Files
File Path
|
Type
|
Category
|
Malicious
|
|
---|---|---|---|---|
Jacqueline_Dinsmore.pdf
|
PDF document, version 1.4, 0 pages
|
initial sample
|
||
/dev/null
|
ASCII text, with very long lines (412)
|
dropped
|
Processes
Path
|
Cmdline
|
Malicious
|
|
---|---|---|---|
/usr/libexec/xpcproxy
|
-
|
||
/usr/libexec/nsurlstoraged
|
/usr/libexec/nsurlstoraged --privileged
|
||
/Library/Frameworks/Mono.framework/Versions/4.4.2/bin/mono-sgen32
|
-
|
||
/usr/bin/open
|
/usr/bin/open /Users/bernard/Desktop/Jacqueline_Dinsmore.pdf
|
||
/usr/libexec/xpcproxy
|
-
|
||
/Applications/Preview.app/Contents/MacOS/Preview
|
/Applications/Preview.app/Contents/MacOS/Preview
|
||
/usr/libexec/xpcproxy
|
-
|
||
/usr/libexec/firmwarecheckers/eficheck/eficheck
|
/usr/libexec/firmwarecheckers/eficheck/eficheck --integrity-check-daemon
|
Domains
Name
|
IP
|
Malicious
|
|
---|---|---|---|
h3.apis.apple.map.fastly.net
|
151.101.3.6
|
IPs
IP
|
Domain
|
Country
|
Malicious
|
|
---|---|---|---|---|
104.76.101.13
|
unknown
|
United States
|
||
151.101.3.6
|
h3.apis.apple.map.fastly.net
|
United States
|
||
151.101.195.6
|
unknown
|
United States
|