File name:

1 (252)

Full analysis: https://app.any.run/tasks/b78e60b2-cf0e-4f07-b744-65377504e1b0
Verdict: Malicious activity
Analysis date: March 24, 2025, 18:58:08
OS: Windows 10 Professional (build: 19045, 64 bit)
Indicators:
MIME: application/vnd.microsoft.portable-executable
File info: PE32 executable (GUI) Intel 80386, for MS Windows, 3 sections
MD5:

5D8F4CD8BDB38EB6F6F173F1E4A66580

SHA1:

D906664BCAADA03D04234B06D2DC24E0B43E5B94

SHA256:

E0A9BA7E9BF7FB05D2A1DFB860D1C9BF7B407ABE00E23B3F2519C07440ED0338

SSDEEP:

6144:S7NgAAIBMDfHAkRXTZeMvvfC4KBql/JGBCIW2erdak/8SwjwpyivEhIowRmAs/2a:ShZPkHAkBTYDBMRaCz2erd3x4DxmDsR

ANY.RUN is an interactive service which provides full access to the guest system. Information in this report could be distorted by user actions and is provided for user acknowledgement as it is. ANY.RUN does not guarantee maliciousness or safety of the content.

  • MALICIOUS

    No malicious indicators.

  • SUSPICIOUS

    • Executable content was dropped or overwritten

      • 1 (252).exe (PID: 5324)
      • Unicorn-62477.exe (PID: 4892)
      • Unicorn-41071.exe (PID: 5720)
      • Unicorn-29373.exe (PID: 6192)
      • Unicorn-46826.exe (PID: 2040)
      • Unicorn-27797.exe (PID: 4464)
      • Unicorn-3192.exe (PID: 6248)
      • Unicorn-14558.exe (PID: 5756)
      • Unicorn-2861.exe (PID: 2960)
      • Unicorn-39063.exe (PID: 3332)
      • Unicorn-45185.exe (PID: 6560)
      • Unicorn-47231.exe (PID: 4268)
      • Unicorn-39617.exe (PID: 5112)
      • Unicorn-62607.exe (PID: 5228)
      • Unicorn-44299.exe (PID: 3784)
      • Unicorn-55160.exe (PID: 6040)
      • Unicorn-21741.exe (PID: 4112)
      • Unicorn-41184.exe (PID: 1280)
      • Unicorn-7604.exe (PID: 7236)
      • Unicorn-32623.exe (PID: 7184)
      • Unicorn-53043.exe (PID: 7244)
      • Unicorn-43806.exe (PID: 7288)
      • Unicorn-18787.exe (PID: 7304)
      • Unicorn-38653.exe (PID: 7324)
      • Unicorn-47231.exe (PID: 976)
      • Unicorn-17967.exe (PID: 7260)
      • Unicorn-3080.exe (PID: 7348)
      • Unicorn-64501.exe (PID: 7540)
      • Unicorn-17993.exe (PID: 7560)
      • Unicorn-15300.exe (PID: 7576)
      • Unicorn-43981.exe (PID: 7596)
      • Unicorn-50111.exe (PID: 7604)
      • Unicorn-27553.exe (PID: 7640)
      • Unicorn-16981.exe (PID: 7676)
      • Unicorn-31445.exe (PID: 7700)
      • Unicorn-58834.exe (PID: 7652)
      • Unicorn-15663.exe (PID: 7756)
      • Unicorn-13546.exe (PID: 7828)
      • Unicorn-3432.exe (PID: 7792)
      • Unicorn-32575.exe (PID: 7848)
      • Unicorn-17722.exe (PID: 7812)
      • Unicorn-40104.exe (PID: 8036)
      • Unicorn-59440.exe (PID: 8044)
      • Unicorn-7324.exe (PID: 7876)
      • Unicorn-45705.exe (PID: 8004)
      • Unicorn-45705.exe (PID: 8052)
      • Unicorn-6255.exe (PID: 7924)
      • Unicorn-51927.exe (PID: 7932)
      • Unicorn-6255.exe (PID: 7912)
      • Unicorn-33452.exe (PID: 8020)
      • Unicorn-6255.exe (PID: 7948)
      • Unicorn-5880.exe (PID: 7332)
      • Unicorn-53625.exe (PID: 7964)
      • Unicorn-43806.exe (PID: 7292)
      • Unicorn-65305.exe (PID: 8012)
      • Unicorn-32789.exe (PID: 8172)
      • Unicorn-17007.exe (PID: 8184)
      • Unicorn-59239.exe (PID: 5968)
      • Unicorn-36773.exe (PID: 7520)
      • Unicorn-29067.exe (PID: 7784)
      • Unicorn-51647.exe (PID: 7192)
      • Unicorn-38819.exe (PID: 6404)
      • Unicorn-45425.exe (PID: 6644)
      • Unicorn-49509.exe (PID: 1228)
      • Unicorn-35311.exe (PID: 8152)
      • Unicorn-32908.exe (PID: 7172)
      • Unicorn-16645.exe (PID: 8228)
      • Unicorn-19093.exe (PID: 8256)
      • Unicorn-45980.exe (PID: 8200)
      • Unicorn-19258.exe (PID: 8280)
      • Unicorn-43101.exe (PID: 8288)
      • Unicorn-58601.exe (PID: 8336)
      • Unicorn-9955.exe (PID: 8360)
      • Unicorn-15330.exe (PID: 8448)
      • Unicorn-54325.exe (PID: 8380)
      • Unicorn-18830.exe (PID: 8552)
      • Unicorn-40319.exe (PID: 8576)
      • Unicorn-23167.exe (PID: 8616)
      • Unicorn-22421.exe (PID: 8668)
      • Unicorn-26505.exe (PID: 8696)
      • Unicorn-57039.exe (PID: 8772)
      • Unicorn-9161.exe (PID: 8804)
      • Unicorn-61215.exe (PID: 8764)
      • Unicorn-24102.exe (PID: 8756)
      • Unicorn-22805.exe (PID: 8864)
      • Unicorn-22805.exe (PID: 8860)
      • Unicorn-35057.exe (PID: 8896)
      • Unicorn-63645.exe (PID: 8936)
      • Unicorn-63645.exe (PID: 8940)
      • Unicorn-39695.exe (PID: 8952)
      • Unicorn-23661.exe (PID: 7976)
      • Unicorn-59218.exe (PID: 1512)
      • Unicorn-38653.exe (PID: 7312)
      • Unicorn-6255.exe (PID: 7908)
      • Unicorn-54.exe (PID: 9060)
      • Unicorn-47885.exe (PID: 9072)
      • Unicorn-22380.exe (PID: 9040)
      • Unicorn-21243.exe (PID: 9104)
      • Unicorn-21243.exe (PID: 9096)
      • Unicorn-21243.exe (PID: 9088)
      • Unicorn-51969.exe (PID: 9116)
      • Unicorn-39617.exe (PID: 9160)
      • Unicorn-60037.exe (PID: 8484)
      • Unicorn-60037.exe (PID: 8376)
      • Unicorn-15020.exe (PID: 9204)
      • Unicorn-15020.exe (PID: 9180)
      • Unicorn-49831.exe (PID: 8216)
      • Unicorn-35441.exe (PID: 7084)
      • Unicorn-25135.exe (PID: 4016)
      • Unicorn-43509.exe (PID: 8856)
      • Unicorn-29773.exe (PID: 7720)
      • Unicorn-17521.exe (PID: 8852)
      • Unicorn-13867.exe (PID: 9236)
      • Unicorn-47507.exe (PID: 9264)
      • Unicorn-50307.exe (PID: 9272)
      • Unicorn-27164.exe (PID: 9388)
      • Unicorn-5482.exe (PID: 9500)
      • Unicorn-50064.exe (PID: 8220)
      • Unicorn-26095.exe (PID: 9416)
      • Unicorn-42431.exe (PID: 9452)
      • Unicorn-31802.exe (PID: 9432)
      • Unicorn-62337.exe (PID: 9552)
      • Unicorn-35039.exe (PID: 9592)
      • Unicorn-56629.exe (PID: 9544)
      • Unicorn-32125.exe (PID: 9492)
      • Unicorn-41170.exe (PID: 9600)
      • Unicorn-10142.exe (PID: 9644)
      • Unicorn-63982.exe (PID: 9652)
      • Unicorn-24240.exe (PID: 9804)
      • Unicorn-40677.exe (PID: 9752)
      • Unicorn-31440.exe (PID: 9768)
      • Unicorn-27033.exe (PID: 9692)
      • Unicorn-24341.exe (PID: 9720)
      • Unicorn-15981.exe (PID: 9836)
      • Unicorn-4396.exe (PID: 9892)
      • Unicorn-24816.exe (PID: 9920)
      • Unicorn-5488.exe (PID: 10020)
      • Unicorn-56198.exe (PID: 9884)
      • Unicorn-3043.exe (PID: 10060)
      • Unicorn-36785.exe (PID: 10128)
      • Unicorn-20063.exe (PID: 10192)
      • Unicorn-63738.exe (PID: 10168)
      • Unicorn-42135.exe (PID: 7900)
      • Unicorn-48243.exe (PID: 5308)
      • Unicorn-12041.exe (PID: 9476)
      • Unicorn-62825.exe (PID: 8652)
      • Unicorn-57682.exe (PID: 7336)
      • Unicorn-59125.exe (PID: 2332)
      • Unicorn-28399.exe (PID: 1128)
      • Unicorn-32026.exe (PID: 4880)
      • Unicorn-21797.exe (PID: 9188)
      • Unicorn-42689.exe (PID: 4380)
      • Unicorn-55404.exe (PID: 960)
      • Unicorn-7594.exe (PID: 5072)
      • Unicorn-38321.exe (PID: 5328)
      • Unicorn-29773.exe (PID: 7708)
      • Unicorn-38897.exe (PID: 9308)
      • Unicorn-55238.exe (PID: 9524)
      • Unicorn-62659.exe (PID: 9624)
      • Unicorn-23115.exe (PID: 9300)
      • Unicorn-2503.exe (PID: 9168)
      • Unicorn-39451.exe (PID: 9016)
      • Unicorn-2089.exe (PID: 9732)
      • Unicorn-23036.exe (PID: 8596)
      • Unicorn-35009.exe (PID: 9848)
      • Unicorn-23307.exe (PID: 10336)
      • Unicorn-53671.exe (PID: 6876)
      • Unicorn-59701.exe (PID: 10304)
      • Unicorn-52664.exe (PID: 10372)
      • Unicorn-6255.exe (PID: 7940)
      • Unicorn-4662.exe (PID: 10404)
      • Unicorn-1310.exe (PID: 10428)
      • Unicorn-55456.exe (PID: 7864)
      • Unicorn-44289.exe (PID: 10456)
      • Unicorn-40677.exe (PID: 9760)
      • Unicorn-61652.exe (PID: 9828)
      • Unicorn-30261.exe (PID: 10708)
      • Unicorn-63126.exe (PID: 10592)
      • Unicorn-56084.exe (PID: 10580)
      • Unicorn-47419.exe (PID: 10572)
      • Unicorn-46135.exe (PID: 10604)
      • Unicorn-46043.exe (PID: 10656)
      • Unicorn-30261.exe (PID: 10716)
      • Unicorn-20723.exe (PID: 10760)
      • Unicorn-30283.exe (PID: 10792)
      • Unicorn-17647.exe (PID: 10476)
      • Unicorn-25638.exe (PID: 9564)
      • Unicorn-11232.exe (PID: 10684)
      • Unicorn-10417.exe (PID: 10804)
      • Unicorn-58871.exe (PID: 10916)
      • Unicorn-16447.exe (PID: 10944)
      • Unicorn-45036.exe (PID: 11064)
      • Unicorn-36313.exe (PID: 10952)
      • Unicorn-24615.exe (PID: 10984)
      • Unicorn-4003.exe (PID: 11132)
      • Unicorn-33910.exe (PID: 11092)
      • Unicorn-21923.exe (PID: 10996)
      • Unicorn-65456.exe (PID: 11160)
      • Unicorn-10417.exe (PID: 10800)
      • Unicorn-54879.exe (PID: 10828)
      • Unicorn-55582.exe (PID: 10888)
      • Unicorn-16447.exe (PID: 10936)
      • Unicorn-13742.exe (PID: 9468)

