Play interactive tour
Edit tourmacOS Analysis Report types-config.ts
Overview
General Information
| Sample Name: | types-config.ts |
| Analysis ID: | 1708605 |
| MD5: | e06e06752509f9cd8bc85aa1aa24dba2 |
| SHA1: | 554aef8bf44e7fa941e1190e41c8770e90f07254 |
| SHA256: | 1a9a5c797777f37463b44de2b49a7f95abca786db3977dcdac0f79da739c08ac |
| Infos: | |
Most interesting Screenshot:  | |
Detection
SysJoker
| Score: | 64 |
| Range: | 0 - 100 |
| Whitelisted: | false |
Signatures
Yara detected SysJoker
Found detection on Joe Sandbox Cloud Basic
Writes Mach-O files to untypical directories
Process executable has a file extension which is uncommon (probably to disguise the executable)
Reads the systems hostname
Creates launch services that start only when a logged in GUI user exists
Creates user-wide 'launchd' managed services aka launch agents
Creates 'launchd' managed services aka launch agents with bundle ID names to possibly disguise malicious intentions
Changes permissions of written Mach-O files
Executes commands using a shell command-line interpreter
Executes the "nohup" (no hangup) command used to avoid background terminal process from being killed
Writes FAT Mach-O files to disk
Creates memory-persistent launch services
Classification
General Information |
|---|
| Joe Sandbox Version: | 34.0.0 Boulder Opal |
| Analysis ID: | 1708605 |
| Start date: | 12.01.2022 |
| Start time: | 12:24:09 |
| Joe Sandbox Product: | Cloud |
| Overall analysis duration: | 0h 3m 57s |
| Hypervisor based Inspection enabled: | false |
| Report type: | full |
| Sample file name: | types-config.ts |
| Cookbook file name: | macOS - SysJoker - load provided binary as normal user.jbs |
| Analysis system description: | Mac Mini, Big Sur (Office 2019 16.55, Java 1.8.0_311) |
| Analysis Mode: | default |
| Detection: | MAL |
| Classification: | mal64.troj.evad.macTS@0/3@7/0 |
| Warnings: | Show All
|
Process Tree |
|---|
|
Yara Overview |
|---|
Initial Sample |
|---|
| Source | Rule | Description | Author | Strings |
|---|---|---|---|---|
| JoeSecurity_SysJoker | Yara detected SysJoker | Joe Security |
Dropped Files |
|---|
| Source | Rule | Description | Author | Strings |
|---|---|---|---|---|
| JoeSecurity_SysJoker | Yara detected SysJoker | Joe Security |
Memory Dumps |
|---|
| Source | Rule | Description | Author | Strings |
|---|---|---|---|---|
| JoeSecurity_SysJoker | Yara detected SysJoker | Joe Security | ||
| JoeSecurity_SysJoker | Yara detected SysJoker | Joe Security | ||
| JoeSecurity_SysJoker | Yara detected SysJoker | Joe Security | ||
| JoeSecurity_SysJoker | Yara detected SysJoker | Joe Security | ||
| JoeSecurity_SysJoker | Yara detected SysJoker | Joe Security |
Jbx Signature Overview |
|---|
Click to jump to signature section
Show All Signature Results
| Source: | HTTPS traffic detected: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | Writes from socket in process: | Jump to behavior | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | Reads from socket in process: | Jump to behavior | ||
| Source: | HTTPS traffic detected: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | HTTPS traffic detected: | ||
System Summary: |   |
|---|
| Found detection on Joe Sandbox Cloud Basic | Show sources | ||
| Source: | Joe Sandbox Cloud Basic: | Perma Link | ||
| Source: | Classification label: | ||
Persistence and Installation Behavior: | |
|---|
| Writes Mach-O files to untypical directories | Show sources | ||
| Source: | FAT Mach-O written to unusual path: | Jump to dropped file | ||
| Source: | Launch agent/daemon created with LimitLoadToSessionType Aqua, file created: | Jump to behavior | ||
| Source: | Permissions modified for written FAT Mach-O /Users/drew/Library/MacOsServices/updateMacOs: | Jump to dropped file | ||
| Source: | Shell command executed: | Jump to behavior | ||
| Source: | Shell command executed: | Jump to behavior | ||
| Source: | Shell command executed: | Jump to behavior | ||
| Source: | Shell command executed: | Jump to behavior | ||
| Source: | Shell command executed: | Jump to behavior | ||
| Source: | Shell command executed: | Jump to behavior | ||
| Source: | Shell command executed: | Jump to behavior | ||
| Source: | Shell command executed: | Jump to behavior | ||
| Source: | Nohup executable: | Jump to behavior | ||
| Source: | File written: | Jump to dropped file | ||
| Source: | XML plist file created: | Jump to dropped file | ||
| Source: | Launch agent created File created: | Jump to behavior | ||
| Source: | Launch agent/daemon created with KeepAlive and/or RunAtLoad, file created: | Jump to behavior | ||
Hooking and other Techniques for Hiding and Protection: | |
|---|
| Process executable has a file extension which is uncommon (probably to disguise the executable) | Show sources | ||
| Source: | Process executable with extension: | Jump to behavior | ||
| Source: | Launch agent created File created: | Jump to behavior | ||
| Source: | Sysctl requested: | Jump to behavior | ||
| Source: | Sysctl requested: | Jump to behavior | ||
| Source: | Sysctl requested: | Jump to behavior | ||
| Source: | Sysctl requested: | Jump to behavior | ||
Stealing of Sensitive Information: | |
|---|
| Yara detected SysJoker | Show sources | ||
| Source: | File source: | ||
| Source: | File source: | ||
| Source: | File source: | ||
| Source: | File source: | ||
| Source: | File source: | ||
| Source: | File source: | ||
| Source: | File source: | ||
Remote Access Functionality: | |
|---|
| Yara detected SysJoker | Show sources | ||
| Source: | File source: | ||
| Source: | File source: | ||
| Source: | File source: | ||
| Source: | File source: | ||
| Source: | File source: | ||
| Source: | File source: | ||
| Source: | File source: | ||
Mitre Att&ck Matrix |
|---|
| Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Exfiltration | Command and Control | Network Effects | Remote Service Effects | Impact |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Valid Accounts | Scripting1 | LC_LOAD_DYLIB Addition1 | LC_LOAD_DYLIB Addition1 | Masquerading21 | OS Credential Dumping | System Information Discovery1 | Remote Services | Data from Local System | Exfiltration Over Other Network Medium | Encrypted Channel1 | Eavesdrop on Insecure Network Communication | Remotely Track Device Without Authorization | Modify System Partition |
| Default Accounts | Scheduled Task/Job | Launch Agent4 | Launch Agent4 | Scripting1 | LSASS Memory | Application Window Discovery | Remote Desktop Protocol | Data from Removable Media | Exfiltration Over Bluetooth | Non-Application Layer Protocol1 | Exploit SS7 to Redirect Phone Calls/SMS | Remotely Wipe Data Without Authorization | Device Lockout |
| Domain Accounts | At (Linux) | Launch Daemon2 | Launch Daemon2 | Obfuscated Files or Information | Security Account Manager | Query Registry | SMB/Windows Admin Shares | Data from Network Shared Drive | Automated Exfiltration | Application Layer Protocol2 | Exploit SS7 to Track Device Location | Obtain Device Cloud Backups | Delete Device Data |
| Local Accounts | At (Windows) | Plist Modification1 | Plist Modification1 | Binary Padding | NTDS | System Network Configuration Discovery | Distributed Component Object Model | Input Capture | Scheduled Transfer | Protocol Impersonation | SIM Card Swap | Carrier Billing Fraud |
Behavior Graph |
|---|
Is Dropped
Number of created Files
Shell
Is malicious
InternetScreenshots |
|---|
Thumbnails
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Antivirus, Machine Learning and Genetic Malware Detection |
|---|
Initial Sample |
|---|
| No Antivirus matches |
|---|
Dropped Files |
|---|
| No Antivirus matches |
|---|
Domains |
|---|
| No Antivirus matches |
|---|
URLs |
|---|
| No Antivirus matches |
|---|
Domains and IPs |
|---|
Contacted Domains |
|---|
| Name | IP | Active | Malicious | Antivirus Detection | Reputation |
|---|---|---|---|---|---|
| graphic-updater.com | 23.254.131.176 | true | false | unknown | |
| drive.google.com | 142.250.186.110 | true | false | high | |
| googlehosted.l.googleusercontent.com | 142.250.186.65 | true | false | high | |
| doc-0k-2o-docs.googleusercontent.com | unknown | unknown | false | high | |
| r3.o.lencr.org | unknown | unknown | false | unknown |
URLs from Memory and Binaries |
|---|
| Name | Source | Malicious | Antivirus Detection | Reputation |
|---|---|---|---|---|
| false | unknown |
Contacted IPs |
|---|
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
Public |
|---|
| IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
|---|---|---|---|---|---|---|
| 87.248.100.168 | unknown | United Kingdom | 34010 | YAHOO-IRDGB | false | |
| 23.254.131.176 | graphic-updater.com | United States | 54290 | HOSTWINDSUS | false | |
| 2.16.12.64 | unknown | European Union | 16625 | AKAMAI-ASUS | false | |
| 142.250.186.110 | drive.google.com | United States | 15169 | GOOGLEUS | false | |
| 23.203.78.159 | unknown | United States | 16625 | AKAMAI-ASUS | false | |
| 142.250.186.65 | googlehosted.l.googleusercontent.com | United States | 15169 | GOOGLEUS | false |
Signature Similarity |
|---|
Sample Distance (10 = nearest)
10
9
8
7
6
5
4
3
2
1
| Samplename | Analysis ID | SHA256 | Similarity |
|---|
Joe Sandbox View / Context |
|---|
IPs |
|---|
| Match | Associated Sample Name / URL | SHA 256 | Detection | Link | Context |
|---|---|---|---|---|---|
| 23.254.131.176 | Get hash | malicious | Browse | ||
| Get hash | malicious | Browse | |||
| Get hash | malicious | Browse | |||
| Get hash | malicious | Browse | |||
| Get hash | malicious | Browse | |||
| Get hash | malicious | Browse | |||
| Get hash | malicious | Browse | |||
| Get hash | malicious | Browse |
Domains |
|---|
| Match | Associated Sample Name / URL | SHA 256 | Detection | Link | Context |
|---|---|---|---|---|---|
| graphic-updater.com | Get hash | malicious | Browse |
| |
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
|
ASN |
|---|
| Match | Associated Sample Name / URL | SHA 256 | Detection | Link | Context |
|---|---|---|---|---|---|
| HOSTWINDSUS | Get hash | malicious | Browse |
