{ "type": "URL", "indicator": "https://sites.google.drive", "general": { "sections": [ "general", "url_list", "http_scans", "screenshot" ], "indicator": "https://sites.google.drive", "type": "url", "type_title": "URL", "validation": [], "base_indicator": { "id": 2729477306, "indicator": "https://sites.google.drive", "type": "URL", "title": "", "description": "", "content": "", "access_type": "public", "access_reason": "" }, "pulse_info": { "count": 4, "pulses": [ { "id": "69e9cd25393e970647c8678e", "name": "[Jane\u2019s Apple iPhone 12 is claimed dead] Credit by ravescoutllc [clone]", "description": "", "modified": "2026-05-24T03:39:11.660000", "created": "2026-04-23T07:41:25.872000", "tags": [ "idle", "deferred", "important", "unknown", "dock", "uisupport", "freezer", "fgsupport", "audio", "driverkit", "runner", "critical", "s0x0180", "s0x01a1", "s0x01a4", "c0x03", "s0x0401", "s0x0402", "s0x0507", "s0x0524", "s0x052a", "s0x060b", "networkappid", "user uid", "prsna pid", "ppid f", "mem pri", "ni vsz", "rss wchan", "tt stat", "started time", "command root", "memgraph", "path to", "dump file", "csstore viewer", "night shift", "status", "daystarthour", "daystartminute", "nightstarthour", "version", "sunsetsunrise", "mach virtual", "memory", "devdisk1s1", "privatevar", "calls", "number", "file defrag", "metadata", "write", "object cache", "fx defrag", "vnopallocate", "vnopblktooff", "vnopblockmap", "meta", "stats", "ckkstlkshare", "cliquestatusin", "sha256", "autounlock", "home", "backstop", "passwords", "applepay", "manatee", "wifi", "a w0", "device", "shared ipad", "appleaopinput", "code0", "userinfo", "fpck", "completed", "current network", "ipv6", "awdl", "security", "legacy wifi", "ipv4", "count", "interval", "timestamp name", "open", "nonpsc", "active", "not associated", "noop", "interface", "scan results", "duration result", "description", "congested wifi", "channel", "current channel", "ht40", "networks", "i en0", "paired", "connected", "status power", "mac address", "f5 discoverable", "scanning", "onetouch tb1x", "address", "airport sync", "airport network", "rave scout", "salman", "scout iphone", "guest agrp", "guest mdat", "items", "begin", "begin wifi", "end wifi", "collect", "dump", "end corecapture", "logs", "begin device", "end device", "method", "supported", "status mac", "op mode", "bssid", "tx rate", "mbps security", "phy mode", "mcs index", "guard period", "errors summary", "report guard", "scan psf", "period ranges", "aw errors", "summary", "ap stats", "ap status", "period", "status primary", "wwan", "disabled awdl", "status ipv6", "mode", "off awdl", "auto", "discovery", "disabled", "could", "cfnetwork", "dns server", "ping lan", "resolve dns", "ping wan", "rbentitlements", "osservice", "background", "invalidate", "xpcservice", "rbstagattribute", "rbassertion", "transientstate", "7529", "8030", "keepalive", "4372", "5760", "8181", "10058", "lockscreen", "test", "trace", "9872", "ckavmediaobject", "iiolaunchinfo", "ckmediaobject", "mxvolumelimiton", "swqwerty", "swemoji", "height", "width", "name", "pixelformattype", "index", "isobase", "sensorheight", "sensorwidth", "aemaxgain", "sensorcropwidth", "formats", "flash", "default filters", "candidate", "enforcing size", "limit", "mb on", "added", "done enforcing", "size limit", "file", "filters", "max size", "duplicate file", "file past", "beginswith", "endswith", "longhang", "excresource", "analytics", "predicate", "predicate not", "matches", "not self", "contains", "e5a2a", "ca156", "dc789", "b1a67", "e7e17", "e2175", "c63d2", "c453c", "cd7d4", "e0fe6", "plist", "dict", "integer", "doctype", "public", "appledtd plist", "ckperboottasks", "array", "ckstartuptime", "optimizestorage", "recorder", "player", "editor", "citymd", "manager", "student", "cleaner", "booster", "smart", "languages", "applelocale" ], "references": [ "jetsam_priority.txt", "tailspin-info.txt", "ps.txt", "oslog_archive_error.log", "README.txt", "night-shift.log", "vm_stat.txt", "mount.txt", "apfs_stats.txt", "ckksctl_status.txt", "ioreg_task_failures.txt", "transparency-sysdiagnose_stderr.txt", "fileproviderctl_task_failures.txt", "spindump_stderr.txt", "taskinfo_stderr.txt", "rmdinspect_stderr.txt", "ModelCatalog_task_failures.txt", "afktool_stderr.txt", "jetsam_priority_stderr.txt", "microstackshots_errors.txt", "AppleTypeCRetimerLogs_task_failures.txt", "ioreg_stderr.txt", "spindump_nosym_errors.txt", "codecctl_stderr.txt", "srsupporttool_stderr.txt", "fileproviderctl_stderr.txt", "suggest_tool_stderr.txt", "mobilewifitool.txt", "com.apple.wifi.syncable-networks.legacy.plist", "diagnostics-configuration.txt", "wifi_scan_cache.txt", "wifi_datapath-PRE.txt", "3bars.txt", "diagnostics-environment.txt", "arp.txt", "netstat-POST.txt", "bluetooth_status.txt", "security.txt", "debug-log.txt", "wifi_status.txt", "netstat-PRE.txt", "leaky_ap_stats.txt", "wifi_datapath-POST.txt", "wifi_logarchive.log", "com.apple.wifi.recent-networks.json", "network_status.txt", "com.apple.wifi.syncable-networks.plist", "ifconfig.txt", "awdl_status.txt", "wifi_scan.txt", "diagnostics-connectivity.txt", "BASEBAND_TS_TRIGGER.log", "Accounts.log", "CoreCapture.log", "appinstallation.log", "FindMyDevice.log", "AlishaLogs.log", "atcrtcomm.log", "Accessibility.log", "CMCaptureTailspins.log", "NanoPreferencesSync.log", "MCUCoreDumps.log", "AppSupport.log", "RecentHangTracerTailspins.log", "DataMigration.log", "BatteryUIPlist.log", "BatteryHealth.log", "UARPEndpointPacketCaptures.log", "time-sensitive-stackshot.log", "OTAUpdateLogs.log", "MobileKeybagLogs.log", "cts.log", "SensorKit.log", "CacheDeleteHistory.log", "CloudKitBookmarks.log", "MobileBackup.log", "AccessibilityPrefs.log", "WatchConnectivity.log", "Frametracer.log", "LogStreamFilter.log", "Panics.log", "OSEligibility.log", "process_proxied_device_logs.log", "Harmony.log", "CalendarPreferences.log", "Sentry.log", "MediaserverdBlockageTailspins.log", "MobileStoreDemo.log", "coremediacapture-afdebug.log", "CoreCaptureBT.log", "crashes_and_spins.log", "StoreServices.log", "itunesstored.log", "brctl.log", "CommandAndControl.log", "NanoRegistry.log", "DarwinInit.log", "MobileLockdown.log", "ProactiveInputPredictions.log", "tailspin-save-ts-collection.log", "SiriAnalytics.log", "usermanagerd_logs.log", "GenerativeExperiences.log", "Contacts.log", "astro.log", "stackshots.log", "NetworkRelay.log", "Siri.log", "MatchTailspins.log", "SpaceAttributionTelemetry.log", "olddsc.log", "ondemandd.log", "ACLogs.log", "SocialLayerPlist.log", "BridgeActivation.log", "SleepCycler.log", "OTA.log", "unnamed_tasks.log", "fsck.log", "tailspin-info-ts.log", "AVConference.log", "MCState.log", "RunningBoard.log", "ATVUpdateLog.log", "AirPodPowerMetrics.log", "MailErrorConditions.log", "hidfw-crashlogs.log", "CoreLocation.log", "SiriTextToSpeech.log", "AUDeveloperSettings.log", "Preferences.log", "ForceResetTailspins.log", "UnifiedAsset.log", "MapsSyncJournal.log", "Burnin.log", "MSU.log", "BluetoothAccessory.log", "VideoProcessing.log", "HIDCrashlogs.log", "Proximity.log", "BridgeActivation 2.log", "MobileAssetHistory.log", "Resource_Exhaustion.log", "avconferenced-embedded.log", "watchdog.log", "LaunchServices.log", "powerlogs.log", "MobileInstallation.log", "SUInfo.log", "spindump-meta-collection.log", "LivabilityApp.log", "syslog.log", "BatteryIntelligence.log", "keyboard_cache.log", "Splat_Versioning.log", "CompanionSync.log", "Personalization.log", "Buddy.log", "TetheredRestore.log", "BTPHY.log", "MemoryExceptions.log", "BluetoothCoreDump.log", "copySpringBoardStateDump.log", "diagnostic_summary.log", "SplunkHistory.log", "ThermalLogs.log", "Mobile_Demo.log", "BridgeReporting.log", "TimezoneDB.log", "AppConduit.log", "microstackshots.log", "SystemVersion.log", "watchdogd_ddts.log", "NSURLSession_logs.log", "MobileActivation.log", "tailspin-history.log", "MobileSlideShow.log", "AFK.log", "MobileSlideShowPrivateData.log", "demod.log", "HangTracerTailspins.log", "Networking.log", "AGXMTLCompilerCrash.log", "ASPSnapshots.log", "BatteryBDC.log", "Trial.log", "ProtectedCloudStorage.log", "MobileObliteration.log", "HCI.log", "UARP_Packet_Capture.log", "launchdLogs.log", "coreaudio_reporting.log", "WiFi.log", "FDR.log", "WindowServerHangs.log", "HomePodSetUp.log", "Recoverylogd.log", "parsecd.log", "diagnose-errors.log", "defaults-com.apple.bird.txt", "defaults-com.apple.iclouddrive.features.txt", "brctl-container-list.txt", "AppleLanguages_Global.txt", "com.apple.avfoundation_CurrentUser.txt", "subscribedAssets_CurrentUser.txt", "com.apple.coreaudio_CurrentUser.txt", "Accessibility_Preferences.txt", "com.apple.MobileAsset_Global.txt", "ScreenTimeEnabled_CurrentUser.txt", "UIPreferredContentSizeCategoryName_CurrentUser.txt", "AppleLocale_CurrentUser.txt", "AppleLocale_Global.txt", "com.apple.coremedia_CurrentUser.txt", "Keyboard_Preferences.txt", "AppleLanguages_CurrentUser.txt", "com.apple.camera_CurrentUser.txt", "CaptureSourceInfo_CurrentUser.txt" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "white", "cloned_from": "67068646eec25524c2446ece", "export_count": 0, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "msudosos", "id": "381696", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "FileHash-SHA256": 98, "FileHash-SHA1": 12, "URL": 69, "domain": 29, "hostname": 68, "FileHash-MD5": 11, "email": 1, "BitcoinAddress": 2, "IPv4": 2 }, "indicator_count": 292, "is_author": false, "is_subscribing": null, "subscriber_count": 70, "modified_text": "9 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "URL", "related_indicator_is_active": 1 }, { "id": "67068646eec25524c2446ece", "name": "Jane\u2019s Apple iPhone 12 is claimed dead", "description": "", "modified": "2024-11-08T13:04:19.590000", "created": "2024-10-09T13:33:58.463000", "tags": [ "idle", "deferred", "important", "unknown", "dock", "uisupport", "freezer", "fgsupport", "audio", "driverkit", "runner", "critical", "s0x0180", "s0x01a1", "s0x01a4", "c0x03", "s0x0401", "s0x0402", "s0x0507", "s0x0524", "s0x052a", "s0x060b", "networkappid", "user uid", "prsna pid", "ppid f", "mem pri", "ni vsz", "rss wchan", "tt stat", "started time", "command root", "memgraph", "path to", "dump file", "csstore viewer", "night shift", "status", "daystarthour", "daystartminute", "nightstarthour", "version", "sunsetsunrise", "mach virtual", "memory", "devdisk1s1", "privatevar", "calls", "number", "file defrag", "metadata", "write", "object cache", "fx defrag", "vnopallocate", "vnopblktooff", "vnopblockmap", "meta", "stats", "ckkstlkshare", "cliquestatusin", "sha256", "autounlock", "home", "backstop", "passwords", "applepay", "manatee", "wifi", "a w0", "device", "shared ipad", "appleaopinput", "code0", "userinfo", "fpck", "completed", "current network", "ipv6", "awdl", "security", "legacy wifi", "ipv4", "count", "interval", "timestamp name", "open", "nonpsc", "active", "not associated", "noop", "interface", "scan results", "duration result", "description", "congested wifi", "channel", "current channel", "ht40", "networks", "i en0", "paired", "connected", "status power", "mac address", "f5 discoverable", "scanning", "onetouch tb1x", "address", "airport sync", "airport network", "rave scout", "salman", "scout iphone", "guest agrp", "guest mdat", "items", "begin", "begin wifi", "end wifi", "collect", "dump", "end corecapture", "logs", "begin device", "end device", "method", "supported", "status mac", "op mode", "bssid", "tx rate", "mbps security", "phy mode", "mcs index", "guard period", "errors summary", "report guard", "scan psf", "period ranges", "aw errors", "summary", "ap stats", "ap status", "period", "status primary", "wwan", "disabled awdl", "status ipv6", "mode", "off awdl", "auto", "discovery", "disabled", "could", "cfnetwork", "dns server", "ping lan", "resolve dns", "ping wan", "rbentitlements", "osservice", "background", "invalidate", "xpcservice", "rbstagattribute", "rbassertion", "transientstate", "7529", "8030", "keepalive", "4372", "5760", "8181", "10058", "lockscreen", "test", "trace", "9872", "ckavmediaobject", "iiolaunchinfo", "ckmediaobject", "mxvolumelimiton", "swqwerty", "swemoji", "height", "width", "name", "pixelformattype", "index", "isobase", "sensorheight", "sensorwidth", "aemaxgain", "sensorcropwidth", "formats", "flash", "default filters", "candidate", "enforcing size", "limit", "mb on", "added", "done enforcing", "size limit", "file", "filters", "max size", "duplicate file", "file past", "beginswith", "endswith", "longhang", "excresource", "analytics", "predicate", "predicate not", "matches", "not self", "contains", "e5a2a", "ca156", "dc789", "b1a67", "e7e17", "e2175", "c63d2", "c453c", "cd7d4", "e0fe6", "plist", "dict", "integer", "doctype", "public", "appledtd plist", "ckperboottasks", "array", "ckstartuptime", "optimizestorage", "recorder", "player", "editor", "citymd", "manager", "student", "cleaner", "booster", "smart", "languages", "applelocale" ], "references": [ "jetsam_priority.txt", "tailspin-info.txt", "ps.txt", "oslog_archive_error.log", "README.txt", "night-shift.log", "vm_stat.txt", "mount.txt", "apfs_stats.txt", "ckksctl_status.txt", "ioreg_task_failures.txt", "transparency-sysdiagnose_stderr.txt", "fileproviderctl_task_failures.txt", "spindump_stderr.txt", "taskinfo_stderr.txt", "rmdinspect_stderr.txt", "ModelCatalog_task_failures.txt", "afktool_stderr.txt", "jetsam_priority_stderr.txt", "microstackshots_errors.txt", "AppleTypeCRetimerLogs_task_failures.txt", "ioreg_stderr.txt", "spindump_nosym_errors.txt", "codecctl_stderr.txt", "srsupporttool_stderr.txt", "fileproviderctl_stderr.txt", "suggest_tool_stderr.txt", "mobilewifitool.txt", "com.apple.wifi.syncable-networks.legacy.plist", "diagnostics-configuration.txt", "wifi_scan_cache.txt", "wifi_datapath-PRE.txt", "3bars.txt", "diagnostics-environment.txt", "arp.txt", "netstat-POST.txt", "bluetooth_status.txt", "security.txt", "debug-log.txt", "wifi_status.txt", "netstat-PRE.txt", "leaky_ap_stats.txt", "wifi_datapath-POST.txt", "wifi_logarchive.log", "com.apple.wifi.recent-networks.json", "network_status.txt", "com.apple.wifi.syncable-networks.plist", "ifconfig.txt", "awdl_status.txt", "wifi_scan.txt", "diagnostics-connectivity.txt", "BASEBAND_TS_TRIGGER.log", "Accounts.log", "CoreCapture.log", "appinstallation.log", "FindMyDevice.log", "AlishaLogs.log", "atcrtcomm.log", "Accessibility.log", "CMCaptureTailspins.log", "NanoPreferencesSync.log", "MCUCoreDumps.log", "AppSupport.log", "RecentHangTracerTailspins.log", "DataMigration.log", "BatteryUIPlist.log", "BatteryHealth.log", "UARPEndpointPacketCaptures.log", "time-sensitive-stackshot.log", "OTAUpdateLogs.log", "MobileKeybagLogs.log", "cts.log", "SensorKit.log", "CacheDeleteHistory.log", "CloudKitBookmarks.log", "MobileBackup.log", "AccessibilityPrefs.log", "WatchConnectivity.log", "Frametracer.log", "LogStreamFilter.log", "Panics.log", "OSEligibility.log", "process_proxied_device_logs.log", "Harmony.log", "CalendarPreferences.log", "Sentry.log", "MediaserverdBlockageTailspins.log", "MobileStoreDemo.log", "coremediacapture-afdebug.log", "CoreCaptureBT.log", "crashes_and_spins.log", "StoreServices.log", "itunesstored.log", "brctl.log", "CommandAndControl.log", "NanoRegistry.log", "DarwinInit.log", "MobileLockdown.log", "ProactiveInputPredictions.log", "tailspin-save-ts-collection.log", "SiriAnalytics.log", "usermanagerd_logs.log", "GenerativeExperiences.log", "Contacts.log", "astro.log", "stackshots.log", "NetworkRelay.log", "Siri.log", "MatchTailspins.log", "SpaceAttributionTelemetry.log", "olddsc.log", "ondemandd.log", "ACLogs.log", "SocialLayerPlist.log", "BridgeActivation.log", "SleepCycler.log", "OTA.log", "unnamed_tasks.log", "fsck.log", "tailspin-info-ts.log", "AVConference.log", "MCState.log", "RunningBoard.log", "ATVUpdateLog.log", "AirPodPowerMetrics.log", "MailErrorConditions.log", "hidfw-crashlogs.log", "CoreLocation.log", "SiriTextToSpeech.log", "AUDeveloperSettings.log", "Preferences.log", "ForceResetTailspins.log", "UnifiedAsset.log", "MapsSyncJournal.log", "Burnin.log", "MSU.log", "BluetoothAccessory.log", "VideoProcessing.log", "HIDCrashlogs.log", "Proximity.log", "BridgeActivation 