File name:

1 (623)

Full analysis: https://app.any.run/tasks/c9886dd6-1995-49a6-a4ac-85870008c18f
Verdict: Malicious activity
Analysis date: March 25, 2025, 02:26:21
OS: Windows 10 Professional (build: 19045, 64 bit)
Indicators:
MIME: application/vnd.microsoft.portable-executable
File info: PE32 executable (GUI) Intel 80386, for MS Windows, 3 sections
MD5:

0059FD4A6D621E2AE57002ED3BDE0FA0

SHA1:

84E4472E3C9BAAF0632E32EE2C51875E9C51DBE2

SHA256:

26F0F12947835602D95E17F2DA8BCC31AF370B1AAD1B86274C6BC56C7E6B7C42

SSDEEP:

6144:ACHQiwIVDDmHA5v271eWV1fxytBulp8GBsLWydOYwk/8SwuwpyAvEhgSbvoQkft/:AeXf4HA5u7sjBY+as6ydOYCxxDxmDsR

ANY.RUN is an interactive service which provides full access to the guest system. Information in this report could be distorted by user actions and is provided for user acknowledgement as it is. ANY.RUN does not guarantee maliciousness or safety of the content.

  • MALICIOUS

    No malicious indicators.

  • SUSPICIOUS

    • Starts itself from another location

      • 1 (623).exe (PID: 5576)
      • Unicorn-38969.exe (PID: 4920)
      • Unicorn-10645.exe (PID: 7608)
      • Unicorn-39788.exe (PID: 7632)
      • Unicorn-60054.exe (PID: 7832)
      • Unicorn-55456.exe (PID: 7840)
      • Unicorn-9509.exe (PID: 7976)
      • Unicorn-53732.exe (PID: 7868)
      • Unicorn-5788.exe (PID: 7996)
      • Unicorn-25654.exe (PID: 8008)
      • Unicorn-2995.exe (PID: 8028)
      • Unicorn-41798.exe (PID: 8056)
      • Unicorn-7599.exe (PID: 8088)
      • Unicorn-59862.exe (PID: 7876)
      • Unicorn-53536.exe (PID: 8080)
      • Unicorn-41798.exe (PID: 8048)
      • Unicorn-60934.exe (PID: 8156)
      • Unicorn-23471.exe (PID: 8172)
      • Unicorn-45641.exe (PID: 8188)
      • Unicorn-13461.exe (PID: 1196)
      • Unicorn-13269.exe (PID: 5324)
      • Unicorn-56724.exe (PID: 6808)
      • Unicorn-13004.exe (PID: 6620)
      • Unicorn-44873.exe (PID: 6872)
      • Unicorn-8479.exe (PID: 4620)
      • Unicorn-12008.exe (PID: 6644)
      • Unicorn-54887.exe (PID: 3268)
      • Unicorn-57680.exe (PID: 1164)
      • Unicorn-62953.exe (PID: 7488)
      • Unicorn-47494.exe (PID: 7380)
      • Unicorn-60301.exe (PID: 7328)
      • Unicorn-24643.exe (PID: 7344)
      • Unicorn-9263.exe (PID: 7440)
      • Unicorn-50950.exe (PID: 7732)
      • Unicorn-62496.exe (PID: 2616)
      • Unicorn-33654.exe (PID: 5380)
      • Unicorn-33005.exe (PID: 5156)
      • Unicorn-29990.exe (PID: 1272)
      • Unicorn-6949.exe (PID: 7672)
      • Unicorn-52237.exe (PID: 7748)
      • Unicorn-22710.exe (PID: 6676)
      • Unicorn-22902.exe (PID: 5384)
      • Unicorn-6565.exe (PID: 7656)
      • Unicorn-58064.exe (PID: 6816)
      • Unicorn-47879.exe (PID: 3008)
      • Unicorn-56809.exe (PID: 5964)
      • Unicorn-21868.exe (PID: 5436)
      • Unicorn-25206.exe (PID: 2552)
      • Unicorn-40665.exe (PID: 6592)
      • Unicorn-21449.exe (PID: 5400)
      • Unicorn-51.exe (PID: 2268)
      • Unicorn-30959.exe (PID: 7912)
      • Unicorn-18691.exe (PID: 7792)
      • Unicorn-1583.exe (PID: 2240)
      • Unicorn-56809.exe (PID: 7928)
      • Unicorn-4956.exe (PID: 5228)
      • Unicorn-41734.exe (PID: 4188)
      • Unicorn-20415.exe (PID: 2040)
      • Unicorn-35027.exe (PID: 7916)
      • Unicorn-56809.exe (PID: 7904)
      • Unicorn-19414.exe (PID: 1056)
      • Unicorn-17718.exe (PID: 960)
      • Unicorn-63005.exe (PID: 2980)
      • Unicorn-28495.exe (PID: 7552)
      • Unicorn-10435.exe (PID: 7740)
      • Unicorn-49622.exe (PID: 1312)
      • Unicorn-37.exe (PID: 7356)
      • Unicorn-33094.exe (PID: 7460)
      • Unicorn-34521.exe (PID: 7532)
      • Unicorn-51853.exe (PID: 7172)
      • Unicorn-12931.exe (PID: 968)
      • Unicorn-37126.exe (PID: 8256)
      • Unicorn-49897.exe (PID: 8216)
      • Unicorn-47245.exe (PID: 8236)
      • Unicorn-47140.exe (PID: 8276)
      • Unicorn-35289.exe (PID: 8292)
      • Unicorn-18377.exe (PID: 8316)
      • Unicorn-64048.exe (PID: 8324)
      • Unicorn-11573.exe (PID: 8384)
      • Unicorn-7276.exe (PID: 8400)
      • Unicorn-28662.exe (PID: 8348)
      • Unicorn-47977.exe (PID: 8448)
      • Unicorn-37225.exe (PID: 8552)
      • Unicorn-24550.exe (PID: 8500)
      • Unicorn-51402.exe (PID: 8576)
      • Unicorn-37993.exe (PID: 8636)
      • Unicorn-37609.exe (PID: 8684)
      • Unicorn-40790.exe (PID: 8768)
      • Unicorn-53981.exe (PID: 8740)
      • Unicorn-20924.exe (PID: 8760)
      • Unicorn-42134.exe (PID: 8860)
      • Unicorn-3628.exe (PID: 8808)
      • Unicorn-58662.exe (PID: 8836)
      • Unicorn-25798.exe (PID: 8848)
      • Unicorn-40489.exe (PID: 8924)
      • Unicorn-8885.exe (PID: 8908)
      • Unicorn-8693.exe (PID: 8940)
      • Unicorn-25539.exe (PID: 9040)
      • Unicorn-48198.exe (PID: 9000)
      • Unicorn-8885.exe (PID: 8916)
      • Unicorn-11804.exe (PID: 9032)
      • Unicorn-46288.exe (PID: 9120)
      • Unicorn-47814.exe (PID: 9080)
      • Unicorn-11036.exe (PID: 9152)
      • Unicorn-14757.exe (PID: 9132)
      • Unicorn-63081.exe (PID: 9096)
      • Unicorn-63081.exe (PID: 9104)
      • Unicorn-38646.exe (PID: 9196)
      • Unicorn-46205.exe (PID: 6068)
      • Unicorn-40228.exe (PID: 8376)
      • Unicorn-45332.exe (PID: 3676)
      • Unicorn-40916.exe (PID: 9188)
      • Unicorn-48592.exe (PID: 8224)
      • Unicorn-61088.exe (PID: 6480)
      • Unicorn-29676.exe (PID: 456)
      • Unicorn-32365.exe (PID: 8420)
      • Unicorn-10163.exe (PID: 2960)
      • Unicorn-14108.exe (PID: 8776)
      • Unicorn-27446.exe (PID: 9252)
      • Unicorn-25334.exe (PID: 5392)
      • Unicorn-20159.exe (PID: 9228)
      • Unicorn-41945.exe (PID: 9356)
      • Unicorn-51959.exe (PID: 9384)
      • Unicorn-58089.exe (PID: 9392)
      • Unicorn-4019.exe (PID: 9368)
      • Unicorn-41945.exe (PID: 9348)
      • Unicorn-28790.exe (PID: 9476)
      • Unicorn-41561.exe (PID: 9440)
      • Unicorn-26486.exe (PID: 9420)
      • Unicorn-56973.exe (PID: 9556)
      • Unicorn-57357.exe (PID: 9524)
      • Unicorn-12453.exe (PID: 9468)
      • Unicorn-8156.exe (PID: 9532)
      • Unicorn-56973.exe (PID: 9564)
      • Unicorn-30326.exe (PID: 9616)
      • Unicorn-62733.exe (PID: 9624)
      • Unicorn-60813.exe (PID: 9504)
      • Unicorn-21395.exe (PID: 9608)
      • Unicorn-51561.exe (PID: 9672)
      • Unicorn-48909.exe (PID: 9692)
      • Unicorn-14783.exe (PID: 9720)
      • Unicorn-40893.exe (PID: 7828)
      • Unicorn-35718.exe (PID: 9712)
      • Unicorn-6204.exe (PID: 9020)
      • Unicorn-27750.exe (PID: 9760)
      • Unicorn-41750.exe (PID: 8888)
      • Unicorn-15141.exe (PID: 9048)
      • Unicorn-49734.exe (PID: 7948)
      • Unicorn-21036.exe (PID: 9792)
      • Unicorn-20342.exe (PID: 9820)
      • Unicorn-19958.exe (PID: 9856)
      • Unicorn-54249.exe (PID: 9888)
      • Unicorn-18540.exe (PID: 9908)
      • Unicorn-49655.exe (PID: 9984)
      • Unicorn-5157.exe (PID: 9948)
      • Unicorn-34684.exe (PID: 9932)
      • Unicorn-40326.exe (PID: 9992)

