Cuckoo Sandbox

File c1585307df31316a_unicorn-39186.exe

Summary
Download Resubmit sample

Size	468.1KB
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`62e95ccb46b311753025ba205378d98c`
SHA1	`d2c4e5bdb262be475073a5764880a957fd47068e`
SHA256	`c1585307df31316a7ea8d8c4bd6ea1ce4b2d09f294911594a83af8536cd43ffc`
SHA512	`4a1f696590b89fa89e64ac84aded5c2999883e7d77573b38dea0f08c94c3e684cc274afe7c2cf8edd5067f88e3010e4b052595e0289e65368b88f5d7d947c3ce`
CRC32	`D4BA0957`
ssdeep	`None`
Yara	SEH__vba - (no description)

Score

This file is very suspicious, with a score of 10 out of 10!

Please notice: The scoring system is currently still in development and should be considered an alpha feature.

Autosubmit

Parent_Task_ID:6585846

Feedback

Expecting different results? Send us this analysis and we will inspect it. Click here

Information on Execution

Analysis

Category	Started	Completed	Duration	Routing	Logs
FILE	July 2, 2025, 12:09 p.m.	July 2, 2025, 12:20 p.m.	618 seconds	internet	Show Analyzer Log Show Cuckoo Log

Analyzer Log

2025-06-24 21:26:54,015 [analyzer] DEBUG: Starting analyzer from: C:\tmpdrdvpd
2025-06-24 21:26:54,015 [analyzer] DEBUG: Pipe server name: \??\PIPE\BRzzWDHpLEmRbsuKMVbagzbDQpDERqK
2025-06-24 21:26:54,015 [analyzer] DEBUG: Log pipe server name: \??\PIPE\tAjfnUjvNozuKvIXVPlroMFVXZdk
2025-06-24 21:26:54,015 [analyzer] DEBUG: No analysis package specified, trying to detect it automagically.
2025-06-24 21:26:54,015 [analyzer] INFO: Automatically selected analysis package "exe"
2025-06-24 21:26:54,358 [analyzer] DEBUG: Started auxiliary module Curtain
2025-06-24 21:26:54,375 [analyzer] DEBUG: Started auxiliary module DbgView
2025-06-24 21:26:55,015 [analyzer] DEBUG: Started auxiliary module Disguise
2025-06-24 21:26:55,233 [analyzer] DEBUG: Loaded monitor into process with pid 508
2025-06-24 21:26:55,233 [analyzer] DEBUG: Started auxiliary module DumpTLSMasterSecrets
2025-06-24 21:26:55,233 [analyzer] DEBUG: Started auxiliary module Human
2025-06-24 21:26:55,250 [analyzer] DEBUG: Started auxiliary module InstallCertificate
2025-06-24 21:26:55,250 [analyzer] DEBUG: Started auxiliary module Reboot
2025-06-24 21:26:55,390 [analyzer] DEBUG: Started auxiliary module RecentFiles
2025-06-24 21:26:55,390 [analyzer] DEBUG: Started auxiliary module Screenshots
2025-06-24 21:26:55,405 [analyzer] DEBUG: Started auxiliary module Sysmon
2025-06-24 21:26:55,405 [analyzer] DEBUG: Started auxiliary module LoadZer0m0n
2025-06-24 21:26:55,562 [lib.api.process] INFO: Successfully executed process from path u'C:\\Users\\ADMINI~1\\AppData\\Local\\Temp\\c1585307df31316a_unicorn-39186.exe' with arguments '' and pid 2064
2025-06-24 21:26:55,812 [analyzer] DEBUG: Loaded monitor into process with pid 2064
2025-06-24 21:26:58,905 [analyzer] INFO: Added new file to list with pid 2064 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-15306.exe
2025-06-24 21:26:59,000 [analyzer] INFO: Injected into process with pid 1876 and name u'Unicorn-15306.exe'
2025-06-24 21:26:59,155 [analyzer] DEBUG: Loaded monitor into process with pid 1876
2025-06-24 21:27:02,217 [analyzer] INFO: Added new file to list with pid 1876 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-6983.exe
2025-06-24 21:27:02,280 [analyzer] INFO: Added new file to list with pid 2064 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-32561.exe
2025-06-24 21:27:02,312 [analyzer] INFO: Injected into process with pid 2884 and name u'Unicorn-6983.exe'
2025-06-24 21:27:02,342 [analyzer] INFO: Injected into process with pid 2156 and name u'Unicorn-32561.exe'
2025-06-24 21:27:02,483 [analyzer] DEBUG: Loaded monitor into process with pid 2884
2025-06-24 21:27:02,500 [analyzer] DEBUG: Loaded monitor into process with pid 2156
2025-06-24 21:27:05,592 [analyzer] INFO: Added new file to list with pid 2884 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-23624.exe
2025-06-24 21:27:05,655 [analyzer] INFO: Added new file to list with pid 1876 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-52274.exe
2025-06-24 21:27:05,655 [analyzer] INFO: Added new file to list with pid 2156 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-6602.exe
2025-06-24 21:27:05,703 [analyzer] INFO: Injected into process with pid 2712 and name u'Unicorn-23624.exe'
2025-06-24 21:27:05,717 [analyzer] INFO: Added new file to list with pid 2064 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-18261.exe
2025-06-24 21:27:05,780 [analyzer] INFO: Injected into process with pid 332 and name u'Unicorn-6602.exe'
2025-06-24 21:27:05,780 [analyzer] INFO: Injected into process with pid 588 and name u'Unicorn-52274.exe'
2025-06-24 21:27:05,796 [analyzer] INFO: Injected into process with pid 3052 and name u'Unicorn-18261.exe'
2025-06-24 21:27:05,905 [analyzer] DEBUG: Loaded monitor into process with pid 2712
2025-06-24 21:27:05,937 [analyzer] DEBUG: Loaded monitor into process with pid 588
2025-06-24 21:27:06,000 [analyzer] DEBUG: Loaded monitor into process with pid 3052
2025-06-24 21:27:06,015 [analyzer] DEBUG: Loaded monitor into process with pid 332
2025-06-24 21:27:09,187 [analyzer] INFO: Added new file to list with pid 588 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-44299.exe
2025-06-24 21:27:09,187 [analyzer] INFO: Added new file to list with pid 2712 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-44299.exe
2025-06-24 21:27:09,312 [analyzer] INFO: Added new file to list with pid 1876 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-35865.exe
2025-06-24 21:27:09,358 [analyzer] INFO: Injected into process with pid 1312 and name u'Unicorn-44299.exe'
2025-06-24 21:27:09,358 [analyzer] INFO: Added new file to list with pid 2884 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-55186.exe
2025-06-24 21:27:09,421 [analyzer] INFO: Added new file to list with pid 3052 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-27304.exe
2025-06-24 21:27:09,453 [analyzer] INFO: Added new file to list with pid 332 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-42763.exe
2025-06-24 21:27:09,483 [analyzer] INFO: Injected into process with pid 2880 and name u'Unicorn-35865.exe'
2025-06-24 21:27:09,530 [analyzer] DEBUG: Loaded monitor into process with pid 1312
2025-06-24 21:27:09,530 [analyzer] INFO: Injected into process with pid 2256 and name u'Unicorn-27304.exe'
2025-06-24 21:27:09,530 [analyzer] INFO: Injected into process with pid 1668 and name u'Unicorn-55186.exe'
2025-06-24 21:27:09,546 [analyzer] INFO: Injected into process with pid 2528 and name u'Unicorn-42763.exe'
2025-06-24 21:27:09,655 [analyzer] DEBUG: Loaded monitor into process with pid 2880
2025-06-24 21:27:09,671 [analyzer] INFO: Added new file to list with pid 2156 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-27697.exe
2025-06-24 21:27:09,671 [analyzer] INFO: Added new file to list with pid 2064 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-47298.exe
2025-06-24 21:27:09,717 [analyzer] DEBUG: Loaded monitor into process with pid 2528
2025-06-24 21:27:09,717 [analyzer] DEBUG: Loaded monitor into process with pid 2256
2025-06-24 21:27:09,765 [analyzer] DEBUG: Loaded monitor into process with pid 1668
2025-06-24 21:27:09,812 [analyzer] INFO: Injected into process with pid 1436 and name u'Unicorn-47298.exe'
2025-06-24 21:27:09,828 [analyzer] INFO: Injected into process with pid 2112 and name u'Unicorn-27697.exe'
2025-06-24 21:27:10,000 [analyzer] DEBUG: Loaded monitor into process with pid 1436
2025-06-24 21:27:10,015 [analyzer] DEBUG: Loaded monitor into process with pid 2112
2025-06-24 21:27:12,187 [analyzer] INFO: Added new file to list with pid 588 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-38769.exe
2025-06-24 21:27:12,280 [analyzer] INFO: Injected into process with pid 1012 and name u'Unicorn-38769.exe'
2025-06-24 21:27:12,453 [analyzer] DEBUG: Loaded monitor into process with pid 1012
2025-06-24 21:27:12,608 [analyzer] INFO: Added new file to list with pid 1312 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-13383.exe
2025-06-24 21:27:12,750 [analyzer] INFO: Added new file to list with pid 2712 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-30492.exe
2025-06-24 21:27:12,765 [analyzer] INFO: Injected into process with pid 2408 and name u'Unicorn-13383.exe'
2025-06-24 21:27:12,842 [analyzer] INFO: Injected into process with pid 2920 and name u'Unicorn-30492.exe'
2025-06-24 21:27:12,921 [analyzer] DEBUG: Loaded monitor into process with pid 2408
2025-06-24 21:27:12,967 [analyzer] INFO: Added new file to list with pid 2880 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-12615.exe
2025-06-24 21:27:13,000 [analyzer] DEBUG: Loaded monitor into process with pid 2920
2025-06-24 21:27:13,171 [analyzer] INFO: Injected into process with pid 2852 and name u'Unicorn-12615.exe'
2025-06-24 21:27:13,187 [analyzer] INFO: Added new file to list with pid 1876 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-52418.exe
2025-06-24 21:27:13,187 [analyzer] INFO: Added new file to list with pid 2528 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-52683.exe
2025-06-24 21:27:13,328 [analyzer] INFO: Added new file to list with pid 332 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-54525.exe
2025-06-24 21:27:13,390 [analyzer] INFO: Injected into process with pid 3004 and name u'Unicorn-52418.exe'
2025-06-24 21:27:13,405 [analyzer] INFO: Added new file to list with pid 2256 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-51147.exe
2025-06-24 21:27:13,421 [analyzer] INFO: Injected into process with pid 2908 and name u'Unicorn-52683.exe'
2025-06-24 21:27:13,437 [analyzer] DEBUG: Loaded monitor into process with pid 2852
2025-06-24 21:27:13,437 [analyzer] INFO: Added new file to list with pid 1668 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-50955.exe
2025-06-24 21:27:13,483 [analyzer] INFO: Injected into process with pid 3104 and name u'Unicorn-54525.exe'
2025-06-24 21:27:13,530 [analyzer] INFO: Injected into process with pid 3136 and name u'Unicorn-51147.exe'
2025-06-24 21:27:13,546 [analyzer] DEBUG: Loaded monitor into process with pid 3004
2025-06-24 21:27:13,562 [analyzer] INFO: Injected into process with pid 3172 and name u'Unicorn-50955.exe'
2025-06-24 21:27:13,608 [analyzer] DEBUG: Loaded monitor into process with pid 2908
2025-06-24 21:27:13,640 [analyzer] INFO: Added new file to list with pid 3052 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-26652.exe
2025-06-24 21:27:13,655 [analyzer] DEBUG: Loaded monitor into process with pid 3104
2025-06-24 21:27:13,750 [analyzer] INFO: Added new file to list with pid 2884 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-16952.exe
2025-06-24 21:27:13,750 [analyzer] INFO: Added new file to list with pid 1436 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-23083.exe
2025-06-24 21:27:13,780 [analyzer] DEBUG: Loaded monitor into process with pid 3136
2025-06-24 21:27:13,780 [analyzer] DEBUG: Loaded monitor into process with pid 3172
2025-06-24 21:27:13,796 [analyzer] INFO: Added new file to list with pid 2112 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-37800.exe
2025-06-24 21:27:13,812 [analyzer] INFO: Injected into process with pid 3252 and name u'Unicorn-26652.exe'
2025-06-24 21:27:13,890 [analyzer] INFO: Injected into process with pid 3288 and name u'Unicorn-16952.exe'
2025-06-24 21:27:13,890 [analyzer] INFO: Injected into process with pid 3304 and name u'Unicorn-23083.exe'
2025-06-24 21:27:13,905 [analyzer] INFO: Injected into process with pid 3348 and name u'Unicorn-37800.exe'
2025-06-24 21:27:13,953 [analyzer] INFO: Added new file to list with pid 2064 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-3763.exe
2025-06-24 21:27:14,000 [analyzer] DEBUG: Loaded monitor into process with pid 3252
2025-06-24 21:27:14,030 [analyzer] INFO: Added new file to list with pid 2156 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-39641.exe
2025-06-24 21:27:14,062 [analyzer] DEBUG: Loaded monitor into process with pid 3304
2025-06-24 21:27:14,062 [analyzer] INFO: Injected into process with pid 3428 and name u'Unicorn-3763.exe'
2025-06-24 21:27:14,092 [analyzer] DEBUG: Loaded monitor into process with pid 3348
2025-06-24 21:27:14,140 [analyzer] DEBUG: Loaded monitor into process with pid 3288
2025-06-24 21:27:14,140 [analyzer] INFO: Injected into process with pid 3468 and name u'Unicorn-39641.exe'
2025-06-24 21:27:14,312 [analyzer] DEBUG: Loaded monitor into process with pid 3428
2025-06-24 21:27:14,421 [analyzer] DEBUG: Loaded monitor into process with pid 3468
2025-06-24 21:27:15,515 [analyzer] INFO: Added new file to list with pid 1012 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-9834.exe
2025-06-24 21:27:15,780 [analyzer] INFO: Added new file to list with pid 588 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-2168.exe
2025-06-24 21:27:15,828 [analyzer] INFO: Injected into process with pid 3528 and name u'Unicorn-9834.exe'
2025-06-24 21:27:15,953 [analyzer] INFO: Injected into process with pid 3552 and name u'Unicorn-2168.exe'
2025-06-24 21:27:16,000 [analyzer] INFO: Added new file to list with pid 2408 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-9258.exe
2025-06-24 21:27:16,078 [analyzer] DEBUG: Loaded monitor into process with pid 3528
2025-06-24 21:27:16,108 [analyzer] INFO: Injected into process with pid 3616 and name u'Unicorn-9258.exe'
2025-06-24 21:27:16,125 [analyzer] DEBUG: Loaded monitor into process with pid 3552
2025-06-24 21:27:16,280 [analyzer] DEBUG: Loaded monitor into process with pid 3616
2025-06-24 21:27:16,296 [analyzer] INFO: Added new file to list with pid 1312 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-12081.exe
2025-06-24 21:27:16,296 [analyzer] INFO: Added new file to list with pid 2920 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-31947.exe
2025-06-24 21:27:16,500 [analyzer] INFO: Added new file to list with pid 2712 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-59449.exe
2025-06-24 21:27:16,515 [analyzer] INFO: Injected into process with pid 3664 and name u'Unicorn-12081.exe'
2025-06-24 21:27:16,515 [analyzer] INFO: Injected into process with pid 3672 and name u'Unicorn-31947.exe'
2025-06-24 21:27:16,530 [analyzer] INFO: Added new file to list with pid 2852 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-3690.exe
2025-06-24 21:27:16,750 [analyzer] DEBUG: Loaded monitor into process with pid 3672
2025-06-24 21:27:16,765 [analyzer] INFO: Added new file to list with pid 2880 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-5916.exe
2025-06-24 21:27:16,780 [analyzer] INFO: Injected into process with pid 3736 and name u'Unicorn-59449.exe'
2025-06-24 21:27:16,812 [analyzer] DEBUG: Loaded monitor into process with pid 3664
2025-06-24 21:27:16,983 [analyzer] INFO: Injected into process with pid 3756 and name u'Unicorn-3690.exe'
2025-06-24 21:27:17,046 [analyzer] INFO: Injected into process with pid 3812 and name u'Unicorn-5916.exe'
2025-06-24 21:27:17,062 [analyzer] DEBUG: Loaded monitor into process with pid 3736
2025-06-24 21:27:17,155 [analyzer] INFO: Added new file to list with pid 2908 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-60779.exe
2025-06-24 21:27:17,171 [analyzer] DEBUG: Loaded monitor into process with pid 3756
2025-06-24 21:27:17,312 [analyzer] DEBUG: Loaded monitor into process with pid 3812
2025-06-24 21:27:17,375 [analyzer] INFO: Injected into process with pid 3876 and name u'Unicorn-60779.exe'
2025-06-24 21:27:17,467 [analyzer] INFO: Added new file to list with pid 2528 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-30716.exe
2025-06-24 21:27:17,562 [analyzer] DEBUG: Loaded monitor into process with pid 3876
2025-06-24 21:27:17,687 [analyzer] INFO: Added new file to list with pid 3136 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-15527.exe
2025-06-24 21:27:17,750 [analyzer] INFO: Injected into process with pid 3924 and name u'Unicorn-30716.exe'
2025-06-24 21:27:17,905 [analyzer] INFO: Injected into process with pid 3960 and name u'Unicorn-15527.exe'
2025-06-24 21:27:18,000 [analyzer] INFO: Added new file to list with pid 2256 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-33788.exe
2025-06-24 21:27:18,062 [analyzer] DEBUG: Loaded monitor into process with pid 3924
2025-06-24 21:27:18,092 [analyzer] DEBUG: Loaded monitor into process with pid 3960
2025-06-24 21:27:18,233 [analyzer] INFO: Added new file to list with pid 3104 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-39752.exe
2025-06-24 21:27:18,390 [analyzer] INFO: Injected into process with pid 4012 and name u'Unicorn-33788.exe'
2025-06-24 21:27:18,578 [analyzer] DEBUG: Loaded monitor into process with pid 4012
2025-06-24 21:27:18,608 [analyzer] INFO: Added new file to list with pid 3004 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-24075.exe
2025-06-24 21:27:18,625 [analyzer] INFO: Added new file to list with pid 332 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-9667.exe
2025-06-24 21:27:18,640 [analyzer] INFO: Injected into process with pid 4056 and name u'Unicorn-39752.exe'
2025-06-24 21:27:18,780 [analyzer] INFO: Injected into process with pid 1204 and name u'Unicorn-24075.exe'
2025-06-24 21:27:18,780 [analyzer] INFO: Injected into process with pid 2136 and name u'Unicorn-9667.exe'
2025-06-24 21:27:18,828 [analyzer] DEBUG: Loaded monitor into process with pid 4056
2025-06-24 21:27:18,953 [analyzer] DEBUG: Loaded monitor into process with pid 1204
2025-06-24 21:27:18,967 [analyzer] DEBUG: Loaded monitor into process with pid 2136
2025-06-24 21:27:19,015 [analyzer] INFO: Added new file to list with pid 1876 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-62420.exe
2025-06-24 21:27:19,108 [analyzer] INFO: Added new file to list with pid 3172 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-32840.exe
2025-06-24 21:27:19,280 [analyzer] INFO: Injected into process with pid 3272 and name u'Unicorn-62420.exe'
2025-06-24 21:27:19,358 [analyzer] INFO: Injected into process with pid 3444 and name u'Unicorn-32840.exe'
2025-06-24 21:27:19,375 [analyzer] INFO: Added new file to list with pid 3252 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-5045.exe
2025-06-24 21:27:19,467 [analyzer] DEBUG: Loaded monitor into process with pid 3272
2025-06-24 21:27:19,467 [analyzer] INFO: Injected into process with pid 3548 and name u'Unicorn-5045.exe'
2025-06-24 21:27:19,530 [analyzer] DEBUG: Loaded monitor into process with pid 3444
2025-06-24 21:27:19,546 [analyzer] INFO: Added new file to list with pid 1668 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-63794.exe
2025-06-24 21:27:19,546 [analyzer] INFO: Added new file to list with pid 3348 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-18123.exe
2025-06-24 21:27:19,655 [analyzer] DEBUG: Loaded monitor into process with pid 3548
2025-06-24 21:27:19,671 [analyzer] INFO: Injected into process with pid 3688 and name u'Unicorn-63794.exe'
2025-06-24 21:27:19,717 [analyzer] INFO: Injected into process with pid 3684 and name u'Unicorn-18123.exe'
2025-06-24 21:27:19,875 [analyzer] DEBUG: Loaded monitor into process with pid 3688
2025-06-24 21:27:19,890 [analyzer] DEBUG: Loaded monitor into process with pid 3684
2025-06-24 21:27:20,233 [analyzer] INFO: Added new file to list with pid 3052 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-3640.exe
2025-06-24 21:27:20,405 [analyzer] INFO: Added new file to list with pid 2112 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-53714.exe
2025-06-24 21:27:20,437 [analyzer] INFO: Added new file to list with pid 3468 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-25256.exe
2025-06-24 21:27:20,483 [analyzer] INFO: Injected into process with pid 3864 and name u'Unicorn-3640.exe'
2025-06-24 21:27:20,530 [analyzer] INFO: Injected into process with pid 3916 and name u'Unicorn-53714.exe'
2025-06-24 21:27:20,546 [analyzer] INFO: Injected into process with pid 3972 and name u'Unicorn-25256.exe'
2025-06-24 21:27:20,796 [analyzer] DEBUG: Loaded monitor into process with pid 3864
2025-06-24 21:27:20,812 [analyzer] INFO: Added new file to list with pid 3288 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-43211.exe
