Cuckoo Sandbox

File ba563484f08fcd9d_unicorn-8849.exe

Summary
Download Resubmit sample

Size	184.0KB
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`e894f3b922dde3e4c8a88565d88f1847`
SHA1	`5af9747056b2cbeabb38c91652e5d096c3beac7d`
SHA256	`ba563484f08fcd9dfaba1698fb417bc7b030b895aa3b7ea75c07cbd9f613c1d7`
SHA512	`add4bcc05d539deba303bf5369cdd3d21c5ad3c39b8318b6543b9b28b419b5cb8804cf5037a6e0d799f6a1d74c713982b18321f9ef9bc1984159ed6b887016a1`
CRC32	`D0BDCB15`
ssdeep	`None`
Yara	SEH__vba - (no description)

Score

This file is very suspicious, with a score of 10.0 out of 10!

Please notice: The scoring system is currently still in development and should be considered an alpha feature.

Autosubmit

Parent_Task_ID:6585850

Feedback

Expecting different results? Send us this analysis and we will inspect it. Click here

Information on Execution

Analysis

Category	Started	Completed	Duration	Routing	Logs
FILE	July 2, 2025, 12:09 p.m.	July 2, 2025, 12:17 p.m.	474 seconds	internet	Show Analyzer Log Show Cuckoo Log