    • Executable content was dropped or overwritten

      • 1 (623).exe (PID: 5576)
      • Unicorn-10645.exe (PID: 7608)
      • Unicorn-38969.exe (PID: 4920)
      • Unicorn-39788.exe (PID: 7632)
      • Unicorn-60054.exe (PID: 7832)
      • Unicorn-55456.exe (PID: 7840)
      • Unicorn-9509.exe (PID: 7976)
      • Unicorn-59862.exe (PID: 7876)
      • Unicorn-5788.exe (PID: 7996)
      • Unicorn-25654.exe (PID: 8008)
      • Unicorn-2995.exe (PID: 8028)
      • Unicorn-41798.exe (PID: 8048)
      • Unicorn-41798.exe (PID: 8056)
      • Unicorn-7599.exe (PID: 8088)
      • Unicorn-53536.exe (PID: 8080)
      • Unicorn-53732.exe (PID: 7868)
      • Unicorn-60934.exe (PID: 8156)
      • Unicorn-23471.exe (PID: 8172)
      • Unicorn-45641.exe (PID: 8188)
      • Unicorn-56724.exe (PID: 6808)
      • Unicorn-29990.exe (PID: 1272)
      • Unicorn-58064.exe (PID: 6816)
      • Unicorn-13461.exe (PID: 1196)
      • Unicorn-13269.exe (PID: 5324)
      • Unicorn-13004.exe (PID: 6620)
      • Unicorn-44873.exe (PID: 6872)
      • Unicorn-8479.exe (PID: 4620)
      • Unicorn-12008.exe (PID: 6644)
      • Unicorn-57680.exe (PID: 1164)
      • Unicorn-62953.exe (PID: 7488)
      • Unicorn-47494.exe (PID: 7380)
      • Unicorn-60301.exe (PID: 7328)
      • Unicorn-9263.exe (PID: 7440)
      • Unicorn-50950.exe (PID: 7732)
      • Unicorn-24643.exe (PID: 7344)
      • Unicorn-33654.exe (PID: 5380)
      • Unicorn-33005.exe (PID: 5156)
      • Unicorn-62496.exe (PID: 2616)
      • Unicorn-6949.exe (PID: 7672)
      • Unicorn-52237.exe (PID: 7748)
      • Unicorn-6565.exe (PID: 7656)
      • Unicorn-22710.exe (PID: 6676)
      • Unicorn-22902.exe (PID: 5384)
      • Unicorn-25206.exe (PID: 2552)
      • Unicorn-47879.exe (PID: 3008)
      • Unicorn-56809.exe (PID: 5964)
      • Unicorn-21868.exe (PID: 5436)
      • Unicorn-40665.exe (PID: 6592)
      • Unicorn-21449.exe (PID: 5400)
      • Unicorn-30959.exe (PID: 7912)
      • Unicorn-18691.exe (PID: 7792)
      • Unicorn-41734.exe (PID: 4188)
      • Unicorn-1583.exe (PID: 2240)
      • Unicorn-56809.exe (PID: 7928)
      • Unicorn-40893.exe (PID: 7828)
      • Unicorn-35027.exe (PID: 7916)
      • Unicorn-20415.exe (PID: 2040)
      • Unicorn-56809.exe (PID: 7904)
      • Unicorn-54887.exe (PID: 3268)
      • Unicorn-19414.exe (PID: 1056)
      • Unicorn-17718.exe (PID: 960)
      • Unicorn-63005.exe (PID: 2980)
      • Unicorn-28495.exe (PID: 7552)
      • Unicorn-37.exe (PID: 7356)
      • Unicorn-33094.exe (PID: 7460)
      • Unicorn-34521.exe (PID: 7532)
      • Unicorn-10435.exe (PID: 7740)
      • Unicorn-51853.exe (PID: 7172)
      • Unicorn-12931.exe (PID: 968)
      • Unicorn-37126.exe (PID: 8256)
      • Unicorn-49897.exe (PID: 8216)
      • Unicorn-47245.exe (PID: 8236)
      • Unicorn-47140.exe (PID: 8276)
      • Unicorn-35289.exe (PID: 8292)
      • Unicorn-18377.exe (PID: 8316)
      • Unicorn-64048.exe (PID: 8324)
      • Unicorn-28662.exe (PID: 8348)
      • Unicorn-11573.exe (PID: 8384)
      • Unicorn-7276.exe (PID: 8400)
      • Unicorn-37225.exe (PID: 8552)
      • Unicorn-24550.exe (PID: 8500)
      • Unicorn-51402.exe (PID: 8576)
      • Unicorn-47977.exe (PID: 8448)
      • Unicorn-37993.exe (PID: 8636)
      • Unicorn-37609.exe (PID: 8684)
      • Unicorn-40790.exe (PID: 8768)
      • Unicorn-53981.exe (PID: 8740)
      • Unicorn-20924.exe (PID: 8760)
      • Unicorn-42134.exe (PID: 8860)
      • Unicorn-58662.exe (PID: 8836)
      • Unicorn-3628.exe (PID: 8808)
      • Unicorn-25798.exe (PID: 8848)
      • Unicorn-8885.exe (PID: 8908)
      • Unicorn-40489.exe (PID: 8924)
      • Unicorn-6204.exe (PID: 9020)
      • Unicorn-41750.exe (PID: 8888)
      • Unicorn-25539.exe (PID: 9040)
      • Unicorn-48198.exe (PID: 9000)
      • Unicorn-8693.exe (PID: 8940)
      • Unicorn-8885.exe (PID: 8916)
      • Unicorn-11804.exe (PID: 9032)
      • Unicorn-46288.exe (PID: 9120)
      • Unicorn-63081.exe (PID: 9104)
      • Unicorn-47814.exe (PID: 9080)
      • Unicorn-11036.exe (PID: 9152)
      • Unicorn-14757.exe (PID: 9132)
      • Unicorn-15141.exe (PID: 9048)
      • Unicorn-49734.exe (PID: 7948)
      • Unicorn-38646.exe (PID: 9196)
      • Unicorn-46205.exe (PID: 6068)
      • Unicorn-40228.exe (PID: 8376)
      • Unicorn-45332.exe (PID: 3676)
      • Unicorn-40916.exe (PID: 9188)
      • Unicorn-48592.exe (PID: 8224)
      • Unicorn-49622.exe (PID: 1312)
      • Unicorn-61088.exe (PID: 6480)
      • Unicorn-29676.exe (PID: 456)
      • Unicorn-32365.exe (PID: 8420)
      • Unicorn-10163.exe (PID: 2960)
      • Unicorn-14108.exe (PID: 8776)
      • Unicorn-25334.exe (PID: 5392)
      • Unicorn-27446.exe (PID: 9252)
      • Unicorn-20159.exe (PID: 9228)
      • Unicorn-10917.exe (PID: 9272)
      • Unicorn-41945.exe (PID: 9356)
      • Unicorn-51959.exe (PID: 9384)
      • Unicorn-58089.exe (PID: 9392)
      • Unicorn-4019.exe (PID: 9368)
      • Unicorn-41945.exe (PID: 9348)
      • Unicorn-28790.exe (PID: 9476)
      • Unicorn-41561.exe (PID: 9440)
      • Unicorn-26486.exe (PID: 9420)
      • Unicorn-12453.exe (PID: 9468)
      • Unicorn-56973.exe (PID: 9556)
      • Unicorn-57357.exe (PID: 9524)
      • Unicorn-60813.exe (PID: 9504)
      • Unicorn-62733.exe (PID: 9624)
      • Unicorn-21395.exe (PID: 9608)
      • Unicorn-30326.exe (PID: 9616)
      • Unicorn-56973.exe (PID: 9564)
      • Unicorn-51561.exe (PID: 9672)
      • Unicorn-48909.exe (PID: 9692)
      • Unicorn-27638.exe (PID: 9572)
      • Unicorn-14783.exe (PID: 9720)
      • Unicorn-35718.exe (PID: 9712)
      • Unicorn-27750.exe (PID: 9760)
      • Unicorn-21036.exe (PID: 9792)
      • Unicorn-63081.exe (PID: 9096)
      • Unicorn-20342.exe (PID: 9820)
      • Unicorn-19958.exe (PID: 9856)
      • Unicorn-2453.exe (PID: 8592)
      • Unicorn-54249.exe (PID: 9888)
      • Unicorn-18540.exe (PID: 9908)
      • Unicorn-49655.exe (PID: 9984)
      • Unicorn-5157.exe (PID: 9948)
      • Unicorn-34684.exe (PID: 9932)
      • Unicorn-40326.exe (PID: 9992)
      • Unicorn-62032.exe (PID: 10024)
      • Unicorn-58333.exe (PID: 10056)
      • Unicorn-11208.exe (PID: 10072)
      • Unicorn-51.exe (PID: 2268)
      • Unicorn-4956.exe (PID: 5228)
      • Unicorn-22553.exe (PID: 10164)
      • Unicorn-8053.exe (PID: 10236)
      • Unicorn-20175.exe (PID: 10196)
      • Unicorn-23513.exe (PID: 10220)
      • Unicorn-11893.exe (PID: 8596)
      • Unicorn-8940.exe (PID: 8612)
      • Unicorn-53808.exe (PID: 8948)
      • Unicorn-42951.exe (PID: 10140)
      • Unicorn-2485.exe (PID: 10208)
      • Unicorn-33164.exe (PID: 10296)
      • Unicorn-5941.exe (PID: 10328)
      • Unicorn-56884.exe (PID: 10100)

    • Executes application which crashes

      • Unicorn-13230.exe (PID: 11932)