    • Starts itself from another location

      • 1 (252).exe (PID: 5324)
      • Unicorn-62477.exe (PID: 4892)
      • Unicorn-41071.exe (PID: 5720)
      • Unicorn-29373.exe (PID: 6192)
      • Unicorn-27797.exe (PID: 4464)
      • Unicorn-46826.exe (PID: 2040)
      • Unicorn-3192.exe (PID: 6248)
      • Unicorn-62607.exe (PID: 5228)
      • Unicorn-14558.exe (PID: 5756)
      • Unicorn-39063.exe (PID: 3332)
      • Unicorn-45185.exe (PID: 6560)
      • Unicorn-47231.exe (PID: 4268)
      • Unicorn-47231.exe (PID: 976)
      • Unicorn-2861.exe (PID: 2960)
      • Unicorn-39617.exe (PID: 5112)
      • Unicorn-59218.exe (PID: 1512)
      • Unicorn-44299.exe (PID: 3784)
      • Unicorn-55160.exe (PID: 6040)
      • Unicorn-21741.exe (PID: 4112)
      • Unicorn-41184.exe (PID: 1280)
      • Unicorn-7604.exe (PID: 7236)
      • Unicorn-53043.exe (PID: 7244)
      • Unicorn-32623.exe (PID: 7184)
      • Unicorn-43806.exe (PID: 7288)
      • Unicorn-18787.exe (PID: 7304)
      • Unicorn-38653.exe (PID: 7324)
      • Unicorn-64501.exe (PID: 7540)
      • Unicorn-15300.exe (PID: 7576)
      • Unicorn-43981.exe (PID: 7596)
      • Unicorn-50111.exe (PID: 7604)
      • Unicorn-27553.exe (PID: 7640)
      • Unicorn-17993.exe (PID: 7560)
      • Unicorn-16981.exe (PID: 7676)
      • Unicorn-31445.exe (PID: 7700)
      • Unicorn-58834.exe (PID: 7652)
      • Unicorn-15663.exe (PID: 7756)
      • Unicorn-13546.exe (PID: 7828)
      • Unicorn-3432.exe (PID: 7792)
      • Unicorn-17722.exe (PID: 7812)
      • Unicorn-7324.exe (PID: 7876)
      • Unicorn-17967.exe (PID: 7260)
      • Unicorn-40104.exe (PID: 8036)
      • Unicorn-55456.exe (PID: 7864)
      • Unicorn-32575.exe (PID: 7848)
      • Unicorn-42135.exe (PID: 7900)
      • Unicorn-45705.exe (PID: 8052)
      • Unicorn-51927.exe (PID: 7932)
      • Unicorn-59440.exe (PID: 8044)
      • Unicorn-45705.exe (PID: 8004)
      • Unicorn-6255.exe (PID: 7912)
      • Unicorn-6255.exe (PID: 7908)
      • Unicorn-6255.exe (PID: 7948)
      • Unicorn-23661.exe (PID: 7976)
      • Unicorn-38653.exe (PID: 7312)
      • Unicorn-53625.exe (PID: 7964)
      • Unicorn-43806.exe (PID: 7292)
      • Unicorn-65305.exe (PID: 8012)
      • Unicorn-3080.exe (PID: 7348)
      • Unicorn-57682.exe (PID: 7336)
      • Unicorn-32789.exe (PID: 8172)
      • Unicorn-17007.exe (PID: 8184)
      • Unicorn-29067.exe (PID: 7784)
      • Unicorn-51647.exe (PID: 7192)
      • Unicorn-38819.exe (PID: 6404)
      • Unicorn-35311.exe (PID: 8152)
      • Unicorn-45425.exe (PID: 6644)
      • Unicorn-32908.exe (PID: 7172)
      • Unicorn-49509.exe (PID: 1228)
      • Unicorn-45980.exe (PID: 8200)
      • Unicorn-50064.exe (PID: 8220)
      • Unicorn-16645.exe (PID: 8228)
      • Unicorn-19093.exe (PID: 8256)
      • Unicorn-5880.exe (PID: 7332)
      • Unicorn-19258.exe (PID: 8280)
      • Unicorn-43101.exe (PID: 8288)
      • Unicorn-9955.exe (PID: 8360)
      • Unicorn-54325.exe (PID: 8380)
      • Unicorn-15330.exe (PID: 8448)
      • Unicorn-58601.exe (PID: 8336)
      • Unicorn-18830.exe (PID: 8552)
      • Unicorn-40319.exe (PID: 8576)
      • Unicorn-23167.exe (PID: 8616)
      • Unicorn-22421.exe (PID: 8668)
      • Unicorn-26505.exe (PID: 8696)
      • Unicorn-57039.exe (PID: 8772)
      • Unicorn-9161.exe (PID: 8804)
      • Unicorn-61215.exe (PID: 8764)
      • Unicorn-24102.exe (PID: 8756)
      • Unicorn-22805.exe (PID: 8860)
      • Unicorn-22805.exe (PID: 8864)
      • Unicorn-35057.exe (PID: 8896)
      • Unicorn-63645.exe (PID: 8936)
      • Unicorn-6255.exe (PID: 7924)
      • Unicorn-39695.exe (PID: 8952)
      • Unicorn-6255.exe (PID: 7940)
      • Unicorn-63645.exe (PID: 8940)
      • Unicorn-33452.exe (PID: 8020)
      • Unicorn-54.exe (PID: 9060)
      • Unicorn-47885.exe (PID: 9072)
      • Unicorn-22380.exe (PID: 9040)
      • Unicorn-21243.exe (PID: 9104)
      • Unicorn-21243.exe (PID: 9096)
      • Unicorn-21243.exe (PID: 9088)
      • Unicorn-2503.exe (PID: 9168)
      • Unicorn-39617.exe (PID: 9160)
      • Unicorn-21797.exe (PID: 9188)
      • Unicorn-60037.exe (PID: 8484)
      • Unicorn-15020.exe (PID: 9204)
      • Unicorn-15020.exe (PID: 9180)
      • Unicorn-49831.exe (PID: 8216)
      • Unicorn-35441.exe (PID: 7084)
      • Unicorn-60037.exe (PID: 8376)
      • Unicorn-43509.exe (PID: 8856)
      • Unicorn-17521.exe (PID: 8852)
      • Unicorn-29773.exe (PID: 7720)
      • Unicorn-29773.exe (PID: 7708)
      • Unicorn-25135.exe (PID: 4016)
      • Unicorn-13867.exe (PID: 9236)
      • Unicorn-47507.exe (PID: 9264)
      • Unicorn-59239.exe (PID: 5968)
      • Unicorn-36773.exe (PID: 7520)
      • Unicorn-50307.exe (PID: 9272)
      • Unicorn-27164.exe (PID: 9388)
      • Unicorn-5482.exe (PID: 9500)
      • Unicorn-26095.exe (PID: 9416)
      • Unicorn-31802.exe (PID: 9432)
      • Unicorn-42431.exe (PID: 9452)
      • Unicorn-25638.exe (PID: 9564)
      • Unicorn-55238.exe (PID: 9524)
      • Unicorn-13742.exe (PID: 9468)
      • Unicorn-32125.exe (PID: 9492)
      • Unicorn-41170.exe (PID: 9600)
      • Unicorn-10142.exe (PID: 9644)
      • Unicorn-62659.exe (PID: 9624)
      • Unicorn-56629.exe (PID: 9544)
      • Unicorn-40677.exe (PID: 9752)
      • Unicorn-27033.exe (PID: 9692)
      • Unicorn-24341.exe (PID: 9720)
      • Unicorn-40677.exe (PID: 9760)
      • Unicorn-61652.exe (PID: 9828)
      • Unicorn-35009.exe (PID: 9848)
      • Unicorn-15981.exe (PID: 9836)
      • Unicorn-4396.exe (PID: 9892)
      • Unicorn-31440.exe (PID: 9768)
      • Unicorn-56198.exe (PID: 9884)
      • Unicorn-24816.exe (PID: 9920)
      • Unicorn-62337.exe (PID: 9552)
      • Unicorn-5488.exe (PID: 10020)
      • Unicorn-3920.exe (PID: 9684)
      • Unicorn-63982.exe (PID: 9652)
      • Unicorn-3043.exe (PID: 10060)
      • Unicorn-36785.exe (PID: 10128)
      • Unicorn-63738.exe (PID: 10168)
      • Unicorn-20063.exe (PID: 10192)
      • Unicorn-62825.exe (PID: 8652)
      • Unicorn-48243.exe (PID: 5308)
      • Unicorn-28399.exe (PID: 1128)
      • Unicorn-59125.exe (PID: 2332)
      • Unicorn-42689.exe (PID: 4380)
      • Unicorn-32026.exe (PID: 4880)
      • Unicorn-55404.exe (PID: 960)
      • Unicorn-38321.exe (PID: 5328)
      • Unicorn-7594.exe (PID: 5072)
      • Unicorn-38897.exe (PID: 9308)
      • Unicorn-39451.exe (PID: 9016)
      • Unicorn-24240.exe (PID: 9804)
      • Unicorn-23115.exe (PID: 9300)
      • Unicorn-35039.exe (PID: 9592)
      • Unicorn-23036.exe (PID: 8596)
      • Unicorn-23307.exe (PID: 10336)
      • Unicorn-59701.exe (PID: 10304)
      • Unicorn-53671.exe (PID: 6876)
      • Unicorn-52664.exe (PID: 10372)
      • Unicorn-12041.exe (PID: 9476)

    • Executes application which crashes

      • Unicorn-35995.exe (PID: 896)
      • Unicorn-35995.exe (PID: 5200)
      • Unicorn-41834.exe (PID: 13604)

  • INFO

    • The sample compiled with chinese language support

      • 1 (252).exe (PID: 5324)

