| File name: | 1 (1213) |
| Full analysis: | https://app.any.run/tasks/5829709f-5e65-4dc9-ad14-acd28bcf4854 |
| Verdict: | Malicious activity |
| Analysis date: | March 24, 2025, 11:11:23 |
| OS: | Windows 10 Professional (build: 19045, 64 bit) |
| Indicators: | |
| MIME: | application/vnd.microsoft.portable-executable |
| File info: | PE32 executable (GUI) Intel 80386, for MS Windows, 3 sections |
| MD5: | A02039CF88CAE646513CE460B0132790 |
| SHA1: | 524202A47CBDE0F991DA1955F535DD0B9958E61F |
| SHA256: | 3C10813EB65F3DACD60C9C19F8EBC5CEE9457C82712D15ADEF0E61680458E99E |
| SSDEEP: | 6144:oSNgw5I8VDynA5lT37sXxffxvpBEbvJGB9nWySaYAk/8SwjwpyAOEh/VRcBpsYSt:ok5KHnA5l3Q1BEha9WySaYFx4DxDsR |
MALICIOUS
No malicious indicators.SUSPICIOUS
Executable content was dropped or overwritten
- Unicorn-42358.exe (PID: 668)
- 1 (1213).exe (PID: 5216)
- Unicorn-36856.exe (PID: 1660)
- Unicorn-9789.exe (PID: 2616)
- Unicorn-47293.exe (PID: 5552)
- Unicorn-54714.exe (PID: 1072)
- Unicorn-58362.exe (PID: 4976)
- Unicorn-17330.exe (PID: 6584)
- Unicorn-61989.exe (PID: 3240)
- Unicorn-18076.exe (PID: 5728)
- Unicorn-64484.exe (PID: 1180)
- Unicorn-42388.exe (PID: 672)
- Unicorn-64890.exe (PID: 4784)
- Unicorn-19406.exe (PID: 4068)
- Unicorn-36296.exe (PID: 4408)
- Unicorn-47802.exe (PID: 4464)
- Unicorn-21251.exe (PID: 6592)
- Unicorn-28726.exe (PID: 5800)
- Unicorn-44548.exe (PID: 736)
- Unicorn-8113.exe (PID: 4980)
- Unicorn-8113.exe (PID: 2392)
- Unicorn-53038.exe (PID: 5548)
- Unicorn-5077.exe (PID: 1764)
- Unicorn-50298.exe (PID: 7208)
- Unicorn-40521.exe (PID: 2420)
- Unicorn-33172.exe (PID: 1164)
- Unicorn-10012.exe (PID: 7228)
- Unicorn-56420.exe (PID: 7256)
- Unicorn-26754.exe (PID: 7300)
- Unicorn-64662.exe (PID: 7368)
- Unicorn-16016.exe (PID: 7388)
- Unicorn-64470.exe (PID: 7408)
- Unicorn-37728.exe (PID: 7428)
- Unicorn-46873.exe (PID: 7448)
- Unicorn-65482.exe (PID: 3304)
- Unicorn-46873.exe (PID: 7444)
- Unicorn-46873.exe (PID: 7460)
- Unicorn-11548.exe (PID: 7532)
- Unicorn-8113.exe (PID: 6988)
- Unicorn-43666.exe (PID: 7496)
- Unicorn-60173.exe (PID: 7312)
- Unicorn-14885.exe (PID: 7568)
- Unicorn-15632.exe (PID: 7512)
- Unicorn-60557.exe (PID: 7556)
- Unicorn-15632.exe (PID: 7520)
- Unicorn-64086.exe (PID: 7620)
- Unicorn-6717.exe (PID: 7596)
- Unicorn-51377.exe (PID: 7668)
- Unicorn-34655.exe (PID: 6516)
- Unicorn-6717.exe (PID: 7588)
- Unicorn-64086.exe (PID: 7632)
- Unicorn-9840.exe (PID: 7728)
- Unicorn-33172.exe (PID: 6184)
- Unicorn-29175.exe (PID: 7736)
- Unicorn-29175.exe (PID: 7744)
- Unicorn-38628.exe (PID: 7692)
- Unicorn-64086.exe (PID: 7612)
- Unicorn-31776.exe (PID: 7660)
- Unicorn-35939.exe (PID: 1328)
- Unicorn-48584.exe (PID: 1300)
- Unicorn-24376.exe (PID: 7800)
- Unicorn-57994.exe (PID: 7820)
- Unicorn-21046.exe (PID: 7872)
- Unicorn-43504.exe (PID: 7844)
- Unicorn-64854.exe (PID: 7780)
- Unicorn-168.exe (PID: 7896)
- Unicorn-1097.exe (PID: 7248)
- Unicorn-21046.exe (PID: 7864)
- Unicorn-41636.exe (PID: 7960)
- Unicorn-48488.exe (PID: 7972)
- Unicorn-46873.exe (PID: 8048)
- Unicorn-46105.exe (PID: 7904)
- Unicorn-52265.exe (PID: 7952)
- Unicorn-21814.exe (PID: 8032)
- Unicorn-42042.exe (PID: 8064)
- Unicorn-33468.exe (PID: 7992)
- Unicorn-26489.exe (PID: 7292)
- Unicorn-47204.exe (PID: 7984)
- Unicorn-30152.exe (PID: 8112)
- Unicorn-49141.exe (PID: 8104)
- Unicorn-60936.exe (PID: 8152)
- Unicorn-27743.exe (PID: 8072)
- Unicorn-33682.exe (PID: 8124)
- Unicorn-52301.exe (PID: 1672)
- Unicorn-48025.exe (PID: 8256)
- Unicorn-43578.exe (PID: 6324)
- Unicorn-31134.exe (PID: 8212)
- Unicorn-48025.exe (PID: 8248)
- Unicorn-48025.exe (PID: 8240)
- Unicorn-31030.exe (PID: 7284)
- Unicorn-35218.exe (PID: 8204)
- Unicorn-49369.exe (PID: 8312)
- Unicorn-26810.exe (PID: 8292)
- Unicorn-64958.exe (PID: 8352)
- Unicorn-44346.exe (PID: 8404)
- Unicorn-11481.exe (PID: 8440)
- Unicorn-56598.exe (PID: 8460)
- Unicorn-23734.exe (PID: 8508)
- Unicorn-27818.exe (PID: 8488)
- Unicorn-33939.exe (PID: 8468)
- Unicorn-40624.exe (PID: 8552)
- Unicorn-4273.exe (PID: 8636)
- Unicorn-2419.exe (PID: 8592)
- Unicorn-5077.exe (PID: 4988)
- Unicorn-19458.exe (PID: 8524)
- Unicorn-41776.exe (PID: 8652)
- Unicorn-8357.exe (PID: 8628)
- Unicorn-45306.exe (PID: 8612)
- Unicorn-55512.exe (PID: 8644)
- Unicorn-61450.exe (PID: 8776)
- Unicorn-49006.exe (PID: 8800)
- Unicorn-33224.exe (PID: 8792)
- Unicorn-57366.exe (PID: 8784)
- Unicorn-56412.exe (PID: 8880)
- Unicorn-57174.exe (PID: 8904)
- Unicorn-52960.exe (PID: 8680)
- Unicorn-32478.exe (PID: 8924)
- Unicorn-17220.exe (PID: 8948)
- Unicorn-9085.exe (PID: 8964)
- Unicorn-17220.exe (PID: 8956)
- Unicorn-26208.exe (PID: 9004)
- Unicorn-16332.exe (PID: 9056)
- Unicorn-23607.exe (PID: 9048)
- Unicorn-63370.exe (PID: 9112)
- Unicorn-59286.exe (PID: 9132)
- Unicorn-44604.exe (PID: 9176)
- Unicorn-43312.exe (PID: 9168)
- Unicorn-45581.exe (PID: 9208)
- Unicorn-26038.exe (PID: 5308)
- Unicorn-38098.exe (PID: 9224)
- Unicorn-18232.exe (PID: 9076)
- Unicorn-34961.exe (PID: 9248)
- Unicorn-7192.exe (PID: 9280)
- Unicorn-31142.exe (PID: 9260)
- Unicorn-1977.exe (PID: 9380)
- Unicorn-17437.exe (PID: 9336)
- Unicorn-28572.exe (PID: 9480)
- Unicorn-35423.exe (PID: 9444)
- Unicorn-21695.exe (PID: 9496)
- Unicorn-11105.exe (PID: 9580)
- Unicorn-40078.exe (PID: 9488)
- Unicorn-60498.exe (PID: 9532)