  • INFO

    • Checks supported languages

      • 1 (623).exe (PID: 5576)
      • Unicorn-38969.exe (PID: 4920)
      • Unicorn-10645.exe (PID: 7608)
      • Unicorn-39788.exe (PID: 7632)
      • Unicorn-60054.exe (PID: 7832)
      • Unicorn-55456.exe (PID: 7840)
      • Unicorn-53732.exe (PID: 7868)
      • Unicorn-59862.exe (PID: 7876)
      • Unicorn-9509.exe (PID: 7976)
      • Unicorn-5788.exe (PID: 7996)
      • Unicorn-2995.exe (PID: 8028)
      • Unicorn-41798.exe (PID: 8048)
      • Unicorn-41798.exe (PID: 8056)
      • Unicorn-53536.exe (PID: 8080)
      • Unicorn-7599.exe (PID: 8088)
      • Unicorn-25654.exe (PID: 8008)
      • Unicorn-60934.exe (PID: 8156)
      • Unicorn-23471.exe (PID: 8172)
      • Unicorn-45641.exe (PID: 8188)
      • Unicorn-56724.exe (PID: 6808)
      • Unicorn-29990.exe (PID: 1272)
      • Unicorn-58064.exe (PID: 6816)
      • Unicorn-13269.exe (PID: 5324)
      • Unicorn-13004.exe (PID: 6620)
      • Unicorn-44873.exe (PID: 6872)
      • Unicorn-8479.exe (PID: 4620)
      • Unicorn-57680.exe (PID: 1164)
      • Unicorn-13461.exe (PID: 1196)
      • Unicorn-12008.exe (PID: 6644)
      • Unicorn-19414.exe (PID: 1056)
      • Unicorn-54887.exe (PID: 3268)
      • Unicorn-62953.exe (PID: 7488)
      • Unicorn-60301.exe (PID: 7328)
      • Unicorn-47494.exe (PID: 7380)
      • Unicorn-24643.exe (PID: 7344)
      • Unicorn-9263.exe (PID: 7440)
      • Unicorn-50950.exe (PID: 7732)
      • Unicorn-62496.exe (PID: 2616)
      • Unicorn-33005.exe (PID: 5156)
      • Unicorn-6949.exe (PID: 7672)
      • Unicorn-52237.exe (PID: 7748)
      • Unicorn-33654.exe (PID: 5380)
      • Unicorn-22902.exe (PID: 5384)
      • Unicorn-22710.exe (PID: 6676)
      • Unicorn-6565.exe (PID: 7656)
      • Unicorn-51.exe (PID: 2268)
      • Unicorn-21449.exe (PID: 5400)
      • Unicorn-21868.exe (PID: 5436)
      • Unicorn-40665.exe (PID: 6592)
      • Unicorn-25206.exe (PID: 2552)
      • Unicorn-56809.exe (PID: 5964)
      • Unicorn-47879.exe (PID: 3008)
      • Unicorn-18691.exe (PID: 7792)
      • Unicorn-4956.exe (PID: 5228)
      • Unicorn-41734.exe (PID: 4188)
      • Unicorn-56809.exe (PID: 7904)
      • Unicorn-40893.exe (PID: 7828)
      • Unicorn-35027.exe (PID: 7916)
      • Unicorn-56809.exe (PID: 7928)
      • Unicorn-1583.exe (PID: 2240)
      • Unicorn-20415.exe (PID: 2040)
      • Unicorn-17718.exe (PID: 960)
      • Unicorn-63005.exe (PID: 2980)
      • Unicorn-49622.exe (PID: 1312)
      • Unicorn-33094.exe (PID: 7460)
      • Unicorn-30959.exe (PID: 7912)
      • Unicorn-28495.exe (PID: 7552)
      • Unicorn-37.exe (PID: 7356)
      • Unicorn-51853.exe (PID: 7172)
      • Unicorn-34521.exe (PID: 7532)
      • Unicorn-12931.exe (PID: 968)
      • Unicorn-49897.exe (PID: 8216)
      • Unicorn-10435.exe (PID: 7740)
      • Unicorn-37126.exe (PID: 8256)
      • Unicorn-47140.exe (PID: 8276)
      • Unicorn-35289.exe (PID: 8292)
      • Unicorn-18377.exe (PID: 8316)
      • Unicorn-64048.exe (PID: 8324)
      • Unicorn-47245.exe (PID: 8236)
      • Unicorn-11573.exe (PID: 8384)
      • Unicorn-7276.exe (PID: 8400)
      • Unicorn-28662.exe (PID: 8348)
      • Unicorn-47977.exe (PID: 8448)
      • Unicorn-24550.exe (PID: 8500)
      • Unicorn-51402.exe (PID: 8576)
      • Unicorn-37993.exe (PID: 8636)
      • Unicorn-37609.exe (PID: 8684)
      • Unicorn-37225.exe (PID: 8552)
      • Unicorn-3628.exe (PID: 8808)
      • Unicorn-58662.exe (PID: 8836)
      • Unicorn-25798.exe (PID: 8848)
      • Unicorn-42134.exe (PID: 8860)
      • Unicorn-53981.exe (PID: 8740)
      • Unicorn-40790.exe (PID: 8768)
      • Unicorn-20924.exe (PID: 8760)
      • Unicorn-41750.exe (PID: 8888)
      • Unicorn-48198.exe (PID: 9000)
      • Unicorn-8693.exe (PID: 8940)
      • Unicorn-8885.exe (PID: 8908)
      • Unicorn-40489.exe (PID: 8924)
      • Unicorn-8885.exe (PID: 8916)
      • Unicorn-25539.exe (PID: 9040)
      • Unicorn-15141.exe (PID: 9048)
      • Unicorn-47814.exe (PID: 9080)
      • Unicorn-11804.exe (PID: 9032)
      • Unicorn-6204.exe (PID: 9020)
      • Unicorn-11036.exe (PID: 9152)
      • Unicorn-14757.exe (PID: 9132)
      • Unicorn-38646.exe (PID: 9196)
      • Unicorn-40916.exe (PID: 9188)
      • Unicorn-48592.exe (PID: 8224)
      • Unicorn-49734.exe (PID: 7948)
      • Unicorn-46205.exe (PID: 6068)
      • Unicorn-63081.exe (PID: 9104)
      • Unicorn-63081.exe (PID: 9096)
      • Unicorn-46288.exe (PID: 9120)
      • Unicorn-40228.exe (PID: 8376)
      • Unicorn-61088.exe (PID: 6480)
      • Unicorn-10163.exe (PID: 2960)
      • Unicorn-32365.exe (PID: 8420)
      • Unicorn-2453.exe (PID: 8592)
      • Unicorn-45332.exe (PID: 3676)
      • Unicorn-14108.exe (PID: 8776)
      • Unicorn-29676.exe (PID: 456)
      • Unicorn-25334.exe (PID: 5392)
      • Unicorn-20159.exe (PID: 9228)
      • Unicorn-27446.exe (PID: 9252)
      • Unicorn-10917.exe (PID: 9272)
      • Unicorn-41945.exe (PID: 9356)
      • Unicorn-41945.exe (PID: 9348)
      • Unicorn-58089.exe (PID: 9392)
      • Unicorn-51959.exe (PID: 9384)
      • Unicorn-4019.exe (PID: 9368)
      • Unicorn-26486.exe (PID: 9420)
      • Unicorn-41561.exe (PID: 9440)
      • Unicorn-28790.exe (PID: 9476)
      • Unicorn-12453.exe (PID: 9468)
      • Unicorn-60813.exe (PID: 9504)
      • Unicorn-57357.exe (PID: 9524)
      • Unicorn-8156.exe (PID: 9532)
      • Unicorn-56973.exe (PID: 9556)
      • Unicorn-56973.exe (PID: 9564)
      • Unicorn-21395.exe (PID: 9608)
      • Unicorn-30326.exe (PID: 9616)
      • Unicorn-62733.exe (PID: 9624)
      • Unicorn-51561.exe (PID: 9672)
      • Unicorn-48909.exe (PID: 9692)
      • Unicorn-35718.exe (PID: 9712)
      • Unicorn-14783.exe (PID: 9720)
      • Unicorn-27750.exe (PID: 9760)
      • Unicorn-27638.exe (PID: 9572)
      • Unicorn-20342.exe (PID: 9820)
      • Unicorn-19958.exe (PID: 9856)
      • Unicorn-54249.exe (PID: 9888)
      • Unicorn-18540.exe (PID: 9908)
      • Unicorn-34684.exe (PID: 9932)
      • Unicorn-21036.exe (PID: 9792)
      • Unicorn-40326.exe (PID: 9992)
      • Unicorn-49655.exe (PID: 9984)
      • Unicorn-62032.exe (PID: 10024)
      • Unicorn-58333.exe (PID: 10056)
      • Unicorn-11208.exe (PID: 10072)
      • Unicorn-56884.exe (PID: 10100)
      • Unicorn-5157.exe (PID: 9948)
      • Unicorn-22553.exe (PID: 10164)
      • Unicorn-20175.exe (PID: 10196)
      • Unicorn-23513.exe (PID: 10220)
      • Unicorn-8053.exe (PID: 10236)
      • Unicorn-8940.exe (PID: 8612)
      • Unicorn-53808.exe (PID: 8948)
      • Unicorn-11893.exe (PID: 8596)
      • Unicorn-42951.exe (PID: 10140)
      • Unicorn-2485.exe (PID: 10208)
      • Unicorn-33164.exe (PID: 10296)
      • Unicorn-5941.exe (PID: 10328)
      • Unicorn-23455.exe (PID: 10360)
      • Unicorn-25833.exe (PID: 10396)
      • Unicorn-55748.exe (PID: 10440)
      • Unicorn-54487.exe (PID: 10456)
      • Unicorn-7887.exe (PID: 10476)
      • Unicorn-60617.exe (PID: 10464)
      • Unicorn-44582.exe (PID: 10516)
      • Unicorn-8467.exe (PID: 10552)
      • Unicorn-43046.exe (PID: 10416)
      • Unicorn-29289.exe (PID: 10584)
      • Unicorn-13445.exe (PID: 10628)
      • Unicorn-59501.exe (PID: 10612)
      • Unicorn-59501.exe (PID: 10604)
      • Unicorn-25759.exe (PID: 10592)
      • Unicorn-58925.exe (PID: 10656)
      • Unicorn-11727.exe (PID: 10708)
      • Unicorn-61805.exe (PID: 10716)
      • Unicorn-12220.exe (PID: 10776)
      • Unicorn-41031.exe (PID: 10808)
      • Unicorn-38761.exe (PID: 10792)
      • Unicorn-60845.exe (PID: 10852)
      • Unicorn-46777.exe (PID: 10884)
      • Unicorn-46896.exe (PID: 10800)
      • Unicorn-28172.exe (PID: 10824)
      • Unicorn-61037.exe (PID: 10816)
      • Unicorn-10575.exe (PID: 10868)
      • Unicorn-60845.exe (PID: 10844)
      • Unicorn-11727.exe (PID: 10692)
      • Unicorn-61805.exe (PID: 10724)
      • Unicorn-14710.exe (PID: 10936)
      • Unicorn-6243.exe (PID: 10836)
      • Unicorn-37177.exe (PID: 10972)
      • Unicorn-54125.exe (PID: 11000)
      • Unicorn-38054.exe (PID: 11020)