Analyzer Log

2025-06-24 21:26:53,015 [analyzer] DEBUG: Starting analyzer from: C:\tmppw5mq4
2025-06-24 21:26:53,046 [analyzer] DEBUG: Pipe server name: \??\PIPE\dJKXwBtTTqzVchBUVGHMBWcVeCh
2025-06-24 21:26:53,046 [analyzer] DEBUG: Log pipe server name: \??\PIPE\hFNxqiDiAzPlLKEhLKBVjfhXdQ
2025-06-24 21:26:53,046 [analyzer] DEBUG: No analysis package specified, trying to detect it automagically.
2025-06-24 21:26:53,078 [analyzer] INFO: Automatically selected analysis package "exe"
2025-06-24 21:26:53,467 [analyzer] DEBUG: Started auxiliary module Curtain
2025-06-24 21:26:53,467 [analyzer] DEBUG: Started auxiliary module DbgView
2025-06-24 21:26:54,125 [analyzer] DEBUG: Started auxiliary module Disguise
2025-06-24 21:26:54,342 [analyzer] DEBUG: Loaded monitor into process with pid 504
2025-06-24 21:26:54,358 [analyzer] DEBUG: Started auxiliary module DumpTLSMasterSecrets
2025-06-24 21:26:54,358 [analyzer] DEBUG: Started auxiliary module Human
2025-06-24 21:26:54,375 [analyzer] DEBUG: Started auxiliary module InstallCertificate
2025-06-24 21:26:54,375 [analyzer] DEBUG: Started auxiliary module Reboot
2025-06-24 21:26:54,483 [analyzer] DEBUG: Started auxiliary module RecentFiles
2025-06-24 21:26:54,500 [analyzer] DEBUG: Started auxiliary module Screenshots
2025-06-24 21:26:54,500 [analyzer] DEBUG: Started auxiliary module Sysmon
2025-06-24 21:26:54,500 [analyzer] DEBUG: Started auxiliary module LoadZer0m0n
2025-06-24 21:26:54,671 [lib.api.process] INFO: Successfully executed process from path u'C:\\Users\\ADMINI~1\\AppData\\Local\\Temp\\ba563484f08fcd9d_unicorn-8849.exe' with arguments '' and pid 1260
2025-06-24 21:26:54,890 [analyzer] DEBUG: Loaded monitor into process with pid 1260
2025-06-24 21:26:58,015 [analyzer] INFO: Added new file to list with pid 1260 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-7087.exe
2025-06-24 21:26:58,108 [analyzer] INFO: Injected into process with pid 2624 and name u'Unicorn-7087.exe'
2025-06-24 21:26:58,280 [analyzer] DEBUG: Loaded monitor into process with pid 2624
2025-06-24 21:27:01,390 [analyzer] INFO: Added new file to list with pid 2624 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-57440.exe
2025-06-24 21:27:01,437 [analyzer] INFO: Added new file to list with pid 1260 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-15016.exe
2025-06-24 21:27:01,500 [analyzer] INFO: Injected into process with pid 1176 and name u'Unicorn-57440.exe'
2025-06-24 21:27:01,515 [analyzer] INFO: Injected into process with pid 2104 and name u'Unicorn-15016.exe'
2025-06-24 21:27:01,671 [analyzer] DEBUG: Loaded monitor into process with pid 2104
2025-06-24 21:27:01,733 [analyzer] DEBUG: Loaded monitor into process with pid 1176
2025-06-24 21:27:04,828 [analyzer] INFO: Added new file to list with pid 2104 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-19506.exe
2025-06-24 21:27:04,875 [analyzer] INFO: Added new file to list with pid 1260 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-21543.exe
2025-06-24 21:27:04,890 [analyzer] INFO: Added new file to list with pid 1176 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-58400.exe
2025-06-24 21:27:04,905 [analyzer] INFO: Injected into process with pid 976 and name u'Unicorn-19506.exe'
2025-06-24 21:27:04,937 [analyzer] INFO: Added new file to list with pid 2624 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-15976.exe
2025-06-24 21:27:04,953 [analyzer] INFO: Injected into process with pid 1364 and name u'Unicorn-21543.exe'
2025-06-24 21:27:04,967 [analyzer] INFO: Injected into process with pid 364 and name u'Unicorn-58400.exe'
2025-06-24 21:27:05,015 [analyzer] INFO: Injected into process with pid 2480 and name u'Unicorn-15976.exe'
2025-06-24 21:27:05,062 [analyzer] DEBUG: Loaded monitor into process with pid 976
2025-06-24 21:27:05,140 [analyzer] DEBUG: Loaded monitor into process with pid 1364
2025-06-24 21:27:05,140 [analyzer] DEBUG: Loaded monitor into process with pid 364
2025-06-24 21:27:05,171 [analyzer] DEBUG: Loaded monitor into process with pid 2480
2025-06-24 21:27:08,280 [analyzer] INFO: Added new file to list with pid 976 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-8981.exe
2025-06-24 21:27:08,358 [analyzer] INFO: Added new file to list with pid 2104 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-28010.exe
2025-06-24 21:27:08,375 [analyzer] INFO: Added new file to list with pid 1364 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-29402.exe
2025-06-24 21:27:08,390 [analyzer] INFO: Added new file to list with pid 2480 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-60128.exe
2025-06-24 21:27:08,421 [analyzer] INFO: Added new file to list with pid 1176 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-36178.exe
2025-06-24 21:27:08,437 [analyzer] INFO: Added new file to list with pid 1260 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-55779.exe
2025-06-24 21:27:08,453 [analyzer] INFO: Added new file to list with pid 2624 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-31439.exe
2025-06-24 21:27:08,530 [analyzer] INFO: Injected into process with pid 2676 and name u'Unicorn-8981.exe'
2025-06-24 21:27:08,562 [analyzer] INFO: Injected into process with pid 904 and name u'Unicorn-28010.exe'
2025-06-24 21:27:08,562 [analyzer] INFO: Injected into process with pid 216 and name u'Unicorn-29402.exe'
2025-06-24 21:27:08,578 [analyzer] INFO: Injected into process with pid 2712 and name u'Unicorn-60128.exe'
2025-06-24 21:27:08,578 [analyzer] INFO: Injected into process with pid 2588 and name u'Unicorn-31439.exe'
2025-06-24 21:27:08,592 [analyzer] INFO: Injected into process with pid 1428 and name u'Unicorn-36178.exe'
2025-06-24 21:27:08,592 [analyzer] INFO: Injected into process with pid 2848 and name u'Unicorn-55779.exe'
2025-06-24 21:27:08,608 [analyzer] INFO: Injected into process with pid 656 and name u'Unicorn-29402.exe'
2025-06-24 21:27:08,750 [analyzer] DEBUG: Loaded monitor into process with pid 2712
2025-06-24 21:27:08,750 [analyzer] DEBUG: Loaded monitor into process with pid 2676
2025-06-24 21:27:08,780 [analyzer] DEBUG: Loaded monitor into process with pid 1428
2025-06-24 21:27:08,780 [analyzer] DEBUG: Loaded monitor into process with pid 2848
2025-06-24 21:27:08,796 [analyzer] DEBUG: Loaded monitor into process with pid 656
2025-06-24 21:27:08,812 [analyzer] DEBUG: Loaded monitor into process with pid 904
2025-06-24 21:27:08,842 [analyzer] DEBUG: Loaded monitor into process with pid 216
2025-06-24 21:27:08,921 [analyzer] DEBUG: Loaded monitor into process with pid 2588
2025-06-24 21:27:12,233 [analyzer] INFO: Added new file to list with pid 2712 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-22638.exe
2025-06-24 21:27:12,296 [analyzer] INFO: Added new file to list with pid 2480 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-41858.exe
2025-06-24 21:27:12,328 [analyzer] INFO: Injected into process with pid 3176 and name u'Unicorn-22638.exe'
2025-06-24 21:27:12,342 [analyzer] INFO: Added new file to list with pid 1428 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-39166.exe
2025-06-24 21:27:12,375 [analyzer] INFO: Injected into process with pid 3208 and name u'Unicorn-41858.exe'
2025-06-24 21:27:12,390 [analyzer] INFO: Added new file to list with pid 2676 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-16608.exe
2025-06-24 21:27:12,421 [analyzer] INFO: Added new file to list with pid 1176 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-6393.exe
2025-06-24 21:27:12,453 [analyzer] INFO: Injected into process with pid 3244 and name u'Unicorn-39166.exe'
2025-06-24 21:27:12,467 [analyzer] INFO: Added new file to list with pid 976 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-35636.exe
2025-06-24 21:27:12,500 [analyzer] DEBUG: Loaded monitor into process with pid 3176
2025-06-24 21:27:12,515 [analyzer] INFO: Added new file to list with pid 216 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-2025.exe
2025-06-24 21:27:12,515 [analyzer] INFO: Added new file to list with pid 656 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-32752.exe
2025-06-24 21:27:12,515 [analyzer] INFO: Added new file to list with pid 2588 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-32752.exe
2025-06-24 21:27:12,546 [analyzer] INFO: Injected into process with pid 3276 and name u'Unicorn-16608.exe'
2025-06-24 21:27:12,546 [analyzer] INFO: Added new file to list with pid 1364 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-8802.exe
2025-06-24 21:27:12,562 [analyzer] INFO: Injected into process with pid 3312 and name u'Unicorn-6393.exe'
2025-06-24 21:27:12,562 [analyzer] INFO: Added new file to list with pid 2624 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-9928.exe
2025-06-24 21:27:12,562 [analyzer] DEBUG: Loaded monitor into process with pid 3208
2025-06-24 21:27:12,608 [analyzer] INFO: Added new file to list with pid 2848 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-6109.exe
2025-06-24 21:27:12,608 [analyzer] INFO: Added new file to list with pid 364 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-51781.exe
2025-06-24 21:27:12,625 [analyzer] INFO: Added new file to list with pid 904 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-36836.exe
2025-06-24 21:27:12,640 [analyzer] INFO: Added new file to list with pid 1260 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-9431.exe
2025-06-24 21:27:12,640 [analyzer] INFO: Added new file to list with pid 2104 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-12231.exe
2025-06-24 21:27:12,703 [analyzer] DEBUG: Loaded monitor into process with pid 3244
2025-06-24 21:27:12,796 [analyzer] INFO: Injected into process with pid 3360 and name u'Unicorn-35636.exe'
2025-06-24 21:27:12,796 [analyzer] INFO: Injected into process with pid 3404 and name u'Unicorn-32752.exe'
2025-06-24 21:27:12,796 [analyzer] DEBUG: Loaded monitor into process with pid 3276
2025-06-24 21:27:12,875 [analyzer] DEBUG: Loaded monitor into process with pid 3312
2025-06-24 21:27:12,905 [analyzer] INFO: Injected into process with pid 3424 and name u'Unicorn-8802.exe'
2025-06-24 21:27:12,953 [analyzer] INFO: Injected into process with pid 3464 and name u'Unicorn-9928.exe'
2025-06-24 21:27:12,983 [analyzer] INFO: Injected into process with pid 3384 and name u'Unicorn-2025.exe'
2025-06-24 21:27:13,092 [analyzer] DEBUG: Loaded monitor into process with pid 3360
2025-06-24 21:27:13,108 [analyzer] INFO: Injected into process with pid 3492 and name u'Unicorn-6109.exe'
2025-06-24 21:27:13,125 [analyzer] INFO: Injected into process with pid 3540 and name u'Unicorn-36836.exe'
2025-06-24 21:27:13,125 [analyzer] INFO: Injected into process with pid 3524 and name u'Unicorn-51781.exe'
2025-06-24 21:27:13,140 [analyzer] INFO: Injected into process with pid 3576 and name u'Unicorn-12231.exe'
2025-06-24 21:27:13,155 [analyzer] INFO: Injected into process with pid 3548 and name u'Unicorn-9431.exe'
2025-06-24 21:27:13,155 [analyzer] DEBUG: Loaded monitor into process with pid 3404
2025-06-24 21:27:13,250 [analyzer] DEBUG: Loaded monitor into process with pid 3424
2025-06-24 21:27:13,296 [analyzer] DEBUG: Loaded monitor into process with pid 3464
2025-06-24 21:27:13,312 [analyzer] DEBUG: Loaded monitor into process with pid 3384
2025-06-24 21:27:13,328 [analyzer] DEBUG: Loaded monitor into process with pid 3492
2025-06-24 21:27:13,358 [analyzer] DEBUG: Loaded monitor into process with pid 3540
2025-06-24 21:27:13,390 [analyzer] DEBUG: Loaded monitor into process with pid 3576
2025-06-24 21:27:13,437 [analyzer] DEBUG: Loaded monitor into process with pid 3548
2025-06-24 21:27:13,500 [analyzer] DEBUG: Loaded monitor into process with pid 3524
2025-06-24 21:27:15,515 [analyzer] INFO: Added new file to list with pid 656 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-14038.exe
2025-06-24 21:27:15,578 [analyzer] INFO: Injected into process with pid 3856 and name u'Unicorn-14038.exe'
2025-06-24 21:27:15,733 [analyzer] DEBUG: Loaded monitor into process with pid 3856
2025-06-24 21:27:15,780 [analyzer] INFO: Added new file to list with pid 3176 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-31958.exe
2025-06-24 21:27:15,828 [analyzer] INFO: Added new file to list with pid 3208 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-9399.exe
2025-06-24 21:27:15,875 [analyzer] INFO: Injected into process with pid 3900 and name u'Unicorn-31958.exe'
2025-06-24 21:27:15,890 [analyzer] INFO: Added new file to list with pid 2712 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-63239.exe
2025-06-24 21:27:15,905 [analyzer] INFO: Added new file to list with pid 2480 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-42164.exe
2025-06-24 21:27:15,937 [analyzer] INFO: Injected into process with pid 3932 and name u'Unicorn-9399.exe'
2025-06-24 21:27:15,967 [analyzer] INFO: Injected into process with pid 3968 and name u'Unicorn-63239.exe'
2025-06-24 21:27:15,983 [analyzer] INFO: Injected into process with pid 3980 and name u'Unicorn-42164.exe'
2025-06-24 21:27:16,046 [analyzer] DEBUG: Loaded monitor into process with pid 3900
2025-06-24 21:27:16,108 [analyzer] DEBUG: Loaded monitor into process with pid 3932
2025-06-24 21:27:16,140 [analyzer] DEBUG: Loaded monitor into process with pid 3968
2025-06-24 21:27:16,233 [analyzer] DEBUG: Loaded monitor into process with pid 3980
2025-06-24 21:27:16,280 [analyzer] INFO: Added new file to list with pid 3244 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-1807.exe
2025-06-24 21:27:16,421 [analyzer] INFO: Injected into process with pid 4076 and name u'Unicorn-1807.exe'
2025-06-24 21:27:16,483 [analyzer] INFO: Added new file to list with pid 1428 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-2362.exe
2025-06-24 21:27:16,592 [analyzer] DEBUG: Loaded monitor into process with pid 4076
2025-06-24 21:27:16,592 [analyzer] INFO: Injected into process with pid 3084 and name u'Unicorn-2362.exe'
2025-06-24 21:27:16,765 [analyzer] DEBUG: Loaded monitor into process with pid 3084
2025-06-24 21:27:16,780 [analyzer] INFO: Added new file to list with pid 3360 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-32342.exe
2025-06-24 21:27:16,858 [analyzer] INFO: Added new file to list with pid 976 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-65106.exe
2025-06-24 21:27:16,875 [analyzer] INFO: Injected into process with pid 3188 and name u'Unicorn-32342.exe'
2025-06-24 21:27:16,890 [analyzer] INFO: Added new file to list with pid 3404 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-17952.exe
2025-06-24 21:27:16,953 [analyzer] INFO: Injected into process with pid 3268 and name u'Unicorn-65106.exe'
2025-06-24 21:27:16,953 [analyzer] INFO: Added new file to list with pid 3276 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-26120.exe
2025-06-24 21:27:17,015 [analyzer] INFO: Added new file to list with pid 2588 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-49809.exe
2025-06-24 21:27:17,030 [analyzer] INFO: Injected into process with pid 3304 and name u'Unicorn-17952.exe'
2025-06-24 21:27:17,046 [analyzer] INFO: Added new file to list with pid 2676 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-10914.exe
2025-06-24 21:27:17,062 [analyzer] INFO: Injected into process with pid 3440 and name u'Unicorn-26120.exe'
2025-06-24 21:27:17,078 [analyzer] DEBUG: Loaded monitor into process with pid 3188
2025-06-24 21:27:17,140 [analyzer] INFO: Injected into process with pid 3560 and name u'Unicorn-49809.exe'
2025-06-24 21:27:17,140 [analyzer] INFO: Injected into process with pid 3600 and name u'Unicorn-10914.exe'
2025-06-24 21:27:17,155 [analyzer] DEBUG: Loaded monitor into process with pid 3268
2025-06-24 21:27:17,187 [analyzer] INFO: Added new file to list with pid 3384 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-47116.exe
2025-06-24 21:27:17,203 [analyzer] DEBUG: Loaded monitor into process with pid 3304
2025-06-24 21:27:17,233 [analyzer] INFO: Added new file to list with pid 216 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-35418.exe
2025-06-24 21:27:17,296 [analyzer] INFO: Added new file to list with pid 3524 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-37002.exe
2025-06-24 21:27:17,312 [analyzer] INFO: Added new file to list with pid 3424 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-63644.exe
2025-06-24 21:27:17,328 [analyzer] DEBUG: Loaded monitor into process with pid 3440
2025-06-24 21:27:17,358 [analyzer] INFO: Added new file to list with pid 3548 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-41086.exe
2025-06-24 21:27:17,358 [analyzer] INFO: Added new file to list with pid 3188 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-4229.exe
2025-06-24 21:27:17,358 [analyzer] DEBUG: Loaded monitor into process with pid 3560
2025-06-24 21:27:17,390 [analyzer] INFO: Added new file to list with pid 3540 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-53338.exe
2025-06-24 21:27:17,421 [analyzer] INFO: Added new file to list with pid 1364 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-43124.exe
2025-06-24 21:27:17,437 [analyzer] INFO: Added new file to list with pid 3492 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-14443.exe
2025-06-24 21:27:17,437 [analyzer] INFO: Added new file to list with pid 3576 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-61506.exe
2025-06-24 21:27:17,483 [analyzer] INFO: Added new file to list with pid 904 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-6830.exe
2025-06-24 21:27:17,483 [analyzer] INFO: Added new file to list with pid 2848 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-37556.exe
2025-06-24 21:27:17,467 [analyzer] INFO: Added new file to list with pid 1260 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-1230.exe
2025-06-24 21:27:17,483 [analyzer] DEBUG: Loaded monitor into process with pid 3600
2025-06-24 21:27:17,483 [analyzer] INFO: Added new file to list with pid 3312 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-57422.exe
2025-06-24 21:27:17,483 [analyzer] INFO: Added new file to list with pid 2104 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-22347.exe
2025-06-24 21:27:17,500 [analyzer] INFO: Injected into process with pid 3716 and name u'Unicorn-47116.exe'
2025-06-24 21:27:17,515 [analyzer] INFO: Added new file to list with pid 1176 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-3680.exe
2025-06-24 21:27:17,530 [analyzer] INFO: Added new file to list with pid 3464 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-65398.exe
2025-06-24 21:27:17,608 [analyzer] INFO: Added new file to list with pid 2624 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-3183.exe
2025-06-24 21:27:17,608 [analyzer] INFO: Injected into process with pid 3740 and name u'Unicorn-35418.exe'
2025-06-24 21:27:17,671 [analyzer] INFO: Injected into process with pid 2088 and name u'Unicorn-37002.exe'
2025-06-24 21:27:17,733 [analyzer] INFO: Injected into process with pid 3868 and name u'Unicorn-63644.exe'
2025-06-24 21:27:17,796 [analyzer] INFO: Injected into process with pid 3928 and name u'Unicorn-41086.exe'
2025-06-24 21:27:17,828 [analyzer] INFO: Injected into process with pid 3992 and name u'Unicorn-4229.exe'
2025-06-24 21:27:17,875 [analyzer] INFO: Injected into process with pid 2976 and name u'Unicorn-53338.exe'
2025-06-24 21:27:17,921 [analyzer] INFO: Injected into process with pid 3168 and name u'Unicorn-43124.exe'
2025-06-24 21:27:17,953 [analyzer] INFO: Injected into process with pid 3300 and name u'Unicorn-14443.exe'
2025-06-24 21:27:18,000 [analyzer] INFO: Injected into process with pid 3480 and name u'Unicorn-61506.exe'
2025-06-24 21:27:18,046 [analyzer] INFO: Injected into process with pid 3564 and name u'Unicorn-6830.exe'
2025-06-24 21:27:18,046 [analyzer] DEBUG: Loaded monitor into process with pid 3716
2025-06-24 21:27:18,046 [analyzer] INFO: Injected into process with pid 3724 and name u'Unicorn-37556.exe'
2025-06-24 21:27:18,092 [analyzer] INFO: Injected into process with pid 3224 and name u'Unicorn-57422.exe'
2025-06-24 21:27:18,078 [analyzer] INFO: Injected into process with pid 3948 and name u'Unicorn-1230.exe'
2025-06-24 21:27:18,140 [analyzer] INFO: Injected into process with pid 3516 and name u'Unicorn-22347.exe'
2025-06-24 21:27:18,140 [analyzer] INFO: Injected into process with pid 3292 and name u'Unicorn-3680.exe'
2025-06-24 21:27:18,203 [analyzer] DEBUG: Loaded monitor into process with pid 3740
2025-06-24 21:27:18,233 [analyzer] INFO: Injected into process with pid 592 and name u'Unicorn-3183.exe'
2025-06-24 21:27:18,233 [analyzer] INFO: Injected into process with pid 4088 and name u'Unicorn-65398.exe'
2025-06-24 21:27:18,265 [analyzer] DEBUG: Loaded monitor into process with pid 3992
2025-06-24 21:27:18,296 [analyzer] DEBUG: Loaded monitor into process with pid 3168
2025-06-24 21:27:18,342 [analyzer] DEBUG: Loaded monitor into process with pid 3300
2025-06-24 21:27:18,358 [analyzer] DEBUG: Loaded monitor into process with pid 3868
2025-06-24 21:27:18,405 [analyzer] DEBUG: Loaded monitor into process with pid 3564
2025-06-24 21:27:18,437 [analyzer] DEBUG: Loaded monitor into process with pid 592
2025-06-24 21:27:18,453 [analyzer] DEBUG: Loaded monitor into process with pid 3928
2025-06-24 21:27:18,453 [analyzer] DEBUG: Loaded monitor into process with pid 2088
2025-06-24 21:27:18,453 [analyzer] DEBUG: Loaded monitor into process with pid 3292
2025-06-24 21:27:18,467 [analyzer] DEBUG: Loaded monitor into process with pid 2976
2025-06-24 21:27:18,483 [analyzer] DEBUG: Loaded monitor into process with pid 4088
2025-06-24 21:27:18,483 [analyzer] DEBUG: Loaded monitor into process with pid 3480
2025-06-24 21:27:18,530 [analyzer] DEBUG: Loaded monitor into process with pid 3516
2025-06-24 21:27:18,530 [analyzer] DEBUG: Loaded monitor into process with pid 3224
2025-06-24 21:27:18,546 [analyzer] DEBUG: Loaded monitor into process with pid 3724
2025-06-24 21:27:18,578 [analyzer] DEBUG: Loaded monitor into process with pid 3948
2025-06-24 21:27:18,953 [analyzer] INFO: Added new file to list with pid 3856 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-49446.exe
2025-06-24 21:27:19,000 [analyzer] INFO: Added new file to list with pid 656 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-20757.exe
2025-06-24 21:27:19,250 [analyzer] INFO: Injected into process with pid 4280 and name u'Unicorn-49446.exe'
2025-06-24 21:27:19,250 [analyzer] INFO: Injected into process with pid 4304 and name u'Unicorn-20757.exe'
2025-06-24 21:27:19,342 [analyzer] INFO: Added new file to list with pid 3932 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-41854.exe
2025-06-24 21:27:19,390 [analyzer] INFO: Added new file to list with pid 3968 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-19296.exe
2025-06-24 21:27:19,405 [analyzer] INFO: Added new file to list with pid 3208 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-30156.exe
2025-06-24 21:27:19,421 [analyzer] DEBUG: Loaded monitor into process with pid 4304
2025-06-24 21:27:19,437 [analyzer] DEBUG: Loaded monitor into process with pid 4280
2025-06-24 21:27:19,453 [analyzer] INFO: Added new file to list with pid 3900 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-27464.exe
2025-06-24 21:27:19,453 [analyzer] INFO: Added new file to list with pid 2712 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-21333.exe
2025-06-24 21:27:19,483 [analyzer] INFO: Added new file to list with pid 3176 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-38324.exe
2025-06-24 21:27:19,546 [analyzer] INFO: Added new file to list with pid 3980 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-35440.exe
2025-06-24 21:27:19,546 [analyzer] INFO: Injected into process with pid 4364 and name u'Unicorn-41854.exe'
2025-06-24 21:27:19,592 [analyzer] INFO: Added new file to list with pid 2480 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-43343.exe
2025-06-24 21:27:19,608 [analyzer] INFO: Injected into process with pid 4392 and name u'Unicorn-19296.exe'
2025-06-24 21:27:19,717 [analyzer] INFO: Injected into process with pid 4416 and name u'Unicorn-30156.exe'
2025-06-24 21:27:19,717 [analyzer] INFO: Injected into process with pid 4492 and name u'Unicorn-38324.exe'
2025-06-24 21:27:19,733 [analyzer] INFO: Injected into process with pid 4456 and name u'Unicorn-27464.exe'
2025-06-24 21:27:19,750 [analyzer] INFO: Injected into process with pid 4448 and name u'Unicorn-21333.exe'
2025-06-24 21:27:19,750 [analyzer] INFO: Added new file to list with pid 4076 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-37578.exe
2025-06-24 21:27:19,796 [analyzer] INFO: Injected into process with pid 4536 and name u'Unicorn-35440.exe'
2025-06-24 21:27:19,828 [analyzer] INFO: Added new file to list with pid 3244 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-44355.exe
2025-06-24 21:27:19,890 [analyzer] DEBUG: Loaded monitor into process with pid 4364
2025-06-24 21:27:19,905 [analyzer] DEBUG: Loaded monitor into process with pid 4392
2025-06-24 21:27:19,953 [analyzer] INFO: Injected into process with pid 4552 and name u'Unicorn-43343.exe'
2025-06-24 21:27:19,967 [analyzer] DEBUG: Loaded monitor into process with pid 4492
2025-06-24 21:27:19,967 [analyzer] INFO: Added new file to list with pid 3084 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-27272.exe
2025-06-24 21:27:20,000 [analyzer] DEBUG: Loaded monitor into process with pid 4448
2025-06-24 21:27:20,015 [analyzer] INFO: Added new file to list with pid 1428 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-29885.exe
2025-06-24 21:27:20,062 [analyzer] INFO: Injected into process with pid 4692 and name u'Unicorn-44355.exe'
2025-06-24 21:27:20,092 [analyzer] DEBUG: Loaded monitor into process with pid 4416
2025-06-24 21:27:20,092 [analyzer] INFO: Injected into process with pid 4648 and name u'Unicorn-37578.exe'
2025-06-24 21:27:20,125 [analyzer] DEBUG: Loaded monitor into process with pid 4456
2025-06-24 21:27:20,155 [analyzer] DEBUG: Loaded monitor into process with pid 4536
2025-06-24 21:27:20,171 [analyzer] INFO: Injected into process with pid 4764 and name u'Unicorn-27272.exe'
2025-06-24 21:27:20,203 [analyzer] INFO: Injected into process with pid 4792 and name u'Unicorn-29885.exe'
2025-06-24 21:27:20,233 [analyzer] DEBUG: Loaded monitor into process with pid 4552
2025-06-24 21:27:20,280 [analyzer] DEBUG: Loaded monitor into process with pid 4648
2025-06-24 21:27:20,328 [analyzer] INFO: Added new file to list with pid 3188 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-46322.exe
2025-06-24 21:27:20,358 [analyzer] DEBUG: Loaded monitor into process with pid 4692
2025-06-24 21:27:20,390 [analyzer] DEBUG: Loaded monitor into process with pid 4764
2025-06-24 21:27:20,421 [analyzer] DEBUG: Loaded monitor into process with pid 4792
2025-06-24 21:27:20,421 [analyzer] INFO: Added new file to list with pid 3268 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-50406.exe
2025-06-24 21:27:20,437 [analyzer] INFO: Added new file to list with pid 3360 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-61267.exe
2025-06-24 21:27:20,483 [analyzer] INFO: Added new file to list with pid 3304 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-27848.exe
2025-06-24 21:27:20,500 [analyzer] INFO: Injected into process with pid 4892 and name u'Unicorn-46322.exe'
2025-06-24 21:27:20,530 [analyzer] INFO: Added new file to list with pid 976 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-35559.exe
2025-06-24 21:27:20,546 [analyzer] INFO: Added new file to list with pid 3404 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-11874.exe
2025-06-24 21:27:20,640 [analyzer] INFO: Injected into process with pid 4928 and name u'Unicorn-50406.exe'
2025-06-24 21:27:20,655 [analyzer] INFO: Added new file to list with pid 3440 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-52160.exe
2025-06-24 21:27:20,717 [analyzer] INFO: Injected into process with pid 4936 and name u'Unicorn-61267.exe'
2025-06-24 21:27:20,717 [analyzer] INFO: Injected into process with pid 4980 and name u'Unicorn-27848.exe'
2025-06-24 21:27:20,733 [analyzer] INFO: Injected into process with pid 5004 and name u'Unicorn-35559.exe'
2025-06-24 21:27:20,733 [analyzer] INFO: Added new file to list with pid 3276 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-5652.exe
2025-06-24 21:27:20,733 [analyzer] INFO: Added new file to list with pid 3560 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-56244.exe
2025-06-24 21:27:20,780 [analyzer] DEBUG: Loaded monitor into process with pid 4892
2025-06-24 21:27:20,828 [analyzer] INFO: Added new file to list with pid 2588 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-40000.exe
2025-06-24 21:27:20,842 [analyzer] DEBUG: Loaded monitor into process with pid 4928
2025-06-24 21:27:20,858 [analyzer] INFO: Injected into process with pid 5020 and name u'Unicorn-11874.exe'
2025-06-24 21:27:20,905 [analyzer] INFO: Injected into process with pid 5084 and name u'Unicorn-52160.exe'
2025-06-24 21:27:20,921 [analyzer] INFO: Injected into process with pid 4120 and name u'Unicorn-5652.exe'
2025-06-24 21:27:20,953 [analyzer] DEBUG: Loaded monitor into process with pid 4980
2025-06-24 21:27:20,967 [analyzer] DEBUG: Loaded monitor into process with pid 4936
2025-06-24 21:27:21,015 [analyzer] DEBUG: Loaded monitor into process with pid 5004
2025-06-24 21:27:21,015 [analyzer] INFO: Injected into process with pid 4164 and name u'Unicorn-56244.exe'
2025-06-24 21:27:21,015 [analyzer] INFO: Added new file to list with pid 3600 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-23572.exe
2025-06-24 21:27:21,046 [analyzer] INFO: Injected into process with pid 4408 and name u'Unicorn-40000.exe'
2025-06-24 21:27:21,092 [analyzer] INFO: Added new file to list with pid 2676 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-7711.exe
2025-06-24 21:27:21,092 [analyzer] DEBUG: Loaded monitor into process with pid 5020
2025-06-24 21:27:21,140 [analyzer] DEBUG: Loaded monitor into process with pid 5084
2025-06-24 21:27:21,187 [analyzer] DEBUG: Loaded monitor into process with pid 4120
2025-06-24 21:27:21,203 [analyzer] DEBUG: Loaded monitor into process with pid 4164
2025-06-24 21:27:21,233 [analyzer] INFO: Injected into process with pid 4588 and name u'Unicorn-23572.exe'
2025-06-24 21:27:21,250 [analyzer] DEBUG: Loaded monitor into process with pid 4408
2025-06-24 21:27:21,265 [analyzer] INFO: Injected into process with pid 4608 and name u'Unicorn-7711.exe'
2025-06-24 21:27:21,421 [analyzer] DEBUG: Loaded monitor into process with pid 4588
2025-06-24 21:27:21,467 [analyzer] DEBUG: Loaded monitor into process with pid 4608
2025-06-24 21:27:23,453 [analyzer] INFO: Added new file to list with pid 3224 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-63810.exe
2025-06-24 21:27:23,608 [analyzer] INFO: Added new file to list with pid 4280 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-10333.exe
2025-06-24 21:27:23,733 [analyzer] INFO: Injected into process with pid 4132 and name u'Unicorn-63810.exe'
2025-06-24 21:27:23,780 [analyzer] INFO: Added new file to list with pid 3312 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-49975.exe
2025-06-24 21:27:23,796 [analyzer] INFO: Injected into process with pid 4316 and name u'Unicorn-10333.exe'
2025-06-24 21:27:23,890 [analyzer] INFO: Added new file to list with pid 3856 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-54059.exe
2025-06-24 21:27:23,921 [analyzer] DEBUG: Loaded monitor into process with pid 4132
2025-06-24 21:27:23,937 [analyzer] INFO: Injected into process with pid 4508 and name u'Unicorn-49975.exe'
2025-06-24 21:27:23,983 [analyzer] DEBUG: Loaded monitor into process with pid 4316
2025-06-24 21:27:24,078 [analyzer] INFO: Injected into process with pid 3172 and name u'Unicorn-54059.exe'
2025-06-24 21:27:24,171 [analyzer] DEBUG: Loaded monitor into process with pid 4508
