File name:

1 (356)

Full analysis: https://app.any.run/tasks/eb458d9d-1724-44a6-9a14-25410a89bd83
Verdict: Malicious activity
Analysis date: March 24, 2025, 20:27:47
OS: Windows 10 Professional (build: 19045, 64 bit)
Indicators:
MIME: application/vnd.microsoft.portable-executable
File info: PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows, 3 sections
MD5:

7C038DC9A3163F5A1D79BD41E25A24C0

SHA1:

B203FAC1683B411C88D671229D68DD22911806BD

SHA256:

CCB4EF037A9A5A7CC53C98CEDC302312B0CD99BE89F5075E260C441C60D76DF9

SSDEEP:

6144:77K8f74JeDuHA5DlUHem1Afx/tBQlvJGBH/WyeOiFk/8SwjwpyAvEh/YaVfJsvWa:7+achHA55U+LBmhaHOyeOizx4DxmDsR

ANY.RUN is an interactive service which provides full access to the guest system. Information in this report could be distorted by user actions and is provided for user acknowledgement as it is. ANY.RUN does not guarantee maliciousness or safety of the content.

  • MALICIOUS

    No malicious indicators.

  • SUSPICIOUS

    • Starts itself from another location

      • 1 (356).exe (PID: 5972)
      • Unicorn-28422.exe (PID: 7588)
      • Unicorn-53912.exe (PID: 7172)
      • Unicorn-27491.exe (PID: 7920)
      • Unicorn-23316.exe (PID: 7936)
      • Unicorn-30092.exe (PID: 7944)
      • Unicorn-36720.exe (PID: 7976)
      • Unicorn-4623.exe (PID: 7992)
      • Unicorn-46211.exe (PID: 8000)
      • Unicorn-45556.exe (PID: 8028)
      • Unicorn-59589.exe (PID: 8008)
      • Unicorn-25044.exe (PID: 8016)
      • Unicorn-30280.exe (PID: 8100)
      • Unicorn-64898.exe (PID: 8132)
      • Unicorn-6330.exe (PID: 8112)
      • Unicorn-15698.exe (PID: 8156)
      • Unicorn-2075.exe (PID: 5380)
      • Unicorn-19782.exe (PID: 5548)
      • Unicorn-56630.exe (PID: 8180)
      • Unicorn-45054.exe (PID: 7204)
      • Unicorn-49117.exe (PID: 8168)
      • Unicorn-44789.exe (PID: 976)
      • Unicorn-41524.exe (PID: 7456)
      • Unicorn-56544.exe (PID: 7392)
      • Unicorn-43584.exe (PID: 3240)
      • Unicorn-56491.exe (PID: 5640)
      • Unicorn-49714.exe (PID: 5552)
      • Unicorn-21126.exe (PID: 5008)
      • Unicorn-39408.exe (PID: 1180)
      • Unicorn-13320.exe (PID: 672)
      • Unicorn-60959.exe (PID: 6044)
      • Unicorn-60688.exe (PID: 7712)
      • Unicorn-19372.exe (PID: 7464)
      • Unicorn-59947.exe (PID: 7388)
      • Unicorn-27540.exe (PID: 7660)
      • Unicorn-32584.exe (PID: 7852)
      • Unicorn-49012.exe (PID: 7556)
      • Unicorn-61343.exe (PID: 7516)
      • Unicorn-23454.exe (PID: 7896)
      • Unicorn-10949.exe (PID: 7488)
      • Unicorn-4733.exe (PID: 7844)
      • Unicorn-39516.exe (PID: 7048)
      • Unicorn-5365.exe (PID: 7736)
      • Unicorn-32138.exe (PID: 7740)
      • Unicorn-8235.exe (PID: 3784)
      • Unicorn-6673.exe (PID: 4488)
      • Unicorn-13725.exe (PID: 6148)
      • Unicorn-45376.exe (PID: 7656)
      • Unicorn-32229.exe (PID: 7356)
      • Unicorn-64710.exe (PID: 4300)
      • Unicorn-17940.exe (PID: 3020)
      • Unicorn-41100.exe (PID: 7036)
      • Unicorn-63942.exe (PID: 3884)
      • Unicorn-28822.exe (PID: 7584)
      • Unicorn-56320.exe (PID: 3304)
      • Unicorn-18494.exe (PID: 536)
      • Unicorn-63850.exe (PID: 8072)
      • Unicorn-44198.exe (PID: 5304)
      • Unicorn-25916.exe (PID: 5984)
      • Unicorn-8058.exe (PID: 7644)
      • Unicorn-50486.exe (PID: 8248)
      • Unicorn-22687.exe (PID: 2392)
      • Unicorn-1473.exe (PID: 7220)
      • Unicorn-30794.exe (PID: 2236)
      • Unicorn-44774.exe (PID: 6476)
      • Unicorn-63310.exe (PID: 7888)
      • Unicorn-16855.exe (PID: 7632)
      • Unicorn-24663.exe (PID: 7416)
      • Unicorn-3893.exe (PID: 6268)
      • Unicorn-21618.exe (PID: 2136)
      • Unicorn-55272.exe (PID: 7864)
      • Unicorn-59522.exe (PID: 8416)
      • Unicorn-5687.exe (PID: 5376)
      • Unicorn-12054.exe (PID: 300)
      • Unicorn-47680.exe (PID: 3768)
      • Unicorn-49003.exe (PID: 2108)
      • Unicorn-783.exe (PID: 8452)
      • Unicorn-25978.exe (PID: 7720)
      • Unicorn-63030.exe (PID: 8208)
      • Unicorn-64877.exe (PID: 8808)
      • Unicorn-50752.exe (PID: 8832)
      • Unicorn-26802.exe (PID: 8840)
      • Unicorn-32932.exe (PID: 1452)
      • Unicorn-26941.exe (PID: 8388)
      • Unicorn-51764.exe (PID: 5576)
      • Unicorn-46315.exe (PID: 2284)
      • Unicorn-32282.exe (PID: 5556)
      • Unicorn-23538.exe (PID: 6108)
      • Unicorn-12676.exe (PID: 7688)
      • Unicorn-42418.exe (PID: 8220)
      • Unicorn-62202.exe (PID: 8960)
      • Unicorn-49730.exe (PID: 9012)
      • Unicorn-47031.exe (PID: 8660)
      • Unicorn-38848.exe (PID: 8996)
      • Unicorn-51717.exe (PID: 8280)
      • Unicorn-38095.exe (PID: 7476)
      • Unicorn-57898.exe (PID: 9032)
      • Unicorn-35724.exe (PID: 9188)
      • Unicorn-1468.exe (PID: 9196)
      • Unicorn-55053.exe (PID: 8476)
      • Unicorn-56699.exe (PID: 7244)
      • Unicorn-25972.exe (PID: 4784)
      • Unicorn-14410.exe (PID: 8080)
      • Unicorn-19620.exe (PID: 7828)
      • Unicorn-4217.exe (PID: 2692)
      • Unicorn-56616.exe (PID: 8260)
      • Unicorn-4229.exe (PID: 8916)
      • Unicorn-63222.exe (PID: 8328)
      • Unicorn-28110.exe (PID: 9164)
      • Unicorn-39040.exe (PID: 8908)
      • Unicorn-54763.exe (PID: 8756)
      • Unicorn-9439.exe (PID: 9828)
      • Unicorn-7301.exe (PID: 9820)
      • Unicorn-8981.exe (PID: 6480)
      • Unicorn-54919.exe (PID: 9876)
      • Unicorn-36388.exe (PID: 8200)
      • Unicorn-42554.exe (PID: 8868)
      • Unicorn-37348.exe (PID: 8488)
      • Unicorn-42522.exe (PID: 9300)
      • Unicorn-34446.exe (PID: 6564)
      • Unicorn-23232.exe (PID: 9376)
      • Unicorn-4436.exe (PID: 8764)
      • Unicorn-58323.exe (PID: 8364)
      • Unicorn-54815.exe (PID: 8568)
      • Unicorn-6678.exe (PID: 7448)
      • Unicorn-10513.exe (PID: 8376)
      • Unicorn-35162.exe (PID: 8776)
      • Unicorn-28516.exe (PID: 9480)
      • Unicorn-15394.exe (PID: 11368)
      • Unicorn-32448.exe (PID: 8532)
      • Unicorn-5535.exe (PID: 8628)
      • Unicorn-13232.exe (PID: 11580)
      • Unicorn-13232.exe (PID: 11600)
      • Unicorn-38692.exe (PID: 8736)
      • Unicorn-50731.exe (PID: 8580)
      • Unicorn-30467.exe (PID: 9528)
      • Unicorn-58977.exe (PID: 11636)
      • Unicorn-902.exe (PID: 8544)
      • Unicorn-55734.exe (PID: 9544)
      • Unicorn-17826.exe (PID: 9320)
      • Unicorn-7367.exe (PID: 11328)
      • Unicorn-24365.exe (PID: 10128)
      • Unicorn-41051.exe (PID: 12096)
      • Unicorn-24358.exe (PID: 11740)
      • Unicorn-57774.exe (PID: 8516)
      • Unicorn-36746.exe (PID: 8728)
      • Unicorn-59505.exe (PID: 12720)
      • Unicorn-25972.exe (PID: 3024)
      • Unicorn-13038.exe (PID: 12104)
      • Unicorn-61062.exe (PID: 9940)
      • Unicorn-47016.exe (PID: 8972)
      • Unicorn-24982.exe (PID: 5232)
      • Unicorn-37111.exe (PID: 12420)
      • Unicorn-57003.exe (PID: 11852)
      • Unicorn-9657.exe (PID: 9344)
      • Unicorn-7127.exe (PID: 12388)
      • Unicorn-25436.exe (PID: 11276)
      • Unicorn-8895.exe (PID: 9328)
      • Unicorn-56886.exe (PID: 9988)
      • Unicorn-64548.exe (PID: 12188)
      • Unicorn-29737.exe (PID: 12180)
      • Unicorn-29349.exe (PID: 12760)
      • Unicorn-12746.exe (PID: 12196)
      • Unicorn-64548.exe (PID: 12768)
      • Unicorn-25653.exe (PID: 12228)
      • Unicorn-49439.exe (PID: 9696)
      • Unicorn-18611.exe (PID: 12220)
      • Unicorn-30388.exe (PID: 10564)
      • Unicorn-59169.exe (PID: 11076)
      • Unicorn-6105.exe (PID: 13960)
      • Unicorn-42883.exe (PID: 14036)
      • Unicorn-17049.exe (PID: 12336)
      • Unicorn-55804.exe (PID: 11772)
      • Unicorn-58923.exe (PID: 12496)
      • Unicorn-10210.exe (PID: 13996)
      • Unicorn-56860.exe (PID: 10740)
      • Unicorn-45355.exe (PID: 9704)
      • Unicorn-64286.exe (PID: 9620)
      • Unicorn-207.exe (PID: 8404)
      • Unicorn-24188.exe (PID: 11176)
      • Unicorn-23534.exe (PID: 8560)
      • Unicorn-21308.exe (PID: 9632)
      • Unicorn-15303.exe (PID: 9140)
      • Unicorn-39708.exe (PID: 5216)
      • Unicorn-46554.exe (PID: 10704)
      • Unicorn-50477.exe (PID: 8796)

