File name:

1 (529)

Full analysis: https://app.any.run/tasks/a1584067-a09d-4ed8-933e-f786d42f8a14
Verdict: Malicious activity
Analysis date: March 25, 2025, 00:25:10
OS: Windows 10 Professional (build: 19045, 64 bit)
Indicators:
MIME: application/vnd.microsoft.portable-executable
File info: PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows, 3 sections
MD5:

28D83FEAD25F60B6F78314DE861C38C0

SHA1:

CC7E056150C02A519AE866B3B22435B1052F50E0

SHA256:

93E1D37602E9B836C9CFB7F117DB61DFD331F347C76C06A51C70E9C8C958B0F8

SSDEEP:

12288:rHXHEjHA5+jU/BchaVOye5Sqx4DxmDsR:rHXE05DBchN5

ANY.RUN is an interactive service which provides full access to the guest system. Information in this report could be distorted by user actions and is provided for user acknowledgement as it is. ANY.RUN does not guarantee maliciousness or safety of the content.

  • MALICIOUS

    No malicious indicators.

  • SUSPICIOUS

    • Starts itself from another location

      • Unicorn-23385.exe (PID: 5156)
      • 1 (529).exe (PID: 6964)
      • Unicorn-9676.exe (PID: 1764)
      • Unicorn-21829.exe (PID: 1812)
      • Unicorn-57021.exe (PID: 5308)
      • Unicorn-23776.exe (PID: 6620)
      • Unicorn-61401.exe (PID: 6480)
      • Unicorn-61401.exe (PID: 2244)
      • Unicorn-37814.exe (PID: 3100)
      • Unicorn-37814.exe (PID: 2148)
      • Unicorn-10435.exe (PID: 4208)
      • Unicorn-10700.exe (PID: 6676)
      • Unicorn-4570.exe (PID: 2088)
      • Unicorn-61276.exe (PID: 728)
      • Unicorn-57276.exe (PID: 736)
      • Unicorn-15813.exe (PID: 616)
      • Unicorn-16842.exe (PID: 1568)
      • Unicorn-10700.exe (PID: 632)
      • Unicorn-63406.exe (PID: 2984)
      • Unicorn-8030.exe (PID: 7272)
      • Unicorn-44081.exe (PID: 7280)
      • Unicorn-51289.exe (PID: 7236)
      • Unicorn-55016.exe (PID: 7248)
      • Unicorn-4972.exe (PID: 7300)
      • Unicorn-1886.exe (PID: 7332)
      • Unicorn-37936.exe (PID: 7344)
      • Unicorn-11102.exe (PID: 7356)
      • Unicorn-51039.exe (PID: 7632)
      • Unicorn-1769.exe (PID: 7684)
      • Unicorn-3029.exe (PID: 7788)
      • Unicorn-42253.exe (PID: 5260)
      • Unicorn-51249.exe (PID: 7804)
      • Unicorn-33881.exe (PID: 7900)
      • Unicorn-56013.exe (PID: 7928)
      • Unicorn-36953.exe (PID: 7952)
      • Unicorn-6889.exe (PID: 7964)
      • Unicorn-24665.exe (PID: 8088)
      • Unicorn-41284.exe (PID: 7324)
      • Unicorn-26553.exe (PID: 7224)
      • Unicorn-61239.exe (PID: 7984)
      • Unicorn-58183.exe (PID: 8188)
      • Unicorn-15448.exe (PID: 8164)
      • Unicorn-21592.exe (PID: 7464)
      • Unicorn-47859.exe (PID: 7772)
      • Unicorn-52613.exe (PID: 4988)
      • Unicorn-2370.exe (PID: 7916)
      • Unicorn-59923.exe (PID: 8080)
      • Unicorn-24942.exe (PID: 7764)
      • Unicorn-40258.exe (PID: 7232)
      • Unicorn-35167.exe (PID: 6240)
      • Unicorn-29323.exe (PID: 4880)
      • Unicorn-18798.exe (PID: 2852)
      • Unicorn-59873.exe (PID: 7848)
      • Unicorn-48378.exe (PID: 5084)
      • Unicorn-11367.exe (PID: 4756)
      • Unicorn-207.exe (PID: 7420)
      • Unicorn-47850.exe (PID: 7444)
      • Unicorn-4314.exe (PID: 8128)
      • Unicorn-20953.exe (PID: 7216)
      • Unicorn-41340.exe (PID: 8104)
      • Unicorn-32970.exe (PID: 7436)
      • Unicorn-23903.exe (PID: 6184)
      • Unicorn-20584.exe (PID: 2516)
      • Unicorn-59020.exe (PID: 7668)
      • Unicorn-32747.exe (PID: 1052)
      • Unicorn-42964.exe (PID: 8132)
      • Unicorn-49256.exe (PID: 7840)
      • Unicorn-30159.exe (PID: 672)
      • Unicorn-49518.exe (PID: 7976)
      • Unicorn-2913.exe (PID: 644)
      • Unicorn-45684.exe (PID: 2040)
      • Unicorn-9456.exe (PID: 8180)
      • Unicorn-32200.exe (PID: 7980)
      • Unicorn-13006.exe (PID: 5772)
      • Unicorn-13304.exe (PID: 4628)
      • Unicorn-18149.exe (PID: 1324)
      • Unicorn-45297.exe (PID: 8032)
      • Unicorn-45422.exe (PID: 8208)
      • Unicorn-8036.exe (PID: 8660)
      • Unicorn-29551.exe (PID: 8436)
      • Unicorn-50395.exe (PID: 7644)
      • Unicorn-36443.exe (PID: 5344)
      • Unicorn-61135.exe (PID: 8320)
      • Unicorn-731.exe (PID: 8136)
      • Unicorn-19186.exe (PID: 5892)
      • Unicorn-43989.exe (PID: 8020)
      • Unicorn-2026.exe (PID: 7524)
      • Unicorn-25431.exe (PID: 8040)
      • Unicorn-6472.exe (PID: 9012)
      • Unicorn-30830.exe (PID: 9024)
      • Unicorn-40898.exe (PID: 9036)
      • Unicorn-31310.exe (PID: 8732)
      • Unicorn-26244.exe (PID: 8756)
      • Unicorn-30289.exe (PID: 8428)
      • Unicorn-40040.exe (PID: 8008)
      • Unicorn-5374.exe (PID: 8460)
      • Unicorn-30062.exe (PID: 8452)
      • Unicorn-64595.exe (PID: 8676)
      • Unicorn-3574.exe (PID: 7628)
      • Unicorn-2785.exe (PID: 7996)
      • Unicorn-26466.exe (PID: 8508)
      • Unicorn-41541.exe (PID: 9280)
      • Unicorn-20207.exe (PID: 9000)
      • Unicorn-6996.exe (PID: 8940)
      • Unicorn-44898.exe (PID: 8404)
      • Unicorn-27734.exe (PID: 6752)
      • Unicorn-1668.exe (PID: 9352)
      • Unicorn-24142.exe (PID: 9132)
      • Unicorn-27607.exe (PID: 3156)
      • Unicorn-502.exe (PID: 7608)
      • Unicorn-59385.exe (PID: 8300)
      • Unicorn-58227.exe (PID: 8812)
      • Unicorn-13287.exe (PID: 8560)
      • Unicorn-17245.exe (PID: 10008)
      • Unicorn-10991.exe (PID: 9080)
      • Unicorn-48628.exe (PID: 8772)
      • Unicorn-39784.exe (PID: 10112)
      • Unicorn-2145.exe (PID: 10184)
      • Unicorn-29526.exe (PID: 9960)
      • Unicorn-41701.exe (PID: 8076)
      • Unicorn-36736.exe (PID: 10396)
      • Unicorn-48997.exe (PID: 8892)
      • Unicorn-47208.exe (PID: 5116)
      • Unicorn-26700.exe (PID: 7868)
      • Unicorn-59499.exe (PID: 8576)
      • Unicorn-2678.exe (PID: 4164)
      • Unicorn-60764.exe (PID: 8984)
      • Unicorn-8724.exe (PID: 10492)
      • Unicorn-26700.exe (PID: 7844)
      • Unicorn-22507.exe (PID: 1132)
      • Unicorn-21201.exe (PID: 8700)
      • Unicorn-12260.exe (PID: 9888)
      • Unicorn-45922.exe (PID: 9308)
      • Unicorn-9599.exe (PID: 9916)
      • Unicorn-61547.exe (PID: 9248)
      • Unicorn-31851.exe (PID: 8748)
      • Unicorn-51569.exe (PID: 9172)
      • Unicorn-9846.exe (PID: 6436)
      • Unicorn-1892.exe (PID: 8740)
      • Unicorn-38388.exe (PID: 9144)
      • Unicorn-40447.exe (PID: 10204)
      • Unicorn-26338.exe (PID: 8992)
      • Unicorn-58730.exe (PID: 8684)
      • Unicorn-38263.exe (PID: 11196)
      • Unicorn-12855.exe (PID: 11240)
      • Unicorn-30074.exe (PID: 11300)
      • Unicorn-17998.exe (PID: 9184)
      • Unicorn-34030.exe (PID: 8596)
      • Unicorn-29145.exe (PID: 8912)
      • Unicorn-49024.exe (PID: 10892)
      • Unicorn-53461.exe (PID: 10372)
      • Unicorn-24552.exe (PID: 8284)
      • Unicorn-47140.exe (PID: 11060)
      • Unicorn-25969.exe (PID: 9240)
      • Unicorn-64201.exe (PID: 9908)
      • Unicorn-63458.exe (PID: 11520)
      • Unicorn-4833.exe (PID: 2560)
      • Unicorn-2168.exe (PID: 5544)
      • Unicorn-9962.exe (PID: 10700)
      • Unicorn-37239.exe (PID: 4868)
      • Unicorn-5080.exe (PID: 5232)
      • Unicorn-24440.exe (PID: 4284)
      • Unicorn-10098.exe (PID: 9300)
      • Unicorn-53352.exe (PID: 8488)
      • Unicorn-40697.exe (PID: 9832)
      • Unicorn-36430.exe (PID: 9052)
      • Unicorn-40657.exe (PID: 9560)
      • Unicorn-61154.exe (PID: 8220)
      • Unicorn-16867.exe (PID: 9204)
      • Unicorn-21338.exe (PID: 11660)
      • Unicorn-29307.exe (PID: 10864)
      • Unicorn-18277.exe (PID: 9624)
      • Unicorn-23541.exe (PID: 9360)
      • Unicorn-10608.exe (PID: 8924)
      • Unicorn-52885.exe (PID: 8780)
      • Unicorn-46711.exe (PID: 9320)
      • Unicorn-2933.exe (PID: 9744)
      • Unicorn-49618.exe (PID: 11580)
      • Unicorn-15601.exe (PID: 8708)
      • Unicorn-24014.exe (PID: 9936)
      • Unicorn-26711.exe (PID: 10196)
      • Unicorn-40674.exe (PID: 9640)
      • Unicorn-49410.exe (PID: 11064)
      • Unicorn-8.exe (PID: 10348)
      • Unicorn-32136.exe (PID: 8716)
      • Unicorn-58213.exe (PID: 8880)
      • Unicorn-32113.exe (PID: 4180)
      • Unicorn-55113.exe (PID: 14328)
      • Unicorn-56942.exe (PID: 10708)
      • Unicorn-19063.exe (PID: 9108)
      • Unicorn-23243.exe (PID: 11788)
      • Unicorn-16986.exe (PID: 14320)
      • Unicorn-32501.exe (PID: 11504)
      • Unicorn-13025.exe (PID: 8476)
      • Unicorn-18801.exe (PID: 9632)
      • Unicorn-51301.exe (PID: 11188)
      • Unicorn-25071.exe (PID: 1628)