2025-06-24 21:27:20,812 [analyzer] DEBUG: Loaded monitor into process with pid 3916
2025-06-24 21:27:20,905 [analyzer] DEBUG: Loaded monitor into process with pid 3972
2025-06-24 21:27:20,983 [analyzer] INFO: Added new file to list with pid 2156 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-61503.exe
2025-06-24 21:27:20,983 [analyzer] INFO: Added new file to list with pid 3428 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-61768.exe
2025-06-24 21:27:21,703 [analyzer] INFO: Added new file to list with pid 2884 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-23455.exe
2025-06-24 21:27:21,733 [analyzer] INFO: Added new file to list with pid 2064 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-37916.exe
2025-06-24 21:27:21,750 [analyzer] INFO: Injected into process with pid 3088 and name u'Unicorn-43211.exe'
2025-06-24 21:27:21,796 [analyzer] INFO: Added new file to list with pid 3304 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-37067.exe
2025-06-24 21:27:21,812 [analyzer] INFO: Injected into process with pid 3340 and name u'Unicorn-61768.exe'
2025-06-24 21:27:21,812 [analyzer] INFO: Injected into process with pid 3192 and name u'Unicorn-61503.exe'
2025-06-24 21:27:21,983 [analyzer] DEBUG: Loaded monitor into process with pid 3088
2025-06-24 21:27:22,092 [analyzer] DEBUG: Loaded monitor into process with pid 3340
2025-06-24 21:27:22,125 [analyzer] DEBUG: Loaded monitor into process with pid 3192
2025-06-24 21:27:22,875 [analyzer] INFO: Added new file to list with pid 1436 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-43922.exe
2025-06-24 21:27:22,905 [analyzer] INFO: Injected into process with pid 3776 and name u'Unicorn-23455.exe'
2025-06-24 21:27:22,921 [analyzer] INFO: Injected into process with pid 4040 and name u'Unicorn-37067.exe'
2025-06-24 21:27:22,921 [analyzer] INFO: Injected into process with pid 3824 and name u'Unicorn-37916.exe'
2025-06-24 21:27:22,937 [analyzer] INFO: Added new file to list with pid 3528 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-31499.exe
2025-06-24 21:27:23,187 [analyzer] DEBUG: Loaded monitor into process with pid 4040
2025-06-24 21:27:23,187 [analyzer] INFO: Injected into process with pid 3764 and name u'Unicorn-43922.exe'
2025-06-24 21:27:23,265 [analyzer] INFO: Injected into process with pid 1272 and name u'Unicorn-31499.exe'
2025-06-24 21:27:23,296 [analyzer] DEBUG: Loaded monitor into process with pid 3776
2025-06-24 21:27:23,312 [analyzer] DEBUG: Loaded monitor into process with pid 3824
2025-06-24 21:27:23,375 [analyzer] DEBUG: Loaded monitor into process with pid 3764
2025-06-24 21:27:23,421 [analyzer] INFO: Added new file to list with pid 1012 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-52495.exe
2025-06-24 21:27:23,453 [analyzer] DEBUG: Loaded monitor into process with pid 1272
2025-06-24 21:27:23,562 [analyzer] INFO: Injected into process with pid 4124 and name u'Unicorn-52495.exe'
2025-06-24 21:27:23,562 [analyzer] INFO: Added new file to list with pid 3272 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-10663.exe
2025-06-24 21:27:23,687 [analyzer] INFO: Injected into process with pid 4160 and name u'Unicorn-10663.exe'
2025-06-24 21:27:23,750 [analyzer] DEBUG: Loaded monitor into process with pid 4124
2025-06-24 21:27:23,858 [analyzer] DEBUG: Loaded monitor into process with pid 4160
2025-06-24 21:27:24,046 [analyzer] INFO: Added new file to list with pid 1876 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-41518.exe
2025-06-24 21:27:24,187 [analyzer] INFO: Injected into process with pid 4224 and name u'Unicorn-41518.exe'
2025-06-24 21:27:24,358 [analyzer] DEBUG: Loaded monitor into process with pid 4224
2025-06-24 21:27:28,280 [analyzer] INFO: Added new file to list with pid 3736 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-6349.exe
2025-06-24 21:27:28,328 [analyzer] INFO: Added new file to list with pid 3876 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-21425.exe
2025-06-24 21:27:28,467 [analyzer] INFO: Added new file to list with pid 3664 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-402.exe
2025-06-24 21:27:28,655 [analyzer] INFO: Injected into process with pid 4304 and name u'Unicorn-6349.exe'
2025-06-24 21:27:28,717 [analyzer] INFO: Added new file to list with pid 1204 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-5010.exe
2025-06-24 21:27:28,717 [analyzer] INFO: Injected into process with pid 4328 and name u'Unicorn-21425.exe'
2025-06-24 21:27:28,733 [analyzer] INFO: Injected into process with pid 4360 and name u'Unicorn-402.exe'
2025-06-24 21:27:28,750 [analyzer] INFO: Added new file to list with pid 3756 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-34995.exe
2025-06-24 21:27:28,812 [analyzer] INFO: Added new file to list with pid 4012 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-24497.exe
2025-06-24 21:27:28,842 [analyzer] DEBUG: Loaded monitor into process with pid 4304
2025-06-24 21:27:28,937 [analyzer] DEBUG: Loaded monitor into process with pid 4328
2025-06-24 21:27:28,953 [analyzer] DEBUG: Loaded monitor into process with pid 4360
2025-06-24 21:27:28,967 [analyzer] INFO: Added new file to list with pid 2712 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-3209.exe
2025-06-24 21:27:28,983 [analyzer] INFO: Injected into process with pid 4416 and name u'Unicorn-5010.exe'
2025-06-24 21:27:28,983 [analyzer] INFO: Injected into process with pid 4440 and name u'Unicorn-34995.exe'
2025-06-24 21:27:29,046 [analyzer] INFO: Injected into process with pid 4476 and name u'Unicorn-24497.exe'
2025-06-24 21:27:29,171 [analyzer] INFO: Added new file to list with pid 2908 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-48181.exe
2025-06-24 21:27:29,187 [analyzer] DEBUG: Loaded monitor into process with pid 4440
2025-06-24 21:27:29,187 [analyzer] DEBUG: Loaded monitor into process with pid 4416
2025-06-24 21:27:29,312 [analyzer] INFO: Added new file to list with pid 1312 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-9150.exe
2025-06-24 21:27:29,328 [analyzer] DEBUG: Loaded monitor into process with pid 4476
2025-06-24 21:27:29,390 [analyzer] INFO: Injected into process with pid 4540 and name u'Unicorn-3209.exe'
2025-06-24 21:27:29,467 [analyzer] INFO: Added new file to list with pid 3004 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-39929.exe
2025-06-24 21:27:29,500 [analyzer] INFO: Added new file to list with pid 588 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-33573.exe
2025-06-24 21:27:29,500 [analyzer] INFO: Added new file to list with pid 2852 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-13972.exe
2025-06-24 21:27:29,530 [analyzer] INFO: Injected into process with pid 4584 and name u'Unicorn-48181.exe'
2025-06-24 21:27:29,562 [analyzer] INFO: Added new file to list with pid 3924 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-30387.exe
2025-06-24 21:27:29,592 [analyzer] DEBUG: Loaded monitor into process with pid 4540
2025-06-24 21:27:29,608 [analyzer] INFO: Added new file to list with pid 2256 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-47199.exe
2025-06-24 21:27:29,625 [analyzer] INFO: Injected into process with pid 4628 and name u'Unicorn-9150.exe'
2025-06-24 21:27:29,640 [analyzer] INFO: Added new file to list with pid 2408 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-11289.exe
2025-06-24 21:27:29,765 [analyzer] DEBUG: Loaded monitor into process with pid 4584
2025-06-24 21:27:29,842 [analyzer] INFO: Added new file to list with pid 3812 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-3085.exe
2025-06-24 21:27:29,858 [analyzer] INFO: Injected into process with pid 4692 and name u'Unicorn-13972.exe'
2025-06-24 21:27:29,890 [analyzer] INFO: Injected into process with pid 4684 and name u'Unicorn-33573.exe'
2025-06-24 21:27:29,921 [analyzer] INFO: Injected into process with pid 4676 and name u'Unicorn-39929.exe'
2025-06-24 21:27:29,937 [analyzer] INFO: Injected into process with pid 4748 and name u'Unicorn-30387.exe'
2025-06-24 21:27:29,953 [analyzer] INFO: Injected into process with pid 4784 and name u'Unicorn-47199.exe'
2025-06-24 21:27:29,953 [analyzer] DEBUG: Loaded monitor into process with pid 4628
2025-06-24 21:27:29,967 [analyzer] INFO: Injected into process with pid 4804 and name u'Unicorn-11289.exe'
2025-06-24 21:27:30,000 [analyzer] INFO: Added new file to list with pid 4056 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-36910.exe
2025-06-24 21:27:30,046 [analyzer] INFO: Added new file to list with pid 2920 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-41268.exe
2025-06-24 21:27:30,046 [analyzer] INFO: Added new file to list with pid 2528 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-55004.exe
2025-06-24 21:27:30,078 [analyzer] DEBUG: Loaded monitor into process with pid 4684
2025-06-24 21:27:30,092 [analyzer] DEBUG: Loaded monitor into process with pid 4692
2025-06-24 21:27:30,108 [analyzer] DEBUG: Loaded monitor into process with pid 4676
2025-06-24 21:27:30,140 [analyzer] DEBUG: Loaded monitor into process with pid 4748
2025-06-24 21:27:30,140 [analyzer] INFO: Injected into process with pid 4900 and name u'Unicorn-3085.exe'
2025-06-24 21:27:30,171 [analyzer] DEBUG: Loaded monitor into process with pid 4784
2025-06-24 21:27:30,250 [analyzer] DEBUG: Loaded monitor into process with pid 4804
2025-06-24 21:27:30,250 [analyzer] INFO: Injected into process with pid 4968 and name u'Unicorn-36910.exe'
2025-06-24 21:27:30,342 [analyzer] DEBUG: Loaded monitor into process with pid 4900
2025-06-24 21:27:30,342 [analyzer] INFO: Added new file to list with pid 3616 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-19635.exe
2025-06-24 21:27:30,358 [analyzer] INFO: Injected into process with pid 5008 and name u'Unicorn-41268.exe'
2025-06-24 21:27:30,358 [analyzer] INFO: Injected into process with pid 5020 and name u'Unicorn-55004.exe'
2025-06-24 21:27:30,405 [analyzer] INFO: Added new file to list with pid 2880 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-21371.exe
2025-06-24 21:27:30,515 [analyzer] DEBUG: Loaded monitor into process with pid 4968
2025-06-24 21:27:30,515 [analyzer] INFO: Added new file to list with pid 3552 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-24243.exe
2025-06-24 21:27:30,546 [analyzer] DEBUG: Loaded monitor into process with pid 5008
2025-06-24 21:27:30,546 [analyzer] INFO: Injected into process with pid 4140 and name u'Unicorn-19635.exe'
2025-06-24 21:27:30,562 [analyzer] DEBUG: Loaded monitor into process with pid 5020
2025-06-24 21:27:30,608 [analyzer] INFO: Injected into process with pid 4196 and name u'Unicorn-21371.exe'
2025-06-24 21:27:30,640 [analyzer] INFO: Added new file to list with pid 3104 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-5145.exe
2025-06-24 21:27:30,750 [analyzer] INFO: Injected into process with pid 4316 and name u'Unicorn-24243.exe'
2025-06-24 21:27:30,765 [analyzer] DEBUG: Loaded monitor into process with pid 4140
2025-06-24 21:27:30,828 [analyzer] DEBUG: Loaded monitor into process with pid 4196
2025-06-24 21:27:30,842 [analyzer] INFO: Injected into process with pid 4380 and name u'Unicorn-5145.exe'
2025-06-24 21:27:30,858 [analyzer] INFO: Added new file to list with pid 3672 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-45649.exe
2025-06-24 21:27:30,983 [analyzer] DEBUG: Loaded monitor into process with pid 4316
2025-06-24 21:27:31,030 [analyzer] DEBUG: Loaded monitor into process with pid 4380
2025-06-24 21:27:31,062 [analyzer] INFO: Injected into process with pid 4512 and name u'Unicorn-45649.exe'
2025-06-24 21:27:31,265 [analyzer] DEBUG: Loaded monitor into process with pid 4512
2025-06-24 21:27:31,312 [analyzer] INFO: Added new file to list with pid 3548 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-2992.exe
2025-06-24 21:27:31,467 [analyzer] INFO: Injected into process with pid 4640 and name u'Unicorn-2992.exe'
2025-06-24 21:27:31,483 [analyzer] INFO: Added new file to list with pid 3136 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-1684.exe
2025-06-24 21:27:31,608 [analyzer] INFO: Injected into process with pid 4728 and name u'Unicorn-1684.exe'
2025-06-24 21:27:31,655 [analyzer] DEBUG: Loaded monitor into process with pid 4640
2025-06-24 21:27:31,655 [analyzer] INFO: Added new file to list with pid 2136 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-25966.exe
2025-06-24 21:27:31,671 [analyzer] INFO: Added new file to list with pid 3444 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-58830.exe
2025-06-24 21:27:31,812 [analyzer] DEBUG: Loaded monitor into process with pid 4728
2025-06-24 21:27:31,812 [analyzer] INFO: Injected into process with pid 4852 and name u'Unicorn-25966.exe'
2025-06-24 21:27:31,828 [analyzer] INFO: Injected into process with pid 4848 and name u'Unicorn-58830.exe'
2025-06-24 21:27:31,937 [analyzer] INFO: Added new file to list with pid 3252 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-37236.exe
2025-06-24 21:27:32,000 [analyzer] DEBUG: Loaded monitor into process with pid 4852
2025-06-24 21:27:32,108 [analyzer] DEBUG: Loaded monitor into process with pid 4848
2025-06-24 21:27:32,125 [analyzer] INFO: Injected into process with pid 5016 and name u'Unicorn-37236.exe'
2025-06-24 21:27:32,203 [analyzer] INFO: Added new file to list with pid 3960 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-42899.exe
2025-06-24 21:27:32,312 [analyzer] DEBUG: Loaded monitor into process with pid 5016
2025-06-24 21:27:32,312 [analyzer] INFO: Added new file to list with pid 332 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-62120.exe
2025-06-24 21:27:32,358 [analyzer] INFO: Injected into process with pid 4108 and name u'Unicorn-42899.exe'
2025-06-24 21:27:32,500 [analyzer] INFO: Added new file to list with pid 3172 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-61077.exe
2025-06-24 21:27:32,562 [analyzer] INFO: Injected into process with pid 4244 and name u'Unicorn-62120.exe'
2025-06-24 21:27:32,640 [analyzer] DEBUG: Loaded monitor into process with pid 4108
2025-06-24 21:27:32,640 [analyzer] INFO: Injected into process with pid 4412 and name u'Unicorn-61077.exe'
2025-06-24 21:27:32,750 [analyzer] DEBUG: Loaded monitor into process with pid 4244
2025-06-24 21:27:32,828 [analyzer] DEBUG: Loaded monitor into process with pid 4412
2025-06-24 21:27:33,390 [analyzer] INFO: Added new file to list with pid 1668 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-2363.exe
2025-06-24 21:27:33,390 [analyzer] INFO: Added new file to list with pid 3348 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-54165.exe
2025-06-24 21:27:33,750 [analyzer] INFO: Injected into process with pid 4740 and name u'Unicorn-2363.exe'
2025-06-24 21:27:33,750 [analyzer] INFO: Injected into process with pid 4756 and name u'Unicorn-54165.exe'
2025-06-24 21:27:33,780 [analyzer] INFO: Added new file to list with pid 3688 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-11373.exe
2025-06-24 21:27:33,921 [analyzer] DEBUG: Loaded monitor into process with pid 4756
2025-06-24 21:27:38,046 [analyzer] DEBUG: Loaded monitor into process with pid 4740
2025-06-24 21:27:38,092 [analyzer] INFO: Added new file to list with pid 3288 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-24692.exe
2025-06-24 21:27:38,092 [analyzer] INFO: Added new file to list with pid 1436 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-38428.exe
2025-06-24 21:27:38,092 [analyzer] INFO: Added new file to list with pid 2064 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-36158.exe
2025-06-24 21:27:38,092 [analyzer] INFO: Added new file to list with pid 2156 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-35627.exe
2025-06-24 21:27:38,092 [analyzer] INFO: Added new file to list with pid 3468 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-24692.exe
2025-06-24 21:27:38,092 [analyzer] INFO: Added new file to list with pid 3304 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-24692.exe
2025-06-24 21:27:38,092 [analyzer] INFO: Added new file to list with pid 3052 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-44293.exe
2025-06-24 21:27:38,092 [analyzer] INFO: Added new file to list with pid 2884 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-35627.exe
2025-06-24 21:27:38,092 [analyzer] INFO: Added new file to list with pid 3428 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-24692.exe
2025-06-24 21:27:38,092 [analyzer] INFO: Added new file to list with pid 2112 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-38428.exe
2025-06-24 21:27:38,140 [analyzer] INFO: Added new file to list with pid 3684 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-44558.exe
2025-06-24 21:27:39,125 [analyzer] INFO: Injected into process with pid 5076 and name u'Unicorn-11373.exe'
2025-06-24 21:27:39,546 [analyzer] DEBUG: Loaded monitor into process with pid 5076
2025-06-24 21:27:39,608 [analyzer] INFO: Added new file to list with pid 3864 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-63411.exe
2025-06-24 21:27:40,108 [analyzer] INFO: Injected into process with pid 5228 and name u'Unicorn-44293.exe'
2025-06-24 21:27:40,140 [analyzer] INFO: Injected into process with pid 5252 and name u'Unicorn-24692.exe'
2025-06-24 21:27:40,155 [analyzer] INFO: Injected into process with pid 5268 and name u'Unicorn-38428.exe'
2025-06-24 21:27:40,155 [analyzer] INFO: Injected into process with pid 5244 and name u'Unicorn-35627.exe'
2025-06-24 21:27:40,140 [analyzer] INFO: Injected into process with pid 5236 and name u'Unicorn-44558.exe'
2025-06-24 21:27:40,171 [analyzer] INFO: Added new file to list with pid 3528 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-45461.exe
2025-06-24 21:27:40,171 [analyzer] INFO: Injected into process with pid 5220 and name u'Unicorn-36158.exe'
2025-06-24 21:27:40,405 [analyzer] INFO: Added new file to list with pid 3916 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-46001.exe
2025-06-24 21:27:40,562 [analyzer] DEBUG: Loaded monitor into process with pid 5228
2025-06-24 21:27:40,608 [analyzer] DEBUG: Loaded monitor into process with pid 5268
2025-06-24 21:27:40,640 [analyzer] DEBUG: Loaded monitor into process with pid 5252
2025-06-24 21:27:40,687 [analyzer] DEBUG: Loaded monitor into process with pid 5220
2025-06-24 21:27:40,717 [analyzer] DEBUG: Loaded monitor into process with pid 5236
2025-06-24 21:27:40,717 [analyzer] DEBUG: Loaded monitor into process with pid 5244
2025-06-24 21:27:41,000 [analyzer] INFO: Injected into process with pid 5460 and name u'Unicorn-63411.exe'
2025-06-24 21:27:41,250 [analyzer] INFO: Added new file to list with pid 1012 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-14240.exe
2025-06-24 21:27:41,296 [analyzer] INFO: Added new file to list with pid 3272 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-505.exe
2025-06-24 21:27:41,312 [analyzer] INFO: Injected into process with pid 5508 and name u'Unicorn-45461.exe'
2025-06-24 21:27:41,328 [analyzer] INFO: Added new file to list with pid 3304 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-53820.exe
2025-06-24 21:27:41,328 [analyzer] INFO: Added new file to list with pid 3468 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-53820.exe
2025-06-24 21:27:41,328 [analyzer] INFO: Added new file to list with pid 3288 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-44225.exe
2025-06-24 21:27:41,328 [analyzer] INFO: Added new file to list with pid 2156 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-34484.exe
2025-06-24 21:27:41,328 [analyzer] INFO: Added new file to list with pid 3288 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-50090.exe
2025-06-24 21:27:41,467 [analyzer] DEBUG: Loaded monitor into process with pid 5460
2025-06-24 21:27:41,562 [analyzer] INFO: Injected into process with pid 5548 and name u'Unicorn-46001.exe'
2025-06-24 21:27:41,671 [analyzer] INFO: Added new file to list with pid 1876 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-36065.exe
2025-06-24 21:27:41,780 [analyzer] DEBUG: Loaded monitor into process with pid 5508
2025-06-24 21:27:41,953 [analyzer] DEBUG: Loaded monitor into process with pid 5548
