ma2tl: macOS Forensic Timeline Generator Using mac_apt Analysis Results
Common Information
| Type | Value |
|---|---|
| UUID | 42d54f09-2874-41f2-9d4e-b68e812ee8eb |
| Fingerprint | bc37865d9107408d4e090d9d406d9386251a3ff2fd0802f61eca11f9bbbb2f2a |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | Feb. 2, 2022, 1:25 a.m. |
| Added to db | March 12, 2024, 7:55 p.m. |
| Last updated | Aug. 31, 2024, 5:15 a.m. |
| Headline | ma2tl: macOS Forensic Timeline Generator Using mac_apt Analysis Results |
| Title | ma2tl: macOS Forensic Timeline Generator Using mac_apt Analysis Results |
| Detected Hints/Tags/Attributes | 31/2/34 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | https://jsac.jpcert.or.jp/archive/2022/pdf/JSAC2022_2_kobayashi_jp.pdf |
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 4128 | github.com |
|
| Details | Domain | 5 | log2timeline.py |
|
| Details | Domain | 4 | psort.py |
|
| Details | Domain | 2 | burnhamforensics.com |
|
| Details | Domain | 2 | leahycenterblog.champlain.edu |
|
| Details | Domain | 359 | com.apple |
|
| Details | Domain | 10 | com.google.chrome |
|
| Details | Domain | 53 | developer.apple.com |
|
| Details | Domain | 3 | fakeapp.app |
|
| Details | Domain | 2 | ma2tl.py |
|
| Details | File | 5 | log2timeline.py |
|
| Details | File | 2 | victim.pl |
|
| Details | File | 4 | psort.py |
|
| Details | File | 2 | victime.csv |
|
| Details | File | 4 | mac_apt.db |
|
| Details | File | 4 | unifiedlogs.db |
|
| Details | File | 4 | apfs_volumes_xxxx.db |
|
| Details | File | 1 | イムスタンプをapfs_volumes_xxxx.db |
|
| Details | File | 1 | の処理時間もunifiedlogs.db |
|
| Details | File | 2 | faketest2-bash.dmg |
|
| Details | File | 1 | ①mac_apt.db |
|
| Details | File | 2 | ma2tl.py |
|
| Details | File | 2 | ma2tl.pl |
|
| Details | Github username | 2 | log2timeline |
|
| Details | Github username | 5 | crowdstrike |
|
| Details | Github username | 6 | ydkhatri |
|
| Details | Github username | 5 | mnrkbys |
|
| Details | Url | 2 | https://github.com/log2timeline/plaso |
|
| Details | Url | 4 | https://github.com/crowdstrike/automactc |
|
| Details | Url | 6 | https://github.com/ydkhatri/mac_apt |
|
| Details | Url | 2 | https://burnhamforensics.com/projects/mac_int |
|
| Details | Url | 2 | https://leahycenterblog.champlain.edu/2020/05/01/building- |
|
| Details | Url | 2 | https://developer.apple.com/documentation/macos- |
|
| Details | Url | 2 | https://github.com/mnrkbys/ma2tl |