- Unicorn-11489.exe (PID: 9460)
- Unicorn-21311.exe (PID: 9628)
- Unicorn-31526.exe (PID: 9620)
- Unicorn-3029.exe (PID: 9548)
- Unicorn-49900.exe (PID: 9652)
- Unicorn-45122.exe (PID: 9676)
- Unicorn-53290.exe (PID: 9768)
- Unicorn-16534.exe (PID: 9716)
- Unicorn-8173.exe (PID: 9740)
- Unicorn-51177.exe (PID: 9572)
- Unicorn-23803.exe (PID: 9872)
- Unicorn-10019.exe (PID: 9832)
- Unicorn-52906.exe (PID: 9888)
- Unicorn-4081.exe (PID: 8752)
- Unicorn-25205.exe (PID: 9932)
- Unicorn-53296.exe (PID: 9952)
- Unicorn-36305.exe (PID: 9816)
- Unicorn-16150.exe (PID: 9840)
- Unicorn-43150.exe (PID: 10052)
- Unicorn-51489.exe (PID: 10108)
- Unicorn-8920.exe (PID: 9696)
- Unicorn-43918.exe (PID: 10140)
- Unicorn-57929.exe (PID: 9728)
- Unicorn-60254.exe (PID: 10168)
- Unicorn-43534.exe (PID: 680)
- Unicorn-54058.exe (PID: 9972)
- Unicorn-58313.exe (PID: 10008)
- Unicorn-35558.exe (PID: 10188)
- Unicorn-31282.exe (PID: 2148)
- Unicorn-8484.exe (PID: 4436)
- Unicorn-57824.exe (PID: 8428)
- Unicorn-14945.exe (PID: 10208)
- Unicorn-4636.exe (PID: 8856)
- Unicorn-9583.exe (PID: 10272)
- Unicorn-63252.exe (PID: 8376)
- Unicorn-61946.exe (PID: 10344)
- Unicorn-54892.exe (PID: 536)
- Unicorn-28890.exe (PID: 10396)
- Unicorn-30735.exe (PID: 10424)
- Unicorn-20530.exe (PID: 10432)
- Unicorn-46741.exe (PID: 10568)
- Unicorn-41971.exe (PID: 10456)
- Unicorn-55101.exe (PID: 10548)
- Unicorn-3269.exe (PID: 10304)
- Unicorn-36866.exe (PID: 10440)
- Unicorn-53970.exe (PID: 10656)
- Unicorn-9429.exe (PID: 10556)
- Unicorn-420.exe (PID: 10632)
- Unicorn-16334.exe (PID: 8692)
- Unicorn-55512.exe (PID: 8672)
- Unicorn-316.exe (PID: 6940)
- Unicorn-52138.exe (PID: 9604)
- Unicorn-4961.exe (PID: 10608)
- Unicorn-2584.exe (PID: 10780)
- Unicorn-47146.exe (PID: 10720)
- Unicorn-61244.exe (PID: 10820)
- Unicorn-2584.exe (PID: 10800)
- Unicorn-2584.exe (PID: 10784)
- Unicorn-54665.exe (PID: 10876)
- Unicorn-14473.exe (PID: 10680)
- Unicorn-35448.exe (PID: 10704)
- Unicorn-63653.exe (PID: 10912)
- Unicorn-30788.exe (PID: 10988)
- Unicorn-62906.exe (PID: 10948)
- Unicorn-44524.exe (PID: 10980)
- Unicorn-60913.exe (PID: 11040)
- Unicorn-560.exe (PID: 9800)
- Unicorn-5537.exe (PID: 10928)
- Unicorn-30788.exe (PID: 10972)
- Unicorn-50389.exe (PID: 10964)
- Unicorn-9111.exe (PID: 11088)
- Unicorn-64250.exe (PID: 11100)
- Unicorn-21171.exe (PID: 11220)
- Unicorn-52553.exe (PID: 11064)
- Unicorn-15241.exe (PID: 11048)
- Unicorn-45868.exe (PID: 11128)
- Unicorn-23145.exe (PID: 11016)
- Unicorn-51998.exe (PID: 11152)
- Unicorn-14665.exe (PID: 11384)
- Unicorn-52553.exe (PID: 11076)
- Unicorn-7244.exe (PID: 2064)
- Unicorn-38592.exe (PID: 11260)
- Unicorn-54936.exe (PID: 2084)
- Unicorn-43830.exe (PID: 11160)
- Unicorn-52553.exe (PID: 11060)
- Unicorn-36024.exe (PID: 1512)
- Unicorn-61820.exe (PID: 10852)
- Unicorn-38019.exe (PID: 10860)
- Unicorn-10773.exe (PID: 3032)
- Unicorn-35086.exe (PID: 11356)
- Unicorn-35086.exe (PID: 11364)
- Unicorn-33039.exe (PID: 11348)
- Unicorn-23986.exe (PID: 11520)
- Unicorn-2531.exe (PID: 10360)
- Unicorn-54936.exe (PID: 11276)
- Unicorn-63866.exe (PID: 11288)
- Unicorn-36238.exe (PID: 11484)
- Unicorn-39180.exe (PID: 11456)
- Unicorn-40322.exe (PID: 11500)
- Unicorn-31045.exe (PID: 11448)
- Unicorn-63866.exe (PID: 11268)
- Unicorn-47841.exe (PID: 11796)
- Unicorn-40322.exe (PID: 11492)
- Unicorn-32132.exe (PID: 11212)
Starts itself from another location
- 1 (1213).exe (PID: 5216)
- Unicorn-42358.exe (PID: 668)
- Unicorn-36856.exe (PID: 1660)
- Unicorn-9789.exe (PID: 2616)
- Unicorn-47293.exe (PID: 5552)
- Unicorn-54714.exe (PID: 1072)
- Unicorn-48584.exe (PID: 1300)
- Unicorn-58362.exe (PID: 4976)
- Unicorn-18076.exe (PID: 5728)
- Unicorn-17330.exe (PID: 6584)
- Unicorn-5077.exe (PID: 1764)
- Unicorn-61989.exe (PID: 3240)
- Unicorn-5077.exe (PID: 4988)
- Unicorn-64484.exe (PID: 1180)
- Unicorn-64890.exe (PID: 4784)
- Unicorn-19406.exe (PID: 4068)
- Unicorn-36296.exe (PID: 4408)
- Unicorn-21251.exe (PID: 6592)
- Unicorn-47802.exe (PID: 4464)
- Unicorn-28726.exe (PID: 5800)
- Unicorn-44548.exe (PID: 736)
- Unicorn-65482.exe (PID: 3304)
- Unicorn-8113.exe (PID: 6988)
- Unicorn-8113.exe (PID: 4980)
- Unicorn-8113.exe (PID: 2392)
- Unicorn-42388.exe (PID: 672)
- Unicorn-50298.exe (PID: 7208)
- Unicorn-53038.exe (PID: 5548)
- Unicorn-33172.exe (PID: 1164)
- Unicorn-33172.exe (PID: 6184)
- Unicorn-35939.exe (PID: 1328)
- Unicorn-10012.exe (PID: 7228)
- Unicorn-1097.exe (PID: 7248)
- Unicorn-56420.exe (PID: 7256)
- Unicorn-26489.exe (PID: 7292)
- Unicorn-64662.exe (PID: 7368)
- Unicorn-16016.exe (PID: 7388)
- Unicorn-64470.exe (PID: 7408)
- Unicorn-37728.exe (PID: 7428)
- Unicorn-46873.exe (PID: 7448)
- Unicorn-46873.exe (PID: 7444)
- Unicorn-46873.exe (PID: 7460)
- Unicorn-11548.exe (PID: 7532)
- Unicorn-60173.exe (PID: 7312)
- Unicorn-26754.exe (PID: 7300)
- Unicorn-31030.exe (PID: 7284)
- Unicorn-43666.exe (PID: 7496)
- Unicorn-14885.exe (PID: 7568)
- Unicorn-15632.exe (PID: 7512)
- Unicorn-60557.exe (PID: 7556)
- Unicorn-6717.exe (PID: 7588)
- Unicorn-6717.exe (PID: 7596)
- Unicorn-51377.exe (PID: 7668)
- Unicorn-15632.exe (PID: 7520)
- Unicorn-64086.exe (PID: 7620)
- Unicorn-29175.exe (PID: 7736)
- Unicorn-64086.exe (PID: 7632)
- Unicorn-29175.exe (PID: 7744)
- Unicorn-9840.exe (PID: 7728)
