| File name: | 1 (1328) |
| Full analysis: | https://app.any.run/tasks/97e9e618-3942-4cf4-abe7-1aa22b091bb1 |
| Verdict: | Malicious activity |
| Analysis date: | March 24, 2025, 12:33:32 |
| OS: | Windows 10 Professional (build: 19045, 64 bit) |
| Indicators: | |
| MIME: | application/vnd.microsoft.portable-executable |
| File info: | PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows, 3 sections |
| MD5: | BF883449529142DD313D2D43A5BB37C0 |
| SHA1: | 7A138D47C14FFE6C2D608A10D11A51E91E52899F |
| SHA256: | 22E8B63C9133185A27919AAC3E392D964CE9A7309C22490B0259F288C00579A1 |
| SSDEEP: | 6144:XwKgtlOPyDrxA5l33BeFRXfr/tB6lvJGBV/Wye5rZk/8SwjwpyAvEhxBYNX09/9a:X9U00xA5V3AhBchaVOye5r/x4DxmDsR |
MALICIOUS
No malicious indicators.SUSPICIOUS
Executable content was dropped or overwritten
- Unicorn-53083.exe (PID: 4724)
- Unicorn-17121.exe (PID: 1228)
- 1 (1328).exe (PID: 1452)
- Unicorn-26680.exe (PID: 6048)
- Unicorn-44204.exe (PID: 1912)
- Unicorn-51817.exe (PID: 5392)
- Unicorn-41603.exe (PID: 4892)
- Unicorn-16981.exe (PID: 1244)
- Unicorn-47607.exe (PID: 5776)
- Unicorn-33125.exe (PID: 7152)
- Unicorn-44235.exe (PID: 4180)
- Unicorn-38147.exe (PID: 4408)
- Unicorn-57821.exe (PID: 668)
- Unicorn-43649.exe (PID: 4424)
- Unicorn-33871.exe (PID: 6668)
- Unicorn-19057.exe (PID: 4068)
- Unicorn-40223.exe (PID: 3888)
- Unicorn-48392.exe (PID: 5964)
- Unicorn-21286.exe (PID: 1096)
- Unicorn-32388.exe (PID: 2984)
- Unicorn-27417.exe (PID: 4188)
- Unicorn-24847.exe (PID: 5508)
- Unicorn-40821.exe (PID: 2040)
- Unicorn-29345.exe (PID: 4212)
- Unicorn-48283.exe (PID: 5228)
- Unicorn-44905.exe (PID: 2552)
- Unicorn-2611.exe (PID: 856)
- Unicorn-32653.exe (PID: 2096)
- Unicorn-62201.exe (PID: 3900)
- Unicorn-54588.exe (PID: 7172)
- Unicorn-18429.exe (PID: 7188)
- Unicorn-2092.exe (PID: 7200)
- Unicorn-10815.exe (PID: 7260)
- Unicorn-22321.exe (PID: 7236)
- Unicorn-53331.exe (PID: 7212)
- Unicorn-34500.exe (PID: 7268)
- Unicorn-16190.exe (PID: 7228)
- Unicorn-19197.exe (PID: 7324)
- Unicorn-30681.exe (PID: 7252)
- Unicorn-38548.exe (PID: 7368)
- Unicorn-35533.exe (PID: 7376)
- Unicorn-51677.exe (PID: 7408)
- Unicorn-59467.exe (PID: 7332)
- Unicorn-64121.exe (PID: 7352)
- Unicorn-4977.exe (PID: 7492)
- Unicorn-20850.exe (PID: 7384)
- Unicorn-49025.exe (PID: 7484)
- Unicorn-7764.exe (PID: 5512)
- Unicorn-48662.exe (PID: 7416)
- Unicorn-43424.exe (PID: 7476)
- Unicorn-54329.exe (PID: 7688)
- Unicorn-38355.exe (PID: 7732)
- Unicorn-17189.exe (PID: 7716)
- Unicorn-39071.exe (PID: 7636)
- Unicorn-18355.exe (PID: 7432)
- Unicorn-61345.exe (PID: 7644)
- Unicorn-58200.exe (PID: 7616)
- Unicorn-28372.exe (PID: 7836)
- Unicorn-31478.exe (PID: 7804)
- Unicorn-27713.exe (PID: 7608)
- Unicorn-4322.exe (PID: 7460)
- Unicorn-34463.exe (PID: 7680)
- Unicorn-40986.exe (PID: 7844)
- Unicorn-14536.exe (PID: 7440)
- Unicorn-63265.exe (PID: 7888)
- Unicorn-29176.exe (PID: 7828)
- Unicorn-56228.exe (PID: 8048)
- Unicorn-13680.exe (PID: 7924)
- Unicorn-58605.exe (PID: 7968)
- Unicorn-12912.exe (PID: 7772)
- Unicorn-30207.exe (PID: 8060)
- Unicorn-4744.exe (PID: 7760)
- Unicorn-35782.exe (PID: 2564)
- Unicorn-8506.exe (PID: 7820)
- Unicorn-27277.exe (PID: 8032)
- Unicorn-65237.exe (PID: 7668)
- Unicorn-63849.exe (PID: 8808)
- Unicorn-39455.exe (PID: 7860)
- Unicorn-18349.exe (PID: 8880)
- Unicorn-28107.exe (PID: 7812)
- Unicorn-21172.exe (PID: 8928)
- Unicorn-343.exe (PID: 8540)
- Unicorn-55105.exe (PID: 9012)
- Unicorn-18533.exe (PID: 8096)
- Unicorn-32.exe (PID: 8420)
- Unicorn-9980.exe (PID: 7876)
- Unicorn-27477.exe (PID: 9072)
- Unicorn-30571.exe (PID: 8020)
- Unicorn-15963.exe (PID: 8296)
- Unicorn-12052.exe (PID: 8396)
- Unicorn-64884.exe (PID: 8588)
- Unicorn-65377.exe (PID: 8704)
- Unicorn-28599.exe (PID: 5084)
- Unicorn-59160.exe (PID: 7960)
- Unicorn-21857.exe (PID: 8712)
- Unicorn-51023.exe (PID: 6656)
- Unicorn-45019.exe (PID: 8580)
- Unicorn-63008.exe (PID: 8972)
- Unicorn-22705.exe (PID: 7448)
- Unicorn-27727.exe (PID: 7400)
- Unicorn-30217.exe (PID: 8656)
- Unicorn-8127.exe (PID: 8616)
- Unicorn-3348.exe (PID: 8180)
- Unicorn-42661.exe (PID: 8940)
- Unicorn-13304.exe (PID: 8776)
- Unicorn-43867.exe (PID: 8160)
- Unicorn-64884.exe (PID: 8572)
- Unicorn-20439.exe (PID: 5960)
- Unicorn-54587.exe (PID: 8172)
- Unicorn-12154.exe (PID: 8636)
- Unicorn-18895.exe (PID: 7904)
- Unicorn-45158.exe (PID: 616)
- Unicorn-40681.exe (PID: 8468)
- Unicorn-144.exe (PID: 9972)
- Unicorn-2458.exe (PID: 9056)
- Unicorn-61405.exe (PID: 10032)
- Unicorn-11132.exe (PID: 8248)
- Unicorn-58169.exe (PID: 8492)
- Unicorn-25121.exe (PID: 7980)
- Unicorn-7248.exe (PID: 9048)
- Unicorn-49988.exe (PID: 8792)
- Unicorn-6472.exe (PID: 8040)
- Unicorn-49442.exe (PID: 8220)
- Unicorn-25305.exe (PID: 8564)
- Unicorn-38953.exe (PID: 8132)
- Unicorn-32902.exe (PID: 8512)
- Unicorn-38259.exe (PID: 7020)
- Unicorn-60652.exe (PID: 9676)
- Unicorn-4863.exe (PID: 8440)
- Unicorn-298.exe (PID: 9760)
- Unicorn-15993.exe (PID: 8224)
- Unicorn-58419.exe (PID: 7896)
- Unicorn-59905.exe (PID: 9732)
- Unicorn-33974.exe (PID: 8204)
- Unicorn-55053.exe (PID: 9508)
- Unicorn-44064.exe (PID: 7392)
- Unicorn-44197.exe (PID: 8404)
- Unicorn-31422.exe (PID: 1180)
- Unicorn-36029.exe (PID: 8228)
- Unicorn-37352.exe (PID: 11260)
- Unicorn-19251.exe (PID: 2968)
- Unicorn-1799.exe (PID: 8760)
- Unicorn-30757.exe (PID: 6208)
- Unicorn-59247.exe (PID: 8448)
- Unicorn-55245.exe (PID: 9480)
- Unicorn-30165.exe (PID: 9516)
- Unicorn-20373.exe (PID: 10016)
- Unicorn-44124.exe (PID: 9748)
- Unicorn-13415.exe (PID: 8608)
