File name:

1 (464)

Full analysis: https://app.any.run/tasks/c9332c0a-47b7-4e1d-a6c6-2bff2cef2292
Verdict: Malicious activity
Analysis date: March 24, 2025, 22:04:26
OS: Windows 10 Professional (build: 19044, 64 bit)
Indicators:
MIME: application/vnd.microsoft.portable-executable
File info: PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows, 3 sections
MD5:

9F9F826E1E1A3ED74F8AEAC8EDA1CE40

SHA1:

55709BEF3E061373158FA8922BACEAC90DB647B8

SHA256:

F74B05A32F0BA13F22EABADF938F744C9F0D86782D68B224C4A9E63D39460F95

SSDEEP:

6144:W7KUN6I9vDMHA5Q6Q4emHiAx/tBKlvJGBH/WyeFGYk/8SwjwpyAvEhh1oXE0sfua:W+0B+HA5RQzwBshaHOyeFG7x4DxmDsR

ANY.RUN is an interactive service which provides full access to the guest system. Information in this report could be distorted by user actions and is provided for user acknowledgement as it is. ANY.RUN does not guarantee maliciousness or safety of the content.

  • MALICIOUS

    No malicious indicators.

  • SUSPICIOUS

    • Starts itself from another location

      • Unicorn-53849.exe (PID: 1088)
      • 1 (464).exe (PID: 5072)
      • Unicorn-3662.exe (PID: 7348)
      • Unicorn-22691.exe (PID: 7356)
      • Unicorn-11612.exe (PID: 7404)
      • Unicorn-53200.exe (PID: 7392)
      • Unicorn-58767.exe (PID: 7416)
      • Unicorn-19781.exe (PID: 7380)
      • Unicorn-23071.exe (PID: 4220)
      • Unicorn-7289.exe (PID: 7184)
      • Unicorn-39215.exe (PID: 1228)
      • Unicorn-57424.exe (PID: 2152)
      • Unicorn-43299.exe (PID: 7228)
      • Unicorn-51559.exe (PID: 4688)
      • Unicorn-23433.exe (PID: 516)
      • Unicorn-57689.exe (PID: 1164)
      • Unicorn-26783.exe (PID: 616)
      • Unicorn-3478.exe (PID: 5408)
      • Unicorn-24091.exe (PID: 6656)
      • Unicorn-62793.exe (PID: 7524)
      • Unicorn-34759.exe (PID: 7532)
      • Unicorn-62885.exe (PID: 7020)
      • Unicorn-49726.exe (PID: 1388)
      • Unicorn-11646.exe (PID: 632)
      • Unicorn-40811.exe (PID: 4068)
      • Unicorn-14723.exe (PID: 4188)
      • Unicorn-30505.exe (PID: 5260)
      • Unicorn-12222.exe (PID: 5360)
      • Unicorn-3597.exe (PID: 5400)
      • Unicorn-24374.exe (PID: 5756)
      • Unicorn-14936.exe (PID: 7620)
      • Unicorn-52248.exe (PID: 7636)
      • Unicorn-63945.exe (PID: 7652)
      • Unicorn-40017.exe (PID: 7488)
      • Unicorn-33886.exe (PID: 7468)
      • Unicorn-23681.exe (PID: 7472)
      • Unicorn-65076.exe (PID: 7192)
      • Unicorn-19959.exe (PID: 6644)
      • Unicorn-3068.exe (PID: 6988)
      • Unicorn-47607.exe (PID: 2108)
      • Unicorn-44656.exe (PID: 5556)
      • Unicorn-19304.exe (PID: 7240)
      • Unicorn-7536.exe (PID: 2088)
      • Unicorn-51008.exe (PID: 7216)
      • Unicorn-3644.exe (PID: 7844)
      • Unicorn-3862.exe (PID: 6080)
      • Unicorn-37085.exe (PID: 8124)
      • Unicorn-38839.exe (PID: 5960)
      • Unicorn-2637.exe (PID: 4652)
      • Unicorn-6337.exe (PID: 8108)
      • Unicorn-11428.exe (PID: 7684)
      • Unicorn-44293.exe (PID: 7720)
      • Unicorn-44848.exe (PID: 7680)
      • Unicorn-15320.exe (PID: 7208)
      • Unicorn-27194.exe (PID: 7760)
      • Unicorn-8304.exe (PID: 8148)
      • Unicorn-48932.exe (PID: 7892)
      • Unicorn-56280.exe (PID: 7908)
      • Unicorn-7536.exe (PID: 7764)
      • Unicorn-22237.exe (PID: 6392)
      • Unicorn-3260.exe (PID: 7840)
      • Unicorn-39759.exe (PID: 1132)
      • Unicorn-24641.exe (PID: 8180)
      • Unicorn-50515.exe (PID: 7692)
      • Unicorn-5398.exe (PID: 7704)
      • Unicorn-520.exe (PID: 4892)
      • Unicorn-55751.exe (PID: 8064)
      • Unicorn-55367.exe (PID: 5512)
      • Unicorn-1406.exe (PID: 536)
      • Unicorn-22978.exe (PID: 4336)
      • Unicorn-3213.exe (PID: 8068)
      • Unicorn-36985.exe (PID: 8156)
      • Unicorn-35642.exe (PID: 4844)
      • Unicorn-6742.exe (PID: 8088)
      • Unicorn-60411.exe (PID: 1660)
      • Unicorn-39825.exe (PID: 6476)
      • Unicorn-33668.exe (PID: 5304)
      • Unicorn-16041.exe (PID: 3884)
      • Unicorn-40209.exe (PID: 7736)
      • Unicorn-19628.exe (PID: 7544)
      • Unicorn-39581.exe (PID: 8708)
      • Unicorn-13030.exe (PID: 8732)
      • Unicorn-520.exe (PID: 5244)
      • Unicorn-6145.exe (PID: 904)
      • Unicorn-26753.exe (PID: 8384)
      • Unicorn-14884.exe (PID: 8768)
      • Unicorn-17332.exe (PID: 7200)
      • Unicorn-38653.exe (PID: 2392)
      • Unicorn-60721.exe (PID: 7708)
      • Unicorn-47557.exe (PID: 8488)
      • Unicorn-24039.exe (PID: 8340)
      • Unicorn-51236.exe (PID: 8332)
      • Unicorn-44246.exe (PID: 8104)
      • Unicorn-53888.exe (PID: 8264)
      • Unicorn-19706.exe (PID: 8040)
      • Unicorn-26460.exe (PID: 8464)
      • Unicorn-53613.exe (PID: 1180)
      • Unicorn-3618.exe (PID: 8312)
      • Unicorn-33899.exe (PID: 8964)
      • Unicorn-61158.exe (PID: 6640)
      • Unicorn-32891.exe (PID: 9116)
      • Unicorn-17947.exe (PID: 9124)
      • Unicorn-33551.exe (PID: 8660)
      • Unicorn-58787.exe (PID: 9140)
      • Unicorn-62741.exe (PID: 7812)
      • Unicorn-34645.exe (PID: 8944)
      • Unicorn-10141.exe (PID: 9164)
      • Unicorn-32975.exe (PID: 8588)
      • Unicorn-64971.exe (PID: 8324)
      • Unicorn-22184.exe (PID: 8276)
      • Unicorn-39389.exe (PID: 8508)
      • Unicorn-55725.exe (PID: 8552)
      • Unicorn-6742.exe (PID: 5892)
      • Unicorn-43136.exe (PID: 8952)
      • Unicorn-47173.exe (PID: 8360)
      • Unicorn-2248.exe (PID: 8580)
      • Unicorn-31391.exe (PID: 8416)
      • Unicorn-62487.exe (PID: 8984)
      • Unicorn-12938.exe (PID: 8692)
      • Unicorn-22760.exe (PID: 8608)
      • Unicorn-14692.exe (PID: 8536)
      • Unicorn-61179.exe (PID: 8232)
      • Unicorn-19960.exe (PID: 8600)
      • Unicorn-7317.exe (PID: 8404)
      • Unicorn-31060.exe (PID: 10076)
      • Unicorn-25194.exe (PID: 10068)
      • Unicorn-57287.exe (PID: 8440)
      • Unicorn-39581.exe (PID: 8700)
      • Unicorn-53883.exe (PID: 10108)
      • Unicorn-38429.exe (PID: 8304)
      • Unicorn-39929.exe (PID: 9068)
      • Unicorn-44973.exe (PID: 9320)
      • Unicorn-53457.exe (PID: 8840)
      • Unicorn-24977.exe (PID: 8456)
      • Unicorn-50619.exe (PID: 9148)
      • Unicorn-64256.exe (PID: 7440)
      • Unicorn-21573.exe (PID: 7272)
      • Unicorn-50489.exe (PID: 7824)
      • Unicorn-39881.exe (PID: 9404)
      • Unicorn-8579.exe (PID: 9332)
      • Unicorn-4708.exe (PID: 9584)
      • Unicorn-33363.exe (PID: 6652)
      • Unicorn-35409.exe (PID: 10036)
      • Unicorn-7079.exe (PID: 8564)
      • Unicorn-45912.exe (PID: 9452)
      • Unicorn-41391.exe (PID: 11036)
      • Unicorn-14417.exe (PID: 9100)
      • Unicorn-56711.exe (PID: 5868)
      • Unicorn-41391.exe (PID: 11020)
      • Unicorn-35791.exe (PID: 11028)
      • Unicorn-65512.exe (PID: 9444)
      • Unicorn-33079.exe (PID: 4932)
      • Unicorn-1241.exe (PID: 8832)
      • Unicorn-14722.exe (PID: 9420)
      • Unicorn-62414.exe (PID: 4944)
      • Unicorn-47946.exe (PID: 8136)
      • Unicorn-22612.exe (PID: 9844)
      • Unicorn-34615.exe (PID: 11004)
      • Unicorn-53457.exe (PID: 8824)
      • Unicorn-46213.exe (PID: 5332)
      • Unicorn-6654.exe (PID: 9868)
      • Unicorn-7520.exe (PID: 8816)
      • Unicorn-18859.exe (PID: 9756)
      • Unicorn-32212.exe (PID: 10664)
      • Unicorn-23519.exe (PID: 3024)
      • Unicorn-48984.exe (PID: 10500)
      • Unicorn-45165.exe (PID: 9500)
      • Unicorn-22969.exe (PID: 9348)
      • Unicorn-15975.exe (PID: 9880)
      • Unicorn-40765.exe (PID: 8528)
      • Unicorn-1257.exe (PID: 7788)
      • Unicorn-29410.exe (PID: 3180)
      • Unicorn-15284.exe (PID: 12320)
      • Unicorn-20827.exe (PID: 10248)
      • Unicorn-11292.exe (PID: 7144)
      • Unicorn-23519.exe (PID: 10232)
      • Unicorn-41391.exe (PID: 11044)
      • Unicorn-60992.exe (PID: 11096)
      • Unicorn-38101.exe (PID: 10060)
      • Unicorn-16259.exe (PID: 7744)
      • Unicorn-2056.exe (PID: 8396)
      • Unicorn-13259.exe (PID: 9748)
      • Unicorn-30723.exe (PID: 10928)
      • Unicorn-35118.exe (PID: 11412)
      • Unicorn-38723.exe (PID: 10456)
      • Unicorn-48984.exe (PID: 10516)
      • Unicorn-36805.exe (PID: 9200)
      • Unicorn-5455.exe (PID: 13828)
      • Unicorn-62327.exe (PID: 13816)
      • Unicorn-37001.exe (PID: 13804)
      • Unicorn-41391.exe (PID: 11012)
      • Unicorn-5594.exe (PID: 9156)
      • Unicorn-51733.exe (PID: 8520)

