers/ABAssistantService.app/Contents/MacOS/ABAssistantService
1⤵
PID:584

/usr/libexec/xpcproxy
xpcproxy com.apple.PerformanceAnalysis.animationperfd
1⤵
PID:587

/System/Library/PrivateFrameworks/PerformanceAnalysis.framework/Versions/A/XPCServices/com.apple.PerformanceAnalysis.animationperfd.xpc/Contents/MacOS/com.apple.PerformanceAnalysis.animationperfd
/System/Library/PrivateFrameworks/PerformanceAnalysis.framework/Versions/A/XPCServices/com.apple.PerformanceAnalysis.animationperfd.xpc/Contents/MacOS/com.apple.PerformanceAnalysis.animationperfd
1⤵
PID:587

/usr/libexec/xpcproxy
xpcproxy com.apple.Chess.1724
1⤵
PID:589

/System/Applications/Chess.app/Contents/MacOS/Chess
/System/Applications/Chess.app/Contents/MacOS/Chess
1⤵
PID:589

/usr/libexec/xpcproxy
xpcproxy com.apple.gamed
1⤵
PID:590

/System/Library/PrivateFrameworks/GameCenterFoundation.framework/Versions/A/gamed
/System/Library/PrivateFrameworks/GameCenterFoundation.framework/Versions/A/gamed
1⤵
PID:590

/System/Applications/Chess.app/Contents/Resources/sjeng.ChessEngine
/System/Applications/Chess.app/Contents/Resources/sjeng.ChessEngine "sjeng (Chess Engine)"
1⤵
PID:591

/usr/libexec/xpcproxy
xpcproxy com.apple.SpeechRecognitionCore.brokerd
1⤵
PID:592

/System/Library/PrivateFrameworks/SpeechRecognitionCore.framework/Versions/A/XPCServices/com.apple.SpeechRecognitionCore.brokerd.xpc/Contents/MacOS/com.apple.SpeechRecognitionCore.brokerd
/System/Library/PrivateFrameworks/SpeechRecognitionCore.framework/Versions/A/XPCServices/com.apple.SpeechRecognitionCore.brokerd.xpc/Contents/MacOS/com.apple.SpeechRecognitionCore.brokerd
1⤵
PID:592

/usr/libexec/xpcproxy
xpcproxy com.apple.DictationIM
1⤵
PID:593

/System/Library/Input Methods/DictationIM.app/Contents/MacOS/DictationIM
"/System/Library/Input Methods/DictationIM.app/Contents/MacOS/DictationIM"
1⤵
PID:593

/usr/libexec/xpcproxy
xpcproxy com.apple.gamecenter.GameCenterUIService 589
1⤵
PID:594

/System/Library/PrivateFrameworks/GameCenterUICore.framework/XPCServices/com.apple.gamecenter.GameCenterUIService.xpc/Contents/MacOS/com.apple.gamecenter.GameCenterUIService
/System/Library/PrivateFrameworks/GameCenterUICore.framework/XPCServices/com.apple.gamecenter.GameCenterUIService.xpc/Contents/MacOS/com.apple.gamecenter.GameCenterUIService
1⤵
PID:594

/usr/libexec/xpcproxy
xpcproxy com.apple.audio.SandboxHelper 571
1⤵
PID:595

/System/Library/Frameworks/AudioToolbox.framework/XPCServices/com.apple.audio.SandboxHelper.xpc/Contents/MacOS/com.apple.audio.SandboxHelper
/System/Library/Frameworks/AudioToolbox.framework/XPCServices/com.apple.audio.SandboxHelper.xpc/Contents/MacOS/com.apple.audio.SandboxHelper
1⤵
PID:595