- Unicorn-2210.exe (PID: 9104)
- Unicorn-39323.exe (PID: 9944)
- Unicorn-30926.exe (PID: 12888)
- Unicorn-29833.exe (PID: 8740)
- Unicorn-65385.exe (PID: 9212)
- Unicorn-21275.exe (PID: 12880)
- Unicorn-58499.exe (PID: 9856)
- Unicorn-35749.exe (PID: 9900)
- Unicorn-23149.exe (PID: 9648)
- Unicorn-19989.exe (PID: 9800)
- Unicorn-13999.exe (PID: 9340)
- Unicorn-12284.exe (PID: 8388)
- Unicorn-36007.exe (PID: 10164)
- Unicorn-43761.exe (PID: 9588)
- Unicorn-19811.exe (PID: 9576)
- Unicorn-9723.exe (PID: 9360)
- Unicorn-41753.exe (PID: 8280)
- Unicorn-39271.exe (PID: 11756)
- Unicorn-35706.exe (PID: 8216)
- Unicorn-27892.exe (PID: 9776)
- Unicorn-39913.exe (PID: 8260)
- Unicorn-40649.exe (PID: 4220)
- Unicorn-2338.exe (PID: 12836)
- Unicorn-40549.exe (PID: 10788)
- Unicorn-34050.exe (PID: 12788)
- Unicorn-47121.exe (PID: 8140)
- Unicorn-14980.exe (PID: 9684)
- Unicorn-9915.exe (PID: 9348)
- Unicorn-25313.exe (PID: 9384)
- Unicorn-57409.exe (PID: 9280)
- Unicorn-55873.exe (PID: 9180)
- Unicorn-27227.exe (PID: 11352)
- Unicorn-20757.exe (PID: 9932)
- Unicorn-12033.exe (PID: 13816)
- Unicorn-65472.exe (PID: 10216)
- Unicorn-39781.exe (PID: 10628)
- Unicorn-56776.exe (PID: 11500)
- Unicorn-15483.exe (PID: 12980)
- Unicorn-34155.exe (PID: 15648)
- Unicorn-34155.exe (PID: 15632)
- Unicorn-63989.exe (PID: 9740)
- Unicorn-61317.exe (PID: 13812)
- Unicorn-7698.exe (PID: 9532)
- Unicorn-5010.exe (PID: 9096)
- Unicorn-24021.exe (PID: 10848)
- Unicorn-63813.exe (PID: 11196)
- Unicorn-45091.exe (PID: 15640)
- Unicorn-18977.exe (PID: 10396)
- Unicorn-16335.exe (PID: 16432)
- Unicorn-6407.exe (PID: 9496)
- Unicorn-27632.exe (PID: 15284)
- Unicorn-50818.exe (PID: 16800)
- Unicorn-7670.exe (PID: 16380)
- Unicorn-18275.exe (PID: 9292)
- Unicorn-56672.exe (PID: 10660)
- Unicorn-58991.exe (PID: 14720)
Starts itself from another location
- 1 (1328).exe (PID: 1452)
- Unicorn-26680.exe (PID: 6048)
- Unicorn-17121.exe (PID: 1228)
- Unicorn-51817.exe (PID: 5392)
- Unicorn-43649.exe (PID: 4424)
- Unicorn-53083.exe (PID: 4724)
- Unicorn-41603.exe (PID: 4892)
- Unicorn-16981.exe (PID: 1244)
- Unicorn-38147.exe (PID: 4408)
- Unicorn-47607.exe (PID: 5776)
- Unicorn-33125.exe (PID: 7152)
- Unicorn-57821.exe (PID: 668)
- Unicorn-33871.exe (PID: 6668)
- Unicorn-44235.exe (PID: 4180)
- Unicorn-19057.exe (PID: 4068)
- Unicorn-40223.exe (PID: 3888)
- Unicorn-48392.exe (PID: 5964)
- Unicorn-44204.exe (PID: 1912)
- Unicorn-32388.exe (PID: 2984)
- Unicorn-27417.exe (PID: 4188)
- Unicorn-21286.exe (PID: 1096)
- Unicorn-7764.exe (PID: 5512)
- Unicorn-24847.exe (PID: 5508)
- Unicorn-40821.exe (PID: 2040)
- Unicorn-29345.exe (PID: 4212)
- Unicorn-48283.exe (PID: 5228)
- Unicorn-35782.exe (PID: 2564)
- Unicorn-32653.exe (PID: 2096)
- Unicorn-62201.exe (PID: 3900)
- Unicorn-54588.exe (PID: 7172)
- Unicorn-18429.exe (PID: 7188)
- Unicorn-2092.exe (PID: 7200)
- Unicorn-10815.exe (PID: 7260)
- Unicorn-44905.exe (PID: 2552)
- Unicorn-22321.exe (PID: 7236)
- Unicorn-53331.exe (PID: 7212)
- Unicorn-16190.exe (PID: 7228)
- Unicorn-19197.exe (PID: 7324)
- Unicorn-34500.exe (PID: 7268)
- Unicorn-38548.exe (PID: 7368)
- Unicorn-35533.exe (PID: 7376)
- Unicorn-30681.exe (PID: 7252)
- Unicorn-64121.exe (PID: 7352)
- Unicorn-51677.exe (PID: 7408)
- Unicorn-4977.exe (PID: 7492)
- Unicorn-44064.exe (PID: 7392)
- Unicorn-48662.exe (PID: 7416)
- Unicorn-49025.exe (PID: 7484)
- Unicorn-43424.exe (PID: 7476)
- Unicorn-54329.exe (PID: 7688)
- Unicorn-17189.exe (PID: 7716)
- Unicorn-38355.exe (PID: 7732)
- Unicorn-39071.exe (PID: 7636)
- Unicorn-61345.exe (PID: 7644)
- Unicorn-18355.exe (PID: 7432)
- Unicorn-58200.exe (PID: 7616)
- Unicorn-22705.exe (PID: 7448)
- Unicorn-20850.exe (PID: 7384)
- Unicorn-28372.exe (PID: 7836)
- Unicorn-27727.exe (PID: 7400)
- Unicorn-31478.exe (PID: 7804)
- Unicorn-4322.exe (PID: 7460)
- Unicorn-40986.exe (PID: 7844)
- Unicorn-27713.exe (PID: 7608)
- Unicorn-14536.exe (PID: 7440)
- Unicorn-29176.exe (PID: 7828)
- Unicorn-34463.exe (PID: 7680)
- Unicorn-56228.exe (PID: 8048)
- Unicorn-58605.exe (PID: 7968)
- Unicorn-63265.exe (PID: 7888)
- Unicorn-12912.exe (PID: 7772)
- Unicorn-30207.exe (PID: 8060)
- Unicorn-2611.exe (PID: 856)
- Unicorn-4744.exe (PID: 7760)
- Unicorn-8506.exe (PID: 7820)
- Unicorn-27277.exe (PID: 8032)
- Unicorn-65237.exe (PID: 7668)
- Unicorn-63849.exe (PID: 8808)
- Unicorn-39455.exe (PID: 7860)
- Unicorn-18349.exe (PID: 8880)
- Unicorn-28107.exe (PID: 7812)
- Unicorn-21172.exe (PID: 8928)
- Unicorn-18533.exe (PID: 8096)
- Unicorn-32.exe (PID: 8420)
- Unicorn-343.exe (PID: 8540)
- Unicorn-55105.exe (PID: 9012)
- Unicorn-9980.exe (PID: 7876)
- Unicorn-27477.exe (PID: 9072)
- Unicorn-30571.exe (PID: 8020)
- Unicorn-12052.exe (PID: 8396)
- Unicorn-28599.exe (PID: 5084)
- Unicorn-64884.exe (PID: 8588)
- Unicorn-65377.exe (PID: 8704)
- Unicorn-59160.exe (PID: 7960)
- Unicorn-21857.exe (PID: 8712)
- Unicorn-4863.exe (PID: 8440)
- Unicorn-45019.exe (PID: 8580)
- Unicorn-63008.exe (PID: 8972)
- Unicorn-30217.exe (PID: 8656)
- Unicorn-3348.exe (PID: 8180)
- Unicorn-47121.exe (PID: 8140)
- Unicorn-42661.exe (PID: 8940)
- Unicorn-43867.exe (PID: 8160)
- Unicorn-13304.exe (PID: 8776)
- Unicorn-64884.exe (PID: 8572)
- Unicorn-20439.exe (PID: 5960)
- Unicorn-12154.exe (PID: 8636)
- Unicorn-54587.exe (PID: 8172)
- Unicorn-15963.exe (PID: 8296)
- Unicorn-59467.exe (PID: 7332)
- Unicorn-51023.exe (PID: 6656)
- Unicorn-18895.exe (PID: 7904)
- Unicorn-45158.exe (PID: 616)
- Unicorn-40681.exe (PID: 8468)
- Unicorn-144.exe (PID: 9972)
- Unicorn-8127.exe (PID: 8616)
- Unicorn-61405.exe (PID: 10032)
- Unicorn-11132.exe (PID: 8248)
- Unicorn-5010.exe (PID: 9096)
- Unicorn-58169.exe (PID: 8492)
- Unicorn-25121.exe (PID: 7980)
- Unicorn-7248.exe (PID: 9048)
- Unicorn-49988.exe (PID: 8792)
- Unicorn-6472.exe (PID: 8040)
- Unicorn-25305.exe (PID: 8564)
- Unicorn-49442.exe (PID: 8220)
- Unicorn-38953.exe (PID: 8132)
- Unicorn-7698.exe (PID: 9532)
- Unicorn-38259.exe (PID: 7020)
- Unicorn-2458.exe (PID: 9056)
- Unicorn-60652.exe (PID: 9676)
- Unicorn-14980.exe (PID: 9684)
- Unicorn-298.exe (PID: 9760)
- Unicorn-15993.exe (PID: 8224)
- Unicorn-58419.exe (PID: 7896)
- Unicorn-55053.exe (PID: 9508)
- Unicorn-44197.exe (PID: 8404)
- Unicorn-32902.exe (PID: 8512)
- Unicorn-31422.exe (PID: 1180)
- Unicorn-23149.exe (PID: 9648)
- Unicorn-1799.exe (PID: 8760)
- Unicorn-37352.exe (PID: 11260)
- Unicorn-36029.exe (PID: 8228)
- Unicorn-19251.exe (PID: 2968)
- Unicorn-30757.exe (PID: 6208)
- Unicorn-59247.exe (PID: 8448)
- Unicorn-55245.exe (PID: 9480)
- Unicorn-59905.exe (PID: 9732)
- Unicorn-30165.exe (PID: 9516)
- Unicorn-20373.exe (PID: 10016)
- Unicorn-44124.exe (PID: 9748)
- Unicorn-13415.exe (PID: 8608)
- Unicorn-2210.exe (PID: 9104)
- Unicorn-39323.exe (PID: 9944)
- Unicorn-30926.exe (PID: 12888)
- Unicorn-29833.exe (PID: 8740)
- Unicorn-13680.exe (PID: 7924)
- Unicorn-2338.exe (PID: 12836)
- Unicorn-21275.exe (PID: 12880)
- Unicorn-58499.exe (PID: 9856)
- Unicorn-65385.exe (PID: 9212)
- Unicorn-35749.exe (PID: 9900)
- Unicorn-19989.exe (PID: 9800)
- Unicorn-13999.exe (PID: 9340)
- Unicorn-12284.exe (PID: 8388)
- Unicorn-36007.exe (PID: 10164)
- Unicorn-43761.exe (PID: 9588)
- Unicorn-19811.exe (PID: 9576)
- Unicorn-9723.exe (PID: 9360)
- Unicorn-63813.exe (PID: 11196)
- Unicorn-39913.exe (PID: 8260)
- Unicorn-39781.exe (PID: 10628)
- Unicorn-39271.exe (PID: 11756)
- Unicorn-35706.exe (PID: 8216)
- Unicorn-27892.exe (PID: 9776)
- Unicorn-41753.exe (PID: 8280)
- Unicorn-12033.exe (PID: 13816)
- Unicorn-24982.exe (PID: 13828)
- Unicorn-40649.exe (PID: 4220)
- Unicorn-61317.exe (PID: 13812)
- Unicorn-33974.exe (PID: 8204)
- Unicorn-34050.exe (PID: 12788)
- Unicorn-40549.exe (PID: 10788)
- Unicorn-25313.exe (PID: 9384)
- Unicorn-9915.exe (PID: 9348)
INFO
Checks supported languages
- 1 (1328).exe (PID: 1452)
- Unicorn-17121.exe (PID: 1228)
- Unicorn-26680.exe (PID: 6048)
- Unicorn-51817.exe (PID: 5392)
- Unicorn-53083.exe (PID: 4724)
- Unicorn-43649.exe (PID: 4424)
- Unicorn-41603.exe (PID: 4892)
- Unicorn-16981.exe (PID: 1244)
- Unicorn-38147.exe (PID: 4408)
- Unicorn-44204.exe (PID: 1912)
- Unicorn-47607.exe (PID: 5776)
- Unicorn-33125.exe (PID: 7152)
- Unicorn-44235.exe (PID: 4180)
- Unicorn-57821.exe (PID: 668)
- Unicorn-33871.exe (PID: 6668)
- Unicorn-19057.exe (PID: 4068)
- Unicorn-21286.exe (PID: 1096)
- Unicorn-40223.exe (PID: 3888)
- Unicorn-48392.exe (PID: 5964)
- Unicorn-44905.exe (PID: 2552)
- Unicorn-2611.exe (PID: 856)
- Unicorn-32388.exe (PID: 2984)
- Unicorn-32653.exe (PID: 2096)
- Unicorn-48283.exe (PID: 5228)
- Unicorn-7764.exe (PID: 5512)
- Unicorn-35782.exe (PID: 2564)
- Unicorn-24847.exe (PID: 5508)
- Unicorn-62201.exe (PID: 3900)
- Unicorn-18429.exe (PID: 7188)
- Unicorn-53331.exe (PID: 7212)
- Unicorn-34500.exe (PID: 7268)
- Unicorn-22321.exe (PID: 7236)
- Unicorn-16190.exe (PID: 7228)
- Unicorn-19197.exe (PID: 7324)
- Unicorn-2092.exe (PID: 7200)
- Unicorn-59467.exe (PID: 7332)
- Unicorn-38548.exe (PID: 7368)
- Unicorn-27727.exe (PID: 7400)
- Unicorn-35533.exe (PID: 7376)
- Unicorn-20850.exe (PID: 7384)
- Unicorn-48662.exe (PID: 7416)
- Unicorn-18355.exe (PID: 7432)
- Unicorn-22705.exe (PID: 7448)
- Unicorn-4322.exe (PID: 7460)
- Unicorn-43424.exe (PID: 7476)
- Unicorn-49025.exe (PID: 7484)
- Unicorn-4977.exe (PID: 7492)
- Unicorn-58200.exe (PID: 7616)
- Unicorn-54329.exe (PID: 7688)
- Unicorn-29057.exe (PID: 7624)
- Unicorn-39071.exe (PID: 7636)
- Unicorn-61345.exe (PID: 7644)
- Unicorn-34463.exe (PID: 7680)
- Unicorn-12912.exe (PID: 7772)
- Unicorn-31478.exe (PID: 7804)
- Unicorn-4744.exe (PID: 7760)
- Unicorn-28107.exe (PID: 7812)
- Unicorn-28372.exe (PID: 7836)
- Unicorn-39455.exe (PID: 7860)
- Unicorn-9980.exe (PID: 7876)
- Unicorn-63265.exe (PID: 7888)
- Unicorn-58419.exe (PID: 7896)
- Unicorn-13680.exe (PID: 7924)
- Unicorn-27277.exe (PID: 8032)
- Unicorn-6472.exe (PID: 8040)
- Unicorn-56228.exe (PID: 8048)
- Unicorn-59160.exe (PID: 7960)
- Unicorn-54587.exe (PID: 8172)
- Unicorn-3348.exe (PID: 8180)
- Unicorn-47121.exe (PID: 8140)
- Unicorn-43867.exe (PID: 8160)
- Unicorn-15963.exe (PID: 8296)
- Unicorn-32.exe (PID: 8420)
- Unicorn-51023.exe (PID: 6656)
- Unicorn-12284.exe (PID: 8388)
- Unicorn-40681.exe (PID: 8468)
- Unicorn-32902.exe (PID: 8512)
- Unicorn-18349.exe (PID: 8880)
- Unicorn-64884.exe (PID: 8572)
- Unicorn-45019.exe (PID: 8580)
- Unicorn-63849.exe (PID: 8808)
- Unicorn-343.exe (PID: 8540)
- Unicorn-21172.exe (PID: 8928)
- Unicorn-13415.exe (PID: 8608)
- Unicorn-4863.exe (PID: 8440)
- Unicorn-30217.exe (PID: 8656)
- Unicorn-21857.exe (PID: 8712)
- Unicorn-8127.exe (PID: 8616)
- Unicorn-12154.exe (PID: 8636)
- Unicorn-13304.exe (PID: 8776)
- Unicorn-49988.exe (PID: 8792)
- Unicorn-63008.exe (PID: 8972)
- Unicorn-65377.exe (PID: 8704)
- Unicorn-29833.exe (PID: 8740)
- Unicorn-62947.exe (PID: 8476)
- Unicorn-7248.exe (PID: 9048)
- Unicorn-27477.exe (PID: 9072)
- Unicorn-5010.exe (PID: 9096)
- Unicorn-2210.exe (PID: 9104)
- Unicorn-55873.exe (PID: 9180)
- Unicorn-15993.exe (PID: 8224)
- Unicorn-20439.exe (PID: 5960)
- Unicorn-38259.exe (PID: 7020)
- Unicorn-49028.exe (PID: 8244)
- Unicorn-25121.exe (PID: 7980)
- Unicorn-65385.exe (PID: 9212)
- Unicorn-57409.exe (PID: 9280)
- Unicorn-6023.exe (PID: 9312)
- Unicorn-18275.exe (PID: 9292)
- Unicorn-50585.exe (PID: 9332)
- Unicorn-13999.exe (PID: 9340)
- Unicorn-9915.exe (PID: 9348)
- Unicorn-24244.exe (PID: 9376)
- Unicorn-25313.exe (PID: 9384)
- Unicorn-55053.exe (PID: 9508)
- Unicorn-30165.exe (PID: 9516)
- Unicorn-7698.exe (PID: 9532)
- Unicorn-19811.exe (PID: 9576)
- Unicorn-55245.exe (PID: 9480)
- Unicorn-43761.exe (PID: 9588)
- Unicorn-58946.exe (PID: 9604)
- Unicorn-20373.exe (PID: 10016)
- Unicorn-44316.exe (PID: 9700)
- Unicorn-42999.exe (PID: 9692)
- Unicorn-19257.exe (PID: 9612)
- Unicorn-51359.exe (PID: 9640)
- Unicorn-14980.exe (PID: 9684)
- Unicorn-63916.exe (PID: 9708)
- Unicorn-63989.exe (PID: 9740)
- Unicorn-59905.exe (PID: 9732)
- Unicorn-44124.exe (PID: 9748)
- Unicorn-298.exe (PID: 9760)
- Unicorn-9723.exe (PID: 9360)
- Unicorn-27892.exe (PID: 9776)
- Unicorn-61576.exe (PID: 9792)
- Unicorn-58499.exe (PID: 9856)
- Unicorn-21850.exe (PID: 9880)
- Unicorn-35749.exe (PID: 9900)
- Unicorn-20757.exe (PID: 9932)
- Unicorn-39323.exe (PID: 9944)
- Unicorn-23149.exe (PID: 9648)
- Unicorn-20762.exe (PID: 10104)
- Unicorn-9827.exe (PID: 10112)
- Unicorn-59028.exe (PID: 10124)
- Unicorn-36007.exe (PID: 10164)
- Unicorn-65472.exe (PID: 10216)
- Unicorn-33206.exe (PID: 10172)
- Unicorn-19989.exe (PID: 9800)
- Unicorn-54005.exe (PID: 6744)
- Unicorn-22271.exe (PID: 10156)
- Unicorn-3543.exe (PID: 10248)
- Unicorn-41753.exe (PID: 8280)
- Unicorn-26377.exe (PID: 10276)
- Unicorn-46989.exe (PID: 10316)
- Unicorn-9848.exe (PID: 10328)
- Unicorn-55328.exe (PID: 10340)
- Unicorn-2640.exe (PID: 10408)
- Unicorn-22677.exe (PID: 10520)
- Unicorn-10424.exe (PID: 10508)
- Unicorn-61471.exe (PID: 10544)
- Unicorn-5446.exe (PID: 10588)
- Unicorn-57248.exe (PID: 10580)
- Unicorn-46916.exe (PID: 10560)
- Unicorn-3771.exe (PID: 10608)
- Unicorn-56672.exe (PID: 10660)
- Unicorn-21067.exe (PID: 10712)
- Unicorn-60201.exe (PID: 10688)
- Unicorn-19251.exe (PID: 2968)
- Unicorn-5847.exe (PID: 10676)
- Unicorn-36443.exe (PID: 10668)
- Unicorn-40549.exe (PID: 10788)
- Unicorn-33258.exe (PID: 10832)
- Unicorn-24021.exe (PID: 10848)
- Unicorn-7767.exe (PID: 10908)
- Unicorn-47544.exe (PID: 10308)
- Unicorn-37041.exe (PID: 10956)
- Unicorn-61784.exe (PID: 11020)
- Unicorn-5484.exe (PID: 11036)
- Unicorn-47980.exe (PID: 11476)
- Unicorn-30757.exe (PID: 6208)
- Unicorn-40527.exe (PID: 10636)
- Unicorn-27227.exe (PID: 11352)
- Unicorn-15380.exe (PID: 11460)
- Unicorn-64752.exe (PID: 11560)
- Unicorn-60860.exe (PID: 11544)
- Unicorn-24789.exe (PID: 10980)
- Unicorn-63236.exe (PID: 11572)
- Unicorn-9958.exe (PID: 11600)
- Unicorn-32189.exe (PID: 10824)
- Unicorn-44280.exe (PID: 11840)
- Unicorn-26792.exe (PID: 11620)
- Unicorn-22397.exe (PID: 5556)
- Unicorn-7020.exe (PID: 11488)
- Unicorn-58260.exe (PID: 12220)
- Unicorn-1659.exe (PID: 10348)
- Unicorn-48120.exe (PID: 10468)
- Unicorn-59900.exe (PID: 11316)
- Unicorn-24574.exe (PID: 4284)
- Unicorn-14923.exe (PID: 5132)
- Unicorn-49117.exe (PID: 12940)
- Unicorn-15483.exe (PID: 12980)
- Unicorn-10860.exe (PID: 13032)
- Unicorn-54716.exe (PID: 13088)
- Unicorn-51037.exe (PID: 13272)
- Unicorn-41311.exe (PID: 12972)
- Unicorn-30979.exe (PID: 3896)
- Unicorn-15292.exe (PID: 12804)
- Unicorn-4275.exe (PID: 13416)
- Unicorn-51612.exe (PID: 13556)
- Unicorn-38712.exe (PID: 13564)
- Unicorn-13164.exe (PID: 13544)
- Unicorn-18867.exe (PID: 13660)
- Unicorn-28536.exe (PID: 14848)
- Unicorn-45536.exe (PID: 13212)
- Unicorn-2433.exe (PID: 14176)
- Unicorn-43375.exe (PID: 1056)
- Unicorn-1312.exe (PID: 15244)
- Unicorn-33697.exe (PID: 15568)
- Unicorn-17191.exe (PID: 12900)
- Unicorn-45536.exe (PID: 13192)
- Unicorn-25935.exe (PID: 13184)
- Unicorn-47891.exe (PID: 15544)
- Unicorn-50818.exe (PID: 16800)
- Unicorn-50818.exe (PID: 16808)
The sample compiled with chinese language support
- 1 (1328).exe (PID: 1452)
- Unicorn-17121.exe (PID: 1228)
- Unicorn-26680.exe (PID: 6048)
- Unicorn-51817.exe (PID: 5392)
- Unicorn-53083.exe (PID: 4724)
- Unicorn-41603.exe (PID: 4892)
- Unicorn-44204.exe (PID: 1912)
- Unicorn-38147.exe (PID: 4408)
- Unicorn-47607.exe (PID: 5776)
- Unicorn-44235.exe (PID: 4180)
- Unicorn-57821.exe (PID: 668)
- Unicorn-43649.exe (PID: 4424)
- Unicorn-33871.exe (PID: 6668)
- Unicorn-16981.exe (PID: 1244)
- Unicorn-19057.exe (PID: 4068)
- Unicorn-40223.exe (PID: 3888)
- Unicorn-48392.exe (PID: 5964)
- Unicorn-27417.exe (PID: 4188)
- Unicorn-21286.exe (PID: 1096)
- Unicorn-32388.exe (PID: 2984)
- Unicorn-44905.exe (PID: 2552)
- Unicorn-24847.exe (PID: 5508)
- Unicorn-29345.exe (PID: 4212)
- Unicorn-40821.exe (PID: 2040)
- Unicorn-48283.exe (PID: 5228)
- Unicorn-2611.exe (PID: 856)
- Unicorn-32653.exe (PID: 2096)
- Unicorn-33125.exe (PID: 7152)
- Unicorn-62201.exe (PID: 3900)
- Unicorn-54588.exe (PID: 7172)
- Unicorn-18429.exe (PID: 7188)
- Unicorn-2092.exe (PID: 7200)
- Unicorn-10815.exe (PID: 7260)
- Unicorn-53331.exe (PID: 7212)
- Unicorn-22321.exe (PID: 7236)
- Unicorn-16190.exe (PID: 7228)
- Unicorn-19197.exe (PID: 7324)
- Unicorn-30681.exe (PID: 7252)
- Unicorn-34500.exe (PID: 7268)
- Unicorn-38548.exe (PID: 7368)
- Unicorn-35533.exe (PID: 7376)
- Unicorn-59467.exe (PID: 7332)
- Unicorn-64121.exe (PID: 7352)
- Unicorn-4977.exe (PID: 7492)
- Unicorn-20850.exe (PID: 7384)
- Unicorn-51677.exe (PID: 7408)
- Unicorn-49025.exe (PID: 7484)
- Unicorn-48662.exe (PID: 7416)
- Unicorn-7764.exe (PID: 5512)
- Unicorn-38355.exe (PID: 7732)
- Unicorn-54329.exe (PID: 7688)
- Unicorn-17189.exe (PID: 7716)
- Unicorn-43424.exe (PID: 7476)
- Unicorn-61345.exe (PID: 7644)
- Unicorn-58200.exe (PID: 7616)
- Unicorn-39071.exe (PID: 7636)
- Unicorn-18355.exe (PID: 7432)
- Unicorn-31478.exe (PID: 7804)
- Unicorn-28372.exe (PID: 7836)
- Unicorn-27713.exe (PID: 7608)
- Unicorn-4322.exe (PID: 7460)
- Unicorn-40986.exe (PID: 7844)
- Unicorn-14536.exe (PID: 7440)
- Unicorn-29176.exe (PID: 7828)
- Unicorn-34463.exe (PID: 7680)
- Unicorn-56228.exe (PID: 8048)
- Unicorn-13680.exe (PID: 7924)
- Unicorn-58605.exe (PID: 7968)
- Unicorn-63265.exe (PID: 7888)
- Unicorn-12912.exe (PID: 7772)
- Unicorn-30207.exe (PID: 8060)
- Unicorn-35782.exe (PID: 2564)
- Unicorn-8506.exe (PID: 7820)
- Unicorn-27277.exe (PID: 8032)
- Unicorn-4744.exe (PID: 7760)
- Unicorn-65237.exe (PID: 7668)
- Unicorn-63849.exe (PID: 8808)
- Unicorn-39455.exe (PID: 7860)
- Unicorn-28107.exe (PID: 7812)
- Unicorn-21172.exe (PID: 8928)
- Unicorn-343.exe (PID: 8540)
- Unicorn-18349.exe (PID: 8880)
- Unicorn-55105.exe (PID: 9012)
- Unicorn-18533.exe (PID: 8096)
- Unicorn-32.exe (PID: 8420)
- Unicorn-12052.exe (PID: 8396)
- Unicorn-9980.exe (PID: 7876)
- Unicorn-27477.exe (PID: 9072)
- Unicorn-30571.exe (PID: 8020)
- Unicorn-28599.exe (PID: 5084)
- Unicorn-64884.exe (PID: 8588)
- Unicorn-65377.exe (PID: 8704)
- Unicorn-15963.exe (PID: 8296)
- Unicorn-59160.exe (PID: 7960)
- Unicorn-21857.exe (PID: 8712)
- Unicorn-51023.exe (PID: 6656)
- Unicorn-45019.exe (PID: 8580)
- Unicorn-63008.exe (PID: 8972)
- Unicorn-22705.exe (PID: 7448)
- Unicorn-27727.exe (PID: 7400)
- Unicorn-30217.exe (PID: 8656)
- Unicorn-3348.exe (PID: 8180)
- Unicorn-43867.exe (PID: 8160)
- Unicorn-42661.exe (PID: 8940)
- Unicorn-13304.exe (PID: 8776)
- Unicorn-64884.exe (PID: 8572)
- Unicorn-20439.exe (PID: 5960)
- Unicorn-54587.exe (PID: 8172)
- Unicorn-12154.exe (PID: 8636)
- Unicorn-18895.exe (PID: 7904)
- Unicorn-40681.exe (PID: 8468)
- Unicorn-45158.exe (PID: 616)
- Unicorn-144.exe (PID: 9972)
- Unicorn-8127.exe (PID: 8616)
- Unicorn-61405.exe (PID: 10032)
- Unicorn-11132.exe (PID: 8248)
- Unicorn-58169.exe (PID: 8492)
- Unicorn-49988.exe (PID: 8792)
- Unicorn-6472.exe (PID: 8040)
- Unicorn-25121.exe (PID: 7980)
- Unicorn-7248.exe (PID: 9048)
- Unicorn-25305.exe (PID: 8564)
- Unicorn-49442.exe (PID: 8220)
- Unicorn-38953.exe (PID: 8132)
- Unicorn-32902.exe (PID: 8512)
- Unicorn-38259.exe (PID: 7020)
- Unicorn-2458.exe (PID: 9056)
- Unicorn-60652.exe (PID: 9676)
- Unicorn-4863.exe (PID: 8440)
- Unicorn-298.exe (PID: 9760)
- Unicorn-15993.exe (PID: 8224)
- Unicorn-59905.exe (PID: 9732)
- Unicorn-33974.exe (PID: 8204)
- Unicorn-55053.exe (PID: 9508)
- Unicorn-58419.exe (PID: 7896)
- Unicorn-44197.exe (PID: 8404)
- Unicorn-44064.exe (PID: 7392)
- Unicorn-31422.exe (PID: 1180)
- Unicorn-23149.exe (PID: 9648)
- Unicorn-1799.exe (PID: 8760)
- Unicorn-37352.exe (PID: 11260)
- Unicorn-19251.exe (PID: 2968)
- Unicorn-36029.exe (PID: 8228)
- Unicorn-59247.exe (PID: 8448)
- Unicorn-30757.exe (PID: 6208)
- Unicorn-55245.exe (PID: 9480)
- Unicorn-30165.exe (PID: 9516)
- Unicorn-20373.exe (PID: 10016)
- Unicorn-44124.exe (PID: 9748)
- Unicorn-2210.exe (PID: 9104)
- Unicorn-13415.exe (PID: 8608)
- Unicorn-39323.exe (PID: 9944)
- Unicorn-29833.exe (PID: 8740)
- Unicorn-30926.exe (PID: 12888)
- Unicorn-2338.exe (PID: 12836)
- Unicorn-65385.exe (PID: 9212)
- Unicorn-21275.exe (PID: 12880)
- Unicorn-58499.exe (PID: 9856)
- Unicorn-35749.exe (PID: 9900)
- Unicorn-19989.exe (PID: 9800)
- Unicorn-13999.exe (PID: 9340)
- Unicorn-12284.exe (PID: 8388)
- Unicorn-36007.exe (PID: 10164)
- Unicorn-19811.exe (PID: 9576)
- Unicorn-9723.exe (PID: 9360)
- Unicorn-43761.exe (PID: 9588)
- Unicorn-41753.exe (PID: 8280)
- Unicorn-27892.exe (PID: 9776)
- Unicorn-39913.exe (PID: 8260)
- Unicorn-39271.exe (PID: 11756)
- Unicorn-35706.exe (PID: 8216)
- Unicorn-40649.exe (PID: 4220)
- Unicorn-40549.exe (PID: 10788)
- Unicorn-34050.exe (PID: 12788)
- Unicorn-47121.exe (PID: 8140)
- Unicorn-14980.exe (PID: 9684)
- Unicorn-25313.exe (PID: 9384)
- Unicorn-57409.exe (PID: 9280)
- Unicorn-55873.exe (PID: 9180)
- Unicorn-27227.exe (PID: 11352)
- Unicorn-12033.exe (PID: 13816)
- Unicorn-20757.exe (PID: 9932)
- Unicorn-56776.exe (PID: 11500)
- Unicorn-65472.exe (PID: 10216)
- Unicorn-39781.exe (PID: 10628)
- Unicorn-9915.exe (PID: 9348)
- Unicorn-34155.exe (PID: 15648)
- Unicorn-7698.exe (PID: 9532)
- Unicorn-34155.exe (PID: 15632)
- Unicorn-63989.exe (PID: 9740)
- Unicorn-61317.exe (PID: 13812)
- Unicorn-5010.exe (PID: 9096)
- Unicorn-63813.exe (PID: 11196)
- Unicorn-24021.exe (PID: 10848)
- Unicorn-45091.exe (PID: 15640)
- Unicorn-15483.exe (PID: 12980)
- Unicorn-16335.exe (PID: 16432)
- Unicorn-6407.exe (PID: 9496)
- Unicorn-27632.exe (PID: 15284)
- Unicorn-50818.exe (PID: 16800)
- Unicorn-7670.exe (PID: 16380)
- Unicorn-56672.exe (PID: 10660)
- Unicorn-18275.exe (PID: 9292)
- Unicorn-58991.exe (PID: 14720)
- Unicorn-18977.exe (PID: 10396)
Reads the computer name
- 1 (1328).exe (PID: 1452)
- Unicorn-17121.exe (PID: 1228)
- Unicorn-53083.exe (PID: 4724)
- Unicorn-26680.exe (PID: 6048)
- Unicorn-44204.exe (PID: 1912)
- Unicorn-51817.exe (PID: 5392)
- Unicorn-41603.exe (PID: 4892)
- Unicorn-43649.exe (PID: 4424)
- Unicorn-16981.exe (PID: 1244)
- Unicorn-38147.exe (PID: 4408)
- Unicorn-47607.exe (PID: 5776)
- Unicorn-33125.exe (PID: 7152)
- Unicorn-44235.exe (PID: 4180)
- Unicorn-57821.exe (PID: 668)
- Unicorn-19057.exe (PID: 4068)
- Unicorn-48392.exe (PID: 5964)
- Unicorn-40223.exe (PID: 3888)
- Unicorn-27417.exe (PID: 4188)
- Unicorn-21286.exe (PID: 1096)
- Unicorn-32388.exe (PID: 2984)
- Unicorn-44905.exe (PID: 2552)
- Unicorn-32653.exe (PID: 2096)
- Unicorn-35782.exe (PID: 2564)
- Unicorn-7764.exe (PID: 5512)
- Unicorn-40821.exe (PID: 2040)
- Unicorn-2611.exe (PID: 856)
- Unicorn-62201.exe (PID: 3900)
- Unicorn-22321.exe (PID: 7236)
- Unicorn-2092.exe (PID: 7200)
- Unicorn-10815.exe (PID: 7260)
- Unicorn-54588.exe (PID: 7172)
- Unicorn-16190.exe (PID: 7228)
- Unicorn-34500.exe (PID: 7268)
- Unicorn-30681.exe (PID: 7252)
- Unicorn-59467.exe (PID: 7332)
- Unicorn-43424.exe (PID: 7476)
- Unicorn-49025.exe (PID: 7484)
- Unicorn-39071.exe (PID: 7636)
- Unicorn-27727.exe (PID: 7400)
- Unicorn-61345.exe (PID: 7644)
- Unicorn-58200.exe (PID: 7616)
- Unicorn-18355.exe (PID: 7432)
- Unicorn-22705.exe (PID: 7448)
- Unicorn-31478.exe (PID: 7804)
- Unicorn-29057.exe (PID: 7624)
- Unicorn-40986.exe (PID: 7844)
- Unicorn-27713.exe (PID: 7608)
- Unicorn-34463.exe (PID: 7680)
- Unicorn-58605.exe (PID: 7968)
- Unicorn-12912.exe (PID: 7772)
- Unicorn-65237.exe (PID: 7668)
- Unicorn-8506.exe (PID: 7820)
- Unicorn-63849.exe (PID: 8808)
- Unicorn-28107.exe (PID: 7812)
- Unicorn-343.exe (PID: 8540)
- Unicorn-18533.exe (PID: 8096)
- Unicorn-12052.exe (PID: 8396)
- Unicorn-27477.exe (PID: 9072)
- Unicorn-64884.exe (PID: 8588)
- Unicorn-8127.exe (PID: 8616)
- Unicorn-28599.exe (PID: 5084)
- Unicorn-59160.exe (PID: 7960)
- Unicorn-21857.exe (PID: 8712)
- Unicorn-45019.exe (PID: 8580)
- Unicorn-3348.exe (PID: 8180)
- Unicorn-30217.exe (PID: 8656)
- Unicorn-7248.exe (PID: 9048)
- Unicorn-13304.exe (PID: 8776)
- Unicorn-12154.exe (PID: 8636)
- Unicorn-54587.exe (PID: 8172)
- Unicorn-18895.exe (PID: 7904)
- Unicorn-144.exe (PID: 9972)
- Unicorn-20373.exe (PID: 10016)
- Unicorn-5010.exe (PID: 9096)
- Unicorn-25121.exe (PID: 7980)
- Unicorn-55053.exe (PID: 9508)
- Unicorn-25305.exe (PID: 8564)
- Unicorn-7698.exe (PID: 9532)
- Unicorn-58419.exe (PID: 7896)
- Unicorn-32902.exe (PID: 8512)
- Unicorn-14980.exe (PID: 9684)
- Unicorn-60652.exe (PID: 9676)
- Unicorn-298.exe (PID: 9760)
- Unicorn-33974.exe (PID: 8204)
- Unicorn-44197.exe (PID: 8404)
- Unicorn-31422.exe (PID: 1180)
- Unicorn-55245.exe (PID: 9480)
- Unicorn-43761.exe (PID: 9588)
- Unicorn-39271.exe (PID: 11756)
- Unicorn-19811.exe (PID: 9576)
- Unicorn-36007.exe (PID: 10164)
Create files in a temporary directory
- 1 (1328).exe (PID: 1452)
- Unicorn-26680.exe (PID: 6048)
- Unicorn-17121.exe (PID: 1228)
- Unicorn-51817.exe (PID: 5392)
- Unicorn-53083.exe (PID: 4724)
- Unicorn-44204.exe (PID: 1912)
- Unicorn-38147.exe (PID: 4408)
- Unicorn-47607.exe (PID: 5776)
- Unicorn-33125.exe (PID: 7152)
- Unicorn-44235.exe (PID: 4180)
- Unicorn-41603.exe (PID: 4892)
- Unicorn-16981.exe (PID: 1244)
- Unicorn-48392.exe (PID: 5964)
- Unicorn-24847.exe (PID: 5508)
- Unicorn-40821.exe (PID: 2040)
- Unicorn-33871.exe (PID: 6668)
- Unicorn-2611.exe (PID: 856)
- Unicorn-57821.exe (PID: 668)
- Unicorn-18429.exe (PID: 7188)
- Unicorn-62201.exe (PID: 3900)
- Unicorn-19057.exe (PID: 4068)
- Unicorn-54588.exe (PID: 7172)
- Unicorn-10815.exe (PID: 7260)
- Unicorn-44905.exe (PID: 2552)
- Unicorn-53331.exe (PID: 7212)
- Unicorn-34500.exe (PID: 7268)
- Unicorn-16190.exe (PID: 7228)
- Unicorn-27417.exe (PID: 4188)
- Unicorn-30681.exe (PID: 7252)
- Unicorn-21286.exe (PID: 1096)
- Unicorn-32388.exe (PID: 2984)
- Unicorn-51677.exe (PID: 7408)
- Unicorn-4977.exe (PID: 7492)
- Unicorn-20850.exe (PID: 7384)
- Unicorn-49025.exe (PID: 7484)
- Unicorn-7764.exe (PID: 5512)
- Unicorn-48662.exe (PID: 7416)
- Unicorn-48283.exe (PID: 5228)
- Unicorn-43424.exe (PID: 7476)
- Unicorn-54329.exe (PID: 7688)
- Unicorn-17189.exe (PID: 7716)
- Unicorn-22321.exe (PID: 7236)
- Unicorn-39071.exe (PID: 7636)
- Unicorn-18355.exe (PID: 7432)
- Unicorn-58200.exe (PID: 7616)
- Unicorn-28372.exe (PID: 7836)
- Unicorn-32653.exe (PID: 2096)
- Unicorn-31478.exe (PID: 7804)
- Unicorn-27713.exe (PID: 7608)
- Unicorn-43649.exe (PID: 4424)
- Unicorn-40986.exe (PID: 7844)
- Unicorn-4322.exe (PID: 7460)
- Unicorn-14536.exe (PID: 7440)
- Unicorn-29176.exe (PID: 7828)
- Unicorn-63265.exe (PID: 7888)
- Unicorn-56228.exe (PID: 8048)
- Unicorn-58605.exe (PID: 7968)
- Unicorn-12912.exe (PID: 7772)
- Unicorn-30207.exe (PID: 8060)
- Unicorn-29057.exe (PID: 7624)
- Unicorn-8506.exe (PID: 7820)
- Unicorn-27277.exe (PID: 8032)
- Unicorn-40223.exe (PID: 3888)
- Unicorn-65237.exe (PID: 7668)
- Unicorn-63849.exe (PID: 8808)
- Unicorn-34463.exe (PID: 7680)
- Unicorn-29345.exe (PID: 4212)
- Unicorn-2092.exe (PID: 7200)
- Unicorn-18349.exe (PID: 8880)
- Unicorn-21172.exe (PID: 8928)
- Unicorn-55105.exe (PID: 9012)
- Unicorn-32.exe (PID: 8420)
- Unicorn-12052.exe (PID: 8396)
- Unicorn-18533.exe (PID: 8096)
- Unicorn-9980.exe (PID: 7876)
- Unicorn-15963.exe (PID: 8296)
- Unicorn-30571.exe (PID: 8020)
- Unicorn-27477.exe (PID: 9072)
- Unicorn-65377.exe (PID: 8704)
- Unicorn-64884.exe (PID: 8588)
- Unicorn-59160.exe (PID: 7960)
- Unicorn-22705.exe (PID: 7448)
- Unicorn-19197.exe (PID: 7324)
- Unicorn-27727.exe (PID: 7400)
- Unicorn-64121.exe (PID: 7352)
- Unicorn-8127.exe (PID: 8616)
- Unicorn-30217.exe (PID: 8656)
- Unicorn-20439.exe (PID: 5960)
- Unicorn-54587.exe (PID: 8172)
- Unicorn-59467.exe (PID: 7332)
- Unicorn-35782.exe (PID: 2564)
- Unicorn-51023.exe (PID: 6656)
- Unicorn-18895.exe (PID: 7904)
- Unicorn-45158.exe (PID: 616)
- Unicorn-61405.exe (PID: 10032)
- Unicorn-25121.exe (PID: 7980)
