| File name: | 1 (201) |
| Full analysis: | https://app.any.run/tasks/8f940b79-a574-4094-83d8-cd81565f37aa |
| Verdict: | Malicious activity |
| Analysis date: | March 24, 2025, 16:04:23 |
| OS: | Windows 10 Professional (build: 19045, 64 bit) |
| Indicators: | |
| MIME: | application/vnd.microsoft.portable-executable |
| File info: | PE32 executable (GUI) Intel 80386, for MS Windows, 3 sections |
| MD5: | 4C638DD198CB921CE7F8AE211D3D4DF0 |
| SHA1: | 42A6BD8E3659AEF28DA0DE65DA819DE37D6CF34E |
| SHA256: | 67E3EFE76EE0F66B448FF3EBAF63DA518B4800635A85D3FEC2407753582D873A |
| SSDEEP: | 6144:tJ98cgm+QDseAupl2yesBZSx5tPqlp8GBV/gyeOLTk/8SwjwpyAvEhliuu9VqF4a:t71pmeAuT2NBPM+aVIyeOLUx4DxmDsR |
MALICIOUS
No malicious indicators.SUSPICIOUS
Starts itself from another location
- 1 (201).exe (PID: 4428)
- Unicorn-29832.exe (PID: 5404)
- Unicorn-36988.exe (PID: 7436)
- Unicorn-17122.exe (PID: 7428)
- Unicorn-7330.exe (PID: 7516)
- Unicorn-18836.exe (PID: 7492)
- Unicorn-18836.exe (PID: 7488)
- Unicorn-53428.exe (PID: 7584)
- Unicorn-21065.exe (PID: 7532)
- Unicorn-46007.exe (PID: 7632)
- Unicorn-335.exe (PID: 7624)
- Unicorn-8238.exe (PID: 7656)
- Unicorn-53428.exe (PID: 7592)
- Unicorn-46007.exe (PID: 7616)
- Unicorn-335.exe (PID: 7640)
- Unicorn-24212.exe (PID: 7780)
- Unicorn-16790.exe (PID: 7816)
- Unicorn-2373.exe (PID: 7668)
- Unicorn-12706.exe (PID: 7796)
- Unicorn-3983.exe (PID: 7840)
- Unicorn-12151.exe (PID: 7860)
- Unicorn-35815.exe (PID: 7968)
- Unicorn-14189.exe (PID: 7900)
- Unicorn-20320.exe (PID: 7916)
- Unicorn-16214.exe (PID: 7984)
- Unicorn-4538.exe (PID: 7908)
- Unicorn-27149.exe (PID: 7976)
- Unicorn-6251.exe (PID: 8116)
- Unicorn-56007.exe (PID: 8124)
- Unicorn-11959.exe (PID: 7760)
- Unicorn-14398.exe (PID: 8152)
- Unicorn-63044.exe (PID: 8172)
- Unicorn-6422.exe (PID: 7180)
- Unicorn-14035.exe (PID: 4112)
- Unicorn-14035.exe (PID: 6800)
- Unicorn-33369.exe (PID: 5960)
- Unicorn-29285.exe (PID: 4920)
- Unicorn-12151.exe (PID: 7868)
- Unicorn-12151.exe (PID: 7876)
- Unicorn-14189.exe (PID: 7892)
- Unicorn-60859.exe (PID: 6004)
- Unicorn-60304.exe (PID: 7208)
- Unicorn-55644.exe (PID: 1180)
- Unicorn-56199.exe (PID: 672)
- Unicorn-17926.exe (PID: 6028)
- Unicorn-14611.exe (PID: 4408)
- Unicorn-22972.exe (PID: 1228)
- Unicorn-27610.exe (PID: 7360)
- Unicorn-41346.exe (PID: 1348)
- Unicorn-55571.exe (PID: 7172)
- Unicorn-27610.exe (PID: 7372)
- Unicorn-22972.exe (PID: 7352)
- Unicorn-22972.exe (PID: 7192)
- Unicorn-47211.exe (PID: 5324)
- Unicorn-23526.exe (PID: 7380)
- Unicorn-14611.exe (PID: 7288)
- Unicorn-46906.exe (PID: 4220)
- Unicorn-49706.exe (PID: 7000)
- Unicorn-8726.exe (PID: 2420)
- Unicorn-34713.exe (PID: 7564)
- Unicorn-16148.exe (PID: 1328)
- Unicorn-63494.exe (PID: 6592)
- Unicorn-21938.exe (PID: 1568)
- Unicorn-25468.exe (PID: 2984)
- Unicorn-57372.exe (PID: 5436)
- Unicorn-15253.exe (PID: 1164)
- Unicorn-10527.exe (PID: 4692)
- Unicorn-9131.exe (PID: 736)
- Unicorn-41420.exe (PID: 6564)
- Unicorn-46251.exe (PID: 7324)
- Unicorn-62587.exe (PID: 2092)
- Unicorn-33252.exe (PID: 1188)
- Unicorn-38082.exe (PID: 7284)
- Unicorn-61959.exe (PID: 6724)
- Unicorn-8747.exe (PID: 7484)
- Unicorn-61959.exe (PID: 616)
- Unicorn-1134.exe (PID: 2908)
- Unicorn-12831.exe (PID: 7748)
- Unicorn-62587.exe (PID: 3300)
- Unicorn-55016.exe (PID: 4040)
- Unicorn-16213.exe (PID: 6300)
- Unicorn-62992.exe (PID: 8244)
- Unicorn-39412.exe (PID: 8328)
- Unicorn-29936.exe (PID: 1168)
- Unicorn-34574.exe (PID: 8220)
- Unicorn-609.exe (PID: 8364)
- Unicorn-64471.exe (PID: 8260)
- Unicorn-15078.exe (PID: 8540)
- Unicorn-15078.exe (PID: 8448)
- Unicorn-47388.exe (PID: 8580)
- Unicorn-14523.exe (PID: 8488)
- Unicorn-55754.exe (PID: 8624)
- Unicorn-24206.exe (PID: 8568)
- Unicorn-10247.exe (PID: 8400)
- Unicorn-60335.exe (PID: 8604)
- Unicorn-51280.exe (PID: 8408)
- Unicorn-34944.exe (PID: 8456)
- Unicorn-63922.exe (PID: 8636)
- Unicorn-18608.exe (PID: 8520)
- Unicorn-21605.exe (PID: 8560)
- Unicorn-14523.exe (PID: 8472)
- Unicorn-59448.exe (PID: 8384)
- Unicorn-22692.exe (PID: 8528)
- Unicorn-51471.exe (PID: 8644)
- Unicorn-2826.exe (PID: 8440)
- Unicorn-19335.exe (PID: 8552)
- Unicorn-5269.exe (PID: 8664)
- Unicorn-10439.exe (PID: 8504)
- Unicorn-44819.exe (PID: 8616)
- Unicorn-47388.exe (PID: 8480)
- Unicorn-38836.exe (PID: 8464)
- Unicorn-51280.exe (PID: 8420)
- Unicorn-27522.exe (PID: 8588)
- Unicorn-5269.exe (PID: 8660)
- Unicorn-8275.exe (PID: 9036)
- Unicorn-12338.exe (PID: 9080)
- Unicorn-7050.exe (PID: 8652)
- Unicorn-11518.exe (PID: 9116)
- Unicorn-24036.exe (PID: 9060)
- Unicorn-7891.exe (PID: 9152)
- Unicorn-8851.exe (PID: 3676)
- Unicorn-56900.exe (PID: 9096)
- Unicorn-50631.exe (PID: 8296)
- Unicorn-42794.exe (PID: 9144)
- Unicorn-49884.exe (PID: 9192)
- Unicorn-16754.exe (PID: 9160)
- Unicorn-9214.exe (PID: 9228)
- Unicorn-9022.exe (PID: 1452)
- Unicorn-2006.exe (PID: 9272)
- Unicorn-41716.exe (PID: 720)
- Unicorn-30925.exe (PID: 8372)
- Unicorn-4383.exe (PID: 9140)
- Unicorn-38135.exe (PID: 9332)
- Unicorn-38400.exe (PID: 9340)
- Unicorn-21488.exe (PID: 9380)
- Unicorn-21488.exe (PID: 9372)
- Unicorn-52498.exe (PID: 9420)
- Unicorn-2966.exe (PID: 9456)
- Unicorn-38592.exe (PID: 9508)
- Unicorn-33037.exe (PID: 9480)
- Unicorn-46952.exe (PID: 9608)
- Unicorn-64440.exe (PID: 9660)
- Unicorn-10003.exe (PID: 9540)
- Unicorn-44575.exe (PID: 9676)
- Unicorn-47912.exe (PID: 9644)
- Unicorn-64440.exe (PID: 9664)
- Unicorn-20070.exe (PID: 9716)
- Unicorn-2033.exe (PID: 9780)
- Unicorn-64803.exe (PID: 9756)
- Unicorn-2033.exe (PID: 9784)
- Unicorn-36428.exe (PID: 9812)