2025-06-24 21:27:42,390 [analyzer] INFO: Injected into process with pid 5652 and name u'Unicorn-14240.exe'
2025-06-24 21:27:42,608 [analyzer] INFO: Injected into process with pid 5688 and name u'Unicorn-44225.exe'
2025-06-24 21:27:42,608 [analyzer] INFO: Injected into process with pid 5696 and name u'Unicorn-50090.exe'
2025-06-24 21:27:42,608 [analyzer] INFO: Injected into process with pid 5704 and name u'Unicorn-53820.exe'
2025-06-24 21:27:42,608 [analyzer] INFO: Injected into process with pid 5672 and name u'Unicorn-505.exe'
2025-06-24 21:27:42,625 [analyzer] INFO: Injected into process with pid 5680 and name u'Unicorn-34484.exe'
2025-06-24 21:27:42,717 [analyzer] INFO: Added new file to list with pid 3876 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-29721.exe
2025-06-24 21:27:42,765 [analyzer] INFO: Injected into process with pid 5812 and name u'Unicorn-36065.exe'
2025-06-24 21:27:42,780 [analyzer] DEBUG: Loaded monitor into process with pid 5652
2025-06-24 21:27:42,796 [analyzer] INFO: Added new file to list with pid 3340 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-54382.exe
2025-06-24 21:27:42,967 [analyzer] DEBUG: Loaded monitor into process with pid 5688
2025-06-24 21:27:43,015 [analyzer] DEBUG: Loaded monitor into process with pid 5680
2025-06-24 21:27:43,046 [analyzer] DEBUG: Loaded monitor into process with pid 5704
2025-06-24 21:27:43,062 [analyzer] DEBUG: Loaded monitor into process with pid 5672
2025-06-24 21:27:43,078 [analyzer] DEBUG: Loaded monitor into process with pid 5696
2025-06-24 21:27:43,328 [analyzer] INFO: Added new file to list with pid 2712 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-54383.exe
2025-06-24 21:27:43,342 [analyzer] INFO: Added new file to list with pid 2908 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-41532.exe
2025-06-24 21:27:43,342 [analyzer] DEBUG: Loaded monitor into process with pid 5812
2025-06-24 21:27:43,342 [analyzer] INFO: Added new file to list with pid 4012 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-43447.exe
2025-06-24 21:27:43,421 [analyzer] INFO: Added new file to list with pid 1312 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-45669.exe
2025-06-24 21:27:43,592 [analyzer] INFO: Added new file to list with pid 2852 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-26046.exe
2025-06-24 21:27:43,625 [analyzer] INFO: Added new file to list with pid 3004 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-4256.exe
2025-06-24 21:27:43,733 [analyzer] INFO: Added new file to list with pid 588 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-1456.exe
2025-06-24 21:27:43,733 [analyzer] INFO: Added new file to list with pid 3924 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-56058.exe
2025-06-24 21:27:43,733 [analyzer] INFO: Added new file to list with pid 2256 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-65352.exe
2025-06-24 21:27:43,733 [analyzer] INFO: Added new file to list with pid 2408 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-59487.exe
2025-06-24 21:27:43,796 [analyzer] INFO: Injected into process with pid 5944 and name u'Unicorn-29721.exe'
2025-06-24 21:27:43,875 [analyzer] INFO: Injected into process with pid 5980 and name u'Unicorn-54382.exe'
2025-06-24 21:27:43,937 [analyzer] INFO: Added new file to list with pid 3812 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-62005.exe
2025-06-24 21:27:44,062 [analyzer] DEBUG: Loaded monitor into process with pid 5944
2025-06-24 21:27:44,342 [analyzer] DEBUG: Loaded monitor into process with pid 5980
2025-06-24 21:27:44,437 [analyzer] INFO: Added new file to list with pid 4056 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-14841.exe
2025-06-24 21:27:44,515 [analyzer] INFO: Added new file to list with pid 2920 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-48831.exe
2025-06-24 21:27:44,515 [analyzer] INFO: Added new file to list with pid 2528 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-54696.exe
2025-06-24 21:27:44,562 [analyzer] INFO: Injected into process with pid 6048 and name u'Unicorn-41532.exe'
2025-06-24 21:27:44,562 [analyzer] INFO: Injected into process with pid 6040 and name u'Unicorn-54383.exe'
2025-06-24 21:27:44,562 [analyzer] INFO: Injected into process with pid 6056 and name u'Unicorn-43447.exe'
2025-06-24 21:27:44,592 [analyzer] INFO: Added new file to list with pid 2880 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-58536.exe
2025-06-24 21:27:44,608 [analyzer] INFO: Added new file to list with pid 3616 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-38935.exe
2025-06-24 21:27:44,625 [analyzer] INFO: Injected into process with pid 6120 and name u'Unicorn-45669.exe'
2025-06-24 21:27:44,640 [analyzer] INFO: Added new file to list with pid 3304 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-43269.exe
2025-06-24 21:27:44,640 [analyzer] INFO: Added new file to list with pid 3552 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-23668.exe
2025-06-24 21:27:44,750 [analyzer] INFO: Added new file to list with pid 3104 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-4923.exe
2025-06-24 21:27:44,842 [analyzer] INFO: Injected into process with pid 2368 and name u'Unicorn-26046.exe'
2025-06-24 21:27:44,875 [analyzer] INFO: Injected into process with pid 4348 and name u'Unicorn-4256.exe'
2025-06-24 21:27:44,890 [analyzer] INFO: Added new file to list with pid 3672 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-15609.exe
2025-06-24 21:27:44,937 [analyzer] INFO: Injected into process with pid 5336 and name u'Unicorn-56058.exe'
2025-06-24 21:27:44,937 [analyzer] INFO: Injected into process with pid 5312 and name u'Unicorn-1456.exe'
2025-06-24 21:27:44,953 [analyzer] INFO: Injected into process with pid 5376 and name u'Unicorn-65352.exe'
2025-06-24 21:27:44,967 [analyzer] INFO: Added new file to list with pid 3776 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-9517.exe
2025-06-24 21:27:44,967 [analyzer] INFO: Injected into process with pid 5344 and name u'Unicorn-59487.exe'
2025-06-24 21:27:45,015 [analyzer] INFO: Added new file to list with pid 4040 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-10093.exe
2025-06-24 21:27:45,015 [analyzer] DEBUG: Loaded monitor into process with pid 6040
2025-06-24 21:27:45,030 [analyzer] DEBUG: Loaded monitor into process with pid 6048
2025-06-24 21:27:45,046 [analyzer] DEBUG: Loaded monitor into process with pid 6056
2025-06-24 21:27:45,092 [analyzer] DEBUG: Loaded monitor into process with pid 6120
2025-06-24 21:27:45,250 [analyzer] DEBUG: Loaded monitor into process with pid 4348
2025-06-24 21:27:45,250 [analyzer] INFO: Injected into process with pid 5568 and name u'Unicorn-62005.exe'
2025-06-24 21:27:45,280 [analyzer] DEBUG: Loaded monitor into process with pid 2368
2025-06-24 21:27:45,312 [analyzer] DEBUG: Loaded monitor into process with pid 5312
2025-06-24 21:27:45,312 [analyzer] DEBUG: Loaded monitor into process with pid 5344
2025-06-24 21:27:45,312 [analyzer] INFO: Injected into process with pid 5780 and name u'Unicorn-14841.exe'
2025-06-24 21:27:45,328 [analyzer] DEBUG: Loaded monitor into process with pid 5336
2025-06-24 21:27:45,342 [analyzer] INFO: Added new file to list with pid 3136 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-26843.exe
2025-06-24 21:27:45,342 [analyzer] INFO: Added new file to list with pid 3548 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-13108.exe
2025-06-24 21:27:45,358 [analyzer] DEBUG: Loaded monitor into process with pid 5376
2025-06-24 21:27:45,421 [analyzer] INFO: Injected into process with pid 5908 and name u'Unicorn-54696.exe'
2025-06-24 21:27:45,453 [analyzer] INFO: Injected into process with pid 5916 and name u'Unicorn-48831.exe'
2025-06-24 21:27:45,467 [analyzer] INFO: Injected into process with pid 6024 and name u'Unicorn-38935.exe'
2025-06-24 21:27:45,467 [analyzer] INFO: Injected into process with pid 5956 and name u'Unicorn-58536.exe'
2025-06-24 21:27:45,483 [analyzer] INFO: Injected into process with pid 6068 and name u'Unicorn-43269.exe'
2025-06-24 21:27:45,483 [analyzer] INFO: Injected into process with pid 6084 and name u'Unicorn-23668.exe'
2025-06-24 21:27:45,562 [analyzer] INFO: Injected into process with pid 1508 and name u'Unicorn-4923.exe'
2025-06-24 21:27:45,578 [analyzer] INFO: Injected into process with pid 5800 and name u'Unicorn-15609.exe'
2025-06-24 21:27:45,578 [analyzer] INFO: Added new file to list with pid 2136 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-32791.exe
2025-06-24 21:27:45,608 [analyzer] DEBUG: Loaded monitor into process with pid 5568
2025-06-24 21:27:45,687 [analyzer] DEBUG: Loaded monitor into process with pid 5780
2025-06-24 21:27:45,717 [analyzer] DEBUG: Loaded monitor into process with pid 5908
2025-06-24 21:27:45,717 [analyzer] INFO: Added new file to list with pid 3444 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-18292.exe
2025-06-24 21:27:45,733 [analyzer] DEBUG: Loaded monitor into process with pid 5916
2025-06-24 21:27:45,733 [analyzer] INFO: Injected into process with pid 5296 and name u'Unicorn-10093.exe'
2025-06-24 21:27:45,796 [analyzer] INFO: Injected into process with pid 5828 and name u'Unicorn-9517.exe'
2025-06-24 21:27:45,828 [analyzer] DEBUG: Loaded monitor into process with pid 6024
2025-06-24 21:27:45,858 [analyzer] DEBUG: Loaded monitor into process with pid 5956
2025-06-24 21:27:45,858 [analyzer] DEBUG: Loaded monitor into process with pid 6068
2025-06-24 21:27:45,905 [analyzer] INFO: Added new file to list with pid 3252 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-12894.exe
2025-06-24 21:27:45,921 [analyzer] INFO: Added new file to list with pid 3664 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-12894.exe
2025-06-24 21:27:45,905 [analyzer] INFO: Added new file to list with pid 1204 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-12894.exe
2025-06-24 21:27:45,921 [analyzer] DEBUG: Loaded monitor into process with pid 6084
2025-06-24 21:27:45,905 [analyzer] INFO: Added new file to list with pid 3876 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-12894.exe
2025-06-24 21:27:45,921 [analyzer] INFO: Added new file to list with pid 3756 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-12894.exe
2025-06-24 21:27:45,983 [analyzer] DEBUG: Loaded monitor into process with pid 1508
2025-06-24 21:27:46,030 [analyzer] INFO: Injected into process with pid 6212 and name u'Unicorn-13108.exe'
2025-06-24 21:27:46,046 [analyzer] INFO: Injected into process with pid 6204 and name u'Unicorn-26843.exe'
2025-06-24 21:27:46,046 [analyzer] DEBUG: Loaded monitor into process with pid 5800
2025-06-24 21:27:46,092 [analyzer] DEBUG: Loaded monitor into process with pid 5296
2025-06-24 21:27:46,155 [analyzer] DEBUG: Loaded monitor into process with pid 5828
2025-06-24 21:27:51,500 [analyzer] INFO: Added new file to list with pid 3960 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-42708.exe
2025-06-24 21:27:51,562 [analyzer] INFO: Added new file to list with pid 3172 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-23611.exe
2025-06-24 21:27:51,562 [analyzer] INFO: Added new file to list with pid 332 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-20811.exe
2025-06-24 21:27:51,608 [analyzer] INFO: Added new file to list with pid 3348 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-9662.exe
2025-06-24 21:27:51,608 [analyzer] INFO: Added new file to list with pid 1668 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-452.exe
2025-06-24 21:27:51,655 [analyzer] INFO: Injected into process with pid 6316 and name u'Unicorn-32791.exe'
2025-06-24 21:27:51,703 [analyzer] DEBUG: Loaded monitor into process with pid 6212
2025-06-24 21:27:51,780 [analyzer] DEBUG: Loaded monitor into process with pid 6204
2025-06-24 21:27:51,796 [analyzer] INFO: Injected into process with pid 6400 and name u'Unicorn-18292.exe'
2025-06-24 21:27:51,828 [analyzer] INFO: Added new file to list with pid 1204 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-13991.exe
2025-06-24 21:27:51,828 [analyzer] INFO: Added new file to list with pid 3664 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-13991.exe
2025-06-24 21:27:51,828 [analyzer] INFO: Added new file to list with pid 3252 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-64261.exe
2025-06-24 21:27:51,937 [analyzer] INFO: Injected into process with pid 6464 and name u'Unicorn-12894.exe'
2025-06-24 21:27:51,967 [analyzer] DEBUG: Loaded monitor into process with pid 6316
2025-06-24 21:27:52,125 [analyzer] DEBUG: Loaded monitor into process with pid 6400
2025-06-24 21:27:58,453 [analyzer] INFO: Injected into process with pid 6588 and name u'Unicorn-42708.exe'
2025-06-24 21:27:58,562 [analyzer] DEBUG: Loaded monitor into process with pid 6464
2025-06-24 21:27:58,592 [analyzer] INFO: Injected into process with pid 6684 and name u'Unicorn-20811.exe'
2025-06-24 21:27:58,592 [analyzer] INFO: Injected into process with pid 6676 and name u'Unicorn-23611.exe'
2025-06-24 21:27:58,625 [analyzer] INFO: Injected into process with pid 6720 and name u'Unicorn-452.exe'
2025-06-24 21:27:58,640 [analyzer] INFO: Injected into process with pid 6712 and name u'Unicorn-9662.exe'
2025-06-24 21:27:58,717 [analyzer] INFO: Added new file to list with pid 1204 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-47852.exe
2025-06-24 21:27:58,890 [analyzer] DEBUG: Loaded monitor into process with pid 6588
2025-06-24 21:27:59,125 [analyzer] INFO: Injected into process with pid 6808 and name u'Unicorn-13991.exe'
2025-06-24 21:27:59,125 [analyzer] INFO: Injected into process with pid 6820 and name u'Unicorn-64261.exe'
2025-06-24 21:27:59,125 [analyzer] INFO: Added new file to list with pid 3684 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-9911.exe
2025-06-24 21:27:59,125 [analyzer] INFO: Added new file to list with pid 3688 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-9911.exe
2025-06-24 21:27:59,140 [analyzer] INFO: Added new file to list with pid 3528 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-23646.exe
2025-06-24 21:27:59,140 [analyzer] INFO: Added new file to list with pid 3428 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-23646.exe
2025-06-24 21:27:59,171 [analyzer] INFO: Added new file to list with pid 2884 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-4311.exe
2025-06-24 21:27:59,171 [analyzer] INFO: Injected into process with pid 6828 and name u'Unicorn-64261.exe'
2025-06-24 21:27:59,250 [analyzer] DEBUG: Loaded monitor into process with pid 6684
2025-06-24 21:27:59,265 [analyzer] INFO: Added new file to list with pid 2064 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-65383.exe
2025-06-24 21:27:59,280 [analyzer] INFO: Added new file to list with pid 2112 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-29512.exe
2025-06-24 21:27:59,280 [analyzer] INFO: Added new file to list with pid 3052 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-20846.exe
2025-06-24 21:27:59,296 [analyzer] DEBUG: Loaded monitor into process with pid 6712
2025-06-24 21:27:59,328 [analyzer] DEBUG: Loaded monitor into process with pid 6676
2025-06-24 21:27:59,375 [analyzer] DEBUG: Loaded monitor into process with pid 6720
2025-06-24 21:28:01,265 [analyzer] DEBUG: Loaded monitor into process with pid 6820
2025-06-24 21:28:01,328 [analyzer] DEBUG: Loaded monitor into process with pid 6808
2025-06-24 21:28:01,358 [analyzer] DEBUG: Loaded monitor into process with pid 6828
2025-06-24 21:28:02,562 [analyzer] INFO: Added new file to list with pid 3916 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-59608.exe
2025-06-24 21:28:02,655 [analyzer] INFO: Added new file to list with pid 2880 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-22219.exe
2025-06-24 21:28:02,655 [analyzer] INFO: Added new file to list with pid 1012 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-30885.exe
2025-06-24 21:28:02,703 [analyzer] INFO: Injected into process with pid 7016 and name u'Unicorn-47852.exe'
2025-06-24 21:28:02,703 [analyzer] INFO: Added new file to list with pid 3272 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-40479.exe
2025-06-24 21:28:02,703 [analyzer] INFO: Added new file to list with pid 3104 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-46344.exe
2025-06-24 21:28:02,717 [analyzer] INFO: Added new file to list with pid 3136 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-9094.exe
2025-06-24 21:28:02,733 [analyzer] INFO: Added new file to list with pid 3736 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-3229.exe
2025-06-24 21:28:02,765 [analyzer] INFO: Added new file to list with pid 3812 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-58460.exe
2025-06-24 21:28:02,858 [analyzer] INFO: Added new file to list with pid 3552 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-36286.exe
2025-06-24 21:28:02,858 [analyzer] INFO: Added new file to list with pid 2156 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-34016.exe
2025-06-24 21:28:02,875 [analyzer] INFO: Added new file to list with pid 3468 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-13863.exe
2025-06-24 21:28:02,875 [analyzer] INFO: Added new file to list with pid 2908 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-13863.exe
2025-06-24 21:28:02,875 [analyzer] INFO: Added new file to list with pid 3288 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-64325.exe
2025-06-24 21:28:02,875 [analyzer] INFO: Added new file to list with pid 2852 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-64325.exe
2025-06-24 21:28:02,875 [analyzer] INFO: Added new file to list with pid 1876 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-49734.exe
2025-06-24 21:28:03,062 [analyzer] INFO: Added new file to list with pid 2256 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-5198.exe
2025-06-24 21:28:03,062 [analyzer] INFO: Added new file to list with pid 3304 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-5198.exe
2025-06-24 21:28:03,062 [analyzer] INFO: Added new file to list with pid 3528 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-31653.exe
2025-06-24 21:28:03,062 [analyzer] INFO: Added new file to list with pid 588 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-39124.exe
2025-06-24 21:28:03,062 [analyzer] INFO: Added new file to list with pid 3340 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-27703.exe
2025-06-24 21:28:03,062 [analyzer] INFO: Added new file to list with pid 1312 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-33485.exe
2025-06-24 21:28:03,078 [analyzer] INFO: Added new file to list with pid 2712 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-16950.exe
2025-06-24 21:28:03,062 [analyzer] INFO: Added new file to list with pid 3688 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-25787.exe
2025-06-24 21:28:03,078 [analyzer] INFO: Added new file to list with pid 3776 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-20246.exe
2025-06-24 21:28:03,092 [analyzer] INFO: Added new file to list with pid 3812 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-5198.exe
2025-06-24 21:28:03,062 [analyzer] INFO: Added new file to list with pid 3004 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-42151.exe
2025-06-24 21:28:03,062 [analyzer] INFO: Added new file to list with pid 4056 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-25787.exe
2025-06-24 21:28:03,078 [analyzer] INFO: Added new file to list with pid 4040 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-20246.exe
2025-06-24 21:28:03,171 [analyzer] INFO: Injected into process with pid 7140 and name u'Unicorn-29512.exe'
2025-06-24 21:28:03,171 [analyzer] INFO: Injected into process with pid 7156 and name u'Unicorn-20846.exe'
2025-06-24 21:28:03,155 [analyzer] INFO: Injected into process with pid 7096 and name u'Unicorn-9911.exe'
2025-06-24 21:28:03,171 [analyzer] INFO: Injected into process with pid 7116 and name u'Unicorn-23646.exe'
2025-06-24 21:28:03,171 [analyzer] INFO: Injected into process with pid 7124 and name u'Unicorn-65383.exe'
2025-06-24 21:28:03,171 [analyzer] INFO: Injected into process with pid 7104 and name u'Unicorn-4311.exe'
