macOS Analysis Report types-config.ts
Overview
General Information
Detection
Score: | 64 |
Range: | 0 - 100 |
Whitelisted: | false |
Signatures
Classification
General Information |
---|
Joe Sandbox Version: | 34.0.0 Boulder Opal |
Analysis ID: | 1708605 |
Start date: | 12.01.2022 |
Start time: | 12:24:09 |
Joe Sandbox Product: | Cloud |
Overall analysis duration: | 0h 3m 57s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Sample file name: | types-config.ts |
Cookbook file name: | macOS - SysJoker - load provided binary as normal user.jbs |
Analysis system description: | Mac Mini, Big Sur (Office 2019 16.55, Java 1.8.0_311) |
Analysis Mode: | default |
Detection: | MAL |
Classification: | mal64.troj.evad.macTS@0/3@7/0 |
Warnings: | Show All
|
Process Tree |
---|
|
Yara Overview |
---|
Initial Sample |
---|
Source | Rule | Description | Author | Strings |
---|---|---|---|---|
JoeSecurity_SysJoker | Yara detected SysJoker | Joe Security |
Dropped Files |
---|
Source | Rule | Description | Author | Strings |
---|---|---|---|---|
JoeSecurity_SysJoker | Yara detected SysJoker | Joe Security |
Memory Dumps |
---|
Source | Rule | Description | Author | Strings |
---|---|---|---|---|
JoeSecurity_SysJoker | Yara detected SysJoker | Joe Security | ||
JoeSecurity_SysJoker | Yara detected SysJoker | Joe Security | ||
JoeSecurity_SysJoker | Yara detected SysJoker | Joe Security | ||
JoeSecurity_SysJoker | Yara detected SysJoker | Joe Security | ||
JoeSecurity_SysJoker | Yara detected SysJoker | Joe Security |
Jbx Signature Overview |
---|
Click to jump to signature section
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | DNS traffic detected: |
Source: | Writes from socket in process: | Jump to behavior |
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: |
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: |
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: |
Source: | Reads from socket in process: | Jump to behavior |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
System Summary: |
---|
Found detection on Joe Sandbox Cloud Basic | Show sources |
Source: | Joe Sandbox Cloud Basic: | Perma Link |
Source: | Classification label: |
Persistence and Installation Behavior: |
---|
Writes Mach-O files to untypical directories | Show sources |
Source: | FAT Mach-O written to unusual path: | Jump to dropped file |
Source: | Launch agent/daemon created with LimitLoadToSessionType Aqua, file created: | Jump to behavior |
Source: | Permissions modified for written FAT Mach-O /Users/drew/Library/MacOsServices/updateMacOs: | Jump to dropped file |
Source: | Shell command executed: | Jump to behavior | ||
Source: | Shell command executed: | Jump to behavior | ||
Source: | Shell command executed: | Jump to behavior | ||
Source: | Shell command executed: | Jump to behavior | ||
Source: | Shell command executed: | Jump to behavior | ||
Source: | Shell command executed: | Jump to behavior | ||
Source: | Shell command executed: | Jump to behavior | ||
Source: | Shell command executed: | Jump to behavior |
Source: | Nohup executable: | Jump to behavior |
Source: | File written: | Jump to dropped file |
Source: | XML plist file created: | Jump to dropped file |
Source: | Launch agent created File created: | Jump to behavior |
Source: | Launch agent/daemon created with KeepAlive and/or RunAtLoad, file created: | Jump to behavior |
Hooking and other Techniques for Hiding and Protection: |
---|
Process executable has a file extension which is uncommon (probably to disguise the executable) | Show sources |
Source: | Process executable with extension: | Jump to behavior |
Source: | Launch agent created File created: | Jump to behavior |
Source: | Sysctl requested: | Jump to behavior | ||
Source: | Sysctl requested: | Jump to behavior | ||
Source: | Sysctl requested: | Jump to behavior | ||
Source: | Sysctl requested: | Jump to behavior |
Stealing of Sensitive Information: |
---|
Yara detected SysJoker | Show sources |
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: |
Remote Access Functionality: |
---|
Yara detected SysJoker | Show sources |
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: |
Mitre Att&ck Matrix |
---|
Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Exfiltration | Command and Control | Network Effects | Remote Service Effects | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Valid Accounts | Scripting1 | LC_LOAD_DYLIB Addition1 | LC_LOAD_DYLIB Addition1 | Masquerading21 | OS Credential Dumping | System Information Discovery1 | Remote Services | Data from Local System | Exfiltration Over Other Network Medium | Encrypted Channel1 | Eavesdrop on Insecure Network Communication | Remotely Track Device Without Authorization | Modify System Partition |
Default Accounts | Scheduled Task/Job | Launch Agent4 | Launch Agent4 | Scripting1 | LSASS Memory | Application Window Discovery | Remote Desktop Protocol | Data from Removable Media | Exfiltration Over Bluetooth | Non-Application Layer Protocol1 | Exploit SS7 to Redirect Phone Calls/SMS | Remotely Wipe Data Without Authorization | Device Lockout |
Domain Accounts | At (Linux) | Launch Daemon2 | Launch Daemon2 | Obfuscated Files or Information | Security Account Manager | Query Registry | SMB/Windows Admin Shares | Data from Network Shared Drive | Automated Exfiltration | Application Layer Protocol2 | Exploit SS7 to Track Device Location | Obtain Device Cloud Backups | Delete Device Data |
Local Accounts | At (Windows) | Plist Modification1 | Plist Modification1 | Binary Padding | NTDS | System Network Configuration Discovery | Distributed Component Object Model | Input Capture | Scheduled Transfer | Protocol Impersonation | SIM Card Swap | Carrier Billing Fraud |
Behavior Graph |
---|
Screenshots |
---|
Thumbnails
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Antivirus, Machine Learning and Genetic Malware Detection |
---|
Initial Sample |
---|
No Antivirus matches |
---|
Dropped Files |
---|
No Antivirus matches |
---|
Domains |
---|
No Antivirus matches |
---|
URLs |
---|
No Antivirus matches |
---|
Domains and IPs |
---|
Contacted Domains |
---|
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
graphic-updater.com | 23.254.131.176 | true | false | unknown | |
drive.google.com | 142.250.186.110 | true | false | high | |
googlehosted.l.googleusercontent.com | 142.250.186.65 | true | false | high | |
doc-0k-2o-docs.googleusercontent.com | unknown | unknown | false | high | |
r3.o.lencr.org | unknown | unknown | false | unknown |
URLs from Memory and Binaries |
---|
Name | Source | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|
false | unknown |
Contacted IPs |
---|
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
Public |
---|
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
87.248.100.168 | unknown | United Kingdom | 34010 | YAHOO-IRDGB | false | |
23.254.131.176 | graphic-updater.com | United States | 54290 | HOSTWINDSUS | false | |
2.16.12.64 | unknown | European Union | 16625 | AKAMAI-ASUS | false | |
142.250.186.110 | drive.google.com | United States | 15169 | GOOGLEUS | false | |
23.203.78.159 | unknown | United States | 16625 | AKAMAI-ASUS | false | |
142.250.186.65 | googlehosted.l.googleusercontent.com | United States | 15169 | GOOGLEUS | false |
Signature Similarity |
---|
Samplename | Analysis ID | SHA256 | Similarity |
---|
Joe Sandbox View / Context |
---|
IPs |
---|
Match | Associated Sample Name / URL | SHA 256 | Detection | Link | Context |
---|---|---|---|---|---|
23.254.131.176 | Get hash | malicious | Browse | ||
Get hash | malicious | Browse | |||
Get hash | malicious | Browse | |||
Get hash | malicious | Browse | |||
Get hash | malicious | Browse | |||
Get hash | malicious | Browse | |||
Get hash | malicious | Browse | |||
Get hash | malicious | Browse |
Domains |
---|
Match | Associated Sample Name / URL | SHA 256 | Detection | Link | Context |
---|---|---|---|---|---|
graphic-updater.com | Get hash | malicious | Browse |
| |
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
|
ASN |
---|
Match | Associated Sample Name / URL | SHA 256 | Detection | Link | Context |
---|---|---|---|---|---|
HOSTWINDSUS | Get hash | malicious | Browse |
| |
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
AKAMAI-ASUS | Get hash | malicious | Browse |
| |
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
YAHOO-IRDGB | Get hash | malicious | Browse |
| |
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
|
JA3 Fingerprints |
---|
No context |
---|
Dropped Files |
---|
No context |
---|
Runtime Messages |
---|
Command: | sudo -u drew /Users/drew/Desktop/types-config.ts |
Exit Code: | 0 |
Exit Code Info: | |
Killed: | False |
Standard Output: | addToStatup |
Standard Error: |
Created / dropped Files |
---|
Process: | /Users/drew/Desktop/types-config.ts |
File Type: | |
Category: | dropped |
Size (bytes): | 579 |
Entropy (8bit): | 5.021176113008371 |
Encrypted: | false |
SSDEEP: | 12:TMHdgo+tJVEdQiCXFMBiyJd0vOD0er4TRa/S8e2EZy:2dfyiwKJdGecVaRwZy |
MD5: | DB6B1181719A4315F1CD8EC13131B6B6 |
SHA1: | FA9942FAEFE1F7530385457149A6B5B1811F1CB8 |
SHA-256: | 7BDE80AC5268DA84DCE386E73CE6B44B87D61FBD841A563E9D559D8BA2666A14 |
SHA-512: | 4151B3D3538ABDA8DAB6A44FB666E0C6A2C3A5CCE6751A46452D6BE01F804B25C47F471FB8F11366274558B95EB5631E6F1D2AA085A96FCDC4AB93F7DC42FD21 |
Malicious: | false |
Reputation: | low |
Preview: |
|
Process: | /bin/cp |
File Type: | |
Category: | dropped |
Size (bytes): | 360176 |
Entropy (8bit): | 4.67371613955121 |
Encrypted: | false |