- Unicorn-34655.exe (PID: 6516)
- Unicorn-38628.exe (PID: 7692)
- Unicorn-40521.exe (PID: 2420)
- Unicorn-64086.exe (PID: 7612)
- Unicorn-31776.exe (PID: 7660)
- Unicorn-24376.exe (PID: 7800)
- Unicorn-64854.exe (PID: 7780)
- Unicorn-57994.exe (PID: 7820)
- Unicorn-21046.exe (PID: 7872)
- Unicorn-168.exe (PID: 7896)
- Unicorn-21046.exe (PID: 7864)
- Unicorn-43504.exe (PID: 7844)
- Unicorn-41636.exe (PID: 7960)
- Unicorn-46105.exe (PID: 7904)
- Unicorn-48488.exe (PID: 7972)
- Unicorn-33468.exe (PID: 7992)
- Unicorn-52265.exe (PID: 7952)
- Unicorn-21814.exe (PID: 8032)
- Unicorn-46873.exe (PID: 8048)
- Unicorn-42042.exe (PID: 8064)
- Unicorn-47204.exe (PID: 7984)
- Unicorn-30152.exe (PID: 8112)
- Unicorn-27743.exe (PID: 8072)
- Unicorn-49141.exe (PID: 8104)
- Unicorn-60936.exe (PID: 8152)
- Unicorn-43578.exe (PID: 6324)
- Unicorn-52301.exe (PID: 1672)
- Unicorn-48025.exe (PID: 8256)
- Unicorn-33682.exe (PID: 8124)
- Unicorn-31134.exe (PID: 8212)
- Unicorn-48025.exe (PID: 8248)
- Unicorn-48025.exe (PID: 8240)
- Unicorn-35218.exe (PID: 8204)
- Unicorn-26810.exe (PID: 8292)
- Unicorn-49369.exe (PID: 8312)
- Unicorn-64958.exe (PID: 8352)
- Unicorn-11481.exe (PID: 8440)
- Unicorn-44346.exe (PID: 8404)
- Unicorn-56598.exe (PID: 8460)
- Unicorn-23734.exe (PID: 8508)
- Unicorn-33939.exe (PID: 8468)
- Unicorn-40624.exe (PID: 8552)
- Unicorn-27818.exe (PID: 8488)
- Unicorn-2419.exe (PID: 8592)
- Unicorn-4273.exe (PID: 8636)
- Unicorn-45306.exe (PID: 8612)
- Unicorn-41776.exe (PID: 8652)
- Unicorn-8357.exe (PID: 8628)
- Unicorn-4081.exe (PID: 8752)
- Unicorn-55512.exe (PID: 8644)
- Unicorn-33224.exe (PID: 8792)
- Unicorn-49006.exe (PID: 8800)
- Unicorn-16334.exe (PID: 8692)
- Unicorn-32478.exe (PID: 8924)
- Unicorn-52960.exe (PID: 8680)
- Unicorn-55512.exe (PID: 8672)
- Unicorn-57366.exe (PID: 8784)
- Unicorn-56412.exe (PID: 8880)
- Unicorn-4636.exe (PID: 8856)
- Unicorn-57174.exe (PID: 8904)
- Unicorn-26208.exe (PID: 9004)
- Unicorn-9085.exe (PID: 8964)
- Unicorn-16332.exe (PID: 9056)
- Unicorn-17220.exe (PID: 8948)
- Unicorn-23607.exe (PID: 9048)
- Unicorn-59286.exe (PID: 9132)
- Unicorn-44604.exe (PID: 9176)
- Unicorn-63370.exe (PID: 9112)
- Unicorn-45581.exe (PID: 9208)
- Unicorn-43312.exe (PID: 9168)
- Unicorn-26038.exe (PID: 5308)
- Unicorn-18232.exe (PID: 9076)
- Unicorn-34961.exe (PID: 9248)
- Unicorn-38098.exe (PID: 9224)
- Unicorn-7192.exe (PID: 9280)
- Unicorn-31142.exe (PID: 9260)
- Unicorn-1977.exe (PID: 9380)
- Unicorn-28572.exe (PID: 9480)
- Unicorn-21695.exe (PID: 9496)
- Unicorn-35423.exe (PID: 9444)
- Unicorn-17437.exe (PID: 9336)
- Unicorn-40078.exe (PID: 9488)
- Unicorn-11489.exe (PID: 9460)
- Unicorn-11105.exe (PID: 9580)
- Unicorn-3029.exe (PID: 9548)
- Unicorn-21311.exe (PID: 9628)
- Unicorn-52138.exe (PID: 9604)
- Unicorn-31526.exe (PID: 9620)
- Unicorn-60498.exe (PID: 9532)
- Unicorn-45122.exe (PID: 9676)
- Unicorn-8920.exe (PID: 9696)
- Unicorn-51177.exe (PID: 9572)
Executes application which crashes
- Unicorn-63157.exe (PID: 8940)
INFO
Checks supported languages
- Unicorn-42358.exe (PID: 668)
- 1 (1213).exe (PID: 5216)
- Unicorn-36856.exe (PID: 1660)
- Unicorn-64890.exe (PID: 4784)
- Unicorn-54714.exe (PID: 1072)
- Unicorn-48584.exe (PID: 1300)
- Unicorn-58362.exe (PID: 4976)
- Unicorn-18076.exe (PID: 5728)
- Unicorn-64484.exe (PID: 1180)
- Unicorn-5077.exe (PID: 1764)
- Unicorn-61989.exe (PID: 3240)
- Unicorn-5077.exe (PID: 4988)
- Unicorn-36296.exe (PID: 4408)
- Unicorn-47802.exe (PID: 4464)
- Unicorn-21251.exe (PID: 6592)
- Unicorn-28726.exe (PID: 5800)
- Unicorn-8113.exe (PID: 4980)
- Unicorn-47293.exe (PID: 5552)
- Unicorn-9789.exe (PID: 2616)
- Unicorn-53038.exe (PID: 5548)
- Unicorn-1097.exe (PID: 7248)
- Unicorn-26754.exe (PID: 7300)
- Unicorn-26489.exe (PID: 7292)
- Unicorn-64662.exe (PID: 7368)
- Unicorn-64470.exe (PID: 7408)
- Unicorn-46873.exe (PID: 7448)
- Unicorn-15632.exe (PID: 7520)
- Unicorn-11548.exe (PID: 7532)
- Unicorn-64086.exe (PID: 7632)
- Unicorn-38628.exe (PID: 7692)
- Unicorn-51377.exe (PID: 7668)
- Unicorn-29175.exe (PID: 7736)
- Unicorn-14885.exe (PID: 7568)
- Unicorn-57994.exe (PID: 7820)
- Unicorn-52265.exe (PID: 7952)
- Unicorn-24376.exe (PID: 7800)
- Unicorn-21814.exe (PID: 8032)
- Unicorn-46873.exe (PID: 8048)
- Unicorn-48488.exe (PID: 7972)
- Unicorn-30152.exe (PID: 8112)
- Unicorn-60936.exe (PID: 8152)
- Unicorn-33682.exe (PID: 8124)
- Unicorn-48025.exe (PID: 8256)
- Unicorn-48025.exe (PID: 8240)
- Unicorn-11481.exe (PID: 8440)
- Unicorn-44346.exe (PID: 8404)
- Unicorn-45306.exe (PID: 8612)
- Unicorn-4273.exe (PID: 8636)
- Unicorn-52960.exe (PID: 8680)
- Unicorn-55512.exe (PID: 8672)
- Unicorn-4636.exe (PID: 8856)
- Unicorn-61450.exe (PID: 8776)
- Unicorn-9085.exe (PID: 8964)
- Unicorn-16332.exe (PID: 9056)
- Unicorn-23607.exe (PID: 9048)
- Unicorn-26208.exe (PID: 9004)
- Unicorn-59286.exe (PID: 9132)
- Unicorn-44604.exe (PID: 9176)
- Unicorn-26038.exe (PID: 5308)
- Unicorn-63370.exe (PID: 9112)
- Unicorn-45581.exe (PID: 9208)
- Unicorn-34961.exe (PID: 9248)
- Unicorn-31142.exe (PID: 9260)
- Unicorn-17437.exe (PID: 9336)
- Unicorn-18232.exe (PID: 9076)
- Unicorn-38098.exe (PID: 9224)
- Unicorn-35423.exe (PID: 9444)
- Unicorn-40078.exe (PID: 9488)
- Unicorn-11489.exe (PID: 9460)
- Unicorn-52138.exe (PID: 9604)
- Unicorn-31526.exe (PID: 9620)