2025-06-24 21:28:03,171 [analyzer] INFO: Injected into process with pid 7088 and name u'Unicorn-9911.exe'
2025-06-24 21:28:03,578 [analyzer] INFO: Added new file to list with pid 3764 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-33200.exe
2025-06-24 21:28:03,625 [analyzer] INFO: Added new file to list with pid 3824 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-22702.exe
2025-06-24 21:28:03,717 [analyzer] INFO: Added new file to list with pid 3192 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-3184.exe
2025-06-24 21:28:03,750 [analyzer] DEBUG: Loaded monitor into process with pid 7016
2025-06-24 21:28:03,937 [analyzer] INFO: Added new file to list with pid 4012 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-126.exe
2025-06-24 21:28:04,358 [analyzer] DEBUG: Loaded monitor into process with pid 7140
2025-06-24 21:28:04,453 [analyzer] DEBUG: Loaded monitor into process with pid 7124
2025-06-24 21:28:04,530 [analyzer] DEBUG: Loaded monitor into process with pid 7156
2025-06-24 21:28:04,578 [analyzer] DEBUG: Loaded monitor into process with pid 7116
2025-06-24 21:28:04,640 [analyzer] DEBUG: Loaded monitor into process with pid 7104
2025-06-24 21:28:04,671 [analyzer] DEBUG: Loaded monitor into process with pid 7096
2025-06-24 21:28:04,733 [analyzer] DEBUG: Loaded monitor into process with pid 7088
2025-06-24 21:28:04,905 [analyzer] INFO: Injected into process with pid 6388 and name u'Unicorn-59608.exe'
2025-06-24 21:28:05,046 [analyzer] INFO: Injected into process with pid 6696 and name u'Unicorn-58460.exe'
2025-06-24 21:28:05,062 [analyzer] INFO: Injected into process with pid 6692 and name u'Unicorn-58460.exe'
2025-06-24 21:28:05,062 [analyzer] INFO: Injected into process with pid 6760 and name u'Unicorn-64325.exe'
2025-06-24 21:28:05,062 [analyzer] INFO: Injected into process with pid 6432 and name u'Unicorn-30885.exe'
2025-06-24 21:28:05,092 [analyzer] INFO: Injected into process with pid 6984 and name u'Unicorn-39124.exe'
2025-06-24 21:28:05,108 [analyzer] INFO: Injected into process with pid 6424 and name u'Unicorn-22219.exe'
2025-06-24 21:28:05,108 [analyzer] INFO: Injected into process with pid 6884 and name u'Unicorn-31653.exe'
2025-06-24 21:28:05,125 [analyzer] INFO: Injected into process with pid 2168 and name u'Unicorn-36286.exe'
2025-06-24 21:28:05,125 [analyzer] INFO: Injected into process with pid 6504 and name u'Unicorn-9094.exe'
2025-06-24 21:28:05,140 [analyzer] INFO: Injected into process with pid 6528 and name u'Unicorn-3229.exe'
2025-06-24 21:28:05,140 [analyzer] INFO: Injected into process with pid 6516 and name u'Unicorn-22219.exe'
2025-06-24 21:28:05,140 [analyzer] INFO: Injected into process with pid 6476 and name u'Unicorn-40479.exe'
2025-06-24 21:28:05,187 [analyzer] INFO: Injected into process with pid 6708 and name u'Unicorn-49734.exe'
2025-06-24 21:28:05,187 [analyzer] INFO: Injected into process with pid 5892 and name u'Unicorn-42151.exe'
2025-06-24 21:28:05,187 [analyzer] INFO: Injected into process with pid 6948 and name u'Unicorn-13863.exe'
2025-06-24 21:28:05,203 [analyzer] INFO: Injected into process with pid 6992 and name u'Unicorn-27703.exe'
2025-06-24 21:28:05,203 [analyzer] INFO: Injected into process with pid 6780 and name u'Unicorn-34016.exe'
2025-06-24 21:28:05,203 [analyzer] INFO: Injected into process with pid 2784 and name u'Unicorn-25787.exe'
2025-06-24 21:28:05,203 [analyzer] INFO: Injected into process with pid 5580 and name u'Unicorn-20246.exe'
2025-06-24 21:28:05,217 [analyzer] INFO: Injected into process with pid 6448 and name u'Unicorn-5198.exe'
2025-06-24 21:28:05,217 [analyzer] INFO: Injected into process with pid 6484 and name u'Unicorn-46344.exe'
2025-06-24 21:28:05,250 [analyzer] INFO: Injected into process with pid 7136 and name u'Unicorn-33485.exe'
2025-06-24 21:28:05,265 [analyzer] INFO: Injected into process with pid 7236 and name u'Unicorn-22702.exe'
2025-06-24 21:28:05,280 [analyzer] INFO: Injected into process with pid 5876 and name u'Unicorn-16950.exe'
2025-06-24 21:28:05,296 [analyzer] INFO: Injected into process with pid 7228 and name u'Unicorn-33200.exe'
2025-06-24 21:28:05,312 [analyzer] DEBUG: Loaded monitor into process with pid 6388
2025-06-24 21:28:05,312 [analyzer] INFO: Injected into process with pid 7248 and name u'Unicorn-3184.exe'
2025-06-24 21:28:05,342 [analyzer] INFO: Injected into process with pid 7356 and name u'Unicorn-126.exe'
2025-06-24 21:28:05,358 [analyzer] INFO: Added new file to list with pid 3972 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-56433.exe
2025-06-24 21:28:05,530 [analyzer] DEBUG: Loaded monitor into process with pid 6696
2025-06-24 21:28:05,592 [analyzer] DEBUG: Loaded monitor into process with pid 6432
2025-06-24 21:28:05,608 [analyzer] INFO: Added new file to list with pid 3444 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-22046.exe
2025-06-24 21:28:05,608 [analyzer] INFO: Added new file to list with pid 2136 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-22046.exe
2025-06-24 21:28:05,625 [analyzer] DEBUG: Loaded monitor into process with pid 6984
2025-06-24 21:28:05,671 [analyzer] DEBUG: Loaded monitor into process with pid 6760
2025-06-24 21:28:05,671 [analyzer] DEBUG: Loaded monitor into process with pid 6692
2025-06-24 21:28:05,703 [analyzer] DEBUG: Loaded monitor into process with pid 6884
2025-06-24 21:28:05,750 [analyzer] DEBUG: Loaded monitor into process with pid 6708
2025-06-24 21:28:05,750 [analyzer] DEBUG: Loaded monitor into process with pid 5580
2025-06-24 21:28:05,796 [analyzer] DEBUG: Loaded monitor into process with pid 7228
2025-06-24 21:28:05,812 [analyzer] DEBUG: Loaded monitor into process with pid 6516
2025-06-24 21:28:05,828 [analyzer] DEBUG: Loaded monitor into process with pid 6504
2025-06-24 21:28:05,842 [analyzer] DEBUG: Loaded monitor into process with pid 5876
2025-06-24 21:28:05,858 [analyzer] DEBUG: Loaded monitor into process with pid 6476
2025-06-24 21:28:05,858 [analyzer] DEBUG: Loaded monitor into process with pid 2784
2025-06-24 21:28:05,875 [analyzer] INFO: Added new file to list with pid 3756 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-54663.exe
2025-06-24 21:28:05,905 [analyzer] DEBUG: Loaded monitor into process with pid 5892
2025-06-24 21:28:05,905 [analyzer] DEBUG: Loaded monitor into process with pid 6448
2025-06-24 21:28:05,937 [analyzer] DEBUG: Loaded monitor into process with pid 6948
2025-06-24 21:28:05,937 [analyzer] DEBUG: Loaded monitor into process with pid 7248
2025-06-24 21:28:05,953 [analyzer] DEBUG: Loaded monitor into process with pid 7356
2025-06-24 21:28:05,983 [analyzer] DEBUG: Loaded monitor into process with pid 7136
2025-06-24 21:28:05,983 [analyzer] DEBUG: Loaded monitor into process with pid 6424
2025-06-24 21:28:06,000 [analyzer] DEBUG: Loaded monitor into process with pid 6484
2025-06-24 21:28:06,030 [analyzer] DEBUG: Loaded monitor into process with pid 6780
2025-06-24 21:28:06,030 [analyzer] DEBUG: Loaded monitor into process with pid 6528
2025-06-24 21:28:06,046 [analyzer] DEBUG: Loaded monitor into process with pid 7236
2025-06-24 21:28:06,062 [analyzer] DEBUG: Loaded monitor into process with pid 2168
2025-06-24 21:28:06,092 [analyzer] DEBUG: Loaded monitor into process with pid 6992
2025-06-24 21:28:06,140 [analyzer] INFO: Added new file to list with pid 3468 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-38318.exe
2025-06-24 21:28:06,140 [analyzer] INFO: Added new file to list with pid 3288 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-38318.exe
2025-06-24 21:28:06,140 [analyzer] INFO: Added new file to list with pid 2408 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-38318.exe
2025-06-24 21:28:06,140 [analyzer] INFO: Added new file to list with pid 2908 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-38318.exe
2025-06-24 21:28:06,140 [analyzer] INFO: Added new file to list with pid 3552 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-46983.exe
2025-06-24 21:28:06,280 [analyzer] INFO: Added new file to list with pid 3616 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-37445.exe
2025-06-24 21:28:06,280 [analyzer] INFO: Added new file to list with pid 3924 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-37445.exe
2025-06-24 21:28:06,312 [analyzer] INFO: Added new file to list with pid 2256 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-52535.exe
2025-06-24 21:28:06,328 [analyzer] INFO: Injected into process with pid 7828 and name u'Unicorn-56433.exe'
2025-06-24 21:28:06,483 [analyzer] INFO: Added new file to list with pid 3304 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-42036.exe
2025-06-24 21:28:06,592 [analyzer] INFO: Injected into process with pid 7928 and name u'Unicorn-22046.exe'
2025-06-24 21:28:06,592 [analyzer] INFO: Injected into process with pid 7920 and name u'Unicorn-22046.exe'
2025-06-24 21:28:06,750 [analyzer] INFO: Added new file to list with pid 3776 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-44958.exe
2025-06-24 21:28:06,750 [analyzer] INFO: Added new file to list with pid 3688 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-50823.exe
2025-06-24 21:28:06,828 [analyzer] DEBUG: Loaded monitor into process with pid 7828
2025-06-24 21:28:07,092 [analyzer] INFO: Injected into process with pid 8056 and name u'Unicorn-54663.exe'
2025-06-24 21:28:07,280 [analyzer] DEBUG: Loaded monitor into process with pid 7928
2025-06-24 21:28:07,342 [analyzer] DEBUG: Loaded monitor into process with pid 7920
2025-06-24 21:28:07,562 [analyzer] INFO: Injected into process with pid 8160 and name u'Unicorn-46983.exe'
2025-06-24 21:28:07,562 [analyzer] INFO: Injected into process with pid 8152 and name u'Unicorn-38318.exe'
2025-06-24 21:28:07,655 [analyzer] INFO: Injected into process with pid 6936 and name u'Unicorn-37445.exe'
2025-06-24 21:28:07,655 [analyzer] INFO: Injected into process with pid 6888 and name u'Unicorn-52535.exe'
2025-06-24 21:28:07,655 [analyzer] DEBUG: Loaded monitor into process with pid 8056
2025-06-24 21:28:07,765 [analyzer] INFO: Injected into process with pid 6928 and name u'Unicorn-42036.exe'
2025-06-24 21:28:07,828 [analyzer] INFO: Added new file to list with pid 3088 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-47217.exe
2025-06-24 21:28:07,875 [analyzer] DEBUG: Loaded monitor into process with pid 8160
2025-06-24 21:28:07,937 [analyzer] DEBUG: Loaded monitor into process with pid 8152
2025-06-24 21:28:07,953 [analyzer] INFO: Injected into process with pid 5496 and name u'Unicorn-44958.exe'
2025-06-24 21:28:07,953 [analyzer] INFO: Injected into process with pid 7056 and name u'Unicorn-50823.exe'
2025-06-24 21:28:07,967 [analyzer] DEBUG: Loaded monitor into process with pid 6936
2025-06-24 21:28:07,983 [analyzer] DEBUG: Loaded monitor into process with pid 6888
2025-06-24 21:28:08,125 [analyzer] DEBUG: Loaded monitor into process with pid 6928
2025-06-24 21:28:08,296 [analyzer] DEBUG: Loaded monitor into process with pid 7056
2025-06-24 21:28:08,296 [analyzer] DEBUG: Loaded monitor into process with pid 5496
2025-06-24 21:28:08,421 [analyzer] INFO: Injected into process with pid 7328 and name u'Unicorn-47217.exe'
2025-06-24 21:28:08,671 [analyzer] DEBUG: Loaded monitor into process with pid 7328
2025-06-24 21:28:14,296 [analyzer] INFO: Added new file to list with pid 3288 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-41303.exe
2025-06-24 21:28:14,296 [analyzer] INFO: Added new file to list with pid 3468 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-41303.exe
2025-06-24 21:28:14,312 [analyzer] INFO: Added new file to list with pid 3616 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-57839.exe
2025-06-24 21:28:21,733 [analyzer] INFO: Added new file to list with pid 4160 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-29041.exe
2025-06-24 21:28:23,717 [analyzer] INFO: Added new file to list with pid 3348 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-45989.exe
2025-06-24 21:28:23,717 [analyzer] INFO: Added new file to list with pid 1668 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-52975.exe
2025-06-24 21:28:23,750 [analyzer] INFO: Added new file to list with pid 3172 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-45989.exe
2025-06-24 21:28:23,750 [analyzer] INFO: Added new file to list with pid 332 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-33943.exe
2025-06-24 21:28:23,750 [analyzer] INFO: Added new file to list with pid 3960 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-53279.exe
2025-06-24 21:28:24,312 [analyzer] INFO: Added new file to list with pid 3288 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-6048.exe
2025-06-24 21:28:24,640 [analyzer] INFO: Injected into process with pid 7536 and name u'Unicorn-57839.exe'
2025-06-24 21:28:24,640 [analyzer] INFO: Injected into process with pid 7528 and name u'Unicorn-41303.exe'
2025-06-24 21:28:24,655 [analyzer] INFO: Added new file to list with pid 3252 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-50892.exe
2025-06-24 21:28:24,812 [analyzer] INFO: Added new file to list with pid 2112 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-34638.exe
2025-06-24 21:28:24,812 [analyzer] INFO: Added new file to list with pid 3876 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-1582.exe
2025-06-24 21:28:24,812 [analyzer] INFO: Added new file to list with pid 3428 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-10247.exe
2025-06-24 21:28:24,812 [analyzer] INFO: Added new file to list with pid 2884 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-2112.exe
2025-06-24 21:28:24,812 [analyzer] INFO: Added new file to list with pid 2064 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-8303.exe
2025-06-24 21:28:24,812 [analyzer] INFO: Added new file to list with pid 1204 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-50584.exe
2025-06-24 21:28:24,828 [analyzer] INFO: Added new file to list with pid 3864 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-62654.exe
2025-06-24 21:28:24,828 [analyzer] INFO: Added new file to list with pid 3052 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-43318.exe
2025-06-24 21:28:24,921 [analyzer] INFO: Added new file to list with pid 3684 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-2270.exe
2025-06-24 21:28:25,092 [analyzer] INFO: Added new file to list with pid 1012 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-41676.exe
2025-06-24 21:28:25,108 [analyzer] INFO: Added new file to list with pid 2528 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-25140.exe
2025-06-24 21:28:25,108 [analyzer] INFO: Added new file to list with pid 4040 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-44476.exe
2025-06-24 21:28:25,108 [analyzer] INFO: Added new file to list with pid 3004 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-41676.exe
2025-06-24 21:28:25,108 [analyzer] INFO: Added new file to list with pid 3916 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-44476.exe
2025-06-24 21:28:25,125 [analyzer] INFO: Added new file to list with pid 3776 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-50341.exe
2025-06-24 21:28:25,125 [analyzer] INFO: Added new file to list with pid 3272 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-263.exe
2025-06-24 21:28:25,140 [analyzer] INFO: Added new file to list with pid 2880 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-40599.exe
2025-06-24 21:28:25,140 [analyzer] INFO: Added new file to list with pid 2920 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-57135.exe
2025-06-24 21:28:25,140 [analyzer] INFO: Added new file to list with pid 3736 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-263.exe
2025-06-24 21:28:25,155 [analyzer] INFO: Added new file to list with pid 2136 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-263.exe
2025-06-24 21:28:25,171 [analyzer] INFO: Added new file to list with pid 3444 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-263.exe
2025-06-24 21:28:25,171 [analyzer] INFO: Added new file to list with pid 4056 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-263.exe
2025-06-24 21:28:25,171 [analyzer] INFO: Added new file to list with pid 2852 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-57135.exe
2025-06-24 21:28:25,171 [analyzer] INFO: Added new file to list with pid 2908 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-40599.exe
2025-06-24 21:28:25,171 [analyzer] INFO: Added new file to list with pid 3812 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-263.exe
2025-06-24 21:28:25,171 [analyzer] INFO: Added new file to list with pid 3756 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-19885.exe
2025-06-24 21:28:25,171 [analyzer] INFO: Added new file to list with pid 3340 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-59935.exe
2025-06-24 21:28:25,171 [analyzer] INFO: Added new file to list with pid 3340 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-263.exe
2025-06-24 21:28:25,171 [analyzer] INFO: Added new file to list with pid 3548 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-263.exe
2025-06-24 21:28:25,171 [analyzer] INFO: Added new file to list with pid 1436 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-40599.exe
2025-06-24 21:28:25,171 [analyzer] INFO: Added new file to list with pid 3528 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-19885.exe
2025-06-24 21:28:25,171 [analyzer] INFO: Added new file to list with pid 3104 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-57135.exe
2025-06-24 21:28:25,171 [analyzer] INFO: Added new file to list with pid 1876 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-30799.exe
2025-06-24 21:28:25,187 [analyzer] INFO: Added new file to list with pid 588 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-57665.exe
2025-06-24 21:28:25,203 [analyzer] DEBUG: Loaded monitor into process with pid 7528
2025-06-24 21:28:25,217 [analyzer] INFO: Added new file to list with pid 3192 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-42006.exe
2025-06-24 21:28:25,217 [analyzer] INFO: Added new file to list with pid 2156 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-3654.exe
2025-06-24 21:28:25,217 [analyzer] INFO: Added new file to list with pid 3764 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-42006.exe
2025-06-24 21:28:25,217 [analyzer] INFO: Added new file to list with pid 3824 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-42006.exe
2025-06-24 21:28:25,217 [analyzer] INFO: Added new file to list with pid 3672 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-33320.exe
2025-06-24 21:28:25,217 [analyzer] INFO: Added new file to list with pid 3304 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-25185.exe
2025-06-24 21:28:25,233 [analyzer] INFO: Added new file to list with pid 1312 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-8119.exe
2025-06-24 21:28:25,233 [analyzer] INFO: Added new file to list with pid 2256 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-53472.exe
2025-06-24 21:28:25,233 [analyzer] INFO: Added new file to list with pid 3552 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-24654.exe
2025-06-24 21:28:25,233 [analyzer] INFO: Added new file to list with pid 2712 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-58625.exe
2025-06-24 21:28:25,265 [analyzer] DEBUG: Loaded monitor into process with pid 7536
2025-06-24 21:28:25,265 [analyzer] INFO: Added new file to list with pid 3088 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-46968.exe
2025-06-24 21:28:25,296 [analyzer] INFO: Added new file to list with pid 1272 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-1488.exe
2025-06-24 21:28:25,703 [analyzer] INFO: Injected into process with pid 7764 and name u'Unicorn-29041.exe'
2025-06-24 21:28:25,842 [analyzer] INFO: Added new file to list with pid 3664 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-12651.exe
2025-06-24 21:28:26,358 [analyzer] INFO: Injected into process with pid 7660 and name u'Unicorn-45989.exe'
2025-06-24 21:28:26,375 [analyzer] INFO: Injected into process with pid 7684 and name u'Unicorn-33943.exe'