    • Checks supported languages

      • 1 (252).exe (PID: 5324)
      • Unicorn-62477.exe (PID: 4892)
      • Unicorn-41071.exe (PID: 5720)
      • Unicorn-29373.exe (PID: 6192)
      • Unicorn-27797.exe (PID: 4464)
      • Unicorn-46826.exe (PID: 2040)
      • Unicorn-62607.exe (PID: 5228)
      • Unicorn-14558.exe (PID: 5756)
      • Unicorn-2861.exe (PID: 2960)
      • Unicorn-45185.exe (PID: 6560)
      • Unicorn-39063.exe (PID: 3332)
      • Unicorn-3192.exe (PID: 6248)
      • Unicorn-39617.exe (PID: 5112)
      • Unicorn-47231.exe (PID: 976)
      • Unicorn-47231.exe (PID: 4268)
      • Unicorn-59218.exe (PID: 1512)
      • Unicorn-55160.exe (PID: 6040)
      • Unicorn-44299.exe (PID: 3784)
      • Unicorn-21741.exe (PID: 4112)
      • Unicorn-32623.exe (PID: 7184)
      • Unicorn-7604.exe (PID: 7236)
      • Unicorn-53043.exe (PID: 7244)
      • Unicorn-17967.exe (PID: 7260)
      • Unicorn-41184.exe (PID: 1280)
      • Unicorn-38653.exe (PID: 7324)
      • Unicorn-43806.exe (PID: 7288)
      • Unicorn-38653.exe (PID: 7312)
      • Unicorn-3080.exe (PID: 7348)
      • Unicorn-43806.exe (PID: 7292)
      • Unicorn-18787.exe (PID: 7304)
      • Unicorn-57682.exe (PID: 7336)
      • Unicorn-5880.exe (PID: 7332)
      • Unicorn-64501.exe (PID: 7540)
      • Unicorn-17993.exe (PID: 7560)
      • Unicorn-27553.exe (PID: 7640)
      • Unicorn-16981.exe (PID: 7676)
      • Unicorn-58834.exe (PID: 7652)
      • Unicorn-15300.exe (PID: 7576)
      • Unicorn-43981.exe (PID: 7596)
      • Unicorn-50111.exe (PID: 7604)
      • Unicorn-3432.exe (PID: 7792)
      • Unicorn-17722.exe (PID: 7812)
      • Unicorn-31445.exe (PID: 7700)
      • Unicorn-7324.exe (PID: 7876)
      • Unicorn-55456.exe (PID: 7864)
      • Unicorn-42135.exe (PID: 7900)
      • Unicorn-13546.exe (PID: 7828)
      • Unicorn-6255.exe (PID: 7924)
      • Unicorn-45705.exe (PID: 8004)
      • Unicorn-40104.exe (PID: 8036)
      • Unicorn-23661.exe (PID: 7976)
      • Unicorn-6255.exe (PID: 7912)
      • Unicorn-59440.exe (PID: 8044)
      • Unicorn-45705.exe (PID: 8052)
      • Unicorn-33452.exe (PID: 8020)
      • Unicorn-51927.exe (PID: 7932)
      • Unicorn-53625.exe (PID: 7964)
      • Unicorn-6255.exe (PID: 7940)
      • Unicorn-6255.exe (PID: 7948)
      • Unicorn-32789.exe (PID: 8172)
      • Unicorn-38819.exe (PID: 6404)
      • Unicorn-36773.exe (PID: 7520)
      • Unicorn-59239.exe (PID: 5968)
      • Unicorn-29067.exe (PID: 7784)
      • Unicorn-35311.exe (PID: 8152)
      • Unicorn-51647.exe (PID: 7192)
      • Unicorn-50064.exe (PID: 8220)
      • Unicorn-49509.exe (PID: 1228)
      • Unicorn-45980.exe (PID: 8200)
      • Unicorn-43101.exe (PID: 8288)
      • Unicorn-19258.exe (PID: 8280)
      • Unicorn-16645.exe (PID: 8228)
      • Unicorn-9955.exe (PID: 8360)
      • Unicorn-54325.exe (PID: 8380)
      • Unicorn-58601.exe (PID: 8336)
      • Unicorn-15330.exe (PID: 8448)
      • Unicorn-18830.exe (PID: 8552)
      • Unicorn-23167.exe (PID: 8616)
      • Unicorn-40319.exe (PID: 8576)
      • Unicorn-61215.exe (PID: 8764)
      • Unicorn-9161.exe (PID: 8804)
      • Unicorn-57039.exe (PID: 8772)
      • Unicorn-22805.exe (PID: 8860)
      • Unicorn-26505.exe (PID: 8696)
      • Unicorn-39695.exe (PID: 8952)
      • Unicorn-63645.exe (PID: 8940)
      • Unicorn-22380.exe (PID: 9040)
      • Unicorn-54.exe (PID: 9060)
      • Unicorn-35057.exe (PID: 8896)
      • Unicorn-47885.exe (PID: 9072)
      • Unicorn-51969.exe (PID: 9116)
      • Unicorn-21243.exe (PID: 9096)
      • Unicorn-39617.exe (PID: 9160)
      • Unicorn-21243.exe (PID: 9088)
      • Unicorn-21243.exe (PID: 9104)
      • Unicorn-49831.exe (PID: 8216)
      • Unicorn-60037.exe (PID: 8484)
      • Unicorn-60037.exe (PID: 8376)
      • Unicorn-35441.exe (PID: 7084)
      • Unicorn-35995.exe (PID: 896)
      • Unicorn-21797.exe (PID: 9188)
      • Unicorn-15020.exe (PID: 9204)
      • Unicorn-15020.exe (PID: 9180)
      • Unicorn-25135.exe (PID: 4016)
      • Unicorn-17521.exe (PID: 8852)
      • Unicorn-29773.exe (PID: 7720)
      • Unicorn-43509.exe (PID: 8856)
      • Unicorn-29773.exe (PID: 7708)
      • Unicorn-13867.exe (PID: 9236)
      • Unicorn-35995.exe (PID: 5200)
      • Unicorn-27164.exe (PID: 9388)
      • Unicorn-26095.exe (PID: 9416)
      • Unicorn-50307.exe (PID: 9272)
      • Unicorn-47507.exe (PID: 9264)
      • Unicorn-5482.exe (PID: 9500)
      • Unicorn-25638.exe (PID: 9564)
      • Unicorn-13742.exe (PID: 9468)
      • Unicorn-55238.exe (PID: 9524)
      • Unicorn-32125.exe (PID: 9492)
      • Unicorn-62337.exe (PID: 9552)
      • Unicorn-42431.exe (PID: 9452)
      • Unicorn-35039.exe (PID: 9592)
      • Unicorn-10142.exe (PID: 9644)
      • Unicorn-63982.exe (PID: 9652)
      • Unicorn-27033.exe (PID: 9692)
      • Unicorn-2089.exe (PID: 9732)
      • Unicorn-24341.exe (PID: 9720)
      • Unicorn-41170.exe (PID: 9600)
      • Unicorn-62659.exe (PID: 9624)
      • Unicorn-31440.exe (PID: 9768)
      • Unicorn-40677.exe (PID: 9752)
      • Unicorn-40677.exe (PID: 9760)
      • Unicorn-24240.exe (PID: 9804)
      • Unicorn-61652.exe (PID: 9828)
      • Unicorn-15981.exe (PID: 9836)
      • Unicorn-35009.exe (PID: 9848)
      • Unicorn-5488.exe (PID: 10020)
      • Unicorn-20063.exe (PID: 10192)
      • Unicorn-63738.exe (PID: 10168)
      • Unicorn-4396.exe (PID: 9892)
      • Unicorn-56198.exe (PID: 9884)
      • Unicorn-24816.exe (PID: 9920)
      • Unicorn-36785.exe (PID: 10128)
      • Unicorn-12041.exe (PID: 9476)
      • Unicorn-48243.exe (PID: 5308)
      • Unicorn-59125.exe (PID: 2332)
      • Unicorn-62825.exe (PID: 8652)
      • Unicorn-32026.exe (PID: 4880)
      • Unicorn-7594.exe (PID: 5072)
      • Unicorn-38321.exe (PID: 5328)
      • Unicorn-23115.exe (PID: 9300)
      • Unicorn-28399.exe (PID: 1128)
      • Unicorn-42689.exe (PID: 4380)
      • Unicorn-55404.exe (PID: 960)
      • Unicorn-39451.exe (PID: 9016)
      • Unicorn-53671.exe (PID: 6876)
      • Unicorn-59701.exe (PID: 10304)
      • Unicorn-38897.exe (PID: 9308)
      • Unicorn-23036.exe (PID: 8596)
      • Unicorn-4662.exe (PID: 10404)
      • Unicorn-44289.exe (PID: 10456)
      • Unicorn-17647.exe (PID: 10476)
      • Unicorn-1310.exe (PID: 10428)
      • Unicorn-47419.exe (PID: 10572)
      • Unicorn-63126.exe (PID: 10592)
      • Unicorn-56084.exe (PID: 10580)
      • Unicorn-46135.exe (PID: 10604)
      • Unicorn-11232.exe (PID: 10684)
      • Unicorn-30283.exe (PID: 10792)
      • Unicorn-54879.exe (PID: 10828)
      • Unicorn-10417.exe (PID: 10804)
      • Unicorn-10417.exe (PID: 10800)
      • Unicorn-30261.exe (PID: 10708)
      • Unicorn-30261.exe (PID: 10716)
      • Unicorn-55582.exe (PID: 10888)
      • Unicorn-16447.exe (PID: 10944)
      • Unicorn-24615.exe (PID: 10984)
      • Unicorn-21923.exe (PID: 10996)
      • Unicorn-63510.exe (PID: 11032)
      • Unicorn-63510.exe (PID: 11024)
      • Unicorn-45036.exe (PID: 11064)
      • Unicorn-33910.exe (PID: 11092)
      • Unicorn-16447.exe (PID: 10936)
      • Unicorn-36313.exe (PID: 10952)
      • Unicorn-65456.exe (PID: 11160)
      • Unicorn-12171.exe (PID: 11184)
      • Unicorn-12284.exe (PID: 300)
      • Unicorn-32704.exe (PID: 10388)
      • Unicorn-14938.exe (PID: 11124)
      • Unicorn-4003.exe (PID: 11132)
      • Unicorn-53125.exe (PID: 11284)
      • Unicorn-53125.exe (PID: 11292)
      • Unicorn-63339.exe (PID: 8684)
      • Unicorn-28297.exe (PID: 11344)
      • Unicorn-5970.exe (PID: 11324)
      • Unicorn-51087.exe (PID: 10780)
      • Unicorn-38643.exe (PID: 11384)
      • Unicorn-38378.exe (PID: 11376)
      • Unicorn-34559.exe (PID: 11416)
      • Unicorn-12000.exe (PID: 11468)
      • Unicorn-12000.exe (PID: 11464)
      • Unicorn-54979.exe (PID: 11488)
      • Unicorn-32421.exe (PID: 11540)
      • Unicorn-61777.exe (PID: 11608)
      • Unicorn-39219.exe (PID: 11616)
      • Unicorn-57693.exe (PID: 11588)
      • Unicorn-56110.exe (PID: 11796)
      • Unicorn-32997.exe (PID: 11720)
      • Unicorn-30859.exe (PID: 11880)
      • Unicorn-20553.exe (PID: 11988)
      • Unicorn-4771.exe (PID: 11968)
      • Unicorn-52602.exe (PID: 12012)
      • Unicorn-4884.exe (PID: 12084)
      • Unicorn-34127.exe (PID: 12108)
      • Unicorn-18420.exe (PID: 12116)
      • Unicorn-9431.exe (PID: 12176)
      • Unicorn-64662.exe (PID: 12216)
      • Unicorn-25021.exe (PID: 12268)
      • Unicorn-61455.exe (PID: 12276)
      • Unicorn-59182.exe (PID: 12004)
      • Unicorn-52602.exe (PID: 12016)
      • Unicorn-47863.exe (PID: 12100)
      • Unicorn-3639.exe (PID: 11692)
      • Unicorn-30427.exe (PID: 11772)
      • Unicorn-44875.exe (PID: 10124)
      • Unicorn-50293.exe (PID: 10104)
      • Unicorn-35881.exe (PID: 12256)
      • Unicorn-35903.exe (PID: 12304)
      • Unicorn-56323.exe (PID: 12368)
      • Unicorn-21513.exe (PID: 12376)
      • Unicorn-44875.exe (PID: 11768)
      • Unicorn-21513.exe (PID: 12420)
      • Unicorn-30427.exe (PID: 10136)
      • Unicorn-49836.exe (PID: 12508)
      • Unicorn-43971.exe (PID: 12492)
      • Unicorn-61284.exe (PID: 12584)
      • Unicorn-59016.exe (PID: 12340)
      • Unicorn-50193.exe (PID: 12360)
      • Unicorn-60791.exe (PID: 12764)
      • Unicorn-3422.exe (PID: 12788)
      • Unicorn-60791.exe (PID: 12756)
      • Unicorn-3422.exe (PID: 12792)
      • Unicorn-64683.exe (PID: 13000)
      • Unicorn-50829.exe (PID: 13072)
      • Unicorn-64683.exe (PID: 12992)
      • Unicorn-23843.exe (PID: 12852)
      • Unicorn-55753.exe (PID: 12984)
      • Unicorn-50869.exe (PID: 13112)
      • Unicorn-45778.exe (PID: 13180)
      • Unicorn-59976.exe (PID: 13236)
      • Unicorn-14112.exe (PID: 13096)
      • Unicorn-50630.exe (PID: 13372)
      • Unicorn-37993.exe (PID: 11840)
      • Unicorn-12742.exe (PID: 8748)
      • Unicorn-56276.exe (PID: 13068)
      • Unicorn-44045.exe (PID: 2392)
      • Unicorn-63458.exe (PID: 13456)
      • Unicorn-5513.exe (PID: 13392)
      • Unicorn-34214.exe (PID: 13448)
      • Unicorn-62803.exe (PID: 13500)
      • Unicorn-1237.exe (PID: 13296)
      • Unicorn-1237.exe (PID: 13304)
      • Unicorn-46738.exe (PID: 13684)
      • Unicorn-65133.exe (PID: 13788)
      • Unicorn-13794.exe (PID: 13852)
      • Unicorn-49644.exe (PID: 14040)
      • Unicorn-33036.exe (PID: 13520)
      • Unicorn-64994.exe (PID: 13676)
      • Unicorn-17276.exe (PID: 14340)
      • Unicorn-58117.exe (PID: 14544)
      • Unicorn-37340.exe (PID: 14524)
      • Unicorn-58117.exe (PID: 14536)
      • Unicorn-20506.exe (PID: 14596)
      • Unicorn-58196.exe (PID: 4736)
      • Unicorn-47070.exe (PID: 13640)
      • Unicorn-6878.exe (PID: 14712)
      • Unicorn-37697.exe (PID: 14452)
      • Unicorn-55979.exe (PID: 14612)
      • Unicorn-42879.exe (PID: 14856)
      • Unicorn-39425.exe (PID: 14884)
      • Unicorn-48090.exe (PID: 14900)
      • Unicorn-64247.exe (PID: 14556)
      • Unicorn-10200.exe (PID: 14572)
      • Unicorn-28980.exe (PID: 14808)
      • Unicorn-65246.exe (PID: 15080)
      • Unicorn-61162.exe (PID: 15008)
      • Unicorn-14728.exe (PID: 15036)
      • Unicorn-42687.exe (PID: 15148)
      • Unicorn-44079.exe (PID: 15192)
      • Unicorn-42687.exe (PID: 15140)
      • Unicorn-35148.exe (PID: 15184)
      • Unicorn-30243.exe (PID: 15244)
      • Unicorn-65054.exe (PID: 15288)
      • Unicorn-15490.exe (PID: 15016)
      • Unicorn-65246.exe (PID: 15072)
      • Unicorn-41125.exe (PID: 15368)
      • Unicorn-42636.exe (PID: 15820)
      • Unicorn-36849.exe (PID: 15608)
      • Unicorn-23942.exe (PID: 15664)
      • Unicorn-36771.exe (PID: 15812)
      • Unicorn-24326.exe (PID: 15924)
      • Unicorn-63074.exe (PID: 10992)
      • Unicorn-9844.exe (PID: 15332)
      • Unicorn-32957.exe (PID: 4180)
      • Unicorn-51161.exe (PID: 15772)
      • Unicorn-51161.exe (PID: 15780)
      • Unicorn-25557.exe (PID: 16160)
      • Unicorn-57767.exe (PID: 16012)
      • Unicorn-44032.exe (PID: 16004)
      • Unicorn-56284.exe (PID: 16040)
      • Unicorn-36492.exe (PID: 16116)
      • Unicorn-10347.exe (PID: 16056)
      • Unicorn-32408.exe (PID: 16088)
      • Unicorn-11167.exe (PID: 16216)
      • Unicorn-32494.exe (PID: 15960)
      • Unicorn-30225.exe (PID: 15952)
      • Unicorn-4290.exe (PID: 16336)
      • Unicorn-49870.exe (PID: 16380)
      • Unicorn-39009.exe (PID: 1164)
      • Unicorn-6398.exe (PID: 16548)
      • Unicorn-39563.exe (PID: 16412)
      • Unicorn-26264.exe (PID: 16572)
      • Unicorn-7712.exe (PID: 16264)
      • Unicorn-5634.exe (PID: 16840)
      • Unicorn-40445.exe (PID: 16848)
      • Unicorn-30601.exe (PID: 16900)
      • Unicorn-64757.exe (PID: 16948)
      • Unicorn-53465.exe (PID: 17288)
      • Unicorn-28384.exe (PID: 17112)
      • Unicorn-57549.exe (PID: 17316)
      • Unicorn-25749.exe (PID: 16608)
      • Unicorn-3191.exe (PID: 16624)
      • Unicorn-36361.exe (PID: 16796)
      • Unicorn-14478.exe (PID: 17336)
      • Unicorn-31945.exe (PID: 17416)
      • Unicorn-55054.exe (PID: 17392)
      • Unicorn-40664.exe (PID: 9708)
      • Unicorn-46336.exe (PID: 7148)
      • Unicorn-37897.exe (PID: 17564)
      • Unicorn-49865.exe (PID: 17696)
      • Unicorn-56947.exe (PID: 18140)
      • Unicorn-38308.exe (PID: 18072)
      • Unicorn-50825.exe (PID: 18124)
      • Unicorn-32250.exe (PID: 18252)
      • Unicorn-54644.exe (PID: 18112)
      • Unicorn-58231.exe (PID: 18200)
      • Unicorn-36746.exe (PID: 18340)
      • Unicorn-19091.exe (PID: 17784)
      • Unicorn-47488.exe (PID: 17996)
      • Unicorn-1438.exe (PID: 18416)