- Unicorn-32536.exe (PID: 9836)
- Unicorn-42920.exe (PID: 8512)
- Unicorn-41450.exe (PID: 9856)
- Unicorn-17661.exe (PID: 9872)
Executable content was dropped or overwritten
- 1 (201).exe (PID: 4428)
- Unicorn-29832.exe (PID: 5404)
- Unicorn-36988.exe (PID: 7436)
- Unicorn-18836.exe (PID: 7492)
- Unicorn-17122.exe (PID: 7428)
- Unicorn-7330.exe (PID: 7516)
- Unicorn-53428.exe (PID: 7584)
- Unicorn-53428.exe (PID: 7592)
- Unicorn-46007.exe (PID: 7632)
- Unicorn-8238.exe (PID: 7656)
- Unicorn-21065.exe (PID: 7532)
- Unicorn-18836.exe (PID: 7488)
- Unicorn-46007.exe (PID: 7616)
- Unicorn-2373.exe (PID: 7668)
- Unicorn-11959.exe (PID: 7760)
- Unicorn-24212.exe (PID: 7780)
- Unicorn-12706.exe (PID: 7796)
- Unicorn-3983.exe (PID: 7840)
- Unicorn-12151.exe (PID: 7860)
- Unicorn-12151.exe (PID: 7868)
- Unicorn-35815.exe (PID: 7968)
- Unicorn-20320.exe (PID: 7916)
- Unicorn-335.exe (PID: 7640)
- Unicorn-6251.exe (PID: 8116)
- Unicorn-335.exe (PID: 7624)
- Unicorn-56007.exe (PID: 8124)
- Unicorn-14398.exe (PID: 8152)
- Unicorn-63044.exe (PID: 8172)
- Unicorn-6422.exe (PID: 7180)
- Unicorn-14035.exe (PID: 4112)
- Unicorn-14035.exe (PID: 6800)
- Unicorn-16790.exe (PID: 7816)
- Unicorn-29285.exe (PID: 4920)
- Unicorn-12151.exe (PID: 7876)
- Unicorn-60859.exe (PID: 6004)
- Unicorn-33369.exe (PID: 5960)
- Unicorn-60304.exe (PID: 7208)
- Unicorn-55644.exe (PID: 1180)
- Unicorn-56199.exe (PID: 672)
- Unicorn-27610.exe (PID: 7360)
- Unicorn-17926.exe (PID: 6028)
- Unicorn-27610.exe (PID: 7372)
- Unicorn-22972.exe (PID: 7192)
- Unicorn-10527.exe (PID: 4692)
- Unicorn-27149.exe (PID: 7976)
- Unicorn-14611.exe (PID: 4408)
- Unicorn-55571.exe (PID: 7172)
- Unicorn-49706.exe (PID: 7000)
- Unicorn-14611.exe (PID: 7288)
- Unicorn-23526.exe (PID: 7380)
- Unicorn-16214.exe (PID: 7984)
- Unicorn-46906.exe (PID: 4220)
- Unicorn-4538.exe (PID: 7908)
- Unicorn-8726.exe (PID: 2420)
- Unicorn-34713.exe (PID: 7564)
- Unicorn-16148.exe (PID: 1328)
- Unicorn-63494.exe (PID: 6592)
- Unicorn-21938.exe (PID: 1568)
- Unicorn-25468.exe (PID: 2984)
- Unicorn-57372.exe (PID: 5436)
- Unicorn-15253.exe (PID: 1164)
- Unicorn-9131.exe (PID: 736)
- Unicorn-62587.exe (PID: 2092)
- Unicorn-41420.exe (PID: 6564)
- Unicorn-38082.exe (PID: 7284)
- Unicorn-61959.exe (PID: 6724)
- Unicorn-61959.exe (PID: 616)
- Unicorn-8747.exe (PID: 7484)
- Unicorn-33252.exe (PID: 1188)
- Unicorn-1134.exe (PID: 2908)
- Unicorn-55016.exe (PID: 4040)
- Unicorn-14189.exe (PID: 7892)
- Unicorn-16213.exe (PID: 6300)
- Unicorn-62587.exe (PID: 3300)
- Unicorn-62992.exe (PID: 8244)
- Unicorn-39412.exe (PID: 8328)
- Unicorn-29936.exe (PID: 1168)
- Unicorn-64471.exe (PID: 8260)
- Unicorn-609.exe (PID: 8364)
- Unicorn-24206.exe (PID: 8568)
- Unicorn-7050.exe (PID: 8652)
- Unicorn-14523.exe (PID: 8488)
- Unicorn-15078.exe (PID: 8448)
- Unicorn-47388.exe (PID: 8580)
- Unicorn-14189.exe (PID: 7900)
- Unicorn-55754.exe (PID: 8624)
- Unicorn-47211.exe (PID: 5324)
- Unicorn-10247.exe (PID: 8400)
- Unicorn-60335.exe (PID: 8604)
- Unicorn-42920.exe (PID: 8512)
- Unicorn-51280.exe (PID: 8408)
- Unicorn-34944.exe (PID: 8456)
- Unicorn-63922.exe (PID: 8636)
- Unicorn-14523.exe (PID: 8472)
- Unicorn-22692.exe (PID: 8528)
- Unicorn-18608.exe (PID: 8520)
- Unicorn-51471.exe (PID: 8644)
- Unicorn-2826.exe (PID: 8440)
- Unicorn-5269.exe (PID: 8664)
- Unicorn-10439.exe (PID: 8504)
- Unicorn-19335.exe (PID: 8552)
- Unicorn-44819.exe (PID: 8616)
- Unicorn-47388.exe (PID: 8480)
- Unicorn-38836.exe (PID: 8464)
- Unicorn-41346.exe (PID: 1348)
- Unicorn-5269.exe (PID: 8660)
- Unicorn-51280.exe (PID: 8420)
- Unicorn-27522.exe (PID: 8588)
- Unicorn-22972.exe (PID: 7352)
- Unicorn-12338.exe (PID: 9080)
- Unicorn-8275.exe (PID: 9036)
- Unicorn-7891.exe (PID: 9152)
- Unicorn-8851.exe (PID: 3676)
- Unicorn-56900.exe (PID: 9096)
- Unicorn-11518.exe (PID: 9116)
- Unicorn-24036.exe (PID: 9060)
- Unicorn-42794.exe (PID: 9144)
- Unicorn-50631.exe (PID: 8296)
- Unicorn-49884.exe (PID: 9192)
- Unicorn-4383.exe (PID: 9140)
- Unicorn-16754.exe (PID: 9160)
- Unicorn-2006.exe (PID: 9272)
- Unicorn-30925.exe (PID: 8372)
- Unicorn-9214.exe (PID: 9228)
- Unicorn-9022.exe (PID: 1452)
- Unicorn-38400.exe (PID: 9340)
- Unicorn-46251.exe (PID: 7324)
- Unicorn-21488.exe (PID: 9380)
- Unicorn-21488.exe (PID: 9372)
- Unicorn-38135.exe (PID: 9332)
- Unicorn-52498.exe (PID: 9420)
- Unicorn-2966.exe (PID: 9456)
- Unicorn-38592.exe (PID: 9508)
- Unicorn-33037.exe (PID: 9480)
- Unicorn-46952.exe (PID: 9608)
- Unicorn-64440.exe (PID: 9660)
- Unicorn-20070.exe (PID: 9716)
- Unicorn-10003.exe (PID: 9540)
- Unicorn-44575.exe (PID: 9676)
- Unicorn-47912.exe (PID: 9644)
- Unicorn-62586.exe (PID: 9736)
- Unicorn-2033.exe (PID: 9780)
- Unicorn-64803.exe (PID: 9756)
- Unicorn-34574.exe (PID: 8220)
- Unicorn-36428.exe (PID: 9812)
- Unicorn-53392.exe (PID: 9020)
- Unicorn-32536.exe (PID: 9836)
- Unicorn-41450.exe (PID: 9856)
- Unicorn-15078.exe (PID: 8540)
- Unicorn-2033.exe (PID: 9784)
- Unicorn-17661.exe (PID: 9872)
- Unicorn-12286.exe (PID: 9912)
- Unicorn-15624.exe (PID: 9892)
- Unicorn-21605.exe (PID: 8560)
- Unicorn-22972.exe (PID: 1228)
- Unicorn-6525.exe (PID: 9964)
- Unicorn-403.exe (PID: 9988)
- Unicorn-44871.exe (PID: 10032)
- Unicorn-12831.exe (PID: 7748)
- Unicorn-64440.exe (PID: 9664)
- Unicorn-54072.exe (PID: 10124)
- Unicorn-54072.exe (PID: 10120)
- Unicorn-50735.exe (PID: 10168)
- Unicorn-16229.exe (PID: 10192)
- Unicorn-45904.exe (PID: 10108)
- Unicorn-2494.exe (PID: 10184)
- Unicorn-16330.exe (PID: 10220)
- Unicorn-59448.exe (PID: 8384)
- Unicorn-2110.exe (PID: 6108)
- Unicorn-47824.exe (PID: 9136)
- Unicorn-26563.exe (PID: 10268)
- Unicorn-51908.exe (PID: 9708)
- Unicorn-47632.exe (PID: 10360)
- Unicorn-35188.exe (PID: 10340)
- Unicorn-22936.exe (PID: 10316)
- Unicorn-20697.exe (PID: 10260)
- Unicorn-13681.exe (PID: 10380)
- Unicorn-36148.exe (PID: 10396)
- Unicorn-41716.exe (PID: 720)
- Unicorn-47440.exe (PID: 10292)
- Unicorn-46738.exe (PID: 10460)
- Unicorn-8306.exe (PID: 10416)
- Unicorn-31493.exe (PID: 10444)
- Unicorn-40424.exe (PID: 10452)
- Unicorn-61015.exe (PID: 10504)
- Unicorn-48208.exe (PID: 10548)
- Unicorn-36340.exe (PID: 10436)
- Unicorn-27788.exe (PID: 10612)
- Unicorn-1045.exe (PID: 10580)
- Unicorn-27788.exe (PID: 10628)
- Unicorn-35956.exe (PID: 10636)
- Unicorn-23512.exe (PID: 10516)
- Unicorn-11451.exe (PID: 10588)
- Unicorn-27596.exe (PID: 10536)
- Unicorn-44316.exe (PID: 10672)
- Unicorn-7367.exe (PID: 10704)
- Unicorn-19817.exe (PID: 10756)
- Unicorn-4798.exe (PID: 10740)
- Unicorn-7367.exe (PID: 10712)
- Unicorn-37108.exe (PID: 10844)
- Unicorn-32254.exe (PID: 10876)
- Unicorn-7558.exe (PID: 10824)
- Unicorn-29686.exe (PID: 10860)
- Unicorn-57720.exe (PID: 10884)
- Unicorn-49552.exe (PID: 10868)
- Unicorn-8327.exe (PID: 10800)
- Unicorn-61975.exe (PID: 11012)
- Unicorn-25218.exe (PID: 11084)
- Unicorn-4606.exe (PID: 11020)
- Unicorn-61975.exe (PID: 11004)
- Unicorn-61975.exe (PID: 10996)
- Unicorn-27788.exe (PID: 10620)
- Unicorn-16112.exe (PID: 10928)
- Unicorn-21348.exe (PID: 11148)
- Unicorn-13179.exe (PID: 11132)
- Unicorn-49723.exe (PID: 11112)
- Unicorn-4606.exe (PID: 11028)
- Unicorn-21082.exe (PID: 11168)
- Unicorn-40616.exe (PID: 10964)
- Unicorn-65239.exe (PID: 11104)
- Unicorn-28364.exe (PID: 10956)
- Unicorn-30262.exe (PID: 11204)
- Unicorn-695.exe (PID: 11220)
- Unicorn-40106.exe (PID: 5376)
- Unicorn-42706.exe (PID: 3768)
- Unicorn-6665.exe (PID: 11272)
- Unicorn-25432.exe (PID: 11160)
- Unicorn-34538.exe (PID: 11316)
- Unicorn-20890.exe (PID: 11424)
- Unicorn-16305.exe (PID: 11248)
- Unicorn-26370.exe (PID: 11256)
- Unicorn-58488.exe (PID: 744)
- Unicorn-54575.exe (PID: 11468)
- Unicorn-64034.exe (PID: 11384)
- Unicorn-25986.exe (PID: 11444)
- Unicorn-735.exe (PID: 11460)
- Unicorn-38644.exe (PID: 11520)
- Unicorn-10055.exe (PID: 11552)
- Unicorn-16177.exe (PID: 11500)
- Unicorn-12987.exe (PID: 11404)
Executes application which crashes
- Unicorn-28592.exe (PID: 2240)
INFO
The sample compiled with chinese language support
- 1 (201).exe (PID: 4428)
- Unicorn-29832.exe (PID: 5404)
- Unicorn-22972.exe (PID: 7352)
- Unicorn-55571.exe (PID: 7172)
- Unicorn-27610.exe (PID: 7360)
- Unicorn-20320.exe (PID: 7916)
- Unicorn-4538.exe (PID: 7908)
- Unicorn-8275.exe (PID: 9036)
- Unicorn-12338.exe (PID: 9080)
- Unicorn-27149.exe (PID: 7976)
- Unicorn-335.exe (PID: 7624)
- Unicorn-7050.exe (PID: 8652)
- Unicorn-56900.exe (PID: 9096)
- Unicorn-6525.exe (PID: 9964)
- Unicorn-24036.exe (PID: 9060)
- Unicorn-7891.exe (PID: 9152)
- Unicorn-34713.exe (PID: 7564)
- Unicorn-8851.exe (PID: 3676)
- Unicorn-42794.exe (PID: 9144)
- Unicorn-57372.exe (PID: 5436)
- Unicorn-22692.exe (PID: 8528)
- Unicorn-53428.exe (PID: 7584)
- Unicorn-63494.exe (PID: 6592)
- Unicorn-6251.exe (PID: 8116)
- Unicorn-11518.exe (PID: 9116)
- Unicorn-403.exe (PID: 9988)
- Unicorn-2373.exe (PID: 7668)
- Unicorn-21938.exe (PID: 1568)
- Unicorn-11959.exe (PID: 7760)
- Unicorn-9022.exe (PID: 1452)
- Unicorn-9214.exe (PID: 9228)
- Unicorn-2006.exe (PID: 9272)
- Unicorn-14398.exe (PID: 8152)
- Unicorn-30925.exe (PID: 8372)
- Unicorn-9131.exe (PID: 736)
- Unicorn-63044.exe (PID: 8172)
- Unicorn-49884.exe (PID: 9192)
- Unicorn-25468.exe (PID: 2984)
- Unicorn-50631.exe (PID: 8296)
- Unicorn-4383.exe (PID: 9140)
- Unicorn-44871.exe (PID: 10032)
- Unicorn-6422.exe (PID: 7180)
- Unicorn-38400.exe (PID: 9340)
- Unicorn-62587.exe (PID: 2092)
- Unicorn-53428.exe (PID: 7592)
- Unicorn-46251.exe (PID: 7324)
- Unicorn-21488.exe (PID: 9372)
- Unicorn-41420.exe (PID: 6564)
- Unicorn-21488.exe (PID: 9380)
- Unicorn-12151.exe (PID: 7868)
- Unicorn-15253.exe (PID: 1164)
- Unicorn-24212.exe (PID: 7780)
- Unicorn-10527.exe (PID: 4692)
- Unicorn-38135.exe (PID: 9332)
- Unicorn-8747.exe (PID: 7484)
- Unicorn-33252.exe (PID: 1188)
- Unicorn-38082.exe (PID: 7284)
- Unicorn-61959.exe (PID: 6724)
- Unicorn-33369.exe (PID: 5960)
- Unicorn-2966.exe (PID: 9456)
- Unicorn-12831.exe (PID: 7748)
- Unicorn-33037.exe (PID: 9480)
- Unicorn-14035.exe (PID: 4112)
- Unicorn-16790.exe (PID: 7816)
- Unicorn-14035.exe (PID: 6800)
- Unicorn-12706.exe (PID: 7796)
- Unicorn-52498.exe (PID: 9420)
- Unicorn-55016.exe (PID: 4040)
- Unicorn-56007.exe (PID: 8124)
- Unicorn-10003.exe (PID: 9540)
- Unicorn-62587.exe (PID: 3300)
- Unicorn-46952.exe (PID: 9608)
- Unicorn-60859.exe (PID: 6004)
- Unicorn-14189.exe (PID: 7892)
- Unicorn-16213.exe (PID: 6300)
- Unicorn-64440.exe (PID: 9664)
- Unicorn-64440.exe (PID: 9660)
- Unicorn-46007.exe (PID: 7616)
- Unicorn-29285.exe (PID: 4920)
- Unicorn-38592.exe (PID: 9508)
- Unicorn-18836.exe (PID: 7492)
- Unicorn-18836.exe (PID: 7488)
- Unicorn-1134.exe (PID: 2908)
- Unicorn-12151.exe (PID: 7876)
- Unicorn-62586.exe (PID: 9736)
- Unicorn-34574.exe (PID: 8220)
- Unicorn-54072.exe (PID: 10124)
- Unicorn-61959.exe (PID: 616)
- Unicorn-60304.exe (PID: 7208)
- Unicorn-39412.exe (PID: 8328)
- Unicorn-3983.exe (PID: 7840)
- Unicorn-54072.exe (PID: 10120)
- Unicorn-56199.exe (PID: 672)
- Unicorn-50735.exe (PID: 10168)
- Unicorn-2033.exe (PID: 9780)
- Unicorn-47912.exe (PID: 9644)
- Unicorn-12151.exe (PID: 7860)
- Unicorn-15078.exe (PID: 8448)
- Unicorn-45904.exe (PID: 10108)
- Unicorn-47388.exe (PID: 8580)
- Unicorn-15078.exe (PID: 8540)
- Unicorn-2033.exe (PID: 9784)
- Unicorn-16214.exe (PID: 7984)
- Unicorn-24206.exe (PID: 8568)
- Unicorn-36428.exe (PID: 9812)
- Unicorn-2494.exe (PID: 10184)
- Unicorn-64803.exe (PID: 9756)
- Unicorn-609.exe (PID: 8364)
- Unicorn-46007.exe (PID: 7632)
- Unicorn-16229.exe (PID: 10192)
- Unicorn-60335.exe (PID: 8604)
- Unicorn-22972.exe (PID: 7192)
- Unicorn-14189.exe (PID: 7900)
- Unicorn-55754.exe (PID: 8624)
- Unicorn-35815.exe (PID: 7968)
- Unicorn-34944.exe (PID: 8456)
- Unicorn-32536.exe (PID: 9836)
- Unicorn-51280.exe (PID: 8408)
- Unicorn-16330.exe (PID: 10220)
- Unicorn-47211.exe (PID: 5324)
- Unicorn-21065.exe (PID: 7532)
- Unicorn-53392.exe (PID: 9020)
- Unicorn-17122.exe (PID: 7428)
- Unicorn-10439.exe (PID: 8504)
- Unicorn-27610.exe (PID: 7372)
- Unicorn-51471.exe (PID: 8644)
- Unicorn-2110.exe (PID: 6108)
- Unicorn-22972.exe (PID: 1228)
- Unicorn-44819.exe (PID: 8616)
- Unicorn-47388.exe (PID: 8480)
- Unicorn-14611.exe (PID: 7288)
- Unicorn-41450.exe (PID: 9856)
- Unicorn-59448.exe (PID: 8384)
- Unicorn-14611.exe (PID: 4408)
- Unicorn-7330.exe (PID: 7516)
- Unicorn-21605.exe (PID: 8560)
- Unicorn-17661.exe (PID: 9872)
- Unicorn-8238.exe (PID: 7656)
- Unicorn-41346.exe (PID: 1348)
- Unicorn-27522.exe (PID: 8588)
- Unicorn-23526.exe (PID: 7380)
- Unicorn-51908.exe (PID: 9708)
- Unicorn-16754.exe (PID: 9160)
- Unicorn-47824.exe (PID: 9136)
- Unicorn-26563.exe (PID: 10268)
- Unicorn-49706.exe (PID: 7000)
- Unicorn-12286.exe (PID: 9912)
- Unicorn-15624.exe (PID: 9892)
- Unicorn-51280.exe (PID: 8420)
- Unicorn-22936.exe (PID: 10316)
- Unicorn-47632.exe (PID: 10360)
- Unicorn-35188.exe (PID: 10340)
- Unicorn-20697.exe (PID: 10260)
- Unicorn-13681.exe (PID: 10380)
- Unicorn-41716.exe (PID: 720)
- Unicorn-47440.exe (PID: 10292)
- Unicorn-46738.exe (PID: 10460)
- Unicorn-31493.exe (PID: 10444)
- Unicorn-61015.exe (PID: 10504)
- Unicorn-40424.exe (PID: 10452)
- Unicorn-48208.exe (PID: 10548)
- Unicorn-20070.exe (PID: 9716)
- Unicorn-36148.exe (PID: 10396)
- Unicorn-36340.exe (PID: 10436)
- Unicorn-8306.exe (PID: 10416)
- Unicorn-11451.exe (PID: 10588)
- Unicorn-1045.exe (PID: 10580)
- Unicorn-27788.exe (PID: 10612)
- Unicorn-27596.exe (PID: 10536)
- Unicorn-55644.exe (PID: 1180)
- Unicorn-62992.exe (PID: 8244)
- Unicorn-29936.exe (PID: 1168)
- Unicorn-27788.exe (PID: 10628)
- Unicorn-23512.exe (PID: 10516)
- Unicorn-19817.exe (PID: 10756)
- Unicorn-63922.exe (PID: 8636)
- Unicorn-64471.exe (PID: 8260)
- Unicorn-44316.exe (PID: 10672)
- Unicorn-7367.exe (PID: 10704)
- Unicorn-14523.exe (PID: 8488)
- Unicorn-14523.exe (PID: 8472)
- Unicorn-4798.exe (PID: 10740)
- Unicorn-19335.exe (PID: 8552)
- Unicorn-35956.exe (PID: 10636)
- Unicorn-7367.exe (PID: 10712)
- Unicorn-8327.exe (PID: 10800)
- Unicorn-7558.exe (PID: 10824)
- Unicorn-29686.exe (PID: 10860)
- Unicorn-49552.exe (PID: 10868)
- Unicorn-32254.exe (PID: 10876)
- Unicorn-57720.exe (PID: 10884)
- Unicorn-17926.exe (PID: 6028)
- Unicorn-5269.exe (PID: 8660)
- Unicorn-37108.exe (PID: 10844)
- Unicorn-8726.exe (PID: 2420)
- Unicorn-16112.exe (PID: 10928)
- Unicorn-61975.exe (PID: 11012)
- Unicorn-4606.exe (PID: 11020)
- Unicorn-61975.exe (PID: 11004)
- Unicorn-61975.exe (PID: 10996)
- Unicorn-44575.exe (PID: 9676)
- Unicorn-25218.exe (PID: 11084)
- Unicorn-65239.exe (PID: 11104)
- Unicorn-13179.exe (PID: 11132)
- Unicorn-21348.exe (PID: 11148)
- Unicorn-49723.exe (PID: 11112)
- Unicorn-4606.exe (PID: 11028)
- Unicorn-27788.exe (PID: 10620)
- Unicorn-40616.exe (PID: 10964)
- Unicorn-28364.exe (PID: 10956)
- Unicorn-42920.exe (PID: 8512)
- Unicorn-10247.exe (PID: 8400)
- Unicorn-21082.exe (PID: 11168)
- Unicorn-38836.exe (PID: 8464)
- Unicorn-25432.exe (PID: 11160)
- Unicorn-5269.exe (PID: 8664)
- Unicorn-46906.exe (PID: 4220)
- Unicorn-30262.exe (PID: 11204)
- Unicorn-695.exe (PID: 11220)
- Unicorn-40106.exe (PID: 5376)
- Unicorn-42706.exe (PID: 3768)
- Unicorn-36988.exe (PID: 7436)
- Unicorn-54575.exe (PID: 11468)
- Unicorn-16305.exe (PID: 11248)
- Unicorn-34538.exe (PID: 11316)
- Unicorn-26370.exe (PID: 11256)
- Unicorn-58488.exe (PID: 744)
- Unicorn-20890.exe (PID: 11424)
- Unicorn-6665.exe (PID: 11272)
- Unicorn-16148.exe (PID: 1328)
- Unicorn-64034.exe (PID: 11384)
- Unicorn-25986.exe (PID: 11444)
- Unicorn-335.exe (PID: 7640)
- Unicorn-10055.exe (PID: 11552)
- Unicorn-38644.exe (PID: 11520)
- Unicorn-16177.exe (PID: 11500)
- Unicorn-12987.exe (PID: 11404)
- Unicorn-735.exe (PID: 11460)
Checks supported languages
- 1 (201).exe (PID: 4428)
- Unicorn-29832.exe (PID: 5404)
- Unicorn-17122.exe (PID: 7428)
- Unicorn-36988.exe (PID: 7436)
- Unicorn-18836.exe (PID: 7488)
- Unicorn-7330.exe (PID: 7516)
- Unicorn-21065.exe (PID: 7532)
- Unicorn-53428.exe (PID: 7592)
- Unicorn-18836.exe (PID: 7492)
- Unicorn-2373.exe (PID: 7668)
- Unicorn-46007.exe (PID: 7632)
- Unicorn-46007.exe (PID: 7616)
- Unicorn-335.exe (PID: 7640)
- Unicorn-8238.exe (PID: 7656)
- Unicorn-24212.exe (PID: 7780)
- Unicorn-12706.exe (PID: 7796)
- Unicorn-12151.exe (PID: 7876)
- Unicorn-12151.exe (PID: 7868)
- Unicorn-14189.exe (PID: 7900)
- Unicorn-4538.exe (PID: 7908)
- Unicorn-35815.exe (PID: 7968)
- Unicorn-20320.exe (PID: 7916)
- Unicorn-27149.exe (PID: 7976)
- Unicorn-14189.exe (PID: 7892)
- Unicorn-14398.exe (PID: 8152)
- Unicorn-6422.exe (PID: 7180)
- Unicorn-6251.exe (PID: 8116)
- Unicorn-56007.exe (PID: 8124)
- Unicorn-14035.exe (PID: 6800)
- Unicorn-14035.exe (PID: 4112)
- Unicorn-29285.exe (PID: 4920)
- Unicorn-33369.exe (PID: 5960)
- Unicorn-60859.exe (PID: 6004)
- Unicorn-55644.exe (PID: 1180)
- Unicorn-22972.exe (PID: 1228)
- Unicorn-14611.exe (PID: 7288)
- Unicorn-56199.exe (PID: 672)
- Unicorn-22972.exe (PID: 7352)
- Unicorn-27610.exe (PID: 7360)
- Unicorn-47211.exe (PID: 5324)
- Unicorn-22972.exe (PID: 7192)
- Unicorn-41346.exe (PID: 1348)
- Unicorn-49706.exe (PID: 7000)
- Unicorn-55571.exe (PID: 7172)
- Unicorn-46906.exe (PID: 4220)
- Unicorn-17926.exe (PID: 6028)
- Unicorn-27610.exe (PID: 7372)
- Unicorn-23526.exe (PID: 7380)
- Unicorn-16148.exe (PID: 1328)
- Unicorn-34713.exe (PID: 7564)
- Unicorn-28592.exe (PID: 2240)
- Unicorn-63494.exe (PID: 6592)
- Unicorn-15253.exe (PID: 1164)
- Unicorn-9131.exe (PID: 736)
- Unicorn-33252.exe (PID: 1188)
- Unicorn-41420.exe (PID: 6564)
- Unicorn-38082.exe (PID: 7284)
- Unicorn-57372.exe (PID: 5436)
- Unicorn-12831.exe (PID: 7748)
- Unicorn-61959.exe (PID: 6724)
- Unicorn-8747.exe (PID: 7484)
- Unicorn-62587.exe (PID: 2092)
- Unicorn-61959.exe (PID: 616)
- Unicorn-55016.exe (PID: 4040)
- Unicorn-46251.exe (PID: 7324)
- Unicorn-64471.exe (PID: 8260)
- Unicorn-34574.exe (PID: 8220)
- Unicorn-29936.exe (PID: 1168)
- Unicorn-609.exe (PID: 8364)
- Unicorn-51280.exe (PID: 8420)
- Unicorn-59448.exe (PID: 8384)
- Unicorn-2826.exe (PID: 8440)
- Unicorn-38836.exe (PID: 8464)
- Unicorn-10247.exe (PID: 8400)
- Unicorn-42920.exe (PID: 8512)
- Unicorn-15078.exe (PID: 8540)
- Unicorn-21605.exe (PID: 8560)
- Unicorn-10439.exe (PID: 8504)
- Unicorn-22692.exe (PID: 8528)
- Unicorn-5269.exe (PID: 8660)
- Unicorn-19335.exe (PID: 8552)
- Unicorn-63922.exe (PID: 8636)
- Unicorn-7050.exe (PID: 8652)
- Unicorn-51471.exe (PID: 8644)
- Unicorn-44819.exe (PID: 8616)
- Unicorn-47388.exe (PID: 8480)
- Unicorn-47388.exe (PID: 8580)
- Unicorn-51280.exe (PID: 8408)
- Unicorn-27522.exe (PID: 8588)
- Unicorn-14523.exe (PID: 8472)
- Unicorn-55754.exe (PID: 8624)
- Unicorn-8275.exe (PID: 9036)
- Unicorn-24036.exe (PID: 9060)
- Unicorn-12338.exe (PID: 9080)
- Unicorn-56900.exe (PID: 9096)
- Unicorn-11518.exe (PID: 9116)
- Unicorn-42794.exe (PID: 9144)
- Unicorn-16754.exe (PID: 9160)
- Unicorn-7891.exe (PID: 9152)
- Unicorn-49884.exe (PID: 9192)
- Unicorn-50631.exe (PID: 8296)
- Unicorn-4383.exe (PID: 9140)
- Unicorn-8851.exe (PID: 3676)
- Unicorn-41716.exe (PID: 720)
- Unicorn-30925.exe (PID: 8372)
- Unicorn-9214.exe (PID: 9228)
- Unicorn-21488.exe (PID: 9380)
- Unicorn-21488.exe (PID: 9372)
- Unicorn-52498.exe (PID: 9420)
- Unicorn-2966.exe (PID: 9456)
- Unicorn-33037.exe (PID: 9480)
- Unicorn-38400.exe (PID: 9340)
- Unicorn-38135.exe (PID: 9332)
- Unicorn-38592.exe (PID: 9508)
- Unicorn-10003.exe (PID: 9540)
- Unicorn-47912.exe (PID: 9644)
- Unicorn-64803.exe (PID: 9756)
- Unicorn-2033.exe (PID: 9780)
- Unicorn-64440.exe (PID: 9664)
- Unicorn-62586.exe (PID: 9736)
- Unicorn-2033.exe (PID: 9784)
- Unicorn-6525.exe (PID: 9964)
- Unicorn-32536.exe (PID: 9836)
- Unicorn-17661.exe (PID: 9872)
- Unicorn-15624.exe (PID: 9892)
- Unicorn-12286.exe (PID: 9912)
- Unicorn-403.exe (PID: 9988)
- Unicorn-54072.exe (PID: 10120)
- Unicorn-54072.exe (PID: 10124)
- Unicorn-16330.exe (PID: 10220)
- Unicorn-47824.exe (PID: 9136)
- Unicorn-51908.exe (PID: 9708)
- Unicorn-16229.exe (PID: 10192)
- Unicorn-2110.exe (PID: 6108)
- Unicorn-35188.exe (PID: 10340)
- Unicorn-13681.exe (PID: 10380)
- Unicorn-20697.exe (PID: 10260)
- Unicorn-8306.exe (PID: 10416)
- Unicorn-61015.exe (PID: 10504)
- Unicorn-46738.exe (PID: 10460)
- Unicorn-11451.exe (PID: 10588)
- Unicorn-23512.exe (PID: 10516)
- Unicorn-48208.exe (PID: 10548)
- Unicorn-27596.exe (PID: 10536)
- Unicorn-27788.exe (PID: 10612)
- Unicorn-35956.exe (PID: 10636)
- Unicorn-44316.exe (PID: 10672)
- Unicorn-8327.exe (PID: 10800)
- Unicorn-37108.exe (PID: 10844)
- Unicorn-7367.exe (PID: 10704)
- Unicorn-28364.exe (PID: 10956)
- Unicorn-61975.exe (PID: 11004)
- Unicorn-61975.exe (PID: 10996)
- Unicorn-29686.exe (PID: 10860)
- Unicorn-32254.exe (PID: 10876)
- Unicorn-16112.exe (PID: 10928)
- Unicorn-49723.exe (PID: 11112)
- Unicorn-21082.exe (PID: 11168)
- Unicorn-25432.exe (PID: 11160)
- Unicorn-21348.exe (PID: 11148)
- Unicorn-4606.exe (PID: 11020)
- Unicorn-61975.exe (PID: 11012)
- Unicorn-65239.exe (PID: 11104)
- Unicorn-6665.exe (PID: 11272)
- Unicorn-40106.exe (PID: 5376)
- Unicorn-16305.exe (PID: 11248)
- Unicorn-58488.exe (PID: 744)
- Unicorn-64034.exe (PID: 11384)
- Unicorn-12987.exe (PID: 11404)
- Unicorn-30262.exe (PID: 11204)
- Unicorn-38644.exe (PID: 11520)
- Unicorn-47004.exe (PID: 11536)
- Unicorn-10055.exe (PID: 11552)
- Unicorn-25986.exe (PID: 11444)
- Unicorn-43460.exe (PID: 11696)
- Unicorn-19510.exe (PID: 11688)
- Unicorn-22775.exe (PID: 11772)
- Unicorn-56459.exe (PID: 11740)
- Unicorn-23040.exe (PID: 11780)
- Unicorn-39184.exe (PID: 11884)
- Unicorn-10403.exe (PID: 11852)
- Unicorn-30824.exe (PID: 11868)
- Unicorn-27486.exe (PID: 11908)
- Unicorn-47352.exe (PID: 11900)
- Unicorn-49390.exe (PID: 11920)
- Unicorn-10211.exe (PID: 11812)
- Unicorn-48504.exe (PID: 12052)
- Unicorn-33629.exe (PID: 12076)
- Unicorn-32338.exe (PID: 12116)
- Unicorn-30091.exe (PID: 12160)
- Unicorn-23543.exe (PID: 12008)
- Unicorn-53091.exe (PID: 12276)
- Unicorn-18061.exe (PID: 11364)
- Unicorn-44804.exe (PID: 2084)
- Unicorn-44539.exe (PID: 2968)
- Unicorn-25898.exe (PID: 4488)
- Unicorn-49464.exe (PID: 12332)
- Unicorn-47004.exe (PID: 12304)
- Unicorn-44996.exe (PID: 12196)
- Unicorn-19981.exe (PID: 12456)
- Unicorn-26029.exe (PID: 12360)
- Unicorn-58379.exe (PID: 12372)
- Unicorn-51694.exe (PID: 12400)
- Unicorn-63060.exe (PID: 12480)
- Unicorn-57439.exe (PID: 12488)
- Unicorn-26282.exe (PID: 12520)
- Unicorn-38726.exe (PID: 12584)
- Unicorn-26688.exe (PID: 12644)
- Unicorn-30507.exe (PID: 12652)
- Unicorn-22796.exe (PID: 12712)
- Unicorn-7014.exe (PID: 12720)
- Unicorn-28917.exe (PID: 12744)
- Unicorn-26039.exe (PID: 12776)
- Unicorn-52152.exe (PID: 12948)
- Unicorn-31540.exe (PID: 12896)
- Unicorn-43984.exe (PID: 12904)
- Unicorn-63834.exe (PID: 12956)
- Unicorn-40092.exe (PID: 13004)
- Unicorn-43984.exe (PID: 12908)
- Unicorn-5565.exe (PID: 4012)
- Unicorn-19598.exe (PID: 1280)
- Unicorn-9649.exe (PID: 4868)
- Unicorn-4718.exe (PID: 13424)
- Unicorn-61835.exe (PID: 13236)
- Unicorn-61835.exe (PID: 13228)
- Unicorn-51510.exe (PID: 13324)
- Unicorn-9570.exe (PID: 13604)
- Unicorn-9570.exe (PID: 13612)
- Unicorn-62300.exe (PID: 13656)
- Unicorn-4666.exe (PID: 13676)
- Unicorn-5050.exe (PID: 13524)
- Unicorn-27508.exe (PID: 12100)
- Unicorn-43274.exe (PID: 12124)
Reads the computer name
- 1 (201).exe (PID: 4428)
- Unicorn-29832.exe (PID: 5404)
- Unicorn-36988.exe (PID: 7436)
- Unicorn-17122.exe (PID: 7428)
- Unicorn-18836.exe (PID: 7492)
- Unicorn-21065.exe (PID: 7532)
- Unicorn-18836.exe (PID: 7488)
- Unicorn-7330.exe (PID: 7516)
- Unicorn-46007.exe (PID: 7616)
- Unicorn-53428.exe (PID: 7592)
- Unicorn-46007.exe (PID: 7632)
- Unicorn-335.exe (PID: 7640)
- Unicorn-8238.exe (PID: 7656)
- Unicorn-53428.exe (PID: 7584)
- Unicorn-335.exe (PID: 7624)
- Unicorn-11959.exe (PID: 7760)
- Unicorn-4538.exe (PID: 7908)
- Unicorn-12706.exe (PID: 7796)
- Unicorn-3983.exe (PID: 7840)
- Unicorn-12151.exe (PID: 7876)
- Unicorn-27149.exe (PID: 7976)
- Unicorn-14189.exe (PID: 7892)
- Unicorn-20320.exe (PID: 7916)
- Unicorn-35815.exe (PID: 7968)
- Unicorn-6251.exe (PID: 8116)
- Unicorn-63044.exe (PID: 8172)
- Unicorn-6422.exe (PID: 7180)
- Unicorn-14035.exe (PID: 4112)
- Unicorn-29285.exe (PID: 4920)
- Unicorn-55644.exe (PID: 1180)
- Unicorn-60859.exe (PID: 6004)
- Unicorn-60304.exe (PID: 7208)
- Unicorn-56199.exe (PID: 672)
- Unicorn-22972.exe (PID: 7352)
- Unicorn-14611.exe (PID: 7288)
- Unicorn-22972.exe (PID: 1228)
- Unicorn-41346.exe (PID: 1348)
- Unicorn-46906.exe (PID: 4220)
- Unicorn-14611.exe (PID: 4408)
- Unicorn-49706.exe (PID: 7000)
- Unicorn-27610.exe (PID: 7372)
- Unicorn-55571.exe (PID: 7172)
- Unicorn-47211.exe (PID: 5324)
- Unicorn-34713.exe (PID: 7564)
- Unicorn-8726.exe (PID: 2420)
- Unicorn-25468.exe (PID: 2984)
- Unicorn-63494.exe (PID: 6592)
- Unicorn-46251.exe (PID: 7324)
- Unicorn-41420.exe (PID: 6564)
- Unicorn-8747.exe (PID: 7484)
- Unicorn-1134.exe (PID: 2908)
- Unicorn-16213.exe (PID: 6300)
- Unicorn-39412.exe (PID: 8328)
- Unicorn-62992.exe (PID: 8244)
- Unicorn-29936.exe (PID: 1168)
- Unicorn-7050.exe (PID: 8652)
- Unicorn-15078.exe (PID: 8540)
- Unicorn-60335.exe (PID: 8604)
- Unicorn-47388.exe (PID: 8580)
- Unicorn-55754.exe (PID: 8624)
- Unicorn-63922.exe (PID: 8636)
- Unicorn-59448.exe (PID: 8384)
- Unicorn-2826.exe (PID: 8440)
- Unicorn-27522.exe (PID: 8588)
- Unicorn-5269.exe (PID: 8664)
- Unicorn-14523.exe (PID: 8472)
- Unicorn-10439.exe (PID: 8504)
- Unicorn-7891.exe (PID: 9152)
- Unicorn-8851.exe (PID: 3676)
- Unicorn-16754.exe (PID: 9160)
- Unicorn-49884.exe (PID: 9192)
- Unicorn-4383.exe (PID: 9140)
- Unicorn-30925.exe (PID: 8372)
- Unicorn-38400.exe (PID: 9340)
- Unicorn-33037.exe (PID: 9480)
- Unicorn-46952.exe (PID: 9608)
- Unicorn-62586.exe (PID: 9736)
- Unicorn-47912.exe (PID: 9644)
- Unicorn-2033.exe (PID: 9780)
- Unicorn-17661.exe (PID: 9872)
- Unicorn-12286.exe (PID: 9912)
Create files in a temporary directory
- 1 (201).exe (PID: 4428)
- Unicorn-36988.exe (PID: 7436)
- Unicorn-29832.exe (PID: 5404)
- Unicorn-53428.exe (PID: 7592)
- Unicorn-46007.exe (PID: 7632)
- Unicorn-21065.exe (PID: 7532)
- Unicorn-17122.exe (PID: 7428)
- Unicorn-8238.exe (PID: 7656)
- Unicorn-18836.exe (PID: 7488)
- Unicorn-24212.exe (PID: 7780)
- Unicorn-12706.exe (PID: 7796)
- Unicorn-53428.exe (PID: 7584)
- Unicorn-18836.exe (PID: 7492)
- Unicorn-46007.exe (PID: 7616)
- Unicorn-12151.exe (PID: 7860)
- Unicorn-12151.exe (PID: 7868)
- Unicorn-14189.exe (PID: 7900)
- Unicorn-20320.exe (PID: 7916)
- Unicorn-335.exe (PID: 7624)
- Unicorn-6251.exe (PID: 8116)
- Unicorn-56007.exe (PID: 8124)
- Unicorn-2373.exe (PID: 7668)
- Unicorn-6422.exe (PID: 7180)
- Unicorn-16790.exe (PID: 7816)
- Unicorn-33369.exe (PID: 5960)
- Unicorn-14035.exe (PID: 4112)
- Unicorn-12151.exe (PID: 7876)
- Unicorn-60859.exe (PID: 6004)
- Unicorn-55644.exe (PID: 1180)
- Unicorn-3983.exe (PID: 7840)
- Unicorn-56199.exe (PID: 672)
- Unicorn-10527.exe (PID: 4692)
- Unicorn-27610.exe (PID: 7360)
- Unicorn-60304.exe (PID: 7208)
- Unicorn-17926.exe (PID: 6028)
- Unicorn-14611.exe (PID: 4408)
- Unicorn-22972.exe (PID: 7192)
- Unicorn-27149.exe (PID: 7976)
- Unicorn-27610.exe (PID: 7372)
- Unicorn-16214.exe (PID: 7984)
- Unicorn-55571.exe (PID: 7172)
- Unicorn-23526.exe (PID: 7380)
- Unicorn-49706.exe (PID: 7000)
- Unicorn-46906.exe (PID: 4220)
- Unicorn-7330.exe (PID: 7516)
- Unicorn-4538.exe (PID: 7908)
- Unicorn-16148.exe (PID: 1328)
- Unicorn-8726.exe (PID: 2420)
- Unicorn-34713.exe (PID: 7564)
- Unicorn-21938.exe (PID: 1568)
- Unicorn-9131.exe (PID: 736)
- Unicorn-11959.exe (PID: 7760)
- Unicorn-57372.exe (PID: 5436)
- Unicorn-63044.exe (PID: 8172)
- Unicorn-14398.exe (PID: 8152)
- Unicorn-15253.exe (PID: 1164)
- Unicorn-41420.exe (PID: 6564)
- Unicorn-14035.exe (PID: 6800)
- Unicorn-33252.exe (PID: 1188)
- Unicorn-61959.exe (PID: 6724)
- Unicorn-8747.exe (PID: 7484)
- Unicorn-1134.exe (PID: 2908)
- Unicorn-29285.exe (PID: 4920)
- Unicorn-14189.exe (PID: 7892)
- Unicorn-29936.exe (PID: 1168)
- Unicorn-62587.exe (PID: 3300)
- Unicorn-62992.exe (PID: 8244)
- Unicorn-39412.exe (PID: 8328)
- Unicorn-64471.exe (PID: 8260)
- Unicorn-609.exe (PID: 8364)
- Unicorn-14523.exe (PID: 8488)
- Unicorn-24206.exe (PID: 8568)
- Unicorn-47388.exe (PID: 8580)
- Unicorn-34944.exe (PID: 8456)
- Unicorn-10247.exe (PID: 8400)
- Unicorn-60335.exe (PID: 8604)
- Unicorn-51280.exe (PID: 8408)
- Unicorn-42920.exe (PID: 8512)
- Unicorn-35815.exe (PID: 7968)
- Unicorn-22692.exe (PID: 8528)
- Unicorn-18608.exe (PID: 8520)
- Unicorn-51471.exe (PID: 8644)
- Unicorn-19335.exe (PID: 8552)
- Unicorn-10439.exe (PID: 8504)
- Unicorn-47388.exe (PID: 8480)
- Unicorn-38836.exe (PID: 8464)
- Unicorn-14611.exe (PID: 7288)
- Unicorn-44819.exe (PID: 8616)
- Unicorn-51280.exe (PID: 8420)
- Unicorn-335.exe (PID: 7640)
- Unicorn-5269.exe (PID: 8660)
- Unicorn-22972.exe (PID: 7352)
- Unicorn-12338.exe (PID: 9080)
- Unicorn-7050.exe (PID: 8652)
- Unicorn-11518.exe (PID: 9116)
- Unicorn-16754.exe (PID: 9160)
- Unicorn-8851.exe (PID: 3676)
- Unicorn-63494.exe (PID: 6592)
- Unicorn-25468.exe (PID: 2984)
- Unicorn-4383.exe (PID: 9140)
- Unicorn-9214.exe (PID: 9228)
- Unicorn-62587.exe (PID: 2092)
- Unicorn-46251.exe (PID: 7324)
- Unicorn-21488.exe (PID: 9380)
- Unicorn-52498.exe (PID: 9420)
- Unicorn-2966.exe (PID: 9456)
- Unicorn-61959.exe (PID: 616)
- Unicorn-33037.exe (PID: 9480)
- Unicorn-38592.exe (PID: 9508)
- Unicorn-55016.exe (PID: 4040)
- Unicorn-46952.exe (PID: 9608)
- Unicorn-10003.exe (PID: 9540)
- Unicorn-62586.exe (PID: 9736)
- Unicorn-34574.exe (PID: 8220)
- Unicorn-15078.exe (PID: 8448)
- Unicorn-47211.exe (PID: 5324)
Creates files or folders in the user directory
- WerFault.exe (PID: 8948)
Find more information about signature artifacts and mapping to MITRE ATT&CK™ MATRIX at the full report
TRiD
| .exe | | | Win32 Executable Microsoft Visual Basic 6 (90.6) |
|---|---|---|
| .exe | | | Win32 Executable (generic) (4.9) |
| .exe | | | Generic Win/DOS Executable (2.2) |
| .exe | | | DOS Executable Generic (2.2) |
EXIF
EXE
| MachineType: | Intel 386 or later, and compatibles |
|---|---|
| TimeStamp: | 2019:01:19 13:34:56+00:00 |
| ImageFileCharacteristics: | No relocs, Executable, No line numbers, No symbols, 32-bit |
| PEType: | PE32 |
| LinkerVersion: | 6 |
| CodeSize: | 176128 |
| InitializedDataSize: | 299008 |
| UninitializedDataSize: | - |
| EntryPoint: | 0x13d4 |
| OSVersion: | 4 |
| ImageVersion: | 1 |
| SubsystemVersion: | 4 |
| Subsystem: | Windows GUI |
| FileVersionNumber: | 1.0.0.0 |
| ProductVersionNumber: | 1.0.0.0 |
| FileFlagsMask: | 0x003f |
| FileFlags: | (none) |
| FileOS: | Win32 |
| ObjectFileType: | Executable application |
| FileSubtype: | - |
| LanguageCode: | Chinese (Simplified) |
| CharacterSet: | Unicode |
| CompanyName: | UEFI |
| ProductName: | Kawaii-Unicorn |
| FileVersion: | 1 |
| ProductVersion: | 1 |
| InternalName: | Kawaii-Unicorn |
| OriginalFileName: | Kawaii-Unicorn.exe |
Total processes
502
Monitored processes
367
Malicious processes
54
Suspicious processes
64
Behavior graph
Click at the process to see the details
Process information
PID | CMD | Path | Indicators | Parent process | |||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 496 | "C:\WINDOWS\System32\SLUI.exe" RuleId=3482d82e-ca2c-4e1f-8864-da0267b484b2;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=4de7cb65-cdf1-4de9-8ae8-e3cce27b9f2c;NotificationInterval=1440;Trigger=TimerEvent | C:\Windows\System32\slui.exe | — | SppExtComObj.Exe | |||||||||||
User: NETWORK SERVICE Company: Microsoft Corporation Integrity Level: SYSTEM Description: Windows Activation Client Version: 10.0.19041.1 (WinBuild.160101.0800) Modules
| |||||||||||||||
| 616 | C:\Users\admin\AppData\Local\Temp\Unicorn-61959.exe | C:\Users\admin\AppData\Local\Temp\Unicorn-61959.exe | Unicorn-18836.exe | ||||||||||||
User: admin Company: UEFI Integrity Level: MEDIUM Version: 1.00 Modules
| |||||||||||||||
| 672 | C:\Users\admin\AppData\Local\Temp\Unicorn-56199.exe | C:\Users\admin\AppData\Local\Temp\Unicorn-56199.exe | Unicorn-46007.exe | ||||||||||||
User: admin Company: UEFI Integrity Level: MEDIUM Version: 1.00 Modules
| |||||||||||||||
| 720 | C:\Users\admin\AppData\Local\Temp\Unicorn-41716.exe | C:\Users\admin\AppData\Local\Temp\Unicorn-41716.exe | Unicorn-9131.exe | ||||||||||||
User: admin Company: UEFI Integrity Level: MEDIUM Version: 1.00 Modules
| |||||||||||||||
| 736 | C:\Users\admin\AppData\Local\Temp\Unicorn-9131.exe | C:\Users\admin\AppData\Local\Temp\Unicorn-9131.exe | Unicorn-6422.exe | ||||||||||||
User: admin Company: UEFI Integrity Level: MEDIUM Version: 1.00 Modules
| |||||||||||||||
| 744 | C:\Users\admin\AppData\Local\Temp\Unicorn-58488.exe | C:\Users\admin\AppData\Local\Temp\Unicorn-58488.exe | Unicorn-8275.exe | ||||||||||||
User: admin Company: UEFI Integrity Level: MEDIUM Version: 1.00 Modules
| |||||||||||||||
| 1164 | C:\Users\admin\AppData\Local\Temp\Unicorn-15253.exe | C:\Users\admin\AppData\Local\Temp\Unicorn-15253.exe | Unicorn-53428.exe | ||||||||||||
User: admin Company: UEFI Integrity Level: MEDIUM Version: 1.00 Modules
| |||||||||||||||
| 1168 | C:\Users\admin\AppData\Local\Temp\Unicorn-29936.exe | C:\Users\admin\AppData\Local\Temp\Unicorn-29936.exe | Unicorn-60304.exe | ||||||||||||
User: admin Company: UEFI Integrity Level: MEDIUM Version: 1.00 Modules
| |||||||||||||||
| 1180 | C:\Users\admin\AppData\Local\Temp\Unicorn-55644.exe | C:\Users\admin\AppData\Local\Temp\Unicorn-55644.exe | Unicorn-12151.exe | ||||||||||||
User: admin Company: UEFI Integrity Level: MEDIUM Version: 1.00 Modules
| |||||||||||||||
| 1188 | C:\Users\admin\AppData\Local\Temp\Unicorn-33252.exe | C:\Users\admin\AppData\Local\Temp\Unicorn-33252.exe | Unicorn-14035.exe | ||||||||||||
User: admin Company: UEFI Integrity Level: MEDIUM Version: 1.00 Modules
| |||||||||||||||
Total events
8 901
Read events
8 901
Write events
0
Delete events
0
Modification events
Executable files
1 141
Suspicious files
3
Text files
1
Unknown types
0
Dropped files
PID | Process | Filename | Type | |
|---|---|---|---|---|
| 7436 | Unicorn-36988.exe | C:\Users\admin\AppData\Local\Temp\Unicorn-18836.exe | executable | |
MD5:17C39F23DBE41F2EA9F3B3010B068393 | SHA256:ABF6FB393CB722D358541AEAE5F2F6C5424001B592A359EDD334DC6E6B97CB93 | |||
| 4428 | 1 (201).exe | C:\Users\admin\AppData\Local\Temp\Unicorn-29832.exe | executable | |
MD5:A656BD81F45FFA1601F299EEA84B0C3B | SHA256:0B11CDF95CDD35D9DA0F7D9F3D55E2109422EA386E0CC2744D3186A3850036E0 | |||
| 5404 | Unicorn-29832.exe | C:\Users\admin\AppData\Local\Temp\Unicorn-7330.exe | executable | |
MD5:216705EB8F286E44252FDDA9150793E8 | SHA256:8697BF1542E85F969A5762E7936249115A3D9B6BA48854B89DE88877428454DC | |||
| 4428 | 1 (201).exe | C:\Users\admin\AppData\Local\Temp\Unicorn-17122.exe | executable | |
MD5:F91FC0C54066B06506EC3FD0BB122414 | SHA256:B24614AA487E04B05D3E335FE0A903FFD5A6E79487307C358F68F48F296CB63E | |||
| 7428 | Unicorn-17122.exe | C:\Users\admin\AppData\Local\Temp\Unicorn-46007.exe | executable | |
MD5:6FA6E00EED15A6B5772366DDB25D051C | SHA256:8EE311BADE116F59F40DC9DFCC26E647C3629C781477203CFE2A968D10DB10B2 | |||
| 7516 | Unicorn-7330.exe | C:\Users\admin\AppData\Local\Temp\Unicorn-335.exe | executable | |
MD5:23D573AD89A5A796C616B8CABDE47C2E | SHA256:0FC434765C64ACEF5F03411D5BD5971DDDE86BB3546B64B979C8B5E17C9F4989 | |||
| 7492 | Unicorn-18836.exe | C:\Users\admin\AppData\Local\Temp\Unicorn-53428.exe | executable | |
MD5:36085DD7189EE53E6F474E80AB3F2E7F | SHA256:820749F7AF3C837F590E846F14A94C3361198B9A32E1954BD964DFCBD9D18CC0 | |||
| 5404 | Unicorn-29832.exe | C:\Users\admin\AppData\Local\Temp\Unicorn-2373.exe | executable | |
MD5:B6D64FF140AB6EF58AD3A078C43FCC58 | SHA256:68A65A11F5FD42929DC9CCD49AE0DF59D48D8EA6D248E8CEB939F4C5F912ED6B | |||
| 4428 | 1 (201).exe | C:\Users\admin\AppData\Local\Temp\Unicorn-8238.exe | executable | |
MD5:D893617D696BE412B4A25A223662E8C6 | SHA256:5FB4C9FCD63835F62F293E2FF86F1A362B29CC4A733F3EECD8D4D2EC98B13040 | |||
| 4428 | 1 (201).exe | C:\Users\admin\AppData\Local\Temp\Unicorn-21065.exe | executable | |
MD5:AD25592B613D37E82DABA147BC8B4EC7 | SHA256:2A315F913776AE22222A2FACF25E2B169F1B23D7A28D0220E21623FA352D241F | |||
Download PCAP, analyze network streams, HTTP content and a lot more at the full report
HTTP(S) requests
5
TCP/UDP connections
21
DNS requests
14
Threats
0
HTTP requests
PID | Process | Method | HTTP Code | IP | URL | CN | Type | Size | Reputation |
|---|---|---|---|---|---|---|---|---|---|
— | — | GET | 200 | 2.19.11.120:80 | http://crl.microsoft.com/pki/crl/products/MicRooCerAut2011_2011_03_22.crl | unknown | — | — | whitelisted |
6544 | svchost.exe | GET | 200 | 184.30.131.245:80 | http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBSAUQYBMq2awn1Rh6Doh%2FsBYgFV7gQUA95QNVbRTLtm8KPiGxvDl7I90VUCEAJ0LqoXyo4hxxe7H%2Fz9DKA%3D | unknown | — | — | whitelisted |
8284 | SIHClient.exe | GET | 200 | 23.219.150.101:80 | http://www.microsoft.com/pkiops/crl/Microsoft%20ECC%20Product%20Root%20Certificate%20Authority%202018.crl | unknown | — | — | whitelisted |
8284 | SIHClient.exe | GET | 200 | 23.219.150.101:80 | http://www.microsoft.com/pkiops/crl/Microsoft%20ECC%20Update%20Secure%20Server%20CA%202.1.crl | unknown | — | — | whitelisted |
1660 | backgroundTaskHost.exe | GET | 200 | 184.30.131.245:80 | http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBQ50otx%2Fh0Ztl%2Bz8SiPI7wEWVxDlQQUTiJUIBiV5uNu5g%2F6%2BrkS7QYXjzkCEAUZZSZEml49Gjh0j13P68w%3D | unknown | — | — | whitelisted |
Download PCAP, analyze network streams, HTTP content and a lot more at the full report
Connections
PID | Process | IP | Domain | ASN | CN | Reputation |
|---|---|---|---|---|---|---|
4 | System | 192.168.100.255:137 | — | — | — | whitelisted |
— | — | 2.19.11.120:80 | crl.microsoft.com | Elisa Oyj | NL | whitelisted |
— | — | 51.124.78.146:443 | settings-win.data.microsoft.com | MICROSOFT-CORP-MSN-AS-BLOCK | NL | whitelisted |
4 | System | 192.168.100.255:138 | — | — | — | whitelisted |
3216 | svchost.exe | 40.113.103.199:443 | client.wns.windows.com | MICROSOFT-CORP-MSN-AS-BLOCK | NL | whitelisted |
6544 | svchost.exe | 20.190.159.64:443 | login.live.com | MICROSOFT-CORP-MSN-AS-BLOCK | IE | whitelisted |
6544 | svchost.exe | 184.30.131.245:80 | ocsp.digicert.com | AKAMAI-AS | US | whitelisted |
1660 | backgroundTaskHost.exe | 20.223.36.55:443 | arc.msn.com | MICROSOFT-CORP-MSN-AS-BLOCK | IE | whitelisted |
1660 | backgroundTaskHost.exe | 184.30.131.245:80 | ocsp.digicert.com | AKAMAI-AS | US | whitelisted |
2104 | svchost.exe | 51.124.78.146:443 | settings-win.data.microsoft.com | MICROSOFT-CORP-MSN-AS-BLOCK | NL | whitelisted |
DNS requests
Domain | IP | Reputation |
|---|---|---|
crl.microsoft.com |
| whitelisted |
google.com |
| whitelisted |
client.wns.windows.com |
| whitelisted |
login.live.com |
| whitelisted |
ocsp.digicert.com |
| whitelisted |
arc.msn.com |
| whitelisted |
settings-win.data.microsoft.com |
| whitelisted |
slscr.update.microsoft.com |
| whitelisted |
www.microsoft.com |
| whitelisted |
fe3cr.delivery.mp.microsoft.com |
| whitelisted |