File name:

1 (1342)

Full analysis: https://app.any.run/tasks/6e6816f3-6892-4065-9487-da9533f5834f
Verdict: Malicious activity
Analysis date: March 24, 2025, 12:07:29
OS: Windows 10 Professional (build: 19044, 64 bit)
Indicators:
MIME: application/vnd.microsoft.portable-executable
File info: PE32 executable (GUI) Intel 80386, for MS Windows, 3 sections
MD5:

C7E0F85448AE6374441637B48C22C390

SHA1:

1917BCCAD44A911949E23BE852340049113D073A

SHA256:

E1F0C5B0A3E1CA62629177B590E86B5C6E04CA91424A2A54DC81AED665C8CFF1

SSDEEP:

6144:9778Rg9PQDceA5LjAGeEzTjx5wPe5p8GBf/4F1OdTk/8SwjwpyAvEhAzLG96sm7a:9P4mFeA5vAZzPQ+afgF1Odex4DxmDsR

ANY.RUN is an interactive service which provides full access to the guest system. Information in this report could be distorted by user actions and is provided for user acknowledgement as it is. ANY.RUN does not guarantee maliciousness or safety of the content.

  • MALICIOUS

    No malicious indicators.

  • SUSPICIOUS

    • Starts itself from another location

      • Unicorn-18942.exe (PID: 7248)
      • 1 (1342).exe (PID: 5200)
      • Unicorn-30051.exe (PID: 7392)
      • Unicorn-33196.exe (PID: 7828)
      • Unicorn-54131.exe (PID: 7820)
      • Unicorn-2007.exe (PID: 7864)
      • Unicorn-34645.exe (PID: 8140)
      • Unicorn-22393.exe (PID: 8148)
      • Unicorn-57146.exe (PID: 7856)
      • Unicorn-27031.exe (PID: 8180)
      • Unicorn-31630.exe (PID: 4000)
      • Unicorn-35449.exe (PID: 5552)
      • Unicorn-15848.exe (PID: 4652)
      • Unicorn-40767.exe (PID: 8172)
      • Unicorn-59149.exe (PID: 1188)
      • Unicorn-61417.exe (PID: 3676)
      • Unicorn-33514.exe (PID: 7452)
      • Unicorn-37275.exe (PID: 7520)
      • Unicorn-29984.exe (PID: 7560)
      • Unicorn-38942.exe (PID: 7524)
      • Unicorn-38942.exe (PID: 5384)
      • Unicorn-65319.exe (PID: 5756)
      • Unicorn-58485.exe (PID: 7536)
      • Unicorn-59454.exe (PID: 4188)
      • Unicorn-2185.exe (PID: 2552)
      • Unicorn-54956.exe (PID: 2268)
      • Unicorn-3154.exe (PID: 7616)
      • Unicorn-58485.exe (PID: 6752)
      • Unicorn-42132.exe (PID: 6004)
      • Unicorn-60514.exe (PID: 7604)
      • Unicorn-33078.exe (PID: 8044)
      • Unicorn-13425.exe (PID: 1452)
      • Unicorn-354.exe (PID: 6576)
      • Unicorn-12143.exe (PID: 8016)
      • Unicorn-24225.exe (PID: 5332)
      • Unicorn-42699.exe (PID: 5892)
      • Unicorn-42699.exe (PID: 6184)
      • Unicorn-2827.exe (PID: 5640)
      • Unicorn-22393.exe (PID: 7640)
      • Unicorn-30809.exe (PID: 7912)
      • Unicorn-21109.exe (PID: 672)
      • Unicorn-13404.exe (PID: 2600)
      • Unicorn-33270.exe (PID: 7916)
      • Unicorn-64442.exe (PID: 8032)
      • Unicorn-31084.exe (PID: 7892)
      • Unicorn-14473.exe (PID: 7792)
      • Unicorn-44820.exe (PID: 7908)
      • Unicorn-42782.exe (PID: 208)
      • Unicorn-48402.exe (PID: 6700)
      • Unicorn-42782.exe (PID: 1852)
      • Unicorn-64489.exe (PID: 5008)
      • Unicorn-18771.exe (PID: 1196)
      • Unicorn-13617.exe (PID: 5280)
      • Unicorn-42782.exe (PID: 7752)
      • Unicorn-33270.exe (PID: 7692)
      • Unicorn-42517.exe (PID: 7696)
      • Unicorn-31324.exe (PID: 7716)
      • Unicorn-30878.exe (PID: 4980)
      • Unicorn-56643.exe (PID: 1052)
      • Unicorn-25484.exe (PID: 7688)
      • Unicorn-50685.exe (PID: 7736)
      • Unicorn-45168.exe (PID: 4724)
      • Unicorn-3612.exe (PID: 4976)
      • Unicorn-20655.exe (PID: 8136)
      • Unicorn-50950.exe (PID: 5056)
      • Unicorn-31628.exe (PID: 6476)
      • Unicorn-6513.exe (PID: 8448)
      • Unicorn-50924.exe (PID: 8492)
      • Unicorn-31511.exe (PID: 8536)
      • Unicorn-51884.exe (PID: 8564)
      • Unicorn-64458.exe (PID: 8636)
      • Unicorn-24695.exe (PID: 8476)
      • Unicorn-11173.exe (PID: 8644)
      • Unicorn-42969.exe (PID: 8604)
      • Unicorn-2356.exe (PID: 8724)
      • Unicorn-42969.exe (PID: 8600)
      • Unicorn-40722.exe (PID: 8784)
      • Unicorn-25263.exe (PID: 8896)
      • Unicorn-22719.exe (PID: 8760)
      • Unicorn-9995.exe (PID: 8776)
      • Unicorn-22080.exe (PID: 8700)
      • Unicorn-35112.exe (PID: 8820)
      • Unicorn-22147.exe (PID: 8808)
      • Unicorn-48293.exe (PID: 8708)
      • Unicorn-9035.exe (PID: 9184)
      • Unicorn-52044.exe (PID: 9164)
      • Unicorn-39269.exe (PID: 8920)
      • Unicorn-52076.exe (PID: 8252)
      • Unicorn-5619.exe (PID: 9168)
      • Unicorn-20733.exe (PID: 9196)
      • Unicorn-33456.exe (PID: 8352)
      • Unicorn-24734.exe (PID: 9228)
      • Unicorn-25886.exe (PID: 8356)
      • Unicorn-24049.exe (PID: 1184)
      • Unicorn-64505.exe (PID: 456)
      • Unicorn-39107.exe (PID: 7148)
      • Unicorn-16457.exe (PID: 3268)
      • Unicorn-12844.exe (PID: 8104)
      • Unicorn-421.exe (PID: 9336)
      • Unicorn-55575.exe (PID: 1228)
      • Unicorn-43908.exe (PID: 6456)
      • Unicorn-60997.exe (PID: 9012)
      • Unicorn-8952.exe (PID: 8528)
      • Unicorn-25702.exe (PID: 9032)
      • Unicorn-41070.exe (PID: 9056)
      • Unicorn-976.exe (PID: 8756)
      • Unicorn-19970.exe (PID: 7264)
      • Unicorn-47437.exe (PID: 9392)
      • Unicorn-20925.exe (PID: 9480)
      • Unicorn-33753.exe (PID: 9260)
      • Unicorn-58375.exe (PID: 8500)
      • Unicorn-51137.exe (PID: 9212)
      • Unicorn-25886.exe (PID: 8348)
      • Unicorn-57681.exe (PID: 8588)
      • Unicorn-16333.exe (PID: 8424)
      • Unicorn-33753.exe (PID: 9256)
      • Unicorn-229.exe (PID: 9240)
      • Unicorn-27868.exe (PID: 8596)
      • Unicorn-45792.exe (PID: 9224)
      • Unicorn-31100.exe (PID: 9356)
      • Unicorn-2917.exe (PID: 9572)
      • Unicorn-29155.exe (PID: 8560)
      • Unicorn-44469.exe (PID: 9204)
      • Unicorn-28818.exe (PID: 8412)
      • Unicorn-8765.exe (PID: 7680)
      • Unicorn-11085.exe (PID: 9552)
      • Unicorn-60997.exe (PID: 9020)
      • Unicorn-2725.exe (PID: 9592)
      • Unicorn-55818.exe (PID: 9620)
      • Unicorn-47349.exe (PID: 9728)
      • Unicorn-44142.exe (PID: 9696)
      • Unicorn-27614.exe (PID: 9752)
      • Unicorn-64562.exe (PID: 9792)
      • Unicorn-23722.exe (PID: 9688)
      • Unicorn-17318.exe (PID: 2392)
      • Unicorn-23530.exe (PID: 9768)
      • Unicorn-31973.exe (PID: 9912)
      • Unicorn-40887.exe (PID: 9872)
      • Unicorn-28958.exe (PID: 9920)
      • Unicorn-48864.exe (PID: 9964)
      • Unicorn-3109.exe (PID: 9904)
      • Unicorn-37488.exe (PID: 10132)
      • Unicorn-64562.exe (PID: 9788)
      • Unicorn-44972.exe (PID: 9896)
      • Unicorn-30611.exe (PID: 10140)
      • Unicorn-23805.exe (PID: 10072)
      • Unicorn-60488.exe (PID: 9972)
      • Unicorn-7831.exe (PID: 9948)
      • Unicorn-8708.exe (PID: 10056)
      • Unicorn-3384.exe (PID: 9996)
      • Unicorn-40887.exe (PID: 9864)
      • Unicorn-62185.exe (PID: 10048)
      • Unicorn-27126.exe (PID: 9988)
      • Unicorn-16876.exe (PID: 10116)
      • Unicorn-3384.exe (PID: 10004)
      • Unicorn-22443.exe (PID: 10012)
      • Unicorn-17290.exe (PID: 10172)
      • Unicorn-40369.exe (PID: 9568)
      • Unicorn-51224.exe (PID: 10156)
      • Unicorn-30611.exe (PID: 10148)
      • Unicorn-15361.exe (PID: 9856)
      • Unicorn-19726.exe (PID: 10308)
      • Unicorn-40369.exe (PID: 10232)
      • Unicorn-53654.exe (PID: 9980)
      • Unicorn-56394.exe (PID: 9848)
      • Unicorn-4432.exe (PID: 10212)