- Unicorn-7248.exe (PID: 9048)
- Unicorn-61345.exe (PID: 7644)
- Unicorn-49988.exe (PID: 8792)
- Unicorn-6472.exe (PID: 8040)
- Unicorn-25305.exe (PID: 8564)
- Unicorn-49442.exe (PID: 8220)
- Unicorn-38953.exe (PID: 8132)
- Unicorn-38259.exe (PID: 7020)
- Unicorn-32902.exe (PID: 8512)
- Unicorn-2458.exe (PID: 9056)
- Unicorn-298.exe (PID: 9760)
- Unicorn-15993.exe (PID: 8224)
- Unicorn-4863.exe (PID: 8440)
- Unicorn-33974.exe (PID: 8204)
- Unicorn-55053.exe (PID: 9508)
- Unicorn-4744.exe (PID: 7760)
- Unicorn-63008.exe (PID: 8972)
- Unicorn-38355.exe (PID: 7732)
- Unicorn-38548.exe (PID: 7368)
- Unicorn-39455.exe (PID: 7860)
- Unicorn-31422.exe (PID: 1180)
- Unicorn-35533.exe (PID: 7376)
- Unicorn-19251.exe (PID: 2968)
- Unicorn-30757.exe (PID: 6208)
- Unicorn-21857.exe (PID: 8712)
- Unicorn-144.exe (PID: 9972)
- Unicorn-30165.exe (PID: 9516)
- Unicorn-59905.exe (PID: 9732)
- Unicorn-40681.exe (PID: 8468)
- Unicorn-20373.exe (PID: 10016)
- Unicorn-44124.exe (PID: 9748)
- Unicorn-2210.exe (PID: 9104)
- Unicorn-43867.exe (PID: 8160)
- Unicorn-29833.exe (PID: 8740)
- Unicorn-30926.exe (PID: 12888)
- Unicorn-58499.exe (PID: 9856)
- Unicorn-343.exe (PID: 8540)
- Unicorn-12154.exe (PID: 8636)
- Unicorn-35749.exe (PID: 9900)
- Unicorn-28107.exe (PID: 7812)
- Unicorn-35706.exe (PID: 8216)
- Unicorn-39271.exe (PID: 11756)
- Unicorn-19989.exe (PID: 9800)
- Unicorn-43761.exe (PID: 9588)
- Unicorn-19811.exe (PID: 9576)
- Unicorn-39913.exe (PID: 8260)
- Unicorn-40649.exe (PID: 4220)
- Unicorn-41753.exe (PID: 8280)
- Unicorn-12033.exe (PID: 13816)
Find more information about signature artifacts and mapping to MITRE ATT&CK™ MATRIX at the full report
TRiD
| .exe | | | Win32 Executable Microsoft Visual Basic 6 (90.6) |
|---|---|---|
| .exe | | | Win32 Executable (generic) (4.9) |
| .exe | | | Generic Win/DOS Executable (2.2) |
| .exe | | | DOS Executable Generic (2.2) |
EXIF
EXE
| MachineType: | Intel 386 or later, and compatibles |
|---|---|
| TimeStamp: | 2019:01:19 13:34:56+00:00 |
| ImageFileCharacteristics: | No relocs, Executable, No line numbers, No symbols, 32-bit, No debug, Removable run from swap, Net run from swap, Uniprocessor only, Bytes reversed hi |
| PEType: | PE32 |
| LinkerVersion: | 6 |
| CodeSize: | 176128 |
| InitializedDataSize: | 299008 |
| UninitializedDataSize: | - |
| EntryPoint: | 0x13d4 |
| OSVersion: | 4 |
| ImageVersion: | 1 |
| SubsystemVersion: | 4 |
| Subsystem: | Windows GUI |
| FileVersionNumber: | 1.0.0.0 |
| ProductVersionNumber: | 1.0.0.0 |
| FileFlagsMask: | 0x003f |
| FileFlags: | (none) |
| FileOS: | Win32 |
| ObjectFileType: | Executable application |
| FileSubtype: | - |
| LanguageCode: | Chinese (Simplified) |
| CharacterSet: | Unicode |
| CompanyName: | UEFI |
| ProductName: | Kawaii-Unicorn |
| FileVersion: | 1 |
| ProductVersion: | 1 |
| InternalName: | Kawaii-Unicorn |
| OriginalFileName: | Kawaii-Unicorn.exe |
Total processes
663
Monitored processes
529
Malicious processes
85
Suspicious processes
62
Behavior graph
Click at the process to see the details
Process information
PID | CMD | Path | Indicators | Parent process | |||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 616 | C:\Users\admin\AppData\Local\Temp\Unicorn-45158.exe | C:\Users\admin\AppData\Local\Temp\Unicorn-45158.exe | Unicorn-33125.exe | ||||||||||||
User: admin Company: UEFI Integrity Level: MEDIUM Version: 1.00 Modules
| |||||||||||||||
| 668 | C:\Users\admin\AppData\Local\Temp\Unicorn-57821.exe | C:\Users\admin\AppData\Local\Temp\Unicorn-57821.exe | Unicorn-41603.exe | ||||||||||||
User: admin Company: UEFI Integrity Level: MEDIUM Version: 1.00 Modules
| |||||||||||||||
| 856 | C:\Users\admin\AppData\Local\Temp\Unicorn-2611.exe | C:\Users\admin\AppData\Local\Temp\Unicorn-2611.exe | Unicorn-57821.exe | ||||||||||||
User: admin Company: UEFI Integrity Level: MEDIUM Version: 1.00 Modules
| |||||||||||||||
| 1056 | C:\Users\admin\AppData\Local\Temp\Unicorn-43375.exe | C:\Users\admin\AppData\Local\Temp\Unicorn-43375.exe | — | Unicorn-17121.exe | |||||||||||
User: admin Company: UEFI Integrity Level: MEDIUM Version: 1.00 Modules
| |||||||||||||||
| 1096 | C:\Users\admin\AppData\Local\Temp\Unicorn-21286.exe | C:\Users\admin\AppData\Local\Temp\Unicorn-21286.exe | Unicorn-26680.exe | ||||||||||||
User: admin Company: UEFI Integrity Level: MEDIUM Version: 1.00 Modules
| |||||||||||||||
| 1180 | C:\Users\admin\AppData\Local\Temp\Unicorn-31422.exe | C:\Users\admin\AppData\Local\Temp\Unicorn-31422.exe | Unicorn-48283.exe | ||||||||||||
User: admin Company: UEFI Integrity Level: MEDIUM Version: 1.00 Modules
| |||||||||||||||
| 1228 | C:\Users\admin\AppData\Local\Temp\Unicorn-17121.exe | C:\Users\admin\AppData\Local\Temp\Unicorn-17121.exe | 1 (1328).exe | ||||||||||||
User: admin Company: UEFI Integrity Level: MEDIUM Version: 1.00 Modules
| |||||||||||||||
| 1244 | C:\Users\admin\AppData\Local\Temp\Unicorn-16981.exe | C:\Users\admin\AppData\Local\Temp\Unicorn-16981.exe | Unicorn-51817.exe | ||||||||||||
User: admin Company: UEFI Integrity Level: MEDIUM Version: 1.00 Modules
| |||||||||||||||
| 1452 | "C:\Users\admin\AppData\Local\Temp\1 (1328).exe" | C:\Users\admin\AppData\Local\Temp\1 (1328).exe | explorer.exe | ||||||||||||
User: admin Company: UEFI Integrity Level: MEDIUM Version: 1.00 Modules
| |||||||||||||||
| 1600 | C:\Users\admin\AppData\Local\Temp\Unicorn-33811.exe | C:\Users\admin\AppData\Local\Temp\Unicorn-33811.exe | — | Unicorn-62201.exe | |||||||||||
User: admin Company: UEFI Integrity Level: MEDIUM Version: 1.00 Modules