2025-06-24 21:28:26,421 [analyzer] INFO: Injected into process with pid 7676 and name u'Unicorn-53279.exe'
2025-06-24 21:28:26,421 [analyzer] INFO: Injected into process with pid 7784 and name u'Unicorn-52975.exe'
2025-06-24 21:28:26,421 [analyzer] INFO: Added new file to list with pid 3972 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-56501.exe
2025-06-24 21:28:26,437 [analyzer] INFO: Injected into process with pid 6952 and name u'Unicorn-6048.exe'
2025-06-24 21:28:26,467 [analyzer] INFO: Injected into process with pid 8140 and name u'Unicorn-6048.exe'
2025-06-24 21:28:26,515 [analyzer] INFO: Injected into process with pid 6892 and name u'Unicorn-50892.exe'
2025-06-24 21:28:26,608 [analyzer] DEBUG: Loaded monitor into process with pid 7764
2025-06-24 21:28:26,671 [analyzer] INFO: Injected into process with pid 6340 and name u'Unicorn-34638.exe'
2025-06-24 21:28:26,796 [analyzer] INFO: Injected into process with pid 6140 and name u'Unicorn-8303.exe'
2025-06-24 21:28:26,812 [analyzer] INFO: Injected into process with pid 5896 and name u'Unicorn-2112.exe'
2025-06-24 21:28:26,812 [analyzer] INFO: Injected into process with pid 7224 and name u'Unicorn-62654.exe'
2025-06-24 21:28:26,812 [analyzer] INFO: Injected into process with pid 7172 and name u'Unicorn-10247.exe'
2025-06-24 21:28:26,812 [analyzer] INFO: Injected into process with pid 7300 and name u'Unicorn-43318.exe'
2025-06-24 21:28:26,812 [analyzer] INFO: Injected into process with pid 7204 and name u'Unicorn-1582.exe'
2025-06-24 21:28:26,828 [analyzer] INFO: Injected into process with pid 7256 and name u'Unicorn-2270.exe'
2025-06-24 21:28:26,842 [analyzer] DEBUG: Loaded monitor into process with pid 7684
2025-06-24 21:28:26,858 [analyzer] DEBUG: Loaded monitor into process with pid 7784
2025-06-24 21:28:26,858 [analyzer] INFO: Injected into process with pid 7180 and name u'Unicorn-50584.exe'
2025-06-24 21:28:26,890 [analyzer] INFO: Injected into process with pid 2436 and name u'Unicorn-41676.exe'
2025-06-24 21:28:26,905 [analyzer] DEBUG: Loaded monitor into process with pid 6952
2025-06-24 21:28:26,921 [analyzer] DEBUG: Loaded monitor into process with pid 7676
2025-06-24 21:28:26,921 [analyzer] INFO: Injected into process with pid 7544 and name u'Unicorn-25140.exe'
2025-06-24 21:28:26,921 [analyzer] INFO: Added new file to list with pid 3348 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-48334.exe
2025-06-24 21:28:26,953 [analyzer] DEBUG: Loaded monitor into process with pid 6892
2025-06-24 21:28:26,953 [analyzer] INFO: Injected into process with pid 7644 and name u'Unicorn-44476.exe'
2025-06-24 21:28:26,983 [analyzer] DEBUG: Loaded monitor into process with pid 7660
2025-06-24 21:28:27,030 [analyzer] INFO: Injected into process with pid 8220 and name u'Unicorn-30799.exe'
2025-06-24 21:28:27,030 [analyzer] INFO: Injected into process with pid 6856 and name u'Unicorn-263.exe'
2025-06-24 21:28:27,030 [analyzer] INFO: Injected into process with pid 7872 and name u'Unicorn-50341.exe'
2025-06-24 21:28:27,030 [analyzer] INFO: Injected into process with pid 2160 and name u'Unicorn-263.exe'
2025-06-24 21:28:27,046 [analyzer] INFO: Injected into process with pid 7028 and name u'Unicorn-40599.exe'
2025-06-24 21:28:27,030 [analyzer] INFO: Injected into process with pid 8196 and name u'Unicorn-19885.exe'
2025-06-24 21:28:27,062 [analyzer] INFO: Injected into process with pid 8300 and name u'Unicorn-46968.exe'
2025-06-24 21:28:27,062 [analyzer] DEBUG: Loaded monitor into process with pid 8140
2025-06-24 21:28:27,062 [analyzer] INFO: Injected into process with pid 8228 and name u'Unicorn-57665.exe'
2025-06-24 21:28:27,062 [analyzer] INFO: Injected into process with pid 8292 and name u'Unicorn-58625.exe'
2025-06-24 21:28:27,062 [analyzer] INFO: Injected into process with pid 8276 and name u'Unicorn-53472.exe'
2025-06-24 21:28:27,062 [analyzer] INFO: Injected into process with pid 8260 and name u'Unicorn-25185.exe'
2025-06-24 21:28:27,062 [analyzer] INFO: Injected into process with pid 8252 and name u'Unicorn-33320.exe'
2025-06-24 21:28:27,062 [analyzer] INFO: Injected into process with pid 8268 and name u'Unicorn-8119.exe'
2025-06-24 21:28:27,062 [analyzer] INFO: Injected into process with pid 8212 and name u'Unicorn-57135.exe'
2025-06-24 21:28:27,062 [analyzer] INFO: Injected into process with pid 8244 and name u'Unicorn-42006.exe'
2025-06-24 21:28:27,062 [analyzer] INFO: Injected into process with pid 8284 and name u'Unicorn-24654.exe'
2025-06-24 21:28:27,062 [analyzer] INFO: Injected into process with pid 8204 and name u'Unicorn-59935.exe'
2025-06-24 21:28:27,062 [analyzer] INFO: Injected into process with pid 8236 and name u'Unicorn-3654.exe'
2025-06-24 21:28:27,062 [analyzer] INFO: Injected into process with pid 8312 and name u'Unicorn-1488.exe'
2025-06-24 21:28:27,062 [analyzer] DEBUG: Loaded monitor into process with pid 6340
2025-06-24 21:28:27,108 [analyzer] INFO: Injected into process with pid 8656 and name u'Unicorn-12651.exe'
2025-06-24 21:28:27,171 [analyzer] DEBUG: Loaded monitor into process with pid 7224
2025-06-24 21:28:27,171 [analyzer] INFO: Injected into process with pid 8756 and name u'Unicorn-56501.exe'
2025-06-24 21:28:27,217 [analyzer] DEBUG: Loaded monitor into process with pid 7256
2025-06-24 21:28:27,265 [analyzer] DEBUG: Loaded monitor into process with pid 7180
2025-06-24 21:28:27,296 [analyzer] DEBUG: Loaded monitor into process with pid 7204
2025-06-24 21:28:27,328 [analyzer] DEBUG: Loaded monitor into process with pid 7172
2025-06-24 21:28:27,390 [analyzer] DEBUG: Loaded monitor into process with pid 6856
2025-06-24 21:28:27,405 [analyzer] DEBUG: Loaded monitor into process with pid 6140
2025-06-24 21:28:27,467 [analyzer] DEBUG: Loaded monitor into process with pid 5896
2025-06-24 21:28:27,483 [analyzer] DEBUG: Loaded monitor into process with pid 7644
2025-06-24 21:28:27,483 [analyzer] INFO: Injected into process with pid 9148 and name u'Unicorn-48334.exe'
2025-06-24 21:28:27,530 [analyzer] DEBUG: Loaded monitor into process with pid 2436
2025-06-24 21:28:27,546 [analyzer] DEBUG: Loaded monitor into process with pid 7028
2025-06-24 21:28:27,562 [analyzer] DEBUG: Loaded monitor into process with pid 7872
2025-06-24 21:28:27,592 [analyzer] DEBUG: Loaded monitor into process with pid 8292
2025-06-24 21:28:27,592 [analyzer] DEBUG: Loaded monitor into process with pid 7544
2025-06-24 21:28:27,625 [analyzer] DEBUG: Loaded monitor into process with pid 8196
2025-06-24 21:28:27,640 [analyzer] DEBUG: Loaded monitor into process with pid 8284
2025-06-24 21:28:27,640 [analyzer] DEBUG: Loaded monitor into process with pid 7300
2025-06-24 21:28:27,655 [analyzer] DEBUG: Loaded monitor into process with pid 8236
2025-06-24 21:28:27,671 [analyzer] DEBUG: Loaded monitor into process with pid 8260
2025-06-24 21:28:27,687 [analyzer] DEBUG: Loaded monitor into process with pid 8252
2025-06-24 21:28:27,687 [analyzer] DEBUG: Loaded monitor into process with pid 8756
2025-06-24 21:28:27,703 [analyzer] DEBUG: Loaded monitor into process with pid 8204
2025-06-24 21:28:27,717 [analyzer] DEBUG: Loaded monitor into process with pid 8312
2025-06-24 21:28:27,733 [analyzer] DEBUG: Loaded monitor into process with pid 8300
2025-06-24 21:28:27,733 [analyzer] DEBUG: Loaded monitor into process with pid 2160
2025-06-24 21:28:27,765 [analyzer] DEBUG: Loaded monitor into process with pid 8268
2025-06-24 21:28:27,765 [analyzer] DEBUG: Loaded monitor into process with pid 8244
2025-06-24 21:28:27,780 [analyzer] DEBUG: Loaded monitor into process with pid 8228
2025-06-24 21:28:27,796 [analyzer] DEBUG: Loaded monitor into process with pid 8220
2025-06-24 21:28:27,828 [analyzer] DEBUG: Loaded monitor into process with pid 8656
2025-06-24 21:28:27,842 [analyzer] DEBUG: Loaded monitor into process with pid 9148
2025-06-24 21:28:27,858 [analyzer] DEBUG: Loaded monitor into process with pid 8276
2025-06-24 21:28:27,890 [analyzer] DEBUG: Loaded monitor into process with pid 8212
2025-06-24 21:28:28,328 [analyzer] INFO: Added new file to list with pid 3136 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-53496.exe
2025-06-24 21:28:28,328 [analyzer] INFO: Added new file to list with pid 3924 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-53496.exe
2025-06-24 21:28:28,328 [analyzer] INFO: Added new file to list with pid 3688 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-53496.exe
2025-06-24 21:28:28,328 [analyzer] INFO: Added new file to list with pid 1012 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-53496.exe
2025-06-24 21:28:28,375 [analyzer] INFO: Added new file to list with pid 4040 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-45832.exe
2025-06-24 21:28:28,421 [analyzer] INFO: Added new file to list with pid 3272 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-4686.exe
2025-06-24 21:28:28,421 [analyzer] INFO: Added new file to list with pid 2920 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-53688.exe
2025-06-24 21:28:28,421 [analyzer] INFO: Added new file to list with pid 2880 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-5216.exe
2025-06-24 21:28:28,483 [analyzer] INFO: Added new file to list with pid 3736 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-5262.exe
2025-06-24 21:28:28,530 [analyzer] INFO: Added new file to list with pid 2136 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-38126.exe
2025-06-24 21:28:28,733 [analyzer] INFO: Added new file to list with pid 3444 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-41967.exe
2025-06-24 21:28:28,828 [analyzer] INFO: Added new file to list with pid 3812 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-7566.exe
2025-06-24 21:28:28,842 [analyzer] INFO: Added new file to list with pid 3756 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-56568.exe
2025-06-24 21:28:28,858 [analyzer] INFO: Added new file to list with pid 2908 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-8096.exe
2025-06-24 21:28:28,858 [analyzer] INFO: Added new file to list with pid 3192 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-10366.exe
2025-06-24 21:28:28,858 [analyzer] INFO: Added new file to list with pid 3764 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-10366.exe
2025-06-24 21:28:29,375 [analyzer] INFO: Injected into process with pid 8436 and name u'Unicorn-53496.exe'
2025-06-24 21:28:29,375 [analyzer] INFO: Injected into process with pid 8452 and name u'Unicorn-45832.exe'
2025-06-24 21:28:29,390 [analyzer] INFO: Injected into process with pid 8500 and name u'Unicorn-5216.exe'
2025-06-24 21:28:29,405 [analyzer] INFO: Injected into process with pid 8556 and name u'Unicorn-53688.exe'
2025-06-24 21:28:29,405 [analyzer] INFO: Injected into process with pid 8520 and name u'Unicorn-4686.exe'
2025-06-24 21:28:29,453 [analyzer] INFO: Injected into process with pid 8568 and name u'Unicorn-5262.exe'
2025-06-24 21:28:29,500 [analyzer] INFO: Injected into process with pid 8628 and name u'Unicorn-38126.exe'
2025-06-24 21:28:29,578 [analyzer] INFO: Injected into process with pid 8912 and name u'Unicorn-41967.exe'
2025-06-24 21:28:29,625 [analyzer] INFO: Injected into process with pid 8744 and name u'Unicorn-7566.exe'
2025-06-24 21:28:29,625 [analyzer] INFO: Injected into process with pid 8900 and name u'Unicorn-8096.exe'
2025-06-24 21:28:29,625 [analyzer] INFO: Injected into process with pid 8924 and name u'Unicorn-56568.exe'
2025-06-24 21:28:29,625 [analyzer] INFO: Injected into process with pid 8688 and name u'Unicorn-56568.exe'
2025-06-24 21:28:29,640 [analyzer] INFO: Injected into process with pid 8712 and name u'Unicorn-10366.exe'
2025-06-24 21:28:29,655 [analyzer] INFO: Injected into process with pid 8916 and name u'Unicorn-7566.exe'
2025-06-24 21:28:29,717 [analyzer] DEBUG: Loaded monitor into process with pid 8436
2025-06-24 21:28:29,750 [analyzer] DEBUG: Loaded monitor into process with pid 8556
2025-06-24 21:28:29,750 [analyzer] DEBUG: Loaded monitor into process with pid 8500
2025-06-24 21:28:29,780 [analyzer] DEBUG: Loaded monitor into process with pid 8452
2025-06-24 21:28:29,812 [analyzer] DEBUG: Loaded monitor into process with pid 8520
2025-06-24 21:28:29,828 [analyzer] DEBUG: Loaded monitor into process with pid 8568
2025-06-24 21:28:29,858 [analyzer] DEBUG: Loaded monitor into process with pid 8628
2025-06-24 21:28:29,953 [analyzer] DEBUG: Loaded monitor into process with pid 8912
2025-06-24 21:28:29,983 [analyzer] DEBUG: Loaded monitor into process with pid 8900
2025-06-24 21:28:30,000 [analyzer] DEBUG: Loaded monitor into process with pid 8916
2025-06-24 21:28:30,000 [analyzer] DEBUG: Loaded monitor into process with pid 8712
2025-06-24 21:28:30,046 [analyzer] DEBUG: Loaded monitor into process with pid 8744
2025-06-24 21:28:30,046 [analyzer] DEBUG: Loaded monitor into process with pid 8688
2025-06-24 21:28:30,108 [analyzer] DEBUG: Loaded monitor into process with pid 8924
2025-06-24 21:28:31,500 [analyzer] INFO: Added new file to list with pid 3688 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-48320.exe
2025-06-24 21:28:31,515 [analyzer] INFO: Added new file to list with pid 3924 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-48320.exe
2025-06-24 21:28:31,515 [analyzer] INFO: Added new file to list with pid 3136 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-48320.exe
2025-06-24 21:28:32,328 [analyzer] INFO: Added new file to list with pid 3764 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-49221.exe
2025-06-24 21:28:34,592 [analyzer] INFO: Injected into process with pid 9120 and name u'Unicorn-48320.exe'
2025-06-24 21:28:34,640 [analyzer] INFO: Added new file to list with pid 3688 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-29890.exe
2025-06-24 21:28:34,655 [analyzer] INFO: Added new file to list with pid 3924 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-29890.exe
2025-06-24 21:28:34,671 [analyzer] INFO: Added new file to list with pid 4124 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-59821.exe
2025-06-24 21:28:34,842 [analyzer] DEBUG: Loaded monitor into process with pid 9120
2025-06-24 21:28:34,858 [analyzer] INFO: Injected into process with pid 8980 and name u'Unicorn-49221.exe'
2025-06-24 21:28:35,000 [analyzer] INFO: Injected into process with pid 8988 and name u'Unicorn-29890.exe'
2025-06-24 21:28:35,030 [analyzer] INFO: Injected into process with pid 9084 and name u'Unicorn-59821.exe'
2025-06-24 21:28:35,092 [analyzer] DEBUG: Loaded monitor into process with pid 8980
2025-06-24 21:28:35,250 [analyzer] DEBUG: Loaded monitor into process with pid 8988
2025-06-24 21:28:35,280 [analyzer] DEBUG: Loaded monitor into process with pid 9084
2025-06-24 21:28:37,921 [analyzer] INFO: Added new file to list with pid 3688 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-7026.exe
2025-06-24 21:28:38,265 [analyzer] INFO: Added new file to list with pid 2408 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-42631.exe
2025-06-24 21:28:38,296 [analyzer] INFO: Added new file to list with pid 3616 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-4403.exe
2025-06-24 21:28:39,375 [analyzer] INFO: Injected into process with pid 1460 and name u'Unicorn-7026.exe'
2025-06-24 21:28:40,015 [analyzer] DEBUG: Loaded monitor into process with pid 1460
2025-06-24 21:28:44,655 [analyzer] INFO: Injected into process with pid 8524 and name u'Unicorn-42631.exe'
2025-06-24 21:28:44,875 [analyzer] INFO: Injected into process with pid 8552 and name u'Unicorn-4403.exe'
2025-06-24 21:28:45,187 [analyzer] INFO: Added new file to list with pid 3468 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-52172.exe
2025-06-24 21:28:45,203 [analyzer] INFO: Added new file to list with pid 588 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-52172.exe
2025-06-24 21:28:45,203 [analyzer] INFO: Added new file to list with pid 4012 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-7636.exe
2025-06-24 21:28:45,217 [analyzer] INFO: Added new file to list with pid 3684 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-16301.exe
2025-06-24 21:28:45,217 [analyzer] INFO: Added new file to list with pid 3528 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-56638.exe
2025-06-24 21:28:45,217 [analyzer] INFO: Added new file to list with pid 3340 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-16301.exe
2025-06-24 21:28:45,233 [analyzer] INFO: Added new file to list with pid 3348 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-56638.exe
2025-06-24 21:28:45,233 [analyzer] INFO: Added new file to list with pid 2528 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-8166.exe
2025-06-24 21:28:45,250 [analyzer] INFO: Added new file to list with pid 4160 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-62238.exe
2025-06-24 21:28:45,250 [analyzer] INFO: Added new file to list with pid 2156 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-46837.exe
2025-06-24 21:28:45,296 [analyzer] INFO: Added new file to list with pid 3824 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-10436.exe
2025-06-24 21:28:45,312 [analyzer] INFO: Added new file to list with pid 1876 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-51037.exe
2025-06-24 21:28:45,842 [analyzer] DEBUG: Loaded monitor into process with pid 8524
2025-06-24 21:28:46,250 [analyzer] INFO: Added new file to list with pid 1312 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-52292.exe
2025-06-24 21:28:46,375 [analyzer] INFO: Added new file to list with pid 2880 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-19241.exe
2025-06-24 21:28:46,390 [analyzer] INFO: Added new file to list with pid 2920 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-38333.exe
2025-06-24 21:28:46,390 [analyzer] DEBUG: Loaded monitor into process with pid 8552
2025-06-24 21:28:46,437 [analyzer] INFO: Added new file to list with pid 3272 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-6877.exe
2025-06-24 21:28:46,483 [analyzer] INFO: Added new file to list with pid 3736 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-54324.exe
2025-06-24 21:28:46,750 [analyzer] INFO: Added new file to list with pid 4040 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-8337.exe
2025-06-24 21:28:46,953 [analyzer] INFO: Added new file to list with pid 3004 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-57531.exe
2025-06-24 21:28:46,983 [analyzer] INFO: Added new file to list with pid 2136 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-27738.exe
2025-06-24 21:28:47,062 [analyzer] INFO: Added new file to list with pid 3756 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-42173.exe
2025-06-24 21:28:47,062 [analyzer] INFO: Added new file to list with pid 3444 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-10717.exe
2025-06-24 21:28:47,078 [analyzer] INFO: Added new file to list with pid 3192 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-35918.exe
2025-06-24 21:28:47,217 [analyzer] INFO: Added new file to list with pid 4056 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-16659.exe
2025-06-24 21:28:47,312 [analyzer] INFO: Added new file to list with pid 2852 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-34493.exe
2025-06-24 21:28:47,530 [analyzer] INFO: Injected into process with pid 9324 and name u'Unicorn-62238.exe'
2025-06-24 21:28:47,546 [analyzer] INFO: Injected into process with pid 9396 and name u'Unicorn-52172.exe'
2025-06-24 21:28:47,546 [analyzer] INFO: Injected into process with pid 9340 and name u'Unicorn-7636.exe'
2025-06-24 21:28:47,562 [analyzer] INFO: Injected into process with pid 9308 and name u'Unicorn-52172.exe'
2025-06-24 21:28:47,562 [analyzer] INFO: Injected into process with pid 9364 and name u'Unicorn-16301.exe'
2025-06-24 21:28:47,562 [analyzer] INFO: Injected into process with pid 9316 and name u'Unicorn-7636.exe'
2025-06-24 21:28:47,578 [analyzer] INFO: Injected into process with pid 9348 and name u'Unicorn-52172.exe'
2025-06-24 21:28:47,578 [analyzer] INFO: Injected into process with pid 9332 and name u'Unicorn-46837.exe'
2025-06-24 21:28:47,608 [analyzer] INFO: Injected into process with pid 9388 and name u'Unicorn-16301.exe'