    • Executable content was dropped or overwritten

      • Unicorn-3662.exe (PID: 7348)
      • Unicorn-53849.exe (PID: 1088)
      • 1 (464).exe (PID: 5072)
      • Unicorn-19781.exe (PID: 7380)
      • Unicorn-11612.exe (PID: 7404)
      • Unicorn-58767.exe (PID: 7416)
      • Unicorn-22691.exe (PID: 7356)
      • Unicorn-53200.exe (PID: 7392)
      • Unicorn-7289.exe (PID: 7184)
      • Unicorn-23071.exe (PID: 4220)
      • Unicorn-43299.exe (PID: 7228)
      • Unicorn-57424.exe (PID: 2152)
      • Unicorn-51559.exe (PID: 4688)
      • Unicorn-39215.exe (PID: 1228)
      • Unicorn-57689.exe (PID: 1164)
      • Unicorn-23433.exe (PID: 516)
      • Unicorn-26783.exe (PID: 616)
      • Unicorn-3478.exe (PID: 5408)
      • Unicorn-24091.exe (PID: 6656)
      • Unicorn-62793.exe (PID: 7524)
      • Unicorn-34759.exe (PID: 7532)
      • Unicorn-11646.exe (PID: 632)
      • Unicorn-62885.exe (PID: 7020)
      • Unicorn-19628.exe (PID: 7544)
      • Unicorn-3597.exe (PID: 5400)
      • Unicorn-49726.exe (PID: 1388)
      • Unicorn-14723.exe (PID: 4188)
      • Unicorn-30505.exe (PID: 5260)
      • Unicorn-12222.exe (PID: 5360)
      • Unicorn-24374.exe (PID: 5756)
      • Unicorn-40811.exe (PID: 4068)
      • Unicorn-14936.exe (PID: 7620)
      • Unicorn-63945.exe (PID: 7652)
      • Unicorn-52248.exe (PID: 7636)
      • Unicorn-23681.exe (PID: 7472)
      • Unicorn-33886.exe (PID: 7468)
      • Unicorn-39825.exe (PID: 6476)
      • Unicorn-40017.exe (PID: 7488)
      • Unicorn-65076.exe (PID: 7192)
      • Unicorn-19959.exe (PID: 6644)
      • Unicorn-3068.exe (PID: 6988)
      • Unicorn-19304.exe (PID: 7240)
      • Unicorn-7536.exe (PID: 2088)
      • Unicorn-47607.exe (PID: 2108)
      • Unicorn-51008.exe (PID: 7216)
      • Unicorn-3644.exe (PID: 7844)
      • Unicorn-3862.exe (PID: 6080)
      • Unicorn-37085.exe (PID: 8124)
      • Unicorn-6337.exe (PID: 8108)
      • Unicorn-38839.exe (PID: 5960)
      • Unicorn-2637.exe (PID: 4652)
      • Unicorn-11428.exe (PID: 7684)
      • Unicorn-44293.exe (PID: 7720)
      • Unicorn-15320.exe (PID: 7208)
      • Unicorn-44848.exe (PID: 7680)
      • Unicorn-48932.exe (PID: 7892)
      • Unicorn-27194.exe (PID: 7760)
      • Unicorn-56280.exe (PID: 7908)
      • Unicorn-36985.exe (PID: 8156)
      • Unicorn-3260.exe (PID: 7840)
      • Unicorn-22237.exe (PID: 6392)
      • Unicorn-7536.exe (PID: 7764)
      • Unicorn-39759.exe (PID: 1132)
      • Unicorn-24641.exe (PID: 8180)
      • Unicorn-6145.exe (PID: 904)
      • Unicorn-520.exe (PID: 4892)
      • Unicorn-55751.exe (PID: 8064)
      • Unicorn-55367.exe (PID: 5512)
      • Unicorn-1406.exe (PID: 536)
      • Unicorn-22978.exe (PID: 4336)
      • Unicorn-3213.exe (PID: 8068)
      • Unicorn-35642.exe (PID: 4844)
      • Unicorn-33668.exe (PID: 5304)
      • Unicorn-16041.exe (PID: 3884)
      • Unicorn-6742.exe (PID: 8088)
      • Unicorn-60411.exe (PID: 1660)
      • Unicorn-40209.exe (PID: 7736)
      • Unicorn-520.exe (PID: 5244)
      • Unicorn-39581.exe (PID: 8708)
      • Unicorn-13030.exe (PID: 8732)
      • Unicorn-14884.exe (PID: 8768)
      • Unicorn-44656.exe (PID: 5556)
      • Unicorn-26753.exe (PID: 8384)
      • Unicorn-2056.exe (PID: 8396)
      • Unicorn-17332.exe (PID: 7200)
      • Unicorn-38653.exe (PID: 2392)
      • Unicorn-50515.exe (PID: 7692)
      • Unicorn-60721.exe (PID: 7708)
      • Unicorn-51236.exe (PID: 8332)
      • Unicorn-16259.exe (PID: 7744)
      • Unicorn-47557.exe (PID: 8488)
      • Unicorn-36805.exe (PID: 9200)
      • Unicorn-62487.exe (PID: 8984)
      • Unicorn-19706.exe (PID: 8040)
      • Unicorn-44246.exe (PID: 8104)
      • Unicorn-53888.exe (PID: 8264)
      • Unicorn-3618.exe (PID: 8312)
      • Unicorn-29275.exe (PID: 8848)
      • Unicorn-26460.exe (PID: 8464)
      • Unicorn-53613.exe (PID: 1180)
      • Unicorn-33551.exe (PID: 8660)
      • Unicorn-33899.exe (PID: 8964)
      • Unicorn-61158.exe (PID: 6640)
      • Unicorn-32891.exe (PID: 9116)
      • Unicorn-17947.exe (PID: 9124)
      • Unicorn-62741.exe (PID: 7812)
      • Unicorn-53457.exe (PID: 8824)
      • Unicorn-7317.exe (PID: 8404)
      • Unicorn-58787.exe (PID: 9140)
      • Unicorn-34645.exe (PID: 8944)
      • Unicorn-32975.exe (PID: 8588)
      • Unicorn-10141.exe (PID: 9164)
      • Unicorn-39389.exe (PID: 8508)
      • Unicorn-55725.exe (PID: 8552)
      • Unicorn-6742.exe (PID: 5892)
      • Unicorn-22184.exe (PID: 8276)
      • Unicorn-43136.exe (PID: 8952)
      • Unicorn-31391.exe (PID: 8416)
      • Unicorn-2248.exe (PID: 8580)
      • Unicorn-22760.exe (PID: 8608)
      • Unicorn-57287.exe (PID: 8440)
      • Unicorn-12938.exe (PID: 8692)
      • Unicorn-14692.exe (PID: 8536)
      • Unicorn-19960.exe (PID: 8600)
      • Unicorn-61179.exe (PID: 8232)
      • Unicorn-31060.exe (PID: 10076)
      • Unicorn-53883.exe (PID: 10108)
      • Unicorn-39581.exe (PID: 8700)
      • Unicorn-38429.exe (PID: 8304)
      • Unicorn-5398.exe (PID: 7704)
      • Unicorn-39929.exe (PID: 9068)
      • Unicorn-44973.exe (PID: 9320)
      • Unicorn-50619.exe (PID: 9148)
      • Unicorn-53457.exe (PID: 8840)
      • Unicorn-24977.exe (PID: 8456)
      • Unicorn-45912.exe (PID: 9452)
      • Unicorn-50489.exe (PID: 7824)
      • Unicorn-14417.exe (PID: 9100)
      • Unicorn-39881.exe (PID: 9404)
      • Unicorn-33363.exe (PID: 6652)
      • Unicorn-4708.exe (PID: 9584)
      • Unicorn-8579.exe (PID: 9332)
      • Unicorn-8304.exe (PID: 8148)
      • Unicorn-7079.exe (PID: 8564)
      • Unicorn-35791.exe (PID: 11028)
      • Unicorn-41391.exe (PID: 11036)
      • Unicorn-41391.exe (PID: 11020)
      • Unicorn-56711.exe (PID: 5868)
      • Unicorn-5594.exe (PID: 9156)
      • Unicorn-65512.exe (PID: 9444)
      • Unicorn-51745.exe (PID: 10168)
      • Unicorn-33079.exe (PID: 4932)
      • Unicorn-1241.exe (PID: 8832)
      • Unicorn-14722.exe (PID: 9420)
      • Unicorn-62414.exe (PID: 4944)
      • Unicorn-46213.exe (PID: 5332)
      • Unicorn-47946.exe (PID: 8136)
      • Unicorn-51733.exe (PID: 8520)
      • Unicorn-34615.exe (PID: 11004)
      • Unicorn-22612.exe (PID: 9844)
      • Unicorn-6654.exe (PID: 9868)
      • Unicorn-32212.exe (PID: 10664)
      • Unicorn-45165.exe (PID: 9500)
      • Unicorn-18859.exe (PID: 9756)
      • Unicorn-7520.exe (PID: 8816)
      • Unicorn-23519.exe (PID: 3024)
      • Unicorn-48984.exe (PID: 10500)
      • Unicorn-15975.exe (PID: 9880)
      • Unicorn-47173.exe (PID: 8360)
      • Unicorn-40765.exe (PID: 8528)
      • Unicorn-22969.exe (PID: 9348)
      • Unicorn-11292.exe (PID: 7144)
      • Unicorn-29410.exe (PID: 3180)
      • Unicorn-15284.exe (PID: 12320)
      • Unicorn-25194.exe (PID: 10068)
      • Unicorn-20827.exe (PID: 10248)
      • Unicorn-41391.exe (PID: 11044)
      • Unicorn-55127.exe (PID: 11076)
      • Unicorn-13259.exe (PID: 9748)
      • Unicorn-23519.exe (PID: 10232)
      • Unicorn-60992.exe (PID: 11096)
      • Unicorn-38101.exe (PID: 10060)
      • Unicorn-30723.exe (PID: 10928)
      • Unicorn-35118.exe (PID: 11412)
      • Unicorn-38723.exe (PID: 10456)
      • Unicorn-48984.exe (PID: 10516)
      • Unicorn-64256.exe (PID: 7440)
      • Unicorn-5455.exe (PID: 13828)
      • Unicorn-37001.exe (PID: 13804)
      • Unicorn-62327.exe (PID: 13816)
      • Unicorn-41391.exe (PID: 11012)
      • Unicorn-64971.exe (PID: 8324)
      • Unicorn-33271.exe (PID: 10132)
      • Unicorn-27820.exe (PID: 3396)
      • Unicorn-45217.exe (PID: 12992)
      • Unicorn-56535.exe (PID: 11476)
      • Unicorn-9150.exe (PID: 10392)
      • Unicorn-1946.exe (PID: 12680)
      • Unicorn-58569.exe (PID: 9704)
      • Unicorn-28637.exe (PID: 8212)
      • Unicorn-60297.exe (PID: 10332)
      • Unicorn-54272.exe (PID: 9428)
      • Unicorn-16144.exe (PID: 12736)
      • Unicorn-54869.exe (PID: 9888)
      • Unicorn-58356.exe (PID: 9436)
      • Unicorn-1174.exe (PID: 10576)
      • Unicorn-36155.exe (PID: 10472)
      • Unicorn-49773.exe (PID: 11504)
      • Unicorn-6502.exe (PID: 11236)
      • Unicorn-20525.exe (PID: 11716)
      • Unicorn-37713.exe (PID: 11280)
      • Unicorn-48382.exe (PID: 11368)
      • Unicorn-35409.exe (PID: 10036)
      • Unicorn-45720.exe (PID: 13352)
      • Unicorn-42570.exe (PID: 9356)
      • Unicorn-62025.exe (PID: 11428)
      • Unicorn-1584.exe (PID: 9836)
      • Unicorn-21573.exe (PID: 7272)
      • Unicorn-46012.exe (PID: 13000)
      • Unicorn-49057.exe (PID: 9308)
      • Unicorn-28100.exe (PID: 10800)
      • Unicorn-53307.exe (PID: 10000)
      • Unicorn-44460.exe (PID: 8684)
      • Unicorn-22685.exe (PID: 12120)
      • Unicorn-62719.exe (PID: 10552)
      • Unicorn-8024.exe (PID: 9340)
      • Unicorn-49773.exe (PID: 11456)
      • Unicorn-22392.exe (PID: 11844)
      • Unicorn-59844.exe (PID: 13396)
      • Unicorn-51760.exe (PID: 15644)
      • Unicorn-15299.exe (PID: 10612)
      • Unicorn-57967.exe (PID: 10052)
      • Unicorn-35118.exe (PID: 11420)
      • Unicorn-56384.exe (PID: 4436)
      • Unicorn-18465.exe (PID: 15652)
      • Unicorn-22290.exe (PID: 10956)
      • Unicorn-58059.exe (PID: 10448)
      • Unicorn-51235.exe (PID: 10948)
      • Unicorn-18309.exe (PID: 12976)
      • Unicorn-21377.exe (PID: 11304)
      • Unicorn-598.exe (PID: 10044)
      • Unicorn-23541.exe (PID: 10292)
      • Unicorn-1366.exe (PID: 10484)
      • Unicorn-50737.exe (PID: 13796)
      • Unicorn-33415.exe (PID: 10940)
      • Unicorn-18771.exe (PID: 11940)
      • Unicorn-44158.exe (PID: 9852)
      • Unicorn-10219.exe (PID: 10264)
      • Unicorn-15508.exe (PID: 11828)
      • Unicorn-34593.exe (PID: 10604)
      • Unicorn-12435.exe (PID: 15600)
      • Unicorn-13108.exe (PID: 11360)
      • Unicorn-3840.exe (PID: 9388)
      • Unicorn-54267.exe (PID: 10284)
      • Unicorn-59913.exe (PID: 10148)
      • Unicorn-24039.exe (PID: 8340)
      • Unicorn-9513.exe (PID: 10464)
      • Unicorn-1257.exe (PID: 7788)

    • Reads security settings of Internet Explorer

      • ShellExperienceHost.exe (PID: 14668)

  • INFO

    • Reads the computer name

      • 1 (464).exe (PID: 5072)
      • Unicorn-53849.exe (PID: 1088)
      • Unicorn-3662.exe (PID: 7348)
      • Unicorn-22691.exe (PID: 7356)
      • Unicorn-19781.exe (PID: 7380)
      • Unicorn-58767.exe (PID: 7416)
      • Unicorn-11612.exe (PID: 7404)
      • Unicorn-53200.exe (PID: 7392)
      • Unicorn-7289.exe (PID: 7184)
      • Unicorn-23071.exe (PID: 4220)
      • Unicorn-57424.exe (PID: 2152)
      • Unicorn-43299.exe (PID: 7228)
      • Unicorn-51559.exe (PID: 4688)
      • Unicorn-23433.exe (PID: 516)
      • Unicorn-57689.exe (PID: 1164)
      • Unicorn-24091.exe (PID: 6656)
      • Unicorn-39215.exe (PID: 1228)
      • Unicorn-62885.exe (PID: 7020)
      • Unicorn-3478.exe (PID: 5408)
      • Unicorn-62793.exe (PID: 7524)
      • Unicorn-26783.exe (PID: 616)
      • Unicorn-34759.exe (PID: 7532)
      • Unicorn-11646.exe (PID: 632)
      • Unicorn-19628.exe (PID: 7544)
      • Unicorn-49726.exe (PID: 1388)
      • Unicorn-3597.exe (PID: 5400)
      • Unicorn-3862.exe (PID: 6080)
      • Unicorn-14723.exe (PID: 4188)
      • Unicorn-40811.exe (PID: 4068)
      • Unicorn-30505.exe (PID: 5260)
      • Unicorn-12222.exe (PID: 5360)
      • Unicorn-14936.exe (PID: 7620)
      • Unicorn-24374.exe (PID: 5756)
      • Unicorn-52248.exe (PID: 7636)
      • Unicorn-33886.exe (PID: 7468)
      • Unicorn-40017.exe (PID: 7488)
      • Unicorn-63945.exe (PID: 7652)
      • Unicorn-23681.exe (PID: 7472)
      • Unicorn-64256.exe (PID: 7440)
      • Unicorn-39825.exe (PID: 6476)
      • Unicorn-44656.exe (PID: 5556)
      • Unicorn-3068.exe (PID: 6988)
      • Unicorn-65076.exe (PID: 7192)
      • Unicorn-19959.exe (PID: 6644)
      • Unicorn-47607.exe (PID: 2108)
      • Unicorn-19304.exe (PID: 7240)
      • Unicorn-7536.exe (PID: 2088)
      • Unicorn-37085.exe (PID: 8124)
      • Unicorn-51008.exe (PID: 7216)
      • Unicorn-3644.exe (PID: 7844)
      • Unicorn-6337.exe (PID: 8108)
      • Unicorn-2637.exe (PID: 4652)
      • Unicorn-38839.exe (PID: 5960)
      • Unicorn-11428.exe (PID: 7684)
      • Unicorn-44293.exe (PID: 7720)
      • Unicorn-48932.exe (PID: 7892)
      • Unicorn-27194.exe (PID: 7760)
      • Unicorn-44848.exe (PID: 7680)
      • Unicorn-8304.exe (PID: 8148)
      • Unicorn-56280.exe (PID: 7908)
      • Unicorn-36985.exe (PID: 8156)
      • Unicorn-15320.exe (PID: 7208)
      • Unicorn-22237.exe (PID: 6392)
      • Unicorn-7536.exe (PID: 7764)
      • Unicorn-3260.exe (PID: 7840)
      • Unicorn-39759.exe (PID: 1132)
      • Unicorn-24641.exe (PID: 8180)
      • Unicorn-6145.exe (PID: 904)
      • Unicorn-520.exe (PID: 4892)
      • Unicorn-50515.exe (PID: 7692)
      • Unicorn-5398.exe (PID: 7704)
      • Unicorn-55367.exe (PID: 5512)
      • Unicorn-22978.exe (PID: 4336)
      • Unicorn-3213.exe (PID: 8068)
      • Unicorn-55751.exe (PID: 8064)
      • Unicorn-1406.exe (PID: 536)
      • Unicorn-16259.exe (PID: 7744)
      • Unicorn-33668.exe (PID: 5304)
      • Unicorn-16041.exe (PID: 3884)
      • Unicorn-40209.exe (PID: 7736)
      • Unicorn-60411.exe (PID: 1660)
      • Unicorn-6742.exe (PID: 8088)
      • Unicorn-35642.exe (PID: 4844)
      • Unicorn-520.exe (PID: 5244)
      • Unicorn-26753.exe (PID: 8384)
      • Unicorn-13030.exe (PID: 8732)
      • Unicorn-14884.exe (PID: 8768)
      • Unicorn-39581.exe (PID: 8708)
      • Unicorn-17332.exe (PID: 7200)
      • Unicorn-38653.exe (PID: 2392)
      • Unicorn-17947.exe (PID: 9124)
      • Unicorn-62487.exe (PID: 8984)
      • Unicorn-53457.exe (PID: 8824)
      • Unicorn-24039.exe (PID: 8340)
      • Unicorn-47557.exe (PID: 8488)
      • Unicorn-19960.exe (PID: 8600)
      • Unicorn-10141.exe (PID: 9164)
      • Unicorn-2056.exe (PID: 8396)
      • Unicorn-51236.exe (PID: 8332)
      • Unicorn-60721.exe (PID: 7708)
      • Unicorn-53613.exe (PID: 1180)
      • Unicorn-32975.exe (PID: 8588)
      • Unicorn-43136.exe (PID: 8952)
      • Unicorn-32891.exe (PID: 9116)
      • Unicorn-61158.exe (PID: 6640)
      • Unicorn-19706.exe (PID: 8040)
      • Unicorn-33899.exe (PID: 8964)
      • Unicorn-58787.exe (PID: 9140)
      • Unicorn-26460.exe (PID: 8464)
      • Unicorn-44246.exe (PID: 8104)
      • Unicorn-53888.exe (PID: 8264)
      • Unicorn-29275.exe (PID: 8848)
      • Unicorn-3618.exe (PID: 8312)
      • Unicorn-62741.exe (PID: 7812)
      • Unicorn-61179.exe (PID: 8232)
      • Unicorn-7317.exe (PID: 8404)
      • Unicorn-64971.exe (PID: 8324)
      • Unicorn-33551.exe (PID: 8660)
      • Unicorn-6742.exe (PID: 5892)
      • Unicorn-55725.exe (PID: 8552)
      • Unicorn-22184.exe (PID: 8276)
      • Unicorn-39389.exe (PID: 8508)
      • Unicorn-2248.exe (PID: 8580)
      • Unicorn-22760.exe (PID: 8608)
      • Unicorn-57287.exe (PID: 8440)
      • Unicorn-47173.exe (PID: 8360)
      • Unicorn-31391.exe (PID: 8416)
      • Unicorn-12938.exe (PID: 8692)
      • Unicorn-14692.exe (PID: 8536)
      • Unicorn-31060.exe (PID: 10076)
      • Unicorn-25194.exe (PID: 10068)
      • Unicorn-53883.exe (PID: 10108)
      • Unicorn-39581.exe (PID: 8700)
      • Unicorn-53457.exe (PID: 8840)
      • Unicorn-38429.exe (PID: 8304)
      • Unicorn-50619.exe (PID: 9148)
      • Unicorn-24977.exe (PID: 8456)
      • Unicorn-14417.exe (PID: 9100)
      • Unicorn-39929.exe (PID: 9068)
      • Unicorn-35409.exe (PID: 10036)
      • Unicorn-47946.exe (PID: 8136)
      • Unicorn-8579.exe (PID: 9332)
      • Unicorn-44973.exe (PID: 9320)
      • Unicorn-59913.exe (PID: 10148)
      • Unicorn-50489.exe (PID: 7824)
      • Unicorn-45912.exe (PID: 9452)
      • Unicorn-21573.exe (PID: 7272)
      • Unicorn-4708.exe (PID: 9584)
      • Unicorn-39881.exe (PID: 9404)
      • Unicorn-33363.exe (PID: 6652)
      • Unicorn-7079.exe (PID: 8564)
      • Unicorn-36805.exe (PID: 9200)
      • Unicorn-34645.exe (PID: 8944)
      • Unicorn-22612.exe (PID: 9844)
      • Unicorn-41391.exe (PID: 11020)
      • Unicorn-35791.exe (PID: 11028)
      • Unicorn-56711.exe (PID: 5868)
      • Unicorn-41391.exe (PID: 11036)
      • Unicorn-35309.exe (PID: 7172)
      • Unicorn-6654.exe (PID: 9868)
      • Unicorn-33079.exe (PID: 4932)
      • Unicorn-5594.exe (PID: 9156)
      • Unicorn-65512.exe (PID: 9444)
      • Unicorn-32212.exe (PID: 10664)
      • Unicorn-51745.exe (PID: 10168)
      • Unicorn-62414.exe (PID: 4944)
      • Unicorn-51733.exe (PID: 8520)
      • Unicorn-30723.exe (PID: 10928)
      • Unicorn-1241.exe (PID: 8832)
      • Unicorn-14722.exe (PID: 9420)
      • Unicorn-22969.exe (PID: 9348)
      • Unicorn-46213.exe (PID: 5332)
      • Unicorn-15975.exe (PID: 9880)
      • Unicorn-34615.exe (PID: 11004)
      • Unicorn-48984.exe (PID: 10500)
      • Unicorn-18859.exe (PID: 9756)
      • Unicorn-45165.exe (PID: 9500)
      • Unicorn-7520.exe (PID: 8816)
      • Unicorn-40765.exe (PID: 8528)
      • Unicorn-38723.exe (PID: 10456)
      • Unicorn-1257.exe (PID: 7788)
      • Unicorn-13259.exe (PID: 9748)
      • Unicorn-1584.exe (PID: 9836)
      • Unicorn-15284.exe (PID: 12320)
      • Unicorn-11292.exe (PID: 7144)
      • Unicorn-29410.exe (PID: 3180)
      • Unicorn-23519.exe (PID: 3024)
      • Unicorn-20827.exe (PID: 10248)
      • Unicorn-54869.exe (PID: 9888)
      • Unicorn-43385.exe (PID: 4224)
      • Unicorn-41391.exe (PID: 11044)
      • Unicorn-55127.exe (PID: 11076)
      • Unicorn-23519.exe (PID: 10232)
      • Unicorn-38101.exe (PID: 10060)
      • Unicorn-42570.exe (PID: 9356)
      • Unicorn-60992.exe (PID: 11096)
      • Unicorn-56535.exe (PID: 11476)
      • Unicorn-35118.exe (PID: 11412)
      • Unicorn-48984.exe (PID: 10516)
      • Unicorn-54272.exe (PID: 9428)
      • Unicorn-37713.exe (PID: 11280)
      • Unicorn-5455.exe (PID: 13828)
      • Unicorn-37001.exe (PID: 13804)
      • Unicorn-62327.exe (PID: 13816)
      • Unicorn-41391.exe (PID: 11012)
      • Unicorn-60297.exe (PID: 10332)
      • Unicorn-58569.exe (PID: 9704)
      • Unicorn-6502.exe (PID: 11236)
      • Unicorn-48382.exe (PID: 11368)
      • Unicorn-45720.exe (PID: 13352)
      • ShellExperienceHost.exe (PID: 14668)
      • Unicorn-20525.exe (PID: 11716)
      • Unicorn-28637.exe (PID: 8212)
      • Unicorn-58356.exe (PID: 9436)
      • Unicorn-12435.exe (PID: 15600)
      • Unicorn-51760.exe (PID: 15644)
      • Unicorn-47246.exe (PID: 15504)
      • Unicorn-33271.exe (PID: 10132)
      • Unicorn-35118.exe (PID: 11420)
      • Unicorn-27820.exe (PID: 3396)
      • Unicorn-9150.exe (PID: 10392)

    • Checks supported languages

      • 1 (464).exe (PID: 5072)
      • Unicorn-53849.exe (PID: 1088)
      • Unicorn-3662.exe (PID: 7348)
      • Unicorn-22691.exe (PID: 7356)
      • Unicorn-19781.exe (PID: 7380)
      • Unicorn-53200.exe (PID: 7392)
      • Unicorn-11612.exe (PID: 7404)
      • Unicorn-58767.exe (PID: 7416)
      • Unicorn-23433.exe (PID: 516)
      • Unicorn-39215.exe (PID: 1228)
      • Unicorn-43299.exe (PID: 7228)
      • Unicorn-23071.exe (PID: 4220)
      • Unicorn-7289.exe (PID: 7184)
      • Unicorn-57424.exe (PID: 2152)
      • Unicorn-51559.exe (PID: 4688)
      • Unicorn-24091.exe (PID: 6656)
      • Unicorn-26783.exe (PID: 616)
      • Unicorn-62885.exe (PID: 7020)
      • Unicorn-3478.exe (PID: 5408)
      • Unicorn-57689.exe (PID: 1164)
      • Unicorn-62793.exe (PID: 7524)
      • Unicorn-34759.exe (PID: 7532)
      • Unicorn-11646.exe (PID: 632)
      • Unicorn-49726.exe (PID: 1388)
      • Unicorn-40811.exe (PID: 4068)
      • Unicorn-3862.exe (PID: 6080)
      • Unicorn-24374.exe (PID: 5756)
      • Unicorn-12222.exe (PID: 5360)
      • Unicorn-19628.exe (PID: 7544)
      • Unicorn-3597.exe (PID: 5400)
      • Unicorn-30505.exe (PID: 5260)
      • Unicorn-14723.exe (PID: 4188)
      • Unicorn-14936.exe (PID: 7620)
      • Unicorn-52248.exe (PID: 7636)
      • Unicorn-63945.exe (PID: 7652)
      • Unicorn-40017.exe (PID: 7488)
      • Unicorn-3068.exe (PID: 6988)
      • Unicorn-64256.exe (PID: 7440)
      • Unicorn-44656.exe (PID: 5556)
      • Unicorn-33886.exe (PID: 7468)
      • Unicorn-23681.exe (PID: 7472)
      • Unicorn-39825.exe (PID: 6476)
      • Unicorn-19959.exe (PID: 6644)
      • Unicorn-51008.exe (PID: 7216)
      • Unicorn-19304.exe (PID: 7240)
      • Unicorn-15320.exe (PID: 7208)
      • Unicorn-65076.exe (PID: 7192)
      • Unicorn-7536.exe (PID: 2088)
      • Unicorn-47607.exe (PID: 2108)
      • Unicorn-7536.exe (PID: 7764)
      • Unicorn-1406.exe (PID: 536)
      • Unicorn-44293.exe (PID: 7720)
      • Unicorn-6145.exe (PID: 904)
      • Unicorn-60721.exe (PID: 7708)
      • Unicorn-40209.exe (PID: 7736)
      • Unicorn-5398.exe (PID: 7704)
      • Unicorn-16259.exe (PID: 7744)
      • Unicorn-27194.exe (PID: 7760)
      • Unicorn-50515.exe (PID: 7692)
      • Unicorn-11428.exe (PID: 7684)
      • Unicorn-44848.exe (PID: 7680)
      • Unicorn-3260.exe (PID: 7840)
      • Unicorn-3644.exe (PID: 7844)
      • Unicorn-37085.exe (PID: 8124)
      • Unicorn-6337.exe (PID: 8108)
      • Unicorn-47946.exe (PID: 8136)
      • Unicorn-56280.exe (PID: 7908)
      • Unicorn-48932.exe (PID: 7892)
      • Unicorn-24641.exe (PID: 8180)
      • Unicorn-38839.exe (PID: 5960)
      • Unicorn-36985.exe (PID: 8156)
      • Unicorn-8304.exe (PID: 8148)
      • Unicorn-2637.exe (PID: 4652)
      • Unicorn-22237.exe (PID: 6392)
      • Unicorn-6742.exe (PID: 8088)
      • Unicorn-55367.exe (PID: 5512)
      • Unicorn-520.exe (PID: 5244)
      • Unicorn-44246.exe (PID: 8104)
      • Unicorn-3213.exe (PID: 8068)
      • Unicorn-55751.exe (PID: 8064)
      • Unicorn-38653.exe (PID: 2392)
      • Unicorn-22978.exe (PID: 4336)
      • Unicorn-33363.exe (PID: 6652)
      • Unicorn-6742.exe (PID: 5892)
      • Unicorn-53613.exe (PID: 1180)
      • Unicorn-39759.exe (PID: 1132)
      • Unicorn-17332.exe (PID: 7200)
      • Unicorn-60411.exe (PID: 1660)
      • Unicorn-33668.exe (PID: 5304)
      • Unicorn-520.exe (PID: 4892)
      • Unicorn-56711.exe (PID: 5868)
      • Unicorn-62741.exe (PID: 7812)
      • Unicorn-50489.exe (PID: 7824)
      • Unicorn-46213.exe (PID: 5332)
      • Unicorn-16041.exe (PID: 3884)
      • Unicorn-61158.exe (PID: 6640)
      • Unicorn-35642.exe (PID: 4844)
      • Unicorn-61179.exe (PID: 8232)
      • Unicorn-53888.exe (PID: 8264)
      • Unicorn-22184.exe (PID: 8276)
      • Unicorn-51236.exe (PID: 8332)
      • Unicorn-24039.exe (PID: 8340)
      • Unicorn-47173.exe (PID: 8360)
      • Unicorn-3618.exe (PID: 8312)
      • Unicorn-38429.exe (PID: 8304)
      • Unicorn-26753.exe (PID: 8384)
      • Unicorn-2056.exe (PID: 8396)
      • Unicorn-39581.exe (PID: 8708)
      • Unicorn-13030.exe (PID: 8732)
      • Unicorn-57287.exe (PID: 8440)
      • Unicorn-24977.exe (PID: 8456)
      • Unicorn-26460.exe (PID: 8464)
      • Unicorn-47557.exe (PID: 8488)
      • Unicorn-7317.exe (PID: 8404)
      • Unicorn-14884.exe (PID: 8768)
      • Unicorn-31391.exe (PID: 8416)
      • Unicorn-29275.exe (PID: 8848)
      • Unicorn-64971.exe (PID: 8324)
      • Unicorn-39389.exe (PID: 8508)
      • Unicorn-51733.exe (PID: 8520)
      • Unicorn-14692.exe (PID: 8536)
      • Unicorn-55725.exe (PID: 8552)
      • Unicorn-19960.exe (PID: 8600)
      • Unicorn-7079.exe (PID: 8564)
      • Unicorn-2248.exe (PID: 8580)
      • Unicorn-53457.exe (PID: 8840)
      • Unicorn-33551.exe (PID: 8660)
      • Unicorn-44460.exe (PID: 8684)
      • Unicorn-12938.exe (PID: 8692)
      • Unicorn-39581.exe (PID: 8700)
      • Unicorn-7520.exe (PID: 8816)
      • Unicorn-1241.exe (PID: 8832)
      • Unicorn-53457.exe (PID: 8824)
      • Unicorn-32975.exe (PID: 8588)
      • Unicorn-22760.exe (PID: 8608)
      • Unicorn-34645.exe (PID: 8944)
      • Unicorn-43136.exe (PID: 8952)
      • Unicorn-62487.exe (PID: 8984)
      • Unicorn-40765.exe (PID: 8528)
      • Unicorn-17947.exe (PID: 9124)
      • Unicorn-39929.exe (PID: 9068)
      • Unicorn-50619.exe (PID: 9148)
      • Unicorn-5594.exe (PID: 9156)
      • Unicorn-58787.exe (PID: 9140)
      • Unicorn-36805.exe (PID: 9200)
      • Unicorn-14417.exe (PID: 9100)
      • Unicorn-19706.exe (PID: 8040)
      • Unicorn-28637.exe (PID: 8212)
      • Unicorn-10141.exe (PID: 9164)
      • Unicorn-32891.exe (PID: 9116)
      • Unicorn-32699.exe (PID: 9180)
      • Unicorn-33899.exe (PID: 8964)
      • Unicorn-4708.exe (PID: 9584)
      • Unicorn-22969.exe (PID: 9348)
      • Unicorn-17153.exe (PID: 9564)
      • Unicorn-8024.exe (PID: 9340)
      • Unicorn-8579.exe (PID: 9332)
      • Unicorn-45165.exe (PID: 9500)
      • Unicorn-13259.exe (PID: 9748)
      • Unicorn-58569.exe (PID: 9704)
      • Unicorn-50401.exe (PID: 9712)
      • Unicorn-38460.exe (PID: 9764)
      • Unicorn-6607.exe (PID: 9772)
      • Unicorn-18859.exe (PID: 9756)
      • Unicorn-48839.exe (PID: 9816)
      • Unicorn-45310.exe (PID: 9804)
      • Unicorn-1584.exe (PID: 9836)
      • Unicorn-22612.exe (PID: 9844)
      • Unicorn-44158.exe (PID: 9852)
      • Unicorn-5860.exe (PID: 9784)
      • Unicorn-31060.exe (PID: 10076)
      • Unicorn-42570.exe (PID: 9356)
      • Unicorn-25194.exe (PID: 10068)
      • Unicorn-44973.exe (PID: 9320)
      • Unicorn-45912.exe (PID: 9452)
      • Unicorn-53883.exe (PID: 10108)
      • Unicorn-6654.exe (PID: 9868)
      • Unicorn-3840.exe (PID: 9388)
      • Unicorn-31713.exe (PID: 9412)
      • Unicorn-39881.exe (PID: 9404)
      • Unicorn-14722.exe (PID: 9420)
      • Unicorn-49057.exe (PID: 9308)
      • Unicorn-15975.exe (PID: 9880)
      • Unicorn-54869.exe (PID: 9888)
      • Unicorn-58356.exe (PID: 9436)
      • Unicorn-54272.exe (PID: 9428)
      • Unicorn-51361.exe (PID: 9960)
      • Unicorn-53307.exe (PID: 10000)
      • Unicorn-6244.exe (PID: 9952)
      • Unicorn-35409.exe (PID: 10036)
      • Unicorn-598.exe (PID: 10044)
      • Unicorn-57967.exe (PID: 10052)
      • Unicorn-38101.exe (PID: 10060)
      • Unicorn-51745.exe (PID: 10168)
      • Unicorn-65512.exe (PID: 9444)
      • Unicorn-59913.exe (PID: 10148)
      • Unicorn-33271.exe (PID: 10132)
      • Unicorn-29187.exe (PID: 10160)
      • Unicorn-55829.exe (PID: 10176)
      • Unicorn-406.exe (PID: 10200)
      • Unicorn-35217.exe (PID: 10192)
      • Unicorn-35309.exe (PID: 4736)
      • Unicorn-56384.exe (PID: 4436)
      • Unicorn-35309.exe (PID: 7172)
      • Unicorn-21573.exe (PID: 7272)
      • Unicorn-51553.exe (PID: 6668)
      • Unicorn-62414.exe (PID: 4944)
      • Unicorn-43385.exe (PID: 4224)
      • Unicorn-23519.exe (PID: 3024)
      • Unicorn-10219.exe (PID: 10264)
      • Unicorn-23519.exe (PID: 10232)
      • Unicorn-23541.exe (PID: 10292)
      • Unicorn-20827.exe (PID: 10248)
      • Unicorn-60297.exe (PID: 10332)
      • Unicorn-25487.exe (PID: 10340)
      • Unicorn-41391.exe (PID: 11020)
      • Unicorn-41391.exe (PID: 11036)
      • Unicorn-35791.exe (PID: 11028)
      • Unicorn-9150.exe (PID: 10392)
      • Unicorn-2928.exe (PID: 10324)
      • Unicorn-58059.exe (PID: 10448)
      • Unicorn-55789.exe (PID: 10440)
      • Unicorn-9513.exe (PID: 10464)
      • Unicorn-38723.exe (PID: 10456)
      • Unicorn-36155.exe (PID: 10472)
      • Unicorn-48984.exe (PID: 10500)
      • Unicorn-48984.exe (PID: 10508)
      • Unicorn-43961.exe (PID: 10400)
      • Unicorn-31517.exe (PID: 10416)
      • Unicorn-1366.exe (PID: 10484)
      • Unicorn-3047.exe (PID: 10544)
      • Unicorn-48984.exe (PID: 10516)
      • Unicorn-48984.exe (PID: 10524)
      • Unicorn-62719.exe (PID: 10552)
      • Unicorn-1174.exe (PID: 10576)
      • Unicorn-15299.exe (PID: 10612)
      • Unicorn-32212.exe (PID: 10664)
      • Unicorn-28201.exe (PID: 10768)
      • Unicorn-33031.exe (PID: 10704)
      • Unicorn-33079.exe (PID: 4932)
      • Unicorn-34593.exe (PID: 10604)
      • Unicorn-46410.exe (PID: 10784)
      • Unicorn-63566.exe (PID: 10816)
      • Unicorn-24237.exe (PID: 10844)
      • Unicorn-30723.exe (PID: 10924)
      • Unicorn-30723.exe (PID: 10928)
      • Unicorn-33415.exe (PID: 10940)
      • Unicorn-28100.exe (PID: 10800)
      • Unicorn-51235.exe (PID: 10948)
      • Unicorn-22290.exe (PID: 10956)
      • Unicorn-57365.exe (PID: 10964)
      • Unicorn-42975.exe (PID: 10996)
      • Unicorn-6581.exe (PID: 11052)
      • Unicorn-55127.exe (PID: 11068)
      • Unicorn-29139.exe (PID: 11132)
      • Unicorn-60992.exe (PID: 11096)
      • Unicorn-29060.exe (PID: 11188)
      • Unicorn-29060.exe (PID: 11180)
      • Unicorn-29060.exe (PID: 11164)
      • Unicorn-34615.exe (PID: 11004)
      • Unicorn-41391.exe (PID: 11044)
      • Unicorn-55127.exe (PID: 11076)
      • Unicorn-6502.exe (PID: 11236)
      • Unicorn-39083.exe (PID: 11244)
      • Unicorn-41797.exe (PID: 6572)
      • Unicorn-21377.exe (PID: 11304)
      • Unicorn-48382.exe (PID: 11368)
      • Unicorn-1257.exe (PID: 7788)
      • Unicorn-35118.exe (PID: 11412)
      • Unicorn-29410.exe (PID: 3180)
      • Unicorn-13108.exe (PID: 11360)
      • Unicorn-11292.exe (PID: 7144)
      • Unicorn-62025.exe (PID: 11428)
      • Unicorn-35118.exe (PID: 11420)
      • Unicorn-37713.exe (PID: 11280)
      • Unicorn-23406.exe (PID: 11520)
      • Unicorn-4656.exe (PID: 11436)
      • Unicorn-15284.exe (PID: 12320)
      • Unicorn-49773.exe (PID: 11456)
      • Unicorn-56535.exe (PID: 11476)
      • Unicorn-23131.exe (PID: 11468)
      • Unicorn-23100.exe (PID: 11496)
      • Unicorn-65258.exe (PID: 11552)
      • Unicorn-36992.exe (PID: 11560)
      • Unicorn-19486.exe (PID: 11580)
      • Unicorn-3250.exe (PID: 11572)
      • Unicorn-35923.exe (PID: 11596)
      • Unicorn-33022.exe (PID: 11616)
      • Unicorn-54012.exe (PID: 11648)
      • Unicorn-51444.exe (PID: 11664)
      • Unicorn-49773.exe (PID: 11504)
      • Unicorn-20525.exe (PID: 11716)
      • Unicorn-11702.exe (PID: 11696)
      • Unicorn-6135.exe (PID: 11680)
      • Unicorn-43467.exe (PID: 11856)
      • Unicorn-34236.exe (PID: 10892)
      • Unicorn-19400.exe (PID: 11892)
      • Unicorn-15508.exe (PID: 11828)
      • Unicorn-18308.exe (PID: 11812)
      • Unicorn-57203.exe (PID: 11836)
      • Unicorn-22392.exe (PID: 11844)
      • Unicorn-61750.exe (PID: 11900)
      • Unicorn-41391.exe (PID: 11012)
      • Unicorn-18771.exe (PID: 11940)
      • Unicorn-2456.exe (PID: 12024)
      • Unicorn-33183.exe (PID: 12032)
      • Unicorn-55127.exe (PID: 12060)
      • Unicorn-22685.exe (PID: 12120)
      • Unicorn-48984.exe (PID: 10536)
      • Unicorn-29060.exe (PID: 11172)
      • Unicorn-6348.exe (PID: 12168)
      • Unicorn-47189.exe (PID: 12220)
      • Unicorn-6924.exe (PID: 12264)
      • Unicorn-45395.exe (PID: 11604)
      • Unicorn-8678.exe (PID: 11548)
      • Unicorn-31237.exe (PID: 5112)
      • Unicorn-27820.exe (PID: 3396)
      • Unicorn-7116.exe (PID: 12328)
      • Unicorn-38973.exe (PID: 12380)
      • Unicorn-17898.exe (PID: 12412)
      • Unicorn-50671.exe (PID: 12404)
      • Unicorn-54371.exe (PID: 1600)
      • Unicorn-29867.exe (PID: 12576)
      • Unicorn-56509.exe (PID: 12596)
      • Unicorn-59223.exe (PID: 12620)
      • Unicorn-11776.exe (PID: 12424)
      • Unicorn-12139.exe (PID: 12492)
      • Unicorn-54267.exe (PID: 10284)
      • Unicorn-1946.exe (PID: 12680)
      • Unicorn-53001.exe (PID: 12712)
      • Unicorn-16144.exe (PID: 12736)
      • Unicorn-463.exe (PID: 12632)
      • Unicorn-23021.exe (PID: 12652)
      • Unicorn-35081.exe (PID: 12792)
      • Unicorn-37001.exe (PID: 13804)
      • Unicorn-40749.exe (PID: 12780)
      • Unicorn-24221.exe (PID: 12800)
      • Unicorn-30251.exe (PID: 12840)
      • Unicorn-45435.exe (PID: 12016)
      • Unicorn-13874.exe (PID: 12744)
      • Unicorn-5455.exe (PID: 13828)
      • Unicorn-62327.exe (PID: 13816)
      • Unicorn-100.exe (PID: 12956)
      • Unicorn-18309.exe (PID: 12976)
      • Unicorn-45217.exe (PID: 12992)
      • Unicorn-46012.exe (PID: 13000)
      • Unicorn-17183.exe (PID: 13024)
      • Unicorn-5560.exe (PID: 13044)
      • Unicorn-14225.exe (PID: 13036)
      • Unicorn-60162.exe (PID: 13052)
      • Unicorn-8360.exe (PID: 13068)
      • Unicorn-55907.exe (PID: 13124)
      • Unicorn-14900.exe (PID: 9740)
      • Unicorn-60738.exe (PID: 13448)
      • Unicorn-59844.exe (PID: 13396)
      • Unicorn-45720.exe (PID: 13352)
      • Unicorn-8360.exe (PID: 13060)
      • Unicorn-27218.exe (PID: 13100)
      • Unicorn-13312.exe (PID: 13296)
      • Unicorn-17759.exe (PID: 13468)
      • Unicorn-52207.exe (PID: 13276)
      • Unicorn-33354.exe (PID: 13564)
      • Unicorn-17759.exe (PID: 13460)
      • Unicorn-36255.exe (PID: 13512)
      • Unicorn-47545.exe (PID: 13548)
      • Unicorn-33354.exe (PID: 13556)
      • Unicorn-27794.exe (PID: 13580)
      • Unicorn-52134.exe (PID: 13600)
      • ShellExperienceHost.exe (PID: 14668)
      • Unicorn-54153.exe (PID: 13328)
      • Unicorn-49307.exe (PID: 13344)
      • Unicorn-30417.exe (PID: 13680)
      • Unicorn-22249.exe (PID: 13692)
      • Unicorn-25373.exe (PID: 13404)
      • Unicorn-51392.exe (PID: 13844)
      • Unicorn-29654.exe (PID: 13784)
      • Unicorn-51392.exe (PID: 13860)
      • Unicorn-65127.exe (PID: 13836)
      • Unicorn-1060.exe (PID: 13648)
      • Unicorn-42093.exe (PID: 13668)
      • Unicorn-52683.exe (PID: 13904)
      • Unicorn-6004.exe (PID: 14176)
      • Unicorn-4713.exe (PID: 14072)
      • Unicorn-57595.exe (PID: 14212)
      • Unicorn-4713.exe (PID: 14080)
      • Unicorn-51392.exe (PID: 13852)
      • Unicorn-2621.exe (PID: 13868)
      • Unicorn-52683.exe (PID: 13912)
      • Unicorn-38947.exe (PID: 13876)
      • Unicorn-48533.exe (PID: 12468)
      • Unicorn-37577.exe (PID: 14024)
      • Unicorn-60302.exe (PID: 13572)
      • Unicorn-14086.exe (PID: 14252)
      • Unicorn-61252.exe (PID: 14748)
      • Unicorn-10691.exe (PID: 14628)
      • Unicorn-42020.exe (PID: 13540)
      • Unicorn-19871.exe (PID: 14540)
      • Unicorn-58548.exe (PID: 13888)
      • Unicorn-33606.exe (PID: 14548)
      • Unicorn-30806.exe (PID: 14564)
      • Unicorn-43913.exe (PID: 14480)
      • Unicorn-36452.exe (PID: 14392)
      • Unicorn-56073.exe (PID: 14516)
      • Unicorn-40557.exe (PID: 12924)
      • Unicorn-59865.exe (PID: 14792)
      • Unicorn-8910.exe (PID: 14588)
      • Unicorn-4158.exe (PID: 14108)
      • Unicorn-10691.exe (PID: 14636)
      • Unicorn-46130.exe (PID: 14236)
      • Unicorn-24387.exe (PID: 14164)
      • Unicorn-27271.exe (PID: 14092)
      • Unicorn-11319.exe (PID: 14196)
      • Unicorn-61252.exe (PID: 14764)
      • Unicorn-193.exe (PID: 14220)
      • Unicorn-56165.exe (PID: 14444)
      • Unicorn-193.exe (PID: 14228)
      • Unicorn-47246.exe (PID: 15504)
      • Unicorn-51760.exe (PID: 15644)
      • Unicorn-12435.exe (PID: 15600)
      • Unicorn-12060.exe (PID: 12720)
      • Unicorn-629.exe (PID: 14060)
      • Unicorn-46130.exe (PID: 14244)
      • Unicorn-27732.exe (PID: 15252)
      • Unicorn-18465.exe (PID: 15652)
      • Unicorn-20202.exe (PID: 13700)

    • The sample compiled with chinese language support

      • 1 (464).exe (PID: 5072)

    • Create files in a temporary directory

      • Unicorn-53849.exe (PID: 1088)
      • Unicorn-22691.exe (PID: 7356)
      • 1 (464).exe (PID: 5072)
      • Unicorn-19781.exe (PID: 7380)
      • Unicorn-11612.exe (PID: 7404)
      • Unicorn-53200.exe (PID: 7392)
      • Unicorn-3662.exe (PID: 7348)
      • Unicorn-23071.exe (PID: 4220)
      • Unicorn-7289.exe (PID: 7184)
      • Unicorn-57424.exe (PID: 2152)
      • Unicorn-57689.exe (PID: 1164)
      • Unicorn-58767.exe (PID: 7416)
      • Unicorn-23433.exe (PID: 516)
      • Unicorn-26783.exe (PID: 616)
      • Unicorn-3478.exe (PID: 5408)
      • Unicorn-24091.exe (PID: 6656)
      • Unicorn-39215.exe (PID: 1228)
      • Unicorn-34759.exe (PID: 7532)
      • Unicorn-11646.exe (PID: 632)
      • Unicorn-62885.exe (PID: 7020)
      • Unicorn-43299.exe (PID: 7228)
      • Unicorn-49726.exe (PID: 1388)
      • Unicorn-19628.exe (PID: 7544)
      • Unicorn-14723.exe (PID: 4188)
      • Unicorn-51559.exe (PID: 4688)
      • Unicorn-3597.exe (PID: 5400)
      • Unicorn-30505.exe (PID: 5260)
      • Unicorn-24374.exe (PID: 5756)
      • Unicorn-14936.exe (PID: 7620)
      • Unicorn-52248.exe (PID: 7636)
      • Unicorn-39825.exe (PID: 6476)
      • Unicorn-40017.exe (PID: 7488)
      • Unicorn-33886.exe (PID: 7468)
      • Unicorn-65076.exe (PID: 7192)
      • Unicorn-19959.exe (PID: 6644)
      • Unicorn-3068.exe (PID: 6988)
      • Unicorn-62793.exe (PID: 7524)
      • Unicorn-19304.exe (PID: 7240)
      • Unicorn-47607.exe (PID: 2108)
      • Unicorn-3644.exe (PID: 7844)
      • Unicorn-3862.exe (PID: 6080)
      • Unicorn-51008.exe (PID: 7216)
      • Unicorn-38839.exe (PID: 5960)
      • Unicorn-2637.exe (PID: 4652)
      • Unicorn-37085.exe (PID: 8124)
      • Unicorn-23681.exe (PID: 7472)
      • Unicorn-11428.exe (PID: 7684)
      • Unicorn-44293.exe (PID: 7720)
      • Unicorn-63945.exe (PID: 7652)
      • Unicorn-12222.exe (PID: 5360)
      • Unicorn-48932.exe (PID: 7892)
      • Unicorn-44848.exe (PID: 7680)
      • Unicorn-15320.exe (PID: 7208)
      • Unicorn-56280.exe (PID: 7908)
      • Unicorn-3260.exe (PID: 7840)
      • Unicorn-22237.exe (PID: 6392)
      • Unicorn-7536.exe (PID: 7764)
      • Unicorn-24641.exe (PID: 8180)
      • Unicorn-6145.exe (PID: 904)
      • Unicorn-39759.exe (PID: 1132)
      • Unicorn-520.exe (PID: 4892)
      • Unicorn-44656.exe (PID: 5556)
      • Unicorn-55751.exe (PID: 8064)
      • Unicorn-3213.exe (PID: 8068)
      • Unicorn-55367.exe (PID: 5512)
      • Unicorn-1406.exe (PID: 536)
      • Unicorn-22978.exe (PID: 4336)
      • Unicorn-40811.exe (PID: 4068)
      • Unicorn-36985.exe (PID: 8156)
      • Unicorn-35642.exe (PID: 4844)
      • Unicorn-16041.exe (PID: 3884)
      • Unicorn-33668.exe (PID: 5304)
      • Unicorn-6742.exe (PID: 8088)
      • Unicorn-60411.exe (PID: 1660)
      • Unicorn-40209.exe (PID: 7736)
      • Unicorn-14884.exe (PID: 8768)
      • Unicorn-520.exe (PID: 5244)
      • Unicorn-26753.exe (PID: 8384)
      • Unicorn-17332.exe (PID: 7200)
      • Unicorn-38653.exe (PID: 2392)
      • Unicorn-50515.exe (PID: 7692)
      • Unicorn-2056.exe (PID: 8396)
      • Unicorn-60721.exe (PID: 7708)
      • Unicorn-51236.exe (PID: 8332)
      • Unicorn-27194.exe (PID: 7760)
      • Unicorn-47557.exe (PID: 8488)
      • Unicorn-36805.exe (PID: 9200)
      • Unicorn-16259.exe (PID: 7744)
      • Unicorn-19706.exe (PID: 8040)
      • Unicorn-44246.exe (PID: 8104)
      • Unicorn-53613.exe (PID: 1180)
      • Unicorn-3618.exe (PID: 8312)
      • Unicorn-26460.exe (PID: 8464)
      • Unicorn-29275.exe (PID: 8848)
      • Unicorn-33551.exe (PID: 8660)
      • Unicorn-33899.exe (PID: 8964)
      • Unicorn-61158.exe (PID: 6640)
      • Unicorn-32891.exe (PID: 9116)
      • Unicorn-17947.exe (PID: 9124)
      • Unicorn-53457.exe (PID: 8824)
      • Unicorn-6337.exe (PID: 8108)
      • Unicorn-58787.exe (PID: 9140)
      • Unicorn-62741.exe (PID: 7812)
      • Unicorn-32975.exe (PID: 8588)
      • Unicorn-10141.exe (PID: 9164)
      • Unicorn-34645.exe (PID: 8944)
      • Unicorn-22184.exe (PID: 8276)
      • Unicorn-39389.exe (PID: 8508)
      • Unicorn-55725.exe (PID: 8552)
      • Unicorn-6742.exe (PID: 5892)
      • Unicorn-43136.exe (PID: 8952)
      • Unicorn-31391.exe (PID: 8416)
      • Unicorn-57287.exe (PID: 8440)
      • Unicorn-2248.exe (PID: 8580)
      • Unicorn-62487.exe (PID: 8984)
      • Unicorn-12938.exe (PID: 8692)
      • Unicorn-22760.exe (PID: 8608)
      • Unicorn-14692.exe (PID: 8536)
      • Unicorn-19960.exe (PID: 8600)
      • Unicorn-7317.exe (PID: 8404)
      • Unicorn-61179.exe (PID: 8232)
      • Unicorn-31060.exe (PID: 10076)
      • Unicorn-53883.exe (PID: 10108)
      • Unicorn-39581.exe (PID: 8700)
      • Unicorn-38429.exe (PID: 8304)
      • Unicorn-39929.exe (PID: 9068)
      • Unicorn-5398.exe (PID: 7704)
      • Unicorn-24977.exe (PID: 8456)
      • Unicorn-44973.exe (PID: 9320)
      • Unicorn-50619.exe (PID: 9148)
      • Unicorn-53457.exe (PID: 8840)
      • Unicorn-64256.exe (PID: 7440)
      • Unicorn-45912.exe (PID: 9452)
      • Unicorn-8579.exe (PID: 9332)
      • Unicorn-39881.exe (PID: 9404)
      • Unicorn-50489.exe (PID: 7824)
      • Unicorn-4708.exe (PID: 9584)
      • Unicorn-7536.exe (PID: 2088)
      • Unicorn-33363.exe (PID: 6652)
      • Unicorn-8304.exe (PID: 8148)
      • Unicorn-39581.exe (PID: 8708)
      • Unicorn-13030.exe (PID: 8732)
      • Unicorn-7079.exe (PID: 8564)
      • Unicorn-14417.exe (PID: 9100)
      • Unicorn-41391.exe (PID: 11036)
      • Unicorn-41391.exe (PID: 11020)
      • Unicorn-35791.exe (PID: 11028)
      • Unicorn-56711.exe (PID: 5868)
      • Unicorn-5594.exe (PID: 9156)
      • Unicorn-35309.exe (PID: 7172)
      • Unicorn-51745.exe (PID: 10168)
      • Unicorn-33079.exe (PID: 4932)
      • Unicorn-1241.exe (PID: 8832)
      • Unicorn-65512.exe (PID: 9444)
      • Unicorn-62414.exe (PID: 4944)
      • Unicorn-14722.exe (PID: 9420)
      • Unicorn-51733.exe (PID: 8520)
      • Unicorn-53888.exe (PID: 8264)
      • Unicorn-46213.exe (PID: 5332)
      • Unicorn-47946.exe (PID: 8136)
      • Unicorn-34615.exe (PID: 11004)
      • Unicorn-22612.exe (PID: 9844)
      • Unicorn-32212.exe (PID: 10664)
      • Unicorn-6654.exe (PID: 9868)
      • Unicorn-45165.exe (PID: 9500)
      • Unicorn-7520.exe (PID: 8816)
      • Unicorn-18859.exe (PID: 9756)
      • Unicorn-23519.exe (PID: 3024)
      • Unicorn-48984.exe (PID: 10500)
      • Unicorn-40765.exe (PID: 8528)
      • Unicorn-47173.exe (PID: 8360)
      • Unicorn-22969.exe (PID: 9348)
      • Unicorn-15975.exe (PID: 9880)
      • Unicorn-29410.exe (PID: 3180)
      • Unicorn-1257.exe (PID: 7788)
      • Unicorn-15284.exe (PID: 12320)
      • Unicorn-11292.exe (PID: 7144)
      • Unicorn-20827.exe (PID: 10248)
      • Unicorn-41391.exe (PID: 11044)
      • Unicorn-55127.exe (PID: 11076)
      • Unicorn-13259.exe (PID: 9748)
      • Unicorn-25194.exe (PID: 10068)
      • Unicorn-23519.exe (PID: 10232)
      • Unicorn-60992.exe (PID: 11096)
      • Unicorn-38101.exe (PID: 10060)
      • Unicorn-30723.exe (PID: 10928)
      • Unicorn-35118.exe (PID: 11412)
      • Unicorn-38723.exe (PID: 10456)
      • Unicorn-48984.exe (PID: 10516)
      • Unicorn-5455.exe (PID: 13828)
      • Unicorn-37001.exe (PID: 13804)
      • Unicorn-62327.exe (PID: 13816)
      • Unicorn-41391.exe (PID: 11012)
      • Unicorn-64971.exe (PID: 8324)

    • Reads security settings of Internet Explorer

      • BackgroundTransferHost.exe (PID: 7456)
      • BackgroundTransferHost.exe (PID: 7692)
      • BackgroundTransferHost.exe (PID: 8076)
      • BackgroundTransferHost.exe (PID: 7860)
      • BackgroundTransferHost.exe (PID: 7196)

    • Checks proxy server information

      • BackgroundTransferHost.exe (PID: 7692)

    • Reads the software policy settings

      • BackgroundTransferHost.exe (PID: 7692)
      • slui.exe (PID: 6028)

    • Creates files or folders in the user directory

      • BackgroundTransferHost.exe (PID: 7692)
Find more information about signature artifacts and mapping to MITRE ATT&CK™ MATRIX at the full report
No Malware configuration.

TRiD

.exe | Win32 Executable Microsoft Visual Basic 6 (90.6)
.exe | Win32 Executable (generic) (4.9)
.exe | Generic Win/DOS Executable (2.2)
.exe | DOS Executable Generic (2.2)

EXIF

EXE

MachineType: Intel 386 or later, and compatibles
TimeStamp: 2019:01:19 13:34:56+00:00
ImageFileCharacteristics: No relocs, Executable, No line numbers, No symbols, 32-bit, No debug, Removable run from swap, Net run from swap, Uniprocessor only, Bytes reversed hi
PEType: PE32
LinkerVersion: 6
CodeSize: 176128
InitializedDataSize: 299008
UninitializedDataSize: -
EntryPoint: 0x13d4
OSVersion: 4
ImageVersion: 1
SubsystemVersion: 4
Subsystem: Windows GUI
FileVersionNumber: 1.0.0.0
ProductVersionNumber: 1.0.0.0
FileFlagsMask: 0x003f
FileFlags: (none)
FileOS: Win32
ObjectFileType: Executable application
FileSubtype: -
LanguageCode: Chinese (Simplified)
CharacterSet: Unicode
CompanyName: UEFI
ProductName: Kawaii-Unicorn
FileVersion: 1
ProductVersion: 1
InternalName: Kawaii-Unicorn
OriginalFileName: Kawaii-Unicorn.exe
No data.
screenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshot
All screenshots are available in the full report
All screenshots are available in the full report
Total processes
640
Monitored processes
506
Malicious processes
75
Suspicious processes
79

Behavior graph

Click at the process to see the details
start 1 (464).exe sppextcomobj.exe no specs slui.exe unicorn-53849.exe unicorn-3662.exe unicorn-22691.exe unicorn-19781.exe unicorn-53200.exe unicorn-11612.exe unicorn-58767.exe backgroundtransferhost.exe no specs backgroundtransferhost.exe backgroundtransferhost.exe no specs backgroundtransferhost.exe no specs unicorn-23071.exe unicorn-7289.exe backgroundtransferhost.exe no specs unicorn-39215.exe unicorn-43299.exe unicorn-23433.exe unicorn-51559.exe unicorn-57689.exe unicorn-57424.exe unicorn-24091.exe unicorn-26783.exe unicorn-62885.exe unicorn-3478.exe unicorn-62793.exe unicorn-34759.exe unicorn-11646.exe unicorn-49726.exe unicorn-40811.exe unicorn-19628.exe unicorn-12222.exe unicorn-3862.exe unicorn-3597.exe unicorn-30505.exe unicorn-24374.exe unicorn-14723.exe unicorn-14936.exe unicorn-52248.exe unicorn-63945.exe unicorn-40017.exe unicorn-33886.exe unicorn-23681.exe unicorn-44656.exe unicorn-64256.exe unicorn-3068.exe unicorn-39825.exe unicorn-19959.exe unicorn-15320.exe unicorn-65076.exe unicorn-51008.exe unicorn-19304.exe unicorn-47607.exe unicorn-7536.exe unicorn-7536.exe unicorn-1406.exe unicorn-6145.exe unicorn-40209.exe unicorn-5398.exe unicorn-44293.exe unicorn-16259.exe unicorn-27194.exe unicorn-60721.exe unicorn-50515.exe unicorn-11428.exe unicorn-44848.exe unicorn-3260.exe unicorn-48932.exe unicorn-56280.exe unicorn-3644.exe unicorn-6337.exe unicorn-37085.exe unicorn-47946.exe unicorn-8304.exe unicorn-36985.exe unicorn-24641.exe unicorn-55367.exe unicorn-38839.exe unicorn-2637.exe unicorn-22237.exe unicorn-33363.exe unicorn-6742.exe unicorn-44246.exe unicorn-520.exe unicorn-3213.exe unicorn-55751.exe unicorn-22978.exe unicorn-38653.exe unicorn-6742.exe unicorn-53613.exe unicorn-60411.exe unicorn-39759.exe unicorn-33668.exe unicorn-17332.exe unicorn-520.exe unicorn-56711.exe unicorn-62741.exe unicorn-50489.exe unicorn-46213.exe unicorn-35642.exe unicorn-16041.exe unicorn-61158.exe unicorn-61179.exe unicorn-53888.exe unicorn-22184.exe unicorn-38429.exe unicorn-3618.exe unicorn-64971.exe unicorn-51236.exe unicorn-24039.exe unicorn-47173.exe unicorn-26753.exe unicorn-2056.exe unicorn-7317.exe unicorn-31391.exe unicorn-57287.exe unicorn-24977.exe unicorn-26460.exe unicorn-47557.exe unicorn-39389.exe unicorn-51733.exe unicorn-40765.exe unicorn-14692.exe unicorn-55725.exe unicorn-7079.exe unicorn-2248.exe unicorn-32975.exe unicorn-19960.exe unicorn-22760.exe unicorn-33551.exe unicorn-44460.exe unicorn-12938.exe unicorn-39581.exe unicorn-39581.exe unicorn-13030.exe unicorn-14884.exe unicorn-7520.exe unicorn-53457.exe unicorn-1241.exe unicorn-53457.exe unicorn-29275.exe unicorn-34645.exe unicorn-43136.exe unicorn-33899.exe unicorn-62487.exe unicorn-39929.exe unicorn-14417.exe unicorn-32891.exe unicorn-17947.exe unicorn-58787.exe unicorn-50619.exe unicorn-5594.exe unicorn-10141.exe unicorn-32699.exe no specs unicorn-36805.exe unicorn-19706.exe unicorn-28637.exe unicorn-49057.exe unicorn-44973.exe unicorn-8579.exe unicorn-8024.exe unicorn-22969.exe unicorn-42570.exe unicorn-3840.exe unicorn-39881.exe unicorn-31713.exe no specs unicorn-14722.exe unicorn-54272.exe unicorn-58356.exe unicorn-65512.exe unicorn-45912.exe unicorn-45165.exe unicorn-17153.exe no specs unicorn-4708.exe unicorn-58569.exe unicorn-50401.exe no specs unicorn-11241.exe no specs unicorn-13259.exe unicorn-18859.exe unicorn-38460.exe no specs unicorn-6607.exe no specs unicorn-5860.exe no specs unicorn-45310.exe no specs unicorn-48839.exe no specs unicorn-1584.exe unicorn-22612.exe unicorn-44158.exe unicorn-6654.exe unicorn-15975.exe unicorn-54869.exe unicorn-6244.exe no specs unicorn-51361.exe no specs unicorn-53307.exe unicorn-35409.exe unicorn-598.exe unicorn-57967.exe unicorn-38101.exe unicorn-25194.exe unicorn-31060.exe unicorn-53883.exe unicorn-33271.exe unicorn-59913.exe unicorn-29187.exe no specs unicorn-51745.exe unicorn-55829.exe no specs unicorn-35217.exe no specs unicorn-406.exe no specs unicorn-56384.exe unicorn-35309.exe no specs unicorn-35309.exe no specs unicorn-21573.exe unicorn-33079.exe unicorn-51553.exe no specs unicorn-62414.exe unicorn-43385.exe no specs unicorn-23519.exe unicorn-23519.exe unicorn-20827.exe unicorn-10219.exe unicorn-54267.exe unicorn-23541.exe unicorn-2928.exe no specs unicorn-60297.exe unicorn-25487.exe no specs unicorn-29571.exe no specs unicorn-9150.exe unicorn-43961.exe no specs unicorn-31517.exe no specs unicorn-55789.exe no specs unicorn-58059.exe unicorn-38723.exe unicorn-9513.exe unicorn-36155.exe unicorn-1366.exe unicorn-48984.exe unicorn-48984.exe no specs unicorn-48984.exe unicorn-48984.exe no specs unicorn-48984.exe no specs unicorn-3047.exe no specs unicorn-62719.exe unicorn-1174.exe unicorn-34593.exe unicorn-15299.exe unicorn-32212.exe unicorn-33031.exe no specs unicorn-28201.exe no specs unicorn-46410.exe no specs unicorn-28100.exe unicorn-63566.exe no specs unicorn-24237.exe no specs unicorn-34236.exe no specs unicorn-30723.exe no specs unicorn-30723.exe unicorn-33415.exe unicorn-51235.exe unicorn-22290.exe unicorn-57365.exe no specs unicorn-42975.exe no specs unicorn-34615.exe unicorn-41391.exe unicorn-41391.exe unicorn-35791.exe unicorn-41391.exe unicorn-41391.exe unicorn-6581.exe no specs unicorn-55127.exe no specs unicorn-55127.exe unicorn-60992.exe unicorn-29139.exe no specs unicorn-29060.exe no specs unicorn-29060.exe no specs unicorn-29060.exe no specs unicorn-29060.exe no specs unicorn-6502.exe unicorn-39083.exe no specs unicorn-1257.exe unicorn-41797.exe no specs unicorn-37713.exe unicorn-21377.exe unicorn-13108.exe unicorn-48382.exe unicorn-35118.exe unicorn-35118.exe unicorn-62025.exe unicorn-4656.exe no specs unicorn-49773.exe unicorn-23131.exe no specs unicorn-56535.exe unicorn-23100.exe no specs unicorn-49773.exe unicorn-23406.exe no specs unicorn-65258.exe no specs unicorn-36992.exe no specs unicorn-3250.exe no specs unicorn-19486.exe no specs unicorn-35923.exe no specs unicorn-33022.exe no specs unicorn-54012.exe no specs unicorn-51444.exe no specs unicorn-6135.exe no specs unicorn-11702.exe no specs unicorn-20525.exe unicorn-18308.exe no specs unicorn-15508.exe unicorn-57203.exe no specs unicorn-22392.exe unicorn-43467.exe no specs unicorn-19400.exe no specs unicorn-61750.exe no specs unicorn-18771.exe unicorn-45435.exe no specs unicorn-2456.exe no specs unicorn-33183.exe no specs unicorn-55127.exe no specs unicorn-22685.exe unicorn-6348.exe no specs unicorn-47189.exe no specs unicorn-6924.exe no specs unicorn-31237.exe no specs unicorn-45395.exe no specs unicorn-14900.exe no specs unicorn-8678.exe no specs unicorn-54371.exe no specs unicorn-27820.exe unicorn-29410.exe unicorn-11292.exe unicorn-15284.exe unicorn-7116.exe no specs unicorn-38973.exe no specs unicorn-50671.exe no specs unicorn-17898.exe no specs unicorn-11776.exe no specs unicorn-48533.exe no specs unicorn-12139.exe no specs unicorn-29867.exe no specs unicorn-56509.exe no specs unicorn-59223.exe no specs unicorn-463.exe no specs unicorn-23021.exe no specs unicorn-1946.exe unicorn-53001.exe no specs unicorn-12060.exe no specs unicorn-16144.exe unicorn-13874.exe no specs unicorn-40749.exe no specs unicorn-35081.exe no specs unicorn-24221.exe no specs unicorn-30251.exe no specs unicorn-40557.exe no specs unicorn-100.exe no specs unicorn-18309.exe unicorn-45217.exe unicorn-46012.exe unicorn-17183.exe no specs unicorn-14225.exe no specs unicorn-5560.exe no specs unicorn-60162.exe no specs unicorn-8360.exe no specs unicorn-8360.exe no specs unicorn-27218.exe no specs unicorn-55907.exe no specs unicorn-52207.exe no specs unicorn-13312.exe no specs unicorn-54153.exe no specs unicorn-49307.exe no specs unicorn-45720.exe unicorn-59844.exe unicorn-25373.exe no specs unicorn-60738.exe no specs unicorn-17759.exe no specs unicorn-17759.exe no specs unicorn-36255.exe no specs unicorn-42020.exe no specs unicorn-47545.exe no specs unicorn-33354.exe no specs unicorn-33354.exe no specs unicorn-60302.exe no specs unicorn-27794.exe no specs unicorn-52134.exe no specs unicorn-1060.exe no specs unicorn-42093.exe no specs unicorn-30417.exe no specs unicorn-22249.exe no specs unicorn-20202.exe no specs unicorn-54656.exe no specs unicorn-16027.exe no specs unicorn-29654.exe no specs unicorn-50737.exe unicorn-37001.exe unicorn-62327.exe unicorn-5455.exe unicorn-65127.exe no specs unicorn-51392.exe no specs unicorn-51392.exe no specs unicorn-51392.exe no specs unicorn-2621.exe no specs unicorn-38947.exe no specs unicorn-58548.exe no specs unicorn-4137.exe no specs unicorn-52683.exe no specs unicorn-52683.exe no specs unicorn-52683.exe no specs unicorn-22611.exe no specs unicorn-37577.exe no specs unicorn-629.exe no specs unicorn-4713.exe no specs unicorn-4713.exe no specs unicorn-27271.exe no specs unicorn-4158.exe no specs unicorn-24387.exe no specs unicorn-6004.exe no specs unicorn-11319.exe no specs unicorn-57595.exe no specs unicorn-193.exe no specs unicorn-193.exe no specs unicorn-46130.exe no specs unicorn-46130.exe no specs unicorn-14086.exe no specs unicorn-36452.exe no specs unicorn-56165.exe no specs unicorn-43913.exe no specs unicorn-56073.exe no specs unicorn-19871.exe no specs unicorn-33606.exe no specs unicorn-30806.exe no specs unicorn-8910.exe no specs unicorn-10691.exe no specs unicorn-10691.exe no specs shellexperiencehost.exe no specs unicorn-61252.exe no specs unicorn-61252.exe no specs unicorn-59865.exe no specs unicorn-29601.exe no specs unicorn-14391.exe no specs unicorn-3588.exe no specs unicorn-12518.exe no specs unicorn-8526.exe no specs unicorn-27463.exe no specs unicorn-9258.exe no specs unicorn-35901.exe no specs unicorn-27732.exe no specs unicorn-9913.exe no specs unicorn-9913.exe no specs unicorn-9913.exe no specs unicorn-48061.exe no specs unicorn-998.exe no specs unicorn-20049.exe no specs unicorn-183.exe no specs unicorn-9834.exe no specs unicorn-26006.exe no specs unicorn-56805.exe no specs unicorn-28771.exe no specs unicorn-47246.exe no specs unicorn-47246.exe no specs unicorn-12435.exe unicorn-51760.exe unicorn-18465.exe unicorn-37354.exe no specs unicorn-60816.exe no specs unicorn-63390.exe no specs unicorn-35928.exe no specs unicorn-16327.exe no specs unicorn-16327.exe no specs unicorn-14302.exe no specs unicorn-61192.exe no specs slui.exe no specs unicorn-40095.exe no specs unicorn-34750.exe no specs unicorn-4516.exe no specs unicorn-28854.exe no specs unicorn-15784.exe no specs unicorn-42590.exe no specs unicorn-64542.exe no specs unicorn-60541.exe no specs unicorn-60541.exe no specs unicorn-27484.exe no specs unicorn-10079.exe no specs unicorn-41220.exe no specs unicorn-15808.exe no specs unicorn-64162.exe no specs unicorn-50427.exe no specs unicorn-61362.exe no specs unicorn-23254.exe no specs unicorn-3364.exe no specs unicorn-60733.exe no specs unicorn-60733.exe no specs unicorn-30006.exe no specs unicorn-48289.exe no specs unicorn-36036.exe no specs unicorn-36036.exe no specs unicorn-25971.exe no specs unicorn-55637.exe no specs unicorn-55637.exe no specs unicorn-55637.exe no specs unicorn-49772.exe no specs unicorn-25429.exe no specs unicorn-25429.exe no specs unicorn-25429.exe no specs unicorn-27127.exe no specs unicorn-29927.exe no specs unicorn-19829.exe no specs unicorn-43862.exe no specs unicorn-35081.exe no specs

Process information

PID
CMD
Path
Indicators
Parent process
516C:\Users\admin\AppData\Local\Temp\Unicorn-23433.exeC:\Users\admin\AppData\Local\Temp\Unicorn-23433.exe
Unicorn-22691.exe
User:
admin
Company:
UEFI
Integrity Level:
MEDIUM
Version:
1.00
Modules
Images
c:\users\admin\appdata\local\temp\unicorn-23433.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\apphelp.dll
c:\windows\syswow64\msvbvm60.dll
536C:\Users\admin\AppData\Local\Temp\Unicorn-1406.exeC:\Users\admin\AppData\Local\Temp\Unicorn-1406.exe
Unicorn-53200.exe
User:
admin
Company:
UEFI
Integrity Level:
MEDIUM
Version:
1.00
Modules
Images
c:\users\admin\appdata\local\temp\unicorn-1406.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\apphelp.dll
c:\windows\syswow64\msvbvm60.dll
616C:\Users\admin\AppData\Local\Temp\Unicorn-26783.exeC:\Users\admin\AppData\Local\Temp\Unicorn-26783.exe
Unicorn-19781.exe
User:
admin
Company:
UEFI
Integrity Level:
MEDIUM
Version:
1.00
Modules
Images
c:\users\admin\appdata\local\temp\unicorn-26783.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\apphelp.dll
c:\windows\syswow64\msvbvm60.dll
632C:\Users\admin\AppData\Local\Temp\Unicorn-11646.exeC:\Users\admin\AppData\Local\Temp\Unicorn-11646.exe
Unicorn-43299.exe
User:
admin
Company:
UEFI
Integrity Level:
MEDIUM
Version:
1.00
Modules
Images
c:\users\admin\appdata\local\temp\unicorn-11646.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\apphelp.dll
c:\windows\syswow64\msvbvm60.dll
904C:\Users\admin\AppData\Local\Temp\Unicorn-6145.exeC:\Users\admin\AppData\Local\Temp\Unicorn-6145.exe
Unicorn-23433.exe
User:
admin
Company:
UEFI
Integrity Level:
MEDIUM
Version:
1.00
Modules
Images
c:\users\admin\appdata\local\temp\unicorn-6145.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\apphelp.dll
c:\windows\syswow64\msvbvm60.dll
1088C:\Users\admin\AppData\Local\Temp\Unicorn-53849.exeC:\Users\admin\AppData\Local\Temp\Unicorn-53849.exe
1 (464).exe
User:
admin
Company:
UEFI
Integrity Level:
MEDIUM
Version:
1.00
Modules
Images
c:\users\admin\appdata\local\temp\unicorn-53849.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\apphelp.dll
c:\windows\syswow64\msvbvm60.dll
1132C:\Users\admin\AppData\Local\Temp\Unicorn-39759.exeC:\Users\admin\AppData\Local\Temp\Unicorn-39759.exe
1 (464).exe
User:
admin
Company:
UEFI
Integrity Level:
MEDIUM
Version:
1.00
Modules
Images
c:\users\admin\appdata\local\temp\unicorn-39759.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\apphelp.dll
c:\windows\syswow64\msvbvm60.dll
1164C:\Users\admin\AppData\Local\Temp\Unicorn-57689.exeC:\Users\admin\AppData\Local\Temp\Unicorn-57689.exe
Unicorn-58767.exe
User:
admin
Company:
UEFI
Integrity Level:
MEDIUM
Version:
1.00
Modules
Images
c:\users\admin\appdata\local\temp\unicorn-57689.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\apphelp.dll
c:\windows\syswow64\msvbvm60.dll
1180C:\Users\admin\AppData\Local\Temp\Unicorn-53613.exeC:\Users\admin\AppData\Local\Temp\Unicorn-53613.exe
Unicorn-19959.exe
User:
admin
Company:
UEFI
Integrity Level:
MEDIUM
Version:
1.00
Modules
Images
c:\users\admin\appdata\local\temp\unicorn-53613.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\apphelp.dll
c:\windows\syswow64\msvbvm60.dll
1228C:\Users\admin\AppData\Local\Temp\Unicorn-39215.exeC:\Users\admin\AppData\Local\Temp\Unicorn-39215.exe
Unicorn-11612.exe
User:
admin
Company:
UEFI
Integrity Level:
MEDIUM
Version:
1.00
Modules
Images
c:\users\admin\appdata\local\temp\unicorn-39215.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\apphelp.dll
c:\windows\syswow64\msvbvm60.dll
Total events
12 825
Read events
12 808
Write events
17
Delete events
0

Modification events

(PID) Process:(7456) BackgroundTransferHost.exeKey:HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.contentdeliverymanager_cw5n1h2txyewy\Internet Settings\Cache\Content
Operation:writeName:CachePrefix
Value:
(PID) Process:(7456) BackgroundTransferHost.exeKey:HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.contentdeliverymanager_cw5n1h2txyewy\Internet Settings\Cache\Cookies
Operation:writeName:CachePrefix
Value:
Cookie:
(PID) Process:(7456) BackgroundTransferHost.exeKey:HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.contentdeliverymanager_cw5n1h2txyewy\Internet Settings\Cache\History
Operation:writeName:CachePrefix
Value:
Visited:
(PID) Process:(7692) BackgroundTransferHost.exeKey:HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.contentdeliverymanager_cw5n1h2txyewy\Internet Settings\Cache\Content
Operation:writeName:CachePrefix
Value:
(PID) Process:(7692) BackgroundTransferHost.exeKey:HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.contentdeliverymanager_cw5n1h2txyewy\Internet Settings\Cache\Cookies
Operation:writeName:CachePrefix
Value:
Cookie:
(PID) Process:(7692) BackgroundTransferHost.exeKey:HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.contentdeliverymanager_cw5n1h2txyewy\Internet Settings\Cache\History
Operation:writeName:CachePrefix
Value:
Visited:
(PID) Process:(7860) BackgroundTransferHost.exeKey:HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.contentdeliverymanager_cw5n1h2txyewy\Internet Settings\Cache\Content
Operation:writeName:CachePrefix
Value:
(PID) Process:(7860) BackgroundTransferHost.exeKey:HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.contentdeliverymanager_cw5n1h2txyewy\Internet Settings\Cache\Cookies
Operation:writeName:CachePrefix
Value:
Cookie:
(PID) Process:(7860) BackgroundTransferHost.exeKey:HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.contentdeliverymanager_cw5n1h2txyewy\Internet Settings\Cache\History
Operation:writeName:CachePrefix
Value:
Visited:
(PID) Process:(7196) BackgroundTransferHost.exeKey:HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.contentdeliverymanager_cw5n1h2txyewy\Internet Settings\Cache\Content
Operation:writeName:CachePrefix
Value:
Executable files
875
Suspicious files
6
Text files
0
Unknown types
0

Dropped files

PID
Process
Filename
Type
7692BackgroundTransferHost.exeC:\Users\admin\AppData\Local\Packages\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\AC\BackgroundTransferApi\a2f539ee-7a1d-4744-9797-1b76d0b49d6b.down_data
MD5:
SHA256:
7348Unicorn-3662.exeC:\Users\admin\AppData\Local\Temp\Unicorn-19781.exeexecutable
MD5:15F25A52736492E75DF402C286CB5CE4
SHA256:74911558CD6727621D929D609AC121C2DA7F82FDE2DC6C0C6CE2E1848353F793
7692BackgroundTransferHost.exeC:\Users\admin\AppData\Local\Packages\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\AC\BackgroundTransferApi\493fc3c5-ed95-4669-b325-46a14c1be2a2.314f0e64-d284-4447-b2eb-d15b2e772921.down_metabinary
MD5:E6586DB8524D13E60EF1383602386C79
SHA256:B17AB11ED728A50E1187E6FA85BCAAF23093EE639E6E9D3361C6E5DF8EC441CF
50721 (464).exeC:\Users\admin\AppData\Local\Temp\Unicorn-22691.exeexecutable
MD5:1FFF75F2E142B4E2C00C494E1C29CF6D
SHA256:11B35C0CC194C6E7BE9FC2A04C5A0DD06F085FFBCCA98104D0609C6E465FD3E2
7692BackgroundTransferHost.exeC:\Users\admin\AppData\Local\Packages\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\AC\BackgroundTransferApi\493fc3c5-ed95-4669-b325-46a14c1be2a2.up_meta_securebinary
MD5:8052B88D081F707EF7697A729052BFEF
SHA256:89689C8E87A61005454C200A6BB988B393658C7951DE232B8B778CE2C5EC3F34
50721 (464).exeC:\Users\admin\AppData\Local\Temp\Unicorn-53849.exeexecutable
MD5:0A3C3B3135102B000478E6B70904C80D
SHA256:4971B5E841086389AE5B3FFCB5AA74297861C65BD10F277384FB241796487C39
50721 (464).exeC:\Users\admin\AppData\Local\Temp\Unicorn-58767.exeexecutable
MD5:96331537C285C7FC077A826180A2C544
SHA256:4971B5E841086389AE5B3FFCB5AA74297861C65BD10F277384FB241796487C39
7356Unicorn-22691.exeC:\Users\admin\AppData\Local\Temp\Unicorn-11612.exeexecutable
MD5:CE3B13B8630718D61AD791AA2A7FA508
SHA256:DC498DF53FB9E063F1FAD7D5E0A840112EA0606A724FF5E4FB517B18708DE1F6
1088Unicorn-53849.exeC:\Users\admin\AppData\Local\Temp\Unicorn-53200.exeexecutable
MD5:9D2B116D522A6FD9B2D8923B4C27F9A9
SHA256:A740F3D70CC9A85BE4B0837F33D8ACCA98ED285F689F5E0BDDE3E15A326F4D3C
7692BackgroundTransferHost.exeC:\Users\admin\AppData\Local\Packages\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\AC\BackgroundTransferApi\a2f539ee-7a1d-4744-9797-1b76d0b49d6b.314f0e64-d284-4447-b2eb-d15b2e772921.down_metabinary
MD5:E6586DB8524D13E60EF1383602386C79
SHA256:B17AB11ED728A50E1187E6FA85BCAAF23093EE639E6E9D3361C6E5DF8EC441CF
Download PCAP, analyze network streams, HTTP content and a lot more at the full report
HTTP(S) requests
6
TCP/UDP connections
23
DNS requests
15
Threats
0

HTTP requests

PID
Process
Method
HTTP Code
IP
URL
CN
Type
Size
Reputation
GET
200
23.48.23.141:80
http://crl.microsoft.com/pki/crl/products/MicRooCerAut2011_2011_03_22.crl
unknown
whitelisted
6544
svchost.exe
GET
200
23.54.109.203:80
http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBSAUQYBMq2awn1Rh6Doh%2FsBYgFV7gQUA95QNVbRTLtm8KPiGxvDl7I90VUCEAJ0LqoXyo4hxxe7H%2Fz9DKA%3D
unknown
whitelisted
780
backgroundTaskHost.exe
GET
200
23.54.109.203:80
http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBQ50otx%2Fh0Ztl%2Bz8SiPI7wEWVxDlQQUTiJUIBiV5uNu5g%2F6%2BrkS7QYXjzkCEAUZZSZEml49Gjh0j13P68w%3D
unknown
whitelisted
2148
SIHClient.exe
GET
200
184.30.21.171:80
http://www.microsoft.com/pkiops/crl/Microsoft%20ECC%20Product%20Root%20Certificate%20Authority%202018.crl
unknown
whitelisted
7692
BackgroundTransferHost.exe
GET
200
23.54.109.203:80
http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBTrjrydRyt%2BApF3GSPypfHBxR5XtQQUs9tIpPmhxdiuNkHMEWNpYim8S8YCEAI5PUjXAkJafLQcAAsO18o%3D
unknown
whitelisted
2148
SIHClient.exe
GET
200
184.30.21.171:80
http://www.microsoft.com/pkiops/crl/Microsoft%20ECC%20Update%20Secure%20Server%20CA%202.1.crl
unknown
whitelisted
Download PCAP, analyze network streams, HTTP content and a lot more at the full report

Connections

PID
Process
IP
Domain
ASN
CN
Reputation
4
System
192.168.100.255:137
whitelisted
40.127.240.158:443
settings-win.data.microsoft.com
MICROSOFT-CORP-MSN-AS-BLOCK
IE
whitelisted
4
System
192.168.100.255:138
whitelisted
23.48.23.141:80
crl.microsoft.com
Akamai International B.V.
DE
whitelisted
5496
MoUsoCoreWorker.exe
40.127.240.158:443
settings-win.data.microsoft.com
MICROSOFT-CORP-MSN-AS-BLOCK
IE
whitelisted
3216
svchost.exe
20.198.162.76:443
client.wns.windows.com
MICROSOFT-CORP-MSN-AS-BLOCK
SG
whitelisted
6544
svchost.exe
20.190.160.3:443
login.live.com
MICROSOFT-CORP-MSN-AS-BLOCK
NL
whitelisted
6544
svchost.exe
23.54.109.203:80
ocsp.digicert.com
AKAMAI-AS
DE
whitelisted
2104
svchost.exe
40.127.240.158:443
settings-win.data.microsoft.com
MICROSOFT-CORP-MSN-AS-BLOCK
IE
whitelisted
780
backgroundTaskHost.exe
20.74.47.205:443
arc.msn.com
MICROSOFT-CORP-MSN-AS-BLOCK
FR
whitelisted

DNS requests

Domain
IP
Reputation
google.com
  • 216.58.206.78
whitelisted
settings-win.data.microsoft.com
  • 40.127.240.158
whitelisted
crl.microsoft.com
  • 23.48.23.141
  • 23.48.23.147
  • 23.48.23.166
  • 23.48.23.190
  • 23.48.23.158
  • 23.48.23.194
whitelisted
client.wns.windows.com
  • 20.198.162.76
whitelisted
login.live.com
  • 20.190.160.3
  • 20.190.160.14
  • 20.190.160.132
  • 20.190.160.65
  • 40.126.32.138
  • 40.126.32.72
  • 40.126.32.136
  • 40.126.32.68
whitelisted
ocsp.digicert.com
  • 23.54.109.203
whitelisted
arc.msn.com
  • 20.74.47.205
whitelisted
www.bing.com
  • 104.126.37.139
  • 104.126.37.131
  • 104.126.37.177
  • 104.126.37.123
  • 104.126.37.184
  • 104.126.37.128
  • 104.126.37.137
  • 104.126.37.168
  • 104.126.37.136
whitelisted
slscr.update.microsoft.com
  • 4.175.87.197
whitelisted
www.microsoft.com
  • 184.30.21.171
whitelisted

Threats

No threats detected
No debug info
Interactive malware hunting service ANY.RUN
© 2017-2025 ANY.RUN ALL RIGHTS RESERVED
ANY.RUN
Reports
1 (464)