/usr/libexec/xpcproxy
xpcproxy com.apple.spindump
1⤵
PID:602

/usr/sbin/spindump
/usr/sbin/spindump
1⤵
PID:602

/usr/libexec/xpcproxy
xpcproxy com.apple.diagnosticd
1⤵
PID:603

/usr/libexec/diagnosticd
/usr/libexec/diagnosticd
1⤵
PID:603

/usr/libexec/xpcproxy
xpcproxy com.apple.DictationIM
1⤵
PID:605

/System/Library/Input Methods/DictationIM.app/Contents/MacOS/DictationIM
"/System/Library/Input Methods/DictationIM.app/Contents/MacOS/DictationIM"
1⤵
PID:605

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Hide Artifacts

T1564

Resource Forking

T1564.009

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/Users/run/Library/Application Support/AddressBook/Metadata/.info

Filesize
341B

MD5
afea2f7e2d03857c05e59c8585ebc80c

SHA1
3edf27cf3873320c75d7eefd44cff1b28e31e89a

SHA256
3fc68bee5c0f4b62db7a817ec91a894be429b70cb2617d5b6d1af2d9e1b8c676

SHA512
18270a088149f35b66f18bb32587847fd3fe5823a89b04bded707851b89ca937e78e8d6bbf37a9171e51e51b3d6a01c392adaebe31ea9892dddefe909e3786bf

Download Submit
/Users/run/Library/Application Support/AddressBook/Metadata/.info

Filesize
278B

MD5
0ccad1a77fec8b06c62ed8b0d559d3a6

SHA1
46cdc220ace13896c5ceeef7b115fb85d4c664dd

SHA256
43928ac38f9088982f7ca1a98420637b312a4ef10e3ba10f91488e36a198393e

SHA512
9bae8c33a07fde2b5ae37042a0f9432a34f4f414cfbef9a5d7a256a4f20ffcf53281dbbe1fae1c66ff79aae8753e0f45dd3b7209da0d9c50192eb5244dd1c041

Download Submit
/Users/run/Library/Application Support/AddressBook/Metadata/.info

Filesize
341B

MD5
18d77d90b2240da331ade94e686d04b5

SHA1
39bfd8edcfa6dab6878b7ab3269775b796ebe83f

SHA256
a475c2292a89c2f67f37a9a72ed9fea7b455e08b021c529a8bac719637496e28

SHA512
7bf78e366d37fc8f4607f69e5fd4b5fe3829a7a960c710b56ab6539fc7e4331d50317317af5b09a111936d95c73a531d23ef41a98a0d676a297389cf0a7b450e

Download Submit
/Users/run/Library/Assistant/com.apple.siri.applications.laststate.plist

Filesize
35KB

MD5
bb78e4f670b3d470b1f0dbd5aa173902

SHA1
7dc38362f10d8c369e20ede90ab0941fde18c23d

SHA256
2371e5c8bf37ec57a23038bff84f9ed349392bacdce5f13efa240adf6271d7ca

SHA512
a842fdf007621924664361822844d44258fc82c8b7085fc831ad885a0b6bc99e3f41dc2813482325d1ad62821f4a5251ec519bdfec6486c4c1663d82f43d5f97

Download Submit
/Users/run/Library/Containers/com.apple.Chess/Data/Library/Autosave Information/Unsaved Chess Document.game

Filesize
1KB

MD5
4a9e7e07f35a94bc8af12461a2a340c2

SHA1
b5c7b405056713c77851eb37ef7ee85872f1e180

SHA256
a1156a0e112566cf973cce41d5df6c55692c30286befe244dd7877464f036bc9

SHA512
59456dd48cfdf14a9145b9c8e3353192bdbf9b479adbe8a23ca584dc22c41d195eb38da74c5bcf9b3a8963c067b7b287a52a4327a6d46b12fe6398e95d8586e3

Download Submit
/Users/run/Library/Safari/Favicon Cache/favicons/2529545429CE075A4E64DE7DAA3D4C27

Filesize
5KB

MD5
f3418a443e7d841097c714d69ec4bcb8

SHA1
49263695f6b0cdd72f45cf1b775e660fdc36c606

SHA256
6da5620880159634213e197fafca1dde0272153be3e4590818533fab8d040770

SHA512
82d017c4b7ec8e0c46e8b75da0ca6a52fd8bce7fcf4e556cbdf16b49fc81be9953fe7e25a05f63ecd41c7272e8bb0a9fd9aedf0ac06cb6032330b096b3702563