2025-06-24 21:28:47,640 [analyzer] INFO: Injected into process with pid 9300 and name u'Unicorn-16301.exe'
2025-06-24 21:28:47,640 [analyzer] INFO: Injected into process with pid 9404 and name u'Unicorn-56638.exe'
2025-06-24 21:28:47,655 [analyzer] INFO: Injected into process with pid 9428 and name u'Unicorn-51037.exe'
2025-06-24 21:28:47,655 [analyzer] INFO: Injected into process with pid 9412 and name u'Unicorn-52172.exe'
2025-06-24 21:28:47,687 [analyzer] INFO: Injected into process with pid 9724 and name u'Unicorn-56638.exe'
2025-06-24 21:28:47,687 [analyzer] INFO: Injected into process with pid 9420 and name u'Unicorn-10436.exe'
2025-06-24 21:28:47,687 [analyzer] INFO: Injected into process with pid 9356 and name u'Unicorn-7636.exe'
2025-06-24 21:28:47,687 [analyzer] INFO: Injected into process with pid 9684 and name u'Unicorn-56638.exe'
2025-06-24 21:28:47,703 [analyzer] INFO: Injected into process with pid 9668 and name u'Unicorn-7636.exe'
2025-06-24 21:28:47,733 [analyzer] INFO: Injected into process with pid 9380 and name u'Unicorn-52172.exe'
2025-06-24 21:28:47,733 [analyzer] INFO: Injected into process with pid 9372 and name u'Unicorn-8166.exe'
2025-06-24 21:28:47,733 [analyzer] INFO: Injected into process with pid 9492 and name u'Unicorn-8166.exe'
2025-06-24 21:28:47,765 [analyzer] INFO: Injected into process with pid 9552 and name u'Unicorn-62238.exe'
2025-06-24 21:28:47,780 [analyzer] INFO: Injected into process with pid 9524 and name u'Unicorn-56638.exe'
2025-06-24 21:28:47,780 [analyzer] INFO: Injected into process with pid 9452 and name u'Unicorn-16301.exe'
2025-06-24 21:28:47,780 [analyzer] INFO: Injected into process with pid 9716 and name u'Unicorn-10436.exe'
2025-06-24 21:28:47,796 [analyzer] INFO: Injected into process with pid 9444 and name u'Unicorn-7636.exe'
2025-06-24 21:28:47,796 [analyzer] INFO: Injected into process with pid 10060 and name u'Unicorn-52292.exe'
2025-06-24 21:28:47,812 [analyzer] INFO: Injected into process with pid 9460 and name u'Unicorn-52172.exe'
2025-06-24 21:28:47,812 [analyzer] INFO: Injected into process with pid 9676 and name u'Unicorn-10436.exe'
2025-06-24 21:28:47,858 [analyzer] INFO: Added new file to list with pid 3812 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-20826.exe
2025-06-24 21:28:47,858 [analyzer] INFO: Added new file to list with pid 2908 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-16361.exe
2025-06-24 21:28:47,875 [analyzer] INFO: Injected into process with pid 9468 and name u'Unicorn-51037.exe'
2025-06-24 21:28:47,890 [analyzer] INFO: Injected into process with pid 10104 and name u'Unicorn-38333.exe'
2025-06-24 21:28:47,890 [analyzer] INFO: Injected into process with pid 10112 and name u'Unicorn-6877.exe'
2025-06-24 21:28:47,921 [analyzer] INFO: Injected into process with pid 10096 and name u'Unicorn-38333.exe'
2025-06-24 21:28:47,937 [analyzer] DEBUG: Loaded monitor into process with pid 9324
2025-06-24 21:28:47,967 [analyzer] DEBUG: Loaded monitor into process with pid 9308
2025-06-24 21:28:48,046 [analyzer] INFO: Injected into process with pid 10088 and name u'Unicorn-19241.exe'
2025-06-24 21:28:48,046 [analyzer] DEBUG: Loaded monitor into process with pid 9340
2025-06-24 21:28:48,046 [analyzer] INFO: Injected into process with pid 9436 and name u'Unicorn-7636.exe'
2025-06-24 21:28:48,062 [analyzer] INFO: Injected into process with pid 10152 and name u'Unicorn-54324.exe'
2025-06-24 21:28:48,078 [analyzer] DEBUG: Loaded monitor into process with pid 9316
2025-06-24 21:28:48,171 [analyzer] DEBUG: Loaded monitor into process with pid 9420
2025-06-24 21:28:48,171 [analyzer] INFO: Injected into process with pid 9664 and name u'Unicorn-35918.exe'
2025-06-24 21:28:48,171 [analyzer] DEBUG: Loaded monitor into process with pid 9396
2025-06-24 21:28:48,187 [analyzer] INFO: Injected into process with pid 10216 and name u'Unicorn-57531.exe'
2025-06-24 21:28:48,187 [analyzer] INFO: Injected into process with pid 10168 and name u'Unicorn-8337.exe'
2025-06-24 21:28:48,187 [analyzer] DEBUG: Loaded monitor into process with pid 9388
2025-06-24 21:28:48,203 [analyzer] INFO: Injected into process with pid 9808 and name u'Unicorn-10717.exe'
2025-06-24 21:28:48,203 [analyzer] INFO: Injected into process with pid 9696 and name u'Unicorn-42173.exe'
2025-06-24 21:28:48,265 [analyzer] DEBUG: Loaded monitor into process with pid 9404
2025-06-24 21:28:48,265 [analyzer] INFO: Injected into process with pid 10236 and name u'Unicorn-27738.exe'
2025-06-24 21:28:48,280 [analyzer] DEBUG: Loaded monitor into process with pid 9552
2025-06-24 21:28:48,312 [analyzer] DEBUG: Loaded monitor into process with pid 9724
2025-06-24 21:28:48,328 [analyzer] DEBUG: Loaded monitor into process with pid 9380
2025-06-24 21:28:48,342 [analyzer] DEBUG: Loaded monitor into process with pid 9452
2025-06-24 21:28:48,358 [analyzer] DEBUG: Loaded monitor into process with pid 9716
2025-06-24 21:28:48,375 [analyzer] DEBUG: Loaded monitor into process with pid 9356
2025-06-24 21:28:48,375 [analyzer] DEBUG: Loaded monitor into process with pid 9492
2025-06-24 21:28:48,405 [analyzer] DEBUG: Loaded monitor into process with pid 9372
2025-06-24 21:28:48,405 [analyzer] INFO: Injected into process with pid 9748 and name u'Unicorn-16659.exe'
2025-06-24 21:28:48,405 [analyzer] INFO: Injected into process with pid 9992 and name u'Unicorn-34493.exe'
2025-06-24 21:28:48,421 [analyzer] DEBUG: Loaded monitor into process with pid 9684
2025-06-24 21:28:48,437 [analyzer] DEBUG: Loaded monitor into process with pid 9444
2025-06-24 21:28:48,437 [analyzer] DEBUG: Loaded monitor into process with pid 9460
2025-06-24 21:28:48,453 [analyzer] DEBUG: Loaded monitor into process with pid 9668
2025-06-24 21:28:48,453 [analyzer] DEBUG: Loaded monitor into process with pid 10104
2025-06-24 21:28:48,467 [analyzer] DEBUG: Loaded monitor into process with pid 9300
2025-06-24 21:28:48,500 [analyzer] DEBUG: Loaded monitor into process with pid 9348
2025-06-24 21:28:48,515 [analyzer] INFO: Added new file to list with pid 3348 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-59581.exe
2025-06-24 21:28:48,515 [analyzer] INFO: Added new file to list with pid 3876 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-59581.exe
2025-06-24 21:28:48,500 [analyzer] INFO: Added new file to list with pid 3528 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-59581.exe
2025-06-24 21:28:48,515 [analyzer] INFO: Added new file to list with pid 3468 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-32715.exe
2025-06-24 21:28:48,530 [analyzer] INFO: Added new file to list with pid 3664 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-59581.exe
2025-06-24 21:28:48,530 [analyzer] INFO: Added new file to list with pid 1204 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-38050.exe
2025-06-24 21:28:48,530 [analyzer] INFO: Added new file to list with pid 2528 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-38050.exe
2025-06-24 21:28:48,530 [analyzer] INFO: Added new file to list with pid 3684 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-59051.exe
2025-06-24 21:28:48,530 [analyzer] DEBUG: Loaded monitor into process with pid 10112
2025-06-24 21:28:48,530 [analyzer] INFO: Added new file to list with pid 3684 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-59581.exe
2025-06-24 21:28:48,530 [analyzer] INFO: Added new file to list with pid 3052 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-38050.exe
2025-06-24 21:28:48,530 [analyzer] DEBUG: Loaded monitor into process with pid 9412
2025-06-24 21:28:48,578 [analyzer] DEBUG: Loaded monitor into process with pid 9436
2025-06-24 21:28:48,546 [analyzer] DEBUG: Loaded monitor into process with pid 10168
2025-06-24 21:28:48,625 [analyzer] DEBUG: Loaded monitor into process with pid 10152
2025-06-24 21:28:48,655 [analyzer] DEBUG: Loaded monitor into process with pid 10216
2025-06-24 21:28:48,671 [analyzer] INFO: Injected into process with pid 868 and name u'Unicorn-16361.exe'
2025-06-24 21:28:48,687 [analyzer] DEBUG: Loaded monitor into process with pid 9428
2025-06-24 21:28:48,687 [analyzer] DEBUG: Loaded monitor into process with pid 10088
2025-06-24 21:28:48,703 [analyzer] INFO: Added new file to list with pid 3136 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-45289.exe
2025-06-24 21:28:48,750 [analyzer] DEBUG: Loaded monitor into process with pid 9332
2025-06-24 21:28:48,750 [analyzer] DEBUG: Loaded monitor into process with pid 9364
2025-06-24 21:28:48,765 [analyzer] DEBUG: Loaded monitor into process with pid 10096
2025-06-24 21:28:48,796 [analyzer] DEBUG: Loaded monitor into process with pid 9992
2025-06-24 21:28:48,812 [analyzer] DEBUG: Loaded monitor into process with pid 9664
2025-06-24 21:28:48,828 [analyzer] DEBUG: Loaded monitor into process with pid 10060
2025-06-24 21:28:48,875 [analyzer] DEBUG: Loaded monitor into process with pid 9748
2025-06-24 21:28:48,890 [analyzer] DEBUG: Loaded monitor into process with pid 9468
2025-06-24 21:28:48,921 [analyzer] INFO: Injected into process with pid 10196 and name u'Unicorn-20826.exe'
2025-06-24 21:28:48,937 [analyzer] DEBUG: Loaded monitor into process with pid 9524
2025-06-24 21:28:48,953 [analyzer] DEBUG: Loaded monitor into process with pid 9676
2025-06-24 21:28:49,015 [analyzer] DEBUG: Loaded monitor into process with pid 10236
2025-06-24 21:28:49,078 [analyzer] DEBUG: Loaded monitor into process with pid 9808
2025-06-24 21:28:49,140 [analyzer] DEBUG: Loaded monitor into process with pid 9696
2025-06-24 21:28:49,546 [analyzer] DEBUG: Loaded monitor into process with pid 868
2025-06-24 21:28:49,687 [analyzer] DEBUG: Loaded monitor into process with pid 10196
2025-06-24 21:28:49,703 [analyzer] INFO: Added new file to list with pid 3764 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-24266.exe
2025-06-24 21:28:49,703 [analyzer] INFO: Added new file to list with pid 3924 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-63468.exe
2025-06-24 21:28:49,717 [analyzer] INFO: Added new file to list with pid 4124 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-16346.exe
2025-06-24 21:28:50,030 [analyzer] INFO: Injected into process with pid 10276 and name u'Unicorn-59051.exe'
2025-06-24 21:28:50,030 [analyzer] INFO: Injected into process with pid 10260 and name u'Unicorn-32715.exe'
2025-06-24 21:28:50,046 [analyzer] INFO: Injected into process with pid 10284 and name u'Unicorn-59581.exe'
2025-06-24 21:28:50,062 [analyzer] INFO: Injected into process with pid 10296 and name u'Unicorn-38050.exe'
2025-06-24 21:28:50,092 [analyzer] INFO: Added new file to list with pid 4224 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-23213.exe
2025-06-24 21:28:50,217 [analyzer] INFO: Injected into process with pid 10412 and name u'Unicorn-45289.exe'
2025-06-24 21:28:50,437 [analyzer] DEBUG: Loaded monitor into process with pid 10276
2025-06-24 21:28:50,500 [analyzer] DEBUG: Loaded monitor into process with pid 10296
2025-06-24 21:28:50,515 [analyzer] DEBUG: Loaded monitor into process with pid 10284
2025-06-24 21:28:50,608 [analyzer] DEBUG: Loaded monitor into process with pid 10260
2025-06-24 21:28:50,655 [analyzer] DEBUG: Loaded monitor into process with pid 10412
2025-06-24 21:28:50,671 [analyzer] INFO: Injected into process with pid 10540 and name u'Unicorn-63468.exe'
2025-06-24 21:28:50,687 [analyzer] INFO: Injected into process with pid 10548 and name u'Unicorn-16346.exe'
2025-06-24 21:28:50,687 [analyzer] INFO: Injected into process with pid 10532 and name u'Unicorn-24266.exe'
2025-06-24 21:28:51,155 [analyzer] INFO: Injected into process with pid 10644 and name u'Unicorn-23213.exe'
2025-06-24 21:28:51,171 [analyzer] DEBUG: Loaded monitor into process with pid 10540
2025-06-24 21:28:51,187 [analyzer] DEBUG: Loaded monitor into process with pid 10532
2025-06-24 21:28:51,233 [analyzer] DEBUG: Loaded monitor into process with pid 10548
2025-06-24 21:28:51,578 [analyzer] DEBUG: Loaded monitor into process with pid 10644
2025-06-24 21:28:51,796 [analyzer] INFO: Added new file to list with pid 3348 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-59721.exe
2025-06-24 21:28:51,796 [analyzer] INFO: Added new file to list with pid 1204 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-54386.exe
2025-06-24 21:28:51,796 [analyzer] INFO: Added new file to list with pid 2528 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-54386.exe
2025-06-24 21:28:52,655 [analyzer] INFO: Injected into process with pid 10788 and name u'Unicorn-59721.exe'
2025-06-24 21:28:52,655 [analyzer] INFO: Injected into process with pid 10796 and name u'Unicorn-59721.exe'
2025-06-24 21:28:52,671 [analyzer] INFO: Injected into process with pid 10820 and name u'Unicorn-59721.exe'
2025-06-24 21:28:52,717 [analyzer] INFO: Injected into process with pid 10812 and name u'Unicorn-54386.exe'
2025-06-24 21:28:52,717 [analyzer] INFO: Injected into process with pid 10804 and name u'Unicorn-59721.exe'
2025-06-24 21:28:53,030 [analyzer] DEBUG: Loaded monitor into process with pid 10788
2025-06-24 21:28:53,062 [analyzer] DEBUG: Loaded monitor into process with pid 10796
2025-06-24 21:28:53,092 [analyzer] DEBUG: Loaded monitor into process with pid 10820
2025-06-24 21:28:56,280 [analyzer] DEBUG: Loaded monitor into process with pid 10812
2025-06-24 21:28:56,342 [analyzer] DEBUG: Loaded monitor into process with pid 10804
2025-06-24 21:28:56,390 [analyzer] INFO: Added new file to list with pid 1204 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-5373.exe
2025-06-24 21:29:00,890 [analyzer] INFO: Injected into process with pid 11028 and name u'Unicorn-5373.exe'
2025-06-24 21:29:00,905 [analyzer] INFO: Injected into process with pid 11036 and name u'Unicorn-5373.exe'
2025-06-24 21:29:03,842 [analyzer] INFO: Added new file to list with pid 3616 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-5123.exe
2025-06-24 21:29:03,967 [analyzer] DEBUG: Loaded monitor into process with pid 11028
2025-06-24 21:29:04,030 [analyzer] DEBUG: Loaded monitor into process with pid 11036
2025-06-24 21:29:05,328 [analyzer] INFO: Added new file to list with pid 3004 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-5126.exe
2025-06-24 21:29:05,328 [analyzer] INFO: Added new file to list with pid 3136 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-43797.exe
2025-06-24 21:29:05,390 [analyzer] INFO: Added new file to list with pid 3864 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-54482.exe
2025-06-24 21:29:05,390 [analyzer] INFO: Added new file to list with pid 4056 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-55012.exe
2025-06-24 21:29:05,405 [analyzer] INFO: Added new file to list with pid 588 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-28146.exe
2025-06-24 21:29:05,421 [analyzer] INFO: Added new file to list with pid 1876 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-4610.exe
2025-06-24 21:29:05,515 [analyzer] INFO: Added new file to list with pid 3776 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-53406.exe
2025-06-24 21:29:05,515 [analyzer] INFO: Added new file to list with pid 4040 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-53406.exe
2025-06-24 21:29:05,515 [analyzer] INFO: Added new file to list with pid 4040 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-53406.exe
2025-06-24 21:29:05,530 [analyzer] INFO: Added new file to list with pid 1436 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-48940.exe
2025-06-24 21:29:05,530 [analyzer] INFO: Added new file to list with pid 2920 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-33481.exe
2025-06-24 21:29:05,530 [analyzer] INFO: Added new file to list with pid 3288 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-43605.exe
2025-06-24 21:29:05,608 [analyzer] INFO: Added new file to list with pid 3444 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-4934.exe
2025-06-24 21:29:05,655 [analyzer] INFO: Added new file to list with pid 3192 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-4404.exe
2025-06-24 21:29:05,655 [analyzer] INFO: Added new file to list with pid 1272 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-7204.exe
2025-06-24 21:29:05,655 [analyzer] INFO: Added new file to list with pid 2136 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-4934.exe
2025-06-24 21:29:05,640 [analyzer] INFO: Added new file to list with pid 2884 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-43605.exe
2025-06-24 21:29:05,655 [analyzer] INFO: Added new file to list with pid 2880 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-43605.exe
2025-06-24 21:29:05,640 [analyzer] INFO: Added new file to list with pid 3812 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-4934.exe
2025-06-24 21:29:05,655 [analyzer] INFO: Added new file to list with pid 3468 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-47805.exe
2025-06-24 21:29:05,655 [analyzer] INFO: Added new file to list with pid 332 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-1385.exe
2025-06-24 21:29:05,655 [analyzer] INFO: Added new file to list with pid 3272 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-4934.exe
2025-06-24 21:29:05,655 [analyzer] INFO: Added new file to list with pid 3340 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-4404.exe
2025-06-24 21:29:05,655 [analyzer] INFO: Added new file to list with pid 3252 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-37306.exe
2025-06-24 21:29:05,640 [analyzer] INFO: Added new file to list with pid 2156 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-47805.exe
2025-06-24 21:29:05,655 [analyzer] INFO: Added new file to list with pid 3552 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-4934.exe
2025-06-24 21:29:05,671 [analyzer] INFO: Added new file to list with pid 3824 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-13069.exe
2025-06-24 21:29:05,655 [analyzer] INFO: Added new file to list with pid 2112 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-4934.exe
2025-06-24 21:29:05,655 [analyzer] INFO: Added new file to list with pid 4160 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-7204.exe
2025-06-24 21:29:05,671 [analyzer] INFO: Added new file to list with pid 1312 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-1385.exe
2025-06-24 21:29:05,671 [analyzer] INFO: Added new file to list with pid 2064 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-10440.exe
2025-06-24 21:29:05,671 [analyzer] INFO: Added new file to list with pid 2064 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-20070.exe
2025-06-24 21:29:05,687 [analyzer] INFO: Added new file to list with pid 3104 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-4825.exe
2025-06-24 21:29:05,671 [analyzer] INFO: Added new file to list with pid 3972 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-31051.exe
2025-06-24 21:29:05,687 [analyzer] INFO: Added new file to list with pid 3548 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-37946.exe
2025-06-24 21:29:05,687 [analyzer] INFO: Added new file to list with pid 3172 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-5850.exe
2025-06-24 21:29:05,703 [analyzer] INFO: Added new file to list with pid 3088 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-13069.exe
2025-06-24 21:29:05,703 [analyzer] INFO: Added new file to list with pid 3960 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-22385.exe
2025-06-24 21:29:05,703 [analyzer] INFO: Added new file to list with pid 3672 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-5850.exe
2025-06-24 21:29:05,717 [analyzer] INFO: Injected into process with pid 11148 and name u'Unicorn-5123.exe'
2025-06-24 21:29:07,312 [analyzer] INFO: Added new file to list with pid 2528 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-34640.exe
2025-06-24 21:29:07,312 [analyzer] INFO: Added new file to list with pid 3348 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-30440.exe
2025-06-24 21:29:07,312 [analyzer] INFO: Added new file to list with pid 3924 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-34640.exe
2025-06-24 21:29:07,312 [analyzer] INFO: Added new file to list with pid 3664 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-30440.exe
