783bd9d7960c2e7209ddfa78913347496d474d641d95f4fb1c06ba04340730b2

Analysis

max time kernel
151s
max time network
125s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
16/04/2024, 15:27

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

f3c63ce793554f4f51b27f73d8486636_JaffaCakes118.exe
Size

184KB
MD5

f3c63ce793554f4f51b27f73d8486636
SHA1

7d77951c72411c4df0b6caa9c5ffb7001b48cf6b
SHA256

783bd9d7960c2e7209ddfa78913347496d474d641d95f4fb1c06ba04340730b2
SHA512

65cd760df7e5e848ba36d51528d6a6689d145ae6b7b7d87bd9217890fa4ee460ef450ae03baf937af4bded541e495e88ac572b0173e4497392fd6d4c8c14c166
SSDEEP

3072:M+jLoElHXJA89B/XwTO608dbq6k6ptzFEzax+id9TNlPvpF/:M+/oMm89dwq6081RkoNlPvpF

Score

7^/10

Malware Config

Signatures

Executes dropped EXE 64 IoCs

pid	Process
2816	Unicorn-13613.exe
2688	Unicorn-5481.exe
3048	Unicorn-29431.exe
2580	Unicorn-32192.exe
2432	Unicorn-61527.exe
2736	Unicorn-61164.exe
2476	Unicorn-45954.exe
2120	Unicorn-54677.exe
2408	Unicorn-50038.exe
2004	Unicorn-1776.exe
2712	Unicorn-21642.exe
1204	Unicorn-45399.exe
1540	Unicorn-41869.exe
2972	Unicorn-7874.exe
2348	Unicorn-3982.exe
1628	Unicorn-45975.exe
2276	Unicorn-26109.exe
552	Unicorn-4942.exe
2808	Unicorn-50614.exe
836	Unicorn-19992.exe
1840	Unicorn-3634.exe
1492	Unicorn-40220.exe
1312	Unicorn-58585.exe
2968	Unicorn-42995.exe
2296	Unicorn-49841.exe
572	Unicorn-1579.exe
1000	Unicorn-5108.exe
1984	Unicorn-13831.exe
660	Unicorn-33697.exe
1620	Unicorn-63437.exe
1616	Unicorn-47656.exe
1220	Unicorn-30573.exe
2568	Unicorn-7329.exe
2164	Unicorn-12352.exe
2656	Unicorn-44470.exe
2632	Unicorn-25166.exe
2592	Unicorn-17552.exe
2556	Unicorn-37418.exe
2216	Unicorn-33312.exe
2428	Unicorn-32758.exe
1148	Unicorn-21850.exe
2732	Unicorn-10090.exe
2764	Unicorn-56722.exe
1656	Unicorn-64335.exe
2940	Unicorn-19581.exe
1588	Unicorn-2498.exe
1964	Unicorn-2498.exe
832	Unicorn-2498.exe
524	Unicorn-48938.exe
1820	Unicorn-21440.exe
2128	Unicorn-5850.exe
980	Unicorn-63624.exe
1384	Unicorn-55456.exe
2608	Unicorn-55648.exe
2036	Unicorn-2939.exe
956	Unicorn-44143.exe
1560	Unicorn-15877.exe
2984	Unicorn-60993.exe
1340	Unicorn-21859.exe
2272	Unicorn-41725.exe
2824	Unicorn-33713.exe
2840	Unicorn-10469.exe
2496	Unicorn-15321.exe
2084	Unicorn-49722.exe

Loads dropped DLL 64 IoCs

pid	Process
2072	f3c63ce793554f4f51b27f73d8486636_JaffaCakes118.exe
2072	f3c63ce793554f4f51b27f73d8486636_JaffaCakes118.exe
2816	Unicorn-13613.exe
2072	f3c63ce793554f4f51b27f73d8486636_JaffaCakes118.exe
2072	f3c63ce793554f4f51b27f73d8486636_JaffaCakes118.exe
2816	Unicorn-13613.exe
3048	Unicorn-29431.exe
3048	Unicorn-29431.exe
2816	Unicorn-13613.exe
2816	Unicorn-13613.exe
2688	Unicorn-5481.exe
2688	Unicorn-5481.exe
2580	Unicorn-32192.exe
2580	Unicorn-32192.exe
3048	Unicorn-29431.exe
3048	Unicorn-29431.exe
2736	Unicorn-61164.exe
2736	Unicorn-61164.exe
2688	Unicorn-5481.exe
2432	Unicorn-61527.exe
2432	Unicorn-61527.exe
2688	Unicorn-5481.exe
2476	Unicorn-45954.exe
2476	Unicorn-45954.exe
2580	Unicorn-32192.exe
2580	Unicorn-32192.exe
2120	Unicorn-54677.exe
2120	Unicorn-54677.exe
2712	Unicorn-21642.exe
2712	Unicorn-21642.exe
2408	Unicorn-50038.exe
2408	Unicorn-50038.exe
2432	Unicorn-61527.exe
2432	Unicorn-61527.exe
2004	Unicorn-1776.exe
2004	Unicorn-1776.exe
2736	Unicorn-61164.exe
2736	Unicorn-61164.exe
1204	Unicorn-45399.exe
1204	Unicorn-45399.exe
2476	Unicorn-45954.exe
2476	Unicorn-45954.exe
1540	Unicorn-41869.exe
1540	Unicorn-41869.exe
2972	Unicorn-7874.exe
2972	Unicorn-7874.exe
2120	Unicorn-54677.exe
2120	Unicorn-54677.exe
1628	Unicorn-45975.exe
1628	Unicorn-45975.exe
2408	Unicorn-50038.exe
2408	Unicorn-50038.exe
552	Unicorn-4942.exe
552	Unicorn-4942.exe
2004	Unicorn-1776.exe
2004	Unicorn-1776.exe
2348	Unicorn-3982.exe
2348	Unicorn-3982.exe
2276	Unicorn-26109.exe
2276	Unicorn-26109.exe
2712	Unicorn-21642.exe
2712	Unicorn-21642.exe
2808	Unicorn-50614.exe
2808	Unicorn-50614.exe

Program crash 7 IoCs

pid	pid_target	Process	procid_target
1072	2640	WerFault.exe	157
2372	2024	WerFault.exe	146
2824	2632	WerFault.exe	190
1628	1964	WerFault.exe	174
1364	1096	WerFault.exe	273
1748	2628	WerFault.exe	252
1540	2328	WerFault.exe	234