2025-06-24 21:27:24,265 [analyzer] DEBUG: Loaded monitor into process with pid 3172
2025-06-24 21:27:25,296 [analyzer] INFO: Added new file to list with pid 3948 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-35990.exe
2025-06-24 21:27:25,296 [analyzer] INFO: Added new file to list with pid 4304 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-35990.exe
2025-06-24 21:27:25,437 [analyzer] INFO: Injected into process with pid 4568 and name u'Unicorn-35990.exe'
2025-06-24 21:27:25,453 [analyzer] INFO: Injected into process with pid 4684 and name u'Unicorn-35990.exe'
2025-06-24 21:27:25,500 [analyzer] INFO: Added new file to list with pid 1260 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-17283.exe
2025-06-24 21:27:25,608 [analyzer] INFO: Added new file to list with pid 656 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-45647.exe
2025-06-24 21:27:25,640 [analyzer] DEBUG: Loaded monitor into process with pid 4568
2025-06-24 21:27:25,640 [analyzer] DEBUG: Loaded monitor into process with pid 4684
2025-06-24 21:27:25,750 [analyzer] INFO: Injected into process with pid 4412 and name u'Unicorn-17283.exe'
2025-06-24 21:27:25,828 [analyzer] INFO: Injected into process with pid 5148 and name u'Unicorn-45647.exe'
2025-06-24 21:27:25,967 [analyzer] DEBUG: Loaded monitor into process with pid 4412
2025-06-24 21:27:26,046 [analyzer] DEBUG: Loaded monitor into process with pid 5148
2025-06-24 21:27:26,217 [analyzer] INFO: Added new file to list with pid 4164 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-62824.exe
2025-06-24 21:27:26,358 [analyzer] INFO: Added new file to list with pid 3716 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-5647.exe
2025-06-24 21:27:26,358 [analyzer] INFO: Added new file to list with pid 4588 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-44542.exe
2025-06-24 21:27:26,437 [analyzer] INFO: Added new file to list with pid 3724 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-17900.exe
2025-06-24 21:27:26,467 [analyzer] INFO: Injected into process with pid 5212 and name u'Unicorn-62824.exe'
2025-06-24 21:27:26,530 [analyzer] INFO: Added new file to list with pid 3560 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-18262.exe
2025-06-24 21:27:26,578 [analyzer] INFO: Injected into process with pid 5244 and name u'Unicorn-5647.exe'
2025-06-24 21:27:26,608 [analyzer] INFO: Injected into process with pid 5252 and name u'Unicorn-44542.exe'
2025-06-24 21:27:26,625 [analyzer] INFO: Injected into process with pid 5288 and name u'Unicorn-17900.exe'
2025-06-24 21:27:26,655 [analyzer] DEBUG: Loaded monitor into process with pid 5212
2025-06-24 21:27:26,655 [analyzer] INFO: Added new file to list with pid 3384 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-65325.exe
2025-06-24 21:27:26,687 [analyzer] INFO: Injected into process with pid 5340 and name u'Unicorn-18262.exe'
2025-06-24 21:27:26,733 [analyzer] INFO: Added new file to list with pid 3600 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-7956.exe
2025-06-24 21:27:26,780 [analyzer] DEBUG: Loaded monitor into process with pid 5244
2025-06-24 21:27:26,796 [analyzer] DEBUG: Loaded monitor into process with pid 5288
2025-06-24 21:27:26,812 [analyzer] INFO: Added new file to list with pid 3168 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-1371.exe
2025-06-24 21:27:26,842 [analyzer] INFO: Added new file to list with pid 2848 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-7493.exe
2025-06-24 21:27:26,858 [analyzer] DEBUG: Loaded monitor into process with pid 5252
2025-06-24 21:27:26,875 [analyzer] INFO: Injected into process with pid 5408 and name u'Unicorn-65325.exe'
2025-06-24 21:27:26,890 [analyzer] DEBUG: Loaded monitor into process with pid 5340
2025-06-24 21:27:26,937 [analyzer] INFO: Injected into process with pid 5444 and name u'Unicorn-7956.exe'
2025-06-24 21:27:26,983 [analyzer] INFO: Injected into process with pid 5484 and name u'Unicorn-1371.exe'
2025-06-24 21:27:27,046 [analyzer] INFO: Injected into process with pid 5524 and name u'Unicorn-7493.exe'
2025-06-24 21:27:27,062 [analyzer] DEBUG: Loaded monitor into process with pid 5408
2025-06-24 21:27:27,171 [analyzer] DEBUG: Loaded monitor into process with pid 5444
2025-06-24 21:27:27,203 [analyzer] DEBUG: Loaded monitor into process with pid 5484
2025-06-24 21:27:27,312 [analyzer] INFO: Added new file to list with pid 1364 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-1682.exe
2025-06-24 21:27:27,390 [analyzer] DEBUG: Loaded monitor into process with pid 5524
2025-06-24 21:27:27,640 [analyzer] INFO: Injected into process with pid 5608 and name u'Unicorn-1682.exe'
2025-06-24 21:27:27,812 [analyzer] INFO: Added new file to list with pid 4928 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-1755.exe
2025-06-24 21:27:27,828 [analyzer] DEBUG: Loaded monitor into process with pid 5608
2025-06-24 21:27:27,983 [analyzer] INFO: Injected into process with pid 5656 and name u'Unicorn-1755.exe'
2025-06-24 21:27:28,092 [analyzer] INFO: Added new file to list with pid 3268 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-45829.exe
2025-06-24 21:27:28,171 [analyzer] DEBUG: Loaded monitor into process with pid 5656
2025-06-24 21:27:28,280 [analyzer] INFO: Injected into process with pid 5696 and name u'Unicorn-45829.exe'
2025-06-24 21:27:28,375 [analyzer] INFO: Added new file to list with pid 4416 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-33022.exe
2025-06-24 21:27:28,405 [analyzer] INFO: Added new file to list with pid 3564 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-10463.exe
2025-06-24 21:27:28,483 [analyzer] DEBUG: Loaded monitor into process with pid 5696
2025-06-24 21:27:28,483 [analyzer] INFO: Added new file to list with pid 4392 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-49358.exe
2025-06-24 21:27:28,483 [analyzer] INFO: Added new file to list with pid 4980 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-49358.exe
2025-06-24 21:27:28,625 [analyzer] INFO: Injected into process with pid 5756 and name u'Unicorn-10463.exe'
2025-06-24 21:27:28,625 [analyzer] INFO: Injected into process with pid 5740 and name u'Unicorn-33022.exe'
2025-06-24 21:27:28,717 [analyzer] INFO: Added new file to list with pid 3740 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-8133.exe
2025-06-24 21:27:28,796 [analyzer] INFO: Added new file to list with pid 3992 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-51112.exe
2025-06-24 21:27:28,842 [analyzer] INFO: Injected into process with pid 5808 and name u'Unicorn-49358.exe'
2025-06-24 21:27:28,858 [analyzer] INFO: Added new file to list with pid 3208 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-26699.exe
2025-06-24 21:27:28,875 [analyzer] DEBUG: Loaded monitor into process with pid 5740
2025-06-24 21:27:28,890 [analyzer] DEBUG: Loaded monitor into process with pid 5756
2025-06-24 21:27:28,937 [analyzer] INFO: Added new file to list with pid 904 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-57.exe
2025-06-24 21:27:29,030 [analyzer] INFO: Injected into process with pid 5864 and name u'Unicorn-8133.exe'
2025-06-24 21:27:29,046 [analyzer] INFO: Injected into process with pid 5884 and name u'Unicorn-51112.exe'
2025-06-24 21:27:29,062 [analyzer] DEBUG: Loaded monitor into process with pid 5808
2025-06-24 21:27:29,062 [analyzer] INFO: Added new file to list with pid 3304 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-38044.exe
2025-06-24 21:27:29,108 [analyzer] INFO: Injected into process with pid 5928 and name u'Unicorn-26699.exe'
2025-06-24 21:27:29,108 [analyzer] INFO: Added new file to list with pid 3968 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-46213.exe
2025-06-24 21:27:29,171 [analyzer] INFO: Added new file to list with pid 216 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-2579.exe
2025-06-24 21:27:29,187 [analyzer] INFO: Injected into process with pid 5972 and name u'Unicorn-57.exe'
2025-06-24 21:27:29,203 [analyzer] INFO: Added new file to list with pid 4552 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-8709.exe
2025-06-24 21:27:29,250 [analyzer] INFO: Added new file to list with pid 364 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-16612.exe
2025-06-24 21:27:29,265 [analyzer] DEBUG: Loaded monitor into process with pid 5884
2025-06-24 21:27:29,328 [analyzer] DEBUG: Loaded monitor into process with pid 5864
2025-06-24 21:27:29,342 [analyzer] DEBUG: Loaded monitor into process with pid 5928
2025-06-24 21:27:29,358 [analyzer] INFO: Added new file to list with pid 3868 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-37490.exe
2025-06-24 21:27:29,375 [analyzer] INFO: Injected into process with pid 6020 and name u'Unicorn-38044.exe'
2025-06-24 21:27:29,421 [analyzer] INFO: Injected into process with pid 6060 and name u'Unicorn-46213.exe'
2025-06-24 21:27:29,437 [analyzer] DEBUG: Loaded monitor into process with pid 5972
2025-06-24 21:27:29,530 [analyzer] INFO: Injected into process with pid 6092 and name u'Unicorn-2579.exe'
2025-06-24 21:27:29,562 [analyzer] INFO: Injected into process with pid 6124 and name u'Unicorn-8709.exe'
2025-06-24 21:27:29,578 [analyzer] INFO: Added new file to list with pid 4088 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-57718.exe
2025-06-24 21:27:29,592 [analyzer] DEBUG: Loaded monitor into process with pid 6020
2025-06-24 21:27:29,608 [analyzer] INFO: Injected into process with pid 5132 and name u'Unicorn-16612.exe'
2025-06-24 21:27:29,640 [analyzer] INFO: Added new file to list with pid 2480 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-3671.exe
2025-06-24 21:27:29,671 [analyzer] INFO: Injected into process with pid 5268 and name u'Unicorn-37490.exe'
2025-06-24 21:27:29,687 [analyzer] DEBUG: Loaded monitor into process with pid 6060
2025-06-24 21:27:29,687 [analyzer] INFO: Added new file to list with pid 5020 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-43328.exe
2025-06-24 21:27:29,796 [analyzer] DEBUG: Loaded monitor into process with pid 6092
2025-06-24 21:27:29,858 [analyzer] DEBUG: Loaded monitor into process with pid 6124
2025-06-24 21:27:29,858 [analyzer] INFO: Added new file to list with pid 3424 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-48159.exe
2025-06-24 21:27:29,890 [analyzer] INFO: Added new file to list with pid 4364 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-63940.exe
2025-06-24 21:27:29,921 [analyzer] DEBUG: Loaded monitor into process with pid 5132
2025-06-24 21:27:29,953 [analyzer] INFO: Injected into process with pid 5420 and name u'Unicorn-57718.exe'
2025-06-24 21:27:29,983 [analyzer] DEBUG: Loaded monitor into process with pid 5268
2025-06-24 21:27:30,030 [analyzer] INFO: Injected into process with pid 5516 and name u'Unicorn-3671.exe'
2025-06-24 21:27:30,078 [analyzer] INFO: Injected into process with pid 5572 and name u'Unicorn-43328.exe'
2025-06-24 21:27:30,108 [analyzer] INFO: Added new file to list with pid 3464 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-46597.exe
2025-06-24 21:27:30,108 [analyzer] INFO: Added new file to list with pid 3516 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-35736.exe
2025-06-24 21:27:30,217 [analyzer] DEBUG: Loaded monitor into process with pid 5420
2025-06-24 21:27:30,250 [analyzer] INFO: Injected into process with pid 5720 and name u'Unicorn-48159.exe'
2025-06-24 21:27:30,265 [analyzer] INFO: Injected into process with pid 5728 and name u'Unicorn-63940.exe'
2025-06-24 21:27:30,328 [analyzer] DEBUG: Loaded monitor into process with pid 5516
2025-06-24 21:27:30,390 [analyzer] DEBUG: Loaded monitor into process with pid 5572
2025-06-24 21:27:30,483 [analyzer] DEBUG: Loaded monitor into process with pid 5720
2025-06-24 21:27:30,530 [analyzer] DEBUG: Loaded monitor into process with pid 5728
2025-06-24 21:27:30,655 [analyzer] INFO: Injected into process with pid 5916 and name u'Unicorn-46597.exe'
2025-06-24 21:27:30,655 [analyzer] INFO: Injected into process with pid 5920 and name u'Unicorn-35736.exe'
2025-06-24 21:27:30,687 [analyzer] INFO: Added new file to list with pid 3404 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-33497.exe
2025-06-24 21:27:30,875 [analyzer] INFO: Added new file to list with pid 3932 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-13732.exe
2025-06-24 21:27:30,890 [analyzer] DEBUG: Loaded monitor into process with pid 5916
2025-06-24 21:27:30,937 [analyzer] INFO: Added new file to list with pid 2104 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-63562.exe
2025-06-24 21:27:30,967 [analyzer] DEBUG: Loaded monitor into process with pid 5920
2025-06-24 21:27:31,015 [analyzer] INFO: Injected into process with pid 5172 and name u'Unicorn-33497.exe'
2025-06-24 21:27:31,125 [analyzer] INFO: Added new file to list with pid 4536 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-36120.exe
2025-06-24 21:27:31,203 [analyzer] INFO: Injected into process with pid 5308 and name u'Unicorn-13732.exe'
2025-06-24 21:27:31,250 [analyzer] DEBUG: Loaded monitor into process with pid 5172
2025-06-24 21:27:31,250 [analyzer] INFO: Injected into process with pid 5460 and name u'Unicorn-63562.exe'
2025-06-24 21:27:31,280 [analyzer] INFO: Added new file to list with pid 4456 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-60816.exe
2025-06-24 21:27:31,390 [analyzer] INFO: Injected into process with pid 5732 and name u'Unicorn-36120.exe'
2025-06-24 21:27:31,405 [analyzer] INFO: Added new file to list with pid 4764 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-46426.exe
2025-06-24 21:27:31,421 [analyzer] DEBUG: Loaded monitor into process with pid 5308
2025-06-24 21:27:31,453 [analyzer] INFO: Added new file to list with pid 3300 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-42342.exe
2025-06-24 21:27:31,467 [analyzer] DEBUG: Loaded monitor into process with pid 5460
2025-06-24 21:27:31,483 [analyzer] INFO: Added new file to list with pid 3980 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-65455.exe
2025-06-24 21:27:31,530 [analyzer] INFO: Added new file to list with pid 4392 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-7894.exe
2025-06-24 21:27:31,578 [analyzer] INFO: Injected into process with pid 6000 and name u'Unicorn-60816.exe'
2025-06-24 21:27:31,592 [analyzer] INFO: Added new file to list with pid 3524 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-16062.exe
2025-06-24 21:27:31,655 [analyzer] INFO: Added new file to list with pid 3540 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-24230.exe
2025-06-24 21:27:31,655 [analyzer] INFO: Added new file to list with pid 3548 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-24230.exe
2025-06-24 21:27:31,671 [analyzer] DEBUG: Loaded monitor into process with pid 5732
2025-06-24 21:27:31,703 [analyzer] INFO: Added new file to list with pid 3492 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-1672.exe
2025-06-24 21:27:31,703 [analyzer] INFO: Added new file to list with pid 3576 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-1672.exe
2025-06-24 21:27:31,750 [analyzer] INFO: Injected into process with pid 6120 and name u'Unicorn-46426.exe'
2025-06-24 21:27:31,765 [analyzer] INFO: Added new file to list with pid 1176 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-39250.exe
2025-06-24 21:27:31,796 [analyzer] INFO: Injected into process with pid 5404 and name u'Unicorn-65455.exe'
2025-06-24 21:27:31,796 [analyzer] INFO: Injected into process with pid 5368 and name u'Unicorn-42342.exe'
2025-06-24 21:27:31,828 [analyzer] DEBUG: Loaded monitor into process with pid 6000
2025-06-24 21:27:31,828 [analyzer] INFO: Added new file to list with pid 2624 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-31074.exe
2025-06-24 21:27:31,905 [analyzer] INFO: Added new file to list with pid 2088 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-64708.exe
2025-06-24 21:27:31,937 [analyzer] INFO: Injected into process with pid 5772 and name u'Unicorn-7894.exe'
2025-06-24 21:27:31,967 [analyzer] INFO: Added new file to list with pid 4892 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-42150.exe
2025-06-24 21:27:31,983 [analyzer] INFO: Injected into process with pid 5500 and name u'Unicorn-16062.exe'
2025-06-24 21:27:32,015 [analyzer] DEBUG: Loaded monitor into process with pid 6120
2025-06-24 21:27:32,046 [analyzer] DEBUG: Loaded monitor into process with pid 5404
2025-06-24 21:27:32,078 [analyzer] DEBUG: Loaded monitor into process with pid 5368
2025-06-24 21:27:32,078 [analyzer] INFO: Injected into process with pid 6168 and name u'Unicorn-24230.exe'
2025-06-24 21:27:32,108 [analyzer] INFO: Injected into process with pid 6200 and name u'Unicorn-1672.exe'
2025-06-24 21:27:32,155 [analyzer] INFO: Injected into process with pid 6244 and name u'Unicorn-39250.exe'
2025-06-24 21:27:32,187 [analyzer] INFO: Added new file to list with pid 3480 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-13945.exe
2025-06-24 21:27:32,203 [analyzer] INFO: Added new file to list with pid 3900 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-2248.exe
2025-06-24 21:27:32,233 [analyzer] DEBUG: Loaded monitor into process with pid 5772
2025-06-24 21:27:32,250 [analyzer] DEBUG: Loaded monitor into process with pid 5500
2025-06-24 21:27:32,280 [analyzer] INFO: Injected into process with pid 6276 and name u'Unicorn-31074.exe'
2025-06-24 21:27:32,328 [analyzer] DEBUG: Loaded monitor into process with pid 6168
2025-06-24 21:27:32,328 [analyzer] INFO: Injected into process with pid 6332 and name u'Unicorn-64708.exe'
2025-06-24 21:27:32,358 [analyzer] INFO: Injected into process with pid 6364 and name u'Unicorn-42150.exe'
2025-06-24 21:27:32,405 [analyzer] DEBUG: Loaded monitor into process with pid 6200
2025-06-24 21:27:32,437 [analyzer] DEBUG: Loaded monitor into process with pid 6244
2025-06-24 21:27:32,483 [analyzer] INFO: Added new file to list with pid 4692 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-54978.exe
2025-06-24 21:27:32,483 [analyzer] INFO: Added new file to list with pid 3084 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-35112.exe
2025-06-24 21:27:32,530 [analyzer] DEBUG: Loaded monitor into process with pid 6276
2025-06-24 21:27:32,562 [analyzer] DEBUG: Loaded monitor into process with pid 6332
2025-06-24 21:27:32,592 [analyzer] DEBUG: Loaded monitor into process with pid 6364
2025-06-24 21:27:32,625 [analyzer] INFO: Injected into process with pid 6460 and name u'Unicorn-13945.exe'
2025-06-24 21:27:32,625 [analyzer] INFO: Injected into process with pid 6472 and name u'Unicorn-2248.exe'
2025-06-24 21:27:32,953 [analyzer] DEBUG: Loaded monitor into process with pid 6460
2025-06-24 21:27:33,000 [analyzer] DEBUG: Loaded monitor into process with pid 6472
2025-06-24 21:27:33,000 [analyzer] INFO: Injected into process with pid 6576 and name u'Unicorn-54978.exe'
2025-06-24 21:27:33,030 [analyzer] INFO: Injected into process with pid 6584 and name u'Unicorn-35112.exe'
2025-06-24 21:27:33,046 [analyzer] INFO: Added new file to list with pid 4792 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-15892.exe
2025-06-24 21:27:33,046 [analyzer] INFO: Added new file to list with pid 592 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-63530.exe
2025-06-24 21:27:33,187 [analyzer] INFO: Added new file to list with pid 3188 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-60001.exe
2025-06-24 21:27:33,296 [analyzer] DEBUG: Loaded monitor into process with pid 6576
2025-06-24 21:27:33,328 [analyzer] INFO: Added new file to list with pid 3176 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-51370.exe
2025-06-24 21:27:33,342 [analyzer] DEBUG: Loaded monitor into process with pid 6584
2025-06-24 21:27:33,358 [analyzer] INFO: Added new file to list with pid 2712 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-38761.exe
2025-06-24 21:27:33,421 [analyzer] INFO: Added new file to list with pid 3928 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-47194.exe
2025-06-24 21:27:33,546 [analyzer] INFO: Injected into process with pid 6700 and name u'Unicorn-63530.exe'
2025-06-24 21:27:33,546 [analyzer] INFO: Injected into process with pid 6692 and name u'Unicorn-15892.exe'
2025-06-24 21:27:33,687 [analyzer] INFO: Injected into process with pid 6744 and name u'Unicorn-60001.exe'
2025-06-24 21:27:33,687 [analyzer] INFO: Added new file to list with pid 3244 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-3923.exe
2025-06-24 21:27:33,733 [analyzer] INFO: Added new file to list with pid 4076 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-2440.exe
2025-06-24 21:27:33,842 [analyzer] DEBUG: Loaded monitor into process with pid 6692
2025-06-24 21:27:33,842 [analyzer] INFO: Added new file to list with pid 1428 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-57043.exe
2025-06-24 21:27:33,858 [analyzer] DEBUG: Loaded monitor into process with pid 6700
2025-06-24 21:27:33,921 [analyzer] INFO: Added new file to list with pid 3292 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-34750.exe
2025-06-24 21:27:33,921 [analyzer] INFO: Injected into process with pid 6804 and name u'Unicorn-51370.exe'
2025-06-24 21:27:34,000 [analyzer] INFO: Injected into process with pid 6812 and name u'Unicorn-38761.exe'
2025-06-24 21:27:34,030 [analyzer] DEBUG: Loaded monitor into process with pid 6744
2025-06-24 21:27:34,030 [analyzer] INFO: Injected into process with pid 6860 and name u'Unicorn-47194.exe'
2025-06-24 21:27:34,062 [analyzer] INFO: Added new file to list with pid 2976 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-29104.exe
2025-06-24 21:27:34,203 [analyzer] DEBUG: Loaded monitor into process with pid 6804
2025-06-24 21:27:34,203 [analyzer] INFO: Injected into process with pid 6912 and name u'Unicorn-3923.exe'
2025-06-24 21:27:34,233 [analyzer] INFO: Injected into process with pid 6936 and name u'Unicorn-2440.exe'
2025-06-24 21:27:34,250 [analyzer] DEBUG: Loaded monitor into process with pid 6812
2025-06-24 21:27:34,265 [analyzer] INFO: Injected into process with pid 6992 and name u'Unicorn-57043.exe'
2025-06-24 21:27:34,328 [analyzer] INFO: Added new file to list with pid 976 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-48954.exe
2025-06-24 21:27:34,328 [analyzer] INFO: Added new file to list with pid 3360 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-51754.exe
2025-06-24 21:27:34,342 [analyzer] DEBUG: Loaded monitor into process with pid 6860
2025-06-24 21:27:34,358 [analyzer] INFO: Injected into process with pid 7032 and name u'Unicorn-34750.exe'
2025-06-24 21:27:34,437 [analyzer] INFO: Injected into process with pid 7084 and name u'Unicorn-29104.exe'
2025-06-24 21:27:34,467 [analyzer] DEBUG: Loaded monitor into process with pid 6912
2025-06-24 21:27:34,483 [analyzer] DEBUG: Loaded monitor into process with pid 6936
2025-06-24 21:27:34,530 [analyzer] DEBUG: Loaded monitor into process with pid 6992
2025-06-24 21:27:34,530 [analyzer] INFO: Added new file to list with pid 3276 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-57592.exe
2025-06-24 21:27:34,546 [analyzer] INFO: Added new file to list with pid 3440 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-43857.exe
2025-06-24 21:27:34,592 [analyzer] DEBUG: Loaded monitor into process with pid 7032
2025-06-24 21:27:34,671 [analyzer] INFO: Added new file to list with pid 2588 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-2004.exe
2025-06-24 21:27:34,717 [analyzer] INFO: Added new file to list with pid 5004 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-14521.exe
2025-06-24 21:27:34,750 [analyzer] DEBUG: Loaded monitor into process with pid 7084
2025-06-24 21:27:34,780 [analyzer] INFO: Added new file to list with pid 3540 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-24919.exe
2025-06-24 21:27:34,780 [analyzer] INFO: Added new file to list with pid 3492 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-55646.exe
2025-06-24 21:27:34,796 [analyzer] INFO: Injected into process with pid 5828 and name u'Unicorn-48954.exe'
2025-06-24 21:27:34,828 [analyzer] INFO: Injected into process with pid 5372 and name u'Unicorn-51754.exe'
2025-06-24 21:27:34,875 [analyzer] INFO: Added new file to list with pid 2676 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-34869.exe
2025-06-24 21:27:35,078 [analyzer] INFO: Injected into process with pid 6316 and name u'Unicorn-57592.exe'
2025-06-24 21:27:35,092 [analyzer] INFO: Injected into process with pid 6272 and name u'Unicorn-43857.exe'
2025-06-24 21:27:35,108 [analyzer] DEBUG: Loaded monitor into process with pid 5828
2025-06-24 21:27:35,125 [analyzer] INFO: Process with pid 6272 has terminated
2025-06-24 21:27:35,125 [analyzer] INFO: Added new file to list with pid 4492 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-37656.exe
2025-06-24 21:27:35,155 [analyzer] DEBUG: Loaded monitor into process with pid 5372
2025-06-24 21:27:35,187 [analyzer] INFO: Injected into process with pid 6388 and name u'Unicorn-2004.exe'
2025-06-24 21:27:35,203 [analyzer] INFO: Injected into process with pid 6524 and name u'Unicorn-14521.exe'
2025-06-24 21:27:35,312 [analyzer] INFO: Injected into process with pid 6608 and name u'Unicorn-55646.exe'
2025-06-24 21:27:35,312 [analyzer] INFO: Injected into process with pid 6560 and name u'Unicorn-24919.exe'
2025-06-24 21:27:35,358 [analyzer] DEBUG: Loaded monitor into process with pid 6316
2025-06-24 21:27:35,421 [analyzer] INFO: Injected into process with pid 6728 and name u'Unicorn-34869.exe'
2025-06-24 21:27:35,437 [analyzer] DEBUG: Loaded monitor into process with pid 6388
2025-06-24 21:27:35,500 [analyzer] DEBUG: Loaded monitor into process with pid 6524
2025-06-24 21:27:35,640 [analyzer] DEBUG: Loaded monitor into process with pid 6560
2025-06-24 21:27:35,703 [analyzer] DEBUG: Loaded monitor into process with pid 6608
2025-06-24 21:27:35,858 [analyzer] INFO: Added new file to list with pid 4936 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-49716.exe
2025-06-24 21:27:35,875 [analyzer] DEBUG: Loaded monitor into process with pid 6728
2025-06-24 21:27:35,890 [analyzer] INFO: Injected into process with pid 6900 and name u'Unicorn-37656.exe'
2025-06-24 21:27:36,125 [analyzer] INFO: Added new file to list with pid 5084 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-29872.exe
2025-06-24 21:27:36,296 [analyzer] DEBUG: Loaded monitor into process with pid 6900
2025-06-24 21:27:36,703 [analyzer] INFO: Added new file to list with pid 4448 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-41932.exe
2025-06-24 21:27:36,765 [analyzer] INFO: Injected into process with pid 7104 and name u'Unicorn-49716.exe'
2025-06-24 21:27:36,921 [analyzer] INFO: Injected into process with pid 6152 and name u'Unicorn-29872.exe'
2025-06-24 21:27:37,078 [analyzer] DEBUG: Loaded monitor into process with pid 7104
2025-06-24 21:27:37,405 [analyzer] DEBUG: Loaded monitor into process with pid 6152
2025-06-24 21:27:37,437 [analyzer] INFO: Added new file to list with pid 3224 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-24780.exe
2025-06-24 21:27:37,437 [analyzer] INFO: Added new file to list with pid 4280 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-24780.exe
2025-06-24 21:27:37,483 [analyzer] INFO: Injected into process with pid 6360 and name u'Unicorn-41932.exe'
2025-06-24 21:27:37,703 [analyzer] INFO: Added new file to list with pid 3312 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-5459.exe
2025-06-24 21:27:37,733 [analyzer] INFO: Added new file to list with pid 3856 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-48438.exe
2025-06-24 21:27:37,842 [analyzer] DEBUG: Loaded monitor into process with pid 6360
2025-06-24 21:27:37,890 [analyzer] INFO: Added new file to list with pid 4120 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-1475.exe
2025-06-24 21:27:37,905 [analyzer] INFO: Injected into process with pid 6684 and name u'Unicorn-24780.exe'
2025-06-24 21:27:37,983 [analyzer] INFO: Injected into process with pid 1840 and name u'Unicorn-5459.exe'
2025-06-24 21:27:38,015 [analyzer] INFO: Injected into process with pid 6784 and name u'Unicorn-48438.exe'
2025-06-24 21:27:38,108 [analyzer] DEBUG: Loaded monitor into process with pid 6684
2025-06-24 21:27:38,125 [analyzer] INFO: Injected into process with pid 2880 and name u'Unicorn-1475.exe'
2025-06-24 21:27:38,203 [analyzer] DEBUG: Loaded monitor into process with pid 1840
2025-06-24 21:27:38,203 [analyzer] INFO: Added new file to list with pid 3440 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-49014.exe
2025-06-24 21:27:38,217 [analyzer] DEBUG: Loaded monitor into process with pid 6784
2025-06-24 21:27:38,342 [analyzer] DEBUG: Loaded monitor into process with pid 2880
2025-06-24 21:27:38,515 [analyzer] INFO: Injected into process with pid 6732 and name u'Unicorn-49014.exe'
2025-06-24 21:27:38,780 [analyzer] DEBUG: Loaded monitor into process with pid 6732
2025-06-24 21:27:39,030 [analyzer] INFO: Added new file to list with pid 3948 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-11158.exe
2025-06-24 21:27:39,155 [analyzer] INFO: Added new file to list with pid 4304 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-62305.exe
2025-06-24 21:27:39,296 [analyzer] INFO: Injected into process with pid 5228 and name u'Unicorn-11158.exe'
2025-06-24 21:27:39,312 [analyzer] INFO: Added new file to list with pid 4608 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-29078.exe
2025-06-24 21:27:39,358 [analyzer] INFO: Added new file to list with pid 1260 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-7315.exe
2025-06-24 21:27:39,421 [analyzer] INFO: Injected into process with pid 6976 and name u'Unicorn-62305.exe'
2025-06-24 21:27:39,467 [analyzer] INFO: Added new file to list with pid 656 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-13925.exe
2025-06-24 21:27:39,515 [analyzer] DEBUG: Loaded monitor into process with pid 5228
2025-06-24 21:27:39,546 [analyzer] INFO: Injected into process with pid 6296 and name u'Unicorn-29078.exe'
2025-06-24 21:27:39,608 [analyzer] INFO: Injected into process with pid 7172 and name u'Unicorn-7315.exe'
2025-06-24 21:27:39,640 [analyzer] DEBUG: Loaded monitor into process with pid 6976
2025-06-24 21:27:39,640 [analyzer] INFO: Injected into process with pid 7216 and name u'Unicorn-13925.exe'
2025-06-24 21:27:39,765 [analyzer] DEBUG: Loaded monitor into process with pid 6296
2025-06-24 21:27:39,796 [analyzer] DEBUG: Loaded monitor into process with pid 7172
2025-06-24 21:27:39,842 [analyzer] DEBUG: Loaded monitor into process with pid 7216
2025-06-24 21:27:40,125 [analyzer] INFO: Added new file to list with pid 4164 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-19710.exe
2025-06-24 21:27:40,328 [analyzer] INFO: Added new file to list with pid 3724 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-21848.exe
2025-06-24 21:27:40,328 [analyzer] INFO: Added new file to list with pid 3716 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-21848.exe
2025-06-24 21:27:40,437 [analyzer] INFO: Added new file to list with pid 3560 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-39668.exe
2025-06-24 21:27:40,437 [analyzer] INFO: Added new file to list with pid 4588 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-25932.exe
2025-06-24 21:27:40,467 [analyzer] INFO: Added new file to list with pid 3384 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-17109.exe
2025-06-24 21:27:40,515 [analyzer] INFO: Added new file to list with pid 3224 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-47836.exe
2025-06-24 21:27:40,592 [analyzer] INFO: Injected into process with pid 7312 and name u'Unicorn-19710.exe'
2025-06-24 21:27:40,671 [analyzer] INFO: Injected into process with pid 7336 and name u'Unicorn-21848.exe'
2025-06-24 21:27:40,703 [analyzer] INFO: Added new file to list with pid 3600 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-37338.exe