    • Executable content was dropped or overwritten

      • 1 (529).exe (PID: 6964)
      • Unicorn-23385.exe (PID: 5156)
      • Unicorn-9676.exe (PID: 1764)
      • Unicorn-57021.exe (PID: 5308)
      • Unicorn-61401.exe (PID: 2244)
      • Unicorn-61401.exe (PID: 6480)
      • Unicorn-21829.exe (PID: 1812)
      • Unicorn-37814.exe (PID: 3100)
      • Unicorn-10700.exe (PID: 632)
      • Unicorn-37814.exe (PID: 2148)
      • Unicorn-10700.exe (PID: 6676)
      • Unicorn-4570.exe (PID: 2088)
      • Unicorn-23776.exe (PID: 6620)
      • Unicorn-61276.exe (PID: 728)
      • Unicorn-15813.exe (PID: 616)
      • Unicorn-16842.exe (PID: 1568)
      • Unicorn-57276.exe (PID: 736)
      • Unicorn-42253.exe (PID: 5260)
      • Unicorn-8030.exe (PID: 7272)
      • Unicorn-44081.exe (PID: 7280)
      • Unicorn-51289.exe (PID: 7236)
      • Unicorn-55016.exe (PID: 7248)
      • Unicorn-4972.exe (PID: 7300)
      • Unicorn-10435.exe (PID: 4208)
      • Unicorn-41284.exe (PID: 7324)
      • Unicorn-1886.exe (PID: 7332)
      • Unicorn-11102.exe (PID: 7356)
      • Unicorn-51039.exe (PID: 7632)
      • Unicorn-1769.exe (PID: 7684)
      • Unicorn-3029.exe (PID: 7788)
      • Unicorn-33881.exe (PID: 7900)
      • Unicorn-51249.exe (PID: 7804)
      • Unicorn-36953.exe (PID: 7952)
      • Unicorn-6889.exe (PID: 7964)
      • Unicorn-56013.exe (PID: 7928)
      • Unicorn-63406.exe (PID: 2984)
      • Unicorn-61239.exe (PID: 7984)
      • Unicorn-24665.exe (PID: 8088)
      • Unicorn-26553.exe (PID: 7224)
      • Unicorn-21592.exe (PID: 7464)
      • Unicorn-58183.exe (PID: 8188)
      • Unicorn-15448.exe (PID: 8164)
      • Unicorn-52613.exe (PID: 4988)
      • Unicorn-47859.exe (PID: 7772)
      • Unicorn-2370.exe (PID: 7916)
      • Unicorn-59923.exe (PID: 8080)
      • Unicorn-24942.exe (PID: 7764)
      • Unicorn-30159.exe (PID: 672)
      • Unicorn-29323.exe (PID: 4880)
      • Unicorn-18798.exe (PID: 2852)
      • Unicorn-40258.exe (PID: 7232)
      • Unicorn-59873.exe (PID: 7848)
      • Unicorn-207.exe (PID: 7420)
      • Unicorn-11367.exe (PID: 4756)
      • Unicorn-47850.exe (PID: 7444)
      • Unicorn-4314.exe (PID: 8128)
      • Unicorn-20953.exe (PID: 7216)
      • Unicorn-41340.exe (PID: 8104)
      • Unicorn-32970.exe (PID: 7436)
      • Unicorn-32747.exe (PID: 1052)
      • Unicorn-23903.exe (PID: 6184)
      • Unicorn-20584.exe (PID: 2516)
      • Unicorn-59020.exe (PID: 7668)
      • Unicorn-49256.exe (PID: 7840)
      • Unicorn-49518.exe (PID: 7976)
      • Unicorn-42964.exe (PID: 8132)
      • Unicorn-9456.exe (PID: 8180)
      • Unicorn-45684.exe (PID: 2040)
      • Unicorn-2913.exe (PID: 644)
      • Unicorn-37936.exe (PID: 7344)
      • Unicorn-13304.exe (PID: 4628)
      • Unicorn-13006.exe (PID: 5772)
      • Unicorn-32200.exe (PID: 7980)
      • Unicorn-18149.exe (PID: 1324)
      • Unicorn-45422.exe (PID: 8208)
      • Unicorn-29551.exe (PID: 8436)
      • Unicorn-50395.exe (PID: 7644)
      • Unicorn-36443.exe (PID: 5344)
      • Unicorn-61135.exe (PID: 8320)
      • Unicorn-731.exe (PID: 8136)
      • Unicorn-8036.exe (PID: 8660)
      • Unicorn-43989.exe (PID: 8020)
      • Unicorn-19186.exe (PID: 5892)
      • Unicorn-25431.exe (PID: 8040)
      • Unicorn-6472.exe (PID: 9012)
      • Unicorn-30830.exe (PID: 9024)
      • Unicorn-40898.exe (PID: 9036)
      • Unicorn-2026.exe (PID: 7524)
      • Unicorn-31310.exe (PID: 8732)
      • Unicorn-30289.exe (PID: 8428)
      • Unicorn-26244.exe (PID: 8756)
      • Unicorn-40040.exe (PID: 8008)
      • Unicorn-35167.exe (PID: 6240)
      • Unicorn-64595.exe (PID: 8676)
      • Unicorn-5374.exe (PID: 8460)
      • Unicorn-30062.exe (PID: 8452)
      • Unicorn-3574.exe (PID: 7628)
      • Unicorn-2785.exe (PID: 7996)
      • Unicorn-41541.exe (PID: 9280)
      • Unicorn-6996.exe (PID: 8940)
      • Unicorn-26466.exe (PID: 8508)
      • Unicorn-20207.exe (PID: 9000)
      • Unicorn-27734.exe (PID: 6752)
      • Unicorn-44898.exe (PID: 8404)
      • Unicorn-1668.exe (PID: 9352)
      • Unicorn-24142.exe (PID: 9132)
      • Unicorn-502.exe (PID: 7608)
      • Unicorn-41701.exe (PID: 8076)
      • Unicorn-58227.exe (PID: 8812)
      • Unicorn-13287.exe (PID: 8560)
      • Unicorn-27607.exe (PID: 3156)
      • Unicorn-17245.exe (PID: 10008)
      • Unicorn-10991.exe (PID: 9080)
      • Unicorn-48628.exe (PID: 8772)
      • Unicorn-39784.exe (PID: 10112)
      • Unicorn-2145.exe (PID: 10184)
      • Unicorn-29526.exe (PID: 9960)
      • Unicorn-40657.exe (PID: 9560)
      • Unicorn-36736.exe (PID: 10396)
      • Unicorn-48997.exe (PID: 8892)
      • Unicorn-47208.exe (PID: 5116)
      • Unicorn-17998.exe (PID: 9184)
      • Unicorn-26700.exe (PID: 7868)
      • Unicorn-31851.exe (PID: 8748)
      • Unicorn-2678.exe (PID: 4164)
      • Unicorn-8724.exe (PID: 10492)
      • Unicorn-26700.exe (PID: 7844)
      • Unicorn-21201.exe (PID: 8700)
      • Unicorn-22507.exe (PID: 1132)
      • Unicorn-9599.exe (PID: 9916)
      • Unicorn-61547.exe (PID: 9248)
      • Unicorn-45922.exe (PID: 9308)
      • Unicorn-38388.exe (PID: 9144)
      • Unicorn-51569.exe (PID: 9172)
      • Unicorn-1892.exe (PID: 8740)
      • Unicorn-26338.exe (PID: 8992)
      • Unicorn-40447.exe (PID: 10204)
      • Unicorn-58730.exe (PID: 8684)
      • Unicorn-38263.exe (PID: 11196)
      • Unicorn-12855.exe (PID: 11240)
      • Unicorn-30074.exe (PID: 11300)
      • Unicorn-34030.exe (PID: 8596)
      • Unicorn-49024.exe (PID: 10892)
      • Unicorn-29145.exe (PID: 8912)
      • Unicorn-25969.exe (PID: 9240)
      • Unicorn-47140.exe (PID: 11060)
      • Unicorn-24552.exe (PID: 8284)
      • Unicorn-4833.exe (PID: 2560)
      • Unicorn-53461.exe (PID: 10372)
      • Unicorn-63458.exe (PID: 11520)
      • Unicorn-9962.exe (PID: 10700)
      • Unicorn-64201.exe (PID: 9908)
      • Unicorn-2168.exe (PID: 5544)
      • Unicorn-53352.exe (PID: 8488)
      • Unicorn-24440.exe (PID: 4284)
      • Unicorn-37239.exe (PID: 4868)
      • Unicorn-10098.exe (PID: 9300)
      • Unicorn-5080.exe (PID: 5232)
      • Unicorn-40697.exe (PID: 9832)
      • Unicorn-36430.exe (PID: 9052)
      • Unicorn-61154.exe (PID: 8220)
      • Unicorn-25707.exe (PID: 8796)
      • Unicorn-60764.exe (PID: 8984)
      • Unicorn-16867.exe (PID: 9204)
      • Unicorn-21338.exe (PID: 11660)
      • Unicorn-52885.exe (PID: 8780)
      • Unicorn-46711.exe (PID: 9320)
      • Unicorn-29307.exe (PID: 10864)
      • Unicorn-23541.exe (PID: 9360)
      • Unicorn-18277.exe (PID: 9624)
      • Unicorn-2933.exe (PID: 9744)
      • Unicorn-49618.exe (PID: 11580)
      • Unicorn-23243.exe (PID: 11788)
      • Unicorn-8.exe (PID: 10348)
      • Unicorn-40674.exe (PID: 9640)
      • Unicorn-24014.exe (PID: 9936)
      • Unicorn-58213.exe (PID: 8880)
      • Unicorn-49410.exe (PID: 11064)
      • Unicorn-32136.exe (PID: 8716)
      • Unicorn-56942.exe (PID: 10708)
      • Unicorn-19063.exe (PID: 9108)
      • Unicorn-55113.exe (PID: 14328)
      • Unicorn-25071.exe (PID: 1628)
      • Unicorn-32113.exe (PID: 4180)
      • Unicorn-16986.exe (PID: 14320)
      • Unicorn-45297.exe (PID: 8032)
      • Unicorn-32501.exe (PID: 11504)
      • Unicorn-18801.exe (PID: 9632)
      • Unicorn-13025.exe (PID: 8476)
      • Unicorn-51301.exe (PID: 11188)
      • Unicorn-38620.exe (PID: 10564)
      • Unicorn-7268.exe (PID: 11044)
      • Unicorn-59874.exe (PID: 10812)
      • Unicorn-21192.exe (PID: 10804)
      • Unicorn-42085.exe (PID: 12136)
      • Unicorn-23660.exe (PID: 9944)
      • Unicorn-31999.exe (PID: 11956)
      • Unicorn-15982.exe (PID: 9900)
      • Unicorn-20822.exe (PID: 11352)
      • Unicorn-65225.exe (PID: 10944)
      • Unicorn-37853.exe (PID: 10964)
      • Unicorn-7265.exe (PID: 10484)
      • Unicorn-49082.exe (PID: 13664)
      • Unicorn-52357.exe (PID: 14572)
      • Unicorn-45817.exe (PID: 10680)
      • Unicorn-37853.exe (PID: 10956)
      • Unicorn-43755.exe (PID: 9876)
      • Unicorn-17655.exe (PID: 10504)
      • Unicorn-26961.exe (PID: 9860)
      • Unicorn-33899.exe (PID: 10220)
      • Unicorn-21982.exe (PID: 11828)
      • Unicorn-22219.exe (PID: 12152)
      • Unicorn-9925.exe (PID: 9952)
      • Unicorn-39013.exe (PID: 12184)
      • Unicorn-29158.exe (PID: 10884)
      • Unicorn-40157.exe (PID: 8268)
      • Unicorn-20828.exe (PID: 8232)
      • Unicorn-23103.exe (PID: 11852)
      • Unicorn-54643.exe (PID: 14472)
      • Unicorn-26344.exe (PID: 11596)
      • Unicorn-44519.exe (PID: 10756)
      • Unicorn-28020.exe (PID: 10336)
      • Unicorn-20427.exe (PID: 14560)
      • Unicorn-36721.exe (PID: 14772)
      • Unicorn-9300.exe (PID: 12084)
      • Unicorn-49791.exe (PID: 11620)
      • Unicorn-11127.exe (PID: 10776)
      • Unicorn-42094.exe (PID: 11000)
      • Unicorn-39010.exe (PID: 10632)
      • Unicorn-60895.exe (PID: 11052)
      • Unicorn-24049.exe (PID: 10596)
      • Unicorn-64110.exe (PID: 10524)
      • Unicorn-20841.exe (PID: 5868)
      • Unicorn-63077.exe (PID: 13612)
      • Unicorn-30685.exe (PID: 11932)
      • Unicorn-41820.exe (PID: 12144)
      • Unicorn-20203.exe (PID: 10444)
      • Unicorn-49512.exe (PID: 14296)
      • Unicorn-16986.exe (PID: 14312)
      • Unicorn-19414.exe (PID: 10388)
      • Unicorn-59499.exe (PID: 8576)
      • Unicorn-57723.exe (PID: 11604)
      • Unicorn-41460.exe (PID: 9092)
      • Unicorn-57451.exe (PID: 9612)
      • Unicorn-32081.exe (PID: 10688)
      • Unicorn-41343.exe (PID: 3176)
      • Unicorn-42341.exe (PID: 14764)
      • Unicorn-10593.exe (PID: 13812)
      • Unicorn-60882.exe (PID: 11732)
      • Unicorn-1395.exe (PID: 10856)
      • Unicorn-49618.exe (PID: 11588)
      • Unicorn-41047.exe (PID: 10916)
      • Unicorn-37605.exe (PID: 8108)
      • Unicorn-48378.exe (PID: 5084)
      • Unicorn-49128.exe (PID: 9716)
      • Unicorn-54811.exe (PID: 10736)
      • Unicorn-15601.exe (PID: 8708)
      • Unicorn-46562.exe (PID: 9852)
      • Unicorn-26711.exe (PID: 10196)
      • Unicorn-48095.exe (PID: 9648)
      • Unicorn-58834.exe (PID: 11564)
      • Unicorn-12260.exe (PID: 9888)
      • Unicorn-4701.exe (PID: 13640)
      • Unicorn-35787.exe (PID: 14736)
      • Unicorn-10608.exe (PID: 8924)
      • Unicorn-13680.exe (PID: 9288)
      • Unicorn-57731.exe (PID: 11080)
      • Unicorn-45678.exe (PID: 10604)
      • Unicorn-9300.exe (PID: 12076)
      • Unicorn-16468.exe (PID: 10992)
      • Unicorn-64210.exe (PID: 9196)
      • Unicorn-21085.exe (PID: 12900)
      • Unicorn-59499.exe (PID: 8568)
      • Unicorn-3946.exe (PID: 11572)
      • Unicorn-38427.exe (PID: 9840)
      • Unicorn-31362.exe (PID: 14640)
      • Unicorn-55921.exe (PID: 11636)
      • Unicorn-14283.exe (PID: 14600)
      • Unicorn-36305.exe (PID: 12004)
      • Unicorn-26839.exe (PID: 11716)
      • Unicorn-36055.exe (PID: 11628)
      • Unicorn-28901.exe (PID: 12068)
      • Unicorn-22996.exe (PID: 12416)
      • Unicorn-48485.exe (PID: 14692)
      • Unicorn-15207.exe (PID: 10360)
      • Unicorn-35155.exe (PID: 15348)
      • Unicorn-21477.exe (PID: 9792)
      • Unicorn-58718.exe (PID: 14200)
      • Unicorn-27374.exe (PID: 15288)
      • Unicorn-44986.exe (PID: 13748)
      • Unicorn-42258.exe (PID: 15240)
      • Unicorn-9557.exe (PID: 11172)
      • Unicorn-40793.exe (PID: 10788)
      • Unicorn-11833.exe (PID: 4040)
      • Unicorn-21495.exe (PID: 13628)
      • Unicorn-7115.exe (PID: 15024)
      • Unicorn-39656.exe (PID: 11132)
      • Unicorn-40665.exe (PID: 11948)