Suspicious use of SetWindowsHookEx 64 IoCs

pid	Process
2072	f3c63ce793554f4f51b27f73d8486636_JaffaCakes118.exe
2816	Unicorn-13613.exe
3048	Unicorn-29431.exe
2688	Unicorn-5481.exe
2580	Unicorn-32192.exe
2736	Unicorn-61164.exe
2432	Unicorn-61527.exe
2476	Unicorn-45954.exe
2120	Unicorn-54677.exe
2408	Unicorn-50038.exe
2004	Unicorn-1776.exe
2712	Unicorn-21642.exe
1204	Unicorn-45399.exe
1540	Unicorn-41869.exe
2972	Unicorn-7874.exe
552	Unicorn-4942.exe
2348	Unicorn-3982.exe
1628	Unicorn-45975.exe
2276	Unicorn-26109.exe
2808	Unicorn-50614.exe
836	Unicorn-19992.exe
1840	Unicorn-3634.exe
1492	Unicorn-40220.exe
1312	Unicorn-58585.exe
2968	Unicorn-42995.exe
572	Unicorn-1579.exe
2296	Unicorn-49841.exe
1984	Unicorn-13831.exe
660	Unicorn-33697.exe
1620	Unicorn-63437.exe
1000	Unicorn-5108.exe
1616	Unicorn-47656.exe
1220	Unicorn-30573.exe
2568	Unicorn-7329.exe
2164	Unicorn-12352.exe
2656	Unicorn-44470.exe
2632	Unicorn-25166.exe
2428	Unicorn-32758.exe
2556	Unicorn-37418.exe
2592	Unicorn-17552.exe
2216	Unicorn-33312.exe
1148	Unicorn-21850.exe
2732	Unicorn-10090.exe
1656	Unicorn-64335.exe
2764	Unicorn-56722.exe
2940	Unicorn-19581.exe
1588	Unicorn-2498.exe
832	Unicorn-2498.exe
1964	Unicorn-2498.exe
524	Unicorn-48938.exe
1820	Unicorn-21440.exe
2128	Unicorn-5850.exe
2608	Unicorn-55648.exe
980	Unicorn-63624.exe
1384	Unicorn-55456.exe
1560	Unicorn-15877.exe
956	Unicorn-44143.exe
2036	Unicorn-2939.exe
2984	Unicorn-60993.exe
1340	Unicorn-21859.exe
2272	Unicorn-41725.exe
2824	Unicorn-33713.exe
2840	Unicorn-10469.exe
2496	Unicorn-15321.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2072 wrote to memory of 2816	2072	f3c63ce793554f4f51b27f73d8486636_JaffaCakes118.exe	28
PID 2072 wrote to memory of 2816	2072	f3c63ce793554f4f51b27f73d8486636_JaffaCakes118.exe	28
PID 2072 wrote to memory of 2816	2072	f3c63ce793554f4f51b27f73d8486636_JaffaCakes118.exe	28
PID 2072 wrote to memory of 2816	2072	f3c63ce793554f4f51b27f73d8486636_JaffaCakes118.exe	28
PID 2072 wrote to memory of 2688	2072	f3c63ce793554f4f51b27f73d8486636_JaffaCakes118.exe	30
PID 2072 wrote to memory of 2688	2072	f3c63ce793554f4f51b27f73d8486636_JaffaCakes118.exe	30
PID 2072 wrote to memory of 2688	2072	f3c63ce793554f4f51b27f73d8486636_JaffaCakes118.exe	30
PID 2072 wrote to memory of 2688	2072	f3c63ce793554f4f51b27f73d8486636_JaffaCakes118.exe	30
PID 2816 wrote to memory of 3048	2816	Unicorn-13613.exe	29
PID 2816 wrote to memory of 3048	2816	Unicorn-13613.exe	29
PID 2816 wrote to memory of 3048	2816	Unicorn-13613.exe	29
PID 2816 wrote to memory of 3048	2816	Unicorn-13613.exe	29
PID 3048 wrote to memory of 2580	3048	Unicorn-29431.exe	31
PID 3048 wrote to memory of 2580	3048	Unicorn-29431.exe	31
PID 3048 wrote to memory of 2580	3048	Unicorn-29431.exe	31
PID 3048 wrote to memory of 2580	3048	Unicorn-29431.exe	31
PID 2816 wrote to memory of 2432	2816	Unicorn-13613.exe	32
PID 2816 wrote to memory of 2432	2816	Unicorn-13613.exe	32
PID 2816 wrote to memory of 2432	2816	Unicorn-13613.exe	32
PID 2816 wrote to memory of 2432	2816	Unicorn-13613.exe	32
PID 2688 wrote to memory of 2736	2688	Unicorn-5481.exe	33
PID 2688 wrote to memory of 2736	2688	Unicorn-5481.exe	33
PID 2688 wrote to memory of 2736	2688	Unicorn-5481.exe	33
PID 2688 wrote to memory of 2736	2688	Unicorn-5481.exe	33
PID 2580 wrote to memory of 2476	2580	Unicorn-32192.exe	34
PID 2580 wrote to memory of 2476	2580	Unicorn-32192.exe	34
PID 2580 wrote to memory of 2476	2580	Unicorn-32192.exe	34
PID 2580 wrote to memory of 2476	2580	Unicorn-32192.exe	34
PID 3048 wrote to memory of 2120	3048	Unicorn-29431.exe	35
PID 3048 wrote to memory of 2120	3048	Unicorn-29431.exe	35
PID 3048 wrote to memory of 2120	3048	Unicorn-29431.exe	35
PID 3048 wrote to memory of 2120	3048	Unicorn-29431.exe	35
PID 2736 wrote to memory of 2408	2736	Unicorn-61164.exe	36
PID 2736 wrote to memory of 2408	2736	Unicorn-61164.exe	36
PID 2736 wrote to memory of 2408	2736	Unicorn-61164.exe	36
PID 2736 wrote to memory of 2408	2736	Unicorn-61164.exe	36
PID 2432 wrote to memory of 2712	2432	Unicorn-61527.exe	38
PID 2432 wrote to memory of 2712	2432	Unicorn-61527.exe	38
PID 2432 wrote to memory of 2712	2432	Unicorn-61527.exe	38
PID 2432 wrote to memory of 2712	2432	Unicorn-61527.exe	38
PID 2688 wrote to memory of 2004	2688	Unicorn-5481.exe	37
PID 2688 wrote to memory of 2004	2688	Unicorn-5481.exe	37
PID 2688 wrote to memory of 2004	2688	Unicorn-5481.exe	37
PID 2688 wrote to memory of 2004	2688	Unicorn-5481.exe	37
PID 2476 wrote to memory of 1204	2476	Unicorn-45954.exe	39
PID 2476 wrote to memory of 1204	2476	Unicorn-45954.exe	39
PID 2476 wrote to memory of 1204	2476	Unicorn-45954.exe	39
PID 2476 wrote to memory of 1204	2476	Unicorn-45954.exe	39
PID 2580 wrote to memory of 1540	2580	Unicorn-32192.exe	40
PID 2580 wrote to memory of 1540	2580	Unicorn-32192.exe	40
PID 2580 wrote to memory of 1540	2580	Unicorn-32192.exe	40
PID 2580 wrote to memory of 1540	2580	Unicorn-32192.exe	40
PID 2120 wrote to memory of 2972	2120	Unicorn-54677.exe	41
PID 2120 wrote to memory of 2972	2120	Unicorn-54677.exe	41
PID 2120 wrote to memory of 2972	2120	Unicorn-54677.exe	41
PID 2120 wrote to memory of 2972	2120	Unicorn-54677.exe	41
PID 2712 wrote to memory of 2348	2712	Unicorn-21642.exe	42
PID 2712 wrote to memory of 2348	2712	Unicorn-21642.exe	42
PID 2712 wrote to memory of 2348	2712	Unicorn-21642.exe	42
PID 2712 wrote to memory of 2348	2712	Unicorn-21642.exe	42
PID 2408 wrote to memory of 1628	2408	Unicorn-50038.exe	43
PID 2408 wrote to memory of 1628	2408	Unicorn-50038.exe	43
PID 2408 wrote to memory of 1628	2408	Unicorn-50038.exe	43
PID 2408 wrote to memory of 1628	2408	Unicorn-50038.exe	43