- Unicorn-8920.exe (PID: 9696)
- Unicorn-57929.exe (PID: 9728)
- Unicorn-16534.exe (PID: 9716)
- Unicorn-49900.exe (PID: 9652)
- Unicorn-45122.exe (PID: 9676)
- Unicorn-560.exe (PID: 9800)
- Unicorn-53290.exe (PID: 9768)
- Unicorn-36305.exe (PID: 9816)
- Unicorn-25205.exe (PID: 9932)
- Unicorn-52906.exe (PID: 9888)
- Unicorn-10019.exe (PID: 9832)
- Unicorn-35558.exe (PID: 10188)
- Unicorn-63252.exe (PID: 8376)
- Unicorn-8484.exe (PID: 4436)
- Unicorn-9583.exe (PID: 10272)
- Unicorn-54892.exe (PID: 536)
- Unicorn-3269.exe (PID: 10304)
- Unicorn-2531.exe (PID: 10360)
- Unicorn-61946.exe (PID: 10344)
- Unicorn-41971.exe (PID: 10456)
- Unicorn-36866.exe (PID: 10440)
- Unicorn-46741.exe (PID: 10568)
- Unicorn-9429.exe (PID: 10556)
- Unicorn-55101.exe (PID: 10548)
- Unicorn-14473.exe (PID: 10680)
- Unicorn-47146.exe (PID: 10720)
- Unicorn-61244.exe (PID: 10820)
- Unicorn-2584.exe (PID: 10780)
- Unicorn-2584.exe (PID: 10800)
- Unicorn-54665.exe (PID: 10876)
- Unicorn-44524.exe (PID: 10980)
- Unicorn-5537.exe (PID: 10928)
- Unicorn-50389.exe (PID: 10964)
- Unicorn-30788.exe (PID: 10988)
- Unicorn-63653.exe (PID: 10912)
- Unicorn-23145.exe (PID: 11016)
- Unicorn-60913.exe (PID: 11040)
- Unicorn-52553.exe (PID: 11064)
- Unicorn-52553.exe (PID: 11060)
- Unicorn-7244.exe (PID: 2064)
- Unicorn-54936.exe (PID: 11276)
- Unicorn-54936.exe (PID: 2084)
- Unicorn-63866.exe (PID: 11288)
- Unicorn-45868.exe (PID: 11128)
- Unicorn-43830.exe (PID: 11160)
- Unicorn-51998.exe (PID: 11152)
- Unicorn-32132.exe (PID: 11212)
- Unicorn-38019.exe (PID: 10860)
- Unicorn-33039.exe (PID: 11348)
- Unicorn-35086.exe (PID: 11364)
- Unicorn-35086.exe (PID: 11356)
- Unicorn-14665.exe (PID: 11384)
- Unicorn-36238.exe (PID: 11484)
- Unicorn-40322.exe (PID: 11508)
- Unicorn-7457.exe (PID: 11572)
- Unicorn-31045.exe (PID: 11448)
- Unicorn-15111.exe (PID: 11712)
- Unicorn-7265.exe (PID: 11664)
- Unicorn-54228.exe (PID: 11772)
- Unicorn-15433.exe (PID: 11748)
- Unicorn-47841.exe (PID: 11796)
- Unicorn-33668.exe (PID: 11832)
- Unicorn-53513.exe (PID: 11976)
- Unicorn-7271.exe (PID: 11968)
- Unicorn-7841.exe (PID: 11984)
- Unicorn-12693.exe (PID: 11812)
- Unicorn-12864.exe (PID: 11924)
- Unicorn-46113.exe (PID: 12132)
- Unicorn-34052.exe (PID: 12100)
- Unicorn-61894.exe (PID: 12148)
- Unicorn-39288.exe (PID: 12224)
- Unicorn-47265.exe (PID: 12284)
- Unicorn-59517.exe (PID: 8944)
- Unicorn-57233.exe (PID: 12076)
- Unicorn-18868.exe (PID: 12188)
- Unicorn-10124.exe (PID: 12336)
- Unicorn-63400.exe (PID: 12452)
- Unicorn-3439.exe (PID: 5156)
- Unicorn-26652.exe (PID: 12328)
- Unicorn-26652.exe (PID: 12320)
- Unicorn-56357.exe (PID: 12580)
- Unicorn-55973.exe (PID: 12688)
- Unicorn-51142.exe (PID: 12728)
- Unicorn-39466.exe (PID: 12548)
- Unicorn-24975.exe (PID: 12556)
- Unicorn-30019.exe (PID: 12768)
- Unicorn-4245.exe (PID: 12944)
- Unicorn-3285.exe (PID: 12800)
- Unicorn-11837.exe (PID: 13000)
- Unicorn-54193.exe (PID: 13172)
- Unicorn-8521.exe (PID: 13180)
- Unicorn-39008.exe (PID: 3008)
- Unicorn-22672.exe (PID: 4692)
- Unicorn-5589.exe (PID: 5232)
- Unicorn-42900.exe (PID: 13324)
- Unicorn-29637.exe (PID: 13380)
- Unicorn-58490.exe (PID: 13424)
- Unicorn-25626.exe (PID: 13448)
- Unicorn-39916.exe (PID: 13484)
- Unicorn-39916.exe (PID: 13492)
- Unicorn-1889.exe (PID: 13676)
- Unicorn-1889.exe (PID: 13684)
- Unicorn-63897.exe (PID: 13764)
- Unicorn-60005.exe (PID: 13648)
Create files in a temporary directory
- 1 (1213).exe (PID: 5216)
- Unicorn-42358.exe (PID: 668)
- Unicorn-36856.exe (PID: 1660)
- Unicorn-9789.exe (PID: 2616)
- Unicorn-47293.exe (PID: 5552)
- Unicorn-54714.exe (PID: 1072)
- Unicorn-17330.exe (PID: 6584)
- Unicorn-61989.exe (PID: 3240)
- Unicorn-18076.exe (PID: 5728)
- Unicorn-64484.exe (PID: 1180)
- Unicorn-64890.exe (PID: 4784)
- Unicorn-19406.exe (PID: 4068)
- Unicorn-28726.exe (PID: 5800)
- Unicorn-44548.exe (PID: 736)
- Unicorn-8113.exe (PID: 4980)
- Unicorn-8113.exe (PID: 2392)
- Unicorn-53038.exe (PID: 5548)
- Unicorn-40521.exe (PID: 2420)
- Unicorn-33172.exe (PID: 1164)
- Unicorn-42388.exe (PID: 672)
- Unicorn-10012.exe (PID: 7228)
- Unicorn-21251.exe (PID: 6592)
- Unicorn-58362.exe (PID: 4976)
- Unicorn-56420.exe (PID: 7256)
- Unicorn-36296.exe (PID: 4408)
- Unicorn-16016.exe (PID: 7388)
- Unicorn-64470.exe (PID: 7408)
- Unicorn-64662.exe (PID: 7368)
- Unicorn-46873.exe (PID: 7448)
- Unicorn-46873.exe (PID: 7460)
- Unicorn-11548.exe (PID: 7532)
- Unicorn-43666.exe (PID: 7496)
- Unicorn-60173.exe (PID: 7312)
- Unicorn-15632.exe (PID: 7512)
- Unicorn-5077.exe (PID: 1764)
- Unicorn-15632.exe (PID: 7520)
- Unicorn-14885.exe (PID: 7568)
- Unicorn-51377.exe (PID: 7668)
- Unicorn-6717.exe (PID: 7588)
- Unicorn-6717.exe (PID: 7596)
- Unicorn-29175.exe (PID: 7736)
- Unicorn-29175.exe (PID: 7744)
- Unicorn-9840.exe (PID: 7728)
- Unicorn-33172.exe (PID: 6184)
- Unicorn-64086.exe (PID: 7612)
- Unicorn-35939.exe (PID: 1328)
- Unicorn-31776.exe (PID: 7660)
- Unicorn-64854.exe (PID: 7780)
- Unicorn-48584.exe (PID: 1300)
- Unicorn-50298.exe (PID: 7208)
- Unicorn-21046.exe (PID: 7872)
- Unicorn-168.exe (PID: 7896)
- Unicorn-21046.exe (PID: 7864)
- Unicorn-1097.exe (PID: 7248)
- Unicorn-41636.exe (PID: 7960)
- Unicorn-46873.exe (PID: 8048)
- Unicorn-48488.exe (PID: 7972)
- Unicorn-52265.exe (PID: 7952)
- Unicorn-21814.exe (PID: 8032)