2.log", "MobileAssetHistory.log", "Resource_Exhaustion.log", "avconferenced-embedded.log", "watchdog.log", "LaunchServices.log", "powerlogs.log", "MobileInstallation.log", "SUInfo.log", "spindump-meta-collection.log", "LivabilityApp.log", "syslog.log", "BatteryIntelligence.log", "keyboard_cache.log", "Splat_Versioning.log", "CompanionSync.log", "Personalization.log", "Buddy.log", "TetheredRestore.log", "BTPHY.log", "MemoryExceptions.log", "BluetoothCoreDump.log", "copySpringBoardStateDump.log", "diagnostic_summary.log", "SplunkHistory.log", "ThermalLogs.log", "Mobile_Demo.log", "BridgeReporting.log", "TimezoneDB.log", "AppConduit.log", "microstackshots.log", "SystemVersion.log", "watchdogd_ddts.log", "NSURLSession_logs.log", "MobileActivation.log", "tailspin-history.log", "MobileSlideShow.log", "AFK.log", "MobileSlideShowPrivateData.log", "demod.log", "HangTracerTailspins.log", "Networking.log", "AGXMTLCompilerCrash.log", "ASPSnapshots.log", "BatteryBDC.log", "Trial.log", "ProtectedCloudStorage.log", "MobileObliteration.log", "HCI.log", "UARP_Packet_Capture.log", "launchdLogs.log", "coreaudio_reporting.log", "WiFi.log", "FDR.log", "WindowServerHangs.log", "HomePodSetUp.log", "Recoverylogd.log", "parsecd.log", "diagnose-errors.log", "defaults-com.apple.bird.txt", "defaults-com.apple.iclouddrive.features.txt", "brctl-container-list.txt", "AppleLanguages_Global.txt", "com.apple.avfoundation_CurrentUser.txt", "subscribedAssets_CurrentUser.txt", "com.apple.coreaudio_CurrentUser.txt", "Accessibility_Preferences.txt", "com.apple.MobileAsset_Global.txt", "ScreenTimeEnabled_CurrentUser.txt", "UIPreferredContentSizeCategoryName_CurrentUser.txt", "AppleLocale_CurrentUser.txt", "AppleLocale_Global.txt", "com.apple.coremedia_CurrentUser.txt", "Keyboard_Preferences.txt", "AppleLanguages_CurrentUser.txt", "com.apple.camera_CurrentUser.txt", "CaptureSourceInfo_CurrentUser.txt" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 23, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "ravescoutllc.", "id": "288912", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "FileHash-SHA256": 86, "FileHash-SHA1": 2, "URL": 65, "domain": 13, "hostname": 49, "FileHash-MD5": 3, "email": 1 }, "indicator_count": 219, "is_author": false, "is_subscribing": null, "subscriber_count": 31, "modified_text": "571 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "URL", "related_indicator_is_active": 1 }, { "id": "66fae0cea9dbd082c30e30ea", "name": "The Jane Syndrome Files: Espionage-Grade Apple iPhone Infiltration", "description": "Here is a full list of details about Apple's latest operating system (OS) and the services it offers: DNS poisonings, network insecurities, malware, malicious script injections.", "modified": "2024-10-30T16:01:07.364000", "created": "2024-09-30T17:33:02.318000", "tags": [ "disabled awdl", "awdl", "status ipv6", "mode", "off awdl", "auto", "discovery", "disabled", "status power", "mac address", "f5 discoverable", "scanning", "current network", "wifi", "security", "wpa2 personal", "legacy", "ipv6", "count", "interval", "timestamp name", "open", "begin", "d71ff", "status", "begin wifi", "collect", "end wifi", "logs", "dump", "end corecapture", "cache", "stats", "cfnetwork", "could", "could ping", "dns server", "duration result", "description", "reach apple", "ping lan", "resolve dns", "number", "guard period", "errors summary", "report guard", "scan psf", "period ranges", "aw errors", "summary", "ap stats", "ap status", "period", "i en0", "airport sync", "airport network", "rave scout", "salman", "scout iphone", "guest agrp", "guest mdat", "items", "status primary", "ipv4", "interface", "nonpsc", "active", "address", "method", "supported", "status mac", "ssid", "bssid", "rssi", "tx rate", "mbps security", "congested wifi", "channel", "current channel", "ht40", "networks", "ht40 network", "wifi cc", "mcastaesccm", "mcasttkip", "fiosd8f6r", "jparadise", "bradstevens", "hazelnuthut", "karen dave", "fios", "brookleyroad", "mobile", "gator", "mach virtual", "memory", "never", "command", "execution time", "timeout", "max rss", "o user", "o ppid", "usrbintaskinfo", "a registry", "ioservice", "state", "executing task", "cpu time", "child process", "cpuwall", "cputimeout", "task container", "handshake", "tmpoutputdir", "executing", "phase", "locker", "atomic", "error", "companion", "savage", "demo", "trigger", "caller", "autounlock", "macbook air", "leaflifetime", "evaluationtime", "afterctflagday", "anchorsource", "validstatus", "numberscts", "mmcs", "unknown", "lmdc", "fssnapshot", "fpck", "fpsnapshot", "fpckrunreason", "iphone", "version", "product type", "os build", "appleinternal", "cpuarchitecture", "chipid", "hwmodel", "d53gap", "hassep", "ap1i", "ap1p", "ap1v", "b0ti", "d1pt", "iq0b", "iq1b", "mbse", "adce", "aopc", "bupt", "chcc", "chif", "upof", "waps", "warp", "wass", "default filters", "size limit", "mb on", "done enforcing", "file", "candidate", "filters", "enforcing size", "limit", "added", "predicate not", "file past", "beginswith", "endswith", "excresource", "analytics", "predicate", "not self", "contains", "max size", "matches", "osvalueobject", "ioport", "ioregistryentry", "iopower", "ioaccessory", "iousb", "iodevicetree", "root", "class", "wcfb", "gtd0x0 dtb", "rfrs", "adfh", "adhf", "vbwr", "vbrr", "cfdwc", "cfdrc", "dlwd", "gcrd", "gccan1 gcmust0", "gccan0 gcmust0", "erase quantile", "bad blocks", "max band", "eol erase", "user partition", "indpoolfree", "key1242", "timestamp", "weightedra", "qmax0", "cyclecount", "timeathighsoc", "chargingvoltage", "bhserviceflags", "04430", "familycode", "vacvoltagelimit", "53685452100", "53685452811", "1284430", "53685452411", "04410", "11524410", "53685452401", "1284410", "10244410", "11534410", "11524430", "10244430", "11534430", "53685451811", "53685451911", "chemid", "algochemid", "eeee", "designcapacity", "presentdod0", "currentcapacity", "ischarging", "temperature", "amperage", "instantamperage", "voltage", "stateofcharge", "chargeaccum", "chargingstate", "inflowstate", "chargelimit", "checkpoint", "decisionmaker", "modeofoperation", "af96b", "begin bluetooth", "b590b", "e97d3", "e1306", "certificate", "start", "status code", "sameorigin body", "xsannwhh5zixhy", "debug", "sun sep", "thu sep", "notice", "fri sep", "unbrick", "dcrt reissue", "commcenter fri", "sat sep", "commcenter sun", "data", "plist", "dict", "post useragent", "dcrt", "body", "doctype", "public", "pkitruststore", "download", "autolocker", "autojob", "data container", "installing", "ls save", "ls operation", "customer", "lsinstalltype", "miinstaller", "staging", "update", "consumed", "missingvalue", "raptor certs", "full service", "pinged configd", "cachedata", "cacheextra", "gmt4", "boot session", "bonjour", "f0fs24 cf0", "xml version", "appledtd plist", "adapter", "sen097", "wairport97", "t3gpp u8721", "u960 u8747", "bae69693u8719", "c2cb", "f1f49791page", "c4 e8", "page", "xethernet97", "sen1u8260", "u8721 u8719", "u8805 a5u8706", "a5u8706 u8721", "u8719 u960", "u8800 c6d8u8734", "b1u8804 u8805", "u8747 aabau937", "u64258 u8800", "u8747 u8776", "u64257 u64258", "u305 u8710", "u63743", "u8260", "u8805 u8706", "u731 u711", "u731", "u733", "time", "time secs", "uuid", "osversion", "lqmlogging", "su ms", "nb nrs", "na cm", "ex tf", "ffp mret", "highband", "ghz sep", "noise 88", "capture", "interfacelogs", "disabledatapath", "role lowlatency", "enabledatapath", "tx submission", "queue sep", "disablesync", "txsubq sep", "datapath", "printdatapath", "txsub disable", "txsub enable", "awdl prox", "awdl interface", "appleolyhal", "iopcidevice", "iopcidevice sep", "appleolyhallog", "pktsec", "mbitssec", "txreported", "u0 m0", "rxmacst", "monitor0 vif", "ff input", "pmopen", "rssi 100", "flushed", "rssi threshold", "service", "p2p concurrency", "allowed", "multicast", "unicast", "p2p interface", "off configured", "host edge", "awdl0", "awdl state", "configured", "d12c2680", "monitor18 vif", "transition", "wait", "device sleep", "device wake", "device active", "pending", "pnd0", "exit", "int state", "tx power", "cap config", "device tree", "ps params", "dtim", "motion profile", "womp disabled", "region info", "lla prefer", "prefer", "moving", "logic", "config", "wlcgetbssinfo", "queue", "check que", "wd scheduled1", "curr", "configure wd", "history", "wlcsetlrl", "wlcgetcountry", "debuggable", "eventbitfield", "fwid 01b0ec0e2e", "d53gap build", "device serial", "file name", "wme acm", "frequestiotx", "busytags", "peer", "u409224", "u527236 m103198", "monitor2827", "totaldropped0", "queue status", "totalflushed0", "tx completion", "rx completion", "fault report", "logging rx", "join mgr", "backpl", "85 85", "fl2 rt601", "bsside2", "rssi avg", "41 48", "44 42", "46 48", "43 42", "io80211 scan", "updated", "mpdus", "chanspec", "roam candidate", "logtransition", "cache channels", "scan home", "infra", "filesystem size", "avail capacity", "devdisk1s1", "dev devdisk1s6", "devdisk1s3", "calls", "file defrag", "metadata", "write", "object cache", "read", "fx defrag", "vnopallocate", "vnopblktooff", "meta", "user pid", "cpu stat", "pri stime", "utime command", "ppid f", "mem pri", "ni vsz", "rss wchan", "started time", "wd scheduled0", "e666293574", "monitor38 vif", "u2642957", "u4321860 m8433", "monitor9744", "b7c5a", "fl2 rt3505", "43 43", "bssid00", "lightphoneii", "43 44", "44 44", "rx data", "f4e0wf", "session", "cached", "access", "integer not", "null default", "null", "text not", "from", "text unique", "where", "order by", "not null", "bool not", "expected t", "nsdata", "unique", "integer primary", "array", "hard", "u63743 fceae8" ], "references": [ "awdl_status.txt", "arp.txt", "bluetooth_status.txt", "com.apple.wifi.syncable-networks.legacy.plist", "com.apple.wifi.syncable-networks.plist", "diagnostics-configuration.txt", "debug-log.txt", "diagnostics-connectivity.txt", "com.apple.wifi.recent-networks.json", "ifconfig.txt", "leaky_ap_stats.txt", "netstat-POST.txt", "mobilewifitool.txt", "security.txt", "netstat-PRE.txt", "network_status.txt", "wifi_datapath-PRE.txt", "wifi_scan_cache.txt", "wifi_logarchive.log", "wifi_datapath-POST.txt", "wifi_status.txt", "diagnostics-environment.txt", "wifi_scan.txt", "vm_stat.txt", "transparency.log", "tzDataVersion.log", "tailspin-info.txt", "taskSummary.csv", "sysdiagnose.log", "security-sysdiagnose.txt", "fileproviderctl_check.log", "hpmDiagnose.txt", "fileproviderctl.log", "hidutil.plist", "remotectl_dumpstate.txt", "smcDiagnose.txt", "BridgeReporting.log", "BridgeActivation.log", "AppConduit.log", "appinstallation.log", "AlishaLogs.log", "ASPSnapshots.log", "AppSupport.log", "astro.log", "AUDeveloperSettings.log", "ATVUpdateLog.log", "AVConference.log", "atcrtcomm.log", "BatteryBDC.log", "avconferenced-embedded.log", "BatteryIntelligence.log", "BluetoothAccessory.log", "BluetoothCoreDump.log", "BatteryHealth.log", "BatteryUIPlist.log", "brctl.log", "BASEBAND_TS_TRIGGER.log", "BTPHY.log", "Burnin.log", "Buddy.log", "CacheDeleteHistory.log", "CalendarPreferences.log", "CMCaptureTailspins.log", "CompanionSync.log", "CommandAndControl.log", "Contacts.log", "coreaudio_reporting.log", "CoreCapture.log", "copySpringBoardStateDump.log", "CoreLocation.log", "CoreCaptureBT.log", "crashes_and_spins.log", "cts.log", "coremediacapture-afdebug.log", "DarwinInit.log", "demod.log", "DataMigration.log", "FDR.log", "diagnostic_summary.log", "ForceResetTailspins.log", "Frametracer.log", "fsck.log", "FindMyDevice.log", "HangTracerTailspins.log", "GenerativeExperiences.log", "Harmony.log", "HIDCrashlogs.log", "HCI.log", "HomePodSetUp.log", "hidfw-crashlogs.log", "itunesstored.log", "LivabilityApp.log", "keyboard_cache.log", "LaunchServices.log", "MailErrorConditions.log", "MapsSyncJournal.log", "MatchTailspins.log", "MCState.log", "MCUCoreDumps.log", "MediaserverdBlockageTailspins.log", "MemoryExceptions.log", "MobileActivation.log", "microstackshots.log", "LogStreamFilter.log", "Mobile_Demo.log", "MobileInstallation.log", "MobileBackup.log", "MobileKeybagLogs.log", "MobileAssetHistory.log", "launchdLogs.log", "MobileSlideShow.log", "MobileLockdown.log", "MobileObliteration.log", "MobileSlideShowPrivateData.log", "MSU.log", "MobileStoreDemo.log", "NanoPreferencesSync.log", "NanoRegistry.log", "NSURLSession_logs.log", "Networking.log", "NetworkRelay.log", "ondemandd.log", "olddsc.log", "OTA.log", "OSEligibility.log", "OTAUpdateLogs.log", "Panics.log", "Personalization.log", "parsecd.log", "powerlogs.log", "process_proxied_device_logs.log", "ProactiveInputPredictions.log", "Preferences.log", "Proximity.log", "ProtectedCloudStorage.log", "RecentHangTracerTailspins.log", "RunningBoard.log", "Recoverylogd.log", "Resource_Exhaustion.log", "SensorKit.log", "SiriTextToSpeech.log", "Sentry.log", "Siri.log", "SiriAnalytics.log", "SleepCycler.log", "SocialLayerPlist.log", "spindump-meta-collection.log", "SplunkHistory.log", "stackshots.log", "SUInfo.log", "StoreServices.log", "SystemVersion.log", "Splat_Versioning.log", "syslog.log", "tailspin-history.log", "ThermalLogs.log", "tailspin-info-ts.log", "Trial.log", "UARP_Packet_Capture.log", "TetheredRestore.log", "UnifiedAsset.log", "time-sensitive-stackshot.log", "TimezoneDB.log", "unnamed_tasks.log", "UARPEndpointPacketCaptures.log", "SpaceAttributionTelemetry.log", "usermanagerd_logs.log", "VideoProcessing.log", "watchdog.log", "WindowServerHangs.log", "WiFi.log", "watchdogd_ddts.log", "asptool_snapshot_timesensitive.log", "asptool_snapshot.log", "acLog.plist", "atcrtcomm.txt", "BDC_Daily_version2.6_2024-08-29_00:19:16.csv", "BDC_Daily_version2.8_2024-09-22_16:06:26.csv", "BDC_Daily_version2.8_2024-09-13_17:49:14.csv", "BDC_Daily_version2.6_2024-09-04_12:00:11.csv", "BDC_Daily_version2.8_2024-09-21_13:45:08.csv", "BDC_OBC_version2.6_2024-08-29_00:19:14.csv", "BDC_OBC_version2.6_2024-09-13_16:25:59.csv", "BDC_OBC_version2.8_2024-09-18_23:12:12.csv", "BDC_OBC_version2.8_2024-09-14_00:28:48.csv", "BDC_OBC_version2.8_2024-09-13_23:35:57.csv", "BDC_OBC_version2.8_2024-09-14_13:32:02.csv", "BDC_OBC_version2.8_2024-09-29_15:16:41.csv", "BDC_Once_version2.6_2024-08-29_00:19:16.csv", "BDC_Once_version2.8_2024-09-13_17:49:16.csv", "BDC_SBC_version2.6_2024-09-02_20:27:16.csv", "BDC_SBC_version2.6_2024-08-29_00:19:16.csv", "BDC_SBC_version2.6_2024-09-03_11:48:00.csv", "BDC_SBC_version2.6_2024-09-11_00:27:57.csv", "BDC_SBC_version2.6_2024-09-04_13:21:06.csv", "BDC_SBC_version2.6_2024-09-04_12:00:11.csv", "BDC_SBC_version2.6_2024-09-03_00:11:37.csv", "BDC_SBC_version2.6_2024-09-13_16:26:54.csv", "BDC_SBC_version2.6_2024-09-13_16:16:55.csv", "BDC_SBC_version2.6_2024-09-08_17:52:28.csv", "BDC_SBC_version2.6_2024-09-13_02:10:48.csv", "BDC_SBC_version2.6_2024-09-12_02:07:40.csv", "BDC_SBC_version2.8_2024-09-13_17:54:28.csv", "BDC_SBC_version2.6_2024-09-13_17:07:26.csv", "BDC_SBC_version2.8_2024-09-13_17:49:18.csv", "BDC_SBC_version2.8_2024-09-14_00:28:50.csv", "BDC_SBC_version2.8_2024-09-18_03:20:38.csv", "BDC_SBC_version2.8_2024-09-18_23:12:15.csv", "BDC_SBC_version2.8_2024-09-14_13:32:04.csv", "BDC_SBC_version2.8_2024-09-21_13:45:07.csv", "BDC_SBC_version2.8_2024-09-22_05:55:57.csv", "BDC_SBC_version2.8_2024-09-23_19:56:36.csv", "BDC_SBC_version2.8_2024-09-17_01:27:03.csv", "BDC_SBC_version2.8_2024-09-23_21:27:40.csv", "BDC_SBC_version2.8_2024-09-24_19:36:33.csv", "BDC_SBC_version2.8_2024-09-14_01:16:12.csv", "BDC_SmartCharging_version2.6_2024-09-02_20:25:09.csv", "BDC_SmartCharging_version2.6_2024-08-29_00:21:46.csv", "BDC_SmartCharging_version2.6_2024-09-03_04:09:12.csv", "BDC_SmartCharging_version2.6_2024-09-03_11:48:07.csv", "BDC_SmartCharging_version2.6_2024-09-03_00:11:44.csv", "BDC_SmartCharging_version2.6_2024-09-04_12:00:20.csv", "BDC_SmartCharging_version2.6_2024-09-04_13:19:02.csv", "CacheDeletePurgeHistory.txt", "FDRDiagnosticReport.plist", "GEAvailability.log", "IOSADiagnose.log", "version", "akd_dcrt_baa_response.txt", "mobileactivationd.log.0", "akd_dcrt_baa_request.txt", "MAAutoAsset_Atomic_History_00.log", "MAAutoAsset_Atomic_History_02.log", "MAAutoAsset_Atomic_History_01.log", "MAAutoAsset_Atomic_History_03.log", "MAAutoAsset_Atomic_History_05.log", "MAAutoAsset_Atomic_History_04.log", "MAAutoAsset_Atomic_History_09.log", "MAAutoAsset_Atomic_History.txt", "MAAutoAsset_Atomic_History_08.log", "MAAutoAsset_Error_History_00.log", "MAAutoAsset_Atomic_History_06.log", "MAAutoAsset_Error_History_02.log", "MAAutoAsset_Error_History_04.log", "MAAutoAsset_Error_History_05.log", "MAAutoAsset_Error_History_08.log", "MAAutoAsset_Error_History.txt", "MAAutoAsset_Filesystem_History_01.log", "MAAutoAsset_Error_History_06.log", "MAAutoAsset_Error_History_09.log", "MAAutoAsset_Error_History_07.log", "MAAutoAsset_Filesystem_History_03.log", "MAAutoAsset_Filesystem_History_02.log", "MAAutoAsset_Filesystem_History_04.log", "MAAutoAsset_Filesystem_History_05.log", "MAAutoAsset_Filesystem_History_08.log", "MAAutoAsset_Filesystem_History_09.log", "MAAutoAsset_Filesystem_History_06.log", "MAAutoAsset_Filesystem_History_00.log", "MAAutoAsset_Filesystem_History_07.log", "MAAutoAsset_Filesystem_History.txt", "MAAutoAsset_Locker_History_00.log", "MAAutoAsset_Locker_History_01.log", "MAAutoAsset_Locker_History_03.log", "MAAutoAsset_Locker_History_06.log", "MAAutoAsset_Locker_History_02.log", "MAAutoAsset_Locker_History_04.log", "MAAutoAsset_Locker_History_05.log", "MAAutoAsset_Locker_History_07.log", "MAAutoAsset_Scheduler_History_00.log", "MAAutoAsset_Locker_History.txt", "MAAutoAsset_Locker_History_08.log", "MAAutoAsset_Scheduler_History_03.log", "MAAutoAsset_Scheduler_History_02.log", "MAAutoAsset_Scheduler_History_04.log", "MAAutoAsset_Scheduler_History_01.log", "MAAutoAsset_Locker_History_09.log", "MAAutoAsset_Scheduler_History_07.log", "MAAutoAsset_Scheduler_History_08.log", "MAAutoAsset_Scheduler_History_05.log", "MAAutoAsset_Scheduler_History_06.log", "MAAutoAsset_Scheduler_History.txt", "MAAutoAsset_Scheduler_History_09.log", "MAAutoAsset_Secure_History_01.log", "MAAutoAsset_Secure_History_00.log", "MAAutoAsset_Secure_History_04.log", "MAAutoAsset_Secure_History_05.log", "MAAutoAsset_Secure_History_03.log", "MAAutoAsset_Secure_History_07.log", "MAAutoAsset_Secure_History_08.log", "MAAutoAsset_Secure_History_06.log", "MAAutoAsset_Secure_History_09.log", "MAAutoAsset_Stager_History_01.log", "MAAutoAsset_Stager_History_02.log", "MAAutoAsset_Stager_History_00.log", "MAAutoAsset_Secure_History.txt", "MAAutoAsset_Stager_History_03.log", "MAAutoAsset_Stager_History_05.log", "MAAutoAsset_Stager_History_07.log", "MAAutoAsset_Stager_History_04.log", "MAAutoAsset_Stager_History_08.log", "MAAutoAsset_Stager_History_06.log", "MAAutoAsset_Stager_History_09.log", "MAAutoAsset_Stager_History.txt", "mobile_installation.log.0", "mobile_installation.log.1", "mobile_installation_helper.log.0", "lockdownd.log", "SUCoreSplunkHistory.log", "model_catalog_dump.txt", "model_manager_dump.json", "com.apple.networkextension.necp.rtf", "preferences.rtf", "NetworkInterfaces.rtf", "com.apple.networkextension.rtf", "com.apple.networkextension.uuidcache.rtf", "com.apple.networkextension.cache.rtf", "com.apple.networkextension.control.rtf", "Entity_2024-09-29 22:12:50.359_Blacklist.csv", "capture.rtf", "system.rtf", "[2024-09-29_22,12,45.966405]-LQMLogging-001.txt", "[2024-09-29_22,12,45.960131]-Interface_SoftAP_0-001.txt", "[2024-09-29_22,12,56.122877]-Interface_LowLatency_0-001.txt", "[2024-09-29_22,12,56.815468]-Interface_Infrastructure_0-001.txt", "[2024-09-29_22,12,56.591747]-Interface_AirLink_0-001.txt", "[2024-09-29_22,12,56.327440]-uartFirmwareLogs-001.txt", "[2024-09-29_22,12,56.457960]-AppleOLYHAL_log-001.txt", "AddFileList.txt", "ap1_AllPeersVerbose_IO80211PeerManager.txt", "awdl0_PrintState_IO80211AWDLPeerManager.txt", "awdl0_AllPeersVerbose_IO80211AWDLPeerManager.txt", "BusState.txt", "ConfigManagerState.txt", "CommanderState.txt", "CoreState.txt", "DeviceInfo.xml", "en0_AllPeersVerbose_IO80211PeerManager.txt", "en0_PrintState_IO80211PeerManager.txt", "InterfaceState_apsta.txt", "ap1_PrintState_IO80211PeerManager.txt", "FaultReportState.txt", "History.txt", "InterfaceState_prox.txt", "ivars->fChannelSwitchDictionary[0].xml", "InterfaceState_llw.txt", "JoinManagerState.txt", "ivars->fChannelSwitchDictionary[1].xml", "InterfaceState_skywalkinfra.txt", "ScanManagerState.txt", "LowLatencyRxCompRing", "MMIO_Log.txt", "SoC_Registers.xml", "LowLatencyTxCompRing", "NetManagerState.txt", "[2024-09-29_22,12,56.477273]-AppleBCMWLAN_Logs-001.txt", "disks.txt", "apfs_stats.txt", "oslog_archive_error.log", "ps_thread.txt", "971A5878D635EB8B262FF791353234.rtf", "B730B951A932F5AE2648F478FDDA81.rtf", "E7B80B551D34E4BCDBC1E47D6AB627.rtf", "2B553D16843D7B9CD7A4504A96CF2F.rtf", "594CB14E19331E8CFB5365144D46C4.rtf", "DE90FBA8603371B106DDEC727E696D.rtf", "C1ACD227FD3CE992C115DD95BD2B42.rtf" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [ { "id": "T1056", "name": "Input Capture", "display_name": "T1056 - Input Capture" } ], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 24, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "ravescoutllc.", "id": "288912", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "FileHash-SHA256": 105, "domain": 71, "hostname": 211, "URL": 125, "email": 2, "FileHash-MD5": 14, "FileHash-SHA1": 212 }, "indicator_count": 740, "is_author": false, "is_subscribing": null, "subscriber_count": 30, "modified_text": "580 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "URL", "related_indicator_is_active": 1 }, { "id": "66fae0d0177ccf5dfc5c1fb0", "name": "The Jane Syndrome Files: Espionage-Grade Apple iPhone Infiltration", "description": "Here is a full list of details about Apple's latest operating system (OS) and the services it offers: DNS poisonings, network insecurities, malware, malicious script injections.", "modified": "2024-10-30T16:01:07.364000", "created": "2024-09-30T17:33:04.581000", "tags": [ "disabled awdl", "awdl", "status ipv6", "mode", "off awdl", "auto", "discovery", "disabled", "status power", "mac address", "f5 discoverable", "scanning", "current network", "wifi", "security", "wpa2 personal", "legacy", "ipv6", "count", "interval", "timestamp name", "open", "begin", "d71ff", "status", "begin wifi", "collect", "end wifi", "logs", "dump", "end corecapture", "cache", "stats", "cfnetwork", "could", "could ping", "dns server", "duration result", "description", "reach apple", "ping lan", "resolve dns", "number", "guard period", "errors summary", "report guard", "scan psf", "period ranges", "aw errors", "summary", "ap stats", "ap status", "period", "i en0", "airport sync", "airport network", "rave scout", "salman", "scout iphone", "guest agrp", "guest mdat", "items", "status primary", "ipv4", "interface", "nonpsc", "active", "address", "method", "supported", "status mac", "ssid", "bssid", "rssi", "tx rate", "mbps security", "congested wifi", "channel", "current channel", "ht40", "networks", "ht40 network", "wifi cc", "mcastaesccm", "mcasttkip", "fiosd8f6r", "jparadise", "bradstevens", "hazelnuthut", "karen dave", "fios", "brookleyroad", "mobile", "gator", "mach virtual", "memory", "never", "command", "execution time", "timeout", "max rss", "o user", "o ppid", "usrbintaskinfo", "a registry", "ioservice", "state", "executing task", "cpu time", "child process", "cpuwall", "cputimeout", "task container", "handshake", "tmpoutputdir", "executing", "phase", "locker", "atomic", "error", "companion", "savage", "demo", "trigger", "caller", "autounlock", "macbook air", "leaflifetime", "evaluationtime", "afterctflagday", "anchorsource", "validstatus", "numberscts", "mmcs", "unknown", "lmdc", "fssnapshot", "fpck", "fpsnapshot", "fpckrunreason", "iphone", "version", "product type", "os build", "appleinternal", "cpuarchitecture", "chipid", "hwmodel", "d53gap", "hassep", "ap1i", "ap1p", "ap1v", "b0ti", "d1pt", "iq0b", "iq1b", "mbse", "adce", "aopc", "bupt", "chcc", "chif", "upof", "waps", "warp", "wass", "default filters", "size limit", "mb on", "done enforcing", "file", "candidate", "filters", "enforcing size", "limit", "added", "predicate not", "file past", "beginswith", "endswith", "excresource", "analytics", "predicate", "not self", "contains", "max size", "matches", "osvalueobject", "ioport", "ioregistryentry", "iopower", "ioaccessory", "iousb", "iodevicetree", "root", "class", "wcfb", "gtd0x0 dtb", "rfrs", "adfh", "adhf", "vbwr", "vbrr", "cfdwc", "cfdrc", "dlwd", "gcrd", "gccan1 gcmust0", "gccan0 gcmust0", "erase quantile", "bad blocks", "max band", "eol erase", "user partition", "indpoolfree", "key1242", "timestamp", "weightedra", "qmax0", "cyclecount", "timeathighsoc", "chargingvoltage", "bhserviceflags", "04430", "familycode", "vacvoltagelimit", "53685452100", "53685452811", "1284430", "53685452411", "04410", "11524410", "53685452401", "1284410", "10244410", "11534410", "11524430", "10244430", "11534430", "53685451811", "53685451911", "chemid", "algochemid", "eeee", "designcapacity", "presentdod0", "currentcapacity", "ischarging", "temperature", "amperage", "instantamperage", "voltage", "stateofcharge", "chargeaccum", "chargingstate", "inflowstate", "chargelimit", "checkpoint", "decisionmaker", "modeofoperation", "af96b", "begin bluetooth", "b590b", "e97d3", "e1306", "certificate", "start", "status code", "sameorigin body", "xsannwhh5zixhy", "debug", "sun sep", "thu sep", "notice", "fri sep", "unbrick", "dcrt reissue", "commcenter fri", "sat sep", "commcenter sun", "data", "plist", "dict", "post useragent", "dcrt", "body", "doctype", "public", "pkitruststore", "download", "autolocker", "autojob", "data container", "installing", "ls save", "ls operation", "customer", "lsinstalltype", "miinstaller", "staging", "update", "consumed", "missingvalue", "raptor certs", "full service", "pinged configd", "cachedata", "cacheextra", "gmt4", "boot session", "bonjour", "f0fs24 cf0", "xml version", "appledtd plist", "adapter", "sen097", "wairport97", "t3gpp u8721", "u960 u8747", "bae69693u8719", "c2cb", "f1f49791page", "c4 e8", "page", "xethernet97", "sen1u8260", "u8721 u8719", "u8805 a5u8706", "a5u8706 u8721", "u8719 u960", "u8800 c6d8u8734", "b1u8804 u8805", "u8747 aabau937", "u64258 u8800", "u8747 u8776", "u64257 u64258", "u305 u8710", "u63743", "u8260", "u8805 u8706", "u731 u711", "u731", "u733", "time", "time secs", "uuid", "osversion", "lqmlogging", "su ms", "nb nrs", "na cm", "ex tf", "ffp mret", "highband", "ghz sep", "noise 88", "capture", "interfacelogs", "disabledatapath", "role lowlatency", "enabledatapath", "tx submission", "queue sep", "disablesync", "txsubq sep", "datapath", "printdatapath", "txsub disable", "txsub enable", "awdl prox", "awdl interface", "appleolyhal", "iopcidevice", "iopcidevice sep", "appleolyhallog", "pktsec", "mbitssec", "txreported", "u0 m0", "rxmacst", "monitor0 vif", "ff input", "pmopen", "rssi 100", "flushed", "rssi threshold", "service", "p2p concurrency", "allowed", "multicast", "unicast", "p2p interface", "off configured", "host edge", "awdl0", "awdl state", "configured", "d12c2680", "monitor18 vif", "transition", "wait", "device sleep", "device wake", "device active", "pending", "pnd0", "exit", "int state", "tx power", "cap config", "device tree", "ps params", "dtim", "motion profile", "womp disabled", "region info", "lla prefer", "prefer", "moving", "logic", "config", "wlcgetbssinfo", "queue", "check que", "wd scheduled1", "curr", "configure wd", "history", "wlcsetlrl", "wlcgetcountry", "debuggable", "eventbitfield", "fwid 01b0ec0e2e", "d53gap build", "device serial", "file name", "wme acm", "frequestiotx", "busytags", "peer", "u409224", "u527236 m103198", "monitor2827", "totaldropped0", "queue status", "totalflushed0", "tx completion", "rx completion", "fault report", "logging rx", "join mgr", "backpl", "85 85", "fl2 rt601", "bsside2", "rssi avg", "41 48", "44 42", "46 48", "43 42", "io80211 scan", "updated", "mpdus", "chanspec", "roam candidate", "logtransition", "cache channels", "scan home", "infra", "filesystem size", "avail capacity", "devdisk1s1", "dev devdisk1s6", "devdisk1s3", "calls", "file defrag", "metadata", "write", "object cache", "read", "fx defrag", "vnopallocate", "vnopblktooff", "meta", "user pid", "cpu stat", "pri stime", "utime command", "ppid f", "mem pri", "ni vsz", "rss wchan", "started time", "wd scheduled0", "e666293574", "monitor38 vif", "u2642957", "u4321860 m8433", "monitor9744", "b7c5a", "fl2 rt3505", "43 43", "bssid00", "lightphoneii", "43 44", "44 44", "rx data", "f4e0wf", "session", "cached", "access", "integer not", "null default", "null", "text not", "from", "text unique", "where", "order by", "not null", "bool not", "expected t", "nsdata", "unique", "integer primary", "array", "hard", "u63743 fceae8" ], "references": [ "awdl_status.txt", "arp.txt", "bluetooth_status.txt", "com.apple.wifi.syncable-networks.legacy.plist", "com.apple.wifi.syncable-networks.plist", "diagnostics-configuration.txt", "debug-log.txt", "diagnostics-connectivity.txt", "com.apple.wifi.recent-networks.json", "ifconfig.txt", "leaky_ap_stats.txt", "netstat-POST.txt", "mobilewifitool.txt", "security.txt", "netstat-PRE.txt", "network_status.txt", "wifi_datapath-PRE.txt", "wifi_scan_cache.txt", "wifi_logarchive.log", "wifi_datapath-POST.txt", "wifi_status.txt", "diagnostics-environment.txt", "wifi_scan.txt", "vm_stat.txt", "transparency.log", "tzDataVersion.log", "tailspin-info.txt", "taskSummary.csv", "sysdiagnose.log", "security-sysdiagnose.txt", "fileproviderctl_check.log", "hpmDiagnose.txt", "fileproviderctl.log", "hidutil.plist", "remotectl_dumpstate.txt", "smcDiagnose.txt", "BridgeReporting.log", "BridgeActivation.log", "AppConduit.log", "appinstallation.log", "AlishaLogs.log", "ASPSnapshots.log", "AppSupport.log", "astro.log", "AUDeveloperSettings.log", "ATVUpdateLog.log", "AVConference.log", "atcrtcomm.log", "BatteryBDC.log", "avconferenced-embedded.log", "BatteryIntelligence.log", "BluetoothAccessory.log", "BluetoothCoreDump.log", "BatteryHealth.log", "BatteryUIPlist.log", "brctl.log", "BASEBAND_TS_TRIGGER.log", "BTPHY.log", "Burnin.log", "Buddy.log", "CacheDeleteHistory.log", "CalendarPreferences.log", "CMCaptureTailspins.log", "CompanionSync.log", "CommandAndControl.log", "Contacts.log", "coreaudio_reporting.log", "CoreCapture.log", "copySpringBoardStateDump.log", "CoreLocation.log", "CoreCaptureBT.log", "crashes_and_spins.log", "cts.log", "coremediacapture-afdebug.log", "DarwinInit.log", "demod.log", "DataMigration.log", "FDR.log", "diagnostic_summary.log", "ForceResetTailspins.log", "Frametracer.log", "fsck.log", "FindMyDevice.log", "HangTracerTailspins.log", "GenerativeExperiences.log", "Harmony.log", "HIDCrashlogs.log", "HCI.log", "HomePodSetUp.log", "hidfw-crashlogs.log", "itunesstored.log", "LivabilityApp.log", "keyboard_cache.log", "LaunchServices.log", "MailErrorConditions.log", "MapsSyncJournal.log", "MatchTailspins.log", "MCState.log", "MCUCoreDumps.log", "MediaserverdBlockageTailspins.log", "MemoryExceptions.log", "MobileActivation.log", "microstackshots.log", "LogStreamFilter.log", "Mobile_Demo.log", "MobileInstallation.log", "MobileBackup.log", "MobileKeybagLogs.log", "MobileAssetHistory.log", "launchdLogs.log", "MobileSlideShow.log", "MobileLockdown.log", "MobileObliteration.log", "MobileSlideShowPrivateData.log", "MSU.log", "MobileStoreDemo.log", "NanoPreferencesSync.log", "NanoRegistry.log", "NSURLSession_logs.log", "Networking.log", "NetworkRelay.log", "ondemandd.log", "olddsc.log", "OTA.log", "OSEligibility.log", "OTAUpdateLogs.log", "Panics.log", "Personalization.log", "parsecd.log", "powerlogs.log", "process_proxied_device_logs.log", "ProactiveInputPredictions.log", "Preferences.log", "Proximity.log", "ProtectedCloudStorage.log", "RecentHangTracerTailspins.log", "RunningBoard.log", "Recoverylogd.log", "Resource_Exhaustion.log", "SensorKit.log", "SiriTextToSpeech.log", "Sentry.log", "Siri.log", "SiriAnalytics.log", "SleepCycler.log", "SocialLayerPlist.log", "spindump-meta-collection.log", "SplunkHistory.log", "stackshots.log", "SUInfo.log", "StoreServices.log", "SystemVersion.log", "Splat_Versioning.log", "syslog.log", "tailspin-history.log", "ThermalLogs.log", "tailspin-info-ts.log", "Trial.log", "UARP_Packet_Capture.log", "TetheredRestore.log", "UnifiedAsset.log", "time-sensitive-stackshot.log", "TimezoneDB.log", "unnamed_tasks.log", "UARPEndpointPacketCaptures.log", "SpaceAttributionTelemetry.log", "usermanagerd_logs.log", "VideoProcessing.log", "watchdog.log", "WindowServerHangs.log", "WiFi.log", "watchdogd_ddts.log", "asptool_snapshot_timesensitive.log", "asptool_snapshot.log", "acLog.plist", "atcrtcomm.txt", "BDC_Daily_version2.6_2024-08-29_00:19:16.csv", "BDC_Daily_version2.8_2024-09-22_16:06:26.csv", "BDC_Daily_version2.8_2024-09-13_17:49:14.csv", "BDC_Daily_version2.6_2024-09-04_12:00:11.csv", "BDC_Daily_version2.8_2024-09-21_13:45:08.csv", "BDC_OBC_version2.6_2024-08-29_00:19:14.csv", "BDC_OBC_version2.6_2024-09-13_16:25:59.csv", "BDC_OBC_version2.8_2024-09-18_23:12:12.csv", "BDC_OBC_version2.8_2024-09-14_00:28:48.csv", "BDC_OBC_version2.8_2024-09-13_23:35:57.csv", "BDC_OBC_version2.8_2024-09-14_13:32:02.csv", "BDC_OBC_version2.8_2024-09-29_15:16:41.csv", "BDC_Once_version2.6_2024-08-29_00:19:16.csv", "BDC_Once_version2.8_2024-09-13_17:49:16.csv", "BDC_SBC_version2.6_2024-09-02_20:27:16.csv", "BDC_SBC_version2.6_2024-08-29_00:19:16.csv", "BDC_SBC_version2.6_2024-09-03_11:48:00.csv", "BDC_SBC_version2.6_2024-09-11_00:27:57.csv", "BDC_SBC_version2.6_2024-09-04_13:21:06.csv", "BDC_SBC_version2.6_2024-09-04_12:00:11.csv", "BDC_SBC_version2.6_2024-09-03_00:11:37.csv", "BDC_SBC_version2.6_2024-09-13_16:26:54.csv", "BDC_SBC_version2.6_2024-09-13_16:16:55.csv", "BDC_SBC_version2.6_2024-09-08_17:52:28.csv", "BDC_SBC_version2.6_2024-09-13_02:10:48.csv", "BDC_SBC_version2.6_2024-09-12_02:07:40.csv", "BDC_SBC_version2.8_2024-09-13_17:54:28.csv", "BDC_SBC_version2.6_2024-09-13_17:07:26.csv", "BDC_SBC_version2.8_2024-09-13_17:49:18.csv", "BDC_SBC_version2.8_2024-09-14_00:28:50.csv", "BDC_SBC_version2.8_2024-09-18_03:20:38.csv", "BDC_SBC_version2.8_2024-09-18_23:12:15.csv", "BDC_SBC_version2.8_2024-09-14_13:32:04.csv", "BDC_SBC_version2.8_2024-09-21_13:45:07.csv", "BDC_SBC_version2.8_2024-09-22_05:55:57.csv", "BDC_SBC_version2.8_2024-09-23_19:56:36.csv", "BDC_SBC_version2.8_2024-09-17_01:27:03.csv", "BDC_SBC_version2.8_2024-09-23_21:27:40.csv", "BDC_SBC_version2.8_2024-09-24_19:36:33.csv", "BDC_SBC_version2.8_2024-09-14_01:16:12.csv", "BDC_SmartCharging_version2.6_2024-09-02_20:25:09.csv", "BDC_SmartCharging_version2.6_2024-08-29_00:21:46.csv", "BDC_SmartCharging_version2.6_2024-09-03_04:09:12.csv", "BDC_SmartCharging_version2.6_2024-09-03_11:48:07.csv", "BDC_SmartCharging_version2.6_2024-09-03_00:11:44.csv", "BDC_SmartCharging_version2.6_2024-09-04_12:00:20.csv", "BDC_SmartCharging_version2.6_2024-09-04_13:19:02.csv", "CacheDeletePurgeHistory.txt", "FDRDiagnosticReport.plist", "GEAvailability.log", "IOSADiagnose.log", "version", "akd_dcrt_baa_response.txt", "mobileactivationd.log.0", "akd_dcrt_baa_request.txt", "MAAutoAsset_Atomic_History_00.log", "MAAutoAsset_Atomic_History_02.log", "MAAutoAsset_Atomic_History_01.log", "MAAutoAsset_Atomic_History_03.log", "MAAutoAsset_Atomic_History_05.log", "MAAutoAsset_Atomic_History_04.log", "MAAutoAsset_Atomic_History_09.log", "MAAutoAsset_Atomic_History.txt", "MAAutoAsset_Atomic_History_08.log", "MAAutoAsset_Error_History_00.log", "MAAutoAsset_Atomic_History_06.log", "MAAutoAsset_Error_History_02.log", "MAAutoAsset_Error_History_04.log", "MAAutoAsset_Error_History_05.log", "MAAutoAsset_Error_History_08.log", "MAAutoAsset_Error_History.txt", "MAAutoAsset_Filesystem_History_01.log", "MAAutoAsset_Error_History_06.log", "MAAutoAsset_Error_History_09.log", "MAAutoAsset_Error_History_07.log", "MAAutoAsset_Filesystem_History_03.log", "MAAutoAsset_Filesystem_History_02.log", "MAAutoAsset_Filesystem_History_04.log", "MAAutoAsset_Filesystem_History_05.log", "MAAutoAsset_Filesystem_History_08.log", "MAAutoAsset_Filesystem_History_09.log", "MAAutoAsset_Filesystem_History_06.log", "MAAutoAsset_Filesystem_History_00.log", "MAAutoAsset_Filesystem_History_07.log", "MAAutoAsset_Filesystem_History.txt", "MAAutoAsset_Locker_History_00.log", "MAAutoAsset_Locker_History_01.log", "MAAutoAsset_Locker_History_03.log", "MAAutoAsset_Locker_History_06.log", "MAAutoAsset_Locker_History_02.log", "MAAutoAsset_Locker_History_04.log", "MAAutoAsset_Locker_History_05.log", "MAAutoAsset_Locker_History_07.log", "MAAutoAsset_Scheduler_History_00.log", "MAAutoAsset_Locker_History.txt", "MAAutoAsset_Locker_History_08.log", "MAAutoAsset_Scheduler_History_03.log", "MAAutoAsset_Scheduler_History_02.log", "MAAutoAsset_Scheduler_History_04.log", "MAAutoAsset_Scheduler_History_01.log", "MAAutoAsset_Locker_History_09.log", "MAAutoAsset_Scheduler_History_07.log", "MAAutoAsset_Scheduler_History_08.log", "MAAutoAsset_Scheduler_History_05.log", "MAAutoAsset_Scheduler_History_06.log", "MAAutoAsset_Scheduler_History.txt", "MAAutoAsset_Scheduler_History_09.log", "MAAutoAsset_Secure_History_01.log", "MAAutoAsset_Secure_History_00.log", "MAAutoAsset_Secure_History_04.log", "MAAutoAsset_Secure_History_05.log", "MAAutoAsset_Secure_History_03.log", "MAAutoAsset_Secure_History_07.log", "MAAutoAsset_Secure_History_08.log", "MAAutoAsset_Secure_History_06.log", "MAAutoAsset_Secure_History_09.log", "MAAutoAsset_Stager_History_01.log", "MAAutoAsset_Stager_History_02.log", "MAAutoAsset_Stager_History_00.log", "MAAutoAsset_Secure_History.txt", "MAAutoAsset_Stager_History_03.log", "MAAutoAsset_Stager_History_05.log", "MAAutoAsset_Stager_History_07.log", "MAAutoAsset_Stager_History_04.log", "MAAutoAsset_Stager_History_08.log", "MAAutoAsset_Stager_History_06.log", "MAAutoAsset_Stager_History_09.log", "MAAutoAsset_Stager_History.txt", "mobile_installation.log.0", "mobile_installation.log.1", "mobile_installation_helper.log.0", "lockdownd.log", "SUCoreSplunkHistory.log", "model_catalog_dump.txt", "model_manager_dump.json", "com.apple.networkextension.necp.rtf", "preferences.rtf", "NetworkInterfaces.rtf", "com.apple.networkextension.rtf", "com.apple.networkextension.uuidcache.rtf", "com.apple.networkextension.cache.rtf", "com.apple.networkextension.control.rtf", "Entity_2024-09-29 22:12:50.359_Blacklist.csv", "capture.rtf", "system.rtf", "[2024-09-29_22,12,45.966405]-LQMLogging-001.txt", "[2024-09-29_22,12,45.960131]-Interface_SoftAP_0-001.txt", "[2024-09-29_22,12,56.122877]-Interface_LowLatency_0-001.txt", "[2024-09-29_22,12,56.815468]-Interface_Infrastructure_0-001.txt", "[2024-09-29_22,12,56.591747]-Interface_AirLink_0-001.txt", "[2024-09-29_22,12,56.327440]-uartFirmwareLogs-001.txt", "[2024-09-29_22,12,56.457960]-AppleOLYHAL_log-001.txt", "AddFileList.txt", "ap1_AllPeersVerbose_IO80211PeerManager.txt", "awdl0_PrintState_IO80211AWDLPeerManager.txt", "awdl0_AllPeersVerbose_IO80211AWDLPeerManager.txt", "BusState.txt", "ConfigManagerState.txt", "CommanderState.txt", "CoreState.txt", "DeviceInfo.xml", "en0_AllPeersVerbose_IO80211PeerManager.txt", "en0_PrintState_IO80211PeerManager.txt", "InterfaceState_apsta.txt", "ap1_PrintState_IO80211PeerManager.txt", "FaultReportState.txt", "History.txt", "InterfaceState_prox.txt", "ivars->fChannelSwitchDictionary[0].xml", "InterfaceState_llw.txt", "JoinManagerState.txt", "ivars->fChannelSwitchDictionary[1].xml", "InterfaceState_skywalkinfra.txt", "ScanManagerState.txt", "LowLatencyRxCompRing", "MMIO_Log.txt", "SoC_Registers.xml", "LowLatencyTxCompRing", "NetManagerState.txt", "[2024-09-29_22,12,56.477273]-AppleBCMWLAN_Logs-001.txt", "disks.txt", "apfs_stats.txt", "oslog_archive_error.log", "ps_thread.txt", "971A5878D635EB8B262FF791353234.rtf", "B730B951A932F5AE2648F478FDDA81.rtf", "E7B80B551D34E4BCDBC1E47D6AB627.rtf", "2B553D16843D7B9CD7A4504A96CF2F.rtf", "594CB14E19331E8CFB5365144D46C4.rtf", "DE90FBA8603371B106DDEC727E696D.rtf", "C1ACD227FD3CE992C115DD95BD2B42.rtf" ], "public": 1, "adversary": "DragonForce Malaysia Hacker Group", "targeted_countries": [ "United States of America" ], "malware_families": [ { "id": "", "display_name": "", "target": null } ], "attack_ids": [ { "id": "T1056", "name": "Input Capture", "display_name": "T1056 - Input Capture" }, { "id": "T1088", "name": "Bypass User Account Control", "display_name": "T1088 - Bypass User Account Control" }, { "id": "T1547", "name": "Boot or Logon Autostart Execution", "display_name": "T1547 - Boot or Logon Autostart Execution" }, { "id": "T1546.004", "name": "Unix Shell Configuration Modification", "display_name": "T1546.004 - Unix Shell Configuration Modification" }, { "id": "T1001", "name": "Data Obfuscation", "display_name": "T1001 - Data Obfuscation" }, { "id": "T1213", "name": "Data from Information Repositories", "display_name": "T1213 - Data from Information Repositories" }, { "id": "T1070.002", "name": "Clear Linux or Mac System Logs", "display_name": "T1070.002 - Clear Linux or Mac System Logs" }, { "id": "T1003", "name": "OS Credential Dumping", "display_name": "T1003 - OS Credential Dumping" }, { "id": "T1445", "name": "Abuse of iOS Enterprise App Signing Key", "display_name": "T1445 - Abuse of iOS Enterprise App Signing Key" }, { "id": "T1001.003", "name": "Protocol Impersonation", "display_name": "T1001.003 - Protocol Impersonation" }, { "id": "T1404", "name": "Exploit OS Vulnerability", "display_name": "T1404 - Exploit OS Vulnerability" } ], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 23, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "ravescoutllc.", "id": "288912", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "FileHash-SHA256": 105, "domain": 70, "hostname": 211, "URL": 125, "email": 2, "FileHash-MD5": 14, "FileHash-SHA1": 212 }, "indicator_count": 739, "is_author": false, "is_subscribing": null, "subscriber_count": 31, "modified_text": "580 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "URL", "related_indicator_is_active": 1 } ], "references": [ "MAAutoAsset_Stager_History_01.log", "MAAutoAsset_Scheduler_History_03.log", "com.apple.networkextension.cache.rtf", "MAAutoAsset_Atomic_History_01.log", "AppConduit.log", "tailspin-history.log", "MAAutoAsset_Scheduler_History_09.log", "MAAutoAsset_Secure_History_08.log", "diagnostic_summary.log", "MobileObliteration.log", "CommandAndControl.log", "FindMyDevice.log", "acLog.plist", "BDC_SBC_version2.8_2024-09-22_05:55:57.csv", "BDC_SmartCharging_version2.6_2024-08-29_00:21:46.csv", "Recoverylogd.log", "BDC_SBC_version2.8_2024-09-18_03:20:38.csv", "fsck.log", "MAAutoAsset_Scheduler_History_00.log", "MAAutoAsset_Error_History_00.log", "MAAutoAsset_Stager_History_04.log", "netstat-POST.txt", "BDC_SBC_version2.6_2024-09-08_17:52:28.csv", "Trial.log", "akd_dcrt_baa_response.txt", "BDC_OBC_version2.8_2024-09-18_23:12:12.csv", "usermanagerd_logs.log", "BDC_OBC_version2.6_2024-08-29_00:19:14.csv", "BDC_SBC_version2.6_2024-09-12_02:07:40.csv", "MAAutoAsset_Stager_History_03.log", "taskSummary.csv", "InterfaceState_skywalkinfra.txt", "syslog.log", "MAAutoAsset_Atomic_History_06.log", "disks.txt", "BDC_SmartCharging_version2.6_2024-09-04_12:00:20.csv", "RunningBoard.log", "watchdogd_ddts.log", "keyboard_cache.log", "ps.txt", "com.apple.avfoundation_CurrentUser.txt", "microstackshots.log", "en0_PrintState_IO80211PeerManager.txt", "CMCaptureTailspins.log", "ScanManagerState.txt", "debug-log.txt", "Buddy.log", "avconferenced-embedded.log", "ForceResetTailspins.log", "MAAutoAsset_Secure_History_05.log", "BridgeActivation 2.log", "MAAutoAsset_Error_History.txt", "971A5878D635EB8B262FF791353234.rtf", "tzDataVersion.log", "ASPSnapshots.log", "rmdinspect_stderr.txt", "LowLatencyRxCompRing", "BDC_Daily_version2.8_2024-09-13_17:49:14.csv", "MAAutoAsset_Atomic_History_09.log", "atcrtcomm.log", "ifconfig.txt", "InterfaceState_apsta.txt", "MAAutoAsset_Scheduler_History_04.log", "hidfw-crashlogs.log", "awdl_status.txt", "MediaserverdBlockageTailspins.log", "MAAutoAsset_Locker_History_04.log", "BDC_SBC_version2.8_2024-09-13_17:49:18.csv", "mobilewifitool.txt", "FDR.log", "BDC_Once_version2.8_2024-09-13_17:49:16.csv", "FaultReportState.txt", "MAAutoAsset_Stager_History_07.log", "[2024-09-29_22,12,56.477273]-AppleBCMWLAN_Logs-001.txt", "taskinfo_stderr.txt", "MAAutoAsset_Secure_History_04.log", "BDC_OBC_version2.8_2024-09-14_00:28:48.csv", "wifi_status.txt", "MAAutoAsset_Filesystem_History_03.log", "MAAutoAsset_Error_History_05.log", "MAAutoAsset_Locker_History_01.log", "Accessibility.log", "BDC_SBC_version2.6_2024-09-02_20:27:16.csv", "SUInfo.log", "capture.rtf", "MAAutoAsset_Secure_History_07.log", "BluetoothCoreDump.log", "OTA.log", "BluetoothAccessory.log", "BridgeReporting.log", "MobileSlideShow.log", "BatteryIntelligence.log", "CoreLocation.log", "mobileactivationd.log.0", "Burnin.log", "2B553D16843D7B9CD7A4504A96CF2F.rtf", "MCUCoreDumps.log", "BDC_SmartCharging_version2.6_2024-09-04_13:19:02.csv", "awdl0_AllPeersVerbose_IO80211AWDLPeerManager.txt", "MAAutoAsset_Filesystem_History_01.log", "diagnostics-connectivity.txt", "E7B80B551D34E4BCDBC1E47D6AB627.rtf", "Frametracer.log", "ConfigManagerState.txt", "asptool_snapshot_timesensitive.log", "BDC_SBC_version2.8_2024-09-14_00:28:50.csv", "akd_dcrt_baa_request.txt", "MAAutoAsset_Locker_History_00.log", "spindump_stderr.txt", "MAAutoAsset_Filesystem_History_06.log", "wifi_scan_cache.txt", "atcrtcomm.txt", "mobile_installation.log.0", "BDC_SBC_version2.6_2024-09-04_13:21:06.csv", "MAAutoAsset_Secure_History_06.log", "com.apple.wifi.syncable-networks.plist", "MAAutoAsset_Filesystem_History_00.log", "C1ACD227FD3CE992C115DD95BD2B42.rtf", "remotectl_dumpstate.txt", "MAAutoAsset_Scheduler_History_06.log", "AppleTypeCRetimerLogs_task_failures.txt", "BDC_SmartCharging_version2.6_2024-09-02_20:25:09.csv", "MAAutoAsset_Stager_History_00.log", "ondemandd.log", "DE90FBA8603371B106DDEC727E696D.rtf", "diagnostics-configuration.txt", "DeviceInfo.xml", "CacheDeletePurgeHistory.txt", "BDC_OBC_version2.8_2024-09-29_15:16:41.csv", "IOSADiagnose.log", "MAAutoAsset_Error_History_02.log", "SoC_Registers.xml", "fileproviderctl_check.log", "MAAutoAsset_Scheduler_History_07.log", "ckksctl_status.txt", "com.apple.networkextension.uuidcache.rtf", "suggest_tool_stderr.txt", "UARP_Packet_Capture.log", "Siri.log", "[2024-09-29_22,12,56.591747]-Interface_AirLink_0-001.txt", "BDC_SmartCharging_version2.6_2024-09-03_04:09:12.csv", "system.rtf", "MSU.log", "LaunchServices.log", "NSURLSession_logs.log", "spindump-meta-collection.log", "CalendarPreferences.log", "ap1_PrintState_IO80211PeerManager.txt", "com.apple.MobileAsset_Global.txt", "Keyboard_Preferences.txt", "CommanderState.txt", "hpmDiagnose.txt", "ModelCatalog_task_failures.txt", "Sentry.log", "WindowServerHangs.log", "netstat-PRE.txt", "3bars.txt", "HangTracerTailspins.log", "parsecd.log", "version", "BDC_SBC_version2.8_2024-09-21_13:45:07.csv", "AlishaLogs.log", "BDC_OBC_version2.8_2024-09-13_23:35:57.csv", "MAAutoAsset_Locker_History_07.log", "DarwinInit.log", "WatchConnectivity.log", "defaults-com.apple.iclouddrive.features.txt", "SiriTextToSpeech.log", "apfs_stats.txt", "BDC_SBC_version2.6_2024-09-13_17:07:26.csv", "FDRDiagnosticReport.plist", "SUCoreSplunkHistory.log", "olddsc.log", "MobileAssetHistory.log", "CaptureSourceInfo_CurrentUser.txt", "MAAutoAsset_Atomic_History_05.log", "MAAutoAsset_Error_History_09.log", "MAAutoAsset_Stager_History_08.log", "BTPHY.log", "codecctl_stderr.txt", "afktool_stderr.txt", "BDC_SBC_version2.8_2024-09-13_17:54:28.csv", "BDC_OBC_version2.6_2024-09-13_16:25:59.csv", "MAAutoAsset_Locker_History_06.log", "Accessibility_Preferences.txt", "[2024-09-29_22,12,56.457960]-AppleOLYHAL_log-001.txt", "ThermalLogs.log", "ivars->fChannelSwitchDictionary[0].xml", "MAAutoAsset_Filesystem_History_08.log", "TimezoneDB.log", "MAAutoAsset_Locker_History_02.log", "jetsam_priority.txt", "MatchTailspins.log", "AppleLocale_CurrentUser.txt", "MAAutoAsset_Filesystem_History_05.log", "MAAutoAsset_Locker_History_09.log", "WiFi.log", "MAAutoAsset_Locker_History_08.log", "SplunkHistory.log", "BDC_SBC_version2.8_2024-09-23_21:27:40.csv", "CompanionSync.log", "AUDeveloperSettings.log", "SocialLayerPlist.log", "awdl0_PrintState_IO80211AWDLPeerManager.txt", "ProtectedCloudStorage.log", "BatteryBDC.log", "com.apple.networkextension.necp.rtf", "fileproviderctl_stderr.txt", "model_manager_dump.json", "LivabilityApp.log", "BDC_SBC_version2.6_2024-09-03_00:11:37.csv", "Proximity.log", "MAAutoAsset_Scheduler_History_08.log", "MobileStoreDemo.log", "ps_thread.txt", "UIPreferredContentSizeCategoryName_CurrentUser.txt", "UARPEndpointPacketCaptures.log", "appinstallation.log", "AGXMTLCompilerCrash.log", "smcDiagnose.txt", "wifi_logarchive.log", "AVConference.log", "NanoPreferencesSync.log", "transparency-sysdiagnose_stderr.txt", "coreaudio_reporting.log", "MAAutoAsset_Filesystem_History_04.log", "MAAutoAsset_Filesystem_History_09.log", "OSEligibility.log", "BDC_SBC_version2.8_2024-09-14_13:32:04.csv", "mobile_installation.log.1", "StoreServices.log", "OTAUpdateLogs.log", "itunesstored.log", "microstackshots_errors.txt", "leaky_ap_stats.txt", "BDC_SBC_version2.6_2024-09-04_12:00:11.csv", "night-shift.log", "MemoryExceptions.log", "diagnose-errors.log", "tailspin-info-ts.log", "Harmony.log", "Splat_Versioning.log", "sysdiagnose.log", "vm_stat.txt", "MailErrorConditions.log", "BDC_SmartCharging_version2.6_2024-09-03_00:11:44.csv", "jetsam_priority_stderr.txt", "MAAutoAsset_Atomic_History_03.log", "ap1_AllPeersVerbose_IO80211PeerManager.txt", "CoreCapture.log", "arp.txt", "MAAutoAsset_Locker_History_03.log", "model_catalog_dump.txt", "DataMigration.log", "BridgeActivation.log", "MAAutoAsset_Filesystem_History.txt", "MCState.log", "MAAutoAsset_Stager_History_05.log", "MAAutoAsset_Error_History_04.log", "MAAutoAsset_Locker_History.txt", "cts.log", "BDC_SBC_version2.6_2024-09-03_11:48:00.csv", "MAAutoAsset_Error_History_07.log", "MAAutoAsset_Secure_History.txt", "SleepCycler.log", "NetworkInterfaces.rtf", "BDC_Daily_version2.6_2024-08-29_00:19:16.csv", "MobileSlideShowPrivateData.log", "MAAutoAsset_Atomic_History_04.log", "demod.log", "MMIO_Log.txt", "Preferences.log", "mount.txt", "MAAutoAsset_Filesystem_History_07.log", "MAAutoAsset_Stager_History_06.log", "brctl-container-list.txt", "NetManagerState.txt", "MAAutoAsset_Scheduler_History_01.log", "com.apple.wifi.syncable-networks.legacy.plist", "bluetooth_status.txt", "coremediacapture-afdebug.log", "AppSupport.log", "MAAutoAsset_Error_History_08.log", "security.txt", "Personalization.log", "ScreenTimeEnabled_CurrentUser.txt", "MAAutoAsset_Scheduler_History_02.log", "B730B951A932F5AE2648F478FDDA81.rtf", "BusState.txt", "MobileBackup.log", "BDC_SBC_version2.6_2024-09-13_02:10:48.csv", "NanoRegistry.log", "[2024-09-29_22,12,45.966405]-LQMLogging-001.txt", "BDC_Once_version2.6_2024-08-29_00:19:16.csv", "Panics.log", "[2024-09-29_22,12,56.815468]-Interface_Infrastructure_0-001.txt", "VideoProcessing.log", "Networking.log", "fileproviderctl_task_failures.txt", "HIDCrashlogs.log", "com.apple.networkextension.control.rtf", "tailspin-info.txt", "CloudKitBookmarks.log", "ATVUpdateLog.log", "powerlogs.log", "time-sensitive-stackshot.log", "tailspin-save-ts-collection.log", "launchdLogs.log", "MAAutoAsset_Scheduler_History.txt", "AirPodPowerMetrics.log", "com.apple.networkextension.rtf", "Resource_Exhaustion.log", "AccessibilityPrefs.log", "BDC_SBC_version2.6_2024-09-13_16:26:54.csv", "MAAutoAsset_Secure_History_01.log", "com.apple.camera_CurrentUser.txt", "[2024-09-29_22,12,56.327440]-uartFirmwareLogs-001.txt", "LogStreamFilter.log", "BDC_SBC_version2.8_2024-09-17_01:27:03.csv", "diagnostics-environment.txt", "MobileActivation.log", "TetheredRestore.log", "AFK.log", "JoinManagerState.txt", "[2024-09-29_22,12,56.122877]-Interface_LowLatency_0-001.txt", "ProactiveInputPredictions.log", "CoreState.txt", "BDC_OBC_version2.8_2024-09-14_13:32:02.csv", "[2024-09-29_22,12,45.960131]-Interface_SoftAP_0-001.txt", "BDC_SBC_version2.6_2024-08-29_00:19:16.csv", "MAAutoAsset_Atomic_History_08.log", "com.apple.wifi.recent-networks.json", "asptool_snapshot.log", "NetworkRelay.log", "fileproviderctl.log", "MAAutoAsset_Atomic_History.txt", "CacheDeleteHistory.log", "srsupporttool_stderr.txt", "BDC_Daily_version2.6_2024-09-04_12:00:11.csv", "HomePodSetUp.log", "GEAvailability.log", "MAAutoAsset_Stager_History_02.log", "SystemVersion.log", "InterfaceState_llw.txt", "wifi_datapath-PRE.txt", "MAAutoAsset_Stager_History.txt", "CoreCaptureBT.log", "SiriAnalytics.log", "security-sysdiagnose.txt", "MAAutoAsset_Secure_History_00.log", "RecentHangTracerTailspins.log", "InterfaceState_prox.txt", "BDC_Daily_version2.8_2024-09-22_16:06:26.csv", "MAAutoAsset_Secure_History_09.log", "AppleLanguages_Global.txt", "Accounts.log", "subscribedAssets_CurrentUser.txt", "BDC_SBC_version2.6_2024-09-13_16:16:55.csv", "unnamed_tasks.log", "MobileKeybagLogs.log", "AppleLocale_Global.txt", "spindump_nosym_errors.txt", "BatteryHealth.log", "BatteryUIPlist.log", "MobileLockdown.log", "README.txt", "crashes_and_spins.log", "MapsSyncJournal.log", "defaults-com.apple.bird.txt", "MAAutoAsset_Atomic_History_02.log", "BDC_SmartCharging_version2.6_2024-09-03_11:48:07.csv", "MAAutoAsset_Stager_History_09.log", "SensorKit.log", "BDC_SBC_version2.8_2024-09-23_19:56:36.csv", "wifi_datapath-POST.txt", "BDC_Daily_version2.8_2024-09-21_13:45:08.csv", "MAAutoAsset_Atomic_History_00.log", "en0_AllPeersVerbose_IO80211PeerManager.txt", "BDC_SBC_version2.8_2024-09-24_19:36:33.csv", "ioreg_stderr.txt", "Contacts.log", "process_proxied_device_logs.log", "mobile_installation_helper.log.0", "watchdog.log", "com.apple.coreaudio_CurrentUser.txt", "wifi_scan.txt", "stackshots.log", "copySpringBoardStateDump.log", "MAAutoAsset_Secure_History_03.log", "594CB14E19331E8CFB5365144D46C4.rtf", "lockdownd.log", "hidutil.plist", "com.apple.coremedia_CurrentUser.txt", "network_status.txt", "preferences.rtf", "MAAutoAsset_Error_History_06.log", "BDC_SBC_version2.8_2024-09-18_23:12:15.csv", "MAAutoAsset_Scheduler_History_05.log", "BASEBAND_TS_TRIGGER.log", "ioreg_task_failures.txt", "astro.log", "MobileInstallation.log", "BDC_SBC_version2.8_2024-09-14_01:16:12.csv", "History.txt", "oslog_archive_error.log", "HCI.log", "SpaceAttributionTelemetry.log", "AddFileList.txt", "LowLatencyTxCompRing", "brctl.log", "ACLogs.log", "BDC_SBC_version2.6_2024-09-11_00:27:57.csv", "GenerativeExperiences.log", "transparency.log", "MAAutoAsset_Locker_History_05.log", "UnifiedAsset.log", "Entity_2024-09-29 22:12:50.359_Blacklist.csv", "ivars->fChannelSwitchDictionary[1].xml", "AppleLanguages_CurrentUser.txt", "MAAutoAsset_Filesystem_History_02.log", "Mobile_Demo.log" ], "related": { "alienvault": { "adversary": [], "malware_families": [], "industries": [], "unique_indicators": 0 }, "other": { "adversary": [ "DragonForce Malaysia Hacker Group" ], "malware_families": [ "" ], "industries": [], "unique_indicators": 962 } } }, "false_positive": [], "alexa": "http://www.alexa.com/siteinfo/google.drive", "whois": "http://whois.domaintools.com/google.drive", "domain": "google.drive", "hostname": "sites.google.drive" }, "geo": {}, "geo_ipapicom": {}, "pulse_count": 4, "pulses": [ { "id": "69e9cd25393e970647c8678e", "name": "[Jane\u2019s Apple iPhone 12 is claimed dead] Credit by ravescoutllc [clone]", "description": "", "modified": "2026-05-24T03:39:11.660000", "created": "2026-04-23T07:41:25.872000", "tags": [ "idle", "deferred", "important", "unknown", "dock", "uisupport", "freezer", "fgsupport", "audio", "driverkit", "runner", "critical", "s0x0180", "s0x01a1", "s0x01a4", "c0x03", "s0x0401", "s0x0402", "s0x0507", "s0x0524", "s0x052a", "s0x060b", "networkappid", "user uid", "prsna pid", "ppid f", "mem pri", "ni vsz", "rss wchan", "tt stat", "started time", "command root", "memgraph", "path to", "dump file", "csstore viewer", "night shift", "status", "daystarthour", "daystartminute", "nightstarthour", "version", "sunsetsunrise", "mach virtual", "memory", "devdisk1s1", "privatevar", "calls", "number", "file defrag", "metadata", "write", "object cache", "fx defrag", "vnopallocate", "vnopblktooff", "vnopblockmap", "meta", "stats", "ckkstlkshare", "cliquestatusin", "sha256", "autounlock", "home", "backstop", "passwords", "applepay", "manatee", "wifi", "a w0", "device", "shared ipad", "appleaopinput", "code0", "userinfo", "fpck", "completed", "current network", "ipv6", "awdl", "security", "legacy wifi", "ipv4", "count", "interval", "timestamp name", "open", "nonpsc", "active", "not associated", "noop", "interface", "scan results", "duration result", "description", "congested wifi", "channel", "current channel", "ht40", "networks", "i en0", "paired", "connected", "status power", "mac address", "f5 discoverable", "scanning", "onetouch tb1x", "address", "airport sync", "airport network", "rave scout", "salman", "scout iphone", "guest agrp", "guest mdat", "items", "begin", "begin wifi", "end wifi", "collect", "dump", "end corecapture", "logs", "begin device", "end device", "method", "supported", "status mac", "op mode", "bssid", "tx rate", "mbps security", "phy mode", "mcs index", "guard period", "errors summary", "report guard", "scan psf", "period ranges", "aw errors", "summary", "ap stats", "ap status", "period", "status primary", "wwan", "disabled awdl", "status ipv6", "mode", "off awdl", "auto", "discovery", "disabled", "could", "cfnetwork", "dns server", "ping lan", "resolve dns", "ping wan", "rbentitlements", "osservice", "background", "invalidate", "xpcservice", "rbstagattribute", "rbassertion", "transientstate", "7529", "8030", "keepalive", "4372", "5760", "8181", "10058", "lockscreen", "test", "trace", "9872", "ckavmediaobject", "iiolaunchinfo", "ckmediaobject", "mxvolumelimiton", "swqwerty", "swemoji", "height", "width", "name", "pixelformattype", "index", "isobase", "sensorheight", "sensorwidth", "aemaxgain", "sensorcropwidth", "formats", "flash", "default filters", "candidate", "enforcing size", "limit", "mb on", "added", "done enforcing", "size limit", "file", "filters", "max size", "duplicate file", "file past", "beginswith", "endswith", "longhang", "excresource", "analytics", "predicate", "predicate not", "matches", "not self", "contains", "e5a2a", "ca156", "dc789", "b1a67", "e7e17", "e2175", "c63d2", "c453c", "cd7d4", "e0fe6", "plist", "dict", "integer", "doctype", "public", "appledtd plist", "ckperboottasks", "array", "ckstartuptime", "optimizestorage", "recorder", "player", "editor", "citymd", "manager", "student", "cleaner", "booster", "smart", "languages", "applelocale" ], "references": [ "jetsam_priority.txt", "tailspin-info.txt", "ps.txt", "oslog_archive_error.log", "README.txt", "night-shift.log", "vm_stat.txt", "mount.txt", "apfs_stats.txt", "ckksctl_status.txt", "ioreg_task_failures.txt", "transparency-sysdiagnose_stderr.txt", "fileproviderctl_task_failures.txt", "spindump_stderr.txt", "taskinfo_stderr.txt", "rmdinspect_stderr.txt", "ModelCatalog_task_failures.txt", "afktool_stderr.txt", "jetsam_priority_stderr.txt", "microstackshots_errors.txt", "AppleTypeCRetimerLogs_task_failures.txt", "ioreg_stderr.txt", "spindump_nosym_errors.txt", "codecctl_stderr.txt", "srsupporttool_stderr.txt", "fileproviderctl_stderr.txt", "suggest_tool_stderr.txt", "mobilewifitool.txt", "com.apple.wifi.syncable-networks.legacy.plist", "diagnostics-configuration.txt", "wifi_scan_cache.txt", "wifi_datapath-PRE.txt", "3bars.txt", "diagnostics-environment.txt", "arp.txt", "netstat-POST.txt", "bluetooth_status.txt", "security.txt", "debug-log.txt", "wifi_status.txt", "netstat-PRE.txt", "leaky_ap_stats.txt", "wifi_datapath-POST.txt", "wifi_logarchive.log", "com.apple.wifi.recent-networks.json", "network_status.txt", "com.apple.wifi.syncable-networks.plist", "ifconfig.txt", "awdl_status.txt", "wifi_scan.txt", "diagnostics-connectivity.txt", "BASEBAND_TS_TRIGGER.log", "Accounts.log", "CoreCapture.log", "appinstallation.log", "FindMyDevice.log", "AlishaLogs.log", "atcrtcomm.log", "Accessibility.log", "CMCaptureTailspins.log", "NanoPreferencesSync.log", "MCUCoreDumps.log", "AppSupport.log", "RecentHangTracerTailspins.log", "DataMigration.log", "BatteryUIPlist.log", "BatteryHealth.log", "UARPEndpointPacketCaptures.log", "time-sensitive-stackshot.log", "OTAUpdateLogs.log", "MobileKeybagLogs.log", "cts.log", "SensorKit.log", "CacheDeleteHistory.log", "CloudKitBookmarks.log", "MobileBackup.log", "AccessibilityPrefs.log", "WatchConnectivity.log", "Frametracer.log", "LogStreamFilter.log", "Panics.log", "OSEligibility.log", "process_proxied_device_logs.log", "Harmony.log", "CalendarPreferences.log", "Sentry.log", "MediaserverdBlockageTailspins.log", "MobileStoreDemo.log", "coremediacapture-afdebug.log", "CoreCaptureBT.log", "crashes_and_spins.log", "StoreServices.log", "itunesstored.log", "brctl.log", "CommandAndControl.log", "NanoRegistry.log", "DarwinInit.log", "MobileLockdown.log", "ProactiveInputPredictions.log", "tailspin-save-ts-collection.log", "SiriAnalytics.log", "usermanagerd_logs.log", "GenerativeExperiences.log", "Contacts.log", "astro.log", "stackshots.log", "NetworkRelay.log", "Siri.log", "MatchTailspins.log", "SpaceAttributionTelemetry.log", "olddsc.log", "ondemandd.log", "ACLogs.log", "SocialLayerPlist.log", "BridgeActivation.log", "SleepCycler.log", "OTA.log", "unnamed_tasks.log", "fsck.log", "tailspin-info-ts.log", "AVConference.log", "MCState.log", "RunningBoard.log", "ATVUpdateLog.log", "AirPodPowerMetrics.log", "MailErrorConditions.log", "hidfw-crashlogs.log", "CoreLocation.log", "SiriTextToSpeech.log", "AUDeveloperSettings.log", "Preferences.log", "ForceResetTailspins.log", "UnifiedAsset.log", "MapsSyncJournal.log", "Burnin.log", "MSU.log", "BluetoothAccessory.log", "VideoProcessing.log", "HIDCrashlogs.log", "Proximity.log", "BridgeActivation 2.log", "MobileAssetHistory.log", "Resource_Exhaustion.log", "avconferenced-embedded.log", "watchdog.log", "LaunchServices.log", "powerlogs.log", "MobileInstallation.log", "SUInfo.log", "spindump-meta-collection.log", "LivabilityApp.log", "syslog.log", "BatteryIntelligence.log", "keyboard_cache.log", "Splat_Versioning.log", "CompanionSync.log", "Personalization.log", "Buddy.log", "TetheredRestore.log", "BTPHY.log", "MemoryExceptions.log", "BluetoothCoreDump.log", "copySpringBoardStateDump.log", "diagnostic_summary.log", "SplunkHistory.log", "ThermalLogs.log", "Mobile_Demo.log", "BridgeReporting.log", "TimezoneDB.log", "AppConduit.log", "microstackshots.log", "SystemVersion.log", "watchdogd_ddts.log", "NSURLSession_logs.log", "MobileActivation.log", "tailspin-history.log", "MobileSlideShow.log", "AFK.log", "MobileSlideShowPrivateData.log", "demod.log", "HangTracerTailspins.log", "Networking.log", "AGXMTLCompilerCrash.log", "ASPSnapshots.log", "BatteryBDC.log", "Trial.log", "ProtectedCloudStorage.log", "MobileObliteration.log", "HCI.log", "UARP_Packet_Capture.log", "launchdLogs.log", "coreaudio_reporting.log", "WiFi.log", "FDR.log", "WindowServerHangs.log", "HomePodSetUp.log", "Recoverylogd.log", "parsecd.log", "diagnose-errors.log", "defaults-com.apple.bird.txt", "defaults-com.apple.iclouddrive.features.txt", "brctl-container-list.txt", "AppleLanguages_Global.txt", "com.apple.avfoundation_CurrentUser.txt", "subscribedAssets_CurrentUser.txt", "com.apple.coreaudio_CurrentUser.txt", "Accessibility_Preferences.txt", "com.apple.MobileAsset_Global.txt", "ScreenTimeEnabled_CurrentUser.txt", "UIPreferredContentSizeCategoryName_CurrentUser.txt", "AppleLocale_CurrentUser.txt", "AppleLocale_Global.txt", "com.apple.coremedia_CurrentUser.txt", "Keyboard_Preferences.txt", "AppleLanguages_CurrentUser.txt", "com.apple.camera_CurrentUser.txt", "CaptureSourceInfo_CurrentUser.txt" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "white", "cloned_from": "67068646eec25524c2446ece", "export_count": 0, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "msudosos", "id": "381696", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "FileHash-SHA256": 98, "FileHash-SHA1": 12, "URL": 69, "domain": 29, "hostname": 68, "FileHash-MD5": 11, "email": 1, "BitcoinAddress": 2, "IPv4": 2 }, "indicator_count": 292, "is_author": false, "is_subscribing": null, "subscriber_count": 70, "modified_text": "9 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "URL", "related_indicator_is_active": 1 }, { "id": "67068646eec25524c2446ece", "name": "Jane\u2019s Apple iPhone 12 is claimed dead", "description": "", "modified": "2024-11-08T13:04:19.590000", "created": "2024-10-09T13:33:58.463000", "tags": [ "idle", "deferred", "important", "unknown", "dock", "uisupport", "freezer", "fgsupport", "audio", "driverkit", "runner", "critical", "s0x0180", "s0x01a1", "s0x01a4", "c0x03", "s0x0401", "s0x0402", "s0x0507", "s0x0524", "s0x052a", "s0x060b", "networkappid", "user uid", "prsna pid", "ppid f", "mem pri", "ni vsz", "rss wchan", "tt stat", "started time", "command root", "memgraph", "path to", "dump file", "csstore viewer", "night shift", "status", "daystarthour", "daystartminute", "nightstarthour", "version", "sunsetsunrise", "mach virtual", "memory", "devdisk1s1", "privatevar", "calls", "number", "file defrag", "metadata", "write", "object cache", "fx defrag", "vnopallocate", "vnopblktooff", "vnopblockmap", "meta", "stats", "ckkstlkshare", "cliquestatusin", "sha256", "autounlock", "home", "backstop", "passwords", "applepay", "manatee", "wifi", "a w0", "device", "shared ipad", "appleaopinput", "code0", "userinfo", "fpck", "completed", "current network", "ipv6", "awdl", "security", "legacy wifi", "ipv4", "count", "interval", "timestamp name", "open", "nonpsc", "active", "not associated", "noop", "interface", "scan results", "duration result", "description", "congested wifi", "channel", "current channel", "ht40", "networks", "i en0", "paired", "connected", "status power", "mac address", "f5 discoverable", "scanning", "onetouch tb1x", "address", "airport sync", "airport network", "rave scout", "salman", "scout iphone", "guest agrp", "guest mdat", "items", "begin", "begin wifi", "end wifi", "collect", "dump", "end corecapture", "logs", "begin device", "end device", "method", "supported", "status mac", "op mode", "bssid", "tx rate", "mbps security", "phy mode", "mcs index", "guard period", "errors summary", "report guard", "scan psf", "period ranges", "aw errors", "summary", "ap stats", "ap status", "period", "status primary", "wwan", "disabled awdl", "status ipv6", "mode", "off awdl", "auto", "discovery", "disabled", "could", "cfnetwork", "dns server", "ping lan", "resolve dns", "ping wan", "rbentitlements", "osservice", "background", "invalidate", "xpcservice", "rbstagattribute", "rbassertion", "transientstate", "7529", "8030", "keepalive", "4372", "5760", "8181", "10058", "lockscreen", "test", "trace", "9872", "ckavmediaobject", "iiolaunchinfo", "ckmediaobject", "mxvolumelimiton", "swqwerty", "swemoji", "height", "width", "name", "pixelformattype", "index", "isobase", "sensorheight", "sensorwidth", "aemaxgain", "sensorcropwidth", "formats", "flash", "default filters", "candidate", "enforcing size", "limit", "mb on", "added", "done enforcing", "size limit", "file", "filters", "max size", "duplicate file", "file past", "beginswith", "endswith", "longhang", "excresource", "analytics", "predicate", "predicate not", "matches", "not self", "contains", "e5a2a", "ca156", "dc789", "b1a67", "e7e17", "e2175", "c63d2", "c453c", "cd7d4", "e0fe6", "plist", "dict", "integer", "doctype", "public", "appledtd plist", "ckperboottasks", "array", "ckstartuptime", "optimizestorage", "recorder", "player", "editor", "citymd", "manager", "student", "cleaner", "booster", "smart", "languages", "applelocale" ], "references": [ "jetsam_priority.txt", "tailspin-info.txt", "ps.txt", "oslog_archive_error.log", "README.txt", "night-shift.log", "vm_stat.txt", "mount.txt", "apfs_stats.txt", "ckksctl_status.txt", "ioreg_task_failures.txt", "transparency-sysdiagnose_stderr.txt", "fileproviderctl_task_failures.txt", "spindump_stderr.txt", "taskinfo_stderr.txt", "rmdinspect_stderr.txt", "ModelCatalog_task_failures.txt", "afktool_stderr.txt", "jetsam_priority_stderr.txt", "microstackshots_errors.txt", "AppleTypeCRetimerLogs_task_failures.txt", "ioreg_stderr.txt", "spindump_nosym_errors.txt", "codecctl_stderr.txt", "srsupporttool_stderr.txt", "fileproviderctl_stderr.txt", "suggest_tool_stderr.txt", "mobilewifitool.txt", "com.apple.wifi.syncable-networks.legacy.plist", "diagnostics-configuration.txt", "wifi_scan_cache.txt", "wifi_datapath-PRE.txt", "3bars.txt", "diagnostics-environment.txt", "arp.txt", "netstat-POST.txt", "bluetooth_status.txt", "security.txt", "debug-log.txt", "wifi_status.txt", "netstat-PRE.txt", "leaky_ap_stats.txt", "wifi_datapath-POST.txt", "wifi_logarchive.log", "com.apple.wifi.recent-networks.json", "network_status.txt", "com.apple.wifi.syncable-networks.plist", "ifconfig.txt", "awdl_status.txt", "wifi_scan.txt", "diagnostics-connectivity.txt", "BASEBAND_TS_TRIGGER.log", "Accounts.log", "CoreCapture.log", "appinstallation.log", "FindMyDevice.log", "AlishaLogs.log", "atcrtcomm.log", "Accessibility.log", "CMCaptureTailspins.log", "NanoPreferencesSync.log", "MCUCoreDumps.log", "AppSupport.log", "RecentHangTracerTailspins.log", "DataMigration.log", "BatteryUIPlist.log", "BatteryHealth.log", "UARPEndpointPacketCaptures.log", "time-sensitive-stackshot.log", "OTAUpdateLogs.log", "MobileKeybagLogs.log", "cts.log", "SensorKit.log", "CacheDeleteHistory.log", "CloudKitBookmarks.log", "MobileBackup.log", "AccessibilityPrefs.log", "WatchConnectivity.log", "Frametracer.log", "LogStreamFilter.log", "Panics.log", "OSEligibility.log", "process_proxied_device_logs.log", "Harmony.log", "CalendarPreferences.log", "Sentry.log", "MediaserverdBlockageTailspins.log", "MobileStoreDemo.log", "coremediacapture-afdebug.log", "CoreCaptureBT.log", "crashes_and_spins.log", "StoreServices.log", "itunesstored.log", "brctl.log", "CommandAndControl.log", "NanoRegistry.log", "DarwinInit.log", "MobileLockdown.log", "ProactiveInputPredictions.log", "tailspin-save-ts-collection.log", "SiriAnalytics.log", "usermanagerd_logs.log", "GenerativeExperiences.log", "Contacts.log", "astro.log", "stackshots.log", "NetworkRelay.log", "Siri.log", "MatchTailspins.log", "SpaceAttributionTelemetry.log", "olddsc.log", "ondemandd.log", "ACLogs.log", "SocialLayerPlist.log", "BridgeActivation.log", "SleepCycler.log", "OTA.log", "unnamed_tasks.log", "fsck.log", "tailspin-info-ts.log", "AVConference.log", "MCState.log", "RunningBoard.log", "ATVUpdateLog.log", "AirPodPowerMetrics.log", "MailErrorConditions.log", "hidfw-crashlogs.log", "CoreLocation.log", "SiriTextToSpeech.log", "AUDeveloperSettings.log", "Preferences.log", "ForceResetTailspins.log", "UnifiedAsset.log", "MapsSyncJournal.log", "Burnin.log", "MSU.log", "BluetoothAccessory.log", "VideoProcessing.log", "HIDCrashlogs.log", "Proximity.log", "BridgeActivation 2.log", "MobileAssetHistory.log", "Resource_Exhaustion.log", "avconferenced-embedded.log", "watchdog.log", "LaunchServices.log", "powerlogs.log", "MobileInstallation.log", "SUInfo.log", "spindump-meta-collection.log", "LivabilityApp.log", "syslog.log", "BatteryIntelligence.log", "keyboard_cache.log", "Splat_Versioning.log", "CompanionSync.log", "Personalization.log", "Buddy.log", "TetheredRestore.log", "BTPHY.log", "MemoryExceptions.log", "BluetoothCoreDump.log", "copySpringBoardStateDump.log", "diagnostic_summary.log", "SplunkHistory.log", "ThermalLogs.log", "Mobile_Demo.log", "BridgeReporting.log", "TimezoneDB.log", "AppConduit.log", "microstackshots.log", "SystemVersion.log", "watchdogd_ddts.log", "NSURLSession_logs.log", "MobileActivation.log", "tailspin-history.log", "MobileSlideShow.log", "AFK.log", "MobileSlideShowPrivateData.log", "demod.log", "HangTracerTailspins.log", "Networking.log", "AGXMTLCompilerCrash.log", "ASPSnapshots.log", "BatteryBDC.log", "Trial.log", "ProtectedCloudStorage.log", "MobileObliteration.log", "HCI.log", "UARP_Packet_Capture.log", "launchdLogs.log", "coreaudio_reporting.log", "WiFi.log", "FDR.log", "WindowServerHangs.log", "HomePodSetUp.log", "Recoverylogd.log", "parsecd.log", "diagnose-errors.log", "defaults-com.apple.bird.txt", "defaults-com.apple.iclouddrive.features.txt", "brctl-container-list.txt", "AppleLanguages_Global.txt", "com.apple.avfoundation_CurrentUser.txt", "subscribedAssets_CurrentUser.txt", "com.apple.coreaudio_CurrentUser.txt", "Accessibility_Preferences.txt", "com.apple.MobileAsset_Global.txt", "ScreenTimeEnabled_CurrentUser.txt", "UIPreferredContentSizeCategoryName_CurrentUser.txt", "AppleLocale_CurrentUser.txt", "AppleLocale_Global.txt", "com.apple.coremedia_CurrentUser.txt", "Keyboard_Preferences.txt", "AppleLanguages_CurrentUser.txt", "com.apple.camera_CurrentUser.txt", "CaptureSourceInfo_CurrentUser.txt" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 23, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "ravescoutllc.", "id": "288912", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "FileHash-SHA256": 86, "FileHash-SHA1": 2, "URL": 65, "domain": 13, "hostname": 49, "FileHash-MD5": 3, "email": 1 }, "indicator_count": 219, "is_author": false, "is_subscribing": null, "subscriber_count": 31, "modified_text": "571 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "URL", "related_indicator_is_active": 1 }, { "id": "66fae0cea9dbd082c30e30ea", "name": "The Jane Syndrome Files: Espionage-Grade Apple iPhone Infiltration", "description": "Here is a full list of details about Apple's latest operating system (OS) and the services it offers: DNS poisonings, network insecurities, malware, malicious script injections.", "modified": "2024-10-30T16:01:07.364000", "created": "2024-09-30T17:33:02.318000", "tags": [ "disabled awdl", "awdl", "status ipv6", "mode", "off awdl", "auto", "discovery", "disabled", "status power", "mac address", "f5 discoverable", "scanning", "current network", "wifi", "security", "wpa2 personal", "legacy", "ipv6", "count", "interval", "timestamp name", "open", "begin", "d71ff", "status", "begin wifi", "collect", "end wifi", "logs", "dump", "end corecapture", "cache", "stats", "cfnetwork", "could", "could ping", "dns server", "duration result", "description", "reach apple", "ping lan", "resolve dns", "number", "guard period", "errors summary", "report guard", "scan psf", "period ranges", "aw errors", "summary", "ap stats", "ap status", "period", "i en0", "airport sync", "airport network", "rave scout", "salman", "scout iphone", "guest agrp", "guest mdat", "items", "status primary", "ipv4", "interface", "nonpsc", "active", "address", "method", "supported", "status mac", "ssid", "bssid", "rssi", "tx rate", "mbps security", "congested wifi", "channel", "current channel", "ht40", "networks", "ht40 network", "wifi cc", "mcastaesccm", "mcasttkip", "fiosd8f6r", "jparadise", "bradstevens", "hazelnuthut", "karen dave", "fios", "brookleyroad", "mobile", "gator", "mach virtual", "memory", "never", "command", "execution time", "timeout", "max rss", "o user", "o ppid", "usrbintaskinfo", "a registry", "ioservice", "state", "executing task", "cpu time", "child process", "cpuwall", "cputimeout", "task container", "handshake", "tmpoutputdir", "executing", "phase", "locker", "atomic", "error", "companion", "savage", "demo", "trigger", "caller", "autounlock", "macbook air", "leaflifetime", "evaluationtime", "afterctflagday", "anchorsource", "validstatus", "numberscts", "mmcs", "unknown", "lmdc", "fssnapshot", "fpck", "fpsnapshot", "fpckrunreason", "iphone", "version", "product type", "os build", "appleinternal", "cpuarchitecture", "chipid", "hwmodel", "d53gap", "hassep", "ap1i", "ap1p", "ap1v", "b0ti", "d1pt", "iq0b", "iq1b", "mbse", "adce", "aopc", "bupt", "chcc", "chif", "upof", "waps", "warp", "wass", "default filters", "size limit", "mb on", "done enforcing", "file", "candidate", "filters", "enforcing size", "limit", "added", "predicate not", "file past", "beginswith", "endswith", "excresource", "analytics", "predicate", "not self", "contains", "max size", "matches", "osvalueobject", "ioport", "ioregistryentry", "iopower", "ioaccessory", "iousb", "iodevicetree", "root", "class", "wcfb", "gtd0x0 dtb", "rfrs", "adfh", "adhf", "vbwr", "vbrr", "cfdwc", "cfdrc", "dlwd", "gcrd", "gccan1 gcmust0", "gccan0 gcmust0", "erase quantile", "bad blocks", "max band", "eol erase", "user partition", "indpoolfree", "key1242", "timestamp", "weightedra", "qmax0", "cyclecount", "timeathighsoc", "chargingvoltage", "bhserviceflags", "04430", "familycode", "vacvoltagelimit", "53685452100", "53685452811", "1284430", "53685452411", "04410", "11524410", "53685452401", "1284410", "10244410", "11534410", "11524430", "10244430", "11534430", "53685451811", "53685451911", "chemid", "algochemid", "eeee", "designcapacity", "presentdod0", "currentcapacity", "ischarging", "temperature", "amperage", "instantamperage", "voltage", "stateofcharge", "chargeaccum", "chargingstate", "inflowstate", "chargelimit", "checkpoint", "decisionmaker", "modeofoperation", "af96b", "begin bluetooth", "b590b", "e97d3", "e1306", "certificate", "start", "status code", "sameorigin body", "xsannwhh5zixhy", "debug", "sun sep", "thu sep", "notice", "fri sep", "unbrick", "dcrt reissue", "commcenter fri", "sat sep", "commcenter sun", "data", "plist", "dict", "post useragent", "dcrt", "body", "doctype", "public", "pkitruststore", "download", "autolocker", "autojob", "data container", "installing", "ls save", "ls operation", "customer", "lsinstalltype", "miinstaller", "staging", "update", "consumed", "missingvalue", "raptor certs", "full service", "pinged configd", "cachedata", "cacheextra", "gmt4", "boot session", "bonjour", "f0fs24 cf0", "xml version", "appledtd plist", "adapter", "sen097", "wairport97", "t3gpp u8721", "u960 u8747", "bae69693u8719", "c2cb", "f1f49791page", "c4 e8", "page", "xethernet97", "sen1u8260", "u8721 u8719", "u8805 a5u8706", "a5u8706 u8721", "u8719 u960", "u8800 c6d8u8734", "b1u8804 u8805", "u8747 aabau937", "u64258 u8800", "u8747 u8776", "u64257 u64258", "u305 u8710", "u63743", "u8260", "u8805 u8706", "u731 u711", "u731", "u733", "time", "time secs", "uuid", "osversion", "lqmlogging", "su ms", "nb nrs", "na cm", "ex tf", "ffp mret", "highband", "ghz sep", "noise 88", "capture", "interfacelogs", "disabledatapath", "role lowlatency", "enabledatapath", "tx submission", "queue sep", "disablesync", "txsubq sep", "datapath", "printdatapath", "txsub disable", "txsub enable", "awdl prox", "awdl interface", "appleolyhal", "iopcidevice", "iopcidevice sep", "appleolyhallog", "pktsec", "mbitssec", "txreported", "u0 m0", "rxmacst", "monitor0 vif", "ff input", "pmopen", "rssi 100", "flushed", "rssi threshold", "service", "p2p concurrency", "allowed", "multicast", "unicast", "p2p interface", "off configured", "host edge", "awdl0", "awdl state", "configured", "d12c2680", "monitor18 vif", "transition", "wait", "device sleep", "device wake", "device active", "pending", "pnd0", "exit", "int state", "tx power", "cap config", "device tree", "ps params", "dtim", "motion profile", "womp disabled", "region info", "lla prefer", "prefer", "moving", "logic", "config", "wlcgetbssinfo", "queue", "check que", "wd scheduled1", "curr", "configure wd", "history", "wlcsetlrl", "wlcgetcountry", "debuggable", "eventbitfield", "fwid 01b0ec0e2e", "d53gap build", "device serial", "file name", "wme acm", "frequestiotx", "busytags", "peer", "u409224", "u527236 m103198", "monitor2827", "totaldropped0", "queue status", "totalflushed0", "tx completion", "rx completion", "fault report", "logging rx", "join mgr", "backpl", "85 85", "fl2 rt601", "bsside2", "rssi avg", "41 48", "44 42", "46 48", "43 42", "io80211 scan", "updated", "mpdus", "chanspec", "roam candidate", "logtransition", "cache channels", "scan home", "infra", "filesystem size", "avail capacity", "devdisk1s1", "dev devdisk1s6", "devdisk1s3", "calls", "file defrag", "metadata", "write", "object cache", "read", "fx defrag", "vnopallocate", "vnopblktooff", "meta", "user pid", "cpu stat", "pri stime", "utime command", "ppid f", "mem pri", "ni vsz", "rss wchan", "started time", "wd scheduled0", "e666293574", "monitor38 vif", "u2642957", "u4321860 m8433", "monitor9744", "b7c5a", "fl2 rt3505", "43 43", "bssid00", "lightphoneii", "43 44", "44 44", "rx data", "f4e0wf", "session", "cached", "access", "integer not", "null default", "null", "text not", "from", "text unique", "where", "order by", "not null", "bool not", "expected t", "nsdata", "unique", "integer primary", "array", "hard", "u63743 fceae8" ], "references": [ "awdl_status.txt", "arp.txt", "bluetooth_status.txt", "com.apple.wifi.syncable-networks.legacy.plist", "com.apple.wifi.syncable-networks.plist", "diagnostics-configuration.txt", "debug-log.txt", "diagnostics-connectivity.txt", "com.apple.wifi.recent-networks.json", "ifconfig.txt", "leaky_ap_stats.txt", "netstat-POST.txt", "mobilewifitool.txt", "security.txt", "netstat-PRE.txt", "network_status.txt", "wifi_datapath-PRE.txt", "wifi_scan_cache.txt", "wifi_logarchive.log", "wifi_datapath-POST.txt", "wifi_status.txt", "diagnostics-environment.txt", "wifi_scan.txt", "vm_stat.txt", "transparency.log", "tzDataVersion.log", "tailspin-info.txt", "taskSummary.csv", "sysdiagnose.log", "security-sysdiagnose.txt", "fileproviderctl_check.log", "hpmDiagnose.txt", "fileproviderctl.log", "hidutil.plist", "remotectl_dumpstate.txt", "smcDiagnose.txt", "BridgeReporting.log", "BridgeActivation.log", "AppConduit.log", "appinstallation.log", "AlishaLogs.log", "ASPSnapshots.log", "AppSupport.log", "astro.log", "AUDeveloperSettings.log", "ATVUpdateLog.log", "AVConference.log", "atcrtcomm.log", "BatteryBDC.log", "avconferenced-embedded.log", "BatteryIntelligence.log", "BluetoothAccessory.log", "BluetoothCoreDump.log", "BatteryHealth.log", "BatteryUIPlist.log", "brctl.log", "BASEBAND_TS_TRIGGER.log", "BTPHY.log", "Burnin.log", "Buddy.log", "CacheDeleteHistory.log", "CalendarPreferences.log", "CMCaptureTailspins.log", "CompanionSync.log", "CommandAndControl.log", "Contacts.log", "coreaudio_reporting.log", "CoreCapture.log", "copySpringBoardStateDump.log", "CoreLocation.log", "CoreCaptureBT.log", "crashes_and_spins.log", "cts.log", "coremediacapture-afdebug.log", "DarwinInit.log", "demod.log", "DataMigration.log", "FDR.log", "diagnostic_summary.log", "ForceResetTailspins.log", "Frametracer.log", "fsck.log", "FindMyDevice.log", "HangTracerTailspins.log", "GenerativeExperiences.log", "Harmony.log", "HIDCrashlogs.log", "HCI.log", "HomePodSetUp.log", "hidfw-crashlogs.log", "itunesstored.log", "LivabilityApp.log", "keyboard_cache.log", "LaunchServices.log", "MailErrorConditions.log", "MapsSyncJournal.log", "MatchTailspins.log", "MCState.log", "MCUCoreDumps.log", "MediaserverdBlockageTailspins.log", "MemoryExceptions.log", "MobileActivation.log", "microstackshots.log", "LogStreamFilter.log", "Mobile_Demo.log", "MobileInstallation.log", "MobileBackup.log", "MobileKeybagLogs.log", "MobileAssetHistory.log", "launchdLogs.log", "MobileSlideShow.log", "MobileLockdown.log", "MobileObliteration.log", "MobileSlideShowPrivateData.log", "MSU.log", "MobileStoreDemo.log", "NanoPreferencesSync.log", "NanoRegistry.log", "NSURLSession_logs.log", "Networking.log", "NetworkRelay.log", "ondemandd.log", "olddsc.log", "OTA.log", "OSEligibility.log", "OTAUpdateLogs.log", "Panics.log", "Personalization.log", "parsecd.log", "powerlogs.log", "process_proxied_device_logs.log", "ProactiveInputPredictions.log", "Preferences.log", "Proximity.log", "ProtectedCloudStorage.log", "RecentHangTracerTailspins.log", "RunningBoard.log", "Recoverylogd.log", "Resource_Exhaustion.log", "SensorKit.log", "SiriTextToSpeech.log", "Sentry.log", "Siri.log", "SiriAnalytics.log", "SleepCycler.log", "SocialLayerPlist.log", "spindump-meta-collection.log", "SplunkHistory.log", "stackshots.log", "SUInfo.log", "StoreServices.log", "SystemVersion.log", "Splat_Versioning.log", "syslog.log", "tailspin-history.log", "ThermalLogs.log", "tailspin-info-ts.log", "Trial.log", "UARP_Packet_Capture.log", "TetheredRestore.log", "UnifiedAsset.log", "time-sensitive-stackshot.log", "TimezoneDB.log", "unnamed_tasks.log", "UARPEndpointPacketCaptures.log", "SpaceAttributionTelemetry.log", "usermanagerd_logs.log", "VideoProcessing.log", "watchdog.log", "WindowServerHangs.log", "WiFi.log", "watchdogd_ddts.log", "asptool_snapshot_timesensitive.log", "asptool_snapshot.log", "acLog.plist", "atcrtcomm.txt", "BDC_Daily_version2.6_2024-08-29_00:19:16.csv", "BDC_Daily_version2.8_2024-09-22_16:06:26.csv", "BDC_Daily_version2.8_2024-09-13_17:49:14.csv", "BDC_Daily_version2.6_2024-09-04_12:00:11.csv", "BDC_Daily_version2.8_2024-09-21_13:45:08.csv", "BDC_OBC_version2.6_2024-08-29_00:19:14.csv", "BDC_OBC_version2.6_2024-09-13_16:25:59.csv", "BDC_OBC_version2.8_2024-09-18_23:12:12.csv", "BDC_OBC_version2.8_2024-09-14_00:28:48.csv", "BDC_OBC_version2.8_2024-09-13_23:35:57.csv", "BDC_OBC_version2.8_2024-09-14_13:32:02.csv", "BDC_OBC_version2.8_2024-09-29_15:16:41.csv", "BDC_Once_version2.6_2024-08-29_00:19:16.csv", "BDC_Once_version2.8_2024-09-13_17:49:16.csv", "BDC_SBC_version2.6_2024-09-02_20:27:16.csv", "BDC_SBC_version2.6_2024-08-29_00:19:16.csv", "BDC_SBC_version2.6_2024-09-03_11:48:00.csv", "BDC_SBC_version2.6_2024-09-11_00:27:57.csv", "BDC_SBC_version2.6_2024-09-04_13:21:06.csv", "BDC_SBC_version2.6_2024-09-04_12:00:11.csv", "BDC_SBC_version2.6_2024-09-03_00:11:37.csv", "BDC_SBC_version2.6_2024-09-13_16:26:54.csv", "BDC_SBC_version2.6_2024-09-13_16:16:55.csv", "BDC_SBC_version2.6_2024-09-08_17:52:28.csv", "BDC_SBC_version2.6_2024-09-13_02:10:48.csv", "BDC_SBC_version2.6_2024-09-12_02:07:40.csv", "BDC_SBC_version2.8_2024-09-13_17:54:28.csv", "BDC_SBC_version2.6_2024-09-13_17:07:26.csv", "BDC_SBC_version2.8_2024-09-13_17:49:18.csv", "BDC_SBC_version2.8_2024-09-14_00:28:50.csv", "BDC_SBC_version2.8_2024-09-18_03:20:38.csv", "BDC_SBC_version2.8_2024-09-18_23:12:15.csv", "BDC_SBC_version2.8_2024-09-14_13:32:04.csv", "BDC_SBC_version2.8_2024-09-21_13:45:07.csv", "BDC_SBC_version2.8_2024-09-22_05:55:57.csv", "BDC_SBC_version2.8_2024-09-23_19:56:36.csv", "BDC_SBC_version2.8_2024-09-17_01:27:03.csv", "BDC_SBC_version2.8_2024-09-23_21:27:40.csv", "BDC_SBC_version2.8_2024-09-24_19:36:33.csv", "BDC_SBC_version2.8_2024-09-14_01:16:12.csv", "BDC_SmartCharging_version2.6_2024-09-02_20:25:09.csv", "BDC_SmartCharging_version2.6_2024-08-29_00:21:46.csv", "BDC_SmartCharging_version2.6_2024-09-03_04:09:12.csv", "BDC_SmartCharging_version2.6_2024-09-03_11:48:07.csv", "BDC_SmartCharging_version2.6_2024-09-03_00:11:44.csv", "BDC_SmartCharging_version2.6_2024-09-04_12:00:20.csv", "BDC_SmartCharging_version2.6_2024-09-04_13:19:02.csv", "CacheDeletePurgeHistory.txt", "FDRDiagnosticReport.plist", "GEAvailability.log", "IOSADiagnose.log", "version", "akd_dcrt_baa_response.txt", "mobileactivationd.log.0", "akd_dcrt_baa_request.txt", "MAAutoAsset_Atomic_History_00.log", "MAAutoAsset_Atomic_History_02.log", "MAAutoAsset_Atomic_History_01.log", "MAAutoAsset_Atomic_History_03.log", "MAAutoAsset_Atomic_History_05.log", "MAAutoAsset_Atomic_History_04.log", "MAAutoAsset_Atomic_History_09.log", "MAAutoAsset_Atomic_History.txt", "MAAutoAsset_Atomic_History_08.log", "MAAutoAsset_Error_History_00.log", "MAAutoAsset_Atomic_History_06.log", "MAAutoAsset_Error_History_02.log", "MAAutoAsset_Error_History_04.log", "MAAutoAsset_Error_History_05.log", "MAAutoAsset_Error_History_08.log", "MAAutoAsset_Error_History.txt", "MAAutoAsset_Filesystem_History_01.log", "MAAutoAsset_Error_History_06.log", "MAAutoAsset_Error_History_09.log", "MAAutoAsset_Error_History_07.log", "MAAutoAsset_Filesystem_History_03.log", "MAAutoAsset_Filesystem_History_02.log", "MAAutoAsset_Filesystem_History_04.log", "MAAutoAsset_Filesystem_History_05.log", "MAAutoAsset_Filesystem_History_08.log", "MAAutoAsset_Filesystem_History_09.log", "MAAutoAsset_Filesystem_History_06.log", "MAAutoAsset_Filesystem_History_00.log", "MAAutoAsset_Filesystem_History_07.log", "MAAutoAsset_Filesystem_History.txt", "MAAutoAsset_Locker_History_00.log", "MAAutoAsset_Locker_History_01.log", "MAAutoAsset_Locker_History_03.log", "MAAutoAsset_Locker_History_06.log", "MAAutoAsset_Locker_History_02.log", "MAAutoAsset_Locker_History_04.log", "MAAutoAsset_Locker_History_05.log", "MAAutoAsset_Locker_History_07.log", "MAAutoAsset_Scheduler_History_00.log", "MAAutoAsset_Locker_History.txt", "MAAutoAsset_Locker_History_08.log", "MAAutoAsset_Scheduler_History_03.log", "MAAutoAsset_Scheduler_History_02.log", "MAAutoAsset_Scheduler_History_04.log", "MAAutoAsset_Scheduler_History_01.log", "MAAutoAsset_Locker_History_09.log", "MAAutoAsset_Scheduler_History_07.log", "MAAutoAsset_Scheduler_History_08.log", "MAAutoAsset_Scheduler_History_05.log", "MAAutoAsset_Scheduler_History_06.log", "MAAutoAsset_Scheduler_History.txt", "MAAutoAsset_Scheduler_History_09.log", "MAAutoAsset_Secure_History_01.log", "MAAutoAsset_Secure_History_00.log", "MAAutoAsset_Secure_History_04.log", "MAAutoAsset_Secure_History_05.log", "MAAutoAsset_Secure_History_03.log", "MAAutoAsset_Secure_History_07.log", "MAAutoAsset_Secure_History_08.log", "MAAutoAsset_Secure_History_06.log", "MAAutoAsset_Secure_History_09.log", "MAAutoAsset_Stager_History_01.log", "MAAutoAsset_Stager_History_02.log", "MAAutoAsset_Stager_History_00.log", "MAAutoAsset_Secure_History.txt", "MAAutoAsset_Stager_History_03.log", "MAAutoAsset_Stager_History_05.log", "MAAutoAsset_Stager_History_07.log", "MAAutoAsset_Stager_History_04.log", "MAAutoAsset_Stager_History_08.log", "MAAutoAsset_Stager_History_06.log", "MAAutoAsset_Stager_History_09.log", "MAAutoAsset_Stager_History.txt", "mobile_installation.log.0", "mobile_installation.log.1", "mobile_installation_helper.log.0", "lockdownd.log", "SUCoreSplunkHistory.log", "model_catalog_dump.txt", "model_manager_dump.json", "com.apple.networkextension.necp.rtf", "preferences.rtf", "NetworkInterfaces.rtf", "com.apple.networkextension.rtf", "com.apple.networkextension.uuidcache.rtf", "com.apple.networkextension.cache.rtf", "com.apple.networkextension.control.rtf", "Entity_2024-09-29 22:12:50.359_Blacklist.csv", "capture.rtf", "system.rtf", "[2024-09-29_22,12,45.966405]-LQMLogging-001.txt", "[2024-09-29_22,12,45.960131]-Interface_SoftAP_0-001.txt", "[2024-09-29_22,12,56.122877]-Interface_LowLatency_0-001.txt", "[2024-09-29_22,12,56.815468]-Interface_Infrastructure_0-001.txt", "[2024-09-29_22,12,56.591747]-Interface_AirLink_0-001.txt", "[2024-09-29_22,12,56.327440]-uartFirmwareLogs-001.txt", "[2024-09-29_22,12,56.457960]-AppleOLYHAL_log-001.txt", "AddFileList.txt", "ap1_AllPeersVerbose_IO80211PeerManager.txt", "awdl0_PrintState_IO80211AWDLPeerManager.txt", "awdl0_AllPeersVerbose_IO80211AWDLPeerManager.txt", "BusState.txt", "ConfigManagerState.txt", "CommanderState.txt", "CoreState.txt", "DeviceInfo.xml", "en0_AllPeersVerbose_IO80211PeerManager.txt", "en0_PrintState_IO80211PeerManager.txt", "InterfaceState_apsta.txt", "ap1_PrintState_IO80211PeerManager.txt", "FaultReportState.txt", "History.txt", "InterfaceState_prox.txt", "ivars->fChannelSwitchDictionary[0].xml", "InterfaceState_llw.txt", "JoinManagerState.txt", "ivars->fChannelSwitchDictionary[1].xml", "InterfaceState_skywalkinfra.txt", "ScanManagerState.txt", "LowLatencyRxCompRing", "MMIO_Log.txt", "SoC_Registers.xml", "LowLatencyTxCompRing", "NetManagerState.txt", "[2024-09-29_22,12,56.477273]-AppleBCMWLAN_Logs-001.txt", "disks.txt", "apfs_stats.txt", "oslog_archive_error.log", "ps_thread.txt", "971A5878D635EB8B262FF791353234.rtf", "B730B951A932F5AE2648F478FDDA81.rtf", "E7B80B551D34E4BCDBC1E47D6AB627.rtf", "2B553D16843D7B9CD7A4504A96CF2F.rtf", "594CB14E19331E8CFB5365144D46C4.rtf", "DE90FBA8603371B106DDEC727E696D.rtf", "C1ACD227FD3CE992C115DD95BD2B42.rtf" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [ { "id": "T1056", "name": "Input Capture", "display_name": "T1056 - Input Capture" } ], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 24, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "ravescoutllc.", "id": "288912", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "FileHash-SHA256": 105, "domain": 71, "hostname": 211, "URL": 125, "email": 2, "FileHash-MD5": 14, "FileHash-SHA1": 212 }, "indicator_count": 740, "is_author": false, "is_subscribing": null, "subscriber_count": 30, "modified_text": "580 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "URL", "related_indicator_is_active": 1 }, { "id": "66fae0d0177ccf5dfc5c1fb0", "name": "The Jane Syndrome Files: Espionage-Grade Apple iPhone Infiltration", "description": "Here is a full list of details about Apple's latest operating system (OS) and the services it offers: DNS poisonings, network insecurities, malware, malicious script injections.", "modified": "2024-10-30T16:01:07.364000", "created": "2024-09-30T17:33:04.581000", "tags": [ "disabled awdl", "awdl", "status ipv6", "mode", "off awdl", "auto", "discovery", "disabled", "status power", "mac address", "f5 discoverable", "scanning", "current network", "wifi", "security", "wpa2 personal", "legacy", "ipv6", "count", "interval", "timestamp name", "open", "begin", "d71ff", "status", "begin wifi", "collect", "end wifi", "logs", "dump", "end corecapture", "cache", "stats", "cfnetwork", "could", "could ping", "dns server", "duration result", "description", "reach apple", "ping lan", "resolve dns", "number", "guard period", "errors summary", "report guard", "scan psf", "period ranges", "aw errors", "summary", "ap stats", "ap status", "period", "i en0", "airport sync", "airport network", "rave scout", "salman", "scout iphone", "guest agrp", "guest mdat", "items", "status primary", "ipv4", "interface", "nonpsc", "active", "address", "method", "supported", "status mac", "ssid", "bssid", "rssi", "tx rate", "mbps security", "congested wifi", "channel", "current channel", "ht40", "networks", "ht40 network", "wifi cc", "mcastaesccm", "mcasttkip", "fiosd8f6r", "jparadise", "bradstevens", "hazelnuthut", "karen dave", "fios", "brookleyroad", "mobile", "gator", "mach virtual", "memory", "never", "command", "execution time", "timeout", "max rss", "o user", "o ppid", "usrbintaskinfo", "a registry", "ioservice", "state", "executing task", "cpu time", "child process", "cpuwall", "cputimeout", "task container", "handshake", "tmpoutputdir", "executing", "phase", "locker", "atomic", "error", "companion", "savage", "demo", "trigger", "caller", "autounlock", "macbook air", "leaflifetime", "evaluationtime", "afterctflagday", "anchorsource", "validstatus", "numberscts", "mmcs", "unknown", "lmdc", "fssnapshot", "fpck", "fpsnapshot", "fpckrunreason", "iphone", "version", "product type", "os build", "appleinternal", "cpuarchitecture", "chipid", "hwmodel", "d53gap", "hassep", "ap1i", "ap1p", "ap1v", "b0ti", "d1pt", "iq0b", "iq1b", "mbse", "adce", "aopc", "bupt", "chcc", "chif", "upof", "waps", "warp", "wass", "default filters", "size limit", "mb on", "done enforcing", "file", "candidate", "filters", "enforcing size", "limit", "added", "predicate not", "file past", "beginswith", "endswith", "excresource", "analytics", "predicate", "not self", "contains", "max size", "matches", "osvalueobject", "ioport", "ioregistryentry", "iopower", "ioaccessory", "iousb", "iodevicetree", "root", "class", "wcfb", "gtd0x0 dtb", "rfrs", "adfh", "adhf", "vbwr", "vbrr", "cfdwc", "cfdrc", "dlwd", "gcrd", "gccan1 gcmust0", "gccan0 gcmust0", "erase quantile", "bad blocks", "max band", "eol erase", "user partition", "indpoolfree", "key1242", "timestamp", "weightedra", "qmax0", "cyclecount", "timeathighsoc", "chargingvoltage", "bhserviceflags", "04430", "familycode", "vacvoltagelimit", "53685452100", "53685452811", "1284430", "53685452411", "04410", "11524410", "53685452401", "1284410", "10244410", "11534410", "11524430", "10244430", "11534430", "53685451811", "53685451911", "chemid", "algochemid", "eeee", "designcapacity", "presentdod0", "currentcapacity", "ischarging", "temperature", "amperage", "instantamperage", "voltage", "stateofcharge", "chargeaccum", "chargingstate", "inflowstate", "chargelimit", "checkpoint", "decisionmaker", "modeofoperation", "af96b", "begin bluetooth", "b590b", "e97d3", "e1306", "certificate", "start", "status code", "sameorigin body", "xsannwhh5zixhy", "debug", "sun sep", "thu sep", "notice", "fri sep", "unbrick", "dcrt reissue", "commcenter fri", "sat sep", "commcenter sun", "data", "plist", "dict", "post useragent", "dcrt", "body", "doctype", "public", "pkitruststore", "download", "autolocker", "autojob", "data container", "installing", "ls save", "ls operation", "customer", "lsinstalltype", "miinstaller", "staging", "update", "consumed", "missingvalue", "raptor certs", "full service", "pinged configd", "cachedata", "cacheextra", "gmt4", "boot session", "bonjour", "f0fs24 cf0", "xml version", "appledtd plist", "adapter", "sen097", "wairport97", "t3gpp u8721", "u960 u8747", "bae69693u8719", "c2cb", "f1f49791page", "c4 e8", "page", "xethernet97", "sen1u8260", "u8721 u8719", "u8805 a5u8706", "a5u8706 u8721", "u8719 u960", "u8800 c6d8u8734", "b1u8804 u8805", "u8747 aabau937", "u64258 u8800", "u8747 u8776", "u64257 u64258", "u305 u8710", "u63743", "u8260", "u8805 u8706", "u731 u711", "u731", "u733", "time", "time secs", "uuid", "osversion", "lqmlogging", "su ms", "nb nrs", "na cm", "ex tf", "ffp mret", "highband", "ghz sep", "noise 88", "capture", "interfacelogs", "disabledatapath", "role lowlatency", "enabledatapath", "tx submission", "queue sep", "disablesync", "txsubq sep", "datapath", "printdatapath", "txsub disable", "txsub enable", "awdl prox", "awdl interface", "appleolyhal", "iopcidevice", "iopcidevice sep", "appleolyhallog", "pktsec", "mbitssec", "txreported", "u0 m0", "rxmacst", "monitor0 vif", "ff input", "pmopen", "rssi 100", "flushed", "rssi threshold", "service", "p2p concurrency", "allowed", "multicast", "unicast", "p2p interface", "off configured", "host edge", "awdl0", "awdl state", "configured", "d12c2680", "monitor18 vif", "transition", "wait", "device sleep", "device wake", "device active", "pending", "pnd0", "exit", "int state", "tx power", "cap config", "device tree", "ps params", "dtim", "motion profile", "womp disabled", "region info", "lla prefer", "prefer", "moving", "logic", "config", "wlcgetbssinfo", "queue", "check que", "wd scheduled1", "curr", "configure wd", "history", "wlcsetlrl", "wlcgetcountry", "debuggable", "eventbitfield", "fwid 01b0ec0e2e", "d53gap build", "device serial", "file name", "wme acm", "frequestiotx", "busytags", "peer", "u409224", "u527236 m103198", "monitor2827", "totaldropped0", "queue status", "totalflushed0", "tx completion", "rx completion", "fault report", "logging rx", "join mgr", "backpl", "85 85", "fl2 rt601", "bsside2", "rssi avg", "41 48", "44 42", "46 48", "43 42", "io80211 scan", "updated", "mpdus", "chanspec", "roam candidate", "logtransition", "cache channels", "scan home", "infra", "filesystem size", "avail capacity", "devdisk1s1", "dev devdisk1s6", "devdisk1s3", "calls", "file defrag", "metadata", "write", "object cache", "read", "fx defrag", "vnopallocate", "vnopblktooff", "meta", "user pid", "cpu stat", "pri stime", "utime command", "ppid f", "mem pri", "ni vsz", "rss wchan", "started time", "wd scheduled0", "e666293574", "monitor38 vif", "u2642957", "u4321860 m8433", "monitor9744", "b7c5a", "fl2 rt3505", "43 43", "bssid00", "lightphoneii", "43 44", "44 44", "rx data", "f4e0wf", "session", "cached", "access", "integer not", "null default", "null", "text not", "from", "text unique", "where", "order by", "not null", "bool not", "expected t", "nsdata", "unique", "integer primary", "array", "hard", "u63743 fceae8" ], "references": [ "awdl_status.txt", "arp.txt", "bluetooth_status.txt", "com.apple.wifi.syncable-networks.legacy.plist", "com.apple.wifi.syncable-networks.plist", "diagnostics-configuration.txt", "debug-log.txt", "diagnostics-connectivity.txt", "com.apple.wifi.recent-networks.json", "ifconfig.txt", "leaky_ap_stats.txt", "netstat-POST.txt", "mobilewifitool.txt", "security.txt", "netstat-PRE.txt", "network_status.txt", "wifi_datapath-PRE.txt", "wifi_scan_cache.txt", "wifi_logarchive.log", "wifi_datapath-POST.txt", "wifi_status.txt", "diagnostics-environment.txt", "wifi_scan.txt", "vm_stat.txt", "transparency.log", "tzDataVersion.log", "tailspin-info.txt", "taskSummary.csv", "sysdiagnose.log", "security-sysdiagnose.txt", "fileproviderctl_check.log", "hpmDiagnose.txt", "fileproviderctl.log", "hidutil.plist", "remotectl_dumpstate.txt", "smcDiagnose.txt", "BridgeReporting.log", "BridgeActivation.log", "AppConduit.log", "appinstallation.log", "AlishaLogs.log", "ASPSnapshots.log", "AppSupport.log", "astro.log", "AUDeveloperSettings.log", "ATVUpdateLog.log", "AVConference.log", "atcrtcomm.log", "BatteryBDC.log", "avconferenced-embedded.log", "BatteryIntelligence.log", "BluetoothAccessory.log", "BluetoothCoreDump.log", "BatteryHealth.log", "BatteryUIPlist.log", "brctl.log", "BASEBAND_TS_TRIGGER.log", "BTPHY.log", "Burnin.log", "Buddy.log", "CacheDeleteHistory.log", "CalendarPreferences.log", "CMCaptureTailspins.log", "CompanionSync.log", "CommandAndControl.log", "Contacts.log", "coreaudio_reporting.log", "CoreCapture.log", "copySpringBoardStateDump.log", "CoreLocation.log", "CoreCaptureBT.log", "crashes_and_spins.log", "cts.log", "coremediacapture-afdebug.log", "DarwinInit.log", "demod.log", "DataMigration.log", "FDR.log", "diagnostic_summary.log", "ForceResetTailspins.log", "Frametracer.log", "fsck.log", "FindMyDevice.log", "HangTracerTailspins.log", "GenerativeExperiences.log", "Harmony.log", "HIDCrashlogs.log", "HCI.log", "HomePodSetUp.log", "hidfw-crashlogs.log", "itunesstored.log", "LivabilityApp.log", "keyboard_cache.log", "LaunchServices.log", "MailErrorConditions.log", "MapsSyncJournal.log", "MatchTailspins.log", "MCState.log", "MCUCoreDumps.log", "MediaserverdBlockageTailspins.log", "MemoryExceptions.log", "MobileActivation.log", "microstackshots.log", "LogStreamFilter.log", "Mobile_Demo.log", "MobileInstallation.log", "MobileBackup.log", "MobileKeybagLogs.log", "MobileAssetHistory.log", "launchdLogs.log", "MobileSlideShow.log", "MobileLockdown.log", "MobileObliteration.log", "MobileSlideShowPrivateData.log", "MSU.log", "MobileStoreDemo.log", "NanoPreferencesSync.log", "NanoRegistry.log", "NSURLSession_logs.log", "Networking.log", "NetworkRelay.log", "ondemandd.log", "olddsc.log", "OTA.log", "OSEligibility.log", "OTAUpdateLogs.log", "Panics.log", "Personalization.log", "parsecd.log", "powerlogs.log", "process_proxied_device_logs.log", "ProactiveInputPredictions.log", "Preferences.log", "Proximity.log", "ProtectedCloudStorage.log", "RecentHangTracerTailspins.log", "RunningBoard.log", "Recoverylogd.log", "Resource_Exhaustion.log", "SensorKit.log", "SiriTextToSpeech.log", "Sentry.log", "Siri.log", "SiriAnalytics.log", "SleepCycler.log", "SocialLayerPlist.log", "spindump-meta-collection.log", "SplunkHistory.log", "stackshots.log", "SUInfo.log", "StoreServices.log", "SystemVersion.log", "Splat_Versioning.log", "syslog.log", "tailspin-history.log", "ThermalLogs.log", "tailspin-info-ts.log", "Trial.log", "UARP_Packet_Capture.log", "TetheredRestore.log", "UnifiedAsset.log", "time-sensitive-stackshot.log", "TimezoneDB.log", "unnamed_tasks.log", "UARPEndpointPacketCaptures.log", "SpaceAttributionTelemetry.log", "usermanagerd_logs.log", "VideoProcessing.log", "watchdog.log", "WindowServerHangs.log", "WiFi.log", "watchdogd_ddts.log", "asptool_snapshot_timesensitive.log", "asptool_snapshot.log", "acLog.plist", "atcrtcomm.txt", "BDC_Daily_version2.6_2024-08-29_00:19:16.csv", "BDC_Daily_version2.8_2024-09-22_16:06:26.csv", "BDC_Daily_version2.8_2024-09-13_17:49:14.csv", "BDC_Daily_version2.6_2024-09-04_12:00:11.csv", "BDC_Daily_version2.8_2024-09-21_13:45:08.csv", "BDC_OBC_version2.6_2024-08-29_00:19:14.csv", "BDC_OBC_version2.6_2024-09-13_16:25:59.csv", "BDC_OBC_version2.8_2024-09-18_23:12:12.csv", "BDC_OBC_version2.8_2024-09-14_00:28:48.csv", "BDC_OBC_version2.8_2024-09-13_23:35:57.csv", "BDC_OBC_version2.8_2024-09-14_13:32:02.csv", "BDC_OBC_version2.8_2024-09-29_15:16:41.csv", "BDC_Once_version2.6_2024-08-29_00:19:16.csv", "BDC_Once_version2.8_2024-09-13_17:49:16.csv", "BDC_SBC_version2.6_2024-09-02_20:27:16.csv", "BDC_SBC_version2.6_2024-08-29_00:19:16.csv", "BDC_SBC_version2.6_2024-09-03_11:48:00.csv", "BDC_SBC_version2.6_2024-09-11_00:27:57.csv", "BDC_SBC_version2.6_2024-09-04_13:21:06.csv", "BDC_SBC_version2.6_2024-09-04_12:00:11.csv", "BDC_SBC_version2.6_2024-09-03_00:11:37.csv", "BDC_SBC_version2.6_2024-09-13_16:26:54.csv", "BDC_SBC_version2.6_2024-09-13_16:16:55.csv", "BDC_SBC_version2.6_2024-09-08_17:52:28.csv", "BDC_SBC_version2.6_2024-09-13_02:10:48.csv", "BDC_SBC_version2.6_2024-09-12_02:07:40.csv", "BDC_SBC_version2.8_2024-09-13_17:54:28.csv", "BDC_SBC_version2.6_2024-09-13_17:07:26.csv", "BDC_SBC_version2.8_2024-09-13_17:49:18.csv", "BDC_SBC_version2.8_2024-09-14_00:28:50.csv", "BDC_SBC_version2.8_2024-09-18_03:20:38.csv", "BDC_SBC_version2.8_2024-09-18_23:12:15.csv", "BDC_SBC_version2.8_2024-09-14_13:32:04.csv", "BDC_SBC_version2.8_2024-09-21_13:45:07.csv", "BDC_SBC_version2.8_2024-09-22_05:55:57.csv", "BDC_SBC_version2.8_2024-09-23_19:56:36.csv", "BDC_SBC_version2.8_2024-09-17_01:27:03.csv", "BDC_SBC_version2.8_2024-09-23_21:27:40.csv", "BDC_SBC_version2.8_2024-09-24_19:36:33.csv", "BDC_SBC_version2.8_2024-09-14_01:16:12.csv", "BDC_SmartCharging_version2.6_2024-09-02_20:25:09.csv", "BDC_SmartCharging_version2.6_2024-08-29_00:21:46.csv", "BDC_SmartCharging_version2.6_2024-09-03_04:09:12.csv", "BDC_SmartCharging_version2.6_2024-09-03_11:48:07.csv", "BDC_SmartCharging_version2.6_2024-09-03_00:11:44.csv", "BDC_SmartCharging_version2.6_2024-09-04_12:00:20.csv", "BDC_SmartCharging_version2.6_2024-09-04_13:19:02.csv", "CacheDeletePurgeHistory.txt", "FDRDiagnosticReport.plist", "GEAvailability.log", "IOSADiagnose.log", "version", "akd_dcrt_baa_response.txt", "mobileactivationd.log.0", "akd_dcrt_baa_request.txt", "MAAutoAsset_Atomic_History_00.log", "MAAutoAsset_Atomic_History_02.log", "MAAutoAsset_Atomic_History_01.log", "MAAutoAsset_Atomic_History_03.log", "MAAutoAsset_Atomic_History_05.log", "MAAutoAsset_Atomic_History_04.log", "MAAutoAsset_Atomic_History_09.log", "MAAutoAsset_Atomic_History.txt", "MAAutoAsset_Atomic_History_08.log", "MAAutoAsset_Error_History_00.log", "MAAutoAsset_Atomic_History_06.log", "MAAutoAsset_Error_History_02.log", "MAAutoAsset_Error_History_04.log", "MAAutoAsset_Error_History_05.log", "MAAutoAsset_Error_History_08.log", "MAAutoAsset_Error_History.txt", "MAAutoAsset_Filesystem_History_01.log", "MAAutoAsset_Error_History_06.log", "MAAutoAsset_Error_History_09.log", "MAAutoAsset_Error_History_07.log", "MAAutoAsset_Filesystem_History_03.log", "MAAutoAsset_Filesystem_History_02.log", "MAAutoAsset_Filesystem_History_04.log", "MAAutoAsset_Filesystem_History_05.log", "MAAutoAsset_Filesystem_History_08.log", "MAAutoAsset_Filesystem_History_09.log", "MAAutoAsset_Filesystem_History_06.log", "MAAutoAsset_Filesystem_History_00.log", "MAAutoAsset_Filesystem_History_07.log", "MAAutoAsset_Filesystem_History.txt", "MAAutoAsset_Locker_History_00.log", "MAAutoAsset_Locker_History_01.log", "MAAutoAsset_Locker_History_03.log", "MAAutoAsset_Locker_History_06.log", "MAAutoAsset_Locker_History_02.log", "MAAutoAsset_Locker_History_04.log", "MAAutoAsset_Locker_History_05.log", "MAAutoAsset_Locker_History_07.log", "MAAutoAsset_Scheduler_History_00.log", "MAAutoAsset_Locker_History.txt", "MAAutoAsset_Locker_History_08.log", "MAAutoAsset_Scheduler_History_03.log", "MAAutoAsset_Scheduler_History_02.log", "MAAutoAsset_Scheduler_History_04.log", "MAAutoAsset_Scheduler_History_01.log", "MAAutoAsset_Locker_History_09.log", "MAAutoAsset_Scheduler_History_07.log", "MAAutoAsset_Scheduler_History_08.log", "MAAutoAsset_Scheduler_History_05.log", "MAAutoAsset_Scheduler_History_06.log", "MAAutoAsset_Scheduler_History.txt", "MAAutoAsset_Scheduler_History_09.log", "MAAutoAsset_Secure_History_01.log", "MAAutoAsset_Secure_History_00.log", "MAAutoAsset_Secure_History_04.log", "MAAutoAsset_Secure_History_05.log", "MAAutoAsset_Secure_History_03.log", "MAAutoAsset_Secure_History_07.log", "MAAutoAsset_Secure_History_08.log", "MAAutoAsset_Secure_History_06.log", "MAAutoAsset_Secure_History_09.log", "MAAutoAsset_Stager_History_01.log", "MAAutoAsset_Stager_History_02.log", "MAAutoAsset_Stager_History_00.log", "MAAutoAsset_Secure_History.txt", "MAAutoAsset_Stager_History_03.log", "MAAutoAsset_Stager_History_05.log", "MAAutoAsset_Stager_History_07.log", "MAAutoAsset_Stager_History_04.log", "MAAutoAsset_Stager_History_08.log", "MAAutoAsset_Stager_History_06.log", "MAAutoAsset_Stager_History_09.log", "MAAutoAsset_Stager_History.txt", "mobile_installation.log.0", "mobile_installation.log.1", "mobile_installation_helper.log.0", "lockdownd.log", "SUCoreSplunkHistory.log", "model_catalog_dump.txt", "model_manager_dump.json", "com.apple.networkextension.necp.rtf", "preferences.rtf", "NetworkInterfaces.rtf", "com.apple.networkextension.rtf", "com.apple.networkextension.uuidcache.rtf", "com.apple.networkextension.cache.rtf", "com.apple.networkextension.control.rtf", "Entity_2024-09-29 22:12:50.359_Blacklist.csv", "capture.rtf", "system.rtf", "[2024-09-29_22,12,45.966405]-LQMLogging-001.txt", "[2024-09-29_22,12,45.960131]-Interface_SoftAP_0-001.txt", "[2024-09-29_22,12,56.122877]-Interface_LowLatency_0-001.txt", "[2024-09-29_22,12,56.815468]-Interface_Infrastructure_0-001.txt", "[2024-09-29_22,12,56.591747]-Interface_AirLink_0-001.txt", "[2024-09-29_22,12,56.327440]-uartFirmwareLogs-001.txt", "[2024-09-29_22,12,56.457960]-AppleOLYHAL_log-001.txt", "AddFileList.txt", "ap1_AllPeersVerbose_IO80211PeerManager.txt", "awdl0_PrintState_IO80211AWDLPeerManager.txt", "awdl0_AllPeersVerbose_IO80211AWDLPeerManager.txt", "BusState.txt", "ConfigManagerState.txt", "CommanderState.txt", "CoreState.txt", "DeviceInfo.xml", "en0_AllPeersVerbose_IO80211PeerManager.txt", "en0_PrintState_IO80211PeerManager.txt", "InterfaceState_apsta.txt", "ap1_PrintState_IO80211PeerManager.txt", "FaultReportState.txt", "History.txt", "InterfaceState_prox.txt", "ivars->fChannelSwitchDictionary[0].xml", "InterfaceState_llw.txt", "JoinManagerState.txt", "ivars->fChannelSwitchDictionary[1].xml", "InterfaceState_skywalkinfra.txt", "ScanManagerState.txt", "LowLatencyRxCompRing", "MMIO_Log.txt", "SoC_Registers.xml", "LowLatencyTxCompRing", "NetManagerState.txt", "[2024-09-29_22,12,56.477273]-AppleBCMWLAN_Logs-001.txt", "disks.txt", "apfs_stats.txt", "oslog_archive_error.log", "ps_thread.txt", "971A5878D635EB8B262FF791353234.rtf", "B730B951A932F5AE2648F478FDDA81.rtf", "E7B80B551D34E4BCDBC1E47D6AB627.rtf", "2B553D16843D7B9CD7A4504A96CF2F.rtf", "594CB14E19331E8CFB5365144D46C4.rtf", "DE90FBA8603371B106DDEC727E696D.rtf", "C1ACD227FD3CE992C115DD95BD2B42.rtf" ], "public": 1, "adversary": "DragonForce Malaysia Hacker Group", "targeted_countries": [ "United States of America" ], "malware_families": [ { "id": "", "display_name": "", "target": null } ], "attack_ids": [ { "id": "T1056", "name": "Input Capture", "display_name": "T1056 - Input Capture" }, { "id": "T1088", "name": "Bypass User Account Control", "display_name": "T1088 - Bypass User Account Control" }, { "id": "T1547", "name": "Boot or Logon Autostart Execution", "display_name": "T1547 - Boot or Logon Autostart Execution" }, { "id": "T1546.004", "name": "Unix Shell Configuration Modification", "display_name": "T1546.004 - Unix Shell Configuration Modification" }, { "id": "T1001", "name": "Data Obfuscation", "display_name": "T1001 - Data Obfuscation" }, { "id": "T1213", "name": "Data from Information Repositories", "display_name": "T1213 - Data from Information Repositories" }, { "id": "T1070.002", "name": "Clear Linux or Mac System Logs", "display_name": "T1070.002 - Clear Linux or Mac System Logs" }, { "id": "T1003", "name": "OS Credential Dumping", "display_name": "T1003 - OS Credential Dumping" }, { "id": "T1445", "name": "Abuse of iOS Enterprise App Signing Key", "display_name": "T1445 - Abuse of iOS Enterprise App Signing Key" }, { "id": "T1001.003", "name": "Protocol Impersonation", "display_name": "T1001.003 - Protocol Impersonation" }, { "id": "T1404", "name": "Exploit OS Vulnerability", "display_name": "T1404 - Exploit OS Vulnerability" } ], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 23, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "ravescoutllc.", "id": "288912", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "FileHash-SHA256": 105, "domain": 70, "hostname": 211, "URL": 125, "email": 2, "FileHash-MD5": 14, "FileHash-SHA1": 212 }, "indicator_count": 739, "is_author": false, "is_subscribing": null, "subscriber_count": 31, "modified_text": "580 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "URL", "related_indicator_is_active": 1 } ], "error": null, "vt": { "error": "VirusTotal rate limit reached. Try again shortly.", "indicator": "https://sites.google.drive", "type": "URL" }, "abuseipdb": null, "urlhaus": { "indicator": "https://sites.google.drive", "type": "URL", "found": false, "verdict": "clean", "error": null }, "from_cache": true, "_cached_at": 1780438794.3092988 }