2025-06-24 21:27:40,703 [analyzer] INFO: Added new file to list with pid 3168 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-23602.exe
2025-06-24 21:27:40,703 [analyzer] INFO: Added new file to list with pid 2848 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-43203.exe
2025-06-24 21:27:40,796 [analyzer] INFO: Injected into process with pid 7368 and name u'Unicorn-39668.exe'
2025-06-24 21:27:40,812 [analyzer] INFO: Injected into process with pid 7376 and name u'Unicorn-25932.exe'
2025-06-24 21:27:40,812 [analyzer] INFO: Injected into process with pid 7384 and name u'Unicorn-17109.exe'
2025-06-24 21:27:40,828 [analyzer] DEBUG: Loaded monitor into process with pid 7312
2025-06-24 21:27:40,875 [analyzer] INFO: Injected into process with pid 7416 and name u'Unicorn-47836.exe'
2025-06-24 21:27:40,953 [analyzer] DEBUG: Loaded monitor into process with pid 7336
2025-06-24 21:27:40,983 [analyzer] INFO: Injected into process with pid 7524 and name u'Unicorn-37338.exe'
2025-06-24 21:27:40,983 [analyzer] INFO: Injected into process with pid 7516 and name u'Unicorn-23602.exe'
2025-06-24 21:27:40,983 [analyzer] INFO: Injected into process with pid 7532 and name u'Unicorn-43203.exe'
2025-06-24 21:27:41,046 [analyzer] DEBUG: Loaded monitor into process with pid 7376
2025-06-24 21:27:41,078 [analyzer] DEBUG: Loaded monitor into process with pid 7416
2025-06-24 21:27:41,108 [analyzer] DEBUG: Loaded monitor into process with pid 7384
2025-06-24 21:27:41,155 [analyzer] INFO: Added new file to list with pid 1364 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-39198.exe
2025-06-24 21:27:41,171 [analyzer] DEBUG: Loaded monitor into process with pid 7524
2025-06-24 21:27:41,187 [analyzer] DEBUG: Loaded monitor into process with pid 7532
2025-06-24 21:27:41,233 [analyzer] DEBUG: Loaded monitor into process with pid 7516
2025-06-24 21:27:41,250 [analyzer] INFO: Added new file to list with pid 4648 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-21486.exe
2025-06-24 21:27:41,296 [analyzer] DEBUG: Loaded monitor into process with pid 7368
2025-06-24 21:27:41,515 [analyzer] INFO: Added new file to list with pid 4928 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-11734.exe
2025-06-24 21:27:41,687 [analyzer] INFO: Injected into process with pid 7724 and name u'Unicorn-21486.exe'
2025-06-24 21:27:41,717 [analyzer] INFO: Injected into process with pid 7704 and name u'Unicorn-39198.exe'
2025-06-24 21:27:41,842 [analyzer] INFO: Added new file to list with pid 3268 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-35776.exe
2025-06-24 21:27:41,890 [analyzer] INFO: Injected into process with pid 7772 and name u'Unicorn-11734.exe'
2025-06-24 21:27:41,937 [analyzer] DEBUG: Loaded monitor into process with pid 7724
2025-06-24 21:27:41,953 [analyzer] DEBUG: Loaded monitor into process with pid 7704
2025-06-24 21:27:42,125 [analyzer] INFO: Injected into process with pid 7824 and name u'Unicorn-35776.exe'
2025-06-24 21:27:42,140 [analyzer] DEBUG: Loaded monitor into process with pid 7772
2025-06-24 21:27:42,203 [analyzer] INFO: Added new file to list with pid 4416 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-6088.exe
2025-06-24 21:27:42,203 [analyzer] INFO: Added new file to list with pid 3564 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-6088.exe
2025-06-24 21:27:42,358 [analyzer] DEBUG: Loaded monitor into process with pid 7824
2025-06-24 21:27:42,467 [analyzer] INFO: Added new file to list with pid 4980 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-57427.exe
2025-06-24 21:27:42,530 [analyzer] INFO: Injected into process with pid 7896 and name u'Unicorn-6088.exe'
2025-06-24 21:27:42,578 [analyzer] INFO: Added new file to list with pid 3740 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-55097.exe
2025-06-24 21:27:42,625 [analyzer] INFO: Added new file to list with pid 3992 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-16202.exe
2025-06-24 21:27:42,655 [analyzer] INFO: Added new file to list with pid 3208 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-13244.exe
2025-06-24 21:27:42,717 [analyzer] INFO: Injected into process with pid 7936 and name u'Unicorn-57427.exe'
2025-06-24 21:27:42,750 [analyzer] DEBUG: Loaded monitor into process with pid 7896
2025-06-24 21:27:42,750 [analyzer] INFO: Added new file to list with pid 904 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-52139.exe
2025-06-24 21:27:42,828 [analyzer] INFO: Injected into process with pid 7964 and name u'Unicorn-55097.exe'
2025-06-24 21:27:42,875 [analyzer] INFO: Injected into process with pid 8000 and name u'Unicorn-16202.exe'
2025-06-24 21:27:42,905 [analyzer] INFO: Injected into process with pid 8024 and name u'Unicorn-13244.exe'
2025-06-24 21:27:42,921 [analyzer] INFO: Added new file to list with pid 3304 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-9517.exe
2025-06-24 21:27:42,937 [analyzer] DEBUG: Loaded monitor into process with pid 7936
2025-06-24 21:27:42,953 [analyzer] INFO: Added new file to list with pid 3968 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-52496.exe
2025-06-24 21:27:42,983 [analyzer] INFO: Injected into process with pid 8072 and name u'Unicorn-52139.exe'
2025-06-24 21:27:43,030 [analyzer] DEBUG: Loaded monitor into process with pid 7964
2025-06-24 21:27:43,092 [analyzer] DEBUG: Loaded monitor into process with pid 8000
2025-06-24 21:27:43,108 [analyzer] INFO: Injected into process with pid 8144 and name u'Unicorn-9517.exe'
2025-06-24 21:27:43,140 [analyzer] DEBUG: Loaded monitor into process with pid 8024
2025-06-24 21:27:43,140 [analyzer] INFO: Added new file to list with pid 216 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-48631.exe
2025-06-24 21:27:43,187 [analyzer] DEBUG: Loaded monitor into process with pid 8072
2025-06-24 21:27:43,187 [analyzer] INFO: Injected into process with pid 8176 and name u'Unicorn-52496.exe'
2025-06-24 21:27:43,250 [analyzer] INFO: Added new file to list with pid 4552 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-2388.exe
2025-06-24 21:27:43,296 [analyzer] INFO: Added new file to list with pid 364 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-21683.exe
2025-06-24 21:27:43,296 [analyzer] INFO: Added new file to list with pid 3868 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-10748.exe
2025-06-24 21:27:43,342 [analyzer] DEBUG: Loaded monitor into process with pid 8144
2025-06-24 21:27:43,390 [analyzer] INFO: Added new file to list with pid 3724 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-44904.exe
2025-06-24 21:27:43,515 [analyzer] DEBUG: Loaded monitor into process with pid 8176
2025-06-24 21:27:43,530 [analyzer] INFO: Injected into process with pid 7264 and name u'Unicorn-48631.exe'
2025-06-24 21:27:43,592 [analyzer] INFO: Added new file to list with pid 4088 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-55481.exe
2025-06-24 21:27:43,640 [analyzer] INFO: Added new file to list with pid 2480 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-45796.exe
2025-06-24 21:27:43,655 [analyzer] INFO: Injected into process with pid 7356 and name u'Unicorn-2388.exe'
2025-06-24 21:27:43,671 [analyzer] INFO: Added new file to list with pid 5020 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-28838.exe
2025-06-24 21:27:43,687 [analyzer] INFO: Injected into process with pid 7404 and name u'Unicorn-21683.exe'
2025-06-24 21:27:43,703 [analyzer] INFO: Injected into process with pid 7412 and name u'Unicorn-10748.exe'
2025-06-24 21:27:43,750 [analyzer] INFO: Injected into process with pid 7580 and name u'Unicorn-44904.exe'
2025-06-24 21:27:43,796 [analyzer] DEBUG: Loaded monitor into process with pid 7264
2025-06-24 21:27:43,828 [analyzer] INFO: Added new file to list with pid 3424 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-36544.exe
2025-06-24 21:27:43,875 [analyzer] INFO: Added new file to list with pid 4364 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-53535.exe
2025-06-24 21:27:43,921 [analyzer] DEBUG: Loaded monitor into process with pid 7404
2025-06-24 21:27:43,937 [analyzer] DEBUG: Loaded monitor into process with pid 7356
2025-06-24 21:27:43,967 [analyzer] INFO: Injected into process with pid 7732 and name u'Unicorn-45796.exe'
2025-06-24 21:27:43,983 [analyzer] DEBUG: Loaded monitor into process with pid 7580
2025-06-24 21:27:43,983 [analyzer] INFO: Injected into process with pid 7640 and name u'Unicorn-55481.exe'
2025-06-24 21:27:44,000 [analyzer] DEBUG: Loaded monitor into process with pid 7412
2025-06-24 21:27:44,015 [analyzer] INFO: Injected into process with pid 7788 and name u'Unicorn-28838.exe'
2025-06-24 21:27:44,217 [analyzer] DEBUG: Loaded monitor into process with pid 7732
2025-06-24 21:27:44,217 [analyzer] INFO: Added new file to list with pid 3464 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-8303.exe
2025-06-24 21:27:44,233 [analyzer] INFO: Injected into process with pid 7952 and name u'Unicorn-36544.exe'
2025-06-24 21:27:44,250 [analyzer] INFO: Injected into process with pid 8016 and name u'Unicorn-53535.exe'
2025-06-24 21:27:44,250 [analyzer] INFO: Added new file to list with pid 3516 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-56021.exe
2025-06-24 21:27:44,265 [analyzer] DEBUG: Loaded monitor into process with pid 7788
2025-06-24 21:27:44,296 [analyzer] DEBUG: Loaded monitor into process with pid 7640
2025-06-24 21:27:44,453 [analyzer] DEBUG: Loaded monitor into process with pid 8016
2025-06-24 21:27:44,530 [analyzer] DEBUG: Loaded monitor into process with pid 7952
2025-06-24 21:27:44,625 [analyzer] INFO: Injected into process with pid 7276 and name u'Unicorn-8303.exe'
2025-06-24 21:27:44,625 [analyzer] INFO: Added new file to list with pid 3404 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-28367.exe
2025-06-24 21:27:44,655 [analyzer] INFO: Injected into process with pid 7432 and name u'Unicorn-56021.exe'
2025-06-24 21:27:44,796 [analyzer] INFO: Added new file to list with pid 3932 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-47198.exe
2025-06-24 21:27:44,890 [analyzer] DEBUG: Loaded monitor into process with pid 7276
2025-06-24 21:27:44,890 [analyzer] INFO: Added new file to list with pid 2104 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-1220.exe
2025-06-24 21:27:44,905 [analyzer] DEBUG: Loaded monitor into process with pid 7432
2025-06-24 21:27:45,171 [analyzer] INFO: Added new file to list with pid 4456 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-17510.exe
2025-06-24 21:27:45,187 [analyzer] INFO: Injected into process with pid 7544 and name u'Unicorn-28367.exe'
2025-06-24 21:27:45,280 [analyzer] INFO: Added new file to list with pid 4416 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-17047.exe
2025-06-24 21:27:45,358 [analyzer] INFO: Injected into process with pid 7760 and name u'Unicorn-47198.exe'
2025-06-24 21:27:45,375 [analyzer] INFO: Added new file to list with pid 4764 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-42206.exe
2025-06-24 21:27:45,421 [analyzer] INFO: Added new file to list with pid 3300 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-19648.exe
2025-06-24 21:27:45,421 [analyzer] INFO: Added new file to list with pid 3980 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-33383.exe
2025-06-24 21:27:45,421 [analyzer] INFO: Injected into process with pid 8020 and name u'Unicorn-1220.exe'
2025-06-24 21:27:45,437 [analyzer] DEBUG: Loaded monitor into process with pid 7544
2025-06-24 21:27:45,530 [analyzer] INFO: Added new file to list with pid 4392 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-49528.exe
2025-06-24 21:27:45,592 [analyzer] INFO: Added new file to list with pid 3524 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-57696.exe
2025-06-24 21:27:45,655 [analyzer] INFO: Injected into process with pid 7200 and name u'Unicorn-17510.exe'
2025-06-24 21:27:45,655 [analyzer] DEBUG: Loaded monitor into process with pid 7760
2025-06-24 21:27:45,687 [analyzer] INFO: Added new file to list with pid 3576 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-31053.exe
2025-06-24 21:27:45,703 [analyzer] DEBUG: Loaded monitor into process with pid 8020
2025-06-24 21:27:45,703 [analyzer] INFO: Added new file to list with pid 3548 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-8495.exe
2025-06-24 21:27:45,750 [analyzer] INFO: Injected into process with pid 7512 and name u'Unicorn-17047.exe'
2025-06-24 21:27:45,812 [analyzer] INFO: Added new file to list with pid 1176 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-58973.exe
2025-06-24 21:27:45,858 [analyzer] INFO: Injected into process with pid 7944 and name u'Unicorn-42206.exe'
2025-06-24 21:27:45,858 [analyzer] INFO: Added new file to list with pid 2624 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-18669.exe
2025-06-24 21:27:45,890 [analyzer] INFO: Injected into process with pid 7588 and name u'Unicorn-33383.exe'
2025-06-24 21:27:45,890 [analyzer] INFO: Injected into process with pid 6512 and name u'Unicorn-19648.exe'
2025-06-24 21:27:45,937 [analyzer] DEBUG: Loaded monitor into process with pid 7200
2025-06-24 21:27:45,953 [analyzer] INFO: Added new file to list with pid 2088 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-46099.exe
2025-06-24 21:27:45,983 [analyzer] INFO: Added new file to list with pid 4892 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-27624.exe
2025-06-24 21:27:45,983 [analyzer] INFO: Injected into process with pid 1560 and name u'Unicorn-49528.exe'
2025-06-24 21:27:46,030 [analyzer] DEBUG: Loaded monitor into process with pid 7512
2025-06-24 21:27:46,062 [analyzer] INFO: Injected into process with pid 1828 and name u'Unicorn-57696.exe'
2025-06-24 21:27:46,140 [analyzer] DEBUG: Loaded monitor into process with pid 7944
2025-06-24 21:27:46,155 [analyzer] DEBUG: Loaded monitor into process with pid 6512
2025-06-24 21:27:46,155 [analyzer] INFO: Injected into process with pid 8196 and name u'Unicorn-8495.exe'
2025-06-24 21:27:46,171 [analyzer] DEBUG: Loaded monitor into process with pid 7588
2025-06-24 21:27:46,171 [analyzer] INFO: Injected into process with pid 800 and name u'Unicorn-31053.exe'
2025-06-24 21:27:46,217 [analyzer] INFO: Added new file to list with pid 3480 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-13810.exe
2025-06-24 21:27:46,250 [analyzer] INFO: Added new file to list with pid 3900 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-4987.exe
2025-06-24 21:27:46,265 [analyzer] INFO: Injected into process with pid 8268 and name u'Unicorn-58973.exe'
2025-06-24 21:27:46,280 [analyzer] DEBUG: Loaded monitor into process with pid 1560
2025-06-24 21:27:46,312 [analyzer] INFO: Injected into process with pid 8304 and name u'Unicorn-18669.exe'
2025-06-24 21:27:46,342 [analyzer] INFO: Added new file to list with pid 4132 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-50204.exe
2025-06-24 21:27:46,358 [analyzer] INFO: Injected into process with pid 8352 and name u'Unicorn-46099.exe'
2025-06-24 21:27:46,390 [analyzer] DEBUG: Loaded monitor into process with pid 1828
2025-06-24 21:27:46,405 [analyzer] INFO: Injected into process with pid 8380 and name u'Unicorn-27624.exe'
2025-06-24 21:27:46,453 [analyzer] DEBUG: Loaded monitor into process with pid 8196
2025-06-24 21:27:46,515 [analyzer] DEBUG: Loaded monitor into process with pid 800
2025-06-24 21:27:46,530 [analyzer] DEBUG: Loaded monitor into process with pid 8268
2025-06-24 21:27:46,578 [analyzer] DEBUG: Loaded monitor into process with pid 8304
2025-06-24 21:27:46,578 [analyzer] INFO: Added new file to list with pid 4692 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-44345.exe
2025-06-24 21:27:46,608 [analyzer] DEBUG: Loaded monitor into process with pid 8352
2025-06-24 21:27:46,625 [analyzer] INFO: Injected into process with pid 8484 and name u'Unicorn-13810.exe'
2025-06-24 21:27:46,625 [analyzer] INFO: Added new file to list with pid 3084 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-53996.exe
2025-06-24 21:27:46,703 [analyzer] INFO: Injected into process with pid 8512 and name u'Unicorn-4987.exe'
2025-06-24 21:27:46,703 [analyzer] DEBUG: Loaded monitor into process with pid 8380
2025-06-24 21:27:46,796 [analyzer] INFO: Injected into process with pid 8564 and name u'Unicorn-50204.exe'
2025-06-24 21:27:46,937 [analyzer] DEBUG: Loaded monitor into process with pid 8484
2025-06-24 21:27:47,108 [analyzer] DEBUG: Loaded monitor into process with pid 8512
2025-06-24 21:27:47,187 [analyzer] DEBUG: Loaded monitor into process with pid 8564
2025-06-24 21:27:47,187 [analyzer] INFO: Added new file to list with pid 592 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-53089.exe
2025-06-24 21:27:47,217 [analyzer] INFO: Injected into process with pid 8656 and name u'Unicorn-44345.exe'
2025-06-24 21:27:47,265 [analyzer] INFO: Injected into process with pid 8688 and name u'Unicorn-53996.exe'
2025-06-24 21:27:47,405 [analyzer] INFO: Added new file to list with pid 3188 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-34151.exe
2025-06-24 21:27:47,530 [analyzer] DEBUG: Loaded monitor into process with pid 8656
2025-06-24 21:27:47,608 [analyzer] DEBUG: Loaded monitor into process with pid 8688
2025-06-24 21:27:47,671 [analyzer] INFO: Added new file to list with pid 3176 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-37687.exe
2025-06-24 21:27:47,703 [analyzer] INFO: Added new file to list with pid 2712 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-59748.exe
2025-06-24 21:27:47,717 [analyzer] INFO: Added new file to list with pid 3928 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-48813.exe
2025-06-24 21:27:47,812 [analyzer] INFO: Injected into process with pid 8760 and name u'Unicorn-53089.exe'
2025-06-24 21:27:47,828 [analyzer] INFO: Injected into process with pid 8768 and name u'Unicorn-53089.exe'
2025-06-24 21:27:47,858 [analyzer] INFO: Added new file to list with pid 3244 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-62383.exe
2025-06-24 21:27:47,921 [analyzer] INFO: Added new file to list with pid 1428 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-31159.exe
2025-06-24 21:27:47,921 [analyzer] INFO: Added new file to list with pid 4076 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-33959.exe
2025-06-24 21:27:48,062 [analyzer] INFO: Added new file to list with pid 3292 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-2326.exe
2025-06-24 21:27:48,078 [analyzer] INFO: Injected into process with pid 8816 and name u'Unicorn-34151.exe'
2025-06-24 21:27:48,140 [analyzer] DEBUG: Loaded monitor into process with pid 8760
2025-06-24 21:27:48,187 [analyzer] DEBUG: Loaded monitor into process with pid 8768
2025-06-24 21:27:48,280 [analyzer] INFO: Injected into process with pid 8868 and name u'Unicorn-37687.exe'
2025-06-24 21:27:48,358 [analyzer] INFO: Injected into process with pid 8876 and name u'Unicorn-59748.exe'
2025-06-24 21:27:48,358 [analyzer] INFO: Injected into process with pid 8892 and name u'Unicorn-48813.exe'
2025-06-24 21:27:48,421 [analyzer] DEBUG: Loaded monitor into process with pid 8816
2025-06-24 21:27:48,437 [analyzer] INFO: Added new file to list with pid 3360 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-1506.exe
2025-06-24 21:27:48,453 [analyzer] INFO: Injected into process with pid 8956 and name u'Unicorn-62383.exe'
2025-06-24 21:27:48,500 [analyzer] INFO: Added new file to list with pid 976 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-23368.exe
2025-06-24 21:27:48,530 [analyzer] INFO: Injected into process with pid 8972 and name u'Unicorn-31159.exe'
2025-06-24 21:27:48,530 [analyzer] INFO: Injected into process with pid 8980 and name u'Unicorn-33959.exe'
2025-06-24 21:27:48,546 [analyzer] DEBUG: Loaded monitor into process with pid 8868
2025-06-24 21:27:48,640 [analyzer] DEBUG: Loaded monitor into process with pid 8892
2025-06-24 21:27:48,671 [analyzer] DEBUG: Loaded monitor into process with pid 8876
2025-06-24 21:27:48,687 [analyzer] INFO: Injected into process with pid 9048 and name u'Unicorn-2326.exe'
2025-06-24 21:27:48,812 [analyzer] INFO: Added new file to list with pid 3276 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-11428.exe
2025-06-24 21:27:48,842 [analyzer] DEBUG: Loaded monitor into process with pid 8956
2025-06-24 21:27:48,905 [analyzer] INFO: Added new file to list with pid 2588 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-19291.exe
2025-06-24 21:27:48,905 [analyzer] INFO: Added new file to list with pid 5004 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-39082.exe
2025-06-24 21:27:48,905 [analyzer] DEBUG: Loaded monitor into process with pid 8980
2025-06-24 21:27:48,953 [analyzer] DEBUG: Loaded monitor into process with pid 8972
2025-06-24 21:27:49,030 [analyzer] DEBUG: Loaded monitor into process with pid 9048
2025-06-24 21:27:49,030 [analyzer] INFO: Added new file to list with pid 3492 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-57121.exe
2025-06-24 21:27:49,046 [analyzer] INFO: Added new file to list with pid 3540 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-22311.exe
2025-06-24 21:27:49,078 [analyzer] INFO: Added new file to list with pid 2676 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-44372.exe
2025-06-24 21:27:49,203 [analyzer] INFO: Injected into process with pid 9188 and name u'Unicorn-23368.exe'
2025-06-24 21:27:49,217 [analyzer] INFO: Injected into process with pid 9164 and name u'Unicorn-1506.exe'
2025-06-24 21:27:49,405 [analyzer] INFO: Injected into process with pid 8044 and name u'Unicorn-11428.exe'
2025-06-24 21:27:49,421 [analyzer] INFO: Injected into process with pid 8208 and name u'Unicorn-39082.exe'
2025-06-24 21:27:49,437 [analyzer] INFO: Injected into process with pid 8228 and name u'Unicorn-19291.exe'
2025-06-24 21:27:49,483 [analyzer] DEBUG: Loaded monitor into process with pid 9188
2025-06-24 21:27:49,500 [analyzer] DEBUG: Loaded monitor into process with pid 9164
2025-06-24 21:27:49,500 [analyzer] INFO: Added new file to list with pid 4492 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-60079.exe
2025-06-24 21:27:49,515 [analyzer] INFO: Injected into process with pid 8392 and name u'Unicorn-57121.exe'
2025-06-24 21:27:49,515 [analyzer] INFO: Injected into process with pid 8376 and name u'Unicorn-22311.exe'
2025-06-24 21:27:49,578 [analyzer] INFO: Injected into process with pid 8528 and name u'Unicorn-44372.exe'
2025-06-24 21:27:49,703 [analyzer] DEBUG: Loaded monitor into process with pid 8044
2025-06-24 21:27:49,733 [analyzer] DEBUG: Loaded monitor into process with pid 8208
2025-06-24 21:27:49,750 [analyzer] DEBUG: Loaded monitor into process with pid 8228
2025-06-24 21:27:49,796 [analyzer] DEBUG: Loaded monitor into process with pid 8376
2025-06-24 21:27:49,842 [analyzer] DEBUG: Loaded monitor into process with pid 8392
2025-06-24 21:27:49,890 [analyzer] DEBUG: Loaded monitor into process with pid 8528
2025-06-24 21:27:50,108 [analyzer] INFO: Injected into process with pid 8808 and name u'Unicorn-60079.exe'
2025-06-24 21:27:50,515 [analyzer] INFO: Added new file to list with pid 4936 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-25652.exe
2025-06-24 21:27:50,592 [analyzer] DEBUG: Loaded monitor into process with pid 8808
2025-06-24 21:27:50,592 [analyzer] INFO: Added new file to list with pid 5084 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-64355.exe
2025-06-24 21:27:51,108 [analyzer] INFO: Injected into process with pid 8988 and name u'Unicorn-25652.exe'
2025-06-24 21:27:51,125 [analyzer] INFO: Injected into process with pid 9028 and name u'Unicorn-64355.exe'
2025-06-24 21:27:51,155 [analyzer] INFO: Added new file to list with pid 4448 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-7562.exe
2025-06-24 21:27:51,171 [analyzer] INFO: Added new file to list with pid 3292 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-2823.exe
2025-06-24 21:27:51,437 [analyzer] DEBUG: Loaded monitor into process with pid 9028
2025-06-24 21:27:51,437 [analyzer] DEBUG: Loaded monitor into process with pid 8988
2025-06-24 21:27:51,608 [analyzer] INFO: Added new file to list with pid 4280 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-47748.exe
2025-06-24 21:27:51,671 [analyzer] INFO: Added new file to list with pid 3312 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-26971.exe
2025-06-24 21:27:51,717 [analyzer] INFO: Added new file to list with pid 3856 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-35139.exe
2025-06-24 21:27:51,765 [analyzer] INFO: Injected into process with pid 8348 and name u'Unicorn-2823.exe'
2025-06-24 21:27:51,765 [analyzer] INFO: Injected into process with pid 1808 and name u'Unicorn-7562.exe'
2025-06-24 21:27:51,780 [analyzer] INFO: Added new file to list with pid 4120 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-5424.exe
2025-06-24 21:27:51,983 [analyzer] DEBUG: Loaded monitor into process with pid 1808
2025-06-24 21:27:52,015 [analyzer] INFO: Injected into process with pid 8672 and name u'Unicorn-47748.exe'
2025-06-24 21:27:52,062 [analyzer] DEBUG: Loaded monitor into process with pid 8348
2025-06-24 21:27:52,078 [analyzer] INFO: Injected into process with pid 8756 and name u'Unicorn-26971.exe'
2025-06-24 21:27:52,092 [analyzer] INFO: Injected into process with pid 8804 and name u'Unicorn-35139.exe'
2025-06-24 21:27:52,171 [analyzer] INFO: Injected into process with pid 9040 and name u'Unicorn-5424.exe'
2025-06-24 21:27:52,233 [analyzer] INFO: Added new file to list with pid 3440 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-17240.exe
2025-06-24 21:27:52,250 [analyzer] DEBUG: Loaded monitor into process with pid 8672
2025-06-24 21:27:52,342 [analyzer] DEBUG: Loaded monitor into process with pid 8756
2025-06-24 21:27:52,390 [analyzer] DEBUG: Loaded monitor into process with pid 8804
2025-06-24 21:27:52,453 [analyzer] DEBUG: Loaded monitor into process with pid 9040
2025-06-24 21:27:52,608 [analyzer] INFO: Injected into process with pid 8944 and name u'Unicorn-17240.exe'
2025-06-24 21:27:52,905 [analyzer] DEBUG: Loaded monitor into process with pid 8944
2025-06-24 21:27:52,983 [analyzer] INFO: Added new file to list with pid 3948 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-44048.exe
2025-06-24 21:27:53,155 [analyzer] INFO: Added new file to list with pid 4304 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-26149.exe
2025-06-24 21:27:53,437 [analyzer] INFO: Added new file to list with pid 1260 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-64689.exe
2025-06-24 21:27:53,437 [analyzer] INFO: Added new file to list with pid 4608 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-14552.exe
2025-06-24 21:27:53,500 [analyzer] INFO: Added new file to list with pid 656 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-17120.exe
2025-06-24 21:27:53,750 [analyzer] INFO: Injected into process with pid 9064 and name u'Unicorn-44048.exe'
2025-06-24 21:27:53,796 [analyzer] INFO: Injected into process with pid 292 and name u'Unicorn-26149.exe'
2025-06-24 21:27:53,983 [analyzer] INFO: Injected into process with pid 9224 and name u'Unicorn-64689.exe'
2025-06-24 21:27:53,983 [analyzer] INFO: Injected into process with pid 2908 and name u'Unicorn-14552.exe'
2025-06-24 21:27:53,983 [analyzer] INFO: Injected into process with pid 9248 and name u'Unicorn-17120.exe'
2025-06-24 21:27:54,046 [analyzer] DEBUG: Loaded monitor into process with pid 9064
2025-06-24 21:27:54,092 [analyzer] DEBUG: Loaded monitor into process with pid 292
2025-06-24 21:27:54,171 [analyzer] INFO: Added new file to list with pid 4164 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-3975.exe
2025-06-24 21:27:54,203 [analyzer] DEBUG: Loaded monitor into process with pid 2908
2025-06-24 21:27:54,217 [analyzer] DEBUG: Loaded monitor into process with pid 9224
2025-06-24 21:27:54,233 [analyzer] DEBUG: Loaded monitor into process with pid 9248
2025-06-24 21:27:54,265 [analyzer] INFO: Added new file to list with pid 3716 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-8059.exe
2025-06-24 21:27:54,437 [analyzer] INFO: Added new file to list with pid 3560 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-38621.exe
2025-06-24 21:27:54,437 [analyzer] INFO: Added new file to list with pid 4588 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-32755.exe
2025-06-24 21:27:54,500 [analyzer] INFO: Added new file to list with pid 3224 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-46789.exe
2025-06-24 21:27:54,515 [analyzer] INFO: Injected into process with pid 9388 and name u'Unicorn-3975.exe'
2025-06-24 21:27:54,546 [analyzer] INFO: Added new file to list with pid 3600 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-54765.exe
2025-06-24 21:27:54,546 [analyzer] INFO: Added new file to list with pid 3168 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-48900.exe
2025-06-24 21:27:54,640 [analyzer] INFO: Injected into process with pid 9412 and name u'Unicorn-8059.exe'
2025-06-24 21:27:54,655 [analyzer] INFO: Added new file to list with pid 2848 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-31709.exe
2025-06-24 21:27:55,342 [analyzer] INFO: Added new file to list with pid 4648 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-37878.exe
2025-06-24 21:27:55,467 [analyzer] INFO: Added new file to list with pid 1364 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-44530.exe
2025-06-24 21:27:55,483 [analyzer] INFO: Added new file to list with pid 4928 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-10581.exe
2025-06-24 21:27:55,717 [analyzer] INFO: Added new file to list with pid 3268 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-48927.exe
2025-06-24 21:27:56,155 [analyzer] INFO: Added new file to list with pid 3564 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-4743.exe
2025-06-24 21:27:56,342 [analyzer] INFO: Added new file to list with pid 4980 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-60166.exe
2025-06-24 21:27:56,467 [analyzer] INFO: Added new file to list with pid 3740 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-10965.exe
2025-06-24 21:27:56,530 [analyzer] INFO: Added new file to list with pid 3992 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-53752.exe
2025-06-24 21:27:56,562 [analyzer] INFO: Added new file to list with pid 3208 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-12057.exe
2025-06-24 21:27:56,592 [analyzer] INFO: Added new file to list with pid 904 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-24309.exe
2025-06-24 21:27:56,733 [analyzer] INFO: Added new file to list with pid 3304 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-49311.exe
2025-06-24 21:27:56,842 [analyzer] INFO: Added new file to list with pid 3968 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-302.exe
2025-06-24 21:27:57,078 [analyzer] INFO: Added new file to list with pid 216 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-59696.exe
2025-06-24 21:27:57,233 [analyzer] INFO: Added new file to list with pid 4552 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-44022.exe
2025-06-24 21:27:57,250 [analyzer] INFO: Added new file to list with pid 364 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-20602.exe
2025-06-24 21:27:57,250 [analyzer] INFO: Added new file to list with pid 3868 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-39938.exe
2025-06-24 21:27:57,328 [analyzer] INFO: Added new file to list with pid 3724 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-35689.exe
2025-06-24 21:27:57,515 [analyzer] INFO: Added new file to list with pid 2480 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-17055.exe
2025-06-24 21:27:57,530 [analyzer] INFO: Added new file to list with pid 4088 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-50052.exe
2025-06-24 21:27:57,562 [analyzer] INFO: Added new file to list with pid 5020 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-15241.exe
