user@threatcheck.sh ~ threat-analysis
bash
$ analyze-threat Trojan:MacOS/Multiverze!rfn
Trojan:MacOS/Multiverze!rfn - Windows Defender threat signature analysis

Trojan:MacOS/Multiverze!rfn - Windows Defender Threat Analysis

$ cat analysis.txt
=== THREAT ANALYSIS REPORT ===
Threat Name: Trojan:MacOS/Multiverze!rfn
Classification:
Type:Trojan
Platform:MacOS
Family:Multiverze
Detection Type:Concrete
Known malware family with identified signatures
Suffix:!rfn
Specific ransomware family name
Confidence:Very High
False-Positive Risk:Low

Concrete signature match: Trojan - Appears legitimate but performs malicious actions for macOS platform, family Multiverze

Summary:

Trojan:MacOS/Multiverze!rfn is a confirmed macOS Trojan (concrete detection, low FP risk) designed to communicate with external command and control (C2) domains like gpmce.net and booble.com, likely for data exfiltration or further instructions. Its binaries contain anomalous Windows-specific strings (e.g., MSVBVM60.DLL, registry run keys) which might indicate anti-analysis techniques or dormant multi-platform functionality.

Severity:
High
VDM Static Detection:
Relevant strings associated with this threat:
 - www.gpmce.net (PEHSTR_EXT)
 - www.booble.com (PEHSTR_EXT)
 - MSVBVM60.DLL (PEHSTR_EXT)
 - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run (PEHSTR_EXT)
 - \n(<M (NID)
 - 1em\M (NID)
 - 2~oS\^ (SNID)
 - ^%+n~/ (SNID)
 - M/DFGL (SNID)
 - v4.`L+ (SNID)
 - \-a'f (SNID)
 - 82W9\yH (SNID)
 - i.L98& (SNID)
 - &/%#2 (SNID)
 - $B/OF (SNID)
 - l\I~@S\ (SNID)
 - /,Fs@~J8 (SNID)
 - \\5J' (SNID)
 - Qc3\x]fZ (SNID)
 - ~U5B-{/% (SNID)
 - :A /3 (SNID)
 - \)/*A (SNID)
 - YK"\} (SNID)
 - iDH.0 (SNID)
 - %a.VD (SNID)
 - HgCY\N (SNID)
 - .(K'u,% (SNID)
 - -$.l= (SNID)
 - qa>6ngd. (SNID)
 - vG.].4X (SNID)
 - }O$]/ (SNID)
 - ~,jN.v (SNID)
 - ;1\C4d (SNID)
 - 5{\%) (SNID)
 - `ksW. (SNID)
 - q`+H7H/ (SNID)
 - lp\M~ (SNID)
 - ;*\v{"7F7 (SNID)
 - 'H\z{ (SNID)
 - FkXA.:F+ (SNID)
 - EW/j-^ (SNID)
 - (t1dx. (SNID)
 - g/^IE (SNID)
 - /6[mt (SNID)
 - hk.j' (SNID)
 - mW\\q% (SNID)
 - 0YZ\. (SNID)
 - m.p<p (SNID)
 - PN.o$0 (SNID)
 - ,UP/' (SNID)
 - [/C`mH (SNID)
 - ?.O6T (SNID)
 - {@gW. (SNID)
 - TB"\Y (SNID)
 - |mO\V (SNID)
 - VcSX\ (SNID)
 - qz7P/! (SNID)