C:\Users\Admin\AppData\Local\Temp\f3c63ce793554f4f51b27f73d8486636_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\f3c63ce793554f4f51b27f73d8486636_JaffaCakes118.exe"
1⤵
- Loads dropped DLL
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2072
- C:\Users\Admin\AppData\Local\Temp\Unicorn-13613.exe
  C:\Users\Admin\AppData\Local\Temp\Unicorn-13613.exe
  2⤵
  - Executes dropped EXE
  - Loads dropped DLL
  - Suspicious use of SetWindowsHookEx
  - Suspicious use of WriteProcessMemory
  PID:2816
- - C:\Users\Admin\AppData\Local\Temp\Unicorn-29431.exe
    C:\Users\Admin\AppData\Local\Temp\Unicorn-29431.exe
    3⤵
    - Executes dropped EXE
    - Loads dropped DLL
    - Suspicious use of SetWindowsHookEx
    - Suspicious use of WriteProcessMemory
    PID:3048
  - - C:\Users\Admin\AppData\Local\Temp\Unicorn-32192.exe
      C:\Users\Admin\AppData\Local\Temp\Unicorn-32192.exe
      4⤵
      Executes dropped EXE
      Loads dropped DLL
      Suspicious use of SetWindowsHookEx
      Suspicious use of WriteProcessMemory
      PID:2580
    - - C:\Users\Admin\AppData\Local\Temp\Unicorn-45954.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-45954.exe
        5⤵
        Executes dropped EXE
        Loads dropped DLL
        Suspicious use of SetWindowsHookEx
        Suspicious use of WriteProcessMemory
        
        PID:2476
      - C:\Users\Admin\AppData\Local\Temp\Unicorn-45399.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-45399.exe
        6⤵
        Executes dropped EXE
        Loads dropped DLL
        Suspicious use of SetWindowsHookEx
        
        PID:1204
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-19992.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-19992.exe
        7⤵
        Executes dropped EXE
        Suspicious use of SetWindowsHookEx
        
        PID:836
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-7329.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-7329.exe
        8⤵
        Executes dropped EXE
        Suspicious use of SetWindowsHookEx
        
        PID:2568
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-15321.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-15321.exe
        9⤵
        Executes dropped EXE
        Suspicious use of SetWindowsHookEx
        
        PID:2496
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-495.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-495.exe
        10⤵
        
        PID:2800
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-37935.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-37935.exe
        11⤵
        
        PID:1996
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-26669.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-26669.exe
        12⤵
        
        PID:2272
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-51931.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-51931.exe
        13⤵
        
        PID:2812
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-9243.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-9243.exe
        14⤵
        
        PID:2684
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-3924.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-3924.exe
        15⤵
        
        PID:808
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-9817.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-9817.exe
        16⤵
        
        PID:1756
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-56055.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-56055.exe
        17⤵
        
        PID:2936
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-62189.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-62189.exe
        18⤵
        
        PID:2572
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-14646.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-14646.exe
        9⤵
        
        PID:768
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-10962.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-10962.exe
        10⤵
        
        PID:2396
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-26622.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-26622.exe
        11⤵
        
        PID:2436
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-6793.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-6793.exe
        12⤵
        
        PID:2456
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-6949.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-6949.exe
        13⤵
        
        PID:1752
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-696.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-696.exe
        14⤵
        
        PID:1424
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-49233.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-49233.exe
        15⤵
        
        PID:1600
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-47098.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-47098.exe
        16⤵
        
        PID:2436
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-46953.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-46953.exe
        17⤵
        
        PID:1632
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-60134.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-60134.exe
        18⤵
        
        PID:2220
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-12352.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-12352.exe
        7⤵
        Executes dropped EXE
        Suspicious use of SetWindowsHookEx
        
        PID:2164
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-63624.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-63624.exe
        8⤵
        Executes dropped EXE
        Suspicious use of SetWindowsHookEx
        
        PID:980
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-30044.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-30044.exe
        9⤵
        
        PID:2788
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-48137.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-48137.exe
        10⤵
        
        PID:2592
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-30182.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-30182.exe
        11⤵
        
        PID:1208
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-22606.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-22606.exe
        12⤵
        
        PID:2376
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-58397.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-58397.exe
        13⤵
        
        PID:2828
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-24106.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-24106.exe
        14⤵
        
        PID:2644
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-21491.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-21491.exe
        15⤵
        
        PID:804
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-9194.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-9194.exe
        16⤵
        
        PID:2776
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-53787.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-53787.exe
        17⤵
        
        PID:1936
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-2573.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-2573.exe
        18⤵
        
        PID:1828
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-38531.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-38531.exe
        12⤵
        
        PID:1400
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-21496.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-21496.exe
        13⤵
        
        PID:388
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-48748.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-48748.exe
        14⤵
        
        PID:1940
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-60497.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-60497.exe
        15⤵
        
        PID:3052
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-26341.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-26341.exe
        16⤵
        
        PID:1688
      - C:\Users\Admin\AppData\Local\Temp\Unicorn-3634.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-3634.exe
        6⤵
        Executes dropped EXE
        Suspicious use of SetWindowsHookEx
        
        PID:1840
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-44470.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-44470.exe
        7⤵
        Executes dropped EXE
        Suspicious use of SetWindowsHookEx
        
        PID:2656
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-27247.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-27247.exe
        8⤵
        
        PID:1512
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-57117.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-57117.exe
        9⤵
        
        PID:2844
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-53508.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-53508.exe
        10⤵
        
        PID:2080
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-3072.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-3072.exe
        11⤵
        
        PID:2640
        
        C:\Windows\SysWOW64\WerFault.exe
        
        C:\Windows\SysWOW64\WerFault.exe -u -p 2640 -s 240
        12⤵
        Program crash
        
        PID:1072
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-5539.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-5539.exe
        8⤵
        
        PID:1080
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-15075.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-15075.exe
        9⤵
        
        PID:668
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-8682.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-8682.exe
        10⤵
        
        PID:2332
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-61573.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-61573.exe
        11⤵
        
        PID:1956
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-10945.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-10945.exe
        12⤵
        
        PID:2724
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-7544.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-7544.exe
        13⤵
        
        PID:1092
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-60492.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-60492.exe
        14⤵
        
        PID:2836
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-17265.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-17265.exe
        15⤵
        
        PID:1640
    - - C:\Users\Admin\AppData\Local\Temp\Unicorn-41869.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-41869.exe
        5⤵
        Executes dropped EXE
        Loads dropped DLL
        Suspicious use of SetWindowsHookEx
        
        PID:1540
      - C:\Users\Admin\AppData\Local\Temp\Unicorn-40220.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-40220.exe
        6⤵
        Executes dropped EXE
        Suspicious use of SetWindowsHookEx
        
        PID:1492
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-25166.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-25166.exe
        7⤵
        Executes dropped EXE
        Suspicious use of SetWindowsHookEx
        
        PID:2632
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-15877.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-15877.exe
        8⤵
        Executes dropped EXE
        Suspicious use of SetWindowsHookEx
        
        PID:1560
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-49333.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-49333.exe
        9⤵
        
        PID:604
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-46300.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-46300.exe
        10⤵
        
        PID:2520
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-31469.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-31469.exe
        11⤵
        
        PID:2996
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-58397.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-58397.exe
        12⤵
        
        PID:2972
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-49129.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-49129.exe
        13⤵
        
        PID:340
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-3924.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-3924.exe
        14⤵
        
        PID:1708
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-17545.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-17545.exe
        15⤵
        
        PID:2488
      - C:\Users\Admin\AppData\Local\Temp\Unicorn-17552.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-17552.exe
        6⤵
        Executes dropped EXE
        Suspicious use of SetWindowsHookEx
        
        PID:2592
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-41725.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-41725.exe
        7⤵
        Executes dropped EXE
        Suspicious use of SetWindowsHookEx
        
        PID:2272
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-47854.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-47854.exe
        8⤵
        
