| File name: | 1 (1123) |
| Full analysis: | https://app.any.run/tasks/0d87b22a-1543-482b-9e69-81600c243007 |
| Verdict: | Malicious activity |
| Analysis date: | March 24, 2025, 09:09:41 |
| OS: | Windows 10 Professional (build: 19045, 64 bit) |
| Indicators: | |
| MIME: | application/vnd.microsoft.portable-executable |
| File info: | PE32 executable (GUI) Intel 80386, for MS Windows, 3 sections |
| MD5: | 3753773DC310A32D0B5C0A43ABE3A140 |
| SHA1: | A710390D7F098B2E04CE5E2E230ED288A2929164 |
| SHA256: | 15C91F627D46F105BEAB9C31586349566DBE039C20FF4BCC0BE92229AF8ECEA3 |
| SSDEEP: | 6144:F7w8nTuuQDdeA5SzGOesM5jx5wPq5V8GBV/WymOdTk/8Sw/wpyAvEhPHZ6k6sIGa:FsOqTeA5mGhQP0qaVOymOd5x4DxmDsR |
MALICIOUS
No malicious indicators.SUSPICIOUS
Starts itself from another location
- 1 (1123).exe (PID: 2136)
- Unicorn-24177.exe (PID: 4688)
- Unicorn-43335.exe (PID: 5324)
- Unicorn-42345.exe (PID: 6768)
- Unicorn-30647.exe (PID: 920)
- Unicorn-50513.exe (PID: 2392)
- Unicorn-52551.exe (PID: 1280)
- Unicorn-20471.exe (PID: 3884)
- Unicorn-28085.exe (PID: 1164)
- Unicorn-46459.exe (PID: 5392)
- Unicorn-52589.exe (PID: 5972)
- Unicorn-52589.exe (PID: 5548)
- Unicorn-40891.exe (PID: 3300)
- Unicorn-19267.exe (PID: 2852)
- Unicorn-55033.exe (PID: 5544)
- Unicorn-62869.exe (PID: 6676)
- Unicorn-55256.exe (PID: 1096)
- Unicorn-30005.exe (PID: 5436)
- Unicorn-40211.exe (PID: 4464)
- Unicorn-11483.exe (PID: 5772)
- Unicorn-19097.exe (PID: 2040)
- Unicorn-50792.exe (PID: 4300)
- Unicorn-15448.exe (PID: 5968)
- Unicorn-31084.exe (PID: 2692)
- Unicorn-56408.exe (PID: 7184)
- Unicorn-64021.exe (PID: 5800)
- Unicorn-19097.exe (PID: 1568)
- Unicorn-64021.exe (PID: 6816)
- Unicorn-1806.exe (PID: 7176)
- Unicorn-3528.exe (PID: 7264)
- Unicorn-1535.exe (PID: 7280)
- Unicorn-788.exe (PID: 7296)
- Unicorn-4488.exe (PID: 7348)
- Unicorn-13211.exe (PID: 7368)
- Unicorn-13476.exe (PID: 6576)
- Unicorn-5365.exe (PID: 7384)
- Unicorn-12199.exe (PID: 7400)
- Unicorn-62781.exe (PID: 7496)
- Unicorn-5412.exe (PID: 7520)
- Unicorn-37056.exe (PID: 6424)
- Unicorn-50529.exe (PID: 7452)
- Unicorn-23181.exe (PID: 856)
- Unicorn-50529.exe (PID: 7444)
- Unicorn-7450.exe (PID: 7552)
- Unicorn-62781.exe (PID: 7488)
- Unicorn-50529.exe (PID: 7436)
- Unicorn-1328.exe (PID: 7504)
- Unicorn-21749.exe (PID: 7580)
- Unicorn-1883.exe (PID: 7572)
- Unicorn-38085.exe (PID: 7660)
- Unicorn-37322.exe (PID: 7672)
- Unicorn-38085.exe (PID: 7652)
- Unicorn-42723.exe (PID: 7724)
- Unicorn-46253.exe (PID: 7680)
- Unicorn-14135.exe (PID: 7620)
- Unicorn-34001.exe (PID: 7636)
- Unicorn-37123.exe (PID: 7716)
- Unicorn-18219.exe (PID: 7644)
- Unicorn-27870.exe (PID: 7628)
- Unicorn-33736.exe (PID: 7604)
- Unicorn-34555.exe (PID: 7752)
- Unicorn-36475.exe (PID: 7852)
- Unicorn-21430.exe (PID: 7884)
- Unicorn-19393.exe (PID: 7872)
- Unicorn-44089.exe (PID: 7832)
- Unicorn-48536.exe (PID: 7928)
- Unicorn-35272.exe (PID: 7956)
- Unicorn-56149.exe (PID: 7904)
- Unicorn-27731.exe (PID: 8032)
- Unicorn-35345.exe (PID: 8012)
- Unicorn-26474.exe (PID: 8076)
- Unicorn-24437.exe (PID: 8060)
- Unicorn-7146.exe (PID: 8168)
- Unicorn-53025.exe (PID: 8120)
- Unicorn-7908.exe (PID: 8152)
- Unicorn-61385.exe (PID: 8088)
- Unicorn-45049.exe (PID: 6712)
- Unicorn-61385.exe (PID: 7332)
- Unicorn-62729.exe (PID: 8240)
- Unicorn-58453.exe (PID: 8300)
- Unicorn-17975.exe (PID: 8356)
- Unicorn-55438.exe (PID: 8280)
- Unicorn-14275.exe (PID: 8212)
- Unicorn-14275.exe (PID: 8204)
- Unicorn-34503.exe (PID: 8288)
- Unicorn-58645.exe (PID: 8256)
- Unicorn-8358.exe (PID: 8460)
- Unicorn-55173.exe (PID: 8272)
- Unicorn-18490.exe (PID: 8308)
- Unicorn-21313.exe (PID: 8408)
- Unicorn-38395.exe (PID: 8384)
- Unicorn-50648.exe (PID: 8400)
- Unicorn-55329.exe (PID: 8512)
- Unicorn-14135.exe (PID: 7612)
- Unicorn-10212.exe (PID: 8540)
- Unicorn-9615.exe (PID: 8424)
- Unicorn-14296.exe (PID: 8548)
- Unicorn-46969.exe (PID: 8608)
- Unicorn-26357.exe (PID: 8668)
- Unicorn-12058.exe (PID: 8644)
- Unicorn-2921.exe (PID: 8616)
- Unicorn-55329.exe (PID: 8524)
- Unicorn-30249.exe (PID: 8800)
- Unicorn-59221.exe (PID: 8624)
- Unicorn-63113.exe (PID: 8748)
- Unicorn-40647.exe (PID: 8716)
- Unicorn-6631.exe (PID: 8924)
- Unicorn-34525.exe (PID: 8688)
- Unicorn-766.exe (PID: 8916)
- Unicorn-706.exe (PID: 8848)
- Unicorn-55308.exe (PID: 8856)
- Unicorn-39163.exe (PID: 8728)
- Unicorn-58572.exe (PID: 8828)
- Unicorn-56459.exe (PID: 7744)
- Unicorn-54051.exe (PID: 8972)
- Unicorn-15024.exe (PID: 8864)
- Unicorn-34887.exe (PID: 8812)
- Unicorn-15989.exe (PID: 9064)
- Unicorn-58867.exe (PID: 9092)
- Unicorn-63689.exe (PID: 9040)
- Unicorn-23700.exe (PID: 9116)
- Unicorn-48469.exe (PID: 9152)
- Unicorn-60721.exe (PID: 9176)
- Unicorn-15967.exe (PID: 9220)
- Unicorn-24327.exe (PID: 8372)
- Unicorn-20566.exe (PID: 5680)
- Unicorn-44193.exe (PID: 9208)
- Unicorn-20051.exe (PID: 9232)
- Unicorn-44193.exe (PID: 9212)
- Unicorn-51567.exe (PID: 9268)
- Unicorn-1852.exe (PID: 8632)
- Unicorn-62344.exe (PID: 8652)
- Unicorn-48667.exe (PID: 9292)
- Unicorn-37731.exe (PID: 9316)
- Unicorn-43107.exe (PID: 9344)
- Unicorn-51467.exe (PID: 9308)
- Unicorn-28625.exe (PID: 9360)
- Unicorn-45838.exe (PID: 9388)
- Unicorn-45838.exe (PID: 9396)
- Unicorn-41327.exe (PID: 8140)
- Unicorn-12973.exe (PID: 9452)
- Unicorn-41837.exe (PID: 9472)
- Unicorn-24903.exe (PID: 9428)
- Unicorn-21225.exe (PID: 9536)
- Unicorn-21587.exe (PID: 9648)
- Unicorn-19178.exe (PID: 9548)
- Unicorn-51712.exe (PID: 9676)
- Unicorn-21225.exe (PID: 9528)
- Unicorn-58172.exe (PID: 9724)
- Unicorn-35183.exe (PID: 9704)
- Unicorn-19428.exe (PID: 6324)
- Unicorn-55329.exe (PID: 8508)
- Unicorn-49678.exe (PID: 9868)
- Unicorn-48623.exe (PID: 8820)
- Unicorn-62205.exe (PID: 9928)
- Unicorn-13004.exe (PID: 9956)
- Unicorn-2376.exe (PID: 9936)
Executable content was dropped or overwritten
- 1 (1123).exe (PID: 2136)
- Unicorn-24177.exe (PID: 4688)
- Unicorn-50513.exe (PID: 2392)
- Unicorn-42345.exe (PID: 6768)
- Unicorn-52551.exe (PID: 1280)