    • Executes application which crashes

      • Unicorn-29047.exe (PID: 11880)
      • Unicorn-29047.exe (PID: 11748)

  • INFO

    • The sample compiled with chinese language support

      • 1 (529).exe (PID: 6964)

    • Reads the computer name

      • 1 (529).exe (PID: 6964)
      • Unicorn-23385.exe (PID: 5156)
      • Unicorn-21829.exe (PID: 1812)
      • Unicorn-9676.exe (PID: 1764)
      • Unicorn-61401.exe (PID: 2244)
      • Unicorn-61401.exe (PID: 6480)
      • Unicorn-61276.exe (PID: 728)
      • Unicorn-37814.exe (PID: 3100)
      • Unicorn-37814.exe (PID: 2148)
      • Unicorn-10700.exe (PID: 632)
      • Unicorn-57021.exe (PID: 5308)
      • Unicorn-23776.exe (PID: 6620)
      • Unicorn-4570.exe (PID: 2088)
      • Unicorn-10700.exe (PID: 6676)
      • Unicorn-10435.exe (PID: 4208)
      • Unicorn-16842.exe (PID: 1568)
      • Unicorn-63406.exe (PID: 2984)
      • Unicorn-57276.exe (PID: 736)
      • Unicorn-42253.exe (PID: 5260)
      • Unicorn-51289.exe (PID: 7236)
      • Unicorn-55016.exe (PID: 7248)
      • Unicorn-8030.exe (PID: 7272)
      • Unicorn-1886.exe (PID: 7332)
      • Unicorn-41284.exe (PID: 7324)
      • Unicorn-4972.exe (PID: 7300)
      • Unicorn-44081.exe (PID: 7280)
      • Unicorn-11102.exe (PID: 7356)
      • Unicorn-37936.exe (PID: 7344)
      • Unicorn-51039.exe (PID: 7632)
      • Unicorn-1769.exe (PID: 7684)
      • Unicorn-33881.exe (PID: 7900)
      • Unicorn-56013.exe (PID: 7928)
      • Unicorn-3029.exe (PID: 7788)
      • Unicorn-51249.exe (PID: 7804)
      • Unicorn-6889.exe (PID: 7964)
      • Unicorn-24665.exe (PID: 8088)
      • Unicorn-36953.exe (PID: 7952)
      • Unicorn-61239.exe (PID: 7984)
      • Unicorn-26553.exe (PID: 7224)
      • Unicorn-58183.exe (PID: 8188)
      • Unicorn-21592.exe (PID: 7464)
      • Unicorn-15448.exe (PID: 8164)
      • Unicorn-47859.exe (PID: 7772)
      • Unicorn-59923.exe (PID: 8080)
      • Unicorn-52613.exe (PID: 4988)
      • Unicorn-2370.exe (PID: 7916)
      • Unicorn-40258.exe (PID: 7232)
      • Unicorn-24942.exe (PID: 7764)
      • Unicorn-29323.exe (PID: 4880)
      • Unicorn-18798.exe (PID: 2852)
      • Unicorn-59873.exe (PID: 7848)
      • Unicorn-207.exe (PID: 7420)
      • Unicorn-48378.exe (PID: 5084)
      • Unicorn-30159.exe (PID: 672)
      • Unicorn-35167.exe (PID: 6240)
      • Unicorn-11367.exe (PID: 4756)
      • Unicorn-4314.exe (PID: 8128)
      • Unicorn-47850.exe (PID: 7444)
      • Unicorn-15813.exe (PID: 616)
      • Unicorn-32970.exe (PID: 7436)
      • Unicorn-45297.exe (PID: 8032)
      • Unicorn-32747.exe (PID: 1052)
      • Unicorn-23903.exe (PID: 6184)
      • Unicorn-20953.exe (PID: 7216)
      • Unicorn-41340.exe (PID: 8104)
      • Unicorn-20584.exe (PID: 2516)
      • Unicorn-59020.exe (PID: 7668)
      • Unicorn-49256.exe (PID: 7840)
      • Unicorn-42964.exe (PID: 8132)
      • Unicorn-49518.exe (PID: 7976)
      • Unicorn-9456.exe (PID: 8180)
      • Unicorn-36443.exe (PID: 5344)
      • Unicorn-2913.exe (PID: 644)
      • Unicorn-45684.exe (PID: 2040)
      • Unicorn-32200.exe (PID: 7980)
      • Unicorn-13304.exe (PID: 4628)
      • Unicorn-13006.exe (PID: 5772)
      • Unicorn-18149.exe (PID: 1324)
      • Unicorn-45422.exe (PID: 8208)
      • Unicorn-29551.exe (PID: 8436)
      • Unicorn-50395.exe (PID: 7644)
      • Unicorn-8036.exe (PID: 8660)
      • Unicorn-61135.exe (PID: 8320)
      • Unicorn-731.exe (PID: 8136)
      • Unicorn-19186.exe (PID: 5892)
      • Unicorn-43989.exe (PID: 8020)
      • Unicorn-25431.exe (PID: 8040)
      • Unicorn-6472.exe (PID: 9012)
      • Unicorn-30830.exe (PID: 9024)
      • Unicorn-40898.exe (PID: 9036)
      • Unicorn-31310.exe (PID: 8732)
      • Unicorn-2026.exe (PID: 7524)
      • Unicorn-26244.exe (PID: 8756)
      • Unicorn-30289.exe (PID: 8428)
      • Unicorn-64595.exe (PID: 8676)
      • Unicorn-40040.exe (PID: 8008)
      • Unicorn-5374.exe (PID: 8460)
      • Unicorn-30062.exe (PID: 8452)
      • Unicorn-3574.exe (PID: 7628)
      • Unicorn-2785.exe (PID: 7996)
      • Unicorn-26466.exe (PID: 8508)
      • Unicorn-41541.exe (PID: 9280)
      • Unicorn-44898.exe (PID: 8404)
      • Unicorn-20207.exe (PID: 9000)
      • Unicorn-1668.exe (PID: 9352)
      • Unicorn-27734.exe (PID: 6752)
      • Unicorn-24142.exe (PID: 9132)
      • Unicorn-6996.exe (PID: 8940)
      • Unicorn-502.exe (PID: 7608)
      • Unicorn-59385.exe (PID: 8300)
      • Unicorn-41701.exe (PID: 8076)
      • Unicorn-58227.exe (PID: 8812)
      • Unicorn-27607.exe (PID: 3156)
      • Unicorn-13287.exe (PID: 8560)
      • Unicorn-17245.exe (PID: 10008)
      • Unicorn-48628.exe (PID: 8772)
      • Unicorn-10991.exe (PID: 9080)
      • Unicorn-39784.exe (PID: 10112)
      • Unicorn-40657.exe (PID: 9560)
      • Unicorn-2145.exe (PID: 10184)
      • Unicorn-29526.exe (PID: 9960)
      • Unicorn-58730.exe (PID: 8684)
      • Unicorn-36736.exe (PID: 10396)
      • Unicorn-48997.exe (PID: 8892)
      • Unicorn-9846.exe (PID: 6436)
      • Unicorn-60764.exe (PID: 8984)
      • Unicorn-17998.exe (PID: 9184)
      • Unicorn-26700.exe (PID: 7844)
      • Unicorn-51569.exe (PID: 9172)
      • Unicorn-47208.exe (PID: 5116)
      • Unicorn-26700.exe (PID: 7868)
      • Unicorn-59499.exe (PID: 8576)
      • Unicorn-31851.exe (PID: 8748)
      • Unicorn-2678.exe (PID: 4164)
      • Unicorn-22507.exe (PID: 1132)
      • Unicorn-21201.exe (PID: 8700)
      • Unicorn-8724.exe (PID: 10492)
      • Unicorn-61547.exe (PID: 9248)
      • Unicorn-12260.exe (PID: 9888)
      • Unicorn-45922.exe (PID: 9308)
      • Unicorn-9599.exe (PID: 9916)
      • Unicorn-38388.exe (PID: 9144)
      • Unicorn-26338.exe (PID: 8992)
      • Unicorn-40447.exe (PID: 10204)
      • Unicorn-18277.exe (PID: 9624)
      • Unicorn-1892.exe (PID: 8740)
      • Unicorn-29145.exe (PID: 8912)
      • Unicorn-58213.exe (PID: 8880)
      • Unicorn-12855.exe (PID: 11240)
      • Unicorn-38263.exe (PID: 11196)
      • Unicorn-34030.exe (PID: 8596)
      • Unicorn-30074.exe (PID: 11300)
      • Unicorn-53352.exe (PID: 8488)
      • Unicorn-32081.exe (PID: 10688)
      • Unicorn-47140.exe (PID: 11060)
      • Unicorn-49024.exe (PID: 10892)
      • Unicorn-63458.exe (PID: 11520)
      • Unicorn-9962.exe (PID: 10700)
      • Unicorn-64201.exe (PID: 9908)
      • Unicorn-2168.exe (PID: 5544)
      • Unicorn-24552.exe (PID: 8284)
      • Unicorn-8.exe (PID: 10348)
      • Unicorn-25707.exe (PID: 8796)
      • Unicorn-37239.exe (PID: 4868)
      • Unicorn-36430.exe (PID: 9052)
      • Unicorn-5080.exe (PID: 5232)
      • Unicorn-24440.exe (PID: 4284)
      • Unicorn-24049.exe (PID: 10596)
      • Unicorn-60895.exe (PID: 11052)
      • Unicorn-3946.exe (PID: 11572)
      • Unicorn-49618.exe (PID: 11580)
      • Unicorn-26961.exe (PID: 9860)
      • Unicorn-24014.exe (PID: 9936)
      • Unicorn-41460.exe (PID: 9092)
      • Unicorn-38620.exe (PID: 10564)
      • Unicorn-11127.exe (PID: 10776)
      • Unicorn-20828.exe (PID: 8232)
      • Unicorn-10608.exe (PID: 8924)
      • Unicorn-10098.exe (PID: 9300)
      • Unicorn-48226.exe (PID: 10620)
      • Unicorn-19019.exe (PID: 10572)
      • Unicorn-40674.exe (PID: 9640)
      • Unicorn-64232.exe (PID: 11016)
      • Unicorn-21338.exe (PID: 11660)
      • Unicorn-41343.exe (PID: 3176)
      • Unicorn-32482.exe (PID: 8932)
      • Unicorn-40157.exe (PID: 8268)
      • Unicorn-28020.exe (PID: 10336)
      • Unicorn-2933.exe (PID: 9744)
      • Unicorn-46038.exe (PID: 9812)
      • Unicorn-40697.exe (PID: 9832)
      • Unicorn-42998.exe (PID: 9724)
      • Unicorn-46711.exe (PID: 9320)
      • Unicorn-52885.exe (PID: 8780)
      • Unicorn-23660.exe (PID: 9944)
      • Unicorn-23541.exe (PID: 9360)
      • Unicorn-39010.exe (PID: 10632)
      • Unicorn-49410.exe (PID: 11064)
      • Unicorn-21192.exe (PID: 10804)
      • Unicorn-26711.exe (PID: 10196)
      • Unicorn-61154.exe (PID: 8220)
      • Unicorn-44519.exe (PID: 10756)
      • Unicorn-20203.exe (PID: 10444)
      • Unicorn-59499.exe (PID: 8568)
      • Unicorn-16867.exe (PID: 9204)
      • Unicorn-49791.exe (PID: 11620)
      • Unicorn-7265.exe (PID: 10484)
      • Unicorn-64110.exe (PID: 10524)
      • Unicorn-15601.exe (PID: 8708)
      • Unicorn-23243.exe (PID: 11788)
      • Unicorn-17655.exe (PID: 10504)
      • Unicorn-56942.exe (PID: 10708)
      • Unicorn-60882.exe (PID: 11732)
      • Unicorn-46562.exe (PID: 9852)
      • Unicorn-45678.exe (PID: 10604)
      • Unicorn-64210.exe (PID: 9196)
      • Unicorn-29047.exe (PID: 11880)
      • Unicorn-37853.exe (PID: 10964)
      • Unicorn-57731.exe (PID: 11080)
      • Unicorn-16468.exe (PID: 10992)
      • Unicorn-32136.exe (PID: 8716)
      • Unicorn-32113.exe (PID: 4180)
      • Unicorn-41047.exe (PID: 10916)
      • Unicorn-13025.exe (PID: 8476)
      • Unicorn-55113.exe (PID: 14328)
      • Unicorn-25071.exe (PID: 1628)
      • Unicorn-51301.exe (PID: 11188)
      • Unicorn-19063.exe (PID: 9108)
      • Unicorn-65225.exe (PID: 10944)
      • Unicorn-9557.exe (PID: 11172)
      • Unicorn-9300.exe (PID: 12076)
      • Unicorn-59874.exe (PID: 10812)