2025-06-24 21:29:07,312 [analyzer] INFO: Added new file to list with pid 4224 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-45841.exe
2025-06-24 21:29:07,312 [analyzer] INFO: Added new file to list with pid 3528 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-30440.exe
2025-06-24 21:29:07,328 [analyzer] INFO: Added new file to list with pid 3876 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-30440.exe
2025-06-24 21:29:07,328 [analyzer] INFO: Added new file to list with pid 3764 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-8445.exe
2025-06-24 21:29:07,328 [analyzer] INFO: Added new file to list with pid 4124 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-59576.exe
2025-06-24 21:29:07,515 [analyzer] INFO: Injected into process with pid 11200 and name u'Unicorn-5126.exe'
2025-06-24 21:29:07,515 [analyzer] INFO: Injected into process with pid 11192 and name u'Unicorn-43797.exe'
2025-06-24 21:29:07,842 [analyzer] INFO: Injected into process with pid 11208 and name u'Unicorn-54482.exe'
2025-06-24 21:29:07,858 [analyzer] INFO: Injected into process with pid 11216 and name u'Unicorn-55012.exe'
2025-06-24 21:29:07,858 [analyzer] INFO: Injected into process with pid 11232 and name u'Unicorn-28146.exe'
2025-06-24 21:29:07,875 [analyzer] INFO: Injected into process with pid 11240 and name u'Unicorn-4610.exe'
2025-06-24 21:29:07,875 [analyzer] INFO: Injected into process with pid 11248 and name u'Unicorn-54482.exe'
2025-06-24 21:29:07,890 [analyzer] INFO: Injected into process with pid 11224 and name u'Unicorn-55012.exe'
2025-06-24 21:29:07,953 [analyzer] INFO: Injected into process with pid 10376 and name u'Unicorn-28146.exe'
2025-06-24 21:29:08,015 [analyzer] INFO: Injected into process with pid 10656 and name u'Unicorn-53406.exe'
2025-06-24 21:29:08,015 [analyzer] INFO: Injected into process with pid 10588 and name u'Unicorn-33481.exe'
2025-06-24 21:29:08,015 [analyzer] INFO: Injected into process with pid 10472 and name u'Unicorn-28146.exe'
2025-06-24 21:29:08,608 [analyzer] INFO: Added new file to list with pid 3776 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-23481.exe
2025-06-24 21:29:08,608 [analyzer] INFO: Added new file to list with pid 4012 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-23481.exe
2025-06-24 21:29:08,608 [analyzer] INFO: Added new file to list with pid 4040 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-23481.exe
2025-06-24 21:29:08,625 [analyzer] INFO: Added new file to list with pid 1436 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-47762.exe
2025-06-24 21:29:08,828 [analyzer] INFO: Added new file to list with pid 1012 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-48530.exe
2025-06-24 21:29:08,842 [analyzer] INFO: Added new file to list with pid 2852 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-63606.exe
2025-06-24 21:29:08,842 [analyzer] INFO: Added new file to list with pid 2712 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-52730.exe
2025-06-24 21:29:08,858 [analyzer] INFO: Added new file to list with pid 3288 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-2269.exe
2025-06-24 21:29:08,921 [analyzer] INFO: Added new file to list with pid 2256 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-541.exe
2025-06-24 21:29:09,015 [analyzer] INFO: Added new file to list with pid 2884 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-733.exe
2025-06-24 21:29:09,015 [analyzer] INFO: Added new file to list with pid 1272 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-31534.exe
2025-06-24 21:29:09,030 [analyzer] INFO: Added new file to list with pid 3444 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-1868.exe
2025-06-24 21:29:09,046 [analyzer] INFO: Added new file to list with pid 3272 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-25023.exe
2025-06-24 21:29:09,046 [analyzer] INFO: Added new file to list with pid 3468 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-61689.exe
2025-06-24 21:29:09,046 [analyzer] INFO: Added new file to list with pid 2884 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-25023.exe
2025-06-24 21:29:09,062 [analyzer] INFO: Added new file to list with pid 332 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-19688.exe
2025-06-24 21:29:09,078 [analyzer] INFO: Added new file to list with pid 3192 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-6333.exe
2025-06-24 21:29:09,125 [analyzer] INFO: Added new file to list with pid 3824 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-31441.exe
2025-06-24 21:29:09,125 [analyzer] INFO: Added new file to list with pid 3172 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-65412.exe
2025-06-24 21:29:09,140 [analyzer] INFO: Added new file to list with pid 3552 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-43881.exe
2025-06-24 21:29:10,500 [analyzer] INFO: Added new file to list with pid 2528 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-8098.exe
2025-06-24 21:29:10,500 [analyzer] INFO: Added new file to list with pid 3664 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-35834.exe
2025-06-24 21:29:10,500 [analyzer] INFO: Added new file to list with pid 3528 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-35834.exe
2025-06-24 21:29:10,500 [analyzer] INFO: Added new file to list with pid 3348 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-35834.exe
2025-06-24 21:29:16,717 [analyzer] INFO: Added new file to list with pid 3272 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-31378.exe
2025-06-24 21:29:16,733 [analyzer] INFO: Added new file to list with pid 3528 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-7842.exe
2025-06-24 21:29:16,733 [analyzer] INFO: Added new file to list with pid 3776 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-36713.exe
2025-06-24 21:29:21,530 [analyzer] INFO: Added new file to list with pid 1204 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-56569.exe
2025-06-24 21:29:21,530 [analyzer] INFO: Added new file to list with pid 3776 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-14568.exe
2025-06-24 21:29:21,530 [analyzer] INFO: Added new file to list with pid 3688 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-56569.exe
2025-06-24 21:29:21,592 [analyzer] INFO: Added new file to list with pid 2408 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-15445.exe
2025-06-24 21:29:22,217 [analyzer] INFO: Added new file to list with pid 3616 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-62410.exe
2025-06-24 21:29:27,578 [analyzer] INFO: Added new file to list with pid 1204 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-1504.exe
2025-06-24 21:29:27,578 [analyzer] INFO: Added new file to list with pid 3004 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-48575.exe
2025-06-24 21:29:27,578 [analyzer] INFO: Added new file to list with pid 1876 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-1504.exe
2025-06-24 21:29:27,578 [analyzer] INFO: Added new file to list with pid 588 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-47440.exe
2025-06-24 21:29:27,578 [analyzer] INFO: Added new file to list with pid 2920 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-11445.exe
2025-06-24 21:29:27,578 [analyzer] INFO: Added new file to list with pid 3136 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-47440.exe
2025-06-24 21:29:27,578 [analyzer] INFO: Added new file to list with pid 3052 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-47440.exe
2025-06-24 21:29:27,578 [analyzer] INFO: Added new file to list with pid 3428 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-4569.exe
2025-06-24 21:29:27,578 [analyzer] INFO: Added new file to list with pid 3736 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-48575.exe
2025-06-24 21:29:27,578 [analyzer] INFO: Added new file to list with pid 2908 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-47440.exe
2025-06-24 21:29:27,578 [analyzer] INFO: Added new file to list with pid 3864 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-53041.exe
2025-06-24 21:29:27,578 [analyzer] INFO: Added new file to list with pid 4056 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-48575.exe
2025-06-24 21:29:27,578 [analyzer] INFO: Added new file to list with pid 3916 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-53041.exe
2025-06-24 21:29:30,671 [analyzer] INFO: Added new file to list with pid 3004 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-59413.exe
2025-06-24 21:29:30,671 [analyzer] INFO: Added new file to list with pid 1204 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-33078.exe
2025-06-24 21:29:30,703 [analyzer] INFO: Added new file to list with pid 3864 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-20742.exe
2025-06-24 21:29:30,703 [analyzer] INFO: Added new file to list with pid 3136 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-35878.exe
2025-06-24 21:29:30,717 [analyzer] INFO: Added new file to list with pid 588 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-35878.exe
2025-06-24 21:29:30,717 [analyzer] INFO: Added new file to list with pid 3052 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-35878.exe
2025-06-24 21:29:33,842 [analyzer] INFO: Added new file to list with pid 588 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-46827.exe
2025-06-24 21:29:36,953 [analyzer] INFO: Added new file to list with pid 588 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-9848.exe
2025-06-24 21:31:03,000 [analyzer] INFO: Analysis timeout hit, terminating analysis.
2025-06-24 21:31:08,890 [analyzer] INFO: Terminating remaining processes before shutdown.
2025-06-24 21:31:08,890 [lib.api.process] INFO: Successfully terminated process with pid 2064.
2025-06-24 21:31:08,890 [lib.api.process] INFO: Successfully terminated process with pid 1876.
2025-06-24 21:31:08,890 [lib.api.process] INFO: Successfully terminated process with pid 2884.
2025-06-24 21:31:08,890 [lib.api.process] INFO: Successfully terminated process with pid 2156.
2025-06-24 21:31:08,890 [lib.api.process] INFO: Successfully terminated process with pid 2712.
2025-06-24 21:31:08,890 [lib.api.process] INFO: Successfully terminated process with pid 588.
2025-06-24 21:31:08,890 [lib.api.process] INFO: Successfully terminated process with pid 332.
2025-06-24 21:31:08,890 [lib.api.process] INFO: Successfully terminated process with pid 3052.
2025-06-24 21:31:08,890 [lib.api.process] INFO: Successfully terminated process with pid 1312.
2025-06-24 21:31:08,890 [lib.api.process] INFO: Successfully terminated process with pid 2880.
2025-06-24 21:31:08,905 [lib.api.process] INFO: Successfully terminated process with pid 1668.
2025-06-24 21:31:08,905 [lib.api.process] INFO: Successfully terminated process with pid 2256.
2025-06-24 21:31:08,905 [lib.api.process] INFO: Successfully terminated process with pid 2528.
2025-06-24 21:31:08,905 [lib.api.process] INFO: Successfully terminated process with pid 2112.
2025-06-24 21:31:08,905 [lib.api.process] INFO: Successfully terminated process with pid 1436.
2025-06-24 21:31:08,905 [lib.api.process] INFO: Successfully terminated process with pid 1012.
2025-06-24 21:31:08,905 [lib.api.process] INFO: Successfully terminated process with pid 2408.
2025-06-24 21:31:08,905 [lib.api.process] INFO: Successfully terminated process with pid 2920.
2025-06-24 21:31:08,905 [lib.api.process] INFO: Successfully terminated process with pid 2852.
2025-06-24 21:31:08,905 [lib.api.process] INFO: Successfully terminated process with pid 3004.
2025-06-24 21:31:08,905 [lib.api.process] INFO: Successfully terminated process with pid 2908.
2025-06-24 21:31:08,905 [lib.api.process] INFO: Successfully terminated process with pid 3104.
2025-06-24 21:31:08,905 [lib.api.process] INFO: Successfully terminated process with pid 3136.
2025-06-24 21:31:08,905 [lib.api.process] INFO: Successfully terminated process with pid 3172.
2025-06-24 21:31:08,905 [lib.api.process] INFO: Successfully terminated process with pid 3252.
2025-06-24 21:31:08,905 [lib.api.process] INFO: Successfully terminated process with pid 3288.
2025-06-24 21:31:08,905 [lib.api.process] INFO: Successfully terminated process with pid 3304.
2025-06-24 21:31:08,905 [lib.api.process] INFO: Successfully terminated process with pid 3348.
2025-06-24 21:31:08,905 [lib.api.process] INFO: Successfully terminated process with pid 3428.
2025-06-24 21:31:08,905 [lib.api.process] INFO: Successfully terminated process with pid 3468.
2025-06-24 21:31:08,905 [lib.api.process] INFO: Successfully terminated process with pid 3528.
2025-06-24 21:31:08,905 [lib.api.process] INFO: Successfully terminated process with pid 3552.
2025-06-24 21:31:08,905 [lib.api.process] INFO: Successfully terminated process with pid 3616.
2025-06-24 21:31:08,905 [lib.api.process] INFO: Successfully terminated process with pid 3664.
2025-06-24 21:31:08,921 [lib.api.process] INFO: Successfully terminated process with pid 3672.
2025-06-24 21:31:08,921 [lib.api.process] INFO: Successfully terminated process with pid 3736.
2025-06-24 21:31:08,921 [lib.api.process] INFO: Successfully terminated process with pid 3756.
2025-06-24 21:31:08,921 [lib.api.process] INFO: Successfully terminated process with pid 3812.
2025-06-24 21:31:08,921 [lib.api.process] INFO: Successfully terminated process with pid 3876.
2025-06-24 21:31:08,921 [lib.api.process] INFO: Successfully terminated process with pid 3924.
2025-06-24 21:31:08,921 [lib.api.process] INFO: Successfully terminated process with pid 3960.
2025-06-24 21:31:08,921 [lib.api.process] INFO: Successfully terminated process with pid 4012.
2025-06-24 21:31:08,921 [lib.api.process] INFO: Successfully terminated process with pid 4056.
2025-06-24 21:31:08,921 [lib.api.process] INFO: Successfully terminated process with pid 1204.
2025-06-24 21:31:08,921 [lib.api.process] INFO: Successfully terminated process with pid 2136.
2025-06-24 21:31:08,921 [lib.api.process] INFO: Successfully terminated process with pid 3272.
2025-06-24 21:31:08,921 [lib.api.process] INFO: Successfully terminated process with pid 3444.
2025-06-24 21:31:08,921 [lib.api.process] INFO: Successfully terminated process with pid 3548.
2025-06-24 21:31:08,921 [lib.api.process] INFO: Successfully terminated process with pid 3688.
2025-06-24 21:31:08,921 [lib.api.process] INFO: Successfully terminated process with pid 3684.
2025-06-24 21:31:08,921 [lib.api.process] INFO: Successfully terminated process with pid 3864.
2025-06-24 21:31:08,921 [lib.api.process] INFO: Successfully terminated process with pid 3916.
2025-06-24 21:31:08,921 [lib.api.process] INFO: Successfully terminated process with pid 3972.
2025-06-24 21:31:08,921 [lib.api.process] INFO: Successfully terminated process with pid 3088.
2025-06-24 21:31:08,921 [lib.api.process] INFO: Successfully terminated process with pid 3192.
2025-06-24 21:31:08,921 [lib.api.process] INFO: Successfully terminated process with pid 3340.
2025-06-24 21:31:08,921 [lib.api.process] INFO: Successfully terminated process with pid 3776.
2025-06-24 21:31:08,921 [lib.api.process] INFO: Successfully terminated process with pid 3824.
2025-06-24 21:31:08,921 [lib.api.process] INFO: Successfully terminated process with pid 4040.
2025-06-24 21:31:08,921 [lib.api.process] INFO: Successfully terminated process with pid 3764.
2025-06-24 21:31:08,921 [lib.api.process] INFO: Successfully terminated process with pid 1272.
2025-06-24 21:31:08,921 [lib.api.process] INFO: Successfully terminated process with pid 4124.
2025-06-24 21:31:08,921 [lib.api.process] INFO: Successfully terminated process with pid 4160.
2025-06-24 21:31:08,921 [lib.api.process] INFO: Successfully terminated process with pid 4224.
2025-06-24 21:31:08,921 [lib.api.process] INFO: Successfully terminated process with pid 4304.
2025-06-24 21:31:08,921 [lib.api.process] INFO: Successfully terminated process with pid 4328.
2025-06-24 21:31:08,937 [lib.api.process] INFO: Successfully terminated process with pid 4360.
2025-06-24 21:31:08,937 [lib.api.process] INFO: Successfully terminated process with pid 4416.
2025-06-24 21:31:08,937 [lib.api.process] INFO: Successfully terminated process with pid 4440.
2025-06-24 21:31:08,937 [lib.api.process] INFO: Successfully terminated process with pid 4476.
2025-06-24 21:31:08,937 [lib.api.process] INFO: Successfully terminated process with pid 4540.
2025-06-24 21:31:08,937 [lib.api.process] INFO: Successfully terminated process with pid 4584.
2025-06-24 21:31:08,937 [lib.api.process] INFO: Successfully terminated process with pid 4628.
2025-06-24 21:31:08,937 [lib.api.process] INFO: Successfully terminated process with pid 4676.
2025-06-24 21:31:08,937 [lib.api.process] INFO: Successfully terminated process with pid 4684.
2025-06-24 21:31:08,937 [lib.api.process] INFO: Successfully terminated process with pid 4692.
2025-06-24 21:31:08,937 [lib.api.process] INFO: Successfully terminated process with pid 4748.
2025-06-24 21:31:08,937 [lib.api.process] INFO: Successfully terminated process with pid 4784.
2025-06-24 21:31:08,937 [lib.api.process] INFO: Successfully terminated process with pid 4804.
2025-06-24 21:31:08,937 [lib.api.process] INFO: Successfully terminated process with pid 4900.
2025-06-24 21:31:08,937 [lib.api.process] INFO: Successfully terminated process with pid 4968.
2025-06-24 21:31:08,937 [lib.api.process] INFO: Successfully terminated process with pid 5008.
2025-06-24 21:31:08,937 [lib.api.process] INFO: Successfully terminated process with pid 5020.
2025-06-24 21:31:08,937 [lib.api.process] INFO: Successfully terminated process with pid 4140.
2025-06-24 21:31:08,937 [lib.api.process] INFO: Successfully terminated process with pid 4196.
2025-06-24 21:31:08,937 [lib.api.process] INFO: Successfully terminated process with pid 4316.
2025-06-24 21:31:08,937 [lib.api.process] INFO: Successfully terminated process with pid 4380.
2025-06-24 21:31:08,937 [lib.api.process] INFO: Successfully terminated process with pid 4512.
2025-06-24 21:31:08,937 [lib.api.process] INFO: Successfully terminated process with pid 4640.
2025-06-24 21:31:08,937 [lib.api.process] INFO: Successfully terminated process with pid 4728.
2025-06-24 21:31:08,937 [lib.api.process] INFO: Successfully terminated process with pid 4852.
2025-06-24 21:31:08,937 [lib.api.process] INFO: Successfully terminated process with pid 4848.
2025-06-24 21:31:08,937 [lib.api.process] INFO: Successfully terminated process with pid 5016.
2025-06-24 21:31:08,937 [lib.api.process] INFO: Successfully terminated process with pid 4108.
2025-06-24 21:31:08,937 [lib.api.process] INFO: Successfully terminated process with pid 4244.
2025-06-24 21:31:08,937 [lib.api.process] INFO: Successfully terminated process with pid 4412.
2025-06-24 21:31:08,937 [lib.api.process] INFO: Successfully terminated process with pid 4740.
2025-06-24 21:31:08,937 [lib.api.process] INFO: Successfully terminated process with pid 4756.
2025-06-24 21:31:08,953 [lib.api.process] INFO: Successfully terminated process with pid 5076.
2025-06-24 21:31:08,953 [lib.api.process] INFO: Successfully terminated process with pid 5220.
2025-06-24 21:31:08,953 [lib.api.process] INFO: Successfully terminated process with pid 5228.
2025-06-24 21:31:08,953 [lib.api.process] INFO: Successfully terminated process with pid 5252.
2025-06-24 21:31:08,953 [lib.api.process] INFO: Successfully terminated process with pid 5244.
2025-06-24 21:31:08,953 [lib.api.process] INFO: Successfully terminated process with pid 5236.
2025-06-24 21:31:08,953 [lib.api.process] INFO: Successfully terminated process with pid 5268.
2025-06-24 21:31:08,953 [lib.api.process] INFO: Successfully terminated process with pid 5460.
2025-06-24 21:31:08,953 [lib.api.process] INFO: Successfully terminated process with pid 5508.
2025-06-24 21:31:08,953 [lib.api.process] INFO: Successfully terminated process with pid 5548.
2025-06-24 21:31:08,953 [lib.api.process] INFO: Successfully terminated process with pid 5652.
2025-06-24 21:31:08,953 [lib.api.process] INFO: Successfully terminated process with pid 5672.