2025-06-24 21:27:57,812 [analyzer] INFO: Added new file to list with pid 3424 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-53971.exe
2025-06-24 21:27:57,875 [analyzer] INFO: Added new file to list with pid 4364 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-25547.exe
2025-06-24 21:27:58,233 [analyzer] INFO: Added new file to list with pid 3464 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-15460.exe
2025-06-24 21:27:58,296 [analyzer] INFO: Added new file to list with pid 3516 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-52766.exe
2025-06-24 21:27:58,765 [analyzer] INFO: Added new file to list with pid 3404 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-19047.exe
2025-06-24 21:27:58,890 [analyzer] INFO: Added new file to list with pid 3932 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-44049.exe
2025-06-24 21:27:59,015 [analyzer] INFO: Added new file to list with pid 2104 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-5187.exe
2025-06-24 21:27:59,217 [analyzer] INFO: Added new file to list with pid 4456 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-9979.exe
2025-06-24 21:27:59,390 [analyzer] INFO: Added new file to list with pid 4416 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-54931.exe
2025-06-24 21:27:59,467 [analyzer] INFO: Added new file to list with pid 4764 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-17982.exe
2025-06-24 21:27:59,467 [analyzer] INFO: Added new file to list with pid 4764 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-12117.exe
2025-06-24 21:27:59,467 [analyzer] INFO: Added new file to list with pid 3300 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-12117.exe
2025-06-24 21:27:59,546 [analyzer] INFO: Added new file to list with pid 4392 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-56685.exe
2025-06-24 21:27:59,625 [analyzer] INFO: Added new file to list with pid 3524 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-30043.exe
2025-06-24 21:27:59,750 [analyzer] INFO: Added new file to list with pid 3548 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-15652.exe
2025-06-24 21:27:59,765 [analyzer] INFO: Added new file to list with pid 3576 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-28097.exe
2025-06-24 21:27:59,812 [analyzer] INFO: Added new file to list with pid 1176 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-46604.exe
2025-06-24 21:27:59,875 [analyzer] INFO: Added new file to list with pid 2624 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-2515.exe
2025-06-24 21:27:59,937 [analyzer] INFO: Added new file to list with pid 2088 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-34483.exe
2025-06-24 21:27:59,983 [analyzer] INFO: Added new file to list with pid 4892 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-11925.exe
2025-06-24 21:28:00,217 [analyzer] INFO: Added new file to list with pid 3480 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-32885.exe
2025-06-24 21:28:00,312 [analyzer] INFO: Added new file to list with pid 3900 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-43027.exe
2025-06-24 21:28:00,328 [analyzer] INFO: Added new file to list with pid 4132 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-4952.exe
2025-06-24 21:28:00,780 [analyzer] INFO: Added new file to list with pid 4692 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-41054.exe
2025-06-24 21:28:00,796 [analyzer] INFO: Added new file to list with pid 3084 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-12108.exe
2025-06-24 21:28:01,390 [analyzer] INFO: Added new file to list with pid 4792 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-27239.exe
2025-06-24 21:28:01,390 [analyzer] INFO: Added new file to list with pid 592 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-27239.exe
2025-06-24 21:28:01,687 [analyzer] INFO: Added new file to list with pid 3188 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-61501.exe
2025-06-24 21:28:01,796 [analyzer] INFO: Added new file to list with pid 3176 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-34553.exe
2025-06-24 21:28:01,953 [analyzer] INFO: Added new file to list with pid 3928 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-53690.exe
2025-06-24 21:28:02,015 [analyzer] INFO: Added new file to list with pid 2712 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-24624.exe
2025-06-24 21:28:02,030 [analyzer] INFO: Added new file to list with pid 3244 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-6349.exe
2025-06-24 21:28:02,155 [analyzer] INFO: Added new file to list with pid 1428 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-59435.exe
2025-06-24 21:28:02,171 [analyzer] INFO: Added new file to list with pid 4076 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-624.exe
2025-06-24 21:28:02,280 [analyzer] INFO: Added new file to list with pid 2976 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-29569.exe
2025-06-24 21:28:02,546 [analyzer] INFO: Added new file to list with pid 4764 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-14822.exe
2025-06-24 21:28:02,828 [analyzer] INFO: Added new file to list with pid 3360 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-34937.exe
2025-06-24 21:28:02,828 [analyzer] INFO: Added new file to list with pid 976 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-35468.exe
2025-06-24 21:28:02,967 [analyzer] INFO: Added new file to list with pid 3276 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-63526.exe
2025-06-24 21:28:02,967 [analyzer] INFO: Added new file to list with pid 5004 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-789.exe
2025-06-24 21:28:03,030 [analyzer] INFO: Added new file to list with pid 2588 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-55735.exe
2025-06-24 21:28:03,078 [analyzer] INFO: Added new file to list with pid 3540 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-49712.exe
2025-06-24 21:28:03,078 [analyzer] INFO: Added new file to list with pid 3492 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-49712.exe
2025-06-24 21:28:03,140 [analyzer] INFO: Added new file to list with pid 2676 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-41344.exe
2025-06-24 21:28:03,687 [analyzer] INFO: Added new file to list with pid 4492 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-21593.exe
2025-06-24 21:28:04,421 [analyzer] INFO: Added new file to list with pid 4792 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-30173.exe
2025-06-24 21:28:04,640 [analyzer] INFO: Added new file to list with pid 4936 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-26061.exe
2025-06-24 21:28:04,703 [analyzer] INFO: Added new file to list with pid 5084 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-3503.exe
2025-06-24 21:28:05,342 [analyzer] INFO: Added new file to list with pid 3292 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-26473.exe
2025-06-24 21:28:05,358 [analyzer] INFO: Added new file to list with pid 4448 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-16523.exe
2025-06-24 21:28:05,703 [analyzer] INFO: Added new file to list with pid 3856 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-19561.exe
2025-06-24 21:28:05,703 [analyzer] INFO: Added new file to list with pid 4280 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-28227.exe
2025-06-24 21:28:05,750 [analyzer] INFO: Added new file to list with pid 3312 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-1087.exe
2025-06-24 21:28:05,858 [analyzer] INFO: Added new file to list with pid 4120 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-42974.exe
2025-06-24 21:28:06,155 [analyzer] INFO: Added new file to list with pid 3540 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-7686.exe
2025-06-24 21:28:06,187 [analyzer] INFO: Added new file to list with pid 3440 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-20137.exe
2025-06-24 21:28:07,328 [analyzer] INFO: Added new file to list with pid 3948 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-27241.exe
2025-06-24 21:28:07,390 [analyzer] INFO: Added new file to list with pid 4304 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-53883.exe
2025-06-24 21:28:07,546 [analyzer] INFO: Added new file to list with pid 1260 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-16668.exe
2025-06-24 21:28:07,578 [analyzer] INFO: Added new file to list with pid 656 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-51586.exe
2025-06-24 21:28:07,578 [analyzer] INFO: Added new file to list with pid 4608 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-53856.exe
2025-06-24 21:28:08,046 [analyzer] INFO: Added new file to list with pid 3384 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-39380.exe
2025-06-24 21:28:08,125 [analyzer] INFO: Added new file to list with pid 4164 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-25487.exe
2025-06-24 21:28:08,250 [analyzer] INFO: Added new file to list with pid 3716 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-7012.exe
2025-06-24 21:30:16,717 [analyzer] INFO: Analysis timeout hit, terminating analysis.
2025-06-24 21:30:49,921 [analyzer] INFO: Terminating remaining processes before shutdown.
2025-06-24 21:30:49,921 [lib.api.process] INFO: Successfully terminated process with pid 1260.
2025-06-24 21:30:49,921 [lib.api.process] INFO: Successfully terminated process with pid 2624.
2025-06-24 21:30:49,921 [lib.api.process] INFO: Successfully terminated process with pid 1176.
2025-06-24 21:30:49,921 [lib.api.process] INFO: Successfully terminated process with pid 2104.
2025-06-24 21:30:49,921 [lib.api.process] INFO: Successfully terminated process with pid 976.
2025-06-24 21:30:49,921 [lib.api.process] INFO: Successfully terminated process with pid 1364.
2025-06-24 21:30:49,921 [lib.api.process] INFO: Successfully terminated process with pid 364.
2025-06-24 21:30:49,921 [lib.api.process] INFO: Successfully terminated process with pid 2480.
2025-06-24 21:30:49,921 [lib.api.process] INFO: Successfully terminated process with pid 2676.
2025-06-24 21:30:49,921 [lib.api.process] INFO: Successfully terminated process with pid 904.
2025-06-24 21:30:49,921 [lib.api.process] INFO: Successfully terminated process with pid 216.
2025-06-24 21:30:49,921 [lib.api.process] INFO: Successfully terminated process with pid 656.
2025-06-24 21:30:49,921 [lib.api.process] INFO: Successfully terminated process with pid 2712.
2025-06-24 21:30:49,921 [lib.api.process] INFO: Successfully terminated process with pid 1428.
2025-06-24 21:30:49,921 [lib.api.process] INFO: Successfully terminated process with pid 2588.
2025-06-24 21:30:49,921 [lib.api.process] INFO: Successfully terminated process with pid 2848.
2025-06-24 21:30:49,921 [lib.api.process] INFO: Successfully terminated process with pid 3176.
2025-06-24 21:30:49,921 [lib.api.process] INFO: Successfully terminated process with pid 3208.
2025-06-24 21:30:49,921 [lib.api.process] INFO: Successfully terminated process with pid 3244.
2025-06-24 21:30:49,937 [lib.api.process] INFO: Successfully terminated process with pid 3276.
2025-06-24 21:30:49,937 [lib.api.process] INFO: Successfully terminated process with pid 3312.
2025-06-24 21:30:49,937 [lib.api.process] INFO: Successfully terminated process with pid 3360.
2025-06-24 21:30:49,937 [lib.api.process] INFO: Successfully terminated process with pid 3384.
2025-06-24 21:30:49,937 [lib.api.process] INFO: Successfully terminated process with pid 3404.
2025-06-24 21:30:49,937 [lib.api.process] INFO: Successfully terminated process with pid 3424.
2025-06-24 21:30:49,937 [lib.api.process] INFO: Successfully terminated process with pid 3464.
2025-06-24 21:30:49,937 [lib.api.process] INFO: Successfully terminated process with pid 3524.
2025-06-24 21:30:49,937 [lib.api.process] INFO: Successfully terminated process with pid 3492.
2025-06-24 21:30:49,937 [lib.api.process] INFO: Successfully terminated process with pid 3548.
2025-06-24 21:30:49,937 [lib.api.process] INFO: Successfully terminated process with pid 3540.
2025-06-24 21:30:49,937 [lib.api.process] INFO: Successfully terminated process with pid 3576.
2025-06-24 21:30:49,937 [lib.api.process] INFO: Successfully terminated process with pid 3856.
2025-06-24 21:30:49,937 [lib.api.process] INFO: Successfully terminated process with pid 3900.
2025-06-24 21:30:49,937 [lib.api.process] INFO: Successfully terminated process with pid 3932.
2025-06-24 21:30:49,937 [lib.api.process] INFO: Successfully terminated process with pid 3968.
2025-06-24 21:30:49,937 [lib.api.process] INFO: Successfully terminated process with pid 3980.
2025-06-24 21:30:49,937 [lib.api.process] INFO: Successfully terminated process with pid 4076.
2025-06-24 21:30:49,937 [lib.api.process] INFO: Successfully terminated process with pid 3084.
2025-06-24 21:30:49,937 [lib.api.process] INFO: Successfully terminated process with pid 3188.
2025-06-24 21:30:49,937 [lib.api.process] INFO: Successfully terminated process with pid 3268.
2025-06-24 21:30:49,937 [lib.api.process] INFO: Successfully terminated process with pid 3304.
2025-06-24 21:30:49,937 [lib.api.process] INFO: Successfully terminated process with pid 3440.
2025-06-24 21:30:49,937 [lib.api.process] INFO: Successfully terminated process with pid 3560.
2025-06-24 21:30:49,937 [lib.api.process] INFO: Successfully terminated process with pid 3600.
2025-06-24 21:30:49,937 [lib.api.process] INFO: Successfully terminated process with pid 3716.
2025-06-24 21:30:49,953 [lib.api.process] INFO: Successfully terminated process with pid 3740.
2025-06-24 21:30:49,953 [lib.api.process] INFO: Successfully terminated process with pid 2088.
2025-06-24 21:30:49,953 [lib.api.process] INFO: Successfully terminated process with pid 3868.
2025-06-24 21:30:49,953 [lib.api.process] INFO: Successfully terminated process with pid 3928.
2025-06-24 21:30:49,953 [lib.api.process] INFO: Successfully terminated process with pid 3992.
2025-06-24 21:30:49,953 [lib.api.process] INFO: Successfully terminated process with pid 2976.
2025-06-24 21:30:49,953 [lib.api.process] INFO: Successfully terminated process with pid 3168.
2025-06-24 21:30:49,953 [lib.api.process] INFO: Successfully terminated process with pid 3300.
2025-06-24 21:30:49,953 [lib.api.process] INFO: Successfully terminated process with pid 3480.
2025-06-24 21:30:49,953 [lib.api.process] INFO: Successfully terminated process with pid 3564.
2025-06-24 21:30:49,953 [lib.api.process] INFO: Successfully terminated process with pid 3724.
2025-06-24 21:30:49,953 [lib.api.process] INFO: Successfully terminated process with pid 3948.
2025-06-24 21:30:49,953 [lib.api.process] INFO: Successfully terminated process with pid 3224.
2025-06-24 21:30:49,953 [lib.api.process] INFO: Successfully terminated process with pid 3516.
2025-06-24 21:30:49,953 [lib.api.process] INFO: Successfully terminated process with pid 3292.
2025-06-24 21:30:49,953 [lib.api.process] INFO: Successfully terminated process with pid 4088.
2025-06-24 21:30:49,953 [lib.api.process] INFO: Successfully terminated process with pid 592.
2025-06-24 21:30:49,953 [lib.api.process] INFO: Successfully terminated process with pid 4280.
2025-06-24 21:30:49,953 [lib.api.process] INFO: Successfully terminated process with pid 4304.
2025-06-24 21:30:49,953 [lib.api.process] INFO: Successfully terminated process with pid 4364.
2025-06-24 21:30:49,953 [lib.api.process] INFO: Successfully terminated process with pid 4392.
2025-06-24 21:30:49,953 [lib.api.process] INFO: Successfully terminated process with pid 4416.
2025-06-24 21:30:49,953 [lib.api.process] INFO: Successfully terminated process with pid 4448.
2025-06-24 21:30:49,967 [lib.api.process] INFO: Successfully terminated process with pid 4456.
2025-06-24 21:30:49,967 [lib.api.process] INFO: Successfully terminated process with pid 4492.
2025-06-24 21:30:49,967 [lib.api.process] INFO: Successfully terminated process with pid 4536.
2025-06-24 21:30:49,967 [lib.api.process] INFO: Successfully terminated process with pid 4552.
2025-06-24 21:30:49,967 [lib.api.process] INFO: Successfully terminated process with pid 4648.
2025-06-24 21:30:49,967 [lib.api.process] INFO: Successfully terminated process with pid 4692.
2025-06-24 21:30:49,967 [lib.api.process] INFO: Successfully terminated process with pid 4764.
2025-06-24 21:30:49,967 [lib.api.process] INFO: Successfully terminated process with pid 4792.
2025-06-24 21:30:49,967 [lib.api.process] INFO: Successfully terminated process with pid 4892.
2025-06-24 21:30:49,967 [lib.api.process] INFO: Successfully terminated process with pid 4928.
2025-06-24 21:30:49,967 [lib.api.process] INFO: Successfully terminated process with pid 4936.
2025-06-24 21:30:49,967 [lib.api.process] INFO: Successfully terminated process with pid 4980.
2025-06-24 21:30:49,967 [lib.api.process] INFO: Successfully terminated process with pid 5004.
2025-06-24 21:30:49,967 [lib.api.process] INFO: Successfully terminated process with pid 5020.
2025-06-24 21:30:49,967 [lib.api.process] INFO: Successfully terminated process with pid 5084.
2025-06-24 21:30:49,967 [lib.api.process] INFO: Successfully terminated process with pid 4120.
2025-06-24 21:30:49,967 [lib.api.process] INFO: Successfully terminated process with pid 4164.
2025-06-24 21:30:49,967 [lib.api.process] INFO: Successfully terminated process with pid 4408.
2025-06-24 21:30:49,983 [lib.api.process] INFO: Successfully terminated process with pid 4588.
2025-06-24 21:30:49,983 [lib.api.process] INFO: Successfully terminated process with pid 4608.
2025-06-24 21:30:49,983 [lib.api.process] INFO: Successfully terminated process with pid 4132.
2025-06-24 21:30:49,983 [lib.api.process] INFO: Successfully terminated process with pid 4316.
2025-06-24 21:30:49,983 [lib.api.process] INFO: Successfully terminated process with pid 4508.
2025-06-24 21:30:49,983 [lib.api.process] INFO: Successfully terminated process with pid 3172.
2025-06-24 21:30:49,983 [lib.api.process] INFO: Successfully terminated process with pid 4684.
2025-06-24 21:30:49,983 [lib.api.process] INFO: Successfully terminated process with pid 4568.
2025-06-24 21:30:49,983 [lib.api.process] INFO: Successfully terminated process with pid 4412.
2025-06-24 21:30:49,983 [lib.api.process] INFO: Successfully terminated process with pid 5148.
2025-06-24 21:30:49,983 [lib.api.process] INFO: Successfully terminated process with pid 5212.
2025-06-24 21:30:49,983 [lib.api.process] INFO: Successfully terminated process with pid 5244.
2025-06-24 21:30:49,983 [lib.api.process] INFO: Successfully terminated process with pid 5252.
2025-06-24 21:30:49,983 [lib.api.process] INFO: Successfully terminated process with pid 5288.
2025-06-24 21:30:49,983 [lib.api.process] INFO: Successfully terminated process with pid 5340.
2025-06-24 21:30:49,983 [lib.api.process] INFO: Successfully terminated process with pid 5408.
2025-06-24 21:30:49,983 [lib.api.process] INFO: Successfully terminated process with pid 5444.
2025-06-24 21:30:49,983 [lib.api.process] INFO: Successfully terminated process with pid 5484.
2025-06-24 21:30:49,983 [lib.api.process] INFO: Successfully terminated process with pid 5524.
2025-06-24 21:30:50,000 [lib.api.process] INFO: Successfully terminated process with pid 5608.
2025-06-24 21:30:50,000 [lib.api.process] INFO: Successfully terminated process with pid 5656.
2025-06-24 21:30:50,000 [lib.api.process] INFO: Successfully terminated process with pid 5696.
2025-06-24 21:30:50,000 [lib.api.process] INFO: Successfully terminated process with pid 5740.
2025-06-24 21:30:50,000 [lib.api.process] INFO: Successfully terminated process with pid 5756.
2025-06-24 21:30:50,000 [lib.api.process] INFO: Successfully terminated process with pid 5808.
2025-06-24 21:30:50,000 [lib.api.process] INFO: Successfully terminated process with pid 5864.
2025-06-24 21:30:50,000 [lib.api.process] INFO: Successfully terminated process with pid 5884.
2025-06-24 21:30:50,000 [lib.api.process] INFO: Successfully terminated process with pid 5928.
2025-06-24 21:30:50,000 [lib.api.process] INFO: Successfully terminated process with pid 5972.
2025-06-24 21:30:50,000 [lib.api.process] INFO: Successfully terminated process with pid 6020.
2025-06-24 21:30:50,000 [lib.api.process] INFO: Successfully terminated process with pid 6060.
2025-06-24 21:30:50,000 [lib.api.process] INFO: Successfully terminated process with pid 6092.
2025-06-24 21:30:50,000 [lib.api.process] INFO: Successfully terminated process with pid 6124.
2025-06-24 21:30:50,000 [lib.api.process] INFO: Successfully terminated process with pid 5132.
2025-06-24 21:30:50,000 [lib.api.process] INFO: Successfully terminated process with pid 5268.
2025-06-24 21:30:50,000 [lib.api.process] INFO: Successfully terminated process with pid 5420.
2025-06-24 21:30:50,000 [lib.api.process] INFO: Successfully terminated process with pid 5516.
2025-06-24 21:30:50,000 [lib.api.process] INFO: Successfully terminated process with pid 5572.
2025-06-24 21:30:50,000 [lib.api.process] INFO: Successfully terminated process with pid 5720.
2025-06-24 21:30:50,000 [lib.api.process] INFO: Successfully terminated process with pid 5728.
2025-06-24 21:30:50,000 [lib.api.process] INFO: Successfully terminated process with pid 5920.
2025-06-24 21:30:50,000 [lib.api.process] INFO: Successfully terminated process with pid 5916.
2025-06-24 21:30:50,000 [lib.api.process] INFO: Successfully terminated process with pid 5172.
2025-06-24 21:30:50,000 [lib.api.process] INFO: Successfully terminated process with pid 5308.
2025-06-24 21:30:50,015 [lib.api.process] INFO: Successfully terminated process with pid 5460.
2025-06-24 21:30:50,015 [lib.api.process] INFO: Successfully terminated process with pid 5732.
2025-06-24 21:30:50,015 [lib.api.process] INFO: Successfully terminated process with pid 6000.
2025-06-24 21:30:50,015 [lib.api.process] INFO: Successfully terminated process with pid 6120.
2025-06-24 21:30:50,015 [lib.api.process] INFO: Successfully terminated process with pid 5368.
2025-06-24 21:30:50,015 [lib.api.process] INFO: Successfully terminated process with pid 5404.
2025-06-24 21:30:50,015 [lib.api.process] INFO: Successfully terminated process with pid 5772.
2025-06-24 21:30:50,015 [lib.api.process] INFO: Successfully terminated process with pid 5500.
2025-06-24 21:30:50,015 [lib.api.process] INFO: Successfully terminated process with pid 6168.
2025-06-24 21:30:50,015 [lib.api.process] INFO: Successfully terminated process with pid 6200.
2025-06-24 21:30:50,015 [lib.api.process] INFO: Successfully terminated process with pid 6244.
2025-06-24 21:30:50,015 [lib.api.process] INFO: Successfully terminated process with pid 6276.
2025-06-24 21:30:50,015 [lib.api.process] INFO: Successfully terminated process with pid 6332.
2025-06-24 21:30:50,015 [lib.api.process] INFO: Successfully terminated process with pid 6364.
2025-06-24 21:30:50,015 [lib.api.process] INFO: Successfully terminated process with pid 6460.
2025-06-24 21:30:50,015 [lib.api.process] INFO: Successfully terminated process with pid 6472.
2025-06-24 21:30:50,015 [lib.api.process] INFO: Successfully terminated process with pid 6576.
2025-06-24 21:30:50,015 [lib.api.process] INFO: Successfully terminated process with pid 6584.
2025-06-24 21:30:50,015 [lib.api.process] INFO: Successfully terminated process with pid 6692.
2025-06-24 21:30:50,015 [lib.api.process] INFO: Successfully terminated process with pid 6700.
2025-06-24 21:30:50,015 [lib.api.process] INFO: Successfully terminated process with pid 6744.
2025-06-24 21:30:50,015 [lib.api.process] INFO: Successfully terminated process with pid 6804.
2025-06-24 21:30:50,030 [lib.api.process] INFO: Successfully terminated process with pid 6812.
2025-06-24 21:30:50,030 [lib.api.process] INFO: Successfully terminated process with pid 6860.
2025-06-24 21:30:50,030 [lib.api.process] INFO: Successfully terminated process with pid 6912.
2025-06-24 21:30:50,030 [lib.api.process] INFO: Successfully terminated process with pid 6936.
2025-06-24 21:30:50,030 [lib.api.process] INFO: Successfully terminated process with pid 6992.
2025-06-24 21:30:50,030 [lib.api.process] INFO: Successfully terminated process with pid 7032.
2025-06-24 21:30:50,030 [lib.api.process] INFO: Successfully terminated process with pid 7084.
2025-06-24 21:30:50,030 [lib.api.process] INFO: Successfully terminated process with pid 5828.
2025-06-24 21:30:50,030 [lib.api.process] INFO: Successfully terminated process with pid 5372.
2025-06-24 21:30:50,030 [lib.api.process] INFO: Successfully terminated process with pid 6316.
2025-06-24 21:30:50,030 [lib.api.process] INFO: Successfully terminated process with pid 6388.
2025-06-24 21:30:50,030 [lib.api.process] INFO: Successfully terminated process with pid 6524.
2025-06-24 21:30:50,030 [lib.api.process] INFO: Successfully terminated process with pid 6560.
2025-06-24 21:30:50,030 [lib.api.process] INFO: Successfully terminated process with pid 6608.
2025-06-24 21:30:50,030 [lib.api.process] INFO: Successfully terminated process with pid 6728.
2025-06-24 21:30:50,030 [lib.api.process] INFO: Successfully terminated process with pid 6900.
2025-06-24 21:30:50,030 [lib.api.process] INFO: Successfully terminated process with pid 7104.
2025-06-24 21:30:50,030 [lib.api.process] INFO: Successfully terminated process with pid 6152.
2025-06-24 21:30:50,030 [lib.api.process] INFO: Successfully terminated process with pid 6360.
2025-06-24 21:30:50,030 [lib.api.process] INFO: Successfully terminated process with pid 6684.
2025-06-24 21:30:50,030 [lib.api.process] INFO: Successfully terminated process with pid 1840.
2025-06-24 21:30:50,030 [lib.api.process] INFO: Successfully terminated process with pid 6784.
2025-06-24 21:30:50,030 [lib.api.process] INFO: Successfully terminated process with pid 2880.
2025-06-24 21:30:50,030 [lib.api.process] INFO: Successfully terminated process with pid 6732.
2025-06-24 21:30:50,030 [lib.api.process] INFO: Successfully terminated process with pid 5228.
2025-06-24 21:30:50,030 [lib.api.process] INFO: Successfully terminated process with pid 6976.
2025-06-24 21:30:50,030 [lib.api.process] INFO: Successfully terminated process with pid 6296.
2025-06-24 21:30:50,046 [lib.api.process] INFO: Successfully terminated process with pid 7172.
2025-06-24 21:30:50,046 [lib.api.process] INFO: Successfully terminated process with pid 7216.
2025-06-24 21:30:50,046 [lib.api.process] INFO: Successfully terminated process with pid 7312.
2025-06-24 21:30:50,046 [lib.api.process] INFO: Successfully terminated process with pid 7336.
2025-06-24 21:30:50,046 [lib.api.process] INFO: Successfully terminated process with pid 7368.
2025-06-24 21:30:50,046 [lib.api.process] INFO: Successfully terminated process with pid 7376.
2025-06-24 21:30:50,046 [lib.api.process] INFO: Successfully terminated process with pid 7384.
2025-06-24 21:30:50,046 [lib.api.process] INFO: Successfully terminated process with pid 7416.
2025-06-24 21:30:50,046 [lib.api.process] INFO: Successfully terminated process with pid 7516.
2025-06-24 21:30:50,046 [lib.api.process] INFO: Successfully terminated process with pid 7524.
2025-06-24 21:30:50,046 [lib.api.process] INFO: Successfully terminated process with pid 7532.
2025-06-24 21:30:50,046 [lib.api.process] INFO: Successfully terminated process with pid 7704.
2025-06-24 21:30:50,046 [lib.api.process] INFO: Successfully terminated process with pid 7724.
2025-06-24 21:30:50,046 [lib.api.process] INFO: Successfully terminated process with pid 7772.
2025-06-24 21:30:50,046 [lib.api.process] INFO: Successfully terminated process with pid 7824.
2025-06-24 21:30:50,046 [lib.api.process] INFO: Successfully terminated process with pid 7896.
2025-06-24 21:30:50,046 [lib.api.process] INFO: Successfully terminated process with pid 7936.
2025-06-24 21:30:50,046 [lib.api.process] INFO: Successfully terminated process with pid 7964.
2025-06-24 21:30:50,046 [lib.api.process] INFO: Successfully terminated process with pid 8000.
2025-06-24 21:30:50,046 [lib.api.process] INFO: Successfully terminated process with pid 8024.
2025-06-24 21:30:50,046 [lib.api.process] INFO: Successfully terminated process with pid 8072.
2025-06-24 21:30:50,046 [lib.api.process] INFO: Successfully terminated process with pid 8144.
2025-06-24 21:30:50,046 [lib.api.process] INFO: Successfully terminated process with pid 8176.
2025-06-24 21:30:50,046 [lib.api.process] INFO: Successfully terminated process with pid 7264.
2025-06-24 21:30:50,046 [lib.api.process] INFO: Successfully terminated process with pid 7356.
2025-06-24 21:30:50,062 [lib.api.process] INFO: Successfully terminated process with pid 7404.
2025-06-24 21:30:50,062 [lib.api.process] INFO: Successfully terminated process with pid 7412.
2025-06-24 21:30:50,062 [lib.api.process] INFO: Successfully terminated process with pid 7580.
2025-06-24 21:30:50,062 [lib.api.process] INFO: Successfully terminated process with pid 7640.
2025-06-24 21:30:50,062 [lib.api.process] INFO: Successfully terminated process with pid 7732.
2025-06-24 21:30:50,062 [lib.api.process] INFO: Successfully terminated process with pid 7788.
2025-06-24 21:30:50,062 [lib.api.process] INFO: Successfully terminated process with pid 7952.
2025-06-24 21:30:50,062 [lib.api.process] INFO: Successfully terminated process with pid 8016.
2025-06-24 21:30:50,062 [lib.api.process] INFO: Successfully terminated process with pid 7276.
2025-06-24 21:30:50,062 [lib.api.process] INFO: Successfully terminated process with pid 7432.
2025-06-24 21:30:50,062 [lib.api.process] INFO: Successfully terminated process with pid 7544.
2025-06-24 21:30:50,062 [lib.api.process] INFO: Successfully terminated process with pid 7760.
2025-06-24 21:30:50,062 [lib.api.process] INFO: Successfully terminated process with pid 8020.
2025-06-24 21:30:50,062 [lib.api.process] INFO: Successfully terminated process with pid 7200.
2025-06-24 21:30:50,062 [lib.api.process] INFO: Successfully terminated process with pid 7512.
2025-06-24 21:30:50,062 [lib.api.process] INFO: Successfully terminated process with pid 7944.
2025-06-24 21:30:50,062 [lib.api.process] INFO: Successfully terminated process with pid 7588.
2025-06-24 21:30:50,062 [lib.api.process] INFO: Successfully terminated process with pid 6512.
2025-06-24 21:30:50,062 [lib.api.process] INFO: Successfully terminated process with pid 1560.
2025-06-24 21:30:50,062 [lib.api.process] INFO: Successfully terminated process with pid 1828.
2025-06-24 21:30:50,062 [lib.api.process] INFO: Successfully terminated process with pid 800.
2025-06-24 21:30:50,062 [lib.api.process] INFO: Successfully terminated process with pid 8196.
2025-06-24 21:30:50,062 [lib.api.process] INFO: Successfully terminated process with pid 8268.
2025-06-24 21:30:50,062 [lib.api.process] INFO: Successfully terminated process with pid 8304.
2025-06-24 21:30:50,062 [lib.api.process] INFO: Successfully terminated process with pid 8352.
2025-06-24 21:30:50,078 [lib.api.process] INFO: Successfully terminated process with pid 8380.
2025-06-24 21:30:50,078 [lib.api.process] INFO: Successfully terminated process with pid 8484.
2025-06-24 21:30:50,078 [lib.api.process] INFO: Successfully terminated process with pid 8512.
2025-06-24 21:30:50,078 [lib.api.process] INFO: Successfully terminated process with pid 8564.
2025-06-24 21:30:50,078 [lib.api.process] INFO: Successfully terminated process with pid 8656.
2025-06-24 21:30:50,078 [lib.api.process] INFO: Successfully terminated process with pid 8688.
2025-06-24 21:30:50,078 [lib.api.process] INFO: Successfully terminated process with pid 8768.
2025-06-24 21:30:50,078 [lib.api.process] INFO: Successfully terminated process with pid 8760.
2025-06-24 21:30:50,078 [lib.api.process] INFO: Successfully terminated process with pid 8816.
2025-06-24 21:30:50,078 [lib.api.process] INFO: Successfully terminated process with pid 8868.