      • Unicorn-24459.exe (PID: 11012)
      • Unicorn-50669.exe (PID: 11048)
      • Unicorn-45268.exe (PID: 11076)
      • Unicorn-63335.exe (PID: 11068)
      • Unicorn-64020.exe (PID: 11116)
      • Unicorn-27087.exe (PID: 11148)
      • Unicorn-46423.exe (PID: 11140)
      • Unicorn-36902.exe (PID: 11196)
      • Unicorn-20492.exe (PID: 11156)
      • Unicorn-14515.exe (PID: 11216)
      • Unicorn-22377.exe (PID: 11228)
      • Unicorn-34991.exe (PID: 10304)
      • Unicorn-6533.exe (PID: 8668)
      • Unicorn-21727.exe (PID: 10376)
      • Unicorn-55542.exe (PID: 7540)
      • Unicorn-5080.exe (PID: 11288)
      • Unicorn-22294.exe (PID: 11324)
      • Unicorn-5765.exe (PID: 11344)
      • Unicorn-17782.exe (PID: 11360)
      • Unicorn-40249.exe (PID: 11368)
      • Unicorn-40742.exe (PID: 11396)
      • Unicorn-24214.exe (PID: 11420)
      • Unicorn-39481.exe (PID: 11444)
      • Unicorn-57078.exe (PID: 11404)
      • Unicorn-56694.exe (PID: 11468)
      • Unicorn-56694.exe (PID: 11464)
      • Unicorn-56502.exe (PID: 11492)
      • Unicorn-42278.exe (PID: 11528)
      • Unicorn-54893.exe (PID: 11548)
      • Unicorn-13531.exe (PID: 11568)
      • Unicorn-28799.exe (PID: 11584)
      • Unicorn-62156.exe (PID: 11640)
      • Unicorn-28415.exe (PID: 11632)
      • Unicorn-41221.exe (PID: 11652)
      • Unicorn-8357.exe (PID: 11664)
      • Unicorn-7781.exe (PID: 11704)
      • Unicorn-61123.exe (PID: 11720)
      • Unicorn-41522.exe (PID: 11728)
      • Unicorn-61471.exe (PID: 11600)
      • Unicorn-6332.exe (PID: 11576)
      • Unicorn-46863.exe (PID: 11776)
      • Unicorn-26997.exe (PID: 11760)
      • Unicorn-31404.exe (PID: 11792)
      • Unicorn-11538.exe (PID: 11784)
      • Unicorn-26613.exe (PID: 11856)
      • Unicorn-31404.exe (PID: 11800)
      • Unicorn-46598.exe (PID: 11768)
      • Unicorn-11346.exe (PID: 11832)
      • Unicorn-26613.exe (PID: 11864)
      • Unicorn-21513.exe (PID: 11960)
      • Unicorn-27001.exe (PID: 12004)
      • Unicorn-27001.exe (PID: 12012)
      • Unicorn-25740.exe (PID: 12064)
      • Unicorn-25740.exe (PID: 12072)
      • Unicorn-12005.exe (PID: 12056)
      • Unicorn-45363.exe (PID: 12104)
      • Unicorn-56298.exe (PID: 12120)
      • Unicorn-39762.exe (PID: 12112)
      • Unicorn-59757.exe (PID: 12220)
      • Unicorn-46214.exe (PID: 12192)
      • Unicorn-63007.exe (PID: 11820)
      • Unicorn-30370.exe (PID: 12244)
      • Unicorn-44106.exe (PID: 12252)
      • Unicorn-39987.exe (PID: 2800)
      • Unicorn-30060.exe (PID: 5308)
      • Unicorn-1637.exe (PID: 5364)
      • Unicorn-53526.exe (PID: 12348)
      • Unicorn-3941.exe (PID: 12364)
      • Unicorn-1641.exe (PID: 12416)
      • Unicorn-17100.exe (PID: 12408)
      • Unicorn-22389.exe (PID: 12440)
      • Unicorn-41414.exe (PID: 12468)
      • Unicorn-21813.exe (PID: 12476)
      • Unicorn-50236.exe (PID: 12260)
      • Unicorn-8238.exe (PID: 12532)
      • Unicorn-18670.exe (PID: 12640)
      • Unicorn-11641.exe (PID: 12696)
      • Unicorn-62182.exe (PID: 12712)
      • Unicorn-15358.exe (PID: 12748)
      • Unicorn-50454.exe (PID: 12768)
      • Unicorn-2478.exe (PID: 12808)
      • Unicorn-37263.exe (PID: 12856)
      • Unicorn-40640.exe (PID: 12876)
      • Unicorn-44108.exe (PID: 12924)
      • Unicorn-26511.exe (PID: 12932)
      • Unicorn-5877.exe (PID: 12976)
      • Unicorn-9406.exe (PID: 12988)
      • Unicorn-4345.exe (PID: 12964)
      • Unicorn-38549.exe (PID: 12984)
      • Unicorn-44383.exe (PID: 13048)
      • Unicorn-12011.exe (PID: 13084)
      • Unicorn-43807.exe (PID: 13076)
      • Unicorn-40085.exe (PID: 13100)
      • Unicorn-14699.exe (PID: 13140)
      • Unicorn-53709.exe (PID: 13148)
      • Unicorn-13246.exe (PID: 13192)
      • Unicorn-39981.exe (PID: 13160)
      • Unicorn-43458.exe (PID: 13180)
      • Unicorn-15852.exe (PID: 13260)
      • Unicorn-30470.exe (PID: 13292)
      • Unicorn-37964.exe (PID: 6264)
      • Unicorn-4222.exe (PID: 6248)
      • Unicorn-3646.exe (PID: 12176)
      • Unicorn-19599.exe (PID: 5256)
      • Unicorn-3070.exe (PID: 7320)
      • Unicorn-19599.exe (PID: 2516)
      • Unicorn-54959.exe (PID: 7596)
      • Unicorn-48061.exe (PID: 12044)
      • Unicorn-23823.exe (PID: 7664)
      • Unicorn-33858.exe (PID: 12168)
      • Unicorn-14642.exe (PID: 13524)
      • Unicorn-64108.exe (PID: 13516)
      • Unicorn-59126.exe (PID: 13568)
      • Unicorn-7324.exe (PID: 13560)
      • Unicorn-13189.exe (PID: 13552)
      • Unicorn-15493.exe (PID: 13676)
      • Unicorn-45286.exe (PID: 13636)
      • Unicorn-37314.exe (PID: 13340)
      • Unicorn-60278.exe (PID: 13448)
      • Unicorn-44627.exe (PID: 13476)
      • Unicorn-38431.exe (PID: 7152)
      • Unicorn-34988.exe (PID: 13400)
      • Unicorn-31711.exe (PID: 13716)
      • Unicorn-61731.exe (PID: 13748)
      • Unicorn-57869.exe (PID: 13776)
      • Unicorn-9929.exe (PID: 13756)
      • Unicorn-63350.exe (PID: 13836)
      • Unicorn-11548.exe (PID: 13844)
      • Unicorn-61818.exe (PID: 13812)
      • Unicorn-61434.exe (PID: 13900)
      • Unicorn-12233.exe (PID: 13908)
      • Unicorn-27500.exe (PID: 13936)
      • Unicorn-2411.exe (PID: 13828)
      • Unicorn-61434.exe (PID: 13892)
      • Unicorn-61050.exe (PID: 14008)
      • Unicorn-49583.exe (PID: 14016)
      • Unicorn-32598.exe (PID: 14104)
      • Unicorn-2932.exe (PID: 14088)
      • Unicorn-26732.exe (PID: 14080)
      • Unicorn-27609.exe (PID: 14132)
      • Unicorn-8274.exe (PID: 14176)
      • Unicorn-23932.exe (PID: 14096)
      • Unicorn-14153.exe (PID: 14144)
      • Unicorn-29420.exe (PID: 14160)
      • Unicorn-15685.exe (PID: 14168)
      • Unicorn-36163.exe (PID: 14188)
      • Unicorn-32706.exe (PID: 14256)
      • Unicorn-778.exe (PID: 14264)
      • Unicorn-28652.exe (PID: 14304)
      • Unicorn-16178.exe (PID: 14272)
      • Unicorn-27113.exe (PID: 14280)
      • Unicorn-34518.exe (PID: 14324)
      • Unicorn-49263.exe (PID: 14400)
      • Unicorn-24726.exe (PID: 14392)
      • Unicorn-18866.exe (PID: 14364)
      • Unicorn-22338.exe (PID: 14416)
      • Unicorn-48733.exe (PID: 14408)
      • Unicorn-9317.exe (PID: 14316)
      • Unicorn-16354.exe (PID: 14480)
      • Unicorn-21954.exe (PID: 14472)
      • Unicorn-41820.exe (PID: 14496)
      • Unicorn-47965.exe (PID: 14520)
      • Unicorn-50765.exe (PID: 14528)
      • Unicorn-5042.exe (PID: 14552)
      • Unicorn-20117.exe (PID: 14568)
      • Unicorn-52982.exe (PID: 14576)
      • Unicorn-56511.exe (PID: 14560)
      • Unicorn-6661.exe (PID: 14584)
      • Unicorn-55670.exe (PID: 14592)
      • Unicorn-55286.exe (PID: 14652)
      • Unicorn-9349.exe (PID: 14660)
      • Unicorn-5509.exe (PID: 14712)
      • Unicorn-37989.exe (PID: 14744)
      • Unicorn-5509.exe (PID: 14704)
      • Unicorn-8197.exe (PID: 14756)
      • Unicorn-39250.exe (PID: 14696)
      • Unicorn-40869.exe (PID: 14772)
      • Unicorn-24341.exe (PID: 14784)
      • Unicorn-56246.exe (PID: 14828)
      • Unicorn-37994.exe (PID: 14848)
      • Unicorn-63340.exe (PID: 14868)
      • Unicorn-59043.exe (PID: 14920)
      • Unicorn-57974.exe (PID: 14928)
      • Unicorn-59043.exe (PID: 14912)
      • Unicorn-8581.exe (PID: 14960)
      • Unicorn-13106.exe (PID: 14904)
      • Unicorn-56058.exe (PID: 15020)
      • Unicorn-28831.exe (PID: 14936)
      • Unicorn-57782.exe (PID: 15028)
      • Unicorn-26745.exe (PID: 15108)
      • Unicorn-29545.exe (PID: 15100)
      • Unicorn-45690.exe (PID: 15140)
      • Unicorn-11948.exe (PID: 15156)
      • Unicorn-30885.exe (PID: 15180)
      • Unicorn-45690.exe (PID: 15164)
      • Unicorn-63750.exe (PID: 15148)
      • Unicorn-30885.exe (PID: 15188)
      • Unicorn-63366.exe (PID: 15208)
      • Unicorn-44045.exe (PID: 15248)
      • Unicorn-11564.exe (PID: 15236)
      • Unicorn-43925.exe (PID: 15256)
      • Unicorn-60573.exe (PID: 15224)
      • Unicorn-41821.exe (PID: 15172)
      • Unicorn-22124.exe (PID: 15044)
      • Unicorn-52214.exe (PID: 15320)
      • Unicorn-36563.exe (PID: 15348)