| |
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| AKAMAI-ASUS | Get hash | malicious | Browse |
| |
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| YAHOO-IRDGB | Get hash | malicious | Browse |
| |
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
|
JA3 Fingerprints |
|---|
| No context |
|---|
Dropped Files |
|---|
| No context |
|---|
Runtime Messages |
|---|
| Command: | sudo -u drew /Users/drew/Desktop/types-config.ts |
| Exit Code: | 0 |
| Exit Code Info: | |
| Killed: | False |
| Standard Output: | addToStatup |
| Standard Error: |
Created / dropped Files |
|---|
| Process: | /Users/drew/Desktop/types-config.ts |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 579 |
| Entropy (8bit): | 5.021176113008371 |
| Encrypted: | false |
| SSDEEP: | 12:TMHdgo+tJVEdQiCXFMBiyJd0vOD0er4TRa/S8e2EZy:2dfyiwKJdGecVaRwZy |
| MD5: | DB6B1181719A4315F1CD8EC13131B6B6 |
| SHA1: | FA9942FAEFE1F7530385457149A6B5B1811F1CB8 |
| SHA-256: | 7BDE80AC5268DA84DCE386E73CE6B44B87D61FBD841A563E9D559D8BA2666A14 |
| SHA-512: | 4151B3D3538ABDA8DAB6A44FB666E0C6A2C3A5CCE6751A46452D6BE01F804B25C47F471FB8F11366274558B95EB5631E6F1D2AA085A96FCDC4AB93F7DC42FD21 |
| Malicious: | false |
| Reputation: | low |
| Preview: |
|
| Process: | /bin/cp |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 360176 |
| Entropy (8bit): | 4.67371613955121 |
| Encrypted: | false |
| SSDEEP: | 6144:5xw19koSAgvRyrnN5ft9A7pIHWhT5FixbxLZ:CvgMrnN51qaH+T5wl |
| MD5: | E06E06752509F9CD8BC85AA1AA24DBA2 |
| SHA1: | 554AEF8BF44E7FA941E1190E41C8770E90F07254 |
| SHA-256: | 1A9A5C797777F37463B44DE2B49A7F95ABCA786DB3977DCDAC0F79DA739C08AC |
| SHA-512: | 78A210C5FD1AC8C601FBB4ED226E7AAF1CC5BDA187807BA3020997862FD54B59081F0B7F4FDC720ACFA8E3D6A35DBE9309E0B2FE38088F493A02717A1057A56E |
| Malicious: | true |
| Yara Hits: |
|
| Reputation: | low |
| Preview: |
|
| Process: | /Users/drew/Library/MacOsServices/updateMacOs |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 442 |
| Entropy (8bit): | 5.449112826225266 |
| Encrypted: | false |
| SSDEEP: | 12:oq2J58phXzDj/LwLK1BizIt9izItSqXpqX6qX2qX2qc:e5OBDnxmImI8sps6s2s2v |
| MD5: | 68EA8FBFBF8B41C2BF31561965A48326 |
| SHA1: | 30DF9A643B9901560C7D086A2A1AFBEDCA0615C8 |
| SHA-256: | 9C5D489FA3AE84FA9635B27AAA1099578BFD4DA48F6B9BD80F615BC2EC528B09 |
| SHA-512: | 90C5614A1DF73EECC38396B0ED6A347A24359912CDCC072433B485F741448001C4BD9D5A90EA9C0BF33C259D445A9A70D9DEECE807883D554577A87A2EA9FE96 |
| Malicious: | false |
| Reputation: | low |
| Preview: |
|
Static File Info |
|---|
General | |
|---|---|
| File type: | |
| Entropy (8bit): | 4.67371613955121 |
| TrID: |
|
| File name: | types-config.ts |
| File size: | 360176 |
| MD5: | e06e06752509f9cd8bc85aa1aa24dba2 |
| SHA1: | 554aef8bf44e7fa941e1190e41c8770e90f07254 |
| SHA256: | 1a9a5c797777f37463b44de2b49a7f95abca786db3977dcdac0f79da739c08ac |
| SHA512: | 78a210c5fd1ac8c601fbb4ed226e7aaf1cc5bda187807ba3020997862fd54b59081f0b7f4fdc720acfa8e3d6a35dbe9309e0b2fe38088f493a02717a1057a56e |
| SSDEEP: | 6144:5xw19koSAgvRyrnN5ft9A7pIHWhT5FixbxLZ:CvgMrnN51qaH+T5wl |
| File Content Preview: | ..................@.......................~.................................................................................................................................................................................................................... |
CodeSign Information |
|---|
|
Static Mach Info |
|---|
General Information for header 1 | |
|---|---|
| Endian: | |
| Size: | |
| Architecture: | |
| Filetype: | |
| Nbr. of load commands: | |
| Entry point: | |
| segment_command_64 aggregated: 5 |
|---|
| Name | Value |
|---|---|
| segname | __PAGEZERO |
| vmaddr | 0x0 |
| vmsize | 0x100000000 |
| fileoff | 0x0 |
| filesize | 0x0 |
| maxprot | 0x0 |
| initprot | 0x0 |
| nsects | 0 |
| flags | 0x0 |
| Name | Value | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| segname | __TEXT | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| vmaddr | 0x100000000 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| vmsize | 0x18000 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| fileoff | 0x0 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| filesize | 0x18000 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| maxprot | 0x5 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| initprot | 0x5 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| nsects | 7 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| flags | 0x0 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Datas |
|
| Name | Value | ||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| segname | __DATA_CONST | ||||||||||||||||||||||||||||||||||||||||
| vmaddr | 0x100018000 | ||||||||||||||||||||||||||||||||||||||||
| vmsize | 0x4000 | ||||||||||||||||||||||||||||||||||||||||
| fileoff | 0x18000 | ||||||||||||||||||||||||||||||||||||||||
| filesize | 0x4000 | ||||||||||||||||||||||||||||||||||||||||
| maxprot | 0x3 | ||||||||||||||||||||||||||||||||||||||||
| initprot | 0x3 | ||||||||||||||||||||||||||||||||||||||||
| nsects | 3 | ||||||||||||||||||||||||||||||||||||||||
| flags | 0x10 | ||||||||||||||||||||||||||||||||||||||||
| Datas |
|
| Name | Value | ||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| segname | __DATA | ||||||||||||||||||||||||||||||||||||||||
| vmaddr | 0x10001C000 | ||||||||||||||||||||||||||||||||||||||||
| vmsize | 0x4000 | ||||||||||||||||||||||||||||||||||||||||
| fileoff | 0x1C000 | ||||||||||||||||||||||||||||||||||||||||
| filesize | 0x4000 | ||||||||||||||||||||||||||||||||||||||||
| maxprot | 0x3 | ||||||||||||||||||||||||||||||||||||||||
| initprot | 0x3 | ||||||||||||||||||||||||||||||||||||||||
| nsects | 3 | ||||||||||||||||||||||||||||||||||||||||
| flags | 0x0 | ||||||||||||||||||||||||||||||||||||||||
| Datas |
|
| Name | Value |
|---|---|
| segname | __LINKEDIT |
| vmaddr | 0x100020000 |
| vmsize | 0xC000 |
| fileoff | 0x20000 |
| filesize | 0x8310 |
| maxprot | 0x1 |
| initprot | 0x1 |
| nsects | 0 |
| flags | 0x0 |
| dyld_info_command aggregated: 1 |
|---|
| Name | Value |
|---|---|
| rebase_off | 131072 |
| rebase_size | 56 |
| bind_off | 131128 |
| bind_size | 1360 |
| weak_bind_off | 132488 |
| weak_bind_size | 456 |
| lazy_bind_off | 132944 |
| lazy_bind_size | 3752 |
| export_off | 136696 |
| export_size | 312 |
| symtab_command aggregated: 1 |
|---|
| Name | Value |
|---|---|
| symoff | 137440 |
| nsyms | 131 |
| stroff | 140400 |
| strsize | 4432 |
| dysymtab_command aggregated: 1 |
|---|
| Name | Value |
|---|---|
| ilocalsym | 0 |
| nlocalsym | 1 |
| iextdefsym | 1 |
| nextdefsym | 7 |
| iundefsym | 8 |
| nundefsym | 123 |
| tocoff | 0 |
| ntoc | 0 |
| modtaboff | 0 |
| nmodtab | 0 |
| extrefsymoff | 0 |
| nextrefsyms | 0 |
| indirectsymoff | 139536 |
| nindirectsyms | 215 |
| extreloff | 0 |
| nextrel | 0 |
| locreloff | 0 |
| nlocrel | 0 |
| dylinker_command aggregated: 1 |
|---|
| Name | Value |
|---|---|
| name | 12 |
| Datas |
| uuid_command aggregated: 1 |
|---|
| Name | Value |
|---|---|
| uuid | b'\x81t\x81~\xf4\xcf9\x8d\x97[x`Fn\xae\xc7' |
| build_version_command aggregated: 1 |
|---|
| Name | Value |
|---|---|
| platform | 1 |
| minos | 721664 |
| sdk | 721664 |
| ntools | 1 |
| Datas |
| source_version_command aggregated: 1 |
|---|
| Name | Value |
|---|---|
| version | 0 |
| entry_point_command aggregated: 1 |
|---|
| Name | Value |
|---|---|
| entryoff | 26756 |
| stacksize | 0 |
| dylib_command aggregated: 3 |
|---|
| Name | Value |
|---|---|
| name | 24 |
| timestamp | Thu Jan 1 01:00:02 1970 |
| current_version | 9.0.0 |
| compatibility_version | 7.0.0 |
| Datas |
| Name | Value |
|---|---|
| name | 24 |
| timestamp | Thu Jan 1 01:00:02 1970 |
| current_version | 905.6.0 |
| compatibility_version | 1.0.0 |
| Datas |
| Name | Value |
|---|---|
| name | 24 |
| timestamp | Thu Jan 1 01:00:02 1970 |
| current_version | 1292.100.5 |
| compatibility_version | 1.0.0 |
| Datas |
| linkedit_data_command aggregated: 3 |
|---|
| Name | Value |
|---|---|
| dataoff | 137008 |
| datasize | 360 |
| Name | Value |
|---|---|
| dataoff | 137368 |
| datasize | 72 |
| Name | Value |
|---|---|
| dataoff | 144832 |
| datasize | 19792 |
Internal Symbols |
|---|
| __NSGetExecutablePath |
| __Unwind_Resume |
| __ZNKSt13runtime_error4whatEv |
| __ZNKSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEE7compareEPKc |
| __ZNKSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEE7compareEmmPKcm |
| __ZNKSt3__120__vector_base_commonILb1EE20__throw_length_errorEv |
| __ZNKSt3__121__basic_string_commonILb1EE20__throw_length_errorEv |
| __ZNKSt3__16locale9has_facetERNS0_2idE |
| __ZNKSt3__16locale9use_facetERNS0_2idE |
| __ZNKSt3__18ios_base6getlocEv |
| __ZNKSt9exception4whatEv |
| __ZNSt11logic_errorC2EPKc |
| __ZNSt12length_errorD1Ev |
| __ZNSt13runtime_errorC1EPKc |
| __ZNSt13runtime_errorC1ERKS_ |
| __ZNSt13runtime_errorD1Ev |
| __ZNSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEE5eraseEmm |
| __ZNSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEE6appendEPKc |
| __ZNSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEE6appendEPKcm |
| __ZNSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEE6assignEPKc |
| __ZNSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEE6insertEmPKc |
| __ZNSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEE6resizeEmc |
| __ZNSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEE9__grow_byEmmmmmm |
| __ZNSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEE9push_backEc |
| __ZNSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEEC1ERKS5_ |
| __ZNSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEEC1ERKS5_mmRKS4_ |
| __ZNSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEED1Ev |
| __ZNSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEEaSERKS5_ |
| __ZNSt3__113basic_ostreamIcNS_11char_traitsIcEEE5flushEv |
| __ZNSt3__113basic_ostreamIcNS_11char_traitsIcEEE5writeEPKcl |
| __ZNSt3__113basic_ostreamIcNS_11char_traitsIcEEE6sentryC1ERS3_ |
| __ZNSt3__113basic_ostreamIcNS_11char_traitsIcEEE6sentryD1Ev |
| __ZNSt3__113basic_ostreamIcNS_11char_traitsIcEEED0Ev |
