AppleMobileBackup.exe
- File Path:
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileBackup.exe - Description: MobileBackup
Hashes
| Type | Hash |
|---|---|
| MD5 | DCF176A6E39582C5DA8D90EB3482282A |
| SHA1 | C1B40941BA32FA502E7F7CD0C13A8F2704360D00 |
| SHA256 | 3CA0ED5D56D58B32B14151EC98A5A82075DB0C9716FE971FB41FEB76020368D7 |
| SHA384 | C5CE26F0B3D23C139D31BC9CBA22A246CABB33295346E1A033DA20143A9D812EC7C6DFD9B1DC64C05FD38C7998D9F6DE |
| SHA512 | 5A1650F494706C33AAD497F2C31393769C604FD836E362FFC2A664DF77DF31D5E2C6B8C37A05E84140401BA06742A14BB7763298652E189DD8490C0F2E95DB38 |
| SSDEEP | 1536:3Gfi0CgBOBCofRgb68puZ6Z1Zlft9MrIZxoCzhdQmd+t7IJstl4Uad0ooa0Z3hSl:3GfKDBgbNY+JMrK+087IJMlRad0oT0Sl |
| IMP | F9F19AA12CF9A3977186C564DFC76D9C |
| PESHA1 | F43705FDAFDCCC106EA0EB1227EE80A0E8D172C4 |
| PE256 | 9A7078C9AA5BAD6335444BE4F7BD5FF7DCC0F3EFF05E497743DA9702E9CAB201 |
Runtime Data
Usage (stdout):
Usage: C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileBackup.exe
Action (one required):
-b, --backup perform a backup
-r, --restore perform a restore
-E, --erase erase target device
-C, --change password change backup password from the given old password
-e, --extract path extracts a relative path to the current directory
-R, --remove path removes a relative path from the backup
-f, --filename path prints the filename in a backup of a relative path
-i, --info display info about a backup
-I, --create-info create a placeholder Info.plist file
-l, --list list the contents of the backup
Options:
-d, --device deviceid device identifier (defaults to lockdown)
-t, --target deviceid target device identifier
-s, --source deviceid source device identifier
-P, --password password optional password when changing password or extracting files
-N, --no-pass-prompt ignore terminal prompt for password
-D, --domain name domain name for --extract (default "HomeDomain")
-q, --root path root backup directory
-o, --output path output file for action (not logging)
-h, --help print this message and exit
Loaded Modules:
| Path |
|---|
| C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileBackup.exe |
| C:\Windows\SYSTEM32\ntdll.dll |
| C:\Windows\System32\wow64.dll |
| C:\Windows\System32\wow64cpu.dll |
| C:\Windows\System32\wow64win.dll |
Signature
- Status: Signature verified.
- Serial:
4EF16586A2FF12D69C556EC4C91BAEE1 - Thumbprint:
634A0D892E72161714861C178015AFE9C1832E14 - Issuer: CN=Symantec Class 3 SHA256 Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US
- Subject: CN=Apple Inc., O=Apple Inc., L=Cupertino, S=California, C=US
File Metadata
- Original Filename: AppleMobileBackup.exe
- Product Name:
- Company Name: Apple Inc.
- File Version: 1737.0.0.9
- Product Version:
- Language: English (United States)
- Legal Copyright: 2020 Apple Inc. All rights reserved.
- Machine Type: 32-bit
File Scan
- VirusTotal Detections: 0/71
- VirusTotal Link: https://www.virustotal.com/gui/file/3ca0ed5d56d58b32b14151ec98a5a82075db0c9716fe971fb41feb76020368d7/detection/
File Similarity (ssdeep match)
MIT License. Copyright (c) 2020-2021 Strontic.