2025-06-24 21:30:50,078 [lib.api.process] INFO: Successfully terminated process with pid 8892.
2025-06-24 21:30:50,078 [lib.api.process] INFO: Successfully terminated process with pid 8876.
2025-06-24 21:30:50,078 [lib.api.process] INFO: Successfully terminated process with pid 8956.
2025-06-24 21:30:50,078 [lib.api.process] INFO: Successfully terminated process with pid 8980.
2025-06-24 21:30:50,078 [lib.api.process] INFO: Successfully terminated process with pid 8972.
2025-06-24 21:30:50,078 [lib.api.process] INFO: Successfully terminated process with pid 9048.
2025-06-24 21:30:50,078 [lib.api.process] INFO: Successfully terminated process with pid 9164.
2025-06-24 21:30:50,078 [lib.api.process] INFO: Successfully terminated process with pid 9188.
2025-06-24 21:30:50,078 [lib.api.process] INFO: Successfully terminated process with pid 8044.
2025-06-24 21:30:50,078 [lib.api.process] INFO: Successfully terminated process with pid 8228.
2025-06-24 21:30:50,078 [lib.api.process] INFO: Successfully terminated process with pid 8208.
2025-06-24 21:30:50,078 [lib.api.process] INFO: Successfully terminated process with pid 8392.
2025-06-24 21:30:50,078 [lib.api.process] INFO: Successfully terminated process with pid 8376.
2025-06-24 21:30:50,078 [lib.api.process] INFO: Successfully terminated process with pid 8528.
2025-06-24 21:30:50,092 [lib.api.process] INFO: Successfully terminated process with pid 8808.
2025-06-24 21:30:50,092 [lib.api.process] INFO: Successfully terminated process with pid 8988.
2025-06-24 21:30:50,092 [lib.api.process] INFO: Successfully terminated process with pid 9028.
2025-06-24 21:30:50,092 [lib.api.process] INFO: Successfully terminated process with pid 1808.
2025-06-24 21:30:50,092 [lib.api.process] INFO: Successfully terminated process with pid 8348.
2025-06-24 21:30:50,092 [lib.api.process] INFO: Successfully terminated process with pid 8672.
2025-06-24 21:30:50,092 [lib.api.process] INFO: Successfully terminated process with pid 8756.
2025-06-24 21:30:50,092 [lib.api.process] INFO: Successfully terminated process with pid 8804.
2025-06-24 21:30:50,092 [lib.api.process] INFO: Successfully terminated process with pid 9040.
2025-06-24 21:30:50,092 [lib.api.process] INFO: Successfully terminated process with pid 8944.
2025-06-24 21:30:50,092 [lib.api.process] INFO: Successfully terminated process with pid 9064.
2025-06-24 21:30:50,092 [lib.api.process] INFO: Successfully terminated process with pid 292.
2025-06-24 21:30:50,092 [lib.api.process] INFO: Successfully terminated process with pid 9224.
2025-06-24 21:30:50,092 [lib.api.process] INFO: Successfully terminated process with pid 2908.
2025-06-24 21:30:50,092 [lib.api.process] INFO: Successfully terminated process with pid 9248.
2025-06-24 21:30:50,092 [lib.api.process] INFO: Successfully terminated process with pid 9388.
2025-06-24 21:30:50,092 [lib.api.process] INFO: Successfully terminated process with pid 9412.
2025-06-24 21:30:50,328 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-46099.exe
2025-06-24 21:30:50,328 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-35636.exe
2025-06-24 21:30:50,328 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-2440.exe
2025-06-24 21:30:50,328 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-63562.exe
2025-06-24 21:30:50,328 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-20602.exe
2025-06-24 21:30:50,328 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-49528.exe
2025-06-24 21:30:50,328 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-60166.exe
2025-06-24 21:30:50,328 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-6830.exe
2025-06-24 21:30:50,328 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-52496.exe
2025-06-24 21:30:50,328 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-13732.exe
2025-06-24 21:30:50,328 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-12117.exe
2025-06-24 21:30:50,328 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-1371.exe
2025-06-24 21:30:50,328 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-31053.exe
2025-06-24 21:30:50,328 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-37878.exe
2025-06-24 21:30:50,328 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-27239.exe
2025-06-24 21:30:50,328 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-41344.exe
2025-06-24 21:30:50,328 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-25932.exe
2025-06-24 21:30:50,328 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-43328.exe
2025-06-24 21:30:50,328 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-42150.exe
2025-06-24 21:30:50,328 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-10965.exe
2025-06-24 21:30:50,328 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-49014.exe
2025-06-24 21:30:50,328 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-1087.exe
2025-06-24 21:30:50,342 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-30173.exe
2025-06-24 21:30:50,342 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-5187.exe
2025-06-24 21:30:50,342 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-32755.exe
2025-06-24 21:30:50,342 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-57427.exe
2025-06-24 21:30:50,342 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-48813.exe
2025-06-24 21:30:50,342 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-18669.exe
2025-06-24 21:30:50,342 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-7956.exe
2025-06-24 21:30:50,342 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-46322.exe
2025-06-24 21:30:50,342 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-3503.exe
2025-06-24 21:30:50,342 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-30156.exe
2025-06-24 21:30:50,342 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-33959.exe
2025-06-24 21:30:50,342 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-15652.exe
2025-06-24 21:30:50,342 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-65106.exe
2025-06-24 21:30:50,342 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-16612.exe
2025-06-24 21:30:50,342 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-11428.exe
2025-06-24 21:30:50,342 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-16202.exe
2025-06-24 21:30:50,342 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-44904.exe
2025-06-24 21:30:50,342 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-6088.exe
2025-06-24 21:30:50,342 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-28227.exe
2025-06-24 21:30:50,342 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-31958.exe
2025-06-24 21:30:50,342 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-17047.exe
2025-06-24 21:30:50,342 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-59748.exe
2025-06-24 21:30:50,342 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-29402.exe
2025-06-24 21:30:50,342 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-47194.exe
2025-06-24 21:30:50,342 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-27848.exe
2025-06-24 21:30:50,342 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-37687.exe
2025-06-24 21:30:50,342 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-17283.exe
2025-06-24 21:30:50,342 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-35559.exe
2025-06-24 21:30:50,342 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-36178.exe
2025-06-24 21:30:50,342 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-40000.exe
2025-06-24 21:30:50,342 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-34937.exe
2025-06-24 21:30:50,342 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-5424.exe
2025-06-24 21:30:50,342 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-31709.exe
2025-06-24 21:30:50,342 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-16668.exe
2025-06-24 21:30:50,342 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-48954.exe
2025-06-24 21:30:50,342 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-12057.exe
2025-06-24 21:30:50,342 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-25487.exe
2025-06-24 21:30:50,342 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-1230.exe
2025-06-24 21:30:50,342 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-55735.exe
2025-06-24 21:30:50,342 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-60816.exe
2025-06-24 21:30:50,342 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-37002.exe
2025-06-24 21:30:50,358 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-19561.exe
2025-06-24 21:30:50,358 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-20757.exe
2025-06-24 21:30:50,358 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-1755.exe
2025-06-24 21:30:50,358 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-19710.exe
2025-06-24 21:30:50,358 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-43203.exe
2025-06-24 21:30:50,358 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-28367.exe
2025-06-24 21:30:50,358 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-9928.exe
2025-06-24 21:30:50,358 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-26971.exe
2025-06-24 21:30:50,358 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-39198.exe
2025-06-24 21:30:50,358 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-31439.exe
2025-06-24 21:30:50,358 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-51112.exe
2025-06-24 21:30:50,358 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-9431.exe
2025-06-24 21:30:50,358 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-56244.exe
2025-06-24 21:30:50,358 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-13244.exe
2025-06-24 21:30:50,358 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-57440.exe
2025-06-24 21:30:50,358 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-52139.exe
2025-06-24 21:30:50,358 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-22638.exe
2025-06-24 21:30:50,358 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-6109.exe
2025-06-24 21:30:50,358 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-29872.exe
2025-06-24 21:30:50,358 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-2025.exe
2025-06-24 21:30:50,358 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-43343.exe
2025-06-24 21:30:50,358 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-2515.exe
2025-06-24 21:30:50,358 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-22311.exe
2025-06-24 21:30:50,358 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-48927.exe
2025-06-24 21:30:50,358 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-58973.exe
2025-06-24 21:30:50,358 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-26473.exe
2025-06-24 21:30:50,358 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-37338.exe
2025-06-24 21:30:50,358 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-48438.exe
2025-06-24 21:30:50,358 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-48631.exe
2025-06-24 21:30:50,358 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-8133.exe
2025-06-24 21:30:50,358 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-9979.exe
2025-06-24 21:30:50,358 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-7493.exe
2025-06-24 21:30:50,358 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-31159.exe
2025-06-24 21:30:50,358 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-1682.exe
2025-06-24 21:30:50,375 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-9517.exe
2025-06-24 21:30:50,375 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-45829.exe
2025-06-24 21:30:50,375 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-51370.exe
2025-06-24 21:30:50,375 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-37656.exe
2025-06-24 21:30:50,375 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-17952.exe
2025-06-24 21:30:50,375 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-16608.exe
2025-06-24 21:30:50,375 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-54059.exe
2025-06-24 21:30:50,375 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-45796.exe
2025-06-24 21:30:50,375 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-44048.exe
2025-06-24 21:30:50,375 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-27624.exe
2025-06-24 21:30:50,375 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-15241.exe
2025-06-24 21:30:50,375 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-29885.exe
2025-06-24 21:30:50,375 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-65398.exe
2025-06-24 21:30:50,375 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-52160.exe
2025-06-24 21:30:50,375 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-28097.exe
2025-06-24 21:30:50,375 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-33022.exe
2025-06-24 21:30:50,375 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-36544.exe
2025-06-24 21:30:50,375 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-8709.exe
2025-06-24 21:30:50,375 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-21593.exe
2025-06-24 21:30:50,375 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-63530.exe
2025-06-24 21:30:50,375 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-1220.exe
2025-06-24 21:30:50,375 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-2388.exe
2025-06-24 21:30:50,375 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-35689.exe
2025-06-24 21:30:50,375 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-63239.exe
2025-06-24 21:30:50,375 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-36836.exe
2025-06-24 21:30:50,375 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-14552.exe
2025-06-24 21:30:50,390 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-2326.exe
2025-06-24 21:30:50,390 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-53752.exe
2025-06-24 21:30:50,390 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-1475.exe
2025-06-24 21:30:50,390 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-42206.exe
2025-06-24 21:30:50,390 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-39380.exe
2025-06-24 21:30:50,390 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-43124.exe
2025-06-24 21:30:50,390 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-53856.exe
2025-06-24 21:30:50,390 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-2823.exe
2025-06-24 21:30:50,390 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-17900.exe
2025-06-24 21:30:50,390 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-50406.exe
2025-06-24 21:30:50,390 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-57422.exe
2025-06-24 21:30:50,390 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-12231.exe
2025-06-24 21:30:50,390 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-14038.exe
2025-06-24 21:30:50,390 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-47116.exe
2025-06-24 21:30:50,390 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-7562.exe
2025-06-24 21:30:50,390 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-21683.exe
2025-06-24 21:30:50,390 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-26699.exe
2025-06-24 21:30:50,390 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-4952.exe
2025-06-24 21:30:50,390 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-29078.exe
2025-06-24 21:30:50,390 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-55779.exe
2025-06-24 21:30:50,390 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-48900.exe
2025-06-24 21:30:50,390 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-1672.exe
2025-06-24 21:30:50,390 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-1807.exe
2025-06-24 21:30:50,390 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-46213.exe
2025-06-24 21:30:50,390 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-49712.exe
2025-06-24 21:30:50,390 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-55097.exe
2025-06-24 21:30:50,405 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-4229.exe
2025-06-24 21:30:50,405 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-60001.exe
2025-06-24 21:30:50,405 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-8495.exe
2025-06-24 21:30:50,405 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-61501.exe
2025-06-24 21:30:50,405 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-6349.exe
2025-06-24 21:30:50,405 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-59435.exe
2025-06-24 21:30:50,405 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-38621.exe
2025-06-24 21:30:50,405 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-56021.exe
2025-06-24 21:30:50,405 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-53996.exe
2025-06-24 21:30:50,405 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-53971.exe
2025-06-24 21:30:50,405 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-2248.exe
2025-06-24 21:30:50,405 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-46604.exe
2025-06-24 21:30:50,405 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-4987.exe
2025-06-24 21:30:50,405 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-53883.exe
2025-06-24 21:30:50,405 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-789.exe
2025-06-24 21:30:50,405 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-62383.exe
2025-06-24 21:30:50,405 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-27272.exe
2025-06-24 21:30:50,405 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-13945.exe
2025-06-24 21:30:50,405 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-51754.exe
2025-06-24 21:30:50,405 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-6393.exe
2025-06-24 21:30:50,405 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-7087.exe
2025-06-24 21:30:50,405 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-33497.exe
2025-06-24 21:30:50,405 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-624.exe
2025-06-24 21:30:50,405 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-7315.exe
2025-06-24 21:30:50,405 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-5647.exe
2025-06-24 21:30:50,405 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-44530.exe
2025-06-24 21:30:50,405 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-35139.exe
2025-06-24 21:30:50,405 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-34553.exe
2025-06-24 21:30:50,405 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-13925.exe
2025-06-24 21:30:50,405 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-61267.exe
2025-06-24 21:30:50,405 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-14822.exe
2025-06-24 21:30:50,421 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-21848.exe
2025-06-24 21:30:50,421 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-62824.exe
2025-06-24 21:30:50,421 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-7012.exe
2025-06-24 21:30:50,421 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-51586.exe
2025-06-24 21:30:50,421 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-41054.exe
2025-06-24 21:30:50,421 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-26149.exe
2025-06-24 21:30:50,421 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-44372.exe
2025-06-24 21:30:50,421 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-3923.exe
2025-06-24 21:30:50,421 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-63940.exe
2025-06-24 21:30:50,421 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-38044.exe
2025-06-24 21:30:50,421 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-64689.exe
2025-06-24 21:30:50,421 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-42974.exe
2025-06-24 21:30:50,421 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-32752.exe
2025-06-24 21:30:50,421 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-21543.exe
2025-06-24 21:30:50,421 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-42164.exe
2025-06-24 21:30:50,421 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-49358.exe
2025-06-24 21:30:50,421 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-22347.exe
2025-06-24 21:30:50,421 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-17109.exe
2025-06-24 21:30:50,421 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-32342.exe
2025-06-24 21:30:50,421 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-24919.exe
2025-06-24 21:30:50,421 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-44542.exe
2025-06-24 21:30:50,421 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-49311.exe
2025-06-24 21:30:50,421 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-21486.exe
2025-06-24 21:30:50,421 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-16523.exe
2025-06-24 21:30:50,421 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-39938.exe
2025-06-24 21:30:50,421 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-24309.exe
2025-06-24 21:30:50,421 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-3975.exe
2025-06-24 21:30:50,421 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-25652.exe
2025-06-24 21:30:50,421 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-7894.exe
2025-06-24 21:30:50,437 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-51781.exe
2025-06-24 21:30:50,437 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-17982.exe
2025-06-24 21:30:50,437 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-2579.exe
2025-06-24 21:30:50,437 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-47198.exe
2025-06-24 21:30:50,437 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-17120.exe
2025-06-24 21:30:50,437 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-53690.exe
2025-06-24 21:30:50,437 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-43857.exe
2025-06-24 21:30:50,437 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-49975.exe
2025-06-24 21:30:50,437 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-57718.exe
2025-06-24 21:30:50,437 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-64708.exe
2025-06-24 21:30:50,437 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-49446.exe
2025-06-24 21:30:50,437 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-25547.exe
2025-06-24 21:30:50,437 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-44022.exe
2025-06-24 21:30:50,437 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-19291.exe
2025-06-24 21:30:50,437 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-42342.exe
2025-06-24 21:30:50,437 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-30043.exe
2025-06-24 21:30:50,437 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-49716.exe
2025-06-24 21:30:50,437 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-3680.exe
2025-06-24 21:30:50,437 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-37490.exe
2025-06-24 21:30:50,437 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-17055.exe
2025-06-24 21:30:50,437 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-52766.exe
2025-06-24 21:30:50,437 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-31074.exe
2025-06-24 21:30:50,437 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-41858.exe
2025-06-24 21:30:50,437 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-21333.exe
2025-06-24 21:30:50,437 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-59696.exe
2025-06-24 21:30:50,437 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-8059.exe
2025-06-24 21:30:50,437 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-26120.exe
2025-06-24 21:30:50,437 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-36120.exe
2025-06-24 21:30:50,437 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-9399.exe
2025-06-24 21:30:50,437 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-60079.exe
2025-06-24 21:30:50,437 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-19648.exe
2025-06-24 21:30:50,437 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-50204.exe
2025-06-24 21:30:50,453 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-4743.exe
2025-06-24 21:30:50,453 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-53338.exe
2025-06-24 21:30:50,453 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-11734.exe
2025-06-24 21:30:50,453 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-24230.exe
2025-06-24 21:30:50,453 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-15016.exe
2025-06-24 21:30:50,453 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-50052.exe
2025-06-24 21:30:50,453 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-65455.exe
2025-06-24 21:30:50,453 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-37578.exe
2025-06-24 21:30:50,453 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-29569.exe
2025-06-24 21:30:50,453 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-11158.exe
2025-06-24 21:30:50,453 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-43027.exe
2025-06-24 21:30:50,453 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-64355.exe
2025-06-24 21:30:50,453 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-32885.exe
2025-06-24 21:30:50,453 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-8303.exe
2025-06-24 21:30:50,453 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-27464.exe
2025-06-24 21:30:50,453 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-14443.exe
2025-06-24 21:30:50,453 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-10748.exe
2025-06-24 21:30:50,453 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-7686.exe
2025-06-24 21:30:50,453 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-35990.exe
2025-06-24 21:30:50,453 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-35418.exe
2025-06-24 21:30:50,453 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-16062.exe
2025-06-24 21:30:50,453 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-39082.exe
2025-06-24 21:30:50,453 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-14521.exe
2025-06-24 21:30:50,453 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-3671.exe
2025-06-24 21:30:50,453 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-34869.exe
2025-06-24 21:30:50,453 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-47836.exe
2025-06-24 21:30:50,453 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-19296.exe
2025-06-24 21:30:50,453 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-55481.exe
2025-06-24 21:30:50,453 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-15892.exe
2025-06-24 21:30:50,453 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-1506.exe
2025-06-24 21:30:50,453 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-35440.exe
2025-06-24 21:30:50,453 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-53535.exe
2025-06-24 21:30:50,453 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-56685.exe
2025-06-24 21:30:50,467 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-47748.exe
2025-06-24 21:30:50,467 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-39250.exe
2025-06-24 21:30:50,467 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-63644.exe
2025-06-24 21:30:50,467 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-62305.exe
2025-06-24 21:30:50,467 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-44355.exe
2025-06-24 21:30:50,467 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-38324.exe
2025-06-24 21:30:50,467 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-15460.exe
2025-06-24 21:30:50,467 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-34151.exe
2025-06-24 21:30:50,467 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-23602.exe
2025-06-24 21:30:50,467 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-63810.exe
2025-06-24 21:30:50,467 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-45647.exe
2025-06-24 21:30:50,467 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-10463.exe
2025-06-24 21:30:50,467 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-38761.exe
2025-06-24 21:30:50,467 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-44049.exe
2025-06-24 21:30:50,467 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-29104.exe
2025-06-24 21:30:50,467 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-41086.exe
2025-06-24 21:30:50,467 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-53089.exe
2025-06-24 21:30:50,467 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-24624.exe
2025-06-24 21:30:50,467 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-48159.exe
2025-06-24 21:30:50,467 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-54931.exe
2025-06-24 21:30:50,467 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-58400.exe
2025-06-24 21:30:50,467 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-2004.exe
2025-06-24 21:30:50,467 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-46789.exe
2025-06-24 21:30:50,467 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-10914.exe
2025-06-24 21:30:50,483 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-19506.exe
2025-06-24 21:30:50,483 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-17240.exe
2025-06-24 21:30:50,483 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-19047.exe
2025-06-24 21:30:50,483 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-57121.exe
2025-06-24 21:30:50,483 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-41854.exe
2025-06-24 21:30:50,483 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-54765.exe
2025-06-24 21:30:50,483 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-20137.exe
2025-06-24 21:30:50,483 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-61506.exe
2025-06-24 21:30:50,483 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-302.exe
2025-06-24 21:30:50,483 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-2362.exe
2025-06-24 21:30:50,483 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-7711.exe
2025-06-24 21:30:50,483 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-37556.exe
2025-06-24 21:30:50,483 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-5652.exe
2025-06-24 21:30:50,483 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-24780.exe
2025-06-24 21:30:50,483 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-57.exe
2025-06-24 21:30:50,483 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-46426.exe
2025-06-24 21:30:50,483 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-44345.exe
2025-06-24 21:30:50,483 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-17510.exe
2025-06-24 21:30:50,483 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-35112.exe
2025-06-24 21:30:50,483 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-13810.exe
2025-06-24 21:30:50,483 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-39166.exe
2025-06-24 21:30:50,483 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-12108.exe
2025-06-24 21:30:50,500 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-63526.exe
2025-06-24 21:30:50,500 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-10333.exe
2025-06-24 21:30:50,500 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-28010.exe
2025-06-24 21:30:50,500 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-8802.exe
2025-06-24 21:30:50,500 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-23368.exe
2025-06-24 21:30:50,500 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-11874.exe
2025-06-24 21:30:50,500 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-65325.exe
2025-06-24 21:30:50,500 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-35468.exe
2025-06-24 21:30:50,500 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-3183.exe
2025-06-24 21:30:50,500 [analyzer] INFO: Analysis completed.

