| File name: | 1 (354) |
| Full analysis: | https://app.any.run/tasks/018bcde6-6061-4db6-8655-5062af441223 |
| Verdict: | Malicious activity |
| Analysis date: | March 24, 2025, 20:24:16 |
| OS: | Windows 10 Professional (build: 19045, 64 bit) |
| Indicators: | |
| MIME: | application/vnd.microsoft.portable-executable |
| File info: | PE32 executable (GUI) Intel 80386, for MS Windows, 3 sections |
| MD5: | 7C7C3709FFD72C220BE40479E0875E70 |
| SHA1: | 3FD77FDA1D156BAA70B53352E36189C05BBFC874 |
| SHA256: | 2E83A9E225AD1E1A1A42794612EAACBCE5E7AE13A55F12DDB40970085BCAE871 |
| SSDEEP: | 6144:F7agl6NvkDctO54/8Nofb9eAD3qJp8GB7/+peOduk/vSwjwpyAvEhEJqTQLSLixM:FuYM5tO5s8uD3A+a7GpeOd4x4DxmDsR |
MALICIOUS
No malicious indicators.SUSPICIOUS
Starts itself from another location
- Unicorn-19458.exe (PID: 7216)
- Unicorn-4657.exe (PID: 7884)
- 1 (354).exe (PID: 5936)
- Unicorn-13977.exe (PID: 8048)
- Unicorn-55565.exe (PID: 8068)
- Unicorn-65124.exe (PID: 8084)
- Unicorn-11434.exe (PID: 7904)
- Unicorn-58994.exe (PID: 8092)
- Unicorn-2745.exe (PID: 8132)
- Unicorn-8152.exe (PID: 8152)
- Unicorn-19850.exe (PID: 8168)
- Unicorn-9635.exe (PID: 8188)
- Unicorn-5194.exe (PID: 5868)
- Unicorn-51131.exe (PID: 4652)
- Unicorn-9543.exe (PID: 4436)
- Unicorn-40270.exe (PID: 5972)
- Unicorn-47644.exe (PID: 1056)
- Unicorn-21556.exe (PID: 2108)
- Unicorn-33153.exe (PID: 2236)
- Unicorn-16726.exe (PID: 6192)
- Unicorn-60773.exe (PID: 5508)
- Unicorn-27586.exe (PID: 6560)
- Unicorn-2335.exe (PID: 672)
- Unicorn-47452.exe (PID: 5640)
- Unicorn-40965.exe (PID: 5552)
- Unicorn-13196.exe (PID: 6372)
- Unicorn-54551.exe (PID: 5512)
- Unicorn-61650.exe (PID: 2960)
- Unicorn-20709.exe (PID: 5256)
- Unicorn-50742.exe (PID: 6132)
- Unicorn-51297.exe (PID: 1244)
- Unicorn-30130.exe (PID: 7212)
- Unicorn-50642.exe (PID: 7248)
- Unicorn-47042.exe (PID: 2320)
- Unicorn-49180.exe (PID: 5112)
- Unicorn-52720.exe (PID: 3240)
- Unicorn-41784.exe (PID: 5720)
- Unicorn-43512.exe (PID: 5428)
- Unicorn-24219.exe (PID: 7564)
- Unicorn-20208.exe (PID: 7680)
- Unicorn-16124.exe (PID: 7696)
- Unicorn-55573.exe (PID: 7476)
- Unicorn-40628.exe (PID: 7464)
- Unicorn-11224.exe (PID: 7644)
- Unicorn-18838.exe (PID: 7528)
- Unicorn-53648.exe (PID: 7652)
- Unicorn-49564.exe (PID: 7848)
- Unicorn-54203.exe (PID: 7864)
- Unicorn-53548.exe (PID: 7800)
- Unicorn-65138.exe (PID: 616)
- Unicorn-8531.exe (PID: 6708)
- Unicorn-38296.exe (PID: 4892)
- Unicorn-59413.exe (PID: 7832)
- Unicorn-39812.exe (PID: 7812)
- Unicorn-50119.exe (PID: 6652)
- Unicorn-50119.exe (PID: 3268)
- Unicorn-29043.exe (PID: 7872)
- Unicorn-4447.exe (PID: 664)
- Unicorn-42142.exe (PID: 7940)
- Unicorn-25060.exe (PID: 5984)
- Unicorn-50825.exe (PID: 7976)
- Unicorn-5608.exe (PID: 1328)
- Unicorn-20976.exe (PID: 8040)
- Unicorn-63954.exe (PID: 6676)
- Unicorn-64758.exe (PID: 1096)
- Unicorn-1110.exe (PID: 8036)
- Unicorn-63139.exe (PID: 1240)
- Unicorn-53648.exe (PID: 7632)
- Unicorn-15329.exe (PID: 208)
- Unicorn-48094.exe (PID: 7720)
- Unicorn-27582.exe (PID: 7436)
- Unicorn-22106.exe (PID: 7288)
- Unicorn-51271.exe (PID: 4180)
- Unicorn-54224.exe (PID: 6800)
- Unicorn-10483.exe (PID: 7732)
- Unicorn-56746.exe (PID: 7012)
- Unicorn-51271.exe (PID: 7968)
- Unicorn-56362.exe (PID: 1568)
- Unicorn-32626.exe (PID: 8216)
- Unicorn-30658.exe (PID: 8196)
- Unicorn-42640.exe (PID: 8292)
- Unicorn-29096.exe (PID: 8236)
- Unicorn-50908.exe (PID: 8296)
- Unicorn-28350.exe (PID: 8276)
- Unicorn-3845.exe (PID: 8256)
- Unicorn-30413.exe (PID: 7524)
- Unicorn-5791.exe (PID: 8332)
- Unicorn-23222.exe (PID: 8460)
- Unicorn-51463.exe (PID: 8324)
- Unicorn-7472.exe (PID: 8376)
- Unicorn-23222.exe (PID: 8452)
- Unicorn-46724.exe (PID: 8356)
- Unicorn-30836.exe (PID: 8424)
- Unicorn-55340.exe (PID: 8528)
- Unicorn-43664.exe (PID: 8612)
- Unicorn-10778.exe (PID: 8576)
- Unicorn-49564.exe (PID: 7496)
- Unicorn-4748.exe (PID: 8512)
- Unicorn-33062.exe (PID: 5800)
- Unicorn-43564.exe (PID: 8688)
- Unicorn-1240.exe (PID: 8584)
- Unicorn-37442.exe (PID: 8644)
- Unicorn-37442.exe (PID: 8636)
- Unicorn-18968.exe (PID: 8680)
- Unicorn-14883.exe (PID: 8696)
- Unicorn-63892.exe (PID: 8840)
- Unicorn-25190.exe (PID: 8672)
- Unicorn-54582.exe (PID: 8740)
- Unicorn-54847.exe (PID: 8748)
- Unicorn-60000.exe (PID: 8664)
- Unicorn-261.exe (PID: 8832)
- Unicorn-2631.exe (PID: 8652)
- Unicorn-55402.exe (PID: 8776)
- Unicorn-16830.exe (PID: 8856)
- Unicorn-3600.exe (PID: 8824)
- Unicorn-15267.exe (PID: 9000)
- Unicorn-35916.exe (PID: 8920)
- Unicorn-3600.exe (PID: 8784)
- Unicorn-61846.exe (PID: 8952)
- Unicorn-10114.exe (PID: 9044)
- Unicorn-61816.exe (PID: 9080)
- Unicorn-56279.exe (PID: 8872)
- Unicorn-29381.exe (PID: 8732)
- Unicorn-4769.exe (PID: 9112)
- Unicorn-4769.exe (PID: 9120)
- Unicorn-21874.exe (PID: 9168)
- Unicorn-56200.exe (PID: 9028)
- Unicorn-40649.exe (PID: 9156)
- Unicorn-17790.exe (PID: 9192)
- Unicorn-17027.exe (PID: 5164)
- Unicorn-65407.exe (PID: 9220)
- Unicorn-13440.exe (PID: 6324)
- Unicorn-6092.exe (PID: 6620)
- Unicorn-62138.exe (PID: 9200)
- Unicorn-40248.exe (PID: 9240)
- Unicorn-51017.exe (PID: 9272)
- Unicorn-18344.exe (PID: 4448)
- Unicorn-9429.exe (PID: 9308)
- Unicorn-15459.exe (PID: 9340)
- Unicorn-11375.exe (PID: 9356)
- Unicorn-60476.exe (PID: 9380)
- Unicorn-18174.exe (PID: 9404)
- Unicorn-40732.exe (PID: 9436)
- Unicorn-61152.exe (PID: 9460)
- Unicorn-61152.exe (PID: 9468)
- Unicorn-18073.exe (PID: 9512)
- Unicorn-39148.exe (PID: 9500)
- Unicorn-60960.exe (PID: 9572)
- Unicorn-41094.exe (PID: 9564)
- Unicorn-19112.exe (PID: 9648)
- Unicorn-60695.exe (PID: 9556)
- Unicorn-16420.exe (PID: 9744)
- Unicorn-56491.exe (PID: 9736)
- Unicorn-10289.exe (PID: 9728)
- Unicorn-57452.exe (PID: 9688)
- Unicorn-30517.exe (PID: 9792)
- Unicorn-57815.exe (PID: 9780)
- Unicorn-27110.exe (PID: 9816)
- Unicorn-39262.exe (PID: 9836)
- Unicorn-21442.exe (PID: 9852)
- Unicorn-11292.exe (PID: 8500)
- Unicorn-6331.exe (PID: 8416)
Executable content was dropped or overwritten
- 1 (354).exe (PID: 5936)
- Unicorn-19458.exe (PID: 7216)
- Unicorn-4657.exe (PID: 7884)
- Unicorn-11434.exe (PID: 7904)
- Unicorn-13977.exe (PID: 8048)
- Unicorn-55565.exe (PID: 8068)
- Unicorn-65124.exe (PID: 8084)
- Unicorn-58994.exe (PID: 8092)
- Unicorn-2745.exe (PID: 8132)
- Unicorn-19850.exe (PID: 8168)
- Unicorn-9635.exe (PID: 8188)
- Unicorn-8152.exe (PID: 8152)
- Unicorn-5194.exe (PID: 5868)
- Unicorn-51131.exe (PID: 4652)
- Unicorn-9543.exe (PID: 4436)
- Unicorn-40270.exe (PID: 5972)
- Unicorn-47644.exe (PID: 1056)
- Unicorn-21556.exe (PID: 2108)
- Unicorn-33153.exe (PID: 2236)
- Unicorn-16726.exe (PID: 6192)
- Unicorn-27586.exe (PID: 6560)
- Unicorn-60773.exe (PID: 5508)
- Unicorn-47452.exe (PID: 5640)
- Unicorn-2335.exe (PID: 672)
- Unicorn-33062.exe (PID: 5800)
- Unicorn-54551.exe (PID: 5512)
- Unicorn-41784.exe (PID: 5720)
- Unicorn-61650.exe (PID: 2960)
- Unicorn-50742.exe (PID: 6132)
- Unicorn-51297.exe (PID: 1244)
- Unicorn-30130.exe (PID: 7212)
- Unicorn-50642.exe (PID: 7248)
- Unicorn-49180.exe (PID: 5112)
- Unicorn-47042.exe (PID: 2320)
- Unicorn-24219.exe (PID: 7564)
- Unicorn-43512.exe (PID: 5428)
- Unicorn-20208.exe (PID: 7680)
- Unicorn-16124.exe (PID: 7696)
- Unicorn-55573.exe (PID: 7476)
- Unicorn-40628.exe (PID: 7464)
- Unicorn-11224.exe (PID: 7644)
- Unicorn-53648.exe (PID: 7632)
- Unicorn-18838.exe (PID: 7528)
- Unicorn-30413.exe (PID: 7524)
- Unicorn-49564.exe (PID: 7848)
- Unicorn-53648.exe (PID: 7652)
- Unicorn-13196.exe (PID: 6372)
- Unicorn-54203.exe (PID: 7864)
- Unicorn-53548.exe (PID: 7800)
- Unicorn-8531.exe (PID: 6708)
- Unicorn-50119.exe (PID: 6652)
- Unicorn-59413.exe (PID: 7832)
- Unicorn-39812.exe (PID: 7812)
- Unicorn-50119.exe (PID: 3268)
- Unicorn-38296.exe (PID: 4892)
- Unicorn-4447.exe (PID: 664)
- Unicorn-20709.exe (PID: 5256)
- Unicorn-29043.exe (PID: 7872)
- Unicorn-42142.exe (PID: 7940)
- Unicorn-5608.exe (PID: 1328)
- Unicorn-64758.exe (PID: 1096)
- Unicorn-1110.exe (PID: 8036)
- Unicorn-50825.exe (PID: 7976)
- Unicorn-20976.exe (PID: 8040)
- Unicorn-63954.exe (PID: 6676)
- Unicorn-56362.exe (PID: 1568)
- Unicorn-15329.exe (PID: 208)
- Unicorn-48094.exe (PID: 7720)
- Unicorn-27582.exe (PID: 7436)
- Unicorn-54224.exe (PID: 6800)
- Unicorn-22106.exe (PID: 7288)
- Unicorn-51271.exe (PID: 4180)
- Unicorn-51271.exe (PID: 7968)
- Unicorn-56746.exe (PID: 7012)
- Unicorn-52720.exe (PID: 3240)
- Unicorn-30658.exe (PID: 8196)
- Unicorn-32626.exe (PID: 8216)
- Unicorn-42640.exe (PID: 8292)
- Unicorn-29096.exe (PID: 8236)
- Unicorn-28350.exe (PID: 8276)
- Unicorn-3845.exe (PID: 8256)
- Unicorn-50908.exe (PID: 8296)
- Unicorn-51463.exe (PID: 8324)
- Unicorn-5791.exe (PID: 8332)
- Unicorn-23222.exe (PID: 8460)
- Unicorn-46724.exe (PID: 8356)
- Unicorn-7472.exe (PID: 8376)
- Unicorn-23222.exe (PID: 8452)
- Unicorn-30836.exe (PID: 8424)
- Unicorn-40965.exe (PID: 5552)
- Unicorn-55340.exe (PID: 8528)
- Unicorn-6331.exe (PID: 8416)
- Unicorn-43664.exe (PID: 8612)
- Unicorn-49564.exe (PID: 7496)
- Unicorn-11292.exe (PID: 8500)
- Unicorn-4748.exe (PID: 8512)
- Unicorn-1240.exe (PID: 8584)
- Unicorn-43564.exe (PID: 8688)
- Unicorn-65138.exe (PID: 616)
- Unicorn-37442.exe (PID: 8644)
- Unicorn-18968.exe (PID: 8680)
- Unicorn-14883.exe (PID: 8696)
- Unicorn-261.exe (PID: 8832)
- Unicorn-63892.exe (PID: 8840)
- Unicorn-25190.exe (PID: 8672)
- Unicorn-2631.exe (PID: 8652)
- Unicorn-54847.exe (PID: 8748)
- Unicorn-54582.exe (PID: 8740)
- Unicorn-16830.exe (PID: 8856)
- Unicorn-3600.exe (PID: 8824)
- Unicorn-34541.exe (PID: 8816)
- Unicorn-55402.exe (PID: 8776)
- Unicorn-3600.exe (PID: 8784)
- Unicorn-61846.exe (PID: 8952)
- Unicorn-15267.exe (PID: 9000)
- Unicorn-10114.exe (PID: 9044)
- Unicorn-56279.exe (PID: 8872)
- Unicorn-61816.exe (PID: 9080)
- Unicorn-4769.exe (PID: 9112)
- Unicorn-4769.exe (PID: 9120)
- Unicorn-25060.exe (PID: 5984)
- Unicorn-21874.exe (PID: 9168)
- Unicorn-56200.exe (PID: 9028)
- Unicorn-40649.exe (PID: 9156)
- Unicorn-13440.exe (PID: 6324)
- Unicorn-17790.exe (PID: 9192)
- Unicorn-63139.exe (PID: 1240)
- Unicorn-65407.exe (PID: 9220)
- Unicorn-51017.exe (PID: 9272)
- Unicorn-40248.exe (PID: 9240)
- Unicorn-18344.exe (PID: 4448)
- Unicorn-6092.exe (PID: 6620)
- Unicorn-9429.exe (PID: 9308)
- Unicorn-15459.exe (PID: 9340)
- Unicorn-11375.exe (PID: 9356)
- Unicorn-60476.exe (PID: 9380)
- Unicorn-16014.exe (PID: 9372)
- Unicorn-18174.exe (PID: 9404)
- Unicorn-40732.exe (PID: 9436)
- Unicorn-61152.exe (PID: 9468)
- Unicorn-61152.exe (PID: 9460)
- Unicorn-39148.exe (PID: 9500)
- Unicorn-18073.exe (PID: 9512)
- Unicorn-60960.exe (PID: 9572)
- Unicorn-60695.exe (PID: 9556)
- Unicorn-41094.exe (PID: 9564)
- Unicorn-19112.exe (PID: 9648)
- Unicorn-57452.exe (PID: 9688)
- Unicorn-56491.exe (PID: 9736)
- Unicorn-10289.exe (PID: 9728)
- Unicorn-16420.exe (PID: 9744)
- Unicorn-30517.exe (PID: 9792)
- Unicorn-57815.exe (PID: 9780)
- Unicorn-39262.exe (PID: 9836)
- Unicorn-21442.exe (PID: 9852)
- Unicorn-27110.exe (PID: 9816)
- Unicorn-10778.exe (PID: 8576)
- Unicorn-33451.exe (PID: 10036)
- Unicorn-37442.exe (PID: 8636)
- Unicorn-23218.exe (PID: 9920)
- Unicorn-58583.exe (PID: 9976)
- Unicorn-35916.exe (PID: 8920)
- Unicorn-62112.exe (PID: 9952)
- Unicorn-17027.exe (PID: 5164)
- Unicorn-22816.exe (PID: 9992)
- Unicorn-33908.exe (PID: 10016)
- Unicorn-6258.exe (PID: 10096)
- Unicorn-11925.exe (PID: 10076)
- Unicorn-29632.exe (PID: 10044)
- Unicorn-20456.exe (PID: 10140)
- Unicorn-63949.exe (PID: 10120)
- Unicorn-5895.exe (PID: 7156)
- Unicorn-59180.exe (PID: 9336)
- Unicorn-60000.exe (PID: 8664)
- Unicorn-24946.exe (PID: 7316)
- Unicorn-35152.exe (PID: 6988)
- Unicorn-44604.exe (PID: 10268)
- Unicorn-34959.exe (PID: 10360)
- Unicorn-12501.exe (PID: 10328)
- Unicorn-8417.exe (PID: 10304)
- Unicorn-40274.exe (PID: 10436)
- Unicorn-55791.exe (PID: 10416)
- Unicorn-12977.exe (PID: 10460)
- Unicorn-53726.exe (PID: 10540)
- Unicorn-52356.exe (PID: 10620)
- Unicorn-53726.exe (PID: 10532)
- Unicorn-52574.exe (PID: 10176)
- Unicorn-57981.exe (PID: 10208)
- Unicorn-29200.exe (PID: 10236)
- Unicorn-32922.exe (PID: 10380)
- Unicorn-35444.exe (PID: 10484)
- Unicorn-5848.exe (PID: 10592)
- Unicorn-33781.exe (PID: 10708)
- Unicorn-21992.exe (PID: 10756)
- Unicorn-20046.exe (PID: 10700)
- Unicorn-38328.exe (PID: 10780)
- Unicorn-54686.exe (PID: 10900)
- Unicorn-44572.exe (PID: 10844)
- Unicorn-15334.exe (PID: 11104)
- Unicorn-13745.exe (PID: 10908)
- Unicorn-62138.exe (PID: 9200)
- Unicorn-7523.exe (PID: 10980)
- Unicorn-52548.exe (PID: 10960)
- Unicorn-10124.exe (PID: 11008)
- Unicorn-38712.exe (PID: 11040)
- Unicorn-10124.exe (PID: 11012)
- Unicorn-30544.exe (PID: 11076)
- Unicorn-10483.exe (PID: 7732)
- Unicorn-7239.exe (PID: 10648)
- Unicorn-16154.exe (PID: 11148)
- Unicorn-62430.exe (PID: 11132)
- Unicorn-34650.exe (PID: 11240)
- Unicorn-14208.exe (PID: 11000)
- Unicorn-61271.exe (PID: 11088)
- Unicorn-50965.exe (PID: 11140)
INFO
Checks supported languages
- 1 (354).exe (PID: 5936)
- Unicorn-19458.exe (PID: 7216)
- Unicorn-11434.exe (PID: 7904)
- Unicorn-55565.exe (PID: 8068)
- Unicorn-13977.exe (PID: 8048)
- Unicorn-4657.exe (PID: 7884)
- Unicorn-58994.exe (PID: 8092)
- Unicorn-65124.exe (PID: 8084)
- Unicorn-2745.exe (PID: 8132)
- Unicorn-8152.exe (PID: 8152)
- Unicorn-19850.exe (PID: 8168)
- Unicorn-9635.exe (PID: 8188)
- Unicorn-5194.exe (PID: 5868)
- Unicorn-9543.exe (PID: 4436)
- Unicorn-40270.exe (PID: 5972)
- Unicorn-51131.exe (PID: 4652)
- Unicorn-60773.exe (PID: 5508)
- Unicorn-16726.exe (PID: 6192)
- Unicorn-27586.exe (PID: 6560)
- Unicorn-47452.exe (PID: 5640)
- Unicorn-47644.exe (PID: 1056)
- Unicorn-21556.exe (PID: 2108)
- Unicorn-33153.exe (PID: 2236)
- Unicorn-54551.exe (PID: 5512)
- Unicorn-40965.exe (PID: 5552)
- Unicorn-2335.exe (PID: 672)
- Unicorn-33062.exe (PID: 5800)
- Unicorn-13196.exe (PID: 6372)
- Unicorn-20709.exe (PID: 5256)
- Unicorn-52720.exe (PID: 3240)
- Unicorn-61650.exe (PID: 2960)
- Unicorn-41784.exe (PID: 5720)
- Unicorn-50642.exe (PID: 7248)
- Unicorn-50742.exe (PID: 6132)
- Unicorn-51297.exe (PID: 1244)
- Unicorn-30130.exe (PID: 7212)
- Unicorn-49180.exe (PID: 5112)
- Unicorn-47042.exe (PID: 2320)
- Unicorn-43512.exe (PID: 5428)
- Unicorn-24219.exe (PID: 7564)
- Unicorn-16124.exe (PID: 7696)
- Unicorn-40628.exe (PID: 7464)
- Unicorn-30413.exe (PID: 7524)
- Unicorn-11224.exe (PID: 7644)
- Unicorn-53648.exe (PID: 7652)
- Unicorn-20208.exe (PID: 7680)
- Unicorn-55573.exe (PID: 7476)
- Unicorn-65138.exe (PID: 616)
- Unicorn-18838.exe (PID: 7528)
- Unicorn-49564.exe (PID: 7496)
- Unicorn-53648.exe (PID: 7632)
- Unicorn-49564.exe (PID: 7848)
- Unicorn-50119.exe (PID: 3268)
- Unicorn-54203.exe (PID: 7864)
- Unicorn-50119.exe (PID: 6652)
- Unicorn-8531.exe (PID: 6708)
- Unicorn-38296.exe (PID: 4892)
- Unicorn-53548.exe (PID: 7800)
- Unicorn-4447.exe (PID: 664)
- Unicorn-39812.exe (PID: 7812)
- Unicorn-50825.exe (PID: 7976)
- Unicorn-59413.exe (PID: 7832)
- Unicorn-42142.exe (PID: 7940)
- Unicorn-63954.exe (PID: 6676)
- Unicorn-29043.exe (PID: 7872)
- Unicorn-5608.exe (PID: 1328)
- Unicorn-1110.exe (PID: 8036)
- Unicorn-20976.exe (PID: 8040)
- Unicorn-64758.exe (PID: 1096)
- Unicorn-56362.exe (PID: 1568)
- Unicorn-63139.exe (PID: 1240)
- Unicorn-15329.exe (PID: 208)
- Unicorn-22106.exe (PID: 7288)
- Unicorn-25060.exe (PID: 5984)
- Unicorn-27582.exe (PID: 7436)
- Unicorn-54224.exe (PID: 6800)
- Unicorn-48094.exe (PID: 7720)
- Unicorn-10483.exe (PID: 7732)
- Unicorn-51271.exe (PID: 4180)
- Unicorn-56746.exe (PID: 7012)
- Unicorn-30658.exe (PID: 8196)
- Unicorn-51271.exe (PID: 7968)
- Unicorn-3845.exe (PID: 8256)
- Unicorn-28350.exe (PID: 8276)
- Unicorn-50908.exe (PID: 8296)
- Unicorn-42640.exe (PID: 8292)
- Unicorn-29096.exe (PID: 8236)
- Unicorn-32626.exe (PID: 8216)
- Unicorn-51463.exe (PID: 8324)
- Unicorn-46724.exe (PID: 8356)
- Unicorn-7472.exe (PID: 8376)
- Unicorn-30836.exe (PID: 8424)
- Unicorn-5791.exe (PID: 8332)
- Unicorn-11292.exe (PID: 8500)
- Unicorn-4748.exe (PID: 8512)
- Unicorn-55340.exe (PID: 8528)
- Unicorn-6331.exe (PID: 8416)
- Unicorn-23222.exe (PID: 8452)
- Unicorn-23222.exe (PID: 8460)
- Unicorn-43664.exe (PID: 8612)
- Unicorn-1240.exe (PID: 8584)
- Unicorn-10778.exe (PID: 8576)
- Unicorn-2631.exe (PID: 8652)
- Unicorn-37442.exe (PID: 8644)
- Unicorn-25190.exe (PID: 8672)
- Unicorn-37442.exe (PID: 8636)
- Unicorn-18968.exe (PID: 8680)
- Unicorn-14883.exe (PID: 8696)
- Unicorn-60000.exe (PID: 8664)
- Unicorn-29381.exe (PID: 8732)
- Unicorn-3600.exe (PID: 8784)
- Unicorn-43564.exe (PID: 8688)
- Unicorn-16830.exe (PID: 8856)
- Unicorn-56279.exe (PID: 8872)
- Unicorn-63892.exe (PID: 8840)
- Unicorn-35916.exe (PID: 8920)
- Unicorn-61846.exe (PID: 8952)
- Unicorn-55402.exe (PID: 8776)
- Unicorn-54582.exe (PID: 8740)
- Unicorn-3600.exe (PID: 8824)
- Unicorn-54847.exe (PID: 8748)
- Unicorn-261.exe (PID: 8832)
- Unicorn-34541.exe (PID: 8816)
- Unicorn-10114.exe (PID: 9044)
- Unicorn-4769.exe (PID: 9120)
- Unicorn-15267.exe (PID: 9000)
- Unicorn-56200.exe (PID: 9028)
- Unicorn-61816.exe (PID: 9080)
- Unicorn-40649.exe (PID: 9156)
- Unicorn-21874.exe (PID: 9168)
- Unicorn-62138.exe (PID: 9200)
- Unicorn-13440.exe (PID: 6324)
- Unicorn-4769.exe (PID: 9112)
- Unicorn-17790.exe (PID: 9192)
- Unicorn-51017.exe (PID: 9272)
- Unicorn-9429.exe (PID: 9308)
- Unicorn-15459.exe (PID: 9340)
- Unicorn-18344.exe (PID: 4448)
- Unicorn-17027.exe (PID: 5164)
- Unicorn-6092.exe (PID: 6620)
- Unicorn-65407.exe (PID: 9220)
- Unicorn-40248.exe (PID: 9240)
- Unicorn-60476.exe (PID: 9380)
- Unicorn-18174.exe (PID: 9404)
- Unicorn-40732.exe (PID: 9436)
- Unicorn-11375.exe (PID: 9356)
- Unicorn-16014.exe (PID: 9372)
- Unicorn-18073.exe (PID: 9512)
- Unicorn-41094.exe (PID: 9564)
- Unicorn-60960.exe (PID: 9572)
- Unicorn-60695.exe (PID: 9556)
- Unicorn-19112.exe (PID: 9648)
- Unicorn-61152.exe (PID: 9468)
- Unicorn-61152.exe (PID: 9460)
- Unicorn-39148.exe (PID: 9500)
- Unicorn-10289.exe (PID: 9728)
- Unicorn-16420.exe (PID: 9744)
- Unicorn-56491.exe (PID: 9736)
- Unicorn-57815.exe (PID: 9780)
- Unicorn-57452.exe (PID: 9688)
- Unicorn-30517.exe (PID: 9792)
- Unicorn-39262.exe (PID: 9836)
- Unicorn-21442.exe (PID: 9852)
- Unicorn-23218.exe (PID: 9920)
- Unicorn-27110.exe (PID: 9816)
- Unicorn-33908.exe (PID: 10016)
- Unicorn-62112.exe (PID: 9952)
- Unicorn-58583.exe (PID: 9976)
- Unicorn-22816.exe (PID: 9992)
- Unicorn-29632.exe (PID: 10044)
- Unicorn-6258.exe (PID: 10096)
- Unicorn-11925.exe (PID: 10076)
- Unicorn-33451.exe (PID: 10036)
- Unicorn-52574.exe (PID: 10176)
- Unicorn-57981.exe (PID: 10208)
- Unicorn-63949.exe (PID: 10120)
- Unicorn-20456.exe (PID: 10140)
- Unicorn-29200.exe (PID: 10236)
- Unicorn-35152.exe (PID: 6988)
- Unicorn-44604.exe (PID: 10268)
- Unicorn-59180.exe (PID: 9336)
- Unicorn-5895.exe (PID: 7156)
- Unicorn-24946.exe (PID: 7316)
- Unicorn-12501.exe (PID: 10328)
- Unicorn-8417.exe (PID: 10304)
- Unicorn-12977.exe (PID: 10460)
- Unicorn-34959.exe (PID: 10360)
- Unicorn-32922.exe (PID: 10380)
- Unicorn-55791.exe (PID: 10416)
- Unicorn-40274.exe (PID: 10436)
- Unicorn-53726.exe (PID: 10540)
- Unicorn-53726.exe (PID: 10532)
- Unicorn-35444.exe (PID: 10484)
- Unicorn-5848.exe (PID: 10592)
- Unicorn-52356.exe (PID: 10620)
- Unicorn-7239.exe (PID: 10648)
- Unicorn-21992.exe (PID: 10756)
- Unicorn-38328.exe (PID: 10780)
- Unicorn-33781.exe (PID: 10708)
- Unicorn-20046.exe (PID: 10700)
- Unicorn-54686.exe (PID: 10900)
- Unicorn-13745.exe (PID: 10908)
- Unicorn-52548.exe (PID: 10960)
- Unicorn-44572.exe (PID: 10844)
- Unicorn-10124.exe (PID: 11008)
- Unicorn-10124.exe (PID: 11012)
- Unicorn-14208.exe (PID: 11000)
- Unicorn-38712.exe (PID: 11040)
- Unicorn-15334.exe (PID: 11104)
- Unicorn-30544.exe (PID: 11076)
- Unicorn-50965.exe (PID: 11140)
- Unicorn-16154.exe (PID: 11148)
- Unicorn-62430.exe (PID: 11132)
- Unicorn-18048.exe (PID: 11184)
- Unicorn-7523.exe (PID: 10980)
- Unicorn-61271.exe (PID: 11088)
- Unicorn-34650.exe (PID: 11232)
- Unicorn-34650.exe (PID: 11240)
- Unicorn-25719.exe (PID: 11224)
- Unicorn-30301.exe (PID: 6436)
- Unicorn-31361.exe (PID: 3024)
- Unicorn-44956.exe (PID: 11204)
- Unicorn-61292.exe (PID: 6208)
- Unicorn-55162.exe (PID: 2288)
- Unicorn-41426.exe (PID: 872)
- Unicorn-55070.exe (PID: 11276)
- Unicorn-52163.exe (PID: 11332)
- Unicorn-41426.exe (PID: 10744)
- Unicorn-5961.exe (PID: 11340)
- Unicorn-44764.exe (PID: 11428)
- Unicorn-54308.exe (PID: 11364)
- Unicorn-28428.exe (PID: 11388)
- Unicorn-63238.exe (PID: 11372)
- Unicorn-28428.exe (PID: 11380)
- Unicorn-17053.exe (PID: 11456)
- Unicorn-64919.exe (PID: 11464)
- Unicorn-42626.exe (PID: 11436)
- Unicorn-61100.exe (PID: 11480)
- Unicorn-9761.exe (PID: 11512)
- Unicorn-36404.exe (PID: 11580)
- Unicorn-20622.exe (PID: 11524)
- Unicorn-5677.exe (PID: 11544)
- Unicorn-10228.exe (PID: 11616)
- Unicorn-28236.exe (PID: 11588)
- Unicorn-40488.exe (PID: 11532)
- Unicorn-2325.exe (PID: 11656)
- Unicorn-2325.exe (PID: 11648)
- Unicorn-18662.exe (PID: 11700)
- Unicorn-49388.exe (PID: 11708)
- Unicorn-21354.exe (PID: 11624)
- Unicorn-2325.exe (PID: 11640)
- Unicorn-43166.exe (PID: 11740)
- Unicorn-4271.exe (PID: 11764)
- Unicorn-55973.exe (PID: 11824)
- Unicorn-54441.exe (PID: 11716)
- Unicorn-17078.exe (PID: 11864)
- Unicorn-17078.exe (PID: 11856)
- Unicorn-12994.exe (PID: 11880)
- Unicorn-21791.exe (PID: 11908)
- Unicorn-10301.exe (PID: 11832)
- Unicorn-12994.exe (PID: 11892)
- Unicorn-16423.exe (PID: 11916)
- Unicorn-49196.exe (PID: 11960)
- Unicorn-32759.exe (PID: 11992)
- Unicorn-20608.exe (PID: 11788)
- Unicorn-35552.exe (PID: 11780)
- Unicorn-45112.exe (PID: 11816)
- Unicorn-13424.exe (PID: 11984)
- Unicorn-28319.exe (PID: 12012)
- Unicorn-27606.exe (PID: 12064)
- Unicorn-33436.exe (PID: 12100)
- Unicorn-38074.exe (PID: 12112)
- Unicorn-22453.exe (PID: 12024)
- Unicorn-28584.exe (PID: 12032)
- Unicorn-33436.exe (PID: 12092)
- Unicorn-23130.exe (PID: 12132)
- Unicorn-19046.exe (PID: 12160)
- Unicorn-43550.exe (PID: 12172)
- Unicorn-60955.exe (PID: 12200)
- Unicorn-9294.exe (PID: 12244)
- Unicorn-14861.exe (PID: 12284)
- Unicorn-20726.exe (PID: 12276)
- Unicorn-41723.exe (PID: 12436)
- Unicorn-33798.exe (PID: 12364)
- Unicorn-11240.exe (PID: 12312)
- Unicorn-19408.exe (PID: 12388)
- Unicorn-19408.exe (PID: 12384)
- Unicorn-35858.exe (PID: 12428)
- Unicorn-37904.exe (PID: 12444)
- Unicorn-4655.exe (PID: 12212)
- Unicorn-19046.exe (PID: 12156)
- Unicorn-9294.exe (PID: 12248)
- Unicorn-9123.exe (PID: 12484)
- Unicorn-37804.exe (PID: 12476)
- Unicorn-19984.exe (PID: 12516)
- Unicorn-30919.exe (PID: 12508)
- Unicorn-955.exe (PID: 12532)
- Unicorn-56186.exe (PID: 12564)
- Unicorn-47918.exe (PID: 12604)
- Unicorn-50519.exe (PID: 12620)
- Unicorn-51678.exe (PID: 12644)
- Unicorn-59813.exe (PID: 12652)
- Unicorn-34204.exe (PID: 12700)
- Unicorn-21494.exe (PID: 12736)
- Unicorn-54524.exe (PID: 12720)
- Unicorn-21760.exe (PID: 12744)
- Unicorn-41796.exe (PID: 12584)
- Unicorn-40212.exe (PID: 12636)
- Unicorn-16092.exe (PID: 12788)
- Unicorn-28366.exe (PID: 12836)
- Unicorn-28101.exe (PID: 12828)
- Unicorn-48878.exe (PID: 12860)
- Unicorn-40042.exe (PID: 12780)
- Unicorn-1531.exe (PID: 12968)
- Unicorn-9699.exe (PID: 12952)
- Unicorn-51208.exe (PID: 13048)
- Unicorn-38864.exe (PID: 13072)
- Unicorn-63103.exe (PID: 13100)
- Unicorn-49917.exe (PID: 12992)
- Unicorn-55947.exe (PID: 13028)
- Unicorn-4629.exe (PID: 13284)
- Unicorn-31080.exe (PID: 5988)
- Unicorn-7759.exe (PID: 7620)
- Unicorn-62361.exe (PID: 7608)
- Unicorn-43887.exe (PID: 7596)
- Unicorn-61230.exe (PID: 13180)
- Unicorn-27742.exe (PID: 13228)
- Unicorn-33693.exe (PID: 6252)
- Unicorn-13181.exe (PID: 6136)
- Unicorn-19303.exe (PID: 12824)
- Unicorn-44463.exe (PID: 6644)
- Unicorn-56160.exe (PID: 6960)
- Unicorn-60244.exe (PID: 4040)
- Unicorn-49838.exe (PID: 13352)
- Unicorn-55868.exe (PID: 13400)
- Unicorn-5397.exe (PID: 13424)
- Unicorn-32594.exe (PID: 13440)
- Unicorn-53015.exe (PID: 13480)
- Unicorn-56087.exe (PID: 13592)
- Unicorn-40016.exe (PID: 13576)
- Unicorn-23595.exe (PID: 13668)
- Unicorn-38432.exe (PID: 13696)
- Unicorn-31464.exe (PID: 2560)
- Unicorn-42324.exe (PID: 3364)
- Unicorn-6336.exe (PID: 13772)
- Unicorn-50441.exe (PID: 13812)
- Unicorn-22672.exe (PID: 13840)
- Unicorn-48568.exe (PID: 13884)
- Unicorn-12995.exe (PID: 13920)
- Unicorn-25909.exe (PID: 13968)
- Unicorn-19404.exe (PID: 13728)
- Unicorn-39392.exe (PID: 14100)
- Unicorn-59158.exe (PID: 14200)
- Unicorn-45423.exe (PID: 14208)
- Unicorn-33170.exe (PID: 14244)
- Unicorn-12671.exe (PID: 14304)
- Unicorn-41260.exe (PID: 13532)
- Unicorn-49445.exe (PID: 13952)
- Unicorn-18152.exe (PID: 14000)
- Unicorn-33362.exe (PID: 14052)
- Unicorn-18536.exe (PID: 14296)
- Unicorn-2365.exe (PID: 4572)
- Unicorn-37696.exe (PID: 14424)
- Unicorn-33554.exe (PID: 14384)
- Unicorn-39584.exe (PID: 14416)
Reads the computer name
- 1 (354).exe (PID: 5936)
- Unicorn-11434.exe (PID: 7904)
- Unicorn-4657.exe (PID: 7884)
- Unicorn-19458.exe (PID: 7216)
- Unicorn-58994.exe (PID: 8092)
- Unicorn-55565.exe (PID: 8068)
- Unicorn-65124.exe (PID: 8084)
- Unicorn-2745.exe (PID: 8132)
- Unicorn-13977.exe (PID: 8048)
- Unicorn-8152.exe (PID: 8152)
- Unicorn-19850.exe (PID: 8168)
- Unicorn-51131.exe (PID: 4652)
- Unicorn-9635.exe (PID: 8188)
- Unicorn-9543.exe (PID: 4436)
- Unicorn-40270.exe (PID: 5972)
- Unicorn-5194.exe (PID: 5868)
- Unicorn-21556.exe (PID: 2108)
- Unicorn-47644.exe (PID: 1056)
- Unicorn-60773.exe (PID: 5508)
- Unicorn-16726.exe (PID: 6192)
- Unicorn-27586.exe (PID: 6560)
- Unicorn-47452.exe (PID: 5640)
- Unicorn-33062.exe (PID: 5800)
- Unicorn-33153.exe (PID: 2236)
- Unicorn-52720.exe (PID: 3240)
- Unicorn-13196.exe (PID: 6372)
- Unicorn-2335.exe (PID: 672)
- Unicorn-40965.exe (PID: 5552)
- Unicorn-54551.exe (PID: 5512)
- Unicorn-41784.exe (PID: 5720)
- Unicorn-51297.exe (PID: 1244)
- Unicorn-61650.exe (PID: 2960)
- Unicorn-20709.exe (PID: 5256)
- Unicorn-50742.exe (PID: 6132)
- Unicorn-30130.exe (PID: 7212)
- Unicorn-49180.exe (PID: 5112)
- Unicorn-24219.exe (PID: 7564)
- Unicorn-47042.exe (PID: 2320)
- Unicorn-43512.exe (PID: 5428)
- Unicorn-50642.exe (PID: 7248)
- Unicorn-20208.exe (PID: 7680)
- Unicorn-16124.exe (PID: 7696)
- Unicorn-55573.exe (PID: 7476)
- Unicorn-40628.exe (PID: 7464)
- Unicorn-11224.exe (PID: 7644)
- Unicorn-30413.exe (PID: 7524)
- Unicorn-53648.exe (PID: 7632)
- Unicorn-49564.exe (PID: 7496)
- Unicorn-18838.exe (PID: 7528)
- Unicorn-49564.exe (PID: 7848)
- Unicorn-53648.exe (PID: 7652)
- Unicorn-65138.exe (PID: 616)
- Unicorn-54203.exe (PID: 7864)
- Unicorn-53548.exe (PID: 7800)
- Unicorn-8531.exe (PID: 6708)
- Unicorn-50119.exe (PID: 3268)
- Unicorn-59413.exe (PID: 7832)
- Unicorn-38296.exe (PID: 4892)
- Unicorn-39812.exe (PID: 7812)
- Unicorn-29043.exe (PID: 7872)
- Unicorn-4447.exe (PID: 664)
- Unicorn-50119.exe (PID: 6652)
- Unicorn-50825.exe (PID: 7976)
- Unicorn-42142.exe (PID: 7940)
- Unicorn-25060.exe (PID: 5984)
- Unicorn-5608.exe (PID: 1328)
- Unicorn-63954.exe (PID: 6676)
- Unicorn-64758.exe (PID: 1096)
- Unicorn-1110.exe (PID: 8036)
- Unicorn-20976.exe (PID: 8040)
- Unicorn-56362.exe (PID: 1568)
- Unicorn-22106.exe (PID: 7288)
- Unicorn-15329.exe (PID: 208)
- Unicorn-63139.exe (PID: 1240)
- Unicorn-48094.exe (PID: 7720)
- Unicorn-27582.exe (PID: 7436)
- Unicorn-54224.exe (PID: 6800)
- Unicorn-51271.exe (PID: 4180)
- Unicorn-10483.exe (PID: 7732)
- Unicorn-56746.exe (PID: 7012)
- Unicorn-51271.exe (PID: 7968)
- Unicorn-30658.exe (PID: 8196)
- Unicorn-32626.exe (PID: 8216)
- Unicorn-29096.exe (PID: 8236)
- Unicorn-42640.exe (PID: 8292)
- Unicorn-3845.exe (PID: 8256)
- Unicorn-28350.exe (PID: 8276)
- Unicorn-5791.exe (PID: 8332)
- Unicorn-50908.exe (PID: 8296)
- Unicorn-7472.exe (PID: 8376)
- Unicorn-23222.exe (PID: 8460)
- Unicorn-46724.exe (PID: 8356)
- Unicorn-30836.exe (PID: 8424)
- Unicorn-51463.exe (PID: 8324)
- Unicorn-55340.exe (PID: 8528)
- Unicorn-23222.exe (PID: 8452)
- Unicorn-6331.exe (PID: 8416)
- Unicorn-43664.exe (PID: 8612)
- Unicorn-10778.exe (PID: 8576)
- Unicorn-11292.exe (PID: 8500)
- Unicorn-4748.exe (PID: 8512)
- Unicorn-43564.exe (PID: 8688)
- Unicorn-25190.exe (PID: 8672)
- Unicorn-1240.exe (PID: 8584)
- Unicorn-14883.exe (PID: 8696)
- Unicorn-37442.exe (PID: 8644)
- Unicorn-37442.exe (PID: 8636)
- Unicorn-18968.exe (PID: 8680)
- Unicorn-54847.exe (PID: 8748)
- Unicorn-55402.exe (PID: 8776)
- Unicorn-16830.exe (PID: 8856)
- Unicorn-63892.exe (PID: 8840)
- Unicorn-261.exe (PID: 8832)
- Unicorn-60000.exe (PID: 8664)
- Unicorn-54582.exe (PID: 8740)
- Unicorn-2631.exe (PID: 8652)
- Unicorn-29381.exe (PID: 8732)
- Unicorn-35916.exe (PID: 8920)
- Unicorn-15267.exe (PID: 9000)
- Unicorn-3600.exe (PID: 8784)
- Unicorn-34541.exe (PID: 8816)
- Unicorn-3600.exe (PID: 8824)
- Unicorn-61846.exe (PID: 8952)
- Unicorn-56279.exe (PID: 8872)
- Unicorn-4769.exe (PID: 9112)
- Unicorn-4769.exe (PID: 9120)
- Unicorn-21874.exe (PID: 9168)
- Unicorn-13440.exe (PID: 6324)
- Unicorn-61816.exe (PID: 9080)
- Unicorn-10114.exe (PID: 9044)
- Unicorn-56200.exe (PID: 9028)
- Unicorn-40649.exe (PID: 9156)
- Unicorn-18344.exe (PID: 4448)
- Unicorn-62138.exe (PID: 9200)
- Unicorn-65407.exe (PID: 9220)
- Unicorn-6092.exe (PID: 6620)
- Unicorn-40248.exe (PID: 9240)
- Unicorn-51017.exe (PID: 9272)
- Unicorn-17790.exe (PID: 9192)
- Unicorn-17027.exe (PID: 5164)
- Unicorn-9429.exe (PID: 9308)
- Unicorn-15459.exe (PID: 9340)
- Unicorn-11375.exe (PID: 9356)
- Unicorn-16014.exe (PID: 9372)
- Unicorn-40732.exe (PID: 9436)
- Unicorn-61152.exe (PID: 9460)
- Unicorn-61152.exe (PID: 9468)
- Unicorn-39148.exe (PID: 9500)
- Unicorn-18073.exe (PID: 9512)
- Unicorn-60960.exe (PID: 9572)
- Unicorn-60695.exe (PID: 9556)
- Unicorn-41094.exe (PID: 9564)
- Unicorn-57452.exe (PID: 9688)
- Unicorn-56491.exe (PID: 9736)
- Unicorn-16420.exe (PID: 9744)
- Unicorn-10289.exe (PID: 9728)
- Unicorn-19112.exe (PID: 9648)
- Unicorn-57815.exe (PID: 9780)
- Unicorn-30517.exe (PID: 9792)
- Unicorn-27110.exe (PID: 9816)
- Unicorn-21442.exe (PID: 9852)
- Unicorn-39262.exe (PID: 9836)
- Unicorn-58583.exe (PID: 9976)
- Unicorn-62112.exe (PID: 9952)
- Unicorn-23218.exe (PID: 9920)
The sample compiled with chinese language support
- svchost.exe (PID: 5936)
Create files in a temporary directory
- Unicorn-19458.exe (PID: 7216)
- 1 (354).exe (PID: 5936)
- Unicorn-4657.exe (PID: 7884)
- Unicorn-65124.exe (PID: 8084)
- Unicorn-58994.exe (PID: 8092)
- Unicorn-11434.exe (PID: 7904)
- Unicorn-9543.exe (PID: 4436)
- Unicorn-55565.exe (PID: 8068)
- Unicorn-8152.exe (PID: 8152)
- Unicorn-40270.exe (PID: 5972)
- Unicorn-51131.exe (PID: 4652)
- Unicorn-5194.exe (PID: 5868)
- Unicorn-47644.exe (PID: 1056)
- Unicorn-2745.exe (PID: 8132)
- Unicorn-21556.exe (PID: 2108)
- Unicorn-13977.exe (PID: 8048)
- Unicorn-33153.exe (PID: 2236)
- Unicorn-60773.exe (PID: 5508)
- Unicorn-47452.exe (PID: 5640)
- Unicorn-33062.exe (PID: 5800)
- Unicorn-54551.exe (PID: 5512)
- Unicorn-27586.exe (PID: 6560)
- Unicorn-50742.exe (PID: 6132)
- Unicorn-51297.exe (PID: 1244)
- Unicorn-49180.exe (PID: 5112)
- Unicorn-47042.exe (PID: 2320)
- Unicorn-41784.exe (PID: 5720)
- Unicorn-43512.exe (PID: 5428)
- Unicorn-20208.exe (PID: 7680)
- Unicorn-16124.exe (PID: 7696)
- Unicorn-40628.exe (PID: 7464)
- Unicorn-19850.exe (PID: 8168)
- Unicorn-11224.exe (PID: 7644)
- Unicorn-30413.exe (PID: 7524)
- Unicorn-55573.exe (PID: 7476)
- Unicorn-9635.exe (PID: 8188)
- Unicorn-18838.exe (PID: 7528)
- Unicorn-53648.exe (PID: 7652)
- Unicorn-2335.exe (PID: 672)
- Unicorn-49564.exe (PID: 7848)
- Unicorn-13196.exe (PID: 6372)
- Unicorn-53548.exe (PID: 7800)
- Unicorn-8531.exe (PID: 6708)
- Unicorn-50119.exe (PID: 3268)
- Unicorn-54203.exe (PID: 7864)
- Unicorn-38296.exe (PID: 4892)
- Unicorn-59413.exe (PID: 7832)
- Unicorn-29043.exe (PID: 7872)
- Unicorn-4447.exe (PID: 664)
- Unicorn-61650.exe (PID: 2960)
- Unicorn-20709.exe (PID: 5256)
- Unicorn-64758.exe (PID: 1096)
- Unicorn-63954.exe (PID: 6676)
- Unicorn-50825.exe (PID: 7976)
- Unicorn-5608.exe (PID: 1328)
- Unicorn-20976.exe (PID: 8040)
- Unicorn-30130.exe (PID: 7212)
- Unicorn-1110.exe (PID: 8036)
- Unicorn-15329.exe (PID: 208)
- Unicorn-50642.exe (PID: 7248)
- Unicorn-54224.exe (PID: 6800)
- Unicorn-22106.exe (PID: 7288)
- Unicorn-48094.exe (PID: 7720)
- Unicorn-27582.exe (PID: 7436)
- Unicorn-24219.exe (PID: 7564)
- Unicorn-52720.exe (PID: 3240)
- Unicorn-56746.exe (PID: 7012)
- Unicorn-51271.exe (PID: 7968)
- Unicorn-56362.exe (PID: 1568)
- Unicorn-16726.exe (PID: 6192)
- Unicorn-32626.exe (PID: 8216)
- Unicorn-29096.exe (PID: 8236)
- Unicorn-42640.exe (PID: 8292)
- Unicorn-3845.exe (PID: 8256)
- Unicorn-28350.exe (PID: 8276)
- Unicorn-50908.exe (PID: 8296)
- Unicorn-51463.exe (PID: 8324)
- Unicorn-5791.exe (PID: 8332)
- Unicorn-23222.exe (PID: 8460)
- Unicorn-46724.exe (PID: 8356)
- Unicorn-7472.exe (PID: 8376)
- Unicorn-40965.exe (PID: 5552)
- Unicorn-30836.exe (PID: 8424)
- Unicorn-23222.exe (PID: 8452)
- Unicorn-55340.exe (PID: 8528)
- Unicorn-6331.exe (PID: 8416)
- Unicorn-43664.exe (PID: 8612)
- Unicorn-49564.exe (PID: 7496)
- Unicorn-11292.exe (PID: 8500)
- Unicorn-4748.exe (PID: 8512)
- Unicorn-1240.exe (PID: 8584)
- Unicorn-43564.exe (PID: 8688)
- Unicorn-39812.exe (PID: 7812)
- Unicorn-50119.exe (PID: 6652)
- Unicorn-14883.exe (PID: 8696)
- Unicorn-65138.exe (PID: 616)
- Unicorn-18968.exe (PID: 8680)
- Unicorn-25190.exe (PID: 8672)
- Unicorn-37442.exe (PID: 8644)
- Unicorn-63892.exe (PID: 8840)
- Unicorn-261.exe (PID: 8832)
- Unicorn-54582.exe (PID: 8740)
- Unicorn-2631.exe (PID: 8652)
- Unicorn-54847.exe (PID: 8748)
- Unicorn-16830.exe (PID: 8856)
- Unicorn-42142.exe (PID: 7940)
- Unicorn-34541.exe (PID: 8816)
- Unicorn-3600.exe (PID: 8824)
- Unicorn-55402.exe (PID: 8776)
- Unicorn-3600.exe (PID: 8784)
- Unicorn-61846.exe (PID: 8952)
- Unicorn-15267.exe (PID: 9000)
- Unicorn-10114.exe (PID: 9044)
- Unicorn-61816.exe (PID: 9080)
- Unicorn-56279.exe (PID: 8872)
- Unicorn-4769.exe (PID: 9120)
- Unicorn-25060.exe (PID: 5984)
- Unicorn-21874.exe (PID: 9168)
- Unicorn-56200.exe (PID: 9028)
- Unicorn-4769.exe (PID: 9112)
- Unicorn-40649.exe (PID: 9156)
- Unicorn-53648.exe (PID: 7632)
- Unicorn-17790.exe (PID: 9192)
- Unicorn-63139.exe (PID: 1240)
- Unicorn-65407.exe (PID: 9220)
- Unicorn-13440.exe (PID: 6324)
- Unicorn-6092.exe (PID: 6620)
- Unicorn-40248.exe (PID: 9240)
- Unicorn-51017.exe (PID: 9272)
- Unicorn-18344.exe (PID: 4448)
- Unicorn-9429.exe (PID: 9308)
- Unicorn-51271.exe (PID: 4180)
- Unicorn-15459.exe (PID: 9340)
- Unicorn-11375.exe (PID: 9356)
- Unicorn-60476.exe (PID: 9380)
- Unicorn-16014.exe (PID: 9372)
- Unicorn-18174.exe (PID: 9404)
- Unicorn-40732.exe (PID: 9436)
- Unicorn-61152.exe (PID: 9460)
- Unicorn-30658.exe (PID: 8196)
- Unicorn-61152.exe (PID: 9468)
- Unicorn-39148.exe (PID: 9500)
- Unicorn-18073.exe (PID: 9512)
- Unicorn-60960.exe (PID: 9572)
- Unicorn-60695.exe (PID: 9556)
- Unicorn-19112.exe (PID: 9648)
- Unicorn-57452.exe (PID: 9688)
- Unicorn-41094.exe (PID: 9564)
- Unicorn-10289.exe (PID: 9728)
- Unicorn-16420.exe (PID: 9744)
- Unicorn-56491.exe (PID: 9736)
- Unicorn-57815.exe (PID: 9780)
- Unicorn-30517.exe (PID: 9792)
- Unicorn-39262.exe (PID: 9836)
- Unicorn-21442.exe (PID: 9852)
- Unicorn-27110.exe (PID: 9816)
- Unicorn-10778.exe (PID: 8576)
Find more information about signature artifacts and mapping to MITRE ATT&CK™ MATRIX at the full report
TRiD
| .exe | | | DOS Executable Generic (100) |
|---|
EXIF
EXE
| MachineType: | Intel 386 or later, and compatibles |
|---|---|
| TimeStamp: | 2019:01:19 13:34:56+00:00 |
| ImageFileCharacteristics: | No relocs, Executable, No line numbers, No symbols, 32-bit |
| PEType: | PE32 |
| LinkerVersion: | 6 |
| CodeSize: | 176128 |
| InitializedDataSize: | 299008 |
| UninitializedDataSize: | - |
| EntryPoint: | 0x13d4 |
| OSVersion: | 4 |
| ImageVersion: | 1 |
| SubsystemVersion: | 4 |
| Subsystem: | Windows GUI |
| FileVersionNumber: | 1.0.0.0 |
| ProductVersionNumber: | 1.0.0.0 |
| FileFlagsMask: | 0x003f |
| FileFlags: | (none) |
| FileOS: | Win32 |
| ObjectFileType: | Executable application |
| FileSubtype: | - |
| LanguageCode: | Chinese (Simplified) |
| CharacterSet: | Unicode |
| CompanyName: | UEFI |
| ProductName: | Kawaii-Unicorn |
| FileVersion: | 1 |
| ProductVersion: | 1 |
| InternalName: | Kawaii-Unicorn |
| OriginalFileName: | Kawaii-Unicorn.exe |
Total processes
509
Monitored processes
376
Malicious processes
53
Suspicious processes
51
Behavior graph
Click at the process to see the details
Process information
PID | CMD | Path | Indicators | Parent process | |||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 208 | C:\Users\admin\AppData\Local\Temp\Unicorn-15329.exe | C:\Users\admin\AppData\Local\Temp\Unicorn-15329.exe | Unicorn-47042.exe | ||||||||||||
User: admin Company: UEFI Integrity Level: MEDIUM Version: 1.00 Modules
| |||||||||||||||
| 616 | C:\Users\admin\AppData\Local\Temp\Unicorn-65138.exe | C:\Users\admin\AppData\Local\Temp\Unicorn-65138.exe | Unicorn-19458.exe | ||||||||||||
User: admin Company: UEFI Integrity Level: MEDIUM Version: 1.00 Modules
| |||||||||||||||
| 664 | C:\Users\admin\AppData\Local\Temp\Unicorn-4447.exe | C:\Users\admin\AppData\Local\Temp\Unicorn-4447.exe | Unicorn-61650.exe | ||||||||||||
User: admin Company: UEFI Integrity Level: MEDIUM Version: 1.00 Modules
| |||||||||||||||
| 672 | C:\Users\admin\AppData\Local\Temp\Unicorn-2335.exe | C:\Users\admin\AppData\Local\Temp\Unicorn-2335.exe | Unicorn-40270.exe | ||||||||||||
User: admin Company: UEFI Integrity Level: MEDIUM Version: 1.00 Modules
| |||||||||||||||
| 872 | C:\Users\admin\AppData\Local\Temp\Unicorn-41426.exe | C:\Users\admin\AppData\Local\Temp\Unicorn-41426.exe | — | Unicorn-29043.exe | |||||||||||
User: admin Company: UEFI Integrity Level: MEDIUM Version: 1.00 Modules
| |||||||||||||||
| 1056 | C:\Users\admin\AppData\Local\Temp\Unicorn-47644.exe | C:\Users\admin\AppData\Local\Temp\Unicorn-47644.exe | Unicorn-2745.exe | ||||||||||||
User: admin Company: UEFI Integrity Level: MEDIUM Version: 1.00 Modules
| |||||||||||||||
| 1096 | C:\Users\admin\AppData\Local\Temp\Unicorn-64758.exe | C:\Users\admin\AppData\Local\Temp\Unicorn-64758.exe | Unicorn-13977.exe | ||||||||||||
User: admin Company: UEFI Integrity Level: MEDIUM Version: 1.00 Modules
| |||||||||||||||
| 1240 | C:\Users\admin\AppData\Local\Temp\Unicorn-63139.exe | C:\Users\admin\AppData\Local\Temp\Unicorn-63139.exe | Unicorn-60773.exe | ||||||||||||
User: admin Company: UEFI Integrity Level: MEDIUM Version: 1.00 Modules
| |||||||||||||||
| 1244 | C:\Users\admin\AppData\Local\Temp\Unicorn-51297.exe | C:\Users\admin\AppData\Local\Temp\Unicorn-51297.exe | Unicorn-2745.exe | ||||||||||||
User: admin Company: UEFI Integrity Level: MEDIUM Version: 1.00 Modules
| |||||||||||||||
| 1328 | C:\Users\admin\AppData\Local\Temp\Unicorn-5608.exe | C:\Users\admin\AppData\Local\Temp\Unicorn-5608.exe | Unicorn-2745.exe | ||||||||||||
User: admin Company: UEFI Integrity Level: MEDIUM Version: 1.00 Modules
| |||||||||||||||
Total events
7 997
Read events
7 997
Write events
0
Delete events
0
Modification events
Executable files
1 156
Suspicious files
0
Text files
0
Unknown types
0
Dropped files
PID | Process | Filename | Type | |
|---|---|---|---|---|
| 5936 | 1 (354).exe | C:\Users\admin\AppData\Local\Temp\Unicorn-19458.exe | executable | |
MD5:E1C20A3F1A056346930DD0F95AE65383 | SHA256:205012D0AB1A940583C2D58DFB80A2C2ADA994AE54CAF7A53AEBD60F82BA22D8 | |||
| 7904 | Unicorn-11434.exe | C:\Users\admin\AppData\Local\Temp\Unicorn-51131.exe | executable | |
MD5:9AD3DD0A1A6104160DF439322973546C | SHA256:8339D1AF54BA286C5AFBBDCD435DFE75D5857D96DF393FCEA470997E5E7CEBA5 | |||
| 5936 | 1 (354).exe | C:\Users\admin\AppData\Local\Temp\Unicorn-5194.exe | executable | |
MD5:00D7E944A2CF149D405E65ED503B6757 | SHA256:61B5B8D8C95803E39A3A0E290661C187C38A9F32B850572F1577690BAA93FB04 | |||
| 7216 | Unicorn-19458.exe | C:\Users\admin\AppData\Local\Temp\Unicorn-9635.exe | executable | |
MD5:216A428285BFDD1ECF1C8F9CC654681F | SHA256:204319E2A5D4DD1062C0CD57FC5ACEA3A0EC059EB45C7B8825403D8EE3AC7111 | |||
| 7904 | Unicorn-11434.exe | C:\Users\admin\AppData\Local\Temp\Unicorn-65124.exe | executable | |
MD5:CC2C213E9A1CD9ECF7F9EF7D5DC3E53C | SHA256:A6441B2891FA1FE724A9C9173BDE5F10A172B05DB29EF591A5E9084772847EE9 | |||
| 7884 | Unicorn-4657.exe | C:\Users\admin\AppData\Local\Temp\Unicorn-13977.exe | executable | |
MD5:D88AD1B04653E358420D60A7662C5E1E | SHA256:450C8BD60591688893C7AADAD1C716787198F08D9F25EA31D353A50D287441F3 | |||
| 7216 | Unicorn-19458.exe | C:\Users\admin\AppData\Local\Temp\Unicorn-4657.exe | executable | |
MD5:0CC3F374A2B6EEFDD491810BCAF0B50A | SHA256:A6EFE9FD4B07605C1F80CD9DEB330D7199B78DE741E903B42C0FC9A06B06827F | |||
| 8048 | Unicorn-13977.exe | C:\Users\admin\AppData\Local\Temp\Unicorn-2745.exe | executable | |
MD5:D83C2E7CE30BC772AA1A05796DA3A99D | SHA256:8F647F54F4734898FD85D30F7D08A4981284EF093A9025173EF22F77EEDFDC08 | |||
| 7216 | Unicorn-19458.exe | C:\Users\admin\AppData\Local\Temp\Unicorn-55565.exe | executable | |
MD5:58F0F00F5BAFF71306F95B0DF9899D5A | SHA256:69476727B8BCB95C38CDE2BA62925867ED6074999BF644B1FC32DF9528240979 | |||
| 5936 | 1 (354).exe | C:\Users\admin\AppData\Local\Temp\Unicorn-58994.exe | executable | |
MD5:66D155BCF0E6669B1ACC8B2BC3817543 | SHA256:70F169910B8730095032194C846946061F942C20A1A5DBD2D31A4256DF76D535 | |||
Download PCAP, analyze network streams, HTTP content and a lot more at the full report
HTTP(S) requests
5
TCP/UDP connections
26
DNS requests
17
Threats
0
HTTP requests
PID | Process | Method | HTTP Code | IP | URL | CN | Type | Size | Reputation |
|---|---|---|---|---|---|---|---|---|---|
— | — | GET | 200 | 2.16.168.124:80 | http://crl.microsoft.com/pki/crl/products/MicRooCerAut2011_2011_03_22.crl | unknown | — | — | whitelisted |
8620 | SIHClient.exe | GET | 200 | 184.30.21.171:80 | http://www.microsoft.com/pkiops/crl/Microsoft%20ECC%20Product%20Root%20Certificate%20Authority%202018.crl | unknown | — | — | whitelisted |
6544 | svchost.exe | GET | 200 | 2.23.77.188:80 | http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBSAUQYBMq2awn1Rh6Doh%2FsBYgFV7gQUA95QNVbRTLtm8KPiGxvDl7I90VUCEAJ0LqoXyo4hxxe7H%2Fz9DKA%3D | unknown | — | — | whitelisted |
8620 | SIHClient.exe | GET | 200 | 184.30.21.171:80 | http://www.microsoft.com/pkiops/crl/Microsoft%20ECC%20Update%20Secure%20Server%20CA%202.1.crl | unknown | — | — | whitelisted |
7268 | backgroundTaskHost.exe | GET | 200 | 2.23.77.188:80 | http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBQ50otx%2Fh0Ztl%2Bz8SiPI7wEWVxDlQQUTiJUIBiV5uNu5g%2F6%2BrkS7QYXjzkCEAUZZSZEml49Gjh0j13P68w%3D | unknown | — | — | whitelisted |
Download PCAP, analyze network streams, HTTP content and a lot more at the full report
Connections
PID | Process | IP | Domain | ASN | CN | Reputation |
|---|---|---|---|---|---|---|
2104 | svchost.exe | 51.104.136.2:443 | settings-win.data.microsoft.com | MICROSOFT-CORP-MSN-AS-BLOCK | IE | whitelisted |
4 | System | 192.168.100.255:137 | — | — | — | whitelisted |
4 | System | 192.168.100.255:138 | — | — | — | whitelisted |
— | — | 51.104.136.2:443 | settings-win.data.microsoft.com | MICROSOFT-CORP-MSN-AS-BLOCK | IE | whitelisted |
— | — | 2.16.168.124:80 | crl.microsoft.com | Akamai International B.V. | RU | whitelisted |
3216 | svchost.exe | 20.197.71.89:443 | client.wns.windows.com | MICROSOFT-CORP-MSN-AS-BLOCK | SG | whitelisted |
6544 | svchost.exe | 20.190.160.130:443 | login.live.com | MICROSOFT-CORP-MSN-AS-BLOCK | NL | whitelisted |
6544 | svchost.exe | 2.23.77.188:80 | ocsp.digicert.com | AKAMAI-AS | DE | whitelisted |
2112 | svchost.exe | 51.124.78.146:443 | settings-win.data.microsoft.com | MICROSOFT-CORP-MSN-AS-BLOCK | NL | whitelisted |
7268 | backgroundTaskHost.exe | 20.223.35.26:443 | arc.msn.com | MICROSOFT-CORP-MSN-AS-BLOCK | IE | whitelisted |
DNS requests
Domain | IP | Reputation |
|---|---|---|
settings-win.data.microsoft.com |
| whitelisted |
google.com |
| whitelisted |
crl.microsoft.com |
| whitelisted |
client.wns.windows.com |
| whitelisted |
login.live.com |
| whitelisted |
ocsp.digicert.com |
| whitelisted |
arc.msn.com |
| whitelisted |
slscr.update.microsoft.com |
| whitelisted |
www.microsoft.com |
| whitelisted |
fe3cr.delivery.mp.microsoft.com |
| whitelisted |