    • Checks supported languages

      • 1 (529).exe (PID: 6964)
      • Unicorn-23385.exe (PID: 5156)
      • Unicorn-9676.exe (PID: 1764)
      • Unicorn-21829.exe (PID: 1812)
      • Unicorn-61401.exe (PID: 6480)
      • Unicorn-61401.exe (PID: 2244)
      • Unicorn-23776.exe (PID: 6620)
      • Unicorn-57021.exe (PID: 5308)
      • Unicorn-37814.exe (PID: 2148)
      • Unicorn-37814.exe (PID: 3100)
      • Unicorn-10435.exe (PID: 4208)
      • Unicorn-4570.exe (PID: 2088)
      • Unicorn-10700.exe (PID: 632)
      • Unicorn-10700.exe (PID: 6676)
      • Unicorn-61276.exe (PID: 728)
      • Unicorn-15813.exe (PID: 616)
      • Unicorn-42253.exe (PID: 5260)
      • Unicorn-57276.exe (PID: 736)
      • Unicorn-63406.exe (PID: 2984)
      • Unicorn-8030.exe (PID: 7272)
      • Unicorn-51289.exe (PID: 7236)
      • Unicorn-55016.exe (PID: 7248)
      • Unicorn-44081.exe (PID: 7280)
      • Unicorn-4972.exe (PID: 7300)
      • Unicorn-11102.exe (PID: 7356)
      • Unicorn-41284.exe (PID: 7324)
      • Unicorn-1886.exe (PID: 7332)
      • Unicorn-37936.exe (PID: 7344)
      • Unicorn-51039.exe (PID: 7632)
      • Unicorn-1769.exe (PID: 7684)
      • Unicorn-51249.exe (PID: 7804)
      • Unicorn-3029.exe (PID: 7788)
      • Unicorn-33881.exe (PID: 7900)
      • Unicorn-36953.exe (PID: 7952)
      • Unicorn-56013.exe (PID: 7928)
      • Unicorn-2370.exe (PID: 7916)
      • Unicorn-6889.exe (PID: 7964)
      • Unicorn-61239.exe (PID: 7984)
      • Unicorn-15448.exe (PID: 8164)
      • Unicorn-26553.exe (PID: 7224)
      • Unicorn-58183.exe (PID: 8188)
      • Unicorn-20953.exe (PID: 7216)
      • Unicorn-40258.exe (PID: 7232)
      • Unicorn-24665.exe (PID: 8088)
      • Unicorn-731.exe (PID: 8136)
      • Unicorn-207.exe (PID: 7420)
      • Unicorn-21592.exe (PID: 7464)
      • Unicorn-36443.exe (PID: 5344)
      • Unicorn-11367.exe (PID: 4756)
      • Unicorn-52613.exe (PID: 4988)
      • Unicorn-29323.exe (PID: 4880)
      • Unicorn-47850.exe (PID: 7444)
      • Unicorn-18798.exe (PID: 2852)
      • Unicorn-59873.exe (PID: 7848)
      • Unicorn-32747.exe (PID: 1052)
      • Unicorn-19186.exe (PID: 5892)
      • Unicorn-47859.exe (PID: 7772)
      • Unicorn-24942.exe (PID: 7764)
      • Unicorn-49256.exe (PID: 7840)
      • Unicorn-30159.exe (PID: 672)
      • Unicorn-40040.exe (PID: 8008)
      • Unicorn-59923.exe (PID: 8080)
      • Unicorn-43989.exe (PID: 8020)
      • Unicorn-45297.exe (PID: 8032)
      • Unicorn-48378.exe (PID: 5084)
      • Unicorn-9456.exe (PID: 8180)
      • Unicorn-32970.exe (PID: 7436)
      • Unicorn-25431.exe (PID: 8040)
      • Unicorn-35167.exe (PID: 6240)
      • Unicorn-27734.exe (PID: 6752)
      • Unicorn-2913.exe (PID: 644)
      • Unicorn-45684.exe (PID: 2040)
      • Unicorn-13006.exe (PID: 5772)
      • Unicorn-4314.exe (PID: 8128)
      • Unicorn-20584.exe (PID: 2516)
      • Unicorn-42964.exe (PID: 8132)
      • Unicorn-41340.exe (PID: 8104)
      • Unicorn-59020.exe (PID: 7668)
      • Unicorn-49518.exe (PID: 7976)
      • Unicorn-32200.exe (PID: 7980)
      • Unicorn-37605.exe (PID: 8108)
      • Unicorn-2026.exe (PID: 7524)
      • Unicorn-23903.exe (PID: 6184)
      • Unicorn-13304.exe (PID: 4628)
      • Unicorn-3574.exe (PID: 7628)
      • Unicorn-16842.exe (PID: 1568)
      • Unicorn-50395.exe (PID: 7644)
      • Unicorn-41701.exe (PID: 8076)
      • Unicorn-59385.exe (PID: 8300)
      • Unicorn-61135.exe (PID: 8320)
      • Unicorn-30289.exe (PID: 8428)
      • Unicorn-29551.exe (PID: 8436)
      • Unicorn-18149.exe (PID: 1324)
      • Unicorn-53352.exe (PID: 8488)
      • Unicorn-30062.exe (PID: 8452)
      • Unicorn-5374.exe (PID: 8460)
      • Unicorn-502.exe (PID: 7608)
      • Unicorn-26466.exe (PID: 8508)
      • Unicorn-45422.exe (PID: 8208)
      • Unicorn-2785.exe (PID: 7996)
      • Unicorn-34030.exe (PID: 8596)
      • Unicorn-13287.exe (PID: 8560)
      • Unicorn-59499.exe (PID: 8568)
      • Unicorn-59499.exe (PID: 8576)
      • Unicorn-44898.exe (PID: 8404)
      • Unicorn-64595.exe (PID: 8676)
      • Unicorn-15601.exe (PID: 8708)
      • Unicorn-58730.exe (PID: 8684)
      • Unicorn-21201.exe (PID: 8700)
      • Unicorn-32136.exe (PID: 8716)
      • Unicorn-8036.exe (PID: 8660)
      • Unicorn-6472.exe (PID: 9012)
      • Unicorn-30830.exe (PID: 9024)
      • Unicorn-40898.exe (PID: 9036)
      • Unicorn-31310.exe (PID: 8732)
      • Unicorn-1892.exe (PID: 8740)
      • Unicorn-31851.exe (PID: 8748)
      • Unicorn-26244.exe (PID: 8756)
      • Unicorn-52885.exe (PID: 8780)
      • Unicorn-25707.exe (PID: 8796)
      • Unicorn-58227.exe (PID: 8812)
      • Unicorn-58213.exe (PID: 8880)
      • Unicorn-48628.exe (PID: 8772)
      • Unicorn-48997.exe (PID: 8892)
      • Unicorn-6996.exe (PID: 8940)
      • Unicorn-36430.exe (PID: 9052)
      • Unicorn-60764.exe (PID: 8984)
      • Unicorn-29145.exe (PID: 8912)
      • Unicorn-10608.exe (PID: 8924)
      • Unicorn-32482.exe (PID: 8932)
      • Unicorn-10991.exe (PID: 9080)
      • Unicorn-41460.exe (PID: 9092)
      • Unicorn-19063.exe (PID: 9108)
      • Unicorn-24142.exe (PID: 9132)
      • Unicorn-38388.exe (PID: 9144)
      • Unicorn-20207.exe (PID: 9000)
      • Unicorn-51569.exe (PID: 9172)
      • Unicorn-40157.exe (PID: 8268)
      • Unicorn-26338.exe (PID: 8992)
      • Unicorn-32113.exe (PID: 4180)
      • Unicorn-13025.exe (PID: 8476)
      • Unicorn-26700.exe (PID: 7868)
      • Unicorn-2168.exe (PID: 5544)
      • Unicorn-41343.exe (PID: 3176)
      • Unicorn-20828.exe (PID: 8232)
      • Unicorn-24552.exe (PID: 8284)
      • Unicorn-27607.exe (PID: 3156)
      • Unicorn-4833.exe (PID: 2560)
      • Unicorn-41541.exe (PID: 9280)
      • Unicorn-10098.exe (PID: 9300)
      • Unicorn-45922.exe (PID: 9308)
      • Unicorn-46711.exe (PID: 9320)
      • Unicorn-9846.exe (PID: 6436)
      • Unicorn-22507.exe (PID: 1132)
      • Unicorn-20841.exe (PID: 5868)
      • Unicorn-64210.exe (PID: 9196)
      • Unicorn-16867.exe (PID: 9204)
      • Unicorn-61154.exe (PID: 8220)
      • Unicorn-25969.exe (PID: 9240)
      • Unicorn-1668.exe (PID: 9352)
      • Unicorn-23541.exe (PID: 9360)
      • Unicorn-2678.exe (PID: 4164)
      • Unicorn-13680.exe (PID: 9288)
      • Unicorn-17998.exe (PID: 9184)
      • Unicorn-61547.exe (PID: 9248)
      • Unicorn-47208.exe (PID: 5116)
      • Unicorn-26700.exe (PID: 7844)
      • Unicorn-40657.exe (PID: 9560)
      • Unicorn-40674.exe (PID: 9640)
      • Unicorn-18277.exe (PID: 9624)
      • Unicorn-18801.exe (PID: 9632)