SSDEEP: | 6144:5xw19koSAgvRyrnN5ft9A7pIHWhT5FixbxLZ:CvgMrnN51qaH+T5wl |
MD5: | E06E06752509F9CD8BC85AA1AA24DBA2 |
SHA1: | 554AEF8BF44E7FA941E1190E41C8770E90F07254 |
SHA-256: | 1A9A5C797777F37463B44DE2B49A7F95ABCA786DB3977DCDAC0F79DA739C08AC |
SHA-512: | 78A210C5FD1AC8C601FBB4ED226E7AAF1CC5BDA187807BA3020997862FD54B59081F0B7F4FDC720ACFA8E3D6A35DBE9309E0B2FE38088F493A02717A1057A56E |
Malicious: | true |
Yara Hits: |
|
Reputation: | low |
Preview: |
|
Process: | /Users/drew/Library/MacOsServices/updateMacOs |
File Type: | |
Category: | dropped |
Size (bytes): | 442 |
Entropy (8bit): | 5.449112826225266 |
Encrypted: | false |
SSDEEP: | 12:oq2J58phXzDj/LwLK1BizIt9izItSqXpqX6qX2qX2qc:e5OBDnxmImI8sps6s2s2v |
MD5: | 68EA8FBFBF8B41C2BF31561965A48326 |
SHA1: | 30DF9A643B9901560C7D086A2A1AFBEDCA0615C8 |
SHA-256: | 9C5D489FA3AE84FA9635B27AAA1099578BFD4DA48F6B9BD80F615BC2EC528B09 |
SHA-512: | 90C5614A1DF73EECC38396B0ED6A347A24359912CDCC072433B485F741448001C4BD9D5A90EA9C0BF33C259D445A9A70D9DEECE807883D554577A87A2EA9FE96 |
Malicious: | false |
Reputation: | low |
Preview: |
|
Static File Info |
---|
General | |
---|---|
File type: | |
Entropy (8bit): | 4.67371613955121 |
TrID: |
|
File name: | types-config.ts |
File size: | 360176 |
MD5: | e06e06752509f9cd8bc85aa1aa24dba2 |
SHA1: | 554aef8bf44e7fa941e1190e41c8770e90f07254 |
SHA256: | 1a9a5c797777f37463b44de2b49a7f95abca786db3977dcdac0f79da739c08ac |
SHA512: | 78a210c5fd1ac8c601fbb4ed226e7aaf1cc5bda187807ba3020997862fd54b59081f0b7f4fdc720acfa8e3d6a35dbe9309e0b2fe38088f493a02717a1057a56e |
SSDEEP: | 6144:5xw19koSAgvRyrnN5ft9A7pIHWhT5FixbxLZ:CvgMrnN51qaH+T5wl |
File Content Preview: | ..................@.......................~.................................................................................................................................................................................................................... |
CodeSign Information |
---|
|
Static Mach Info |
---|
General Information for header 1 | |
---|---|
Endian: | |
Size: | |
Architecture: | |
Filetype: | |
Nbr. of load commands: | |
Entry point: |
segment_command_64 aggregated: 5 |
---|
Name | Value |
---|---|
segname | __PAGEZERO |
vmaddr | 0x0 |
vmsize | 0x100000000 |
fileoff | 0x0 |
filesize | 0x0 |
maxprot | 0x0 |
initprot | 0x0 |
nsects | 0 |
flags | 0x0 |
Name | Value | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
segname | __TEXT | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
vmaddr | 0x100000000 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
vmsize | 0x18000 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
fileoff | 0x0 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
filesize | 0x18000 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
maxprot | 0x5 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
initprot | 0x5 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
nsects | 7 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
flags | 0x0 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Datas |
|
Name | Value | ||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
segname | __DATA_CONST | ||||||||||||||||||||||||||||||||||||||||
vmaddr | 0x100018000 | ||||||||||||||||||||||||||||||||||||||||
vmsize | 0x4000 | ||||||||||||||||||||||||||||||||||||||||
fileoff | 0x18000 | ||||||||||||||||||||||||||||||||||||||||
filesize | 0x4000 | ||||||||||||||||||||||||||||||||||||||||
maxprot | 0x3 | ||||||||||||||||||||||||||||||||||||||||
initprot | 0x3 | ||||||||||||||||||||||||||||||||||||||||
nsects | 3 | ||||||||||||||||||||||||||||||||||||||||
flags | 0x10 | ||||||||||||||||||||||||||||||||||||||||
Datas |
|
Name | Value | ||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
segname | __DATA | ||||||||||||||||||||||||||||||||||||||||
vmaddr | 0x10001C000 | ||||||||||||||||||||||||||||||||||||||||
vmsize | 0x4000 | ||||||||||||||||||||||||||||||||||||||||
fileoff | 0x1C000 | ||||||||||||||||||||||||||||||||||||||||
filesize | 0x4000 | ||||||||||||||||||||||||||||||||||||||||
maxprot | 0x3 | ||||||||||||||||||||||||||||||||||||||||
initprot | 0x3 | ||||||||||||||||||||||||||||||||||||||||
nsects | 3 | ||||||||||||||||||||||||||||||||||||||||
flags | 0x0 | ||||||||||||||||||||||||||||||||||||||||
Datas |
|
Name | Value |
---|---|
segname | __LINKEDIT |
vmaddr | 0x100020000 |
vmsize | 0xC000 |
fileoff | 0x20000 |
filesize | 0x8310 |
maxprot | 0x1 |
initprot | 0x1 |
nsects | 0 |
flags | 0x0 |
dyld_info_command aggregated: 1 |
---|
Name | Value |
---|---|
rebase_off | 131072 |
rebase_size | 56 |
bind_off | 131128 |
bind_size | 1360 |
weak_bind_off | 132488 |
weak_bind_size | 456 |
lazy_bind_off | 132944 |
lazy_bind_size | 3752 |
export_off | 136696 |
export_size | 312 |
symtab_command aggregated: 1 |
---|
Name | Value |
---|---|
symoff | 137440 |
nsyms | 131 |
stroff | 140400 |
strsize | 4432 |
dysymtab_command aggregated: 1 |
---|
Name | Value |
---|---|
ilocalsym | 0 |
nlocalsym | 1 |
iextdefsym | 1 |
nextdefsym | 7 |
iundefsym | 8 |
nundefsym | 123 |
tocoff | 0 |
ntoc | 0 |
modtaboff | 0 |
nmodtab | 0 |
extrefsymoff | 0 |
nextrefsyms | 0 |
indirectsymoff | 139536 |
nindirectsyms | 215 |
extreloff | 0 |
nextrel | 0 |
locreloff | 0 |
nlocrel | 0 |
dylinker_command aggregated: 1 |
---|
Name | Value |
---|---|
name | 12 |
Datas |
uuid_command aggregated: 1 |
---|
Name | Value |
---|---|
uuid | b'\x81t\x81~\xf4\xcf9\x8d\x97[x`Fn\xae\xc7' |
build_version_command aggregated: 1 |
---|
Name | Value |
---|---|
platform | 1 |
minos | 721664 |
sdk | 721664 |
ntools | 1 |
Datas |
source_version_command aggregated: 1 |
---|
Name | Value |
---|---|
version | 0 |
entry_point_command aggregated: 1 |
---|
Name | Value |
---|---|
entryoff | 26756 |
stacksize | 0 |
dylib_command aggregated: 3 |
---|
Name | Value |
---|---|
name | 24 |
timestamp | Thu Jan 1 01:00:02 1970 |
current_version | 9.0.0 |
compatibility_version | 7.0.0 |
Datas |
Name | Value |
---|---|
name | 24 |
timestamp | Thu Jan 1 01:00:02 1970 |
current_version | 905.6.0 |
compatibility_version | 1.0.0 |
Datas |
Name | Value |
---|---|
name | 24 |
timestamp | Thu Jan 1 01:00:02 1970 |
current_version | 1292.100.5 |
compatibility_version | 1.0.0 |
Datas |
linkedit_data_command aggregated: 3 |
---|
Name | Value |
---|---|
dataoff | 137008 |
datasize | 360 |
Name | Value |
---|---|
dataoff | 137368 |
datasize | 72 |
Name | Value |
---|---|
dataoff | 144832 |
datasize | 19792 |
Internal Symbols |
---|
__NSGetExecutablePath |
__Unwind_Resume |
__ZNKSt13runtime_error4whatEv |
__ZNKSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEE7compareEPKc |
__ZNKSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEE7compareEmmPKcm |
__ZNKSt3__120__vector_base_commonILb1EE20__throw_length_errorEv |
__ZNKSt3__121__basic_string_commonILb1EE20__throw_length_errorEv |
__ZNKSt3__16locale9has_facetERNS0_2idE |
__ZNKSt3__16locale9use_facetERNS0_2idE |
__ZNKSt3__18ios_base6getlocEv |
__ZNKSt9exception4whatEv |
__ZNSt11logic_errorC2EPKc |
__ZNSt12length_errorD1Ev |
__ZNSt13runtime_errorC1EPKc |
__ZNSt13runtime_errorC1ERKS_ |
__ZNSt13runtime_errorD1Ev |
__ZNSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEE5eraseEmm |
__ZNSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEE6appendEPKc |
__ZNSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEE6appendEPKcm |
__ZNSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEE6assignEPKc |
__ZNSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEE6insertEmPKc |
__ZNSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEE6resizeEmc |
__ZNSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEE9__grow_byEmmmmmm |
__ZNSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEE9push_backEc |
__ZNSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEEC1ERKS5_ |
__ZNSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEEC1ERKS5_mmRKS4_ |
__ZNSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEED1Ev |
__ZNSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEEaSERKS5_ |
__ZNSt3__113basic_ostreamIcNS_11char_traitsIcEEE5flushEv |
__ZNSt3__113basic_ostreamIcNS_11char_traitsIcEEE5writeEPKcl |
__ZNSt3__113basic_ostreamIcNS_11char_traitsIcEEE6sentryC1ERS3_ |
__ZNSt3__113basic_ostreamIcNS_11char_traitsIcEEE6sentryD1Ev |
__ZNSt3__113basic_ostreamIcNS_11char_traitsIcEEED0Ev |
__ZNSt3__113basic_ostreamIcNS_11char_traitsIcEEED1Ev |
__ZNSt3__113basic_ostreamIcNS_11char_traitsIcEEED2Ev |
__ZNSt3__113basic_ostreamIcNS_11char_traitsIcEEElsEi |
__ZNSt3__115basic_streambufIcNS_11char_traitsIcEEE5uflowEv |
__ZNSt3__115basic_streambufIcNS_11char_traitsIcEEE6xsgetnEPcl |
__ZNSt3__115basic_streambufIcNS_11char_traitsIcEEE6xsputnEPKcl |
__ZNSt3__115basic_streambufIcNS_11char_traitsIcEEE9showmanycEv |
__ZNSt3__115basic_streambufIcNS_11char_traitsIcEEEC2Ev |
__ZNSt3__115basic_streambufIcNS_11char_traitsIcEEED2Ev |
__ZNSt3__14__fs10filesystem14__current_pathEPNS_10error_codeE |
__ZNSt3__14__fs10filesystem18__create_directoryERKNS1_4pathEPNS_10error_codeE |
__ZNSt3__14__fs10filesystem8__removeERKNS1_4pathEPNS_10error_codeE |
__ZNSt3__14__fs10filesystem8__statusERKNS1_4pathEPNS_10error_codeE |
__ZNSt3__14cerrE |
__ZNSt3__14coutE |
__ZNSt3__15ctypeIcE2idE |
__ZNSt3__16localeC1ERKS0_ |
__ZNSt3__16localeD1Ev |
__ZNSt3__17codecvtIcc11__mbstate_tE2idE |
__ZNSt3__18ios_base33__set_badbit_and_consider_rethrowEv |
__ZNSt3__18ios_base4initEPv |
__ZNSt3__18ios_base5clearEj |
__ZNSt3__19basic_iosIcNS_11char_traitsIcEEED2Ev |
__ZNSt3__19to_stringEi |
__ZNSt3__19to_stringEm |
__ZNSt3__1plIcNS_11char_traitsIcEENS_9allocatorIcEEEENS_12basic_stringIT_T0_T1_EEPKS6_RKS9_ |
__ZNSt8bad_castC1Ev |
__ZNSt8bad_castD1Ev |
__ZNSt9exceptionD1Ev |
__ZNSt9exceptionD2Ev |
__ZSt9terminatev |
__ZTINSt3__113basic_filebufIcNS_11char_traitsIcEEEE |
__ZTINSt3__113basic_ostreamIcNS_11char_traitsIcEEEE |
__ZTINSt3__114basic_ofstreamIcNS_11char_traitsIcEEEE |
__ZTINSt3__115basic_streambufIcNS_11char_traitsIcEEEE |
__ZTINSt3__117bad_function_callE |
__ZTISt12length_error |
__ZTISt13runtime_error |
__ZTISt8bad_cast |
__ZTISt9exception |
__ZTSNSt3__113basic_filebufIcNS_11char_traitsIcEEEE |
__ZTSNSt3__114basic_ofstreamIcNS_11char_traitsIcEEEE |
__ZTSNSt3__117bad_function_callE |
__ZTVN10__cxxabiv120__si_class_type_infoE |
__ZTVSt12length_error |
__ZTVSt9exception |
__ZTv0_n24_NSt3__113basic_ostreamIcNS_11char_traitsIcEEED0Ev |
__ZTv0_n24_NSt3__113basic_ostreamIcNS_11char_traitsIcEEED1Ev |
__ZdaPv |
__ZdlPv |
__Znam |
__Znwm |
___assert_rtn |
___bzero |
___cxa_allocate_exception |
___cxa_atexit |
___cxa_begin_catch |
___cxa_end_catch |
___cxa_free_exception |
___cxa_get_exception_ptr |
___cxa_throw |
___error |
___gxx_personality_v0 |
___stack_chk_fail |
___stack_chk_guard |
__mh_execute_header |
_curl_easy_cleanup |