    • Reads the computer name

      • Unicorn-62477.exe (PID: 4892)
      • 1 (252).exe (PID: 5324)
      • Unicorn-41071.exe (PID: 5720)
      • Unicorn-29373.exe (PID: 6192)
      • Unicorn-27797.exe (PID: 4464)
      • Unicorn-46826.exe (PID: 2040)
      • Unicorn-3192.exe (PID: 6248)
      • Unicorn-14558.exe (PID: 5756)
      • Unicorn-2861.exe (PID: 2960)
      • Unicorn-62607.exe (PID: 5228)
      • Unicorn-59218.exe (PID: 1512)
      • Unicorn-45185.exe (PID: 6560)
      • Unicorn-47231.exe (PID: 976)
      • Unicorn-47231.exe (PID: 4268)
      • Unicorn-39617.exe (PID: 5112)
      • Unicorn-39063.exe (PID: 3332)
      • Unicorn-44299.exe (PID: 3784)
      • Unicorn-55160.exe (PID: 6040)
      • Unicorn-21741.exe (PID: 4112)
      • Unicorn-41184.exe (PID: 1280)
      • Unicorn-32623.exe (PID: 7184)
      • Unicorn-7604.exe (PID: 7236)
      • Unicorn-43806.exe (PID: 7288)
      • Unicorn-53043.exe (PID: 7244)
      • Unicorn-57682.exe (PID: 7336)
      • Unicorn-17967.exe (PID: 7260)
      • Unicorn-18787.exe (PID: 7304)
      • Unicorn-3080.exe (PID: 7348)
      • Unicorn-38653.exe (PID: 7324)
      • Unicorn-5880.exe (PID: 7332)
      • Unicorn-38653.exe (PID: 7312)
      • Unicorn-43806.exe (PID: 7292)
      • Unicorn-17993.exe (PID: 7560)
      • Unicorn-64501.exe (PID: 7540)
      • Unicorn-43981.exe (PID: 7596)
      • Unicorn-50111.exe (PID: 7604)
      • Unicorn-27553.exe (PID: 7640)
      • Unicorn-15300.exe (PID: 7576)
      • Unicorn-15663.exe (PID: 7756)
      • Unicorn-17722.exe (PID: 7812)
      • Unicorn-3432.exe (PID: 7792)
      • Unicorn-40104.exe (PID: 8036)
      • Unicorn-59440.exe (PID: 8044)
      • Unicorn-45705.exe (PID: 8004)
      • Unicorn-6255.exe (PID: 7940)
      • Unicorn-23661.exe (PID: 7976)
      • Unicorn-45705.exe (PID: 8052)
      • Unicorn-42135.exe (PID: 7900)
      • Unicorn-51927.exe (PID: 7932)
      • Unicorn-6255.exe (PID: 7924)
      • Unicorn-55456.exe (PID: 7864)
      • Unicorn-6255.exe (PID: 7948)
      • Unicorn-53625.exe (PID: 7964)
      • Unicorn-65305.exe (PID: 8012)
      • Unicorn-6255.exe (PID: 7912)
      • Unicorn-6255.exe (PID: 7908)
      • Unicorn-32789.exe (PID: 8172)
      • Unicorn-17007.exe (PID: 8184)
      • Unicorn-38819.exe (PID: 6404)
      • Unicorn-36773.exe (PID: 7520)
      • Unicorn-16645.exe (PID: 8228)
      • Unicorn-45425.exe (PID: 6644)
      • Unicorn-49509.exe (PID: 1228)
      • Unicorn-19093.exe (PID: 8256)
      • Unicorn-50064.exe (PID: 8220)
      • Unicorn-19258.exe (PID: 8280)
      • Unicorn-43101.exe (PID: 8288)
      • Unicorn-58601.exe (PID: 8336)
      • Unicorn-9955.exe (PID: 8360)
      • Unicorn-15330.exe (PID: 8448)
      • Unicorn-54325.exe (PID: 8380)
      • Unicorn-40319.exe (PID: 8576)
      • Unicorn-22421.exe (PID: 8668)
      • Unicorn-23167.exe (PID: 8616)
      • Unicorn-26505.exe (PID: 8696)
      • Unicorn-61215.exe (PID: 8764)
      • Unicorn-24102.exe (PID: 8756)
      • Unicorn-57039.exe (PID: 8772)
      • Unicorn-9161.exe (PID: 8804)
      • Unicorn-22805.exe (PID: 8864)
      • Unicorn-22805.exe (PID: 8860)
      • Unicorn-35057.exe (PID: 8896)
      • Unicorn-63645.exe (PID: 8936)
      • Unicorn-39695.exe (PID: 8952)
      • Unicorn-21243.exe (PID: 9096)
      • Unicorn-21243.exe (PID: 9104)
      • Unicorn-22380.exe (PID: 9040)
      • Unicorn-51969.exe (PID: 9116)
      • Unicorn-21797.exe (PID: 9188)
      • Unicorn-39617.exe (PID: 9160)
      • Unicorn-60037.exe (PID: 8484)
      • Unicorn-2503.exe (PID: 9168)
      • Unicorn-35995.exe (PID: 896)
      • Unicorn-25135.exe (PID: 4016)
      • Unicorn-35995.exe (PID: 5200)
      • Unicorn-29773.exe (PID: 7708)
      • Unicorn-29773.exe (PID: 7720)
      • Unicorn-60037.exe (PID: 8376)
      • Unicorn-35441.exe (PID: 7084)
      • Unicorn-43509.exe (PID: 8856)
      • Unicorn-47507.exe (PID: 9264)
      • Unicorn-50307.exe (PID: 9272)
      • Unicorn-13867.exe (PID: 9236)
      • Unicorn-5482.exe (PID: 9500)
      • Unicorn-26095.exe (PID: 9416)
      • Unicorn-31802.exe (PID: 9432)
      • Unicorn-55238.exe (PID: 9524)
      • Unicorn-62337.exe (PID: 9552)
      • Unicorn-56629.exe (PID: 9544)
      • Unicorn-35039.exe (PID: 9592)
      • Unicorn-41170.exe (PID: 9600)
      • Unicorn-62659.exe (PID: 9624)
      • Unicorn-63982.exe (PID: 9652)
      • Unicorn-3920.exe (PID: 9684)
      • Unicorn-27033.exe (PID: 9692)
      • Unicorn-24341.exe (PID: 9720)
      • Unicorn-2089.exe (PID: 9732)
      • Unicorn-40677.exe (PID: 9752)
      • Unicorn-40677.exe (PID: 9760)
      • Unicorn-31440.exe (PID: 9768)
      • Unicorn-15981.exe (PID: 9836)
      • Unicorn-35009.exe (PID: 9848)
      • Unicorn-61652.exe (PID: 9828)
      • Unicorn-24816.exe (PID: 9920)
      • Unicorn-3043.exe (PID: 10060)
      • Unicorn-36785.exe (PID: 10128)
      • Unicorn-20063.exe (PID: 10192)
      • Unicorn-48243.exe (PID: 5308)
      • Unicorn-59125.exe (PID: 2332)
      • Unicorn-38321.exe (PID: 5328)
      • Unicorn-53671.exe (PID: 6876)
      • Unicorn-59701.exe (PID: 10304)
      • Unicorn-23307.exe (PID: 10336)
      • Unicorn-52664.exe (PID: 10372)
      • Unicorn-4662.exe (PID: 10404)

