Source: ot-test-app |
ReversingLabs: Detection: 18% |
Source: unknown |
HTTPS traffic detected: 151.101.67.6:443 -> 192.168.11.12:49352 version: TLS 1.2 |
Source: unknown |
HTTPS traffic detected: 151.101.195.6:443 -> 192.168.11.12:49371 version: TLS 1.2 |
Source: unknown |
HTTPS traffic detected: 151.101.195.6:443 -> 192.168.11.12:49373 version: TLS 1.2 |
Source: unknown |
HTTPS traffic detected: 151.101.195.6:443 -> 192.168.11.12:49382 version: TLS 1.2 |
Source: unknown |
HTTPS traffic detected: 151.101.195.6:443 -> 192.168.11.12:49388 version: TLS 1.2 |
Source: unknown |
HTTPS traffic detected: 151.101.195.8:443 -> 192.168.11.12:49389 version: TLS 1.2 |
Source: unknown |
HTTPS traffic detected: 151.101.195.6:443 -> 192.168.11.12:49390 version: TLS 1.2 |
Source: unknown |
HTTPS traffic detected: 151.101.195.6:443 -> 192.168.11.12:49392 version: TLS 1.2 |
Source: unknown |
HTTPS traffic detected: 151.101.195.6:443 -> 192.168.11.12:49394 version: TLS 1.2 |
Source: unknown |
HTTPS traffic detected: 151.101.195.8:443 -> 192.168.11.12:49398 version: TLS 1.2 |
Source: unknown |
HTTPS traffic detected: 151.101.195.8:443 -> 192.168.11.12:49399 version: TLS 1.2 |
Source: unknown |
HTTPS traffic detected: 151.101.195.6:443 -> 192.168.11.12:49400 version: TLS 1.2 |
Source: unknown |
HTTPS traffic detected: 151.101.195.6:443 -> 192.168.11.12:49401 version: TLS 1.2 |
Source: unknown |
HTTPS traffic detected: 151.101.195.6:443 -> 192.168.11.12:49402 version: TLS 1.2 |
Source: unknown |
HTTPS traffic detected: 151.101.195.6:443 -> 192.168.11.12:49403 version: TLS 1.2 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 17.248.193.20 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 17.248.193.20 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 17.248.193.20 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 17.248.193.20 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 17.248.193.20 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 17.248.193.20 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 17.248.193.20 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 17.248.193.20 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 17.248.193.20 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 17.248.193.20 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 17.248.193.20 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 17.248.193.20 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 17.248.193.20 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 17.248.193.20 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 17.248.193.17 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 17.248.193.17 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 17.248.193.17 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 17.253.83.202 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 17.253.83.202 |
Source: unknown |
UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown |
UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown |
UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: global traffic |
HTTP traffic detected: GET /2021/mobileassets/041-40471/B96AF6E1-5FF6-4786-9956-944A1AFE086A/com_apple_MobileAsset_KextDenyList/404087a7302927411b6ea0e05114d2c68355185e.zip HTTP/1.1Host: updates.cdn-apple.comAccept: */*Accept-Language: en-usConnection: keep-aliveAccept-Encoding: br, gzip, deflateUser-Agent: mobileassetd (unknown version) CFNetwork/976 Darwin/18.2.0 (x86_64) |
Source: global traffic |
HTTP traffic detected: GET /2024/patches/052-54451/D609556E-69B1-482E-9C33-B2E3510A1311/com_apple_MobileAsset_TimeZoneUpdate/c5a4d0df08e8faecf4faebbbadc4d96a07d9d990.zip HTTP/1.1Host: updates.cdn-apple.comAccept: */*Accept-Language: en-usConnection: keep-aliveAccept-Encoding: br, gzip, deflateUser-Agent: mobileassetd (unknown version) CFNetwork/976 Darwin/18.2.0 (x86_64) |
Source: global traffic |
HTTP traffic detected: GET /2023/patches/042-18019/79402820-170F-4A67-A67F-50C95CD0F3AF/com_apple_MobileAsset_CoreSuggestions/49a5a08d2aad413f10ff536f3b9897a87faac692.zip HTTP/1.1Host: updates.cdn-apple.comAccept: */*Accept-Language: en-usConnection: keep-aliveAccept-Encoding: br, gzip, deflateUser-Agent: mobileassetd (unknown version) CFNetwork/976 Darwin/18.2.0 (x86_64) |
Source: unknown |
DNS traffic detected: queries for: apis.apple.map.fastly.net |
Source: unknown |
Network traffic detected: HTTP traffic on port 49351 -> 443 |
Source: unknown |
Network traffic detected: HTTP traffic on port 49399 -> 443 |
Source: unknown |
Network traffic detected: HTTP traffic on port 443 -> 49403 |
Source: unknown |
Network traffic detected: HTTP traffic on port 443 -> 49347 |
Source: unknown |
Network traffic detected: HTTP traffic on port 443 -> 49402 |
Source: unknown |
Network traffic detected: HTTP traffic on port 443 -> 49401 |
Source: unknown |
Network traffic detected: HTTP traffic on port 443 -> 49389 |
Source: unknown |
Network traffic detected: HTTP traffic on port 443 -> 49400 |
Source: unknown |
Network traffic detected: HTTP traffic on port 443 -> 49388 |
Source: unknown |
Network traffic detected: HTTP traffic on port 443 -> 49382 |
Source: unknown |
Network traffic detected: HTTP traffic on port 49388 -> 443 |
Source: unknown |
Network traffic detected: HTTP traffic on port 49401 -> 443 |
Source: unknown |
Network traffic detected: HTTP traffic on port 49403 -> 443 |
Source: unknown |
Network traffic detected: HTTP traffic on port 49382 -> 443 |
Source: unknown |
Network traffic detected: HTTP traffic on port 49352 -> 443 |
Source: unknown |
Network traffic detected: HTTP traffic on port 49327 -> 443 |
Source: unknown |
Network traffic detected: HTTP traffic on port 49398 -> 443 |
Source: unknown |
Network traffic detected: HTTP traffic on port 443 -> 49399 |
Source: unknown |
Network traffic detected: HTTP traffic on port 443 -> 49398 |
Source: unknown |
Network traffic detected: HTTP traffic on port 443 -> 49352 |
Source: unknown |
Network traffic detected: HTTP traffic on port 443 -> 49351 |
Source: unknown |
Network traffic detected: HTTP traffic on port 443 -> 49373 |
Source: unknown |
Network traffic detected: HTTP traffic on port 49394 -> 443 |
Source: unknown |
Network traffic detected: HTTP traffic on port 443 -> 49394 |
Source: unknown |
Network traffic detected: HTTP traffic on port 443 -> 49371 |
Source: unknown |
Network traffic detected: HTTP traffic on port 443 -> 49392 |
Source: unknown |
Network traffic detected: HTTP traffic on port 443 -> 49390 |
Source: unknown |
Network traffic detected: HTTP traffic on port 49371 -> 443 |
Source: unknown |
Network traffic detected: HTTP traffic on port 49392 -> 443 |
Source: unknown |
Network traffic detected: HTTP traffic on port 49373 -> 443 |
Source: unknown |
Network traffic detected: HTTP traffic on port 49390 -> 443 |
Source: unknown |
Network traffic detected: HTTP traffic on port 49389 -> 443 |
Source: unknown |
Network traffic detected: HTTP traffic on port 49400 -> 443 |
Source: unknown |
Network traffic detected: HTTP traffic on port 49402 -> 443 |
Source: unknown |
Network traffic detected: HTTP traffic on port 49347 -> 443 |
Source: unknown |
Network traffic detected: HTTP traffic on port 443 -> 49327 |
Source: unknown |
HTTPS traffic detected: 151.101.67.6:443 -> 192.168.11.12:49352 version: TLS 1.2 |
Source: unknown |
HTTPS traffic detected: 151.101.195.6:443 -> 192.168.11.12:49371 version: TLS 1.2 |
Source: unknown |
HTTPS traffic detected: 151.101.195.6:443 -> 192.168.11.12:49373 version: TLS 1.2 |
Source: unknown |
HTTPS traffic detected: 151.101.195.6:443 -> 192.168.11.12:49382 version: TLS 1.2 |
Source: unknown |
HTTPS traffic detected: 151.101.195.6:443 -> 192.168.11.12:49388 version: TLS 1.2 |
Source: unknown |
HTTPS traffic detected: 151.101.195.8:443 -> 192.168.11.12:49389 version: TLS 1.2 |
Source: unknown |
HTTPS traffic detected: 151.101.195.6:443 -> 192.168.11.12:49390 version: TLS 1.2 |
Source: unknown |
HTTPS traffic detected: 151.101.195.6:443 -> 192.168.11.12:49392 version: TLS 1.2 |
Source: unknown |
HTTPS traffic detected: 151.101.195.6:443 -> 192.168.11.12:49394 version: TLS 1.2 |
Source: unknown |
HTTPS traffic detected: 151.101.195.8:443 -> 192.168.11.12:49398 version: TLS 1.2 |
Source: unknown |
HTTPS traffic detected: 151.101.195.8:443 -> 192.168.11.12:49399 version: TLS 1.2 |
Source: unknown |
HTTPS traffic detected: 151.101.195.6:443 -> 192.168.11.12:49400 version: TLS 1.2 |
Source: unknown |
HTTPS traffic detected: 151.101.195.6:443 -> 192.168.11.12:49401 version: TLS 1.2 |
Source: unknown |
HTTPS traffic detected: 151.101.195.6:443 -> 192.168.11.12:49402 version: TLS 1.2 |
Source: unknown |
HTTPS traffic detected: 151.101.195.6:443 -> 192.168.11.12:49403 version: TLS 1.2 |
Source: classification engine |
Classification label: mal48.mac@0/0@3/0 |
Source: submission: ot-test-app |
Mach-O header: load_dylib -> /System/Library/Frameworks/IOKit.framework/Versions/A/IOKit |
Source: submission: ot-test-app |
Mach-O header: load_dylib -> /System/Library/Frameworks/Security.framework/Versions/A/Security |
Source: submission: ot-test-app |
Mach-O header: load_dylib -> /System/Library/Frameworks/SystemConfiguration.framework/Versions/A/SystemConfiguration |
Source: /usr/libexec/firmwarecheckers/eficheck/eficheck (PID: 638) |
Random device file read: /dev/random |
Jump to behavior |