_curl_easy_getinfo |
_curl_easy_init |
_curl_easy_perform |
_curl_easy_setopt |
_fclose |
_fflush |
_fgets |
_fopen |
_fread |
_fseek |
_fseeko |
_ftello |
_fwrite |
_localeconv |
_memchr |
_memcmp |
_memcpy |
_memmove |
_memset |
_pclose |
_popen |
_rand |
_sleep |
_snprintf |
_strlen |
_strtod |
_strtoll |
_strtoull |
_system |
dyld_stub_binder |
radr://5614542 |
External symbols |
---|
__NSGetExecutablePath |
__Unwind_Resume |
__ZNKSt13runtime_error4whatEv |
__ZNKSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEE7compareEPKc |
__ZNKSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEE7compareEmmPKcm |
__ZNKSt3__120__vector_base_commonILb1EE20__throw_length_errorEv |
__ZNKSt3__121__basic_string_commonILb1EE20__throw_length_errorEv |
__ZNKSt3__16locale9has_facetERNS0_2idE |
__ZNKSt3__16locale9use_facetERNS0_2idE |
__ZNKSt3__18ios_base6getlocEv |
__ZNSt11logic_errorC2EPKc |
__ZNSt13runtime_errorC1EPKc |
__ZNSt13runtime_errorC1ERKS_ |
__ZNSt13runtime_errorD1Ev |
__ZNSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEE5eraseEmm |
__ZNSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEE6appendEPKc |
__ZNSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEE6appendEPKcm |
__ZNSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEE6assignEPKc |
__ZNSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEE6insertEmPKc |
__ZNSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEE6resizeEmc |
__ZNSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEE9__grow_byEmmmmmm |
__ZNSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEE9push_backEc |
__ZNSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEEC1ERKS5_ |
__ZNSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEEC1ERKS5_mmRKS4_ |
__ZNSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEED1Ev |
__ZNSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEEaSERKS5_ |
__ZNSt3__113basic_ostreamIcNS_11char_traitsIcEEE5flushEv |
__ZNSt3__113basic_ostreamIcNS_11char_traitsIcEEE5writeEPKcl |
__ZNSt3__113basic_ostreamIcNS_11char_traitsIcEEE6sentryC1ERS3_ |
__ZNSt3__113basic_ostreamIcNS_11char_traitsIcEEE6sentryD1Ev |
__ZNSt3__113basic_ostreamIcNS_11char_traitsIcEEED2Ev |
__ZNSt3__113basic_ostreamIcNS_11char_traitsIcEEElsEi |
__ZNSt3__115basic_streambufIcNS_11char_traitsIcEEEC2Ev |
__ZNSt3__115basic_streambufIcNS_11char_traitsIcEEED2Ev |
__ZNSt3__14__fs10filesystem14__current_pathEPNS_10error_codeE |
__ZNSt3__14__fs10filesystem18__create_directoryERKNS1_4pathEPNS_10error_codeE |
__ZNSt3__14__fs10filesystem8__removeERKNS1_4pathEPNS_10error_codeE |
__ZNSt3__14__fs10filesystem8__statusERKNS1_4pathEPNS_10error_codeE |
__ZNSt3__16localeC1ERKS0_ |
__ZNSt3__16localeD1Ev |
__ZNSt3__18ios_base33__set_badbit_and_consider_rethrowEv |
__ZNSt3__18ios_base4initEPv |
__ZNSt3__18ios_base5clearEj |
__ZNSt3__19basic_iosIcNS_11char_traitsIcEEED2Ev |
__ZNSt3__19to_stringEi |
__ZNSt3__19to_stringEm |
__ZNSt3__1plIcNS_11char_traitsIcEENS_9allocatorIcEEEENS_12basic_stringIT_T0_T1_EEPKS6_RKS9_ |
__ZNSt8bad_castC1Ev |
__ZNSt9exceptionD1Ev |
__ZNSt9exceptionD2Ev |
__ZSt9terminatev |
___assert_rtn |
___bzero |
___cxa_allocate_exception |
___cxa_atexit |
___cxa_begin_catch |
___cxa_end_catch |
___cxa_free_exception |
___cxa_get_exception_ptr |
___cxa_throw |
___error |
___stack_chk_fail |
_curl_easy_cleanup |
_curl_easy_getinfo |
_curl_easy_init |
_curl_easy_perform |
_curl_easy_setopt |
_fclose |
_fflush |
_fgets |
_fopen |
_fread |
_fseek |
_fseeko |
_ftello |
_fwrite |
_localeconv |
_memchr |
_memcmp |
_memcpy |
_memmove |
_memset |
_pclose |
_popen |
_rand |
_sleep |
_snprintf |
_strlen |
_strtod |
_strtoll |
_strtoull |
_system |
General Information for header 2 | |
---|---|
Endian: | |
Size: | |
Architecture: | |
Filetype: | |
Nbr. of load commands: | |
Entry point: |
segment_command_64 aggregated: 5 |
---|
Name | Value |
---|---|
segname | __PAGEZERO |
vmaddr | 0x0 |
vmsize | 0x100000000 |
fileoff | 0x0 |
filesize | 0x0 |
maxprot | 0x0 |
initprot | 0x0 |
nsects | 0 |
flags | 0x0 |
Name | Value | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
segname | __TEXT | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
vmaddr | 0x100000000 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
vmsize | 0x18000 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
fileoff | 0x0 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
filesize | 0x18000 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
maxprot | 0x5 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
initprot | 0x5 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
nsects | 8 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
flags | 0x0 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Datas |
|
Name | Value | ||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
segname | __DATA_CONST | ||||||||||||||||||||||||||||||||||||||||
vmaddr | 0x100018000 | ||||||||||||||||||||||||||||||||||||||||
vmsize | 0x4000 | ||||||||||||||||||||||||||||||||||||||||
fileoff | 0x18000 | ||||||||||||||||||||||||||||||||||||||||
filesize | 0x4000 | ||||||||||||||||||||||||||||||||||||||||
maxprot | 0x3 | ||||||||||||||||||||||||||||||||||||||||
initprot | 0x3 | ||||||||||||||||||||||||||||||||||||||||
nsects | 3 | ||||||||||||||||||||||||||||||||||||||||
flags | 0x10 | ||||||||||||||||||||||||||||||||||||||||
Datas |
|
Name | Value | ||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
segname | __DATA | ||||||||||||||||||||||||||||||||||||||||
vmaddr | 0x10001C000 | ||||||||||||||||||||||||||||||||||||||||
vmsize | 0x4000 | ||||||||||||||||||||||||||||||||||||||||
fileoff | 0x1C000 | ||||||||||||||||||||||||||||||||||||||||
filesize | 0x4000 | ||||||||||||||||||||||||||||||||||||||||
maxprot | 0x3 | ||||||||||||||||||||||||||||||||||||||||
initprot | 0x3 | ||||||||||||||||||||||||||||||||||||||||
nsects | 3 | ||||||||||||||||||||||||||||||||||||||||
flags | 0x0 | ||||||||||||||||||||||||||||||||||||||||
Datas |
|
Name | Value |
---|---|
segname | __LINKEDIT |
vmaddr | 0x100020000 |
vmsize | 0x8000 |
fileoff | 0x20000 |
filesize | 0x7EF0 |
maxprot | 0x1 |
initprot | 0x1 |
nsects | 0 |
flags | 0x0 |
dyld_info_command aggregated: 1 |
---|
Name | Value |
---|---|
rebase_off | 131072 |
rebase_size | 56 |
bind_off | 131128 |
bind_size | 1360 |
weak_bind_off | 132488 |
weak_bind_size | 120 |
lazy_bind_off | 132608 |
lazy_bind_size | 3744 |
export_off | 136352 |
export_size | 32 |
symtab_command aggregated: 1 |
---|
Name | Value |
---|---|
symoff | 136752 |
nsyms | 125 |
stroff | 139608 |
strsize | 4160 |
dysymtab_command aggregated: 1 |
---|
Name | Value |
---|---|
ilocalsym | 0 |
nlocalsym | 1 |
iextdefsym | 1 |
nextdefsym | 1 |
iundefsym | 2 |
nundefsym | 123 |
tocoff | 0 |
ntoc | 0 |
modtaboff | 0 |
nmodtab | 0 |
extrefsymoff | 0 |
nextrefsyms | 0 |
indirectsymoff | 138752 |
nindirectsyms | 214 |
extreloff | 0 |
nextrel | 0 |
locreloff | 0 |
nlocrel | 0 |
dylinker_command aggregated: 1 |
---|
Name | Value |
---|---|
name | 12 |
Datas |
uuid_command aggregated: 1 |
---|
Name | Value |
---|---|
uuid | b'\xec\x10\xd8Nr?=\x9a\x85$\xcd\xc7\x06t\x9dh' |
build_version_command aggregated: 1 |
---|
Name | Value |
---|---|
platform | 1 |
minos | 721664 |
sdk | 721664 |
ntools | 1 |
Datas |
source_version_command aggregated: 1 |
---|
Name | Value |
---|---|
version | 0 |
entry_point_command aggregated: 1 |
---|
Name | Value |
---|---|
entryoff | 25300 |
stacksize | 0 |
dylib_command aggregated: 3 |
---|
Name | Value |
---|---|
name | 24 |
timestamp | Thu Jan 1 01:00:02 1970 |
current_version | 9.0.0 |
compatibility_version | 7.0.0 |
Datas |
Name | Value |
---|---|
name | 24 |
timestamp | Thu Jan 1 01:00:02 1970 |
current_version | 905.6.0 |
compatibility_version | 1.0.0 |
Datas |
Name | Value |
---|---|
name | 24 |
timestamp | Thu Jan 1 01:00:02 1970 |
current_version | 1292.100.5 |
compatibility_version | 1.0.0 |
Datas |
linkedit_data_command aggregated: 3 |
---|
Name | Value |
---|---|
dataoff | 136384 |
datasize | 368 |
Name | Value |
---|---|
dataoff | 136752 |
datasize | 0 |
Name | Value |
---|---|
dataoff | 143776 |
datasize | 19792 |
Internal Symbols |
---|