        PID:2720
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-21085.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-21085.exe
        9⤵
        
        PID:872
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-41111.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-41111.exe
        10⤵
        
        PID:1040
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-8869.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-8869.exe
        11⤵
        
        PID:2496
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-51983.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-51983.exe
        12⤵
        
        PID:2460
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-47889.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-47889.exe
        13⤵
        
        PID:2396
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-22018.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-22018.exe
        14⤵
        
        PID:2532
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-15551.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-15551.exe
        15⤵
        
        PID:1272
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-14275.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-14275.exe
        16⤵
        
        PID:1988
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-62531.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-62531.exe
        14⤵
        
        PID:2460
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-11452.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-11452.exe
        15⤵
        
        PID:2392
  - - C:\Users\Admin\AppData\Local\Temp\Unicorn-54677.exe
      C:\Users\Admin\AppData\Local\Temp\Unicorn-54677.exe
      4⤵
      Executes dropped EXE
      Loads dropped DLL
      Suspicious use of SetWindowsHookEx
      Suspicious use of WriteProcessMemory
      PID:2120
    - - C:\Users\Admin\AppData\Local\Temp\Unicorn-7874.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-7874.exe
        5⤵
        Executes dropped EXE
        Loads dropped DLL
        Suspicious use of SetWindowsHookEx
        
        PID:2972
      - C:\Users\Admin\AppData\Local\Temp\Unicorn-58585.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-58585.exe
        6⤵
        Executes dropped EXE
        Suspicious use of SetWindowsHookEx
        
        PID:1312
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-37418.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-37418.exe
        7⤵
        Executes dropped EXE
        Suspicious use of SetWindowsHookEx
        
        PID:2556
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-21440.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-21440.exe
        8⤵
        Executes dropped EXE
        Suspicious use of SetWindowsHookEx
        
        PID:1820
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-35031.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-35031.exe
        9⤵
        
        PID:2704
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-57649.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-57649.exe
        10⤵
        
        PID:2972
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-25164.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-25164.exe
        11⤵
        
        PID:1312
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-18117.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-18117.exe
        12⤵
        
        PID:2788
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-50452.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-50452.exe
        13⤵
        
        PID:2444
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-19311.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-19311.exe
        14⤵
        
        PID:2328
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-49233.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-49233.exe
        15⤵
        
        PID:2348
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-6833.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-6833.exe
        16⤵
        
        PID:2012
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-11270.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-11270.exe
        17⤵
        
        PID:1452
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-12412.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-12412.exe
        18⤵
        
        PID:1920
        
        C:\Windows\SysWOW64\WerFault.exe
        
        C:\Windows\SysWOW64\WerFault.exe -u -p 2328 -s 368
        15⤵
        Program crash
        
        PID:1540
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-5850.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-5850.exe
        7⤵
        Executes dropped EXE
        Suspicious use of SetWindowsHookEx
        
        PID:2128
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-22966.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-22966.exe
        8⤵
        
        PID:2816
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-28485.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-28485.exe
        9⤵
        
        PID:804
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-65231.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-65231.exe
        10⤵
        
        PID:1984
      - C:\Users\Admin\AppData\Local\Temp\Unicorn-33312.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-33312.exe
        6⤵
        Executes dropped EXE
        Suspicious use of SetWindowsHookEx
        
        PID:2216
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-49722.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-49722.exe
        7⤵
        Executes dropped EXE
        
        PID:2084
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-4408.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-4408.exe
        8⤵
        
        PID:2204
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-33472.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-33472.exe
        9⤵
        
        PID:868
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-2133.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-2133.exe
        10⤵
        
        PID:2140
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-34453.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-34453.exe
        11⤵
        
        PID:2068
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-52512.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-52512.exe
        12⤵
        
        PID:928
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-52170.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-52170.exe
        13⤵
        
        PID:2276
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-57103.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-57103.exe
        14⤵
        
        PID:2840
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-50819.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-50819.exe
        15⤵
        
        PID:2496
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-15401.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-15401.exe
        16⤵
        
        PID:1600
    - - C:\Users\Admin\AppData\Local\Temp\Unicorn-42995.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-42995.exe
        5⤵
        Executes dropped EXE
        Suspicious use of SetWindowsHookEx
        
        PID:2968
      - C:\Users\Admin\AppData\Local\Temp\Unicorn-32758.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-32758.exe
        6⤵
        Executes dropped EXE
        Suspicious use of SetWindowsHookEx
        
        PID:2428
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-2939.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-2939.exe
        7⤵
        Executes dropped EXE
        Suspicious use of SetWindowsHookEx
        
        PID:2036
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-2.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-2.exe
        8⤵
        
        PID:1692
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-0.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-0.exe
        9⤵
        
        PID:2120
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-2.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-2.exe
        10⤵
        
        PID:1916
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-2.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-2.exe
        11⤵
        
        PID:2212
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-0.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-0.exe
        12⤵
        
        PID:2524
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-1.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-1.exe
        13⤵
        
        PID:2124
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-0.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-0.exe
        14⤵
        
        PID:3020
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-0.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-0.exe
        15⤵
        
        PID:2564
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-0.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-0.exe
        16⤵
        
        PID:2404
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-1.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-1.exe
        17⤵
        
        PID:2860
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-1.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-1.exe
        18⤵
        
        PID:632
      - C:\Users\Admin\AppData\Local\Temp\Unicorn-44143.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-44143.exe
        6⤵
        Executes dropped EXE
        Suspicious use of SetWindowsHookEx
        
        PID:956
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-58248.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-58248.exe
        7⤵
        
        PID:2356
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-34891.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-34891.exe
        8⤵
        
        PID:572
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-25906.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-25906.exe
        9⤵
        
        PID:2580
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-52512.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-52512.exe
        10⤵
        
        PID:2864
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-7904.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-7904.exe
        11⤵
        
        PID:2316
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-54168.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-54168.exe
        12⤵
        
        PID:2356
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-54604.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-54604.exe
        13⤵
        
        PID:520
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-60497.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-60497.exe
        14⤵
        
        PID:1928
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-51089.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-51089.exe
        15⤵
        
        PID:1772
- - C:\Users\Admin\AppData\Local\Temp\Unicorn-61527.exe
    C:\Users\Admin\AppData\Local\Temp\Unicorn-61527.exe
    3⤵
    - Executes dropped EXE
    - Loads dropped DLL
    - Suspicious use of SetWindowsHookEx
    - Suspicious use of WriteProcessMemory
    PID:2432
  - - C:\Users\Admin\AppData\Local\Temp\Unicorn-21642.exe
      C:\Users\Admin\AppData\Local\Temp\Unicorn-21642.exe
      4⤵
      Executes dropped EXE
      Loads dropped DLL
      Suspicious use of SetWindowsHookEx
      Suspicious use of WriteProcessMemory
      PID:2712
    - - C:\Users\Admin\AppData\Local\Temp\Unicorn-3982.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-3982.exe
        5⤵
        Executes dropped EXE
        Loads dropped DLL
        Suspicious use of SetWindowsHookEx
        
        PID:2348
      - C:\Users\Admin\AppData\Local\Temp\Unicorn-33697.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-33697.exe
        6⤵
        Executes dropped EXE
        Suspicious use of SetWindowsHookEx
        
        PID:660
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-55648.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-55648.exe
        7⤵
        Executes dropped EXE
        Suspicious use of SetWindowsHookEx
        
        PID:2608
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-36183.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-36183.exe
        8⤵
        
        PID:1516
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-50843.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-50843.exe
        9⤵
        
        PID:2868
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-11567.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-11567.exe
        10⤵
        