- Unicorn-28085.exe (PID: 1164)
- Unicorn-20471.exe (PID: 3884)
- Unicorn-46459.exe (PID: 5392)
- Unicorn-40891.exe (PID: 3300)
- Unicorn-52589.exe (PID: 5972)
- Unicorn-30647.exe (PID: 920)
- Unicorn-55033.exe (PID: 5544)
- Unicorn-43335.exe (PID: 5324)
- Unicorn-62869.exe (PID: 6676)
- Unicorn-55256.exe (PID: 1096)
- Unicorn-30005.exe (PID: 5436)
- Unicorn-19267.exe (PID: 2852)
- Unicorn-40211.exe (PID: 4464)
- Unicorn-50792.exe (PID: 4300)
- Unicorn-19097.exe (PID: 1568)
- Unicorn-37056.exe (PID: 6424)
- Unicorn-31084.exe (PID: 2692)
- Unicorn-52589.exe (PID: 5548)
- Unicorn-64021.exe (PID: 5800)
- Unicorn-56408.exe (PID: 7184)
- Unicorn-3528.exe (PID: 7264)
- Unicorn-15448.exe (PID: 5968)
- Unicorn-1806.exe (PID: 7176)
- Unicorn-1535.exe (PID: 7280)
- Unicorn-788.exe (PID: 7296)
- Unicorn-4488.exe (PID: 7348)
- Unicorn-13211.exe (PID: 7368)
- Unicorn-13476.exe (PID: 6576)
- Unicorn-5365.exe (PID: 7384)
- Unicorn-12199.exe (PID: 7400)
- Unicorn-5412.exe (PID: 7520)
- Unicorn-62781.exe (PID: 7496)
- Unicorn-50529.exe (PID: 7444)
- Unicorn-7450.exe (PID: 7552)
- Unicorn-62781.exe (PID: 7488)
- Unicorn-50529.exe (PID: 7436)
- Unicorn-21749.exe (PID: 7580)
- Unicorn-19097.exe (PID: 2040)
- Unicorn-11483.exe (PID: 5772)
- Unicorn-1883.exe (PID: 7572)
- Unicorn-1328.exe (PID: 7504)
- Unicorn-38085.exe (PID: 7660)
- Unicorn-38085.exe (PID: 7652)
- Unicorn-42723.exe (PID: 7724)
- Unicorn-46253.exe (PID: 7680)
- Unicorn-34001.exe (PID: 7636)
- Unicorn-27870.exe (PID: 7628)
- Unicorn-14135.exe (PID: 7620)
- Unicorn-33736.exe (PID: 7604)
- Unicorn-64021.exe (PID: 6816)
- Unicorn-37123.exe (PID: 7716)
- Unicorn-18219.exe (PID: 7644)
- Unicorn-34555.exe (PID: 7752)
- Unicorn-56459.exe (PID: 7744)
- Unicorn-21430.exe (PID: 7884)
- Unicorn-36475.exe (PID: 7852)
- Unicorn-19393.exe (PID: 7872)
- Unicorn-35272.exe (PID: 7956)
- Unicorn-27731.exe (PID: 8032)
- Unicorn-44089.exe (PID: 7832)
- Unicorn-56149.exe (PID: 7904)
- Unicorn-41327.exe (PID: 8140)
- Unicorn-24437.exe (PID: 8060)
- Unicorn-7908.exe (PID: 8152)
- Unicorn-35345.exe (PID: 8012)
- Unicorn-7146.exe (PID: 8168)
- Unicorn-61385.exe (PID: 8088)
- Unicorn-45049.exe (PID: 6712)
- Unicorn-61385.exe (PID: 7332)
- Unicorn-62729.exe (PID: 8240)
- Unicorn-50529.exe (PID: 7452)
- Unicorn-58453.exe (PID: 8300)
- Unicorn-17975.exe (PID: 8356)
- Unicorn-14275.exe (PID: 8212)
- Unicorn-55438.exe (PID: 8280)
- Unicorn-14275.exe (PID: 8204)
- Unicorn-19428.exe (PID: 6324)
- Unicorn-34503.exe (PID: 8288)
- Unicorn-58645.exe (PID: 8256)
- Unicorn-21313.exe (PID: 8408)
- Unicorn-23181.exe (PID: 856)
- Unicorn-8358.exe (PID: 8460)
- Unicorn-18490.exe (PID: 8308)
- Unicorn-38395.exe (PID: 8384)
- Unicorn-55173.exe (PID: 8272)
- Unicorn-50648.exe (PID: 8400)
- Unicorn-55329.exe (PID: 8508)
- Unicorn-55329.exe (PID: 8512)
- Unicorn-10212.exe (PID: 8540)
- Unicorn-9615.exe (PID: 8424)
- Unicorn-14296.exe (PID: 8548)
- Unicorn-14135.exe (PID: 7612)
- Unicorn-46969.exe (PID: 8608)
- Unicorn-26357.exe (PID: 8668)
- Unicorn-12058.exe (PID: 8644)
- Unicorn-22827.exe (PID: 8708)
- Unicorn-55329.exe (PID: 8524)
- Unicorn-1852.exe (PID: 8632)
- Unicorn-766.exe (PID: 8916)
- Unicorn-37322.exe (PID: 7672)
- Unicorn-40647.exe (PID: 8716)
- Unicorn-34525.exe (PID: 8688)
- Unicorn-63113.exe (PID: 8748)
- Unicorn-58572.exe (PID: 8828)
- Unicorn-48623.exe (PID: 8820)
- Unicorn-55308.exe (PID: 8856)
- Unicorn-54051.exe (PID: 8972)
- Unicorn-15024.exe (PID: 8864)
- Unicorn-34887.exe (PID: 8812)
- Unicorn-23700.exe (PID: 9116)
- Unicorn-58867.exe (PID: 9092)
- Unicorn-63689.exe (PID: 9040)
- Unicorn-15989.exe (PID: 9064)
- Unicorn-48469.exe (PID: 9152)
- Unicorn-60721.exe (PID: 9176)
- Unicorn-15967.exe (PID: 9220)
- Unicorn-44193.exe (PID: 9212)
- Unicorn-24327.exe (PID: 8372)
- Unicorn-20566.exe (PID: 5680)
- Unicorn-44193.exe (PID: 9208)
- Unicorn-20051.exe (PID: 9232)
- Unicorn-51567.exe (PID: 9268)
- Unicorn-48536.exe (PID: 7928)
- Unicorn-48667.exe (PID: 9292)
- Unicorn-51467.exe (PID: 9308)
- Unicorn-37731.exe (PID: 9316)
- Unicorn-43107.exe (PID: 9344)
- Unicorn-28625.exe (PID: 9360)
- Unicorn-45838.exe (PID: 9396)
- Unicorn-45838.exe (PID: 9388)
- Unicorn-26474.exe (PID: 8076)
- Unicorn-24903.exe (PID: 9428)
- Unicorn-12973.exe (PID: 9452)
- Unicorn-41837.exe (PID: 9472)
- Unicorn-19178.exe (PID: 9548)
- Unicorn-21225.exe (PID: 9536)
- Unicorn-21587.exe (PID: 9648)
- Unicorn-41188.exe (PID: 9640)
- Unicorn-51712.exe (PID: 9676)
- Unicorn-58172.exe (PID: 9724)
- Unicorn-21225.exe (PID: 9528)
- Unicorn-35183.exe (PID: 9704)
- Unicorn-30249.exe (PID: 8800)
- Unicorn-49678.exe (PID: 9868)
- Unicorn-706.exe (PID: 8848)
- Unicorn-62205.exe (PID: 9928)
- Unicorn-39163.exe (PID: 8728)
- Unicorn-13004.exe (PID: 9956)
- Unicorn-8728.exe (PID: 10004)
- Unicorn-33787.exe (PID: 10020)
- Unicorn-47766.exe (PID: 10092)
- Unicorn-46040.exe (PID: 10052)
- Unicorn-18986.exe (PID: 10168)
- Unicorn-49932.exe (PID: 10076)
- Unicorn-60018.exe (PID: 10128)
- Unicorn-62344.exe (PID: 8652)
- Unicorn-5552.exe (PID: 8836)
- Unicorn-2649.exe (PID: 10152)
- Unicorn-55742.exe (PID: 10208)
- Unicorn-2376.exe (PID: 9936)
- Unicorn-37168.exe (PID: 9008)
- Unicorn-47382.exe (PID: 668)
- Unicorn-11180.exe (PID: 2644)
- Unicorn-31408.exe (PID: 7084)
- Unicorn-30854.exe (PID: 1812)
- Unicorn-18410.exe (PID: 10292)
- Unicorn-46488.exe (PID: 10356)
- Unicorn-26770.exe (PID: 6652)
- Unicorn-57396.exe (PID: 10260)
- Unicorn-51274.exe (PID: 10248)
- Unicorn-18685.exe (PID: 10420)
- Unicorn-30662.exe (PID: 10320)
- Unicorn-11585.exe (PID: 10396)
- Unicorn-32560.exe (PID: 10444)
- Unicorn-60521.exe (PID: 10368)
- Unicorn-53504.exe (PID: 8872)
- Unicorn-59826.exe (PID: 10216)
- Unicorn-39214.exe (PID: 7972)
- Unicorn-54464.exe (PID: 10460)
- Unicorn-3033.exe (PID: 10536)
- Unicorn-15093.exe (PID: 10620)
- Unicorn-6925.exe (PID: 10612)
- Unicorn-15840.exe (PID: 10564)
- Unicorn-2921.exe (PID: 8616)
- Unicorn-59221.exe (PID: 8624)
- Unicorn-25491.exe (PID: 10556)
- Unicorn-36858.exe (PID: 10704)
- Unicorn-52042.exe (PID: 10588)
- Unicorn-24392.exe (PID: 10436)
- Unicorn-10631.exe (PID: 10496)
- Unicorn-40536.exe (PID: 10516)
- Unicorn-6631.exe (PID: 8924)
- Unicorn-49665.exe (PID: 10736)
- Unicorn-49665.exe (PID: 10728)
- Unicorn-32582.exe (PID: 10784)
- Unicorn-20831.exe (PID: 8048)
- Unicorn-6031.exe (PID: 10744)
- Unicorn-32774.exe (PID: 10696)
- Unicorn-41112.exe (PID: 10832)
- Unicorn-49281.exe (PID: 10868)
- Unicorn-4953.exe (PID: 10944)
- Unicorn-23765.exe (PID: 10920)
- Unicorn-4953.exe (PID: 10948)
- Unicorn-60978.exe (PID: 10844)
- Unicorn-42264.exe (PID: 11052)
- Unicorn-29458.exe (PID: 10984)
- Unicorn-21290.exe (PID: 10976)
- Unicorn-41688.exe (PID: 10664)
- Unicorn-4761.exe (PID: 11092)
- Unicorn-34096.exe (PID: 11044)
- Unicorn-4761.exe (PID: 11100)
- Unicorn-53962.exe (PID: 11036)
- Unicorn-61938.exe (PID: 11144)
- Unicorn-53025.exe (PID: 8120)
- Unicorn-47832.exe (PID: 11028)
- Unicorn-29074.exe (PID: 11204)
- Unicorn-61938.exe (PID: 11152)
- Unicorn-29074.exe (PID: 11212)
- Unicorn-16364.exe (PID: 11340)
- Unicorn-17376.exe (PID: 11220)
- Unicorn-16630.exe (PID: 11352)
- Unicorn-62301.exe (PID: 11332)
- Unicorn-12737.exe (PID: 11184)
- Unicorn-9016.exe (PID: 11384)
- Unicorn-9805.exe (PID: 11424)
- Unicorn-61746.exe (PID: 11304)
- Unicorn-25544.exe (PID: 11268)
- Unicorn-41880.exe (PID: 11296)
- Unicorn-41336.exe (PID: 11404)
- Unicorn-37010.exe (PID: 11260)
- Unicorn-2192.exe (PID: 11440)
- Unicorn-4959.exe (PID: 11432)
- Unicorn-49684.exe (PID: 11500)
- Unicorn-15735.exe (PID: 11516)
- Unicorn-20531.exe (PID: 11536)
- Unicorn-11866.exe (PID: 11544)
- Unicorn-48600.exe (PID: 11476)
- Unicorn-45027.exe (PID: 11604)
- Unicorn-60978.exe (PID: 10836)
- Unicorn-13313.exe (PID: 11688)
- Unicorn-65062.exe (PID: 10856)
- Unicorn-33926.exe (PID: 11644)
- Unicorn-5337.exe (PID: 11596)
- Unicorn-33661.exe (PID: 11636)
- Unicorn-36156.exe (PID: 11552)
- Unicorn-37818.exe (PID: 11704)
- Unicorn-36941.exe (PID: 11672)
Executes application which crashes
- Unicorn-35499.exe (PID: 7320)
INFO
Checks supported languages
- 1 (1123).exe (PID: 2136)
- Unicorn-24177.exe (PID: 4688)
- Unicorn-55033.exe (PID: 5544)
- Unicorn-42345.exe (PID: 6768)
- Unicorn-30647.exe (PID: 920)
- Unicorn-20471.exe (PID: 3884)
- Unicorn-52551.exe (PID: 1280)
- Unicorn-28085.exe (PID: 1164)
- Unicorn-52589.exe (PID: 5548)
- Unicorn-15448.exe (PID: 5968)
- Unicorn-40891.exe (PID: 3300)
- Unicorn-19267.exe (PID: 2852)
- Unicorn-52589.exe (PID: 5972)
- Unicorn-55256.exe (PID: 1096)
- Unicorn-62869.exe (PID: 6676)
- Unicorn-19097.exe (PID: 1568)
- Unicorn-13476.exe (PID: 6576)
- Unicorn-23181.exe (PID: 856)
- Unicorn-37056.exe (PID: 6424)
- Unicorn-31084.exe (PID: 2692)
- Unicorn-43335.exe (PID: 5324)
- Unicorn-64021.exe (PID: 5800)
- Unicorn-56408.exe (PID: 7184)
- Unicorn-1806.exe (PID: 7176)
- Unicorn-3528.exe (PID: 7264)
- Unicorn-788.exe (PID: 7296)
- Unicorn-35499.exe (PID: 7320)
- Unicorn-50792.exe (PID: 4300)
- Unicorn-13211.exe (PID: 7368)
- Unicorn-5365.exe (PID: 7384)
- Unicorn-50529.exe (PID: 7452)
- Unicorn-50529.exe (PID: 7444)
- Unicorn-50529.exe (PID: 7436)
- Unicorn-1328.exe (PID: 7504)
- Unicorn-62781.exe (PID: 7496)
- Unicorn-7450.exe (PID: 7552)
- Unicorn-38085.exe (PID: 7660)
- Unicorn-14135.exe (PID: 7620)
- Unicorn-34001.exe (PID: 7636)
- Unicorn-27870.exe (PID: 7628)
- Unicorn-38085.exe (PID: 7652)
- Unicorn-33736.exe (PID: 7604)
- Unicorn-42723.exe (PID: 7724)
- Unicorn-46253.exe (PID: 7680)
- Unicorn-34555.exe (PID: 7752)
- Unicorn-56459.exe (PID: 7744)
- Unicorn-37123.exe (PID: 7716)
- Unicorn-56149.exe (PID: 7904)
- Unicorn-19393.exe (PID: 7872)
- Unicorn-21430.exe (PID: 7884)
- Unicorn-36475.exe (PID: 7852)
- Unicorn-27731.exe (PID: 8032)
- Unicorn-48536.exe (PID: 7928)
- Unicorn-35272.exe (PID: 7956)
- Unicorn-35345.exe (PID: 8012)
- Unicorn-24437.exe (PID: 8060)
- Unicorn-53025.exe (PID: 8120)
- Unicorn-41327.exe (PID: 8140)
- Unicorn-7908.exe (PID: 8152)
- Unicorn-7146.exe (PID: 8168)
- Unicorn-45049.exe (PID: 6712)
- Unicorn-61385.exe (PID: 8088)
- Unicorn-19428.exe (PID: 6324)
- Unicorn-14275.exe (PID: 8204)
- Unicorn-62729.exe (PID: 8240)
- Unicorn-58645.exe (PID: 8256)
- Unicorn-61385.exe (PID: 7332)
- Unicorn-55438.exe (PID: 8280)
- Unicorn-58453.exe (PID: 8300)
- Unicorn-55173.exe (PID: 8272)
- Unicorn-18490.exe (PID: 8308)
- Unicorn-17975.exe (PID: 8356)
- Unicorn-38395.exe (PID: 8384)
- Unicorn-9615.exe (PID: 8424)
- Unicorn-8358.exe (PID: 8460)
- Unicorn-50648.exe (PID: 8400)
- Unicorn-55329.exe (PID: 8512)
- Unicorn-10212.exe (PID: 8540)
- Unicorn-55329.exe (PID: 8508)
- Unicorn-55329.exe (PID: 8524)
- Unicorn-26474.exe (PID: 8076)
- Unicorn-2921.exe (PID: 8616)
- Unicorn-34525.exe (PID: 8688)
- Unicorn-59221.exe (PID: 8624)
- Unicorn-46969.exe (PID: 8608)
- Unicorn-26357.exe (PID: 8668)
- Unicorn-63113.exe (PID: 8748)
- Unicorn-39163.exe (PID: 8728)
- Unicorn-48623.exe (PID: 8820)
- Unicorn-30249.exe (PID: 8800)
- Unicorn-55308.exe (PID: 8856)
- Unicorn-706.exe (PID: 8848)
- Unicorn-40647.exe (PID: 8716)
- Unicorn-22827.exe (PID: 8708)
- Unicorn-766.exe (PID: 8916)
- Unicorn-58572.exe (PID: 8828)
- Unicorn-54051.exe (PID: 8972)
- Unicorn-63689.exe (PID: 9040)
- Unicorn-23700.exe (PID: 9116)
- Unicorn-15989.exe (PID: 9064)
- Unicorn-34887.exe (PID: 8812)
- Unicorn-6631.exe (PID: 8924)
- Unicorn-48469.exe (PID: 9152)
- Unicorn-24327.exe (PID: 8372)
- Unicorn-44193.exe (PID: 9212)
- Unicorn-51567.exe (PID: 9268)
- Unicorn-43107.exe (PID: 9344)
- Unicorn-45838.exe (PID: 9396)
- Unicorn-24903.exe (PID: 9428)
- Unicorn-12973.exe (PID: 9452)
- Unicorn-48667.exe (PID: 9292)
- Unicorn-37731.exe (PID: 9316)
- Unicorn-21587.exe (PID: 9648)
- Unicorn-58172.exe (PID: 9724)
- Unicorn-51712.exe (PID: 9676)
- Unicorn-49678.exe (PID: 9868)
- Unicorn-46040.exe (PID: 10052)
- Unicorn-49932.exe (PID: 10076)
- Unicorn-2376.exe (PID: 9936)
- Unicorn-60018.exe (PID: 10128)
- Unicorn-18986.exe (PID: 10168)
- Unicorn-59826.exe (PID: 10216)
- Unicorn-2649.exe (PID: 10152)
- Unicorn-53504.exe (PID: 8872)
- Unicorn-11180.exe (PID: 2644)
- Unicorn-47382.exe (PID: 668)
- Unicorn-20831.exe (PID: 8048)
- Unicorn-51274.exe (PID: 10248)
- Unicorn-57396.exe (PID: 10260)
- Unicorn-30662.exe (PID: 10320)
- Unicorn-30854.exe (PID: 1812)
- Unicorn-26770.exe (PID: 6652)
- Unicorn-31408.exe (PID: 7084)
- Unicorn-18685.exe (PID: 10420)
- Unicorn-11585.exe (PID: 10396)
- Unicorn-10631.exe (PID: 10496)
- Unicorn-32560.exe (PID: 10444)
- Unicorn-46488.exe (PID: 10356)
- Unicorn-60521.exe (PID: 10368)
- Unicorn-25491.exe (PID: 10556)
- Unicorn-15840.exe (PID: 10564)
- Unicorn-52042.exe (PID: 10588)
- Unicorn-15093.exe (PID: 10620)
- Unicorn-3033.exe (PID: 10536)
- Unicorn-49665.exe (PID: 10736)
- Unicorn-32774.exe (PID: 10696)
- Unicorn-36858.exe (PID: 10704)
- Unicorn-6031.exe (PID: 10744)
- Unicorn-65062.exe (PID: 10856)
- Unicorn-60978.exe (PID: 10836)
- Unicorn-60978.exe (PID: 10844)
- Unicorn-23765.exe (PID: 10920)
- Unicorn-4953.exe (PID: 10944)
- Unicorn-4953.exe (PID: 10948)
- Unicorn-29458.exe (PID: 10984)
- Unicorn-21290.exe (PID: 10976)
- Unicorn-53962.exe (PID: 11036)
- Unicorn-47832.exe (PID: 11028)
- Unicorn-4761.exe (PID: 11092)
- Unicorn-42264.exe (PID: 11052)
- Unicorn-61938.exe (PID: 11144)
- Unicorn-61938.exe (PID: 11152)
- Unicorn-17376.exe (PID: 11220)
- Unicorn-37010.exe (PID: 11260)
- Unicorn-4761.exe (PID: 11100)
- Unicorn-41880.exe (PID: 11296)
- Unicorn-61746.exe (PID: 11304)
- Unicorn-62301.exe (PID: 11332)
- Unicorn-16364.exe (PID: 11340)
- Unicorn-16630.exe (PID: 11352)
- Unicorn-9805.exe (PID: 11424)
- Unicorn-2192.exe (PID: 11440)
- Unicorn-11866.exe (PID: 11544)
- Unicorn-5337.exe (PID: 11596)
- Unicorn-36156.exe (PID: 11552)
- Unicorn-45027.exe (PID: 11604)
- Unicorn-48600.exe (PID: 11476)
- Unicorn-15735.exe (PID: 11516)
- Unicorn-34503.exe (PID: 8288)
- Unicorn-37818.exe (PID: 11704)
- Unicorn-42484.exe (PID: 11752)
- Unicorn-55498.exe (PID: 11760)
- Unicorn-19104.exe (PID: 11828)
- Unicorn-35440.exe (PID: 11852)
- Unicorn-6105.exe (PID: 11872)
- Unicorn-13313.exe (PID: 11688)
- Unicorn-22442.exe (PID: 11892)
- Unicorn-9997.exe (PID: 11944)
- Unicorn-55114.exe (PID: 11912)
- Unicorn-3728.exe (PID: 12008)
- Unicorn-3728.exe (PID: 11992)
- Unicorn-25631.exe (PID: 12028)
- Unicorn-40484.exe (PID: 12076)
- Unicorn-41776.exe (PID: 12124)
- Unicorn-34096.exe (PID: 11044)
- Unicorn-56074.exe (PID: 12144)
- Unicorn-46754.exe (PID: 11960)
- Unicorn-64050.exe (PID: 12200)
- Unicorn-39354.exe (PID: 12272)
- Unicorn-53142.exe (PID: 872)
- Unicorn-12664.exe (PID: 12296)
- Unicorn-38584.exe (PID: 12192)
- Unicorn-2332.exe (PID: 12232)
- Unicorn-8388.exe (PID: 12316)
- Unicorn-38460.exe (PID: 12332)
- Unicorn-11533.exe (PID: 12384)
- Unicorn-20256.exe (PID: 12400)
- Unicorn-50345.exe (PID: 12432)
- Unicorn-4408.exe (PID: 12416)
- Unicorn-50345.exe (PID: 12440)
- Unicorn-51444.exe (PID: 12588)
- Unicorn-20818.exe (PID: 12544)
- Unicorn-11887.exe (PID: 12536)
- Unicorn-26939.exe (PID: 12560)
- Unicorn-39000.exe (PID: 12620)
- Unicorn-39745.exe (PID: 12640)
- Unicorn-8181.exe (PID: 12656)
- Unicorn-17995.exe (PID: 12424)
- Unicorn-34030.exe (PID: 12676)
- Unicorn-2125.exe (PID: 12792)
- Unicorn-55218.exe (PID: 12828)
- Unicorn-9717.exe (PID: 12900)
- Unicorn-52841.exe (PID: 5136)
- Unicorn-4024.exe (PID: 13308)
- Unicorn-42072.exe (PID: 1660)
- Unicorn-54185.exe (PID: 12696)
- Unicorn-35055.exe (PID: 2416)
- Unicorn-51392.exe (PID: 776)
- Unicorn-37464.exe (PID: 13320)
- Unicorn-48648.exe (PID: 13380)
- Unicorn-57693.exe (PID: 13464)
- Unicorn-57693.exe (PID: 13460)
- Unicorn-45965.exe (PID: 13496)
- Unicorn-54133.exe (PID: 13536)
- Unicorn-21268.exe (PID: 13604)
- Unicorn-60328.exe (PID: 13688)
- Unicorn-34340.exe (PID: 13648)
- Unicorn-46593.exe (PID: 13680)
- Unicorn-30064.exe (PID: 13764)
- Unicorn-12768.exe (PID: 13412)
- Unicorn-12524.exe (PID: 13900)
- Unicorn-44760.exe (PID: 14012)
- Unicorn-59835.exe (PID: 14112)
- Unicorn-63889.exe (PID: 13972)
- Unicorn-50625.exe (PID: 14004)
- Unicorn-47361.exe (PID: 14036)
- Unicorn-38808.exe (PID: 14136)
- Unicorn-5368.exe (PID: 13832)
- Unicorn-42124.exe (PID: 13856)
- Unicorn-10412.exe (PID: 14068)
- Unicorn-41881.exe (PID: 14216)
- Unicorn-22079.exe (PID: 14388)
- Unicorn-4459.exe (PID: 456)
- Unicorn-52177.exe (PID: 14328)
- Unicorn-10952.exe (PID: 14488)
- Unicorn-14481.exe (PID: 14448)
- Unicorn-56069.exe (PID: 14428)
- Unicorn-56069.exe (PID: 14436)
- Unicorn-6868.exe (PID: 14480)
- Unicorn-55057.exe (PID: 14540)
- Unicorn-36016.exe (PID: 14196)
- Unicorn-15612.exe (PID: 14224)
- Unicorn-375.exe (PID: 14320)
- Unicorn-64045.exe (PID: 14604)
- Unicorn-53137.exe (PID: 14652)
- Unicorn-57221.exe (PID: 14660)
- Unicorn-3936.exe (PID: 14684)
- Unicorn-42176.exe (PID: 14772)
- Unicorn-42176.exe (PID: 14764)
- Unicorn-53276.exe (PID: 14548)
- Unicorn-53276.exe (PID: 14552)
- Unicorn-39540.exe (PID: 14564)
- Unicorn-38795.exe (PID: 14804)
- Unicorn-1143.exe (PID: 14816)
- Unicorn-59198.exe (PID: 11928)
The sample compiled with chinese language support
- 1 (1123).exe (PID: 2136)
- Unicorn-18219.exe (PID: 7644)
- Unicorn-52589.exe (PID: 5972)
- Unicorn-43335.exe (PID: 5324)
- Unicorn-58867.exe (PID: 9092)
- Unicorn-55742.exe (PID: 10208)
- Unicorn-51567.exe (PID: 9268)
- Unicorn-49665.exe (PID: 10736)
- Unicorn-30005.exe (PID: 5436)
- Unicorn-4488.exe (PID: 7348)
- Unicorn-20831.exe (PID: 8048)
- Unicorn-13211.exe (PID: 7368)
- Unicorn-26770.exe (PID: 6652)
- Unicorn-30647.exe (PID: 920)
- Unicorn-46488.exe (PID: 10356)
- Unicorn-18685.exe (PID: 10420)
- Unicorn-61385.exe (PID: 8088)
- Unicorn-51274.exe (PID: 10248)
- Unicorn-45838.exe (PID: 9388)
- Unicorn-32560.exe (PID: 10444)
- Unicorn-24392.exe (PID: 10436)
- Unicorn-14275.exe (PID: 8212)
- Unicorn-23181.exe (PID: 856)
- Unicorn-49281.exe (PID: 10868)
- Unicorn-50529.exe (PID: 7436)
- Unicorn-3033.exe (PID: 10536)
- Unicorn-21587.exe (PID: 9648)
- Unicorn-49665.exe (PID: 10728)
- Unicorn-35183.exe (PID: 9704)
- Unicorn-50648.exe (PID: 8400)
- Unicorn-21313.exe (PID: 8408)
- Unicorn-55329.exe (PID: 8512)
- Unicorn-13476.exe (PID: 6576)
- Unicorn-1883.exe (PID: 7572)
- Unicorn-50792.exe (PID: 4300)
- Unicorn-40536.exe (PID: 10516)
- Unicorn-50513.exe (PID: 2392)
- Unicorn-10631.exe (PID: 10496)
- Unicorn-37056.exe (PID: 6424)
- Unicorn-62781.exe (PID: 7488)
- Unicorn-1328.exe (PID: 7504)
- Unicorn-55329.exe (PID: 8508)
- Unicorn-11483.exe (PID: 5772)
- Unicorn-8358.exe (PID: 8460)
- Unicorn-19097.exe (PID: 2040)
- Unicorn-46459.exe (PID: 5392)
- Unicorn-7450.exe (PID: 7552)
- Unicorn-4953.exe (PID: 10944)
- Unicorn-23765.exe (PID: 10920)
- Unicorn-38085.exe (PID: 7652)
- Unicorn-14296.exe (PID: 8548)
- Unicorn-4953.exe (PID: 10948)
- Unicorn-60978.exe (PID: 10844)
- Unicorn-38085.exe (PID: 7660)
- Unicorn-46969.exe (PID: 8608)
- Unicorn-26357.exe (PID: 8668)
- Unicorn-14135.exe (PID: 7612)
- Unicorn-10212.exe (PID: 8540)
- Unicorn-29458.exe (PID: 10984)
- Unicorn-55329.exe (PID: 8524)
- Unicorn-52589.exe (PID: 5548)
- Unicorn-37322.exe (PID: 7672)
- Unicorn-766.exe (PID: 8916)
- Unicorn-14135.exe (PID: 7620)
- Unicorn-15840.exe (PID: 10564)
- Unicorn-12058.exe (PID: 8644)
- Unicorn-31084.exe (PID: 2692)
- Unicorn-42264.exe (PID: 11052)
- Unicorn-15093.exe (PID: 10620)
- Unicorn-33736.exe (PID: 7604)
- Unicorn-21290.exe (PID: 10976)
- Unicorn-25491.exe (PID: 10556)
- Unicorn-24177.exe (PID: 4688)
- Unicorn-40647.exe (PID: 8716)
- Unicorn-30249.exe (PID: 8800)
- Unicorn-19097.exe (PID: 1568)
- Unicorn-48623.exe (PID: 8820)
- Unicorn-55308.exe (PID: 8856)
- Unicorn-2376.exe (PID: 9936)
- Unicorn-41688.exe (PID: 10664)
- Unicorn-49678.exe (PID: 9868)
- Unicorn-64021.exe (PID: 6816)
- Unicorn-63113.exe (PID: 8748)
- Unicorn-6631.exe (PID: 8924)
- Unicorn-19267.exe (PID: 2852)
- Unicorn-64021.exe (PID: 5800)
- Unicorn-36858.exe (PID: 10704)
- Unicorn-27870.exe (PID: 7628)
- Unicorn-8728.exe (PID: 10004)
- Unicorn-40891.exe (PID: 3300)
- Unicorn-56408.exe (PID: 7184)
- Unicorn-46040.exe (PID: 10052)
- Unicorn-33787.exe (PID: 10020)
- Unicorn-63689.exe (PID: 9040)
- Unicorn-1806.exe (PID: 7176)
- Unicorn-15448.exe (PID: 5968)
- Unicorn-56459.exe (PID: 7744)
- Unicorn-39163.exe (PID: 8728)
- Unicorn-58572.exe (PID: 8828)
- Unicorn-13004.exe (PID: 9956)
- Unicorn-52551.exe (PID: 1280)
- Unicorn-32774.exe (PID: 10696)
- Unicorn-60721.exe (PID: 9176)
- Unicorn-34096.exe (PID: 11044)
- Unicorn-44089.exe (PID: 7832)
- Unicorn-4761.exe (PID: 11100)
- Unicorn-15967.exe (PID: 9220)
- Unicorn-62869.exe (PID: 6676)
- Unicorn-19393.exe (PID: 7872)
- Unicorn-49932.exe (PID: 10076)
- Unicorn-36475.exe (PID: 7852)
- Unicorn-44193.exe (PID: 9212)
- Unicorn-18986.exe (PID: 10168)
- Unicorn-24327.exe (PID: 8372)
- Unicorn-4761.exe (PID: 11092)
- Unicorn-21430.exe (PID: 7884)
- Unicorn-28085.exe (PID: 1164)
- Unicorn-1535.exe (PID: 7280)
- Unicorn-35272.exe (PID: 7956)
- Unicorn-22827.exe (PID: 8708)
- Unicorn-3528.exe (PID: 7264)
- Unicorn-54051.exe (PID: 8972)
- Unicorn-1852.exe (PID: 8632)
- Unicorn-5552.exe (PID: 8836)
- Unicorn-2649.exe (PID: 10152)
- Unicorn-53962.exe (PID: 11036)
- Unicorn-27731.exe (PID: 8032)
- Unicorn-51467.exe (PID: 9308)
- Unicorn-48667.exe (PID: 9292)
- Unicorn-42345.exe (PID: 6768)
- Unicorn-55256.exe (PID: 1096)
- Unicorn-35345.exe (PID: 8012)
- Unicorn-47766.exe (PID: 10092)
- Unicorn-44193.exe (PID: 9208)
- Unicorn-43107.exe (PID: 9344)
- Unicorn-53504.exe (PID: 8872)
- Unicorn-24437.exe (PID: 8060)
- Unicorn-59826.exe (PID: 10216)
- Unicorn-7908.exe (PID: 8152)
- Unicorn-28625.exe (PID: 9360)
- Unicorn-61938.exe (PID: 11144)
- Unicorn-32582.exe (PID: 10784)
- Unicorn-45838.exe (PID: 9396)
- Unicorn-37168.exe (PID: 9008)
- Unicorn-29074.exe (PID: 11204)
- Unicorn-53025.exe (PID: 8120)
- Unicorn-47832.exe (PID: 11028)
- Unicorn-40211.exe (PID: 4464)
- Unicorn-20471.exe (PID: 3884)
- Unicorn-55033.exe (PID: 5544)
- Unicorn-47382.exe (PID: 668)
- Unicorn-5365.exe (PID: 7384)
- Unicorn-12973.exe (PID: 9452)
- Unicorn-21225.exe (PID: 9528)
- Unicorn-11180.exe (PID: 2644)
- Unicorn-21225.exe (PID: 9536)
- Unicorn-6031.exe (PID: 10744)
- Unicorn-41188.exe (PID: 9640)
- Unicorn-39214.exe (PID: 7972)
- Unicorn-31408.exe (PID: 7084)
- Unicorn-30854.exe (PID: 1812)
- Unicorn-29074.exe (PID: 11212)
- Unicorn-12199.exe (PID: 7400)
- Unicorn-24903.exe (PID: 9428)
- Unicorn-61938.exe (PID: 11152)
- Unicorn-37731.exe (PID: 9316)
- Unicorn-17376.exe (PID: 11220)
- Unicorn-16364.exe (PID: 11340)
- Unicorn-57396.exe (PID: 10260)
- Unicorn-26474.exe (PID: 8076)
- Unicorn-58172.exe (PID: 9724)
- Unicorn-62301.exe (PID: 11332)
- Unicorn-30662.exe (PID: 10320)
- Unicorn-16630.exe (PID: 11352)
- Unicorn-12737.exe (PID: 11184)
- Unicorn-11585.exe (PID: 10396)
- Unicorn-62729.exe (PID: 8240)
- Unicorn-19178.exe (PID: 9548)
- Unicorn-51712.exe (PID: 9676)
- Unicorn-62781.exe (PID: 7496)
- Unicorn-17975.exe (PID: 8356)
- Unicorn-54464.exe (PID: 10460)
- Unicorn-25544.exe (PID: 11268)
- Unicorn-58453.exe (PID: 8300)
- Unicorn-50529.exe (PID: 7444)
- Unicorn-60521.exe (PID: 10368)
- Unicorn-41112.exe (PID: 10832)
- Unicorn-55173.exe (PID: 8272)
- Unicorn-38395.exe (PID: 8384)
- Unicorn-61746.exe (PID: 11304)
- Unicorn-18490.exe (PID: 8308)
- Unicorn-6925.exe (PID: 10612)
- Unicorn-9016.exe (PID: 11384)
- Unicorn-37010.exe (PID: 11260)
- Unicorn-41336.exe (PID: 11404)
- Unicorn-9805.exe (PID: 11424)
- Unicorn-9615.exe (PID: 8424)
- Unicorn-41880.exe (PID: 11296)
- Unicorn-2921.exe (PID: 8616)
- Unicorn-46253.exe (PID: 7680)
- Unicorn-42723.exe (PID: 7724)
- Unicorn-59221.exe (PID: 8624)
- Unicorn-34525.exe (PID: 8688)
- Unicorn-2192.exe (PID: 11440)
- Unicorn-706.exe (PID: 8848)
- Unicorn-62205.exe (PID: 9928)
- Unicorn-34555.exe (PID: 7752)
- Unicorn-15024.exe (PID: 8864)
- Unicorn-4959.exe (PID: 11432)
- Unicorn-52042.exe (PID: 10588)
- Unicorn-48469.exe (PID: 9152)
- Unicorn-15989.exe (PID: 9064)
- Unicorn-62344.exe (PID: 8652)
- Unicorn-49684.exe (PID: 11500)
- Unicorn-21749.exe (PID: 7580)
- Unicorn-788.exe (PID: 7296)
- Unicorn-18410.exe (PID: 10292)
- Unicorn-15735.exe (PID: 11516)
- Unicorn-20531.exe (PID: 11536)
- Unicorn-11866.exe (PID: 11544)
- Unicorn-48600.exe (PID: 11476)
- Unicorn-60018.exe (PID: 10128)
- Unicorn-45027.exe (PID: 11604)
- Unicorn-45049.exe (PID: 6712)
- Unicorn-13313.exe (PID: 11688)
- Unicorn-19428.exe (PID: 6324)
- Unicorn-60978.exe (PID: 10836)
- Unicorn-5412.exe (PID: 7520)
- Unicorn-65062.exe (PID: 10856)
- Unicorn-33926.exe (PID: 11644)
- Unicorn-5337.exe (PID: 11596)
- Unicorn-33661.exe (PID: 11636)
- Unicorn-36156.exe (PID: 11552)
- Unicorn-20051.exe (PID: 9232)
- Unicorn-36941.exe (PID: 11672)
- Unicorn-34001.exe (PID: 7636)
- Unicorn-37123.exe (PID: 7716)
- Unicorn-23700.exe (PID: 9116)
- Unicorn-37818.exe (PID: 11704)
Reads the computer name
- Unicorn-24177.exe (PID: 4688)
- 1 (1123).exe (PID: 2136)
- Unicorn-43335.exe (PID: 5324)
- Unicorn-42345.exe (PID: 6768)
- Unicorn-50513.exe (PID: 2392)
- Unicorn-52551.exe (PID: 1280)
- Unicorn-30647.exe (PID: 920)
- Unicorn-52589.exe (PID: 5972)
- Unicorn-20471.exe (PID: 3884)
- Unicorn-19267.exe (PID: 2852)
- Unicorn-52589.exe (PID: 5548)
- Unicorn-15448.exe (PID: 5968)
- Unicorn-62869.exe (PID: 6676)
- Unicorn-55033.exe (PID: 5544)
- Unicorn-55256.exe (PID: 1096)
- Unicorn-40211.exe (PID: 4464)
- Unicorn-23181.exe (PID: 856)
- Unicorn-11483.exe (PID: 5772)
- Unicorn-13476.exe (PID: 6576)
- Unicorn-19097.exe (PID: 2040)
- Unicorn-19097.exe (PID: 1568)
- Unicorn-31084.exe (PID: 2692)
- Unicorn-37056.exe (PID: 6424)
- Unicorn-64021.exe (PID: 6816)
- Unicorn-1535.exe (PID: 7280)
- Unicorn-788.exe (PID: 7296)
- Unicorn-35499.exe (PID: 7320)
- Unicorn-4488.exe (PID: 7348)
- Unicorn-5365.exe (PID: 7384)
- Unicorn-13211.exe (PID: 7368)
- Unicorn-12199.exe (PID: 7400)
- Unicorn-64021.exe (PID: 5800)
- Unicorn-1328.exe (PID: 7504)
- Unicorn-62781.exe (PID: 7488)
- Unicorn-50529.exe (PID: 7436)
- Unicorn-1883.exe (PID: 7572)
- Unicorn-14135.exe (PID: 7620)
- Unicorn-38085.exe (PID: 7652)
- Unicorn-38085.exe (PID: 7660)
- Unicorn-42723.exe (PID: 7724)
- Unicorn-37123.exe (PID: 7716)
- Unicorn-18219.exe (PID: 7644)
- Unicorn-56459.exe (PID: 7744)
- Unicorn-34555.exe (PID: 7752)
- Unicorn-46253.exe (PID: 7680)
- Unicorn-27870.exe (PID: 7628)
- Unicorn-33736.exe (PID: 7604)
- Unicorn-21430.exe (PID: 7884)
- Unicorn-44089.exe (PID: 7832)
- Unicorn-19393.exe (PID: 7872)
- Unicorn-35272.exe (PID: 7956)
- Unicorn-56149.exe (PID: 7904)
- Unicorn-27731.exe (PID: 8032)
- Unicorn-48536.exe (PID: 7928)
- Unicorn-35345.exe (PID: 8012)
- Unicorn-53025.exe (PID: 8120)
- Unicorn-24437.exe (PID: 8060)
- Unicorn-61385.exe (PID: 8088)
- Unicorn-45049.exe (PID: 6712)
- Unicorn-55438.exe (PID: 8280)
- Unicorn-61385.exe (PID: 7332)
- Unicorn-58453.exe (PID: 8300)
- Unicorn-19428.exe (PID: 6324)
- Unicorn-14275.exe (PID: 8212)
- Unicorn-8358.exe (PID: 8460)
- Unicorn-55329.exe (PID: 8512)
- Unicorn-55173.exe (PID: 8272)
- Unicorn-18490.exe (PID: 8308)
- Unicorn-10212.exe (PID: 8540)
- Unicorn-14296.exe (PID: 8548)
- Unicorn-26357.exe (PID: 8668)
- Unicorn-34503.exe (PID: 8288)
- Unicorn-58645.exe (PID: 8256)
- Unicorn-38395.exe (PID: 8384)
- Unicorn-12058.exe (PID: 8644)
- Unicorn-55329.exe (PID: 8524)
- Unicorn-46969.exe (PID: 8608)
- Unicorn-2921.exe (PID: 8616)
- Unicorn-63113.exe (PID: 8748)
- Unicorn-1852.exe (PID: 8632)
- Unicorn-58572.exe (PID: 8828)
- Unicorn-60721.exe (PID: 9176)
- Unicorn-15967.exe (PID: 9220)
- Unicorn-44193.exe (PID: 9212)
- Unicorn-63689.exe (PID: 9040)
- Unicorn-48469.exe (PID: 9152)
- Unicorn-51567.exe (PID: 9268)
- Unicorn-43107.exe (PID: 9344)
- Unicorn-28625.exe (PID: 9360)
- Unicorn-21225.exe (PID: 9528)
- Unicorn-21225.exe (PID: 9536)
- Unicorn-19178.exe (PID: 9548)
- Unicorn-21587.exe (PID: 9648)
- Unicorn-35183.exe (PID: 9704)
- Unicorn-13004.exe (PID: 9956)
- Unicorn-8728.exe (PID: 10004)
- Unicorn-46040.exe (PID: 10052)
- Unicorn-33787.exe (PID: 10020)
- Unicorn-2376.exe (PID: 9936)
- Unicorn-18986.exe (PID: 10168)
- Unicorn-60018.exe (PID: 10128)
Create files in a temporary directory
- 1 (1123).exe (PID: 2136)
- Unicorn-50513.exe (PID: 2392)
- Unicorn-55033.exe (PID: 5544)
- Unicorn-52551.exe (PID: 1280)
- Unicorn-28085.exe (PID: 1164)
- Unicorn-42345.exe (PID: 6768)
- Unicorn-52589.exe (PID: 5972)
- Unicorn-40891.exe (PID: 3300)
- Unicorn-19267.exe (PID: 2852)
- Unicorn-24177.exe (PID: 4688)
- Unicorn-55256.exe (PID: 1096)
- Unicorn-30005.exe (PID: 5436)
- Unicorn-37056.exe (PID: 6424)
- Unicorn-19097.exe (PID: 1568)
- Unicorn-31084.exe (PID: 2692)
- Unicorn-43335.exe (PID: 5324)
- Unicorn-64021.exe (PID: 5800)
- Unicorn-30647.exe (PID: 920)
- Unicorn-52589.exe (PID: 5548)
- Unicorn-56408.exe (PID: 7184)
- Unicorn-3528.exe (PID: 7264)
- Unicorn-62869.exe (PID: 6676)
- Unicorn-1535.exe (PID: 7280)
- Unicorn-4488.exe (PID: 7348)
- Unicorn-13211.exe (PID: 7368)
- Unicorn-20471.exe (PID: 3884)
- Unicorn-40211.exe (PID: 4464)
- Unicorn-12199.exe (PID: 7400)
- Unicorn-62781.exe (PID: 7496)
- Unicorn-50792.exe (PID: 4300)
- Unicorn-50529.exe (PID: 7444)
- Unicorn-1328.exe (PID: 7504)
- Unicorn-62781.exe (PID: 7488)
- Unicorn-50529.exe (PID: 7436)
- Unicorn-7450.exe (PID: 7552)
- Unicorn-21749.exe (PID: 7580)
- Unicorn-11483.exe (PID: 5772)
- Unicorn-38085.exe (PID: 7660)
- Unicorn-46459.exe (PID: 5392)
- Unicorn-14135.exe (PID: 7620)
- Unicorn-38085.exe (PID: 7652)
- Unicorn-34001.exe (PID: 7636)
- Unicorn-46253.exe (PID: 7680)
- Unicorn-27870.exe (PID: 7628)
- Unicorn-33736.exe (PID: 7604)
- Unicorn-37123.exe (PID: 7716)
- Unicorn-64021.exe (PID: 6816)
- Unicorn-18219.exe (PID: 7644)
- Unicorn-34555.exe (PID: 7752)
- Unicorn-15448.exe (PID: 5968)
- Unicorn-56459.exe (PID: 7744)
- Unicorn-1806.exe (PID: 7176)
- Unicorn-19393.exe (PID: 7872)
- Unicorn-44089.exe (PID: 7832)
- Unicorn-56149.exe (PID: 7904)
- Unicorn-27731.exe (PID: 8032)
- Unicorn-35272.exe (PID: 7956)
- Unicorn-35345.exe (PID: 8012)
- Unicorn-41327.exe (PID: 8140)
- Unicorn-24437.exe (PID: 8060)
- Unicorn-788.exe (PID: 7296)
- Unicorn-7146.exe (PID: 8168)
- Unicorn-5365.exe (PID: 7384)
- Unicorn-7908.exe (PID: 8152)
- Unicorn-61385.exe (PID: 7332)
- Unicorn-62729.exe (PID: 8240)
- Unicorn-50529.exe (PID: 7452)
- Unicorn-14275.exe (PID: 8204)
- Unicorn-5412.exe (PID: 7520)
- Unicorn-14275.exe (PID: 8212)
- Unicorn-19428.exe (PID: 6324)
- Unicorn-19097.exe (PID: 2040)
- Unicorn-21313.exe (PID: 8408)
- Unicorn-38395.exe (PID: 8384)
- Unicorn-55329.exe (PID: 8512)
- Unicorn-1883.exe (PID: 7572)
- Unicorn-55329.exe (PID: 8508)
- Unicorn-13476.exe (PID: 6576)
- Unicorn-50648.exe (PID: 8400)
- Unicorn-14296.exe (PID: 8548)
- Unicorn-10212.exe (PID: 8540)
- Unicorn-9615.exe (PID: 8424)
- Unicorn-14135.exe (PID: 7612)
- Unicorn-26357.exe (PID: 8668)
- Unicorn-42723.exe (PID: 7724)
- Unicorn-46969.exe (PID: 8608)
- Unicorn-55329.exe (PID: 8524)
- Unicorn-1852.exe (PID: 8632)
- Unicorn-766.exe (PID: 8916)
- Unicorn-63113.exe (PID: 8748)
- Unicorn-37322.exe (PID: 7672)
- Unicorn-48623.exe (PID: 8820)
- Unicorn-58572.exe (PID: 8828)
- Unicorn-55308.exe (PID: 8856)
- Unicorn-15024.exe (PID: 8864)
- Unicorn-54051.exe (PID: 8972)
- Unicorn-23700.exe (PID: 9116)
- Unicorn-58867.exe (PID: 9092)
- Unicorn-21430.exe (PID: 7884)
- Unicorn-36475.exe (PID: 7852)
- Unicorn-15967.exe (PID: 9220)
- Unicorn-24327.exe (PID: 8372)
- Unicorn-20566.exe (PID: 5680)
- Unicorn-44193.exe (PID: 9208)
- Unicorn-20051.exe (PID: 9232)
- Unicorn-51567.exe (PID: 9268)
- Unicorn-48536.exe (PID: 7928)
- Unicorn-48667.exe (PID: 9292)
- Unicorn-43107.exe (PID: 9344)
- Unicorn-37731.exe (PID: 9316)
- Unicorn-26474.exe (PID: 8076)
- Unicorn-51467.exe (PID: 9308)
- Unicorn-45838.exe (PID: 9388)
- Unicorn-12973.exe (PID: 9452)
- Unicorn-41837.exe (PID: 9472)
- Unicorn-24903.exe (PID: 9428)
- Unicorn-51712.exe (PID: 9676)
- Unicorn-58172.exe (PID: 9724)
- Unicorn-45049.exe (PID: 6712)
- Unicorn-58453.exe (PID: 8300)
- Unicorn-35183.exe (PID: 9704)
- Unicorn-61385.exe (PID: 8088)
- Unicorn-8358.exe (PID: 8460)
- Unicorn-34503.exe (PID: 8288)
- Unicorn-58645.exe (PID: 8256)
- Unicorn-55173.exe (PID: 8272)
- Unicorn-18490.exe (PID: 8308)
- Unicorn-55438.exe (PID: 8280)
- Unicorn-23181.exe (PID: 856)
- Unicorn-12058.exe (PID: 8644)
- Unicorn-34525.exe (PID: 8688)
- Unicorn-62205.exe (PID: 9928)
- Unicorn-34887.exe (PID: 8812)
Creates files or folders in the user directory
- WerFault.exe (PID: 8088)
Find more information about signature artifacts and mapping to MITRE ATT&CK™ MATRIX at the full report
TRiD
| .exe | | | Win32 Executable (generic) (52.9) |
|---|---|---|
| .exe | | | Generic Win/DOS Executable (23.5) |
| .exe | | | DOS Executable Generic (23.5) |
EXIF
EXE
| MachineType: | Intel 386 or later, and compatibles |
|---|---|
| TimeStamp: | 2073:10:23 04:22:24+00:00 |
| ImageFileCharacteristics: | No relocs, Executable, No line numbers, No symbols, 32-bit |
| PEType: | PE32 |
| LinkerVersion: | 6 |
| CodeSize: | 176128 |
| InitializedDataSize: | 299008 |
| UninitializedDataSize: | - |
| EntryPoint: | 0x13d4 |
| OSVersion: | 4 |
| ImageVersion: | 1 |
| SubsystemVersion: | 4 |
| Subsystem: | Windows GUI |
| FileVersionNumber: | 1.0.0.0 |
| ProductVersionNumber: | 1.0.0.0 |
| FileFlagsMask: | 0x003f |
| FileFlags: | (none) |
| FileOS: | Win32 |
| ObjectFileType: | Executable application |
| FileSubtype: | - |
| LanguageCode: | Chinese (Simplified) |
| CharacterSet: | Unicode |
| CompanyName: | UEFI |
| ProductName: | Kawaii-Unicorn |
| FileVersion: | 1 |
| ProductVersion: | 1 |
| InternalName: | Kawaii-Unicorn |
| OriginalFileName: | Kawaii-Unicorn.exe |
Total processes
536
Monitored processes
401
Malicious processes
61
Suspicious processes
63
Behavior graph
Click at the process to see the details
Process information
PID | CMD | Path | Indicators | Parent process | |||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 456 | C:\Users\admin\AppData\Local\Temp\Unicorn-4459.exe | C:\Users\admin\AppData\Local\Temp\Unicorn-4459.exe | — | Unicorn-33736.exe | |||||||||||
User: admin Company: UEFI Integrity Level: MEDIUM Version: 1.00 Modules
| |||||||||||||||
| 668 | C:\Users\admin\AppData\Local\Temp\Unicorn-47382.exe | C:\Users\admin\AppData\Local\Temp\Unicorn-47382.exe | Unicorn-34503.exe | ||||||||||||
User: admin Company: UEFI Integrity Level: MEDIUM Version: 1.00 Modules
| |||||||||||||||
| 776 | C:\Users\admin\AppData\Local\Temp\Unicorn-51392.exe | C:\Users\admin\AppData\Local\Temp\Unicorn-51392.exe | — | Unicorn-50529.exe | |||||||||||
User: admin Company: UEFI Integrity Level: MEDIUM Version: 1.00 Modules
| |||||||||||||||
| 856 | C:\Users\admin\AppData\Local\Temp\Unicorn-23181.exe | C:\Users\admin\AppData\Local\Temp\Unicorn-23181.exe | Unicorn-40891.exe | ||||||||||||
User: admin Company: UEFI Integrity Level: MEDIUM Version: 1.00 Modules
| |||||||||||||||
| 872 | C:\Users\admin\AppData\Local\Temp\Unicorn-53142.exe | C:\Users\admin\AppData\Local\Temp\Unicorn-53142.exe | — | Unicorn-43107.exe | |||||||||||
User: admin Company: UEFI Integrity Level: MEDIUM Version: 1.00 Modules
| |||||||||||||||
| 920 | C:\Users\admin\AppData\Local\Temp\Unicorn-30647.exe | C:\Users\admin\AppData\Local\Temp\Unicorn-30647.exe | Unicorn-24177.exe | ||||||||||||
User: admin Company: UEFI Integrity Level: MEDIUM Version: 1.00 Modules
| |||||||||||||||
| 1096 | C:\Users\admin\AppData\Local\Temp\Unicorn-55256.exe | C:\Users\admin\AppData\Local\Temp\Unicorn-55256.exe | Unicorn-42345.exe | ||||||||||||
User: admin Company: UEFI Integrity Level: MEDIUM Version: 1.00 Modules
| |||||||||||||||
| 1164 | C:\Users\admin\AppData\Local\Temp\Unicorn-28085.exe | C:\Users\admin\AppData\Local\Temp\Unicorn-28085.exe | Unicorn-42345.exe | ||||||||||||
User: admin Company: UEFI Integrity Level: MEDIUM Version: 1.00 Modules
| |||||||||||||||
| 1188 | C:\Users\admin\AppData\Local\Temp\Unicorn-28336.exe | C:\Users\admin\AppData\Local\Temp\Unicorn-28336.exe | — | Unicorn-45049.exe | |||||||||||
User: admin Company: UEFI Integrity Level: MEDIUM Version: 1.00 Modules
| |||||||||||||||
| 1280 | C:\Users\admin\AppData\Local\Temp\Unicorn-52551.exe | C:\Users\admin\AppData\Local\Temp\Unicorn-52551.exe | 1 (1123).exe | ||||||||||||
User: admin Company: UEFI Integrity Level: MEDIUM Version: 1.00 Modules
| |||||||||||||||
Total events
10 026
Read events
10 026
Write events
0
Delete events
0
Modification events
Executable files
1 235
Suspicious files
3
Text files
1
Unknown types
0
Dropped files
PID | Process | Filename | Type | |
|---|---|---|---|---|
| 2136 | 1 (1123).exe | C:\Users\admin\AppData\Local\Temp\Unicorn-24177.exe | executable | |
MD5:51FAEC9035D5C7EA39403E18E2FCE47F | SHA256:05BF22D23D9271F9821F13277EB09BC4D1C4386FA6103353D13574286789A2D6 | |||
| 4688 | Unicorn-24177.exe | C:\Users\admin\AppData\Local\Temp\Unicorn-30647.exe | executable | |
MD5:ACF0B57DD01423C21E47556BF27940DF | SHA256:9A53CCF2D046E5682D2ADA03572903CDCBB7137BAD87F12FE867FB7399AE724D | |||
| 4688 | Unicorn-24177.exe | C:\Users\admin\AppData\Local\Temp\Unicorn-55033.exe | executable | |
MD5:04C25CD73C8B3085EEF9AA15E89F53C0 | SHA256:1DA520B44F8CA8B563F0F715421EF951F1B16F627F7A8B71733778EC37DEEEE7 | |||
| 5544 | Unicorn-55033.exe | C:\Users\admin\AppData\Local\Temp\Unicorn-40211.exe | executable | |
MD5:CC9FC3543E13CDE3F53F4C4FC22780C8 | SHA256:FF37AC173682123CE5E2E80442F20634B4EE4E7E03EFF246BC8C122804964E58 | |||
| 5544 | Unicorn-55033.exe | C:\Users\admin\AppData\Local\Temp\Unicorn-20471.exe | executable | |
MD5:11577F5981A82ADB0305DDB29DB327E2 | SHA256:072937C91127929B433B8C3351326C882FB23ED2521C8A02A95CE48C45B7C541 | |||
| 2136 | 1 (1123).exe | C:\Users\admin\AppData\Local\Temp\Unicorn-43335.exe | executable | |
MD5:1E5229BC62E0946EB285C7726FE7C08F | SHA256:222C54687F52AA5F5DA4D8EAE17E85D63D9A91CC80C4EE8647CF72D021DC02F8 | |||
| 5392 | Unicorn-46459.exe | C:\Users\admin\AppData\Local\Temp\Unicorn-13476.exe | executable | |
MD5:01BDF1A34AD75B4F90D8ED971B4978EA | SHA256:52F8049C0DD9922B5D53175892D4729C51F4DF78BD959DB950A27DCD1E13351F | |||
| 5544 | Unicorn-55033.exe | C:\Users\admin\AppData\Local\Temp\Unicorn-42345.exe | executable | |
MD5:FE7D92ED91B651FFB6884CDCD4F98ED8 | SHA256:64AA5784C15CF5562B6F4567DA1412EAAF2FD9EAB960ECEAF958B35C6B52EA86 | |||
| 6768 | Unicorn-42345.exe | C:\Users\admin\AppData\Local\Temp\Unicorn-28085.exe | executable | |
MD5:86212B093A97DA654FA7021221AB0834 | SHA256:5721D10D7A4C74CDE1351B29F9411BB0EC3CB4C3EB7B7AAEA06D43A22AE9A92B | |||
| 5324 | Unicorn-43335.exe | C:\Users\admin\AppData\Local\Temp\Unicorn-40891.exe | executable | |
MD5:82AB413EA473C292DD22A2B835EBBD3A | SHA256:A07FC861CF3FC1A013F4048B0A0D88326B14605B8F457CA1202B52A05BBD47CD | |||
Download PCAP, analyze network streams, HTTP content and a lot more at the full report
HTTP(S) requests
7
TCP/UDP connections
25
DNS requests
14
Threats
0
HTTP requests
PID | Process | Method | HTTP Code | IP | URL | CN | Type | Size | Reputation |
|---|---|---|---|---|---|---|---|---|---|
— | — | GET | 200 | 2.16.164.17:80 | http://crl.microsoft.com/pki/crl/products/MicRooCerAut2011_2011_03_22.crl | unknown | — | — | whitelisted |
— | — | GET | 200 | 2.16.164.17:80 | http://crl.microsoft.com/pki/crl/products/MicRooCerAut2011_2011_03_22.crl | unknown | — | — | whitelisted |
— | — | GET | 200 | 2.16.164.17:80 | http://crl.microsoft.com/pki/crl/products/MicRooCerAut2011_2011_03_22.crl | unknown | — | — | whitelisted |
6544 | svchost.exe | GET | 200 | 2.23.77.188:80 | http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBSAUQYBMq2awn1Rh6Doh%2FsBYgFV7gQUA95QNVbRTLtm8KPiGxvDl7I90VUCEAJ0LqoXyo4hxxe7H%2Fz9DKA%3D | unknown | — | — | whitelisted |
8872 | SIHClient.exe | GET | 200 | 2.23.246.101:80 | http://www.microsoft.com/pkiops/crl/Microsoft%20ECC%20Product%20Root%20Certificate%20Authority%202018.crl | unknown | — | — | whitelisted |
8872 | SIHClient.exe | GET | 200 | 2.23.246.101:80 | http://www.microsoft.com/pkiops/crl/Microsoft%20ECC%20Update%20Secure%20Server%20CA%202.1.crl | unknown | — | — | whitelisted |
5728 | backgroundTaskHost.exe | GET | 200 | 2.23.77.188:80 | http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBQ50otx%2Fh0Ztl%2Bz8SiPI7wEWVxDlQQUTiJUIBiV5uNu5g%2F6%2BrkS7QYXjzkCEAUZZSZEml49Gjh0j13P68w%3D | unknown | — | — | whitelisted |
Download PCAP, analyze network streams, HTTP content and a lot more at the full report
Connections
PID | Process | IP | Domain | ASN | CN | Reputation |
|---|---|---|---|---|---|---|
4 | System | 192.168.100.255:137 | — | — | — | whitelisted |
— | — | 4.231.128.59:443 | settings-win.data.microsoft.com | MICROSOFT-CORP-MSN-AS-BLOCK | IE | whitelisted |
— | — | 2.16.164.17:80 | crl.microsoft.com | Akamai International B.V. | NL | whitelisted |
4 | System | 192.168.100.255:138 | — | — | — | whitelisted |
5496 | MoUsoCoreWorker.exe | 4.231.128.59:443 | settings-win.data.microsoft.com | MICROSOFT-CORP-MSN-AS-BLOCK | IE | whitelisted |
3216 | svchost.exe | 40.115.3.253:443 | client.wns.windows.com | MICROSOFT-CORP-MSN-AS-BLOCK | NL | whitelisted |
6544 | svchost.exe | 40.126.32.138:443 | login.live.com | MICROSOFT-CORP-MSN-AS-BLOCK | NL | whitelisted |
6544 | svchost.exe | 2.23.77.188:80 | ocsp.digicert.com | AKAMAI-AS | DE | whitelisted |
2104 | svchost.exe | 4.231.128.59:443 | settings-win.data.microsoft.com | MICROSOFT-CORP-MSN-AS-BLOCK | IE | whitelisted |
5728 | backgroundTaskHost.exe | 20.223.36.55:443 | arc.msn.com | MICROSOFT-CORP-MSN-AS-BLOCK | IE | whitelisted |
DNS requests
Domain | IP | Reputation |
|---|---|---|
google.com |
| whitelisted |
settings-win.data.microsoft.com |
| whitelisted |
crl.microsoft.com |
| whitelisted |
client.wns.windows.com |
| whitelisted |
login.live.com |
| whitelisted |
ocsp.digicert.com |
| whitelisted |
arc.msn.com |
| whitelisted |
slscr.update.microsoft.com |
| whitelisted |
www.microsoft.com |
| whitelisted |
fe3cr.delivery.mp.microsoft.com |
| whitelisted |