File name:

1 (1362)

Full analysis: https://app.any.run/tasks/fffb98e2-06d9-462a-8805-ce3e01dc3b28
Verdict: Malicious activity
Analysis date: March 24, 2025, 11:52:28
OS: Windows 10 Professional (build: 19044, 64 bit)
Indicators:
MIME: application/vnd.microsoft.portable-executable
File info: PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows, 3 sections
MD5:

C416A4CAF52AFFB917F997095CF46310

SHA1:

C73ED0AE9DEF1E6C0C2E83D3B2C12A97438644E6

SHA256:

A3AF1C1A291CA02E8FDE2BF7B644A514FFEDF106DD7FA9F4F67C60191803023A

SSDEEP:

6144:f7jo/MJJvDPHA5lftge/jo7x5/BqlANGBq/WyeOKCk/8SwjwpyAvEhvSqYE0s+la:ffeShHA5Jtb8BMEaqOyeOKZx4DxmDsR

ANY.RUN is an interactive service which provides full access to the guest system. Information in this report could be distorted by user actions and is provided for user acknowledgement as it is. ANY.RUN does not guarantee maliciousness or safety of the content.

  • MALICIOUS

    No malicious indicators.

  • SUSPICIOUS

    • Starts itself from another location

      • 1 (1362).exe (PID: 3956)
      • Unicorn-7039.exe (PID: 616)
      • Unicorn-5223.exe (PID: 6272)
      • Unicorn-45353.exe (PID: 3304)
      • Unicorn-7252.exe (PID: 976)
      • Unicorn-47730.exe (PID: 812)
      • Unicorn-32362.exe (PID: 5212)
      • Unicorn-21254.exe (PID: 3100)
      • Unicorn-9556.exe (PID: 4000)
      • Unicorn-58787.exe (PID: 744)
      • Unicorn-40605.exe (PID: 1164)
      • Unicorn-57304.exe (PID: 1188)
      • Unicorn-11367.exe (PID: 4608)
      • Unicorn-45213.exe (PID: 728)
      • Unicorn-11632.exe (PID: 1812)
      • Unicorn-63329.exe (PID: 2268)
      • Unicorn-3464.exe (PID: 1628)
      • Unicorn-10599.exe (PID: 4428)
      • Unicorn-28610.exe (PID: 4120)
      • Unicorn-57984.exe (PID: 1040)
      • Unicorn-15643.exe (PID: 3008)
      • Unicorn-54839.exe (PID: 5244)
      • Unicorn-10812.exe (PID: 7176)
      • Unicorn-34741.exe (PID: 4208)
      • Unicorn-48730.exe (PID: 856)
      • Unicorn-42260.exe (PID: 1180)
      • Unicorn-2452.exe (PID: 7204)
      • Unicorn-55737.exe (PID: 7192)
      • Unicorn-56292.exe (PID: 7216)
      • Unicorn-44985.exe (PID: 7528)
      • Unicorn-33287.exe (PID: 7548)
      • Unicorn-1575.exe (PID: 7712)
      • Unicorn-13765.exe (PID: 7808)
      • Unicorn-10641.exe (PID: 7876)
      • Unicorn-17667.exe (PID: 7892)
      • Unicorn-20354.exe (PID: 7860)
      • Unicorn-54777.exe (PID: 5260)
      • Unicorn-21825.exe (PID: 7912)
      • Unicorn-13417.exe (PID: 7944)
      • Unicorn-63143.exe (PID: 7224)
      • Unicorn-24840.exe (PID: 7928)
      • Unicorn-3303.exe (PID: 7960)
      • Unicorn-52634.exe (PID: 8016)
      • Unicorn-10532.exe (PID: 8008)
      • Unicorn-52525.exe (PID: 8148)
      • Unicorn-35399.exe (PID: 8108)
      • Unicorn-15384.exe (PID: 5988)
      • Unicorn-8.exe (PID: 7320)
      • Unicorn-5716.exe (PID: 6576)
      • Unicorn-42228.exe (PID: 8076)
      • Unicorn-34142.exe (PID: 7232)
      • Unicorn-56609.exe (PID: 8164)
      • Unicorn-61440.exe (PID: 7184)
      • Unicorn-62509.exe (PID: 7444)
      • Unicorn-14159.exe (PID: 8136)
      • Unicorn-35618.exe (PID: 7396)
      • Unicorn-28213.exe (PID: 7612)
      • Unicorn-45234.exe (PID: 5048)
      • Unicorn-38912.exe (PID: 920)
      • Unicorn-54179.exe (PID: 6668)
      • Unicorn-61440.exe (PID: 6068)
      • Unicorn-16131.exe (PID: 3156)
      • Unicorn-7822.exe (PID: 7656)
      • Unicorn-49510.exe (PID: 7212)
      • Unicorn-8486.exe (PID: 8068)
      • Unicorn-55265.exe (PID: 8100)
      • Unicorn-39311.exe (PID: 8176)
      • Unicorn-35909.exe (PID: 7368)
      • Unicorn-41965.exe (PID: 7636)
      • Unicorn-34880.exe (PID: 7788)
      • Unicorn-38435.exe (PID: 968)
      • Unicorn-11191.exe (PID: 7500)
      • Unicorn-15597.exe (PID: 4244)
      • Unicorn-44980.exe (PID: 7012)
      • Unicorn-36500.exe (PID: 7508)
      • Unicorn-16454.exe (PID: 5352)
      • Unicorn-62961.exe (PID: 7652)
      • Unicorn-48441.exe (PID: 8156)
      • Unicorn-25966.exe (PID: 7664)
      • Unicorn-6838.exe (PID: 8184)
      • Unicorn-39675.exe (PID: 8048)
      • Unicorn-50880.exe (PID: 4740)
      • Unicorn-16921.exe (PID: 7796)
      • Unicorn-7356.exe (PID: 8200)
      • Unicorn-36677.exe (PID: 8260)
      • Unicorn-7813.exe (PID: 8024)
      • Unicorn-62784.exe (PID: 7740)
      • Unicorn-13879.exe (PID: 8584)
      • Unicorn-45805.exe (PID: 8596)
      • Unicorn-60095.exe (PID: 8636)
      • Unicorn-62037.exe (PID: 6800)
      • Unicorn-45530.exe (PID: 8284)
      • Unicorn-20650.exe (PID: 7992)
      • Unicorn-6100.exe (PID: 7780)
      • Unicorn-48026.exe (PID: 8736)
      • Unicorn-22156.exe (PID: 8820)
      • Unicorn-56884.exe (PID: 7708)
      • Unicorn-11212.exe (PID: 7732)
      • Unicorn-10117.exe (PID: 8560)
      • Unicorn-41446.exe (PID: 8292)
      • Unicorn-28160.exe (PID: 8728)
      • Unicorn-44980.exe (PID: 6512)
      • Unicorn-34355.exe (PID: 8252)
      • Unicorn-51617.exe (PID: 9004)
      • Unicorn-11704.exe (PID: 8320)
      • Unicorn-9240.exe (PID: 8576)
      • Unicorn-49422.exe (PID: 8332)
      • Unicorn-50060.exe (PID: 8364)
      • Unicorn-8685.exe (PID: 9156)
      • Unicorn-12940.exe (PID: 8340)
      • Unicorn-14616.exe (PID: 8084)
      • Unicorn-43449.exe (PID: 8992)
      • Unicorn-33091.exe (PID: 8500)
      • Unicorn-3075.exe (PID: 9704)
      • Unicorn-20922.exe (PID: 7424)
      • Unicorn-4558.exe (PID: 9696)
      • Unicorn-40237.exe (PID: 10120)
      • Unicorn-27265.exe (PID: 8944)
      • Unicorn-52700.exe (PID: 7804)
      • Unicorn-60775.exe (PID: 9608)
      • Unicorn-52415.exe (PID: 9600)
      • Unicorn-37938.exe (PID: 8476)
      • Unicorn-39993.exe (PID: 5504)
      • Unicorn-34513.exe (PID: 8780)
      • Unicorn-39976.exe (PID: 8492)
      • Unicorn-4056.exe (PID: 7492)
      • Unicorn-20812.exe (PID: 8032)
      • Unicorn-22675.exe (PID: 7840)
      • Unicorn-31197.exe (PID: 9060)
      • Unicorn-9624.exe (PID: 8516)
      • Unicorn-7045.exe (PID: 1240)
      • Unicorn-48021.exe (PID: 10600)
      • Unicorn-4222.exe (PID: 10608)
      • Unicorn-30886.exe (PID: 11304)
      • Unicorn-17565.exe (PID: 11320)
      • Unicorn-55981.exe (PID: 8540)
      • Unicorn-29817.exe (PID: 11276)
      • Unicorn-9271.exe (PID: 10516)
      • Unicorn-26919.exe (PID: 11104)
      • Unicorn-22156.exe (PID: 8812)
      • Unicorn-49593.exe (PID: 7756)
      • Unicorn-60880.exe (PID: 8464)
      • Unicorn-15540.exe (PID: 10560)
      • Unicorn-62015.exe (PID: 8968)
      • Unicorn-22255.exe (PID: 12460)
      • Unicorn-15504.exe (PID: 12548)
      • Unicorn-42239.exe (PID: 12496)
      • Unicorn-517.exe (PID: 9136)
      • Unicorn-38405.exe (PID: 8872)
      • Unicorn-42104.exe (PID: 9120)
      • Unicorn-34669.exe (PID: 11468)
      • Unicorn-15406.exe (PID: 9412)
      • Unicorn-14860.exe (PID: 9020)
      • Unicorn-29638.exe (PID: 10216)
      • Unicorn-35695.exe (PID: 9448)
      • Unicorn-58636.exe (PID: 14120)
      • Unicorn-12699.exe (PID: 14140)
      • Unicorn-12699.exe (PID: 14128)
      • Unicorn-36402.exe (PID: 8212)
      • Unicorn-18015.exe (PID: 9540)
      • Unicorn-47149.exe (PID: 9488)
      • Unicorn-48680.exe (PID: 10848)
      • Unicorn-52889.exe (PID: 11832)
      • Unicorn-8908.exe (PID: 10804)
      • Unicorn-40730.exe (PID: 1276)
      • Unicorn-64964.exe (PID: 11004)
      • Unicorn-14419.exe (PID: 11588)
      • Unicorn-22643.exe (PID: 10812)
      • Unicorn-56085.exe (PID: 8888)
      • Unicorn-41062.exe (PID: 7480)
      • Unicorn-38758.exe (PID: 10352)
      • Unicorn-37247.exe (PID: 12956)
      • Unicorn-46266.exe (PID: 11212)
      • Unicorn-1840.exe (PID: 8720)
      • Unicorn-36113.exe (PID: 10304)
      • Unicorn-19691.exe (PID: 8984)
      • Unicorn-53781.exe (PID: 9244)
      • Unicorn-42607.exe (PID: 8268)
      • Unicorn-11987.exe (PID: 14108)
      • Unicorn-1176.exe (PID: 9428)
      • Unicorn-50937.exe (PID: 8404)