    • Executable content was dropped or overwritten

      • 1 (356).exe (PID: 5972)
      • Unicorn-53912.exe (PID: 7172)
      • Unicorn-28422.exe (PID: 7588)
      • Unicorn-27491.exe (PID: 7920)
      • Unicorn-23316.exe (PID: 7936)
      • Unicorn-30092.exe (PID: 7944)
      • Unicorn-4623.exe (PID: 7992)
      • Unicorn-45556.exe (PID: 8028)
      • Unicorn-36720.exe (PID: 7976)
      • Unicorn-46211.exe (PID: 8000)
      • Unicorn-59589.exe (PID: 8008)
      • Unicorn-25044.exe (PID: 8016)
      • Unicorn-6330.exe (PID: 8112)
      • Unicorn-64898.exe (PID: 8132)
      • Unicorn-30280.exe (PID: 8100)
      • Unicorn-15698.exe (PID: 8156)
      • Unicorn-19782.exe (PID: 5548)
      • Unicorn-56630.exe (PID: 8180)
      • Unicorn-45054.exe (PID: 7204)
      • Unicorn-2075.exe (PID: 5380)
      • Unicorn-44789.exe (PID: 976)
      • Unicorn-41524.exe (PID: 7456)
      • Unicorn-56544.exe (PID: 7392)
      • Unicorn-49117.exe (PID: 8168)
      • Unicorn-56491.exe (PID: 5640)
      • Unicorn-43584.exe (PID: 3240)
      • Unicorn-49714.exe (PID: 5552)
      • Unicorn-21126.exe (PID: 5008)
      • Unicorn-39408.exe (PID: 1180)
      • Unicorn-56320.exe (PID: 3304)
      • Unicorn-13320.exe (PID: 672)
      • Unicorn-60959.exe (PID: 6044)
      • Unicorn-60688.exe (PID: 7712)
      • Unicorn-19372.exe (PID: 7464)
      • Unicorn-27540.exe (PID: 7660)
      • Unicorn-1473.exe (PID: 7220)
      • Unicorn-32584.exe (PID: 7852)
      • Unicorn-59947.exe (PID: 7388)
      • Unicorn-49012.exe (PID: 7556)
      • Unicorn-25978.exe (PID: 7720)
      • Unicorn-61343.exe (PID: 7516)
      • Unicorn-23454.exe (PID: 7896)
      • Unicorn-10949.exe (PID: 7488)
      • Unicorn-4733.exe (PID: 7844)
      • Unicorn-32138.exe (PID: 7740)
      • Unicorn-39516.exe (PID: 7048)
      • Unicorn-5365.exe (PID: 7736)
      • Unicorn-13725.exe (PID: 6148)
      • Unicorn-8235.exe (PID: 3784)
      • Unicorn-6673.exe (PID: 4488)
      • Unicorn-45376.exe (PID: 7656)
      • Unicorn-32229.exe (PID: 7356)
      • Unicorn-64710.exe (PID: 4300)
      • Unicorn-63850.exe (PID: 8072)
      • Unicorn-41100.exe (PID: 7036)
      • Unicorn-63942.exe (PID: 3884)
      • Unicorn-28822.exe (PID: 7584)
      • Unicorn-18494.exe (PID: 536)
      • Unicorn-25916.exe (PID: 5984)
      • Unicorn-44198.exe (PID: 5304)
      • Unicorn-22687.exe (PID: 2392)
      • Unicorn-8058.exe (PID: 7644)
      • Unicorn-50486.exe (PID: 8248)
      • Unicorn-44774.exe (PID: 6476)
      • Unicorn-30794.exe (PID: 2236)
      • Unicorn-63310.exe (PID: 7888)
      • Unicorn-16855.exe (PID: 7632)
      • Unicorn-24663.exe (PID: 7416)
      • Unicorn-3893.exe (PID: 6268)
      • Unicorn-21618.exe (PID: 2136)
      • Unicorn-55272.exe (PID: 7864)
      • Unicorn-59522.exe (PID: 8416)
      • Unicorn-5687.exe (PID: 5376)
      • Unicorn-12054.exe (PID: 300)
      • Unicorn-47680.exe (PID: 3768)
      • Unicorn-49003.exe (PID: 2108)
      • Unicorn-783.exe (PID: 8452)
      • Unicorn-63030.exe (PID: 8208)
      • Unicorn-64877.exe (PID: 8808)
      • Unicorn-26941.exe (PID: 8388)
      • Unicorn-26802.exe (PID: 8840)
      • Unicorn-50752.exe (PID: 8832)
      • Unicorn-32932.exe (PID: 1452)
      • Unicorn-51764.exe (PID: 5576)
      • Unicorn-46315.exe (PID: 2284)
      • Unicorn-32282.exe (PID: 5556)
      • Unicorn-23538.exe (PID: 6108)
      • Unicorn-12676.exe (PID: 7688)
      • Unicorn-42418.exe (PID: 8220)
      • Unicorn-49730.exe (PID: 9012)
      • Unicorn-62202.exe (PID: 8960)
      • Unicorn-38848.exe (PID: 8996)
      • Unicorn-36388.exe (PID: 8200)
      • Unicorn-47031.exe (PID: 8660)
      • Unicorn-38095.exe (PID: 7476)
      • Unicorn-55053.exe (PID: 8476)
      • Unicorn-51717.exe (PID: 8280)
      • Unicorn-56616.exe (PID: 8260)
      • Unicorn-1468.exe (PID: 9196)
      • Unicorn-57898.exe (PID: 9032)
      • Unicorn-35724.exe (PID: 9188)
      • Unicorn-25972.exe (PID: 4784)
      • Unicorn-14410.exe (PID: 8080)
      • Unicorn-56699.exe (PID: 7244)
      • Unicorn-19620.exe (PID: 7828)
      • Unicorn-63222.exe (PID: 8328)
      • Unicorn-4217.exe (PID: 2692)
      • Unicorn-39040.exe (PID: 8908)
      • Unicorn-28110.exe (PID: 9164)
      • Unicorn-37348.exe (PID: 8488)
      • Unicorn-54763.exe (PID: 8756)
      • Unicorn-7301.exe (PID: 9820)
      • Unicorn-8981.exe (PID: 6480)
      • Unicorn-207.exe (PID: 8404)
      • Unicorn-54919.exe (PID: 9876)
      • Unicorn-9439.exe (PID: 9828)
      • Unicorn-42522.exe (PID: 9300)
      • Unicorn-34446.exe (PID: 6564)
      • Unicorn-23232.exe (PID: 9376)
      • Unicorn-58323.exe (PID: 8364)
      • Unicorn-17940.exe (PID: 3020)
      • Unicorn-4436.exe (PID: 8764)
      • Unicorn-54815.exe (PID: 8568)
      • Unicorn-10513.exe (PID: 8376)
      • Unicorn-6678.exe (PID: 7448)
      • Unicorn-28516.exe (PID: 9480)
      • Unicorn-35162.exe (PID: 8776)
      • Unicorn-56860.exe (PID: 10740)
      • Unicorn-15394.exe (PID: 11368)
      • Unicorn-5535.exe (PID: 8628)
      • Unicorn-13232.exe (PID: 11580)
      • Unicorn-13232.exe (PID: 11600)
      • Unicorn-38692.exe (PID: 8736)
      • Unicorn-32448.exe (PID: 8532)
      • Unicorn-50731.exe (PID: 8580)
      • Unicorn-902.exe (PID: 8544)
      • Unicorn-55734.exe (PID: 9544)
      • Unicorn-58977.exe (PID: 11636)
      • Unicorn-30467.exe (PID: 9528)
      • Unicorn-24166.exe (PID: 10612)
      • Unicorn-17826.exe (PID: 9320)
      • Unicorn-41051.exe (PID: 12096)
      • Unicorn-24358.exe (PID: 11740)
      • Unicorn-7367.exe (PID: 11328)
      • Unicorn-24365.exe (PID: 10128)
      • Unicorn-42554.exe (PID: 8868)
      • Unicorn-57774.exe (PID: 8516)
      • Unicorn-13038.exe (PID: 12104)
      • Unicorn-59505.exe (PID: 12720)
      • Unicorn-25972.exe (PID: 3024)
      • Unicorn-47016.exe (PID: 8972)
      • Unicorn-24982.exe (PID: 5232)
      • Unicorn-9657.exe (PID: 9344)
      • Unicorn-61062.exe (PID: 9940)
      • Unicorn-37111.exe (PID: 12420)
      • Unicorn-57003.exe (PID: 11852)
      • Unicorn-56886.exe (PID: 9988)
      • Unicorn-7127.exe (PID: 12388)
      • Unicorn-25436.exe (PID: 11276)
      • Unicorn-8895.exe (PID: 9328)
      • Unicorn-64548.exe (PID: 12188)
      • Unicorn-29737.exe (PID: 12180)
      • Unicorn-29349.exe (PID: 12760)
      • Unicorn-59169.exe (PID: 11076)
      • Unicorn-25653.exe (PID: 12228)
      • Unicorn-12746.exe (PID: 12196)
      • Unicorn-49439.exe (PID: 9696)
      • Unicorn-18611.exe (PID: 12220)
      • Unicorn-30388.exe (PID: 10564)
      • Unicorn-1965.exe (PID: 9468)
      • Unicorn-55804.exe (PID: 11772)
      • Unicorn-45355.exe (PID: 9704)
      • Unicorn-64286.exe (PID: 9620)
      • Unicorn-23534.exe (PID: 8560)
      • Unicorn-21308.exe (PID: 9632)
      • Unicorn-50477.exe (PID: 8796)
      • Unicorn-43130.exe (PID: 9212)
      • Unicorn-18171.exe (PID: 8748)
      • Unicorn-39708.exe (PID: 5216)
      • Unicorn-64787.exe (PID: 11200)
      • Unicorn-41510.exe (PID: 10468)
      • Unicorn-7863.exe (PID: 9456)
      • Unicorn-61895.exe (PID: 4884)
      • Unicorn-32194.exe (PID: 9204)
      • Unicorn-36746.exe (PID: 8728)
      • Unicorn-32883.exe (PID: 12088)
      • Unicorn-39708.exe (PID: 5020)
      • Unicorn-27146.exe (PID: 9504)
      • Unicorn-46554.exe (PID: 10704)
      • Unicorn-42883.exe (PID: 14036)
      • Unicorn-10210.exe (PID: 13996)
      • Unicorn-39490.exe (PID: 9712)
      • Unicorn-34782.exe (PID: 13604)
      • Unicorn-51650.exe (PID: 9520)
      • Unicorn-22434.exe (PID: 4740)
      • Unicorn-7973.exe (PID: 11284)
      • Unicorn-33960.exe (PID: 11360)
      • Unicorn-25898.exe (PID: 13832)
      • Unicorn-49386.exe (PID: 10260)
      • Unicorn-34038.exe (PID: 13656)
      • Unicorn-442.exe (PID: 13360)
      • Unicorn-21282.exe (PID: 10640)
      • Unicorn-37430.exe (PID: 9420)
      • Unicorn-4229.exe (PID: 8916)
      • Unicorn-61790.exe (PID: 9092)
      • Unicorn-6105.exe (PID: 13960)
      • Unicorn-17696.exe (PID: 8676)
      • Unicorn-17049.exe (PID: 12336)
      • Unicorn-40960.exe (PID: 9404)
      • Unicorn-2091.exe (PID: 8952)
      • Unicorn-48884.exe (PID: 11092)
      • Unicorn-60958.exe (PID: 8616)
      • Unicorn-47060.exe (PID: 11624)
      • Unicorn-63893.exe (PID: 11884)
      • Unicorn-51720.exe (PID: 11748)
      • Unicorn-64548.exe (PID: 12212)
      • Unicorn-2824.exe (PID: 12164)
      • Unicorn-40720.exe (PID: 9796)
      • Unicorn-35305.exe (PID: 12244)
      • Unicorn-23996.exe (PID: 10732)
      • Unicorn-23233.exe (PID: 10720)
      • Unicorn-58710.exe (PID: 12112)
      • Unicorn-56427.exe (PID: 7428)
      • Unicorn-39708.exe (PID: 4692)
      • Unicorn-47758.exe (PID: 9676)
      • Unicorn-58923.exe (PID: 12496)
      • Unicorn-7659.exe (PID: 10712)
      • Unicorn-39441.exe (PID: 15124)
      • Unicorn-13671.exe (PID: 2092)
      • Unicorn-1167.exe (PID: 8524)
      • Unicorn-64548.exe (PID: 12768)
      • Unicorn-24191.exe (PID: 14900)
      • Unicorn-46458.exe (PID: 12124)
      • Unicorn-34035.exe (PID: 9808)
      • Unicorn-41270.exe (PID: 11116)
      • Unicorn-6385.exe (PID: 12444)
      • Unicorn-44398.exe (PID: 14500)