| __ZNSt3__113basic_ostreamIcNS_11char_traitsIcEEED1Ev |
| __ZNSt3__113basic_ostreamIcNS_11char_traitsIcEEED2Ev |
| __ZNSt3__113basic_ostreamIcNS_11char_traitsIcEEElsEi |
| __ZNSt3__115basic_streambufIcNS_11char_traitsIcEEE5uflowEv |
| __ZNSt3__115basic_streambufIcNS_11char_traitsIcEEE6xsgetnEPcl |
| __ZNSt3__115basic_streambufIcNS_11char_traitsIcEEE6xsputnEPKcl |
| __ZNSt3__115basic_streambufIcNS_11char_traitsIcEEE9showmanycEv |
| __ZNSt3__115basic_streambufIcNS_11char_traitsIcEEEC2Ev |
| __ZNSt3__115basic_streambufIcNS_11char_traitsIcEEED2Ev |
| __ZNSt3__14__fs10filesystem14__current_pathEPNS_10error_codeE |
| __ZNSt3__14__fs10filesystem18__create_directoryERKNS1_4pathEPNS_10error_codeE |
| __ZNSt3__14__fs10filesystem8__removeERKNS1_4pathEPNS_10error_codeE |
| __ZNSt3__14__fs10filesystem8__statusERKNS1_4pathEPNS_10error_codeE |
| __ZNSt3__14cerrE |
| __ZNSt3__14coutE |
| __ZNSt3__15ctypeIcE2idE |
| __ZNSt3__16localeC1ERKS0_ |
| __ZNSt3__16localeD1Ev |
| __ZNSt3__17codecvtIcc11__mbstate_tE2idE |
| __ZNSt3__18ios_base33__set_badbit_and_consider_rethrowEv |
| __ZNSt3__18ios_base4initEPv |
| __ZNSt3__18ios_base5clearEj |
| __ZNSt3__19basic_iosIcNS_11char_traitsIcEEED2Ev |
| __ZNSt3__19to_stringEi |
| __ZNSt3__19to_stringEm |
| __ZNSt3__1plIcNS_11char_traitsIcEENS_9allocatorIcEEEENS_12basic_stringIT_T0_T1_EEPKS6_RKS9_ |
| __ZNSt8bad_castC1Ev |
| __ZNSt8bad_castD1Ev |
| __ZNSt9exceptionD1Ev |
| __ZNSt9exceptionD2Ev |
| __ZSt9terminatev |
| __ZTINSt3__113basic_filebufIcNS_11char_traitsIcEEEE |
| __ZTINSt3__113basic_ostreamIcNS_11char_traitsIcEEEE |
| __ZTINSt3__114basic_ofstreamIcNS_11char_traitsIcEEEE |
| __ZTINSt3__115basic_streambufIcNS_11char_traitsIcEEEE |
| __ZTINSt3__117bad_function_callE |
| __ZTISt12length_error |
| __ZTISt13runtime_error |
| __ZTISt8bad_cast |
| __ZTISt9exception |
| __ZTSNSt3__113basic_filebufIcNS_11char_traitsIcEEEE |
| __ZTSNSt3__114basic_ofstreamIcNS_11char_traitsIcEEEE |
| __ZTSNSt3__117bad_function_callE |
| __ZTVN10__cxxabiv120__si_class_type_infoE |
| __ZTVSt12length_error |
| __ZTVSt9exception |
| __ZTv0_n24_NSt3__113basic_ostreamIcNS_11char_traitsIcEEED0Ev |
| __ZTv0_n24_NSt3__113basic_ostreamIcNS_11char_traitsIcEEED1Ev |
| __ZdaPv |
| __ZdlPv |
| __Znam |
| __Znwm |
| ___assert_rtn |
| ___bzero |
| ___cxa_allocate_exception |
| ___cxa_atexit |
| ___cxa_begin_catch |
| ___cxa_end_catch |
| ___cxa_free_exception |
| ___cxa_get_exception_ptr |
| ___cxa_throw |
| ___error |
| ___gxx_personality_v0 |
| ___stack_chk_fail |
| ___stack_chk_guard |
| __mh_execute_header |
| _curl_easy_cleanup |
| _curl_easy_getinfo |
| _curl_easy_init |
| _curl_easy_perform |
| _curl_easy_setopt |
| _fclose |
| _fflush |
| _fgets |
| _fopen |
| _fread |
| _fseek |
| _fseeko |
| _ftello |
| _fwrite |
| _localeconv |
| _memchr |
| _memcmp |
| _memcpy |
| _memmove |
| _memset |
| _pclose |
| _popen |
| _rand |
| _sleep |
| _snprintf |
| _strlen |
| _strtod |
| _strtoll |
| _strtoull |
| _system |
| dyld_stub_binder |
| radr://5614542 |
External symbols |
|---|
| __NSGetExecutablePath |
| __Unwind_Resume |
| __ZNKSt13runtime_error4whatEv |
| __ZNKSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEE7compareEPKc |
| __ZNKSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEE7compareEmmPKcm |
| __ZNKSt3__120__vector_base_commonILb1EE20__throw_length_errorEv |
| __ZNKSt3__121__basic_string_commonILb1EE20__throw_length_errorEv |
| __ZNKSt3__16locale9has_facetERNS0_2idE |
| __ZNKSt3__16locale9use_facetERNS0_2idE |
| __ZNKSt3__18ios_base6getlocEv |
| __ZNSt11logic_errorC2EPKc |
| __ZNSt13runtime_errorC1EPKc |
| __ZNSt13runtime_errorC1ERKS_ |
| __ZNSt13runtime_errorD1Ev |
| __ZNSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEE5eraseEmm |
| __ZNSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEE6appendEPKc |
| __ZNSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEE6appendEPKcm |
| __ZNSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEE6assignEPKc |
| __ZNSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEE6insertEmPKc |
| __ZNSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEE6resizeEmc |
| __ZNSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEE9__grow_byEmmmmmm |
| __ZNSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEE9push_backEc |
| __ZNSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEEC1ERKS5_ |
| __ZNSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEEC1ERKS5_mmRKS4_ |
| __ZNSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEED1Ev |
| __ZNSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEEaSERKS5_ |
| __ZNSt3__113basic_ostreamIcNS_11char_traitsIcEEE5flushEv |
| __ZNSt3__113basic_ostreamIcNS_11char_traitsIcEEE5writeEPKcl |
| __ZNSt3__113basic_ostreamIcNS_11char_traitsIcEEE6sentryC1ERS3_ |
| __ZNSt3__113basic_ostreamIcNS_11char_traitsIcEEE6sentryD1Ev |
| __ZNSt3__113basic_ostreamIcNS_11char_traitsIcEEED2Ev |
| __ZNSt3__113basic_ostreamIcNS_11char_traitsIcEEElsEi |
| __ZNSt3__115basic_streambufIcNS_11char_traitsIcEEEC2Ev |
| __ZNSt3__115basic_streambufIcNS_11char_traitsIcEEED2Ev |
| __ZNSt3__14__fs10filesystem14__current_pathEPNS_10error_codeE |
| __ZNSt3__14__fs10filesystem18__create_directoryERKNS1_4pathEPNS_10error_codeE |
| __ZNSt3__14__fs10filesystem8__removeERKNS1_4pathEPNS_10error_codeE |
| __ZNSt3__14__fs10filesystem8__statusERKNS1_4pathEPNS_10error_codeE |
| __ZNSt3__16localeC1ERKS0_ |
| __ZNSt3__16localeD1Ev |
| __ZNSt3__18ios_base33__set_badbit_and_consider_rethrowEv |
| __ZNSt3__18ios_base4initEPv |
| __ZNSt3__18ios_base5clearEj |
| __ZNSt3__19basic_iosIcNS_11char_traitsIcEEED2Ev |
| __ZNSt3__19to_stringEi |
| __ZNSt3__19to_stringEm |
| __ZNSt3__1plIcNS_11char_traitsIcEENS_9allocatorIcEEEENS_12basic_stringIT_T0_T1_EEPKS6_RKS9_ |
| __ZNSt8bad_castC1Ev |
| __ZNSt9exceptionD1Ev |
| __ZNSt9exceptionD2Ev |
| __ZSt9terminatev |
| ___assert_rtn |
| ___bzero |
| ___cxa_allocate_exception |
| ___cxa_atexit |
| ___cxa_begin_catch |
| ___cxa_end_catch |
| ___cxa_free_exception |
| ___cxa_get_exception_ptr |
| ___cxa_throw |
| ___error |
| ___stack_chk_fail |
| _curl_easy_cleanup |
| _curl_easy_getinfo |
| _curl_easy_init |
| _curl_easy_perform |
| _curl_easy_setopt |
| _fclose |
| _fflush |
| _fgets |
| _fopen |
| _fread |
| _fseek |
| _fseeko |
| _ftello |
| _fwrite |
| _localeconv |
| _memchr |
| _memcmp |
| _memcpy |
| _memmove |
| _memset |
| _pclose |
| _popen |
| _rand |
| _sleep |
| _snprintf |
| _strlen |
| _strtod |
| _strtoll |
| _strtoull |
| _system |
General Information for header 2 | |
|---|---|
| Endian: | |
| Size: | |
| Architecture: | |
| Filetype: | |
| Nbr. of load commands: | |
| Entry point: | |
| segment_command_64 aggregated: 5 |
|---|
| Name | Value |
|---|---|
| segname | __PAGEZERO |
| vmaddr | 0x0 |
| vmsize | 0x100000000 |
| fileoff | 0x0 |
| filesize | 0x0 |
| maxprot | 0x0 |
| initprot | 0x0 |
| nsects | 0 |
| flags | 0x0 |
| Name | Value | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| segname | __TEXT | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| vmaddr | 0x100000000 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| vmsize | 0x18000 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| fileoff | 0x0 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| filesize | 0x18000 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| maxprot | 0x5 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| initprot | 0x5 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| nsects | 8 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| flags | 0x0 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Datas |
|
| Name | Value | ||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| segname | __DATA_CONST | ||||||||||||||||||||||||||||||||||||||||
| vmaddr | 0x100018000 | ||||||||||||||||||||||||||||||||||||||||
| vmsize | 0x4000 | ||||||||||||||||||||||||||||||||||||||||
| fileoff | 0x18000 | ||||||||||||||||||||||||||||||||||||||||
| filesize | 0x4000 | ||||||||||||||||||||||||||||||||||||||||
| maxprot | 0x3 | ||||||||||||||||||||||||||||||||||||||||
| initprot | 0x3 | ||||||||||||||||||||||||||||||||||||||||
| nsects | 3 | ||||||||||||||||||||||||||||||||||||||||
| flags | 0x10 | ||||||||||||||||||||||||||||||||||||||||
| Datas |
|
| Name | Value | ||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| segname | __DATA | ||||||||||||||||||||||||||||||||||||||||
| vmaddr | 0x10001C000 | ||||||||||||||||||||||||||||||||||||||||
| vmsize | 0x4000 | ||||||||||||||||||||||||||||||||||||||||
| fileoff | 0x1C000 | ||||||||||||||||||||||||||||||||||||||||
| filesize | 0x4000 | ||||||||||||||||||||||||||||||||||||||||
| maxprot | 0x3 | ||||||||||||||||||||||||||||||||||||||||
| initprot | 0x3 | ||||||||||||||||||||||||||||||||||||||||
| nsects | 3 | ||||||||||||||||||||||||||||||||||||||||
| flags | 0x0 | ||||||||||||||||||||||||||||||||||||||||
| Datas |
|
| Name | Value |
|---|---|
| segname | __LINKEDIT |
| vmaddr | 0x100020000 |
| vmsize | 0x8000 |
| fileoff | 0x20000 |
| filesize | 0x7EF0 |
| maxprot | 0x1 |
| initprot | 0x1 |
| nsects | 0 |
| flags | 0x0 |
| dyld_info_command aggregated: 1 |
|---|
| Name | Value |
|---|---|
| rebase_off | 131072 |
| rebase_size | 56 |
| bind_off | 131128 |
| bind_size | 1360 |
| weak_bind_off | 132488 |
| weak_bind_size | 120 |
| lazy_bind_off | 132608 |
| lazy_bind_size | 3744 |
| export_off | 136352 |
| export_size | 32 |
| symtab_command aggregated: 1 |
|---|
| Name | Value |
|---|---|
| symoff | 136752 |
| nsyms | 125 |
| stroff | 139608 |
| strsize | 4160 |
| dysymtab_command aggregated: 1 |
|---|
| Name | Value |
|---|---|
| ilocalsym | 0 |
| nlocalsym | 1 |
| iextdefsym | 1 |
| nextdefsym | 1 |
| iundefsym | 2 |
| nundefsym | 123 |
| tocoff | 0 |
| ntoc | 0 |
| modtaboff | 0 |
| nmodtab | 0 |
| extrefsymoff | 0 |
| nextrefsyms | 0 |
| indirectsymoff | 138752 |
| nindirectsyms | 214 |
| extreloff | 0 |
| nextrel | 0 |
| locreloff | 0 |
| nlocrel | 0 |
| dylinker_command aggregated: 1 |
|---|
| Name | Value |
|---|---|
| name | 12 |
| Datas |
| uuid_command aggregated: 1 |
|---|
| Name | Value |
|---|---|
| uuid | b'\xec\x10\xd8Nr?=\x9a\x85$\xcd\xc7\x06t\x9dh' |