    • Executable content was dropped or overwritten

      • Unicorn-45213.exe (PID: 728)
      • 1 (1362).exe (PID: 3956)
      • Unicorn-5223.exe (PID: 6272)
      • Unicorn-7039.exe (PID: 616)
      • Unicorn-45353.exe (PID: 3304)
      • Unicorn-7252.exe (PID: 976)
      • Unicorn-47730.exe (PID: 812)
      • Unicorn-32362.exe (PID: 5212)
      • Unicorn-21254.exe (PID: 3100)
      • Unicorn-40605.exe (PID: 1164)
      • Unicorn-58787.exe (PID: 744)
      • Unicorn-9556.exe (PID: 4000)
      • Unicorn-3464.exe (PID: 1628)
      • Unicorn-11632.exe (PID: 1812)
      • Unicorn-11367.exe (PID: 4608)
      • Unicorn-63329.exe (PID: 2268)
      • Unicorn-10599.exe (PID: 4428)
      • Unicorn-28610.exe (PID: 4120)
      • Unicorn-10812.exe (PID: 7176)
      • Unicorn-57304.exe (PID: 1188)
      • Unicorn-54777.exe (PID: 5260)
      • Unicorn-15643.exe (PID: 3008)
      • Unicorn-57984.exe (PID: 1040)
      • Unicorn-34741.exe (PID: 4208)
      • Unicorn-48730.exe (PID: 856)
      • Unicorn-63143.exe (PID: 7224)
      • Unicorn-55737.exe (PID: 7192)
      • Unicorn-2452.exe (PID: 7204)
      • Unicorn-56292.exe (PID: 7216)
      • Unicorn-44985.exe (PID: 7528)
      • Unicorn-33287.exe (PID: 7548)
      • Unicorn-13765.exe (PID: 7808)
      • Unicorn-20354.exe (PID: 7860)
      • Unicorn-1575.exe (PID: 7712)
      • Unicorn-10641.exe (PID: 7876)
      • Unicorn-17667.exe (PID: 7892)
      • Unicorn-21825.exe (PID: 7912)
      • Unicorn-13417.exe (PID: 7944)
      • Unicorn-24840.exe (PID: 7928)
      • Unicorn-52634.exe (PID: 8016)
      • Unicorn-3303.exe (PID: 7960)
      • Unicorn-35399.exe (PID: 8108)
      • Unicorn-14616.exe (PID: 8084)
      • Unicorn-42260.exe (PID: 1180)
      • Unicorn-10532.exe (PID: 8008)
      • Unicorn-15384.exe (PID: 5988)
      • Unicorn-8.exe (PID: 7320)
      • Unicorn-5716.exe (PID: 6576)
      • Unicorn-54839.exe (PID: 5244)
      • Unicorn-42228.exe (PID: 8076)
      • Unicorn-34142.exe (PID: 7232)
      • Unicorn-61440.exe (PID: 7184)
      • Unicorn-62509.exe (PID: 7444)
      • Unicorn-14159.exe (PID: 8136)
      • Unicorn-56609.exe (PID: 8164)
      • Unicorn-35618.exe (PID: 7396)
      • Unicorn-45234.exe (PID: 5048)
      • Unicorn-11191.exe (PID: 7500)
      • Unicorn-16454.exe (PID: 5352)
      • Unicorn-54179.exe (PID: 6668)
      • Unicorn-61440.exe (PID: 6068)
      • Unicorn-38912.exe (PID: 920)
      • Unicorn-16131.exe (PID: 3156)
      • Unicorn-7822.exe (PID: 7656)
      • Unicorn-55265.exe (PID: 8100)
      • Unicorn-49510.exe (PID: 7212)
      • Unicorn-8486.exe (PID: 8068)
      • Unicorn-39311.exe (PID: 8176)
      • Unicorn-49593.exe (PID: 7756)
      • Unicorn-35909.exe (PID: 7368)
      • Unicorn-41965.exe (PID: 7636)
      • Unicorn-34880.exe (PID: 7788)
      • Unicorn-38435.exe (PID: 968)
      • Unicorn-15597.exe (PID: 4244)
      • Unicorn-44980.exe (PID: 7012)
      • Unicorn-36500.exe (PID: 7508)
      • Unicorn-62961.exe (PID: 7652)
      • Unicorn-48441.exe (PID: 8156)
      • Unicorn-25966.exe (PID: 7664)
      • Unicorn-6838.exe (PID: 8184)
      • Unicorn-39675.exe (PID: 8048)
      • Unicorn-16921.exe (PID: 7796)
      • Unicorn-7356.exe (PID: 8200)
      • Unicorn-36677.exe (PID: 8260)
      • Unicorn-50880.exe (PID: 4740)
      • Unicorn-7813.exe (PID: 8024)
      • Unicorn-62784.exe (PID: 7740)
      • Unicorn-45805.exe (PID: 8596)
      • Unicorn-60095.exe (PID: 8636)
      • Unicorn-62037.exe (PID: 6800)
      • Unicorn-11212.exe (PID: 7732)
      • Unicorn-13879.exe (PID: 8584)
      • Unicorn-20650.exe (PID: 7992)
      • Unicorn-48026.exe (PID: 8736)
      • Unicorn-6100.exe (PID: 7780)
      • Unicorn-12940.exe (PID: 8340)
      • Unicorn-56884.exe (PID: 7708)
      • Unicorn-28160.exe (PID: 8728)
      • Unicorn-10117.exe (PID: 8560)
      • Unicorn-41446.exe (PID: 8292)
      • Unicorn-34355.exe (PID: 8252)
      • Unicorn-51617.exe (PID: 9004)
      • Unicorn-11704.exe (PID: 8320)
      • Unicorn-44980.exe (PID: 6512)
      • Unicorn-9240.exe (PID: 8576)
      • Unicorn-49422.exe (PID: 8332)
      • Unicorn-50060.exe (PID: 8364)
      • Unicorn-8685.exe (PID: 9156)
      • Unicorn-43449.exe (PID: 8992)
      • Unicorn-3075.exe (PID: 9704)
      • Unicorn-4558.exe (PID: 9696)
      • Unicorn-28213.exe (PID: 7612)
      • Unicorn-40237.exe (PID: 10120)
      • Unicorn-33091.exe (PID: 8500)
      • Unicorn-4305.exe (PID: 8312)
      • Unicorn-22156.exe (PID: 8820)
      • Unicorn-27265.exe (PID: 8944)
      • Unicorn-52700.exe (PID: 7804)
      • Unicorn-60775.exe (PID: 9608)
      • Unicorn-52415.exe (PID: 9600)
      • Unicorn-39993.exe (PID: 5504)
      • Unicorn-34513.exe (PID: 8780)
      • Unicorn-37938.exe (PID: 8476)
      • Unicorn-39976.exe (PID: 8492)
      • Unicorn-4056.exe (PID: 7492)
      • Unicorn-20812.exe (PID: 8032)
      • Unicorn-22675.exe (PID: 7840)
      • Unicorn-31197.exe (PID: 9060)
      • Unicorn-7045.exe (PID: 1240)
      • Unicorn-9624.exe (PID: 8516)
      • Unicorn-48021.exe (PID: 10600)
      • Unicorn-4222.exe (PID: 10608)
      • Unicorn-29817.exe (PID: 11276)
      • Unicorn-17565.exe (PID: 11320)
      • Unicorn-55981.exe (PID: 8540)
      • Unicorn-30886.exe (PID: 11304)
      • Unicorn-9271.exe (PID: 10516)
      • Unicorn-26919.exe (PID: 11104)
      • Unicorn-52525.exe (PID: 8148)
      • Unicorn-22156.exe (PID: 8812)
      • Unicorn-60880.exe (PID: 8464)
      • Unicorn-62015.exe (PID: 8968)
      • Unicorn-15540.exe (PID: 10560)
      • Unicorn-22255.exe (PID: 12460)
      • Unicorn-42239.exe (PID: 12496)
      • Unicorn-15504.exe (PID: 12548)
      • Unicorn-45530.exe (PID: 8284)
      • Unicorn-38405.exe (PID: 8872)
      • Unicorn-42104.exe (PID: 9120)
      • Unicorn-34669.exe (PID: 11468)
      • Unicorn-15406.exe (PID: 9412)
      • Unicorn-14860.exe (PID: 9020)
      • Unicorn-29638.exe (PID: 10216)
      • Unicorn-35695.exe (PID: 9448)
      • Unicorn-36402.exe (PID: 8212)
      • Unicorn-18015.exe (PID: 9540)
      • Unicorn-8332.exe (PID: 1748)
      • Unicorn-48680.exe (PID: 10848)
      • Unicorn-52889.exe (PID: 11832)
      • Unicorn-53588.exe (PID: 10580)
      • Unicorn-8908.exe (PID: 10804)
      • Unicorn-47149.exe (PID: 9488)
      • Unicorn-40730.exe (PID: 1276)
      • Unicorn-64964.exe (PID: 11004)
      • Unicorn-14419.exe (PID: 11588)
      • Unicorn-22643.exe (PID: 10812)
      • Unicorn-56085.exe (PID: 8888)
      • Unicorn-41062.exe (PID: 7480)
      • Unicorn-38758.exe (PID: 10352)
      • Unicorn-51389.exe (PID: 11760)
      • Unicorn-37247.exe (PID: 12956)
      • Unicorn-19691.exe (PID: 8984)
      • Unicorn-46266.exe (PID: 11212)
      • Unicorn-53781.exe (PID: 9244)
      • Unicorn-1840.exe (PID: 8720)
      • Unicorn-36113.exe (PID: 10304)
      • Unicorn-1176.exe (PID: 9428)
      • Unicorn-50937.exe (PID: 8404)
      • Unicorn-7595.exe (PID: 8396)
      • Unicorn-24337.exe (PID: 9404)
      • Unicorn-56646.exe (PID: 12328)
      • Unicorn-19054.exe (PID: 8756)
      • Unicorn-35665.exe (PID: 8952)
      • Unicorn-16833.exe (PID: 8380)
      • Unicorn-12882.exe (PID: 12316)
      • Unicorn-14122.exe (PID: 9384)
      • Unicorn-28014.exe (PID: 10572)
      • Unicorn-49557.exe (PID: 10464)
      • Unicorn-771.exe (PID: 9304)
      • Unicorn-49189.exe (PID: 12008)
      • Unicorn-52157.exe (PID: 9220)
      • Unicorn-10356.exe (PID: 11448)
      • Unicorn-29027.exe (PID: 10956)
      • Unicorn-19364.exe (PID: 9104)
      • Unicorn-59910.exe (PID: 10540)
      • Unicorn-32121.exe (PID: 9200)
      • Unicorn-29638.exe (PID: 10224)
      • Unicorn-44949.exe (PID: 9320)
      • Unicorn-45966.exe (PID: 10256)
      • Unicorn-29027.exe (PID: 10928)
      • Unicorn-49765.exe (PID: 12232)
      • Unicorn-8472.exe (PID: 11680)
      • Unicorn-46266.exe (PID: 12048)
      • Unicorn-3428.exe (PID: 10872)
      • Unicorn-11331.exe (PID: 9052)
      • Unicorn-41803.exe (PID: 9280)
      • Unicorn-4646.exe (PID: 9028)
      • Unicorn-41645.exe (PID: 11340)
      • Unicorn-18556.exe (PID: 10128)
      • Unicorn-7668.exe (PID: 11052)
      • Unicorn-30516.exe (PID: 8456)
      • Unicorn-7859.exe (PID: 11148)
      • Unicorn-15785.exe (PID: 5596)
      • Unicorn-22835.exe (PID: 11132)
      • Unicorn-43391.exe (PID: 13720)
      • Unicorn-24394.exe (PID: 11156)
      • Unicorn-6116.exe (PID: 8680)
      • Unicorn-48628.exe (PID: 10912)
      • Unicorn-50117.exe (PID: 8448)
      • Unicorn-45665.exe (PID: 10364)
      • Unicorn-3865.exe (PID: 11580)
      • Unicorn-58892.exe (PID: 12372)
      • Unicorn-58636.exe (PID: 14120)
      • Unicorn-30642.exe (PID: 9460)
      • Unicorn-57009.exe (PID: 9364)
      • Unicorn-4165.exe (PID: 10148)
      • Unicorn-517.exe (PID: 9136)
      • Unicorn-16449.exe (PID: 8484)
      • Unicorn-59099.exe (PID: 10988)
      • Unicorn-45177.exe (PID: 9624)
      • Unicorn-20922.exe (PID: 7424)
      • Unicorn-42607.exe (PID: 8268)
      • Unicorn-56448.exe (PID: 9036)
      • Unicorn-11243.exe (PID: 9688)
      • Unicorn-12699.exe (PID: 14128)
      • Unicorn-43783.exe (PID: 14084)
      • Unicorn-44527.exe (PID: 8792)
      • Unicorn-29027.exe (PID: 10940)
      • Unicorn-1979.exe (PID: 9236)
      • Unicorn-35769.exe (PID: 10204)
      • Unicorn-52977.exe (PID: 10948)
      • Unicorn-41685.exe (PID: 11384)
      • Unicorn-49648.exe (PID: 14012)
      • Unicorn-59763.exe (PID: 10484)
      • Unicorn-4123.exe (PID: 8372)
      • Unicorn-18539.exe (PID: 8860)
      • Unicorn-31462.exe (PID: 11564)
      • Unicorn-34899.exe (PID: 14320)
      • Unicorn-8052.exe (PID: 10972)
      • Unicorn-20113.exe (PID: 11036)
      • Unicorn-41757.exe (PID: 8828)
      • Unicorn-25215.exe (PID: 6044)
      • Unicorn-24306.exe (PID: 10880)
      • Unicorn-31973.exe (PID: 9068)
      • Unicorn-7121.exe (PID: 15172)
      • Unicorn-1266.exe (PID: 15232)