Cuckoo Log

2025-07-02 12:09:50,902 [cuckoo.core.scheduler] INFO: Task #6631121: acquired machine win7x646 (label=win7x646)
2025-07-02 12:09:50,904 [cuckoo.core.resultserver] DEBUG: Now tracking machine 192.168.168.206 for task #6631121
2025-07-02 12:09:51,275 [cuckoo.auxiliary.sniffer] INFO: Started sniffer with PID 2748212 (interface=vboxnet0, host=192.168.168.206)
2025-07-02 12:09:52,209 [cuckoo.machinery.virtualbox] DEBUG: Starting vm win7x646
2025-07-02 12:09:52,837 [cuckoo.machinery.virtualbox] DEBUG: Restoring virtual machine win7x646 to vmcloak
2025-07-02 12:11:32,264 [cuckoo.core.guest] INFO: Starting analysis #6631121 on guest (id=win7x646, ip=192.168.168.206)
2025-07-02 12:11:33,270 [cuckoo.core.guest] DEBUG: win7x646: not ready yet
2025-07-02 12:11:38,518 [cuckoo.core.guest] INFO: Guest is running Cuckoo Agent 0.10 (id=win7x646, ip=192.168.168.206)
2025-07-02 12:11:38,621 [cuckoo.core.guest] DEBUG: Uploading analyzer to guest (id=win7x646, ip=192.168.168.206, monitor=latest, size=6660546)
2025-07-02 12:11:40,009 [cuckoo.core.resultserver] DEBUG: Task #6631121: live log analysis.log initialized.
2025-07-02 12:11:41,312 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:11:41,862 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:11:42,627 [cuckoo.core.resultserver] DEBUG: Task #6631121: File upload for 'shots/0001.jpg'
2025-07-02 12:11:42,646 [cuckoo.core.resultserver] DEBUG: Task #6631121 uploaded file length: 96748
2025-07-02 12:11:45,231 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:11:48,634 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:11:48,635 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:11:52,027 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:11:52,092 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:11:52,108 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:11:52,123 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:11:54,932 [cuckoo.core.guest] DEBUG: win7x646: analysis #6631121 still processing
2025-07-02 12:11:55,707 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:11:55,708 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:11:55,724 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:11:55,728 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:11:55,732 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:11:55,733 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:11:55,735 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:11:55,807 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:11:59,451 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:11:59,506 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:11:59,635 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:11:59,704 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:11:59,770 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:00,007 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:00,146 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:00,163 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:00,217 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:00,218 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:00,247 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:00,299 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:00,323 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:00,371 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:00,445 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:02,685 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:02,997 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:03,059 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:03,098 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:03,123 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:03,543 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:03,718 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:04,019 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:04,127 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:04,153 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:04,199 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:04,283 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:04,395 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:05,047 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:05,326 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:05,433 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:05,434 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:05,435 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:05,446 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:05,449 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:05,467 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:05,473 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:05,482 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:05,486 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:05,487 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:05,489 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:05,491 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:05,503 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:05,508 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:05,513 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:05,516 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:06,374 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:06,377 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:07,207 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:07,219 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:07,233 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:07,239 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:07,242 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:07,396 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:07,406 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:07,456 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:07,461 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:07,470 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:07,473 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:07,484 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:08,084 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:08,095 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:08,345 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:08,348 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:08,349 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:08,350 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:08,352 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:08,353 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:08,365 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:08,403 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:08,408 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:08,418 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:10,078 [cuckoo.core.guest] DEBUG: win7x646: analysis #6631121 still processing
2025-07-02 12:12:11,131 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:11,133 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:11,140 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:11,215 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:12,244 [cuckoo.core.resultserver] DEBUG: Task #6631121: File upload for 'shots/0002.jpg'
2025-07-02 12:12:12,285 [cuckoo.core.resultserver] DEBUG: Task #6631121 uploaded file length: 100058
2025-07-02 12:12:12,610 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:12,612 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:12,903 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:12,980 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:13,434 [cuckoo.core.resultserver] DEBUG: Task #6631121: File upload for 'shots/0003.jpg'
2025-07-02 12:12:13,520 [cuckoo.core.resultserver] DEBUG: Task #6631121 uploaded file length: 101291
2025-07-02 12:12:13,605 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:13,730 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:13,748 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:13,815 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:13,882 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:14,021 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:14,128 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:14,159 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:15,383 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:15,454 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:15,461 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:15,485 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:15,742 [cuckoo.core.resultserver] DEBUG: Task #6631121: File upload for 'shots/0004.jpg'
2025-07-02 12:12:15,783 [cuckoo.core.resultserver] DEBUG: Task #6631121 uploaded file length: 99571
2025-07-02 12:12:15,840 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:16,004 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:16,087 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:16,224 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:16,227 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:16,297 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:16,390 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:16,554 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:16,638 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:16,734 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:16,736 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:16,893 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:16,935 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:17,197 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:17,281 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:17,369 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:17,434 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:17,480 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:18,224 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:18,230 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:18,243 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:18,384 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:18,419 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:18,872 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:19,081 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:19,107 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:19,109 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:19,110 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:19,206 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:19,210 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:23,060 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:23,067 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:23,071 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:23,078 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:23,098 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:23,101 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:23,126 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:23,130 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:23,172 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:23,179 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:23,205 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:23,207 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:23,227 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:23,242 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:23,266 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:23,268 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:23,279 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:23,280 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:23,305 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:23,307 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:23,317 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:23,341 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:23,342 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:23,346 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:23,348 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:23,349 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:23,354 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:23,379 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:23,402 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:23,457 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:24,011 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:24,355 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:24,793 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:25,108 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:25,152 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:25,173 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:25,295 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:25,535 [cuckoo.core.guest] DEBUG: win7x646: analysis #6631121 still processing
2025-07-02 12:12:25,746 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:26,754 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:26,757 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:26,773 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:26,775 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:26,994 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:27,796 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:27,909 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:27,997 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:28,030 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:28,059 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:28,124 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:28,125 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:28,155 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:28,183 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:28,888 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:28,902 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:29,089 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:29,402 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:29,698 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:29,885 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:30,332 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:30,333 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:30,335 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:30,337 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:30,339 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:30,465 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:30,937 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:30,939 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:30,940 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:30,941 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:30,950 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:31,167 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:31,190 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:31,215 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:31,431 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:31,432 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:31,842 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:31,856 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:32,370 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:32,608 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:32,679 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:33,017 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:33,021 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:33,109 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:33,133 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:33,136 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:33,404 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:33,406 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:33,410 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:33,411 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:33,502 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:33,527 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:33,754 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:33,757 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:33,901 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:34,062 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:34,137 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:34,631 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:34,821 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:35,125 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:35,138 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:35,409 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:35,533 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:35,611 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:35,634 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:35,786 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:35,860 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:35,863 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:36,349 [cuckoo.core.resultserver] DEBUG: Task #6631121: File upload for 'shots/0005.jpg'
2025-07-02 12:12:36,377 [cuckoo.core.resultserver] DEBUG: Task #6631121 uploaded file length: 102773
2025-07-02 12:12:36,391 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:37,735 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:37,744 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:37,823 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:38,722 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:38,731 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:38,743 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:38,760 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:38,778 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:39,331 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:39,347 [cuckoo.core.resultserver] DEBUG: Task #6631121: File upload for 'shots/0006.jpg'
2025-07-02 12:12:40,248 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:40,252 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:40,340 [cuckoo.core.resultserver] DEBUG: Task #6631121 uploaded file length: 112758
2025-07-02 12:12:40,752 [cuckoo.core.guest] DEBUG: win7x646: analysis #6631121 still processing
2025-07-02 12:12:41,242 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:41,264 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:41,298 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:41,725 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:42,356 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:42,976 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:44,998 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:45,281 [cuckoo.core.resultserver] DEBUG: Task #6631121: File upload for 'shots/0007.jpg'
2025-07-02 12:12:45,304 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:45,306 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:45,307 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:45,308 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:45,309 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:45,312 [cuckoo.core.resultserver] DEBUG: Task #6631121 uploaded file length: 111606
2025-07-02 12:12:45,426 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:45,427 [cuckoo.core.resultserver] DEBUG: Task #6631121 is sending a BSON stream
2025-07-02 12:12:46,428 [cuckoo.core.resultserver] DEBUG: Task #6631121: File upload for 'shots/0008.jpg'
2025-07-02 12:12:46,455 [cuckoo.core.resultserver] DEBUG: Task #6631121 uploaded file length: 111283
2025-07-02 12:12:53,845 [cuckoo.core.resultserver] DEBUG: Task #6631121: File upload for 'shots/0009.jpg'
2025-07-02 12:12:53,859 [cuckoo.core.resultserver] DEBUG: Task #6631121 uploaded file length: 111306
2025-07-02 12:12:57,109 [cuckoo.core.guest] DEBUG: win7x646: analysis #6631121 still processing
2025-07-02 12:13:12,925 [cuckoo.core.guest] DEBUG: win7x646: analysis #6631121 still processing
2025-07-02 12:13:29,278 [cuckoo.core.guest] DEBUG: win7x646: analysis #6631121 still processing
2025-07-02 12:13:44,795 [cuckoo.core.guest] DEBUG: win7x646: analysis #6631121 still processing
2025-07-02 12:13:45,674 [cuckoo.core.resultserver] DEBUG: Task #6631121: File upload for 'shots/0010.jpg'
2025-07-02 12:13:45,690 [cuckoo.core.resultserver] DEBUG: Task #6631121 uploaded file length: 116218
2025-07-02 12:14:00,182 [cuckoo.core.guest] DEBUG: win7x646: analysis #6631121 still processing
2025-07-02 12:14:15,448 [cuckoo.core.guest] DEBUG: win7x646: analysis #6631121 still processing
2025-07-02 12:14:30,975 [cuckoo.core.guest] DEBUG: win7x646: analysis #6631121 still processing
2025-07-02 12:14:45,021 [cuckoo.core.resultserver] DEBUG: Task #6631121: File upload for 'shots/0011.jpg'
2025-07-02 12:14:45,054 [cuckoo.core.resultserver] DEBUG: Task #6631121 uploaded file length: 116798
2025-07-02 12:14:46,183 [cuckoo.core.guest] DEBUG: win7x646: analysis #6631121 still processing
2025-07-02 12:15:01,456 [cuckoo.core.guest] DEBUG: win7x646: analysis #6631121 still processing
2025-07-02 12:15:09,115 [cuckoo.core.resultserver] DEBUG: Task #6631121: File upload for 'shots/0012.jpg'
2025-07-02 12:15:09,140 [cuckoo.core.resultserver] DEBUG: Task #6631121 uploaded file length: 116201
2025-07-02 12:15:16,202 [cuckoo.core.resultserver] DEBUG: Task #6631121: File upload for 'curtain/1750793428.62.curtain.log'
2025-07-02 12:15:16,204 [cuckoo.core.resultserver] DEBUG: Task #6631121 uploaded file length: 36
2025-07-02 12:15:17,563 [cuckoo.core.guest] DEBUG: win7x646: analysis #6631121 still processing
2025-07-02 12:15:29,739 [cuckoo.core.guest] INFO: win7x646: end of analysis reached!
2025-07-02 12:15:29,781 [cuckoo.core.plugins] DEBUG: Stopped auxiliary module: Redsocks
2025-07-02 12:15:29,797 [cuckoo.core.plugins] DEBUG: Stopped auxiliary module: Sniffer
2025-07-02 12:15:30,800 [cuckoo.machinery.virtualbox] INFO: Successfully generated memory dump for virtual machine with label win7x646 to path /srv/cuckoo/cwd/storage/analyses/6631121/memory.dmp
2025-07-02 12:15:30,802 [cuckoo.machinery.virtualbox] DEBUG: Stopping vm win7x646
2025-07-02 12:15:36,807 [cuckoo.core.resultserver] DEBUG: Task #6631121: File upload for 'sysmon/1750793449.75.sysmon.xml'
2025-07-02 12:15:36,966 [cuckoo.core.resultserver] DEBUG: Task #6631121 uploaded file length: 20691482
2025-07-02 12:15:37,155 [cuckoo.core.resultserver] DEBUG: Task #6631121: File upload for 'files/033840ca583ce3a9_unicorn-57592.exe'
2025-07-02 12:15:37,161 [cuckoo.core.resultserver] DEBUG: Task #6631121 uploaded file length: 188424
2025-07-02 12:15:37,164 [cuckoo.core.resultserver] DEBUG: Task #6631121: File upload for 'files/b3c9ad5f11122547_unicorn-55646.exe'
2025-07-02 12:15:37,171 [cuckoo.core.resultserver] DEBUG: Task #6631121: File upload for 'files/64d37fd4db4e60cf_unicorn-54978.exe'
2025-07-02 12:15:37,174 [cuckoo.core.resultserver] DEBUG: Task #6631121 uploaded file length: 188422
2025-07-02 12:15:37,179 [cuckoo.core.resultserver] DEBUG: Task #6631121 uploaded file length: 188425
2025-07-02 12:15:37,184 [cuckoo.core.resultserver] DEBUG: Task #6631121: File upload for 'files/a196cdf3dc912cc0_unicorn-23572.exe'
2025-07-02 12:15:37,190 [cuckoo.core.resultserver] DEBUG: Task #6631121 uploaded file length: 188424
2025-07-02 12:15:37,193 [cuckoo.core.resultserver] DEBUG: Task #6631121: File upload for 'files/203035557ae92dbd_unicorn-57696.exe'
2025-07-02 12:15:37,197 [cuckoo.core.resultserver] DEBUG: Task #6631121 uploaded file length: 188424
2025-07-02 12:15:37,202 [cuckoo.core.resultserver] DEBUG: Task #6631121: File upload for 'files/76ff2b0143038d92_unicorn-35776.exe'
2025-07-02 12:15:37,206 [cuckoo.core.resultserver] DEBUG: Task #6631121 uploaded file length: 188423
2025-07-02 12:15:37,210 [cuckoo.core.resultserver] DEBUG: Task #6631121: File upload for 'files/c4478a1bd673c748_unicorn-49809.exe'
2025-07-02 12:15:37,213 [cuckoo.core.resultserver] DEBUG: Task #6631121 uploaded file length: 188422
2025-07-02 12:15:37,218 [cuckoo.core.resultserver] DEBUG: Task #6631121: File upload for 'files/2c1d47631fc893ab_unicorn-39668.exe'
2025-07-02 12:15:37,228 [cuckoo.core.resultserver] DEBUG: Task #6631121: File upload for 'files/8445a7eb3d365b14_unicorn-15976.exe'
2025-07-02 12:15:37,235 [cuckoo.core.resultserver] DEBUG: Task #6631121 uploaded file length: 188423
2025-07-02 12:15:37,238 [cuckoo.core.resultserver] DEBUG: Task #6631121: File upload for 'files/0058d48d2c31e44c_unicorn-57043.exe'
2025-07-02 12:15:37,246 [cuckoo.core.resultserver] DEBUG: Task #6631121 uploaded file length: 188421
2025-07-02 12:15:37,248 [cuckoo.core.resultserver] DEBUG: Task #6631121: File upload for 'files/685a264741465b38_unicorn-33383.exe'
2025-07-02 12:15:37,252 [cuckoo.core.resultserver] DEBUG: Task #6631121 uploaded file length: 188423
2025-07-02 12:15:37,257 [cuckoo.core.resultserver] DEBUG: Task #6631121: File upload for 'files/86f33a341d1ad4a4_unicorn-26061.exe'
2025-07-02 12:15:37,261 [cuckoo.core.resultserver] DEBUG: Task #6631121: File upload for 'files/3ce242c77c3b0b1b_unicorn-11925.exe'
2025-07-02 12:15:37,264 [cuckoo.core.resultserver] DEBUG: Task #6631121 uploaded file length: 188423
2025-07-02 12:15:37,266 [cuckoo.core.resultserver] DEBUG: Task #6631121 uploaded file length: 188424
2025-07-02 12:15:37,269 [cuckoo.core.resultserver] DEBUG: Task #6631121: File upload for 'files/726a1cf5f9b36d3a_unicorn-41932.exe'
2025-07-02 12:15:37,275 [cuckoo.core.resultserver] DEBUG: Task #6631121 uploaded file length: 188425
2025-07-02 12:15:37,295 [cuckoo.core.resultserver] DEBUG: Task #6631121: File upload for 'files/3b7a6cd510320f7d_unicorn-8981.exe'
2025-07-02 12:15:37,311 [cuckoo.core.resultserver] DEBUG: Task #6631121: File upload for 'files/b5a13685ebc9c67e_unicorn-46597.exe'
2025-07-02 12:15:37,313 [cuckoo.core.resultserver] DEBUG: Task #6631121: File upload for 'files/43363d43b5361352_unicorn-35736.exe'
2025-07-02 12:15:37,315 [cuckoo.core.resultserver] DEBUG: Task #6631121: File upload for 'files/76561dae3e5d6e50_unicorn-27241.exe'
2025-07-02 12:15:37,316 [cuckoo.core.resultserver] DEBUG: Task #6631121: File upload for 'files/47adf3f639f8e000_unicorn-5459.exe'
2025-07-02 12:15:37,320 [cuckoo.core.resultserver] DEBUG: Task #6631121 uploaded file length: 188424
2025-07-02 12:15:37,322 [cuckoo.core.resultserver] DEBUG: Task #6631121: File upload for 'files/3810dbd07e2e9cf2_unicorn-28838.exe'
2025-07-02 12:15:37,328 [cuckoo.core.resultserver] DEBUG: Task #6631121 uploaded file length: 188421
2025-07-02 12:15:37,330 [cuckoo.core.resultserver] DEBUG: Task #6631121 uploaded file length: 188422
2025-07-02 12:15:37,332 [cuckoo.core.resultserver] DEBUG: Task #6631121 uploaded file length: 188422
2025-07-02 12:15:37,334 [cuckoo.core.resultserver] DEBUG: Task #6631121 uploaded file length: 188422
2025-07-02 12:15:37,336 [cuckoo.core.resultserver] DEBUG: Task #6631121: File upload for 'files/0d08666fc89fb580_unicorn-34483.exe'
2025-07-02 12:15:37,338 [cuckoo.core.resultserver] DEBUG: Task #6631121: File upload for 'files/52aad7772c43304c_unicorn-18262.exe'
2025-07-02 12:15:37,340 [cuckoo.core.resultserver] DEBUG: Task #6631121 uploaded file length: 188423
2025-07-02 12:15:37,342 [cuckoo.core.resultserver] DEBUG: Task #6631121 uploaded file length: 188424
2025-07-02 12:15:37,345 [cuckoo.core.resultserver] DEBUG: Task #6631121: File upload for 'files/ed96a31ba3955f62_unicorn-10581.exe'
2025-07-02 12:15:37,347 [cuckoo.core.resultserver] DEBUG: Task #6631121 uploaded file length: 188425
2025-07-02 12:15:37,348 [cuckoo.core.resultserver] DEBUG: Task #6631121 uploaded file length: 188423
2025-07-02 12:15:37,353 [cuckoo.core.resultserver] DEBUG: Task #6631121: File upload for 'files/5708892b72226e44_unicorn-60128.exe'
2025-07-02 12:15:37,359 [cuckoo.core.resultserver] DEBUG: Task #6631121 uploaded file length: 188424
2025-07-02 12:15:37,364 [cuckoo.core.resultserver] DEBUG: Task #6631121: File upload for 'files/f98a7f38fc72bcc7_unicorn-34750.exe'
2025-07-02 12:15:37,377 [cuckoo.core.resultserver] DEBUG: Task #6631121 uploaded file length: 188422
2025-07-02 12:15:37,380 [cuckoo.core.resultserver] DEBUG: Task #6631121 uploaded file length: 188423
2025-07-02 12:15:37,963 [cuckoo.core.resultserver] DEBUG: Task #6631121 had connection reset for <Context for LOG>
2025-07-02 12:17:33,547 [cuckoo.core.resultserver] DEBUG: Stopped tracking machine 192.168.168.206 for task #6631121
2025-07-02 12:17:34,318 [cuckoo.core.scheduler] DEBUG: Released database task #6631121
2025-07-02 12:17:44,588 [cuckoo.core.scheduler] INFO: Task #6631121: analysis procedure completed

Signatures

Yara rule detected for file (1 event)

description

(no description)

rule

SEH__vba

One or more processes crashed (50 out of 816 events)