| build_version_command aggregated: 1 |
|---|
| Name | Value |
|---|---|
| platform | 1 |
| minos | 721664 |
| sdk | 721664 |
| ntools | 1 |
| Datas |
| source_version_command aggregated: 1 |
|---|
| Name | Value |
|---|---|
| version | 0 |
| entry_point_command aggregated: 1 |
|---|
| Name | Value |
|---|---|
| entryoff | 25300 |
| stacksize | 0 |
| dylib_command aggregated: 3 |
|---|
| Name | Value |
|---|---|
| name | 24 |
| timestamp | Thu Jan 1 01:00:02 1970 |
| current_version | 9.0.0 |
| compatibility_version | 7.0.0 |
| Datas |
| Name | Value |
|---|---|
| name | 24 |
| timestamp | Thu Jan 1 01:00:02 1970 |
| current_version | 905.6.0 |
| compatibility_version | 1.0.0 |
| Datas |
| Name | Value |
|---|---|
| name | 24 |
| timestamp | Thu Jan 1 01:00:02 1970 |
| current_version | 1292.100.5 |
| compatibility_version | 1.0.0 |
| Datas |
| linkedit_data_command aggregated: 3 |
|---|
| Name | Value |
|---|---|
| dataoff | 136384 |
| datasize | 368 |
| Name | Value |
|---|---|
| dataoff | 136752 |
| datasize | 0 |
| Name | Value |
|---|---|
| dataoff | 143776 |
| datasize | 19792 |
Internal Symbols |
|---|
| __NSGetExecutablePath |
| __Unwind_Resume |
| __ZNKSt13runtime_error4whatEv |
| __ZNKSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEE7compareEPKc |
| __ZNKSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEE7compareEmmPKcm |
| __ZNKSt3__120__vector_base_commonILb1EE20__throw_length_errorEv |
| __ZNKSt3__121__basic_string_commonILb1EE20__throw_length_errorEv |
| __ZNKSt3__16locale9has_facetERNS0_2idE |
| __ZNKSt3__16locale9use_facetERNS0_2idE |
| __ZNKSt3__18ios_base6getlocEv |
| __ZNKSt9exception4whatEv |
| __ZNSt11logic_errorC2EPKc |
| __ZNSt12length_errorD1Ev |
| __ZNSt13runtime_errorC1EPKc |
| __ZNSt13runtime_errorC1ERKS_ |
| __ZNSt13runtime_errorD1Ev |
| __ZNSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEE5eraseEmm |
| __ZNSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEE6appendEPKc |
| __ZNSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEE6appendEPKcm |
| __ZNSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEE6assignEPKc |
| __ZNSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEE6insertEmPKc |
| __ZNSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEE6resizeEmc |
| __ZNSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEE9__grow_byEmmmmmm |
| __ZNSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEE9push_backEc |
| __ZNSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEEC1ERKS5_ |
| __ZNSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEEC1ERKS5_mmRKS4_ |
| __ZNSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEED1Ev |
| __ZNSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEEaSERKS5_ |
| __ZNSt3__113basic_ostreamIcNS_11char_traitsIcEEE5flushEv |
| __ZNSt3__113basic_ostreamIcNS_11char_traitsIcEEE5writeEPKcl |
| __ZNSt3__113basic_ostreamIcNS_11char_traitsIcEEE6sentryC1ERS3_ |
| __ZNSt3__113basic_ostreamIcNS_11char_traitsIcEEE6sentryD1Ev |
| __ZNSt3__113basic_ostreamIcNS_11char_traitsIcEEED0Ev |
| __ZNSt3__113basic_ostreamIcNS_11char_traitsIcEEED1Ev |
| __ZNSt3__113basic_ostreamIcNS_11char_traitsIcEEED2Ev |
| __ZNSt3__113basic_ostreamIcNS_11char_traitsIcEEElsEi |
| __ZNSt3__115basic_streambufIcNS_11char_traitsIcEEE5uflowEv |
| __ZNSt3__115basic_streambufIcNS_11char_traitsIcEEE6xsgetnEPcl |
| __ZNSt3__115basic_streambufIcNS_11char_traitsIcEEE6xsputnEPKcl |
| __ZNSt3__115basic_streambufIcNS_11char_traitsIcEEE9showmanycEv |
| __ZNSt3__115basic_streambufIcNS_11char_traitsIcEEEC2Ev |
| __ZNSt3__115basic_streambufIcNS_11char_traitsIcEEED2Ev |
| __ZNSt3__14__fs10filesystem14__current_pathEPNS_10error_codeE |
| __ZNSt3__14__fs10filesystem18__create_directoryERKNS1_4pathEPNS_10error_codeE |
| __ZNSt3__14__fs10filesystem8__removeERKNS1_4pathEPNS_10error_codeE |
| __ZNSt3__14__fs10filesystem8__statusERKNS1_4pathEPNS_10error_codeE |
| __ZNSt3__14cerrE |
| __ZNSt3__14coutE |
| __ZNSt3__15ctypeIcE2idE |
| __ZNSt3__16localeC1ERKS0_ |
| __ZNSt3__16localeD1Ev |
| __ZNSt3__17codecvtIcc11__mbstate_tE2idE |
| __ZNSt3__18ios_base33__set_badbit_and_consider_rethrowEv |
| __ZNSt3__18ios_base4initEPv |
| __ZNSt3__18ios_base5clearEj |
| __ZNSt3__19basic_iosIcNS_11char_traitsIcEEED2Ev |
| __ZNSt3__19to_stringEi |
| __ZNSt3__19to_stringEm |
| __ZNSt3__1plIcNS_11char_traitsIcEENS_9allocatorIcEEEENS_12basic_stringIT_T0_T1_EEPKS6_RKS9_ |
| __ZNSt8bad_castC1Ev |
| __ZNSt8bad_castD1Ev |
| __ZNSt9exceptionD1Ev |
| __ZNSt9exceptionD2Ev |
| __ZSt9terminatev |
| __ZTINSt3__113basic_ostreamIcNS_11char_traitsIcEEEE |
| __ZTINSt3__115basic_streambufIcNS_11char_traitsIcEEEE |
| __ZTISt12length_error |
| __ZTISt13runtime_error |
| __ZTISt8bad_cast |
| __ZTISt9exception |
| __ZTVN10__cxxabiv120__si_class_type_infoE |
| __ZTVSt12length_error |
| __ZTVSt9exception |
| __ZTv0_n24_NSt3__113basic_ostreamIcNS_11char_traitsIcEEED0Ev |
| __ZTv0_n24_NSt3__113basic_ostreamIcNS_11char_traitsIcEEED1Ev |
| __ZdaPv |
| __ZdlPv |
| __Znam |
| __Znwm |
| ___assert_rtn |
| ___cxa_allocate_exception |
| ___cxa_atexit |
| ___cxa_begin_catch |
| ___cxa_end_catch |
| ___cxa_free_exception |
| ___cxa_get_exception_ptr |
| ___cxa_throw |
| ___error |
| ___gxx_personality_v0 |
| ___stack_chk_fail |
| ___stack_chk_guard |
| __mh_execute_header |
| _bzero |
| _curl_easy_cleanup |
| _curl_easy_getinfo |
| _curl_easy_init |
| _curl_easy_perform |
| _curl_easy_setopt |
| _fclose |
| _fflush |
| _fgets |
| _fopen |
| _fread |
| _fseek |
| _fseeko |
| _ftello |
| _fwrite |
| _localeconv |
| _memchr |
| _memcmp |
| _memcpy |
| _memmove |
| _memset |
| _pclose |
| _popen |
| _rand |
| _sleep |
| _snprintf |
| _strlen |
| _strtod |
| _strtoll |
| _strtoull |
| _system |
| dyld_stub_binder |
| radr://5614542 |
External symbols |
|---|
| __NSGetExecutablePath |
| __Unwind_Resume |
| __ZNKSt13runtime_error4whatEv |
| __ZNKSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEE7compareEPKc |
| __ZNKSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEE7compareEmmPKcm |
| __ZNKSt3__120__vector_base_commonILb1EE20__throw_length_errorEv |
| __ZNKSt3__121__basic_string_commonILb1EE20__throw_length_errorEv |
| __ZNKSt3__16locale9has_facetERNS0_2idE |
| __ZNKSt3__16locale9use_facetERNS0_2idE |
| __ZNKSt3__18ios_base6getlocEv |
| __ZNSt11logic_errorC2EPKc |
| __ZNSt13runtime_errorC1EPKc |
| __ZNSt13runtime_errorC1ERKS_ |
| __ZNSt13runtime_errorD1Ev |
| __ZNSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEE5eraseEmm |
| __ZNSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEE6appendEPKc |
| __ZNSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEE6appendEPKcm |
| __ZNSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEE6assignEPKc |
| __ZNSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEE6insertEmPKc |
| __ZNSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEE6resizeEmc |
| __ZNSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEE9__grow_byEmmmmmm |
| __ZNSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEE9push_backEc |
| __ZNSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEEC1ERKS5_ |
| __ZNSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEEC1ERKS5_mmRKS4_ |
| __ZNSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEED1Ev |
| __ZNSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEEaSERKS5_ |
| __ZNSt3__113basic_ostreamIcNS_11char_traitsIcEEE5flushEv |
| __ZNSt3__113basic_ostreamIcNS_11char_traitsIcEEE5writeEPKcl |
| __ZNSt3__113basic_ostreamIcNS_11char_traitsIcEEE6sentryC1ERS3_ |
| __ZNSt3__113basic_ostreamIcNS_11char_traitsIcEEE6sentryD1Ev |
| __ZNSt3__113basic_ostreamIcNS_11char_traitsIcEEED2Ev |
| __ZNSt3__113basic_ostreamIcNS_11char_traitsIcEEElsEi |
| __ZNSt3__115basic_streambufIcNS_11char_traitsIcEEEC2Ev |
| __ZNSt3__115basic_streambufIcNS_11char_traitsIcEEED2Ev |
| __ZNSt3__14__fs10filesystem14__current_pathEPNS_10error_codeE |
| __ZNSt3__14__fs10filesystem18__create_directoryERKNS1_4pathEPNS_10error_codeE |
| __ZNSt3__14__fs10filesystem8__removeERKNS1_4pathEPNS_10error_codeE |
| __ZNSt3__14__fs10filesystem8__statusERKNS1_4pathEPNS_10error_codeE |
| __ZNSt3__16localeC1ERKS0_ |
| __ZNSt3__16localeD1Ev |
| __ZNSt3__18ios_base33__set_badbit_and_consider_rethrowEv |
| __ZNSt3__18ios_base4initEPv |
| __ZNSt3__18ios_base5clearEj |
| __ZNSt3__19basic_iosIcNS_11char_traitsIcEEED2Ev |
| __ZNSt3__19to_stringEi |
| __ZNSt3__19to_stringEm |
| __ZNSt3__1plIcNS_11char_traitsIcEENS_9allocatorIcEEEENS_12basic_stringIT_T0_T1_EEPKS6_RKS9_ |
| __ZNSt8bad_castC1Ev |
| __ZNSt9exceptionD1Ev |
| __ZNSt9exceptionD2Ev |
| __ZSt9terminatev |
| ___assert_rtn |
| ___cxa_allocate_exception |
| ___cxa_atexit |
| ___cxa_begin_catch |
| ___cxa_end_catch |
| ___cxa_free_exception |
| ___cxa_get_exception_ptr |
| ___cxa_throw |
| ___error |
| ___stack_chk_fail |
| _bzero |
| _curl_easy_cleanup |
| _curl_easy_getinfo |
| _curl_easy_init |
| _curl_easy_perform |
| _curl_easy_setopt |
| _fclose |
| _fflush |
| _fgets |
| _fopen |
| _fread |
| _fseek |
| _fseeko |
| _ftello |
| _fwrite |
| _localeconv |
| _memchr |
| _memcmp |
| _memcpy |
| _memmove |
| _memset |
| _pclose |
| _popen |
| _rand |
| _sleep |
| _snprintf |
| _strlen |
| _strtod |
| _strtoll |
| _strtoull |
| _system |
Network Behavior |
|---|
Snort IDS Alerts |
|---|
| Timestamp | Protocol | SID | Message | Source Port | Dest Port | Source IP | Dest IP |
|---|---|---|---|---|---|---|---|
| 01/12/22-12:26:23.106602 | UDP | 254 | DNS SPOOF query response with TTL of 1 min. and no authority | 53 | 55258 | 8.8.8.8 | 192.168.0.52 |
Network Port Distribution |
|---|
TCP Packets |
|---|
| Timestamp | Source Port | Dest Port | Source IP | Dest IP |
|---|---|---|---|---|
| Jan 12, 2022 12:24:32.231246948 CET | 49386 | 443 | 192.168.0.52 | 142.250.186.110 |
| Jan 12, 2022 12:24:32.241853952 CET | 443 | 49386 | 142.250.186.110 | 192.168.0.52 |
| Jan 12, 2022 12:24:32.242077112 CET | 49386 | 443 | 192.168.0.52 | 142.250.186.110 |
| Jan 12, 2022 12:24:32.256373882 CET | 49386 | 443 | 192.168.0.52 | 142.250.186.110 |
| Jan 12, 2022 12:24:32.267055988 CET | 443 | 49386 | 142.250.186.110 | 192.168.0.52 |
| Jan 12, 2022 12:24:32.274384975 CET | 443 | 49386 | 142.250.186.110 | 192.168.0.52 |