    • The sample compiled with chinese language support

      • 1 (623).exe (PID: 5576)
      • Unicorn-60934.exe (PID: 8156)

    • Reads the computer name

      • 1 (623).exe (PID: 5576)
      • Unicorn-38969.exe (PID: 4920)
      • Unicorn-10645.exe (PID: 7608)
      • Unicorn-39788.exe (PID: 7632)
      • Unicorn-60054.exe (PID: 7832)
      • Unicorn-55456.exe (PID: 7840)
      • Unicorn-53732.exe (PID: 7868)
      • Unicorn-59862.exe (PID: 7876)
      • Unicorn-9509.exe (PID: 7976)
      • Unicorn-5788.exe (PID: 7996)
      • Unicorn-25654.exe (PID: 8008)
      • Unicorn-2995.exe (PID: 8028)
      • Unicorn-41798.exe (PID: 8048)
      • Unicorn-41798.exe (PID: 8056)
      • Unicorn-53536.exe (PID: 8080)
      • Unicorn-7599.exe (PID: 8088)
      • Unicorn-60934.exe (PID: 8156)
      • Unicorn-23471.exe (PID: 8172)
      • Unicorn-45641.exe (PID: 8188)
      • Unicorn-56724.exe (PID: 6808)
      • Unicorn-29990.exe (PID: 1272)
      • Unicorn-13461.exe (PID: 1196)
      • Unicorn-58064.exe (PID: 6816)
      • Unicorn-13269.exe (PID: 5324)
      • Unicorn-13004.exe (PID: 6620)
      • Unicorn-12008.exe (PID: 6644)
      • Unicorn-8479.exe (PID: 4620)
      • Unicorn-44873.exe (PID: 6872)
      • Unicorn-57680.exe (PID: 1164)
      • Unicorn-54887.exe (PID: 3268)
      • Unicorn-19414.exe (PID: 1056)
      • Unicorn-62953.exe (PID: 7488)
      • Unicorn-47494.exe (PID: 7380)
      • Unicorn-60301.exe (PID: 7328)
      • Unicorn-24643.exe (PID: 7344)
      • Unicorn-9263.exe (PID: 7440)
      • Unicorn-62496.exe (PID: 2616)
      • Unicorn-33654.exe (PID: 5380)
      • Unicorn-50950.exe (PID: 7732)
      • Unicorn-33005.exe (PID: 5156)
      • Unicorn-6949.exe (PID: 7672)
      • Unicorn-52237.exe (PID: 7748)
      • Unicorn-6565.exe (PID: 7656)
      • Unicorn-25206.exe (PID: 2552)
      • Unicorn-47879.exe (PID: 3008)
      • Unicorn-56809.exe (PID: 5964)
      • Unicorn-21868.exe (PID: 5436)
      • Unicorn-40665.exe (PID: 6592)
      • Unicorn-21449.exe (PID: 5400)
      • Unicorn-51.exe (PID: 2268)
      • Unicorn-22710.exe (PID: 6676)
      • Unicorn-22902.exe (PID: 5384)
      • Unicorn-41734.exe (PID: 4188)
      • Unicorn-40893.exe (PID: 7828)
      • Unicorn-35027.exe (PID: 7916)
      • Unicorn-20415.exe (PID: 2040)
      • Unicorn-30959.exe (PID: 7912)
      • Unicorn-1583.exe (PID: 2240)
      • Unicorn-18691.exe (PID: 7792)
      • Unicorn-56809.exe (PID: 7928)
      • Unicorn-4956.exe (PID: 5228)
      • Unicorn-56809.exe (PID: 7904)
      • Unicorn-63005.exe (PID: 2980)
      • Unicorn-17718.exe (PID: 960)
      • Unicorn-28495.exe (PID: 7552)
      • Unicorn-10435.exe (PID: 7740)
      • Unicorn-49622.exe (PID: 1312)
      • Unicorn-33094.exe (PID: 7460)
      • Unicorn-37.exe (PID: 7356)
      • Unicorn-34521.exe (PID: 7532)
      • Unicorn-51853.exe (PID: 7172)
      • Unicorn-12931.exe (PID: 968)
      • Unicorn-37126.exe (PID: 8256)
      • Unicorn-49897.exe (PID: 8216)
      • Unicorn-47245.exe (PID: 8236)
      • Unicorn-47140.exe (PID: 8276)
      • Unicorn-35289.exe (PID: 8292)
      • Unicorn-18377.exe (PID: 8316)
      • Unicorn-64048.exe (PID: 8324)
      • Unicorn-28662.exe (PID: 8348)
      • Unicorn-11573.exe (PID: 8384)
      • Unicorn-7276.exe (PID: 8400)
      • Unicorn-47977.exe (PID: 8448)
      • Unicorn-24550.exe (PID: 8500)
      • Unicorn-37225.exe (PID: 8552)
      • Unicorn-51402.exe (PID: 8576)
      • Unicorn-37993.exe (PID: 8636)
      • Unicorn-37609.exe (PID: 8684)
      • Unicorn-40790.exe (PID: 8768)
      • Unicorn-53981.exe (PID: 8740)
      • Unicorn-20924.exe (PID: 8760)
      • Unicorn-42134.exe (PID: 8860)
      • Unicorn-3628.exe (PID: 8808)
      • Unicorn-58662.exe (PID: 8836)
      • Unicorn-25798.exe (PID: 8848)
      • Unicorn-40489.exe (PID: 8924)
      • Unicorn-8885.exe (PID: 8908)
      • Unicorn-8693.exe (PID: 8940)
      • Unicorn-41750.exe (PID: 8888)
      • Unicorn-25539.exe (PID: 9040)
      • Unicorn-8885.exe (PID: 8916)
      • Unicorn-48198.exe (PID: 9000)
      • Unicorn-46288.exe (PID: 9120)
      • Unicorn-11804.exe (PID: 9032)
      • Unicorn-47814.exe (PID: 9080)
      • Unicorn-11036.exe (PID: 9152)
      • Unicorn-14757.exe (PID: 9132)
      • Unicorn-6204.exe (PID: 9020)
      • Unicorn-63081.exe (PID: 9096)
      • Unicorn-63081.exe (PID: 9104)
      • Unicorn-49734.exe (PID: 7948)
      • Unicorn-38646.exe (PID: 9196)
      • Unicorn-15141.exe (PID: 9048)
      • Unicorn-46205.exe (PID: 6068)
      • Unicorn-40228.exe (PID: 8376)
      • Unicorn-45332.exe (PID: 3676)
      • Unicorn-40916.exe (PID: 9188)
      • Unicorn-48592.exe (PID: 8224)
      • Unicorn-29676.exe (PID: 456)
      • Unicorn-61088.exe (PID: 6480)
      • Unicorn-2453.exe (PID: 8592)
      • Unicorn-32365.exe (PID: 8420)
      • Unicorn-10163.exe (PID: 2960)
      • Unicorn-14108.exe (PID: 8776)
      • Unicorn-25334.exe (PID: 5392)
      • Unicorn-27446.exe (PID: 9252)
      • Unicorn-20159.exe (PID: 9228)
      • Unicorn-10917.exe (PID: 9272)
      • Unicorn-51959.exe (PID: 9384)
      • Unicorn-41945.exe (PID: 9356)
      • Unicorn-58089.exe (PID: 9392)
      • Unicorn-4019.exe (PID: 9368)
      • Unicorn-28790.exe (PID: 9476)
      • Unicorn-41945.exe (PID: 9348)
      • Unicorn-41561.exe (PID: 9440)
      • Unicorn-26486.exe (PID: 9420)
      • Unicorn-12453.exe (PID: 9468)
      • Unicorn-57357.exe (PID: 9524)
      • Unicorn-56973.exe (PID: 9556)
      • Unicorn-60813.exe (PID: 9504)
      • Unicorn-56973.exe (PID: 9564)
      • Unicorn-8156.exe (PID: 9532)
      • Unicorn-30326.exe (PID: 9616)
      • Unicorn-62733.exe (PID: 9624)
      • Unicorn-27638.exe (PID: 9572)
      • Unicorn-21395.exe (PID: 9608)
      • Unicorn-51561.exe (PID: 9672)
      • Unicorn-48909.exe (PID: 9692)
      • Unicorn-35718.exe (PID: 9712)
      • Unicorn-14783.exe (PID: 9720)
      • Unicorn-27750.exe (PID: 9760)
      • Unicorn-21036.exe (PID: 9792)
      • Unicorn-20342.exe (PID: 9820)
      • Unicorn-19958.exe (PID: 9856)
      • Unicorn-18540.exe (PID: 9908)
      • Unicorn-54249.exe (PID: 9888)
      • Unicorn-5157.exe (PID: 9948)
      • Unicorn-49655.exe (PID: 9984)
      • Unicorn-34684.exe (PID: 9932)

    • Create files in a temporary directory

      • 1 (623).exe (PID: 5576)
      • Unicorn-10645.exe (PID: 7608)
      • Unicorn-38969.exe (PID: 4920)
      • Unicorn-60054.exe (PID: 7832)
      • Unicorn-55456.exe (PID: 7840)
      • Unicorn-9509.exe (PID: 7976)
      • Unicorn-59862.exe (PID: 7876)
      • Unicorn-5788.exe (PID: 7996)
      • Unicorn-25654.exe (PID: 8008)
      • Unicorn-2995.exe (PID: 8028)
      • Unicorn-41798.exe (PID: 8048)
      • Unicorn-7599.exe (PID: 8088)
      • Unicorn-53536.exe (PID: 8080)
      • Unicorn-53732.exe (PID: 7868)
      • Unicorn-39788.exe (PID: 7632)
      • Unicorn-60934.exe (PID: 8156)
      • Unicorn-23471.exe (PID: 8172)
      • Unicorn-41798.exe (PID: 8056)
      • Unicorn-45641.exe (PID: 8188)
      • Unicorn-29990.exe (PID: 1272)
      • Unicorn-58064.exe (PID: 6816)
      • Unicorn-13461.exe (PID: 1196)
      • Unicorn-13269.exe (PID: 5324)
      • Unicorn-56724.exe (PID: 6808)
      • Unicorn-13004.exe (PID: 6620)
      • Unicorn-12008.exe (PID: 6644)
      • Unicorn-44873.exe (PID: 6872)
      • Unicorn-8479.exe (PID: 4620)
      • Unicorn-57680.exe (PID: 1164)
      • Unicorn-62953.exe (PID: 7488)
      • Unicorn-47494.exe (PID: 7380)
      • Unicorn-60301.exe (PID: 7328)
      • Unicorn-9263.exe (PID: 7440)
      • Unicorn-50950.exe (PID: 7732)
      • Unicorn-24643.exe (PID: 7344)
      • Unicorn-33654.exe (PID: 5380)
      • Unicorn-33005.exe (PID: 5156)
      • Unicorn-62496.exe (PID: 2616)
      • Unicorn-6949.exe (PID: 7672)
      • Unicorn-52237.exe (PID: 7748)
      • Unicorn-6565.exe (PID: 7656)
      • Unicorn-22902.exe (PID: 5384)
      • Unicorn-25206.exe (PID: 2552)
      • Unicorn-22710.exe (PID: 6676)
      • Unicorn-47879.exe (PID: 3008)
      • Unicorn-56809.exe (PID: 5964)
      • Unicorn-21868.exe (PID: 5436)
      • Unicorn-40665.exe (PID: 6592)
      • Unicorn-30959.exe (PID: 7912)
      • Unicorn-21449.exe (PID: 5400)
      • Unicorn-18691.exe (PID: 7792)
      • Unicorn-41734.exe (PID: 4188)
      • Unicorn-1583.exe (PID: 2240)
      • Unicorn-40893.exe (PID: 7828)
      • Unicorn-35027.exe (PID: 7916)
      • Unicorn-56809.exe (PID: 7928)
      • Unicorn-20415.exe (PID: 2040)
      • Unicorn-56809.exe (PID: 7904)
      • Unicorn-54887.exe (PID: 3268)
      • Unicorn-19414.exe (PID: 1056)
      • Unicorn-17718.exe (PID: 960)
      • Unicorn-63005.exe (PID: 2980)
      • Unicorn-28495.exe (PID: 7552)
      • Unicorn-37.exe (PID: 7356)
      • Unicorn-34521.exe (PID: 7532)
      • Unicorn-10435.exe (PID: 7740)
      • Unicorn-33094.exe (PID: 7460)
      • Unicorn-51853.exe (PID: 7172)
      • Unicorn-12931.exe (PID: 968)
      • Unicorn-37126.exe (PID: 8256)
      • Unicorn-47245.exe (PID: 8236)
      • Unicorn-47140.exe (PID: 8276)
      • Unicorn-49897.exe (PID: 8216)
      • Unicorn-35289.exe (PID: 8292)
      • Unicorn-18377.exe (PID: 8316)
      • Unicorn-64048.exe (PID: 8324)
      • Unicorn-28662.exe (PID: 8348)
      • Unicorn-11573.exe (PID: 8384)
      • Unicorn-7276.exe (PID: 8400)
      • Unicorn-47977.exe (PID: 8448)
      • Unicorn-37225.exe (PID: 8552)
      • Unicorn-24550.exe (PID: 8500)
      • Unicorn-51402.exe (PID: 8576)
      • Unicorn-37993.exe (PID: 8636)
      • Unicorn-37609.exe (PID: 8684)
      • Unicorn-40790.exe (PID: 8768)
      • Unicorn-53981.exe (PID: 8740)
      • Unicorn-20924.exe (PID: 8760)
      • Unicorn-42134.exe (PID: 8860)
      • Unicorn-3628.exe (PID: 8808)
      • Unicorn-58662.exe (PID: 8836)
      • Unicorn-25798.exe (PID: 8848)
      • Unicorn-40489.exe (PID: 8924)
      • Unicorn-8885.exe (PID: 8908)
      • Unicorn-6204.exe (PID: 9020)
      • Unicorn-41750.exe (PID: 8888)
      • Unicorn-25539.exe (PID: 9040)
      • Unicorn-48198.exe (PID: 9000)
      • Unicorn-8693.exe (PID: 8940)
      • Unicorn-8885.exe (PID: 8916)
      • Unicorn-11804.exe (PID: 9032)
      • Unicorn-46288.exe (PID: 9120)
      • Unicorn-47814.exe (PID: 9080)
      • Unicorn-11036.exe (PID: 9152)
      • Unicorn-14757.exe (PID: 9132)
      • Unicorn-15141.exe (PID: 9048)
      • Unicorn-49734.exe (PID: 7948)
      • Unicorn-63081.exe (PID: 9104)
      • Unicorn-38646.exe (PID: 9196)
      • Unicorn-46205.exe (PID: 6068)
      • Unicorn-40228.exe (PID: 8376)
      • Unicorn-45332.exe (PID: 3676)
      • Unicorn-40916.exe (PID: 9188)
      • Unicorn-48592.exe (PID: 8224)
      • Unicorn-49622.exe (PID: 1312)
      • Unicorn-29676.exe (PID: 456)
      • Unicorn-32365.exe (PID: 8420)
      • Unicorn-61088.exe (PID: 6480)
      • Unicorn-14108.exe (PID: 8776)
      • Unicorn-10163.exe (PID: 2960)
      • Unicorn-25334.exe (PID: 5392)
      • Unicorn-27446.exe (PID: 9252)
      • Unicorn-20159.exe (PID: 9228)
      • Unicorn-10917.exe (PID: 9272)
      • Unicorn-41945.exe (PID: 9356)
      • Unicorn-58089.exe (PID: 9392)
      • Unicorn-4019.exe (PID: 9368)
      • Unicorn-41945.exe (PID: 9348)
      • Unicorn-28790.exe (PID: 9476)
      • Unicorn-51959.exe (PID: 9384)
      • Unicorn-41561.exe (PID: 9440)
      • Unicorn-26486.exe (PID: 9420)
      • Unicorn-12453.exe (PID: 9468)
      • Unicorn-56973.exe (PID: 9556)
      • Unicorn-57357.exe (PID: 9524)
      • Unicorn-60813.exe (PID: 9504)
      • Unicorn-30326.exe (PID: 9616)
      • Unicorn-62733.exe (PID: 9624)
      • Unicorn-27638.exe (PID: 9572)
      • Unicorn-21395.exe (PID: 9608)
      • Unicorn-56973.exe (PID: 9564)
      • Unicorn-51561.exe (PID: 9672)
      • Unicorn-48909.exe (PID: 9692)
      • Unicorn-14783.exe (PID: 9720)
      • Unicorn-35718.exe (PID: 9712)
      • Unicorn-27750.exe (PID: 9760)
      • Unicorn-21036.exe (PID: 9792)
      • Unicorn-63081.exe (PID: 9096)
      • Unicorn-20342.exe (PID: 9820)
      • Unicorn-19958.exe (PID: 9856)
      • Unicorn-2453.exe (PID: 8592)
      • Unicorn-54249.exe (PID: 9888)
      • Unicorn-18540.exe (PID: 9908)