  • INFO

    • Create files in a temporary directory

      • 1 (356).exe (PID: 5972)
      • Unicorn-53912.exe (PID: 7172)
      • Unicorn-27491.exe (PID: 7920)
      • Unicorn-46211.exe (PID: 8000)
      • Unicorn-28422.exe (PID: 7588)
      • Unicorn-30092.exe (PID: 7944)
      • Unicorn-59589.exe (PID: 8008)
      • Unicorn-6330.exe (PID: 8112)
      • Unicorn-64898.exe (PID: 8132)
      • Unicorn-4623.exe (PID: 7992)
      • Unicorn-15698.exe (PID: 8156)
      • Unicorn-19782.exe (PID: 5548)
      • Unicorn-56630.exe (PID: 8180)
      • Unicorn-2075.exe (PID: 5380)
      • Unicorn-25044.exe (PID: 8016)
      • Unicorn-56544.exe (PID: 7392)
      • Unicorn-44789.exe (PID: 976)
      • Unicorn-41524.exe (PID: 7456)
      • Unicorn-49117.exe (PID: 8168)
      • Unicorn-49714.exe (PID: 5552)
      • Unicorn-36720.exe (PID: 7976)
      • Unicorn-39408.exe (PID: 1180)
      • Unicorn-56320.exe (PID: 3304)
      • Unicorn-13320.exe (PID: 672)
      • Unicorn-45556.exe (PID: 8028)
      • Unicorn-19372.exe (PID: 7464)
      • Unicorn-30280.exe (PID: 8100)
      • Unicorn-60959.exe (PID: 6044)
      • Unicorn-45054.exe (PID: 7204)
      • Unicorn-1473.exe (PID: 7220)
      • Unicorn-27540.exe (PID: 7660)
      • Unicorn-32584.exe (PID: 7852)
      • Unicorn-59947.exe (PID: 7388)
      • Unicorn-23316.exe (PID: 7936)
      • Unicorn-49012.exe (PID: 7556)
      • Unicorn-32138.exe (PID: 7740)
      • Unicorn-60688.exe (PID: 7712)
      • Unicorn-39516.exe (PID: 7048)
      • Unicorn-13725.exe (PID: 6148)
      • Unicorn-6673.exe (PID: 4488)
      • Unicorn-8235.exe (PID: 3784)
      • Unicorn-63850.exe (PID: 8072)
      • Unicorn-32229.exe (PID: 7356)
      • Unicorn-64710.exe (PID: 4300)
      • Unicorn-45376.exe (PID: 7656)
      • Unicorn-41100.exe (PID: 7036)
      • Unicorn-19620.exe (PID: 7828)
      • Unicorn-28822.exe (PID: 7584)
      • Unicorn-21126.exe (PID: 5008)
      • Unicorn-18494.exe (PID: 536)
      • Unicorn-44198.exe (PID: 5304)
      • Unicorn-56491.exe (PID: 5640)
      • Unicorn-22687.exe (PID: 2392)
      • Unicorn-50486.exe (PID: 8248)
      • Unicorn-44774.exe (PID: 6476)
      • Unicorn-3893.exe (PID: 6268)
      • Unicorn-30794.exe (PID: 2236)
      • Unicorn-63310.exe (PID: 7888)
      • Unicorn-24663.exe (PID: 7416)
      • Unicorn-5687.exe (PID: 5376)
      • Unicorn-21618.exe (PID: 2136)
      • Unicorn-47680.exe (PID: 3768)
      • Unicorn-49003.exe (PID: 2108)
      • Unicorn-63030.exe (PID: 8208)
      • Unicorn-12054.exe (PID: 300)
      • Unicorn-43584.exe (PID: 3240)
      • Unicorn-32932.exe (PID: 1452)
      • Unicorn-25978.exe (PID: 7720)
      • Unicorn-23454.exe (PID: 7896)
      • Unicorn-50752.exe (PID: 8832)
      • Unicorn-46315.exe (PID: 2284)
      • Unicorn-10949.exe (PID: 7488)
      • Unicorn-4733.exe (PID: 7844)
      • Unicorn-32282.exe (PID: 5556)
      • Unicorn-49730.exe (PID: 9012)
      • Unicorn-38848.exe (PID: 8996)
      • Unicorn-51717.exe (PID: 8280)
      • Unicorn-36388.exe (PID: 8200)
      • Unicorn-47031.exe (PID: 8660)
      • Unicorn-38095.exe (PID: 7476)
      • Unicorn-14410.exe (PID: 8080)
      • Unicorn-56699.exe (PID: 7244)
      • Unicorn-56616.exe (PID: 8260)
      • Unicorn-54763.exe (PID: 8756)
      • Unicorn-28110.exe (PID: 9164)
      • Unicorn-37348.exe (PID: 8488)
      • Unicorn-39040.exe (PID: 8908)
      • Unicorn-55272.exe (PID: 7864)
      • Unicorn-8981.exe (PID: 6480)
      • Unicorn-207.exe (PID: 8404)
      • Unicorn-54919.exe (PID: 9876)
      • Unicorn-7301.exe (PID: 9820)
      • Unicorn-61343.exe (PID: 7516)
      • Unicorn-63942.exe (PID: 3884)
      • Unicorn-34446.exe (PID: 6564)
      • Unicorn-23232.exe (PID: 9376)
      • Unicorn-58323.exe (PID: 8364)
      • Unicorn-4436.exe (PID: 8764)
      • Unicorn-8058.exe (PID: 7644)
      • Unicorn-25916.exe (PID: 5984)
      • Unicorn-26802.exe (PID: 8840)
      • Unicorn-6678.exe (PID: 7448)
      • Unicorn-10513.exe (PID: 8376)
      • Unicorn-35162.exe (PID: 8776)
      • Unicorn-28516.exe (PID: 9480)
      • Unicorn-16855.exe (PID: 7632)
      • Unicorn-56860.exe (PID: 10740)
      • Unicorn-26941.exe (PID: 8388)
      • Unicorn-59522.exe (PID: 8416)
      • Unicorn-5535.exe (PID: 8628)
      • Unicorn-51764.exe (PID: 5576)
      • Unicorn-783.exe (PID: 8452)
      • Unicorn-13232.exe (PID: 11580)
      • Unicorn-42418.exe (PID: 8220)
      • Unicorn-23538.exe (PID: 6108)
      • Unicorn-50731.exe (PID: 8580)
      • Unicorn-902.exe (PID: 8544)
      • Unicorn-55734.exe (PID: 9544)
      • Unicorn-30467.exe (PID: 9528)
      • Unicorn-58977.exe (PID: 11636)
      • Unicorn-9439.exe (PID: 9828)
      • Unicorn-41051.exe (PID: 12096)
      • Unicorn-17826.exe (PID: 9320)
      • Unicorn-24365.exe (PID: 10128)
      • Unicorn-24358.exe (PID: 11740)
      • Unicorn-7367.exe (PID: 11328)
      • Unicorn-5365.exe (PID: 7736)
      • Unicorn-17940.exe (PID: 3020)
      • Unicorn-57774.exe (PID: 8516)
      • Unicorn-42554.exe (PID: 8868)
      • Unicorn-13038.exe (PID: 12104)
      • Unicorn-59505.exe (PID: 12720)
      • Unicorn-25972.exe (PID: 3024)
      • Unicorn-24982.exe (PID: 5232)
      • Unicorn-9657.exe (PID: 9344)
      • Unicorn-47016.exe (PID: 8972)
      • Unicorn-37111.exe (PID: 12420)
      • Unicorn-57003.exe (PID: 11852)
      • Unicorn-7127.exe (PID: 12388)
      • Unicorn-62202.exe (PID: 8960)
      • Unicorn-8895.exe (PID: 9328)
      • Unicorn-56886.exe (PID: 9988)
      • Unicorn-25972.exe (PID: 4784)
      • Unicorn-64548.exe (PID: 12188)
      • Unicorn-57898.exe (PID: 9032)
      • Unicorn-29349.exe (PID: 12760)
      • Unicorn-25653.exe (PID: 12228)
      • Unicorn-12746.exe (PID: 12196)
      • Unicorn-59169.exe (PID: 11076)
      • Unicorn-35724.exe (PID: 9188)
      • Unicorn-18611.exe (PID: 12220)
      • Unicorn-63222.exe (PID: 8328)
      • Unicorn-4217.exe (PID: 2692)
      • Unicorn-30388.exe (PID: 10564)
      • Unicorn-6105.exe (PID: 13960)
      • Unicorn-1468.exe (PID: 9196)
      • Unicorn-13232.exe (PID: 11600)
      • Unicorn-55804.exe (PID: 11772)
      • Unicorn-10210.exe (PID: 13996)
      • Unicorn-61895.exe (PID: 4884)
      • Unicorn-64286.exe (PID: 9620)
      • Unicorn-23534.exe (PID: 8560)
      • Unicorn-21308.exe (PID: 9632)
      • Unicorn-50477.exe (PID: 8796)
      • Unicorn-43130.exe (PID: 9212)

    • Reads the computer name

      • 1 (356).exe (PID: 5972)
      • Unicorn-53912.exe (PID: 7172)
      • Unicorn-28422.exe (PID: 7588)
      • Unicorn-27491.exe (PID: 7920)
      • Unicorn-23316.exe (PID: 7936)
      • Unicorn-30092.exe (PID: 7944)
      • Unicorn-36720.exe (PID: 7976)
      • Unicorn-4623.exe (PID: 7992)
      • Unicorn-46211.exe (PID: 8000)
      • Unicorn-45556.exe (PID: 8028)
      • Unicorn-59589.exe (PID: 8008)
      • Unicorn-25044.exe (PID: 8016)
      • Unicorn-6330.exe (PID: 8112)
      • Unicorn-30280.exe (PID: 8100)
      • Unicorn-64898.exe (PID: 8132)
      • Unicorn-15698.exe (PID: 8156)
      • Unicorn-56630.exe (PID: 8180)
      • Unicorn-19782.exe (PID: 5548)
      • Unicorn-45054.exe (PID: 7204)
      • Unicorn-49117.exe (PID: 8168)
      • Unicorn-2075.exe (PID: 5380)
      • Unicorn-44789.exe (PID: 976)
      • Unicorn-56544.exe (PID: 7392)
      • Unicorn-41524.exe (PID: 7456)
      • Unicorn-49714.exe (PID: 5552)
      • Unicorn-21126.exe (PID: 5008)
      • Unicorn-39408.exe (PID: 1180)
      • Unicorn-13320.exe (PID: 672)
      • Unicorn-19372.exe (PID: 7464)
      • Unicorn-59947.exe (PID: 7388)
      • Unicorn-27540.exe (PID: 7660)
      • Unicorn-60959.exe (PID: 6044)
      • Unicorn-32584.exe (PID: 7852)
      • Unicorn-25978.exe (PID: 7720)
      • Unicorn-49012.exe (PID: 7556)
      • Unicorn-1473.exe (PID: 7220)
      • Unicorn-61343.exe (PID: 7516)
      • Unicorn-23454.exe (PID: 7896)
      • Unicorn-32138.exe (PID: 7740)
      • Unicorn-6673.exe (PID: 4488)
      • Unicorn-64710.exe (PID: 4300)
      • Unicorn-5365.exe (PID: 7736)
      • Unicorn-8235.exe (PID: 3784)
      • Unicorn-17940.exe (PID: 3020)
      • Unicorn-45376.exe (PID: 7656)
      • Unicorn-63850.exe (PID: 8072)
      • Unicorn-63942.exe (PID: 3884)
      • Unicorn-19620.exe (PID: 7828)
      • Unicorn-42780.exe (PID: 7916)
      • Unicorn-21618.exe (PID: 2136)
      • Unicorn-25916.exe (PID: 5984)
      • Unicorn-8058.exe (PID: 7644)
      • Unicorn-63310.exe (PID: 7888)
      • Unicorn-44198.exe (PID: 5304)
      • Unicorn-55272.exe (PID: 7864)
      • Unicorn-22687.exe (PID: 2392)
      • Unicorn-30794.exe (PID: 2236)
      • Unicorn-3893.exe (PID: 6268)
      • Unicorn-63030.exe (PID: 8208)
      • Unicorn-16855.exe (PID: 7632)
      • Unicorn-24663.exe (PID: 7416)
      • Unicorn-5687.exe (PID: 5376)
      • Unicorn-59522.exe (PID: 8416)
      • Unicorn-49003.exe (PID: 2108)
      • Unicorn-51764.exe (PID: 5576)
      • Unicorn-783.exe (PID: 8452)
      • Unicorn-47680.exe (PID: 3768)
      • Unicorn-32932.exe (PID: 1452)
      • Unicorn-56616.exe (PID: 8260)
      • Unicorn-42418.exe (PID: 8220)
      • Unicorn-26802.exe (PID: 8840)
      • Unicorn-50752.exe (PID: 8832)
      • Unicorn-46315.exe (PID: 2284)
      • Unicorn-23538.exe (PID: 6108)
      • Unicorn-51717.exe (PID: 8280)
      • Unicorn-36388.exe (PID: 8200)
      • Unicorn-47031.exe (PID: 8660)
      • Unicorn-38848.exe (PID: 8996)
      • Unicorn-49730.exe (PID: 9012)
      • Unicorn-55053.exe (PID: 8476)
      • Unicorn-38095.exe (PID: 7476)
      • Unicorn-42554.exe (PID: 8868)
      • Unicorn-1468.exe (PID: 9196)
      • Unicorn-4229.exe (PID: 8916)
      • Unicorn-28110.exe (PID: 9164)
      • Unicorn-56699.exe (PID: 7244)
      • Unicorn-6678.exe (PID: 7448)
      • Unicorn-25972.exe (PID: 4784)
      • Unicorn-42932.exe (PID: 8980)
      • Unicorn-32448.exe (PID: 8532)
      • Unicorn-7301.exe (PID: 9820)
      • Unicorn-8981.exe (PID: 6480)
      • Unicorn-207.exe (PID: 8404)
      • Unicorn-9439.exe (PID: 9828)
      • Unicorn-34446.exe (PID: 6564)
      • Unicorn-42522.exe (PID: 9300)
      • Unicorn-10513.exe (PID: 8376)
      • Unicorn-23232.exe (PID: 9376)
      • Unicorn-58323.exe (PID: 8364)
      • Unicorn-4436.exe (PID: 8764)
      • Unicorn-54815.exe (PID: 8568)
      • Unicorn-56860.exe (PID: 10740)
      • Unicorn-28516.exe (PID: 9480)
      • Unicorn-35162.exe (PID: 8776)
      • Unicorn-13232.exe (PID: 11580)
      • Unicorn-13232.exe (PID: 11600)
      • Unicorn-8895.exe (PID: 9328)
      • Unicorn-50731.exe (PID: 8580)
      • Unicorn-902.exe (PID: 8544)
      • Unicorn-55734.exe (PID: 9544)
      • Unicorn-24166.exe (PID: 10612)
      • Unicorn-55804.exe (PID: 11772)
      • Unicorn-41051.exe (PID: 12096)
      • Unicorn-24365.exe (PID: 10128)
      • Unicorn-17826.exe (PID: 9320)
      • Unicorn-25972.exe (PID: 3024)
      • Unicorn-13038.exe (PID: 12104)
      • Unicorn-59505.exe (PID: 12720)
      • Unicorn-61062.exe (PID: 9940)
      • Unicorn-24982.exe (PID: 5232)
      • Unicorn-57003.exe (PID: 11852)
      • Unicorn-64548.exe (PID: 12188)
      • Unicorn-27146.exe (PID: 9504)
      • Unicorn-29737.exe (PID: 12180)
      • Unicorn-25653.exe (PID: 12228)
      • Unicorn-12746.exe (PID: 12196)
      • Unicorn-49439.exe (PID: 9696)
      • Unicorn-59169.exe (PID: 11076)
      • Unicorn-30388.exe (PID: 10564)
      • Unicorn-17049.exe (PID: 12336)
      • Unicorn-6105.exe (PID: 13960)
      • Unicorn-42883.exe (PID: 14036)
      • Unicorn-10210.exe (PID: 13996)
      • Unicorn-61895.exe (PID: 4884)
      • Unicorn-24188.exe (PID: 11176)
      • Unicorn-58923.exe (PID: 12496)
      • Unicorn-1965.exe (PID: 9468)
      • Unicorn-45355.exe (PID: 9704)
      • Unicorn-23534.exe (PID: 8560)
      • Unicorn-50477.exe (PID: 8796)
      • Unicorn-21308.exe (PID: 9632)
      • Unicorn-64787.exe (PID: 11200)
      • Unicorn-7863.exe (PID: 9456)
      • Unicorn-48884.exe (PID: 11092)
      • Unicorn-39708.exe (PID: 5216)
      • Unicorn-46554.exe (PID: 10704)
      • Unicorn-32194.exe (PID: 9204)

    • Checks supported languages

      • 1 (356).exe (PID: 5972)
      • Unicorn-53912.exe (PID: 7172)
      • Unicorn-28422.exe (PID: 7588)
      • Unicorn-30092.exe (PID: 7944)
      • Unicorn-23316.exe (PID: 7936)
      • Unicorn-27491.exe (PID: 7920)
      • Unicorn-46211.exe (PID: 8000)
      • Unicorn-4623.exe (PID: 7992)
      • Unicorn-45556.exe (PID: 8028)
      • Unicorn-59589.exe (PID: 8008)
      • Unicorn-25044.exe (PID: 8016)
      • Unicorn-36720.exe (PID: 7976)
      • Unicorn-30280.exe (PID: 8100)
      • Unicorn-6330.exe (PID: 8112)
      • Unicorn-64898.exe (PID: 8132)
      • Unicorn-49117.exe (PID: 8168)
      • Unicorn-15698.exe (PID: 8156)
      • Unicorn-19782.exe (PID: 5548)
      • Unicorn-44789.exe (PID: 976)
      • Unicorn-45054.exe (PID: 7204)
      • Unicorn-56544.exe (PID: 7392)
      • Unicorn-41524.exe (PID: 7456)
      • Unicorn-56630.exe (PID: 8180)
      • Unicorn-2075.exe (PID: 5380)
      • Unicorn-21126.exe (PID: 5008)
      • Unicorn-49714.exe (PID: 5552)
      • Unicorn-43584.exe (PID: 3240)
      • Unicorn-56491.exe (PID: 5640)
      • Unicorn-13320.exe (PID: 672)
      • Unicorn-56320.exe (PID: 3304)
      • Unicorn-27540.exe (PID: 7660)
      • Unicorn-19372.exe (PID: 7464)
      • Unicorn-59947.exe (PID: 7388)
      • Unicorn-1473.exe (PID: 7220)
      • Unicorn-60959.exe (PID: 6044)
      • Unicorn-8058.exe (PID: 7644)
      • Unicorn-13725.exe (PID: 6148)
      • Unicorn-32584.exe (PID: 7852)
      • Unicorn-60688.exe (PID: 7712)
      • Unicorn-61343.exe (PID: 7516)
      • Unicorn-49012.exe (PID: 7556)
      • Unicorn-23454.exe (PID: 7896)
      • Unicorn-25978.exe (PID: 7720)
      • Unicorn-32932.exe (PID: 1452)
      • Unicorn-49003.exe (PID: 2108)
      • Unicorn-5365.exe (PID: 7736)
      • Unicorn-30794.exe (PID: 2236)
      • Unicorn-16855.exe (PID: 7632)
      • Unicorn-46315.exe (PID: 2284)
      • Unicorn-8235.exe (PID: 3784)
      • Unicorn-10949.exe (PID: 7488)
      • Unicorn-4733.exe (PID: 7844)
      • Unicorn-63942.exe (PID: 3884)
      • Unicorn-22687.exe (PID: 2392)
      • Unicorn-63310.exe (PID: 7888)
      • Unicorn-21618.exe (PID: 2136)
      • Unicorn-24663.exe (PID: 7416)
      • Unicorn-6673.exe (PID: 4488)
      • Unicorn-32138.exe (PID: 7740)
      • Unicorn-63850.exe (PID: 8072)
      • Unicorn-25916.exe (PID: 5984)
      • Unicorn-34446.exe (PID: 6564)
      • Unicorn-44198.exe (PID: 5304)
      • Unicorn-44774.exe (PID: 6476)
      • Unicorn-32229.exe (PID: 7356)
      • Unicorn-5687.exe (PID: 5376)
      • Unicorn-18494.exe (PID: 536)
      • Unicorn-38095.exe (PID: 7476)
      • Unicorn-14410.exe (PID: 8080)
      • Unicorn-28822.exe (PID: 7584)
      • Unicorn-64710.exe (PID: 4300)
      • Unicorn-4217.exe (PID: 2692)
      • Unicorn-55272.exe (PID: 7864)
      • Unicorn-19620.exe (PID: 7828)
      • Unicorn-47680.exe (PID: 3768)
      • Unicorn-51764.exe (PID: 5576)
      • Unicorn-19092.exe (PID: 5436)
      • Unicorn-23538.exe (PID: 6108)
      • Unicorn-12676.exe (PID: 7688)
      • Unicorn-3893.exe (PID: 6268)
      • Unicorn-42780.exe (PID: 7916)
      • Unicorn-12054.exe (PID: 300)
      • Unicorn-36388.exe (PID: 8200)
      • Unicorn-32282.exe (PID: 5556)
      • Unicorn-50486.exe (PID: 8248)
      • Unicorn-63030.exe (PID: 8208)
      • Unicorn-56616.exe (PID: 8260)
      • Unicorn-51717.exe (PID: 8280)
      • Unicorn-63222.exe (PID: 8328)
      • Unicorn-10513.exe (PID: 8376)
      • Unicorn-59522.exe (PID: 8416)
      • Unicorn-762.exe (PID: 8424)
      • Unicorn-783.exe (PID: 8452)
      • Unicorn-55053.exe (PID: 8476)
      • Unicorn-64877.exe (PID: 8808)
      • Unicorn-54815.exe (PID: 8568)
      • Unicorn-26802.exe (PID: 8840)
      • Unicorn-902.exe (PID: 8544)
      • Unicorn-32448.exe (PID: 8532)
      • Unicorn-23534.exe (PID: 8560)
      • Unicorn-50731.exe (PID: 8580)
      • Unicorn-57774.exe (PID: 8516)
      • Unicorn-1167.exe (PID: 8524)
      • Unicorn-17696.exe (PID: 8676)
      • Unicorn-60958.exe (PID: 8616)
      • Unicorn-47031.exe (PID: 8660)
      • Unicorn-30140.exe (PID: 8644)
      • Unicorn-38692.exe (PID: 8736)
      • Unicorn-54763.exe (PID: 8756)
      • Unicorn-4436.exe (PID: 8764)
      • Unicorn-18171.exe (PID: 8748)
      • Unicorn-37348.exe (PID: 8488)
      • Unicorn-207.exe (PID: 8404)
      • Unicorn-39040.exe (PID: 8908)
      • Unicorn-42584.exe (PID: 8800)
      • Unicorn-42554.exe (PID: 8868)
      • Unicorn-2091.exe (PID: 8952)
      • Unicorn-62202.exe (PID: 8960)
      • Unicorn-49730.exe (PID: 9012)
      • Unicorn-47016.exe (PID: 8972)
      • Unicorn-42932.exe (PID: 8980)
      • Unicorn-38848.exe (PID: 8996)
      • Unicorn-57898.exe (PID: 9032)
      • Unicorn-31064.exe (PID: 9084)
      • Unicorn-61790.exe (PID: 9092)
      • Unicorn-15303.exe (PID: 9140)
      • Unicorn-28110.exe (PID: 9164)
      • Unicorn-47976.exe (PID: 9172)
      • Unicorn-4229.exe (PID: 8916)
      • Unicorn-1468.exe (PID: 9196)
      • Unicorn-56699.exe (PID: 7244)
      • Unicorn-32194.exe (PID: 9204)
      • Unicorn-43130.exe (PID: 9212)
      • Unicorn-8981.exe (PID: 6480)
      • Unicorn-5535.exe (PID: 8628)
      • Unicorn-27455.exe (PID: 9180)
      • Unicorn-6678.exe (PID: 7448)
      • Unicorn-39708.exe (PID: 5216)
      • Unicorn-39708.exe (PID: 4692)
      • Unicorn-50477.exe (PID: 8796)
      • Unicorn-25972.exe (PID: 4784)
      • Unicorn-9439.exe (PID: 9828)
      • Unicorn-42522.exe (PID: 9300)
      • Unicorn-9849.exe (PID: 9288)
      • Unicorn-7301.exe (PID: 9820)
      • Unicorn-8895.exe (PID: 9328)
      • Unicorn-54919.exe (PID: 9876)
      • Unicorn-17826.exe (PID: 9320)
      • Unicorn-9657.exe (PID: 9344)
      • Unicorn-64286.exe (PID: 9620)
      • Unicorn-47758.exe (PID: 9676)
      • Unicorn-49439.exe (PID: 9696)
      • Unicorn-26882.exe (PID: 9664)
      • Unicorn-45355.exe (PID: 9704)
      • Unicorn-39490.exe (PID: 9712)
      • Unicorn-33560.exe (PID: 9612)
      • Unicorn-27621.exe (PID: 9896)
      • Unicorn-47327.exe (PID: 9932)
      • Unicorn-40720.exe (PID: 9796)
      • Unicorn-38054.exe (PID: 9256)
      • Unicorn-40550.exe (PID: 9956)
      • Unicorn-37020.exe (PID: 9980)
      • Unicorn-56886.exe (PID: 9988)
      • Unicorn-1965.exe (PID: 9468)
      • Unicorn-32190.exe (PID: 10044)
      • Unicorn-14291.exe (PID: 10160)
      • Unicorn-39708.exe (PID: 5020)
      • Unicorn-42304.exe (PID: 10104)
      • Unicorn-24982.exe (PID: 5232)
      • Unicorn-34035.exe (PID: 9808)
      • Unicorn-53570.exe (PID: 7768)
      • Unicorn-22652.exe (PID: 10308)
      • Unicorn-24166.exe (PID: 10612)
      • Unicorn-42304.exe (PID: 10444)
      • Unicorn-30388.exe (PID: 10564)
      • Unicorn-41510.exe (PID: 10468)
      • Unicorn-58230.exe (PID: 10648)
      • Unicorn-61115.exe (PID: 10572)
      • Unicorn-21282.exe (PID: 10640)
      • Unicorn-7659.exe (PID: 10712)
      • Unicorn-23996.exe (PID: 10732)
      • Unicorn-23233.exe (PID: 10720)
      • Unicorn-9697.exe (PID: 10696)
      • Unicorn-61062.exe (PID: 9940)
      • Unicorn-50425.exe (PID: 10364)
      • Unicorn-56860.exe (PID: 10740)
      • Unicorn-15828.exe (PID: 10688)
      • Unicorn-56860.exe (PID: 10676)
      • Unicorn-59361.exe (PID: 10748)
      • Unicorn-45594.exe (PID: 10452)
      • Unicorn-46554.exe (PID: 10704)
      • Unicorn-28250.exe (PID: 10620)
      • Unicorn-15394.exe (PID: 11368)
      • Unicorn-37810.exe (PID: 10628)
      • Unicorn-49386.exe (PID: 10260)
      • Unicorn-47248.exe (PID: 10276)
      • Unicorn-16713.exe (PID: 5036)
      • Unicorn-53113.exe (PID: 10268)
      • Unicorn-13232.exe (PID: 11580)
      • Unicorn-33960.exe (PID: 11360)
      • Unicorn-56427.exe (PID: 7428)
      • Unicorn-38478.exe (PID: 11188)
      • Unicorn-24188.exe (PID: 11176)
      • Unicorn-41270.exe (PID: 11116)
      • Unicorn-59169.exe (PID: 11336)
      • Unicorn-25436.exe (PID: 11276)
      • Unicorn-59169.exe (PID: 11224)
      • Unicorn-55006.exe (PID: 11108)
      • Unicorn-47060.exe (PID: 11624)
      • Unicorn-53569.exe (PID: 11084)
      • Unicorn-64431.exe (PID: 10764)
      • Unicorn-4567.exe (PID: 11732)
      • Unicorn-7367.exe (PID: 11328)
      • Unicorn-36945.exe (PID: 11708)
      • Unicorn-6219.exe (PID: 11716)
      • Unicorn-51720.exe (PID: 11748)
      • Unicorn-55804.exe (PID: 11772)
      • Unicorn-1864.exe (PID: 11836)
      • Unicorn-9366.exe (PID: 11892)
      • Unicorn-57003.exe (PID: 11852)
      • Unicorn-59169.exe (PID: 11644)
      • Unicorn-5783.exe (PID: 11760)
      • Unicorn-7367.exe (PID: 11168)
      • Unicorn-61036.exe (PID: 11156)
      • Unicorn-59169.exe (PID: 11076)
      • Unicorn-58977.exe (PID: 11636)
      • Unicorn-28506.exe (PID: 11820)
      • Unicorn-28991.exe (PID: 11912)
      • Unicorn-13038.exe (PID: 12104)
      • Unicorn-1580.exe (PID: 11724)
      • Unicorn-63893.exe (PID: 11884)
      • Unicorn-41051.exe (PID: 12096)
      • Unicorn-24358.exe (PID: 11740)
      • Unicorn-46458.exe (PID: 12124)
      • Unicorn-48884.exe (PID: 11092)
      • Unicorn-58710.exe (PID: 12112)
      • Unicorn-786.exe (PID: 12136)
      • Unicorn-7973.exe (PID: 11284)
      • Unicorn-59505.exe (PID: 12720)
      • Unicorn-35305.exe (PID: 12244)
      • Unicorn-11455.exe (PID: 12172)
      • Unicorn-62840.exe (PID: 11316)
      • Unicorn-64661.exe (PID: 11260)
      • Unicorn-29419.exe (PID: 6668)
      • Unicorn-60577.exe (PID: 11352)
      • Unicorn-57890.exe (PID: 12156)
      • Unicorn-12746.exe (PID: 12196)
      • Unicorn-64548.exe (PID: 12212)
      • Unicorn-18611.exe (PID: 12220)
      • Unicorn-25653.exe (PID: 12228)
      • Unicorn-47079.exe (PID: 12296)
      • Unicorn-25483.exe (PID: 12360)
      • Unicorn-54455.exe (PID: 12344)
      • Unicorn-64377.exe (PID: 5112)
      • Unicorn-37111.exe (PID: 12436)
      • Unicorn-27046.exe (PID: 12408)
      • Unicorn-37111.exe (PID: 12420)
      • Unicorn-7127.exe (PID: 12388)
      • Unicorn-6385.exe (PID: 12444)
      • Unicorn-25986.exe (PID: 12452)
      • Unicorn-17982.exe (PID: 12488)
      • Unicorn-58923.exe (PID: 12496)
      • Unicorn-568.exe (PID: 12600)
      • Unicorn-29737.exe (PID: 12180)
      • Unicorn-2824.exe (PID: 12164)
      • Unicorn-64548.exe (PID: 12188)
      • Unicorn-27979.exe (PID: 12800)
      • Unicorn-7558.exe (PID: 12812)
      • Unicorn-54237.exe (PID: 12652)
      • Unicorn-15534.exe (PID: 12840)
      • Unicorn-64548.exe (PID: 12768)
      • Unicorn-33908.exe (PID: 12924)
      • Unicorn-16089.exe (PID: 12888)
      • Unicorn-22141.exe (PID: 12956)
      • Unicorn-52680.exe (PID: 12304)
      • Unicorn-24087.exe (PID: 13020)
      • Unicorn-10210.exe (PID: 13996)
      • Unicorn-59565.exe (PID: 13168)
      • Unicorn-42883.exe (PID: 14036)
      • Unicorn-51305.exe (PID: 13152)
      • Unicorn-43333.exe (PID: 13212)
      • Unicorn-35960.exe (PID: 13260)
      • Unicorn-62550.exe (PID: 13272)
      • Unicorn-6385.exe (PID: 13248)
      • Unicorn-6385.exe (PID: 13300)
      • Unicorn-37111.exe (PID: 13308)
      • Unicorn-16037.exe (PID: 13204)
      • Unicorn-16613.exe (PID: 13284)
      • Unicorn-17320.exe (PID: 6456)
      • Unicorn-27084.exe (PID: 10320)
      • Unicorn-48160.exe (PID: 5188)
      • Unicorn-37111.exe (PID: 6972)
      • Unicorn-48160.exe (PID: 7608)
      • Unicorn-61895.exe (PID: 4884)
      • Unicorn-2223.exe (PID: 13344)
      • Unicorn-61895.exe (PID: 13320)
      • Unicorn-48160.exe (PID: 13336)
      • Unicorn-442.exe (PID: 13360)
      • Unicorn-6307.exe (PID: 13352)
      • Unicorn-785.exe (PID: 12464)
      • Unicorn-4434.exe (PID: 13416)
      • Unicorn-40673.exe (PID: 12204)
      • Unicorn-15727.exe (PID: 12784)
      • Unicorn-33599.exe (PID: 13568)
      • Unicorn-734.exe (PID: 13584)
      • Unicorn-39441.exe (PID: 15124)
      • Unicorn-34038.exe (PID: 13656)
      • Unicorn-38031.exe (PID: 13696)
      • Unicorn-4630.exe (PID: 15116)
      • Unicorn-25898.exe (PID: 13832)
      • Unicorn-41850.exe (PID: 13708)
      • Unicorn-46007.exe (PID: 13744)
      • Unicorn-48954.exe (PID: 12856)
      • Unicorn-3666.exe (PID: 13040)
      • Unicorn-29484.exe (PID: 13804)
      • Unicorn-59390.exe (PID: 13860)
      • Unicorn-48429.exe (PID: 13680)
      • Unicorn-23262.exe (PID: 13892)
      • Unicorn-48721.exe (PID: 13792)
      • Unicorn-54367.exe (PID: 13720)
      • Unicorn-1466.exe (PID: 13904)
      • Unicorn-817.exe (PID: 13728)
      • Unicorn-17755.exe (PID: 14508)
      • Unicorn-25137.exe (PID: 14352)
      • Unicorn-31490.exe (PID: 14484)

    • The sample compiled with chinese language support

      • 1 (356).exe (PID: 5972)

    • Reads security settings of Internet Explorer

      • BackgroundTransferHost.exe (PID: 4024)
      • BackgroundTransferHost.exe (PID: 3888)
      • BackgroundTransferHost.exe (PID: 6228)
      • BackgroundTransferHost.exe (PID: 7868)

    • Checks proxy server information

      • BackgroundTransferHost.exe (PID: 3888)

    • Creates files or folders in the user directory

      • BackgroundTransferHost.exe (PID: 3888)

    • Reads the software policy settings

      • BackgroundTransferHost.exe (PID: 3888)
      • slui.exe (PID: 7280)
Find more information about signature artifacts and mapping to MITRE ATT&CK™ MATRIX at the full report
No Malware configuration.

TRiD

.exe | Win32 Executable Microsoft Visual Basic 6 (90.6)
.exe | Win32 Executable (generic) (4.9)
.exe | Generic Win/DOS Executable (2.2)
.exe | DOS Executable Generic (2.2)

EXIF

EXE

MachineType: Intel 386 or later, and compatibles
TimeStamp: 2019:01:19 13:34:56+00:00
ImageFileCharacteristics: No relocs, Executable, No line numbers, No symbols, 32-bit, No debug, Removable run from swap, Net run from swap, Uniprocessor only, Bytes reversed hi
PEType: PE32
LinkerVersion: 6
CodeSize: 176128
InitializedDataSize: 299008
UninitializedDataSize: -
EntryPoint: 0x13d4
OSVersion: 4
ImageVersion: 1
SubsystemVersion: 4
Subsystem: Windows GUI
FileVersionNumber: 1.0.0.0
ProductVersionNumber: 1.0.0.0
FileFlagsMask: 0x003f
FileFlags: (none)
FileOS: Win32
ObjectFileType: Executable application
FileSubtype: -
LanguageCode: Chinese (Simplified)
CharacterSet: Unicode
CompanyName: UEFI
ProductName: Kawaii-Unicorn
FileVersion: 1
ProductVersion: 1
InternalName: Kawaii-Unicorn
OriginalFileName: Kawaii-Unicorn.exe
No data.
screenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshot
All screenshots are available in the full report
All screenshots are available in the full report
Total processes
608
Monitored processes
474
Malicious processes
72
Suspicious processes
60

Behavior graph

Click at the process to see the details
start 1 (356).exe unicorn-53912.exe sppextcomobj.exe no specs slui.exe unicorn-28422.exe unicorn-63787.exe no specs unicorn-27491.exe unicorn-23316.exe unicorn-30092.exe unicorn-36720.exe unicorn-4623.exe unicorn-46211.exe unicorn-59589.exe unicorn-25044.exe unicorn-45556.exe unicorn-30280.exe unicorn-6330.exe unicorn-64898.exe unicorn-15698.exe unicorn-49117.exe unicorn-56630.exe unicorn-19782.exe unicorn-44789.exe unicorn-45054.exe unicorn-2075.exe unicorn-56544.exe unicorn-41524.exe backgroundtransferhost.exe no specs unicorn-21126.exe unicorn-49714.exe unicorn-43584.exe unicorn-56491.exe unicorn-39408.exe unicorn-13320.exe backgroundtransferhost.exe unicorn-56320.exe unicorn-60959.exe unicorn-27540.exe unicorn-19372.exe unicorn-59947.exe unicorn-1473.exe backgroundtransferhost.exe no specs unicorn-13725.exe unicorn-25978.exe unicorn-61343.exe unicorn-60688.exe unicorn-8058.exe unicorn-5365.exe unicorn-16855.exe unicorn-32584.exe unicorn-63310.exe unicorn-49012.exe unicorn-23454.exe backgroundtransferhost.exe no specs unicorn-32932.exe unicorn-49003.exe unicorn-41100.exe unicorn-30794.exe unicorn-8235.exe unicorn-39516.exe unicorn-22434.exe unicorn-46315.exe unicorn-6673.exe unicorn-22687.exe unicorn-21618.exe unicorn-63942.exe unicorn-63850.exe backgroundtransferhost.exe no specs unicorn-45376.exe unicorn-29616.exe no specs unicorn-24663.exe unicorn-10949.exe unicorn-32138.exe unicorn-4733.exe unicorn-25916.exe unicorn-64710.exe unicorn-44198.exe unicorn-34446.exe unicorn-44774.exe unicorn-5687.exe unicorn-17940.exe unicorn-18494.exe unicorn-32229.exe unicorn-38095.exe unicorn-14410.exe unicorn-19620.exe unicorn-28822.exe unicorn-4217.exe unicorn-3893.exe unicorn-55272.exe unicorn-23538.exe unicorn-19092.exe no specs unicorn-51764.exe unicorn-47680.exe unicorn-12676.exe unicorn-12054.exe unicorn-42780.exe no specs unicorn-32282.exe unicorn-36388.exe unicorn-63030.exe unicorn-42418.exe unicorn-50486.exe unicorn-56616.exe unicorn-51717.exe unicorn-63222.exe unicorn-14021.exe no specs unicorn-58323.exe unicorn-10513.exe unicorn-26941.exe unicorn-207.exe unicorn-59522.exe unicorn-762.exe no specs unicorn-783.exe unicorn-55053.exe unicorn-37348.exe unicorn-57774.exe unicorn-1167.exe unicorn-32448.exe unicorn-902.exe unicorn-23534.exe unicorn-54815.exe unicorn-50731.exe unicorn-60958.exe unicorn-5535.exe unicorn-30140.exe no specs unicorn-47031.exe unicorn-17696.exe unicorn-58536.exe no specs unicorn-36746.exe unicorn-38692.exe unicorn-18171.exe unicorn-54763.exe unicorn-4436.exe unicorn-35162.exe unicorn-42584.exe no specs unicorn-64877.exe unicorn-50752.exe unicorn-26802.exe unicorn-42554.exe unicorn-39040.exe unicorn-4229.exe unicorn-2091.exe unicorn-62202.exe unicorn-47016.exe unicorn-42932.exe no specs unicorn-38848.exe unicorn-49730.exe unicorn-57898.exe unicorn-4613.exe no specs unicorn-31064.exe no specs unicorn-61790.exe unicorn-15303.exe no specs unicorn-28110.exe unicorn-47976.exe no specs unicorn-27455.exe no specs unicorn-35724.exe unicorn-1468.exe unicorn-32194.exe unicorn-43130.exe unicorn-8981.exe unicorn-56699.exe unicorn-6678.exe unicorn-25972.exe unicorn-39708.exe unicorn-39708.exe unicorn-39708.exe unicorn-25972.exe unicorn-50477.exe unicorn-38054.exe no specs unicorn-9849.exe no specs unicorn-42522.exe unicorn-17826.exe unicorn-8895.exe unicorn-63497.exe no specs unicorn-9657.exe unicorn-23232.exe unicorn-40960.exe unicorn-37430.exe unicorn-57296.exe no specs unicorn-31208.exe no specs unicorn-7863.exe unicorn-1965.exe unicorn-28516.exe unicorn-27146.exe unicorn-32335.exe no specs unicorn-51650.exe unicorn-30467.exe unicorn-63994.exe no specs unicorn-55734.exe unicorn-33560.exe no specs unicorn-64286.exe unicorn-21308.exe unicorn-26882.exe no specs unicorn-47758.exe unicorn-49439.exe unicorn-45355.exe unicorn-39490.exe unicorn-40720.exe unicorn-34035.exe unicorn-7301.exe unicorn-9439.exe unicorn-54919.exe unicorn-27621.exe no specs unicorn-47327.exe no specs unicorn-61062.exe unicorn-40550.exe no specs unicorn-37020.exe no specs unicorn-56886.exe unicorn-32190.exe no specs unicorn-9631.exe no specs unicorn-42304.exe no specs unicorn-24365.exe unicorn-14291.exe no specs unicorn-24982.exe unicorn-53570.exe no specs unicorn-16713.exe no specs unicorn-22844.exe no specs unicorn-49386.exe unicorn-53113.exe no specs unicorn-47248.exe no specs unicorn-22652.exe no specs unicorn-50425.exe no specs unicorn-42304.exe no specs unicorn-45594.exe no specs unicorn-41510.exe unicorn-2515.exe no specs unicorn-30388.exe unicorn-61115.exe no specs unicorn-24166.exe unicorn-28250.exe no specs unicorn-37810.exe no specs unicorn-21282.exe unicorn-58230.exe no specs unicorn-56860.exe no specs unicorn-15828.exe no specs unicorn-9697.exe no specs unicorn-46554.exe unicorn-7659.exe unicorn-23233.exe unicorn-23996.exe unicorn-56860.exe unicorn-59361.exe no specs unicorn-64431.exe no specs unicorn-41986.exe no specs unicorn-59169.exe no specs unicorn-59169.exe unicorn-53569.exe no specs unicorn-48884.exe unicorn-55006.exe no specs unicorn-41270.exe unicorn-59169.exe no specs unicorn-61036.exe no specs unicorn-7367.exe no specs unicorn-24188.exe no specs unicorn-38478.exe no specs unicorn-64787.exe unicorn-59169.exe no specs unicorn-56427.exe unicorn-25436.exe unicorn-7973.exe unicorn-7367.exe unicorn-59169.exe no specs unicorn-33960.exe unicorn-15394.exe unicorn-13232.exe unicorn-13232.exe unicorn-47060.exe unicorn-58977.exe unicorn-59169.exe no specs unicorn-36945.exe no specs unicorn-6219.exe no specs unicorn-1580.exe no specs unicorn-4567.exe no specs unicorn-24358.exe unicorn-51720.exe unicorn-5783.exe no specs unicorn-55804.exe unicorn-28506.exe no specs unicorn-1864.exe no specs unicorn-57003.exe unicorn-63893.exe unicorn-9366.exe no specs unicorn-28991.exe no specs unicorn-32883.exe unicorn-41051.exe unicorn-13038.exe unicorn-58710.exe unicorn-46458.exe unicorn-786.exe no specs unicorn-2824.exe unicorn-11455.exe no specs unicorn-29737.exe unicorn-64548.exe unicorn-12746.exe unicorn-40673.exe no specs unicorn-64548.exe unicorn-18611.exe unicorn-25653.exe unicorn-35305.exe unicorn-29419.exe no specs unicorn-64661.exe no specs unicorn-62840.exe no specs unicorn-60577.exe no specs unicorn-57890.exe no specs unicorn-64377.exe no specs unicorn-47079.exe no specs unicorn-52680.exe no specs unicorn-17049.exe unicorn-54455.exe no specs unicorn-55944.exe no specs unicorn-25483.exe no specs unicorn-57578.exe no specs unicorn-7127.exe unicorn-27046.exe no specs unicorn-37111.exe unicorn-56977.exe no specs unicorn-37111.exe no specs unicorn-6385.exe unicorn-25986.exe no specs unicorn-785.exe no specs unicorn-50847.exe no specs unicorn-20120.exe no specs unicorn-17982.exe no specs unicorn-58923.exe unicorn-3043.exe no specs unicorn-568.exe no specs unicorn-54237.exe no specs unicorn-59505.exe unicorn-31578.exe no specs unicorn-29349.exe unicorn-64548.exe unicorn-15727.exe no specs unicorn-27979.exe no specs unicorn-7558.exe no specs unicorn-15534.exe no specs unicorn-48954.exe no specs unicorn-57122.exe no specs unicorn-16089.exe no specs unicorn-33908.exe no specs unicorn-22141.exe no specs unicorn-24087.exe no specs slui.exe no specs unicorn-3666.exe no specs unicorn-51305.exe no specs unicorn-59565.exe no specs unicorn-57335.exe no specs unicorn-16037.exe no specs unicorn-43333.exe no specs unicorn-63920.exe no specs unicorn-6385.exe no specs unicorn-35960.exe no specs unicorn-62550.exe no specs unicorn-16613.exe no specs unicorn-6385.exe no specs unicorn-6385.exe no specs unicorn-37111.exe no specs unicorn-17320.exe no specs unicorn-37111.exe no specs unicorn-27084.exe no specs unicorn-48160.exe no specs unicorn-61895.exe unicorn-48160.exe no specs unicorn-61895.exe no specs unicorn-61895.exe no specs unicorn-59095.exe no specs unicorn-48160.exe no specs unicorn-2223.exe no specs unicorn-6307.exe no specs unicorn-442.exe unicorn-4434.exe no specs unicorn-25166.exe no specs unicorn-33599.exe no specs unicorn-734.exe no specs unicorn-34782.exe unicorn-34038.exe unicorn-17611.exe no specs unicorn-48429.exe no specs unicorn-38031.exe no specs unicorn-41850.exe no specs unicorn-54367.exe no specs unicorn-817.exe no specs unicorn-2573.exe no specs unicorn-46007.exe no specs unicorn-50091.exe no specs unicorn-48721.exe no specs unicorn-29484.exe no specs unicorn-25898.exe unicorn-59390.exe no specs unicorn-46483.exe no specs unicorn-23262.exe no specs unicorn-1466.exe no specs unicorn-19749.exe no specs unicorn-6105.exe unicorn-10210.exe unicorn-42883.exe unicorn-417.exe no specs unicorn-61165.exe no specs unicorn-2981.exe no specs unicorn-57657.exe no specs unicorn-32961.exe no specs unicorn-26830.exe no specs unicorn-38991.exe no specs unicorn-96.exe no specs unicorn-34907.exe no specs unicorn-65440.exe no specs unicorn-25369.exe no specs unicorn-5503.exe no specs unicorn-27406.exe no specs unicorn-27406.exe no specs unicorn-58133.exe no specs unicorn-13671.exe no specs unicorn-63998.exe no specs unicorn-25137.exe no specs unicorn-13671.exe no specs unicorn-58133.exe no specs unicorn-58133.exe no specs unicorn-19701.exe no specs unicorn-27406.exe no specs unicorn-58133.exe no specs unicorn-33436.exe no specs unicorn-12155.exe no specs unicorn-33272.exe no specs unicorn-55333.exe no specs unicorn-24606.exe no specs unicorn-31490.exe no specs unicorn-63998.exe no specs unicorn-37356.exe no specs unicorn-31490.exe no specs unicorn-31490.exe no specs unicorn-17755.exe no specs unicorn-44398.exe unicorn-17755.exe no specs unicorn-17755.exe no specs unicorn-17755.exe no specs unicorn-43459.exe no specs unicorn-9971.exe no specs unicorn-39495.exe no specs unicorn-54896.exe no specs unicorn-294.exe no specs unicorn-7833.exe no specs unicorn-9608.exe no specs unicorn-51004.exe no specs unicorn-34588.exe no specs unicorn-1062.exe no specs unicorn-1062.exe no specs unicorn-14076.exe no specs unicorn-59193.exe no specs unicorn-63277.exe no specs unicorn-58431.exe no specs unicorn-64461.exe no specs unicorn-33734.exe no specs unicorn-59001.exe no specs unicorn-24191.exe unicorn-30797.exe no specs unicorn-31373.exe no specs unicorn-646.exe no specs unicorn-4630.exe no specs unicorn-39441.exe unicorn-13671.exe unicorn-31490.exe no specs unicorn-17755.exe no specs unicorn-44398.exe no specs unicorn-44398.exe no specs unicorn-8959.exe no specs unicorn-3094.exe no specs unicorn-57723.exe no specs unicorn-63853.exe no specs unicorn-52177.exe no specs unicorn-56261.exe no specs unicorn-35841.exe no specs unicorn-5114.exe no specs unicorn-20489.exe no specs unicorn-51985.exe no specs unicorn-58207.exe no specs

Process information

PID
CMD
Path
Indicators
Parent process
300C:\Users\admin\AppData\Local\Temp\Unicorn-12054.exeC:\Users\admin\AppData\Local\Temp\Unicorn-12054.exe
Unicorn-49117.exe
User:
admin
Company:
UEFI
Integrity Level:
MEDIUM
Version:
1.00
Modules
Images
c:\users\admin\appdata\local\temp\unicorn-12054.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\apphelp.dll
c:\windows\syswow64\msvbvm60.dll
536C:\Users\admin\AppData\Local\Temp\Unicorn-18494.exeC:\Users\admin\AppData\Local\Temp\Unicorn-18494.exe
Unicorn-56630.exe
User:
admin
Company:
UEFI
Integrity Level:
MEDIUM
Version:
1.00
Modules
Images
c:\users\admin\appdata\local\temp\unicorn-18494.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\apphelp.dll
c:\windows\syswow64\msvbvm60.dll
672C:\Users\admin\AppData\Local\Temp\Unicorn-13320.exeC:\Users\admin\AppData\Local\Temp\Unicorn-13320.exe
Unicorn-46211.exe
User:
admin
Company:
UEFI
Integrity Level:
MEDIUM
Version:
1.00
Modules
Images
c:\users\admin\appdata\local\temp\unicorn-13320.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\apphelp.dll
c:\windows\syswow64\msvbvm60.dll
720"BackgroundTransferHost.exe" -ServerName:BackgroundTransferHost.1C:\Windows\System32\BackgroundTransferHost.exesvchost.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
MEDIUM
Description:
Download/Upload Host
Exit code:
1
Version:
10.0.19041.3636 (WinBuild.160101.0800)
Modules
Images
c:\windows\system32\backgroundtransferhost.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\combase.dll
c:\windows\system32\ucrtbase.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\kernel.appcore.dll
c:\windows\system32\bcryptprimitives.dll
976C:\Users\admin\AppData\Local\Temp\Unicorn-44789.exeC:\Users\admin\AppData\Local\Temp\Unicorn-44789.exe
Unicorn-53912.exe
User:
admin
Company:
UEFI
Integrity Level:
MEDIUM
Version:
1.00
Modules
Images
c:\users\admin\appdata\local\temp\unicorn-44789.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\apphelp.dll
c:\windows\syswow64\msvbvm60.dll
1180C:\Users\admin\AppData\Local\Temp\Unicorn-39408.exeC:\Users\admin\AppData\Local\Temp\Unicorn-39408.exe
Unicorn-64898.exe
User:
admin
Company:
UEFI
Integrity Level:
MEDIUM
Version:
1.00
Modules
Images
c:\users\admin\appdata\local\temp\unicorn-39408.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\apphelp.dll
c:\windows\syswow64\msvbvm60.dll
1452C:\Users\admin\AppData\Local\Temp\Unicorn-32932.exeC:\Users\admin\AppData\Local\Temp\Unicorn-32932.exe
Unicorn-43584.exe
User:
admin
Company:
UEFI
Integrity Level:
MEDIUM
Version:
1.00
Modules
Images
c:\users\admin\appdata\local\temp\unicorn-32932.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\apphelp.dll
c:\windows\syswow64\msvbvm60.dll
1568C:\Users\admin\AppData\Local\Temp\Unicorn-44398.exeC:\Users\admin\AppData\Local\Temp\Unicorn-44398.exeUnicorn-34446.exe
User:
admin
Company:
UEFI
Integrity Level:
MEDIUM
Version:
1.00
2092C:\Users\admin\AppData\Local\Temp\Unicorn-13671.exeC:\Users\admin\AppData\Local\Temp\Unicorn-13671.exe
Unicorn-14410.exe
User:
admin
Company:
UEFI
Integrity Level:
MEDIUM
Version:
1.00
Modules
Images
c:\users\admin\appdata\local\temp\unicorn-13671.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\apphelp.dll
c:\windows\syswow64\msvbvm60.dll
2108C:\Users\admin\AppData\Local\Temp\Unicorn-49003.exeC:\Users\admin\AppData\Local\Temp\Unicorn-49003.exe
Unicorn-27491.exe
User:
admin
Company:
UEFI
Integrity Level:
MEDIUM
Version:
1.00
Modules
Images
c:\users\admin\appdata\local\temp\unicorn-49003.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\apphelp.dll
c:\windows\syswow64\msvbvm60.dll
Total events
10 610
Read events
10 595
Write events
15
Delete events
0

Modification events

(PID) Process:(4024) BackgroundTransferHost.exeKey:HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.contentdeliverymanager_cw5n1h2txyewy\Internet Settings\Cache\Content
Operation:writeName:CachePrefix
Value:
(PID) Process:(4024) BackgroundTransferHost.exeKey:HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.contentdeliverymanager_cw5n1h2txyewy\Internet Settings\Cache\Cookies
Operation:writeName:CachePrefix
Value:
Cookie:
(PID) Process:(4024) BackgroundTransferHost.exeKey:HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.contentdeliverymanager_cw5n1h2txyewy\Internet Settings\Cache\History
Operation:writeName:CachePrefix
Value:
Visited:
(PID) Process:(3888) BackgroundTransferHost.exeKey:HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.contentdeliverymanager_cw5n1h2txyewy\Internet Settings\Cache\Content
Operation:writeName:CachePrefix
Value:
(PID) Process:(3888) BackgroundTransferHost.exeKey:HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.contentdeliverymanager_cw5n1h2txyewy\Internet Settings\Cache\Cookies
Operation:writeName:CachePrefix
Value:
Cookie:
(PID) Process:(3888) BackgroundTransferHost.exeKey:HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.contentdeliverymanager_cw5n1h2txyewy\Internet Settings\Cache\History
Operation:writeName:CachePrefix
Value:
Visited:
(PID) Process:(720) BackgroundTransferHost.exeKey:HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.contentdeliverymanager_cw5n1h2txyewy\Internet Settings\Cache\Content
Operation:writeName:CachePrefix
Value:
(PID) Process:(720) BackgroundTransferHost.exeKey:HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.contentdeliverymanager_cw5n1h2txyewy\Internet Settings\Cache\Cookies
Operation:writeName:CachePrefix
Value:
Cookie:
(PID) Process:(720) BackgroundTransferHost.exeKey:HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.contentdeliverymanager_cw5n1h2txyewy\Internet Settings\Cache\History
Operation:writeName:CachePrefix
Value:
Visited:
(PID) Process:(6228) BackgroundTransferHost.exeKey:HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.contentdeliverymanager_cw5n1h2txyewy\Internet Settings\Cache\Content
Operation:writeName:CachePrefix
Value:
Executable files
703
Suspicious files
5
Text files
0
Unknown types
0

Dropped files

PID
Process
Filename
Type
59721 (356).exeC:\Users\admin\AppData\Local\Temp\Unicorn-27491.exeexecutable
MD5:76F789B7CAEA1C373BCD99D4A474FC14
SHA256:2865B7E588218C80CB585F8C31921712E41F6DF7BD29C02D50160C51351E4729
59721 (356).exeC:\Users\admin\AppData\Local\Temp\Unicorn-59589.exeexecutable
MD5:72AF0CDFCA27FE7429BDC67205926876
SHA256:5094944993C938B244734AF9BFE62FBC8188E6E01B81E2F6942CAD4856EB653C
7172Unicorn-53912.exeC:\Users\admin\AppData\Local\Temp\Unicorn-30092.exeexecutable
MD5:433D4621F19005A1A19BAC4A896F38AB
SHA256:6A6A00E0C2611E4663CE0CE5E6235262F5E082DB8AC2288FBE04C434DA40ECDB
7936Unicorn-23316.exeC:\Users\admin\AppData\Local\Temp\Unicorn-4623.exeexecutable
MD5:8A1D850A6D80ED51C3DBE9B3F5442403
SHA256:597F8FE037CA77A1F9998E7721B41BB0B98151825534C96B4C878DE14AE095D4
59721 (356).exeC:\Users\admin\AppData\Local\Temp\Unicorn-63787.exeexecutable
MD5:7B3DA2EB3E8093E49D49569F64D0A2B6
SHA256:61D21AE6DB9DD5ECBED6829ABB12B7D89C2A48660A4370EEC368E8D54597A38B
7172Unicorn-53912.exeC:\Users\admin\AppData\Local\Temp\Unicorn-28422.exeexecutable
MD5:89F785DFE681BA84CD2A14FB0B41721D
SHA256:D4292F6E9F1BB8D5EC3D345EB6598D9CE25F2E7CEE28F768EE579D23F78FA095
59721 (356).exeC:\Users\admin\AppData\Local\Temp\Unicorn-53912.exeexecutable
MD5:A64F82F70EE586B4B228F21C81808440
SHA256:6D6396FBDCA713213A96FA1A4467B6ED5A204866ED17C40A074EB14C443F23D1
7920Unicorn-27491.exeC:\Users\admin\AppData\Local\Temp\Unicorn-36720.exeexecutable
MD5:10A734D9B1FB663A338D0669EE2DDA51
SHA256:4DBF2D52E6AC6FAFF02B76E7DB049F5281F6C119BC0526D534031484382E3247
7976Unicorn-36720.exeC:\Users\admin\AppData\Local\Temp\Unicorn-30280.exeexecutable
MD5:2B1F506067B58AFDCBDE34425AFC0CEE
SHA256:620A98AF4FB3437F17B2F4FFE3520FC497510E55E09298AA18466AEFA12AA3D5
7588Unicorn-28422.exeC:\Users\admin\AppData\Local\Temp\Unicorn-56630.exeexecutable
MD5:930B7CFF7D3C8850C4B0373CEC4DD4D4
SHA256:4A146789216466CD72C12B501C78913DBB202E5B32078E3DE293772FEDB502BA
Download PCAP, analyze network streams, HTTP content and a lot more at the full report
HTTP(S) requests
6
TCP/UDP connections
24
DNS requests
18
Threats
0

HTTP requests

PID
Process
Method
HTTP Code
IP
URL
CN
Type
Size
Reputation
GET
200
23.48.23.141:80
http://crl.microsoft.com/pki/crl/products/MicRooCerAut2011_2011_03_22.crl
unknown
whitelisted
6544
svchost.exe
GET
200
23.54.109.203:80
http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBSAUQYBMq2awn1Rh6Doh%2FsBYgFV7gQUA95QNVbRTLtm8KPiGxvDl7I90VUCEAJ0LqoXyo4hxxe7H%2Fz9DKA%3D
unknown
whitelisted
6516
backgroundTaskHost.exe
GET
200
23.54.109.203:80
http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBQ50otx%2Fh0Ztl%2Bz8SiPI7wEWVxDlQQUTiJUIBiV5uNu5g%2F6%2BrkS7QYXjzkCEAUZZSZEml49Gjh0j13P68w%3D
unknown
whitelisted
3888
BackgroundTransferHost.exe
GET
200
23.54.109.203:80
http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBTrjrydRyt%2BApF3GSPypfHBxR5XtQQUs9tIpPmhxdiuNkHMEWNpYim8S8YCEAI5PUjXAkJafLQcAAsO18o%3D
unknown
whitelisted
864
SIHClient.exe
GET
200
2.23.246.101:80
http://www.microsoft.com/pkiops/crl/Microsoft%20ECC%20Update%20Secure%20Server%20CA%202.1.crl
unknown
whitelisted
864
SIHClient.exe
GET
200
2.23.246.101:80
http://www.microsoft.com/pkiops/crl/Microsoft%20ECC%20Product%20Root%20Certificate%20Authority%202018.crl
unknown
whitelisted
Download PCAP, analyze network streams, HTTP content and a lot more at the full report

Connections

PID
Process
IP
Domain
ASN
CN
Reputation
4
System
192.168.100.255:138
whitelisted
20.73.194.208:443
settings-win.data.microsoft.com
MICROSOFT-CORP-MSN-AS-BLOCK
NL
whitelisted
23.48.23.141:80
crl.microsoft.com
Akamai International B.V.
DE
whitelisted
5496
MoUsoCoreWorker.exe
20.73.194.208:443
settings-win.data.microsoft.com
MICROSOFT-CORP-MSN-AS-BLOCK
NL
whitelisted
2104
svchost.exe
51.104.136.2:443
settings-win.data.microsoft.com
MICROSOFT-CORP-MSN-AS-BLOCK
IE
whitelisted
3216
svchost.exe
40.113.110.67:443
client.wns.windows.com
MICROSOFT-CORP-MSN-AS-BLOCK
NL
whitelisted
6544
svchost.exe
40.126.32.68:443
login.live.com
MICROSOFT-CORP-MSN-AS-BLOCK
NL
whitelisted
6544
svchost.exe
23.54.109.203:80
ocsp.digicert.com
AKAMAI-AS
DE
whitelisted
6516
backgroundTaskHost.exe
20.223.35.26:443
arc.msn.com
MICROSOFT-CORP-MSN-AS-BLOCK
IE
whitelisted
6516
backgroundTaskHost.exe
23.54.109.203:80
ocsp.digicert.com
AKAMAI-AS
DE
whitelisted

DNS requests

Domain
IP
Reputation
google.com
  • 172.217.18.110
whitelisted
settings-win.data.microsoft.com
  • 20.73.194.208
  • 51.104.136.2
whitelisted
crl.microsoft.com
  • 23.48.23.141
  • 23.48.23.145
  • 23.48.23.169
  • 23.48.23.156
  • 23.48.23.194
  • 23.48.23.143
whitelisted
client.wns.windows.com
  • 40.113.110.67
whitelisted
login.live.com
  • 40.126.32.68
  • 20.190.160.132
  • 20.190.160.3
  • 20.190.160.17
  • 40.126.32.138
  • 40.126.32.76
  • 20.190.160.64
  • 20.190.160.14
whitelisted
ocsp.digicert.com
  • 23.54.109.203
whitelisted
arc.msn.com
  • 20.223.35.26
whitelisted
www.bing.com
  • 104.126.37.177
  • 104.126.37.154
  • 104.126.37.168
  • 104.126.37.152
  • 104.126.37.161
  • 104.126.37.178
  • 104.126.37.155
  • 104.126.37.153
  • 104.126.37.163
whitelisted
slscr.update.microsoft.com
  • 4.245.163.56
whitelisted
www.microsoft.com
  • 2.23.246.101
whitelisted

Threats

No threats detected
No debug info
Interactive malware hunting service ANY.RUN
© 2017-2025 ANY.RUN ALL RIGHTS RESERVED
ANY.RUN
Reports
1 (356)