        PID:1932
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-29409.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-29409.exe
        11⤵
        
        PID:1012
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-6949.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-6949.exe
        12⤵
        
        PID:2392
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-27422.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-27422.exe
        13⤵
        
        PID:524
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-62772.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-62772.exe
        14⤵
        
        PID:2680
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-41094.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-41094.exe
        15⤵
        
        PID:1308
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-1644.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-1644.exe
        16⤵
        
        PID:1208
    - - C:\Users\Admin\AppData\Local\Temp\Unicorn-47656.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-47656.exe
        5⤵
        Executes dropped EXE
        Suspicious use of SetWindowsHookEx
        
        PID:1616
      - C:\Users\Admin\AppData\Local\Temp\Unicorn-2498.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-2498.exe
        6⤵
        Executes dropped EXE
        Suspicious use of SetWindowsHookEx
        
        PID:1588
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-10469.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-10469.exe
        7⤵
        Executes dropped EXE
        Suspicious use of SetWindowsHookEx
        
        PID:2840
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-17984.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-17984.exe
        8⤵
        
        PID:1308
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-23734.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-23734.exe
        9⤵
        
        PID:928
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-9346.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-9346.exe
        10⤵
        
        PID:520
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-1780.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-1780.exe
        11⤵
        
        PID:2072
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-26280.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-26280.exe
        12⤵
        
        PID:3064
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-27422.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-27422.exe
        13⤵
        
        PID:1740
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-47702.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-47702.exe
        14⤵
        
        PID:884
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-32220.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-32220.exe
        15⤵
        
        PID:1496
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-37067.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-37067.exe
        16⤵
        
        PID:2928
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-61431.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-61431.exe
        17⤵
        
        PID:2188
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-36341.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-36341.exe
        18⤵
        
        PID:1996
  - - C:\Users\Admin\AppData\Local\Temp\Unicorn-26109.exe
      C:\Users\Admin\AppData\Local\Temp\Unicorn-26109.exe
      4⤵
      Executes dropped EXE
      Loads dropped DLL
      Suspicious use of SetWindowsHookEx
      PID:2276
    - - C:\Users\Admin\AppData\Local\Temp\Unicorn-63437.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-63437.exe
        5⤵
        Executes dropped EXE
        Suspicious use of SetWindowsHookEx
        
        PID:1620
      - C:\Users\Admin\AppData\Local\Temp\Unicorn-10090.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-10090.exe
        6⤵
        Executes dropped EXE
        Suspicious use of SetWindowsHookEx
        
        PID:2732
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-46899.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-46899.exe
        7⤵
        
        PID:2864
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-40161.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-40161.exe
        8⤵
        
        PID:1620
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-22533.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-22533.exe
        9⤵
        
        PID:2268
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-32808.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-32808.exe
        10⤵
        
        PID:1344
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-48231.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-48231.exe
        11⤵
        
        PID:2744
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-35206.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-35206.exe
        12⤵
        
        PID:2532
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-33224.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-33224.exe
        13⤵
        
        PID:1120
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-48940.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-48940.exe
        14⤵
        
        PID:612
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-28759.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-28759.exe
        15⤵
        
        PID:580
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-56761.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-56761.exe
        16⤵
        
        PID:2604
    - - C:\Users\Admin\AppData\Local\Temp\Unicorn-56722.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-56722.exe
        5⤵
        Executes dropped EXE
        Suspicious use of SetWindowsHookEx
        
        PID:2764
      - C:\Users\Admin\AppData\Local\Temp\Unicorn-29275.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-29275.exe
        6⤵
        
        PID:2196
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-446.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-446.exe
        7⤵
        
        PID:2024
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-45252.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-45252.exe
        8⤵
        
        PID:1964
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-62128.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-62128.exe
        9⤵
        
        PID:1308
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-47702.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-47702.exe
        10⤵
        
        PID:1392
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-27202.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-27202.exe
        11⤵
        
        PID:1768
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-46522.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-46522.exe
        12⤵
        
        PID:2796
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-64384.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-64384.exe
        13⤵
        
        PID:2644
        
        C:\Windows\SysWOW64\WerFault.exe
        
        C:\Windows\SysWOW64\WerFault.exe -u -p 1964 -s 376
        9⤵
        Program crash
        
        PID:1628
        
        C:\Windows\SysWOW64\WerFault.exe
        
        C:\Windows\SysWOW64\WerFault.exe -u -p 2024 -s 376
        8⤵
        Program crash
        
        PID:2372
- C:\Users\Admin\AppData\Local\Temp\Unicorn-5481.exe
  C:\Users\Admin\AppData\Local\Temp\Unicorn-5481.exe
  2⤵
  - Executes dropped EXE
  - Loads dropped DLL
  - Suspicious use of SetWindowsHookEx
  - Suspicious use of WriteProcessMemory
  PID:2688
- - C:\Users\Admin\AppData\Local\Temp\Unicorn-61164.exe
    C:\Users\Admin\AppData\Local\Temp\Unicorn-61164.exe
    3⤵
    - Executes dropped EXE
    - Loads dropped DLL
    - Suspicious use of SetWindowsHookEx
    - Suspicious use of WriteProcessMemory
    PID:2736
  - - C:\Users\Admin\AppData\Local\Temp\Unicorn-50038.exe
      C:\Users\Admin\AppData\Local\Temp\Unicorn-50038.exe
      4⤵
      Executes dropped EXE
      Loads dropped DLL
      Suspicious use of SetWindowsHookEx
      Suspicious use of WriteProcessMemory
      PID:2408
    - - C:\Users\Admin\AppData\Local\Temp\Unicorn-45975.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-45975.exe
        5⤵
        Executes dropped EXE
        Loads dropped DLL
        Suspicious use of SetWindowsHookEx
        
        PID:1628
      - C:\Users\Admin\AppData\Local\Temp\Unicorn-49841.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-49841.exe
        6⤵
        Executes dropped EXE
        Suspicious use of SetWindowsHookEx
        
        PID:2296
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-64335.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-64335.exe
        7⤵
        Executes dropped EXE
        Suspicious use of SetWindowsHookEx
        
        PID:1656
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-6442.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-6442.exe
        8⤵
        
        PID:2880
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-64766.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-64766.exe
        9⤵
        
        PID:2668
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-55786.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-55786.exe
        10⤵
        
        PID:2608
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-36316.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-36316.exe
        11⤵
        
        PID:2388
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-24246.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-24246.exe
        12⤵
        
        PID:1228
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-62128.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-62128.exe
        13⤵
        
        PID:2440
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-52170.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-52170.exe
        14⤵
        
        PID:668
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-47461.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-47461.exe
        15⤵
        
        PID:2960
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-6252.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-6252.exe
        16⤵
        
        PID:2760
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-17457.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-17457.exe
        17⤵
        
        PID:2816
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-39138.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-39138.exe
        12⤵
        
        PID:2908
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-61620.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-61620.exe
        13⤵
        
        PID:2628
        
        C:\Windows\SysWOW64\WerFault.exe
        
        C:\Windows\SysWOW64\WerFault.exe -u -p 2628 -s 240
        14⤵
        Program crash
        
        PID:1748
      - C:\Users\Admin\AppData\Local\Temp\Unicorn-19581.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-19581.exe
        6⤵
        Executes dropped EXE
        Suspicious use of SetWindowsHookEx
        
        PID:2940
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-17984.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-17984.exe
        7⤵
        
        PID:2256
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-63095.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-63095.exe
        8⤵
        
        PID:2352
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-11567.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-11567.exe
        9⤵
        