    • Executable content was dropped or overwritten

      • 1 (1342).exe (PID: 5200)
      • Unicorn-33196.exe (PID: 7828)
      • Unicorn-30051.exe (PID: 7392)
      • Unicorn-18942.exe (PID: 7248)
      • Unicorn-54131.exe (PID: 7820)
      • Unicorn-57146.exe (PID: 7856)
      • Unicorn-34645.exe (PID: 8140)
      • Unicorn-22393.exe (PID: 8148)
      • Unicorn-31630.exe (PID: 4000)
      • Unicorn-15848.exe (PID: 4652)
      • Unicorn-40767.exe (PID: 8172)
      • Unicorn-2007.exe (PID: 7864)
      • Unicorn-59149.exe (PID: 1188)
      • Unicorn-61417.exe (PID: 3676)
      • Unicorn-33514.exe (PID: 7452)
      • Unicorn-37275.exe (PID: 7520)
      • Unicorn-38942.exe (PID: 7524)
      • Unicorn-27031.exe (PID: 8180)
      • Unicorn-29984.exe (PID: 7560)
      • Unicorn-58485.exe (PID: 7536)
      • Unicorn-354.exe (PID: 6576)
      • Unicorn-59454.exe (PID: 4188)
      • Unicorn-58485.exe (PID: 6752)
      • Unicorn-60514.exe (PID: 7604)
      • Unicorn-42132.exe (PID: 6004)
      • Unicorn-33078.exe (PID: 8044)
      • Unicorn-12143.exe (PID: 8016)
      • Unicorn-17318.exe (PID: 2392)
      • Unicorn-13425.exe (PID: 1452)
      • Unicorn-24225.exe (PID: 5332)
      • Unicorn-42699.exe (PID: 6184)
      • Unicorn-2827.exe (PID: 5640)
      • Unicorn-22393.exe (PID: 7640)
      • Unicorn-38942.exe (PID: 5384)
      • Unicorn-21109.exe (PID: 672)
      • Unicorn-30809.exe (PID: 7912)
      • Unicorn-33270.exe (PID: 7916)
      • Unicorn-13404.exe (PID: 2600)
      • Unicorn-8765.exe (PID: 7680)
      • Unicorn-3154.exe (PID: 7616)
      • Unicorn-14473.exe (PID: 7792)
      • Unicorn-64442.exe (PID: 8032)
      • Unicorn-65319.exe (PID: 5756)
      • Unicorn-31084.exe (PID: 7892)
      • Unicorn-2185.exe (PID: 2552)
      • Unicorn-33270.exe (PID: 7692)
      • Unicorn-35449.exe (PID: 5552)
      • Unicorn-44820.exe (PID: 7908)
      • Unicorn-13617.exe (PID: 5280)
      • Unicorn-42782.exe (PID: 1852)
      • Unicorn-48402.exe (PID: 6700)
      • Unicorn-42782.exe (PID: 208)
      • Unicorn-64489.exe (PID: 5008)
      • Unicorn-42782.exe (PID: 7752)
      • Unicorn-42517.exe (PID: 7696)
      • Unicorn-56643.exe (PID: 1052)
      • Unicorn-50685.exe (PID: 7736)
      • Unicorn-54956.exe (PID: 2268)
      • Unicorn-31324.exe (PID: 7716)
      • Unicorn-45168.exe (PID: 4724)
      • Unicorn-20655.exe (PID: 8136)
      • Unicorn-3612.exe (PID: 4976)
      • Unicorn-50950.exe (PID: 5056)
      • Unicorn-31628.exe (PID: 6476)
      • Unicorn-6513.exe (PID: 8448)
      • Unicorn-50924.exe (PID: 8492)
      • Unicorn-51884.exe (PID: 8564)
      • Unicorn-31511.exe (PID: 8536)
      • Unicorn-42969.exe (PID: 8600)
      • Unicorn-24695.exe (PID: 8476)
      • Unicorn-22147.exe (PID: 8808)
      • Unicorn-11173.exe (PID: 8644)
      • Unicorn-9995.exe (PID: 8776)
      • Unicorn-48293.exe (PID: 8708)
      • Unicorn-2356.exe (PID: 8724)
      • Unicorn-42969.exe (PID: 8604)
      • Unicorn-35112.exe (PID: 8820)
      • Unicorn-22080.exe (PID: 8700)
      • Unicorn-40722.exe (PID: 8784)
      • Unicorn-42699.exe (PID: 5892)
      • Unicorn-25263.exe (PID: 8896)
      • Unicorn-9035.exe (PID: 9184)
      • Unicorn-20733.exe (PID: 9196)
      • Unicorn-39269.exe (PID: 8920)
      • Unicorn-52076.exe (PID: 8252)
      • Unicorn-5619.exe (PID: 9168)
      • Unicorn-33456.exe (PID: 8352)
      • Unicorn-25886.exe (PID: 8356)
      • Unicorn-24734.exe (PID: 9228)
      • Unicorn-24049.exe (PID: 1184)
      • Unicorn-55575.exe (PID: 1228)
      • Unicorn-39107.exe (PID: 7148)
      • Unicorn-64505.exe (PID: 456)
      • Unicorn-16457.exe (PID: 3268)
      • Unicorn-43908.exe (PID: 6456)
      • Unicorn-60997.exe (PID: 9012)
      • Unicorn-41070.exe (PID: 9056)
      • Unicorn-976.exe (PID: 8756)
      • Unicorn-19970.exe (PID: 7264)
      • Unicorn-51137.exe (PID: 9212)
      • Unicorn-25702.exe (PID: 9032)
      • Unicorn-18771.exe (PID: 1196)
      • Unicorn-25886.exe (PID: 8348)
      • Unicorn-20925.exe (PID: 9480)
      • Unicorn-33753.exe (PID: 9260)
      • Unicorn-58375.exe (PID: 8500)
      • Unicorn-33753.exe (PID: 9256)
      • Unicorn-57681.exe (PID: 8588)
      • Unicorn-28818.exe (PID: 8412)
      • Unicorn-6596.exe (PID: 9156)
      • Unicorn-16333.exe (PID: 8424)
      • Unicorn-31100.exe (PID: 9356)
      • Unicorn-29155.exe (PID: 8560)
      • Unicorn-45792.exe (PID: 9224)
      • Unicorn-25484.exe (PID: 7688)
      • Unicorn-44469.exe (PID: 9204)
      • Unicorn-2917.exe (PID: 9572)
      • Unicorn-30878.exe (PID: 4980)
      • Unicorn-60997.exe (PID: 9020)
      • Unicorn-55818.exe (PID: 9620)
      • Unicorn-2725.exe (PID: 9592)
      • Unicorn-47349.exe (PID: 9728)
      • Unicorn-27614.exe (PID: 9752)
      • Unicorn-44142.exe (PID: 9696)
      • Unicorn-64562.exe (PID: 9792)
      • Unicorn-22719.exe (PID: 8760)
      • Unicorn-23722.exe (PID: 9688)
      • Unicorn-23530.exe (PID: 9768)
      • Unicorn-31973.exe (PID: 9912)
      • Unicorn-40887.exe (PID: 9872)
      • Unicorn-48864.exe (PID: 9964)
      • Unicorn-3109.exe (PID: 9904)
      • Unicorn-28958.exe (PID: 9920)
      • Unicorn-37488.exe (PID: 10132)
      • Unicorn-64562.exe (PID: 9788)
      • Unicorn-30611.exe (PID: 10140)
      • Unicorn-17290.exe (PID: 10164)
      • Unicorn-60488.exe (PID: 9972)
      • Unicorn-7831.exe (PID: 9948)
      • Unicorn-3384.exe (PID: 9996)
      • Unicorn-40887.exe (PID: 9864)
      • Unicorn-44972.exe (PID: 9896)
      • Unicorn-62185.exe (PID: 10048)
      • Unicorn-24874.exe (PID: 9956)
      • Unicorn-3384.exe (PID: 10004)
      • Unicorn-30611.exe (PID: 10148)
      • Unicorn-22443.exe (PID: 10012)
      • Unicorn-17290.exe (PID: 10172)
      • Unicorn-40369.exe (PID: 9568)
      • Unicorn-57089.exe (PID: 10124)
      • Unicorn-19726.exe (PID: 10308)
      • Unicorn-56394.exe (PID: 9848)
      • Unicorn-15361.exe (PID: 9856)
      • Unicorn-40369.exe (PID: 10232)
      • Unicorn-52044.exe (PID: 9164)
      • Unicorn-12844.exe (PID: 8104)
      • Unicorn-421.exe (PID: 9336)
      • Unicorn-4432.exe (PID: 10212)
      • Unicorn-32234.exe (PID: 9612)
      • Unicorn-64458.exe (PID: 8636)
      • Unicorn-60198.exe (PID: 10528)
      • Unicorn-27868.exe (PID: 8596)
      • Unicorn-59513.exe (PID: 10432)
      • Unicorn-11085.exe (PID: 9552)
      • Unicorn-27609.exe (PID: 10600)
      • Unicorn-8236.exe (PID: 10660)
      • Unicorn-23805.exe (PID: 10072)
      • Unicorn-16876.exe (PID: 10116)
      • Unicorn-27126.exe (PID: 9988)
      • Unicorn-21478.exe (PID: 10580)
      • Unicorn-12424.exe (PID: 10932)
      • Unicorn-45242.exe (PID: 10668)
      • Unicorn-8952.exe (PID: 8528)
      • Unicorn-49565.exe (PID: 10912)
      • Unicorn-51329.exe (PID: 11044)
      • Unicorn-3362.exe (PID: 10996)
      • Unicorn-229.exe (PID: 9240)
      • Unicorn-8708.exe (PID: 10056)
      • Unicorn-43789.exe (PID: 11076)
      • Unicorn-63462.exe (PID: 11120)
      • Unicorn-29529.exe (PID: 11172)
      • Unicorn-19498.exe (PID: 11212)
      • Unicorn-43819.exe (PID: 11192)
      • Unicorn-22430.exe (PID: 11096)
      • Unicorn-39918.exe (PID: 11220)
      • Unicorn-18154.exe (PID: 11136)
      • Unicorn-30406.exe (PID: 11152)
      • Unicorn-64614.exe (PID: 8880)
      • Unicorn-63353.exe (PID: 2288)
      • Unicorn-18429.exe (PID: 11244)
      • Unicorn-60530.exe (PID: 1912)
      • Unicorn-52362.exe (PID: 8884)
      • Unicorn-30681.exe (PID: 10504)
      • Unicorn-60530.exe (PID: 10324)
      • Unicorn-63077.exe (PID: 11332)
      • Unicorn-58484.exe (PID: 8892)
      • Unicorn-9876.exe (PID: 10488)
      • Unicorn-64614.exe (PID: 10340)
      • Unicorn-53654.exe (PID: 9980)
      • Unicorn-27365.exe (PID: 11532)
      • Unicorn-35258.exe (PID: 11412)
      • Unicorn-18045.exe (PID: 2968)
      • Unicorn-22321.exe (PID: 7800)
      • Unicorn-55377.exe (PID: 8872)
      • Unicorn-35258.exe (PID: 11420)
      • Unicorn-4706.exe (PID: 11620)
      • Unicorn-11775.exe (PID: 11572)
      • Unicorn-23006.exe (PID: 11348)
      • Unicorn-51224.exe (PID: 10156)
      • Unicorn-64785.exe (PID: 10484)
      • Unicorn-42117.exe (PID: 11956)
      • Unicorn-54993.exe (PID: 11276)
      • Unicorn-26213.exe (PID: 6876)
      • Unicorn-32304.exe (PID: 10572)
      • Unicorn-3140.exe (PID: 11340)
      • Unicorn-51101.exe (PID: 10556)
      • Unicorn-51978.exe (PID: 11268)
      • Unicorn-57432.exe (PID: 12224)
      • Unicorn-18045.exe (PID: 5576)
      • Unicorn-59580.exe (PID: 11992)
      • Unicorn-26021.exe (PID: 11468)
      • Unicorn-60530.exe (PID: 7572)
      • Unicorn-1883.exe (PID: 11588)
      • Unicorn-9876.exe (PID: 10704)
      • Unicorn-20266.exe (PID: 11524)
      • Unicorn-44256.exe (PID: 11632)
      • Unicorn-24350.exe (PID: 11508)
      • Unicorn-19114.exe (PID: 3968)
      • Unicorn-23089.exe (PID: 11688)
      • Unicorn-24934.exe (PID: 12144)
      • Unicorn-50915.exe (PID: 12000)
      • Unicorn-57432.exe (PID: 12216)
      • Unicorn-22705.exe (PID: 12092)
      • Unicorn-36964.exe (PID: 11920)
      • Unicorn-16958.exe (PID: 11680)
      • Unicorn-16958.exe (PID: 11672)
      • Unicorn-34171.exe (PID: 11848)
      • Unicorn-40363.exe (PID: 11600)
      • Unicorn-27280.exe (PID: 11972)
      • Unicorn-36964.exe (PID: 11912)
      • Unicorn-56949.exe (PID: 11560)
      • Unicorn-30297.exe (PID: 11452)
      • Unicorn-23089.exe (PID: 11696)
      • Unicorn-3223.exe (PID: 11664)
      • Unicorn-55853.exe (PID: 11964)
      • Unicorn-36772.exe (PID: 12136)
      • Unicorn-26403.exe (PID: 11780)
      • Unicorn-63856.exe (PID: 11640)

    • Executes application which crashes

      • Unicorn-63181.exe (PID: 5404)
      • Unicorn-63768.exe (PID: 10480)
      • Unicorn-24054.exe (PID: 1312)
      • Unicorn-55325.exe (PID: 10036)

  • INFO

    • Checks supported languages

      • Unicorn-57146.exe (PID: 7856)
      • 1 (1342).exe (PID: 5200)
      • Unicorn-33196.exe (PID: 7828)
      • Unicorn-54131.exe (PID: 7820)
      • Unicorn-2007.exe (PID: 7864)
      • Unicorn-34645.exe (PID: 8140)
      • Unicorn-22393.exe (PID: 8148)
      • Unicorn-40767.exe (PID: 8172)
      • Unicorn-27031.exe (PID: 8180)
      • Unicorn-35449.exe (PID: 5552)
      • Unicorn-31630.exe (PID: 4000)
      • Unicorn-15848.exe (PID: 4652)
      • Unicorn-59149.exe (PID: 1188)
      • Unicorn-61417.exe (PID: 3676)
      • Unicorn-33514.exe (PID: 7452)
      • Unicorn-38942.exe (PID: 7524)
      • Unicorn-38942.exe (PID: 5384)
      • Unicorn-65319.exe (PID: 5756)
      • Unicorn-59454.exe (PID: 4188)
      • Unicorn-29984.exe (PID: 7560)
      • Unicorn-37275.exe (PID: 7520)
      • Unicorn-58485.exe (PID: 7536)
      • Unicorn-54956.exe (PID: 2268)
      • Unicorn-2185.exe (PID: 2552)
      • Unicorn-3154.exe (PID: 7616)
      • Unicorn-354.exe (PID: 6576)
      • Unicorn-58485.exe (PID: 6752)
      • Unicorn-60514.exe (PID: 7604)
      • Unicorn-42132.exe (PID: 6004)
      • Unicorn-33078.exe (PID: 8044)
      • Unicorn-12143.exe (PID: 8016)
      • Unicorn-63181.exe (PID: 5404)
      • Unicorn-13425.exe (PID: 1452)
      • Unicorn-17318.exe (PID: 2392)
      • Unicorn-24225.exe (PID: 5332)
      • Unicorn-21109.exe (PID: 672)
      • Unicorn-2827.exe (PID: 5640)
      • Unicorn-42699.exe (PID: 6184)
      • Unicorn-13404.exe (PID: 2600)
      • Unicorn-22393.exe (PID: 7640)
      • Unicorn-30809.exe (PID: 7912)
      • Unicorn-25484.exe (PID: 7688)
      • Unicorn-8765.exe (PID: 7680)
      • Unicorn-33270.exe (PID: 7692)
      • Unicorn-42517.exe (PID: 7696)
      • Unicorn-44820.exe (PID: 7908)
      • Unicorn-14473.exe (PID: 7792)
      • Unicorn-31324.exe (PID: 7716)
      • Unicorn-42782.exe (PID: 208)
      • Unicorn-31084.exe (PID: 7892)
      • Unicorn-13617.exe (PID: 5280)
      • Unicorn-48402.exe (PID: 6700)
      • Unicorn-64489.exe (PID: 5008)
      • Unicorn-50685.exe (PID: 7736)
      • Unicorn-42782.exe (PID: 1852)
      • Unicorn-3612.exe (PID: 4976)
      • Unicorn-31628.exe (PID: 6476)
      • Unicorn-45168.exe (PID: 4724)
      • Unicorn-6513.exe (PID: 8448)
      • Unicorn-31511.exe (PID: 8536)
      • Unicorn-42969.exe (PID: 8600)
      • Unicorn-64458.exe (PID: 8636)
      • Unicorn-48293.exe (PID: 8708)
      • Unicorn-22719.exe (PID: 8760)
      • Unicorn-2356.exe (PID: 8724)
      • Unicorn-40722.exe (PID: 8784)
      • Unicorn-11173.exe (PID: 8644)
      • Unicorn-22080.exe (PID: 8700)
      • Unicorn-39107.exe (PID: 7148)
      • Unicorn-5619.exe (PID: 9168)
      • Unicorn-28818.exe (PID: 8412)
      • Unicorn-6596.exe (PID: 9156)
      • Unicorn-25886.exe (PID: 8356)
      • Unicorn-16457.exe (PID: 3268)
      • Unicorn-9035.exe (PID: 9184)
      • Unicorn-60997.exe (PID: 9020)
      • Unicorn-24049.exe (PID: 1184)
      • Unicorn-45792.exe (PID: 9224)
      • Unicorn-24054.exe (PID: 1312)
      • Unicorn-25702.exe (PID: 9032)
      • Unicorn-421.exe (PID: 9336)
      • Unicorn-43908.exe (PID: 6456)
      • Unicorn-58375.exe (PID: 8500)
      • Unicorn-41070.exe (PID: 9056)
      • Unicorn-33456.exe (PID: 8352)
      • Unicorn-8952.exe (PID: 8528)
      • Unicorn-29155.exe (PID: 8560)
      • Unicorn-51137.exe (PID: 9212)
      • Unicorn-33753.exe (PID: 9260)
      • Unicorn-19970.exe (PID: 7264)
      • Unicorn-20925.exe (PID: 9480)
      • Unicorn-60997.exe (PID: 9012)
      • Unicorn-2917.exe (PID: 9572)
      • Unicorn-33753.exe (PID: 9256)
      • Unicorn-24734.exe (PID: 9228)
      • Unicorn-11085.exe (PID: 9552)
      • Unicorn-47349.exe (PID: 9728)
      • Unicorn-23530.exe (PID: 9768)
      • Unicorn-64562.exe (PID: 9792)
      • Unicorn-56394.exe (PID: 9848)
      • Unicorn-31973.exe (PID: 9912)
      • Unicorn-28958.exe (PID: 9920)
      • Unicorn-7831.exe (PID: 9948)
      • Unicorn-40887.exe (PID: 9872)
      • Unicorn-62185.exe (PID: 10048)
      • Unicorn-3384.exe (PID: 9996)
      • Unicorn-22443.exe (PID: 10012)
      • Unicorn-16876.exe (PID: 10116)
      • Unicorn-57089.exe (PID: 10124)
      • Unicorn-51224.exe (PID: 10156)
      • Unicorn-19726.exe (PID: 10308)
      • Unicorn-32234.exe (PID: 9612)
      • Unicorn-37488.exe (PID: 10132)
      • Unicorn-40369.exe (PID: 10232)
      • Unicorn-30611.exe (PID: 10140)
      • Unicorn-40887.exe (PID: 9864)
      • Unicorn-27126.exe (PID: 9988)
      • Unicorn-8708.exe (PID: 10056)
      • Unicorn-40369.exe (PID: 9568)
      • Unicorn-59513.exe (PID: 10432)
      • Unicorn-27609.exe (PID: 10600)
      • Unicorn-45242.exe (PID: 10668)
      • Unicorn-12424.exe (PID: 10932)
      • Unicorn-49565.exe (PID: 10912)
      • Unicorn-51329.exe (PID: 11044)
      • Unicorn-43789.exe (PID: 11076)
      • Unicorn-22430.exe (PID: 11096)
      • Unicorn-63462.exe (PID: 11120)
      • Unicorn-30406.exe (PID: 11152)
      • Unicorn-43819.exe (PID: 11192)
      • Unicorn-39918.exe (PID: 11220)
      • Unicorn-29529.exe (PID: 11172)
      • Unicorn-60530.exe (PID: 10324)
      • Unicorn-52362.exe (PID: 8884)
      • Unicorn-60530.exe (PID: 1912)
      • Unicorn-60530.exe (PID: 7572)
      • Unicorn-55377.exe (PID: 8872)
      • Unicorn-22321.exe (PID: 7800)
      • Unicorn-30681.exe (PID: 10504)
      • Unicorn-9876.exe (PID: 10704)
      • Unicorn-64785.exe (PID: 10484)
      • Unicorn-18045.exe (PID: 2968)
      • Unicorn-3140.exe (PID: 11340)
      • Unicorn-18045.exe (PID: 5576)
      • Unicorn-19114.exe (PID: 3968)
      • Unicorn-51101.exe (PID: 10556)
      • Unicorn-30297.exe (PID: 11452)
      • Unicorn-20266.exe (PID: 11524)
      • Unicorn-4706.exe (PID: 11620)
      • Unicorn-44256.exe (PID: 11632)
      • Unicorn-16958.exe (PID: 11680)
      • Unicorn-23089.exe (PID: 11696)
      • Unicorn-37156.exe (PID: 11720)
      • Unicorn-26403.exe (PID: 11780)
      • Unicorn-34171.exe (PID: 11848)
      • Unicorn-27280.exe (PID: 11972)
      • Unicorn-50915.exe (PID: 12000)
      • Unicorn-55853.exe (PID: 11964)
      • Unicorn-31811.exe (PID: 12028)
      • Unicorn-11199.exe (PID: 12152)
      • Unicorn-31619.exe (PID: 12180)
      • Unicorn-51485.exe (PID: 12196)
      • Unicorn-57432.exe (PID: 12224)
      • Unicorn-31619.exe (PID: 12188)
      • Unicorn-57432.exe (PID: 12216)
      • Unicorn-61324.exe (PID: 11908)
      • Unicorn-59580.exe (PID: 11992)
      • Unicorn-55295.exe (PID: 12080)
      • Unicorn-36772.exe (PID: 12136)
      • Unicorn-54884.exe (PID: 12472)
      • Unicorn-26295.exe (PID: 12508)
      • Unicorn-2476.exe (PID: 12544)
      • Unicorn-54822.exe (PID: 12644)
      • Unicorn-55652.exe (PID: 12712)
      • Unicorn-55652.exe (PID: 12736)
      • Unicorn-835.exe (PID: 12692)
      • Unicorn-52637.exe (PID: 12676)
      • Unicorn-13494.exe (PID: 12776)
      • Unicorn-55652.exe (PID: 12720)
      • Unicorn-56529.exe (PID: 12860)
      • Unicorn-835.exe (PID: 12684)
      • Unicorn-13607.exe (PID: 12916)
      • Unicorn-56529.exe (PID: 12932)
      • Unicorn-47044.exe (PID: 12968)
      • Unicorn-35039.exe (PID: 12960)
      • Unicorn-35039.exe (PID: 12884)
      • Unicorn-37784.exe (PID: 12796)
      • Unicorn-29439.exe (PID: 12940)
      • Unicorn-47541.exe (PID: 12924)
      • Unicorn-4727.exe (PID: 12908)
      • Unicorn-35039.exe (PID: 12876)
      • Unicorn-10592.exe (PID: 13184)
      • Unicorn-35039.exe (PID: 12868)
      • Unicorn-4727.exe (PID: 13052)
      • Unicorn-13607.exe (PID: 13004)
      • Unicorn-40607.exe (PID: 12948)
      • Unicorn-14256.exe (PID: 4692)
      • Unicorn-64526.exe (PID: 12564)
      • Unicorn-1927.exe (PID: 12896)
      • Unicorn-24646.exe (PID: 13344)
      • Unicorn-36021.exe (PID: 13360)
      • Unicorn-49342.exe (PID: 13352)
      • Unicorn-11516.exe (PID: 8024)
      • Unicorn-11132.exe (PID: 13420)
      • Unicorn-24454.exe (PID: 13412)
      • Unicorn-2964.exe (PID: 13392)
      • Unicorn-52165.exe (PID: 13448)
      • Unicorn-20178.exe (PID: 13480)
      • Unicorn-52165.exe (PID: 13444)
      • Unicorn-33774.exe (PID: 13548)
      • Unicorn-57318.exe (PID: 13468)
      • Unicorn-12284.exe (PID: 13568)
      • Unicorn-33774.exe (PID: 13540)
      • Unicorn-45149.exe (PID: 13620)
      • Unicorn-44957.exe (PID: 13660)
      • Unicorn-57017.exe (PID: 13668)
      • Unicorn-33198.exe (PID: 13724)

    • The sample compiled with chinese language support

      • 1 (1342).exe (PID: 5200)
      • Unicorn-3154.exe (PID: 7616)
      • Unicorn-9035.exe (PID: 9184)
      • Unicorn-17290.exe (PID: 10164)
      • Unicorn-20655.exe (PID: 8136)
      • Unicorn-8765.exe (PID: 7680)
      • Unicorn-2725.exe (PID: 9592)
      • Unicorn-45792.exe (PID: 9224)
      • Unicorn-28818.exe (PID: 8412)
      • Unicorn-42782.exe (PID: 1852)
      • Unicorn-64458.exe (PID: 8636)
      • Unicorn-31324.exe (PID: 7716)
      • Unicorn-47349.exe (PID: 9728)
      • Unicorn-24695.exe (PID: 8476)
      • Unicorn-51884.exe (PID: 8564)
      • Unicorn-27614.exe (PID: 9752)
      • Unicorn-60198.exe (PID: 10528)
      • Unicorn-17318.exe (PID: 2392)
      • Unicorn-22147.exe (PID: 8808)
      • Unicorn-42517.exe (PID: 7696)
      • Unicorn-12143.exe (PID: 8016)
      • Unicorn-59454.exe (PID: 4188)
      • Unicorn-23722.exe (PID: 9688)
      • Unicorn-22393.exe (PID: 8148)
      • Unicorn-11173.exe (PID: 8644)
      • Unicorn-18942.exe (PID: 7248)
      • Unicorn-11085.exe (PID: 9552)
      • Unicorn-42699.exe (PID: 6184)
      • Unicorn-22080.exe (PID: 8700)
      • Unicorn-37275.exe (PID: 7520)
      • Unicorn-13425.exe (PID: 1452)
      • Unicorn-33196.exe (PID: 7828)
      • Unicorn-354.exe (PID: 6576)
      • Unicorn-33514.exe (PID: 7452)
      • Unicorn-22393.exe (PID: 7640)
      • Unicorn-38942.exe (PID: 5384)
      • Unicorn-24225.exe (PID: 5332)
      • Unicorn-22719.exe (PID: 8760)
      • Unicorn-44972.exe (PID: 9896)
      • Unicorn-62185.exe (PID: 10048)
      • Unicorn-60488.exe (PID: 9972)
      • Unicorn-7831.exe (PID: 9948)
      • Unicorn-16876.exe (PID: 10116)
      • Unicorn-30611.exe (PID: 10148)
      • Unicorn-9995.exe (PID: 8776)
      • Unicorn-17290.exe (PID: 10172)
      • Unicorn-19726.exe (PID: 10308)
      • Unicorn-40369.exe (PID: 9568)
      • Unicorn-27609.exe (PID: 10600)
      • Unicorn-31973.exe (PID: 9912)
      • Unicorn-48864.exe (PID: 9964)
      • Unicorn-32234.exe (PID: 9612)
      • Unicorn-64442.exe (PID: 8032)
      • Unicorn-52044.exe (PID: 9164)
      • Unicorn-45242.exe (PID: 10668)
      • Unicorn-37488.exe (PID: 10132)
      • Unicorn-61417.exe (PID: 3676)
      • Unicorn-52076.exe (PID: 8252)
      • Unicorn-57089.exe (PID: 10124)
      • Unicorn-5619.exe (PID: 9168)
      • Unicorn-12424.exe (PID: 10932)
      • Unicorn-27031.exe (PID: 8180)
      • Unicorn-65319.exe (PID: 5756)
      • Unicorn-40369.exe (PID: 10232)
      • Unicorn-39269.exe (PID: 8920)
      • Unicorn-24874.exe (PID: 9956)
      • Unicorn-24734.exe (PID: 9228)
      • Unicorn-55575.exe (PID: 1228)
      • Unicorn-2185.exe (PID: 2552)
      • Unicorn-39107.exe (PID: 7148)
      • Unicorn-43908.exe (PID: 6456)
      • Unicorn-12844.exe (PID: 8104)
      • Unicorn-8952.exe (PID: 8528)
      • Unicorn-41070.exe (PID: 9056)
      • Unicorn-49565.exe (PID: 10912)
      • Unicorn-33753.exe (PID: 9256)
      • Unicorn-18771.exe (PID: 1196)
      • Unicorn-20733.exe (PID: 9196)
      • Unicorn-33456.exe (PID: 8352)
      • Unicorn-25886.exe (PID: 8356)
      • Unicorn-33270.exe (PID: 7916)
      • Unicorn-31084.exe (PID: 7892)
      • Unicorn-51329.exe (PID: 11044)
      • Unicorn-50950.exe (PID: 5056)
      • Unicorn-27868.exe (PID: 8596)
      • Unicorn-33078.exe (PID: 8044)
      • Unicorn-42782.exe (PID: 208)
      • Unicorn-54956.exe (PID: 2268)
      • Unicorn-33270.exe (PID: 7692)
      • Unicorn-56643.exe (PID: 1052)
      • Unicorn-42132.exe (PID: 6004)
      • Unicorn-60997.exe (PID: 9020)
      • Unicorn-3362.exe (PID: 10996)
      • Unicorn-51137.exe (PID: 9212)
      • Unicorn-31628.exe (PID: 6476)
      • Unicorn-31630.exe (PID: 4000)
      • Unicorn-44469.exe (PID: 9204)
      • Unicorn-2007.exe (PID: 7864)
      • Unicorn-58485.exe (PID: 7536)
      • Unicorn-33753.exe (PID: 9260)
      • Unicorn-57681.exe (PID: 8588)
      • Unicorn-48402.exe (PID: 6700)
      • Unicorn-6596.exe (PID: 9156)
      • Unicorn-30051.exe (PID: 7392)
      • Unicorn-229.exe (PID: 9240)
      • Unicorn-3612.exe (PID: 4976)
      • Unicorn-13617.exe (PID: 5280)
      • Unicorn-50685.exe (PID: 7736)
      • Unicorn-25886.exe (PID: 8348)
      • Unicorn-58485.exe (PID: 6752)
      • Unicorn-59149.exe (PID: 1188)
      • Unicorn-59513.exe (PID: 10432)
      • Unicorn-35449.exe (PID: 5552)
      • Unicorn-54131.exe (PID: 7820)
      • Unicorn-6513.exe (PID: 8448)
      • Unicorn-50924.exe (PID: 8492)
      • Unicorn-48293.exe (PID: 8708)
      • Unicorn-31511.exe (PID: 8536)
      • Unicorn-42969.exe (PID: 8604)
      • Unicorn-42699.exe (PID: 5892)
      • Unicorn-21109.exe (PID: 672)
      • Unicorn-40767.exe (PID: 8172)
      • Unicorn-64562.exe (PID: 9792)
      • Unicorn-38942.exe (PID: 7524)
      • Unicorn-60514.exe (PID: 7604)
      • Unicorn-55818.exe (PID: 9620)
      • Unicorn-14473.exe (PID: 7792)
      • Unicorn-29155.exe (PID: 8560)
      • Unicorn-57146.exe (PID: 7856)
      • Unicorn-44142.exe (PID: 9696)
      • Unicorn-21478.exe (PID: 10580)
      • Unicorn-19498.exe (PID: 11212)
      • Unicorn-8236.exe (PID: 10660)
      • Unicorn-3109.exe (PID: 9904)
      • Unicorn-40887.exe (PID: 9864)
      • Unicorn-8708.exe (PID: 10056)
      • Unicorn-27126.exe (PID: 9988)
      • Unicorn-43789.exe (PID: 11076)
      • Unicorn-3384.exe (PID: 10004)
      • Unicorn-4432.exe (PID: 10212)
      • Unicorn-63462.exe (PID: 11120)
      • Unicorn-29529.exe (PID: 11172)
      • Unicorn-40722.exe (PID: 8784)
      • Unicorn-30809.exe (PID: 7912)
      • Unicorn-40887.exe (PID: 9872)
      • Unicorn-43819.exe (PID: 11192)
      • Unicorn-39918.exe (PID: 11220)
      • Unicorn-22430.exe (PID: 11096)
      • Unicorn-24049.exe (PID: 1184)
      • Unicorn-63353.exe (PID: 2288)
      • Unicorn-30406.exe (PID: 11152)
      • Unicorn-18154.exe (PID: 11136)
      • Unicorn-60997.exe (PID: 9012)
      • Unicorn-64614.exe (PID: 8880)
      • Unicorn-19970.exe (PID: 7264)
      • Unicorn-42782.exe (PID: 7752)
      • Unicorn-2917.exe (PID: 9572)
      • Unicorn-31100.exe (PID: 9356)
      • Unicorn-30878.exe (PID: 4980)
      • Unicorn-18429.exe (PID: 11244)
      • Unicorn-16333.exe (PID: 8424)
      • Unicorn-60530.exe (PID: 1912)
      • Unicorn-52362.exe (PID: 8884)
      • Unicorn-25702.exe (PID: 9032)
      • Unicorn-60530.exe (PID: 10324)
      • Unicorn-34645.exe (PID: 8140)
      • Unicorn-44820.exe (PID: 7908)
      • Unicorn-20925.exe (PID: 9480)
      • Unicorn-30681.exe (PID: 10504)
      • Unicorn-3384.exe (PID: 9996)
      • Unicorn-23530.exe (PID: 9768)
      • Unicorn-58484.exe (PID: 8892)
      • Unicorn-28958.exe (PID: 9920)
      • Unicorn-9876.exe (PID: 10488)
      • Unicorn-64614.exe (PID: 10340)
      • Unicorn-35112.exe (PID: 8820)
      • Unicorn-22443.exe (PID: 10012)
      • Unicorn-53654.exe (PID: 9980)
      • Unicorn-27365.exe (PID: 11532)
      • Unicorn-63077.exe (PID: 11332)
      • Unicorn-64562.exe (PID: 9788)
      • Unicorn-25263.exe (PID: 8896)
      • Unicorn-18045.exe (PID: 2968)
      • Unicorn-35258.exe (PID: 11412)
      • Unicorn-22321.exe (PID: 7800)
      • Unicorn-35258.exe (PID: 11420)
      • Unicorn-55377.exe (PID: 8872)
      • Unicorn-4706.exe (PID: 11620)
      • Unicorn-11775.exe (PID: 11572)
      • Unicorn-51224.exe (PID: 10156)
      • Unicorn-42117.exe (PID: 11956)
      • Unicorn-16457.exe (PID: 3268)
      • Unicorn-976.exe (PID: 8756)
      • Unicorn-54993.exe (PID: 11276)
      • Unicorn-32304.exe (PID: 10572)
      • Unicorn-26213.exe (PID: 6876)
      • Unicorn-3140.exe (PID: 11340)
      • Unicorn-51101.exe (PID: 10556)
      • Unicorn-23006.exe (PID: 11348)
      • Unicorn-51978.exe (PID: 11268)
      • Unicorn-64785.exe (PID: 10484)
      • Unicorn-9876.exe (PID: 10704)
      • Unicorn-57432.exe (PID: 12224)
      • Unicorn-45168.exe (PID: 4724)
      • Unicorn-26021.exe (PID: 11468)
      • Unicorn-58375.exe (PID: 8500)
      • Unicorn-18045.exe (PID: 5576)
      • Unicorn-60530.exe (PID: 7572)
      • Unicorn-20266.exe (PID: 11524)
      • Unicorn-59580.exe (PID: 11992)
      • Unicorn-44256.exe (PID: 11632)
      • Unicorn-19114.exe (PID: 3968)
      • Unicorn-24350.exe (PID: 11508)
      • Unicorn-23089.exe (PID: 11688)
      • Unicorn-24934.exe (PID: 12144)
      • Unicorn-2827.exe (PID: 5640)
      • Unicorn-29984.exe (PID: 7560)
      • Unicorn-1883.exe (PID: 11588)
      • Unicorn-42969.exe (PID: 8600)
      • Unicorn-57432.exe (PID: 12216)
      • Unicorn-22705.exe (PID: 12092)
      • Unicorn-36964.exe (PID: 11920)
      • Unicorn-16958.exe (PID: 11680)
      • Unicorn-30611.exe (PID: 10140)
      • Unicorn-15848.exe (PID: 4652)
      • Unicorn-34171.exe (PID: 11848)
      • Unicorn-16958.exe (PID: 11672)
      • Unicorn-50915.exe (PID: 12000)
      • Unicorn-40363.exe (PID: 11600)
      • Unicorn-36964.exe (PID: 11912)
      • Unicorn-27280.exe (PID: 11972)
      • Unicorn-36772.exe (PID: 12136)
      • Unicorn-56949.exe (PID: 11560)
      • Unicorn-26403.exe (PID: 11780)
      • Unicorn-30297.exe (PID: 11452)
      • Unicorn-64505.exe (PID: 456)
      • Unicorn-23089.exe (PID: 11696)
      • Unicorn-3223.exe (PID: 11664)
      • Unicorn-55853.exe (PID: 11964)
      • Unicorn-63856.exe (PID: 11640)

    • Reads the computer name

      • 1 (1342).exe (PID: 5200)
      • Unicorn-54131.exe (PID: 7820)
      • Unicorn-33196.exe (PID: 7828)
      • Unicorn-57146.exe (PID: 7856)
      • Unicorn-2007.exe (PID: 7864)
      • Unicorn-34645.exe (PID: 8140)
      • Unicorn-22393.exe (PID: 8148)
      • Unicorn-40767.exe (PID: 8172)
      • Unicorn-27031.exe (PID: 8180)
      • Unicorn-15848.exe (PID: 4652)
      • Unicorn-31630.exe (PID: 4000)
      • Unicorn-59149.exe (PID: 1188)
      • Unicorn-35449.exe (PID: 5552)
      • Unicorn-61417.exe (PID: 3676)
      • Unicorn-37275.exe (PID: 7520)
      • Unicorn-33514.exe (PID: 7452)
      • Unicorn-38942.exe (PID: 7524)
      • Unicorn-29984.exe (PID: 7560)
      • Unicorn-38942.exe (PID: 5384)
      • Unicorn-58485.exe (PID: 7536)
      • Unicorn-59454.exe (PID: 4188)
      • Unicorn-58485.exe (PID: 6752)
      • Unicorn-54956.exe (PID: 2268)
      • Unicorn-3154.exe (PID: 7616)
      • Unicorn-65319.exe (PID: 5756)
      • Unicorn-354.exe (PID: 6576)
      • Unicorn-42132.exe (PID: 6004)
      • Unicorn-60514.exe (PID: 7604)
      • Unicorn-33078.exe (PID: 8044)
      • Unicorn-12143.exe (PID: 8016)
      • Unicorn-13425.exe (PID: 1452)
      • Unicorn-24225.exe (PID: 5332)
      • Unicorn-42782.exe (PID: 208)
      • Unicorn-17318.exe (PID: 2392)
      • Unicorn-22393.exe (PID: 7640)
      • Unicorn-2827.exe (PID: 5640)
      • Unicorn-42699.exe (PID: 6184)
      • Unicorn-30809.exe (PID: 7912)
      • Unicorn-13404.exe (PID: 2600)
      • Unicorn-25484.exe (PID: 7688)
      • Unicorn-14473.exe (PID: 7792)
      • Unicorn-64442.exe (PID: 8032)
      • Unicorn-50950.exe (PID: 5056)
      • Unicorn-20655.exe (PID: 8136)
      • Unicorn-3612.exe (PID: 4976)
      • Unicorn-11173.exe (PID: 8644)
      • Unicorn-6513.exe (PID: 8448)
      • Unicorn-48293.exe (PID: 8708)
      • Unicorn-42969.exe (PID: 8600)
      • Unicorn-42969.exe (PID: 8604)
      • Unicorn-40722.exe (PID: 8784)
      • Unicorn-9995.exe (PID: 8776)
      • Unicorn-45168.exe (PID: 4724)
      • Unicorn-51884.exe (PID: 8564)
      • Unicorn-39269.exe (PID: 8920)
      • Unicorn-25886.exe (PID: 8356)
      • Unicorn-24734.exe (PID: 9228)
      • Unicorn-39107.exe (PID: 7148)
      • Unicorn-43908.exe (PID: 6456)
      • Unicorn-12844.exe (PID: 8104)
      • Unicorn-41070.exe (PID: 9056)
      • Unicorn-5619.exe (PID: 9168)
      • Unicorn-29155.exe (PID: 8560)
      • Unicorn-45792.exe (PID: 9224)
      • Unicorn-2917.exe (PID: 9572)
      • Unicorn-60997.exe (PID: 9020)
      • Unicorn-44469.exe (PID: 9204)
      • Unicorn-11085.exe (PID: 9552)
      • Unicorn-47437.exe (PID: 9392)
      • Unicorn-58375.exe (PID: 8500)
      • Unicorn-24054.exe (PID: 1312)
      • Unicorn-6596.exe (PID: 9156)
      • Unicorn-57681.exe (PID: 8588)
      • Unicorn-2725.exe (PID: 9592)
      • Unicorn-55818.exe (PID: 9620)
      • Unicorn-44142.exe (PID: 9696)
      • Unicorn-23722.exe (PID: 9688)
      • Unicorn-48864.exe (PID: 9964)
      • Unicorn-40887.exe (PID: 9872)
      • Unicorn-37488.exe (PID: 10132)
      • Unicorn-44972.exe (PID: 9896)
      • Unicorn-17290.exe (PID: 10164)
      • Unicorn-23530.exe (PID: 9768)
      • Unicorn-30611.exe (PID: 10140)
      • Unicorn-3384.exe (PID: 9996)
      • Unicorn-8708.exe (PID: 10056)
      • Unicorn-40887.exe (PID: 9864)
      • Unicorn-3384.exe (PID: 10004)
      • Unicorn-16876.exe (PID: 10116)
      • Unicorn-27126.exe (PID: 9988)
      • Unicorn-17290.exe (PID: 10172)
      • Unicorn-40369.exe (PID: 9568)
      • Unicorn-56394.exe (PID: 9848)
      • Unicorn-53654.exe (PID: 9980)
      • Unicorn-40369.exe (PID: 10232)
      • Unicorn-4432.exe (PID: 10212)
      • Unicorn-30611.exe (PID: 10148)
      • Unicorn-32234.exe (PID: 9612)

    • Create files in a temporary directory

      • Unicorn-54131.exe (PID: 7820)
      • Unicorn-18942.exe (PID: 7248)
      • Unicorn-57146.exe (PID: 7856)
      • Unicorn-30051.exe (PID: 7392)
      • 1 (1342).exe (PID: 5200)
      • Unicorn-22393.exe (PID: 8148)
      • Unicorn-33196.exe (PID: 7828)
      • Unicorn-31630.exe (PID: 4000)
      • Unicorn-15848.exe (PID: 4652)
      • Unicorn-40767.exe (PID: 8172)
      • Unicorn-2007.exe (PID: 7864)
      • Unicorn-59149.exe (PID: 1188)
      • Unicorn-61417.exe (PID: 3676)
      • Unicorn-34645.exe (PID: 8140)
      • Unicorn-33514.exe (PID: 7452)
      • Unicorn-37275.exe (PID: 7520)
      • Unicorn-29984.exe (PID: 7560)
      • Unicorn-58485.exe (PID: 7536)
      • Unicorn-58485.exe (PID: 6752)
      • Unicorn-59454.exe (PID: 4188)
      • Unicorn-354.exe (PID: 6576)
      • Unicorn-12143.exe (PID: 8016)
      • Unicorn-60514.exe (PID: 7604)
      • Unicorn-42132.exe (PID: 6004)
      • Unicorn-17318.exe (PID: 2392)
      • Unicorn-13425.exe (PID: 1452)
      • Unicorn-24225.exe (PID: 5332)
      • Unicorn-2827.exe (PID: 5640)
      • Unicorn-22393.exe (PID: 7640)
      • Unicorn-38942.exe (PID: 5384)
      • Unicorn-13404.exe (PID: 2600)
      • Unicorn-38942.exe (PID: 7524)
      • Unicorn-3154.exe (PID: 7616)
      • Unicorn-44820.exe (PID: 7908)
      • Unicorn-31084.exe (PID: 7892)
      • Unicorn-8765.exe (PID: 7680)
      • Unicorn-48402.exe (PID: 6700)
      • Unicorn-65319.exe (PID: 5756)
      • Unicorn-64489.exe (PID: 5008)
      • Unicorn-42517.exe (PID: 7696)
      • Unicorn-31324.exe (PID: 7716)
      • Unicorn-50685.exe (PID: 7736)
      • Unicorn-35449.exe (PID: 5552)
      • Unicorn-64442.exe (PID: 8032)
      • Unicorn-33270.exe (PID: 7692)
      • Unicorn-54956.exe (PID: 2268)
      • Unicorn-56643.exe (PID: 1052)
      • Unicorn-33078.exe (PID: 8044)
      • Unicorn-45168.exe (PID: 4724)
      • Unicorn-20655.exe (PID: 8136)
      • Unicorn-50950.exe (PID: 5056)
      • Unicorn-3612.exe (PID: 4976)
      • Unicorn-51884.exe (PID: 8564)
      • Unicorn-42969.exe (PID: 8600)
      • Unicorn-6513.exe (PID: 8448)
      • Unicorn-22147.exe (PID: 8808)
      • Unicorn-40722.exe (PID: 8784)
      • Unicorn-35112.exe (PID: 8820)
      • Unicorn-21109.exe (PID: 672)
      • Unicorn-22080.exe (PID: 8700)
      • Unicorn-30809.exe (PID: 7912)
      • Unicorn-42969.exe (PID: 8604)
      • Unicorn-9995.exe (PID: 8776)
      • Unicorn-42699.exe (PID: 6184)
      • Unicorn-39269.exe (PID: 8920)
      • Unicorn-5619.exe (PID: 9168)
      • Unicorn-27031.exe (PID: 8180)
      • Unicorn-25886.exe (PID: 8356)
      • Unicorn-39107.exe (PID: 7148)
      • Unicorn-16457.exe (PID: 3268)
      • Unicorn-60997.exe (PID: 9012)
      • Unicorn-19970.exe (PID: 7264)
      • Unicorn-33270.exe (PID: 7916)
      • Unicorn-25886.exe (PID: 8348)
      • Unicorn-20925.exe (PID: 9480)
      • Unicorn-33753.exe (PID: 9260)
      • Unicorn-6596.exe (PID: 9156)
      • Unicorn-51137.exe (PID: 9212)
      • Unicorn-16333.exe (PID: 8424)
      • Unicorn-33753.exe (PID: 9256)
      • Unicorn-31100.exe (PID: 9356)
      • Unicorn-29155.exe (PID: 8560)
      • Unicorn-25484.exe (PID: 7688)
      • Unicorn-60997.exe (PID: 9020)
      • Unicorn-30878.exe (PID: 4980)
      • Unicorn-42782.exe (PID: 1852)
      • Unicorn-31628.exe (PID: 6476)
      • Unicorn-31511.exe (PID: 8536)
      • Unicorn-23722.exe (PID: 9688)
      • Unicorn-44142.exe (PID: 9696)
      • Unicorn-42699.exe (PID: 5892)
      • Unicorn-23530.exe (PID: 9768)
      • Unicorn-64562.exe (PID: 9788)
      • Unicorn-40887.exe (PID: 9872)
      • Unicorn-28958.exe (PID: 9920)
      • Unicorn-3384.exe (PID: 9996)
      • Unicorn-40887.exe (PID: 9864)
      • Unicorn-60488.exe (PID: 9972)
      • Unicorn-30611.exe (PID: 10148)
      • Unicorn-62185.exe (PID: 10048)
      • Unicorn-19726.exe (PID: 10308)

    • Checks proxy server information

      • BackgroundTransferHost.exe (PID: 2140)

    • Reads the software policy settings

      • BackgroundTransferHost.exe (PID: 2140)

    • Reads security settings of Internet Explorer

      • BackgroundTransferHost.exe (PID: 1812)
      • BackgroundTransferHost.exe (PID: 2140)
      • BackgroundTransferHost.exe (PID: 7484)
      • BackgroundTransferHost.exe (PID: 6700)
      • BackgroundTransferHost.exe (PID: 5056)
      • BackgroundTransferHost.exe (PID: 8088)
      • BackgroundTransferHost.exe (PID: 8860)

    • Creates files or folders in the user directory

      • BackgroundTransferHost.exe (PID: 2140)
      • WerFault.exe (PID: 5344)
      • WerFault.exe (PID: 10536)
Find more information about signature artifacts and mapping to MITRE ATT&CK™ MATRIX at the full report
No Malware configuration.

TRiD

.exe | Win32 Executable Microsoft Visual Basic 6 (90.6)
.exe | Win32 Executable (generic) (4.9)
.exe | Generic Win/DOS Executable (2.2)
.exe | DOS Executable Generic (2.2)

EXIF

EXE

MachineType: Intel 386 or later, and compatibles
TimeStamp: 2019:01:19 13:34:56+00:00
ImageFileCharacteristics: No relocs, Executable, No line numbers, No symbols, 32-bit
PEType: PE32
LinkerVersion: 6
CodeSize: 176128
InitializedDataSize: 299008
UninitializedDataSize: -
EntryPoint: 0x13d4
OSVersion: 4
ImageVersion: 1
SubsystemVersion: 4
Subsystem: Windows GUI
FileVersionNumber: 1.0.0.0
ProductVersionNumber: 1.0.0.0
FileFlagsMask: 0x003f
FileFlags: (none)
FileOS: Win32
ObjectFileType: Executable application
FileSubtype: -
LanguageCode: Chinese (Simplified)
CharacterSet: Unicode
CompanyName: UEFI
ProductName: Kawaii-Unicorn
FileVersion: 1
ProductVersion: 1
InternalName: Kawaii-Unicorn
OriginalFileName: Kawaii-Unicorn.exe
No data.
screenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshot
All screenshots are available in the full report
All screenshots are available in the full report
Total processes
496
Monitored processes
356
Malicious processes
50
Suspicious processes
70

Behavior graph

Click at the process to see the details
start 1 (1342).exe unicorn-18942.exe sppextcomobj.exe no specs unicorn-30051.exe unicorn-54131.exe unicorn-33196.exe unicorn-57146.exe unicorn-2007.exe unicorn-34645.exe unicorn-22393.exe unicorn-40767.exe unicorn-27031.exe unicorn-31630.exe unicorn-15848.exe unicorn-35449.exe backgroundtransferhost.exe no specs backgroundtransferhost.exe unicorn-59149.exe unicorn-61417.exe unicorn-33514.exe unicorn-29984.exe unicorn-37275.exe unicorn-38942.exe unicorn-38942.exe unicorn-59454.exe unicorn-65319.exe unicorn-58485.exe unicorn-58485.exe unicorn-2185.exe unicorn-3154.exe unicorn-54956.exe unicorn-354.exe backgroundtransferhost.exe no specs backgroundtransferhost.exe no specs unicorn-60514.exe unicorn-42132.exe unicorn-33078.exe unicorn-12143.exe backgroundtransferhost.exe no specs unicorn-13425.exe unicorn-63181.exe unicorn-17318.exe unicorn-24225.exe unicorn-21109.exe unicorn-2827.exe unicorn-42699.exe unicorn-42699.exe unicorn-13404.exe unicorn-22393.exe unicorn-30809.exe unicorn-33270.exe unicorn-33270.exe unicorn-8765.exe unicorn-31324.exe unicorn-42517.exe unicorn-25484.exe unicorn-44820.exe unicorn-14473.exe unicorn-50685.exe unicorn-42782.exe unicorn-42782.exe unicorn-42782.exe unicorn-31084.exe backgroundtransferhost.exe no specs unicorn-13617.exe unicorn-64442.exe unicorn-18771.exe unicorn-48402.exe unicorn-56643.exe unicorn-64489.exe unicorn-30878.exe unicorn-45168.exe werfault.exe no specs unicorn-20655.exe unicorn-3612.exe unicorn-50950.exe unicorn-31628.exe unicorn-6513.exe unicorn-24695.exe unicorn-50924.exe unicorn-31511.exe unicorn-51884.exe unicorn-42969.exe unicorn-42969.exe unicorn-64458.exe unicorn-11173.exe unicorn-22080.exe unicorn-48293.exe unicorn-2356.exe unicorn-22719.exe unicorn-9995.exe unicorn-40722.exe unicorn-22147.exe unicorn-35112.exe backgroundtransferhost.exe no specs unicorn-25263.exe unicorn-39269.exe unicorn-6596.exe unicorn-52044.exe unicorn-5619.exe unicorn-9035.exe unicorn-20733.exe unicorn-44469.exe unicorn-51137.exe unicorn-52076.exe unicorn-39107.exe unicorn-33456.exe unicorn-28818.exe unicorn-16333.exe unicorn-24049.exe unicorn-58375.exe unicorn-8952.exe unicorn-24054.exe unicorn-43908.exe unicorn-29155.exe unicorn-64505.exe unicorn-55575.exe unicorn-12844.exe unicorn-57681.exe unicorn-27868.exe unicorn-16457.exe unicorn-25886.exe unicorn-25886.exe unicorn-976.exe unicorn-60997.exe unicorn-25702.exe unicorn-60997.exe unicorn-19970.exe unicorn-41070.exe unicorn-45792.exe unicorn-24734.exe unicorn-229.exe unicorn-33753.exe unicorn-33753.exe unicorn-421.exe unicorn-31100.exe unicorn-47437.exe no specs unicorn-20925.exe unicorn-11085.exe unicorn-2917.exe unicorn-2725.exe unicorn-55818.exe unicorn-23722.exe unicorn-44142.exe unicorn-47349.exe unicorn-27614.exe unicorn-23530.exe unicorn-64562.exe unicorn-64562.exe unicorn-56394.exe unicorn-15361.exe unicorn-40887.exe unicorn-40887.exe unicorn-44972.exe unicorn-3109.exe unicorn-31973.exe unicorn-28958.exe unicorn-7831.exe unicorn-24874.exe unicorn-48864.exe unicorn-60488.exe unicorn-53654.exe unicorn-27126.exe unicorn-3384.exe unicorn-3384.exe unicorn-22443.exe unicorn-55325.exe unicorn-62185.exe unicorn-8708.exe unicorn-23805.exe unicorn-16876.exe unicorn-57089.exe unicorn-37488.exe unicorn-30611.exe unicorn-30611.exe unicorn-51224.exe unicorn-17290.exe unicorn-17290.exe unicorn-4432.exe unicorn-40369.exe unicorn-40369.exe unicorn-32234.exe unicorn-19726.exe unicorn-59513.exe unicorn-63768.exe unicorn-60198.exe werfault.exe no specs unicorn-21478.exe unicorn-27609.exe unicorn-8236.exe unicorn-45242.exe unicorn-49565.exe unicorn-12424.exe unicorn-3362.exe unicorn-51329.exe unicorn-43789.exe unicorn-22430.exe unicorn-63462.exe unicorn-18154.exe unicorn-30406.exe unicorn-29529.exe unicorn-43819.exe unicorn-19498.exe unicorn-39918.exe unicorn-18429.exe unicorn-60530.exe unicorn-60530.exe unicorn-60530.exe unicorn-52362.exe unicorn-55377.exe unicorn-58484.exe unicorn-64614.exe unicorn-64614.exe unicorn-63353.exe unicorn-22321.exe unicorn-30681.exe unicorn-32304.exe unicorn-51101.exe unicorn-9876.exe unicorn-9876.exe unicorn-64785.exe unicorn-19114.exe unicorn-26213.exe unicorn-18045.exe unicorn-18045.exe unicorn-51978.exe unicorn-54993.exe unicorn-63077.exe unicorn-3140.exe unicorn-23006.exe unicorn-35258.exe unicorn-35258.exe werfault.exe no specs unicorn-30297.exe unicorn-26021.exe unicorn-24350.exe unicorn-20266.exe unicorn-27365.exe unicorn-56949.exe unicorn-11775.exe unicorn-1883.exe unicorn-40363.exe unicorn-4706.exe unicorn-44256.exe unicorn-63856.exe unicorn-3223.exe unicorn-16958.exe unicorn-16958.exe unicorn-23089.exe unicorn-23089.exe unicorn-37156.exe no specs unicorn-26403.exe unicorn-34171.exe unicorn-7115.exe no specs unicorn-36964.exe unicorn-36964.exe unicorn-42117.exe unicorn-55853.exe unicorn-27280.exe unicorn-59580.exe unicorn-50915.exe unicorn-31811.exe no specs unicorn-65361.exe no specs unicorn-55295.exe no specs unicorn-22705.exe unicorn-36772.exe unicorn-24934.exe unicorn-11199.exe no specs unicorn-11199.exe no specs unicorn-49439.exe no specs unicorn-31619.exe no specs unicorn-31619.exe no specs unicorn-51485.exe no specs unicorn-57432.exe unicorn-57432.exe unicorn-32735.exe no specs unicorn-61324.exe no specs unicorn-6197.exe no specs unicorn-54884.exe no specs unicorn-54884.exe no specs unicorn-26295.exe no specs unicorn-55398.exe no specs unicorn-2476.exe no specs unicorn-22019.exe no specs unicorn-10452.exe no specs unicorn-10452.exe no specs unicorn-54822.exe no specs unicorn-15133.exe no specs unicorn-52637.exe no specs unicorn-52637.exe no specs unicorn-835.exe no specs unicorn-835.exe no specs unicorn-55652.exe no specs unicorn-55652.exe no specs unicorn-55652.exe no specs unicorn-13494.exe no specs unicorn-16294.exe no specs unicorn-37784.exe no specs unicorn-37784.exe no specs unicorn-51013.exe no specs unicorn-56529.exe no specs unicorn-35039.exe no specs unicorn-35039.exe no specs unicorn-35039.exe no specs unicorn-1927.exe no specs unicorn-4727.exe no specs unicorn-13607.exe no specs unicorn-47541.exe no specs unicorn-56529.exe no specs unicorn-29439.exe no specs unicorn-40607.exe no specs unicorn-35039.exe no specs unicorn-47044.exe no specs unicorn-26043.exe no specs unicorn-47044.exe no specs unicorn-13607.exe no specs unicorn-4727.exe no specs unicorn-4727.exe no specs unicorn-10592.exe no specs unicorn-10592.exe no specs unicorn-4727.exe no specs unicorn-10592.exe no specs unicorn-13980.exe no specs werfault.exe no specs unicorn-14256.exe no specs unicorn-64526.exe no specs unicorn-11516.exe no specs unicorn-52549.exe no specs unicorn-57702.exe no specs unicorn-24646.exe no specs unicorn-49342.exe no specs unicorn-36021.exe no specs unicorn-2964.exe no specs unicorn-19301.exe no specs unicorn-24454.exe no specs unicorn-11132.exe no specs unicorn-52165.exe no specs unicorn-52165.exe no specs unicorn-57318.exe no specs unicorn-20178.exe no specs unicorn-24262.exe no specs unicorn-33774.exe no specs unicorn-33774.exe no specs unicorn-12284.exe no specs unicorn-50302.exe no specs unicorn-45149.exe no specs unicorn-21330.exe no specs unicorn-44957.exe no specs unicorn-57017.exe no specs unicorn-17054.exe no specs unicorn-12777.exe no specs unicorn-33198.exe no specs unicorn-33198.exe no specs unicorn-49726.exe no specs unicorn-48657.exe no specs unicorn-28791.exe no specs

Process information

PID
CMD
Path
Indicators
Parent process
208C:\Users\admin\AppData\Local\Temp\Unicorn-42782.exeC:\Users\admin\AppData\Local\Temp\Unicorn-42782.exe
Unicorn-54956.exe
User:
admin
Company:
UEFI
Integrity Level:
MEDIUM
Version:
1.00
Modules
Images
c:\users\admin\appdata\local\temp\unicorn-42782.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\apphelp.dll
c:\windows\syswow64\msvbvm60.dll
456C:\Users\admin\AppData\Local\Temp\Unicorn-64505.exeC:\Users\admin\AppData\Local\Temp\Unicorn-64505.exe
Unicorn-42782.exe
User:
admin
Company:
UEFI
Integrity Level:
MEDIUM
Version:
1.00
Modules
Images
c:\users\admin\appdata\local\temp\unicorn-64505.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\apphelp.dll
c:\windows\syswow64\msvbvm60.dll
672C:\Users\admin\AppData\Local\Temp\Unicorn-21109.exeC:\Users\admin\AppData\Local\Temp\Unicorn-21109.exe
Unicorn-33196.exe
User:
admin
Company:
UEFI
Integrity Level:
MEDIUM
Version:
1.00
Modules
Images
c:\users\admin\appdata\local\temp\unicorn-21109.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\apphelp.dll
c:\windows\syswow64\msvbvm60.dll
1052C:\Users\admin\AppData\Local\Temp\Unicorn-56643.exeC:\Users\admin\AppData\Local\Temp\Unicorn-56643.exe
Unicorn-33078.exe
User:
admin
Company:
UEFI
Integrity Level:
MEDIUM
Version:
1.00
Modules
Images
c:\users\admin\appdata\local\temp\unicorn-56643.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\apphelp.dll
c:\windows\syswow64\msvbvm60.dll
1184C:\Users\admin\AppData\Local\Temp\Unicorn-24049.exeC:\Users\admin\AppData\Local\Temp\Unicorn-24049.exe
Unicorn-42782.exe
User:
admin
Company:
UEFI
Integrity Level:
MEDIUM
Version:
1.00
Modules
Images
c:\users\admin\appdata\local\temp\unicorn-24049.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\apphelp.dll
c:\windows\syswow64\msvbvm60.dll
1188C:\Users\admin\AppData\Local\Temp\Unicorn-59149.exeC:\Users\admin\AppData\Local\Temp\Unicorn-59149.exe
Unicorn-57146.exe
User:
admin
Company:
UEFI
Integrity Level:
MEDIUM
Version:
1.00
Modules
Images
c:\users\admin\appdata\local\temp\unicorn-59149.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\apphelp.dll
c:\windows\syswow64\msvbvm60.dll
1196C:\Users\admin\AppData\Local\Temp\Unicorn-18771.exeC:\Users\admin\AppData\Local\Temp\Unicorn-18771.exe
Unicorn-42132.exe
User:
admin
Company:
UEFI
Integrity Level:
MEDIUM
Version:
1.00
Modules
Images
c:\users\admin\appdata\local\temp\unicorn-18771.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\apphelp.dll
c:\windows\syswow64\msvbvm60.dll
1228C:\Users\admin\AppData\Local\Temp\Unicorn-55575.exeC:\Users\admin\AppData\Local\Temp\Unicorn-55575.exe
Unicorn-30051.exe
User:
admin
Company:
UEFI
Integrity Level:
MEDIUM
Version:
1.00
Modules
Images
c:\users\admin\appdata\local\temp\unicorn-55575.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\apphelp.dll
c:\windows\syswow64\msvbvm60.dll
1312C:\Users\admin\AppData\Local\Temp\Unicorn-24054.exeC:\Users\admin\AppData\Local\Temp\Unicorn-24054.exe
Unicorn-57146.exe
User:
admin
Company:
UEFI
Integrity Level:
MEDIUM
Exit code:
0
Version:
1.00
Modules
Images
c:\users\admin\appdata\local\temp\unicorn-24054.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\apphelp.dll
c:\windows\syswow64\msvbvm60.dll
1452C:\Users\admin\AppData\Local\Temp\Unicorn-13425.exeC:\Users\admin\AppData\Local\Temp\Unicorn-13425.exe
Unicorn-33514.exe
User:
admin
Company:
UEFI
Integrity Level:
MEDIUM
Version:
1.00
Modules
Images
c:\users\admin\appdata\local\temp\unicorn-13425.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\apphelp.dll
c:\windows\syswow64\msvbvm60.dll
Total events
15 731
Read events
15 710
Write events
21
Delete events
0

Modification events

(PID) Process:(1812) BackgroundTransferHost.exeKey:HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.contentdeliverymanager_cw5n1h2txyewy\Internet Settings\Cache\Content
Operation:writeName:CachePrefix
Value:
(PID) Process:(1812) BackgroundTransferHost.exeKey:HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.contentdeliverymanager_cw5n1h2txyewy\Internet Settings\Cache\Cookies
Operation:writeName:CachePrefix
Value:
Cookie:
(PID) Process:(1812) BackgroundTransferHost.exeKey:HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.contentdeliverymanager_cw5n1h2txyewy\Internet Settings\Cache\History
Operation:writeName:CachePrefix
Value:
Visited:
(PID) Process:(2140) BackgroundTransferHost.exeKey:HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.contentdeliverymanager_cw5n1h2txyewy\Internet Settings\Cache\Content
Operation:writeName:CachePrefix
Value:
(PID) Process:(2140) BackgroundTransferHost.exeKey:HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.contentdeliverymanager_cw5n1h2txyewy\Internet Settings\Cache\Cookies
Operation:writeName:CachePrefix
Value:
Cookie:
(PID) Process:(2140) BackgroundTransferHost.exeKey:HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.contentdeliverymanager_cw5n1h2txyewy\Internet Settings\Cache\History
Operation:writeName:CachePrefix
Value:
Visited:
(PID) Process:(7484) BackgroundTransferHost.exeKey:HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.contentdeliverymanager_cw5n1h2txyewy\Internet Settings\Cache\Content
Operation:writeName:CachePrefix
Value:
(PID) Process:(7484) BackgroundTransferHost.exeKey:HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.contentdeliverymanager_cw5n1h2txyewy\Internet Settings\Cache\Cookies
Operation:writeName:CachePrefix
Value:
Cookie:
(PID) Process:(7484) BackgroundTransferHost.exeKey:HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.contentdeliverymanager_cw5n1h2txyewy\Internet Settings\Cache\History
Operation:writeName:CachePrefix
Value:
Visited:
(PID) Process:(6700) BackgroundTransferHost.exeKey:HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.contentdeliverymanager_cw5n1h2txyewy\Internet Settings\Cache\Content
Operation:writeName:CachePrefix
Value:
Executable files
947
Suspicious files
14
Text files
3
Unknown types
0

Dropped files

PID
Process
Filename
Type
2140BackgroundTransferHost.exeC:\Users\admin\AppData\Local\Packages\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\AC\BackgroundTransferApi\0607cd52-5989-4885-b089-3940ee1d512f.down_data
MD5:
SHA256:
7392Unicorn-30051.exeC:\Users\admin\AppData\Local\Temp\Unicorn-57146.exeexecutable
MD5:53B93804B33F963ACADBAFAC57FA03F5
SHA256:150156658C6E24F9AC8116DE111BADCBF3A2047F6C76672F5D4D5D7B0B8034FD
52001 (1342).exeC:\Users\admin\AppData\Local\Temp\Unicorn-30051.exeexecutable
MD5:1BFC84EC0F019DA648A52209F1AC2C0E
SHA256:C1A5ED41856CCBBB4791CC1E6E399C086D21FE13AD5FD72F6FAE5C8E53B61C1C
52001 (1342).exeC:\Users\admin\AppData\Local\Temp\Unicorn-18942.exeexecutable
MD5:BCB1A744B1C3E4AEE7BC91A7699146A2
SHA256:3BB8F14AD0D8681395CCABEEE4B8730C08C7BD9B59E095F6C814C5D047BF4D7B
52001 (1342).exeC:\Users\admin\AppData\Local\Temp\Unicorn-35449.exeexecutable
MD5:FB6BB40319A1DA0F9E27D83F0F2B4A79
SHA256:619542DAB5D7CA884F215B34ADDA706806A91CA2B057325E219EFEA25A113B76
7248Unicorn-18942.exeC:\Users\admin\AppData\Local\Temp\Unicorn-40767.exeexecutable
MD5:FBC84D80D7A1C09E0EACB55F9F9BC20D
SHA256:CD371C7AD96D8E21E1ED87C89559E966EA0B502049D3F360B9A717937AC249B6
8140Unicorn-34645.exeC:\Users\admin\AppData\Local\Temp\Unicorn-61417.exeexecutable
MD5:122F4164EA09D77B1E51DECB02B183D4
SHA256:6EBAEFD6E65773B228C8384BA99C86FFD468D1B8B2645C963764629CFE789BEB
52001 (1342).exeC:\Users\admin\AppData\Local\Temp\Unicorn-2007.exeexecutable
MD5:9306907947A8A7806A6FA8A9D08056E2
SHA256:3C67D62ACB7C47FAEB223160DA056B4BF363175E7B03665560C99DFDD8EA7167
7820Unicorn-54131.exeC:\Users\admin\AppData\Local\Temp\Unicorn-34645.exeexecutable
MD5:1DC2C0EBB3EC2F43068F39C6A03EBDCA
SHA256:CE8AB8B2A2BB58C3CBD5C9F4D061F483F00313EB9D2213BB3595A46448010C47
7248Unicorn-18942.exeC:\Users\admin\AppData\Local\Temp\Unicorn-33196.exeexecutable
MD5:471A6860D530060BA68AB3DD33D5C703
SHA256:011EE44E778547C1EBBBD5E28FF08762CF23D9776A92361CEB2A821EEA0395E9
Download PCAP, analyze network streams, HTTP content and a lot more at the full report
HTTP(S) requests
8
TCP/UDP connections
35
DNS requests
21
Threats
0

HTTP requests

PID
Process
Method
HTTP Code
IP
URL
CN
Type
Size
Reputation
GET
200
23.53.40.176:80
http://crl.microsoft.com/pki/crl/products/MicRooCerAut2011_2011_03_22.crl
unknown
whitelisted
6544
svchost.exe
GET
200
184.30.131.245:80
http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBSAUQYBMq2awn1Rh6Doh%2FsBYgFV7gQUA95QNVbRTLtm8KPiGxvDl7I90VUCEAJ0LqoXyo4hxxe7H%2Fz9DKA%3D
unknown
whitelisted
2140
BackgroundTransferHost.exe
GET
200
184.30.131.245:80
http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBTrjrydRyt%2BApF3GSPypfHBxR5XtQQUs9tIpPmhxdiuNkHMEWNpYim8S8YCEAI5PUjXAkJafLQcAAsO18o%3D
unknown
whitelisted
7208
backgroundTaskHost.exe
GET
200
184.30.131.245:80
http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBQ50otx%2Fh0Ztl%2Bz8SiPI7wEWVxDlQQUTiJUIBiV5uNu5g%2F6%2BrkS7QYXjzkCEAUZZSZEml49Gjh0j13P68w%3D
unknown
whitelisted
516
SIHClient.exe
GET
200
23.35.229.160:80
http://www.microsoft.com/pkiops/crl/Microsoft%20ECC%20Product%20Root%20Certificate%20Authority%202018.crl
unknown
whitelisted
516
SIHClient.exe
GET
200
23.35.229.160:80
http://www.microsoft.com/pkiops/crl/Microsoft%20ECC%20Update%20Secure%20Server%20CA%202.1.crl
unknown
whitelisted
3284
svchost.exe
GET
200
2.23.246.101:80
http://www.microsoft.com/pkiops/crl/MicSecSerCA2011_2011-10-18.crl
unknown
whitelisted
3284
svchost.exe
GET
200
2.16.164.18:80
http://crl.microsoft.com/pki/crl/products/MicRooCerAut2011_2011_03_22.crl
unknown
whitelisted
Download PCAP, analyze network streams, HTTP content and a lot more at the full report

Connections

PID
Process
IP
Domain
ASN
CN
Reputation
4
System
192.168.100.255:138
whitelisted
2104
svchost.exe
4.231.128.59:443
settings-win.data.microsoft.com
MICROSOFT-CORP-MSN-AS-BLOCK
IE
whitelisted
4.231.128.59:443
settings-win.data.microsoft.com
MICROSOFT-CORP-MSN-AS-BLOCK
IE
whitelisted
23.53.40.176:80
crl.microsoft.com
Akamai International B.V.
DE
whitelisted
40.113.103.199:443
client.wns.windows.com
MICROSOFT-CORP-MSN-AS-BLOCK
NL
whitelisted
6544
svchost.exe
20.190.159.0:443
login.live.com
MICROSOFT-CORP-MSN-AS-BLOCK
IE
whitelisted
6544
svchost.exe
184.30.131.245:80
ocsp.digicert.com
AKAMAI-AS
US
whitelisted
2104
svchost.exe
51.104.136.2:443
settings-win.data.microsoft.com
MICROSOFT-CORP-MSN-AS-BLOCK
IE
whitelisted
2112
svchost.exe
51.104.136.2:443
settings-win.data.microsoft.com
MICROSOFT-CORP-MSN-AS-BLOCK
IE
whitelisted
6708
RUXIMICS.exe
51.104.136.2:443
settings-win.data.microsoft.com
MICROSOFT-CORP-MSN-AS-BLOCK
IE
whitelisted

DNS requests

Domain
IP
Reputation
settings-win.data.microsoft.com
  • 4.231.128.59
  • 51.104.136.2
  • 40.127.240.158
whitelisted
google.com
  • 142.250.185.206
whitelisted
crl.microsoft.com
  • 23.53.40.176
  • 23.53.40.178
  • 2.16.164.18
  • 2.16.164.106
  • 2.16.164.120
  • 2.16.164.72
  • 2.16.164.24
  • 2.16.164.9
whitelisted
client.wns.windows.com
  • 40.113.103.199
whitelisted
login.live.com
  • 20.190.159.0
  • 40.126.31.3
  • 40.126.31.67
  • 20.190.159.130
  • 40.126.31.73
  • 40.126.31.131
  • 20.190.159.73
  • 20.190.159.2
  • 20.190.159.75
  • 40.126.31.129
  • 20.190.159.129
  • 40.126.31.69
  • 20.190.159.68
  • 40.126.31.71
whitelisted
ocsp.digicert.com
  • 184.30.131.245
whitelisted
arc.msn.com
  • 20.199.58.43
whitelisted
www.bing.com
  • 92.123.104.36
  • 92.123.104.35
  • 92.123.104.30
  • 92.123.104.33
  • 92.123.104.40
  • 92.123.104.37
  • 92.123.104.34
  • 92.123.104.32
  • 92.123.104.38
whitelisted
slscr.update.microsoft.com
  • 172.202.163.200
whitelisted
www.microsoft.com
  • 23.35.229.160
  • 2.23.246.101
whitelisted

Threats

No threats detected
No debug info
Interactive malware hunting service ANY.RUN
© 2017-2025 ANY.RUN ALL RIGHTS RESERVED
ANY.RUN
Reports
1 (1342)