      • Unicorn-17245.exe (PID: 10008)
      • Unicorn-57451.exe (PID: 9612)
      • Unicorn-42998.exe (PID: 9724)
      • Unicorn-21477.exe (PID: 9792)
      • Unicorn-46038.exe (PID: 9812)
      • Unicorn-40697.exe (PID: 9832)
      • Unicorn-38427.exe (PID: 9840)
      • Unicorn-39784.exe (PID: 10112)
      • Unicorn-48095.exe (PID: 9648)
      • Unicorn-12260.exe (PID: 9888)
      • Unicorn-15982.exe (PID: 9900)
      • Unicorn-26711.exe (PID: 10196)
      • Unicorn-53096.exe (PID: 9924)
      • Unicorn-23660.exe (PID: 9944)
      • Unicorn-9925.exe (PID: 9952)
      • Unicorn-29526.exe (PID: 9960)
      • Unicorn-49128.exe (PID: 9716)
      • Unicorn-46562.exe (PID: 9852)
      • Unicorn-26961.exe (PID: 9860)
      • Unicorn-43755.exe (PID: 9876)
      • Unicorn-2145.exe (PID: 10184)
      • Unicorn-9599.exe (PID: 9916)
      • Unicorn-2933.exe (PID: 9744)
      • Unicorn-64201.exe (PID: 9908)
      • Unicorn-33899.exe (PID: 10220)
      • Unicorn-28020.exe (PID: 10336)
      • Unicorn-24014.exe (PID: 9936)
      • Unicorn-8.exe (PID: 10348)
      • Unicorn-15207.exe (PID: 10360)
      • Unicorn-53461.exe (PID: 10372)
      • Unicorn-20203.exe (PID: 10444)
      • Unicorn-7265.exe (PID: 10484)
      • Unicorn-19414.exe (PID: 10388)
      • Unicorn-36736.exe (PID: 10396)
      • Unicorn-8724.exe (PID: 10492)
      • Unicorn-17655.exe (PID: 10504)
      • Unicorn-64110.exe (PID: 10524)
      • Unicorn-40447.exe (PID: 10204)
      • Unicorn-38620.exe (PID: 10564)
      • Unicorn-19019.exe (PID: 10572)
      • Unicorn-48240.exe (PID: 10580)
      • Unicorn-24049.exe (PID: 10596)
      • Unicorn-45678.exe (PID: 10604)
      • Unicorn-48226.exe (PID: 10620)
      • Unicorn-39010.exe (PID: 10632)
      • Unicorn-59874.exe (PID: 10812)
      • Unicorn-7678.exe (PID: 10848)
      • Unicorn-40793.exe (PID: 10796)
      • Unicorn-37853.exe (PID: 10956)
      • Unicorn-1395.exe (PID: 10856)
      • Unicorn-41047.exe (PID: 10916)
      • Unicorn-29307.exe (PID: 10864)
      • Unicorn-65225.exe (PID: 10944)
      • Unicorn-54811.exe (PID: 10736)
      • Unicorn-12855.exe (PID: 11240)
      • Unicorn-11127.exe (PID: 10776)
      • Unicorn-21192.exe (PID: 10804)
      • Unicorn-29158.exe (PID: 10884)
      • Unicorn-40793.exe (PID: 10788)
      • Unicorn-58254.exe (PID: 10768)
      • Unicorn-49024.exe (PID: 10892)
      • Unicorn-38263.exe (PID: 11196)
      • Unicorn-44519.exe (PID: 10756)
      • Unicorn-30074.exe (PID: 11300)
      • Unicorn-42094.exe (PID: 11000)
      • Unicorn-49410.exe (PID: 11064)
      • Unicorn-56942.exe (PID: 10708)
      • Unicorn-7268.exe (PID: 11044)
      • Unicorn-20822.exe (PID: 11352)
      • Unicorn-37853.exe (PID: 10964)
      • Unicorn-16468.exe (PID: 10992)
      • Unicorn-64232.exe (PID: 11016)
      • Unicorn-51301.exe (PID: 11188)
      • Unicorn-32501.exe (PID: 11504)
      • Unicorn-9557.exe (PID: 11172)
      • Unicorn-45800.exe (PID: 11104)
      • Unicorn-59727.exe (PID: 10972)
      • Unicorn-32081.exe (PID: 10688)
      • Unicorn-57731.exe (PID: 11080)
      • Unicorn-60895.exe (PID: 11052)
      • Unicorn-63458.exe (PID: 11520)
      • Unicorn-47140.exe (PID: 11060)
      • Unicorn-39656.exe (PID: 11132)
      • Unicorn-9962.exe (PID: 10700)
      • Unicorn-45817.exe (PID: 10680)
      • Unicorn-58834.exe (PID: 11564)
      • Unicorn-49791.exe (PID: 11620)
      • Unicorn-36055.exe (PID: 11628)
      • Unicorn-3946.exe (PID: 11572)
      • Unicorn-49618.exe (PID: 11588)
      • Unicorn-26344.exe (PID: 11596)
      • Unicorn-57723.exe (PID: 11604)
      • Unicorn-52849.exe (PID: 11688)
      • Unicorn-37239.exe (PID: 4868)
      • Unicorn-65506.exe (PID: 11704)
      • Unicorn-17905.exe (PID: 10640)
      • Unicorn-5080.exe (PID: 5232)
      • Unicorn-24440.exe (PID: 4284)
      • Unicorn-26839.exe (PID: 11724)
      • Unicorn-55921.exe (PID: 11636)
      • Unicorn-21338.exe (PID: 11660)
      • Unicorn-26839.exe (PID: 11716)
      • Unicorn-40180.exe (PID: 11116)
      • Unicorn-60882.exe (PID: 11732)
      • Unicorn-29047.exe (PID: 11748)
      • Unicorn-51666.exe (PID: 11760)
      • Unicorn-23243.exe (PID: 11788)
      • Unicorn-2382.exe (PID: 11836)
      • Unicorn-16117.exe (PID: 11844)
      • Unicorn-29047.exe (PID: 11880)
      • Unicorn-23103.exe (PID: 11852)
      • Unicorn-23103.exe (PID: 11872)
      • Unicorn-627.exe (PID: 11180)
      • Unicorn-19176.exe (PID: 11800)
      • Unicorn-43255.exe (PID: 10668)
      • Unicorn-21982.exe (PID: 11828)
      • Unicorn-30834.exe (PID: 11860)
      • Unicorn-22493.exe (PID: 11008)
      • Unicorn-10955.exe (PID: 11916)
      • Unicorn-44421.exe (PID: 11940)
      • Unicorn-40665.exe (PID: 11948)
      • Unicorn-34799.exe (PID: 11964)
      • Unicorn-21064.exe (PID: 11972)
      • Unicorn-37872.exe (PID: 11988)
      • Unicorn-18536.exe (PID: 11996)
      • Unicorn-36305.exe (PID: 12004)
      • Unicorn-24136.exe (PID: 12028)
      • Unicorn-24136.exe (PID: 12020)
      • Unicorn-42085.exe (PID: 12136)
      • Unicorn-54238.exe (PID: 12160)
      • Unicorn-41820.exe (PID: 12144)
      • Unicorn-61132.exe (PID: 12060)
      • Unicorn-28901.exe (PID: 12068)
      • Unicorn-9300.exe (PID: 12076)
      • Unicorn-9300.exe (PID: 12084)
      • Unicorn-49487.exe (PID: 12092)
      • Unicorn-5494.exe (PID: 12104)
      • Unicorn-7777.exe (PID: 12120)
      • Unicorn-53714.exe (PID: 12128)
      • Unicorn-52849.exe (PID: 11680)
      • Unicorn-39906.exe (PID: 12260)
      • Unicorn-49740.exe (PID: 10936)
      • Unicorn-63077.exe (PID: 13612)
      • Unicorn-22996.exe (PID: 12416)
      • Unicorn-42600.exe (PID: 13584)
      • Unicorn-21640.exe (PID: 12324)
      • Unicorn-55113.exe (PID: 14328)
      • Unicorn-25071.exe (PID: 1628)
      • Unicorn-4701.exe (PID: 13640)
      • Unicorn-18051.exe (PID: 13548)
      • Unicorn-49082.exe (PID: 13664)
      • Unicorn-30685.exe (PID: 11932)
      • Unicorn-57950.exe (PID: 13620)
      • Unicorn-43481.exe (PID: 13576)
      • Unicorn-61169.exe (PID: 12968)
      • Unicorn-25722.exe (PID: 15232)
      • Unicorn-44766.exe (PID: 14972)
      • Unicorn-39793.exe (PID: 14820)
      • Unicorn-34760.exe (PID: 13648)
      • Unicorn-5886.exe (PID: 12444)
      • Unicorn-44986.exe (PID: 13748)
      • Unicorn-2687.exe (PID: 15224)
      • Unicorn-42258.exe (PID: 15240)
      • Unicorn-20427.exe (PID: 14560)
      • Unicorn-14837.exe (PID: 14580)
      • Unicorn-14283.exe (PID: 14600)
      • Unicorn-49557.exe (PID: 14592)

    • Create files in a temporary directory

      • Unicorn-23385.exe (PID: 5156)
      • 1 (529).exe (PID: 6964)
      • Unicorn-9676.exe (PID: 1764)
      • Unicorn-57021.exe (PID: 5308)
      • Unicorn-37814.exe (PID: 3100)
      • Unicorn-21829.exe (PID: 1812)
      • Unicorn-37814.exe (PID: 2148)
      • Unicorn-4570.exe (PID: 2088)
      • Unicorn-10700.exe (PID: 6676)
      • Unicorn-23776.exe (PID: 6620)
      • Unicorn-61276.exe (PID: 728)
      • Unicorn-15813.exe (PID: 616)
      • Unicorn-61401.exe (PID: 2244)
      • Unicorn-8030.exe (PID: 7272)
      • Unicorn-51289.exe (PID: 7236)
      • Unicorn-4972.exe (PID: 7300)
      • Unicorn-1886.exe (PID: 7332)
      • Unicorn-10435.exe (PID: 4208)
      • Unicorn-41284.exe (PID: 7324)
      • Unicorn-1769.exe (PID: 7684)
      • Unicorn-3029.exe (PID: 7788)
      • Unicorn-42253.exe (PID: 5260)
      • Unicorn-16842.exe (PID: 1568)
      • Unicorn-57276.exe (PID: 736)
      • Unicorn-51249.exe (PID: 7804)
      • Unicorn-36953.exe (PID: 7952)
      • Unicorn-6889.exe (PID: 7964)
      • Unicorn-56013.exe (PID: 7928)
      • Unicorn-63406.exe (PID: 2984)
      • Unicorn-24665.exe (PID: 8088)
      • Unicorn-58183.exe (PID: 8188)
      • Unicorn-21592.exe (PID: 7464)
      • Unicorn-61239.exe (PID: 7984)
      • Unicorn-26553.exe (PID: 7224)
      • Unicorn-15448.exe (PID: 8164)
      • Unicorn-52613.exe (PID: 4988)
      • Unicorn-2370.exe (PID: 7916)
      • Unicorn-24942.exe (PID: 7764)
      • Unicorn-33881.exe (PID: 7900)
      • Unicorn-11102.exe (PID: 7356)
      • Unicorn-30159.exe (PID: 672)
      • Unicorn-10700.exe (PID: 632)
      • Unicorn-29323.exe (PID: 4880)
      • Unicorn-40258.exe (PID: 7232)
      • Unicorn-61401.exe (PID: 6480)
      • Unicorn-59873.exe (PID: 7848)
      • Unicorn-207.exe (PID: 7420)
      • Unicorn-18798.exe (PID: 2852)
      • Unicorn-11367.exe (PID: 4756)
      • Unicorn-47850.exe (PID: 7444)
      • Unicorn-20953.exe (PID: 7216)
      • Unicorn-41340.exe (PID: 8104)
      • Unicorn-32747.exe (PID: 1052)
      • Unicorn-4314.exe (PID: 8128)
      • Unicorn-20584.exe (PID: 2516)
      • Unicorn-59020.exe (PID: 7668)
      • Unicorn-49256.exe (PID: 7840)
      • Unicorn-49518.exe (PID: 7976)
      • Unicorn-42964.exe (PID: 8132)
      • Unicorn-2913.exe (PID: 644)
      • Unicorn-45684.exe (PID: 2040)
      • Unicorn-37936.exe (PID: 7344)
      • Unicorn-9456.exe (PID: 8180)
      • Unicorn-44081.exe (PID: 7280)
      • Unicorn-13304.exe (PID: 4628)
      • Unicorn-13006.exe (PID: 5772)
      • Unicorn-45422.exe (PID: 8208)
      • Unicorn-32200.exe (PID: 7980)
      • Unicorn-18149.exe (PID: 1324)
      • Unicorn-29551.exe (PID: 8436)
      • Unicorn-61135.exe (PID: 8320)
      • Unicorn-731.exe (PID: 8136)
      • Unicorn-36443.exe (PID: 5344)
      • Unicorn-8036.exe (PID: 8660)
      • Unicorn-43989.exe (PID: 8020)
      • Unicorn-51039.exe (PID: 7632)
      • Unicorn-19186.exe (PID: 5892)
      • Unicorn-2026.exe (PID: 7524)
      • Unicorn-25431.exe (PID: 8040)
      • Unicorn-6472.exe (PID: 9012)
      • Unicorn-30830.exe (PID: 9024)
      • Unicorn-40898.exe (PID: 9036)
      • Unicorn-26244.exe (PID: 8756)
      • Unicorn-30289.exe (PID: 8428)
      • Unicorn-64595.exe (PID: 8676)
      • Unicorn-5374.exe (PID: 8460)
      • Unicorn-35167.exe (PID: 6240)
      • Unicorn-30062.exe (PID: 8452)
      • Unicorn-3574.exe (PID: 7628)
      • Unicorn-47859.exe (PID: 7772)
      • Unicorn-2785.exe (PID: 7996)
      • Unicorn-20207.exe (PID: 9000)
      • Unicorn-59923.exe (PID: 8080)
      • Unicorn-41541.exe (PID: 9280)
      • Unicorn-24142.exe (PID: 9132)
      • Unicorn-26466.exe (PID: 8508)
      • Unicorn-27734.exe (PID: 6752)
      • Unicorn-1668.exe (PID: 9352)
      • Unicorn-44898.exe (PID: 8404)
      • Unicorn-502.exe (PID: 7608)
      • Unicorn-13287.exe (PID: 8560)
      • Unicorn-27607.exe (PID: 3156)
      • Unicorn-41701.exe (PID: 8076)
      • Unicorn-58227.exe (PID: 8812)
      • Unicorn-17245.exe (PID: 10008)
      • Unicorn-48628.exe (PID: 8772)
      • Unicorn-10991.exe (PID: 9080)
      • Unicorn-2145.exe (PID: 10184)
      • Unicorn-39784.exe (PID: 10112)
      • Unicorn-40657.exe (PID: 9560)
      • Unicorn-47208.exe (PID: 5116)
      • Unicorn-17998.exe (PID: 9184)
      • Unicorn-26700.exe (PID: 7868)
      • Unicorn-31851.exe (PID: 8748)
      • Unicorn-8724.exe (PID: 10492)
      • Unicorn-22507.exe (PID: 1132)
      • Unicorn-26700.exe (PID: 7844)
      • Unicorn-21201.exe (PID: 8700)
      • Unicorn-61547.exe (PID: 9248)
      • Unicorn-32970.exe (PID: 7436)
      • Unicorn-45922.exe (PID: 9308)
      • Unicorn-9599.exe (PID: 9916)
      • Unicorn-6996.exe (PID: 8940)
      • Unicorn-51569.exe (PID: 9172)
      • Unicorn-38388.exe (PID: 9144)
      • Unicorn-23903.exe (PID: 6184)
      • Unicorn-55016.exe (PID: 7248)
      • Unicorn-1892.exe (PID: 8740)
      • Unicorn-31310.exe (PID: 8732)
      • Unicorn-50395.exe (PID: 7644)
      • Unicorn-26338.exe (PID: 8992)
      • Unicorn-58730.exe (PID: 8684)
      • Unicorn-38263.exe (PID: 11196)
      • Unicorn-12855.exe (PID: 11240)
      • Unicorn-30074.exe (PID: 11300)
      • Unicorn-34030.exe (PID: 8596)
      • Unicorn-49024.exe (PID: 10892)
      • Unicorn-29145.exe (PID: 8912)
      • Unicorn-47140.exe (PID: 11060)
      • Unicorn-4833.exe (PID: 2560)
      • Unicorn-25969.exe (PID: 9240)
      • Unicorn-53461.exe (PID: 10372)
      • Unicorn-24552.exe (PID: 8284)
      • Unicorn-64201.exe (PID: 9908)
      • Unicorn-2168.exe (PID: 5544)
      • Unicorn-9962.exe (PID: 10700)
      • Unicorn-63458.exe (PID: 11520)
      • Unicorn-53352.exe (PID: 8488)
      • Unicorn-2678.exe (PID: 4164)
      • Unicorn-10098.exe (PID: 9300)
      • Unicorn-5080.exe (PID: 5232)
      • Unicorn-24440.exe (PID: 4284)
      • Unicorn-37239.exe (PID: 4868)
      • Unicorn-40040.exe (PID: 8008)
      • Unicorn-36430.exe (PID: 9052)
      • Unicorn-40697.exe (PID: 9832)
      • Unicorn-61154.exe (PID: 8220)
      • Unicorn-48997.exe (PID: 8892)
      • Unicorn-25707.exe (PID: 8796)
      • Unicorn-60764.exe (PID: 8984)
      • Unicorn-16867.exe (PID: 9204)
      • Unicorn-40447.exe (PID: 10204)
      • Unicorn-21338.exe (PID: 11660)
      • Unicorn-52885.exe (PID: 8780)
      • Unicorn-29307.exe (PID: 10864)
      • Unicorn-18277.exe (PID: 9624)
      • Unicorn-49618.exe (PID: 11580)
      • Unicorn-23541.exe (PID: 9360)
      • Unicorn-40674.exe (PID: 9640)
      • Unicorn-46711.exe (PID: 9320)
      • Unicorn-2933.exe (PID: 9744)
      • Unicorn-24014.exe (PID: 9936)
      • Unicorn-23243.exe (PID: 11788)
      • Unicorn-49410.exe (PID: 11064)
      • Unicorn-29526.exe (PID: 9960)
      • Unicorn-58213.exe (PID: 8880)
      • Unicorn-8.exe (PID: 10348)
      • Unicorn-32136.exe (PID: 8716)
      • Unicorn-36736.exe (PID: 10396)
      • Unicorn-56942.exe (PID: 10708)
      • Unicorn-55113.exe (PID: 14328)
      • Unicorn-19063.exe (PID: 9108)
      • Unicorn-32113.exe (PID: 4180)

    • Reads security settings of Internet Explorer

      • BackgroundTransferHost.exe (PID: 6592)
      • BackgroundTransferHost.exe (PID: 7512)
      • BackgroundTransferHost.exe (PID: 7748)
      • BackgroundTransferHost.exe (PID: 8116)
      • BackgroundTransferHost.exe (PID: 7544)

    • Checks proxy server information

      • BackgroundTransferHost.exe (PID: 7512)

    • Creates files or folders in the user directory

      • BackgroundTransferHost.exe (PID: 7512)
      • WerFault.exe (PID: 15008)

    • Reads the software policy settings

      • BackgroundTransferHost.exe (PID: 7512)
      • slui.exe (PID: 668)
Find more information about signature artifacts and mapping to MITRE ATT&CK™ MATRIX at the full report
No Malware configuration.

TRiD

.exe | Win32 Executable Microsoft Visual Basic 6 (90.6)
.exe | Win32 Executable (generic) (4.9)
.exe | Generic Win/DOS Executable (2.2)
.exe | DOS Executable Generic (2.2)

EXIF

EXE

MachineType: Intel 386 or later, and compatibles
TimeStamp: 2019:01:19 13:34:56+00:00
ImageFileCharacteristics: No relocs, Executable, No line numbers, No symbols, 32-bit, No debug, Removable run from swap, Net run from swap, Uniprocessor only, Bytes reversed hi
PEType: PE32
LinkerVersion: 6
CodeSize: 176128
InitializedDataSize: 299008
UninitializedDataSize: -
EntryPoint: 0x13d4
OSVersion: 4
ImageVersion: 1
SubsystemVersion: 4
Subsystem: Windows GUI
FileVersionNumber: 1.0.0.0
ProductVersionNumber: 1.0.0.0
FileFlagsMask: 0x003f
FileFlags: (none)
FileOS: Win32
ObjectFileType: Executable application
FileSubtype: -
LanguageCode: Chinese (Simplified)
CharacterSet: Unicode
CompanyName: UEFI
ProductName: Kawaii-Unicorn
FileVersion: 1
ProductVersion: 1
InternalName: Kawaii-Unicorn
OriginalFileName: Kawaii-Unicorn.exe
No data.
screenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshot
All screenshots are available in the full report
All screenshots are available in the full report
Total processes
643
Monitored processes
504
Malicious processes
84
Suspicious processes
68

Behavior graph

Click at the process to see the details
start 1 (529).exe sppextcomobj.exe no specs slui.exe unicorn-23385.exe unicorn-9676.exe unicorn-21829.exe unicorn-61401.exe unicorn-61401.exe unicorn-23776.exe unicorn-57021.exe unicorn-61276.exe unicorn-37814.exe unicorn-37814.exe unicorn-4570.exe unicorn-10435.exe unicorn-10700.exe unicorn-10700.exe unicorn-15813.exe unicorn-16842.exe unicorn-42253.exe backgroundtransferhost.exe no specs unicorn-57276.exe unicorn-63406.exe unicorn-51289.exe unicorn-55016.exe unicorn-8030.exe unicorn-44081.exe unicorn-4972.exe unicorn-41284.exe unicorn-1886.exe unicorn-37936.exe unicorn-11102.exe backgroundtransferhost.exe unicorn-51039.exe unicorn-1769.exe backgroundtransferhost.exe no specs unicorn-3029.exe unicorn-51249.exe unicorn-33881.exe unicorn-2370.exe unicorn-56013.exe unicorn-36953.exe unicorn-6889.exe unicorn-61239.exe unicorn-24665.exe backgroundtransferhost.exe no specs unicorn-731.exe unicorn-15448.exe unicorn-58183.exe unicorn-20953.exe unicorn-26553.exe unicorn-40258.exe unicorn-207.exe unicorn-47850.exe unicorn-21592.exe unicorn-36443.exe unicorn-11367.exe unicorn-52613.exe unicorn-32747.exe unicorn-29323.exe unicorn-19186.exe unicorn-18798.exe backgroundtransferhost.exe no specs unicorn-49256.exe unicorn-59873.exe unicorn-35167.exe unicorn-30159.exe unicorn-40040.exe unicorn-43989.exe unicorn-45297.exe unicorn-25431.exe unicorn-47859.exe unicorn-24942.exe unicorn-59923.exe unicorn-9456.exe unicorn-48378.exe unicorn-32970.exe unicorn-45684.exe unicorn-27734.exe unicorn-2913.exe unicorn-13006.exe unicorn-4314.exe unicorn-42964.exe unicorn-20584.exe unicorn-41340.exe unicorn-37605.exe unicorn-2026.exe unicorn-23903.exe unicorn-59020.exe unicorn-13304.exe unicorn-49518.exe unicorn-32200.exe unicorn-18149.exe unicorn-3574.exe unicorn-2785.exe unicorn-41701.exe unicorn-50395.exe unicorn-502.exe unicorn-45422.exe unicorn-59385.exe no specs unicorn-61135.exe unicorn-44898.exe unicorn-30289.exe unicorn-29551.exe unicorn-30062.exe unicorn-5374.exe unicorn-53352.exe unicorn-26466.exe unicorn-13287.exe unicorn-59499.exe unicorn-59499.exe unicorn-34030.exe unicorn-8036.exe unicorn-64595.exe unicorn-58730.exe unicorn-21201.exe unicorn-15601.exe unicorn-32136.exe unicorn-31310.exe unicorn-1892.exe unicorn-31851.exe unicorn-26244.exe unicorn-48628.exe unicorn-52885.exe unicorn-25707.exe unicorn-58227.exe unicorn-58213.exe unicorn-48997.exe unicorn-29145.exe unicorn-10608.exe unicorn-32482.exe no specs unicorn-6996.exe unicorn-60764.exe unicorn-26338.exe unicorn-20207.exe unicorn-6472.exe unicorn-30830.exe unicorn-40898.exe unicorn-36430.exe unicorn-10991.exe unicorn-41460.exe unicorn-19063.exe unicorn-24142.exe unicorn-38388.exe unicorn-51569.exe unicorn-17998.exe unicorn-64210.exe unicorn-16867.exe unicorn-9846.exe no specs unicorn-22507.exe unicorn-20841.exe unicorn-61154.exe unicorn-20828.exe unicorn-40157.exe unicorn-13025.exe unicorn-26700.exe unicorn-26700.exe unicorn-47208.exe unicorn-2168.exe unicorn-32113.exe unicorn-41343.exe unicorn-2678.exe unicorn-24552.exe unicorn-27607.exe unicorn-4833.exe unicorn-25969.exe unicorn-61547.exe unicorn-41541.exe unicorn-13680.exe unicorn-10098.exe unicorn-45922.exe unicorn-46711.exe unicorn-1668.exe unicorn-23541.exe unicorn-40657.exe unicorn-57451.exe unicorn-18277.exe unicorn-18801.exe unicorn-40674.exe unicorn-48095.exe unicorn-49128.exe unicorn-42998.exe no specs unicorn-2933.exe unicorn-21477.exe unicorn-46038.exe no specs unicorn-40697.exe unicorn-38427.exe unicorn-46562.exe unicorn-26961.exe unicorn-43755.exe unicorn-12260.exe unicorn-15982.exe unicorn-64201.exe unicorn-9599.exe unicorn-53096.exe no specs unicorn-24014.exe unicorn-23660.exe unicorn-9925.exe unicorn-29526.exe unicorn-17245.exe unicorn-39784.exe unicorn-2145.exe unicorn-26711.exe unicorn-40447.exe unicorn-33899.exe unicorn-28020.exe unicorn-8.exe unicorn-15207.exe unicorn-53461.exe unicorn-19414.exe unicorn-36736.exe unicorn-20203.exe unicorn-7265.exe unicorn-8724.exe unicorn-17655.exe unicorn-64110.exe unicorn-38620.exe unicorn-19019.exe no specs unicorn-48240.exe no specs unicorn-24049.exe unicorn-45678.exe unicorn-48226.exe no specs unicorn-39010.exe unicorn-17905.exe no specs unicorn-43255.exe no specs unicorn-45817.exe unicorn-32081.exe unicorn-9962.exe unicorn-56942.exe unicorn-54811.exe unicorn-44519.exe unicorn-58254.exe no specs unicorn-11127.exe unicorn-40793.exe unicorn-40793.exe no specs unicorn-21192.exe unicorn-59874.exe unicorn-7678.exe no specs unicorn-1395.exe unicorn-29307.exe unicorn-29158.exe unicorn-49024.exe unicorn-41047.exe unicorn-49740.exe no specs unicorn-65225.exe unicorn-37853.exe unicorn-37853.exe unicorn-59727.exe no specs unicorn-16468.exe unicorn-42094.exe unicorn-22493.exe no specs unicorn-64232.exe no specs unicorn-7268.exe unicorn-60895.exe unicorn-47140.exe unicorn-49410.exe unicorn-57731.exe unicorn-45800.exe no specs unicorn-40180.exe no specs unicorn-39656.exe unicorn-9557.exe unicorn-627.exe no specs unicorn-51301.exe unicorn-38263.exe unicorn-12855.exe unicorn-30074.exe unicorn-20822.exe unicorn-32501.exe unicorn-63458.exe unicorn-58834.exe unicorn-3946.exe unicorn-49618.exe unicorn-49618.exe unicorn-26344.exe unicorn-57723.exe unicorn-49791.exe unicorn-36055.exe unicorn-55921.exe unicorn-21338.exe unicorn-52849.exe no specs unicorn-52849.exe no specs unicorn-65506.exe no specs unicorn-26839.exe unicorn-26839.exe no specs unicorn-60882.exe unicorn-29047.exe unicorn-51666.exe no specs unicorn-23243.exe unicorn-19176.exe no specs unicorn-21982.exe unicorn-2382.exe no specs unicorn-16117.exe no specs unicorn-23103.exe unicorn-30834.exe no specs unicorn-23103.exe no specs unicorn-29047.exe unicorn-10955.exe no specs unicorn-30685.exe unicorn-44421.exe no specs unicorn-40665.exe unicorn-31999.exe unicorn-34799.exe no specs unicorn-21064.exe no specs unicorn-37872.exe no specs unicorn-18536.exe no specs unicorn-36305.exe unicorn-24136.exe no specs unicorn-24136.exe no specs unicorn-24136.exe no specs unicorn-50011.exe no specs unicorn-35071.exe no specs unicorn-61132.exe no specs unicorn-28901.exe unicorn-9300.exe unicorn-9300.exe unicorn-49487.exe no specs unicorn-5494.exe no specs unicorn-7777.exe no specs unicorn-53714.exe no specs unicorn-42085.exe unicorn-41820.exe unicorn-22219.exe unicorn-54238.exe no specs unicorn-39013.exe unicorn-39906.exe no specs unicorn-18660.exe no specs unicorn-64597.exe no specs unicorn-37239.exe unicorn-5080.exe unicorn-24440.exe unicorn-30306.exe no specs unicorn-10705.exe no specs unicorn-640.exe no specs unicorn-21640.exe no specs unicorn-4211.exe no specs unicorn-36732.exe no specs unicorn-12239.exe no specs unicorn-22996.exe unicorn-874.exe no specs unicorn-5886.exe no specs unicorn-8958.exe no specs unicorn-24443.exe no specs unicorn-57708.exe no specs unicorn-41186.exe no specs unicorn-23103.exe no specs unicorn-44648.exe no specs unicorn-62193.exe no specs unicorn-21064.exe no specs unicorn-21064.exe no specs unicorn-49395.exe no specs unicorn-29812.exe no specs unicorn-29026.exe no specs unicorn-7920.exe no specs unicorn-15237.exe no specs unicorn-21085.exe unicorn-17262.exe no specs unicorn-61169.exe no specs unicorn-41076.exe no specs unicorn-28663.exe no specs unicorn-58320.exe no specs unicorn-18051.exe no specs unicorn-39840.exe no specs unicorn-42600.exe no specs unicorn-15976.exe no specs unicorn-57100.exe no specs unicorn-63077.exe unicorn-57950.exe no specs unicorn-21495.exe unicorn-4701.exe unicorn-34760.exe no specs unicorn-2778.exe no specs unicorn-49082.exe unicorn-44986.exe unicorn-54763.exe no specs unicorn-10593.exe unicorn-38521.exe no specs unicorn-24785.exe no specs unicorn-24815.exe no specs unicorn-32900.exe no specs unicorn-43987.exe no specs unicorn-14280.exe no specs unicorn-58718.exe unicorn-43910.exe no specs unicorn-58725.exe no specs unicorn-25568.exe no specs unicorn-22768.exe no specs unicorn-28452.exe no specs unicorn-36587.exe no specs unicorn-49512.exe unicorn-11386.exe no specs unicorn-16986.exe unicorn-16986.exe unicorn-55113.exe unicorn-25071.exe unicorn-44672.exe no specs unicorn-25071.exe no specs unicorn-25071.exe no specs unicorn-11833.exe unicorn-11833.exe no specs unicorn-43481.exe no specs unicorn-49082.exe no specs slui.exe no specs unicorn-20427.exe no specs unicorn-11765.exe no specs unicorn-8965.exe no specs unicorn-54643.exe unicorn-57161.exe no specs unicorn-38618.exe no specs unicorn-6511.exe no specs unicorn-20427.exe no specs unicorn-37221.exe no specs unicorn-50940.exe no specs unicorn-20427.exe unicorn-52357.exe unicorn-14837.exe no specs unicorn-49557.exe no specs unicorn-14283.exe unicorn-20427.exe no specs unicorn-53733.exe no specs unicorn-12037.exe no specs unicorn-31893.exe no specs unicorn-31362.exe unicorn-31362.exe no specs unicorn-34162.exe no specs unicorn-34162.exe no specs unicorn-40028.exe no specs unicorn-48464.exe no specs unicorn-48485.exe unicorn-27984.exe no specs unicorn-51557.exe no specs unicorn-35787.exe unicorn-34932.exe no specs unicorn-42341.exe no specs unicorn-42341.exe unicorn-36721.exe unicorn-1142.exe no specs unicorn-35917.exe no specs unicorn-61666.exe no specs unicorn-39793.exe no specs unicorn-39793.exe no specs unicorn-44766.exe no specs werfault.exe no specs werfault.exe no specs unicorn-7115.exe unicorn-24520.exe no specs unicorn-25323.exe no specs unicorn-43886.exe no specs unicorn-51474.exe no specs unicorn-54022.exe no specs unicorn-32729.exe no specs unicorn-32729.exe no specs unicorn-32729.exe no specs unicorn-32729.exe no specs unicorn-32729.exe no specs unicorn-32729.exe no specs unicorn-32729.exe no specs unicorn-64131.exe no specs unicorn-2687.exe no specs unicorn-2687.exe no specs unicorn-25722.exe no specs unicorn-42258.exe unicorn-2687.exe no specs unicorn-15922.exe no specs unicorn-31322.exe no specs unicorn-47576.exe no specs unicorn-45058.exe no specs unicorn-27374.exe unicorn-64383.exe no specs unicorn-57067.exe no specs unicorn-35155.exe unicorn-45937.exe no specs unicorn-14827.exe no specs unicorn-47458.exe no specs unicorn-63383.exe no specs unicorn-8925.exe no specs unicorn-14827.exe no specs unicorn-60642.exe no specs unicorn-41570.exe no specs unicorn-35950.exe no specs unicorn-32354.exe no specs unicorn-26734.exe no specs unicorn-20427.exe no specs unicorn-48363.exe no specs unicorn-47458.exe no specs unicorn-39671.exe no specs unicorn-23397.exe no specs unicorn-17531.exe no specs unicorn-56396.exe no specs unicorn-10589.exe no specs unicorn-30190.exe no specs unicorn-21524.exe no specs unicorn-21524.exe no specs unicorn-22054.exe no specs unicorn-24324.exe no specs unicorn-24324.exe no specs unicorn-24324.exe no specs unicorn-49012.exe no specs unicorn-10065.exe no specs unicorn-57045.exe no specs unicorn-11833.exe no specs unicorn-62001.exe no specs unicorn-2157.exe no specs unicorn-23787.exe no specs unicorn-28747.exe no specs