- Unicorn-42042.exe (PID: 8064)
- Unicorn-47802.exe (PID: 4464)
- Unicorn-33468.exe (PID: 7992)
- Unicorn-47204.exe (PID: 7984)
- Unicorn-30152.exe (PID: 8112)
- Unicorn-49141.exe (PID: 8104)
- Unicorn-43578.exe (PID: 6324)
- Unicorn-48025.exe (PID: 8256)
- Unicorn-35218.exe (PID: 8204)
- Unicorn-37728.exe (PID: 7428)
- Unicorn-48025.exe (PID: 8248)
- Unicorn-65482.exe (PID: 3304)
- Unicorn-31030.exe (PID: 7284)
- Unicorn-46873.exe (PID: 7444)
- Unicorn-26754.exe (PID: 7300)
- Unicorn-26810.exe (PID: 8292)
- Unicorn-49369.exe (PID: 8312)
- Unicorn-64958.exe (PID: 8352)
- Unicorn-11481.exe (PID: 8440)
- Unicorn-8113.exe (PID: 6988)
- Unicorn-56598.exe (PID: 8460)
- Unicorn-40624.exe (PID: 8552)
- Unicorn-60557.exe (PID: 7556)
- Unicorn-64086.exe (PID: 7620)
- Unicorn-19458.exe (PID: 8524)
- Unicorn-5077.exe (PID: 4988)
- Unicorn-2419.exe (PID: 8592)
- Unicorn-4273.exe (PID: 8636)
- Unicorn-38628.exe (PID: 7692)
- Unicorn-64086.exe (PID: 7632)
- Unicorn-34655.exe (PID: 6516)
- Unicorn-61450.exe (PID: 8776)
- Unicorn-55512.exe (PID: 8644)
- Unicorn-49006.exe (PID: 8800)
- Unicorn-32478.exe (PID: 8924)
- Unicorn-52960.exe (PID: 8680)
- Unicorn-33224.exe (PID: 8792)
- Unicorn-57366.exe (PID: 8784)
- Unicorn-57174.exe (PID: 8904)
- Unicorn-24376.exe (PID: 7800)
- Unicorn-57994.exe (PID: 7820)
- Unicorn-23607.exe (PID: 9048)
- Unicorn-43504.exe (PID: 7844)
- Unicorn-46105.exe (PID: 7904)
- Unicorn-16332.exe (PID: 9056)
- Unicorn-43312.exe (PID: 9168)
- Unicorn-26038.exe (PID: 5308)
- Unicorn-45581.exe (PID: 9208)
- Unicorn-38098.exe (PID: 9224)
- Unicorn-33682.exe (PID: 8124)
- Unicorn-18232.exe (PID: 9076)
- Unicorn-17437.exe (PID: 9336)
- Unicorn-48025.exe (PID: 8240)
- Unicorn-60498.exe (PID: 9532)
- Unicorn-3029.exe (PID: 9548)
- Unicorn-21311.exe (PID: 9628)
- Unicorn-51177.exe (PID: 9572)
Reads the computer name
- Unicorn-42358.exe (PID: 668)
- 1 (1213).exe (PID: 5216)
- Unicorn-36856.exe (PID: 1660)
- Unicorn-9789.exe (PID: 2616)
- Unicorn-47293.exe (PID: 5552)
- Unicorn-54714.exe (PID: 1072)
- Unicorn-48584.exe (PID: 1300)
- Unicorn-58362.exe (PID: 4976)
- Unicorn-17330.exe (PID: 6584)
- Unicorn-5077.exe (PID: 1764)
- Unicorn-64484.exe (PID: 1180)
- Unicorn-5077.exe (PID: 4988)
- Unicorn-61989.exe (PID: 3240)
- Unicorn-42388.exe (PID: 672)
- Unicorn-18076.exe (PID: 5728)
- Unicorn-47802.exe (PID: 4464)
- Unicorn-36296.exe (PID: 4408)
- Unicorn-64890.exe (PID: 4784)
- Unicorn-8113.exe (PID: 2392)
- Unicorn-33172.exe (PID: 6184)
- Unicorn-28726.exe (PID: 5800)
- Unicorn-44548.exe (PID: 736)
- Unicorn-31030.exe (PID: 7284)
- Unicorn-60173.exe (PID: 7312)
- Unicorn-16016.exe (PID: 7388)
- Unicorn-46873.exe (PID: 7460)
- Unicorn-11548.exe (PID: 7532)
- Unicorn-15632.exe (PID: 7512)
- Unicorn-64086.exe (PID: 7632)
- Unicorn-64086.exe (PID: 7612)
- Unicorn-9840.exe (PID: 7728)
- Unicorn-21046.exe (PID: 7864)
- Unicorn-41636.exe (PID: 7960)
- Unicorn-52265.exe (PID: 7952)
- Unicorn-21814.exe (PID: 8032)
- Unicorn-42042.exe (PID: 8064)
- Unicorn-46105.exe (PID: 7904)
- Unicorn-48025.exe (PID: 8248)
- Unicorn-48025.exe (PID: 8240)
- Unicorn-33939.exe (PID: 8468)
- Unicorn-48025.exe (PID: 8256)
- Unicorn-56598.exe (PID: 8460)
- Unicorn-40624.exe (PID: 8552)
- Unicorn-27818.exe (PID: 8488)
- Unicorn-8357.exe (PID: 8628)
- Unicorn-4081.exe (PID: 8752)
- Unicorn-33224.exe (PID: 8792)
- Unicorn-45306.exe (PID: 8612)
- Unicorn-41776.exe (PID: 8652)
- Unicorn-32478.exe (PID: 8924)
- Unicorn-49006.exe (PID: 8800)
- Unicorn-56412.exe (PID: 8880)
- Unicorn-57174.exe (PID: 8904)
- Unicorn-9085.exe (PID: 8964)
- Unicorn-17220.exe (PID: 8948)
- Unicorn-63370.exe (PID: 9112)
- Unicorn-59286.exe (PID: 9132)
- Unicorn-43312.exe (PID: 9168)
- Unicorn-1977.exe (PID: 9380)
- Unicorn-28572.exe (PID: 9480)
- Unicorn-17437.exe (PID: 9336)
- Unicorn-11489.exe (PID: 9460)
- Unicorn-52138.exe (PID: 9604)
- Unicorn-31526.exe (PID: 9620)
- Unicorn-49900.exe (PID: 9652)
- Unicorn-8920.exe (PID: 9696)
- Unicorn-45122.exe (PID: 9676)
- Unicorn-57929.exe (PID: 9728)
- Unicorn-8173.exe (PID: 9740)
- Unicorn-560.exe (PID: 9800)
The sample compiled with chinese language support
- 1 (1213).exe (PID: 5216)
- Unicorn-64890.exe (PID: 4784)
- Unicorn-54714.exe (PID: 1072)
- Unicorn-42358.exe (PID: 668)
- Unicorn-36856.exe (PID: 1660)
- Unicorn-9789.exe (PID: 2616)
- Unicorn-47293.exe (PID: 5552)
- Unicorn-61989.exe (PID: 3240)
- Unicorn-64484.exe (PID: 1180)
- Unicorn-19406.exe (PID: 4068)
- Unicorn-58362.exe (PID: 4976)
- Unicorn-36296.exe (PID: 4408)
- Unicorn-21251.exe (PID: 6592)
- Unicorn-47802.exe (PID: 4464)
- Unicorn-18076.exe (PID: 5728)
- Unicorn-28726.exe (PID: 5800)
- Unicorn-17330.exe (PID: 6584)
- Unicorn-44548.exe (PID: 736)
- Unicorn-8113.exe (PID: 4980)
- Unicorn-8113.exe (PID: 2392)
- Unicorn-53038.exe (PID: 5548)
- Unicorn-42388.exe (PID: 672)
- Unicorn-5077.exe (PID: 1764)
- Unicorn-50298.exe (PID: 7208)
- Unicorn-40521.exe (PID: 2420)
- Unicorn-33172.exe (PID: 1164)
- Unicorn-10012.exe (PID: 7228)
- Unicorn-26754.exe (PID: 7300)
- Unicorn-56420.exe (PID: 7256)
- Unicorn-64662.exe (PID: 7368)
- Unicorn-16016.exe (PID: 7388)
- Unicorn-64470.exe (PID: 7408)
- Unicorn-37728.exe (PID: 7428)
- Unicorn-46873.exe (PID: 7448)
- Unicorn-65482.exe (PID: 3304)
- Unicorn-46873.exe (PID: 7444)
- Unicorn-46873.exe (PID: 7460)
- Unicorn-8113.exe (PID: 6988)
- Unicorn-11548.exe (PID: 7532)
- Unicorn-43666.exe (PID: 7496)
- Unicorn-60173.exe (PID: 7312)
- Unicorn-14885.exe (PID: 7568)
- Unicorn-15632.exe (PID: 7512)
- Unicorn-60557.exe (PID: 7556)
- Unicorn-15632.exe (PID: 7520)
- Unicorn-6717.exe (PID: 7588)
- Unicorn-6717.exe (PID: 7596)
- Unicorn-51377.exe (PID: 7668)
- Unicorn-34655.exe (PID: 6516)
- Unicorn-64086.exe (PID: 7620)
- Unicorn-29175.exe (PID: 7736)
- Unicorn-64086.exe (PID: 7632)
- Unicorn-29175.exe (PID: 7744)
- Unicorn-9840.exe (PID: 7728)
- Unicorn-33172.exe (PID: 6184)
- Unicorn-38628.exe (PID: 7692)
- Unicorn-64086.exe (PID: 7612)
- Unicorn-31776.exe (PID: 7660)
- Unicorn-35939.exe (PID: 1328)
- Unicorn-48584.exe (PID: 1300)
- Unicorn-24376.exe (PID: 7800)
- Unicorn-57994.exe (PID: 7820)
- Unicorn-43504.exe (PID: 7844)
- Unicorn-64854.exe (PID: 7780)
- Unicorn-21046.exe (PID: 7872)
- Unicorn-168.exe (PID: 7896)
- Unicorn-1097.exe (PID: 7248)
- Unicorn-21046.exe (PID: 7864)
- Unicorn-41636.exe (PID: 7960)
- Unicorn-48488.exe (PID: 7972)
- Unicorn-46873.exe (PID: 8048)
- Unicorn-46105.exe (PID: 7904)
- Unicorn-33468.exe (PID: 7992)
- Unicorn-52265.exe (PID: 7952)
- Unicorn-21814.exe (PID: 8032)
- Unicorn-47204.exe (PID: 7984)
- Unicorn-30152.exe (PID: 8112)
- Unicorn-42042.exe (PID: 8064)
- Unicorn-26489.exe (PID: 7292)
- Unicorn-60936.exe (PID: 8152)
- Unicorn-27743.exe (PID: 8072)
- Unicorn-33682.exe (PID: 8124)
- Unicorn-49141.exe (PID: 8104)
- Unicorn-43578.exe (PID: 6324)
- Unicorn-52301.exe (PID: 1672)
- Unicorn-48025.exe (PID: 8256)
- Unicorn-31134.exe (PID: 8212)
- Unicorn-31030.exe (PID: 7284)
- Unicorn-48025.exe (PID: 8248)
- Unicorn-48025.exe (PID: 8240)
- Unicorn-35218.exe (PID: 8204)
- Unicorn-26810.exe (PID: 8292)
- Unicorn-49369.exe (PID: 8312)
- Unicorn-64958.exe (PID: 8352)
- Unicorn-11481.exe (PID: 8440)
- Unicorn-44346.exe (PID: 8404)
- Unicorn-23734.exe (PID: 8508)
- Unicorn-56598.exe (PID: 8460)
- Unicorn-33939.exe (PID: 8468)
- Unicorn-40624.exe (PID: 8552)
- Unicorn-27818.exe (PID: 8488)
- Unicorn-4273.exe (PID: 8636)
- Unicorn-5077.exe (PID: 4988)
- Unicorn-2419.exe (PID: 8592)
- Unicorn-19458.exe (PID: 8524)
- Unicorn-41776.exe (PID: 8652)
- Unicorn-8357.exe (PID: 8628)
- Unicorn-45306.exe (PID: 8612)
- Unicorn-61450.exe (PID: 8776)
- Unicorn-55512.exe (PID: 8644)
- Unicorn-33224.exe (PID: 8792)
- Unicorn-49006.exe (PID: 8800)
- Unicorn-32478.exe (PID: 8924)
- Unicorn-52960.exe (PID: 8680)
- Unicorn-56412.exe (PID: 8880)
- Unicorn-57366.exe (PID: 8784)
- Unicorn-57174.exe (PID: 8904)
- Unicorn-26208.exe (PID: 9004)
- Unicorn-17220.exe (PID: 8956)
- Unicorn-9085.exe (PID: 8964)
- Unicorn-17220.exe (PID: 8948)
- Unicorn-23607.exe (PID: 9048)
- Unicorn-16332.exe (PID: 9056)
- Unicorn-63370.exe (PID: 9112)
- Unicorn-59286.exe (PID: 9132)
- Unicorn-44604.exe (PID: 9176)
- Unicorn-45581.exe (PID: 9208)
- Unicorn-26038.exe (PID: 5308)
- Unicorn-43312.exe (PID: 9168)
- Unicorn-38098.exe (PID: 9224)
- Unicorn-18232.exe (PID: 9076)
- Unicorn-34961.exe (PID: 9248)
- Unicorn-7192.exe (PID: 9280)
- Unicorn-31142.exe (PID: 9260)
- Unicorn-1977.exe (PID: 9380)
- Unicorn-28572.exe (PID: 9480)
- Unicorn-35423.exe (PID: 9444)
- Unicorn-21695.exe (PID: 9496)
- Unicorn-17437.exe (PID: 9336)
- Unicorn-40078.exe (PID: 9488)
- Unicorn-11489.exe (PID: 9460)
- Unicorn-60498.exe (PID: 9532)
- Unicorn-11105.exe (PID: 9580)
- Unicorn-3029.exe (PID: 9548)
- Unicorn-21311.exe (PID: 9628)
- Unicorn-31526.exe (PID: 9620)
- Unicorn-51177.exe (PID: 9572)
- Unicorn-45122.exe (PID: 9676)
- Unicorn-49900.exe (PID: 9652)
- Unicorn-8173.exe (PID: 9740)
- Unicorn-16534.exe (PID: 9716)
- Unicorn-23803.exe (PID: 9872)
- Unicorn-36305.exe (PID: 9816)
- Unicorn-16150.exe (PID: 9840)
- Unicorn-52906.exe (PID: 9888)
- Unicorn-10019.exe (PID: 9832)
- Unicorn-4081.exe (PID: 8752)
- Unicorn-25205.exe (PID: 9932)
- Unicorn-53296.exe (PID: 9952)
- Unicorn-53290.exe (PID: 9768)
- Unicorn-58313.exe (PID: 10008)
- Unicorn-8920.exe (PID: 9696)
- Unicorn-51489.exe (PID: 10108)
- Unicorn-57929.exe (PID: 9728)
- Unicorn-60254.exe (PID: 10168)
- Unicorn-43918.exe (PID: 10140)
- Unicorn-35558.exe (PID: 10188)
- Unicorn-54058.exe (PID: 9972)
- Unicorn-43150.exe (PID: 10052)
- Unicorn-4636.exe (PID: 8856)
- Unicorn-14945.exe (PID: 10208)
- Unicorn-63252.exe (PID: 8376)
- Unicorn-8484.exe (PID: 4436)
- Unicorn-9583.exe (PID: 10272)
- Unicorn-54892.exe (PID: 536)
- Unicorn-43534.exe (PID: 680)
- Unicorn-31282.exe (PID: 2148)
- Unicorn-57824.exe (PID: 8428)
- Unicorn-3269.exe (PID: 10304)
- Unicorn-30735.exe (PID: 10424)
- Unicorn-36866.exe (PID: 10440)
- Unicorn-2531.exe (PID: 10360)
- Unicorn-20530.exe (PID: 10432)
- Unicorn-46741.exe (PID: 10568)
- Unicorn-41971.exe (PID: 10456)
- Unicorn-61946.exe (PID: 10344)
- Unicorn-28890.exe (PID: 10396)
- Unicorn-52138.exe (PID: 9604)
- Unicorn-9429.exe (PID: 10556)
- Unicorn-420.exe (PID: 10632)
- Unicorn-4961.exe (PID: 10608)
- Unicorn-53970.exe (PID: 10656)
- Unicorn-55512.exe (PID: 8672)
- Unicorn-16334.exe (PID: 8692)
- Unicorn-55101.exe (PID: 10548)
- Unicorn-35448.exe (PID: 10704)
- Unicorn-47146.exe (PID: 10720)
- Unicorn-61244.exe (PID: 10820)
- Unicorn-2584.exe (PID: 10800)
- Unicorn-2584.exe (PID: 10784)
- Unicorn-54665.exe (PID: 10876)
- Unicorn-316.exe (PID: 6940)
- Unicorn-14473.exe (PID: 10680)