        PID:1580
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-8609.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-8609.exe
        10⤵
        
        PID:2556
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-51749.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-51749.exe
        11⤵
        
        PID:2776
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-26332.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-26332.exe
        12⤵
        
        PID:2840
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-7961.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-7961.exe
        13⤵
        
        PID:2464
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-49233.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-49233.exe
        14⤵
        
        PID:2428
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-13081.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-13081.exe
        15⤵
        
        PID:3068
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-9568.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-9568.exe
        16⤵
        
        PID:1764
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-39527.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-39527.exe
        17⤵
        
        PID:2316
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-22760.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-22760.exe
        9⤵
        
        PID:2576
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-53581.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-53581.exe
        10⤵
        
        PID:108
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-57681.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-57681.exe
        11⤵
        
        PID:1048
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-16509.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-16509.exe
        12⤵
        
        PID:1108
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-4692.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-4692.exe
        13⤵
        
        PID:2008
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-35780.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-35780.exe
        14⤵
        
        PID:524
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-10580.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-10580.exe
        15⤵
        
        PID:2548
    - - C:\Users\Admin\AppData\Local\Temp\Unicorn-1579.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-1579.exe
        5⤵
        Executes dropped EXE
        Suspicious use of SetWindowsHookEx
        
        PID:572
      - C:\Users\Admin\AppData\Local\Temp\Unicorn-21850.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-21850.exe
        6⤵
        Executes dropped EXE
        Suspicious use of SetWindowsHookEx
        
        PID:1148
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-60993.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-60993.exe
        7⤵
        Executes dropped EXE
        Suspicious use of SetWindowsHookEx
        
        PID:2984
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-52519.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-52519.exe
        8⤵
        
        PID:1572
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-21871.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-21871.exe
        9⤵
        
        PID:2212
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-22730.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-22730.exe
        10⤵
        
        PID:2468
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-4354.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-4354.exe
        11⤵
        
        PID:2016
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-40779.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-40779.exe
        12⤵
        
        PID:3040
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-22248.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-22248.exe
        13⤵
        
        PID:2368
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-14785.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-14785.exe
        14⤵
        
        PID:828
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-48273.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-48273.exe
        15⤵
        
        PID:3024
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-30757.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-30757.exe
        16⤵
        
        PID:2852
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-60466.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-60466.exe
        17⤵
        
        PID:1440
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-30093.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-30093.exe
        18⤵
        
        PID:340
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-4240.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-4240.exe
        13⤵
        
        PID:1840
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-49233.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-49233.exe
        14⤵
        
        PID:1980
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-61706.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-61706.exe
        15⤵
        
        PID:1776
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-61623.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-61623.exe
        16⤵
        
        PID:1188
      - C:\Users\Admin\AppData\Local\Temp\Unicorn-21859.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-21859.exe
        6⤵
        Executes dropped EXE
        Suspicious use of SetWindowsHookEx
        
        PID:1340
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-26152.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-26152.exe
        7⤵
        
        PID:2580
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-39110.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-39110.exe
        8⤵
        
        PID:2628
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-7846.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-7846.exe
        9⤵
        
        PID:2872
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-36159.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-36159.exe
        10⤵
        
        PID:2248
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-65278.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-65278.exe
        11⤵
        
        PID:1452
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-18678.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-18678.exe
        12⤵
        
        PID:2168
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-30048.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-30048.exe
        13⤵
        
        PID:1884
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-52853.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-52853.exe
        14⤵
        
        PID:2264
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-55261.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-55261.exe
        15⤵
        
        PID:240
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-28754.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-28754.exe
        16⤵
        
        PID:2512
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-30602.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-30602.exe
        12⤵
        
        PID:1648
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-49233.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-49233.exe
        13⤵
        
        PID:2832
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-7549.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-7549.exe
        14⤵
        
        PID:884
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-41200.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-41200.exe
        7⤵
        
        PID:2968
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-48194.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-48194.exe
        8⤵
        
        PID:1768
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-50239.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-50239.exe
        9⤵
        
        PID:2316
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-35605.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-35605.exe
        10⤵
        
        PID:2544
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-58397.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-58397.exe
        11⤵
        
        PID:1512
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-44910.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-44910.exe
        12⤵
        
        PID:2876
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-43810.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-43810.exe
        13⤵
        
        PID:1756
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-43512.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-43512.exe
        14⤵
        
        PID:2652
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-52635.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-52635.exe
        15⤵
        
        PID:704
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-25381.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-25381.exe
        16⤵
        
        PID:2284
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-23932.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-23932.exe
        17⤵
        
        PID:1672
  - - C:\Users\Admin\AppData\Local\Temp\Unicorn-50614.exe
      C:\Users\Admin\AppData\Local\Temp\Unicorn-50614.exe
      4⤵
      Executes dropped EXE
      Loads dropped DLL
      Suspicious use of SetWindowsHookEx
      PID:2808
    - - C:\Users\Admin\AppData\Local\Temp\Unicorn-30573.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-30573.exe
        5⤵
        Executes dropped EXE
        Suspicious use of SetWindowsHookEx
        
        PID:1220
      - C:\Users\Admin\AppData\Local\Temp\Unicorn-2498.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-2498.exe
        6⤵
        Executes dropped EXE
        Suspicious use of SetWindowsHookEx
        
        PID:832
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-33713.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-33713.exe
        7⤵
        Executes dropped EXE
        Suspicious use of SetWindowsHookEx
        
        PID:2824
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-52680.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-52680.exe
        8⤵
        
        PID:704
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-53944.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-53944.exe
        9⤵
        
        PID:1980
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-37603.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-37603.exe
        10⤵
        
        PID:776
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-58397.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-58397.exe
        11⤵
        
        PID:1492
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-36934.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-36934.exe
        12⤵
        
        PID:2016
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-43229.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-43229.exe
        13⤵
        
        PID:944
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-3823.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-3823.exe
        14⤵
        
        PID:2884
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-2723.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-2723.exe
        15⤵
        
        PID:2376
    - - C:\Users\Admin\AppData\Local\Temp\Unicorn-48938.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-48938.exe
        5⤵
        Executes dropped EXE
        Suspicious use of SetWindowsHookEx
        
        PID:524
      - C:\Users\Admin\AppData\Local\Temp\Unicorn-6058.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-6058.exe
        6⤵
        
        PID:2004
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-56022.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-56022.exe
        7⤵
        
        PID:2812
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-7846.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-7846.exe
        8⤵
        
        PID:2896
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-20307.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-20307.exe
        9⤵
        
        PID:2208
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-130.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-130.exe
        10⤵
        
        PID:2632
        
        C:\Windows\SysWOW64\WerFault.exe
        
        C:\Windows\SysWOW64\WerFault.exe -u -p 2632 -s 240
        11⤵
        Program crash
        
        PID:2824
- - C:\Users\Admin\AppData\Local\Temp\Unicorn-1776.exe
    C:\Users\Admin\AppData\Local\Temp\Unicorn-1776.exe
    3⤵
    - Executes dropped EXE
    - Loads dropped DLL
    - Suspicious use of SetWindowsHookEx
    PID:2004
  - - C:\Users\Admin\AppData\Local\Temp\Unicorn-4942.exe
      C:\Users\Admin\AppData\Local\Temp\Unicorn-4942.exe
      4⤵
      Executes dropped EXE
      Loads dropped DLL
      Suspicious use of SetWindowsHookEx
      PID:552
    - - C:\Users\Admin\AppData\Local\Temp\Unicorn-5108.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-5108.exe
        5⤵
        Executes dropped EXE
        Suspicious use of SetWindowsHookEx
        