  • INFO

    • The sample compiled with chinese language support

      • 1 (1362).exe (PID: 3956)
      • Unicorn-7252.exe (PID: 976)
      • Unicorn-45213.exe (PID: 728)
      • Unicorn-47730.exe (PID: 812)
      • Unicorn-11632.exe (PID: 1812)
      • Unicorn-11367.exe (PID: 4608)
      • Unicorn-15643.exe (PID: 3008)
      • Unicorn-7039.exe (PID: 616)
      • Unicorn-13765.exe (PID: 7808)
      • Unicorn-3464.exe (PID: 1628)
      • Unicorn-28610.exe (PID: 4120)
      • Unicorn-17667.exe (PID: 7892)
      • Unicorn-5223.exe (PID: 6272)
      • Unicorn-52634.exe (PID: 8016)
      • Unicorn-10532.exe (PID: 8008)
      • Unicorn-35399.exe (PID: 8108)
      • Unicorn-9556.exe (PID: 4000)
      • Unicorn-14616.exe (PID: 8084)
      • Unicorn-42260.exe (PID: 1180)
      • Unicorn-1575.exe (PID: 7712)
      • Unicorn-5716.exe (PID: 6576)
      • Unicorn-42228.exe (PID: 8076)
      • Unicorn-34142.exe (PID: 7232)
      • Unicorn-61440.exe (PID: 7184)
      • Unicorn-62509.exe (PID: 7444)
      • Unicorn-14159.exe (PID: 8136)
      • Unicorn-35618.exe (PID: 7396)
      • Unicorn-11191.exe (PID: 7500)
      • Unicorn-45234.exe (PID: 5048)
      • Unicorn-32362.exe (PID: 5212)
      • Unicorn-16454.exe (PID: 5352)
      • Unicorn-44985.exe (PID: 7528)
      • Unicorn-21254.exe (PID: 3100)
      • Unicorn-34741.exe (PID: 4208)
      • Unicorn-54179.exe (PID: 6668)
      • Unicorn-38912.exe (PID: 920)
      • Unicorn-16131.exe (PID: 3156)
      • Unicorn-63329.exe (PID: 2268)
      • Unicorn-2452.exe (PID: 7204)
      • Unicorn-55265.exe (PID: 8100)
      • Unicorn-7822.exe (PID: 7656)
      • Unicorn-61440.exe (PID: 6068)
      • Unicorn-48730.exe (PID: 856)
      • Unicorn-49510.exe (PID: 7212)
      • Unicorn-8486.exe (PID: 8068)
      • Unicorn-56292.exe (PID: 7216)
      • Unicorn-49593.exe (PID: 7756)
      • Unicorn-45353.exe (PID: 3304)
      • Unicorn-39311.exe (PID: 8176)
      • Unicorn-41965.exe (PID: 7636)
      • Unicorn-34880.exe (PID: 7788)
      • Unicorn-38435.exe (PID: 968)
      • Unicorn-57984.exe (PID: 1040)
      • Unicorn-35909.exe (PID: 7368)
      • Unicorn-15597.exe (PID: 4244)
      • Unicorn-44980.exe (PID: 7012)
      • Unicorn-36500.exe (PID: 7508)
      • Unicorn-62961.exe (PID: 7652)
      • Unicorn-48441.exe (PID: 8156)
      • Unicorn-25966.exe (PID: 7664)
      • Unicorn-6838.exe (PID: 8184)
      • Unicorn-40605.exe (PID: 1164)
      • Unicorn-3303.exe (PID: 7960)
      • Unicorn-39675.exe (PID: 8048)
      • Unicorn-50880.exe (PID: 4740)
      • Unicorn-16921.exe (PID: 7796)
      • Unicorn-7356.exe (PID: 8200)
      • Unicorn-36677.exe (PID: 8260)
      • Unicorn-7813.exe (PID: 8024)
      • Unicorn-24840.exe (PID: 7928)
      • Unicorn-21825.exe (PID: 7912)
      • Unicorn-62784.exe (PID: 7740)
      • Unicorn-45805.exe (PID: 8596)
      • Unicorn-60095.exe (PID: 8636)
      • Unicorn-62037.exe (PID: 6800)
      • Unicorn-11212.exe (PID: 7732)
      • Unicorn-13879.exe (PID: 8584)
      • Unicorn-20650.exe (PID: 7992)
      • Unicorn-48026.exe (PID: 8736)
      • Unicorn-6100.exe (PID: 7780)
      • Unicorn-58787.exe (PID: 744)
      • Unicorn-12940.exe (PID: 8340)
      • Unicorn-56884.exe (PID: 7708)
      • Unicorn-28160.exe (PID: 8728)
      • Unicorn-10117.exe (PID: 8560)
      • Unicorn-54839.exe (PID: 5244)
      • Unicorn-41446.exe (PID: 8292)
      • Unicorn-34355.exe (PID: 8252)
      • Unicorn-51617.exe (PID: 9004)
      • Unicorn-11704.exe (PID: 8320)
      • Unicorn-44980.exe (PID: 6512)
      • Unicorn-9240.exe (PID: 8576)
      • Unicorn-49422.exe (PID: 8332)
      • Unicorn-50060.exe (PID: 8364)
      • Unicorn-15384.exe (PID: 5988)
      • Unicorn-10812.exe (PID: 7176)
      • Unicorn-10599.exe (PID: 4428)
      • Unicorn-8.exe (PID: 7320)
      • Unicorn-8685.exe (PID: 9156)
      • Unicorn-63143.exe (PID: 7224)
      • Unicorn-57304.exe (PID: 1188)
      • Unicorn-43449.exe (PID: 8992)
      • Unicorn-56609.exe (PID: 8164)
      • Unicorn-20354.exe (PID: 7860)
      • Unicorn-3075.exe (PID: 9704)
      • Unicorn-4558.exe (PID: 9696)
      • Unicorn-28213.exe (PID: 7612)
      • Unicorn-40237.exe (PID: 10120)
      • Unicorn-33091.exe (PID: 8500)
      • Unicorn-4305.exe (PID: 8312)
      • Unicorn-10641.exe (PID: 7876)
      • Unicorn-22156.exe (PID: 8820)
      • Unicorn-27265.exe (PID: 8944)
      • Unicorn-52700.exe (PID: 7804)
      • Unicorn-60775.exe (PID: 9608)
      • Unicorn-52415.exe (PID: 9600)
      • Unicorn-37938.exe (PID: 8476)
      • Unicorn-39993.exe (PID: 5504)
      • Unicorn-34513.exe (PID: 8780)
      • Unicorn-39976.exe (PID: 8492)
      • Unicorn-33287.exe (PID: 7548)
      • Unicorn-4056.exe (PID: 7492)
      • Unicorn-20812.exe (PID: 8032)
      • Unicorn-22675.exe (PID: 7840)
      • Unicorn-31197.exe (PID: 9060)
      • Unicorn-7045.exe (PID: 1240)
      • Unicorn-9624.exe (PID: 8516)
      • Unicorn-4222.exe (PID: 10608)
      • Unicorn-48021.exe (PID: 10600)
      • Unicorn-17565.exe (PID: 11320)
      • Unicorn-55981.exe (PID: 8540)
      • Unicorn-29817.exe (PID: 11276)
      • Unicorn-30886.exe (PID: 11304)
      • Unicorn-9271.exe (PID: 10516)
      • Unicorn-26919.exe (PID: 11104)
      • Unicorn-52525.exe (PID: 8148)
      • Unicorn-22156.exe (PID: 8812)
      • Unicorn-60880.exe (PID: 8464)
      • Unicorn-62015.exe (PID: 8968)
      • Unicorn-54777.exe (PID: 5260)
      • Unicorn-15540.exe (PID: 10560)
      • Unicorn-42239.exe (PID: 12496)
      • Unicorn-22255.exe (PID: 12460)
      • Unicorn-15504.exe (PID: 12548)
      • Unicorn-45530.exe (PID: 8284)
      • Unicorn-38405.exe (PID: 8872)
      • Unicorn-42104.exe (PID: 9120)
      • Unicorn-34669.exe (PID: 11468)
      • Unicorn-15406.exe (PID: 9412)
      • Unicorn-14860.exe (PID: 9020)
      • Unicorn-29638.exe (PID: 10216)
      • Unicorn-35695.exe (PID: 9448)
      • Unicorn-36402.exe (PID: 8212)
      • Unicorn-18015.exe (PID: 9540)
      • Unicorn-8332.exe (PID: 1748)
      • Unicorn-47149.exe (PID: 9488)
      • Unicorn-48680.exe (PID: 10848)
      • Unicorn-52889.exe (PID: 11832)
      • Unicorn-53588.exe (PID: 10580)
      • Unicorn-8908.exe (PID: 10804)
      • Unicorn-40730.exe (PID: 1276)
      • Unicorn-64964.exe (PID: 11004)
      • Unicorn-14419.exe (PID: 11588)
      • Unicorn-22643.exe (PID: 10812)
      • Unicorn-56085.exe (PID: 8888)
      • Unicorn-41062.exe (PID: 7480)
      • Unicorn-38758.exe (PID: 10352)
      • Unicorn-51389.exe (PID: 11760)
      • Unicorn-37247.exe (PID: 12956)
      • Unicorn-19691.exe (PID: 8984)
      • Unicorn-46266.exe (PID: 11212)
      • Unicorn-53781.exe (PID: 9244)
      • Unicorn-1840.exe (PID: 8720)
      • Unicorn-36113.exe (PID: 10304)
      • Unicorn-1176.exe (PID: 9428)
      • Unicorn-50937.exe (PID: 8404)
      • Unicorn-24337.exe (PID: 9404)
      • Unicorn-7595.exe (PID: 8396)
      • Unicorn-56646.exe (PID: 12328)
      • Unicorn-19054.exe (PID: 8756)
      • Unicorn-16833.exe (PID: 8380)
      • Unicorn-12882.exe (PID: 12316)
      • Unicorn-14122.exe (PID: 9384)
      • Unicorn-28014.exe (PID: 10572)
      • Unicorn-49557.exe (PID: 10464)
      • Unicorn-771.exe (PID: 9304)
      • Unicorn-49189.exe (PID: 12008)
      • Unicorn-52157.exe (PID: 9220)
      • Unicorn-10356.exe (PID: 11448)
      • Unicorn-35665.exe (PID: 8952)
      • Unicorn-29027.exe (PID: 10956)
      • Unicorn-19364.exe (PID: 9104)
      • Unicorn-59910.exe (PID: 10540)
      • Unicorn-32121.exe (PID: 9200)
      • Unicorn-29638.exe (PID: 10224)
      • Unicorn-44949.exe (PID: 9320)
      • Unicorn-45966.exe (PID: 10256)
      • Unicorn-29027.exe (PID: 10928)
      • Unicorn-49765.exe (PID: 12232)
      • Unicorn-7668.exe (PID: 11052)
      • Unicorn-8472.exe (PID: 11680)
      • Unicorn-46266.exe (PID: 12048)
      • Unicorn-3428.exe (PID: 10872)
      • Unicorn-11331.exe (PID: 9052)
      • Unicorn-41803.exe (PID: 9280)
      • Unicorn-4646.exe (PID: 9028)
      • Unicorn-41645.exe (PID: 11340)
      • Unicorn-18556.exe (PID: 10128)
      • Unicorn-30516.exe (PID: 8456)
      • Unicorn-7859.exe (PID: 11148)
      • Unicorn-15785.exe (PID: 5596)
      • Unicorn-22835.exe (PID: 11132)
      • Unicorn-43391.exe (PID: 13720)
      • Unicorn-24394.exe (PID: 11156)
      • Unicorn-6116.exe (PID: 8680)
      • Unicorn-48628.exe (PID: 10912)
      • Unicorn-50117.exe (PID: 8448)
      • Unicorn-45665.exe (PID: 10364)
      • Unicorn-3865.exe (PID: 11580)
      • Unicorn-58892.exe (PID: 12372)
      • Unicorn-58636.exe (PID: 14120)
      • Unicorn-30642.exe (PID: 9460)
      • Unicorn-57009.exe (PID: 9364)
      • Unicorn-4165.exe (PID: 10148)
      • Unicorn-517.exe (PID: 9136)
      • Unicorn-16449.exe (PID: 8484)
      • Unicorn-59099.exe (PID: 10988)
      • Unicorn-45177.exe (PID: 9624)
      • Unicorn-20922.exe (PID: 7424)
      • Unicorn-42607.exe (PID: 8268)
      • Unicorn-56448.exe (PID: 9036)
      • Unicorn-11243.exe (PID: 9688)
      • Unicorn-12699.exe (PID: 14128)
      • Unicorn-43783.exe (PID: 14084)
      • Unicorn-44527.exe (PID: 8792)
      • Unicorn-29027.exe (PID: 10940)
      • Unicorn-1979.exe (PID: 9236)
      • Unicorn-35769.exe (PID: 10204)
      • Unicorn-52977.exe (PID: 10948)
      • Unicorn-41685.exe (PID: 11384)
      • Unicorn-49648.exe (PID: 14012)
      • Unicorn-59763.exe (PID: 10484)
      • Unicorn-4123.exe (PID: 8372)
      • Unicorn-31462.exe (PID: 11564)
      • Unicorn-34899.exe (PID: 14320)
      • Unicorn-18539.exe (PID: 8860)
      • Unicorn-8052.exe (PID: 10972)
      • Unicorn-20113.exe (PID: 11036)
      • Unicorn-24306.exe (PID: 10880)
      • Unicorn-41757.exe (PID: 8828)
      • Unicorn-25215.exe (PID: 6044)
      • Unicorn-7121.exe (PID: 15172)
      • Unicorn-31973.exe (PID: 9068)
      • Unicorn-13417.exe (PID: 7944)
      • Unicorn-1266.exe (PID: 15232)

    • Create files in a temporary directory

      • Unicorn-5223.exe (PID: 6272)
      • 1 (1362).exe (PID: 3956)
      • Unicorn-45353.exe (PID: 3304)
      • Unicorn-7252.exe (PID: 976)
      • Unicorn-9556.exe (PID: 4000)
      • Unicorn-40605.exe (PID: 1164)
      • Unicorn-7039.exe (PID: 616)
      • Unicorn-47730.exe (PID: 812)
      • Unicorn-11632.exe (PID: 1812)
      • Unicorn-32362.exe (PID: 5212)
      • Unicorn-45213.exe (PID: 728)
      • Unicorn-63329.exe (PID: 2268)
      • Unicorn-21254.exe (PID: 3100)
      • Unicorn-3464.exe (PID: 1628)
      • Unicorn-10599.exe (PID: 4428)
      • Unicorn-57984.exe (PID: 1040)
      • Unicorn-58787.exe (PID: 744)
      • Unicorn-10812.exe (PID: 7176)
      • Unicorn-55737.exe (PID: 7192)
      • Unicorn-2452.exe (PID: 7204)
      • Unicorn-56292.exe (PID: 7216)
      • Unicorn-44985.exe (PID: 7528)
      • Unicorn-33287.exe (PID: 7548)
      • Unicorn-1575.exe (PID: 7712)
      • Unicorn-13765.exe (PID: 7808)
      • Unicorn-10641.exe (PID: 7876)
      • Unicorn-28610.exe (PID: 4120)
      • Unicorn-17667.exe (PID: 7892)
      • Unicorn-54777.exe (PID: 5260)
      • Unicorn-13417.exe (PID: 7944)
      • Unicorn-57304.exe (PID: 1188)
      • Unicorn-3303.exe (PID: 7960)
      • Unicorn-15643.exe (PID: 3008)
      • Unicorn-10532.exe (PID: 8008)
      • Unicorn-42260.exe (PID: 1180)
      • Unicorn-35399.exe (PID: 8108)
      • Unicorn-14616.exe (PID: 8084)
      • Unicorn-15384.exe (PID: 5988)
      • Unicorn-5716.exe (PID: 6576)
      • Unicorn-54839.exe (PID: 5244)
      • Unicorn-34142.exe (PID: 7232)
      • Unicorn-62509.exe (PID: 7444)
      • Unicorn-14159.exe (PID: 8136)
      • Unicorn-56609.exe (PID: 8164)
      • Unicorn-45234.exe (PID: 5048)
      • Unicorn-16454.exe (PID: 5352)
      • Unicorn-61440.exe (PID: 6068)
      • Unicorn-7822.exe (PID: 7656)
      • Unicorn-55265.exe (PID: 8100)
      • Unicorn-16131.exe (PID: 3156)
      • Unicorn-48730.exe (PID: 856)
      • Unicorn-49510.exe (PID: 7212)
      • Unicorn-8486.exe (PID: 8068)
      • Unicorn-49593.exe (PID: 7756)
      • Unicorn-34880.exe (PID: 7788)
      • Unicorn-11191.exe (PID: 7500)
      • Unicorn-35909.exe (PID: 7368)
      • Unicorn-15597.exe (PID: 4244)
      • Unicorn-25966.exe (PID: 7664)
      • Unicorn-62961.exe (PID: 7652)
      • Unicorn-50880.exe (PID: 4740)
      • Unicorn-16921.exe (PID: 7796)
      • Unicorn-36677.exe (PID: 8260)
      • Unicorn-7813.exe (PID: 8024)
      • Unicorn-61440.exe (PID: 7184)
      • Unicorn-13879.exe (PID: 8584)
      • Unicorn-45805.exe (PID: 8596)
      • Unicorn-60095.exe (PID: 8636)
      • Unicorn-62037.exe (PID: 6800)
      • Unicorn-11212.exe (PID: 7732)
      • Unicorn-20650.exe (PID: 7992)
      • Unicorn-24840.exe (PID: 7928)
      • Unicorn-39311.exe (PID: 8176)
      • Unicorn-6100.exe (PID: 7780)
      • Unicorn-41965.exe (PID: 7636)
      • Unicorn-48026.exe (PID: 8736)
      • Unicorn-12940.exe (PID: 8340)
      • Unicorn-56884.exe (PID: 7708)
      • Unicorn-28160.exe (PID: 8728)
      • Unicorn-42228.exe (PID: 8076)
      • Unicorn-10117.exe (PID: 8560)
      • Unicorn-44980.exe (PID: 6512)
      • Unicorn-51617.exe (PID: 9004)
      • Unicorn-11704.exe (PID: 8320)
      • Unicorn-49422.exe (PID: 8332)
      • Unicorn-48441.exe (PID: 8156)
      • Unicorn-8685.exe (PID: 9156)
      • Unicorn-63143.exe (PID: 7224)
      • Unicorn-52525.exe (PID: 8148)
      • Unicorn-8.exe (PID: 7320)
      • Unicorn-43449.exe (PID: 8992)
      • Unicorn-20354.exe (PID: 7860)
      • Unicorn-11367.exe (PID: 4608)
      • Unicorn-35618.exe (PID: 7396)
      • Unicorn-38912.exe (PID: 920)
      • Unicorn-40237.exe (PID: 10120)
      • Unicorn-4305.exe (PID: 8312)
      • Unicorn-54179.exe (PID: 6668)
      • Unicorn-27265.exe (PID: 8944)
      • Unicorn-60775.exe (PID: 9608)
      • Unicorn-52415.exe (PID: 9600)
      • Unicorn-39993.exe (PID: 5504)
      • Unicorn-34513.exe (PID: 8780)
      • Unicorn-28213.exe (PID: 7612)
      • Unicorn-39976.exe (PID: 8492)
      • Unicorn-22156.exe (PID: 8820)
      • Unicorn-4056.exe (PID: 7492)
      • Unicorn-22675.exe (PID: 7840)
      • Unicorn-31197.exe (PID: 9060)
      • Unicorn-7045.exe (PID: 1240)
      • Unicorn-44980.exe (PID: 7012)
      • Unicorn-4222.exe (PID: 10608)
      • Unicorn-29817.exe (PID: 11276)
      • Unicorn-6838.exe (PID: 8184)
      • Unicorn-52634.exe (PID: 8016)
      • Unicorn-21825.exe (PID: 7912)
      • Unicorn-17565.exe (PID: 11320)
      • Unicorn-30886.exe (PID: 11304)
      • Unicorn-62784.exe (PID: 7740)
      • Unicorn-38435.exe (PID: 968)
      • Unicorn-52700.exe (PID: 7804)
      • Unicorn-34355.exe (PID: 8252)
      • Unicorn-60880.exe (PID: 8464)
      • Unicorn-15540.exe (PID: 10560)
      • Unicorn-62015.exe (PID: 8968)
      • Unicorn-50060.exe (PID: 8364)
      • Unicorn-34741.exe (PID: 4208)
      • Unicorn-22255.exe (PID: 12460)
      • Unicorn-3075.exe (PID: 9704)
      • Unicorn-42239.exe (PID: 12496)
      • Unicorn-45530.exe (PID: 8284)
      • Unicorn-22156.exe (PID: 8812)
      • Unicorn-33091.exe (PID: 8500)
      • Unicorn-38405.exe (PID: 8872)
      • Unicorn-42104.exe (PID: 9120)
      • Unicorn-39675.exe (PID: 8048)
      • Unicorn-34669.exe (PID: 11468)
      • Unicorn-15406.exe (PID: 9412)
      • Unicorn-37938.exe (PID: 8476)
      • Unicorn-14860.exe (PID: 9020)
      • Unicorn-12699.exe (PID: 14128)
      • Unicorn-20812.exe (PID: 8032)
      • Unicorn-18015.exe (PID: 9540)
      • Unicorn-48021.exe (PID: 10600)
      • Unicorn-9624.exe (PID: 8516)
      • Unicorn-48680.exe (PID: 10848)
      • Unicorn-52889.exe (PID: 11832)
      • Unicorn-8908.exe (PID: 10804)
      • Unicorn-40730.exe (PID: 1276)
      • Unicorn-47149.exe (PID: 9488)
      • Unicorn-64964.exe (PID: 11004)
      • Unicorn-14419.exe (PID: 11588)
      • Unicorn-22643.exe (PID: 10812)
      • Unicorn-56085.exe (PID: 8888)
      • Unicorn-41062.exe (PID: 7480)
      • Unicorn-38758.exe (PID: 10352)
      • Unicorn-37247.exe (PID: 12956)
      • Unicorn-53781.exe (PID: 9244)
      • Unicorn-1840.exe (PID: 8720)
      • Unicorn-36113.exe (PID: 10304)

    • Reads the computer name

      • 1 (1362).exe (PID: 3956)
      • Unicorn-45213.exe (PID: 728)
      • Unicorn-7039.exe (PID: 616)
      • Unicorn-45353.exe (PID: 3304)
      • Unicorn-32362.exe (PID: 5212)
      • Unicorn-7252.exe (PID: 976)
      • Unicorn-47730.exe (PID: 812)
      • Unicorn-21254.exe (PID: 3100)
      • Unicorn-9556.exe (PID: 4000)
      • Unicorn-40605.exe (PID: 1164)
      • Unicorn-58787.exe (PID: 744)
      • Unicorn-3464.exe (PID: 1628)
      • Unicorn-11632.exe (PID: 1812)
      • Unicorn-11367.exe (PID: 4608)
      • Unicorn-10599.exe (PID: 4428)
      • Unicorn-28610.exe (PID: 4120)
      • Unicorn-5223.exe (PID: 6272)
      • Unicorn-10812.exe (PID: 7176)
      • Unicorn-54777.exe (PID: 5260)
      • Unicorn-15643.exe (PID: 3008)
      • Unicorn-54839.exe (PID: 5244)
      • Unicorn-34741.exe (PID: 4208)
      • Unicorn-48730.exe (PID: 856)
      • Unicorn-63143.exe (PID: 7224)
      • Unicorn-42260.exe (PID: 1180)
      • Unicorn-55737.exe (PID: 7192)
      • Unicorn-56292.exe (PID: 7216)
      • Unicorn-44985.exe (PID: 7528)
      • Unicorn-33287.exe (PID: 7548)
      • Unicorn-13417.exe (PID: 7944)
      • Unicorn-52634.exe (PID: 8016)
      • Unicorn-52525.exe (PID: 8148)
      • Unicorn-10532.exe (PID: 8008)
      • Unicorn-3303.exe (PID: 7960)
      • Unicorn-35399.exe (PID: 8108)
      • Unicorn-2452.exe (PID: 7204)
      • Unicorn-5716.exe (PID: 6576)
      • Unicorn-8.exe (PID: 7320)
      • Unicorn-34142.exe (PID: 7232)
      • Unicorn-56609.exe (PID: 8164)
      • Unicorn-14616.exe (PID: 8084)
      • Unicorn-14159.exe (PID: 8136)
      • Unicorn-35618.exe (PID: 7396)
      • Unicorn-24840.exe (PID: 7928)
      • Unicorn-11191.exe (PID: 7500)
      • Unicorn-45234.exe (PID: 5048)
      • Unicorn-38912.exe (PID: 920)
      • Unicorn-16454.exe (PID: 5352)
      • Unicorn-20922.exe (PID: 7424)
      • Unicorn-16131.exe (PID: 3156)
      • Unicorn-7822.exe (PID: 7656)
      • Unicorn-55265.exe (PID: 8100)
      • Unicorn-61440.exe (PID: 6068)
      • Unicorn-49510.exe (PID: 7212)
      • Unicorn-8486.exe (PID: 8068)
      • Unicorn-41965.exe (PID: 7636)
      • Unicorn-34880.exe (PID: 7788)
      • Unicorn-15384.exe (PID: 5988)
      • Unicorn-38435.exe (PID: 968)
      • Unicorn-15597.exe (PID: 4244)
      • Unicorn-49593.exe (PID: 7756)
      • Unicorn-36500.exe (PID: 7508)
      • Unicorn-48441.exe (PID: 8156)
      • Unicorn-62961.exe (PID: 7652)
      • Unicorn-25966.exe (PID: 7664)
      • Unicorn-39675.exe (PID: 8048)
      • Unicorn-50880.exe (PID: 4740)
      • Unicorn-16921.exe (PID: 7796)
      • Unicorn-7356.exe (PID: 8200)
      • Unicorn-36677.exe (PID: 8260)
      • Unicorn-45805.exe (PID: 8596)
      • Unicorn-60095.exe (PID: 8636)
      • Unicorn-45530.exe (PID: 8284)
      • Unicorn-11212.exe (PID: 7732)
      • Unicorn-28160.exe (PID: 8728)
      • Unicorn-6100.exe (PID: 7780)
      • Unicorn-22156.exe (PID: 8820)
      • Unicorn-48026.exe (PID: 8736)
      • Unicorn-12940.exe (PID: 8340)
      • Unicorn-10117.exe (PID: 8560)
      • Unicorn-41446.exe (PID: 8292)
      • Unicorn-34355.exe (PID: 8252)
      • Unicorn-11704.exe (PID: 8320)
      • Unicorn-9240.exe (PID: 8576)
      • Unicorn-49422.exe (PID: 8332)
      • Unicorn-50060.exe (PID: 8364)
      • Unicorn-4558.exe (PID: 9696)
      • Unicorn-40237.exe (PID: 10120)
      • Unicorn-4305.exe (PID: 8312)
      • Unicorn-517.exe (PID: 9136)
      • Unicorn-60775.exe (PID: 9608)
      • Unicorn-27265.exe (PID: 8944)
      • Unicorn-52700.exe (PID: 7804)
      • Unicorn-37938.exe (PID: 8476)
      • Unicorn-4056.exe (PID: 7492)
      • Unicorn-17565.exe (PID: 11320)
      • Unicorn-22675.exe (PID: 7840)
      • Unicorn-55981.exe (PID: 8540)
      • Unicorn-26919.exe (PID: 11104)
      • Unicorn-22156.exe (PID: 8812)
      • Unicorn-60880.exe (PID: 8464)
      • Unicorn-15540.exe (PID: 10560)
      • Unicorn-42104.exe (PID: 9120)
      • Unicorn-42607.exe (PID: 8268)
      • Unicorn-22255.exe (PID: 12460)
      • Unicorn-15504.exe (PID: 12548)
      • Unicorn-29638.exe (PID: 10216)
      • Unicorn-7595.exe (PID: 8396)
      • Unicorn-34669.exe (PID: 11468)
      • Unicorn-12699.exe (PID: 14140)
      • Unicorn-58636.exe (PID: 14120)
      • Unicorn-8052.exe (PID: 10972)
      • Unicorn-8332.exe (PID: 1748)
      • Unicorn-47149.exe (PID: 9488)
      • Unicorn-53588.exe (PID: 10580)
      • Unicorn-59099.exe (PID: 10988)
      • Unicorn-40730.exe (PID: 1276)
      • Unicorn-29027.exe (PID: 10928)
      • Unicorn-48680.exe (PID: 10848)
      • Unicorn-46266.exe (PID: 12048)
      • Unicorn-14419.exe (PID: 11588)
      • Unicorn-22643.exe (PID: 10812)
      • Unicorn-6116.exe (PID: 8680)
      • Unicorn-43783.exe (PID: 14084)
      • Unicorn-48628.exe (PID: 10912)
      • Unicorn-49648.exe (PID: 14012)
      • Unicorn-24394.exe (PID: 11156)
      • Unicorn-56646.exe (PID: 12328)
      • Unicorn-52977.exe (PID: 10948)
      • Unicorn-56085.exe (PID: 8888)
      • Unicorn-38758.exe (PID: 10352)
      • Unicorn-51389.exe (PID: 11760)
      • Unicorn-36113.exe (PID: 10304)
      • Unicorn-3865.exe (PID: 11580)
      • Unicorn-53781.exe (PID: 9244)
      • Unicorn-1840.exe (PID: 8720)

    • Checks supported languages

      • 1 (1362).exe (PID: 3956)
      • Unicorn-45213.exe (PID: 728)
      • Unicorn-45353.exe (PID: 3304)
      • Unicorn-7252.exe (PID: 976)
      • Unicorn-47730.exe (PID: 812)
      • Unicorn-7039.exe (PID: 616)
      • Unicorn-32362.exe (PID: 5212)
      • Unicorn-21254.exe (PID: 3100)
      • Unicorn-9556.exe (PID: 4000)
      • Unicorn-40605.exe (PID: 1164)
      • Unicorn-58787.exe (PID: 744)
      • Unicorn-57304.exe (PID: 1188)
      • Unicorn-3464.exe (PID: 1628)
      • Unicorn-11367.exe (PID: 4608)
      • Unicorn-11632.exe (PID: 1812)
      • Unicorn-54839.exe (PID: 5244)
      • Unicorn-28610.exe (PID: 4120)
      • Unicorn-57984.exe (PID: 1040)
      • Unicorn-63329.exe (PID: 2268)
      • Unicorn-34741.exe (PID: 4208)
      • Unicorn-54777.exe (PID: 5260)
      • Unicorn-42260.exe (PID: 1180)
      • Unicorn-48730.exe (PID: 856)
      • Unicorn-15643.exe (PID: 3008)
      • Unicorn-55737.exe (PID: 7192)
      • Unicorn-56292.exe (PID: 7216)
      • Unicorn-2452.exe (PID: 7204)
      • Unicorn-63143.exe (PID: 7224)
      • Unicorn-5223.exe (PID: 6272)
      • Unicorn-44985.exe (PID: 7528)
      • Unicorn-33287.exe (PID: 7548)
      • Unicorn-1575.exe (PID: 7712)
      • Unicorn-20354.exe (PID: 7860)
      • Unicorn-17667.exe (PID: 7892)
      • Unicorn-10641.exe (PID: 7876)
      • Unicorn-24840.exe (PID: 7928)
      • Unicorn-3303.exe (PID: 7960)
      • Unicorn-10532.exe (PID: 8008)
      • Unicorn-52634.exe (PID: 8016)
      • Unicorn-42228.exe (PID: 8076)
      • Unicorn-39675.exe (PID: 8048)
      • Unicorn-55265.exe (PID: 8100)
      • Unicorn-35399.exe (PID: 8108)
      • Unicorn-14159.exe (PID: 8136)
      • Unicorn-52525.exe (PID: 8148)
      • Unicorn-6838.exe (PID: 8184)
      • Unicorn-61440.exe (PID: 7184)
      • Unicorn-61440.exe (PID: 6068)
      • Unicorn-15384.exe (PID: 5988)
      • Unicorn-5716.exe (PID: 6576)
      • Unicorn-45234.exe (PID: 5048)
      • Unicorn-48441.exe (PID: 8156)
      • Unicorn-54179.exe (PID: 6668)
      • Unicorn-16454.exe (PID: 5352)
      • Unicorn-11191.exe (PID: 7500)
      • Unicorn-16131.exe (PID: 3156)
      • Unicorn-20922.exe (PID: 7424)
      • Unicorn-62509.exe (PID: 7444)
      • Unicorn-28213.exe (PID: 7612)
      • Unicorn-36500.exe (PID: 7508)
      • Unicorn-49593.exe (PID: 7756)
      • Unicorn-6100.exe (PID: 7780)
      • Unicorn-34880.exe (PID: 7788)
      • Unicorn-16921.exe (PID: 7796)
      • Unicorn-25966.exe (PID: 7664)
      • Unicorn-62961.exe (PID: 7652)
      • Unicorn-62784.exe (PID: 7740)
      • Unicorn-7822.exe (PID: 7656)
      • Unicorn-41965.exe (PID: 7636)
      • Unicorn-52700.exe (PID: 7804)
      • Unicorn-15597.exe (PID: 4244)
      • Unicorn-20650.exe (PID: 7992)
      • Unicorn-7045.exe (PID: 1240)
      • Unicorn-38435.exe (PID: 968)
      • Unicorn-35909.exe (PID: 7368)
      • Unicorn-56884.exe (PID: 7708)
      • Unicorn-11212.exe (PID: 7732)
      • Unicorn-62037.exe (PID: 6800)
      • Unicorn-7813.exe (PID: 8024)
      • Unicorn-20812.exe (PID: 8032)
      • Unicorn-7356.exe (PID: 8200)
      • Unicorn-41062.exe (PID: 7480)
      • Unicorn-36677.exe (PID: 8260)
      • Unicorn-34355.exe (PID: 8252)
      • Unicorn-45530.exe (PID: 8284)
      • Unicorn-41446.exe (PID: 8292)
      • Unicorn-42607.exe (PID: 8268)
      • Unicorn-13879.exe (PID: 8584)
      • Unicorn-4305.exe (PID: 8312)
      • Unicorn-11704.exe (PID: 8320)
      • Unicorn-45805.exe (PID: 8596)
      • Unicorn-36402.exe (PID: 8212)
      • Unicorn-49422.exe (PID: 8332)
      • Unicorn-12940.exe (PID: 8340)
      • Unicorn-50060.exe (PID: 8364)
      • Unicorn-16833.exe (PID: 8380)
      • Unicorn-4123.exe (PID: 8372)
      • Unicorn-7595.exe (PID: 8396)
      • Unicorn-50117.exe (PID: 8448)
      • Unicorn-30516.exe (PID: 8456)
      • Unicorn-39976.exe (PID: 8492)
      • Unicorn-9624.exe (PID: 8516)
      • Unicorn-39282.exe (PID: 8524)
      • Unicorn-10117.exe (PID: 8560)
      • Unicorn-9240.exe (PID: 8576)
      • Unicorn-1840.exe (PID: 8720)
      • Unicorn-28160.exe (PID: 8728)
      • Unicorn-39785.exe (PID: 8696)
      • Unicorn-44527.exe (PID: 8792)
      • Unicorn-22156.exe (PID: 8812)
      • Unicorn-38405.exe (PID: 8872)
      • Unicorn-56085.exe (PID: 8888)
      • Unicorn-27265.exe (PID: 8944)
      • Unicorn-35665.exe (PID: 8952)
      • Unicorn-19691.exe (PID: 8984)
      • Unicorn-43449.exe (PID: 8992)
      • Unicorn-51617.exe (PID: 9004)
      • Unicorn-14860.exe (PID: 9020)
      • Unicorn-4646.exe (PID: 9028)
      • Unicorn-31197.exe (PID: 9060)
      • Unicorn-19364.exe (PID: 9104)
      • Unicorn-42104.exe (PID: 9120)
      • Unicorn-6116.exe (PID: 8680)
      • Unicorn-517.exe (PID: 9136)
      • Unicorn-36504.exe (PID: 9112)
      • Unicorn-32121.exe (PID: 9200)
      • Unicorn-52157.exe (PID: 9220)
      • Unicorn-1979.exe (PID: 9236)
      • Unicorn-53781.exe (PID: 9244)
      • Unicorn-53781.exe (PID: 9252)
      • Unicorn-52048.exe (PID: 9372)
      • Unicorn-24337.exe (PID: 9404)
      • Unicorn-1176.exe (PID: 9428)
      • Unicorn-30642.exe (PID: 9460)
      • Unicorn-56448.exe (PID: 9036)
      • Unicorn-41550.exe (PID: 9188)
      • Unicorn-47149.exe (PID: 9488)
      • Unicorn-771.exe (PID: 9304)
      • Unicorn-45177.exe (PID: 9624)
      • Unicorn-60775.exe (PID: 9608)
      • Unicorn-4558.exe (PID: 9696)
      • Unicorn-15785.exe (PID: 5596)
      • Unicorn-15406.exe (PID: 9412)
      • Unicorn-57009.exe (PID: 9364)
      • Unicorn-44949.exe (PID: 9320)
      • Unicorn-59012.exe (PID: 9640)
      • Unicorn-11243.exe (PID: 9688)
      • Unicorn-40237.exe (PID: 10120)
      • Unicorn-18539.exe (PID: 8860)
      • Unicorn-41803.exe (PID: 9280)
      • Unicorn-22676.exe (PID: 9680)
      • Unicorn-14122.exe (PID: 9384)
      • Unicorn-52415.exe (PID: 9600)
      • Unicorn-18015.exe (PID: 9540)
      • Unicorn-21981.exe (PID: 9576)
      • Unicorn-4876.exe (PID: 9476)
      • Unicorn-18556.exe (PID: 10128)
      • Unicorn-57128.exe (PID: 10156)
      • Unicorn-15903.exe (PID: 10192)
      • Unicorn-35769.exe (PID: 10204)
      • Unicorn-29638.exe (PID: 10216)
      • Unicorn-29638.exe (PID: 10224)
      • Unicorn-4165.exe (PID: 10148)
      • Unicorn-4056.exe (PID: 7492)
      • Unicorn-45665.exe (PID: 10364)
      • Unicorn-40730.exe (PID: 1276)
      • Unicorn-58965.exe (PID: 872)
      • Unicorn-38758.exe (PID: 10352)
      • Unicorn-45966.exe (PID: 10256)
      • Unicorn-49557.exe (PID: 10464)
      • Unicorn-59763.exe (PID: 10484)
      • Unicorn-9271.exe (PID: 10516)
      • Unicorn-59910.exe (PID: 10540)
      • Unicorn-28014.exe (PID: 10572)
      • Unicorn-53588.exe (PID: 10580)
      • Unicorn-46028.exe (PID: 10500)
      • Unicorn-48021.exe (PID: 10600)
      • Unicorn-50159.exe (PID: 10616)
      • Unicorn-7180.exe (PID: 10624)
      • Unicorn-51232.exe (PID: 10784)
      • Unicorn-8908.exe (PID: 10804)
      • Unicorn-22643.exe (PID: 10812)
      • Unicorn-42763.exe (PID: 10920)
      • Unicorn-48628.exe (PID: 10912)
      • Unicorn-29817.exe (PID: 11276)
      • Unicorn-29027.exe (PID: 10928)
      • Unicorn-52977.exe (PID: 10948)
      • Unicorn-30886.exe (PID: 11304)
      • Unicorn-52977.exe (PID: 10964)
      • Unicorn-17565.exe (PID: 11320)
      • Unicorn-59099.exe (PID: 10996)
      • Unicorn-64964.exe (PID: 11004)
      • Unicorn-59099.exe (PID: 10988)
      • Unicorn-20113.exe (PID: 11036)
      • Unicorn-7668.exe (PID: 11052)
      • Unicorn-53148.exe (PID: 11096)
      • Unicorn-9100.exe (PID: 11124)
      • Unicorn-24119.exe (PID: 11116)
      • Unicorn-22835.exe (PID: 11132)
      • Unicorn-7859.exe (PID: 11148)
      • Unicorn-27962.exe (PID: 4284)
      • Unicorn-13459.exe (PID: 11164)
      • Unicorn-2743.exe (PID: 10840)
      • Unicorn-41685.exe (PID: 11384)
      • Unicorn-26919.exe (PID: 11104)
      • Unicorn-29027.exe (PID: 10956)
      • Unicorn-10356.exe (PID: 11448)
      • Unicorn-28696.exe (PID: 11980)
      • Unicorn-49189.exe (PID: 12008)
      • Unicorn-1731.exe (PID: 11484)
      • Unicorn-6902.exe (PID: 6876)
      • Unicorn-14419.exe (PID: 11588)
      • Unicorn-46266.exe (PID: 11212)
      • Unicorn-9095.exe (PID: 11956)
      • Unicorn-22255.exe (PID: 12460)
      • Unicorn-42239.exe (PID: 12496)
      • Unicorn-15504.exe (PID: 12548)
      • Unicorn-61742.exe (PID: 11884)
      • Unicorn-52889.exe (PID: 11832)
      • Unicorn-53766.exe (PID: 11824)
      • Unicorn-12048.exe (PID: 12144)
      • Unicorn-17202.exe (PID: 12132)
      • Unicorn-53574.exe (PID: 11900)
      • Unicorn-40398.exe (PID: 11748)
      • Unicorn-51389.exe (PID: 11760)
      • Unicorn-19463.exe (PID: 11708)
      • Unicorn-8472.exe (PID: 11680)
      • Unicorn-46266.exe (PID: 12048)
      • Unicorn-41136.exe (PID: 12040)
      • Unicorn-54020.exe (PID: 12032)
      • Unicorn-14419.exe (PID: 11596)
      • Unicorn-14419.exe (PID: 11604)
      • Unicorn-34020.exe (PID: 11612)
      • Unicorn-39115.exe (PID: 11544)
      • Unicorn-31635.exe (PID: 13636)
      • Unicorn-18253.exe (PID: 13676)
      • Unicorn-43526.exe (PID: 13652)
      • Unicorn-48486.exe (PID: 13668)
      • Unicorn-27468.exe (PID: 13708)
      • Unicorn-39057.exe (PID: 13700)
      • Unicorn-44683.exe (PID: 12892)
      • Unicorn-43391.exe (PID: 13720)
      • Unicorn-37247.exe (PID: 13732)
      • Unicorn-32530.exe (PID: 11560)
      • Unicorn-12699.exe (PID: 14140)
      • Unicorn-58636.exe (PID: 14120)
      • Unicorn-12699.exe (PID: 14128)
      • Unicorn-16195.exe (PID: 13020)
      • Unicorn-48296.exe (PID: 13000)
      • Unicorn-42431.exe (PID: 13008)
      • Unicorn-28887.exe (PID: 12940)
      • Unicorn-37247.exe (PID: 12964)
      • Unicorn-56848.exe (PID: 12948)
      • Unicorn-50324.exe (PID: 12396)
      • Unicorn-41087.exe (PID: 12432)
      • Unicorn-12882.exe (PID: 12316)
      • Unicorn-56646.exe (PID: 12328)
      • Unicorn-26391.exe (PID: 6248)
      • Unicorn-30762.exe (PID: 13828)
      • Unicorn-3326.exe (PID: 13864)
      • Unicorn-30762.exe (PID: 13832)
      • Unicorn-58501.exe (PID: 13772)
      • Unicorn-32595.exe (PID: 13896)
      • Unicorn-2218.exe (PID: 13064)
      • Unicorn-24447.exe (PID: 13972)
      • Unicorn-49648.exe (PID: 13988)
      • Unicorn-49648.exe (PID: 14004)
      • Unicorn-49648.exe (PID: 14020)
      • Unicorn-30047.exe (PID: 13996)
      • Unicorn-43783.exe (PID: 14076)
      • Unicorn-43783.exe (PID: 14052)
      • Unicorn-41513.exe (PID: 14036)
      • Unicorn-4034.exe (PID: 14100)
      • Unicorn-37661.exe (PID: 14180)
      • Unicorn-43783.exe (PID: 14084)
      • Unicorn-48488.exe (PID: 12932)
      • Unicorn-44551.exe (PID: 6036)
      • Unicorn-25215.exe (PID: 6044)
      • Unicorn-8671.exe (PID: 12720)
      • Unicorn-18555.exe (PID: 12380)
      • Unicorn-17478.exe (PID: 12340)
      • Unicorn-52754.exe (PID: 12300)
      • Unicorn-2079.exe (PID: 4572)
      • Unicorn-37247.exe (PID: 13624)
      • Unicorn-18497.exe (PID: 15212)
      • Unicorn-4330.exe (PID: 12452)
      • Unicorn-25702.exe (PID: 12704)
      • Unicorn-46952.exe (PID: 12424)
      • Unicorn-1266.exe (PID: 15232)
      • Unicorn-56132.exe (PID: 12444)
      • Unicorn-58892.exe (PID: 12372)
      • Unicorn-8472.exe (PID: 11676)

    • Reads security settings of Internet Explorer

      • BackgroundTransferHost.exe (PID: 2420)
      • BackgroundTransferHost.exe (PID: 5984)
      • BackgroundTransferHost.exe (PID: 5512)
      • BackgroundTransferHost.exe (PID: 7640)
      • BackgroundTransferHost.exe (PID: 7408)

    • Checks proxy server information

      • BackgroundTransferHost.exe (PID: 5984)

    • Reads the software policy settings

      • BackgroundTransferHost.exe (PID: 5984)

    • Creates files or folders in the user directory

      • BackgroundTransferHost.exe (PID: 5984)
Find more information about signature artifacts and mapping to MITRE ATT&CK™ MATRIX at the full report
No Malware configuration.

TRiD

.exe | Win32 Executable (generic) (52.9)
.exe | Generic Win/DOS Executable (23.5)
.exe | DOS Executable Generic (23.5)

EXIF

EXE

MachineType: Intel 386 or later, and compatibles
TimeStamp: 2019:01:19 13:34:56+00:00
ImageFileCharacteristics: No relocs, Executable, No line numbers, No symbols, 32-bit, No debug, Removable run from swap, Net run from swap, Uniprocessor only, Bytes reversed hi
PEType: PE32
LinkerVersion: 6
CodeSize: 176128
InitializedDataSize: 299008
UninitializedDataSize: -
EntryPoint: 0x13d4
OSVersion: 4
ImageVersion: 1
SubsystemVersion: 4
Subsystem: Windows GUI
FileVersionNumber: 1.0.0.0
ProductVersionNumber: 1.0.0.0
FileFlagsMask: 0x003f
FileFlags: (none)
FileOS: Win32
ObjectFileType: Executable application
FileSubtype: -
LanguageCode: Chinese (Simplified)
CharacterSet: Unicode
CompanyName: UEFI
ProductName: Kawaii-Unicorn
FileVersion: 1
ProductVersion: 1
InternalName: Kawaii-Unicorn
OriginalFileName: Kawaii-Unicorn.exe
No data.
screenshotscreenshotscreenshot
All screenshots are available in the full report
All screenshots are available in the full report
Total processes
617
Monitored processes
485
Malicious processes
82
Suspicious processes
54

Behavior graph

Click at the process to see the details
start 1 (1362).exe sppextcomobj.exe no specs slui.exe unicorn-45213.exe unicorn-5223.exe unicorn-7039.exe unicorn-45353.exe unicorn-7252.exe unicorn-47730.exe unicorn-32362.exe unicorn-21254.exe unicorn-9556.exe unicorn-40605.exe unicorn-58787.exe unicorn-3464.exe unicorn-57304.exe unicorn-11367.exe unicorn-11632.exe backgroundtransferhost.exe no specs backgroundtransferhost.exe unicorn-63329.exe unicorn-54839.exe unicorn-28610.exe unicorn-34741.exe backgroundtransferhost.exe no specs unicorn-57984.exe unicorn-10599.exe unicorn-54777.exe unicorn-42260.exe unicorn-48730.exe unicorn-15643.exe unicorn-10812.exe unicorn-55737.exe unicorn-2452.exe unicorn-56292.exe unicorn-63143.exe backgroundtransferhost.exe no specs unicorn-44985.exe unicorn-33287.exe backgroundtransferhost.exe no specs unicorn-1575.exe unicorn-13765.exe unicorn-20354.exe unicorn-10641.exe unicorn-17667.exe unicorn-21825.exe unicorn-24840.exe unicorn-13417.exe unicorn-3303.exe unicorn-10532.exe unicorn-52634.exe unicorn-39675.exe unicorn-8486.exe unicorn-42228.exe unicorn-14616.exe unicorn-55265.exe unicorn-35399.exe unicorn-14159.exe unicorn-52525.exe unicorn-48441.exe unicorn-56609.exe unicorn-39311.exe unicorn-6838.exe unicorn-61440.exe unicorn-49510.exe unicorn-61440.exe unicorn-34142.exe unicorn-16454.exe unicorn-45234.exe unicorn-16131.exe unicorn-54179.exe unicorn-15384.exe unicorn-8.exe unicorn-5716.exe unicorn-38912.exe unicorn-11191.exe unicorn-36500.exe unicorn-20922.exe unicorn-62509.exe unicorn-28213.exe unicorn-35618.exe unicorn-62784.exe unicorn-49593.exe unicorn-6100.exe unicorn-34880.exe unicorn-16921.exe unicorn-52700.exe unicorn-22675.exe unicorn-25966.exe unicorn-62961.exe unicorn-7822.exe unicorn-41965.exe unicorn-38435.exe unicorn-50880.exe unicorn-44980.exe unicorn-44980.exe unicorn-15597.exe unicorn-20650.exe unicorn-7045.exe unicorn-39993.exe unicorn-62037.exe unicorn-41062.exe unicorn-35909.exe unicorn-56884.exe unicorn-11212.exe unicorn-7813.exe unicorn-20812.exe unicorn-7356.exe unicorn-36402.exe unicorn-34355.exe unicorn-36677.exe unicorn-42607.exe unicorn-45530.exe unicorn-41446.exe unicorn-4305.exe unicorn-11704.exe unicorn-49422.exe unicorn-12940.exe unicorn-50060.exe unicorn-4123.exe unicorn-16833.exe unicorn-7595.exe unicorn-50937.exe unicorn-50117.exe unicorn-30516.exe unicorn-60880.exe unicorn-37938.exe unicorn-16449.exe unicorn-39976.exe unicorn-33091.exe unicorn-9624.exe unicorn-39282.exe no specs unicorn-55981.exe unicorn-10117.exe unicorn-9240.exe unicorn-13879.exe unicorn-45805.exe unicorn-60095.exe unicorn-6116.exe unicorn-39785.exe no specs unicorn-1840.exe unicorn-28160.exe unicorn-48026.exe unicorn-19054.exe unicorn-34513.exe unicorn-44527.exe unicorn-22156.exe unicorn-22156.exe unicorn-41757.exe unicorn-18539.exe unicorn-38405.exe unicorn-56085.exe unicorn-27265.exe unicorn-35665.exe unicorn-62015.exe unicorn-19691.exe unicorn-43449.exe unicorn-51617.exe unicorn-14860.exe unicorn-4646.exe unicorn-56448.exe unicorn-64616.exe no specs unicorn-11331.exe unicorn-31197.exe unicorn-31973.exe unicorn-19364.exe unicorn-36504.exe no specs unicorn-42104.exe unicorn-517.exe unicorn-8685.exe unicorn-41550.exe no specs unicorn-32121.exe unicorn-15785.exe unicorn-35058.exe no specs unicorn-52157.exe unicorn-1979.exe unicorn-53781.exe unicorn-53781.exe no specs unicorn-41803.exe unicorn-771.exe unicorn-44949.exe unicorn-57009.exe unicorn-52048.exe no specs unicorn-14122.exe unicorn-24337.exe unicorn-15406.exe unicorn-1176.exe unicorn-35695.exe unicorn-30642.exe unicorn-4876.exe no specs unicorn-47149.exe unicorn-18015.exe unicorn-21981.exe no specs unicorn-52415.exe unicorn-60775.exe unicorn-45177.exe unicorn-59012.exe no specs unicorn-22676.exe no specs unicorn-11243.exe unicorn-4558.exe unicorn-3075.exe unicorn-40237.exe unicorn-18556.exe unicorn-4165.exe unicorn-57128.exe no specs unicorn-15903.exe no specs unicorn-35769.exe unicorn-29638.exe unicorn-29638.exe unicorn-40730.exe unicorn-8332.exe unicorn-58965.exe no specs unicorn-4056.exe unicorn-45966.exe unicorn-36345.exe no specs unicorn-36113.exe unicorn-38758.exe unicorn-45665.exe unicorn-49557.exe unicorn-64502.exe no specs unicorn-59763.exe unicorn-91.exe no specs unicorn-46028.exe no specs unicorn-9271.exe unicorn-59910.exe unicorn-15540.exe unicorn-28014.exe unicorn-53588.exe unicorn-48021.exe unicorn-4222.exe unicorn-50159.exe no specs unicorn-7180.exe no specs unicorn-30829.exe no specs unicorn-51232.exe no specs unicorn-8908.exe unicorn-22643.exe unicorn-2743.exe no specs unicorn-48680.exe unicorn-3428.exe unicorn-24306.exe unicorn-48628.exe unicorn-42763.exe no specs unicorn-29027.exe unicorn-29027.exe unicorn-52977.exe unicorn-29027.exe unicorn-52977.exe no specs unicorn-8052.exe unicorn-59099.exe unicorn-59099.exe no specs unicorn-64964.exe unicorn-20113.exe unicorn-7668.exe unicorn-53148.exe no specs unicorn-26919.exe unicorn-24119.exe no specs unicorn-9100.exe no specs unicorn-22835.exe unicorn-7859.exe unicorn-24394.exe unicorn-13459.exe no specs unicorn-6902.exe no specs unicorn-27962.exe no specs unicorn-29817.exe unicorn-30886.exe unicorn-17565.exe unicorn-41645.exe unicorn-41685.exe unicorn-17181.exe no specs unicorn-49151.exe no specs unicorn-10356.exe unicorn-34669.exe unicorn-1731.exe no specs unicorn-30947.exe no specs unicorn-39115.exe no specs unicorn-31462.exe unicorn-28154.exe no specs unicorn-3865.exe unicorn-14419.exe unicorn-14419.exe no specs unicorn-14419.exe no specs unicorn-34020.exe no specs unicorn-25354.exe no specs unicorn-37667.exe no specs unicorn-8472.exe no specs unicorn-8472.exe unicorn-19463.exe no specs unicorn-40398.exe no specs unicorn-51389.exe unicorn-53766.exe no specs unicorn-52889.exe unicorn-60865.exe no specs unicorn-61742.exe no specs unicorn-53574.exe no specs unicorn-9095.exe no specs unicorn-22830.exe no specs unicorn-37875.exe no specs unicorn-28696.exe no specs unicorn-49189.exe unicorn-8348.exe no specs unicorn-54020.exe no specs unicorn-41136.exe no specs unicorn-46266.exe unicorn-17202.exe no specs unicorn-12048.exe no specs unicorn-49765.exe unicorn-46266.exe unicorn-46266.exe no specs unicorn-26391.exe no specs unicorn-32530.exe no specs unicorn-2079.exe no specs unicorn-52754.exe no specs unicorn-12882.exe unicorn-56646.exe unicorn-17478.exe no specs unicorn-27543.exe no specs unicorn-9890.exe no specs unicorn-58892.exe unicorn-18555.exe no specs unicorn-2847.exe no specs unicorn-50324.exe no specs unicorn-27351.exe no specs unicorn-27351.exe no specs unicorn-46952.exe no specs unicorn-41087.exe no specs unicorn-56132.exe no specs unicorn-4330.exe no specs unicorn-22255.exe unicorn-42239.exe unicorn-15504.exe unicorn-55888.exe no specs unicorn-22254.exe no specs unicorn-58374.exe no specs unicorn-47855.exe no specs unicorn-25702.exe no specs unicorn-32530.exe no specs unicorn-19379.exe no specs unicorn-16579.exe no specs unicorn-44683.exe no specs unicorn-33678.exe no specs unicorn-38124.exe no specs unicorn-48488.exe no specs unicorn-28887.exe no specs unicorn-56848.exe no specs unicorn-37247.exe unicorn-37247.exe no specs unicorn-50983.exe no specs unicorn-50983.exe no specs unicorn-48296.exe no specs unicorn-42431.exe no specs unicorn-16195.exe no specs unicorn-5260.exe no specs unicorn-2218.exe no specs unicorn-37247.exe no specs unicorn-37247.exe no specs unicorn-31635.exe no specs unicorn-54020.exe no specs unicorn-43526.exe no specs unicorn-63348.exe no specs unicorn-48486.exe no specs unicorn-18253.exe no specs unicorn-9819.exe no specs unicorn-54636.exe no specs unicorn-39057.exe no specs unicorn-27468.exe no specs unicorn-43391.exe unicorn-37247.exe no specs unicorn-46266.exe no specs unicorn-58501.exe no specs unicorn-30762.exe no specs unicorn-30762.exe no specs unicorn-3326.exe no specs unicorn-32595.exe no specs slui.exe no specs unicorn-24447.exe no specs unicorn-24447.exe no specs unicorn-49648.exe no specs unicorn-30047.exe no specs unicorn-49648.exe no specs unicorn-49648.exe unicorn-49648.exe no specs unicorn-30047.exe no specs unicorn-41513.exe no specs unicorn-43783.exe no specs unicorn-43783.exe no specs unicorn-43783.exe no specs unicorn-43783.exe no specs unicorn-43783.exe no specs unicorn-43783.exe unicorn-40983.exe no specs unicorn-4034.exe no specs unicorn-11987.exe no specs unicorn-58636.exe unicorn-12699.exe unicorn-12699.exe no specs unicorn-20155.exe no specs unicorn-37661.exe no specs unicorn-50873.exe no specs unicorn-34899.exe unicorn-8671.exe no specs unicorn-41751.exe no specs unicorn-25215.exe unicorn-8671.exe no specs unicorn-44551.exe no specs unicorn-44551.exe no specs unicorn-30815.exe no specs unicorn-44412.exe no specs unicorn-9875.exe no specs unicorn-27883.exe no specs unicorn-31775.exe no specs unicorn-52518.exe no specs unicorn-28253.exe no specs unicorn-49550.exe no specs unicorn-15617.exe no specs unicorn-51412.exe no specs unicorn-40998.exe no specs unicorn-12108.exe no specs unicorn-12108.exe no specs unicorn-8024.exe no specs unicorn-2416.exe no specs unicorn-55917.exe no specs unicorn-40983.exe no specs unicorn-13187.exe no specs unicorn-13187.exe no specs unicorn-13187.exe no specs unicorn-59124.exe no specs unicorn-53524.exe no specs unicorn-4522.exe no specs unicorn-7322.exe no specs unicorn-9923.exe no specs unicorn-23244.exe no specs unicorn-45549.exe no specs unicorn-37381.exe no specs unicorn-11013.exe no specs unicorn-22389.exe no specs unicorn-52046.exe no specs unicorn-5668.exe no specs unicorn-30671.exe no specs unicorn-43686.exe no specs unicorn-38533.exe no specs unicorn-11781.exe no specs unicorn-52814.exe no specs unicorn-2352.exe no specs unicorn-44551.exe no specs unicorn-54873.exe no specs unicorn-60473.exe no specs unicorn-60473.exe no specs unicorn-38983.exe no specs unicorn-14536.exe no specs unicorn-5871.exe no specs unicorn-14536.exe no specs unicorn-50416.exe no specs unicorn-63613.exe no specs unicorn-40178.exe no specs unicorn-44262.exe no specs unicorn-52430.exe no specs unicorn-7121.exe unicorn-18497.exe no specs unicorn-1266.exe unicorn-20718.exe no specs unicorn-5542.exe no specs unicorn-19575.exe no specs unicorn-25962.exe no specs unicorn-19841.exe no specs unicorn-48237.exe no specs unicorn-8273.exe no specs unicorn-8083.exe no specs unicorn-15372.exe no specs unicorn-40946.exe no specs unicorn-42623.exe no specs unicorn-53605.exe no specs unicorn-52131.exe no specs unicorn-28650.exe no specs unicorn-32530.exe no specs unicorn-21736.exe no specs unicorn-6929.exe no specs unicorn-56524.exe no specs unicorn-52131.exe no specs unicorn-41972.exe no specs unicorn-15134.exe no specs unicorn-2218.exe no specs unicorn-16849.exe no specs unicorn-2419.exe no specs unicorn-22002.exe no specs unicorn-47941.exe no specs

Process information

PID
CMD
Path
Indicators
Parent process
616C:\Users\admin\AppData\Local\Temp\Unicorn-7039.exeC:\Users\admin\AppData\Local\Temp\Unicorn-7039.exe
1 (1362).exe
User:
admin
Company:
UEFI
Integrity Level:
MEDIUM
Version:
1.00
Modules
Images
c:\users\admin\appdata\local\temp\unicorn-7039.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\apphelp.dll
c:\windows\syswow64\msvbvm60.dll
728C:\Users\admin\AppData\Local\Temp\Unicorn-45213.exeC:\Users\admin\AppData\Local\Temp\Unicorn-45213.exe
1 (1362).exe
User:
admin
Company:
UEFI
Integrity Level:
MEDIUM
Version:
1.00
Modules
Images
c:\users\admin\appdata\local\temp\unicorn-45213.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\apphelp.dll
c:\windows\syswow64\msvbvm60.dll
744C:\Users\admin\AppData\Local\Temp\Unicorn-58787.exeC:\Users\admin\AppData\Local\Temp\Unicorn-58787.exe
Unicorn-45213.exe
User:
admin
Company:
UEFI
Integrity Level:
MEDIUM
Version:
1.00
Modules
Images
c:\users\admin\appdata\local\temp\unicorn-58787.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\apphelp.dll
c:\windows\syswow64\msvbvm60.dll
812C:\Users\admin\AppData\Local\Temp\Unicorn-47730.exeC:\Users\admin\AppData\Local\Temp\Unicorn-47730.exe
Unicorn-7039.exe
User:
admin
Company:
UEFI
Integrity Level:
MEDIUM
Version:
1.00
Modules
Images
c:\users\admin\appdata\local\temp\unicorn-47730.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\apphelp.dll
c:\windows\syswow64\msvbvm60.dll
856C:\Users\admin\AppData\Local\Temp\Unicorn-48730.exeC:\Users\admin\AppData\Local\Temp\Unicorn-48730.exe
Unicorn-7039.exe
User:
admin
Company:
UEFI
Integrity Level:
MEDIUM
Version:
1.00
Modules
Images
c:\users\admin\appdata\local\temp\unicorn-48730.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\apphelp.dll
c:\windows\syswow64\msvbvm60.dll
872C:\Users\admin\AppData\Local\Temp\Unicorn-58965.exeC:\Users\admin\AppData\Local\Temp\Unicorn-58965.exeUnicorn-45234.exe
User:
admin
Company:
UEFI
Integrity Level:
MEDIUM
Version:
1.00
Modules
Images
c:\users\admin\appdata\local\temp\unicorn-58965.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\apphelp.dll
c:\windows\syswow64\msvbvm60.dll
920C:\Users\admin\AppData\Local\Temp\Unicorn-38912.exeC:\Users\admin\AppData\Local\Temp\Unicorn-38912.exe
Unicorn-3464.exe
User:
admin
Company:
UEFI
Integrity Level:
MEDIUM
Version:
1.00
Modules
Images
c:\users\admin\appdata\local\temp\unicorn-38912.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\apphelp.dll
c:\windows\syswow64\msvbvm60.dll
968C:\Users\admin\AppData\Local\Temp\Unicorn-38435.exeC:\Users\admin\AppData\Local\Temp\Unicorn-38435.exe
Unicorn-15643.exe
User:
admin
Company:
UEFI
Integrity Level:
MEDIUM
Version:
1.00
Modules
Images
c:\users\admin\appdata\local\temp\unicorn-38435.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\apphelp.dll
c:\windows\syswow64\msvbvm60.dll
976C:\Users\admin\AppData\Local\Temp\Unicorn-7252.exeC:\Users\admin\AppData\Local\Temp\Unicorn-7252.exe
Unicorn-45213.exe
User:
admin
Company:
UEFI
Integrity Level:
MEDIUM
Version:
1.00
Modules
Images
c:\users\admin\appdata\local\temp\unicorn-7252.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\apphelp.dll
c:\windows\syswow64\msvbvm60.dll
1040C:\Users\admin\AppData\Local\Temp\Unicorn-57984.exeC:\Users\admin\AppData\Local\Temp\Unicorn-57984.exe
Unicorn-40605.exe
User:
admin
Company:
UEFI
Integrity Level:
MEDIUM
Version:
1.00
Modules
Images
c:\users\admin\appdata\local\temp\unicorn-57984.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\apphelp.dll
c:\windows\syswow64\msvbvm60.dll
Total events
10 548
Read events
10 533
Write events
15
Delete events
0

Modification events

(PID) Process:(2420) BackgroundTransferHost.exeKey:HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.contentdeliverymanager_cw5n1h2txyewy\Internet Settings\Cache\History
Operation:writeName:CachePrefix
Value:
Visited:
(PID) Process:(2420) BackgroundTransferHost.exeKey:HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.contentdeliverymanager_cw5n1h2txyewy\Internet Settings\Cache\Content
Operation:writeName:CachePrefix
Value:
(PID) Process:(2420) BackgroundTransferHost.exeKey:HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.contentdeliverymanager_cw5n1h2txyewy\Internet Settings\Cache\Cookies
Operation:writeName:CachePrefix
Value:
Cookie:
(PID) Process:(5984) BackgroundTransferHost.exeKey:HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.contentdeliverymanager_cw5n1h2txyewy\Internet Settings\Cache\Content
Operation:writeName:CachePrefix
Value:
(PID) Process:(5984) BackgroundTransferHost.exeKey:HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.contentdeliverymanager_cw5n1h2txyewy\Internet Settings\Cache\Cookies
Operation:writeName:CachePrefix
Value:
Cookie:
(PID) Process:(5984) BackgroundTransferHost.exeKey:HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.contentdeliverymanager_cw5n1h2txyewy\Internet Settings\Cache\History
Operation:writeName:CachePrefix
Value:
Visited:
(PID) Process:(5512) BackgroundTransferHost.exeKey:HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.contentdeliverymanager_cw5n1h2txyewy\Internet Settings\Cache\Content
Operation:writeName:CachePrefix
Value:
(PID) Process:(5512) BackgroundTransferHost.exeKey:HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.contentdeliverymanager_cw5n1h2txyewy\Internet Settings\Cache\Cookies
Operation:writeName:CachePrefix
Value:
Cookie:
(PID) Process:(5512) BackgroundTransferHost.exeKey:HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.contentdeliverymanager_cw5n1h2txyewy\Internet Settings\Cache\History
Operation:writeName:CachePrefix
Value:
Visited:
(PID) Process:(7408) BackgroundTransferHost.exeKey:HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.contentdeliverymanager_cw5n1h2txyewy\Internet Settings\Cache\Content
Operation:writeName:CachePrefix
Value:
Executable files
819
Suspicious files
5
Text files
0
Unknown types
0

Dropped files

PID
Process
Filename
Type
5984BackgroundTransferHost.exeC:\Users\admin\AppData\Local\Packages\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\AC\BackgroundTransferApi\72c99780-40fe-45bf-9ca0-86c2ab83f99c.down_data
MD5:
SHA256:
39561 (1362).exeC:\Users\admin\AppData\Local\Temp\Unicorn-7039.exeexecutable
MD5:1AF5D667C24B9076952226E8A8D7B284
SHA256:F55C2CFEFB39753ABBEE1CA535019A07493787887A5274E6785162A12451C834
39561 (1362).exeC:\Users\admin\AppData\Local\Temp\Unicorn-32362.exeexecutable
MD5:348778C68298CBBA4E72880956D3E889
SHA256:B6314ED5FD15FB3FAF97692D1150FD83AC0B2158B078A950FB3D5177AF1AEB6E
728Unicorn-45213.exeC:\Users\admin\AppData\Local\Temp\Unicorn-5223.exeexecutable
MD5:F9269FFACA3468045C4B4C98A9093B5B
SHA256:40742BD718A84FD5663A1F7F5C278A3808D9C8C2CF576D1A72DF1B1718D95593
6272Unicorn-5223.exeC:\Users\admin\AppData\Local\Temp\Unicorn-45353.exeexecutable
MD5:16F1B43634243E5A4FD245D6A906AFD0
SHA256:387B013B33CF3DABC54A86489A65BD84A635552D3BEC3300B39F915F7D0A83F4
3304Unicorn-45353.exeC:\Users\admin\AppData\Local\Temp\Unicorn-21254.exeexecutable
MD5:CD7ACC9274DE49378A05F64B630FDBD4
SHA256:4C67861EF14236E00B69DB64C894E1123EA5716301EE5F904172768112C24493
728Unicorn-45213.exeC:\Users\admin\AppData\Local\Temp\Unicorn-7252.exeexecutable
MD5:E706D6070B58426AC427C93128DD2544
SHA256:DDD46043C424002C87A5E184A102D8D36E73FEBD23FCBC1E457B74152F29A740
812Unicorn-47730.exeC:\Users\admin\AppData\Local\Temp\Unicorn-3464.exeexecutable
MD5:CE2698A796FF35F5980DE8B43C571BD3
SHA256:7A5BDF75AD54CC9E37E09CD7486B064BE598C238B19ABF63AC4C716CF59EB7DF
39561 (1362).exeC:\Users\admin\AppData\Local\Temp\Unicorn-11367.exeexecutable
MD5:6C9999D865D9D6A3DDC7C8B1D2D9DA08
SHA256:1960B2A77D3D3F77A6A0962E86EA4B5D4D79B4F833C8AD9A8AE4FBB63A5F391A
616Unicorn-7039.exeC:\Users\admin\AppData\Local\Temp\Unicorn-47730.exeexecutable
MD5:11FA2250D26F27FC43E41DA7A16DE13A
SHA256:5F2D56045FB7BAF249FAF36C786F830DF9AAD612CF90221491AECC79B3972127
Download PCAP, analyze network streams, HTTP content and a lot more at the full report
HTTP(S) requests
6
TCP/UDP connections
25
DNS requests
18
Threats
0

HTTP requests

PID
Process
Method
HTTP Code
IP
URL
CN
Type
Size
Reputation
GET
200
23.53.40.176:80
http://crl.microsoft.com/pki/crl/products/MicRooCerAut2011_2011_03_22.crl
unknown
whitelisted
5552
backgroundTaskHost.exe
GET
200
184.30.131.245:80
http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBQ50otx%2Fh0Ztl%2Bz8SiPI7wEWVxDlQQUTiJUIBiV5uNu5g%2F6%2BrkS7QYXjzkCEAUZZSZEml49Gjh0j13P68w%3D
unknown
whitelisted
6544
svchost.exe
GET
200
184.30.131.245:80
http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBSAUQYBMq2awn1Rh6Doh%2FsBYgFV7gQUA95QNVbRTLtm8KPiGxvDl7I90VUCEAJ0LqoXyo4hxxe7H%2Fz9DKA%3D
unknown
whitelisted
5984
BackgroundTransferHost.exe
GET
200
184.30.131.245:80
http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBTrjrydRyt%2BApF3GSPypfHBxR5XtQQUs9tIpPmhxdiuNkHMEWNpYim8S8YCEAI5PUjXAkJafLQcAAsO18o%3D
unknown
whitelisted
7352
SIHClient.exe
GET
200
23.35.229.160:80
http://www.microsoft.com/pkiops/crl/Microsoft%20ECC%20Product%20Root%20Certificate%20Authority%202018.crl
unknown
whitelisted
7352
SIHClient.exe
GET
200
23.35.229.160:80
http://www.microsoft.com/pkiops/crl/Microsoft%20ECC%20Update%20Secure%20Server%20CA%202.1.crl
unknown
whitelisted
Download PCAP, analyze network streams, HTTP content and a lot more at the full report

Connections

PID
Process
IP
Domain
ASN
CN
Reputation
4
System
192.168.100.255:137
whitelisted
2104
svchost.exe
4.231.128.59:443
settings-win.data.microsoft.com
MICROSOFT-CORP-MSN-AS-BLOCK
IE
whitelisted
4.231.128.59:443
settings-win.data.microsoft.com
MICROSOFT-CORP-MSN-AS-BLOCK
IE
whitelisted
23.53.40.176:80
crl.microsoft.com
Akamai International B.V.
DE
whitelisted
4
System
192.168.100.255:138
whitelisted
3216
svchost.exe
40.113.110.67:443
client.wns.windows.com
MICROSOFT-CORP-MSN-AS-BLOCK
NL
whitelisted
6544
svchost.exe
20.190.160.4:443
login.live.com
MICROSOFT-CORP-MSN-AS-BLOCK
NL
whitelisted
6544
svchost.exe
184.30.131.245:80
ocsp.digicert.com
AKAMAI-AS
US
whitelisted
2112
svchost.exe
51.104.136.2:443
settings-win.data.microsoft.com
MICROSOFT-CORP-MSN-AS-BLOCK
IE
whitelisted
5552
backgroundTaskHost.exe
20.74.47.205:443
arc.msn.com
MICROSOFT-CORP-MSN-AS-BLOCK
FR
whitelisted

DNS requests

Domain
IP
Reputation
settings-win.data.microsoft.com
  • 4.231.128.59
  • 51.104.136.2
  • 40.127.240.158
whitelisted
google.com
  • 142.250.185.206
whitelisted
crl.microsoft.com
  • 23.53.40.176
  • 23.53.40.178
whitelisted
client.wns.windows.com
  • 40.113.110.67
whitelisted
login.live.com
  • 20.190.160.4
  • 20.190.160.17
  • 20.190.160.22
  • 20.190.160.128
  • 20.190.160.65
  • 20.190.160.64
  • 40.126.32.134
  • 20.190.160.132
whitelisted
ocsp.digicert.com
  • 184.30.131.245
whitelisted
arc.msn.com
  • 20.74.47.205
whitelisted
www.bing.com
  • 92.123.104.65
  • 92.123.104.21
  • 92.123.104.19
  • 92.123.104.67
  • 92.123.104.5
  • 92.123.104.26
  • 92.123.104.14
  • 92.123.104.22
  • 92.123.104.7
whitelisted
slscr.update.microsoft.com
  • 52.149.20.212
whitelisted
www.microsoft.com
  • 23.35.229.160
whitelisted

Threats

No threats detected
No debug info
Interactive malware hunting service ANY.RUN
© 2017-2025 ANY.RUN ALL RIGHTS RESERVED
ANY.RUN
Reports
1 (1362)