| Jan 12, 2022 12:24:32.274410963 CET | 443 | 49386 | 142.250.186.110 | 192.168.0.52 |
| Jan 12, 2022 12:24:32.274426937 CET | 443 | 49386 | 142.250.186.110 | 192.168.0.52 |
| Jan 12, 2022 12:24:32.274507999 CET | 443 | 49386 | 142.250.186.110 | 192.168.0.52 |
| Jan 12, 2022 12:24:32.274525881 CET | 443 | 49386 | 142.250.186.110 | 192.168.0.52 |
| Jan 12, 2022 12:24:32.274919033 CET | 49386 | 443 | 192.168.0.52 | 142.250.186.110 |
| Jan 12, 2022 12:24:32.274972916 CET | 49386 | 443 | 192.168.0.52 | 142.250.186.110 |
| Jan 12, 2022 12:24:32.274981976 CET | 49386 | 443 | 192.168.0.52 | 142.250.186.110 |
| Jan 12, 2022 12:24:32.274987936 CET | 49386 | 443 | 192.168.0.52 | 142.250.186.110 |
| Jan 12, 2022 12:24:32.274991989 CET | 49386 | 443 | 192.168.0.52 | 142.250.186.110 |
| Jan 12, 2022 12:24:32.278945923 CET | 49386 | 443 | 192.168.0.52 | 142.250.186.110 |
| Jan 12, 2022 12:24:32.279345036 CET | 49386 | 443 | 192.168.0.52 | 142.250.186.110 |
| Jan 12, 2022 12:24:32.290148973 CET | 443 | 49386 | 142.250.186.110 | 192.168.0.52 |
| Jan 12, 2022 12:24:32.290174961 CET | 443 | 49386 | 142.250.186.110 | 192.168.0.52 |
| Jan 12, 2022 12:24:32.290450096 CET | 49386 | 443 | 192.168.0.52 | 142.250.186.110 |
| Jan 12, 2022 12:24:32.290532112 CET | 49386 | 443 | 192.168.0.52 | 142.250.186.110 |
| Jan 12, 2022 12:24:32.290663958 CET | 49386 | 443 | 192.168.0.52 | 142.250.186.110 |
| Jan 12, 2022 12:24:32.290761948 CET | 49386 | 443 | 192.168.0.52 | 142.250.186.110 |
| Jan 12, 2022 12:24:32.290774107 CET | 49386 | 443 | 192.168.0.52 | 142.250.186.110 |
| Jan 12, 2022 12:24:32.290779114 CET | 49386 | 443 | 192.168.0.52 | 142.250.186.110 |
| Jan 12, 2022 12:24:32.290889978 CET | 49386 | 443 | 192.168.0.52 | 142.250.186.110 |
| Jan 12, 2022 12:24:32.299557924 CET | 443 | 49386 | 142.250.186.110 | 192.168.0.52 |
| Jan 12, 2022 12:24:32.299864054 CET | 49386 | 443 | 192.168.0.52 | 142.250.186.110 |
| Jan 12, 2022 12:24:32.301451921 CET | 443 | 49386 | 142.250.186.110 | 192.168.0.52 |
| Jan 12, 2022 12:24:32.301554918 CET | 443 | 49386 | 142.250.186.110 | 192.168.0.52 |
| Jan 12, 2022 12:24:32.301703930 CET | 49386 | 443 | 192.168.0.52 | 142.250.186.110 |
| Jan 12, 2022 12:24:32.624437094 CET | 443 | 49386 | 142.250.186.110 | 192.168.0.52 |
| Jan 12, 2022 12:24:32.624461889 CET | 443 | 49386 | 142.250.186.110 | 192.168.0.52 |
| Jan 12, 2022 12:24:32.624478102 CET | 443 | 49386 | 142.250.186.110 | 192.168.0.52 |
| Jan 12, 2022 12:24:32.624774933 CET | 49386 | 443 | 192.168.0.52 | 142.250.186.110 |
| Jan 12, 2022 12:24:32.624813080 CET | 49386 | 443 | 192.168.0.52 | 142.250.186.110 |
| Jan 12, 2022 12:24:32.624820948 CET | 49386 | 443 | 192.168.0.52 | 142.250.186.110 |
| Jan 12, 2022 12:24:32.624953985 CET | 49386 | 443 | 192.168.0.52 | 142.250.186.110 |
| Jan 12, 2022 12:24:32.640494108 CET | 443 | 49386 | 142.250.186.110 | 192.168.0.52 |
| Jan 12, 2022 12:24:32.647367954 CET | 49387 | 443 | 192.168.0.52 | 142.250.186.65 |
| Jan 12, 2022 12:24:32.658170938 CET | 443 | 49387 | 142.250.186.65 | 192.168.0.52 |
| Jan 12, 2022 12:24:32.658458948 CET | 49387 | 443 | 192.168.0.52 | 142.250.186.65 |
| Jan 12, 2022 12:24:32.665271044 CET | 49387 | 443 | 192.168.0.52 | 142.250.186.65 |
| Jan 12, 2022 12:24:32.675985098 CET | 443 | 49387 | 142.250.186.65 | 192.168.0.52 |
| Jan 12, 2022 12:24:32.683679104 CET | 443 | 49387 | 142.250.186.65 | 192.168.0.52 |
| Jan 12, 2022 12:24:32.683705091 CET | 443 | 49387 | 142.250.186.65 | 192.168.0.52 |
| Jan 12, 2022 12:24:32.683721066 CET | 443 | 49387 | 142.250.186.65 | 192.168.0.52 |
| Jan 12, 2022 12:24:32.683737040 CET | 443 | 49387 | 142.250.186.65 | 192.168.0.52 |
| Jan 12, 2022 12:24:32.683753014 CET | 443 | 49387 | 142.250.186.65 | 192.168.0.52 |
| Jan 12, 2022 12:24:32.683769941 CET | 443 | 49387 | 142.250.186.65 | 192.168.0.52 |
| Jan 12, 2022 12:24:32.683979034 CET | 49387 | 443 | 192.168.0.52 | 142.250.186.65 |
| Jan 12, 2022 12:24:32.684017897 CET | 49387 | 443 | 192.168.0.52 | 142.250.186.65 |
| Jan 12, 2022 12:24:32.684065104 CET | 49387 | 443 | 192.168.0.52 | 142.250.186.65 |
| Jan 12, 2022 12:24:32.684072971 CET | 49387 | 443 | 192.168.0.52 | 142.250.186.65 |
| Jan 12, 2022 12:24:32.684077978 CET | 49387 | 443 | 192.168.0.52 | 142.250.186.65 |
| Jan 12, 2022 12:24:32.684082985 CET | 49387 | 443 | 192.168.0.52 | 142.250.186.65 |
| Jan 12, 2022 12:24:32.685247898 CET | 49387 | 443 | 192.168.0.52 | 142.250.186.65 |
| Jan 12, 2022 12:24:32.685461044 CET | 49387 | 443 | 192.168.0.52 | 142.250.186.65 |
| Jan 12, 2022 12:24:32.696197033 CET | 443 | 49387 | 142.250.186.65 | 192.168.0.52 |
| Jan 12, 2022 12:24:32.696219921 CET | 443 | 49387 | 142.250.186.65 | 192.168.0.52 |
| Jan 12, 2022 12:24:32.696470022 CET | 49387 | 443 | 192.168.0.52 | 142.250.186.65 |
| Jan 12, 2022 12:24:32.696522951 CET | 49387 | 443 | 192.168.0.52 | 142.250.186.65 |
| Jan 12, 2022 12:24:32.696680069 CET | 49387 | 443 | 192.168.0.52 | 142.250.186.65 |
| Jan 12, 2022 12:24:32.696698904 CET | 49387 | 443 | 192.168.0.52 | 142.250.186.65 |
| Jan 12, 2022 12:24:32.696705103 CET | 49387 | 443 | 192.168.0.52 | 142.250.186.65 |
| Jan 12, 2022 12:24:32.696711063 CET | 49387 | 443 | 192.168.0.52 | 142.250.186.65 |
| Jan 12, 2022 12:24:32.696805954 CET | 49387 | 443 | 192.168.0.52 | 142.250.186.65 |
| Jan 12, 2022 12:24:32.707474947 CET | 443 | 49387 | 142.250.186.65 | 192.168.0.52 |
| Jan 12, 2022 12:24:32.707499027 CET | 443 | 49387 | 142.250.186.65 | 192.168.0.52 |
| Jan 12, 2022 12:24:32.707587004 CET | 443 | 49387 | 142.250.186.65 | 192.168.0.52 |
| Jan 12, 2022 12:24:32.707712889 CET | 49387 | 443 | 192.168.0.52 | 142.250.186.65 |
| Jan 12, 2022 12:24:32.897717953 CET | 443 | 49387 | 142.250.186.65 | 192.168.0.52 |
| Jan 12, 2022 12:24:32.897742987 CET | 443 | 49387 | 142.250.186.65 | 192.168.0.52 |
| Jan 12, 2022 12:24:32.897758007 CET | 443 | 49387 | 142.250.186.65 | 192.168.0.52 |
| Jan 12, 2022 12:24:32.897927999 CET | 443 | 49387 | 142.250.186.65 | 192.168.0.52 |
| Jan 12, 2022 12:24:32.897943974 CET | 443 | 49387 | 142.250.186.65 | 192.168.0.52 |
| Jan 12, 2022 12:24:32.898065090 CET | 49387 | 443 | 192.168.0.52 | 142.250.186.65 |
| Jan 12, 2022 12:24:32.898103952 CET | 49387 | 443 | 192.168.0.52 | 142.250.186.65 |
| Jan 12, 2022 12:24:32.898112059 CET | 49387 | 443 | 192.168.0.52 | 142.250.186.65 |
| Jan 12, 2022 12:24:32.898117065 CET | 49387 | 443 | 192.168.0.52 | 142.250.186.65 |
| Jan 12, 2022 12:24:32.898122072 CET | 49387 | 443 | 192.168.0.52 | 142.250.186.65 |
| Jan 12, 2022 12:24:32.911829948 CET | 49388 | 443 | 192.168.0.52 | 23.254.131.176 |
| Jan 12, 2022 12:24:33.041645050 CET | 443 | 49388 | 23.254.131.176 | 192.168.0.52 |
| Jan 12, 2022 12:24:33.041908979 CET | 49388 | 443 | 192.168.0.52 | 23.254.131.176 |
| Jan 12, 2022 12:24:33.050260067 CET | 49388 | 443 | 192.168.0.52 | 23.254.131.176 |
| Jan 12, 2022 12:24:33.180021048 CET | 443 | 49388 | 23.254.131.176 | 192.168.0.52 |
| Jan 12, 2022 12:24:33.180424929 CET | 443 | 49388 | 23.254.131.176 | 192.168.0.52 |
| Jan 12, 2022 12:24:33.180541039 CET | 443 | 49388 | 23.254.131.176 | 192.168.0.52 |
| Jan 12, 2022 12:24:33.180556059 CET | 443 | 49388 | 23.254.131.176 | 192.168.0.52 |
| Jan 12, 2022 12:24:33.180572033 CET | 443 | 49388 | 23.254.131.176 | 192.168.0.52 |
| Jan 12, 2022 12:24:33.180727959 CET | 49388 | 443 | 192.168.0.52 | 23.254.131.176 |
| Jan 12, 2022 12:24:33.180857897 CET | 49388 | 443 | 192.168.0.52 | 23.254.131.176 |
| Jan 12, 2022 12:24:33.180874109 CET | 49388 | 443 | 192.168.0.52 | 23.254.131.176 |
| Jan 12, 2022 12:24:33.180879116 CET | 49388 | 443 | 192.168.0.52 | 23.254.131.176 |
| Jan 12, 2022 12:24:33.181005955 CET | 49388 | 443 | 192.168.0.52 | 23.254.131.176 |
| Jan 12, 2022 12:24:33.181808949 CET | 443 | 49388 | 23.254.131.176 | 192.168.0.52 |
| Jan 12, 2022 12:24:33.182022095 CET | 49388 | 443 | 192.168.0.52 | 23.254.131.176 |
| Jan 12, 2022 12:24:33.282469988 CET | 49388 | 443 | 192.168.0.52 | 23.254.131.176 |
| Jan 12, 2022 12:24:33.412158966 CET | 443 | 49388 | 23.254.131.176 | 192.168.0.52 |
| Jan 12, 2022 12:24:33.412329912 CET | 443 | 49388 | 23.254.131.176 | 192.168.0.52 |
| Jan 12, 2022 12:24:33.412571907 CET | 49388 | 443 | 192.168.0.52 | 23.254.131.176 |
| Jan 12, 2022 12:24:33.412847042 CET | 49388 | 443 | 192.168.0.52 | 23.254.131.176 |
| Jan 12, 2022 12:24:33.542476892 CET | 443 | 49388 | 23.254.131.176 | 192.168.0.52 |
| Jan 12, 2022 12:24:33.581893921 CET | 443 | 49388 | 23.254.131.176 | 192.168.0.52 |
| Jan 12, 2022 12:24:33.582132101 CET | 49388 | 443 | 192.168.0.52 | 23.254.131.176 |
| Jan 12, 2022 12:24:33.583276987 CET | 49390 | 443 | 192.168.0.52 | 23.254.131.176 |
| Jan 12, 2022 12:24:33.717467070 CET | 443 | 49390 | 23.254.131.176 | 192.168.0.52 |
| Jan 12, 2022 12:24:33.717742920 CET | 49390 | 443 | 192.168.0.52 | 23.254.131.176 |
| Jan 12, 2022 12:24:33.726124048 CET | 49390 | 443 | 192.168.0.52 | 23.254.131.176 |
| Jan 12, 2022 12:24:33.860353947 CET | 443 | 49390 | 23.254.131.176 | 192.168.0.52 |
| Jan 12, 2022 12:24:33.860770941 CET | 443 | 49390 | 23.254.131.176 | 192.168.0.52 |
| Jan 12, 2022 12:24:33.860887051 CET | 443 | 49390 | 23.254.131.176 | 192.168.0.52 |
| Jan 12, 2022 12:24:33.860903025 CET | 443 | 49390 | 23.254.131.176 | 192.168.0.52 |
| Jan 12, 2022 12:24:33.860918999 CET | 443 | 49390 | 23.254.131.176 | 192.168.0.52 |
| Jan 12, 2022 12:24:33.860991955 CET | 49390 | 443 | 192.168.0.52 | 23.254.131.176 |
| Jan 12, 2022 12:24:33.861160040 CET | 49390 | 443 | 192.168.0.52 | 23.254.131.176 |
| Jan 12, 2022 12:24:33.861251116 CET | 49390 | 443 | 192.168.0.52 | 23.254.131.176 |
| Jan 12, 2022 12:24:33.861259937 CET | 49390 | 443 | 192.168.0.52 | 23.254.131.176 |
| Jan 12, 2022 12:24:33.861265898 CET | 49390 | 443 | 192.168.0.52 | 23.254.131.176 |
| Jan 12, 2022 12:24:33.862267971 CET | 443 | 49390 | 23.254.131.176 | 192.168.0.52 |
| Jan 12, 2022 12:24:33.862412930 CET | 49390 | 443 | 192.168.0.52 | 23.254.131.176 |
| Jan 12, 2022 12:24:33.868345022 CET | 49390 | 443 | 192.168.0.52 | 23.254.131.176 |
| Jan 12, 2022 12:24:34.002494097 CET | 443 | 49390 | 23.254.131.176 | 192.168.0.52 |