| |||||||||||||||
Total events
10 908
Read events
10 908
Write events
0
Delete events
0
Modification events
Executable files
788
Suspicious files
0
Text files
0
Unknown types
0
Dropped files
PID | Process | Filename | Type | |
|---|---|---|---|---|
| 6048 | Unicorn-26680.exe | C:\Users\admin\AppData\Local\Temp\Unicorn-51817.exe | executable | |
MD5:453B989E2009AADC24997A0D5D611E76 | SHA256:AA2D032D6927E704C43262C43ABC5AD3D52B412FCBFA2AE9CFB6F3944E74A0CC | |||
| 1452 | 1 (1328).exe | C:\Users\admin\AppData\Local\Temp\Unicorn-41603.exe | executable | |
MD5:BD4471CB76D03F547036598382B955FE | SHA256:E62F14DF72DA306E4F818A29A91A64E0723435409E16FCAE6CF663BBA9014C05 | |||
| 1452 | 1 (1328).exe | C:\Users\admin\AppData\Local\Temp\Unicorn-53083.exe | executable | |
MD5:20082DF27E985B0F9921EF34679508DB | SHA256:0001FBD4612524F8CF5157028D928A2FE6A99C4EDEB49B53059263633A79D1AA | |||
| 1452 | 1 (1328).exe | C:\Users\admin\AppData\Local\Temp\Unicorn-17121.exe | executable | |
MD5:1C1B59017F54FE977E1FDBE1C0D5BEB7 | SHA256:B2FE6E9F573CC0D71D6B4ED8E65C40BF8001568AC9AB1D7FDA95D98540D7E715 | |||
| 1228 | Unicorn-17121.exe | C:\Users\admin\AppData\Local\Temp\Unicorn-26680.exe | executable | |
MD5:6A740878C37FF8FFB1D430C2FD115B36 | SHA256:267B036F84723DBF37366E2EBB5C2AAE1C503E5B102EE2C8FBCA21C77C268AB5 | |||
| 5392 | Unicorn-51817.exe | C:\Users\admin\AppData\Local\Temp\Unicorn-16981.exe | executable | |
MD5:DEFF6A2C1040CBCFCDC4B10BC54A8C27 | SHA256:4CA1EF39E1C162BE978F1C49515FB0DE3735101583FA2B96147DD374948FEDA6 | |||
| 1912 | Unicorn-44204.exe | C:\Users\admin\AppData\Local\Temp\Unicorn-33125.exe | executable | |
MD5:A0537410BF0E30B5FE6F6E24CEF7B642 | SHA256:F889483CC81EC01FEFF193B5B351157C79EEC1E9E6B6ADC0BF4B09B8A4F1E42B | |||
| 6048 | Unicorn-26680.exe | C:\Users\admin\AppData\Local\Temp\Unicorn-38147.exe | executable | |
MD5:723A04BCB35392D7EA6813629C9E87B7 | SHA256:DF054D0E3C2C478B0B646BF0698593189474F9BF7FC135DA9EBF1EF7626245DC | |||
| 1228 | Unicorn-17121.exe | C:\Users\admin\AppData\Local\Temp\Unicorn-47607.exe | executable | |
MD5:6E53A15CCF6B61F4F1ADF25A60B0FAA2 | SHA256:F566A66CF53AFAD7142FA5BA984676D07AAC81F3398FC0CD4371EB1778FF2EE3 | |||
| 4724 | Unicorn-53083.exe | C:\Users\admin\AppData\Local\Temp\Unicorn-43649.exe | executable | |
MD5:66CAD548CFBD7CCB4A31CED5EB90951A | SHA256:15C3B447C8EAD2A09161FA399B962ABF39377FE8575D54FA097F576436DE1B42 | |||
Download PCAP, analyze network streams, HTTP content and a lot more at the full report
HTTP(S) requests
6
TCP/UDP connections
24
DNS requests
14
Threats
0
HTTP requests
PID | Process | Method | HTTP Code | IP | URL | CN | Type | Size | Reputation |
|---|---|---|---|---|---|---|---|---|---|
2104 | svchost.exe | GET | 200 | 23.48.23.190:80 | http://crl.microsoft.com/pki/crl/products/MicRooCerAut2011_2011_03_22.crl | unknown | — | — | whitelisted |
5496 | MoUsoCoreWorker.exe | GET | 200 | 23.48.23.190:80 | http://crl.microsoft.com/pki/crl/products/MicRooCerAut2011_2011_03_22.crl | unknown | — | — | whitelisted |
1132 | backgroundTaskHost.exe | GET | 200 | 184.30.131.245:80 | http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBQ50otx%2Fh0Ztl%2Bz8SiPI7wEWVxDlQQUTiJUIBiV5uNu5g%2F6%2BrkS7QYXjzkCEAUZZSZEml49Gjh0j13P68w%3D | unknown | — | — | whitelisted |
8216 | SIHClient.exe | GET | 200 | 184.30.21.171:80 | http://www.microsoft.com/pkiops/crl/Microsoft%20ECC%20Product%20Root%20Certificate%20Authority%202018.crl | unknown | — | — | whitelisted |
8216 | SIHClient.exe | GET | 200 | 184.30.21.171:80 | http://www.microsoft.com/pkiops/crl/Microsoft%20ECC%20Update%20Secure%20Server%20CA%202.1.crl | unknown | — | — | whitelisted |
6544 | svchost.exe | GET | 200 | 184.30.131.245:80 | http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBSAUQYBMq2awn1Rh6Doh%2FsBYgFV7gQUA95QNVbRTLtm8KPiGxvDl7I90VUCEAJ0LqoXyo4hxxe7H%2Fz9DKA%3D | unknown | — | — | whitelisted |
Download PCAP, analyze network streams, HTTP content and a lot more at the full report
Connections
PID | Process | IP | Domain | ASN | CN | Reputation |
|---|---|---|---|---|---|---|
4 | System | 192.168.100.255:137 | — | — | — | whitelisted |
— | — | 4.231.128.59:443 | settings-win.data.microsoft.com | MICROSOFT-CORP-MSN-AS-BLOCK | IE | whitelisted |
4 | System | 192.168.100.255:138 | — | — | — | whitelisted |
5496 | MoUsoCoreWorker.exe | 23.48.23.190:80 | crl.microsoft.com | Akamai International B.V. | DE | unknown |
2104 | svchost.exe | 23.48.23.190:80 | crl.microsoft.com | Akamai International B.V. | DE | unknown |
4628 | RUXIMICS.exe | 4.231.128.59:443 | settings-win.data.microsoft.com | MICROSOFT-CORP-MSN-AS-BLOCK | IE | whitelisted |
3216 | svchost.exe | 20.198.162.76:443 | client.wns.windows.com | MICROSOFT-CORP-MSN-AS-BLOCK | SG | whitelisted |
6544 | svchost.exe | 20.190.160.14:443 | login.live.com | MICROSOFT-CORP-MSN-AS-BLOCK | NL | whitelisted |
6544 | svchost.exe | 184.30.131.245:80 | ocsp.digicert.com | AKAMAI-AS | US | whitelisted |
2104 | svchost.exe | 4.231.128.59:443 | settings-win.data.microsoft.com | MICROSOFT-CORP-MSN-AS-BLOCK | IE | whitelisted |
DNS requests
Domain | IP | Reputation |
|---|---|---|
settings-win.data.microsoft.com |
| whitelisted |
crl.microsoft.com |
| whitelisted |
client.wns.windows.com |
| whitelisted |
login.live.com |
| whitelisted |
ocsp.digicert.com |
| whitelisted |
arc.msn.com |
| whitelisted |
slscr.update.microsoft.com |
| whitelisted |
www.microsoft.com |
| whitelisted |
fe3cr.delivery.mp.microsoft.com |
| whitelisted |
activation-v2.sls.microsoft.com |
| whitelisted |