        PID:1000
      - C:\Users\Admin\AppData\Local\Temp\Unicorn-55456.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-55456.exe
        6⤵
        Executes dropped EXE
        Suspicious use of SetWindowsHookEx
        
        PID:1384
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-42680.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-42680.exe
        7⤵
        
        PID:464
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-64473.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-64473.exe
        8⤵
        
        PID:2908
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-14582.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-14582.exe
        9⤵
        
        PID:1088
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-33519.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-33519.exe
        10⤵
        
        PID:2324
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-42808.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-42808.exe
        11⤵
        
        PID:2136
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-53213.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-53213.exe
        12⤵
        
        PID:464
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-38574.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-38574.exe
        13⤵
        
        PID:1988
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-64892.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-64892.exe
        14⤵
        
        PID:1096
        
        C:\Windows\SysWOW64\WerFault.exe
        
        C:\Windows\SysWOW64\WerFault.exe -u -p 1096 -s 200
        15⤵
        Program crash
        
        PID:1364
  - - C:\Users\Admin\AppData\Local\Temp\Unicorn-13831.exe
      C:\Users\Admin\AppData\Local\Temp\Unicorn-13831.exe
      4⤵
      Executes dropped EXE
      Suspicious use of SetWindowsHookEx
      PID:1984
    - - C:\Users\Admin\AppData\Local\Temp\Unicorn-2498.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-2498.exe
        5⤵
        Executes dropped EXE
        Suspicious use of SetWindowsHookEx
        
        PID:1964
      - C:\Users\Admin\AppData\Local\Temp\Unicorn-30044.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-30044.exe
        6⤵
        
        PID:1372
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-56497.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-56497.exe
        7⤵
        
        PID:2224
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-49834.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-49834.exe
        8⤵
        
        PID:2488
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-28527.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-28527.exe
        9⤵
        
        PID:2692
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-23722.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-23722.exe
        10⤵
        
        PID:964
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-16945.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-16945.exe
        11⤵
        
        PID:2204
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-53024.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-53024.exe
        12⤵
        
        PID:2668
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-37778.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-37778.exe
        13⤵
        
        PID:2288
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-25568.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-25568.exe
        14⤵
        
        PID:2120
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-23148.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-23148.exe
        12⤵
        
        PID:2752
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-5157.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-5157.exe
        13⤵
        
        PID:804
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-45988.exe
        
        C:\Users\Admin\AppData\Local\Temp\Unicorn-45988.exe
        14⤵
        
        PID:2556

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\Unicorn-18117.exe

Filesize
184KB

MD5
072016f60b71be487741baee56b295d2

SHA1
8226269dfcdecd59aa3cd8521ba24c7c73934acd

SHA256
f9b4cedcd097e8f4c3c173e58c161316baad4ecfc328db5ad0c101d345759537

SHA512
116e0391b45cde082b011ff2ed5878bd40758d1c1688277b355b14dbe615bded31394e40b979e5a2f23b991f49ea6ed48d1fad868ebe1aa1111be425249e6c1f

Download Submit
C:\Users\Admin\AppData\Local\Temp\Unicorn-45975.exe

Filesize
184KB

MD5
c1871dc46c428e906d6290ecd6779ae6

SHA1
964f3ce8f8c0cfb270d84fef636548007ec2857d

SHA256
a92965593b24ad76abe848af7b4f80bd7281f9b5145acaae932a8d5fa470f016

SHA512
209199b4be7778e584a56735048056c06437a17b973cecbdcfb598c9313c73119d23a7ac83780307fe5de4cd44a3fa0b46f5864d378e7e8fa78cdefc6fce7901

Download Submit
C:\Users\Admin\AppData\Local\Temp\Unicorn-50038.exe

Filesize
184KB

MD5
0ca2ef407ec7fe06b1c8b93b7119e959

SHA1
44c493f96c9273b66c970533b26ed488f8014368

SHA256
6853c2d6efbd27d0251f23f88bbaf44ef7b513604fa795fe490a8119858de838

SHA512
748c4e5f07cde4b768098ab90cc806bc4b1579a5fd8f2742a46b9bc539dab1a08fa90a365e4f4e3aa0ea490a7b0caa6eccbc676427752fce5c1b63a9a46fb62a

Download Submit
C:\Users\Admin\AppData\Local\Temp\Unicorn-6442.exe

Filesize
184KB

MD5
48bf40493a4cef1550236330904fa30c

SHA1
f684f0c184d4f9003e16f528b81576af808a4b99

SHA256
7174c9012b508b9df3aeaa22efd439500c5d7445de055bcc6b1743d48005ffc7

SHA512
e59a1f5eacb5d2d925e74a706d14779cfa4f0511c23f9649c46bda1a27e4aa7b7275a7e0439598269817c8d5d4384d52272e8fea8c4a2c03981d1b052f512200

Download Submit
C:\Users\Admin\AppData\Local\Temp\Unicorn-6793.exe

Filesize
184KB

MD5
3288987ca4ff7b190afbad82b4ae2b53

SHA1
5a7463390fe68fe4d3c7da1469a5717ef216d149

SHA256
3f64b25f3811c1038c65d8c7cac055067ab5cb3acc6fa80d4f2587faab6cf874

SHA512
84c4279c904477f9f840e53c83d4c6ea863606f56e4676b6d6f02de5073588425d6f3dca5d7adcd2f6225aa2a2e61f7feb419df7de62b935396b82c2dc0539b5

Download Submit
\Users\Admin\AppData\Local\Temp\Unicorn-13613.exe

Filesize
184KB

MD5
bd73f914ed697039de4d63593b44918a

SHA1
a3b487efbdf65e0418c0e29a3e4973cb94f4f0f6

SHA256
788cf0d70fdbab353159f27a695d7bec9b9f4f6d8f0cc0df6c6236af33e777ee

SHA512
5804f5bd992fd3a41911c9fdfc88afdd1eacfc79f0563d8498713485e145781be1a1abd5a6a370703dfa643306160f3d5e8e9bd907ffa539e1a5ab0832d8eeef

Download Submit
\Users\Admin\AppData\Local\Temp\Unicorn-1776.exe

Filesize
184KB

MD5
d3f1af10df9a92259349435e2834d37f

SHA1
fe1f7bb4e995c0927b06f1823c2d1f202c4114ec

SHA256
0487815cf2182b5e4fa297b2397cf0c8300871734d4c2d11b01f2bb7d3d0ed89

SHA512
c71d47722460e092080c733ad9e9b6f3e174cb4a93b99f518aab09ecaa975ed4035356eebaa19c1b4d82ec650eeaac3955d327def7cbfc7e40ffa82ceda01e07

Download Submit
\Users\Admin\AppData\Local\Temp\Unicorn-21642.exe

Filesize
184KB

MD5
dfd0c19b98022c1ccb2fb843a6b3f060

SHA1
f90efc53e8149674e9c69ca932269bc9e593b679

SHA256
cafd422124b1126c7d3489b0126a2155b8771604033f094067ac3122e3a2f304

SHA512
a703a61b1c5d9bbbd454ae8d45ad9e50279c5c054c30690e514f6626f6d2393b8bc76075cd88dc7da60a416c45b08f3c2cd90954c2929cac6be3071c0bca2a40