- Unicorn-2584.exe (PID: 10780)
- Unicorn-30788.exe (PID: 10988)
- Unicorn-63653.exe (PID: 10912)
- Unicorn-62906.exe (PID: 10948)
- Unicorn-50389.exe (PID: 10964)
- Unicorn-44524.exe (PID: 10980)
- Unicorn-60913.exe (PID: 11040)
- Unicorn-560.exe (PID: 9800)
- Unicorn-5537.exe (PID: 10928)
- Unicorn-30788.exe (PID: 10972)
- Unicorn-23145.exe (PID: 11016)
- Unicorn-64250.exe (PID: 11100)
- Unicorn-52553.exe (PID: 11064)
- Unicorn-9111.exe (PID: 11088)
- Unicorn-51998.exe (PID: 11152)
- Unicorn-21171.exe (PID: 11220)
- Unicorn-45868.exe (PID: 11128)
- Unicorn-15241.exe (PID: 11048)
- Unicorn-14665.exe (PID: 11384)
- Unicorn-52553.exe (PID: 11076)
- Unicorn-38592.exe (PID: 11260)
- Unicorn-7244.exe (PID: 2064)
- Unicorn-61820.exe (PID: 10852)
- Unicorn-43830.exe (PID: 11160)
- Unicorn-54936.exe (PID: 2084)
- Unicorn-52553.exe (PID: 11060)
- Unicorn-36024.exe (PID: 1512)
- Unicorn-38019.exe (PID: 10860)
- Unicorn-10773.exe (PID: 3032)
- Unicorn-63866.exe (PID: 11288)
- Unicorn-35086.exe (PID: 11364)
- Unicorn-33039.exe (PID: 11348)
- Unicorn-23986.exe (PID: 11520)
- Unicorn-54936.exe (PID: 11276)
- Unicorn-35086.exe (PID: 11356)
- Unicorn-36238.exe (PID: 11484)
- Unicorn-40322.exe (PID: 11500)
- Unicorn-39180.exe (PID: 11456)
- Unicorn-31045.exe (PID: 11448)
- Unicorn-63866.exe (PID: 11268)
- Unicorn-47841.exe (PID: 11796)
- Unicorn-40322.exe (PID: 11492)
- Unicorn-32132.exe (PID: 11212)
Find more information about signature artifacts and mapping to MITRE ATT&CK™ MATRIX at the full report
TRiD
| .exe | | | Win32 Executable (generic) (52.9) |
|---|---|---|
| .exe | | | Generic Win/DOS Executable (23.5) |
| .exe | | | DOS Executable Generic (23.5) |
EXIF
EXE
| MachineType: | Intel 386 or later, and compatibles |
|---|---|
| TimeStamp: | 2019:01:19 13:34:56+00:00 |
| ImageFileCharacteristics: | No relocs, Executable, No line numbers, No symbols, 32-bit |
| PEType: | PE32 |
| LinkerVersion: | 6 |
| CodeSize: | 176128 |
| InitializedDataSize: | 299008 |
| UninitializedDataSize: | - |
| EntryPoint: | 0x13d4 |
| OSVersion: | 4 |
| ImageVersion: | 1 |
| SubsystemVersion: | 4 |
| Subsystem: | Windows GUI |
| FileVersionNumber: | 1.0.0.0 |
| ProductVersionNumber: | 1.0.0.0 |
| FileFlagsMask: | 0x003f |
| FileFlags: | (none) |
| FileOS: | Win32 |
| ObjectFileType: | Executable application |
| FileSubtype: | - |
| LanguageCode: | Chinese (Simplified) |
| CharacterSet: | Unicode |
| CompanyName: | UEFI |
| ProductName: | Kawaii-Unicorn |
| FileVersion: | 1 |
| ProductVersion: | 1 |
| InternalName: | Kawaii-Unicorn |
| OriginalFileName: | Kawaii-Unicorn.exe |
Total processes
483
Monitored processes
349
Malicious processes
60
Suspicious processes
53
Behavior graph
Click at the process to see the details
Process information
PID | CMD | Path | Indicators | Parent process | |||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 536 | C:\Users\admin\AppData\Local\Temp\Unicorn-54892.exe | C:\Users\admin\AppData\Local\Temp\Unicorn-54892.exe | Unicorn-26754.exe | ||||||||||||
User: admin Company: UEFI Integrity Level: MEDIUM Version: 1.00 Modules
| |||||||||||||||
| 668 | C:\Users\admin\AppData\Local\Temp\Unicorn-42358.exe | C:\Users\admin\AppData\Local\Temp\Unicorn-42358.exe | 1 (1213).exe | ||||||||||||
User: admin Company: UEFI Integrity Level: MEDIUM Version: 1.00 Modules
| |||||||||||||||
| 672 | C:\Users\admin\AppData\Local\Temp\Unicorn-42388.exe | C:\Users\admin\AppData\Local\Temp\Unicorn-42388.exe | Unicorn-36856.exe | ||||||||||||
User: admin Company: UEFI Integrity Level: MEDIUM Version: 1.00 Modules
| |||||||||||||||
| 680 | C:\Users\admin\AppData\Local\Temp\Unicorn-43534.exe | C:\Users\admin\AppData\Local\Temp\Unicorn-43534.exe | Unicorn-48025.exe | ||||||||||||
User: admin Company: UEFI Integrity Level: MEDIUM Version: 1.00 Modules
| |||||||||||||||
| 736 | C:\Users\admin\AppData\Local\Temp\Unicorn-44548.exe | C:\Users\admin\AppData\Local\Temp\Unicorn-44548.exe | Unicorn-47293.exe | ||||||||||||
User: admin Company: UEFI Integrity Level: MEDIUM Version: 1.00 Modules
| |||||||||||||||
| 1072 | C:\Users\admin\AppData\Local\Temp\Unicorn-54714.exe | C:\Users\admin\AppData\Local\Temp\Unicorn-54714.exe | Unicorn-36856.exe | ||||||||||||
User: admin Company: UEFI Integrity Level: MEDIUM Version: 1.00 Modules
| |||||||||||||||
| 1164 | C:\Users\admin\AppData\Local\Temp\Unicorn-33172.exe | C:\Users\admin\AppData\Local\Temp\Unicorn-33172.exe | Unicorn-48584.exe | ||||||||||||
User: admin Company: UEFI Integrity Level: MEDIUM Version: 1.00 Modules
| |||||||||||||||
| 1180 | C:\Users\admin\AppData\Local\Temp\Unicorn-64484.exe | C:\Users\admin\AppData\Local\Temp\Unicorn-64484.exe | Unicorn-42358.exe | ||||||||||||
User: admin Company: UEFI Integrity Level: MEDIUM Version: 1.00 Modules
| |||||||||||||||
| 1300 | C:\Users\admin\AppData\Local\Temp\Unicorn-48584.exe | C:\Users\admin\AppData\Local\Temp\Unicorn-48584.exe | 1 (1213).exe | ||||||||||||
User: admin Company: UEFI Integrity Level: MEDIUM Version: 1.00 Modules
| |||||||||||||||
| 1328 | C:\Users\admin\AppData\Local\Temp\Unicorn-35939.exe | C:\Users\admin\AppData\Local\Temp\Unicorn-35939.exe | 1 (1213).exe | ||||||||||||
User: admin Company: UEFI Integrity Level: MEDIUM Version: 1.00 Modules
| |||||||||||||||
Total events
8 983
Read events
8 983
Write events
0
Delete events
0
Modification events
Executable files
1 147
Suspicious files
2
Text files
2
Unknown types
0
Dropped files
PID | Process | Filename | Type | |
|---|---|---|---|---|
| 5216 | 1 (1213).exe | C:\Users\admin\AppData\Local\Temp\Unicorn-42358.exe | executable | |
MD5:5FB8C69C83094A833C8CA08F8D0172C7 | SHA256:04BC14F6D7667104E696A95BE2281E5AFAF77912923008F887019CE792E424A5 | |||
| 5552 | Unicorn-47293.exe | C:\Users\admin\AppData\Local\Temp\Unicorn-17330.exe | executable | |
MD5:90ABE2A48123BFC465CAAFF8B3FD2D5A | SHA256:90DB50CAADED12FBB1117A5DC2D3269FFE5880F98C38F821908279753D2AD26D | |||
| 668 | Unicorn-42358.exe | C:\Users\admin\AppData\Local\Temp\Unicorn-47293.exe | executable | |
MD5:96797A0A706B4090AF7937AE0DDCF89A | SHA256:5DBBE04377A999AAEC7D2F517785ED59AEA3BC4588F94F0D00028D0E378A9FEE | |||
| 5216 | 1 (1213).exe | C:\Users\admin\AppData\Local\Temp\Unicorn-36856.exe | executable | |
MD5:92968519B9C7DB5437E4696ACA79BC55 | SHA256:E5C60F5A90CB2CE861442B809CF4553CE3023AA69EDFE447524EA09EA8FAE10A | |||
| 4784 | Unicorn-64890.exe | C:\Users\admin\AppData\Local\Temp\Unicorn-9789.exe | executable | |
MD5:76B2EF18E6865E5C18725D00B5459D91 | SHA256:FE47D686EFAA3C92054ABB20C03708F5B41DDA30CF11C9291EB89DA8A1F8F780 | |||
| 2616 | Unicorn-9789.exe | C:\Users\admin\AppData\Local\Temp\Unicorn-36296.exe | executable | |
MD5:AC78696BF7E6CE6802CAD7F527DED8E3 | SHA256:F760FEB5208A19DDF771294C6332180986E3053AC4330F00F204507E9407A15B | |||
| 1660 | Unicorn-36856.exe | C:\Users\admin\AppData\Local\Temp\Unicorn-54714.exe | executable | |
MD5:6995468EDAD2BC30571C41918F732BFF | SHA256:6B0FB82B2A77753D252D46B9D1992E26E7E5115237F292C95F34EF7DA7B3ACF4 | |||
| 1660 | Unicorn-36856.exe | C:\Users\admin\AppData\Local\Temp\Unicorn-42388.exe | executable | |
MD5:9D7D16897EB19F0664E1488E3572733B | SHA256:A4499AE336E80B687E3C06217B669B13A36173CCBBA7E11A3E9155EFE3B87E03 | |||
| 668 | Unicorn-42358.exe | C:\Users\admin\AppData\Local\Temp\Unicorn-64484.exe | executable | |
MD5:698D93CF3380656DF0BD814165642F08 | SHA256:991CCCE31042BF466D35E892319E77E6365D6F65F5835439529F3A5EA3664980 | |||
| 5216 | 1 (1213).exe | C:\Users\admin\AppData\Local\Temp\Unicorn-48584.exe | executable | |
MD5:C851C1A2BDC3047505439DE5416E7103 | SHA256:EEB785F5B451CE90D1CF802C275B8A422C2E0F3D3D448F5054F5282755E40C37 | |||
Download PCAP, analyze network streams, HTTP content and a lot more at the full report
HTTP(S) requests
5
TCP/UDP connections
24
DNS requests
14
Threats
0
HTTP requests
PID | Process | Method | HTTP Code | IP | URL | CN | Type | Size | Reputation |
|---|---|---|---|---|---|---|---|---|---|
— | — | GET | 200 | 23.48.23.166:80 | http://crl.microsoft.com/pki/crl/products/MicRooCerAut2011_2011_03_22.crl | unknown | — | — | whitelisted |
5404 | backgroundTaskHost.exe | GET | 200 | 184.30.131.245:80 | http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBQ50otx%2Fh0Ztl%2Bz8SiPI7wEWVxDlQQUTiJUIBiV5uNu5g%2F6%2BrkS7QYXjzkCEAUZZSZEml49Gjh0j13P68w%3D | unknown | — | — | whitelisted |
8336 | SIHClient.exe | GET | 200 | 2.23.181.156:80 | http://www.microsoft.com/pkiops/crl/Microsoft%20ECC%20Product%20Root%20Certificate%20Authority%202018.crl | unknown | — | — | whitelisted |
8336 | SIHClient.exe | GET | 200 | 2.23.181.156:80 | http://www.microsoft.com/pkiops/crl/Microsoft%20ECC%20Update%20Secure%20Server%20CA%202.1.crl | unknown | — | — | whitelisted |
6544 | svchost.exe | GET | 200 | 184.30.131.245:80 | http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBSAUQYBMq2awn1Rh6Doh%2FsBYgFV7gQUA95QNVbRTLtm8KPiGxvDl7I90VUCEAJ0LqoXyo4hxxe7H%2Fz9DKA%3D | unknown | — | — | whitelisted |
Download PCAP, analyze network streams, HTTP content and a lot more at the full report
Connections
PID | Process | IP | Domain | ASN | CN | Reputation |
|---|---|---|---|---|---|---|
4 | System | 192.168.100.255:138 | — | — | — | whitelisted |
— | — | 51.104.136.2:443 | settings-win.data.microsoft.com | MICROSOFT-CORP-MSN-AS-BLOCK | IE | whitelisted |
— | — | 23.48.23.166:80 | crl.microsoft.com | Akamai International B.V. | DE | whitelisted |
2104 | svchost.exe | 51.104.136.2:443 | settings-win.data.microsoft.com | MICROSOFT-CORP-MSN-AS-BLOCK | IE | whitelisted |
3216 | svchost.exe | 20.198.162.78:443 | client.wns.windows.com | MICROSOFT-CORP-MSN-AS-BLOCK | SG | whitelisted |
6544 | svchost.exe | 20.190.159.129:443 | login.live.com | MICROSOFT-CORP-MSN-AS-BLOCK | IE | whitelisted |
6544 | svchost.exe | 184.30.131.245:80 | ocsp.digicert.com | AKAMAI-AS | US | whitelisted |
2112 | svchost.exe | 51.104.136.2:443 | settings-win.data.microsoft.com | MICROSOFT-CORP-MSN-AS-BLOCK | IE | whitelisted |
5404 | backgroundTaskHost.exe | 20.223.35.26:443 | arc.msn.com | MICROSOFT-CORP-MSN-AS-BLOCK | IE | whitelisted |
5404 | backgroundTaskHost.exe | 184.30.131.245:80 | ocsp.digicert.com | AKAMAI-AS | US | whitelisted |
DNS requests
Domain | IP | Reputation |
|---|---|---|
settings-win.data.microsoft.com |
| whitelisted |
crl.microsoft.com |
| whitelisted |
client.wns.windows.com |
| whitelisted |
login.live.com |
| whitelisted |
ocsp.digicert.com |
| whitelisted |
arc.msn.com |
| whitelisted |
slscr.update.microsoft.com |
| whitelisted |
www.microsoft.com |
| whitelisted |
fe3cr.delivery.mp.microsoft.com |
| whitelisted |
activation-v2.sls.microsoft.com |
| whitelisted |