__NSGetExecutablePath |
__Unwind_Resume |
__ZNKSt13runtime_error4whatEv |
__ZNKSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEE7compareEPKc |
__ZNKSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEE7compareEmmPKcm |
__ZNKSt3__120__vector_base_commonILb1EE20__throw_length_errorEv |
__ZNKSt3__121__basic_string_commonILb1EE20__throw_length_errorEv |
__ZNKSt3__16locale9has_facetERNS0_2idE |
__ZNKSt3__16locale9use_facetERNS0_2idE |
__ZNKSt3__18ios_base6getlocEv |
__ZNKSt9exception4whatEv |
__ZNSt11logic_errorC2EPKc |
__ZNSt12length_errorD1Ev |
__ZNSt13runtime_errorC1EPKc |
__ZNSt13runtime_errorC1ERKS_ |
__ZNSt13runtime_errorD1Ev |
__ZNSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEE5eraseEmm |
__ZNSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEE6appendEPKc |
__ZNSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEE6appendEPKcm |
__ZNSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEE6assignEPKc |
__ZNSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEE6insertEmPKc |
__ZNSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEE6resizeEmc |
__ZNSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEE9__grow_byEmmmmmm |
__ZNSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEE9push_backEc |
__ZNSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEEC1ERKS5_ |
__ZNSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEEC1ERKS5_mmRKS4_ |
__ZNSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEED1Ev |
__ZNSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEEaSERKS5_ |
__ZNSt3__113basic_ostreamIcNS_11char_traitsIcEEE5flushEv |
__ZNSt3__113basic_ostreamIcNS_11char_traitsIcEEE5writeEPKcl |
__ZNSt3__113basic_ostreamIcNS_11char_traitsIcEEE6sentryC1ERS3_ |
__ZNSt3__113basic_ostreamIcNS_11char_traitsIcEEE6sentryD1Ev |
__ZNSt3__113basic_ostreamIcNS_11char_traitsIcEEED0Ev |
__ZNSt3__113basic_ostreamIcNS_11char_traitsIcEEED1Ev |
__ZNSt3__113basic_ostreamIcNS_11char_traitsIcEEED2Ev |
__ZNSt3__113basic_ostreamIcNS_11char_traitsIcEEElsEi |
__ZNSt3__115basic_streambufIcNS_11char_traitsIcEEE5uflowEv |
__ZNSt3__115basic_streambufIcNS_11char_traitsIcEEE6xsgetnEPcl |
__ZNSt3__115basic_streambufIcNS_11char_traitsIcEEE6xsputnEPKcl |
__ZNSt3__115basic_streambufIcNS_11char_traitsIcEEE9showmanycEv |
__ZNSt3__115basic_streambufIcNS_11char_traitsIcEEEC2Ev |
__ZNSt3__115basic_streambufIcNS_11char_traitsIcEEED2Ev |
__ZNSt3__14__fs10filesystem14__current_pathEPNS_10error_codeE |
__ZNSt3__14__fs10filesystem18__create_directoryERKNS1_4pathEPNS_10error_codeE |
__ZNSt3__14__fs10filesystem8__removeERKNS1_4pathEPNS_10error_codeE |
__ZNSt3__14__fs10filesystem8__statusERKNS1_4pathEPNS_10error_codeE |
__ZNSt3__14cerrE |
__ZNSt3__14coutE |
__ZNSt3__15ctypeIcE2idE |
__ZNSt3__16localeC1ERKS0_ |
__ZNSt3__16localeD1Ev |
__ZNSt3__17codecvtIcc11__mbstate_tE2idE |
__ZNSt3__18ios_base33__set_badbit_and_consider_rethrowEv |
__ZNSt3__18ios_base4initEPv |
__ZNSt3__18ios_base5clearEj |
__ZNSt3__19basic_iosIcNS_11char_traitsIcEEED2Ev |
__ZNSt3__19to_stringEi |
__ZNSt3__19to_stringEm |
__ZNSt3__1plIcNS_11char_traitsIcEENS_9allocatorIcEEEENS_12basic_stringIT_T0_T1_EEPKS6_RKS9_ |
__ZNSt8bad_castC1Ev |
__ZNSt8bad_castD1Ev |
__ZNSt9exceptionD1Ev |
__ZNSt9exceptionD2Ev |
__ZSt9terminatev |
__ZTINSt3__113basic_ostreamIcNS_11char_traitsIcEEEE |
__ZTINSt3__115basic_streambufIcNS_11char_traitsIcEEEE |
__ZTISt12length_error |
__ZTISt13runtime_error |
__ZTISt8bad_cast |
__ZTISt9exception |
__ZTVN10__cxxabiv120__si_class_type_infoE |
__ZTVSt12length_error |
__ZTVSt9exception |
__ZTv0_n24_NSt3__113basic_ostreamIcNS_11char_traitsIcEEED0Ev |
__ZTv0_n24_NSt3__113basic_ostreamIcNS_11char_traitsIcEEED1Ev |
__ZdaPv |
__ZdlPv |
__Znam |
__Znwm |
___assert_rtn |
___cxa_allocate_exception |
___cxa_atexit |
___cxa_begin_catch |
___cxa_end_catch |
___cxa_free_exception |
___cxa_get_exception_ptr |
___cxa_throw |
___error |
___gxx_personality_v0 |
___stack_chk_fail |
___stack_chk_guard |
__mh_execute_header |
_bzero |
_curl_easy_cleanup |
_curl_easy_getinfo |
_curl_easy_init |
_curl_easy_perform |
_curl_easy_setopt |
_fclose |
_fflush |
_fgets |
_fopen |
_fread |
_fseek |
_fseeko |
_ftello |
_fwrite |
_localeconv |
_memchr |
_memcmp |
_memcpy |
_memmove |
_memset |
_pclose |
_popen |
_rand |
_sleep |
_snprintf |
_strlen |
_strtod |
_strtoll |
_strtoull |
_system |
dyld_stub_binder |
radr://5614542 |
External symbols |
---|
__NSGetExecutablePath |
__Unwind_Resume |
__ZNKSt13runtime_error4whatEv |
__ZNKSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEE7compareEPKc |
__ZNKSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEE7compareEmmPKcm |
__ZNKSt3__120__vector_base_commonILb1EE20__throw_length_errorEv |
__ZNKSt3__121__basic_string_commonILb1EE20__throw_length_errorEv |
__ZNKSt3__16locale9has_facetERNS0_2idE |
__ZNKSt3__16locale9use_facetERNS0_2idE |
__ZNKSt3__18ios_base6getlocEv |
__ZNSt11logic_errorC2EPKc |
__ZNSt13runtime_errorC1EPKc |
__ZNSt13runtime_errorC1ERKS_ |
__ZNSt13runtime_errorD1Ev |
__ZNSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEE5eraseEmm |
__ZNSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEE6appendEPKc |
__ZNSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEE6appendEPKcm |
__ZNSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEE6assignEPKc |
__ZNSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEE6insertEmPKc |
__ZNSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEE6resizeEmc |
__ZNSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEE9__grow_byEmmmmmm |
__ZNSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEE9push_backEc |
__ZNSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEEC1ERKS5_ |
__ZNSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEEC1ERKS5_mmRKS4_ |
__ZNSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEED1Ev |
__ZNSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEEaSERKS5_ |
__ZNSt3__113basic_ostreamIcNS_11char_traitsIcEEE5flushEv |
__ZNSt3__113basic_ostreamIcNS_11char_traitsIcEEE5writeEPKcl |
__ZNSt3__113basic_ostreamIcNS_11char_traitsIcEEE6sentryC1ERS3_ |
__ZNSt3__113basic_ostreamIcNS_11char_traitsIcEEE6sentryD1Ev |
__ZNSt3__113basic_ostreamIcNS_11char_traitsIcEEED2Ev |
__ZNSt3__113basic_ostreamIcNS_11char_traitsIcEEElsEi |
__ZNSt3__115basic_streambufIcNS_11char_traitsIcEEEC2Ev |
__ZNSt3__115basic_streambufIcNS_11char_traitsIcEEED2Ev |
__ZNSt3__14__fs10filesystem14__current_pathEPNS_10error_codeE |
__ZNSt3__14__fs10filesystem18__create_directoryERKNS1_4pathEPNS_10error_codeE |
__ZNSt3__14__fs10filesystem8__removeERKNS1_4pathEPNS_10error_codeE |
__ZNSt3__14__fs10filesystem8__statusERKNS1_4pathEPNS_10error_codeE |
__ZNSt3__16localeC1ERKS0_ |
__ZNSt3__16localeD1Ev |
__ZNSt3__18ios_base33__set_badbit_and_consider_rethrowEv |
__ZNSt3__18ios_base4initEPv |
__ZNSt3__18ios_base5clearEj |
__ZNSt3__19basic_iosIcNS_11char_traitsIcEEED2Ev |
__ZNSt3__19to_stringEi |
__ZNSt3__19to_stringEm |
__ZNSt3__1plIcNS_11char_traitsIcEENS_9allocatorIcEEEENS_12basic_stringIT_T0_T1_EEPKS6_RKS9_ |
__ZNSt8bad_castC1Ev |
__ZNSt9exceptionD1Ev |
__ZNSt9exceptionD2Ev |
__ZSt9terminatev |
___assert_rtn |
___cxa_allocate_exception |
___cxa_atexit |
___cxa_begin_catch |
___cxa_end_catch |
___cxa_free_exception |
___cxa_get_exception_ptr |
___cxa_throw |
___error |
___stack_chk_fail |
_bzero |
_curl_easy_cleanup |
_curl_easy_getinfo |
_curl_easy_init |
_curl_easy_perform |
_curl_easy_setopt |
_fclose |
_fflush |
_fgets |
_fopen |
_fread |
_fseek |
_fseeko |
_ftello |
_fwrite |
_localeconv |
_memchr |
_memcmp |
_memcpy |
_memmove |
_memset |
_pclose |
_popen |
_rand |
_sleep |
_snprintf |
_strlen |
_strtod |
_strtoll |
_strtoull |
_system |
Network Behavior |
---|
Snort IDS Alerts |
---|
Timestamp | Protocol | SID | Message | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|---|---|---|
01/12/22-12:26:23.106602 | UDP | 254 | DNS SPOOF query response with TTL of 1 min. and no authority | 53 | 55258 | 8.8.8.8 | 192.168.0.52 |
Network Port Distribution |
---|
TCP Packets |
---|
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Jan 12, 2022 12:24:32.231246948 CET | 49386 | 443 | 192.168.0.52 | 142.250.186.110 |
Jan 12, 2022 12:24:32.241853952 CET | 443 | 49386 | 142.250.186.110 | 192.168.0.52 |
Jan 12, 2022 12:24:32.242077112 CET | 49386 | 443 | 192.168.0.52 | 142.250.186.110 |
Jan 12, 2022 12:24:32.256373882 CET | 49386 | 443 | 192.168.0.52 | 142.250.186.110 |
Jan 12, 2022 12:24:32.267055988 CET | 443 | 49386 | 142.250.186.110 | 192.168.0.52 |
Jan 12, 2022 12:24:32.274384975 CET | 443 | 49386 | 142.250.186.110 | 192.168.0.52 |
Jan 12, 2022 12:24:32.274410963 CET | 443 | 49386 | 142.250.186.110 | 192.168.0.52 |
Jan 12, 2022 12:24:32.274426937 CET | 443 | 49386 | 142.250.186.110 | 192.168.0.52 |
Jan 12, 2022 12:24:32.274507999 CET | 443 | 49386 | 142.250.186.110 | 192.168.0.52 |
Jan 12, 2022 12:24:32.274525881 CET | 443 | 49386 | 142.250.186.110 | 192.168.0.52 |
Jan 12, 2022 12:24:32.274919033 CET | 49386 | 443 | 192.168.0.52 | 142.250.186.110 |
Jan 12, 2022 12:24:32.274972916 CET | 49386 | 443 | 192.168.0.52 | 142.250.186.110 |
Jan 12, 2022 12:24:32.274981976 CET | 49386 | 443 | 192.168.0.52 | 142.250.186.110 |
Jan 12, 2022 12:24:32.274987936 CET | 49386 | 443 | 192.168.0.52 | 142.250.186.110 |
Jan 12, 2022 12:24:32.274991989 CET | 49386 | 443 | 192.168.0.52 | 142.250.186.110 |
Jan 12, 2022 12:24:32.278945923 CET | 49386 | 443 | 192.168.0.52 | 142.250.186.110 |
Jan 12, 2022 12:24:32.279345036 CET | 49386 | 443 | 192.168.0.52 | 142.250.186.110 |
Jan 12, 2022 12:24:32.290148973 CET | 443 | 49386 | 142.250.186.110 | 192.168.0.52 |
Jan 12, 2022 12:24:32.290174961 CET | 443 | 49386 | 142.250.186.110 | 192.168.0.52 |
Jan 12, 2022 12:24:32.290450096 CET | 49386 | 443 | 192.168.0.52 | 142.250.186.110 |
Jan 12, 2022 12:24:32.290532112 CET | 49386 | 443 | 192.168.0.52 | 142.250.186.110 |