    • Create files in a temporary directory

      • 1 (252).exe (PID: 5324)
      • Unicorn-29373.exe (PID: 6192)
      • Unicorn-62477.exe (PID: 4892)
      • Unicorn-3192.exe (PID: 6248)
      • Unicorn-14558.exe (PID: 5756)
      • Unicorn-27797.exe (PID: 4464)
      • Unicorn-47231.exe (PID: 4268)
      • Unicorn-46826.exe (PID: 2040)
      • Unicorn-62607.exe (PID: 5228)
      • Unicorn-44299.exe (PID: 3784)
      • Unicorn-55160.exe (PID: 6040)
      • Unicorn-2861.exe (PID: 2960)
      • Unicorn-41071.exe (PID: 5720)
      • Unicorn-21741.exe (PID: 4112)
      • Unicorn-53043.exe (PID: 7244)
      • Unicorn-32623.exe (PID: 7184)
      • Unicorn-7604.exe (PID: 7236)
      • Unicorn-39617.exe (PID: 5112)
      • Unicorn-38653.exe (PID: 7324)
      • Unicorn-47231.exe (PID: 976)
      • Unicorn-45185.exe (PID: 6560)
      • Unicorn-64501.exe (PID: 7540)
      • Unicorn-17993.exe (PID: 7560)
      • Unicorn-43981.exe (PID: 7596)
      • Unicorn-15300.exe (PID: 7576)
      • Unicorn-16981.exe (PID: 7676)
      • Unicorn-41184.exe (PID: 1280)
      • Unicorn-31445.exe (PID: 7700)
      • Unicorn-58834.exe (PID: 7652)
      • Unicorn-15663.exe (PID: 7756)
      • Unicorn-39063.exe (PID: 3332)
      • Unicorn-3432.exe (PID: 7792)
      • Unicorn-17722.exe (PID: 7812)
      • Unicorn-32575.exe (PID: 7848)
      • Unicorn-17967.exe (PID: 7260)
      • Unicorn-40104.exe (PID: 8036)
      • Unicorn-45705.exe (PID: 8004)
      • Unicorn-51927.exe (PID: 7932)
      • Unicorn-6255.exe (PID: 7924)
      • Unicorn-45705.exe (PID: 8052)
      • Unicorn-6255.exe (PID: 7912)
      • Unicorn-18787.exe (PID: 7304)
      • Unicorn-53625.exe (PID: 7964)
      • Unicorn-43806.exe (PID: 7292)
      • Unicorn-32789.exe (PID: 8172)
      • Unicorn-17007.exe (PID: 8184)
      • Unicorn-36773.exe (PID: 7520)
      • Unicorn-51647.exe (PID: 7192)
      • Unicorn-38819.exe (PID: 6404)
      • Unicorn-59239.exe (PID: 5968)
      • Unicorn-50111.exe (PID: 7604)
      • Unicorn-45425.exe (PID: 6644)
      • Unicorn-49509.exe (PID: 1228)
      • Unicorn-45980.exe (PID: 8200)
      • Unicorn-5880.exe (PID: 7332)
      • Unicorn-27553.exe (PID: 7640)
      • Unicorn-19093.exe (PID: 8256)
      • Unicorn-43101.exe (PID: 8288)
      • Unicorn-19258.exe (PID: 8280)
      • Unicorn-58601.exe (PID: 8336)
      • Unicorn-54325.exe (PID: 8380)
      • Unicorn-15330.exe (PID: 8448)
      • Unicorn-18830.exe (PID: 8552)
      • Unicorn-13546.exe (PID: 7828)
      • Unicorn-23167.exe (PID: 8616)
      • Unicorn-9161.exe (PID: 8804)
      • Unicorn-24102.exe (PID: 8756)
      • Unicorn-7324.exe (PID: 7876)
      • Unicorn-59440.exe (PID: 8044)
      • Unicorn-35057.exe (PID: 8896)
      • Unicorn-63645.exe (PID: 8936)
      • Unicorn-43806.exe (PID: 7288)
      • Unicorn-23661.exe (PID: 7976)
      • Unicorn-63645.exe (PID: 8940)
      • Unicorn-39695.exe (PID: 8952)
      • Unicorn-6255.exe (PID: 7948)
      • Unicorn-38653.exe (PID: 7312)
      • Unicorn-65305.exe (PID: 8012)
      • Unicorn-3080.exe (PID: 7348)
      • Unicorn-33452.exe (PID: 8020)
      • Unicorn-54.exe (PID: 9060)
      • Unicorn-47885.exe (PID: 9072)
      • Unicorn-21243.exe (PID: 9104)
      • Unicorn-21243.exe (PID: 9096)
      • Unicorn-21243.exe (PID: 9088)
      • Unicorn-51969.exe (PID: 9116)
      • Unicorn-60037.exe (PID: 8484)
      • Unicorn-60037.exe (PID: 8376)
      • Unicorn-15020.exe (PID: 9204)
      • Unicorn-39617.exe (PID: 9160)
      • Unicorn-49831.exe (PID: 8216)
      • Unicorn-35441.exe (PID: 7084)
      • Unicorn-25135.exe (PID: 4016)
      • Unicorn-43509.exe (PID: 8856)
      • Unicorn-29773.exe (PID: 7720)
      • Unicorn-17521.exe (PID: 8852)
      • Unicorn-13867.exe (PID: 9236)
      • Unicorn-47507.exe (PID: 9264)
      • Unicorn-50307.exe (PID: 9272)
      • Unicorn-35311.exe (PID: 8152)
      • Unicorn-27164.exe (PID: 9388)
      • Unicorn-29067.exe (PID: 7784)
      • Unicorn-31802.exe (PID: 9432)
      • Unicorn-32125.exe (PID: 9492)
      • Unicorn-35039.exe (PID: 9592)
      • Unicorn-3920.exe (PID: 9684)
      • Unicorn-10142.exe (PID: 9644)
      • Unicorn-27033.exe (PID: 9692)
      • Unicorn-24240.exe (PID: 9804)
      • Unicorn-31440.exe (PID: 9768)
      • Unicorn-40677.exe (PID: 9752)
      • Unicorn-4396.exe (PID: 9892)
      • Unicorn-15981.exe (PID: 9836)
      • Unicorn-24816.exe (PID: 9920)
      • Unicorn-63982.exe (PID: 9652)
      • Unicorn-62337.exe (PID: 9552)
      • Unicorn-56198.exe (PID: 9884)
      • Unicorn-9955.exe (PID: 8360)
      • Unicorn-40319.exe (PID: 8576)
      • Unicorn-20063.exe (PID: 10192)
      • Unicorn-57039.exe (PID: 8772)
      • Unicorn-61215.exe (PID: 8764)
      • Unicorn-63738.exe (PID: 10168)
      • Unicorn-22421.exe (PID: 8668)
      • Unicorn-48243.exe (PID: 5308)
      • Unicorn-22805.exe (PID: 8864)
      • Unicorn-22380.exe (PID: 9040)
      • Unicorn-28399.exe (PID: 1128)
      • Unicorn-56629.exe (PID: 9544)
      • Unicorn-16645.exe (PID: 8228)
      • Unicorn-5482.exe (PID: 9500)
      • Unicorn-38897.exe (PID: 9308)
      • Unicorn-2503.exe (PID: 9168)
      • Unicorn-3043.exe (PID: 10060)
      • Unicorn-36785.exe (PID: 10128)
      • Unicorn-22805.exe (PID: 8860)
      • Unicorn-62659.exe (PID: 9624)

    • Reads security settings of Internet Explorer

      • BackgroundTransferHost.exe (PID: 7724)
      • BackgroundTransferHost.exe (PID: 9000)
      • BackgroundTransferHost.exe (PID: 10084)

    • Reads the software policy settings

      • BackgroundTransferHost.exe (PID: 9000)

    • Checks proxy server information

      • BackgroundTransferHost.exe (PID: 9000)

    • Creates files or folders in the user directory

      • BackgroundTransferHost.exe (PID: 9000)
      • WerFault.exe (PID: 11840)
      • WerFault.exe (PID: 11812)
      • WerFault.exe (PID: 13676)
Find more information about signature artifacts and mapping to MITRE ATT&CK™ MATRIX at the full report
No Malware configuration.

TRiD

.exe | Win32 Executable (generic) (52.9)
.exe | Generic Win/DOS Executable (23.5)
.exe | DOS Executable Generic (23.5)

EXIF

EXE

MachineType: Intel 386 or later, and compatibles
TimeStamp: 2019:01:20 00:32:00+00:00
ImageFileCharacteristics: No relocs, Executable, No line numbers, No symbols, 32-bit
PEType: PE32
LinkerVersion: 6
CodeSize: 176128
InitializedDataSize: 299008
UninitializedDataSize: -
EntryPoint: 0x13d4
OSVersion: 4
ImageVersion: 1
SubsystemVersion: 4
Subsystem: Windows GUI
FileVersionNumber: 1.0.0.0
ProductVersionNumber: 1.0.0.0
FileFlagsMask: 0x003f
FileFlags: (none)
FileOS: Win32
ObjectFileType: Executable application
FileSubtype: -
LanguageCode: Chinese (Simplified)
CharacterSet: Unicode
CompanyName: UEFI
ProductName: Kawaii-Unicorn
FileVersion: 1
ProductVersion: 1
InternalName: Kawaii-Unicorn
OriginalFileName: Kawaii-Unicorn.exe
No data.
screenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshot
All screenshots are available in the full report
All screenshots are available in the full report
Total processes
714
Monitored processes
576
Malicious processes
88
Suspicious processes
64

Behavior graph

Click at the process to see the details
start 1 (252).exe sppextcomobj.exe no specs slui.exe unicorn-62477.exe unicorn-41071.exe unicorn-29373.exe unicorn-27797.exe unicorn-46826.exe unicorn-62607.exe unicorn-3192.exe unicorn-14558.exe unicorn-2861.exe unicorn-39063.exe unicorn-45185.exe unicorn-47231.exe unicorn-47231.exe unicorn-59218.exe unicorn-39617.exe unicorn-44299.exe unicorn-55160.exe unicorn-21741.exe unicorn-41184.exe unicorn-32623.exe unicorn-7604.exe unicorn-53043.exe unicorn-17967.exe unicorn-43806.exe unicorn-43806.exe unicorn-18787.exe unicorn-38653.exe unicorn-38653.exe unicorn-5880.exe unicorn-57682.exe unicorn-3080.exe unicorn-64501.exe unicorn-17993.exe unicorn-15300.exe unicorn-43981.exe unicorn-50111.exe unicorn-27553.exe unicorn-58834.exe unicorn-16981.exe unicorn-31445.exe backgroundtransferhost.exe no specs unicorn-15663.exe unicorn-3432.exe unicorn-17722.exe unicorn-13546.exe unicorn-32575.exe unicorn-55456.exe unicorn-7324.exe unicorn-42135.exe unicorn-6255.exe unicorn-6255.exe unicorn-6255.exe unicorn-51927.exe unicorn-6255.exe unicorn-6255.exe unicorn-53625.exe unicorn-23661.exe unicorn-45705.exe unicorn-65305.exe unicorn-33452.exe unicorn-40104.exe unicorn-59440.exe unicorn-45705.exe unicorn-32789.exe unicorn-17007.exe unicorn-38819.exe unicorn-36773.exe unicorn-59239.exe unicorn-29067.exe unicorn-35311.exe unicorn-51647.exe unicorn-32908.exe unicorn-49509.exe unicorn-45425.exe unicorn-45980.exe unicorn-50064.exe unicorn-16645.exe unicorn-19093.exe unicorn-19258.exe unicorn-43101.exe unicorn-58601.exe unicorn-9955.exe unicorn-54325.exe unicorn-15330.exe unicorn-18830.exe unicorn-40319.exe unicorn-23167.exe unicorn-22421.exe unicorn-26505.exe unicorn-24102.exe unicorn-61215.exe unicorn-57039.exe unicorn-9161.exe unicorn-22805.exe unicorn-22805.exe unicorn-35057.exe unicorn-63645.exe unicorn-63645.exe unicorn-39695.exe backgroundtransferhost.exe unicorn-22380.exe unicorn-54.exe unicorn-47885.exe unicorn-21243.exe unicorn-21243.exe unicorn-21243.exe unicorn-51969.exe unicorn-39617.exe unicorn-2503.exe unicorn-15020.exe unicorn-21797.exe unicorn-15020.exe unicorn-49831.exe unicorn-60037.exe unicorn-60037.exe unicorn-35441.exe unicorn-35995.exe unicorn-35995.exe unicorn-25135.exe unicorn-17521.exe unicorn-43509.exe unicorn-29773.exe unicorn-29773.exe unicorn-13867.exe unicorn-47507.exe unicorn-50307.exe unicorn-27164.exe unicorn-26095.exe unicorn-31802.exe unicorn-42431.exe unicorn-13742.exe unicorn-32125.exe unicorn-5482.exe unicorn-55238.exe unicorn-56629.exe unicorn-62337.exe unicorn-25638.exe unicorn-35039.exe unicorn-41170.exe unicorn-62659.exe unicorn-10142.exe unicorn-63982.exe unicorn-3920.exe no specs unicorn-27033.exe unicorn-24341.exe unicorn-2089.exe unicorn-40677.exe unicorn-40677.exe unicorn-31440.exe unicorn-24240.exe unicorn-61652.exe unicorn-15981.exe unicorn-35009.exe unicorn-56198.exe unicorn-4396.exe unicorn-24816.exe unicorn-5488.exe unicorn-3043.exe backgroundtransferhost.exe no specs unicorn-36785.exe unicorn-63738.exe unicorn-20063.exe unicorn-62825.exe unicorn-12041.exe unicorn-48243.exe unicorn-59125.exe unicorn-28399.exe unicorn-42689.exe unicorn-32026.exe unicorn-55404.exe unicorn-7594.exe unicorn-38321.exe unicorn-23115.exe unicorn-38897.exe unicorn-39451.exe unicorn-23036.exe unicorn-53671.exe unicorn-59701.exe unicorn-23307.exe unicorn-52664.exe unicorn-4662.exe unicorn-1310.exe unicorn-44289.exe unicorn-17647.exe unicorn-47419.exe unicorn-56084.exe unicorn-63126.exe unicorn-46135.exe unicorn-46043.exe unicorn-11232.exe unicorn-30261.exe unicorn-30261.exe unicorn-20723.exe unicorn-30283.exe unicorn-10417.exe unicorn-10417.exe unicorn-54879.exe unicorn-55582.exe unicorn-58871.exe unicorn-16447.exe unicorn-16447.exe unicorn-36313.exe unicorn-24615.exe unicorn-21923.exe unicorn-63510.exe no specs unicorn-63510.exe no specs unicorn-45036.exe unicorn-33910.exe unicorn-5486.exe no specs unicorn-14938.exe no specs unicorn-4003.exe unicorn-65456.exe unicorn-12171.exe no specs unicorn-40708.exe no specs unicorn-40708.exe no specs unicorn-47750.exe no specs unicorn-12284.exe no specs unicorn-32704.exe no specs unicorn-18969.exe no specs unicorn-51087.exe no specs unicorn-63074.exe no specs unicorn-63339.exe no specs unicorn-53125.exe no specs unicorn-53125.exe no specs unicorn-5970.exe no specs unicorn-28297.exe no specs unicorn-38378.exe no specs unicorn-38643.exe no specs unicorn-13177.exe no specs unicorn-34559.exe no specs unicorn-42727.exe no specs unicorn-12000.exe no specs unicorn-12000.exe no specs unicorn-54979.exe no specs unicorn-63147.exe no specs unicorn-63147.exe no specs unicorn-32421.exe no specs unicorn-57693.exe no specs unicorn-61777.exe no specs unicorn-39219.exe no specs unicorn-16661.exe no specs unicorn-32997.exe no specs unicorn-10438.exe no specs unicorn-56110.exe no specs werfault.exe no specs unicorn-57501.exe no specs werfault.exe no specs unicorn-30859.exe no specs unicorn-30859.exe no specs unicorn-41719.exe no specs unicorn-61585.exe no specs unicorn-28812.exe no specs unicorn-4771.exe no specs unicorn-20553.exe no specs unicorn-59182.exe no specs unicorn-52602.exe no specs unicorn-52602.exe no specs unicorn-41741.exe no specs unicorn-4884.exe no specs unicorn-47863.exe no specs unicorn-34127.exe no specs unicorn-18420.exe no specs unicorn-63842.exe no specs unicorn-44242.exe no specs unicorn-9431.exe no specs unicorn-12860.exe no specs unicorn-64662.exe no specs unicorn-49617.exe no specs unicorn-35881.exe no specs unicorn-25021.exe no specs unicorn-61455.exe no specs unicorn-3639.exe no specs unicorn-50293.exe no specs unicorn-30427.exe no specs unicorn-30427.exe no specs unicorn-30427.exe no specs unicorn-44875.exe no specs unicorn-45140.exe no specs unicorn-44875.exe no specs unicorn-27735.exe no specs unicorn-35903.exe no specs unicorn-7214.exe no specs unicorn-13344.exe no specs unicorn-59016.exe no specs unicorn-50193.exe no specs unicorn-56323.exe no specs unicorn-21513.exe no specs unicorn-21513.exe no specs unicorn-43971.exe no specs unicorn-49836.exe no specs unicorn-58269.exe no specs unicorn-62088.exe no specs unicorn-61284.exe no specs unicorn-3614.exe no specs unicorn-38425.exe no specs unicorn-25211.exe no specs unicorn-54761.exe no specs unicorn-2031.exe no specs unicorn-64875.exe no specs unicorn-60791.exe no specs unicorn-60791.exe no specs unicorn-49094.exe no specs unicorn-3422.exe no specs unicorn-3422.exe no specs unicorn-23843.exe no specs backgroundtransferhost.exe no specs unicorn-55753.exe no specs unicorn-64683.exe no specs unicorn-64683.exe no specs unicorn-64683.exe no specs unicorn-50829.exe no specs unicorn-14112.exe no specs unicorn-50869.exe no specs unicorn-54953.exe no specs unicorn-45778.exe no specs unicorn-15051.exe no specs unicorn-59976.exe no specs unicorn-65451.exe no specs unicorn-1237.exe no specs unicorn-1237.exe no specs unicorn-4666.exe no specs unicorn-37993.exe no specs unicorn-12742.exe no specs unicorn-13297.exe no specs unicorn-56276.exe no specs unicorn-33.exe no specs unicorn-44045.exe no specs unicorn-2250.exe no specs unicorn-39861.exe no specs unicorn-50630.exe no specs unicorn-5513.exe no specs unicorn-34214.exe no specs unicorn-63458.exe no specs unicorn-62803.exe no specs unicorn-15649.exe no specs unicorn-58627.exe no specs unicorn-41834.exe werfault.exe no specs unicorn-46738.exe no specs unicorn-64719.exe no specs unicorn-65133.exe no specs unicorn-13794.exe no specs unicorn-33307.exe no specs unicorn-59950.exe no specs unicorn-49644.exe no specs unicorn-23001.exe no specs unicorn-26344.exe no specs unicorn-9809.exe no specs unicorn-59871.exe no specs unicorn-199.exe no specs unicorn-29053.exe no specs unicorn-35829.exe no specs unicorn-17355.exe no specs unicorn-39259.exe no specs unicorn-39259.exe no specs unicorn-16700.exe no specs unicorn-58196.exe no specs unicorn-33036.exe no specs unicorn-33036.exe no specs unicorn-47070.exe no specs unicorn-49593.exe no specs unicorn-64994.exe no specs unicorn-17276.exe no specs unicorn-17276.exe no specs unicorn-3541.exe no specs unicorn-37697.exe no specs unicorn-37697.exe no specs unicorn-37697.exe no specs unicorn-1403.exe no specs unicorn-15138.exe no specs unicorn-37340.exe no specs unicorn-58117.exe no specs unicorn-58117.exe no specs unicorn-64247.exe no specs unicorn-748.exe no specs unicorn-10200.exe no specs unicorn-10200.exe no specs unicorn-20506.exe no specs unicorn-55979.exe no specs unicorn-391.exe no specs unicorn-6878.exe no specs unicorn-38781.exe no specs unicorn-23114.exe no specs unicorn-28980.exe no specs unicorn-42879.exe no specs unicorn-39425.exe no specs unicorn-28489.exe no specs unicorn-48090.exe no specs unicorn-48090.exe no specs unicorn-14340.exe no specs unicorn-36657.exe no specs unicorn-21713.exe no specs unicorn-61162.exe no specs unicorn-15490.exe no specs unicorn-15258.exe no specs unicorn-14728.exe no specs unicorn-65246.exe no specs unicorn-65246.exe no specs unicorn-42687.exe no specs unicorn-42687.exe no specs unicorn-42687.exe no specs unicorn-35148.exe no specs unicorn-44079.exe no specs unicorn-44634.exe no specs unicorn-30243.exe no specs unicorn-30243.exe no specs unicorn-65054.exe no specs unicorn-20705.exe no specs unicorn-9844.exe no specs unicorn-46693.exe no specs unicorn-32957.exe no specs unicorn-41125.exe no specs unicorn-18567.exe no specs unicorn-18567.exe no specs unicorn-32302.exe no specs unicorn-11525.exe no specs unicorn-18567.exe no specs unicorn-58853.exe no specs unicorn-21996.exe no specs unicorn-32211.exe no specs unicorn-43071.exe no specs unicorn-47785.exe no specs unicorn-36849.exe no specs unicorn-50585.exe no specs unicorn-25724.exe no specs unicorn-23942.exe no specs unicorn-16859.exe no specs unicorn-37976.exe no specs unicorn-48361.exe no specs unicorn-51161.exe no specs unicorn-51161.exe no specs unicorn-36771.exe no specs unicorn-42636.exe no specs unicorn-59237.exe no specs unicorn-13855.exe no specs unicorn-24326.exe no specs unicorn-18759.exe no specs unicorn-30225.exe no specs unicorn-32494.exe no specs unicorn-44032.exe no specs unicorn-57767.exe no specs unicorn-21473.exe no specs unicorn-4482.exe no specs unicorn-56284.exe no specs unicorn-56284.exe no specs unicorn-10347.exe no specs unicorn-49242.exe no specs unicorn-32408.exe no specs unicorn-36492.exe no specs unicorn-57675.exe no specs unicorn-25557.exe no specs unicorn-11167.exe no specs unicorn-11167.exe no specs unicorn-62314.exe no specs unicorn-7712.exe no specs unicorn-7712.exe no specs unicorn-16377.exe no specs unicorn-35671.exe no specs unicorn-4290.exe no specs unicorn-49870.exe no specs unicorn-49870.exe no specs unicorn-61335.exe no specs unicorn-39009.exe no specs unicorn-39563.exe no specs unicorn-64836.exe no specs unicorn-13034.exe no specs unicorn-8950.exe no specs unicorn-60752.exe no specs unicorn-60752.exe no specs unicorn-46362.exe no specs unicorn-46362.exe no specs unicorn-6398.exe no specs unicorn-26264.exe no specs unicorn-25749.exe no specs unicorn-3191.exe no specs unicorn-63128.exe no specs unicorn-43212.exe no specs unicorn-40188.exe no specs unicorn-22241.exe no specs unicorn-46746.exe no specs unicorn-20103.exe no specs unicorn-64784.exe no specs unicorn-64784.exe no specs unicorn-36361.exe no specs unicorn-5634.exe no specs unicorn-40445.exe no specs unicorn-41322.exe no specs unicorn-30601.exe no specs unicorn-58370.exe no specs unicorn-58370.exe no specs unicorn-64757.exe no specs unicorn-64757.exe no specs unicorn-3715.exe no specs unicorn-32660.exe no specs unicorn-38791.exe no specs unicorn-24955.exe no specs slui.exe no specs unicorn-46859.exe no specs unicorn-28384.exe no specs unicorn-41921.exe no specs unicorn-21748.exe no specs unicorn-38499.exe no specs unicorn-689.exe no specs unicorn-56616.exe no specs unicorn-53465.exe no specs unicorn-57549.exe no specs unicorn-14478.exe no specs unicorn-49189.exe no specs unicorn-55054.exe no specs unicorn-40664.exe no specs unicorn-46336.exe no specs unicorn-31945.exe no specs unicorn-37321.exe no specs unicorn-37897.exe no specs unicorn-56014.exe no specs unicorn-57960.exe no specs unicorn-49865.exe no specs unicorn-22922.exe no specs unicorn-37212.exe no specs unicorn-32058.exe no specs unicorn-40227.exe no specs unicorn-36143.exe no specs unicorn-33150.exe no specs unicorn-33681.exe no specs unicorn-16615.exe no specs unicorn-41816.exe no specs unicorn-47488.exe no specs unicorn-61223.exe no specs unicorn-34580.exe no specs unicorn-3497.exe no specs unicorn-38308.exe no specs unicorn-54644.exe no specs unicorn-50825.exe no specs unicorn-56947.exe no specs unicorn-58728.exe no specs unicorn-58728.exe no specs unicorn-58231.exe no specs unicorn-60600.exe no specs unicorn-32250.exe no specs unicorn-5608.exe no specs unicorn-11473.exe no specs unicorn-11473.exe no specs unicorn-36746.exe no specs unicorn-36746.exe no specs unicorn-32662.exe no specs unicorn-1438.exe no specs unicorn-30524.exe no specs unicorn-19091.exe no specs unicorn-55028.exe no specs unicorn-55028.exe no specs unicorn-55028.exe no specs unicorn-49163.exe no specs unicorn-7468.exe no specs unicorn-25743.exe no specs unicorn-31343.exe no specs unicorn-25743.exe no specs unicorn-25743.exe no specs unicorn-50944.exe no specs unicorn-50977.exe no specs unicorn-1743.exe no specs unicorn-58615.exe no specs unicorn-20382.exe no specs unicorn-59277.exe no specs unicorn-39941.exe no specs unicorn-64645.exe no specs unicorn-38002.exe no specs unicorn-38309.exe no specs unicorn-4509.exe no specs unicorn-18244.exe no specs unicorn-21613.exe no specs unicorn-43517.exe no specs unicorn-19716.exe no specs unicorn-58992.exe no specs

Process information

PID
CMD
Path
Indicators
Parent process
300C:\Users\admin\AppData\Local\Temp\Unicorn-12284.exeC:\Users\admin\AppData\Local\Temp\Unicorn-12284.exeUnicorn-38653.exe
User:
admin
Company:
UEFI
Integrity Level:
MEDIUM
Version:
1.00
Modules
Images
c:\users\admin\appdata\local\temp\unicorn-12284.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\apphelp.dll
c:\windows\syswow64\msvbvm60.dll
664C:\Users\admin\AppData\Local\Temp\Unicorn-25743.exeC:\Users\admin\AppData\Local\Temp\Unicorn-25743.exeUnicorn-47231.exe
User:
admin
Company:
UEFI
Integrity Level:
MEDIUM
Version:
1.00
684C:\Users\admin\AppData\Local\Temp\Unicorn-17276.exeC:\Users\admin\AppData\Local\Temp\Unicorn-17276.exeUnicorn-51927.exe
User:
admin
Company:
UEFI
Integrity Level:
MEDIUM
Version:
1.00
Modules
Images
c:\users\admin\appdata\local\temp\unicorn-17276.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\apphelp.dll
c:\windows\syswow64\msvbvm60.dll
776C:\Users\admin\AppData\Local\Temp\Unicorn-31343.exeC:\Users\admin\AppData\Local\Temp\Unicorn-31343.exeUnicorn-12041.exe
User:
admin
Company:
UEFI
Integrity Level:
MEDIUM
Version:
1.00
Modules
Images
c:\users\admin\appdata\local\temp\unicorn-31343.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
856C:\Users\admin\AppData\Local\Temp\Unicorn-25743.exeC:\Users\admin\AppData\Local\Temp\Unicorn-25743.exeUnicorn-47231.exe
User:
admin
Company:
UEFI
Integrity Level:
MEDIUM
Version:
1.00
Modules
Images
c:\users\admin\appdata\local\temp\unicorn-25743.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
896C:\Users\admin\AppData\Local\Temp\Unicorn-35995.exeC:\Users\admin\AppData\Local\Temp\Unicorn-35995.exe
Unicorn-38653.exe
User:
admin
Company:
UEFI
Integrity Level:
MEDIUM
Exit code:
0
Version:
1.00
Modules
Images
c:\users\admin\appdata\local\temp\unicorn-35995.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\apphelp.dll
c:\windows\syswow64\msvbvm60.dll
904C:\Users\admin\AppData\Local\Temp\Unicorn-27735.exeC:\Users\admin\AppData\Local\Temp\Unicorn-27735.exeUnicorn-42431.exe
User:
admin
Company:
UEFI
Integrity Level:
MEDIUM
Version:
1.00
Modules
Images
c:\users\admin\appdata\local\temp\unicorn-27735.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\apphelp.dll
c:\windows\syswow64\msvbvm60.dll
960C:\Users\admin\AppData\Local\Temp\Unicorn-55404.exeC:\Users\admin\AppData\Local\Temp\Unicorn-55404.exe
Unicorn-15663.exe
User:
admin
Company:
UEFI
Integrity Level:
MEDIUM
Version:
1.00
Modules
Images
c:\users\admin\appdata\local\temp\unicorn-55404.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\apphelp.dll
c:\windows\syswow64\msvbvm60.dll
976C:\Users\admin\AppData\Local\Temp\Unicorn-47231.exeC:\Users\admin\AppData\Local\Temp\Unicorn-47231.exe
Unicorn-62607.exe
User:
admin
Company:
UEFI
Integrity Level:
MEDIUM
Version:
1.00
Modules
Images
c:\users\admin\appdata\local\temp\unicorn-47231.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\apphelp.dll
c:\windows\syswow64\msvbvm60.dll
1096C:\Users\admin\AppData\Local\Temp\Unicorn-7468.exeC:\Users\admin\AppData\Local\Temp\Unicorn-7468.exeUnicorn-38653.exe
User:
admin
Company:
UEFI
Integrity Level:
MEDIUM
Version:
1.00
Total events
18 008
Read events
17 996
Write events
12
Delete events
0

Modification events

(PID) Process:(7724) BackgroundTransferHost.exeKey:HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.contentdeliverymanager_cw5n1h2txyewy\Internet Settings\Cache\Content
Operation:writeName:CachePrefix
Value:
(PID) Process:(7724) BackgroundTransferHost.exeKey:HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.contentdeliverymanager_cw5n1h2txyewy\Internet Settings\Cache\Cookies
Operation:writeName:CachePrefix
Value:
Cookie:
(PID) Process:(7724) BackgroundTransferHost.exeKey:HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.contentdeliverymanager_cw5n1h2txyewy\Internet Settings\Cache\History
Operation:writeName:CachePrefix
Value:
Visited:
(PID) Process:(9000) BackgroundTransferHost.exeKey:HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.contentdeliverymanager_cw5n1h2txyewy\Internet Settings\Cache\Content
Operation:writeName:CachePrefix
Value:
(PID) Process:(9000) BackgroundTransferHost.exeKey:HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.contentdeliverymanager_cw5n1h2txyewy\Internet Settings\Cache\Cookies
Operation:writeName:CachePrefix
Value:
Cookie:
(PID) Process:(9000) BackgroundTransferHost.exeKey:HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.contentdeliverymanager_cw5n1h2txyewy\Internet Settings\Cache\History
Operation:writeName:CachePrefix
Value:
Visited:
(PID) Process:(10084) BackgroundTransferHost.exeKey:HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.contentdeliverymanager_cw5n1h2txyewy\Internet Settings\Cache\Content
Operation:writeName:CachePrefix
Value:
(PID) Process:(10084) BackgroundTransferHost.exeKey:HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.contentdeliverymanager_cw5n1h2txyewy\Internet Settings\Cache\Cookies
Operation:writeName:CachePrefix
Value:
Cookie:
(PID) Process:(10084) BackgroundTransferHost.exeKey:HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.contentdeliverymanager_cw5n1h2txyewy\Internet Settings\Cache\History
Operation:writeName:CachePrefix
Value:
Visited:
(PID) Process:(12956) BackgroundTransferHost.exeKey:HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.contentdeliverymanager_cw5n1h2txyewy\Internet Settings\Cache\Content
Operation:writeName:CachePrefix
Value:
Executable files
749
Suspicious files
11
Text files
2
Unknown types
0

Dropped files

PID
Process
Filename
Type
53241 (252).exeC:\Users\admin\AppData\Local\Temp\Unicorn-62477.exeexecutable
MD5:D65955889F039A5B757BEEEB1655F23D
SHA256:C26103F79D6A3267F96226DA35E803C409B0F58DF8062C7626569EDE2265D4C5
6248Unicorn-3192.exeC:\Users\admin\AppData\Local\Temp\Unicorn-47231.exeexecutable
MD5:99B3322B7EA7E651C0917E52CCFA3B90
SHA256:1DC050A24146544F5D843C74A0F8B932320B2BE00C5EFDB6CFA3B0F98D6DF99C
4464Unicorn-27797.exeC:\Users\admin\AppData\Local\Temp\Unicorn-14558.exeexecutable
MD5:230A16847EE513455C481425DA0918E9
SHA256:0F71638F6DF816B0E8F4618322291F93BFF56D4D0568B0FFCC1DA46E750C7C83
4892Unicorn-62477.exeC:\Users\admin\AppData\Local\Temp\Unicorn-45185.exeexecutable
MD5:8BBB96690D6CFFB252F4C6F455A72573
SHA256:E59085BF70C6C96886502C26B5FD8638A08CDD78540CA21A02D9176819A04220
53241 (252).exeC:\Users\admin\AppData\Local\Temp\Unicorn-59218.exeexecutable
MD5:E22BE97BE6AE128709FAC4C60F1AD1A0
SHA256:FC0FF6DE8A4CB2BA551D16AA8E3EB2C1DF3E01601F95C81DC7CF616765530C5A
2040Unicorn-46826.exeC:\Users\admin\AppData\Local\Temp\Unicorn-39063.exeexecutable
MD5:3E458A893C6F9A04EF5BC8404B16B6A5
SHA256:332E41DC6FB111EAE90D463373781EE3C988C702B61C10010029C8B578E49CDC
6192Unicorn-29373.exeC:\Users\admin\AppData\Local\Temp\Unicorn-39617.exeexecutable
MD5:C5657767EFB55ABB477000B47D1503E7
SHA256:B25408ACAF2C00024B4EC62DF6ADA6A18A3091608338ECEB9BCAB921987554B2
5720Unicorn-41071.exeC:\Users\admin\AppData\Local\Temp\Unicorn-2861.exeexecutable
MD5:1EC14F5994DF5C94D511E1A5CA299F70
SHA256:98E36165DAC1F0E22060940B2CDD79FCA2045B7FCF8CDBDE2F16210DFD3E0ECC
5756Unicorn-14558.exeC:\Users\admin\AppData\Local\Temp\Unicorn-44299.exeexecutable
MD5:B8B58FC8CAAE1F00DB1B7C9662441C61
SHA256:0F798E741E1BC4AE63A06160766FE84F751C7E2602E1BFD441135BD34C2B8AE4
2960Unicorn-2861.exeC:\Users\admin\AppData\Local\Temp\Unicorn-21741.exeexecutable
MD5:5BBA116DBF304E5D41B79760144D1FF1
SHA256:59B8800081A0452E927FC33ED08C9B9B57AF93EF00FD3DCB7F9B94507308DAED
Download PCAP, analyze network streams, HTTP content and a lot more at the full report
HTTP(S) requests
8
TCP/UDP connections
31
DNS requests
20
Threats
0

HTTP requests

PID
Process
Method
HTTP Code
IP
URL
CN
Type
Size
Reputation
8592
SIHClient.exe
GET
200
92.123.22.101:80
http://www.microsoft.com/pkiops/crl/Microsoft%20ECC%20Product%20Root%20Certificate%20Authority%202018.crl
unknown
whitelisted
6544
svchost.exe
GET
200
2.23.77.188:80
http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBSAUQYBMq2awn1Rh6Doh%2FsBYgFV7gQUA95QNVbRTLtm8KPiGxvDl7I90VUCEAJ0LqoXyo4hxxe7H%2Fz9DKA%3D
unknown
whitelisted
GET
200
2.16.164.72:80
http://crl.microsoft.com/pki/crl/products/MicRooCerAut2011_2011_03_22.crl
unknown
whitelisted
8592
SIHClient.exe
GET
200
92.123.22.101:80
http://www.microsoft.com/pkiops/crl/Microsoft%20ECC%20Update%20Secure%20Server%20CA%202.1.crl
unknown
whitelisted
9000
BackgroundTransferHost.exe
GET
200
184.30.131.245:80
http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBTrjrydRyt%2BApF3GSPypfHBxR5XtQQUs9tIpPmhxdiuNkHMEWNpYim8S8YCEAI5PUjXAkJafLQcAAsO18o%3D
unknown
whitelisted
3284
svchost.exe
GET
200
23.53.40.192:80
http://crl.microsoft.com/pki/crl/products/MicRooCerAut2011_2011_03_22.crl
unknown
whitelisted
4776
backgroundTaskHost.exe
GET
200
2.23.77.188:80
http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBQ50otx%2Fh0Ztl%2Bz8SiPI7wEWVxDlQQUTiJUIBiV5uNu5g%2F6%2BrkS7QYXjzkCEAUZZSZEml49Gjh0j13P68w%3D
unknown
whitelisted
3284
svchost.exe
GET
200
184.30.21.171:80
http://www.microsoft.com/pkiops/crl/MicSecSerCA2011_2011-10-18.crl
unknown
whitelisted
Download PCAP, analyze network streams, HTTP content and a lot more at the full report

Connections

PID
Process
IP
Domain
ASN
CN
Reputation
4
System
192.168.100.255:138
whitelisted
20.73.194.208:443
settings-win.data.microsoft.com
MICROSOFT-CORP-MSN-AS-BLOCK
NL
whitelisted
2.16.164.72:80
crl.microsoft.com
Akamai International B.V.
NL
whitelisted
5164
svchost.exe
20.73.194.208:443
settings-win.data.microsoft.com
MICROSOFT-CORP-MSN-AS-BLOCK
NL
whitelisted
4784
RUXIMICS.exe
20.73.194.208:443
settings-win.data.microsoft.com
MICROSOFT-CORP-MSN-AS-BLOCK
NL
whitelisted
2112
svchost.exe
20.73.194.208:443
settings-win.data.microsoft.com
MICROSOFT-CORP-MSN-AS-BLOCK
NL
whitelisted
3216
svchost.exe
40.113.103.199:443
client.wns.windows.com
MICROSOFT-CORP-MSN-AS-BLOCK
NL
whitelisted
6544
svchost.exe
20.190.160.20:443
login.live.com
MICROSOFT-CORP-MSN-AS-BLOCK
NL
whitelisted
6544
svchost.exe
2.23.77.188:80
ocsp.digicert.com
AKAMAI-AS
DE
whitelisted
4776
backgroundTaskHost.exe
20.223.35.26:443
arc.msn.com
MICROSOFT-CORP-MSN-AS-BLOCK
IE
whitelisted

DNS requests

Domain
IP
Reputation
google.com
  • 172.217.16.142
whitelisted
crl.microsoft.com
  • 2.16.164.72
  • 2.16.164.120
  • 23.53.40.192
  • 23.53.40.200
  • 23.53.40.201
  • 23.53.40.202
  • 23.53.40.169
  • 23.53.41.96
  • 23.53.41.90
  • 23.53.40.203
  • 23.53.40.176
whitelisted
settings-win.data.microsoft.com
  • 20.73.194.208
whitelisted
client.wns.windows.com
  • 40.113.103.199
whitelisted
login.live.com
  • 20.190.160.20
  • 20.190.160.130
  • 40.126.32.74
  • 40.126.32.133
  • 20.190.160.131
  • 20.190.160.65
  • 20.190.160.132
  • 20.190.160.4
whitelisted
ocsp.digicert.com
  • 2.23.77.188
  • 184.30.131.245
whitelisted
arc.msn.com
  • 20.223.35.26
whitelisted
slscr.update.microsoft.com
  • 20.12.23.50
whitelisted
www.microsoft.com
  • 92.123.22.101
  • 184.30.21.171
whitelisted
fe3cr.delivery.mp.microsoft.com
  • 20.242.39.171
whitelisted

Threats

No threats detected
No debug info
Interactive malware hunting service ANY.RUN
© 2017-2026 ANY.RUN ALL RIGHTS RESERVED
ANY.RUN
Reports
1 (252)