gtk-query-immodules-3.0
executablemacOS54.5 KBarm64
Unknown executable — purpose unclear from static analysis
Ad hoc signed arm64 binary with minimal framework dependencies and a small function count. The generic UUID-based filename and lack of code signing identity prevent identification of its intended purpose or origin. Security analysts should verify this binary's source, determine why it uses ad hoc signing rather than a proper identity, and examine runtime behavior to establish whether it performs legitimate system functions or represents potentially unauthorized code.AI
Fingerprint
- Platform
- macOS
- Type
- executable
- Arch
- arm64
- Min OS
- 15.0.0
- SDK
- 15.4.0
- File Size
- 54.5 KB
- UUID
- 7590DEF7-A5FC-3669-92F0-F253EED0DCFD
- Analyzed
- 2026-04-09T08:52:33Z
- CDHash
- 0cd9992a38f72743d0c9c4819dac6cd4155bb910bd0b6ea598d7aa7deed44fed
Frameworks6
DNA Capability Vector
Location
0
Keychain
0
Network
0
Storage
0
Hardware
0
IPC
0
Analytics
0
Security
0
System
0
Behavioral Profile
URL Endpoints
0
Telemetry Strings
0
File Paths
0
Bundle IDs
0
IOKit Constants
0
Library Functions
4
Structural HashesSHA-256
Static Libraries4 / 18 functions identified
Identified Libraries
Functions(18)
0x100002090main
0x100002394query_module
0x100002628print_escaped
0x1000027f0OUTLINED_FUNCTION_0
0x1000027fcOUTLINED_FUNCTION_1
0x100002808gtk_scan_string
0x100002980gtk_skip_space
0x1000029b4gtk_read_line
0x100002c68gtk_trim_string
0x100002cf8gtk_split_file_list
0x100002e14gtk_file_load_bytes
0x100002f50print_escaped.cold.1
0x100002f5cprint_escaped.cold.2
0x100002f68print_escaped.cold.3
0x100002f74print_escaped.cold.4
0x100002f80print_escaped.cold.5
0x100002f90gtk_trim_string.cold.1
0x100002facgtk_file_load_bytes.cold.1
Imports57 symbols from 6 dylibs
Exports8
_mh_execute_header0x0
gtk_file_load_bytes0x2e14
gtk_read_line0x29b4
gtk_scan_string0x2808
gtk_skip_space0x2980
gtk_split_file_list0x2cf8
gtk_trim_string0x2c68
main0x2090