Process information

PID
CMD
Path
Indicators
Parent process
616C:\Users\admin\AppData\Local\Temp\Unicorn-15813.exeC:\Users\admin\AppData\Local\Temp\Unicorn-15813.exe
Unicorn-61401.exe
User:
admin
Company:
UEFI
Integrity Level:
MEDIUM
Version:
1.00
Modules
Images
c:\users\admin\appdata\local\temp\unicorn-15813.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\apphelp.dll
c:\windows\syswow64\msvbvm60.dll
632C:\Users\admin\AppData\Local\Temp\Unicorn-10700.exeC:\Users\admin\AppData\Local\Temp\Unicorn-10700.exe
Unicorn-57021.exe
User:
admin
Company:
UEFI
Integrity Level:
MEDIUM
Version:
1.00
Modules
Images
c:\users\admin\appdata\local\temp\unicorn-10700.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\apphelp.dll
c:\windows\syswow64\msvbvm60.dll
644C:\Users\admin\AppData\Local\Temp\Unicorn-2913.exeC:\Users\admin\AppData\Local\Temp\Unicorn-2913.exe
Unicorn-24665.exe
User:
admin
Company:
UEFI
Integrity Level:
MEDIUM
Version:
1.00
Modules
Images
c:\users\admin\appdata\local\temp\unicorn-2913.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\apphelp.dll
c:\windows\syswow64\msvbvm60.dll
668"C:\WINDOWS\System32\SLUI.exe" RuleId=3482d82e-ca2c-4e1f-8864-da0267b484b2;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=4de7cb65-cdf1-4de9-8ae8-e3cce27b9f2c;NotificationInterval=1440;Trigger=TimerEventC:\Windows\System32\slui.exe
SppExtComObj.Exe
User:
NETWORK SERVICE
Company:
Microsoft Corporation
Integrity Level:
SYSTEM
Description:
Windows Activation Client
Version:
10.0.19041.1 (WinBuild.160101.0800)
Modules
Images
c:\windows\system32\slui.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\bcrypt.dll
c:\windows\system32\user32.dll
672C:\Users\admin\AppData\Local\Temp\Unicorn-30159.exeC:\Users\admin\AppData\Local\Temp\Unicorn-30159.exe
Unicorn-61401.exe
User:
admin
Company:
UEFI
Integrity Level:
MEDIUM
Version:
1.00
Modules
Images
c:\users\admin\appdata\local\temp\unicorn-30159.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\apphelp.dll
c:\windows\syswow64\msvbvm60.dll
728C:\Users\admin\AppData\Local\Temp\Unicorn-61276.exeC:\Users\admin\AppData\Local\Temp\Unicorn-61276.exe
Unicorn-61401.exe
User:
admin
Company:
UEFI
Integrity Level:
MEDIUM
Version:
1.00
Modules
Images
c:\users\admin\appdata\local\temp\unicorn-61276.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\apphelp.dll
c:\windows\syswow64\msvbvm60.dll
736C:\Users\admin\AppData\Local\Temp\Unicorn-57276.exeC:\Users\admin\AppData\Local\Temp\Unicorn-57276.exe
Unicorn-21829.exe
User:
admin
Company:
UEFI
Integrity Level:
MEDIUM
Version:
1.00
Modules
Images
c:\users\admin\appdata\local\temp\unicorn-57276.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\apphelp.dll
c:\windows\syswow64\msvbvm60.dll
1052C:\Users\admin\AppData\Local\Temp\Unicorn-32747.exeC:\Users\admin\AppData\Local\Temp\Unicorn-32747.exe
Unicorn-10700.exe
User:
admin
Company:
UEFI
Integrity Level:
MEDIUM
Version:
1.00
Modules
Images
c:\users\admin\appdata\local\temp\unicorn-32747.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\apphelp.dll
c:\windows\syswow64\msvbvm60.dll
1132C:\Users\admin\AppData\Local\Temp\Unicorn-22507.exeC:\Users\admin\AppData\Local\Temp\Unicorn-22507.exe
Unicorn-9676.exe
User:
admin
Company:
UEFI
Integrity Level:
MEDIUM
Version:
1.00
Modules
Images
c:\users\admin\appdata\local\temp\unicorn-22507.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\apphelp.dll
c:\windows\syswow64\msvbvm60.dll
1280C:\Users\admin\AppData\Local\Temp\Unicorn-25071.exeC:\Users\admin\AppData\Local\Temp\Unicorn-25071.exeUnicorn-48997.exe
User:
admin
Company:
UEFI
Integrity Level:
MEDIUM
Version:
1.00
Modules
Images
c:\users\admin\appdata\local\temp\unicorn-25071.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\apphelp.dll
Total events
13 085
Read events
13 070
Write events
15
Delete events
0

Modification events

(PID) Process:(6592) BackgroundTransferHost.exeKey:HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.contentdeliverymanager_cw5n1h2txyewy\Internet Settings\Cache\Content
Operation:writeName:CachePrefix
Value:
(PID) Process:(6592) BackgroundTransferHost.exeKey:HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.contentdeliverymanager_cw5n1h2txyewy\Internet Settings\Cache\Cookies
Operation:writeName:CachePrefix
Value:
Cookie:
(PID) Process:(6592) BackgroundTransferHost.exeKey:HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.contentdeliverymanager_cw5n1h2txyewy\Internet Settings\Cache\History
Operation:writeName:CachePrefix
Value:
Visited:
(PID) Process:(7512) BackgroundTransferHost.exeKey:HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.contentdeliverymanager_cw5n1h2txyewy\Internet Settings\Cache\Content
Operation:writeName:CachePrefix
Value:
(PID) Process:(7512) BackgroundTransferHost.exeKey:HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.contentdeliverymanager_cw5n1h2txyewy\Internet Settings\Cache\Cookies
Operation:writeName:CachePrefix
Value:
Cookie:
(PID) Process:(7512) BackgroundTransferHost.exeKey:HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.contentdeliverymanager_cw5n1h2txyewy\Internet Settings\Cache\History
Operation:writeName:CachePrefix
Value:
Visited:
(PID) Process:(8116) BackgroundTransferHost.exeKey:HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.contentdeliverymanager_cw5n1h2txyewy\Internet Settings\Cache\Content
Operation:writeName:CachePrefix
Value:
(PID) Process:(8116) BackgroundTransferHost.exeKey:HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.contentdeliverymanager_cw5n1h2txyewy\Internet Settings\Cache\Cookies
Operation:writeName:CachePrefix
Value:
Cookie:
(PID) Process:(8116) BackgroundTransferHost.exeKey:HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.contentdeliverymanager_cw5n1h2txyewy\Internet Settings\Cache\History
Operation:writeName:CachePrefix
Value:
Visited:
(PID) Process:(7748) BackgroundTransferHost.exeKey:HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.contentdeliverymanager_cw5n1h2txyewy\Internet Settings\Cache\Content
Operation:writeName:CachePrefix
Value:
Executable files
828
Suspicious files
5
Text files
0
Unknown types
0

Dropped files

PID
Process
Filename
Type
1764Unicorn-9676.exeC:\Users\admin\AppData\Local\Temp\Unicorn-37814.exeexecutable
MD5:AAE37032108F5D293EDE6D101E0CAE03
SHA256:A7C2C0E1A4A632534EFFCCB76FC688774EBA30ECE869D3447D8344AED909EAC7
5156Unicorn-23385.exeC:\Users\admin\AppData\Local\Temp\Unicorn-4570.exeexecutable
MD5:3F7C64A2F0807E4EC9CC5A92D0C7C562
SHA256:E53C6D9ADB4D11B0B58D15DC010AAF5BC5FBD9FD0BB997E0E6B8C753E10BF6F3
2244Unicorn-61401.exeC:\Users\admin\AppData\Local\Temp\Unicorn-61276.exeexecutable
MD5:93C1DACFDFB94780BC111D74EFC76D93
SHA256:02AC3A30846D7B41147BB7281A905EEB50F6E339CF4E7FDD7614E2C2FC8C5BE6
69641 (529).exeC:\Users\admin\AppData\Local\Temp\Unicorn-10435.exeexecutable
MD5:6F22643154B920EF9F40DF59CFAB9EC2
SHA256:757BF0FE4429A2A7534838FAC08114EDDE35F0045D34474E7BDCE83B1DCBA2BA
5308Unicorn-57021.exeC:\Users\admin\AppData\Local\Temp\Unicorn-10700.exeexecutable
MD5:F11653778018ADE9CC24C97951804CB9
SHA256:AD07EF7A988A86C05D63983A43087532158F20E803531A28CC55BB41406633E2
728Unicorn-61276.exeC:\Users\admin\AppData\Local\Temp\Unicorn-16842.exeexecutable
MD5:09F4BBFDFF6579FCBFAE3862321D9CF7
SHA256:75366B848EF341547A920AB3120D9A8AAA8355AE27C52E4C44ED2DF4939CC32B
2244Unicorn-61401.exeC:\Users\admin\AppData\Local\Temp\Unicorn-15813.exeexecutable
MD5:7AB6F63B842F7CF7F98508F90EB70829
SHA256:15F85871347FB4887BFEF0724B6E7F6D53D6B1658812B985672B99A8665E2A7D
632Unicorn-10700.exeC:\Users\admin\AppData\Local\Temp\Unicorn-8030.exeexecutable
MD5:AD2EE8399EE331F53A503E8926B0B1F1
SHA256:9E70344CA9253A0F64A7F33CDB5CA20EDD13A9DD1DF8F7DC79329F2F1199C735
7512BackgroundTransferHost.exeC:\Users\admin\AppData\Local\Packages\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\AC\BackgroundTransferApi\455f6bf4-6aa5-460d-9881-f5f814b35a73.down_data
MD5:
SHA256:
1812Unicorn-21829.exeC:\Users\admin\AppData\Local\Temp\Unicorn-57276.exeexecutable
MD5:75BF1B774C00C8684D3A810A07DB92A3
SHA256:104F9C048289FB0BC4956AB2163477B30F62803CE708017477D9FA153C274C20
Download PCAP, analyze network streams, HTTP content and a lot more at the full report
HTTP(S) requests
6
TCP/UDP connections
25
DNS requests
17
Threats
0

HTTP requests

PID
Process
Method
HTTP Code
IP
URL
CN
Type
Size
Reputation
GET
200
184.30.131.245:80
http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBSAUQYBMq2awn1Rh6Doh%2FsBYgFV7gQUA95QNVbRTLtm8KPiGxvDl7I90VUCEAJ0LqoXyo4hxxe7H%2Fz9DKA%3D
unknown
whitelisted
960
backgroundTaskHost.exe
GET
200
184.30.131.245:80
http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBQ50otx%2Fh0Ztl%2Bz8SiPI7wEWVxDlQQUTiJUIBiV5uNu5g%2F6%2BrkS7QYXjzkCEAUZZSZEml49Gjh0j13P68w%3D
unknown
whitelisted
5496
MoUsoCoreWorker.exe
GET
200
23.48.23.166:80
http://crl.microsoft.com/pki/crl/products/MicRooCerAut2011_2011_03_22.crl
unknown
whitelisted
7512
BackgroundTransferHost.exe
GET
200
184.30.131.245:80
http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBTrjrydRyt%2BApF3GSPypfHBxR5XtQQUs9tIpPmhxdiuNkHMEWNpYim8S8YCEAI5PUjXAkJafLQcAAsO18o%3D
unknown
whitelisted
8252
SIHClient.exe
GET
200
2.23.181.156:80
http://www.microsoft.com/pkiops/crl/Microsoft%20ECC%20Update%20Secure%20Server%20CA%202.1.crl
unknown
whitelisted
8252
SIHClient.exe
GET
200
2.23.181.156:80
http://www.microsoft.com/pkiops/crl/Microsoft%20ECC%20Product%20Root%20Certificate%20Authority%202018.crl
unknown
whitelisted
Download PCAP, analyze network streams, HTTP content and a lot more at the full report

Connections

PID
Process
IP
Domain
ASN
CN
Reputation
4
System
192.168.100.255:137
whitelisted
2104
svchost.exe
51.104.136.2:443
settings-win.data.microsoft.com
MICROSOFT-CORP-MSN-AS-BLOCK
IE
whitelisted
4628
RUXIMICS.exe
51.104.136.2:443
settings-win.data.microsoft.com
MICROSOFT-CORP-MSN-AS-BLOCK
IE
whitelisted
4
System
192.168.100.255:138
whitelisted
51.104.136.2:443
settings-win.data.microsoft.com
MICROSOFT-CORP-MSN-AS-BLOCK
IE
whitelisted
5496
MoUsoCoreWorker.exe
23.48.23.166:80
crl.microsoft.com
Akamai International B.V.
DE
whitelisted
40.127.240.158:443
settings-win.data.microsoft.com
MICROSOFT-CORP-MSN-AS-BLOCK
IE
whitelisted
2112
svchost.exe
40.127.240.158:443
settings-win.data.microsoft.com
MICROSOFT-CORP-MSN-AS-BLOCK
IE
whitelisted
3216
svchost.exe
20.198.162.78:443
client.wns.windows.com
MICROSOFT-CORP-MSN-AS-BLOCK
SG
whitelisted
6544
svchost.exe
20.190.160.67:443
login.live.com
MICROSOFT-CORP-MSN-AS-BLOCK
NL
whitelisted

DNS requests

Domain
IP
Reputation
settings-win.data.microsoft.com
  • 51.104.136.2
  • 40.127.240.158
whitelisted
google.com
  • 142.250.186.142
whitelisted
crl.microsoft.com
  • 23.48.23.166
  • 23.48.23.143
whitelisted
client.wns.windows.com
  • 20.198.162.78
whitelisted
login.live.com
  • 20.190.160.67
  • 40.126.32.68
  • 40.126.32.76
  • 20.190.160.128
  • 20.190.160.132
  • 20.190.160.20
  • 40.126.32.140
  • 40.126.32.74
whitelisted
ocsp.digicert.com
  • 184.30.131.245
whitelisted
arc.msn.com
  • 20.223.35.26
whitelisted
www.bing.com
  • 2.16.204.141
  • 2.16.204.161
whitelisted
slscr.update.microsoft.com
  • 20.12.23.50
whitelisted
www.microsoft.com
  • 2.23.181.156
whitelisted

Threats

No threats detected
No debug info
Interactive malware hunting service ANY.RUN
© 2017-2025 ANY.RUN ALL RIGHTS RESERVED
ANY.RUN
Reports
1 (529)