File name:

1 (1274)

Full analysis: https://app.any.run/tasks/9f00d1b2-c23a-43cf-9892-10f0fc7d6d86
Verdict: Malicious activity
Analysis date: March 24, 2025, 09:57:46
OS: Windows 10 Professional (build: 19045, 64 bit)
Indicators:
MIME: application/vnd.microsoft.portable-executable
File info: PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows, 3 sections
MD5:

B27B0D3A1E31CA34DCE5C31EFC29C720

SHA1:

11D65B2EF1C358E9823AF801E5E059BF8CFD3F92

SHA256:

6E4AC4D53E2382F02CDFFFC690BACA80ED576B1DDF4160767F3C531B756E11C7

SSDEEP:

6144:U7Lpf7Ip0DEjA5c/HAe+3ofxotBQHvJGBH/WyeOZFk/8SwjwpyAvEht+xEZEJOrL:UvhMpjA5YH7UB4haHOyeOZDx4DOmDsR

ANY.RUN is an interactive service which provides full access to the guest system. Information in this report could be distorted by user actions and is provided for user acknowledgement as it is. ANY.RUN does not guarantee maliciousness or safety of the content.

  • MALICIOUS

    No malicious indicators.

  • SUSPICIOUS

    • Starts itself from another location

      • 1 (1274).exe (PID: 5796)
      • Unicorn-56521.exe (PID: 2268)
      • Unicorn-61238.exe (PID: 4172)
      • Unicorn-42894.exe (PID: 5800)
      • Unicorn-340.exe (PID: 680)
      • Unicorn-8249.exe (PID: 2552)
      • Unicorn-37741.exe (PID: 6112)
      • Unicorn-31610.exe (PID: 2692)
      • Unicorn-43448.exe (PID: 6744)
      • Unicorn-61342.exe (PID: 4688)
      • Unicorn-12696.exe (PID: 6656)
      • Unicorn-12888.exe (PID: 4464)
      • Unicorn-11684.exe (PID: 6960)
      • Unicorn-27775.exe (PID: 1056)
      • Unicorn-39661.exe (PID: 6272)
      • Unicorn-11949.exe (PID: 3676)
      • Unicorn-26854.exe (PID: 5156)
      • Unicorn-23324.exe (PID: 6424)
      • Unicorn-54181.exe (PID: 4228)
      • Unicorn-4470.exe (PID: 7180)
      • Unicorn-10600.exe (PID: 7188)
      • Unicorn-23538.exe (PID: 7292)
      • Unicorn-33329.exe (PID: 7264)
      • Unicorn-57341.exe (PID: 6816)
      • Unicorn-46211.exe (PID: 7340)
      • Unicorn-51861.exe (PID: 7316)
      • Unicorn-53195.exe (PID: 7284)
      • Unicorn-50464.exe (PID: 7196)
      • Unicorn-56210.exe (PID: 7308)
      • Unicorn-9100.exe (PID: 7608)
      • Unicorn-20798.exe (PID: 7548)
      • Unicorn-13973.exe (PID: 7704)
      • Unicorn-49941.exe (PID: 7632)
      • Unicorn-5997.exe (PID: 8008)
      • Unicorn-6774.exe (PID: 7720)
      • Unicorn-45769.exe (PID: 8048)
      • Unicorn-53195.exe (PID: 7276)
      • Unicorn-35930.exe (PID: 8068)
      • Unicorn-37600.exe (PID: 7788)
      • Unicorn-25671.exe (PID: 7812)
      • Unicorn-11596.exe (PID: 7204)
      • Unicorn-7040.exe (PID: 3900)
      • Unicorn-26639.exe (PID: 7848)
      • Unicorn-60169.exe (PID: 8080)
      • Unicorn-32260.exe (PID: 7324)
      • Unicorn-61294.exe (PID: 4628)
      • Unicorn-24040.exe (PID: 8124)
      • Unicorn-36314.exe (PID: 4300)
      • Unicorn-37299.exe (PID: 8060)
      • Unicorn-1249.exe (PID: 7644)
      • Unicorn-45769.exe (PID: 7768)
      • Unicorn-18746.exe (PID: 7944)
      • Unicorn-33849.exe (PID: 7688)
      • Unicorn-58383.exe (PID: 7660)
      • Unicorn-50429.exe (PID: 7556)
      • Unicorn-2711.exe (PID: 7444)
      • Unicorn-8088.exe (PID: 4696)
      • Unicorn-52157.exe (PID: 7716)
      • Unicorn-38006.exe (PID: 7992)
      • Unicorn-41846.exe (PID: 8240)
      • Unicorn-49225.exe (PID: 7692)
      • Unicorn-43714.exe (PID: 8180)
      • Unicorn-53439.exe (PID: 7884)
      • Unicorn-28634.exe (PID: 7904)
      • Unicorn-56734.exe (PID: 3304)
      • Unicorn-41197.exe (PID: 8272)
      • Unicorn-59064.exe (PID: 2136)
      • Unicorn-38560.exe (PID: 8016)
      • Unicorn-52458.exe (PID: 6620)
      • Unicorn-8405.exe (PID: 7600)
      • Unicorn-2977.exe (PID: 7336)
      • Unicorn-31315.exe (PID: 7436)
      • Unicorn-683.exe (PID: 8200)
      • Unicorn-62856.exe (PID: 6640)
      • Unicorn-40677.exe (PID: 8252)
      • Unicorn-8597.exe (PID: 4180)
      • Unicorn-17342.exe (PID: 8228)
      • Unicorn-56781.exe (PID: 7560)
      • Unicorn-15016.exe (PID: 4880)
      • Unicorn-14396.exe (PID: 8848)
      • Unicorn-58574.exe (PID: 8880)
      • Unicorn-53421.exe (PID: 8912)
      • Unicorn-45170.exe (PID: 8508)
      • Unicorn-49630.exe (PID: 8264)
      • Unicorn-46558.exe (PID: 8156)
      • Unicorn-37387.exe (PID: 7376)
      • Unicorn-19405.exe (PID: 8564)
      • Unicorn-31576.exe (PID: 7592)
      • Unicorn-63226.exe (PID: 8288)
      • Unicorn-26211.exe (PID: 8652)
      • Unicorn-30362.exe (PID: 8296)
      • Unicorn-48037.exe (PID: 7668)
      • Unicorn-58692.exe (PID: 8416)
      • Unicorn-19322.exe (PID: 8476)
      • Unicorn-33219.exe (PID: 8688)
      • Unicorn-35266.exe (PID: 4108)
      • Unicorn-43695.exe (PID: 8456)
      • Unicorn-41086.exe (PID: 8520)
      • Unicorn-46666.exe (PID: 9088)
      • Unicorn-13841.exe (PID: 8796)
      • Unicorn-25331.exe (PID: 8812)
      • Unicorn-59064.exe (PID: 7532)
      • Unicorn-12010.exe (PID: 8824)
      • Unicorn-25829.exe (PID: 8804)
      • Unicorn-22394.exe (PID: 9068)
      • Unicorn-47645.exe (PID: 9052)
      • Unicorn-8029.exe (PID: 8588)
      • Unicorn-6856.exe (PID: 9856)
      • Unicorn-57391.exe (PID: 9848)
      • Unicorn-39471.exe (PID: 9900)
      • Unicorn-28878.exe (PID: 7740)
      • Unicorn-34114.exe (PID: 7888)
      • Unicorn-20902.exe (PID: 7424)
      • Unicorn-34816.exe (PID: 8832)
      • Unicorn-42622.exe (PID: 8784)
      • Unicorn-3236.exe (PID: 7244)
      • Unicorn-65185.exe (PID: 8448)
      • Unicorn-46331.exe (PID: 8776)
      • Unicorn-1012.exe (PID: 9060)
      • Unicorn-5564.exe (PID: 9448)
      • Unicorn-60302.exe (PID: 9184)
      • Unicorn-48834.exe (PID: 10628)
      • Unicorn-37246.exe (PID: 9908)
      • Unicorn-39803.exe (PID: 9496)
      • Unicorn-7697.exe (PID: 9716)
      • Unicorn-19020.exe (PID: 11140)
      • Unicorn-27822.exe (PID: 9220)
      • Unicorn-38621.exe (PID: 11272)
      • Unicorn-59861.exe (PID: 11300)
      • Unicorn-9823.exe (PID: 3024)
      • Unicorn-15791.exe (PID: 9576)
      • Unicorn-19042.exe (PID: 11760)
      • Unicorn-24934.exe (PID: 5048)
      • Unicorn-44957.exe (PID: 8408)
      • Unicorn-23126.exe (PID: 11664)
      • Unicorn-49372.exe (PID: 8364)
      • Unicorn-49638.exe (PID: 8740)
      • Unicorn-53885.exe (PID: 7620)
      • Unicorn-20312.exe (PID: 9780)
      • Unicorn-17270.exe (PID: 11776)
      • Unicorn-34707.exe (PID: 8984)
      • Unicorn-23022.exe (PID: 8344)
      • Unicorn-40178.exe (PID: 9800)
      • Unicorn-18195.exe (PID: 10456)
      • Unicorn-10333.exe (PID: 9020)
      • Unicorn-42644.exe (PID: 10380)
      • Unicorn-12269.exe (PID: 10600)
      • Unicorn-33494.exe (PID: 8716)
      • Unicorn-17676.exe (PID: 10980)
      • Unicorn-12409.exe (PID: 9324)
      • Unicorn-54364.exe (PID: 9120)
      • Unicorn-48989.exe (PID: 2504)
      • Unicorn-48989.exe (PID: 6988)
      • Unicorn-16494.exe (PID: 9316)
      • Unicorn-27898.exe (PID: 13036)
      • Unicorn-29818.exe (PID: 12964)
      • Unicorn-19107.exe (PID: 9228)
      • Unicorn-45289.exe (PID: 6068)
      • Unicorn-2217.exe (PID: 10972)
      • Unicorn-7012.exe (PID: 12996)
      • Unicorn-30422.exe (PID: 6264)
      • Unicorn-56460.exe (PID: 7892)
      • Unicorn-17676.exe (PID: 10956)

    • Executable content was dropped or overwritten

      • Unicorn-56521.exe (PID: 2268)
      • 1 (1274).exe (PID: 5796)
      • Unicorn-61238.exe (PID: 4172)
      • Unicorn-340.exe (PID: 680)
      • Unicorn-42894.exe (PID: 5800)
      • Unicorn-43448.exe (PID: 6744)
      • Unicorn-8249.exe (PID: 2552)
      • Unicorn-37741.exe (PID: 6112)
      • Unicorn-31610.exe (PID: 2692)
      • Unicorn-61342.exe (PID: 4688)
      • Unicorn-12888.exe (PID: 4464)
      • Unicorn-12696.exe (PID: 6656)
      • Unicorn-11684.exe (PID: 6960)
      • Unicorn-39661.exe (PID: 6272)
      • Unicorn-11949.exe (PID: 3676)
      • Unicorn-26854.exe (PID: 5156)
      • Unicorn-23324.exe (PID: 6424)
      • Unicorn-53195.exe (PID: 7276)
      • Unicorn-54181.exe (PID: 4228)
      • Unicorn-4470.exe (PID: 7180)
      • Unicorn-10600.exe (PID: 7188)
      • Unicorn-32260.exe (PID: 7324)
      • Unicorn-33329.exe (PID: 7264)
      • Unicorn-20798.exe (PID: 7548)
      • Unicorn-57341.exe (PID: 6816)
      • Unicorn-46211.exe (PID: 7340)
      • Unicorn-51861.exe (PID: 7316)
      • Unicorn-53195.exe (PID: 7284)
      • Unicorn-50464.exe (PID: 7196)
      • Unicorn-56210.exe (PID: 7308)
      • Unicorn-9100.exe (PID: 7608)
      • Unicorn-13973.exe (PID: 7704)
      • Unicorn-49941.exe (PID: 7632)
      • Unicorn-5997.exe (PID: 8008)
      • Unicorn-6774.exe (PID: 7720)
      • Unicorn-45769.exe (PID: 8048)
      • Unicorn-11596.exe (PID: 7204)
      • Unicorn-35930.exe (PID: 8068)
      • Unicorn-37600.exe (PID: 7788)
      • Unicorn-25671.exe (PID: 7812)
      • Unicorn-26639.exe (PID: 7848)
      • Unicorn-61294.exe (PID: 4628)
      • Unicorn-7040.exe (PID: 3900)
      • Unicorn-60169.exe (PID: 8080)
      • Unicorn-24040.exe (PID: 8124)
      • Unicorn-36314.exe (PID: 4300)
      • Unicorn-37299.exe (PID: 8060)
      • Unicorn-1249.exe (PID: 7644)
      • Unicorn-34114.exe (PID: 7888)
      • Unicorn-45769.exe (PID: 7768)
      • Unicorn-18746.exe (PID: 7944)
      • Unicorn-58383.exe (PID: 7660)
      • Unicorn-52157.exe (PID: 7716)
      • Unicorn-50429.exe (PID: 7556)
      • Unicorn-33849.exe (PID: 7688)
      • Unicorn-8088.exe (PID: 4696)
      • Unicorn-43714.exe (PID: 8180)
      • Unicorn-20902.exe (PID: 7424)
      • Unicorn-2711.exe (PID: 7444)
      • Unicorn-38006.exe (PID: 7992)
      • Unicorn-41846.exe (PID: 8240)
      • Unicorn-49225.exe (PID: 7692)
      • Unicorn-28634.exe (PID: 7904)
      • Unicorn-3236.exe (PID: 7244)
      • Unicorn-41197.exe (PID: 8272)
      • Unicorn-38560.exe (PID: 8016)
      • Unicorn-59064.exe (PID: 2136)
      • Unicorn-40677.exe (PID: 8252)
      • Unicorn-52458.exe (PID: 6620)
      • Unicorn-8405.exe (PID: 7600)
      • Unicorn-2977.exe (PID: 7336)
      • Unicorn-31315.exe (PID: 7436)
      • Unicorn-683.exe (PID: 8200)
      • Unicorn-62856.exe (PID: 6640)
      • Unicorn-56781.exe (PID: 7560)
      • Unicorn-8597.exe (PID: 4180)
      • Unicorn-17342.exe (PID: 8228)
      • Unicorn-15016.exe (PID: 4880)
      • Unicorn-58574.exe (PID: 8880)
      • Unicorn-45170.exe (PID: 8508)
      • Unicorn-23538.exe (PID: 7292)
      • Unicorn-14396.exe (PID: 8848)
      • Unicorn-53421.exe (PID: 8912)
      • Unicorn-48037.exe (PID: 7668)
      • Unicorn-46558.exe (PID: 8156)
      • Unicorn-37387.exe (PID: 7376)
      • Unicorn-19405.exe (PID: 8564)
      • Unicorn-63226.exe (PID: 8288)
      • Unicorn-31576.exe (PID: 7592)
      • Unicorn-49372.exe (PID: 8364)
      • Unicorn-26211.exe (PID: 8652)
      • Unicorn-30362.exe (PID: 8296)
      • Unicorn-35266.exe (PID: 4108)
      • Unicorn-58692.exe (PID: 8416)
      • Unicorn-19322.exe (PID: 8476)
      • Unicorn-33219.exe (PID: 8688)
      • Unicorn-27775.exe (PID: 1056)
      • Unicorn-13841.exe (PID: 8796)
      • Unicorn-43695.exe (PID: 8456)
      • Unicorn-46666.exe (PID: 9088)
      • Unicorn-12010.exe (PID: 8824)
      • Unicorn-41086.exe (PID: 8520)
      • Unicorn-59064.exe (PID: 7532)
      • Unicorn-47645.exe (PID: 9052)
      • Unicorn-25331.exe (PID: 8812)
      • Unicorn-25829.exe (PID: 8804)
      • Unicorn-22394.exe (PID: 9068)
      • Unicorn-8029.exe (PID: 8588)
      • Unicorn-6856.exe (PID: 9856)
      • Unicorn-39471.exe (PID: 9900)
      • Unicorn-28878.exe (PID: 7740)
      • Unicorn-57391.exe (PID: 9848)
      • Unicorn-54364.exe (PID: 9120)
      • Unicorn-56734.exe (PID: 3304)
      • Unicorn-34816.exe (PID: 8832)
      • Unicorn-42622.exe (PID: 8784)
      • Unicorn-48989.exe (PID: 2504)
      • Unicorn-46331.exe (PID: 8776)
      • Unicorn-65185.exe (PID: 8448)
      • Unicorn-27822.exe (PID: 9220)
      • Unicorn-1012.exe (PID: 9060)
      • Unicorn-5564.exe (PID: 9448)
      • Unicorn-48834.exe (PID: 10628)
      • Unicorn-39803.exe (PID: 9496)
      • Unicorn-60302.exe (PID: 9184)
      • Unicorn-37246.exe (PID: 9908)
      • Unicorn-7697.exe (PID: 9716)
      • Unicorn-38621.exe (PID: 11272)
      • Unicorn-59861.exe (PID: 11300)
      • Unicorn-9823.exe (PID: 3024)
      • Unicorn-19020.exe (PID: 11140)
      • Unicorn-15791.exe (PID: 9576)
      • Unicorn-49630.exe (PID: 8264)
      • Unicorn-19042.exe (PID: 11760)
      • Unicorn-44957.exe (PID: 8408)
      • Unicorn-23126.exe (PID: 11664)
      • Unicorn-23022.exe (PID: 8344)
      • Unicorn-49638.exe (PID: 8740)
      • Unicorn-53885.exe (PID: 7620)
      • Unicorn-40178.exe (PID: 9800)
      • Unicorn-17270.exe (PID: 11776)
      • Unicorn-34707.exe (PID: 8984)
      • Unicorn-32583.exe (PID: 7460)
      • Unicorn-53722.exe (PID: 8732)
      • Unicorn-20312.exe (PID: 9780)
      • Unicorn-33494.exe (PID: 8716)
      • Unicorn-10333.exe (PID: 9020)
      • Unicorn-48989.exe (PID: 6988)
      • Unicorn-16494.exe (PID: 9316)
      • Unicorn-12269.exe (PID: 10600)
      • Unicorn-18195.exe (PID: 10456)
      • Unicorn-17676.exe (PID: 10980)
      • Unicorn-45289.exe (PID: 6068)
      • Unicorn-2217.exe (PID: 10972)
      • Unicorn-7012.exe (PID: 12996)
      • Unicorn-19107.exe (PID: 9228)
      • Unicorn-56460.exe (PID: 7892)
      • Unicorn-30422.exe (PID: 6264)
      • Unicorn-24934.exe (PID: 5048)
      • Unicorn-39913.exe (PID: 9772)
      • Unicorn-14884.exe (PID: 11596)
      • Unicorn-57972.exe (PID: 9428)
      • Unicorn-17676.exe (PID: 10956)
      • Unicorn-28760.exe (PID: 3032)
      • Unicorn-62579.exe (PID: 9308)
      • Unicorn-11641.exe (PID: 12436)
      • Unicorn-48443.exe (PID: 8992)
      • Unicorn-17676.exe (PID: 10940)
      • Unicorn-53088.exe (PID: 12296)
      • Unicorn-7012.exe (PID: 10412)
      • Unicorn-61937.exe (PID: 13808)
      • Unicorn-1412.exe (PID: 10396)
      • Unicorn-13814.exe (PID: 11028)
      • Unicorn-46649.exe (PID: 11204)
      • Unicorn-28938.exe (PID: 9292)
      • Unicorn-7645.exe (PID: 8680)
      • Unicorn-53177.exe (PID: 9756)
      • Unicorn-15512.exe (PID: 11640)
      • Unicorn-61937.exe (PID: 13960)
      • Unicorn-56072.exe (PID: 13968)
      • Unicorn-20747.exe (PID: 10404)
      • Unicorn-56072.exe (PID: 13952)
      • Unicorn-2497.exe (PID: 10116)
      • Unicorn-3347.exe (PID: 9368)
      • Unicorn-52196.exe (PID: 8768)
      • Unicorn-45061.exe (PID: 8940)
      • Unicorn-31708.exe (PID: 10388)
      • Unicorn-46125.exe (PID: 9476)
      • Unicorn-4335.exe (PID: 8952)
      • Unicorn-22617.exe (PID: 9668)
      • Unicorn-50052.exe (PID: 11612)
      • Unicorn-58953.exe (PID: 12336)
      • Unicorn-56692.exe (PID: 2780)
      • Unicorn-52036.exe (PID: 15444)
      • Unicorn-4069.exe (PID: 3796)
      • Unicorn-29818.exe (PID: 12964)
      • Unicorn-14412.exe (PID: 9828)
      • Unicorn-1287.exe (PID: 10480)
      • Unicorn-53439.exe (PID: 7884)
      • Unicorn-64817.exe (PID: 15080)
      • Unicorn-12409.exe (PID: 9324)
      • Unicorn-58952.exe (PID: 15088)
      • Unicorn-27712.exe (PID: 2664)
      • Unicorn-681.exe (PID: 10180)
      • Unicorn-27898.exe (PID: 13036)
      • Unicorn-53307.exe (PID: 9820)
      • Unicorn-32598.exe (PID: 13340)
      • Unicorn-36794.exe (PID: 3992)
      • Unicorn-52301.exe (PID: 15432)
      • Unicorn-21200.exe (PID: 15484)
      • Unicorn-13924.exe (PID: 9204)
      • Unicorn-47488.exe (PID: 10468)
      • Unicorn-2508.exe (PID: 12108)
      • Unicorn-5668.exe (PID: 9652)

  • INFO

    • The sample compiled with chinese language support

      • 1 (1274).exe (PID: 5796)
      • Unicorn-23538.exe (PID: 7292)
      • Unicorn-15016.exe (PID: 4880)
      • Unicorn-37741.exe (PID: 6112)
      • Unicorn-32260.exe (PID: 7324)
      • Unicorn-14396.exe (PID: 8848)
      • Unicorn-58574.exe (PID: 8880)
      • Unicorn-33329.exe (PID: 7264)
      • Unicorn-53421.exe (PID: 8912)
      • Unicorn-39661.exe (PID: 6272)
      • Unicorn-24040.exe (PID: 8124)
      • Unicorn-48037.exe (PID: 7668)
      • Unicorn-56210.exe (PID: 7308)
      • Unicorn-45170.exe (PID: 8508)
      • Unicorn-6774.exe (PID: 7720)
      • Unicorn-46558.exe (PID: 8156)
      • Unicorn-37387.exe (PID: 7376)
      • Unicorn-19405.exe (PID: 8564)
      • Unicorn-33849.exe (PID: 7688)
      • Unicorn-63226.exe (PID: 8288)
      • Unicorn-31576.exe (PID: 7592)
      • Unicorn-61294.exe (PID: 4628)
      • Unicorn-38560.exe (PID: 8016)
      • Unicorn-35930.exe (PID: 8068)
      • Unicorn-41197.exe (PID: 8272)
      • Unicorn-26211.exe (PID: 8652)
      • Unicorn-61238.exe (PID: 4172)
      • Unicorn-49372.exe (PID: 8364)
      • Unicorn-12888.exe (PID: 4464)
      • Unicorn-36314.exe (PID: 4300)
      • Unicorn-30362.exe (PID: 8296)
      • Unicorn-27775.exe (PID: 1056)
      • Unicorn-58692.exe (PID: 8416)
      • Unicorn-19322.exe (PID: 8476)
      • Unicorn-33219.exe (PID: 8688)
      • Unicorn-43695.exe (PID: 8456)
      • Unicorn-11596.exe (PID: 7204)
      • Unicorn-13841.exe (PID: 8796)
      • Unicorn-35266.exe (PID: 4108)
      • Unicorn-50429.exe (PID: 7556)
      • Unicorn-46666.exe (PID: 9088)
      • Unicorn-12010.exe (PID: 8824)
      • Unicorn-41086.exe (PID: 8520)
      • Unicorn-58383.exe (PID: 7660)
      • Unicorn-25331.exe (PID: 8812)
      • Unicorn-59064.exe (PID: 7532)
      • Unicorn-47645.exe (PID: 9052)
      • Unicorn-22394.exe (PID: 9068)
      • Unicorn-8249.exe (PID: 2552)
      • Unicorn-25829.exe (PID: 8804)
      • Unicorn-18746.exe (PID: 7944)
      • Unicorn-7040.exe (PID: 3900)
      • Unicorn-43714.exe (PID: 8180)
      • Unicorn-26854.exe (PID: 5156)
      • Unicorn-4470.exe (PID: 7180)
      • Unicorn-42894.exe (PID: 5800)
      • Unicorn-45769.exe (PID: 7768)
      • Unicorn-8029.exe (PID: 8588)
      • Unicorn-49941.exe (PID: 7632)
      • Unicorn-340.exe (PID: 680)
      • Unicorn-37299.exe (PID: 8060)
      • Unicorn-9100.exe (PID: 7608)
      • Unicorn-6856.exe (PID: 9856)
      • Unicorn-39471.exe (PID: 9900)
      • Unicorn-28878.exe (PID: 7740)
      • Unicorn-57391.exe (PID: 9848)
      • Unicorn-54364.exe (PID: 9120)
      • Unicorn-45769.exe (PID: 8048)
      • Unicorn-31610.exe (PID: 2692)
      • Unicorn-34114.exe (PID: 7888)
      • Unicorn-23324.exe (PID: 6424)
      • Unicorn-51861.exe (PID: 7316)
      • Unicorn-1249.exe (PID: 7644)
      • Unicorn-56521.exe (PID: 2268)
      • Unicorn-38006.exe (PID: 7992)
      • Unicorn-25671.exe (PID: 7812)
      • Unicorn-26639.exe (PID: 7848)
      • Unicorn-42622.exe (PID: 8784)
      • Unicorn-5997.exe (PID: 8008)
      • Unicorn-34816.exe (PID: 8832)
      • Unicorn-54181.exe (PID: 4228)
      • Unicorn-31315.exe (PID: 7436)
      • Unicorn-2711.exe (PID: 7444)
      • Unicorn-61342.exe (PID: 4688)
      • Unicorn-27822.exe (PID: 9220)
      • Unicorn-46331.exe (PID: 8776)
      • Unicorn-1012.exe (PID: 9060)

    • Checks supported languages

      • 1 (1274).exe (PID: 5796)
      • Unicorn-56521.exe (PID: 2268)
      • Unicorn-61238.exe (PID: 4172)
      • Unicorn-340.exe (PID: 680)
      • Unicorn-42894.exe (PID: 5800)
      • Unicorn-37741.exe (PID: 6112)
      • Unicorn-8249.exe (PID: 2552)
      • Unicorn-12888.exe (PID: 4464)
      • Unicorn-27775.exe (PID: 1056)
      • Unicorn-26854.exe (PID: 5156)
      • Unicorn-61342.exe (PID: 4688)
      • Unicorn-12696.exe (PID: 6656)
      • Unicorn-11684.exe (PID: 6960)
      • Unicorn-54181.exe (PID: 4228)
      • Unicorn-50464.exe (PID: 7196)
      • Unicorn-57341.exe (PID: 6816)
      • Unicorn-10600.exe (PID: 7188)
      • Unicorn-56210.exe (PID: 7308)
      • Unicorn-53195.exe (PID: 7284)
      • Unicorn-23538.exe (PID: 7292)
      • Unicorn-51861.exe (PID: 7316)
      • Unicorn-32260.exe (PID: 7324)
      • Unicorn-4470.exe (PID: 7180)
      • Unicorn-20798.exe (PID: 7548)
      • Unicorn-13973.exe (PID: 7704)
      • Unicorn-6774.exe (PID: 7720)
      • Unicorn-49941.exe (PID: 7632)
      • Unicorn-5997.exe (PID: 8008)
      • Unicorn-45769.exe (PID: 8048)
      • Unicorn-35930.exe (PID: 8068)
      • Unicorn-24040.exe (PID: 8124)
      • Unicorn-11596.exe (PID: 7204)
      • Unicorn-43714.exe (PID: 8180)
      • Unicorn-3236.exe (PID: 7244)
      • Unicorn-59064.exe (PID: 7532)
      • Unicorn-61294.exe (PID: 4628)
      • Unicorn-59064.exe (PID: 2136)
      • Unicorn-25671.exe (PID: 7812)
      • Unicorn-15016.exe (PID: 4880)
      • Unicorn-36314.exe (PID: 4300)
      • Unicorn-56734.exe (PID: 3304)
      • Unicorn-8088.exe (PID: 4696)
      • Unicorn-26639.exe (PID: 7848)
      • Unicorn-52458.exe (PID: 6620)
      • Unicorn-56781.exe (PID: 7560)
      • Unicorn-32583.exe (PID: 7460)
      • Unicorn-2711.exe (PID: 7444)
      • Unicorn-31315.exe (PID: 7436)
      • Unicorn-20902.exe (PID: 7424)
      • Unicorn-49225.exe (PID: 7692)
      • Unicorn-45769.exe (PID: 7768)
      • Unicorn-48037.exe (PID: 7668)
      • Unicorn-34114.exe (PID: 7888)
      • Unicorn-1249.exe (PID: 7644)
      • Unicorn-38006.exe (PID: 7992)
      • Unicorn-38560.exe (PID: 8016)
      • Unicorn-18746.exe (PID: 7944)
      • Unicorn-35266.exe (PID: 4108)
      • Unicorn-37387.exe (PID: 7376)
      • Unicorn-52157.exe (PID: 7716)
      • Unicorn-53439.exe (PID: 7884)
      • Unicorn-46558.exe (PID: 8156)
      • Unicorn-53885.exe (PID: 7620)
      • Unicorn-24934.exe (PID: 5048)
      • Unicorn-8597.exe (PID: 4180)
      • Unicorn-31576.exe (PID: 7592)
      • Unicorn-28634.exe (PID: 7904)
      • Unicorn-49630.exe (PID: 8264)
      • Unicorn-41846.exe (PID: 8240)
      • Unicorn-40677.exe (PID: 8252)
      • Unicorn-63226.exe (PID: 8288)
      • Unicorn-683.exe (PID: 8200)
      • Unicorn-17342.exe (PID: 8228)
      • Unicorn-41197.exe (PID: 8272)
      • Unicorn-30362.exe (PID: 8296)
      • Unicorn-23022.exe (PID: 8344)
      • Unicorn-44957.exe (PID: 8408)
      • Unicorn-7261.exe (PID: 8432)
      • Unicorn-65185.exe (PID: 8448)
      • Unicorn-43695.exe (PID: 8456)
      • Unicorn-58692.exe (PID: 8416)
      • Unicorn-41086.exe (PID: 8520)
      • Unicorn-49372.exe (PID: 8364)
      • Unicorn-14396.exe (PID: 8848)
      • Unicorn-19405.exe (PID: 8564)
      • Unicorn-8029.exe (PID: 8588)
      • Unicorn-52954.exe (PID: 8620)
      • Unicorn-26211.exe (PID: 8652)
      • Unicorn-7645.exe (PID: 8680)
      • Unicorn-45170.exe (PID: 8508)
      • Unicorn-32077.exe (PID: 8644)
      • Unicorn-33494.exe (PID: 8716)
      • Unicorn-53722.exe (PID: 8732)
      • Unicorn-49638.exe (PID: 8740)
      • Unicorn-52196.exe (PID: 8768)
      • Unicorn-42622.exe (PID: 8784)
      • Unicorn-19322.exe (PID: 8476)
      • Unicorn-25829.exe (PID: 8804)
      • Unicorn-25331.exe (PID: 8812)
      • Unicorn-34816.exe (PID: 8832)
      • Unicorn-12010.exe (PID: 8824)
      • Unicorn-28131.exe (PID: 8840)
      • Unicorn-4335.exe (PID: 8952)
      • Unicorn-34707.exe (PID: 8984)
      • Unicorn-47474.exe (PID: 8972)
      • Unicorn-52461.exe (PID: 8760)
      • Unicorn-47645.exe (PID: 9052)
      • Unicorn-46331.exe (PID: 8776)
      • Unicorn-13841.exe (PID: 8796)
      • Unicorn-10333.exe (PID: 9020)
      • Unicorn-54364.exe (PID: 9120)
      • Unicorn-60229.exe (PID: 9128)
      • Unicorn-2611.exe (PID: 9164)
      • Unicorn-40436.exe (PID: 9176)
      • Unicorn-60302.exe (PID: 9184)
      • Unicorn-59918.exe (PID: 7928)
      • Unicorn-61817.exe (PID: 7824)
      • Unicorn-13924.exe (PID: 9204)
      • Unicorn-34345.exe (PID: 7940)
      • Unicorn-57541.exe (PID: 2288)
      • Unicorn-28760.exe (PID: 3032)
      • Unicorn-48989.exe (PID: 2504)
      • Unicorn-28938.exe (PID: 9292)
      • Unicorn-62579.exe (PID: 9308)
      • Unicorn-16494.exe (PID: 9316)
      • Unicorn-27822.exe (PID: 9220)
      • Unicorn-46666.exe (PID: 9088)
      • Unicorn-57391.exe (PID: 9848)
      • Unicorn-6856.exe (PID: 9856)
      • Unicorn-3347.exe (PID: 9368)
      • Unicorn-37495.exe (PID: 9356)
      • Unicorn-45061.exe (PID: 8940)
      • Unicorn-57972.exe (PID: 9428)
      • Unicorn-39026.exe (PID: 9464)
      • Unicorn-46125.exe (PID: 9476)
      • Unicorn-39803.exe (PID: 9496)
      • Unicorn-31028.exe (PID: 9516)
      • Unicorn-57993.exe (PID: 9544)
      • Unicorn-44350.exe (PID: 5364)
      • Unicorn-42150.exe (PID: 9396)
      • Unicorn-64853.exe (PID: 9584)
      • Unicorn-14136.exe (PID: 9596)
      • Unicorn-5668.exe (PID: 9652)
      • Unicorn-20312.exe (PID: 9780)
      • Unicorn-22617.exe (PID: 9668)
      • Unicorn-39913.exe (PID: 9772)
      • Unicorn-53307.exe (PID: 9820)
      • Unicorn-64018.exe (PID: 10284)
      • Unicorn-7012.exe (PID: 10412)
      • Unicorn-42644.exe (PID: 10380)
      • Unicorn-20747.exe (PID: 10404)
      • Unicorn-1412.exe (PID: 10396)
      • Unicorn-31708.exe (PID: 10388)
      • Unicorn-14412.exe (PID: 9828)
      • Unicorn-20526.exe (PID: 9964)
      • Unicorn-12741.exe (PID: 3956)
      • Unicorn-53753.exe (PID: 9988)
      • Unicorn-14500.exe (PID: 9552)
      • Unicorn-26892.exe (PID: 3156)
      • Unicorn-47488.exe (PID: 10468)
      • Unicorn-2876.exe (PID: 10496)
      • Unicorn-12269.exe (PID: 10600)
      • Unicorn-15949.exe (PID: 10200)
      • Unicorn-18195.exe (PID: 10456)
      • Unicorn-53302.exe (PID: 10592)
      • Unicorn-681.exe (PID: 10180)
      • Unicorn-62518.exe (PID: 10064)
      • Unicorn-2497.exe (PID: 10116)
      • Unicorn-36287.exe (PID: 10172)
      • Unicorn-1287.exe (PID: 10480)
      • Unicorn-48834.exe (PID: 10628)
      • Unicorn-53110.exe (PID: 10612)
      • Unicorn-50505.exe (PID: 10524)
      • Unicorn-54661.exe (PID: 6248)
      • Unicorn-48813.exe (PID: 10508)
      • Unicorn-17676.exe (PID: 10988)
      • Unicorn-13893.exe (PID: 4336)
      • Unicorn-7609.exe (PID: 10844)
      • Unicorn-17676.exe (PID: 10956)
      • Unicorn-2217.exe (PID: 10972)
      • Unicorn-17676.exe (PID: 10940)
      • Unicorn-11014.exe (PID: 11020)
      • Unicorn-59861.exe (PID: 11300)
      • Unicorn-7609.exe (PID: 10852)
      • Unicorn-57945.exe (PID: 11144)
      • Unicorn-15952.exe (PID: 10964)
      • Unicorn-17676.exe (PID: 10948)
      • Unicorn-19020.exe (PID: 11140)
      • Unicorn-38621.exe (PID: 11272)
      • Unicorn-46649.exe (PID: 11204)
      • Unicorn-13814.exe (PID: 11028)
      • Unicorn-54646.exe (PID: 11184)
      • Unicorn-11206.exe (PID: 10996)
      • Unicorn-17676.exe (PID: 10980)
      • Unicorn-55414.exe (PID: 11240)
      • Unicorn-14884.exe (PID: 11596)
      • Unicorn-60384.exe (PID: 11212)
      • Unicorn-15512.exe (PID: 11640)
      • Unicorn-55917.exe (PID: 11604)
      • Unicorn-553.exe (PID: 10900)
      • Unicorn-63810.exe (PID: 11156)
      • Unicorn-60208.exe (PID: 10932)
      • Unicorn-15267.exe (PID: 10876)
      • Unicorn-19042.exe (PID: 11760)
      • Unicorn-23126.exe (PID: 11664)
      • Unicorn-10111.exe (PID: 11824)
      • Unicorn-41538.exe (PID: 11872)
      • Unicorn-45430.exe (PID: 11920)
      • Unicorn-44756.exe (PID: 11044)
      • Unicorn-2191.exe (PID: 12064)
      • Unicorn-7203.exe (PID: 12116)
      • Unicorn-41199.exe (PID: 11856)
      • Unicorn-23754.exe (PID: 12212)
      • Unicorn-57936.exe (PID: 12184)
      • Unicorn-12819.exe (PID: 12228)
      • Unicorn-44864.exe (PID: 12056)
      • Unicorn-2809.exe (PID: 12416)
      • Unicorn-40452.exe (PID: 12392)
      • Unicorn-22877.exe (PID: 12044)
      • Unicorn-13608.exe (PID: 12484)
      • Unicorn-50288.exe (PID: 12304)
      • Unicorn-53088.exe (PID: 4428)
      • Unicorn-33261.exe (PID: 12384)
      • Unicorn-26554.exe (PID: 12284)
      • Unicorn-13068.exe (PID: 12164)
      • Unicorn-36307.exe (PID: 11956)
      • Unicorn-37328.exe (PID: 12460)
      • Unicorn-6343.exe (PID: 11936)
      • Unicorn-42016.exe (PID: 12856)
      • Unicorn-12819.exe (PID: 12236)
      • Unicorn-12819.exe (PID: 12220)
      • Unicorn-33752.exe (PID: 12312)
      • Unicorn-48185.exe (PID: 12016)
      • Unicorn-42035.exe (PID: 14072)
      • Unicorn-56072.exe (PID: 13952)
      • Unicorn-61937.exe (PID: 13784)
      • Unicorn-11641.exe (PID: 12436)
      • Unicorn-61937.exe (PID: 13960)
      • Unicorn-49440.exe (PID: 14172)
      • Unicorn-52971.exe (PID: 14084)
      • Unicorn-56072.exe (PID: 13844)
      • Unicorn-19887.exe (PID: 13824)
      • Unicorn-42424.exe (PID: 13308)
      • Unicorn-2508.exe (PID: 12108)
      • Unicorn-30799.exe (PID: 13604)
      • Unicorn-31572.exe (PID: 13080)
      • Unicorn-12980.exe (PID: 13572)
      • Unicorn-37833.exe (PID: 13376)
      • Unicorn-53088.exe (PID: 13048)
      • Unicorn-29818.exe (PID: 13116)
      • Unicorn-36435.exe (PID: 14124)
      • Unicorn-60453.exe (PID: 12412)
      • Unicorn-53501.exe (PID: 14052)
      • Unicorn-55771.exe (PID: 14140)
      • Unicorn-17064.exe (PID: 13556)
      • Unicorn-53802.exe (PID: 13836)
      • Unicorn-17064.exe (PID: 13512)
      • Unicorn-27501.exe (PID: 13620)
      • Unicorn-42035.exe (PID: 14092)
      • Unicorn-32462.exe (PID: 13644)
      • Unicorn-60453.exe (PID: 4016)
      • Unicorn-56400.exe (PID: 14852)
      • Unicorn-32598.exe (PID: 13340)
      • Unicorn-32435.exe (PID: 15128)
      • Unicorn-55771.exe (PID: 14268)
      • Unicorn-56152.exe (PID: 14836)
      • Unicorn-64817.exe (PID: 14828)
      • Unicorn-35193.exe (PID: 14736)
      • Unicorn-61636.exe (PID: 14212)
      • Unicorn-27994.exe (PID: 13384)
      • Unicorn-28530.exe (PID: 13528)
      • Unicorn-36794.exe (PID: 3992)
      • Unicorn-33312.exe (PID: 15196)
      • Unicorn-55771.exe (PID: 14244)
      • Unicorn-15336.exe (PID: 13144)
      • Unicorn-30799.exe (PID: 13612)
      • Unicorn-61636.exe (PID: 14220)
      • Unicorn-1269.exe (PID: 15188)
      • Unicorn-33312.exe (PID: 15228)

    • Reads the computer name

      • 1 (1274).exe (PID: 5796)
      • Unicorn-56521.exe (PID: 2268)
      • Unicorn-61238.exe (PID: 4172)
      • Unicorn-340.exe (PID: 680)
      • Unicorn-42894.exe (PID: 5800)
      • Unicorn-37741.exe (PID: 6112)
      • Unicorn-31610.exe (PID: 2692)
      • Unicorn-43448.exe (PID: 6744)
      • Unicorn-8249.exe (PID: 2552)
      • Unicorn-12888.exe (PID: 4464)
      • Unicorn-12696.exe (PID: 6656)
      • Unicorn-11949.exe (PID: 3676)
      • Unicorn-39661.exe (PID: 6272)
      • Unicorn-26854.exe (PID: 5156)
      • Unicorn-4470.exe (PID: 7180)
      • Unicorn-53195.exe (PID: 7276)
      • Unicorn-23538.exe (PID: 7292)
      • Unicorn-20798.exe (PID: 7548)
      • Unicorn-51861.exe (PID: 7316)
      • Unicorn-53195.exe (PID: 7284)
      • Unicorn-9100.exe (PID: 7608)
      • Unicorn-6774.exe (PID: 7720)
      • Unicorn-5997.exe (PID: 8008)
      • Unicorn-45769.exe (PID: 8048)
      • Unicorn-11596.exe (PID: 7204)
      • Unicorn-7040.exe (PID: 3900)
      • Unicorn-26639.exe (PID: 7848)
      • Unicorn-60169.exe (PID: 8080)
      • Unicorn-61294.exe (PID: 4628)
      • Unicorn-24040.exe (PID: 8124)
      • Unicorn-37299.exe (PID: 8060)
      • Unicorn-36314.exe (PID: 4300)
      • Unicorn-1249.exe (PID: 7644)
      • Unicorn-18746.exe (PID: 7944)
      • Unicorn-58383.exe (PID: 7660)
      • Unicorn-33849.exe (PID: 7688)
      • Unicorn-8088.exe (PID: 4696)
      • Unicorn-34114.exe (PID: 7888)
      • Unicorn-41846.exe (PID: 8240)
      • Unicorn-53439.exe (PID: 7884)
      • Unicorn-38006.exe (PID: 7992)
      • Unicorn-56734.exe (PID: 3304)
      • Unicorn-40677.exe (PID: 8252)
      • Unicorn-20902.exe (PID: 7424)
      • Unicorn-59064.exe (PID: 2136)
      • Unicorn-41197.exe (PID: 8272)
      • Unicorn-38560.exe (PID: 8016)
      • Unicorn-2977.exe (PID: 7336)
      • Unicorn-62856.exe (PID: 6640)
      • Unicorn-683.exe (PID: 8200)
      • Unicorn-31315.exe (PID: 7436)
      • Unicorn-17342.exe (PID: 8228)
      • Unicorn-15016.exe (PID: 4880)
      • Unicorn-63226.exe (PID: 8288)
      • Unicorn-53421.exe (PID: 8912)
      • Unicorn-49630.exe (PID: 8264)
      • Unicorn-45170.exe (PID: 8508)
      • Unicorn-8029.exe (PID: 8588)
      • Unicorn-48037.exe (PID: 7668)
      • Unicorn-19405.exe (PID: 8564)
      • Unicorn-46558.exe (PID: 8156)
      • Unicorn-31576.exe (PID: 7592)
      • Unicorn-28878.exe (PID: 7740)
      • Unicorn-37387.exe (PID: 7376)
      • Unicorn-49372.exe (PID: 8364)
      • Unicorn-30362.exe (PID: 8296)
      • Unicorn-26211.exe (PID: 8652)
      • Unicorn-58692.exe (PID: 8416)
      • Unicorn-35266.exe (PID: 4108)
      • Unicorn-13841.exe (PID: 8796)
      • Unicorn-46666.exe (PID: 9088)
      • Unicorn-47645.exe (PID: 9052)
      • Unicorn-22394.exe (PID: 9068)
      • Unicorn-25829.exe (PID: 8804)
      • Unicorn-57391.exe (PID: 9848)
      • Unicorn-6856.exe (PID: 9856)
      • Unicorn-12409.exe (PID: 9324)
      • Unicorn-39471.exe (PID: 9900)
      • Unicorn-48989.exe (PID: 2504)
      • Unicorn-42622.exe (PID: 8784)
      • Unicorn-27822.exe (PID: 9220)
      • Unicorn-39803.exe (PID: 9496)
      • Unicorn-5564.exe (PID: 9448)
      • Unicorn-7697.exe (PID: 9716)
      • Unicorn-60302.exe (PID: 9184)
      • Unicorn-15791.exe (PID: 9576)
      • Unicorn-59861.exe (PID: 11300)
      • Unicorn-10333.exe (PID: 9020)
      • Unicorn-49638.exe (PID: 8740)
      • Unicorn-48989.exe (PID: 6988)
      • Unicorn-53885.exe (PID: 7620)
      • Unicorn-44957.exe (PID: 8408)
      • Unicorn-32583.exe (PID: 7460)
      • Unicorn-18195.exe (PID: 10456)
      • Unicorn-33494.exe (PID: 8716)
      • Unicorn-30422.exe (PID: 6264)
      • Unicorn-7012.exe (PID: 12996)
      • Unicorn-29818.exe (PID: 12964)
      • Unicorn-45289.exe (PID: 6068)
      • Unicorn-2217.exe (PID: 10972)
      • Unicorn-39913.exe (PID: 9772)

    • Create files in a temporary directory

      • Unicorn-61238.exe (PID: 4172)
      • Unicorn-56521.exe (PID: 2268)
      • Unicorn-340.exe (PID: 680)
      • Unicorn-42894.exe (PID: 5800)
      • Unicorn-37741.exe (PID: 6112)
      • 1 (1274).exe (PID: 5796)
      • Unicorn-31610.exe (PID: 2692)
      • Unicorn-43448.exe (PID: 6744)
      • Unicorn-12888.exe (PID: 4464)
      • Unicorn-12696.exe (PID: 6656)
      • Unicorn-61342.exe (PID: 4688)
      • Unicorn-11949.exe (PID: 3676)
      • Unicorn-11684.exe (PID: 6960)
      • Unicorn-26854.exe (PID: 5156)
      • Unicorn-4470.exe (PID: 7180)
      • Unicorn-10600.exe (PID: 7188)
      • Unicorn-32260.exe (PID: 7324)
      • Unicorn-33329.exe (PID: 7264)
      • Unicorn-57341.exe (PID: 6816)
      • Unicorn-46211.exe (PID: 7340)
      • Unicorn-20798.exe (PID: 7548)
      • Unicorn-50464.exe (PID: 7196)
      • Unicorn-53195.exe (PID: 7284)
      • Unicorn-56210.exe (PID: 7308)
      • Unicorn-8249.exe (PID: 2552)
      • Unicorn-49941.exe (PID: 7632)
      • Unicorn-13973.exe (PID: 7704)
      • Unicorn-6774.exe (PID: 7720)
      • Unicorn-53195.exe (PID: 7276)
      • Unicorn-37600.exe (PID: 7788)
      • Unicorn-25671.exe (PID: 7812)
      • Unicorn-11596.exe (PID: 7204)
      • Unicorn-54181.exe (PID: 4228)
      • Unicorn-26639.exe (PID: 7848)
      • Unicorn-9100.exe (PID: 7608)
      • Unicorn-60169.exe (PID: 8080)
      • Unicorn-7040.exe (PID: 3900)
      • Unicorn-37299.exe (PID: 8060)
      • Unicorn-1249.exe (PID: 7644)
      • Unicorn-24040.exe (PID: 8124)
      • Unicorn-36314.exe (PID: 4300)
      • Unicorn-45769.exe (PID: 7768)
      • Unicorn-34114.exe (PID: 7888)
      • Unicorn-33849.exe (PID: 7688)
      • Unicorn-58383.exe (PID: 7660)
      • Unicorn-50429.exe (PID: 7556)
      • Unicorn-52157.exe (PID: 7716)
      • Unicorn-18746.exe (PID: 7944)
      • Unicorn-2711.exe (PID: 7444)
      • Unicorn-8088.exe (PID: 4696)
      • Unicorn-43714.exe (PID: 8180)
      • Unicorn-41846.exe (PID: 8240)
      • Unicorn-49225.exe (PID: 7692)
      • Unicorn-23324.exe (PID: 6424)
      • Unicorn-41197.exe (PID: 8272)
      • Unicorn-59064.exe (PID: 2136)
      • Unicorn-52458.exe (PID: 6620)
      • Unicorn-8405.exe (PID: 7600)
      • Unicorn-2977.exe (PID: 7336)
      • Unicorn-62856.exe (PID: 6640)
      • Unicorn-40677.exe (PID: 8252)
      • Unicorn-8597.exe (PID: 4180)
      • Unicorn-35930.exe (PID: 8068)
      • Unicorn-17342.exe (PID: 8228)
      • Unicorn-15016.exe (PID: 4880)
      • Unicorn-58574.exe (PID: 8880)
      • Unicorn-39661.exe (PID: 6272)
      • Unicorn-45170.exe (PID: 8508)
      • Unicorn-46558.exe (PID: 8156)
      • Unicorn-37387.exe (PID: 7376)
      • Unicorn-61294.exe (PID: 4628)
      • Unicorn-63226.exe (PID: 8288)
      • Unicorn-38560.exe (PID: 8016)
      • Unicorn-49372.exe (PID: 8364)
      • Unicorn-48037.exe (PID: 7668)
      • Unicorn-30362.exe (PID: 8296)
      • Unicorn-58692.exe (PID: 8416)
      • Unicorn-43695.exe (PID: 8456)
      • Unicorn-12010.exe (PID: 8824)
      • Unicorn-41086.exe (PID: 8520)
      • Unicorn-46666.exe (PID: 9088)
      • Unicorn-59064.exe (PID: 7532)
      • Unicorn-47645.exe (PID: 9052)
      • Unicorn-22394.exe (PID: 9068)
      • Unicorn-25829.exe (PID: 8804)
      • Unicorn-57391.exe (PID: 9848)
      • Unicorn-45769.exe (PID: 8048)
      • Unicorn-53421.exe (PID: 8912)
      • Unicorn-54364.exe (PID: 9120)
      • Unicorn-33219.exe (PID: 8688)
      • Unicorn-51861.exe (PID: 7316)
      • Unicorn-27775.exe (PID: 1056)
      • Unicorn-34816.exe (PID: 8832)
      • Unicorn-42622.exe (PID: 8784)
      • Unicorn-38006.exe (PID: 7992)
      • Unicorn-3236.exe (PID: 7244)
      • Unicorn-31315.exe (PID: 7436)
      • Unicorn-28634.exe (PID: 7904)
      • Unicorn-46331.exe (PID: 8776)
      • Unicorn-5564.exe (PID: 9448)
      • Unicorn-1012.exe (PID: 9060)
      • Unicorn-48834.exe (PID: 10628)
      • Unicorn-39803.exe (PID: 9496)
      • Unicorn-37246.exe (PID: 9908)
      • Unicorn-7697.exe (PID: 9716)
      • Unicorn-19020.exe (PID: 11140)
      • Unicorn-23538.exe (PID: 7292)
      • Unicorn-38621.exe (PID: 11272)
      • Unicorn-59861.exe (PID: 11300)
      • Unicorn-14396.exe (PID: 8848)
      • Unicorn-49630.exe (PID: 8264)
      • Unicorn-19042.exe (PID: 11760)
      • Unicorn-35266.exe (PID: 4108)
      • Unicorn-23126.exe (PID: 11664)
      • Unicorn-26211.exe (PID: 8652)
      • Unicorn-49638.exe (PID: 8740)
      • Unicorn-44957.exe (PID: 8408)
      • Unicorn-31576.exe (PID: 7592)
      • Unicorn-23022.exe (PID: 8344)
      • Unicorn-40178.exe (PID: 9800)
      • Unicorn-20312.exe (PID: 9780)
      • Unicorn-17270.exe (PID: 11776)
      • Unicorn-33494.exe (PID: 8716)
      • Unicorn-34707.exe (PID: 8984)
      • Unicorn-18195.exe (PID: 10456)
      • Unicorn-53722.exe (PID: 8732)
      • Unicorn-10333.exe (PID: 9020)
      • Unicorn-12269.exe (PID: 10600)
      • Unicorn-16494.exe (PID: 9316)
      • Unicorn-56734.exe (PID: 3304)
      • Unicorn-5997.exe (PID: 8008)
      • Unicorn-17676.exe (PID: 10980)
      • Unicorn-7012.exe (PID: 12996)
      • Unicorn-45289.exe (PID: 6068)
      • Unicorn-9823.exe (PID: 3024)
      • Unicorn-30422.exe (PID: 6264)
      • Unicorn-17676.exe (PID: 10956)

    • Creates files or folders in the user directory

      • BackgroundTransferHost.exe (PID: 7436)

    • Checks proxy server information

      • BackgroundTransferHost.exe (PID: 7436)

    • Reads security settings of Internet Explorer

      • BackgroundTransferHost.exe (PID: 7436)
      • BackgroundTransferHost.exe (PID: 7656)
      • BackgroundTransferHost.exe (PID: 7360)

    • Reads the software policy settings

      • BackgroundTransferHost.exe (PID: 7436)
      • slui.exe (PID: 1760)
Find more information about signature artifacts and mapping to MITRE ATT&CK™ MATRIX at the full report
No Malware configuration.

TRiD

.exe | Win32 Executable Microsoft Visual Basic 6 (90.6)
.exe | Win32 Executable (generic) (4.9)
.exe | Generic Win/DOS Executable (2.2)
.exe | DOS Executable Generic (2.2)

EXIF

EXE

MachineType: Intel 386 or later, and compatibles
TimeStamp: 2019:01:20 00:32:00+00:00
ImageFileCharacteristics: No relocs, Executable, No line numbers, No symbols, 32-bit, No debug, Removable run from swap, Net run from swap, Uniprocessor only, Bytes reversed hi
PEType: PE32
LinkerVersion: 6
CodeSize: 176128
InitializedDataSize: 299008
UninitializedDataSize: -
EntryPoint: 0x13d4
OSVersion: 4
ImageVersion: 1
SubsystemVersion: 4
Subsystem: Windows GUI
FileVersionNumber: 1.0.0.0
ProductVersionNumber: 1.0.0.0
FileFlagsMask: 0x003f
FileFlags: (none)
FileOS: Win32
ObjectFileType: Executable application
FileSubtype: -
LanguageCode: Chinese (Simplified)
CharacterSet: Unicode
CompanyName: UEFI
ProductName: Kawaii-Unicorn
FileVersion: 1
ProductVersion: 1
InternalName: Kawaii-Unicorn
OriginalFileName: Kawaii-Unicorn.exe
No data.
screenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshot
All screenshots are available in the full report
All screenshots are available in the full report
Total processes
609
Monitored processes
478
Malicious processes
75
Suspicious processes
56

Behavior graph

Click at the process to see the details
start 1 (1274).exe sppextcomobj.exe no specs slui.exe unicorn-56521.exe unicorn-61238.exe unicorn-340.exe unicorn-42894.exe unicorn-43448.exe unicorn-31610.exe unicorn-37741.exe unicorn-8249.exe unicorn-12888.exe unicorn-61342.exe unicorn-12696.exe unicorn-39661.exe unicorn-11949.exe unicorn-11684.exe unicorn-27775.exe backgroundtransferhost.exe no specs unicorn-26854.exe unicorn-23324.exe unicorn-29677.exe no specs unicorn-54181.exe unicorn-57341.exe unicorn-4470.exe unicorn-10600.exe unicorn-50464.exe unicorn-33329.exe unicorn-53195.exe unicorn-53195.exe unicorn-23538.exe unicorn-56210.exe unicorn-51861.exe unicorn-32260.exe unicorn-46211.exe backgroundtransferhost.exe unicorn-20798.exe unicorn-9100.exe unicorn-49941.exe backgroundtransferhost.exe no specs unicorn-13973.exe unicorn-6774.exe backgroundtransferhost.exe no specs unicorn-5997.exe unicorn-45769.exe unicorn-35930.exe unicorn-60169.exe unicorn-24040.exe unicorn-43714.exe unicorn-11596.exe unicorn-3236.exe backgroundtransferhost.exe no specs unicorn-7040.exe unicorn-61294.exe unicorn-59064.exe unicorn-59064.exe unicorn-15016.exe unicorn-36314.exe unicorn-56734.exe unicorn-62856.exe unicorn-8088.exe unicorn-52458.exe unicorn-50429.exe unicorn-2711.exe unicorn-32583.exe unicorn-56781.exe unicorn-31315.exe unicorn-20902.exe unicorn-49225.exe unicorn-28878.exe unicorn-45769.exe unicorn-37600.exe unicorn-25671.exe unicorn-26639.exe unicorn-48037.exe unicorn-33849.exe unicorn-34114.exe unicorn-1249.exe unicorn-18746.exe unicorn-38006.exe unicorn-38560.exe unicorn-37299.exe unicorn-46558.exe unicorn-35266.exe unicorn-52157.exe unicorn-37387.exe unicorn-53439.exe unicorn-2977.exe unicorn-8597.exe unicorn-24934.exe unicorn-8405.exe unicorn-31576.exe unicorn-53885.exe unicorn-28634.exe unicorn-58383.exe unicorn-56460.exe unicorn-683.exe unicorn-17342.exe unicorn-41846.exe unicorn-40677.exe unicorn-49630.exe unicorn-41197.exe unicorn-63226.exe unicorn-30362.exe unicorn-23022.exe unicorn-49372.exe unicorn-44957.exe unicorn-58692.exe unicorn-7261.exe no specs unicorn-65185.exe unicorn-43695.exe unicorn-19322.exe unicorn-45170.exe unicorn-41086.exe unicorn-19405.exe unicorn-8029.exe unicorn-36618.exe no specs unicorn-52954.exe no specs unicorn-32077.exe no specs unicorn-26211.exe unicorn-7645.exe unicorn-33219.exe unicorn-33494.exe unicorn-53722.exe unicorn-49638.exe unicorn-52461.exe no specs unicorn-52196.exe unicorn-46331.exe unicorn-42622.exe unicorn-13841.exe unicorn-25829.exe unicorn-25331.exe unicorn-12010.exe unicorn-34816.exe unicorn-28131.exe no specs unicorn-14396.exe unicorn-58574.exe unicorn-53421.exe unicorn-45061.exe unicorn-4335.exe unicorn-47474.exe no specs unicorn-34707.exe unicorn-48443.exe unicorn-10333.exe unicorn-47645.exe unicorn-1012.exe unicorn-22394.exe unicorn-46666.exe unicorn-54364.exe unicorn-60229.exe no specs unicorn-2611.exe no specs unicorn-40436.exe no specs unicorn-60302.exe unicorn-13924.exe unicorn-59918.exe no specs unicorn-34345.exe no specs unicorn-61817.exe no specs unicorn-23245.exe no specs unicorn-45289.exe unicorn-9823.exe unicorn-57541.exe no specs unicorn-28760.exe unicorn-44350.exe no specs unicorn-48989.exe unicorn-48989.exe unicorn-27822.exe unicorn-19107.exe unicorn-45393.exe no specs unicorn-4625.exe no specs unicorn-28938.exe unicorn-62579.exe unicorn-16494.exe unicorn-12409.exe unicorn-37495.exe no specs unicorn-3347.exe unicorn-5948.exe no specs unicorn-42150.exe no specs unicorn-57972.exe unicorn-5564.exe unicorn-39026.exe no specs unicorn-46125.exe unicorn-38834.exe no specs unicorn-39803.exe unicorn-31028.exe no specs unicorn-4708.exe no specs unicorn-57993.exe no specs unicorn-14500.exe no specs unicorn-15791.exe unicorn-64853.exe no specs unicorn-14136.exe no specs unicorn-5668.exe unicorn-22617.exe unicorn-7697.exe unicorn-53177.exe unicorn-39913.exe unicorn-20312.exe unicorn-40178.exe unicorn-53307.exe unicorn-14412.exe unicorn-57391.exe unicorn-6856.exe unicorn-39471.exe unicorn-37246.exe unicorn-20526.exe no specs unicorn-53753.exe no specs unicorn-62518.exe no specs unicorn-29654.exe no specs unicorn-34292.exe no specs unicorn-2497.exe unicorn-58050.exe no specs unicorn-36287.exe no specs unicorn-681.exe unicorn-15949.exe no specs unicorn-12741.exe no specs unicorn-30422.exe unicorn-26892.exe no specs unicorn-54661.exe no specs unicorn-13893.exe no specs unicorn-64018.exe no specs unicorn-42644.exe no specs unicorn-31708.exe unicorn-1412.exe unicorn-20747.exe unicorn-7012.exe unicorn-18195.exe unicorn-47488.exe unicorn-1287.exe unicorn-2876.exe no specs unicorn-48813.exe no specs unicorn-50505.exe no specs unicorn-53302.exe no specs unicorn-12269.exe unicorn-53110.exe no specs unicorn-48834.exe unicorn-7609.exe no specs unicorn-7609.exe no specs unicorn-13784.exe no specs unicorn-15267.exe no specs unicorn-553.exe no specs unicorn-60208.exe no specs unicorn-17676.exe unicorn-17676.exe no specs unicorn-17676.exe unicorn-15952.exe no specs unicorn-2217.exe unicorn-17676.exe unicorn-17676.exe no specs unicorn-11206.exe no specs unicorn-31411.exe no specs unicorn-11014.exe no specs unicorn-13814.exe unicorn-47556.exe no specs unicorn-44756.exe no specs unicorn-33820.exe no specs unicorn-7500.exe no specs unicorn-43280.exe no specs unicorn-57945.exe no specs unicorn-63810.exe no specs unicorn-54646.exe no specs unicorn-46649.exe unicorn-60384.exe no specs unicorn-58713.exe no specs unicorn-55414.exe no specs unicorn-19020.exe unicorn-38621.exe unicorn-59861.exe unicorn-55860.exe no specs unicorn-14884.exe unicorn-55917.exe no specs unicorn-50052.exe unicorn-15512.exe unicorn-29247.exe no specs unicorn-23126.exe unicorn-21791.exe no specs unicorn-19042.exe unicorn-16110.exe no specs unicorn-17270.exe unicorn-10111.exe no specs unicorn-59120.exe no specs unicorn-32062.exe no specs unicorn-41199.exe no specs unicorn-41538.exe no specs unicorn-45430.exe no specs unicorn-6343.exe no specs unicorn-36307.exe no specs unicorn-45238.exe no specs unicorn-12141.exe no specs unicorn-53214.exe no specs unicorn-48185.exe no specs unicorn-22877.exe no specs unicorn-44864.exe no specs unicorn-2191.exe no specs unicorn-7203.exe no specs unicorn-59005.exe no specs unicorn-13068.exe no specs unicorn-13068.exe no specs unicorn-1081.exe no specs unicorn-57936.exe no specs unicorn-32420.exe no specs unicorn-23754.exe no specs unicorn-12819.exe no specs unicorn-12819.exe no specs unicorn-12819.exe no specs unicorn-12819.exe no specs unicorn-12819.exe no specs unicorn-12819.exe no specs unicorn-26554.exe no specs unicorn-64188.exe no specs unicorn-25669.exe no specs unicorn-53088.exe no specs unicorn-53088.exe unicorn-50288.exe no specs unicorn-33752.exe no specs unicorn-39352.exe no specs unicorn-58953.exe unicorn-63665.exe no specs unicorn-33261.exe no specs unicorn-40452.exe no specs unicorn-2809.exe no specs unicorn-11641.exe unicorn-37328.exe no specs unicorn-13608.exe no specs unicorn-42016.exe no specs unicorn-29818.exe no specs unicorn-13281.exe no specs unicorn-27571.exe no specs unicorn-13836.exe no specs unicorn-29818.exe unicorn-7012.exe unicorn-27898.exe unicorn-53088.exe no specs unicorn-42180.exe no specs unicorn-54432.exe no specs unicorn-31572.exe no specs unicorn-58953.exe no specs unicorn-27018.exe no specs unicorn-29818.exe no specs unicorn-50239.exe no specs unicorn-15336.exe no specs unicorn-41678.exe no specs unicorn-42424.exe no specs unicorn-2508.exe unicorn-13452.exe no specs unicorn-8429.exe no specs unicorn-24771.exe no specs unicorn-60453.exe no specs unicorn-60453.exe no specs unicorn-60453.exe no specs unicorn-24795.exe no specs unicorn-32598.exe unicorn-37833.exe no specs unicorn-27994.exe no specs slui.exe no specs unicorn-52041.exe no specs unicorn-6120.exe no specs unicorn-60090.exe no specs unicorn-36665.exe no specs unicorn-17064.exe no specs unicorn-17064.exe no specs unicorn-11464.exe no specs unicorn-28530.exe no specs unicorn-61989.exe no specs unicorn-10187.exe no specs unicorn-17064.exe no specs unicorn-27999.exe no specs unicorn-12980.exe no specs unicorn-30799.exe no specs unicorn-30799.exe no specs unicorn-30799.exe no specs unicorn-30799.exe no specs unicorn-30799.exe no specs unicorn-27501.exe no specs unicorn-39753.exe no specs unicorn-32462.exe no specs unicorn-48990.exe no specs unicorn-20210.exe no specs unicorn-15934.exe no specs unicorn-36354.exe no specs unicorn-20018.exe no specs unicorn-61937.exe no specs unicorn-51813.exe no specs unicorn-61937.exe unicorn-19887.exe no specs unicorn-53802.exe no specs unicorn-56072.exe no specs unicorn-56072.exe no specs unicorn-41782.exe no specs unicorn-53272.exe no specs unicorn-61937.exe no specs unicorn-42336.exe no specs unicorn-61937.exe no specs unicorn-1910.exe no specs unicorn-56072.exe unicorn-61937.exe unicorn-56072.exe unicorn-36736.exe no specs unicorn-30799.exe no specs unicorn-28251.exe no specs unicorn-53501.exe no specs unicorn-42035.exe no specs unicorn-42035.exe no specs unicorn-52971.exe no specs unicorn-42035.exe no specs unicorn-36435.exe no specs unicorn-36435.exe no specs unicorn-61636.exe no specs unicorn-55771.exe no specs unicorn-49440.exe no specs unicorn-49440.exe no specs unicorn-61692.exe no specs unicorn-61636.exe no specs unicorn-61636.exe no specs unicorn-61636.exe no specs unicorn-55771.exe no specs unicorn-55771.exe no specs unicorn-55771.exe no specs unicorn-55771.exe no specs unicorn-55771.exe no specs unicorn-17972.exe no specs unicorn-6540.exe no specs unicorn-65082.exe no specs unicorn-65082.exe no specs unicorn-65082.exe no specs unicorn-5603.exe no specs unicorn-35193.exe no specs unicorn-45217.exe no specs unicorn-64817.exe no specs unicorn-56152.exe no specs unicorn-36302.exe no specs unicorn-56400.exe no specs unicorn-44470.exe no specs unicorn-45321.exe no specs unicorn-12913.exe no specs unicorn-23666.exe no specs unicorn-9960.exe no specs unicorn-64817.exe unicorn-58952.exe unicorn-32435.exe no specs unicorn-32435.exe no specs unicorn-1269.exe no specs unicorn-1269.exe no specs unicorn-1269.exe no specs unicorn-9934.exe no specs unicorn-55871.exe no specs unicorn-33312.exe no specs unicorn-1269.exe no specs unicorn-33312.exe no specs unicorn-4069.exe no specs unicorn-4069.exe no specs unicorn-32435.exe no specs unicorn-33312.exe no specs unicorn-4069.exe no specs unicorn-4069.exe no specs unicorn-44248.exe no specs unicorn-52913.exe no specs unicorn-56395.exe no specs unicorn-4069.exe unicorn-36794.exe unicorn-56692.exe unicorn-27712.exe no specs unicorn-50271.exe no specs unicorn-27712.exe unicorn-26835.exe no specs unicorn-56692.exe no specs unicorn-46171.exe no specs unicorn-26835.exe no specs unicorn-52301.exe unicorn-52036.exe unicorn-65357.exe no specs unicorn-12535.exe no specs unicorn-15335.exe no specs unicorn-21200.exe no specs unicorn-21200.exe unicorn-1600.exe no specs unicorn-17917.exe no specs unicorn-852.exe no specs unicorn-26053.exe no specs unicorn-26053.exe no specs

Process information

PID
CMD
Path
Indicators
Parent process
680C:\Users\admin\AppData\Local\Temp\Unicorn-340.exeC:\Users\admin\AppData\Local\Temp\Unicorn-340.exe
1 (1274).exe
User:
admin
Company:
UEFI
Integrity Level:
MEDIUM
Version:
1.00
Modules
Images
c:\users\admin\appdata\local\temp\unicorn-340.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\apphelp.dll
c:\windows\syswow64\msvbvm60.dll
1040"BackgroundTransferHost.exe" -ServerName:BackgroundTransferHost.1C:\Windows\System32\BackgroundTransferHost.exesvchost.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
MEDIUM
Description:
Download/Upload Host
Exit code:
1
Version:
10.0.19041.3636 (WinBuild.160101.0800)
Modules
Images
c:\windows\system32\backgroundtransferhost.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\combase.dll
c:\windows\system32\ucrtbase.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\kernel.appcore.dll
c:\windows\system32\bcryptprimitives.dll
1056C:\Users\admin\AppData\Local\Temp\Unicorn-27775.exeC:\Users\admin\AppData\Local\Temp\Unicorn-27775.exe
Unicorn-56521.exe
User:
admin
Company:
UEFI
Integrity Level:
MEDIUM
Version:
1.00
Modules
Images
c:\users\admin\appdata\local\temp\unicorn-27775.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\apphelp.dll
c:\windows\syswow64\msvbvm60.dll
1760"C:\WINDOWS\System32\SLUI.exe" RuleId=3482d82e-ca2c-4e1f-8864-da0267b484b2;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=4de7cb65-cdf1-4de9-8ae8-e3cce27b9f2c;NotificationInterval=1440;Trigger=TimerEventC:\Windows\System32\slui.exe
SppExtComObj.Exe
User:
NETWORK SERVICE
Company:
Microsoft Corporation
Integrity Level:
SYSTEM
Description:
Windows Activation Client
Version:
10.0.19041.1 (WinBuild.160101.0800)
Modules
Images
c:\windows\system32\slui.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\bcrypt.dll
c:\windows\system32\user32.dll
2104C:\Users\admin\AppData\Local\Temp\Unicorn-29677.exeC:\Users\admin\AppData\Local\Temp\Unicorn-29677.exeUnicorn-61342.exe
User:
admin
Company:
UEFI
Integrity Level:
MEDIUM
Exit code:
3221225785
Version:
1.00
Modules
Images
c:\users\admin\appdata\local\temp\unicorn-29677.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\apphelp.dll
c:\windows\syswow64\msvbvm60.dll
2136C:\Users\admin\AppData\Local\Temp\Unicorn-59064.exeC:\Users\admin\AppData\Local\Temp\Unicorn-59064.exe
Unicorn-33329.exe
User:
admin
Company:
UEFI
Integrity Level:
MEDIUM
Version:
1.00
Modules
Images
c:\users\admin\appdata\local\temp\unicorn-59064.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\msvbvm60.dll
c:\windows\syswow64\user32.dll
2268C:\Users\admin\AppData\Local\Temp\Unicorn-56521.exeC:\Users\admin\AppData\Local\Temp\Unicorn-56521.exe
1 (1274).exe
User:
admin
Company:
UEFI
Integrity Level:
MEDIUM
Version:
1.00
Modules
Images
c:\users\admin\appdata\local\temp\unicorn-56521.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\apphelp.dll
c:\windows\syswow64\msvbvm60.dll
2288C:\Users\admin\AppData\Local\Temp\Unicorn-57541.exeC:\Users\admin\AppData\Local\Temp\Unicorn-57541.exeUnicorn-20798.exe
User:
admin
Company:
UEFI
Integrity Level:
MEDIUM
Version:
1.00
Modules
Images
c:\users\admin\appdata\local\temp\unicorn-57541.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\apphelp.dll
c:\windows\syswow64\msvbvm60.dll
2504C:\Users\admin\AppData\Local\Temp\Unicorn-48989.exeC:\Users\admin\AppData\Local\Temp\Unicorn-48989.exe
Unicorn-57341.exe
User:
admin
Company:
UEFI
Integrity Level:
MEDIUM
Version:
1.00
Modules
Images
c:\users\admin\appdata\local\temp\unicorn-48989.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\apphelp.dll
c:\windows\syswow64\msvbvm60.dll
2552C:\Users\admin\AppData\Local\Temp\Unicorn-8249.exeC:\Users\admin\AppData\Local\Temp\Unicorn-8249.exe
Unicorn-42894.exe
User:
admin
Company:
UEFI
Integrity Level:
MEDIUM
Version:
1.00
Modules
Images
c:\users\admin\appdata\local\temp\unicorn-8249.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\apphelp.dll
c:\windows\syswow64\msvbvm60.dll
Total events
10 941
Read events
10 926
Write events
15
Delete events
0

Modification events

(PID) Process:(1040) BackgroundTransferHost.exeKey:HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.contentdeliverymanager_cw5n1h2txyewy\Internet Settings\Cache\Content
Operation:writeName:CachePrefix
Value:
(PID) Process:(1040) BackgroundTransferHost.exeKey:HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.contentdeliverymanager_cw5n1h2txyewy\Internet Settings\Cache\Cookies
Operation:writeName:CachePrefix
Value:
Cookie:
(PID) Process:(1040) BackgroundTransferHost.exeKey:HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.contentdeliverymanager_cw5n1h2txyewy\Internet Settings\Cache\History
Operation:writeName:CachePrefix
Value:
Visited:
(PID) Process:(7436) BackgroundTransferHost.exeKey:HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.contentdeliverymanager_cw5n1h2txyewy\Internet Settings\Cache\Content
Operation:writeName:CachePrefix
Value:
(PID) Process:(7436) BackgroundTransferHost.exeKey:HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.contentdeliverymanager_cw5n1h2txyewy\Internet Settings\Cache\Cookies
Operation:writeName:CachePrefix
Value:
Cookie:
(PID) Process:(7436) BackgroundTransferHost.exeKey:HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.contentdeliverymanager_cw5n1h2txyewy\Internet Settings\Cache\History
Operation:writeName:CachePrefix
Value:
Visited:
(PID) Process:(7936) BackgroundTransferHost.exeKey:HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.contentdeliverymanager_cw5n1h2txyewy\Internet Settings\Cache\Content
Operation:writeName:CachePrefix
Value:
(PID) Process:(7936) BackgroundTransferHost.exeKey:HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.contentdeliverymanager_cw5n1h2txyewy\Internet Settings\Cache\Cookies
Operation:writeName:CachePrefix
Value:
Cookie:
(PID) Process:(7936) BackgroundTransferHost.exeKey:HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.contentdeliverymanager_cw5n1h2txyewy\Internet Settings\Cache\History
Operation:writeName:CachePrefix
Value:
Visited:
(PID) Process:(7656) BackgroundTransferHost.exeKey:HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.contentdeliverymanager_cw5n1h2txyewy\Internet Settings\Cache\Content
Operation:writeName:CachePrefix
Value:
Executable files
666
Suspicious files
5
Text files
0
Unknown types
0

Dropped files

PID
Process
Filename
Type
57961 (1274).exeC:\Users\admin\AppData\Local\Temp\Unicorn-340.exeexecutable
MD5:E29716DF1367BC2B8677D2625D5E8CC6
SHA256:90AD467792496A06EA798034D84C8670DF758ACEDD6976258166A11EA6743CBA
5800Unicorn-42894.exeC:\Users\admin\AppData\Local\Temp\Unicorn-8249.exeexecutable
MD5:43A3FF8E2DBD38CE49AC0505F79879A0
SHA256:8B852CEA6BF9AA88D564C2C3D727FDE0EFEF9CD78F60140DD86FCF10635AFFE6
2268Unicorn-56521.exeC:\Users\admin\AppData\Local\Temp\Unicorn-43448.exeexecutable
MD5:C94546F841B773E0552E6E359B894C89
SHA256:B2BE07B9B8C832AEA076F37DA34921FE5DFA6FA408E00AD1D7612BED1AD085D5
680Unicorn-340.exeC:\Users\admin\AppData\Local\Temp\Unicorn-37741.exeexecutable
MD5:229FA1E65B7443B1326DCC7BFE119741
SHA256:D3D4965CCABD6CBC0D18D57AB44FD1ED3F38FC10C5F5CED02C36CC545140DDBB
4172Unicorn-61238.exeC:\Users\admin\AppData\Local\Temp\Unicorn-42894.exeexecutable
MD5:569946CD082152C4FDA2F81C2CEBFE9F
SHA256:2426DB7BA955C17B1A81CBCF78B76F83D2EE4F32AD63C1B0C1E0110DD48C5273
57961 (1274).exeC:\Users\admin\AppData\Local\Temp\Unicorn-31610.exeexecutable
MD5:2D607FBBBF008EF9B574FCC5BFF6A8B9
SHA256:77A6148ADB9911FC6B550ACC51758E2E4C3E19ECFB12DD7EED00371F090BFE62
6744Unicorn-43448.exeC:\Users\admin\AppData\Local\Temp\Unicorn-11949.exeexecutable
MD5:FF06F4DC9D402CEDCF461A6F11789785
SHA256:3A6F2AC3137CB4575BACCD763F70D2E20B3CD04AED6280E769E2405F90A4DDB7
6112Unicorn-37741.exeC:\Users\admin\AppData\Local\Temp\Unicorn-61342.exeexecutable
MD5:90ABBD673ADF5FDFD78F0A14E9C1892A
SHA256:4F3C751F69928EEEA24D3E527B87F421DCFD3A46971746152B64EAA78535DA67
680Unicorn-340.exeC:\Users\admin\AppData\Local\Temp\Unicorn-12696.exeexecutable
MD5:CEE34C1701F795B8CCD6C3756632867C
SHA256:7BB6830C798B96CDAD5B129EE436A480AC0EBF93A58B345EDE1E20A4CEB6AA98
2692Unicorn-31610.exeC:\Users\admin\AppData\Local\Temp\Unicorn-39661.exeexecutable
MD5:26E29157BA4ABA770AF1A344CFBEA79A
SHA256:494EDB2068A4A3C47A037AA2AFA4273FB40682EC3197C2052F1EB34D7634E403
Download PCAP, analyze network streams, HTTP content and a lot more at the full report
HTTP(S) requests
6
TCP/UDP connections
25
DNS requests
16
Threats
0

HTTP requests

PID
Process
Method
HTTP Code
IP
URL
CN
Type
Size
Reputation
5496
MoUsoCoreWorker.exe
GET
200
2.16.164.113:80
http://crl.microsoft.com/pki/crl/products/MicRooCerAut2011_2011_03_22.crl
unknown
whitelisted
GET
200
2.23.77.188:80
http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBTrjrydRyt%2BApF3GSPypfHBxR5XtQQUs9tIpPmhxdiuNkHMEWNpYim8S8YCEAI5PUjXAkJafLQcAAsO18o%3D
unknown
whitelisted
6544
svchost.exe
GET
200
2.23.77.188:80
http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBSAUQYBMq2awn1Rh6Doh%2FsBYgFV7gQUA95QNVbRTLtm8KPiGxvDl7I90VUCEAJ0LqoXyo4hxxe7H%2Fz9DKA%3D
unknown
whitelisted
8188
SIHClient.exe
GET
200
23.219.150.101:80
http://www.microsoft.com/pkiops/crl/Microsoft%20ECC%20Product%20Root%20Certificate%20Authority%202018.crl
unknown
whitelisted
8188
SIHClient.exe
GET
200
23.219.150.101:80
http://www.microsoft.com/pkiops/crl/Microsoft%20ECC%20Update%20Secure%20Server%20CA%202.1.crl
unknown
whitelisted
6620
backgroundTaskHost.exe
GET
200
2.23.77.188:80
http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBQ50otx%2Fh0Ztl%2Bz8SiPI7wEWVxDlQQUTiJUIBiV5uNu5g%2F6%2BrkS7QYXjzkCEAUZZSZEml49Gjh0j13P68w%3D
unknown
whitelisted
Download PCAP, analyze network streams, HTTP content and a lot more at the full report

Connections

PID
Process
IP
Domain
ASN
CN
Reputation
3268
svchost.exe
20.73.194.208:443
settings-win.data.microsoft.com
MICROSOFT-CORP-MSN-AS-BLOCK
NL
whitelisted
20.73.194.208:443
settings-win.data.microsoft.com
MICROSOFT-CORP-MSN-AS-BLOCK
NL
whitelisted
5496
MoUsoCoreWorker.exe
2.16.164.113:80
crl.microsoft.com
Akamai International B.V.
NL
whitelisted
2112
svchost.exe
20.73.194.208:443
settings-win.data.microsoft.com
MICROSOFT-CORP-MSN-AS-BLOCK
NL
whitelisted
3216
svchost.exe
40.113.103.199:443
client.wns.windows.com
MICROSOFT-CORP-MSN-AS-BLOCK
NL
whitelisted
6544
svchost.exe
40.126.32.68:443
login.live.com
MICROSOFT-CORP-MSN-AS-BLOCK
NL
whitelisted
6544
svchost.exe
2.23.77.188:80
ocsp.digicert.com
AKAMAI-AS
DE
whitelisted
4
System
192.168.100.255:138
whitelisted
6620
backgroundTaskHost.exe
20.223.35.26:443
arc.msn.com
MICROSOFT-CORP-MSN-AS-BLOCK
IE
whitelisted
6620
backgroundTaskHost.exe
2.23.77.188:80
ocsp.digicert.com
AKAMAI-AS
DE
whitelisted

DNS requests

Domain
IP
Reputation
settings-win.data.microsoft.com
  • 20.73.194.208
whitelisted
google.com
  • 142.250.185.142
whitelisted
crl.microsoft.com
  • 2.16.164.113
  • 2.16.164.122
  • 2.16.164.74
  • 2.16.164.112
  • 2.16.164.120
  • 2.16.164.51
  • 2.16.164.64
  • 2.16.164.72
  • 2.16.164.9
whitelisted
client.wns.windows.com
  • 40.113.103.199
whitelisted
login.live.com
  • 40.126.32.68
  • 20.190.160.14
  • 20.190.160.130
  • 20.190.160.2
  • 20.190.160.64
  • 20.190.160.4
  • 20.190.160.67
  • 20.190.160.65
whitelisted
ocsp.digicert.com
  • 2.23.77.188
whitelisted
arc.msn.com
  • 20.223.35.26
whitelisted
www.bing.com
  • 2.23.227.215
  • 2.23.227.221
  • 2.23.227.208
whitelisted
slscr.update.microsoft.com
  • 20.12.23.50
whitelisted
www.microsoft.com
  • 23.219.150.101
whitelisted

Threats

No threats detected
No debug info
Interactive malware hunting service ANY.RUN
© 2017-2026 ANY.RUN ALL RIGHTS RESERVED
ANY.RUN
Reports
1 (1274)