Time & API	Arguments	Status
__exception__ June 24, 2025, 10:26 p.m.	stacktrace: EbGetHandleOfExecutingProject+0x22b3 rtcPackDate-0xba9 msvbvm60+0xd0dcf @ 0x72a10dcf rtcDoEvents+0x131 __vbaError-0x626 msvbvm60+0xce228 @ 0x72a0e228 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xc41f exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xc000008f exception.offset: 50207 exception.address: 0x7638c41f registers.esp: 1636800 registers.edi: 2148139061 registers.eax: 1636800 registers.ebp: 1636880 registers.edx: 0 registers.ebx: 5050232 registers.esi: 5050232 registers.ecx: 2	1
__exception__ June 24, 2025, 10:26 p.m.	stacktrace: EbGetHandleOfExecutingProject+0x22b3 rtcPackDate-0xba9 msvbvm60+0xd0dcf @ 0x72a10dcf rtcDoEvents+0x131 __vbaError-0x626 msvbvm60+0xce228 @ 0x72a0e228 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xc41f exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xc000008f exception.offset: 50207 exception.address: 0x7638c41f registers.esp: 1636796 registers.edi: 2148139061 registers.eax: 1636796 registers.ebp: 1636876 registers.edx: 0 registers.ebx: 5050232 registers.esi: 5050232 registers.ecx: 2	1
__exception__ June 24, 2025, 10:26 p.m.	stacktrace: EbGetHandleOfExecutingProject+0x22b3 rtcPackDate-0xba9 msvbvm60+0xd0dcf @ 0x72a10dcf rtcDoEvents+0x131 __vbaError-0x626 msvbvm60+0xce228 @ 0x72a0e228 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xc41f exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xc000008f exception.offset: 50207 exception.address: 0x7638c41f registers.esp: 1636792 registers.edi: 2148139061 registers.eax: 1636792 registers.ebp: 1636872 registers.edx: 0 registers.ebx: 5050232 registers.esi: 5050232 registers.ecx: 2	1
__exception__ June 24, 2025, 10:26 p.m.	stacktrace: EbGetHandleOfExecutingProject+0x22b3 rtcPackDate-0xba9 msvbvm60+0xd0dcf @ 0x72a10dcf rtcDoEvents+0x131 __vbaError-0x626 msvbvm60+0xce228 @ 0x72a0e228 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xc41f exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xc000008f exception.offset: 50207 exception.address: 0x7638c41f registers.esp: 1636800 registers.edi: 2148139061 registers.eax: 1636800 registers.ebp: 1636880 registers.edx: 0 registers.ebx: 3087920 registers.esi: 3087920 registers.ecx: 2	1
__exception__ June 24, 2025, 10:26 p.m.	stacktrace: EbGetHandleOfExecutingProject+0x22b3 rtcPackDate-0xba9 msvbvm60+0xd0dcf @ 0x72a10dcf rtcDoEvents+0x131 __vbaError-0x626 msvbvm60+0xce228 @ 0x72a0e228 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xc41f exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xc000008f exception.offset: 50207 exception.address: 0x7638c41f registers.esp: 1636796 registers.edi: 2148139061 registers.eax: 1636796 registers.ebp: 1636876 registers.edx: 0 registers.ebx: 3087920 registers.esi: 3087920 registers.ecx: 2	1
__exception__ June 24, 2025, 10:26 p.m.	stacktrace: EbGetHandleOfExecutingProject+0x22b3 rtcPackDate-0xba9 msvbvm60+0xd0dcf @ 0x72a10dcf rtcDoEvents+0x131 __vbaError-0x626 msvbvm60+0xce228 @ 0x72a0e228 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xc41f exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xc000008f exception.offset: 50207 exception.address: 0x7638c41f registers.esp: 1636792 registers.edi: 2148139061 registers.eax: 1636792 registers.ebp: 1636872 registers.edx: 0 registers.ebx: 3087920 registers.esi: 3087920 registers.ecx: 2	1
__exception__ June 24, 2025, 10:27 p.m.	stacktrace: EbGetHandleOfExecutingProject+0x22b3 rtcPackDate-0xba9 msvbvm60+0xd0dcf @ 0x72a10dcf rtcDoEvents+0x131 __vbaError-0x626 msvbvm60+0xce228 @ 0x72a0e228 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xc41f exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xc000008f exception.offset: 50207 exception.address: 0x7638c41f registers.esp: 1636800 registers.edi: 2148139061 registers.eax: 1636800 registers.ebp: 1636880 registers.edx: 0 registers.ebx: 5447224 registers.esi: 5447224 registers.ecx: 2	1
__exception__ June 24, 2025, 10:27 p.m.	stacktrace: EbGetHandleOfExecutingProject+0x22b3 rtcPackDate-0xba9 msvbvm60+0xd0dcf @ 0x72a10dcf rtcDoEvents+0x131 __vbaError-0x626 msvbvm60+0xce228 @ 0x72a0e228 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xc41f exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xc000008f exception.offset: 50207 exception.address: 0x7638c41f registers.esp: 1636796 registers.edi: 2148139061 registers.eax: 1636796 registers.ebp: 1636876 registers.edx: 0 registers.ebx: 5447224 registers.esi: 5447224 registers.ecx: 2	1
__exception__ June 24, 2025, 10:27 p.m.	stacktrace: EbGetHandleOfExecutingProject+0x22b3 rtcPackDate-0xba9 msvbvm60+0xd0dcf @ 0x72a10dcf rtcDoEvents+0x131 __vbaError-0x626 msvbvm60+0xce228 @ 0x72a0e228 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xc41f exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xc000008f exception.offset: 50207 exception.address: 0x7638c41f registers.esp: 1636792 registers.edi: 2148139061 registers.eax: 1636792 registers.ebp: 1636872 registers.edx: 0 registers.ebx: 5447224 registers.esi: 5447224 registers.ecx: 2	1
__exception__ June 24, 2025, 10:27 p.m.	stacktrace: EbGetHandleOfExecutingProject+0x22b3 rtcPackDate-0xba9 msvbvm60+0xd0dcf @ 0x72a10dcf rtcDoEvents+0x131 __vbaError-0x626 msvbvm60+0xce228 @ 0x72a0e228 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xc41f exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xc000008f exception.offset: 50207 exception.address: 0x7638c41f registers.esp: 1636800 registers.edi: 2148139061 registers.eax: 1636800 registers.ebp: 1636880 registers.edx: 0 registers.ebx: 6102584 registers.esi: 6102584 registers.ecx: 2	1
__exception__ June 24, 2025, 10:27 p.m.	stacktrace: EbGetHandleOfExecutingProject+0x22b3 rtcPackDate-0xba9 msvbvm60+0xd0dcf @ 0x72a10dcf rtcDoEvents+0x131 __vbaError-0x626 msvbvm60+0xce228 @ 0x72a0e228 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xc41f exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xc000008f exception.offset: 50207 exception.address: 0x7638c41f registers.esp: 1636796 registers.edi: 2148139061 registers.eax: 1636796 registers.ebp: 1636876 registers.edx: 0 registers.ebx: 6102584 registers.esi: 6102584 registers.ecx: 2	1
__exception__ June 24, 2025, 10:27 p.m.	stacktrace: EbGetHandleOfExecutingProject+0x22b3 rtcPackDate-0xba9 msvbvm60+0xd0dcf @ 0x72a10dcf rtcDoEvents+0x131 __vbaError-0x626 msvbvm60+0xce228 @ 0x72a0e228 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xc41f exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xc000008f exception.offset: 50207 exception.address: 0x7638c41f registers.esp: 1636792 registers.edi: 2148139061 registers.eax: 1636792 registers.ebp: 1636872 registers.edx: 0 registers.ebx: 6102584 registers.esi: 6102584 registers.ecx: 2	1
__exception__ June 24, 2025, 10:27 p.m.	stacktrace: EbGetHandleOfExecutingProject+0x22b3 rtcPackDate-0xba9 msvbvm60+0xd0dcf @ 0x72a10dcf rtcDoEvents+0x131 __vbaError-0x626 msvbvm60+0xce228 @ 0x72a0e228 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xc41f exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xc000008f exception.offset: 50207 exception.address: 0x7638c41f registers.esp: 1636800 registers.edi: 2148139061 registers.eax: 1636800 registers.ebp: 1636880 registers.edx: 0 registers.ebx: 3087928 registers.esi: 3087928 registers.ecx: 2	1
__exception__ June 24, 2025, 10:27 p.m.	stacktrace: EbGetHandleOfExecutingProject+0x22b3 rtcPackDate-0xba9 msvbvm60+0xd0dcf @ 0x72a10dcf rtcDoEvents+0x131 __vbaError-0x626 msvbvm60+0xce228 @ 0x72a0e228 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xc41f exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xc000008f exception.offset: 50207 exception.address: 0x7638c41f registers.esp: 1636796 registers.edi: 2148139061 registers.eax: 1636796 registers.ebp: 1636876 registers.edx: 0 registers.ebx: 3087928 registers.esi: 3087928 registers.ecx: 2	1
__exception__ June 24, 2025, 10:27 p.m.	stacktrace: EbGetHandleOfExecutingProject+0x22b3 rtcPackDate-0xba9 msvbvm60+0xd0dcf @ 0x72a10dcf rtcDoEvents+0x131 __vbaError-0x626 msvbvm60+0xce228 @ 0x72a0e228 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xc41f exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xc000008f exception.offset: 50207 exception.address: 0x7638c41f registers.esp: 1636792 registers.edi: 2148139061 registers.eax: 1636792 registers.ebp: 1636872 registers.edx: 0 registers.ebx: 3087928 registers.esi: 3087928 registers.ecx: 2	1
__exception__ June 24, 2025, 10:27 p.m.	stacktrace: EbGetHandleOfExecutingProject+0x22b3 rtcPackDate-0xba9 msvbvm60+0xd0dcf @ 0x72a10dcf rtcDoEvents+0x131 __vbaError-0x626 msvbvm60+0xce228 @ 0x72a0e228 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xc41f exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xc000008f exception.offset: 50207 exception.address: 0x7638c41f registers.esp: 1636800 registers.edi: 2148139061 registers.eax: 1636800 registers.ebp: 1636880 registers.edx: 0 registers.ebx: 8789560 registers.esi: 8789560 registers.ecx: 2	1
__exception__ June 24, 2025, 10:27 p.m.	stacktrace: EbGetHandleOfExecutingProject+0x22b3 rtcPackDate-0xba9 msvbvm60+0xd0dcf @ 0x72a10dcf rtcDoEvents+0x131 __vbaError-0x626 msvbvm60+0xce228 @ 0x72a0e228 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xc41f exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xc000008f exception.offset: 50207 exception.address: 0x7638c41f registers.esp: 1636796 registers.edi: 2148139061 registers.eax: 1636796 registers.ebp: 1636876 registers.edx: 0 registers.ebx: 8789560 registers.esi: 8789560 registers.ecx: 2	1
__exception__ June 24, 2025, 10:27 p.m.	stacktrace: EbGetHandleOfExecutingProject+0x22b3 rtcPackDate-0xba9 msvbvm60+0xd0dcf @ 0x72a10dcf rtcDoEvents+0x131 __vbaError-0x626 msvbvm60+0xce228 @ 0x72a0e228 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xc41f exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xc000008f exception.offset: 50207 exception.address: 0x7638c41f registers.esp: 1636792 registers.edi: 2148139061 registers.eax: 1636792 registers.ebp: 1636872 registers.edx: 0 registers.ebx: 8789560 registers.esi: 8789560 registers.ecx: 2	1
__exception__ June 24, 2025, 10:27 p.m.	stacktrace: EbGetHandleOfExecutingProject+0x22b3 rtcPackDate-0xba9 msvbvm60+0xd0dcf @ 0x72a10dcf rtcDoEvents+0x131 __vbaError-0x626 msvbvm60+0xce228 @ 0x72a0e228 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xc41f exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xc000008f exception.offset: 50207 exception.address: 0x7638c41f registers.esp: 1636800 registers.edi: 2148139061 registers.eax: 1636800 registers.ebp: 1636880 registers.edx: 0 registers.ebx: 6037048 registers.esi: 6037048 registers.ecx: 2	1
__exception__ June 24, 2025, 10:27 p.m.	stacktrace: EbGetHandleOfExecutingProject+0x22b3 rtcPackDate-0xba9 msvbvm60+0xd0dcf @ 0x72a10dcf rtcDoEvents+0x131 __vbaError-0x626 msvbvm60+0xce228 @ 0x72a0e228 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xc41f exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xc000008f exception.offset: 50207 exception.address: 0x7638c41f registers.esp: 1636796 registers.edi: 2148139061 registers.eax: 1636796 registers.ebp: 1636876 registers.edx: 0 registers.ebx: 6037048 registers.esi: 6037048 registers.ecx: 2	1
__exception__ June 24, 2025, 10:27 p.m.	stacktrace: EbGetHandleOfExecutingProject+0x22b3 rtcPackDate-0xba9 msvbvm60+0xd0dcf @ 0x72a10dcf rtcDoEvents+0x131 __vbaError-0x626 msvbvm60+0xce228 @ 0x72a0e228 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xc41f exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xc000008f exception.offset: 50207 exception.address: 0x7638c41f registers.esp: 1636792 registers.edi: 2148139061 registers.eax: 1636792 registers.ebp: 1636872 registers.edx: 0 registers.ebx: 6037048 registers.esi: 6037048 registers.ecx: 2	1
__exception__ June 24, 2025, 10:27 p.m.	stacktrace: EbGetHandleOfExecutingProject+0x22b3 rtcPackDate-0xba9 msvbvm60+0xd0dcf @ 0x72a10dcf rtcDoEvents+0x131 __vbaError-0x626 msvbvm60+0xce228 @ 0x72a0e228 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xc41f exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xc000008f exception.offset: 50207 exception.address: 0x7638c41f registers.esp: 1633692 registers.edi: 6037048 registers.eax: 1633692 registers.ebp: 1633772 registers.edx: 0 registers.ebx: 6037048 registers.esi: 6037048 registers.ecx: 2	1
__exception__ June 24, 2025, 10:27 p.m.	stacktrace: EbGetHandleOfExecutingProject+0x22b3 rtcPackDate-0xba9 msvbvm60+0xd0dcf @ 0x72a10dcf rtcDoEvents+0x131 __vbaError-0x626 msvbvm60+0xce228 @ 0x72a0e228 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xc41f exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xc000008f exception.offset: 50207 exception.address: 0x7638c41f registers.esp: 1636800 registers.edi: 2148139061 registers.eax: 1636800 registers.ebp: 1636880 registers.edx: 0 registers.ebx: 2956856 registers.esi: 2956856 registers.ecx: 2	1
__exception__ June 24, 2025, 10:27 p.m.	stacktrace: EbGetHandleOfExecutingProject+0x22b3 rtcPackDate-0xba9 msvbvm60+0xd0dcf @ 0x72a10dcf rtcDoEvents+0x131 __vbaError-0x626 msvbvm60+0xce228 @ 0x72a0e228 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xc41f exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xc000008f exception.offset: 50207 exception.address: 0x7638c41f registers.esp: 1636796 registers.edi: 2148139061 registers.eax: 1636796 registers.ebp: 1636876 registers.edx: 0 registers.ebx: 2956856 registers.esi: 2956856 registers.ecx: 2	1
__exception__ June 24, 2025, 10:27 p.m.	stacktrace: EbGetHandleOfExecutingProject+0x22b3 rtcPackDate-0xba9 msvbvm60+0xd0dcf @ 0x72a10dcf rtcDoEvents+0x131 __vbaError-0x626 msvbvm60+0xce228 @ 0x72a0e228 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xc41f exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xc000008f exception.offset: 50207 exception.address: 0x7638c41f registers.esp: 1636792 registers.edi: 2148139061 registers.eax: 1636792 registers.ebp: 1636872 registers.edx: 0 registers.ebx: 2956856 registers.esi: 2956856 registers.ecx: 2	1
__exception__ June 24, 2025, 10:27 p.m.	stacktrace: EbGetHandleOfExecutingProject+0x22b3 rtcPackDate-0xba9 msvbvm60+0xd0dcf @ 0x72a10dcf rtcDoEvents+0x131 __vbaError-0x626 msvbvm60+0xce228 @ 0x72a0e228 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xc41f exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xc000008f exception.offset: 50207 exception.address: 0x7638c41f registers.esp: 1636800 registers.edi: 2148139061 registers.eax: 1636800 registers.ebp: 1636880 registers.edx: 0 registers.ebx: 5709368 registers.esi: 5709368 registers.ecx: 2	1
__exception__ June 24, 2025, 10:27 p.m.	stacktrace: EbGetHandleOfExecutingProject+0x22b3 rtcPackDate-0xba9 msvbvm60+0xd0dcf @ 0x72a10dcf rtcDoEvents+0x131 __vbaError-0x626 msvbvm60+0xce228 @ 0x72a0e228 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xc41f exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xc000008f exception.offset: 50207 exception.address: 0x7638c41f registers.esp: 1636796 registers.edi: 2148139061 registers.eax: 1636796 registers.ebp: 1636876 registers.edx: 0 registers.ebx: 5709368 registers.esi: 5709368 registers.ecx: 2	1
__exception__ June 24, 2025, 10:27 p.m.	stacktrace: EbGetHandleOfExecutingProject+0x22b3 rtcPackDate-0xba9 msvbvm60+0xd0dcf @ 0x72a10dcf rtcDoEvents+0x131 __vbaError-0x626 msvbvm60+0xce228 @ 0x72a0e228 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xc41f exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xc000008f exception.offset: 50207 exception.address: 0x7638c41f registers.esp: 1636792 registers.edi: 2148139061 registers.eax: 1636792 registers.ebp: 1636872 registers.edx: 0 registers.ebx: 5709368 registers.esi: 5709368 registers.ecx: 2	1
__exception__ June 24, 2025, 10:27 p.m.	stacktrace: EbGetHandleOfExecutingProject+0x22b3 rtcPackDate-0xba9 msvbvm60+0xd0dcf @ 0x72a10dcf rtcDoEvents+0x131 __vbaError-0x626 msvbvm60+0xce228 @ 0x72a0e228 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xc41f exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xc000008f exception.offset: 50207 exception.address: 0x7638c41f registers.esp: 1636800 registers.edi: 2148139061 registers.eax: 1636800 registers.ebp: 1636880 registers.edx: 0 registers.ebx: 6102584 registers.esi: 6102584 registers.ecx: 2	1
__exception__ June 24, 2025, 10:27 p.m.	stacktrace: EbGetHandleOfExecutingProject+0x22b3 rtcPackDate-0xba9 msvbvm60+0xd0dcf @ 0x72a10dcf rtcDoEvents+0x131 __vbaError-0x626 msvbvm60+0xce228 @ 0x72a0e228 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xc41f exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xc000008f exception.offset: 50207 exception.address: 0x7638c41f registers.esp: 1636796 registers.edi: 2148139061 registers.eax: 1636796 registers.ebp: 1636876 registers.edx: 0 registers.ebx: 6102584 registers.esi: 6102584 registers.ecx: 2	1
__exception__ June 24, 2025, 10:27 p.m.	stacktrace: EbGetHandleOfExecutingProject+0x22b3 rtcPackDate-0xba9 msvbvm60+0xd0dcf @ 0x72a10dcf rtcDoEvents+0x131 __vbaError-0x626 msvbvm60+0xce228 @ 0x72a0e228 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xc41f exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xc000008f exception.offset: 50207 exception.address: 0x7638c41f registers.esp: 1636792 registers.edi: 2148139061 registers.eax: 1636792 registers.ebp: 1636872 registers.edx: 0 registers.ebx: 6102584 registers.esi: 6102584 registers.ecx: 2	1
__exception__ June 24, 2025, 10:27 p.m.	stacktrace: EbGetHandleOfExecutingProject+0x22b3 rtcPackDate-0xba9 msvbvm60+0xd0dcf @ 0x72a10dcf rtcDoEvents+0x131 __vbaError-0x626 msvbvm60+0xce228 @ 0x72a0e228 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xc41f exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xc000008f exception.offset: 50207 exception.address: 0x7638c41f registers.esp: 1636800 registers.edi: 2148139061 registers.eax: 1636800 registers.ebp: 1636880 registers.edx: 0 registers.ebx: 6233648 registers.esi: 6233648 registers.ecx: 2	1
__exception__ June 24, 2025, 10:27 p.m.	stacktrace: EbGetHandleOfExecutingProject+0x22b3 rtcPackDate-0xba9 msvbvm60+0xd0dcf @ 0x72a10dcf rtcDoEvents+0x131 __vbaError-0x626 msvbvm60+0xce228 @ 0x72a0e228 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xc41f exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xc000008f exception.offset: 50207 exception.address: 0x7638c41f registers.esp: 1636796 registers.edi: 2148139061 registers.eax: 1636796 registers.ebp: 1636876 registers.edx: 0 registers.ebx: 6233648 registers.esi: 6233648 registers.ecx: 2	1
__exception__ June 24, 2025, 10:27 p.m.	stacktrace: EbGetHandleOfExecutingProject+0x22b3 rtcPackDate-0xba9 msvbvm60+0xd0dcf @ 0x72a10dcf rtcDoEvents+0x131 __vbaError-0x626 msvbvm60+0xce228 @ 0x72a0e228 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xc41f exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xc000008f exception.offset: 50207 exception.address: 0x7638c41f registers.esp: 1636792 registers.edi: 2148139061 registers.eax: 1636792 registers.ebp: 1636872 registers.edx: 0 registers.ebx: 6233648 registers.esi: 6233648 registers.ecx: 2	1
__exception__ June 24, 2025, 10:27 p.m.	stacktrace: EbGetHandleOfExecutingProject+0x22b3 rtcPackDate-0xba9 msvbvm60+0xd0dcf @ 0x72a10dcf rtcDoEvents+0x131 __vbaError-0x626 msvbvm60+0xce228 @ 0x72a0e228 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xc41f exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xc000008f exception.offset: 50207 exception.address: 0x7638c41f registers.esp: 1636800 registers.edi: 2148139061 registers.eax: 1636800 registers.ebp: 1636880 registers.edx: 0 registers.ebx: 5643832 registers.esi: 5643832 registers.ecx: 2	1
__exception__ June 24, 2025, 10:27 p.m.	stacktrace: EbGetHandleOfExecutingProject+0x22b3 rtcPackDate-0xba9 msvbvm60+0xd0dcf @ 0x72a10dcf rtcDoEvents+0x131 __vbaError-0x626 msvbvm60+0xce228 @ 0x72a0e228 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xc41f exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xc000008f exception.offset: 50207 exception.address: 0x7638c41f registers.esp: 1636796 registers.edi: 2148139061 registers.eax: 1636796 registers.ebp: 1636876 registers.edx: 0 registers.ebx: 5643832 registers.esi: 5643832 registers.ecx: 2	1
__exception__ June 24, 2025, 10:27 p.m.	stacktrace: EbGetHandleOfExecutingProject+0x22b3 rtcPackDate-0xba9 msvbvm60+0xd0dcf @ 0x72a10dcf rtcDoEvents+0x131 __vbaError-0x626 msvbvm60+0xce228 @ 0x72a0e228 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xc41f exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xc000008f exception.offset: 50207 exception.address: 0x7638c41f registers.esp: 1636792 registers.edi: 2148139061 registers.eax: 1636792 registers.ebp: 1636872 registers.edx: 0 registers.ebx: 5643832 registers.esi: 5643832 registers.ecx: 2	1
__exception__ June 24, 2025, 10:27 p.m.	stacktrace: EbGetHandleOfExecutingProject+0x22b3 rtcPackDate-0xba9 msvbvm60+0xd0dcf @ 0x72a10dcf rtcDoEvents+0x131 __vbaError-0x626 msvbvm60+0xce228 @ 0x72a0e228 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xc41f exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xc000008f exception.offset: 50207 exception.address: 0x7638c41f registers.esp: 1636800 registers.edi: 2148139061 registers.eax: 1636800 registers.ebp: 1636880 registers.edx: 0 registers.ebx: 5971512 registers.esi: 5971512 registers.ecx: 2	1
__exception__ June 24, 2025, 10:27 p.m.	stacktrace: EbGetHandleOfExecutingProject+0x22b3 rtcPackDate-0xba9 msvbvm60+0xd0dcf @ 0x72a10dcf rtcDoEvents+0x131 __vbaError-0x626 msvbvm60+0xce228 @ 0x72a0e228 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xc41f exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xc000008f exception.offset: 50207 exception.address: 0x7638c41f registers.esp: 1636796 registers.edi: 2148139061 registers.eax: 1636796 registers.ebp: 1636876 registers.edx: 0 registers.ebx: 5971512 registers.esi: 5971512 registers.ecx: 2	1
__exception__ June 24, 2025, 10:27 p.m.	stacktrace: EbGetHandleOfExecutingProject+0x22b3 rtcPackDate-0xba9 msvbvm60+0xd0dcf @ 0x72a10dcf rtcDoEvents+0x131 __vbaError-0x626 msvbvm60+0xce228 @ 0x72a0e228 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xc41f exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xc000008f exception.offset: 50207 exception.address: 0x7638c41f registers.esp: 1636792 registers.edi: 2148139061 registers.eax: 1636792 registers.ebp: 1636872 registers.edx: 0 registers.ebx: 5971512 registers.esi: 5971512 registers.ecx: 2	1
__exception__ June 24, 2025, 10:27 p.m.	stacktrace: EbGetHandleOfExecutingProject+0x22b3 rtcPackDate-0xba9 msvbvm60+0xd0dcf @ 0x72a10dcf rtcDoEvents+0x131 __vbaError-0x626 msvbvm60+0xce228 @ 0x72a0e228 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xc41f exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xc000008f exception.offset: 50207 exception.address: 0x7638c41f registers.esp: 1636800 registers.edi: 2148139061 registers.eax: 1636800 registers.ebp: 1636880 registers.edx: 0 registers.ebx: 8920632 registers.esi: 8920632 registers.ecx: 2	1
__exception__ June 24, 2025, 10:27 p.m.	stacktrace: EbGetHandleOfExecutingProject+0x22b3 rtcPackDate-0xba9 msvbvm60+0xd0dcf @ 0x72a10dcf rtcDoEvents+0x131 __vbaError-0x626 msvbvm60+0xce228 @ 0x72a0e228 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xc41f exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xc000008f exception.offset: 50207 exception.address: 0x7638c41f registers.esp: 1636796 registers.edi: 2148139061 registers.eax: 1636796 registers.ebp: 1636876 registers.edx: 0 registers.ebx: 8920632 registers.esi: 8920632 registers.ecx: 2	1
__exception__ June 24, 2025, 10:27 p.m.	stacktrace: EbGetHandleOfExecutingProject+0x22b3 rtcPackDate-0xba9 msvbvm60+0xd0dcf @ 0x72a10dcf rtcDoEvents+0x131 __vbaError-0x626 msvbvm60+0xce228 @ 0x72a0e228 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xc41f exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xc000008f exception.offset: 50207 exception.address: 0x7638c41f registers.esp: 1636792 registers.edi: 2148139061 registers.eax: 1636792 registers.ebp: 1636872 registers.edx: 0 registers.ebx: 8920632 registers.esi: 8920632 registers.ecx: 2	1
__exception__ June 24, 2025, 10:27 p.m.	stacktrace: EbGetHandleOfExecutingProject+0x22b3 rtcPackDate-0xba9 msvbvm60+0xd0dcf @ 0x72a10dcf rtcDoEvents+0x131 __vbaError-0x626 msvbvm60+0xce228 @ 0x72a0e228 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xc41f exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xc000008f exception.offset: 50207 exception.address: 0x7638c41f registers.esp: 1636800 registers.edi: 2148139061 registers.eax: 1636800 registers.ebp: 1636880 registers.edx: 0 registers.ebx: 5709368 registers.esi: 5709368 registers.ecx: 2	1
__exception__ June 24, 2025, 10:27 p.m.	stacktrace: EbGetHandleOfExecutingProject+0x22b3 rtcPackDate-0xba9 msvbvm60+0xd0dcf @ 0x72a10dcf rtcDoEvents+0x131 __vbaError-0x626 msvbvm60+0xce228 @ 0x72a0e228 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xc41f exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xc000008f exception.offset: 50207 exception.address: 0x7638c41f registers.esp: 1636796 registers.edi: 2148139061 registers.eax: 1636796 registers.ebp: 1636876 registers.edx: 0 registers.ebx: 5709368 registers.esi: 5709368 registers.ecx: 2	1
__exception__ June 24, 2025, 10:27 p.m.	stacktrace: EbGetHandleOfExecutingProject+0x22b3 rtcPackDate-0xba9 msvbvm60+0xd0dcf @ 0x72a10dcf rtcDoEvents+0x131 __vbaError-0x626 msvbvm60+0xce228 @ 0x72a0e228 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xc41f exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xc000008f exception.offset: 50207 exception.address: 0x7638c41f registers.esp: 1636792 registers.edi: 2148139061 registers.eax: 1636792 registers.ebp: 1636872 registers.edx: 0 registers.ebx: 5709368 registers.esi: 5709368 registers.ecx: 2	1
__exception__ June 24, 2025, 10:27 p.m.	stacktrace: EbGetHandleOfExecutingProject+0x22b3 rtcPackDate-0xba9 msvbvm60+0xd0dcf @ 0x72a10dcf rtcDoEvents+0x131 __vbaError-0x626 msvbvm60+0xce228 @ 0x72a0e228 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xc41f exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xc000008f exception.offset: 50207 exception.address: 0x7638c41f registers.esp: 1633640 registers.edi: 5709368 registers.eax: 1633640 registers.ebp: 1633720 registers.edx: 0 registers.ebx: 5709368 registers.esi: 5709368 registers.ecx: 2	1
__exception__ June 24, 2025, 10:27 p.m.	stacktrace: EbGetHandleOfExecutingProject+0x22b3 rtcPackDate-0xba9 msvbvm60+0xd0dcf @ 0x72a10dcf rtcDoEvents+0x131 __vbaError-0x626 msvbvm60+0xce228 @ 0x72a0e228 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xc41f exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xc000008f exception.offset: 50207 exception.address: 0x7638c41f registers.esp: 1636800 registers.edi: 2148139061 registers.eax: 1636800 registers.ebp: 1636880 registers.edx: 0 registers.ebx: 5250616 registers.esi: 5250616 registers.ecx: 2	1
__exception__ June 24, 2025, 10:27 p.m.	stacktrace: EbGetHandleOfExecutingProject+0x22b3 rtcPackDate-0xba9 msvbvm60+0xd0dcf @ 0x72a10dcf rtcDoEvents+0x131 __vbaError-0x626 msvbvm60+0xce228 @ 0x72a0e228 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xc41f exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xc000008f exception.offset: 50207 exception.address: 0x7638c41f registers.esp: 1636796 registers.edi: 2148139061 registers.eax: 1636796 registers.ebp: 1636876 registers.edx: 0 registers.ebx: 5250616 registers.esi: 5250616 registers.ecx: 2	1
__exception__ June 24, 2025, 10:27 p.m.	stacktrace: EbGetHandleOfExecutingProject+0x22b3 rtcPackDate-0xba9 msvbvm60+0xd0dcf @ 0x72a10dcf rtcDoEvents+0x131 __vbaError-0x626 msvbvm60+0xce228 @ 0x72a0e228 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xc41f exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xc000008f exception.offset: 50207 exception.address: 0x7638c41f registers.esp: 1636792 registers.edi: 2148139061 registers.eax: 1636792 registers.ebp: 1636872 registers.edx: 0 registers.ebx: 5250616 registers.esi: 5250616 registers.ecx: 2	1

Foreign language identified in PE resource (1 event)

name

RT_VERSION

language

LANG_CHINESE

filetype

data

sublanguage

SUBLANG_CHINESE_SIMPLIFIED

offset

0x0002d150

size

0x00000234

Creates executable files on the filesystem (50 out of 354 events)

file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-24624.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-27848.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-8495.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-41858.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-37687.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-46789.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-48438.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-10914.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-40000.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-64355.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-48954.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-42974.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-12057.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-31053.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-42342.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-16062.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-4987.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-302.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-3503.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-31074.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-17510.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-13810.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-2004.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-12108.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-10333.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-65398.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-31439.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-48631.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-56244.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-35468.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-6830.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-27241.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-11428.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-34483.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-49528.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-24230.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-789.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-15016.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-63644.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-2362.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-48927.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-7012.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-10748.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-4229.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-48159.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-58400.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-5187.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-46099.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-43124.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-8802.exe

Drops an executable to the user AppData folder (2 events)

file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-57592.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-55646.exe

Changes read-write memory protection to read-execute (probably to avoid detection when setting all RWX flags at the same time) (1 event)

Time & API	Arguments	Status	Return	Repeated
NtProtectVirtualMemory June 24, 2025, 10:26 p.m.	process_identifier: 1260 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 length: 24576 protection: 32 (PAGE_EXECUTE_READ) base_address: 0x003e0000 process_handle: 0xffffffff	1	0	0

File has been identified by 13 AntiVirus engine on IRMA as malicious (13 events)

G Data Antivirus (Windows)	Virus: Generic.Dacic.94CCEEA9.A.A7364D06 (Engine A)
Avast Core Security (Linux)	Win32:VB-AJKU [Trj]
C4S ClamAV (Linux)	Win.Malware.Generickdz-10004857-0
Trellix (Linux)	GenericRXHC-SS
WithSecure (Linux)	Trojan.TR/Crypt.XPACK.Gen
eScan Antivirus (Linux)	Generic.Dacic.94CCEEA9.A.A7364D06(DB)
ESET Security (Windows)	a variant of Win32/VBClone.D trojan
Sophos Anti-Virus (Linux)	Mal/VB-AQT
DrWeb Antivirus (Linux)	Trojan.MulDrop17.61497
ClamAV (Linux)	Win.Malware.Generickdz-10004857-0
Bitdefender Antivirus (Linux)	Generic.Dacic.94CCEEA9.A.A7364D06
Kaspersky Standard (Windows)	HEUR:Trojan.Win32.VB.gen
Emsisoft Commandline Scanner (Windows)	Generic.Dacic.94CCEEA9.A.A7364D06 (B)