Download Submit
\Users\Admin\AppData\Local\Temp\Unicorn-26109.exe

Filesize
184KB

MD5
6b0dd8cb0898c841f4ffbd61623de58b

SHA1
a2e1b4fcd980050522ca6633fd5b8927f4371d5d

SHA256
0718cf88e321c3321cf80b59dabc1a94534fb597a0406ae3a34db0c20256d680

SHA512
c98d0c37a271bf233b174516c5f8d2995cf1f31623b99e651b4af1ad8a45e512e56a88cd0bf81b8dead25f0a0bf846d78388f45561f1d57a2c1430e39dbd15dc

Download Submit
\Users\Admin\AppData\Local\Temp\Unicorn-29431.exe

Filesize
184KB

MD5
e2416413e3504075ef551e9ce2c29d41

SHA1
4cde1bfdb19c03cb0c99f846c90f0ec5820d5cac

SHA256
84b6ffdece3cc75404fddda709f82c33597b1a6b9c841a874182ecf809c64251

SHA512
3222aa7639ecf38a3d5052d71fc269b1fd329ad1bd55796e18c5f99e93243b0e31bf677727e5aa487b0bbe059a409b7675a437a47a7971eb62cb1c6df796f4b0

Download Submit
\Users\Admin\AppData\Local\Temp\Unicorn-32192.exe

Filesize
184KB

MD5
fd8eced728603ea81eaf5a5947daef6e

SHA1
658789dec079235f5d357b30c60fa8d7eb7f5eeb

SHA256
6d3af97bfa25e23b13b1753bd6f6374f236a7730dc4b4c9cf5b254a5e33dfa08

SHA512
cf57c36b5645cd58a580bec50dadcf00aec3a8c2ef66ab34597acf40800fea245ef0be30ceebbc31af214b6f4d0e8c1b4b43d8b74719af9cd45cedb6f07272b9

Download Submit
\Users\Admin\AppData\Local\Temp\Unicorn-3982.exe

Filesize
184KB

MD5
2cb6e6ac0c0c56e80984882914c6f3fe

SHA1
8b0900d20801e0f13810293aea091aa500d161dd

SHA256
89c641cd3845411b0b9c03502e3bf82dff57f2f6b559e2920d91221495ddb0b0

SHA512
54e312f2641c3272f7b3c04b931e9626e078a8b3ac01865d6c9a55c4e45a0ff7cc7219135a0d5a0335a798f49c94cee28d8f82c757f906a717b15044f796b381

Download Submit
\Users\Admin\AppData\Local\Temp\Unicorn-41869.exe

Filesize
184KB

MD5
0c1725f7a1dfbf43e88192cd8781baac

SHA1
bc17d8da5830ffb5ea40ec4b8cb017ee89eb9563

SHA256
1691c1971446ccd256fd36c03432ce547018af1f23f06ef60d413cf730d59baa

SHA512
56e957b4668609b905295c0e30807c07536766af0fecb37b45ad47ce0ed38fa181c2023424a888bd227a21d8f7b90efc498a20abab750982b761e376c2ceed6b

Download Submit
\Users\Admin\AppData\Local\Temp\Unicorn-45399.exe

Filesize
184KB

MD5
d37dcbc72ac505cd5a6afd88ba350244

SHA1
2963561e5a896dd2e6dd70c57831b9cd8efb37ca

SHA256
ccfe345308fbb448bcca820dc56f44be35e67e33fd4b1823f851dedb376b9efe

SHA512
0c91379c133d792ad2d28400d433a3ec9ad720013d5817083a060dc3f69ca4b00d5afe254740e911e15e6d4ca32980ab7ea3f48edbef1fecfd6842c4d1343ae0

Download Submit
\Users\Admin\AppData\Local\Temp\Unicorn-45954.exe

Filesize
184KB

MD5
c8ae1c906c92b13eeb691eb742b3c880

SHA1
2f2f1b07b777fb3cbede722393fca18fd6bcfe34

SHA256
137432c128222460fac11015161ab619201deb7252836285b947400f884df128

SHA512
5a370b0a2f652587bc818ce256eceae7e1056f733682b53b2563d4d4fc5e480c1044ad62fbf725b041f53045c036648443acb6ad98ff4d507d891fccf5b580e0

Download Submit
\Users\Admin\AppData\Local\Temp\Unicorn-4942.exe

Filesize
184KB

MD5
f805a4f0292e4c310cd42e4f66bfd71c

SHA1
776b718ca7d532671f7aa7c1397b501aa21732bf

SHA256
f1906fae89d5c22f5e098df6330b78693b0baa02ee980cce5d2def05d73d6e5a

SHA512
0654f635a44b3642924bf4128c9fa3756bbd4ccc550a04845c75da1e455835b1cfce15f65f7b177d3a0c663b8d3750811eeda6a41d079fa71e7a600d6f2d330a

Download Submit
\Users\Admin\AppData\Local\Temp\Unicorn-54677.exe

Filesize
184KB

MD5
6978e0e1790240d85d64425fe5bbee03

SHA1
16cda907061d9be316178a4acc429b999745f135

SHA256
eef9d296ddcbcbb7835118c6ba5d532c864f8624a75ec50915f0d182d6f1a628

SHA512
02cdf407c70b98bd3f397c78b667022fb8bed82b9cc94da8bef7b7ed1ad0735ab7ddfe533d67c734d45ed664285a3f74b005e87e9a4082fe21b1575fc1e834e4

Download Submit
\Users\Admin\AppData\Local\Temp\Unicorn-5481.exe

Filesize
184KB

MD5
899380b1b510e66a55cd0c7f87f75820

SHA1
3077b6a6b0c3ad09bc4b5715f70ea9357b3452ea

SHA256
ce4172d2c0fc9f5f559d22c0acc2947f4f98d2d97197ffc0ed71d028b8dd6c04

SHA512
71ff6f23bb36c2a0b5d15cfbf3a17022d730bfd421e2165ff5fd1d7efcc12f2722981b72a5b03ba77882c0a96e58363ae878ac45a926f9f314937d3598be7f67

Download Submit
\Users\Admin\AppData\Local\Temp\Unicorn-61164.exe

Filesize
184KB

MD5
08bb280d0a7a5f3e08ce69a925b96aaf

SHA1
7dc78cdac4429a884d963ae36bf01e6926592dde

SHA256
7e5701734280c0a5afff68015ff79a75c92d3f375de2f7068dce75e3d32f01ec

SHA512
78166a20e306323e79414cf5b71e5fa24f37ab4d4bf41c4c7210ab207f209289b59afa356e3aea834e0a399bba87cdbe798287d997d623daeffe4448c6d71fc8

Download Submit
\Users\Admin\AppData\Local\Temp\Unicorn-61527.exe

Filesize
184KB

MD5
742e0f2bed80cad1095959ad016cc6dd

SHA1
aee5f5fac0097f6256a03c597b18c0e319cd304a

SHA256
c48a681f99050c0cd83824f36f2820b45fbdad1493a5325ce1b98b2f44e9a174

SHA512
db1256d2ca3c874d22d315b6b6bfc0d61fa6afbaa55fd565679427490d64bf24571a064776c2d9548e029fdfae2245d98df43d023403d52359c71736b008d1fe

Download Submit
\Users\Admin\AppData\Local\Temp\Unicorn-7874.exe

Filesize
184KB

MD5
d6bf703b21f1137e8c81d89c3e84d887

SHA1
3a4b623b01157b550a85de0b20d172a915d6ae99

SHA256
091f7377da63638d11ba0f9bd775007371bb485fcbfddb683535f5e51a873717

SHA512
2217ca8803e2b3b355e63bf39b54fb602af7db8f7f4d99537fa08996489d72af2b1b9d9b4094cc41eceaa7eaab6b78be1bcc83f0549a715eec9e7f070ea8fbd5

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads