jq

JSON
executablemacOS372.1 KBarm64

Unidentified utility — performs network communication and local processing

An ad-hoc signed executable that initiates network connections to 3 endpoints and processes local data. Contains 954 functions organized around 2 standard frameworks, suggesting general-purpose utility behavior rather than a focused system component. The minimal string data and network activity make specific functionality difficult to determine, but the presence of hardcoded endpoints indicates intentional remote communication. Security analysts should verify the source and legitimacy of this binary, as ad-hoc signing and sparse identifiable artifacts are atypical for legitimate macOS system tools.AI

Fingerprint

Platform
macOS
Type
executable
Arch
arm64
Min OS
15.0.0
SDK
15.0.0
File Size
372.1 KB
UUID
4261B859-0AF9-3124-B27A-28387B8F2357
Analyzed
2026-04-09T08:57:20Z
CDHash
b563878ec7bf24866aa28b3a5417c0438d4ef25402c07ada457215592fe1c5f6

Interesting Strings

Network Surface

Endpoints(3)

Urlhttps://jqlang.github.io/jq
Hostnamejqlang.github.io
Urlhttps://jqlang.github.io/jq/.

DNA Capability Vector

Location
0
Keychain
0
Network
0
Storage
0
Hardware
0
IPC
0
Analytics
0
Security
0
System
0

Behavioral Profile

URL Endpoints
2
Telemetry Strings
0
File Paths
0
Bundle IDs
0
IOKit Constants
0
Library Functions
258

Structural HashesSHA-256

Code51c6ee99ed163542a5e717919906adfdc690bd179a2dc7e6184aeeb2254d35b5
Importsca6508c95d5846a0268bc284361d3054a3aa1f0242e3d9e0da36c4b02775becf
Frameworksa935c0e628bbc8276eba5f1ad3f04f64badd54d9bc02cbcc8705d581a1b27fe1
Classese3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Entitlementse3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Symbolsca6508c95d5846a0268bc284361d3054a3aa1f0242e3d9e0da36c4b02775becf

Static Libraries258 / 954 functions identified

Identified Libraries

FLAC 1.5.0 (37 fn)FLAC++ 1.5.0 (2 fn)SDL2 2.32.10 (25 fn)SDL2_test 2.32.10 (3 fn)X11 1.8.12 (17 fn)Xext 1.3.6 (1 fn)aom 3.13.1 (9 fn)ass 0.17.4 (1 fn)avcodec 8.0.1 (1 fn)avformat 8.0.1 (1 fn)boost_json 1.89.0 (1 fn)boost_log 1.89.0 (1 fn)boost_program_options 1.89.0 (1 fn)boost_python313 1.89.0 (3 fn)boost_test_exec_monitor 1.89.0 (2 fn)brotlienc 1.2.0 (1 fn)cares 1.34.5 (2 fn)crypto 3.6.1 (8 fn)flatbuffers 25.9.23 (4 fn)fontconfig 2.17.1 (1 fn)gettextlib 0.26_1 (1 fn)gio-2.0 2.86.3 (2 fn)harfbuzz 12.3.0 (6 fn)harfbuzz-subset 12.3.0 (1 fn)jq 1.7.1 (124 fn)tesseract 5.5.2 (3 fn)

Functions(954)

0x100003fd8main
0x100005580isoption
0x100005610usage
0x1000056c4skip_shebang
0x100005760debug_cb
0x1000057e8stderr_cb
0x10000589cprocess
0x100005ce8die
0x100005d3cbinop_plus
0x100005f60type_error2
0x100006040binop_minus
0x100006268binop_multiply
0x100006470binop_divide
0x1000065bcbinop_mod
0x100006760binop_equal
0x100006774binop_notequal
0x100006790binop_less
0x100006798order_cmp
0x1000067f0binop_greater
0x10000680cbinop_lesseq

Imports140 symbols from 2 dylibs

libSystem.B.dylib131libonig.5.dylib9

Exports378

DECPOWERS0x40180
DECSTICKYTAB0x40176
JV_FALSE0x3fd20
JV_INVALID0x3fd10
JV_NULL0x3fd00
JV_TRUE0x3fd30
LNnn0x40220
_jq_memmem0x25a24
_jq_path_append0x12d78
_mh_execute_header0x0
binop_divide0x6470
binop_equal0x6760
binop_greater0x67f0
binop_greatereq0x6814
binop_less0x6790
binop_lesseq0x680c
binop_minus0x6040
binop_mod0x65bc
binop_multiply0x6268
binop_notequal0x6774
binop_plus0x5d3c
block_append0xf00c
block_bind_library0xf11c
block_bind_referenced0xf27c
block_bind_self0xf378
block_compile0x1190c
block_const0xebe4
block_const_kind0xebac
block_drop_unreferenced0xf434
block_free0xf34c
block_has_main0x10ca0
block_has_only_binders0xf0b8
block_has_only_binders_and_imports0xf054
block_is_const0xeb7c
block_is_funcdef0x10cc4
block_is_noop0xe8e0
block_is_single0xe84c
block_join0xeeec
block_list_funcs0xf6b8
block_module_meta0xf890
block_take_imports0xf5e4
builtins_bind0x681c
bytecode_free0xe7b4
bytecode_operation_length0xe19c
d2utable0x401ee
decContextClearStatus0x2626c
decContextDefault0x2627c
decContextGetRounding0x2635c
decContextGetStatus0x26364
decContextRestoreStatus0x2636c
decContextSaveStatus0x26384
decContextSetRounding0x26390
decContextSetStatus0x26320
decContextSetStatusFromString0x26398
decContextSetStatusFromStringQuiet0x26618
decContextSetStatusQuiet0x267f8
decContextStatusToString0x26808
decContextTestEndian0x26940
decContextTestSavedStatus0x26948
decContextTestStatus0x26954
decContextZeroStatus0x26964
decNumberAbs0x27cdc
decNumberAdd0x28468
decNumberAnd0x284b8
decNumberClass0x2e678
decNumberClassToString0x2e734
decNumberCompare0x286d4
decNumberCompareSignal0x28aa8
decNumberCompareTotal0x28af8
decNumberCompareTotalMag0x28b48
decNumberCopy0x28d1c
decNumberCopyAbs0x2b574
decNumberCopyNegate0x2e758
decNumberCopySign0x2c09c
decNumberDivide0x28da0
decNumberDivideInteger0x29ae0
decNumberExp0x29b30
decNumberFMA0x2a294
decNumberFromInt320x2696c
decNumberFromString0x27338
decNumberFromUInt320x269a0
decNumberGetBCD0x2e778
decNumberInvert0x2aae0
decNumberIsNormal0x2c0c8
decNumberIsSubnormal0x2e894
decNumberLn0x2ac70
decNumberLog100x2b604
decNumberLogB0x2b2fc
decNumberMax0x2b95c
decNumberMaxMag0x2b9ac
decNumberMin0x2b9fc
decNumberMinMag0x2ba4c
decNumberMinus0x2ba9c
decNumberMultiply0x2c324
decNumberNextMinus0x2bb0c
decNumberNextPlus0x2bc88
decNumberNextToward0x2bd40
decNumberNormalize0x2cf3c
decNumberOr0x2c108
decNumberPlus0x2b594
decNumberPower0x2c370
decNumberQuantize0x2ccac
decNumberReduce0x2cf40
decNumberRemainder0x2d1c0
decNumberRemainderNear0x2d210
decNumberRescale0x2d170
decNumberRotate0x2d260
decNumberSameQuantum0x2d7b8
decNumberScaleB0x2d81c
decNumberSetBCD0x2e7d8
decNumberShift0x2d958
decNumberSquareRoot0x2dba4
decNumberSubtract0x2e2f0
decNumberToEngString0x27310
decNumberToInt320x26a8c
decNumberToIntegralExact0x2e340
decNumberToIntegralValue0x2e408
decNumberToString0x26c30
decNumberToUInt320x26b60
decNumberTrim0x2e8d4
decNumberVersion0x2e91c
decNumberXor0x2e45c
decNumberZero0x26a18
dump_disassembly0xe1dc
dump_operation0xe43c
expand_path0x25828
gen_and0x10d8c
gen_array_matcher0x11200
gen_both0xfd24
gen_call0xfc8c
gen_cbinding0x11834
gen_collect0xffd8
gen_cond0x11400
gen_condbranch0x10ce4
gen_const0xe9dc
gen_const_global0xea50
gen_const_object0xfde8
gen_definedor0x109b0
gen_destructure0x11078
gen_destructure_alt0x10ff4
gen_dictpair0xee5c
gen_error0xe95c
gen_foreach0x10774
gen_function0xfabc
gen_import0xf8b0
gen_import_meta0xfa08
gen_label0x11634
gen_lambda0xfd04
gen_location0xe85c
gen_module0xf788
gen_noop0xe8d4
gen_object_matcher0x11344
gen_op_bound0xee20
gen_op_pushk_under0xeafc
gen_op_simple0xe8f0
gen_op_target0xec1c
gen_op_targetlater0xec94
gen_op_unbound0xed50
gen_op_var_fresh0xede0
gen_or0x10ebc
gen_param0xfcf8
gen_param_regular0xfcec
gen_reduce0x10290
gen_subexp0xef1c
gen_try0x11518
gen_var_binding0xfc38
get_home0x25944
inst_set_target0xed00
jq_compile0x15048
jq_compile_args0x14c4c
jq_dump_disassembly0x15240
jq_format_error0x1478c
jq_get_attr0x150c4
jq_get_debug_cb0x15274
jq_get_error_cb0x14a3c
jq_get_error_message0x152e4
jq_get_exit_code0x152d8
jq_get_input_cb0x15258
jq_get_jq_origin0x1507c
jq_get_lib_dirs0x15140
jq_get_prog_origin0x150f8
jq_get_stderr_cb0x15290
jq_halt0x152a4
jq_halted0x152d0
jq_init0x14910
jq_next0x1309c
jq_parse0x334c4
jq_parse_library0x33568
jq_realpath0x25978
jq_report_error0x1307c
jq_set_attr0x15204
jq_set_attrs0x151b4
jq_set_colors0x22afc
jq_set_debug_cb0x1526c
jq_set_error_cb0x14a14
jq_set_input_cb0x15250
jq_set_nomem_handler0x14a50
jq_set_stderr_cb0x15288
jq_start0x14a8c
jq_teardown0x14bfc
jq_testsuite0x152f0
jq_util_input_add_input0x25bd4
jq_util_input_errors0x25c28
jq_util_input_free0x25b4c
jq_util_input_get_current_filename0x25ee0
jq_util_input_get_current_line0x25f40
jq_util_input_get_position0x25e50
jq_util_input_init0x25a28
jq_util_input_next_input0x25c38
jq_util_input_next_input_cb0x25c30
jq_util_input_set_parser0x25adc
jq_yy_create_buffer0x30344
jq_yy_delete_buffer0x30864
jq_yy_flush_buffer0x308c8
jq_yy_scan_buffer0x30a88
jq_yy_scan_bytes0x30b4c
jq_yy_scan_string0x30b1c
jq_yy_switch_to_buffer0x307b4
jq_yyalloc0x30860
jq_yyfree0x308c4
jq_yyget_column0x30c04
jq_yyget_debug0x30cc0
jq_yyget_extra0x303c0
jq_yyget_in0x30c28
jq_yyget_leng0x30c38
jq_yyget_lineno0x30be0
jq_yyget_lloc0x30ce0
jq_yyget_lval0x30cd0
jq_yyget_out0x30c30
jq_yyget_text0x30c40
jq_yylex0x2f358
jq_yylex_destroy0x30e10
jq_yylex_init0x30cf0
jq_yylex_init_extra0x30d7c
jq_yypop_buffer_state0x309f8
jq_yypush_buffer_state0x3094c
jq_yyrealloc0x30ea0
jq_yyrestart0x3066c
jq_yyset_column0x30c7c
jq_yyset_debug0x30cc8
jq_yyset_extra0x303c8
jq_yyset_in0x30cb0
jq_yyset_lineno0x30c48
jq_yyset_lloc0x30ce8
jq_yyset_lval0x30cd8
jq_yyset_out0x30cb8
jv_array0x17538
jv_array_append0x178f0
jv_array_concat0x17950
jv_array_get0x175a0
jv_array_indexes0x17bc0
jv_array_length0x1756c
jv_array_set0x17668
jv_array_sized0x174f8
jv_array_slice0x17a48
jv_bool0x16e34
jv_cmp0x1c754
jv_contains0x19c90