Jan 12, 2022 12:24:32.290663958 CET | 49386 | 443 | 192.168.0.52 | 142.250.186.110 |
Jan 12, 2022 12:24:32.290761948 CET | 49386 | 443 | 192.168.0.52 | 142.250.186.110 |
Jan 12, 2022 12:24:32.290774107 CET | 49386 | 443 | 192.168.0.52 | 142.250.186.110 |
Jan 12, 2022 12:24:32.290779114 CET | 49386 | 443 | 192.168.0.52 | 142.250.186.110 |
Jan 12, 2022 12:24:32.290889978 CET | 49386 | 443 | 192.168.0.52 | 142.250.186.110 |
Jan 12, 2022 12:24:32.299557924 CET | 443 | 49386 | 142.250.186.110 | 192.168.0.52 |
Jan 12, 2022 12:24:32.299864054 CET | 49386 | 443 | 192.168.0.52 | 142.250.186.110 |
Jan 12, 2022 12:24:32.301451921 CET | 443 | 49386 | 142.250.186.110 | 192.168.0.52 |
Jan 12, 2022 12:24:32.301554918 CET | 443 | 49386 | 142.250.186.110 | 192.168.0.52 |
Jan 12, 2022 12:24:32.301703930 CET | 49386 | 443 | 192.168.0.52 | 142.250.186.110 |
Jan 12, 2022 12:24:32.624437094 CET | 443 | 49386 | 142.250.186.110 | 192.168.0.52 |
Jan 12, 2022 12:24:32.624461889 CET | 443 | 49386 | 142.250.186.110 | 192.168.0.52 |
Jan 12, 2022 12:24:32.624478102 CET | 443 | 49386 | 142.250.186.110 | 192.168.0.52 |
Jan 12, 2022 12:24:32.624774933 CET | 49386 | 443 | 192.168.0.52 | 142.250.186.110 |
Jan 12, 2022 12:24:32.624813080 CET | 49386 | 443 | 192.168.0.52 | 142.250.186.110 |
Jan 12, 2022 12:24:32.624820948 CET | 49386 | 443 | 192.168.0.52 | 142.250.186.110 |
Jan 12, 2022 12:24:32.624953985 CET | 49386 | 443 | 192.168.0.52 | 142.250.186.110 |
Jan 12, 2022 12:24:32.640494108 CET | 443 | 49386 | 142.250.186.110 | 192.168.0.52 |
Jan 12, 2022 12:24:32.647367954 CET | 49387 | 443 | 192.168.0.52 | 142.250.186.65 |
Jan 12, 2022 12:24:32.658170938 CET | 443 | 49387 | 142.250.186.65 | 192.168.0.52 |
Jan 12, 2022 12:24:32.658458948 CET | 49387 | 443 | 192.168.0.52 | 142.250.186.65 |
Jan 12, 2022 12:24:32.665271044 CET | 49387 | 443 | 192.168.0.52 | 142.250.186.65 |
Jan 12, 2022 12:24:32.675985098 CET | 443 | 49387 | 142.250.186.65 | 192.168.0.52 |
Jan 12, 2022 12:24:32.683679104 CET | 443 | 49387 | 142.250.186.65 | 192.168.0.52 |
Jan 12, 2022 12:24:32.683705091 CET | 443 | 49387 | 142.250.186.65 | 192.168.0.52 |
Jan 12, 2022 12:24:32.683721066 CET | 443 | 49387 | 142.250.186.65 | 192.168.0.52 |
Jan 12, 2022 12:24:32.683737040 CET | 443 | 49387 | 142.250.186.65 | 192.168.0.52 |
Jan 12, 2022 12:24:32.683753014 CET | 443 | 49387 | 142.250.186.65 | 192.168.0.52 |
Jan 12, 2022 12:24:32.683769941 CET | 443 | 49387 | 142.250.186.65 | 192.168.0.52 |
Jan 12, 2022 12:24:32.683979034 CET | 49387 | 443 | 192.168.0.52 | 142.250.186.65 |
Jan 12, 2022 12:24:32.684017897 CET | 49387 | 443 | 192.168.0.52 | 142.250.186.65 |
Jan 12, 2022 12:24:32.684065104 CET | 49387 | 443 | 192.168.0.52 | 142.250.186.65 |
Jan 12, 2022 12:24:32.684072971 CET | 49387 | 443 | 192.168.0.52 | 142.250.186.65 |
Jan 12, 2022 12:24:32.684077978 CET | 49387 | 443 | 192.168.0.52 | 142.250.186.65 |
Jan 12, 2022 12:24:32.684082985 CET | 49387 | 443 | 192.168.0.52 | 142.250.186.65 |
Jan 12, 2022 12:24:32.685247898 CET | 49387 | 443 | 192.168.0.52 | 142.250.186.65 |
Jan 12, 2022 12:24:32.685461044 CET | 49387 | 443 | 192.168.0.52 | 142.250.186.65 |
Jan 12, 2022 12:24:32.696197033 CET | 443 | 49387 | 142.250.186.65 | 192.168.0.52 |
Jan 12, 2022 12:24:32.696219921 CET | 443 | 49387 | 142.250.186.65 | 192.168.0.52 |
Jan 12, 2022 12:24:32.696470022 CET | 49387 | 443 | 192.168.0.52 | 142.250.186.65 |
Jan 12, 2022 12:24:32.696522951 CET | 49387 | 443 | 192.168.0.52 | 142.250.186.65 |
Jan 12, 2022 12:24:32.696680069 CET | 49387 | 443 | 192.168.0.52 | 142.250.186.65 |
Jan 12, 2022 12:24:32.696698904 CET | 49387 | 443 | 192.168.0.52 | 142.250.186.65 |
Jan 12, 2022 12:24:32.696705103 CET | 49387 | 443 | 192.168.0.52 | 142.250.186.65 |
Jan 12, 2022 12:24:32.696711063 CET | 49387 | 443 | 192.168.0.52 | 142.250.186.65 |
Jan 12, 2022 12:24:32.696805954 CET | 49387 | 443 | 192.168.0.52 | 142.250.186.65 |
Jan 12, 2022 12:24:32.707474947 CET | 443 | 49387 | 142.250.186.65 | 192.168.0.52 |
Jan 12, 2022 12:24:32.707499027 CET | 443 | 49387 | 142.250.186.65 | 192.168.0.52 |
Jan 12, 2022 12:24:32.707587004 CET | 443 | 49387 | 142.250.186.65 | 192.168.0.52 |
Jan 12, 2022 12:24:32.707712889 CET | 49387 | 443 | 192.168.0.52 | 142.250.186.65 |
Jan 12, 2022 12:24:32.897717953 CET | 443 | 49387 | 142.250.186.65 | 192.168.0.52 |
Jan 12, 2022 12:24:32.897742987 CET | 443 | 49387 | 142.250.186.65 | 192.168.0.52 |
Jan 12, 2022 12:24:32.897758007 CET | 443 | 49387 | 142.250.186.65 | 192.168.0.52 |
Jan 12, 2022 12:24:32.897927999 CET | 443 | 49387 | 142.250.186.65 | 192.168.0.52 |
Jan 12, 2022 12:24:32.897943974 CET | 443 | 49387 | 142.250.186.65 | 192.168.0.52 |
Jan 12, 2022 12:24:32.898065090 CET | 49387 | 443 | 192.168.0.52 | 142.250.186.65 |
Jan 12, 2022 12:24:32.898103952 CET | 49387 | 443 | 192.168.0.52 | 142.250.186.65 |
Jan 12, 2022 12:24:32.898112059 CET | 49387 | 443 | 192.168.0.52 | 142.250.186.65 |
Jan 12, 2022 12:24:32.898117065 CET | 49387 | 443 | 192.168.0.52 | 142.250.186.65 |
Jan 12, 2022 12:24:32.898122072 CET | 49387 | 443 | 192.168.0.52 | 142.250.186.65 |
Jan 12, 2022 12:24:32.911829948 CET | 49388 | 443 | 192.168.0.52 | 23.254.131.176 |
Jan 12, 2022 12:24:33.041645050 CET | 443 | 49388 | 23.254.131.176 | 192.168.0.52 |
Jan 12, 2022 12:24:33.041908979 CET | 49388 | 443 | 192.168.0.52 | 23.254.131.176 |
Jan 12, 2022 12:24:33.050260067 CET | 49388 | 443 | 192.168.0.52 | 23.254.131.176 |
Jan 12, 2022 12:24:33.180021048 CET | 443 | 49388 | 23.254.131.176 | 192.168.0.52 |
Jan 12, 2022 12:24:33.180424929 CET | 443 | 49388 | 23.254.131.176 | 192.168.0.52 |
Jan 12, 2022 12:24:33.180541039 CET | 443 | 49388 | 23.254.131.176 | 192.168.0.52 |
Jan 12, 2022 12:24:33.180556059 CET | 443 | 49388 | 23.254.131.176 | 192.168.0.52 |
Jan 12, 2022 12:24:33.180572033 CET | 443 | 49388 | 23.254.131.176 | 192.168.0.52 |
Jan 12, 2022 12:24:33.180727959 CET | 49388 | 443 | 192.168.0.52 | 23.254.131.176 |
Jan 12, 2022 12:24:33.180857897 CET | 49388 | 443 | 192.168.0.52 | 23.254.131.176 |
Jan 12, 2022 12:24:33.180874109 CET | 49388 | 443 | 192.168.0.52 | 23.254.131.176 |
Jan 12, 2022 12:24:33.180879116 CET | 49388 | 443 | 192.168.0.52 | 23.254.131.176 |
Jan 12, 2022 12:24:33.181005955 CET | 49388 | 443 | 192.168.0.52 | 23.254.131.176 |
Jan 12, 2022 12:24:33.181808949 CET | 443 | 49388 | 23.254.131.176 | 192.168.0.52 |
Jan 12, 2022 12:24:33.182022095 CET | 49388 | 443 | 192.168.0.52 | 23.254.131.176 |
Jan 12, 2022 12:24:33.282469988 CET | 49388 | 443 | 192.168.0.52 | 23.254.131.176 |
Jan 12, 2022 12:24:33.412158966 CET | 443 | 49388 | 23.254.131.176 | 192.168.0.52 |
Jan 12, 2022 12:24:33.412329912 CET | 443 | 49388 | 23.254.131.176 | 192.168.0.52 |
Jan 12, 2022 12:24:33.412571907 CET | 49388 | 443 | 192.168.0.52 | 23.254.131.176 |
Jan 12, 2022 12:24:33.412847042 CET | 49388 | 443 | 192.168.0.52 | 23.254.131.176 |
Jan 12, 2022 12:24:33.542476892 CET | 443 | 49388 | 23.254.131.176 | 192.168.0.52 |
Jan 12, 2022 12:24:33.581893921 CET | 443 | 49388 | 23.254.131.176 | 192.168.0.52 |
Jan 12, 2022 12:24:33.582132101 CET | 49388 | 443 | 192.168.0.52 | 23.254.131.176 |
Jan 12, 2022 12:24:33.583276987 CET | 49390 | 443 | 192.168.0.52 | 23.254.131.176 |
Jan 12, 2022 12:24:33.717467070 CET | 443 | 49390 | 23.254.131.176 | 192.168.0.52 |
Jan 12, 2022 12:24:33.717742920 CET | 49390 | 443 | 192.168.0.52 | 23.254.131.176 |
Jan 12, 2022 12:24:33.726124048 CET | 49390 | 443 | 192.168.0.52 | 23.254.131.176 |
Jan 12, 2022 12:24:33.860353947 CET | 443 | 49390 | 23.254.131.176 | 192.168.0.52 |
Jan 12, 2022 12:24:33.860770941 CET | 443 | 49390 | 23.254.131.176 | 192.168.0.52 |
Jan 12, 2022 12:24:33.860887051 CET | 443 | 49390 | 23.254.131.176 | 192.168.0.52 |
Jan 12, 2022 12:24:33.860903025 CET | 443 | 49390 | 23.254.131.176 | 192.168.0.52 |
Jan 12, 2022 12:24:33.860918999 CET | 443 | 49390 | 23.254.131.176 | 192.168.0.52 |
Jan 12, 2022 12:24:33.860991955 CET | 49390 | 443 | 192.168.0.52 | 23.254.131.176 |
Jan 12, 2022 12:24:33.861160040 CET | 49390 | 443 | 192.168.0.52 | 23.254.131.176 |
Jan 12, 2022 12:24:33.861251116 CET | 49390 | 443 | 192.168.0.52 | 23.254.131.176 |
Jan 12, 2022 12:24:33.861259937 CET | 49390 | 443 | 192.168.0.52 | 23.254.131.176 |
Jan 12, 2022 12:24:33.861265898 CET | 49390 | 443 | 192.168.0.52 | 23.254.131.176 |
Jan 12, 2022 12:24:33.862267971 CET | 443 | 49390 | 23.254.131.176 | 192.168.0.52 |
Jan 12, 2022 12:24:33.862412930 CET | 49390 | 443 | 192.168.0.52 | 23.254.131.176 |
Jan 12, 2022 12:24:33.868345022 CET | 49390 | 443 | 192.168.0.52 | 23.254.131.176 |
Jan 12, 2022 12:24:34.002494097 CET | 443 | 49390 | 23.254.131.176 | 192.168.0.52 |
Jan 12, 2022 12:24:34.002696991 CET | 443 | 49390 | 23.254.131.176 | 192.168.0.52 |
Jan 12, 2022 12:24:34.002965927 CET | 49390 | 443 | 192.168.0.52 | 23.254.131.176 |
Jan 12, 2022 12:24:34.003237009 CET | 49390 | 443 | 192.168.0.52 | 23.254.131.176 |
Jan 12, 2022 12:24:34.137397051 CET | 443 | 49390 | 23.254.131.176 | 192.168.0.52 |
Jan 12, 2022 12:24:34.177234888 CET | 443 | 49390 | 23.254.131.176 | 192.168.0.52 |
Jan 12, 2022 12:24:34.177472115 CET | 49390 | 443 | 192.168.0.52 | 23.254.131.176 |
Jan 12, 2022 12:24:38.583427906 CET | 443 | 49388 | 23.254.131.176 | 192.168.0.52 |
Jan 12, 2022 12:24:38.583456039 CET | 443 | 49388 | 23.254.131.176 | 192.168.0.52 |
Jan 12, 2022 12:24:38.583686113 CET | 49388 | 443 | 192.168.0.52 | 23.254.131.176 |
Jan 12, 2022 12:24:38.583734035 CET | 49388 | 443 | 192.168.0.52 | 23.254.131.176 |
Jan 12, 2022 12:24:39.179584980 CET | 443 | 49390 | 23.254.131.176 | 192.168.0.52 |
Jan 12, 2022 12:24:39.179610014 CET | 443 | 49390 | 23.254.131.176 | 192.168.0.52 |
Jan 12, 2022 12:24:39.179945946 CET | 49390 | 443 | 192.168.0.52 | 23.254.131.176 |
Jan 12, 2022 12:24:39.180085897 CET | 49390 | 443 | 192.168.0.52 | 23.254.131.176 |
Jan 12, 2022 12:24:43.596776962 CET | 443 | 49380 | 2.16.12.64 | 192.168.0.52 |
Jan 12, 2022 12:24:43.596805096 CET | 443 | 49380 | 2.16.12.64 | 192.168.0.52 |
Jan 12, 2022 12:24:43.597165108 CET | 49380 | 443 | 192.168.0.52 | 2.16.12.64 |
Jan 12, 2022 12:24:43.597738981 CET | 49380 | 443 | 192.168.0.52 | 2.16.12.64 |
Jan 12, 2022 12:24:43.598381996 CET | 49380 | 443 | 192.168.0.52 | 2.16.12.64 |
Jan 12, 2022 12:24:43.606230974 CET | 443 | 49380 | 2.16.12.64 | 192.168.0.52 |
Jan 12, 2022 12:24:43.606744051 CET | 443 | 49380 | 2.16.12.64 | 192.168.0.52 |
Jan 12, 2022 12:24:43.722596884 CET | 443 | 49382 | 23.203.78.159 | 192.168.0.52 |
Jan 12, 2022 12:24:43.722623110 CET | 443 | 49382 | 23.203.78.159 | 192.168.0.52 |
Jan 12, 2022 12:24:43.722918034 CET | 49382 | 443 | 192.168.0.52 | 23.203.78.159 |
Jan 12, 2022 12:24:43.723048925 CET | 49382 | 443 | 192.168.0.52 | 23.203.78.159 |
Jan 12, 2022 12:24:43.723596096 CET | 49382 | 443 | 192.168.0.52 | 23.203.78.159 |
Jan 12, 2022 12:24:43.724293947 CET | 49382 | 443 | 192.168.0.52 | 23.203.78.159 |
Jan 12, 2022 12:24:43.734014034 CET | 443 | 49382 | 23.203.78.159 | 192.168.0.52 |
Jan 12, 2022 12:24:43.734792948 CET | 443 | 49382 | 23.203.78.159 | 192.168.0.52 |
Jan 12, 2022 12:24:46.033637047 CET | 49376 | 443 | 192.168.0.52 | 17.248.145.233 |
Jan 12, 2022 12:24:46.035135984 CET | 49376 | 443 | 192.168.0.52 | 17.248.145.233 |
Jan 12, 2022 12:24:46.042377949 CET | 443 | 49376 | 17.248.145.233 | 192.168.0.52 |
Jan 12, 2022 12:24:46.042404890 CET | 443 | 49376 | 17.248.145.233 | 192.168.0.52 |
Jan 12, 2022 12:24:46.042738914 CET | 49376 | 443 | 192.168.0.52 | 17.248.145.233 |
Jan 12, 2022 12:24:46.043585062 CET | 443 | 49376 | 17.248.145.233 | 192.168.0.52 |
Jan 12, 2022 12:25:01.179893970 CET | 49391 | 443 | 192.168.0.52 | 23.254.131.176 |
Jan 12, 2022 12:25:01.311676025 CET | 443 | 49391 | 23.254.131.176 | 192.168.0.52 |
Jan 12, 2022 12:25:01.312136889 CET | 49391 | 443 | 192.168.0.52 | 23.254.131.176 |
Jan 12, 2022 12:25:01.320502996 CET | 49391 | 443 | 192.168.0.52 | 23.254.131.176 |
Jan 12, 2022 12:25:01.452182055 CET | 443 | 49391 | 23.254.131.176 | 192.168.0.52 |
Jan 12, 2022 12:25:01.452580929 CET | 443 | 49391 | 23.254.131.176 | 192.168.0.52 |
Jan 12, 2022 12:25:01.452701092 CET | 443 | 49391 | 23.254.131.176 | 192.168.0.52 |
Jan 12, 2022 12:25:01.452718973 CET | 443 | 49391 | 23.254.131.176 | 192.168.0.52 |
Jan 12, 2022 12:25:01.452733994 CET | 443 | 49391 | 23.254.131.176 | 192.168.0.52 |
Jan 12, 2022 12:25:01.453093052 CET | 49391 | 443 | 192.168.0.52 | 23.254.131.176 |
Jan 12, 2022 12:25:01.453130960 CET | 49391 | 443 | 192.168.0.52 | 23.254.131.176 |
Jan 12, 2022 12:25:01.453138113 CET | 49391 | 443 | 192.168.0.52 | 23.254.131.176 |
Jan 12, 2022 12:25:01.453142881 CET | 49391 | 443 | 192.168.0.52 | 23.254.131.176 |
Jan 12, 2022 12:25:01.453252077 CET | 49391 | 443 | 192.168.0.52 | 23.254.131.176 |
Jan 12, 2022 12:25:01.454189062 CET | 443 | 49391 | 23.254.131.176 | 192.168.0.52 |
Jan 12, 2022 12:25:01.454626083 CET | 49391 | 443 | 192.168.0.52 | 23.254.131.176 |
Jan 12, 2022 12:25:01.472460985 CET | 49391 | 443 | 192.168.0.52 | 23.254.131.176 |
Jan 12, 2022 12:25:01.604696989 CET | 443 | 49391 | 23.254.131.176 | 192.168.0.52 |
Jan 12, 2022 12:25:01.604720116 CET | 443 | 49391 | 23.254.131.176 | 192.168.0.52 |
Jan 12, 2022 12:25:01.605209112 CET | 49391 | 443 | 192.168.0.52 | 23.254.131.176 |
Jan 12, 2022 12:25:01.605523109 CET | 49391 | 443 | 192.168.0.52 | 23.254.131.176 |
Jan 12, 2022 12:25:01.737090111 CET | 443 | 49391 | 23.254.131.176 | 192.168.0.52 |
Jan 12, 2022 12:25:01.777184963 CET | 443 | 49391 | 23.254.131.176 | 192.168.0.52 |
Jan 12, 2022 12:25:01.777442932 CET | 49391 | 443 | 192.168.0.52 | 23.254.131.176 |
Jan 12, 2022 12:25:06.781450033 CET | 443 | 49391 | 23.254.131.176 | 192.168.0.52 |
Jan 12, 2022 12:25:06.781478882 CET | 443 | 49391 | 23.254.131.176 | 192.168.0.52 |
Jan 12, 2022 12:25:06.781989098 CET | 49391 | 443 | 192.168.0.52 | 23.254.131.176 |
Jan 12, 2022 12:25:06.782026052 CET | 49391 | 443 | 192.168.0.52 | 23.254.131.176 |
Jan 12, 2022 12:25:25.788510084 CET | 49392 | 443 | 192.168.0.52 | 23.254.131.176 |
Jan 12, 2022 12:25:25.922662020 CET | 443 | 49392 | 23.254.131.176 | 192.168.0.52 |
Jan 12, 2022 12:25:25.923172951 CET | 49392 | 443 | 192.168.0.52 | 23.254.131.176 |
Jan 12, 2022 12:25:25.931626081 CET | 49392 | 443 | 192.168.0.52 | 23.254.131.176 |
Jan 12, 2022 12:25:26.065751076 CET | 443 | 49392 | 23.254.131.176 | 192.168.0.52 |
Jan 12, 2022 12:25:26.066400051 CET | 443 | 49392 | 23.254.131.176 | 192.168.0.52 |
Jan 12, 2022 12:25:26.066498041 CET | 443 | 49392 | 23.254.131.176 | 192.168.0.52 |
Jan 12, 2022 12:25:26.066508055 CET | 443 | 49392 | 23.254.131.176 | 192.168.0.52 |
Jan 12, 2022 12:25:26.066577911 CET | 443 | 49392 | 23.254.131.176 | 192.168.0.52 |
Jan 12, 2022 12:25:26.066654921 CET | 49392 | 443 | 192.168.0.52 | 23.254.131.176 |
Jan 12, 2022 12:25:26.066800117 CET | 49392 | 443 | 192.168.0.52 | 23.254.131.176 |
Jan 12, 2022 12:25:26.066814899 CET | 49392 | 443 | 192.168.0.52 | 23.254.131.176 |
Jan 12, 2022 12:25:26.066819906 CET | 49392 | 443 | 192.168.0.52 | 23.254.131.176 |
Jan 12, 2022 12:25:26.066894054 CET | 49392 | 443 | 192.168.0.52 | 23.254.131.176 |
Jan 12, 2022 12:25:26.068794012 CET | 443 | 49392 | 23.254.131.176 | 192.168.0.52 |
Jan 12, 2022 12:25:26.068969965 CET | 49392 | 443 | 192.168.0.52 | 23.254.131.176 |
Jan 12, 2022 12:25:26.082593918 CET | 49392 | 443 | 192.168.0.52 | 23.254.131.176 |
Jan 12, 2022 12:25:26.216708899 CET | 443 | 49392 | 23.254.131.176 | 192.168.0.52 |
Jan 12, 2022 12:25:26.216901064 CET | 443 | 49392 | 23.254.131.176 | 192.168.0.52 |
Jan 12, 2022 12:25:26.217175007 CET | 49392 | 443 | 192.168.0.52 | 23.254.131.176 |
Jan 12, 2022 12:25:26.217459917 CET | 49392 | 443 | 192.168.0.52 | 23.254.131.176 |
Jan 12, 2022 12:25:26.351445913 CET | 443 | 49392 | 23.254.131.176 | 192.168.0.52 |
Jan 12, 2022 12:25:26.408926010 CET | 443 | 49392 | 23.254.131.176 | 192.168.0.52 |
Jan 12, 2022 12:25:26.409413099 CET | 49392 | 443 | 192.168.0.52 | 23.254.131.176 |
Jan 12, 2022 12:25:31.411506891 CET | 443 | 49392 | 23.254.131.176 | 192.168.0.52 |
Jan 12, 2022 12:25:31.411520958 CET | 443 | 49392 | 23.254.131.176 | 192.168.0.52 |
Jan 12, 2022 12:25:31.411855936 CET | 49392 | 443 | 192.168.0.52 | 23.254.131.176 |
Jan 12, 2022 12:25:31.411900997 CET | 49392 | 443 | 192.168.0.52 | 23.254.131.176 |
Jan 12, 2022 12:25:54.417444944 CET | 49393 | 443 | 192.168.0.52 | 23.254.131.176 |
Jan 12, 2022 12:25:54.551661968 CET | 443 | 49393 | 23.254.131.176 | 192.168.0.52 |
Jan 12, 2022 12:25:54.552176952 CET | 49393 | 443 | 192.168.0.52 | 23.254.131.176 |
Jan 12, 2022 12:25:54.560523987 CET | 49393 | 443 | 192.168.0.52 | 23.254.131.176 |
Jan 12, 2022 12:25:54.694726944 CET | 443 | 49393 | 23.254.131.176 | 192.168.0.52 |
Jan 12, 2022 12:25:54.695301056 CET | 443 | 49393 | 23.254.131.176 | 192.168.0.52 |
Jan 12, 2022 12:25:54.695414066 CET | 443 | 49393 | 23.254.131.176 | 192.168.0.52 |
Jan 12, 2022 12:25:54.695431948 CET | 443 | 49393 | 23.254.131.176 | 192.168.0.52 |
Jan 12, 2022 12:25:54.695493937 CET | 443 | 49393 | 23.254.131.176 | 192.168.0.52 |
Jan 12, 2022 12:25:54.695883036 CET | 49393 | 443 | 192.168.0.52 | 23.254.131.176 |
Jan 12, 2022 12:25:54.695919991 CET | 49393 | 443 | 192.168.0.52 | 23.254.131.176 |
Jan 12, 2022 12:25:54.695926905 CET | 49393 | 443 | 192.168.0.52 | 23.254.131.176 |
Jan 12, 2022 12:25:54.695931911 CET | 49393 | 443 | 192.168.0.52 | 23.254.131.176 |
Jan 12, 2022 12:25:54.696100950 CET | 49393 | 443 | 192.168.0.52 | 23.254.131.176 |
Jan 12, 2022 12:25:54.697247028 CET | 443 | 49393 | 23.254.131.176 | 192.168.0.52 |
Jan 12, 2022 12:25:54.697715998 CET | 49393 | 443 | 192.168.0.52 | 23.254.131.176 |
Jan 12, 2022 12:25:54.757287979 CET | 49393 | 443 | 192.168.0.52 | 23.254.131.176 |
Jan 12, 2022 12:25:54.891419888 CET | 443 | 49393 | 23.254.131.176 | 192.168.0.52 |
Jan 12, 2022 12:25:54.891525984 CET | 443 | 49393 | 23.254.131.176 | 192.168.0.52 |
Jan 12, 2022 12:25:54.891928911 CET | 49393 | 443 | 192.168.0.52 | 23.254.131.176 |
Jan 12, 2022 12:25:54.892199039 CET | 49393 | 443 | 192.168.0.52 | 23.254.131.176 |
Jan 12, 2022 12:25:55.026298046 CET | 443 | 49393 | 23.254.131.176 | 192.168.0.52 |
Jan 12, 2022 12:25:55.081299067 CET | 443 | 49393 | 23.254.131.176 | 192.168.0.52 |
Jan 12, 2022 12:25:55.081568003 CET | 49393 | 443 | 192.168.0.52 | 23.254.131.176 |
Jan 12, 2022 12:26:00.086551905 CET | 443 | 49393 | 23.254.131.176 | 192.168.0.52 |
Jan 12, 2022 12:26:00.086580992 CET | 443 | 49393 | 23.254.131.176 | 192.168.0.52 |
Jan 12, 2022 12:26:00.087068081 CET | 49393 | 443 | 192.168.0.52 | 23.254.131.176 |
Jan 12, 2022 12:26:00.087115049 CET | 49393 | 443 | 192.168.0.52 | 23.254.131.176 |
Jan 12, 2022 12:26:19.407533884 CET | 443 | 49383 | 87.248.100.168 | 192.168.0.52 |
Jan 12, 2022 12:26:19.407562017 CET | 443 | 49383 | 87.248.100.168 | 192.168.0.52 |
Jan 12, 2022 12:26:19.407849073 CET | 49383 | 443 | 192.168.0.52 | 87.248.100.168 |
Jan 12, 2022 12:26:19.407938004 CET | 49383 | 443 | 192.168.0.52 | 87.248.100.168 |
Jan 12, 2022 12:26:19.408190012 CET | 49383 | 443 | 192.168.0.52 | 87.248.100.168 |
Jan 12, 2022 12:26:19.408323050 CET | 49383 | 443 | 192.168.0.52 | 87.248.100.168 |
Jan 12, 2022 12:26:19.444021940 CET | 443 | 49383 | 87.248.100.168 | 192.168.0.52 |
Jan 12, 2022 12:26:19.444050074 CET | 443 | 49383 | 87.248.100.168 | 192.168.0.52 |
Jan 12, 2022 12:26:23.111180067 CET | 49394 | 443 | 192.168.0.52 | 23.254.131.176 |
Jan 12, 2022 12:26:23.242961884 CET | 443 | 49394 | 23.254.131.176 | 192.168.0.52 |
Jan 12, 2022 12:26:23.243464947 CET | 49394 | 443 | 192.168.0.52 | 23.254.131.176 |
Jan 12, 2022 12:26:23.251816988 CET | 49394 | 443 | 192.168.0.52 | 23.254.131.176 |
Jan 12, 2022 12:26:23.386234999 CET | 443 | 49394 | 23.254.131.176 | 192.168.0.52 |
Jan 12, 2022 12:26:23.386276960 CET | 443 | 49394 | 23.254.131.176 | 192.168.0.52 |
Jan 12, 2022 12:26:23.386295080 CET | 443 | 49394 | 23.254.131.176 | 192.168.0.52 |
Jan 12, 2022 12:26:23.386374950 CET | 443 | 49394 | 23.254.131.176 | 192.168.0.52 |
Jan 12, 2022 12:26:23.386390924 CET | 443 | 49394 | 23.254.131.176 | 192.168.0.52 |
Jan 12, 2022 12:26:23.386751890 CET | 443 | 49394 | 23.254.131.176 | 192.168.0.52 |
Jan 12, 2022 12:26:23.386790037 CET | 49394 | 443 | 192.168.0.52 | 23.254.131.176 |
Jan 12, 2022 12:26:23.386833906 CET | 49394 | 443 | 192.168.0.52 | 23.254.131.176 |
Jan 12, 2022 12:26:23.386841059 CET | 49394 | 443 | 192.168.0.52 | 23.254.131.176 |
Jan 12, 2022 12:26:23.386846066 CET | 49394 | 443 | 192.168.0.52 | 23.254.131.176 |
Jan 12, 2022 12:26:23.387013912 CET | 49394 | 443 | 192.168.0.52 | 23.254.131.176 |
Jan 12, 2022 12:26:23.387028933 CET | 49394 | 443 | 192.168.0.52 | 23.254.131.176 |
Jan 12, 2022 12:26:23.448168993 CET | 49394 | 443 | 192.168.0.52 | 23.254.131.176 |
Jan 12, 2022 12:26:23.580516100 CET | 443 | 49394 | 23.254.131.176 | 192.168.0.52 |
Jan 12, 2022 12:26:23.580545902 CET | 443 | 49394 | 23.254.131.176 | 192.168.0.52 |
Jan 12, 2022 12:26:23.580984116 CET | 49394 | 443 | 192.168.0.52 | 23.254.131.176 |
Jan 12, 2022 12:26:23.581298113 CET | 49394 | 443 | 192.168.0.52 | 23.254.131.176 |
Jan 12, 2022 12:26:23.712938070 CET | 443 | 49394 | 23.254.131.176 | 192.168.0.52 |
Jan 12, 2022 12:26:23.763300896 CET | 443 | 49394 | 23.254.131.176 | 192.168.0.52 |
Jan 12, 2022 12:26:23.763818979 CET | 49394 | 443 | 192.168.0.52 | 23.254.131.176 |
Jan 12, 2022 12:26:28.765085936 CET | 443 | 49394 | 23.254.131.176 | 192.168.0.52 |
Jan 12, 2022 12:26:28.765110016 CET | 443 | 49394 | 23.254.131.176 | 192.168.0.52 |
Jan 12, 2022 12:26:28.765657902 CET | 49394 | 443 | 192.168.0.52 | 23.254.131.176 |
Jan 12, 2022 12:26:28.765702009 CET | 49394 | 443 | 192.168.0.52 | 23.254.131.176 |
UDP Packets |
---|
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Jan 12, 2022 12:24:32.209127903 CET | 55726 | 53 | 192.168.0.52 | 8.8.8.8 |
Jan 12, 2022 12:24:32.226963997 CET | 53 | 55726 | 8.8.8.8 | 192.168.0.52 |
Jan 12, 2022 12:24:32.625469923 CET | 55471 | 53 | 192.168.0.52 | 8.8.8.8 |
Jan 12, 2022 12:24:32.642790079 CET | 53 | 55471 | 8.8.8.8 | 192.168.0.52 |
Jan 12, 2022 12:24:32.898838043 CET | 57192 | 53 | 192.168.0.52 | 8.8.8.8 |
Jan 12, 2022 12:24:32.910195112 CET | 53 | 57192 | 8.8.8.8 | 192.168.0.52 |
Jan 12, 2022 12:24:33.242552042 CET | 55894 | 53 | 192.168.0.52 | 8.8.8.8 |
Jan 12, 2022 12:24:33.242594957 CET | 58972 | 53 | 192.168.0.52 | 8.8.8.8 |
Jan 12, 2022 12:24:33.251610994 CET | 53 | 55894 | 8.8.8.8 | 192.168.0.52 |
Jan 12, 2022 12:24:33.268779039 CET | 53 | 57518 | 8.8.8.8 | 192.168.0.52 |
Jan 12, 2022 12:25:25.788453102 CET | 50301 | 53 | 192.168.0.52 | 8.8.8.8 |
Jan 12, 2022 12:25:25.799916029 CET | 53 | 50301 | 8.8.8.8 | 192.168.0.52 |
Jan 12, 2022 12:26:23.093640089 CET | 55258 | 53 | 192.168.0.52 | 8.8.8.8 |
Jan 12, 2022 12:26:23.106601954 CET | 53 | 55258 | 8.8.8.8 | 192.168.0.52 |
Jan 12, 2022 12:26:26.600526094 CET | 53 | 49168 | 8.8.8.8 | 192.168.0.52 |
DNS Queries |
---|
Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class |
---|---|---|---|---|---|---|---|
Jan 12, 2022 12:24:32.209127903 CET | 192.168.0.52 | 8.8.8.8 | 0x3e01 | Standard query (0) | A (IP address) | IN (0x0001) | |
Jan 12, 2022 12:24:32.625469923 CET | 192.168.0.52 | 8.8.8.8 | 0xaa3 | Standard query (0) | A (IP address) | IN (0x0001) | |
Jan 12, 2022 12:24:32.898838043 CET | 192.168.0.52 | 8.8.8.8 | 0x86a0 | Standard query (0) | A (IP address) | IN (0x0001) | |
Jan 12, 2022 12:24:33.242552042 CET | 192.168.0.52 | 8.8.8.8 | 0xf38e | Standard query (0) | 65 | IN (0x0001) | |
Jan 12, 2022 12:24:33.242594957 CET | 192.168.0.52 | 8.8.8.8 | 0xa1a8 | Standard query (0) | A (IP address) | IN (0x0001) | |
Jan 12, 2022 12:25:25.788453102 CET | 192.168.0.52 | 8.8.8.8 | 0xd9de | Standard query (0) | A (IP address) | IN (0x0001) | |
Jan 12, 2022 12:26:23.093640089 CET | 192.168.0.52 | 8.8.8.8 | 0x1c6 | Standard query (0) | A (IP address) | IN (0x0001) |
DNS Answers |
---|
Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class |
---|---|---|---|---|---|---|---|---|---|
Jan 12, 2022 12:24:32.226963997 CET | 8.8.8.8 | 192.168.0.52 | 0x3e01 | No error (0) | 142.250.186.110 | A (IP address) | IN (0x0001) | ||
Jan 12, 2022 12:24:32.642790079 CET | 8.8.8.8 | 192.168.0.52 | 0xaa3 | No error (0) | googlehosted.l.googleusercontent.com | CNAME (Canonical name) | IN (0x0001) | ||
Jan 12, 2022 12:24:32.642790079 CET | 8.8.8.8 | 192.168.0.52 | 0xaa3 | No error (0) | 142.250.186.65 | A (IP address) | IN (0x0001) | ||
Jan 12, 2022 12:24:32.910195112 CET | 8.8.8.8 | 192.168.0.52 | 0x86a0 | No error (0) | 23.254.131.176 | A (IP address) | IN (0x0001) | ||
Jan 12, 2022 12:24:33.259341955 CET | 8.8.8.8 | 192.168.0.52 | 0xa1a8 | No error (0) | o.lencr.edgesuite.net | CNAME (Canonical name) | IN (0x0001) | ||
Jan 12, 2022 12:25:25.799916029 CET | 8.8.8.8 | 192.168.0.52 | 0xd9de | No error (0) | 23.254.131.176 | A (IP address) | IN (0x0001) | ||
Jan 12, 2022 12:26:23.106601954 CET | 8.8.8.8 | 192.168.0.52 | 0x1c6 | No error (0) | 23.254.131.176 | A (IP address) | IN (0x0001) |
HTTPS Packets |
---|
Timestamp | Source IP | Source Port | Dest IP | Dest Port | Subject | Issuer | Not Before | Not After | JA3 SSL Client Fingerprint | JA3 SSL Client Digest |
---|---|---|---|---|---|---|---|---|---|---|
Jan 12, 2022 12:24:32.274525881 CET | 142.250.186.110 | 443 | 192.168.0.52 | 49386 | CN=*.google.com CN=GTS CA 1C3, O=Google Trust Services LLC, C=US CN=GTS Root R1, O=Google Trust Services LLC, C=US | CN=GTS CA 1C3, O=Google Trust Services LLC, C=US CN=GTS Root R1, O=Google Trust Services LLC, C=US CN=GlobalSign Root CA, OU=Root CA, O=GlobalSign nv-sa, C=BE | Mon Nov 29 03:22:33 CET 2021 Thu Aug 13 02:00:42 CEST 2020 Fri Jun 19 02:00:42 CEST 2020 | Mon Feb 21 03:22:32 CET 2022 Thu Sep 30 02:00:42 CEST 2027 Fri Jan 28 01:00:42 CET 2028 | 771,49200-49196-49192-49188-49172-49162-159-107-57-52393-52392-52394-65413-196-136-129-157-61-53-192-132-49199-49195-49191-49187-49171-49161-158-103-51-190-69-156-60-47-186-65-49169-49159-5-4-49170-49160-22-10-255,0-11-10-13-16,29-23-24,0 | 3faa4ad39f690c4ef1c3160caa375465 |
CN=GTS CA 1C3, O=Google Trust Services LLC, C=US | CN=GTS Root R1, O=Google Trust Services LLC, C=US | Thu Aug 13 02:00:42 CEST 2020 | Thu Sep 30 02:00:42 CEST 2027 | |||||||
CN=GTS Root R1, O=Google Trust Services LLC, C=US | CN=GlobalSign Root CA, OU=Root CA, O=GlobalSign nv-sa, C=BE | Fri Jun 19 02:00:42 CEST 2020 | Fri Jan 28 01:00:42 CET 2028 | |||||||
Jan 12, 2022 12:24:32.683769941 CET | 142.250.186.65 | 443 | 192.168.0.52 | 49387 | CN=*.googleusercontent.com CN=GTS CA 1C3, O=Google Trust Services LLC, C=US CN=GTS Root R1, O=Google Trust Services LLC, C=US | CN=GTS CA 1C3, O=Google Trust Services LLC, C=US CN=GTS Root R1, O=Google Trust Services LLC, C=US CN=GlobalSign Root CA, OU=Root CA, O=GlobalSign nv-sa, C=BE | Mon Nov 29 04:04:39 CET 2021 Thu Aug 13 02:00:42 CEST 2020 Fri Jun 19 02:00:42 CEST 2020 | Mon Feb 21 04:04:38 CET 2022 Thu Sep 30 02:00:42 CEST 2027 Fri Jan 28 01:00:42 CET 2028 | 771,49200-49196-49192-49188-49172-49162-159-107-57-52393-52392-52394-65413-196-136-129-157-61-53-192-132-49199-49195-49191-49187-49171-49161-158-103-51-190-69-156-60-47-186-65-49169-49159-5-4-49170-49160-22-10-255,0-11-10-13-16,29-23-24,0 | 3faa4ad39f690c4ef1c3160caa375465 |
CN=GTS CA 1C3, O=Google Trust Services LLC, C=US | CN=GTS Root R1, O=Google Trust Services LLC, C=US | Thu Aug 13 02:00:42 CEST 2020 | Thu Sep 30 02:00:42 CEST 2027 | |||||||
CN=GTS Root R1, O=Google Trust Services LLC, C=US | CN=GlobalSign Root CA, OU=Root CA, O=GlobalSign nv-sa, C=BE | Fri Jun 19 02:00:42 CEST 2020 | Fri Jan 28 01:00:42 CET 2028 | |||||||
Jan 12, 2022 12:24:33.181808949 CET | 23.254.131.176 | 443 | 192.168.0.52 | 49388 | CN=graphic-updater.com CN=R3, O=Let's Encrypt, C=US CN=ISRG Root X1, O=Internet Security Research Group, C=US | CN=R3, O=Let's Encrypt, C=US CN=ISRG Root X1, O=Internet Security Research Group, C=US CN=DST Root CA X3, O=Digital Signature Trust Co. | Thu Dec 23 11:49:30 CET 2021 Fri Sep 04 02:00:00 CEST 2020 Wed Jan 20 20:14:03 CET 2021 | Wed Mar 23 11:49:29 CET 2022 Mon Sep 15 18:00:00 CEST 2025 Mon Sep 30 20:14:03 CEST 2024 | 771,49200-49196-49192-49188-49172-49162-159-107-57-52393-52392-52394-65413-196-136-129-157-61-53-192-132-49199-49195-49191-49187-49171-49161-158-103-51-190-69-156-60-47-186-65-49169-49159-5-4-49170-49160-22-10-255,0-11-10-13-16,29-23-24,0 | 3faa4ad39f690c4ef1c3160caa375465 |
CN=R3, O=Let's Encrypt, C=US | CN=ISRG Root X1, O=Internet Security Research Group, C=US | Fri Sep 04 02:00:00 CEST 2020 | Mon Sep 15 18:00:00 CEST 2025 | |||||||
CN=ISRG Root X1, O=Internet Security Research Group, C=US | CN=DST Root CA X3, O=Digital Signature Trust Co. | Wed Jan 20 20:14:03 CET 2021 | Mon Sep 30 20:14:03 CEST 2024 | |||||||
Jan 12, 2022 12:24:33.862267971 CET | 23.254.131.176 | 443 | 192.168.0.52 | 49390 | CN=graphic-updater.com CN=R3, O=Let's Encrypt, C=US CN=ISRG Root X1, O=Internet Security Research Group, C=US | CN=R3, O=Let's Encrypt, C=US CN=ISRG Root X1, O=Internet Security Research Group, C=US CN=DST Root CA X3, O=Digital Signature Trust Co. | Thu Dec 23 11:49:30 CET 2021 Fri Sep 04 02:00:00 CEST 2020 Wed Jan 20 20:14:03 CET 2021 | Wed Mar 23 11:49:29 CET 2022 Mon Sep 15 18:00:00 CEST 2025 Mon Sep 30 20:14:03 CEST 2024 | 771,49200-49196-49192-49188-49172-49162-159-107-57-52393-52392-52394-65413-196-136-129-157-61-53-192-132-49199-49195-49191-49187-49171-49161-158-103-51-190-69-156-60-47-186-65-49169-49159-5-4-49170-49160-22-10-255,0-11-10-13-16,29-23-24,0 | 3faa4ad39f690c4ef1c3160caa375465 |
CN=R3, O=Let's Encrypt, C=US | CN=ISRG Root X1, O=Internet Security Research Group, C=US | Fri Sep 04 02:00:00 CEST 2020 | Mon Sep 15 18:00:00 CEST 2025 | |||||||
CN=ISRG Root X1, O=Internet Security Research Group, C=US | CN=DST Root CA X3, O=Digital Signature Trust Co. | Wed Jan 20 20:14:03 CET 2021 | Mon Sep 30 20:14:03 CEST 2024 | |||||||
Jan 12, 2022 12:25:01.454189062 CET | 23.254.131.176 | 443 | 192.168.0.52 | 49391 | CN=graphic-updater.com CN=R3, O=Let's Encrypt, C=US CN=ISRG Root X1, O=Internet Security Research Group, C=US | CN=R3, O=Let's Encrypt, C=US CN=ISRG Root X1, O=Internet Security Research Group, C=US CN=DST Root CA X3, O=Digital Signature Trust Co. | Thu Dec 23 11:49:30 CET 2021 Fri Sep 04 02:00:00 CEST 2020 Wed Jan 20 20:14:03 CET 2021 | Wed Mar 23 11:49:29 CET 2022 Mon Sep 15 18:00:00 CEST 2025 Mon Sep 30 20:14:03 CEST 2024 | 771,49200-49196-49192-49188-49172-49162-159-107-57-52393-52392-52394-65413-196-136-129-157-61-53-192-132-49199-49195-49191-49187-49171-49161-158-103-51-190-69-156-60-47-186-65-49169-49159-5-4-49170-49160-22-10-255,0-11-10-13-16,29-23-24,0 | 3faa4ad39f690c4ef1c3160caa375465 |
CN=R3, O=Let's Encrypt, C=US | CN=ISRG Root X1, O=Internet Security Research Group, C=US | Fri Sep 04 02:00:00 CEST 2020 | Mon Sep 15 18:00:00 CEST 2025 | |||||||
CN=ISRG Root X1, O=Internet Security Research Group, C=US | CN=DST Root CA X3, O=Digital Signature Trust Co. | Wed Jan 20 20:14:03 CET 2021 | Mon Sep 30 20:14:03 CEST 2024 | |||||||
Jan 12, 2022 12:25:26.068794012 CET | 23.254.131.176 | 443 | 192.168.0.52 | 49392 | CN=graphic-updater.com CN=R3, O=Let's Encrypt, C=US CN=ISRG Root X1, O=Internet Security Research Group, C=US | CN=R3, O=Let's Encrypt, C=US CN=ISRG Root X1, O=Internet Security Research Group, C=US CN=DST Root CA X3, O=Digital Signature Trust Co. | Thu Dec 23 11:49:30 CET 2021 Fri Sep 04 02:00:00 CEST 2020 Wed Jan 20 20:14:03 CET 2021 | Wed Mar 23 11:49:29 CET 2022 Mon Sep 15 18:00:00 CEST 2025 Mon Sep 30 20:14:03 CEST 2024 | 771,49200-49196-49192-49188-49172-49162-159-107-57-52393-52392-52394-65413-196-136-129-157-61-53-192-132-49199-49195-49191-49187-49171-49161-158-103-51-190-69-156-60-47-186-65-49169-49159-5-4-49170-49160-22-10-255,0-11-10-13-16,29-23-24,0 | 3faa4ad39f690c4ef1c3160caa375465 |
CN=R3, O=Let's Encrypt, C=US | CN=ISRG Root X1, O=Internet Security Research Group, C=US | Fri Sep 04 02:00:00 CEST 2020 | Mon Sep 15 18:00:00 CEST 2025 | |||||||
CN=ISRG Root X1, O=Internet Security Research Group, C=US | CN=DST Root CA X3, O=Digital Signature Trust Co. | Wed Jan 20 20:14:03 CET 2021 | Mon Sep 30 20:14:03 CEST 2024 | |||||||
Jan 12, 2022 12:25:54.697247028 CET | 23.254.131.176 | 443 | 192.168.0.52 | 49393 | CN=graphic-updater.com CN=R3, O=Let's Encrypt, C=US CN=ISRG Root X1, O=Internet Security Research Group, C=US | CN=R3, O=Let's Encrypt, C=US CN=ISRG Root X1, O=Internet Security Research Group, C=US CN=DST Root CA X3, O=Digital Signature Trust Co. | Thu Dec 23 11:49:30 CET 2021 Fri Sep 04 02:00:00 CEST 2020 Wed Jan 20 20:14:03 CET 2021 | Wed Mar 23 11:49:29 CET 2022 Mon Sep 15 18:00:00 CEST 2025 Mon Sep 30 20:14:03 CEST 2024 | 771,49200-49196-49192-49188-49172-49162-159-107-57-52393-52392-52394-65413-196-136-129-157-61-53-192-132-49199-49195-49191-49187-49171-49161-158-103-51-190-69-156-60-47-186-65-49169-49159-5-4-49170-49160-22-10-255,0-11-10-13-16,29-23-24,0 | 3faa4ad39f690c4ef1c3160caa375465 |
CN=R3, O=Let's Encrypt, C=US | CN=ISRG Root X1, O=Internet Security Research Group, C=US | Fri Sep 04 02:00:00 CEST 2020 | Mon Sep 15 18:00:00 CEST 2025 | |||||||
CN=ISRG Root X1, O=Internet Security Research Group, C=US | CN=DST Root CA X3, O=Digital Signature Trust Co. | Wed Jan 20 20:14:03 CET 2021 | Mon Sep 30 20:14:03 CEST 2024 | |||||||
Jan 12, 2022 12:26:23.386751890 CET | 23.254.131.176 | 443 | 192.168.0.52 | 49394 | CN=graphic-updater.com CN=R3, O=Let's Encrypt, C=US CN=ISRG Root X1, O=Internet Security Research Group, C=US | CN=R3, O=Let's Encrypt, C=US CN=ISRG Root X1, O=Internet Security Research Group, C=US CN=DST Root CA X3, O=Digital Signature Trust Co. | Thu Dec 23 11:49:30 CET 2021 Fri Sep 04 02:00:00 CEST 2020 Wed Jan 20 20:14:03 CET 2021 | Wed Mar 23 11:49:29 CET 2022 Mon Sep 15 18:00:00 CEST 2025 Mon Sep 30 20:14:03 CEST 2024 | 771,49200-49196-49192-49188-49172-49162-159-107-57-52393-52392-52394-65413-196-136-129-157-61-53-192-132-49199-49195-49191-49187-49171-49161-158-103-51-190-69-156-60-47-186-65-49169-49159-5-4-49170-49160-22-10-255,0-11-10-13-16,29-23-24,0 | 3faa4ad39f690c4ef1c3160caa375465 |
CN=R3, O=Let's Encrypt, C=US | CN=ISRG Root X1, O=Internet Security Research Group, C=US | Fri Sep 04 02:00:00 CEST 2020 | Mon Sep 15 18:00:00 CEST 2025 | |||||||
CN=ISRG Root X1, O=Internet Security Research Group, C=US | CN=DST Root CA X3, O=Digital Signature Trust Co. | Wed Jan 20 20:14:03 CET 2021 | Mon Sep 30 20:14:03 CEST 2024 |
System Behavior |
---|
General |
---|
Start time: | 12:24:30 |
Start date: | 12/01/2022 |
Path: | /Library/Frameworks/Mono.framework/Versions/6.12.0/bin/mono-sgen64 |
Arguments: | n/a |
File size: | 4699168 bytes |
MD5 hash: | 98f65da8c6a62423d3f4cda359f06a87 |
General |
---|
Start time: | 12:24:30 |
Start date: | 12/01/2022 |
Path: | /usr/bin/sudo |
Arguments: | /usr/bin/sudo -u drew /Users/drew/Desktop/types-config.ts |
File size: | 1216576 bytes |
MD5 hash: | f21c2a2dc106642f7c38801e121c8c86 |
General |
---|
Start time: | 12:24:30 |
Start date: | 12/01/2022 |
Path: | /usr/bin/sudo |
Arguments: | n/a |
File size: | 1216576 bytes |
MD5 hash: | f21c2a2dc106642f7c38801e121c8c86 |
General |
---|
Start time: | 12:24:30 |
Start date: | 12/01/2022 |
Path: | /Users/drew/Desktop/types-config.ts |
Arguments: | /Users/drew/Desktop/types-config.ts |
File size: | 360176 bytes |
MD5 hash: | e06e06752509f9cd8bc85aa1aa24dba2 |
General |
---|
Start time: | 12:24:30 |
Start date: | 12/01/2022 |
Path: | /bin/sh |
Arguments: | n/a |
File size: | 120912 bytes |
MD5 hash: | 8356936fbf1eeb3548896b9206a685a0 |
General |
---|
Start time: | 12:24:30 |
Start date: | 12/01/2022 |
Path: | /bin/bash |
Arguments: | sh -c whoami |
File size: | 1296704 bytes |
MD5 hash: | c1edb59ec6a40884fc3c4e201d31b1d5 |
General |
---|
Start time: | 12:24:30 |
Start date: | 12/01/2022 |
Path: | /usr/bin/whoami |
Arguments: | whoami |
File size: | 121616 bytes |
MD5 hash: | a7145a94a0b3935eed99abc716a33989 |
General |
---|
Start time: | 12:24:30 |
Start date: | 12/01/2022 |
Path: | /bin/sh |
Arguments: | n/a |
File size: | 120912 bytes |
MD5 hash: | 8356936fbf1eeb3548896b9206a685a0 |
General |
---|
Start time: | 12:24:30 |
Start date: | 12/01/2022 |
Path: | /bin/bash |
Arguments: | sh -c cp '/Users/drew/Desktop/types-config.ts' '/Users/drew/Library/MacOsServices/updateMacOs' |
File size: | 1296704 bytes |
MD5 hash: | c1edb59ec6a40884fc3c4e201d31b1d5 |
General |
---|
Start time: | 12:24:30 |
Start date: | 12/01/2022 |
Path: | /bin/cp |
Arguments: | cp /Users/drew/Desktop/types-config.ts /Users/drew/Library/MacOsServices/updateMacOs |
File size: | 123264 bytes |
MD5 hash: | 9007c6e0352122c17fbcea99739b716e |
General |
---|
Start time: | 12:24:30 |
Start date: | 12/01/2022 |
Path: | /bin/sh |
Arguments: | n/a |
File size: | 120912 bytes |
MD5 hash: | 8356936fbf1eeb3548896b9206a685a0 |
General |
---|
Start time: | 12:24:30 |
Start date: | 12/01/2022 |
Path: | /bin/bash |
Arguments: | sh -c nohup '/Users/drew/Library/MacOsServices/updateMacOs' >/dev/null 2>&1 & |
File size: | 1296704 bytes |
MD5 hash: | c1edb59ec6a40884fc3c4e201d31b1d5 |
General |
---|
Start time: | 12:24:31 |
Start date: | 12/01/2022 |
Path: | /bin/bash |
Arguments: | n/a |
File size: | 1296704 bytes |
MD5 hash: | c1edb59ec6a40884fc3c4e201d31b1d5 |
General |
---|
Start time: | 12:24:31 |
Start date: | 12/01/2022 |
Path: | /usr/bin/nohup |
Arguments: | nohup /Users/drew/Library/MacOsServices/updateMacOs |
File size: | 121168 bytes |
MD5 hash: | e702c2d1c6eb0f386453aaa563b2380b |
General |
---|
Start time: | 12:24:31 |
Start date: | 12/01/2022 |
Path: | /Users/drew/Library/MacOsServices/updateMacOs |
Arguments: | /Users/drew/Library/MacOsServices/updateMacOs |
File size: | 360176 bytes |
MD5 hash: | e06e06752509f9cd8bc85aa1aa24dba2 |
General |
---|
Start time: | 12:24:31 |
Start date: | 12/01/2022 |
Path: | /bin/sh |
Arguments: | n/a |
File size: | 120912 bytes |
MD5 hash: | 8356936fbf1eeb3548896b9206a685a0 |
General |
---|
Start time: | 12:24:31 |
Start date: | 12/01/2022 |
Path: | /bin/bash |
Arguments: | sh -c whoami |
File size: | 1296704 bytes |
MD5 hash: | c1edb59ec6a40884fc3c4e201d31b1d5 |
General |
---|
Start time: | 12:24:31 |
Start date: | 12/01/2022 |
Path: | /usr/bin/whoami |
Arguments: | whoami |
File size: | 121616 bytes |
MD5 hash: | a7145a94a0b3935eed99abc716a33989 |