Download Submit
/Users/run/Movies/TV/TV Library.tvlibrary/Application.tvdb

Filesize
250B

MD5
f1801d0f99c4d9f9c75c5f684b5fba86

SHA1
2f99626ce6374a809f82dcc996433ce78a493c74

SHA256
bc76868aec6e5a94205373e2ae436eeb019468bd0975ad715962b8bcb21df81c

SHA512
8edb783514441039df116ac6990d08268c9346b4964d90327258db5b2a3d4fce4648654b83ece23ecc94fc89aed72c337f0fc21e34deb72eca7a9491fdb02b25

Download Submit
/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C/com.apple.Safari.SafeBrowsing/Google/malware,osx,url_expression

Filesize
216KB

MD5
969ec4869719a0e40457ddd2d5f5ea1a

SHA1
2bb938078ed073a62c02164a8b4795313db2dbf4

SHA256
00e215bc0a650f2718984eac78e5bdd6fb0335264faa244750c817728274882c

SHA512
082040da62dfb0b6fc83b1ba6d7b47c3821f7cf77b2729c2a863e4fa5d0fd1eac92bbf4c5f7a12a9e308b8176f32510b3f54a6c617a89c1eea8c7696787f0832

Download Submit
/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C/com.apple.Safari.SafeBrowsing/Google/social_engineering,osx,url_expression

Filesize
21.8MB

MD5
1b5fe89d016aa2a97d953b865a692ae0

SHA1
32a66c74aa7ec50c0f3d7c076081d48b0bcc0b49

SHA256
0f19d431e47b9e09cf7ba9360a70f3cbe22fa5823c66e86b2949c9064ca001a6

SHA512
5cdb9525834cdfd400905d4bd9b6a237c721628d767acdcb080fd7705aef28e07761b37e7701ec8612da623f3475c958b423be5838584b94deff72431dfd2155

Download Submit
/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C/com.apple.Safari.SafeBrowsing/Google/unwanted_software,osx,url_expression

Filesize
131KB

MD5
e140a84e6ed842e83151f8a45fed5c98

SHA1
ca9de45322a0a6fab1e4191843cc37e97f556d8e

SHA256
3c51083040007c1458ebfe6953c99563eb608e770a46e89495097fd688a71f25

SHA512
3b837cdcbda7413614ceb72b9e3141dcbb12b44a10dfaeddff1e2bc441822dc22eee754e17e3ca9fecfa197b9471b287a0f5b5021621b69c38d2ae23b1476e03

Download Submit
/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C/com.apple.Safari//mds/mdsDirectory.db

Filesize
47KB

MD5
0e4a0d1ceb2af6f0f8d0167ce77be2d3

SHA1
414ba4c1dc5fc8bf53d550e296fd6f5ad669918c

SHA256
cca093bcfc65e25dd77c849866e110df72526dffbe29d76e11e29c7d888a4030

SHA512
1dc5282d27c49a4b6f921ba5dfc88b8c1d32289df00dd866f9ac6669a5a8d99afeda614bffc7cf61a44375ae73e09cd52606b443b63636977c9cd2ef4fa68a20

Download Submit
/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C/com.apple.Safari//mds/mdsObject.db

Filesize
4KB

MD5
d3a1859e6ec593505cc882e6def48fc8

SHA1
f8e6728e3e9de477a75706faa95cead9ce13cb32

SHA256
3ebafa97782204a4a1d75cfec22e15fcdeab45b65bab3b3e65508707e034a16c

SHA512
ea2a749b105759ea33408186b417359deffb4a3a5ed0533cb26b459c16bb3524d67ede5c9cf0d5098921c0c0a9313fb9c2672f1e5ba48810eda548fa3209e818

Download Submit