jv_copy0x16eec
jv_delpaths0x1b764
jv_dump0x235bc
jv_dump_string0x23688
jv_dump_string_trunc0x236f0
jv_dumpf0x22c44
jv_equal0x17d9c
jv_false0x16e1c
jv_free0x16f00
jv_get0x1a4f4
jv_get_kind0x16de0
jv_get_refcnt0x18688
jv_getpath0x1b638
jv_group0x1cbfc
jv_has0x1b140
jv_identical0x19c20
jv_invalid0x16e84
jv_invalid_get_msg0x16e90
jv_invalid_has_msg0x16fe0
jv_invalid_with_msg0x16e48
jv_is_integer0x172c8
jv_keys0x1c4e8
jv_keys_unsorted0x1c3b8
jv_kind_name0x16de8
jv_load_file0x209dc
jv_mem_alloc0x1a3bc
jv_mem_alloc_unguarded0x1a3d8
jv_mem_calloc0x1a3dc
jv_mem_calloc_unguarded0x1a3f8
jv_mem_free0x1a41c
jv_mem_realloc0x1a420
jv_mem_strdup0x1a3fc
jv_mem_strdup_unguarded0x1a418
jv_nomem_handler0x1a2dc
jv_null0x16e28
jv_number0x171e0
jv_number_get_literal0x170a4
jv_number_has_literal0x1707c
jv_number_value0x171ec
jv_number_with_literal0x1713c
jv_object0x18f9c
jv_object_delete0x1944c
jv_object_get0x19070
jv_object_has0x1917c
jv_object_iter0x19738
jv_object_iter_key0x19764
jv_object_iter_next0x197d4
jv_object_iter_valid0x19758
jv_object_iter_value0x197a4
jv_object_length0x19560
jv_object_merge0x19644
jv_object_merge_recursive0x19878
jv_object_set0x19200
jv_parse0x21cf0
jv_parse_custom_flags0x21d1c
jv_parse_sized0x21ce8
jv_parse_sized_custom_flags0x21b54
jv_parser_free0x20d98
jv_parser_new0x20ccc
jv_parser_next0x20ea8
jv_parser_remaining0x20e00
jv_parser_set_buf0x20e1c
jv_set0x1abe8
jv_setpath0x1b360
jv_show0x23610
jv_sort0x1b984
jv_string0x178c8
jv_string_append_buf0x18e0c
jv_string_append_codepoint0x1869c
jv_string_append_str0x18e88
jv_string_concat0x18c80
jv_string_empty0x18190
jv_string_explode0x186e4
jv_string_fmt0x18f74
jv_string_hash0x1891c
jv_string_implode0x187e0
jv_string_indexes0x182dc
jv_string_length_bytes0x181e4
jv_string_length_codepoints0x1821c
jv_string_sized0x18038
jv_string_slice0x18a88
jv_string_split0x18450
jv_string_value0x182bc
jv_string_vfmt0x18ecc
jv_true0x16e10
jv_tsd_dec_ctx_fini0x17018
jv_tsd_dec_ctx_init0x17048
jvp_dtoa0x1f0a4
jvp_dtoa_context_free0x1ce68
jvp_dtoa_context_init0x1ce54
jvp_dtoa_fmt0x20534
jvp_freedtoa0x1f070
jvp_number_cmp0x1736c
jvp_number_is_nan0x17314
jvp_strtod0x1cee4
jvp_utf8_backtrack0x23c40
jvp_utf8_decode_length0x23e00
jvp_utf8_encode0x23e5c
jvp_utf8_encode_length0x23e34
jvp_utf8_is_valid0x23db4
jvp_utf8_next0x23cb4
load_module_meta0x23f24
load_program0x24a20
locfile_free0x255f8
locfile_get_line0x25650
locfile_init0x254dc
locfile_locate0x256a0
locfile_retain0x255e8
main0x3fd8
opcode_describe0xe178
stack_get_pos0x12cc8
stack_pop0x12b94
stack_popn0x12c34
stack_push0x12a70
stack_restore0x12e90
stack_save0x12cd4
tsd_dtoa_context_get0x2f250
yyerror0x30ea4
yylex0x30f1c
yyparse0x31044

Similar Binaries1,470 comparable

aarch64-linux-musl-c++filt
55.8%
aarch64-linux-musl-addr2line
55.8%
aarch64-linux-musl-nm
55.8%
aarch64-linux-musl-strings
55.8%
aarch64-linux-musl-size
55.8%
x86_64-linux-musl-gprof
55.7%
xgettext
55.7%
x86_64-linux-musl-addr2line
55.6%
x86_64-linux-musl-nm
55.6%
x86_64-linux-musl-c++filt
55.6%