 - /Fgb$ (SNID)
 - jSo (SNID)
 - #-zW\ (SNID)
 - V\p'6 (SNID)
 - &._X" (SNID)
 - -6\1~||j7( (SNID)
 - -Ke/- (SNID)
 - .%Viq (SNID)
 - j/VXH_Y[ (SNID)
 - 8p^.O (SNID)
 - T`/+' (SNID)
 - XX<+m\ (SNID)
 - 7/w`5 (SNID)
 - \d:a0 (SNID)
 - 7B/DO (SNID)
 - >4/kL (SNID)
 - 'go/, (SNID)
 - IW\1# (SNID)
 - Xi\#E (SNID)
 - .OL5i\o (SNID)
 - N~.8g (SNID)
 - &a3$/= (SNID)
 - 5Qoi\U` (SNID)
 - =&j/3[ (SNID)
 - T6.:) (SNID)
 - RZZ.EM (SNID)
 - 8UTw\t1 (SNID)
 - W:\ty (SNID)
 - y1g/a (NID)
 - .JuUv (SNID)
 - KP9i. (SNID)
 - jSmHrat (SNID)
 - +)t/S (SNID)
 - R9'>/ (SNID)
 - /'SYR (SNID)
 - /" E. (SNID)
 -  Wy\t (SNID)
 - o/L}j (SNID)
 - ,.{pS7~ (SNID)
 - ;ZYJs~6 (SNID)
 - ;gL.:C (SNID)
 - "~ 1/ (SNID)
 - &/y D# (SNID)
 - d\^yy (SNID)
 - E?.cb (SNID)
 - 1-\\ULe (SNID)
 - 2/BFE (SNID)
 - I}/M7PH (SNID)
 - ZkO/_ (SNID)
 - K:.Wj2 (SNID)
 - Y_/Hr (SNID)
 - AjS (SNID)
 -  .\K; (SNID)
 - iu)@/ (SNID)
 - v;].QA{ (SNID)
 - G.q)d (SNID)
 - 4ggj\ (SNID)
 - \/<9M (SNID)
 - MxE2. (SNID)
 - V,@U/ (SNID)
 - \s=Tkz (SNID)
 - 9Oy/;EM (SNID)
 - l.gH3 (SNID)
 - \u|[{l (SNID)
 - o'H/X (SNID)
 - wCxj\ (SNID)
 - w52/Q (SNID)
 - w0N3(\ (SNID)
 - $o9.A (SNID)
 - \u:}N (SNID)
 - cYLY/ (SNID)
 - +E^lS;/ (SNID)
 - \&L'Sz (SNID)
 - DZ\%F (SNID)
 - '`gQ . (SNID)
 - /$2pW (SNID)
 - Xu._2 (SNID)
 - j.|z[ (SNID)
 - "'8\q# (SNID)
 - )ITG.7 (SNID)
 - TEZ4(6;/ (SNID)
 - G8\hY~`Y (SNID)
 - .d3lL> (SNID)
 - \/n}Usn(A (SNID)
 - 1Js (SNID)
 - "8C(/ (SNID)
 - MvU.V (SNID)
 - %JS (SNID)
 - hW.3, (SNID)
 - bK_7.& (SNID)
 - N,.96 (SNID)
 - k*Js$ (SNID)
 - .z _R (SNID)
 - 8+%/' (SNID)
 - 3w;/$ (SNID)
 - st.=#71 (SNID)
 - GOo/R] (SNID)
 - 1/',js (SNID)
 - /50hj (SNID)
 - y/Vxf (SNID)
 - ^jPFF. (SNID)
 - sb`\U (SNID)
 - t1r.[l (SNID)
 - Fci.N (SNID)
 - / /M) (SNID)
 - \AA=E (SNID)
 - Gg{/Q (SNID)
 - ]?/e*&t (SNID)
 - N/+RzG (SNID)
 - Tz3ch_. (SNID)
 - \q[VD (SNID)
 - Xvi9\ (SNID)
 - T/K%f (SNID)
 - s)Z/!z (SNID)
 - WF*/k (SNID)
 - e\HIn (SNID)
 - fqsv/ (SNID)
 - \\X*b (SNID)
 - _A%/e (SNID)
 - S;.>x (SNID)
 - Z!\I^ (SNID)
 - !PO.o (SNID)
 - \'KBjE (SNID)
 - N/KFv (SNID)
 - /mma; (SNID)
 - !X\Sn (SNID)
 - \C=g($ (SNID)
 - A\w/y` (SNID)
 - .{\wco (SNID)
 - 2h/TW (SNID)
 - "f`]WfR/c (SNID)
 - 0unFE.QL (SNID)
 - dlm\D (SNID)
 - <k/Z[ (SNID)
 - X,/MQ (SNID)
 - " .'< (SNID)