    • Reads security settings of Internet Explorer

      • BackgroundTransferHost.exe (PID: 5552)
      • BackgroundTransferHost.exe (PID: 7360)
      • BackgroundTransferHost.exe (PID: 7348)
      • BackgroundTransferHost.exe (PID: 8996)
      • BackgroundTransferHost.exe (PID: 1812)

    • Checks proxy server information

      • BackgroundTransferHost.exe (PID: 7360)

    • Reads the software policy settings

      • BackgroundTransferHost.exe (PID: 7360)

    • Creates files or folders in the user directory

      • BackgroundTransferHost.exe (PID: 7360)
      • WerFault.exe (PID: 12164)
Find more information about signature artifacts and mapping to MITRE ATT&CK™ MATRIX at the full report
No Malware configuration.

TRiD

.exe | Win32 Executable (generic) (52.9)
.exe | Generic Win/DOS Executable (23.5)
.exe | DOS Executable Generic (23.5)

EXIF

EXE

MachineType: Intel 386 or later, and compatibles
TimeStamp: 2019:01:19 13:34:56+00:00
ImageFileCharacteristics: No relocs, Executable, No line numbers, No symbols, 32-bit
PEType: PE32
LinkerVersion: 6
CodeSize: 176128
InitializedDataSize: 299008
UninitializedDataSize: -
EntryPoint: 0x13d4
OSVersion: 4
ImageVersion: 1
SubsystemVersion: 4
Subsystem: Windows GUI
FileVersionNumber: 1.0.0.0
ProductVersionNumber: 1.0.0.0
FileFlagsMask: 0x003f
FileFlags: (none)
FileOS: Win32
ObjectFileType: Executable application
FileSubtype: -
LanguageCode: Chinese (Simplified)
CharacterSet: Unicode
CompanyName: UEFI
ProductName: Kawaii-Unicorn
FileVersion: 1
ProductVersion: 1
InternalName: Kawaii-Unicorn
OriginalFileName: Kawaii-Unicorn.exe
No data.
screenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshot
All screenshots are available in the full report
All screenshots are available in the full report
Total processes
589
Monitored processes
455
Malicious processes
71
Suspicious processes
47

Behavior graph

Click at the process to see the details
start 1 (623).exe unicorn-38969.exe sppextcomobj.exe no specs slui.exe no specs unicorn-10645.exe unicorn-39788.exe unicorn-60054.exe unicorn-55456.exe unicorn-53732.exe unicorn-59862.exe unicorn-9509.exe unicorn-5788.exe unicorn-25654.exe unicorn-2995.exe unicorn-41798.exe unicorn-41798.exe unicorn-53536.exe unicorn-7599.exe unicorn-60934.exe unicorn-23471.exe unicorn-45641.exe unicorn-56724.exe unicorn-29990.exe unicorn-13461.exe unicorn-58064.exe unicorn-13004.exe unicorn-13269.exe unicorn-29606.exe no specs unicorn-44873.exe unicorn-57680.exe unicorn-12008.exe unicorn-19414.exe unicorn-8479.exe unicorn-54887.exe backgroundtransferhost.exe no specs unicorn-62953.exe unicorn-47494.exe backgroundtransferhost.exe unicorn-60301.exe unicorn-24643.exe unicorn-9263.exe unicorn-50950.exe unicorn-62496.exe unicorn-33654.exe unicorn-33005.exe unicorn-6949.exe unicorn-52237.exe unicorn-6565.exe unicorn-22902.exe unicorn-22710.exe unicorn-51.exe unicorn-1583.exe unicorn-21449.exe unicorn-21868.exe unicorn-40665.exe unicorn-25206.exe unicorn-47879.exe unicorn-56809.exe unicorn-41734.exe unicorn-20415.exe unicorn-4956.exe unicorn-18691.exe unicorn-40893.exe unicorn-35027.exe unicorn-56809.exe unicorn-30959.exe unicorn-56809.exe backgroundtransferhost.exe no specs unicorn-17718.exe unicorn-63005.exe unicorn-49622.exe unicorn-33094.exe unicorn-28495.exe unicorn-10435.exe unicorn-37.exe unicorn-51853.exe unicorn-34521.exe unicorn-12931.exe unicorn-49897.exe unicorn-47245.exe unicorn-37126.exe unicorn-47140.exe unicorn-35289.exe unicorn-18377.exe unicorn-64048.exe unicorn-28662.exe unicorn-11573.exe unicorn-7276.exe unicorn-47977.exe unicorn-24550.exe unicorn-37225.exe unicorn-51402.exe unicorn-37993.exe unicorn-37609.exe unicorn-53981.exe unicorn-20924.exe unicorn-40790.exe unicorn-3628.exe unicorn-58662.exe unicorn-25798.exe unicorn-42134.exe unicorn-41750.exe unicorn-8885.exe unicorn-8885.exe unicorn-40489.exe unicorn-8693.exe unicorn-48198.exe unicorn-6204.exe unicorn-11804.exe unicorn-25539.exe unicorn-15141.exe unicorn-47814.exe unicorn-63081.exe unicorn-63081.exe unicorn-46288.exe unicorn-14757.exe unicorn-11036.exe unicorn-40916.exe unicorn-38646.exe unicorn-48592.exe unicorn-49734.exe unicorn-46205.exe unicorn-29676.exe unicorn-61088.exe unicorn-40228.exe unicorn-10163.exe unicorn-32365.exe unicorn-2453.exe unicorn-45332.exe unicorn-14108.exe backgroundtransferhost.exe no specs unicorn-25334.exe unicorn-20159.exe unicorn-27446.exe unicorn-10917.exe unicorn-41945.exe unicorn-41945.exe unicorn-4019.exe unicorn-51959.exe unicorn-58089.exe unicorn-26486.exe unicorn-41561.exe unicorn-12453.exe unicorn-28790.exe unicorn-60813.exe unicorn-57357.exe unicorn-8156.exe no specs unicorn-56973.exe unicorn-56973.exe unicorn-27638.exe unicorn-21395.exe unicorn-30326.exe unicorn-62733.exe unicorn-51561.exe unicorn-48909.exe unicorn-35718.exe unicorn-14783.exe unicorn-27750.exe unicorn-21036.exe unicorn-20342.exe unicorn-19958.exe unicorn-54249.exe unicorn-18540.exe unicorn-34684.exe unicorn-5157.exe unicorn-49655.exe unicorn-40326.exe unicorn-62032.exe unicorn-58333.exe unicorn-11208.exe unicorn-56884.exe unicorn-22553.exe unicorn-20175.exe unicorn-23513.exe unicorn-8053.exe unicorn-8940.exe unicorn-53808.exe unicorn-11893.exe unicorn-42951.exe unicorn-2485.exe unicorn-33164.exe unicorn-5941.exe unicorn-23455.exe no specs unicorn-25833.exe no specs unicorn-43046.exe no specs unicorn-55748.exe no specs unicorn-54487.exe no specs unicorn-60617.exe no specs unicorn-7887.exe no specs unicorn-44582.exe no specs unicorn-8467.exe no specs unicorn-29289.exe no specs unicorn-25759.exe no specs unicorn-59501.exe no specs unicorn-59501.exe no specs unicorn-13445.exe no specs unicorn-58925.exe no specs unicorn-11727.exe no specs unicorn-11727.exe no specs unicorn-61805.exe no specs unicorn-61805.exe no specs unicorn-12220.exe no specs unicorn-38761.exe no specs unicorn-46896.exe no specs unicorn-41031.exe no specs unicorn-61037.exe no specs unicorn-28172.exe no specs unicorn-6243.exe no specs unicorn-60845.exe no specs unicorn-60845.exe no specs unicorn-10575.exe no specs unicorn-46777.exe no specs unicorn-14710.exe no specs unicorn-37177.exe no specs unicorn-54125.exe no specs unicorn-24459.exe no specs unicorn-38054.exe no specs unicorn-50669.exe no specs unicorn-63335.exe no specs unicorn-45268.exe no specs unicorn-64020.exe no specs unicorn-46423.exe no specs unicorn-27087.exe no specs unicorn-20492.exe no specs unicorn-36902.exe no specs unicorn-14515.exe no specs unicorn-22377.exe no specs unicorn-34991.exe no specs unicorn-21727.exe no specs unicorn-6533.exe no specs unicorn-55542.exe no specs unicorn-5080.exe no specs unicorn-22294.exe no specs unicorn-5765.exe no specs unicorn-17782.exe no specs unicorn-40249.exe no specs unicorn-40742.exe no specs unicorn-57078.exe no specs unicorn-24214.exe no specs unicorn-39481.exe no specs unicorn-56694.exe no specs unicorn-56694.exe no specs unicorn-56502.exe no specs unicorn-42278.exe no specs unicorn-54893.exe no specs unicorn-13531.exe no specs unicorn-6332.exe no specs unicorn-28799.exe no specs unicorn-61471.exe no specs unicorn-28415.exe no specs unicorn-62156.exe no specs unicorn-41221.exe no specs unicorn-8357.exe no specs unicorn-7781.exe no specs unicorn-61123.exe no specs unicorn-41522.exe no specs unicorn-26997.exe no specs unicorn-46598.exe no specs unicorn-46863.exe no specs unicorn-11538.exe no specs unicorn-31404.exe no specs unicorn-31404.exe no specs unicorn-63007.exe no specs unicorn-11346.exe no specs unicorn-26613.exe no specs unicorn-26613.exe no specs unicorn-13230.exe unicorn-21513.exe no specs unicorn-27001.exe no specs unicorn-27001.exe no specs unicorn-12005.exe no specs unicorn-25740.exe no specs unicorn-25740.exe no specs unicorn-45363.exe no specs unicorn-39762.exe no specs unicorn-56298.exe no specs werfault.exe no specs unicorn-46214.exe no specs unicorn-59757.exe no specs unicorn-30370.exe no specs unicorn-44106.exe no specs unicorn-50236.exe no specs unicorn-39987.exe no specs unicorn-30060.exe no specs backgroundtransferhost.exe no specs unicorn-1637.exe no specs unicorn-53526.exe no specs unicorn-3941.exe no specs unicorn-17100.exe no specs unicorn-1641.exe no specs unicorn-22389.exe no specs unicorn-41414.exe no specs unicorn-21813.exe no specs unicorn-8238.exe no specs unicorn-18670.exe no specs unicorn-11641.exe no specs unicorn-62182.exe no specs unicorn-15358.exe no specs unicorn-50454.exe no specs unicorn-2478.exe no specs unicorn-37263.exe no specs unicorn-40640.exe no specs unicorn-44108.exe no specs unicorn-26511.exe no specs unicorn-4345.exe no specs unicorn-5877.exe no specs unicorn-38549.exe no specs unicorn-9406.exe no specs unicorn-44383.exe no specs unicorn-43807.exe no specs unicorn-12011.exe no specs unicorn-40085.exe no specs unicorn-14699.exe no specs unicorn-53709.exe no specs unicorn-39981.exe no specs unicorn-43458.exe no specs unicorn-13246.exe no specs unicorn-15852.exe no specs unicorn-30470.exe no specs unicorn-4222.exe no specs unicorn-37964.exe no specs unicorn-3646.exe no specs unicorn-33858.exe no specs unicorn-19599.exe no specs unicorn-19599.exe no specs unicorn-3070.exe no specs unicorn-54959.exe no specs unicorn-38431.exe no specs unicorn-48061.exe no specs unicorn-23823.exe no specs unicorn-37314.exe no specs unicorn-34988.exe no specs unicorn-60278.exe no specs unicorn-44627.exe no specs unicorn-64108.exe no specs unicorn-14642.exe no specs unicorn-13189.exe no specs unicorn-7324.exe no specs unicorn-59126.exe no specs unicorn-45286.exe no specs unicorn-15493.exe no specs unicorn-31711.exe no specs unicorn-61731.exe no specs unicorn-9929.exe no specs unicorn-57869.exe no specs unicorn-61818.exe no specs unicorn-2411.exe no specs unicorn-63350.exe no specs unicorn-11548.exe no specs unicorn-61434.exe no specs unicorn-61434.exe no specs unicorn-12233.exe no specs unicorn-27500.exe no specs unicorn-61050.exe no specs unicorn-49583.exe no specs unicorn-26732.exe no specs unicorn-2932.exe no specs unicorn-23932.exe no specs unicorn-32598.exe no specs unicorn-27609.exe no specs unicorn-14153.exe no specs unicorn-29420.exe no specs unicorn-15685.exe no specs unicorn-8274.exe no specs unicorn-36163.exe no specs unicorn-32706.exe no specs unicorn-778.exe no specs unicorn-16178.exe no specs unicorn-27113.exe no specs unicorn-28652.exe no specs unicorn-9317.exe no specs unicorn-34518.exe no specs unicorn-18866.exe no specs unicorn-24726.exe no specs unicorn-49263.exe no specs unicorn-48733.exe no specs unicorn-22338.exe no specs unicorn-21954.exe no specs unicorn-16354.exe no specs unicorn-41820.exe no specs unicorn-47965.exe no specs unicorn-50765.exe no specs unicorn-5042.exe no specs unicorn-56511.exe no specs unicorn-20117.exe no specs unicorn-52982.exe no specs unicorn-6661.exe no specs unicorn-55670.exe no specs unicorn-55286.exe no specs unicorn-9349.exe no specs unicorn-39250.exe no specs unicorn-5509.exe no specs unicorn-5509.exe no specs unicorn-37989.exe no specs unicorn-8197.exe no specs unicorn-40869.exe no specs unicorn-24341.exe no specs unicorn-56246.exe no specs unicorn-37994.exe no specs unicorn-63340.exe no specs unicorn-13106.exe no specs unicorn-59043.exe no specs unicorn-59043.exe no specs unicorn-57974.exe no specs unicorn-28831.exe no specs unicorn-8581.exe no specs unicorn-56058.exe no specs unicorn-57782.exe no specs unicorn-22124.exe no specs unicorn-29545.exe no specs unicorn-26745.exe no specs unicorn-45690.exe no specs unicorn-63750.exe no specs unicorn-11948.exe no specs unicorn-45690.exe no specs unicorn-41821.exe no specs unicorn-30885.exe no specs unicorn-30885.exe no specs unicorn-63366.exe no specs unicorn-60573.exe no specs unicorn-11564.exe no specs unicorn-44045.exe no specs unicorn-43925.exe no specs unicorn-52598.exe no specs unicorn-52214.exe no specs unicorn-52214.exe no specs unicorn-36563.exe no specs unicorn-30697.exe no specs unicorn-36563.exe no specs unicorn-26437.exe no specs unicorn-43503.exe no specs unicorn-45773.exe no specs unicorn-21919.exe no specs unicorn-54591.exe no specs unicorn-14636.exe no specs unicorn-52982.exe no specs unicorn-49718.exe no specs unicorn-3781.exe no specs unicorn-47117.exe no specs unicorn-62957.exe no specs unicorn-62374.exe no specs unicorn-22428.exe no specs unicorn-5324.exe no specs unicorn-21468.exe no specs unicorn-13493.exe no specs unicorn-13493.exe no specs unicorn-7244.exe no specs unicorn-37609.exe no specs unicorn-11957.exe no specs unicorn-32015.exe no specs unicorn-45663.exe no specs unicorn-40410.exe no specs unicorn-1316.exe no specs unicorn-16364.exe no specs unicorn-31247.exe no specs

Process information

PID
CMD
Path
Indicators
Parent process
456C:\Users\admin\AppData\Local\Temp\Unicorn-29676.exeC:\Users\admin\AppData\Local\Temp\Unicorn-29676.exe
Unicorn-13004.exe
User:
admin
Company:
UEFI
Integrity Level:
MEDIUM
Version:
1.00
Modules
Images
c:\users\admin\appdata\local\temp\unicorn-29676.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\apphelp.dll
c:\windows\syswow64\msvbvm60.dll
960C:\Users\admin\AppData\Local\Temp\Unicorn-17718.exeC:\Users\admin\AppData\Local\Temp\Unicorn-17718.exe
Unicorn-62953.exe
User:
admin
Company:
UEFI
Integrity Level:
MEDIUM
Version:
1.00
Modules
Images
c:\users\admin\appdata\local\temp\unicorn-17718.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\apphelp.dll
c:\windows\syswow64\msvbvm60.dll
968C:\Users\admin\AppData\Local\Temp\Unicorn-12931.exeC:\Users\admin\AppData\Local\Temp\Unicorn-12931.exe
Unicorn-41798.exe
User:
admin
Company:
UEFI
Integrity Level:
MEDIUM
Version:
1.00
Modules
Images
c:\users\admin\appdata\local\temp\unicorn-12931.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\apphelp.dll
c:\windows\syswow64\msvbvm60.dll
1056C:\Users\admin\AppData\Local\Temp\Unicorn-19414.exeC:\Users\admin\AppData\Local\Temp\Unicorn-19414.exe
1 (623).exe
User:
admin
Company:
UEFI
Integrity Level:
MEDIUM
Version:
1.00
Modules
Images
c:\users\admin\appdata\local\temp\unicorn-19414.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\apphelp.dll
c:\windows\syswow64\msvbvm60.dll
1164C:\Users\admin\AppData\Local\Temp\Unicorn-57680.exeC:\Users\admin\AppData\Local\Temp\Unicorn-57680.exe
Unicorn-59862.exe
User:
admin
Company:
UEFI
Integrity Level:
MEDIUM
Version:
1.00
Modules
Images
c:\users\admin\appdata\local\temp\unicorn-57680.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\apphelp.dll
c:\windows\syswow64\msvbvm60.dll
1196C:\Users\admin\AppData\Local\Temp\Unicorn-13461.exeC:\Users\admin\AppData\Local\Temp\Unicorn-13461.exe
Unicorn-2995.exe
User:
admin
Company:
UEFI
Integrity Level:
MEDIUM
Version:
1.00
Modules
Images
c:\users\admin\appdata\local\temp\unicorn-13461.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\apphelp.dll
c:\windows\syswow64\msvbvm60.dll
1272C:\Users\admin\AppData\Local\Temp\Unicorn-29990.exeC:\Users\admin\AppData\Local\Temp\Unicorn-29990.exe
Unicorn-25654.exe
User:
admin
Company:
UEFI
Integrity Level:
MEDIUM
Version:
1.00
Modules
Images
c:\users\admin\appdata\local\temp\unicorn-29990.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\apphelp.dll
c:\windows\syswow64\msvbvm60.dll
1312C:\Users\admin\AppData\Local\Temp\Unicorn-49622.exeC:\Users\admin\AppData\Local\Temp\Unicorn-49622.exe
Unicorn-47494.exe
User:
admin
Company:
UEFI
Integrity Level:
MEDIUM
Version:
1.00
Modules
Images
c:\users\admin\appdata\local\temp\unicorn-49622.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\apphelp.dll
c:\windows\syswow64\msvbvm60.dll
1628C:\Users\admin\AppData\Local\Temp\Unicorn-26437.exeC:\Users\admin\AppData\Local\Temp\Unicorn-26437.exeUnicorn-41798.exe
User:
admin
Company:
UEFI
Integrity Level:
MEDIUM
Version:
1.00
1812"BackgroundTransferHost.exe" -ServerName:BackgroundTransferHost.1C:\Windows\System32\BackgroundTransferHost.exesvchost.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
MEDIUM
Description:
Download/Upload Host
Exit code:
1
Version:
10.0.19041.3636 (WinBuild.160101.0800)
Modules
Images
c:\windows\system32\backgroundtransferhost.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\combase.dll
c:\windows\system32\ucrtbase.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\kernel.appcore.dll
c:\windows\system32\bcryptprimitives.dll
Total events
12 087
Read events
12 072
Write events
15
Delete events
0

Modification events

(PID) Process:(5552) BackgroundTransferHost.exeKey:HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.contentdeliverymanager_cw5n1h2txyewy\Internet Settings\Cache\Content
Operation:writeName:CachePrefix
Value:
(PID) Process:(5552) BackgroundTransferHost.exeKey:HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.contentdeliverymanager_cw5n1h2txyewy\Internet Settings\Cache\Cookies
Operation:writeName:CachePrefix
Value:
Cookie:
(PID) Process:(5552) BackgroundTransferHost.exeKey:HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.contentdeliverymanager_cw5n1h2txyewy\Internet Settings\Cache\History
Operation:writeName:CachePrefix
Value:
Visited:
(PID) Process:(7360) BackgroundTransferHost.exeKey:HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.contentdeliverymanager_cw5n1h2txyewy\Internet Settings\Cache\Content
Operation:writeName:CachePrefix
Value:
(PID) Process:(7360) BackgroundTransferHost.exeKey:HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.contentdeliverymanager_cw5n1h2txyewy\Internet Settings\Cache\Cookies
Operation:writeName:CachePrefix
Value:
Cookie:
(PID) Process:(7360) BackgroundTransferHost.exeKey:HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.contentdeliverymanager_cw5n1h2txyewy\Internet Settings\Cache\History
Operation:writeName:CachePrefix
Value:
Visited:
(PID) Process:(7348) BackgroundTransferHost.exeKey:HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.contentdeliverymanager_cw5n1h2txyewy\Internet Settings\Cache\Content
Operation:writeName:CachePrefix
Value:
(PID) Process:(7348) BackgroundTransferHost.exeKey:HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.contentdeliverymanager_cw5n1h2txyewy\Internet Settings\Cache\Cookies
Operation:writeName:CachePrefix
Value:
Cookie:
(PID) Process:(7348) BackgroundTransferHost.exeKey:HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.contentdeliverymanager_cw5n1h2txyewy\Internet Settings\Cache\History
Operation:writeName:CachePrefix
Value:
Visited:
(PID) Process:(8996) BackgroundTransferHost.exeKey:HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.contentdeliverymanager_cw5n1h2txyewy\Internet Settings\Cache\Content
Operation:writeName:CachePrefix
Value:
Executable files
964
Suspicious files
8
Text files
1
Unknown types
0

Dropped files

PID
Process
Filename
Type
7832Unicorn-60054.exeC:\Users\admin\AppData\Local\Temp\Unicorn-9509.exeexecutable
MD5:A902306D5ACE450CB428F4EC577F2F84
SHA256:38EDF22C27922751BF6663A1B063BEE9D431501509777AB28BEA9916139BE608
7632Unicorn-39788.exeC:\Users\admin\AppData\Local\Temp\Unicorn-59862.exeexecutable
MD5:62188196DA28DA21A4DBD300A015740E
SHA256:9C111C0821F02394AE83D92B2BBA5944F334E9A15D9B290213C738DFCB607D0C
7632Unicorn-39788.exeC:\Users\admin\AppData\Local\Temp\Unicorn-53536.exeexecutable
MD5:6234DB9F8E8FF19E5788E2A3E0262068
SHA256:4D6BD268B5AB97E70494BB110320C9759AF1A76B6CD37591B7E5FD95398DA4C4
7876Unicorn-59862.exeC:\Users\admin\AppData\Local\Temp\Unicorn-41798.exeexecutable
MD5:9BC42A2816089D751CFECB5DA3253DB3
SHA256:058E6A9F9139A6C52910AE6B983EAFADD8C6904C57C6C7A138B71AB7E458CB42
55761 (623).exeC:\Users\admin\AppData\Local\Temp\Unicorn-38969.exeexecutable
MD5:06234742BD3507A73812C73F572FACB3
SHA256:8A574C91E8B09D78E723F9920E5A8FE4CB5DF4DFA2BDF5A12E6991AF55960E03
4920Unicorn-38969.exeC:\Users\admin\AppData\Local\Temp\Unicorn-10645.exeexecutable
MD5:95B411FA4D05034366BBC75EDE620898
SHA256:0444B90AB41FE74865E73B69614A08CF680AB9B52A440B4BB42E31C8023700CF
7608Unicorn-10645.exeC:\Users\admin\AppData\Local\Temp\Unicorn-60054.exeexecutable
MD5:769CD604C4EE7608C2B35B91C75A771D
SHA256:15103BC22E2D1745047F501F15659D73E8180D8DF199B7AC8E4EA06861647043
55761 (623).exeC:\Users\admin\AppData\Local\Temp\Unicorn-39788.exeexecutable
MD5:0079ECD5895E27E8042AE95E9C88D84C
SHA256:361E0F25EDF44AD31A73421F45AEDC3A34F45C8198E810E56BA792BABA23CA5F
4920Unicorn-38969.exeC:\Users\admin\AppData\Local\Temp\Unicorn-55456.exeexecutable
MD5:DB5178B3C6664DD7A623A870355F9715
SHA256:0444B90AB41FE74865E73B69614A08CF680AB9B52A440B4BB42E31C8023700CF
55761 (623).exeC:\Users\admin\AppData\Local\Temp\Unicorn-53732.exeexecutable
MD5:434E15B247126A875F0F895DCFE701A4
SHA256:384E542A674710566FD27FF387104A642F75DC265EF7226FE20BD2E5E8CA29B8
Download PCAP, analyze network streams, HTTP content and a lot more at the full report
HTTP(S) requests
6
TCP/UDP connections
26
DNS requests
17
Threats
0

HTTP requests

PID
Process
Method
HTTP Code
IP
URL
CN
Type
Size
Reputation
GET
200
23.53.40.176:80
http://crl.microsoft.com/pki/crl/products/MicRooCerAut2011_2011_03_22.crl
unknown
whitelisted
6544
svchost.exe
GET
200
184.30.131.245:80
http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBSAUQYBMq2awn1Rh6Doh%2FsBYgFV7gQUA95QNVbRTLtm8KPiGxvDl7I90VUCEAJ0LqoXyo4hxxe7H%2Fz9DKA%3D
unknown
whitelisted
GET
200
184.30.131.245:80
http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBQ50otx%2Fh0Ztl%2Bz8SiPI7wEWVxDlQQUTiJUIBiV5uNu5g%2F6%2BrkS7QYXjzkCEAUZZSZEml49Gjh0j13P68w%3D
unknown
whitelisted
7360
BackgroundTransferHost.exe
GET
200
184.30.131.245:80
http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBTrjrydRyt%2BApF3GSPypfHBxR5XtQQUs9tIpPmhxdiuNkHMEWNpYim8S8YCEAI5PUjXAkJafLQcAAsO18o%3D
unknown
whitelisted
8596
SIHClient.exe
GET
200
23.35.229.160:80
http://www.microsoft.com/pkiops/crl/Microsoft%20ECC%20Product%20Root%20Certificate%20Authority%202018.crl
unknown
whitelisted
8596
SIHClient.exe
GET
200
23.35.229.160:80
http://www.microsoft.com/pkiops/crl/Microsoft%20ECC%20Update%20Secure%20Server%20CA%202.1.crl
unknown
whitelisted
Download PCAP, analyze network streams, HTTP content and a lot more at the full report

Connections

PID
Process
IP
Domain
ASN
CN
Reputation
4
System
192.168.100.255:138
whitelisted
2104
svchost.exe
20.73.194.208:443
settings-win.data.microsoft.com
MICROSOFT-CORP-MSN-AS-BLOCK
NL
whitelisted
20.73.194.208:443
settings-win.data.microsoft.com
MICROSOFT-CORP-MSN-AS-BLOCK
NL
whitelisted
23.53.40.176:80
crl.microsoft.com
Akamai International B.V.
DE
whitelisted
5496
MoUsoCoreWorker.exe
20.73.194.208:443
settings-win.data.microsoft.com
MICROSOFT-CORP-MSN-AS-BLOCK
NL
whitelisted
6544
svchost.exe
20.190.160.3:443
login.live.com
MICROSOFT-CORP-MSN-AS-BLOCK
NL
whitelisted
6544
svchost.exe
184.30.131.245:80
ocsp.digicert.com
AKAMAI-AS
US
whitelisted
3216
svchost.exe
40.115.3.253:443
client.wns.windows.com
MICROSOFT-CORP-MSN-AS-BLOCK
NL
whitelisted
5496
MoUsoCoreWorker.exe
4.231.128.59:443
settings-win.data.microsoft.com
MICROSOFT-CORP-MSN-AS-BLOCK
IE
whitelisted
2112
svchost.exe
4.231.128.59:443
settings-win.data.microsoft.com
MICROSOFT-CORP-MSN-AS-BLOCK
IE
whitelisted

DNS requests

Domain
IP
Reputation
settings-win.data.microsoft.com
  • 20.73.194.208
  • 4.231.128.59
whitelisted
google.com
  • 142.250.186.174
whitelisted
crl.microsoft.com
  • 23.53.40.176
  • 23.53.40.178
whitelisted
login.live.com
  • 20.190.160.3
  • 20.190.160.14
  • 20.190.160.128
  • 40.126.32.140
  • 40.126.32.74
  • 40.126.32.134
  • 40.126.32.136
  • 20.190.160.65
whitelisted
ocsp.digicert.com
  • 184.30.131.245
whitelisted
client.wns.windows.com
  • 40.115.3.253
whitelisted
arc.msn.com
  • 20.223.35.26
whitelisted
www.bing.com
  • 92.123.104.32
  • 92.123.104.31
  • 92.123.104.38
  • 92.123.104.34
whitelisted
slscr.update.microsoft.com
  • 52.149.20.212
whitelisted
www.microsoft.com
  • 23.35.229.160
whitelisted

Threats

No threats detected
No debug info
Interactive malware hunting service ANY.RUN
© 2017-2026 ANY.RUN ALL RIGHTS RESERVED
ANY.RUN
Reports
1 (623)