| Jan 12, 2022 12:24:34.002696991 CET | 443 | 49390 | 23.254.131.176 | 192.168.0.52 |
| Jan 12, 2022 12:24:34.002965927 CET | 49390 | 443 | 192.168.0.52 | 23.254.131.176 |
| Jan 12, 2022 12:24:34.003237009 CET | 49390 | 443 | 192.168.0.52 | 23.254.131.176 |
| Jan 12, 2022 12:24:34.137397051 CET | 443 | 49390 | 23.254.131.176 | 192.168.0.52 |
| Jan 12, 2022 12:24:34.177234888 CET | 443 | 49390 | 23.254.131.176 | 192.168.0.52 |
| Jan 12, 2022 12:24:34.177472115 CET | 49390 | 443 | 192.168.0.52 | 23.254.131.176 |
| Jan 12, 2022 12:24:38.583427906 CET | 443 | 49388 | 23.254.131.176 | 192.168.0.52 |
| Jan 12, 2022 12:24:38.583456039 CET | 443 | 49388 | 23.254.131.176 | 192.168.0.52 |
| Jan 12, 2022 12:24:38.583686113 CET | 49388 | 443 | 192.168.0.52 | 23.254.131.176 |
| Jan 12, 2022 12:24:38.583734035 CET | 49388 | 443 | 192.168.0.52 | 23.254.131.176 |
| Jan 12, 2022 12:24:39.179584980 CET | 443 | 49390 | 23.254.131.176 | 192.168.0.52 |
| Jan 12, 2022 12:24:39.179610014 CET | 443 | 49390 | 23.254.131.176 | 192.168.0.52 |
| Jan 12, 2022 12:24:39.179945946 CET | 49390 | 443 | 192.168.0.52 | 23.254.131.176 |
| Jan 12, 2022 12:24:39.180085897 CET | 49390 | 443 | 192.168.0.52 | 23.254.131.176 |
| Jan 12, 2022 12:24:43.596776962 CET | 443 | 49380 | 2.16.12.64 | 192.168.0.52 |
| Jan 12, 2022 12:24:43.596805096 CET | 443 | 49380 | 2.16.12.64 | 192.168.0.52 |
| Jan 12, 2022 12:24:43.597165108 CET | 49380 | 443 | 192.168.0.52 | 2.16.12.64 |
| Jan 12, 2022 12:24:43.597738981 CET | 49380 | 443 | 192.168.0.52 | 2.16.12.64 |
| Jan 12, 2022 12:24:43.598381996 CET | 49380 | 443 | 192.168.0.52 | 2.16.12.64 |
| Jan 12, 2022 12:24:43.606230974 CET | 443 | 49380 | 2.16.12.64 | 192.168.0.52 |
| Jan 12, 2022 12:24:43.606744051 CET | 443 | 49380 | 2.16.12.64 | 192.168.0.52 |
| Jan 12, 2022 12:24:43.722596884 CET | 443 | 49382 | 23.203.78.159 | 192.168.0.52 |
| Jan 12, 2022 12:24:43.722623110 CET | 443 | 49382 | 23.203.78.159 | 192.168.0.52 |
| Jan 12, 2022 12:24:43.722918034 CET | 49382 | 443 | 192.168.0.52 | 23.203.78.159 |
| Jan 12, 2022 12:24:43.723048925 CET | 49382 | 443 | 192.168.0.52 | 23.203.78.159 |
| Jan 12, 2022 12:24:43.723596096 CET | 49382 | 443 | 192.168.0.52 | 23.203.78.159 |
| Jan 12, 2022 12:24:43.724293947 CET | 49382 | 443 | 192.168.0.52 | 23.203.78.159 |
| Jan 12, 2022 12:24:43.734014034 CET | 443 | 49382 | 23.203.78.159 | 192.168.0.52 |
| Jan 12, 2022 12:24:43.734792948 CET | 443 | 49382 | 23.203.78.159 | 192.168.0.52 |
| Jan 12, 2022 12:24:46.033637047 CET | 49376 | 443 | 192.168.0.52 | 17.248.145.233 |
| Jan 12, 2022 12:24:46.035135984 CET | 49376 | 443 | 192.168.0.52 | 17.248.145.233 |
| Jan 12, 2022 12:24:46.042377949 CET | 443 | 49376 | 17.248.145.233 | 192.168.0.52 |
| Jan 12, 2022 12:24:46.042404890 CET | 443 | 49376 | 17.248.145.233 | 192.168.0.52 |
| Jan 12, 2022 12:24:46.042738914 CET | 49376 | 443 | 192.168.0.52 | 17.248.145.233 |
| Jan 12, 2022 12:24:46.043585062 CET | 443 | 49376 | 17.248.145.233 | 192.168.0.52 |
| Jan 12, 2022 12:25:01.179893970 CET | 49391 | 443 | 192.168.0.52 | 23.254.131.176 |
| Jan 12, 2022 12:25:01.311676025 CET | 443 | 49391 | 23.254.131.176 | 192.168.0.52 |
| Jan 12, 2022 12:25:01.312136889 CET | 49391 | 443 | 192.168.0.52 | 23.254.131.176 |
| Jan 12, 2022 12:25:01.320502996 CET | 49391 | 443 | 192.168.0.52 | 23.254.131.176 |
| Jan 12, 2022 12:25:01.452182055 CET | 443 | 49391 | 23.254.131.176 | 192.168.0.52 |
| Jan 12, 2022 12:25:01.452580929 CET | 443 | 49391 | 23.254.131.176 | 192.168.0.52 |
| Jan 12, 2022 12:25:01.452701092 CET | 443 | 49391 | 23.254.131.176 | 192.168.0.52 |
| Jan 12, 2022 12:25:01.452718973 CET | 443 | 49391 | 23.254.131.176 | 192.168.0.52 |
| Jan 12, 2022 12:25:01.452733994 CET | 443 | 49391 | 23.254.131.176 | 192.168.0.52 |
| Jan 12, 2022 12:25:01.453093052 CET | 49391 | 443 | 192.168.0.52 | 23.254.131.176 |
| Jan 12, 2022 12:25:01.453130960 CET | 49391 | 443 | 192.168.0.52 | 23.254.131.176 |
| Jan 12, 2022 12:25:01.453138113 CET | 49391 | 443 | 192.168.0.52 | 23.254.131.176 |
| Jan 12, 2022 12:25:01.453142881 CET | 49391 | 443 | 192.168.0.52 | 23.254.131.176 |
| Jan 12, 2022 12:25:01.453252077 CET | 49391 | 443 | 192.168.0.52 | 23.254.131.176 |
| Jan 12, 2022 12:25:01.454189062 CET | 443 | 49391 | 23.254.131.176 | 192.168.0.52 |
| Jan 12, 2022 12:25:01.454626083 CET | 49391 | 443 | 192.168.0.52 | 23.254.131.176 |
| Jan 12, 2022 12:25:01.472460985 CET | 49391 | 443 | 192.168.0.52 | 23.254.131.176 |
| Jan 12, 2022 12:25:01.604696989 CET | 443 | 49391 | 23.254.131.176 | 192.168.0.52 |
| Jan 12, 2022 12:25:01.604720116 CET | 443 | 49391 | 23.254.131.176 | 192.168.0.52 |
| Jan 12, 2022 12:25:01.605209112 CET | 49391 | 443 | 192.168.0.52 | 23.254.131.176 |
| Jan 12, 2022 12:25:01.605523109 CET | 49391 | 443 | 192.168.0.52 | 23.254.131.176 |
| Jan 12, 2022 12:25:01.737090111 CET | 443 | 49391 | 23.254.131.176 | 192.168.0.52 |
| Jan 12, 2022 12:25:01.777184963 CET | 443 | 49391 | 23.254.131.176 | 192.168.0.52 |
| Jan 12, 2022 12:25:01.777442932 CET | 49391 | 443 | 192.168.0.52 | 23.254.131.176 |
| Jan 12, 2022 12:25:06.781450033 CET | 443 | 49391 | 23.254.131.176 | 192.168.0.52 |
| Jan 12, 2022 12:25:06.781478882 CET | 443 | 49391 | 23.254.131.176 | 192.168.0.52 |
| Jan 12, 2022 12:25:06.781989098 CET | 49391 | 443 | 192.168.0.52 | 23.254.131.176 |
| Jan 12, 2022 12:25:06.782026052 CET | 49391 | 443 | 192.168.0.52 | 23.254.131.176 |
| Jan 12, 2022 12:25:25.788510084 CET | 49392 | 443 | 192.168.0.52 | 23.254.131.176 |
| Jan 12, 2022 12:25:25.922662020 CET | 443 | 49392 | 23.254.131.176 | 192.168.0.52 |
| Jan 12, 2022 12:25:25.923172951 CET | 49392 | 443 | 192.168.0.52 | 23.254.131.176 |
| Jan 12, 2022 12:25:25.931626081 CET | 49392 | 443 | 192.168.0.52 | 23.254.131.176 |
| Jan 12, 2022 12:25:26.065751076 CET | 443 | 49392 | 23.254.131.176 | 192.168.0.52 |
| Jan 12, 2022 12:25:26.066400051 CET | 443 | 49392 | 23.254.131.176 | 192.168.0.52 |
| Jan 12, 2022 12:25:26.066498041 CET | 443 | 49392 | 23.254.131.176 | 192.168.0.52 |
| Jan 12, 2022 12:25:26.066508055 CET | 443 | 49392 | 23.254.131.176 | 192.168.0.52 |
| Jan 12, 2022 12:25:26.066577911 CET | 443 | 49392 | 23.254.131.176 | 192.168.0.52 |
| Jan 12, 2022 12:25:26.066654921 CET | 49392 | 443 | 192.168.0.52 | 23.254.131.176 |
| Jan 12, 2022 12:25:26.066800117 CET | 49392 | 443 | 192.168.0.52 | 23.254.131.176 |
| Jan 12, 2022 12:25:26.066814899 CET | 49392 | 443 | 192.168.0.52 | 23.254.131.176 |
| Jan 12, 2022 12:25:26.066819906 CET | 49392 | 443 | 192.168.0.52 | 23.254.131.176 |
| Jan 12, 2022 12:25:26.066894054 CET | 49392 | 443 | 192.168.0.52 | 23.254.131.176 |
| Jan 12, 2022 12:25:26.068794012 CET | 443 | 49392 | 23.254.131.176 | 192.168.0.52 |
| Jan 12, 2022 12:25:26.068969965 CET | 49392 | 443 | 192.168.0.52 | 23.254.131.176 |
| Jan 12, 2022 12:25:26.082593918 CET | 49392 | 443 | 192.168.0.52 | 23.254.131.176 |
| Jan 12, 2022 12:25:26.216708899 CET | 443 | 49392 | 23.254.131.176 | 192.168.0.52 |
| Jan 12, 2022 12:25:26.216901064 CET | 443 | 49392 | 23.254.131.176 | 192.168.0.52 |
| Jan 12, 2022 12:25:26.217175007 CET | 49392 | 443 | 192.168.0.52 | 23.254.131.176 |
| Jan 12, 2022 12:25:26.217459917 CET | 49392 | 443 | 192.168.0.52 | 23.254.131.176 |
| Jan 12, 2022 12:25:26.351445913 CET | 443 | 49392 | 23.254.131.176 | 192.168.0.52 |
| Jan 12, 2022 12:25:26.408926010 CET | 443 | 49392 | 23.254.131.176 | 192.168.0.52 |
| Jan 12, 2022 12:25:26.409413099 CET | 49392 | 443 | 192.168.0.52 | 23.254.131.176 |
| Jan 12, 2022 12:25:31.411506891 CET | 443 | 49392 | 23.254.131.176 | 192.168.0.52 |
| Jan 12, 2022 12:25:31.411520958 CET | 443 | 49392 | 23.254.131.176 | 192.168.0.52 |
| Jan 12, 2022 12:25:31.411855936 CET | 49392 | 443 | 192.168.0.52 | 23.254.131.176 |
| Jan 12, 2022 12:25:31.411900997 CET | 49392 | 443 | 192.168.0.52 | 23.254.131.176 |
| Jan 12, 2022 12:25:54.417444944 CET | 49393 | 443 | 192.168.0.52 | 23.254.131.176 |
| Jan 12, 2022 12:25:54.551661968 CET | 443 | 49393 | 23.254.131.176 | 192.168.0.52 |
| Jan 12, 2022 12:25:54.552176952 CET | 49393 | 443 | 192.168.0.52 | 23.254.131.176 |
| Jan 12, 2022 12:25:54.560523987 CET | 49393 | 443 | 192.168.0.52 | 23.254.131.176 |
| Jan 12, 2022 12:25:54.694726944 CET | 443 | 49393 | 23.254.131.176 | 192.168.0.52 |
| Jan 12, 2022 12:25:54.695301056 CET | 443 | 49393 | 23.254.131.176 | 192.168.0.52 |
| Jan 12, 2022 12:25:54.695414066 CET | 443 | 49393 | 23.254.131.176 | 192.168.0.52 |
| Jan 12, 2022 12:25:54.695431948 CET | 443 | 49393 | 23.254.131.176 | 192.168.0.52 |
| Jan 12, 2022 12:25:54.695493937 CET | 443 | 49393 | 23.254.131.176 | 192.168.0.52 |
| Jan 12, 2022 12:25:54.695883036 CET | 49393 | 443 | 192.168.0.52 | 23.254.131.176 |
| Jan 12, 2022 12:25:54.695919991 CET | 49393 | 443 | 192.168.0.52 | 23.254.131.176 |
| Jan 12, 2022 12:25:54.695926905 CET | 49393 | 443 | 192.168.0.52 | 23.254.131.176 |
| Jan 12, 2022 12:25:54.695931911 CET | 49393 | 443 | 192.168.0.52 | 23.254.131.176 |
| Jan 12, 2022 12:25:54.696100950 CET | 49393 | 443 | 192.168.0.52 | 23.254.131.176 |
| Jan 12, 2022 12:25:54.697247028 CET | 443 | 49393 | 23.254.131.176 | 192.168.0.52 |
| Jan 12, 2022 12:25:54.697715998 CET | 49393 | 443 | 192.168.0.52 | 23.254.131.176 |
| Jan 12, 2022 12:25:54.757287979 CET | 49393 | 443 | 192.168.0.52 | 23.254.131.176 |
| Jan 12, 2022 12:25:54.891419888 CET | 443 | 49393 | 23.254.131.176 | 192.168.0.52 |
| Jan 12, 2022 12:25:54.891525984 CET | 443 | 49393 | 23.254.131.176 | 192.168.0.52 |
| Jan 12, 2022 12:25:54.891928911 CET | 49393 | 443 | 192.168.0.52 | 23.254.131.176 |
| Jan 12, 2022 12:25:54.892199039 CET | 49393 | 443 | 192.168.0.52 | 23.254.131.176 |
| Jan 12, 2022 12:25:55.026298046 CET | 443 | 49393 | 23.254.131.176 | 192.168.0.52 |
| Jan 12, 2022 12:25:55.081299067 CET | 443 | 49393 | 23.254.131.176 | 192.168.0.52 |
| Jan 12, 2022 12:25:55.081568003 CET | 49393 | 443 | 192.168.0.52 | 23.254.131.176 |
| Jan 12, 2022 12:26:00.086551905 CET | 443 | 49393 | 23.254.131.176 | 192.168.0.52 |
| Jan 12, 2022 12:26:00.086580992 CET | 443 | 49393 | 23.254.131.176 | 192.168.0.52 |
| Jan 12, 2022 12:26:00.087068081 CET | 49393 | 443 | 192.168.0.52 | 23.254.131.176 |
| Jan 12, 2022 12:26:00.087115049 CET | 49393 | 443 | 192.168.0.52 | 23.254.131.176 |
| Jan 12, 2022 12:26:19.407533884 CET | 443 | 49383 | 87.248.100.168 | 192.168.0.52 |
| Jan 12, 2022 12:26:19.407562017 CET | 443 | 49383 | 87.248.100.168 | 192.168.0.52 |
| Jan 12, 2022 12:26:19.407849073 CET | 49383 | 443 | 192.168.0.52 | 87.248.100.168 |
| Jan 12, 2022 12:26:19.407938004 CET | 49383 | 443 | 192.168.0.52 | 87.248.100.168 |
| Jan 12, 2022 12:26:19.408190012 CET | 49383 | 443 | 192.168.0.52 | 87.248.100.168 |
| Jan 12, 2022 12:26:19.408323050 CET | 49383 | 443 | 192.168.0.52 | 87.248.100.168 |
| Jan 12, 2022 12:26:19.444021940 CET | 443 | 49383 | 87.248.100.168 | 192.168.0.52 |
| Jan 12, 2022 12:26:19.444050074 CET | 443 | 49383 | 87.248.100.168 | 192.168.0.52 |
| Jan 12, 2022 12:26:23.111180067 CET | 49394 | 443 | 192.168.0.52 | 23.254.131.176 |
| Jan 12, 2022 12:26:23.242961884 CET | 443 | 49394 | 23.254.131.176 | 192.168.0.52 |
| Jan 12, 2022 12:26:23.243464947 CET | 49394 | 443 | 192.168.0.52 | 23.254.131.176 |
| Jan 12, 2022 12:26:23.251816988 CET | 49394 | 443 | 192.168.0.52 | 23.254.131.176 |
| Jan 12, 2022 12:26:23.386234999 CET | 443 | 49394 | 23.254.131.176 | 192.168.0.52 |
| Jan 12, 2022 12:26:23.386276960 CET | 443 | 49394 | 23.254.131.176 | 192.168.0.52 |
| Jan 12, 2022 12:26:23.386295080 CET | 443 | 49394 | 23.254.131.176 | 192.168.0.52 |
| Jan 12, 2022 12:26:23.386374950 CET | 443 | 49394 | 23.254.131.176 | 192.168.0.52 |
| Jan 12, 2022 12:26:23.386390924 CET | 443 | 49394 | 23.254.131.176 | 192.168.0.52 |
| Jan 12, 2022 12:26:23.386751890 CET | 443 | 49394 | 23.254.131.176 | 192.168.0.52 |
| Jan 12, 2022 12:26:23.386790037 CET | 49394 | 443 | 192.168.0.52 | 23.254.131.176 |
| Jan 12, 2022 12:26:23.386833906 CET | 49394 | 443 | 192.168.0.52 | 23.254.131.176 |
| Jan 12, 2022 12:26:23.386841059 CET | 49394 | 443 | 192.168.0.52 | 23.254.131.176 |
| Jan 12, 2022 12:26:23.386846066 CET | 49394 | 443 | 192.168.0.52 | 23.254.131.176 |
| Jan 12, 2022 12:26:23.387013912 CET | 49394 | 443 | 192.168.0.52 | 23.254.131.176 |
| Jan 12, 2022 12:26:23.387028933 CET | 49394 | 443 | 192.168.0.52 | 23.254.131.176 |
| Jan 12, 2022 12:26:23.448168993 CET | 49394 | 443 | 192.168.0.52 | 23.254.131.176 |
| Jan 12, 2022 12:26:23.580516100 CET | 443 | 49394 | 23.254.131.176 | 192.168.0.52 |
| Jan 12, 2022 12:26:23.580545902 CET | 443 | 49394 | 23.254.131.176 | 192.168.0.52 |
| Jan 12, 2022 12:26:23.580984116 CET | 49394 | 443 | 192.168.0.52 | 23.254.131.176 |
| Jan 12, 2022 12:26:23.581298113 CET | 49394 | 443 | 192.168.0.52 | 23.254.131.176 |
| Jan 12, 2022 12:26:23.712938070 CET | 443 | 49394 | 23.254.131.176 | 192.168.0.52 |
| Jan 12, 2022 12:26:23.763300896 CET | 443 | 49394 | 23.254.131.176 | 192.168.0.52 |
| Jan 12, 2022 12:26:23.763818979 CET | 49394 | 443 | 192.168.0.52 | 23.254.131.176 |
| Jan 12, 2022 12:26:28.765085936 CET | 443 | 49394 | 23.254.131.176 | 192.168.0.52 |
| Jan 12, 2022 12:26:28.765110016 CET | 443 | 49394 | 23.254.131.176 | 192.168.0.52 |
| Jan 12, 2022 12:26:28.765657902 CET | 49394 | 443 | 192.168.0.52 | 23.254.131.176 |
| Jan 12, 2022 12:26:28.765702009 CET | 49394 | 443 | 192.168.0.52 | 23.254.131.176 |
UDP Packets |
|---|
| Timestamp | Source Port | Dest Port | Source IP | Dest IP |
|---|---|---|---|---|
| Jan 12, 2022 12:24:32.209127903 CET | 55726 | 53 | 192.168.0.52 | 8.8.8.8 |
| Jan 12, 2022 12:24:32.226963997 CET | 53 | 55726 | 8.8.8.8 | 192.168.0.52 |
| Jan 12, 2022 12:24:32.625469923 CET | 55471 | 53 | 192.168.0.52 | 8.8.8.8 |
| Jan 12, 2022 12:24:32.642790079 CET | 53 | 55471 | 8.8.8.8 | 192.168.0.52 |
| Jan 12, 2022 12:24:32.898838043 CET | 57192 | 53 | 192.168.0.52 | 8.8.8.8 |
| Jan 12, 2022 12:24:32.910195112 CET | 53 | 57192 | 8.8.8.8 | 192.168.0.52 |
| Jan 12, 2022 12:24:33.242552042 CET | 55894 | 53 | 192.168.0.52 | 8.8.8.8 |
| Jan 12, 2022 12:24:33.242594957 CET | 58972 | 53 | 192.168.0.52 | 8.8.8.8 |
| Jan 12, 2022 12:24:33.251610994 CET | 53 | 55894 | 8.8.8.8 | 192.168.0.52 |
| Jan 12, 2022 12:24:33.268779039 CET | 53 | 57518 | 8.8.8.8 | 192.168.0.52 |
| Jan 12, 2022 12:25:25.788453102 CET | 50301 | 53 | 192.168.0.52 | 8.8.8.8 |
| Jan 12, 2022 12:25:25.799916029 CET | 53 | 50301 | 8.8.8.8 | 192.168.0.52 |
| Jan 12, 2022 12:26:23.093640089 CET | 55258 | 53 | 192.168.0.52 | 8.8.8.8 |
| Jan 12, 2022 12:26:23.106601954 CET | 53 | 55258 | 8.8.8.8 | 192.168.0.52 |
| Jan 12, 2022 12:26:26.600526094 CET | 53 | 49168 | 8.8.8.8 | 192.168.0.52 |
DNS Queries |
|---|
| Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class |
|---|---|---|---|---|---|---|---|
| Jan 12, 2022 12:24:32.209127903 CET | 192.168.0.52 | 8.8.8.8 | 0x3e01 | Standard query (0) | A (IP address) | IN (0x0001) | |
| Jan 12, 2022 12:24:32.625469923 CET | 192.168.0.52 | 8.8.8.8 | 0xaa3 | Standard query (0) | A (IP address) | IN (0x0001) | |
| Jan 12, 2022 12:24:32.898838043 CET | 192.168.0.52 | 8.8.8.8 | 0x86a0 | Standard query (0) | A (IP address) | IN (0x0001) | |
| Jan 12, 2022 12:24:33.242552042 CET | 192.168.0.52 | 8.8.8.8 | 0xf38e | Standard query (0) | 65 | IN (0x0001) | |
| Jan 12, 2022 12:24:33.242594957 CET | 192.168.0.52 | 8.8.8.8 | 0xa1a8 | Standard query (0) | A (IP address) | IN (0x0001) | |
| Jan 12, 2022 12:25:25.788453102 CET | 192.168.0.52 | 8.8.8.8 | 0xd9de | Standard query (0) | A (IP address) | IN (0x0001) | |
| Jan 12, 2022 12:26:23.093640089 CET | 192.168.0.52 | 8.8.8.8 | 0x1c6 | Standard query (0) | A (IP address) | IN (0x0001) |
DNS Answers |
|---|
| Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class |
|---|---|---|---|---|---|---|---|---|---|
| Jan 12, 2022 12:24:32.226963997 CET | 8.8.8.8 | 192.168.0.52 | 0x3e01 | No error (0) | 142.250.186.110 | A (IP address) | IN (0x0001) | ||
| Jan 12, 2022 12:24:32.642790079 CET | 8.8.8.8 | 192.168.0.52 | 0xaa3 | No error (0) | googlehosted.l.googleusercontent.com | CNAME (Canonical name) | IN (0x0001) | ||
| Jan 12, 2022 12:24:32.642790079 CET | 8.8.8.8 | 192.168.0.52 | 0xaa3 | No error (0) | 142.250.186.65 | A (IP address) | IN (0x0001) | ||
| Jan 12, 2022 12:24:32.910195112 CET | 8.8.8.8 | 192.168.0.52 | 0x86a0 | No error (0) | 23.254.131.176 | A (IP address) | IN (0x0001) | ||
| Jan 12, 2022 12:24:33.259341955 CET | 8.8.8.8 | 192.168.0.52 | 0xa1a8 | No error (0) | o.lencr.edgesuite.net | CNAME (Canonical name) | IN (0x0001) | ||
| Jan 12, 2022 12:25:25.799916029 CET | 8.8.8.8 | 192.168.0.52 | 0xd9de | No error (0) | 23.254.131.176 | A (IP address) | IN (0x0001) | ||
| Jan 12, 2022 12:26:23.106601954 CET | 8.8.8.8 | 192.168.0.52 | 0x1c6 | No error (0) | 23.254.131.176 | A (IP address) | IN (0x0001) |
HTTPS Packets |
|---|
| Timestamp | Source IP | Source Port | Dest IP | Dest Port | Subject | Issuer | Not Before | Not After | JA3 SSL Client Fingerprint | JA3 SSL Client Digest |
|---|---|---|---|---|---|---|---|---|---|---|
| Jan 12, 2022 12:24:32.274525881 CET | 142.250.186.110 | 443 | 192.168.0.52 | 49386 | CN=*.google.com CN=GTS CA 1C3, O=Google Trust Services LLC, C=US CN=GTS Root R1, O=Google Trust Services LLC, C=US | CN=GTS CA 1C3, O=Google Trust Services LLC, C=US CN=GTS Root R1, O=Google Trust Services LLC, C=US CN=GlobalSign Root CA, OU=Root CA, O=GlobalSign nv-sa, C=BE | Mon Nov 29 03:22:33 CET 2021 Thu Aug 13 02:00:42 CEST 2020 Fri Jun 19 02:00:42 CEST 2020 | Mon Feb 21 03:22:32 CET 2022 Thu Sep 30 02:00:42 CEST 2027 Fri Jan 28 01:00:42 CET 2028 | 771,49200-49196-49192-49188-49172-49162-159-107-57-52393-52392-52394-65413-196-136-129-157-61-53-192-132-49199-49195-49191-49187-49171-49161-158-103-51-190-69-156-60-47-186-65-49169-49159-5-4-49170-49160-22-10-255,0-11-10-13-16,29-23-24,0 | 3faa4ad39f690c4ef1c3160caa375465 |
| CN=GTS CA 1C3, O=Google Trust Services LLC, C=US | CN=GTS Root R1, O=Google Trust Services LLC, C=US | Thu Aug 13 02:00:42 CEST 2020 | Thu Sep 30 02:00:42 CEST 2027 | |||||||
| CN=GTS Root R1, O=Google Trust Services LLC, C=US | CN=GlobalSign Root CA, OU=Root CA, O=GlobalSign nv-sa, C=BE | Fri Jun 19 02:00:42 CEST 2020 | Fri Jan 28 01:00:42 CET 2028 | |||||||
| Jan 12, 2022 12:24:32.683769941 CET | 142.250.186.65 | 443 | 192.168.0.52 | 49387 | CN=*.googleusercontent.com CN=GTS CA 1C3, O=Google Trust Services LLC, C=US CN=GTS Root R1, O=Google Trust Services LLC, C=US | CN=GTS CA 1C3, O=Google Trust Services LLC, C=US CN=GTS Root R1, O=Google Trust Services LLC, C=US CN=GlobalSign Root CA, OU=Root CA, O=GlobalSign nv-sa, C=BE | Mon Nov 29 04:04:39 CET 2021 Thu Aug 13 02:00:42 CEST 2020 Fri Jun 19 02:00:42 CEST 2020 | Mon Feb 21 04:04:38 CET 2022 Thu Sep 30 02:00:42 CEST 2027 Fri Jan 28 01:00:42 CET 2028 | 771,49200-49196-49192-49188-49172-49162-159-107-57-52393-52392-52394-65413-196-136-129-157-61-53-192-132-49199-49195-49191-49187-49171-49161-158-103-51-190-69-156-60-47-186-65-49169-49159-5-4-49170-49160-22-10-255,0-11-10-13-16,29-23-24,0 | 3faa4ad39f690c4ef1c3160caa375465 |
| CN=GTS CA 1C3, O=Google Trust Services LLC, C=US | CN=GTS Root R1, O=Google Trust Services LLC, C=US | Thu Aug 13 02:00:42 CEST 2020 | Thu Sep 30 02:00:42 CEST 2027 | |||||||
| CN=GTS Root R1, O=Google Trust Services LLC, C=US | CN=GlobalSign Root CA, OU=Root CA, O=GlobalSign nv-sa, C=BE | Fri Jun 19 02:00:42 CEST 2020 | Fri Jan 28 01:00:42 CET 2028 | |||||||
| Jan 12, 2022 12:24:33.181808949 CET | 23.254.131.176 | 443 | 192.168.0.52 | 49388 | CN=graphic-updater.com CN=R3, O=Let's Encrypt, C=US CN=ISRG Root X1, O=Internet Security Research Group, C=US | CN=R3, O=Let's Encrypt, C=US CN=ISRG Root X1, O=Internet Security Research Group, C=US CN=DST Root CA X3, O=Digital Signature Trust Co. | Thu Dec 23 11:49:30 CET 2021 Fri Sep 04 02:00:00 CEST 2020 Wed Jan 20 20:14:03 CET 2021 | Wed Mar 23 11:49:29 CET 2022 Mon Sep 15 18:00:00 CEST 2025 Mon Sep 30 20:14:03 CEST 2024 | 771,49200-49196-49192-49188-49172-49162-159-107-57-52393-52392-52394-65413-196-136-129-157-61-53-192-132-49199-49195-49191-49187-49171-49161-158-103-51-190-69-156-60-47-186-65-49169-49159-5-4-49170-49160-22-10-255,0-11-10-13-16,29-23-24,0 | 3faa4ad39f690c4ef1c3160caa375465 |
| CN=R3, O=Let's Encrypt, C=US | CN=ISRG Root X1, O=Internet Security Research Group, C=US | Fri Sep 04 02:00:00 CEST 2020 | Mon Sep 15 18:00:00 CEST 2025 | |||||||
| CN=ISRG Root X1, O=Internet Security Research Group, C=US | CN=DST Root CA X3, O=Digital Signature Trust Co. | Wed Jan 20 20:14:03 CET 2021 | Mon Sep 30 20:14:03 CEST 2024 | |||||||
| Jan 12, 2022 12:24:33.862267971 CET | 23.254.131.176 | 443 | 192.168.0.52 | 49390 | CN=graphic-updater.com CN=R3, O=Let's Encrypt, C=US CN=ISRG Root X1, O=Internet Security Research Group, C=US | CN=R3, O=Let's Encrypt, C=US CN=ISRG Root X1, O=Internet Security Research Group, C=US CN=DST Root CA X3, O=Digital Signature Trust Co. | Thu Dec 23 11:49:30 CET 2021 Fri Sep 04 02:00:00 CEST 2020 Wed Jan 20 20:14:03 CET 2021 | Wed Mar 23 11:49:29 CET 2022 Mon Sep 15 18:00:00 CEST 2025 Mon Sep 30 20:14:03 CEST 2024 | 771,49200-49196-49192-49188-49172-49162-159-107-57-52393-52392-52394-65413-196-136-129-157-61-53-192-132-49199-49195-49191-49187-49171-49161-158-103-51-190-69-156-60-47-186-65-49169-49159-5-4-49170-49160-22-10-255,0-11-10-13-16,29-23-24,0 | 3faa4ad39f690c4ef1c3160caa375465 |
| CN=R3, O=Let's Encrypt, C=US | CN=ISRG Root X1, O=Internet Security Research Group, C=US | Fri Sep 04 02:00:00 CEST 2020 | Mon Sep 15 18:00:00 CEST 2025 | |||||||
| CN=ISRG Root X1, O=Internet Security Research Group, C=US | CN=DST Root CA X3, O=Digital Signature Trust Co. | Wed Jan 20 20:14:03 CET 2021 | Mon Sep 30 20:14:03 CEST 2024 | |||||||
| Jan 12, 2022 12:25:01.454189062 CET | 23.254.131.176 | 443 | 192.168.0.52 | 49391 | CN=graphic-updater.com CN=R3, O=Let's Encrypt, C=US CN=ISRG Root X1, O=Internet Security Research Group, C=US | CN=R3, O=Let's Encrypt, C=US CN=ISRG Root X1, O=Internet Security Research Group, C=US CN=DST Root CA X3, O=Digital Signature Trust Co. | Thu Dec 23 11:49:30 CET 2021 Fri Sep 04 02:00:00 CEST 2020 Wed Jan 20 20:14:03 CET 2021 | Wed Mar 23 11:49:29 CET 2022 Mon Sep 15 18:00:00 CEST 2025 Mon Sep 30 20:14:03 CEST 2024 | 771,49200-49196-49192-49188-49172-49162-159-107-57-52393-52392-52394-65413-196-136-129-157-61-53-192-132-49199-49195-49191-49187-49171-49161-158-103-51-190-69-156-60-47-186-65-49169-49159-5-4-49170-49160-22-10-255,0-11-10-13-16,29-23-24,0 | 3faa4ad39f690c4ef1c3160caa375465 |
| CN=R3, O=Let's Encrypt, C=US | CN=ISRG Root X1, O=Internet Security Research Group, C=US | Fri Sep 04 02:00:00 CEST 2020 | Mon Sep 15 18:00:00 CEST 2025 | |||||||
| CN=ISRG Root X1, O=Internet Security Research Group, C=US | CN=DST Root CA X3, O=Digital Signature Trust Co. | Wed Jan 20 20:14:03 CET 2021 | Mon Sep 30 20:14:03 CEST 2024 | |||||||
| Jan 12, 2022 12:25:26.068794012 CET | 23.254.131.176 | 443 | 192.168.0.52 | 49392 | CN=graphic-updater.com CN=R3, O=Let's Encrypt, C=US CN=ISRG Root X1, O=Internet Security Research Group, C=US | CN=R3, O=Let's Encrypt, C=US CN=ISRG Root X1, O=Internet Security Research Group, C=US CN=DST Root CA X3, O=Digital Signature Trust Co. | Thu Dec 23 11:49:30 CET 2021 Fri Sep 04 02:00:00 CEST 2020 Wed Jan 20 20:14:03 CET 2021 | Wed Mar 23 11:49:29 CET 2022 Mon Sep 15 18:00:00 CEST 2025 Mon Sep 30 20:14:03 CEST 2024 | 771,49200-49196-49192-49188-49172-49162-159-107-57-52393-52392-52394-65413-196-136-129-157-61-53-192-132-49199-49195-49191-49187-49171-49161-158-103-51-190-69-156-60-47-186-65-49169-49159-5-4-49170-49160-22-10-255,0-11-10-13-16,29-23-24,0 | 3faa4ad39f690c4ef1c3160caa375465 |
| CN=R3, O=Let's Encrypt, C=US | CN=ISRG Root X1, O=Internet Security Research Group, C=US | Fri Sep 04 02:00:00 CEST 2020 | Mon Sep 15 18:00:00 CEST 2025 | |||||||
| CN=ISRG Root X1, O=Internet Security Research Group, C=US | CN=DST Root CA X3, O=Digital Signature Trust Co. | Wed Jan 20 20:14:03 CET 2021 | Mon Sep 30 20:14:03 CEST 2024 | |||||||
| Jan 12, 2022 12:25:54.697247028 CET | 23.254.131.176 | 443 | 192.168.0.52 | 49393 | CN=graphic-updater.com CN=R3, O=Let's Encrypt, C=US CN=ISRG Root X1, O=Internet Security Research Group, C=US | CN=R3, O=Let's Encrypt, C=US CN=ISRG Root X1, O=Internet Security Research Group, C=US CN=DST Root CA X3, O=Digital Signature Trust Co. | Thu Dec 23 11:49:30 CET 2021 Fri Sep 04 02:00:00 CEST 2020 Wed Jan 20 20:14:03 CET 2021 | Wed Mar 23 11:49:29 CET 2022 Mon Sep 15 18:00:00 CEST 2025 Mon Sep 30 20:14:03 CEST 2024 | 771,49200-49196-49192-49188-49172-49162-159-107-57-52393-52392-52394-65413-196-136-129-157-61-53-192-132-49199-49195-49191-49187-49171-49161-158-103-51-190-69-156-60-47-186-65-49169-49159-5-4-49170-49160-22-10-255,0-11-10-13-16,29-23-24,0 | 3faa4ad39f690c4ef1c3160caa375465 |
| CN=R3, O=Let's Encrypt, C=US | CN=ISRG Root X1, O=Internet Security Research Group, C=US | Fri Sep 04 02:00:00 CEST 2020 | Mon Sep 15 18:00:00 CEST 2025 | |||||||
| CN=ISRG Root X1, O=Internet Security Research Group, C=US | CN=DST Root CA X3, O=Digital Signature Trust Co. | Wed Jan 20 20:14:03 CET 2021 | Mon Sep 30 20:14:03 CEST 2024 | |||||||
| Jan 12, 2022 12:26:23.386751890 CET | 23.254.131.176 | 443 | 192.168.0.52 | 49394 | CN=graphic-updater.com CN=R3, O=Let's Encrypt, C=US CN=ISRG Root X1, O=Internet Security Research Group, C=US | CN=R3, O=Let's Encrypt, C=US CN=ISRG Root X1, O=Internet Security Research Group, C=US CN=DST Root CA X3, O=Digital Signature Trust Co. | Thu Dec 23 11:49:30 CET 2021 Fri Sep 04 02:00:00 CEST 2020 Wed Jan 20 20:14:03 CET 2021 | Wed Mar 23 11:49:29 CET 2022 Mon Sep 15 18:00:00 CEST 2025 Mon Sep 30 20:14:03 CEST 2024 | 771,49200-49196-49192-49188-49172-49162-159-107-57-52393-52392-52394-65413-196-136-129-157-61-53-192-132-49199-49195-49191-49187-49171-49161-158-103-51-190-69-156-60-47-186-65-49169-49159-5-4-49170-49160-22-10-255,0-11-10-13-16,29-23-24,0 | 3faa4ad39f690c4ef1c3160caa375465 |
| CN=R3, O=Let's Encrypt, C=US | CN=ISRG Root X1, O=Internet Security Research Group, C=US | Fri Sep 04 02:00:00 CEST 2020 | Mon Sep 15 18:00:00 CEST 2025 | |||||||
| CN=ISRG Root X1, O=Internet Security Research Group, C=US | CN=DST Root CA X3, O=Digital Signature Trust Co. | Wed Jan 20 20:14:03 CET 2021 | Mon Sep 30 20:14:03 CEST 2024 |
System Behavior |
|---|
General |
|---|
| Start time: | 12:24:30 |
| Start date: | 12/01/2022 |
| Path: | /Library/Frameworks/Mono.framework/Versions/6.12.0/bin/mono-sgen64 |
| Arguments: | n/a |
| File size: | 4699168 bytes |
| MD5 hash: | 98f65da8c6a62423d3f4cda359f06a87 |
General |
|---|
| Start time: | 12:24:30 |
| Start date: | 12/01/2022 |
| Path: | /usr/bin/sudo |
| Arguments: | /usr/bin/sudo -u drew /Users/drew/Desktop/types-config.ts |
| File size: | 1216576 bytes |
| MD5 hash: | f21c2a2dc106642f7c38801e121c8c86 |
General |
|---|
| Start time: | 12:24:30 |
| Start date: | 12/01/2022 |
| Path: | /usr/bin/sudo |
| Arguments: | n/a |
| File size: | 1216576 bytes |
| MD5 hash: | f21c2a2dc106642f7c38801e121c8c86 |
General |
|---|
| Start time: | 12:24:30 |
| Start date: | 12/01/2022 |
| Path: | /Users/drew/Desktop/types-config.ts |
| Arguments: | /Users/drew/Desktop/types-config.ts |
| File size: | 360176 bytes |
| MD5 hash: | e06e06752509f9cd8bc85aa1aa24dba2 |
General |
|---|
| Start time: | 12:24:30 |
| Start date: | 12/01/2022 |
| Path: | /bin/sh |
| Arguments: | n/a |
| File size: | 120912 bytes |
| MD5 hash: | 8356936fbf1eeb3548896b9206a685a0 |
General |
|---|
| Start time: | 12:24:30 |
| Start date: | 12/01/2022 |
| Path: | /bin/bash |
| Arguments: | sh -c whoami |
| File size: | 1296704 bytes |
| MD5 hash: | c1edb59ec6a40884fc3c4e201d31b1d5 |
General |
|---|
| Start time: | 12:24:30 |
| Start date: | 12/01/2022 |
| Path: | /usr/bin/whoami |
| Arguments: | whoami |
| File size: | 121616 bytes |
| MD5 hash: | a7145a94a0b3935eed99abc716a33989 |
General |
|---|
| Start time: | 12:24:30 |
| Start date: | 12/01/2022 |
| Path: | /bin/sh |
| Arguments: | n/a |
| File size: | 120912 bytes |
| MD5 hash: | 8356936fbf1eeb3548896b9206a685a0 |
General |
|---|
| Start time: | 12:24:30 |
| Start date: | 12/01/2022 |
| Path: | /bin/bash |
| Arguments: | sh -c cp '/Users/drew/Desktop/types-config.ts' '/Users/drew/Library/MacOsServices/updateMacOs' |
| File size: | 1296704 bytes |
| MD5 hash: | c1edb59ec6a40884fc3c4e201d31b1d5 |
General |
|---|
| Start time: | 12:24:30 |
| Start date: | 12/01/2022 |
| Path: | /bin/cp |
| Arguments: | cp /Users/drew/Desktop/types-config.ts /Users/drew/Library/MacOsServices/updateMacOs |
| File size: | 123264 bytes |
| MD5 hash: | 9007c6e0352122c17fbcea99739b716e |
General |
|---|
| Start time: | 12:24:30 |
| Start date: | 12/01/2022 |
| Path: | /bin/sh |
| Arguments: | n/a |
| File size: | 120912 bytes |
| MD5 hash: | 8356936fbf1eeb3548896b9206a685a0 |
General |
|---|
| Start time: | 12:24:30 |
| Start date: | 12/01/2022 |
| Path: | /bin/bash |
| Arguments: | sh -c nohup '/Users/drew/Library/MacOsServices/updateMacOs' >/dev/null 2>&1 & |
| File size: | 1296704 bytes |
| MD5 hash: | c1edb59ec6a40884fc3c4e201d31b1d5 |
General |
|---|
| Start time: | 12:24:31 |
| Start date: | 12/01/2022 |
| Path: | /bin/bash |
| Arguments: | n/a |
| File size: | 1296704 bytes |
| MD5 hash: | c1edb59ec6a40884fc3c4e201d31b1d5 |
General |
|---|
| Start time: | 12:24:31 |
| Start date: | 12/01/2022 |
| Path: | /usr/bin/nohup |
| Arguments: | nohup /Users/drew/Library/MacOsServices/updateMacOs |
| File size: | 121168 bytes |
| MD5 hash: | e702c2d1c6eb0f386453aaa563b2380b |
General |
|---|
| Start time: | 12:24:31 |
| Start date: | 12/01/2022 |
| Path: | /Users/drew/Library/MacOsServices/updateMacOs |
| Arguments: | /Users/drew/Library/MacOsServices/updateMacOs |
| File size: | 360176 bytes |
| MD5 hash: | e06e06752509f9cd8bc85aa1aa24dba2 |
General |
|---|
| Start time: | 12:24:31 |
| Start date: | 12/01/2022 |
| Path: | /bin/sh |
| Arguments: | n/a |
| File size: | 120912 bytes |
| MD5 hash: | 8356936fbf1eeb3548896b9206a685a0 |
General |
|---|
| Start time: | 12:24:31 |
| Start date: | 12/01/2022 |
| Path: | /bin/bash |
| Arguments: | sh -c whoami |
| File size: | 1296704 bytes |
| MD5 hash: | c1edb59ec6a40884fc3c4e201d31b1d5 |
General |
|---|
| Start time: | 12:24:31 |
| Start date: | 12/01/2022 |
| Path: | /usr/bin/whoami |
| Arguments: | whoami |
| File size: | 121616 bytes |
| MD5 hash: | a7145a94a0b3935eed99abc716a33989 |