 - Kxk/^ (SNID)
 - kw\2E> (SNID)
 - /,KIb (SNID)
 - @d h/ (SNID)
 - n/i<2- (SNID)
 - GNy\# (SNID)
 - g.dLM (NID)
 - RCOM (NID)
 - <T.QM (NID)
 - OP|/I (SNID)
 - jsk (SNID)
 - vK.O] (SNID)
 - HS/b4 (SNID)
 - jsa (SNID)
 - /H[8&S (SNID)
 - va.0< (SNID)
 - !ugo\n (SNID)
 - \dtfa (NID)
 - DC\YLv (SNID)
 - 3n/?R (SNID)
 - -i"\~ (SNID)
 - qE/R}cg (SNID)
 - ]Y9G\ (SNID)
 - /G),[ (SNID)
 - \8*z! (SNID)
 - Ic3/x (SNID)
 - /#$h: (SNID)
 - :n0c/ (SNID)
 - jOnE. (SNID)
 - lz\@% (SNID)
 - h[.<$0c (SNID)
 - MgS0/\ (SNID)
 - un\EZ (SNID)
 - *.&-M (NID)
 - JSh (NID)
 - ye/:{ (SNID)
 - /cF(^ (SNID)
 - 9q/Ui (SNID)
 - .</RI (SNID)
 - 7.|}_-= (SNID)
 - 5wzb2/ (SNID)
 - Ka/]$ (SNID)
 - {.[Gw (SNID)
 - \vla= (SNID)
 - n. ^) (SNID)
 - 1&m.\$ (SNID)
 - v)/pA2 (SNID)
 - 8</:?e" (SNID)
 - \NkpIlC (SNID)
 - 'a[_. (SNID)
 - -j.J# (SNID)
 - \v&h,R (SNID)
 - <I\jn! (SNID)
 - Cr/oj# (SNID)
 - ;J\~F (SNID)
 - /O|)#p] (SNID)
 - \8.08 (SNID)
 - }[\jri (SNID)
 - j/dLI (SNID)
 - y?.p] (SNID)
 - r2/[E (SNID)
 - H\idS (SNID)
 - Rko.# (SNID)
 - >~.qd^ (SNID)
 - 0.vF< (SNID)
 - $\;qM (NID)
 - *.$Kw (SNID)
 - w/!x]Y (SNID)
 - 4.N5p (SNID)
 - ZbE\p (SNID)
 - 4esO-..p (SNID)
 - $/j+ g (SNID)
 - \{vOI (SNID)
 - scR (SNID)
 - ;2;/ac (SNID)
 - /Smi? (SNID)
 - \cH7,~ (SNID)
 - .]k.E> (SNID)
 - .p|hr> (SNID)
 - 0F.=^ (SNID)
 - jv.ij (SNID)
 - \3'%X (SNID)
 - \tTfj Z (SNID)
 - :P\8M (SNID)
 - ru/hn (SNID)
 - +t\86 (SNID)
 - 4B*J. (SNID)
 - {j\?N (SNID)
 - ..7IC (SNID)
 - Z\v:9T (SNID)
 - $hZ7Be/ (SNID)
 - z.0_\ (SNID)
 - /mt)&h (SNID)
 - \^k(B<3 (SNID)
 - @>=\AX (SNID)
 - YTv{'9. (SNID)
 - {JX&\ (SNID)
 - H/$;\( (SNID)
 - <4\7A6 (SNID)
 - /-mc_ (SNID)
 - zv_[/lH (SNID)
 - Ja8Lw.G@72 (SNID)
 - /+Cv) (SNID)
 - \f0zj (SNID)
 - 0r/6 V (SNID)
 - +P`uwLC.] (SNID)
 - vbS (SNID)
 - q3J/\ (SNID)
 - \%>G] (SNID)
 - %b+'.p& (SNID)
 - TeZNH.9 (SNID)
 - 0\\8@ (SNID)
 - wf1J\ (SNID)
 - 4d[q\ (SNID)
 - ; \@r (SNID)
 - \AJI;M (SNID)
 - ,h-/H (SNID)
 - #K@/2 (SNID)
 - /lp1Z@ (SNID)
 - Wc\;F (SNID)
 - T.?qfy (SNID)
 - -QAjJ/ (SNID)
 - 7\arKy (SNID)
 - Cb.-\ (SNID)
 - \8y<1 (SNID)
 - #e5/c4 (SNID)
 - 4~/!c (SNID)
 - w0{U|l/ (SNID)
 - Z~\bx@f (SNID)
 - D\FvxG (SNID)
 - Uy`\~ (SNID)
 - F\Y6`6 (SNID)
 - /4`@nS (SNID)
 - =/jW] (SNID)
 - \`.i9 (SNID)
 - tgy\C (SNID)
 - .yL"> (SNID)
 - R{t@. (SNID)
 - BXVo. (SNID)
 - /@_~; (SNID)
 - PE/b)]x2T (SNID)
 - .A[G< (SNID)
 - <BH/U (SNID)
 - +.XrV (SNID)
 - %?.,WY (SNID)
 - )/VE&?$ (SNID)
 - $$ 68/ (SNID)
 - .lz*$ZJ_B (SNID)
 - 4/(=-= (SNID)
 - ^N\kM (SNID)
 - ;\A(e@ (SNID)
 - \MLz8 (SNID)
 - Fz\YpiS% (SNID)
 - \'NI. (SNID)
 - >]._} (SNID)
 - nJs (SNID)
 - OAb3\ (SNID)
 - bkDP_\n (SNID)
 - =.P</ (SNID)
 - '.`n+p (SNID)
 - MM<.^ (SNID)
 - /_CFM (SNID)
 - \Xz^k (SNID)
 - #)].z (SNID)
 - \/~"j (SNID)
 - X m~. (SNID)
 - 2j>\M (NID)
 - \4;a: (SNID)
 - :.d{[} (SNID)
 - <*rZ\ (SNID)
 - ]Eb\| (SNID)
 - ;b/Xl (SNID)
 - /R&_h (SNID)
 - 0.;\c< (SNID)
 - .]$q.f (SNID)
 - fKt.!l (SNID)
 - EFP|b1,k.| (SNID)
 - /o~cS (SNID)
 - L/<{}f$ (SNID)
 - \)MKW (SNID)
 - I$._j:/ (SNID)
 - Gon.o (SNID)
 - :WBk. (SNID)
 - /F~8avl (SNID)
 - *.Y5I (SNID)
 - \Il`uk (SNID)
 - lrq8@.kb (SNID)
 - RYyL\b (SNID)
 - \~Xv  (SNID)
 - )\j|t (SNID)
 - &,TU. (SNID)
 - Vy(/# (SNID)
 - 6$\12/ (SNID)
 - JSn (SNID)
 - n5X?[Rw. (SNID)
 - 5.C>Y (SNID)
 - }/S41 (SNID)
 - "Y"S. (SNID)
 - m>m/S (SNID)
 - (V9/: (SNID)
 - V-..g (SNID)
 - js: (SNID)
 - ym",\\ (SNID)
 - dO;v\ (SNID)
 - \uZ!d (SNID)
 - u/Z,n (SNID)
 - Y\pUH (SNID)
 - 3f\$# (SNID)
 - .}rx  (SNID)
 - udqV. (SNID)
 - ${Q&. (SNID)
 - 4f\8l(4>a (SNID)
 - .k+:W% (SNID)
 - z7/!Q (SNID)
 - IV/*V:V (SNID)
 - J1"/  (SNID)
 - 4mg.) (SNID)
 - [\*{y (SNID)
 - \7l5(" (SNID)
 - Lc\wlm (SNID)
 - Sf\,Uo (SNID)
 - MS/B374 (SNID)
 - q7/r&X4 (SNID)
 - A&|#V. (SNID)
 - JcU\Rw (SNID)
 - ;r!=F/` Tx (SNID)
 - @\9F5 (SNID)
 - r</k= (SNID)
 - " w'-. (SNID)
 - =?[R. (SNID)
 - bcF)\ (SNID)
 - QFC\ H"* (SNID)
 - /f0oZ (SNID)
 - T\Eva (SNID)
 - %].0L (SNID)
 - js-N (SNID)
 - KlO/&R (SNID)
 - K_o\^ (SNID)
 - 79w.l (SNID)
 - axR/] (SNID)
 - "beO\v'ss (SNID)
 - .i+?5 (SNID)
 - )Qa_/ (SNID)
 - 0~!5/ (SNID)
 - :%Ui.C; (SNID)
 - :.eX%X (SNID)
 - `ve\Rc (SNID)
 - Xw.(n (SNID)
 - xN6Zs/ (SNID)
 - y/ule (SNID)
 - 5|B\e. (SNID)
 - M.$YT\ (SNID)
 - \a)rW (SNID)
 - fL.&C (SNID)
 - Lc/]M[ (SNID)
 - |W]\c (SNID)
 - /<)g9y (SNID)
 - 2%7.p#:.O& (SNID)
 - y/:{IT (SNID)
 - /kzCf% (SNID)
 - 4.N_< (SNID)
 - ;$z;n. (SNID)
 - /Qm>?L (SNID)
 - ve7>/n& (SNID)
 - f11Y.4 (SNID)
 - ujSS0aC (SNID)
 - BE\1~ (SNID)
 - .-LPNa (SNID)
 - \2km~ (SNID)
 - /NBWHO?| (SNID)
 - oV\]* (SNID)
 - JSV (SNID)
 - .DN,mG (SNID)
 - +.mg% (SNID)
 - H}<W/ (SNID)
 - dIjs (SNID)
 - &qkE. (SNID)
 - (c!\: (SNID)
 - T2\~' (SNID)
 - /fF1f  (SNID)
 - Y7Exe$8- (SNID)
 - <I){/7 (SNID)
 - /-/,HP`) (SNID)
 - v0.1< (SNID)
 - +vy.6{ (SNID)
 - Y\@1&BT (SNID)
 - @GI.y (SNID)
 - "h".KY (SNID)
 - dMJ./ (SNID)
 - yn(7. (SNID)
 - q#cqI/ (SNID)
 - m\"RH (SNID)
 - /o^@S (SNID)
 - PV%r\ (SNID)
 - ,\tV? (SNID)
 - n%\ # (SNID)
 - .W7c) (SNID)
 - *+S.W],g (SNID)
 - hV\=b (SNID)
 - /*^)W: (SNID)
 - 4%4!qb/) (SNID)
 - d\\+-Wl (SNID)
 - /A[F9 (SNID)
 - 54u.3 (SNID)
 - G\6fbLhS: (SNID)
 - 62S/U (SNID)
 - J~Wf.0 (SNID)
 - .%SP-M (SNID)
 - >JS (SNID)
 - UU\Wj (SNID)
 - /Vjr_j (SNID)
 - YG2\n (SNID)
 - ]/xDT (SNID)
 - \pDvw (SNID)
 - yE\)L (SNID)
 - "51\9 (SNID)
 - $^?bwy. (SNID)
 - F"E.L (SNID)
 - X/d.Z (SNID)
 - z\jJEeg (SNID)
 - \.,Cr (SNID)
 - '/xk% (SNID)
 - (.WI_ (SNID)
 - *:UU.BV_N (SNID)
 - [s#/N (SNID)
 - 7d\yz (SNID)
 - ";js0 (SNID)
 - gg.Z z (SNID)
 - 1k|WS8t. (SNID)
 - /l<=#" (SNID)
 - #Pr'. (SNID)
 - uJ2`\H (SNID)
 - DuuW+. (SNID)
 - l(\@L (SNID)
 - {_vQ. (SNID)
 - /G#kp (SNID)
 - )IJQ/ (SNID)
 - ;/_Vn (SNID)
 - "\gbJFL (SNID)
 - /BG3M<+ (SNID)
 - <I/A! (SNID)
 - 3Jr\;2 (SNID)
 - ;js (SNID)
 - fKDg.F (SNID)
 - "A\Zz` (SNID)
 - /4d5p (SNID)
 - KJs (SNID)
 - -w._Mmk (SNID)
 - 15&z. (SNID)
 - -f/d0KS" (SNID)
 - k)N/9 (SNID)
 - [/N0, (SNID)
 - ]\#AU, (SNID)
 - UxLc\ (SNID)
 - 1;S?{/ (SNID)
 - +CZ/NT (SNID)
 - >\?$i (SNID)
 - }jS (SNID)
 - JS/ (SNID)
 - 7 !// (SNID)
 - _Y44&/ (SNID)
 - A:@?\@ (SNID)
 - .""P, (SNID)
 - .(<gaA (SNID)
 - +c/\uhr (SNID)
 - A/<FkX (SNID)
 - \S^|= (SNID)
 - d.KQ_c (SNID)
 - cJsg (SNID)
 - Ct/z@ D (SNID)
 - Br.[Ny (SNID)
 - k7?.# (SNID)
 - Uje \ (SNID)
 - <a/urh (SNID)
 - x/7~N} (SNID)
 - xJs2 (SNID)
 - \4_,T< (SNID)
 - <21/Q (SNID)
 - -.3Zgr (SNID)
 - RJ0/8 (SNID)
 - PW.HL (SNID)
 - wX.XH (SNID)
 - }\IQ* (SNID)
 - p5/ea (SNID)
 -  }p{\4Q (SNID)
 - .F6LN (SNID)
 - t.}QN (SNID)
 - {;W6. (SNID)
 - }Js;) (SNID)
 - =*A.)sz3 (SNID)
 - bq:.u (SNID)
 - a\f:NY (SNID)
 - K\BP5 (SNID)
 - n?vF. (SNID)
 - *!h/N (SNID)
 - JS. (SNID)
 - tgW/vV (SNID)
 - \~JcI (SNID)
 - nLjs (SNID)
 - /KaO'Z (SNID)
 - \.$w~` (SNID)
 - .~B_$Bl (SNID)
 - 4/+7i (SNID)
 - 0Z[/Lam (SNID)
 - !#HSTR:StringCodeForMshta.A!pli (PEHSTR_EXT)
 - !#HSTR:StringCodeForHooking.C!pli (PEHSTR_EXT)
 - !#HSTR:StringCodeForHooking.D!pli (PEHSTR_EXT)
 - !#HSTR:StringCodeForHooking.L!pli (PEHSTR_EXT)
 - !#HSTR:StringCodeForHooking.O!pli (PEHSTR_EXT)
 - !#HSTR:StringCodeForRegsvr32.A!pli (PEHSTR_EXT)
 - !#HSTR:StringCodeForRundll32.A!pli (PEHSTR_EXT)
 - rundll32 (PEHSTR_EXT)
 - !#HSTR:StringCodeForBITSJobs.A!pli (PEHSTR_EXT)
 - !#HSTR:StringCodeForPowerShell.G!pli (PEHSTR_EXT)
 - !#HSTR:StringCodeForScheduledTask.A!pli (PEHSTR_EXT)
 - !#HSTR:StringCodeForDataEncoding.D!pli (PEHSTR_EXT)
 - !#HSTR:StringCodeForHooking.J!pli (PEHSTR_EXT)
 - !#HSTR:StringCodeForHooking.K!pli (PEHSTR_EXT)
 - !#HSTR:StringCodeForRemoteFileCopy.B!pli (PEHSTR_EXT)
 - !#HSTR:ExecutionGuardrails (PEHSTR_EXT)
 - !#HSTR:StringCodeForFileDeletion.A!pli (PEHSTR_EXT)
 - !#HSTR:StringCodeForHooking.M!pli (PEHSTR_EXT)
 - !#HSTR:StringCodeForNetshHelperDLL.A!pli (PEHSTR_EXT)
 - !#HSTR:StringCodeForRemoteServices.A!pli (PEHSTR_EXT)
Known malware which is associated with this threat:
Filename: winapp
0517ca4649e33faefa3a6bfcd2707a8376a981be4b42b9d19146ebb93e7f8a35
27/05/2026
VirusTotalDownload Sample
Filename: AccountsHelper
adde733a6424b84f261706d0dc3e3437ba29b4194133035c645328fc7a95a7ee
21/05/2026
VirusTotalDownload Sample
Filename: 2eb62756704f169e6da9f0921442a637cf67aa256ced56226cb265db5838b239
2eb62756704f169e6da9f0921442a637cf67aa256ced56226cb265db5838b239
21/05/2026
VirusTotalDownload Sample
Filename: ac1756b496da979bb04333f466deeaa93b9c243a7f5a072d4d6b00fbb4335d73
ac1756b496da979bb04333f466deeaa93b9c243a7f5a072d4d6b00fbb4335d73
21/05/2026
VirusTotalDownload Sample
Filename: .mainhelper
6cb4b6539f6f468bebb8e086413db41180cac3b195b953727bafe01da72c9d9b
30/04/2026
VirusTotalDownload Sample
Remediation Steps:
Isolate the infected macOS device, perform a full system scan with updated antivirus software to remove the Trojan, and block identified C2 domains (gpmce.net, booble.com) at the network level. Review system for any persistent malicious components and consider changing affected user credentials.
=== END REPORT ===
$ reanalyze-threat
This analysis was last updated on 17/11/2025. Do you want to analyze it again?
$ ls available-commands/
→ cd /home
user@threatcheck.sh:~$