mandoc_soelim

executablemacOS100.8 KBx86_64, arm64

Apple system utility — communicates with remote endpoints for configuration or telemetry

Signed Apple executable that establishes network connections to 6 remote endpoints, suggesting communication for system configuration, updates, or diagnostics. Contains 4 bundle identifiers and references multiple file paths, indicating integration with system services. Uses standard macOS frameworks for its operations. The presence of hardcoded URLs and network endpoints suggests automated reporting or data synchronization with Apple infrastructure, though the specific purpose requires deeper analysis of the endpoint destinations and payload handling.AI

Fingerprint

Platform: macOS
Type: executable
Arch: x86_64, arm64
Min OS: 26.1.0
SDK: 26.1.0
File Size: 100.8 KB
UUID: 9D3D4E18-6782-31E7-8CC6-F5190CA4C3F6
Analyzed: 2026-04-07T05:21:17Z
CDHash: 7c3bc70720b173dfc326e0df90d451889a786d70ddd8d615e2a3946889f8fd05

Frameworks1

libSystem.B.dylib

Interesting Strings

Bundle IDs(4)

/AppleInternal/Library/BuildRoots/4~B_wKugDSuC05Ay1Aq_KO2rR-2HS7xWtfSLa148Y/Library/Caches/com.apple.xbs/Binaries/mandoc/install/TempContent/Objects//AppleInternal/Library/BuildRoots/4~B_wKugDSuC05Ay1Aq_KO2rR-2HS7xWtfSLa148Y/Library/Caches/com.apple.xbs/Binaries/mandoc/install/TempContent/Objects/compat_reallocarray.o /AppleInternal/Library/BuildRoots/4~B_wKugDSuC05Ay1Aq_KO2rR-2HS7xWtfSLa148Y/Library/Caches/com.apple.xbs/Binaries/mandoc/install/TempContent/Objects/soelim.o com.apple.mandoc_soelim

File Paths(3)

/AppleInternal/Library/BuildRoots/4~B_wKugDSuC05Ay1Aq_KO2rR-2HS7xWtfSLa148Y/Library/Caches/com.apple.xbs/Binaries/mandoc/install/TempContent/Objects//AppleInternal/Library/BuildRoots/4~B_wKugDSuC05Ay1Aq_KO2rR-2HS7xWtfSLa148Y/Library/Caches/com.apple.xbs/Binaries/mandoc/install/TempContent/Objects/compat_reallocarray.o /AppleInternal/Library/BuildRoots/4~B_wKugDSuC05Ay1Aq_KO2rR-2HS7xWtfSLa148Y/Library/Caches/com.apple.xbs/Binaries/mandoc/install/TempContent/Objects/soelim.o

URLs & Endpoints(4)

$http://crl.apple.com/codesigning.crl0 %http://www.apple.com/appleca/root.crl0 <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">https://www.apple.com/appleca/0

Network Surface

Endpoints(6)

Urlhttp://www.apple.com/appleca/root.crl0

Hostnamewww.apple.com

Urlhttp://crl.apple.com/codesigning.crl0

Hostnamecrl.apple.com

Urlhttps://www.apple.com/appleca/0

Urlhttp://www.apple.com/DTDs/PropertyList-1.0.dtd">

DNA Capability Vector

Location

0

Keychain

0

Network

0

Storage

0

Hardware

0

IPC

0

Analytics

0

Security

0

System

0

Behavioral Profile

URL Endpoints

4

Telemetry Strings

0

File Paths

3

Bundle IDs

4

IOKit Constants

0

Library Functions

0

Structural HashesSHA-256

Code8fe965e01091c55143aa1362f204483c0aa3ff7d8ec742fde3c043d45449ff93

Importseb7dc728b8aa6bc2fe306c24adc8c8e0f758cf0b9829e99081c68a47c4d65d4e

Frameworksb97e2cdeefa15f4389f6b3af8effe69a9a08ff67358c734e7ad450bacde906ed

Classese3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Entitlementse3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Symbolseb7dc728b8aa6bc2fe306c24adc8c8e0f758cf0b9829e99081c68a47c4d65d4e

Static Libraries0 / 5 functions identified

Functions(5)

0x100000548reallocarray

0x1000005a0main

0x100000700soelim_file

0x1000008d8soelim_fopen

0x1000009f8main.cold.1

Imports24 symbols from 1 dylibs

libSystem.B.dylib24

Exports3

_mh_execute_header0x0

main0x5a0

reallocarray0x548

Similar Binaries1,470 comparable