2025-06-24 21:31:08,953 [lib.api.process] INFO: Successfully terminated process with pid 5688.
2025-06-24 21:31:08,953 [lib.api.process] INFO: Successfully terminated process with pid 5696.
2025-06-24 21:31:08,953 [lib.api.process] INFO: Successfully terminated process with pid 5680.
2025-06-24 21:31:08,953 [lib.api.process] INFO: Successfully terminated process with pid 5704.
2025-06-24 21:31:08,953 [lib.api.process] INFO: Successfully terminated process with pid 5812.
2025-06-24 21:31:08,953 [lib.api.process] INFO: Successfully terminated process with pid 5944.
2025-06-24 21:31:08,953 [lib.api.process] INFO: Successfully terminated process with pid 5980.
2025-06-24 21:31:08,953 [lib.api.process] INFO: Successfully terminated process with pid 6040.
2025-06-24 21:31:08,953 [lib.api.process] INFO: Successfully terminated process with pid 6048.
2025-06-24 21:31:08,953 [lib.api.process] INFO: Successfully terminated process with pid 6056.
2025-06-24 21:31:08,953 [lib.api.process] INFO: Successfully terminated process with pid 6120.
2025-06-24 21:31:08,953 [lib.api.process] INFO: Successfully terminated process with pid 2368.
2025-06-24 21:31:08,953 [lib.api.process] INFO: Successfully terminated process with pid 4348.
2025-06-24 21:31:08,953 [lib.api.process] INFO: Successfully terminated process with pid 5312.
2025-06-24 21:31:08,953 [lib.api.process] INFO: Successfully terminated process with pid 5336.
2025-06-24 21:31:08,953 [lib.api.process] INFO: Successfully terminated process with pid 5344.
2025-06-24 21:31:08,953 [lib.api.process] INFO: Successfully terminated process with pid 5376.
2025-06-24 21:31:08,953 [lib.api.process] INFO: Successfully terminated process with pid 5568.
2025-06-24 21:31:08,967 [lib.api.process] INFO: Successfully terminated process with pid 5780.
2025-06-24 21:31:08,967 [lib.api.process] INFO: Successfully terminated process with pid 5916.
2025-06-24 21:31:08,967 [lib.api.process] INFO: Successfully terminated process with pid 5908.
2025-06-24 21:31:08,967 [lib.api.process] INFO: Successfully terminated process with pid 5956.
2025-06-24 21:31:08,967 [lib.api.process] INFO: Successfully terminated process with pid 6024.
2025-06-24 21:31:08,967 [lib.api.process] INFO: Successfully terminated process with pid 6084.
2025-06-24 21:31:08,967 [lib.api.process] INFO: Successfully terminated process with pid 6068.
2025-06-24 21:31:08,967 [lib.api.process] INFO: Successfully terminated process with pid 1508.
2025-06-24 21:31:08,967 [lib.api.process] INFO: Successfully terminated process with pid 5800.
2025-06-24 21:31:08,967 [lib.api.process] INFO: Successfully terminated process with pid 5828.
2025-06-24 21:31:08,967 [lib.api.process] INFO: Successfully terminated process with pid 5296.
2025-06-24 21:31:08,967 [lib.api.process] INFO: Successfully terminated process with pid 6204.
2025-06-24 21:31:08,967 [lib.api.process] INFO: Successfully terminated process with pid 6212.
2025-06-24 21:31:08,967 [lib.api.process] INFO: Successfully terminated process with pid 6316.
2025-06-24 21:31:08,967 [lib.api.process] INFO: Successfully terminated process with pid 6400.
2025-06-24 21:31:08,967 [lib.api.process] INFO: Successfully terminated process with pid 6464.
2025-06-24 21:31:08,967 [lib.api.process] INFO: Successfully terminated process with pid 6588.
2025-06-24 21:31:08,967 [lib.api.process] INFO: Successfully terminated process with pid 6676.
2025-06-24 21:31:08,967 [lib.api.process] INFO: Successfully terminated process with pid 6684.
2025-06-24 21:31:08,967 [lib.api.process] INFO: Successfully terminated process with pid 6712.
2025-06-24 21:31:08,967 [lib.api.process] INFO: Successfully terminated process with pid 6720.
2025-06-24 21:31:08,967 [lib.api.process] INFO: Successfully terminated process with pid 6808.
2025-06-24 21:31:08,967 [lib.api.process] INFO: Successfully terminated process with pid 6828.
2025-06-24 21:31:08,967 [lib.api.process] INFO: Successfully terminated process with pid 6820.
2025-06-24 21:31:08,967 [lib.api.process] INFO: Successfully terminated process with pid 7016.
2025-06-24 21:31:08,967 [lib.api.process] INFO: Successfully terminated process with pid 7088.
2025-06-24 21:31:08,967 [lib.api.process] INFO: Successfully terminated process with pid 7096.
2025-06-24 21:31:08,967 [lib.api.process] INFO: Successfully terminated process with pid 7104.
2025-06-24 21:31:08,967 [lib.api.process] INFO: Successfully terminated process with pid 7116.
2025-06-24 21:31:08,967 [lib.api.process] INFO: Successfully terminated process with pid 7124.
2025-06-24 21:31:08,967 [lib.api.process] INFO: Successfully terminated process with pid 7140.
2025-06-24 21:31:08,967 [lib.api.process] INFO: Successfully terminated process with pid 7156.
2025-06-24 21:31:08,983 [lib.api.process] INFO: Successfully terminated process with pid 6388.
2025-06-24 21:31:08,983 [lib.api.process] INFO: Successfully terminated process with pid 6424.
2025-06-24 21:31:08,983 [lib.api.process] INFO: Successfully terminated process with pid 6432.
2025-06-24 21:31:08,983 [lib.api.process] INFO: Successfully terminated process with pid 6692.
2025-06-24 21:31:08,983 [lib.api.process] INFO: Successfully terminated process with pid 6696.
2025-06-24 21:31:08,983 [lib.api.process] INFO: Successfully terminated process with pid 6760.
2025-06-24 21:31:08,983 [lib.api.process] INFO: Successfully terminated process with pid 6476.
2025-06-24 21:31:08,983 [lib.api.process] INFO: Successfully terminated process with pid 6528.
2025-06-24 21:31:08,983 [lib.api.process] INFO: Successfully terminated process with pid 6504.
2025-06-24 21:31:08,983 [lib.api.process] INFO: Successfully terminated process with pid 6516.
2025-06-24 21:31:08,983 [lib.api.process] INFO: Successfully terminated process with pid 6780.
2025-06-24 21:31:08,983 [lib.api.process] INFO: Successfully terminated process with pid 6948.
2025-06-24 21:31:08,983 [lib.api.process] INFO: Successfully terminated process with pid 6708.
2025-06-24 21:31:08,983 [lib.api.process] INFO: Successfully terminated process with pid 6484.
2025-06-24 21:31:08,983 [lib.api.process] INFO: Successfully terminated process with pid 2168.
2025-06-24 21:31:08,983 [lib.api.process] INFO: Successfully terminated process with pid 6884.
2025-06-24 21:31:08,983 [lib.api.process] INFO: Successfully terminated process with pid 6984.
2025-06-24 21:31:08,983 [lib.api.process] INFO: Successfully terminated process with pid 7136.
2025-06-24 21:31:08,983 [lib.api.process] INFO: Successfully terminated process with pid 5876.
2025-06-24 21:31:08,983 [lib.api.process] INFO: Successfully terminated process with pid 2784.
2025-06-24 21:31:08,983 [lib.api.process] INFO: Successfully terminated process with pid 5892.
2025-06-24 21:31:08,983 [lib.api.process] INFO: Successfully terminated process with pid 6448.
2025-06-24 21:31:08,983 [lib.api.process] INFO: Successfully terminated process with pid 5580.
2025-06-24 21:31:08,983 [lib.api.process] INFO: Successfully terminated process with pid 6992.
2025-06-24 21:31:08,983 [lib.api.process] INFO: Successfully terminated process with pid 7236.
2025-06-24 21:31:08,983 [lib.api.process] INFO: Successfully terminated process with pid 7228.
2025-06-24 21:31:08,983 [lib.api.process] INFO: Successfully terminated process with pid 7248.
2025-06-24 21:31:08,983 [lib.api.process] INFO: Successfully terminated process with pid 7356.
2025-06-24 21:31:08,983 [lib.api.process] INFO: Successfully terminated process with pid 7828.
2025-06-24 21:31:08,983 [lib.api.process] INFO: Successfully terminated process with pid 7928.
2025-06-24 21:31:08,983 [lib.api.process] INFO: Successfully terminated process with pid 7920.
2025-06-24 21:31:09,000 [lib.api.process] INFO: Successfully terminated process with pid 8056.
2025-06-24 21:31:09,000 [lib.api.process] INFO: Successfully terminated process with pid 8152.
2025-06-24 21:31:09,000 [lib.api.process] INFO: Successfully terminated process with pid 8160.
2025-06-24 21:31:09,000 [lib.api.process] INFO: Successfully terminated process with pid 6936.
2025-06-24 21:31:09,000 [lib.api.process] INFO: Successfully terminated process with pid 6888.
2025-06-24 21:31:09,000 [lib.api.process] INFO: Successfully terminated process with pid 6928.
2025-06-24 21:31:09,000 [lib.api.process] INFO: Successfully terminated process with pid 5496.
2025-06-24 21:31:09,000 [lib.api.process] INFO: Successfully terminated process with pid 7056.
2025-06-24 21:31:09,000 [lib.api.process] INFO: Successfully terminated process with pid 7328.
2025-06-24 21:31:09,000 [lib.api.process] INFO: Successfully terminated process with pid 7536.
2025-06-24 21:31:09,000 [lib.api.process] INFO: Successfully terminated process with pid 7528.
2025-06-24 21:31:09,000 [lib.api.process] INFO: Successfully terminated process with pid 7764.
2025-06-24 21:31:09,000 [lib.api.process] INFO: Successfully terminated process with pid 7660.
2025-06-24 21:31:09,000 [lib.api.process] INFO: Successfully terminated process with pid 7684.
2025-06-24 21:31:09,000 [lib.api.process] INFO: Successfully terminated process with pid 7676.
2025-06-24 21:31:09,000 [lib.api.process] INFO: Successfully terminated process with pid 7784.
2025-06-24 21:31:09,000 [lib.api.process] INFO: Successfully terminated process with pid 8140.
2025-06-24 21:31:09,000 [lib.api.process] INFO: Successfully terminated process with pid 6952.
2025-06-24 21:31:09,000 [lib.api.process] INFO: Successfully terminated process with pid 6892.
2025-06-24 21:31:09,000 [lib.api.process] INFO: Successfully terminated process with pid 6340.
2025-06-24 21:31:09,000 [lib.api.process] INFO: Successfully terminated process with pid 7224.
2025-06-24 21:31:09,000 [lib.api.process] INFO: Successfully terminated process with pid 5896.
2025-06-24 21:31:09,000 [lib.api.process] INFO: Successfully terminated process with pid 7180.
2025-06-24 21:31:09,000 [lib.api.process] INFO: Successfully terminated process with pid 7204.
2025-06-24 21:31:09,000 [lib.api.process] INFO: Successfully terminated process with pid 7300.
2025-06-24 21:31:09,000 [lib.api.process] INFO: Successfully terminated process with pid 7172.
2025-06-24 21:31:09,000 [lib.api.process] INFO: Successfully terminated process with pid 6140.
2025-06-24 21:31:09,000 [lib.api.process] INFO: Successfully terminated process with pid 7256.
2025-06-24 21:31:09,000 [lib.api.process] INFO: Successfully terminated process with pid 7544.
2025-06-24 21:31:09,015 [lib.api.process] INFO: Successfully terminated process with pid 2436.
2025-06-24 21:31:09,015 [lib.api.process] INFO: Successfully terminated process with pid 7644.
2025-06-24 21:31:09,015 [lib.api.process] INFO: Successfully terminated process with pid 7872.
2025-06-24 21:31:09,015 [lib.api.process] INFO: Successfully terminated process with pid 6856.
2025-06-24 21:31:09,015 [lib.api.process] INFO: Successfully terminated process with pid 8196.
2025-06-24 21:31:09,015 [lib.api.process] INFO: Successfully terminated process with pid 2160.
2025-06-24 21:31:09,015 [lib.api.process] INFO: Successfully terminated process with pid 7028.
2025-06-24 21:31:09,015 [lib.api.process] INFO: Successfully terminated process with pid 8220.
2025-06-24 21:31:09,015 [lib.api.process] INFO: Successfully terminated process with pid 8244.
2025-06-24 21:31:09,015 [lib.api.process] INFO: Successfully terminated process with pid 8236.
2025-06-24 21:31:09,015 [lib.api.process] INFO: Successfully terminated process with pid 8204.
2025-06-24 21:31:09,015 [lib.api.process] INFO: Successfully terminated process with pid 8228.
2025-06-24 21:31:09,015 [lib.api.process] INFO: Successfully terminated process with pid 8252.
2025-06-24 21:31:09,015 [lib.api.process] INFO: Successfully terminated process with pid 8212.
2025-06-24 21:31:09,015 [lib.api.process] INFO: Successfully terminated process with pid 8276.
2025-06-24 21:31:09,015 [lib.api.process] INFO: Successfully terminated process with pid 8300.
2025-06-24 21:31:09,015 [lib.api.process] INFO: Successfully terminated process with pid 8268.
2025-06-24 21:31:09,015 [lib.api.process] INFO: Successfully terminated process with pid 8312.
2025-06-24 21:31:09,015 [lib.api.process] INFO: Successfully terminated process with pid 8284.
2025-06-24 21:31:09,015 [lib.api.process] INFO: Successfully terminated process with pid 8292.
2025-06-24 21:31:09,015 [lib.api.process] INFO: Successfully terminated process with pid 8260.
2025-06-24 21:31:09,015 [lib.api.process] INFO: Successfully terminated process with pid 8656.
2025-06-24 21:31:09,015 [lib.api.process] INFO: Successfully terminated process with pid 8756.
2025-06-24 21:31:09,015 [lib.api.process] INFO: Successfully terminated process with pid 9148.
2025-06-24 21:31:09,015 [lib.api.process] INFO: Successfully terminated process with pid 8436.
2025-06-24 21:31:09,015 [lib.api.process] INFO: Successfully terminated process with pid 8452.
2025-06-24 21:31:09,015 [lib.api.process] INFO: Successfully terminated process with pid 8500.
2025-06-24 21:31:09,015 [lib.api.process] INFO: Successfully terminated process with pid 8556.
2025-06-24 21:31:09,015 [lib.api.process] INFO: Successfully terminated process with pid 8520.
2025-06-24 21:31:09,015 [lib.api.process] INFO: Successfully terminated process with pid 8568.
2025-06-24 21:31:09,015 [lib.api.process] INFO: Successfully terminated process with pid 8628.
2025-06-24 21:31:09,030 [lib.api.process] INFO: Successfully terminated process with pid 8912.
2025-06-24 21:31:09,030 [lib.api.process] INFO: Successfully terminated process with pid 8688.
2025-06-24 21:31:09,030 [lib.api.process] INFO: Successfully terminated process with pid 8924.
2025-06-24 21:31:09,030 [lib.api.process] INFO: Successfully terminated process with pid 8916.
2025-06-24 21:31:09,030 [lib.api.process] INFO: Successfully terminated process with pid 8744.
2025-06-24 21:31:09,030 [lib.api.process] INFO: Successfully terminated process with pid 8900.
2025-06-24 21:31:09,030 [lib.api.process] INFO: Successfully terminated process with pid 8712.
2025-06-24 21:31:09,030 [lib.api.process] INFO: Successfully terminated process with pid 9120.
2025-06-24 21:31:09,030 [lib.api.process] INFO: Successfully terminated process with pid 8980.
2025-06-24 21:31:09,030 [lib.api.process] INFO: Successfully terminated process with pid 8988.
2025-06-24 21:31:09,030 [lib.api.process] INFO: Successfully terminated process with pid 9084.
2025-06-24 21:31:09,030 [lib.api.process] INFO: Successfully terminated process with pid 1460.
2025-06-24 21:31:09,030 [lib.api.process] INFO: Successfully terminated process with pid 8524.
2025-06-24 21:31:09,030 [lib.api.process] INFO: Successfully terminated process with pid 8552.
2025-06-24 21:31:09,030 [lib.api.process] INFO: Successfully terminated process with pid 9300.
2025-06-24 21:31:09,030 [lib.api.process] INFO: Successfully terminated process with pid 9364.
2025-06-24 21:31:09,030 [lib.api.process] INFO: Successfully terminated process with pid 9356.
2025-06-24 21:31:09,030 [lib.api.process] INFO: Successfully terminated process with pid 9340.
2025-06-24 21:31:09,030 [lib.api.process] INFO: Successfully terminated process with pid 9332.
2025-06-24 21:31:09,030 [lib.api.process] INFO: Successfully terminated process with pid 9420.
2025-06-24 21:31:09,030 [lib.api.process] INFO: Successfully terminated process with pid 9372.
2025-06-24 21:31:09,030 [lib.api.process] INFO: Successfully terminated process with pid 9404.
2025-06-24 21:31:09,030 [lib.api.process] INFO: Successfully terminated process with pid 9388.
2025-06-24 21:31:09,030 [lib.api.process] INFO: Successfully terminated process with pid 9316.
2025-06-24 21:31:09,030 [lib.api.process] INFO: Successfully terminated process with pid 9428.
2025-06-24 21:31:09,030 [lib.api.process] INFO: Successfully terminated process with pid 9380.
2025-06-24 21:31:09,030 [lib.api.process] INFO: Successfully terminated process with pid 9324.
2025-06-24 21:31:09,030 [lib.api.process] INFO: Successfully terminated process with pid 9396.
2025-06-24 21:31:09,030 [lib.api.process] INFO: Successfully terminated process with pid 9308.
2025-06-24 21:31:09,046 [lib.api.process] INFO: Successfully terminated process with pid 9412.
2025-06-24 21:31:09,046 [lib.api.process] INFO: Successfully terminated process with pid 9348.
2025-06-24 21:31:09,046 [lib.api.process] INFO: Successfully terminated process with pid 9444.
2025-06-24 21:31:09,046 [lib.api.process] INFO: Successfully terminated process with pid 9436.
2025-06-24 21:31:09,046 [lib.api.process] INFO: Successfully terminated process with pid 9452.
2025-06-24 21:31:09,046 [lib.api.process] INFO: Successfully terminated process with pid 9492.
2025-06-24 21:31:09,046 [lib.api.process] INFO: Successfully terminated process with pid 9552.
2025-06-24 21:31:09,046 [lib.api.process] INFO: Successfully terminated process with pid 9468.
2025-06-24 21:31:09,046 [lib.api.process] INFO: Successfully terminated process with pid 9524.
2025-06-24 21:31:09,046 [lib.api.process] INFO: Successfully terminated process with pid 9460.
2025-06-24 21:31:09,046 [lib.api.process] INFO: Successfully terminated process with pid 9676.
2025-06-24 21:31:09,046 [lib.api.process] INFO: Successfully terminated process with pid 9716.
2025-06-24 21:31:09,046 [lib.api.process] INFO: Successfully terminated process with pid 9724.
2025-06-24 21:31:09,046 [lib.api.process] INFO: Successfully terminated process with pid 9684.
2025-06-24 21:31:09,046 [lib.api.process] INFO: Successfully terminated process with pid 9668.
2025-06-24 21:31:09,046 [lib.api.process] INFO: Successfully terminated process with pid 10060.
2025-06-24 21:31:09,046 [lib.api.process] INFO: Successfully terminated process with pid 10088.
2025-06-24 21:31:09,046 [lib.api.process] INFO: Successfully terminated process with pid 10096.
2025-06-24 21:31:09,046 [lib.api.process] INFO: Successfully terminated process with pid 10104.
2025-06-24 21:31:09,046 [lib.api.process] INFO: Successfully terminated process with pid 10112.
2025-06-24 21:31:09,046 [lib.api.process] INFO: Successfully terminated process with pid 10152.
2025-06-24 21:31:09,046 [lib.api.process] INFO: Successfully terminated process with pid 10168.
2025-06-24 21:31:09,046 [lib.api.process] INFO: Successfully terminated process with pid 10216.
2025-06-24 21:31:09,046 [lib.api.process] INFO: Successfully terminated process with pid 10236.
2025-06-24 21:31:09,046 [lib.api.process] INFO: Successfully terminated process with pid 9696.
2025-06-24 21:31:09,046 [lib.api.process] INFO: Successfully terminated process with pid 9808.
2025-06-24 21:31:09,046 [lib.api.process] INFO: Successfully terminated process with pid 9664.
2025-06-24 21:31:09,046 [lib.api.process] INFO: Successfully terminated process with pid 9748.
2025-06-24 21:31:09,046 [lib.api.process] INFO: Successfully terminated process with pid 9992.
2025-06-24 21:31:09,062 [lib.api.process] INFO: Successfully terminated process with pid 10196.
2025-06-24 21:31:09,062 [lib.api.process] INFO: Successfully terminated process with pid 868.
2025-06-24 21:31:09,062 [lib.api.process] INFO: Successfully terminated process with pid 10260.
2025-06-24 21:31:09,062 [lib.api.process] INFO: Successfully terminated process with pid 10276.
2025-06-24 21:31:09,062 [lib.api.process] INFO: Successfully terminated process with pid 10284.
2025-06-24 21:31:09,062 [lib.api.process] INFO: Successfully terminated process with pid 10296.
2025-06-24 21:31:09,062 [lib.api.process] INFO: Successfully terminated process with pid 10412.
2025-06-24 21:31:09,062 [lib.api.process] INFO: Successfully terminated process with pid 10532.
2025-06-24 21:31:09,062 [lib.api.process] INFO: Successfully terminated process with pid 10540.
2025-06-24 21:31:09,062 [lib.api.process] INFO: Successfully terminated process with pid 10548.
2025-06-24 21:31:09,062 [lib.api.process] INFO: Successfully terminated process with pid 10644.
2025-06-24 21:31:09,062 [lib.api.process] INFO: Successfully terminated process with pid 10788.
2025-06-24 21:31:09,062 [lib.api.process] INFO: Successfully terminated process with pid 10796.
2025-06-24 21:31:09,062 [lib.api.process] INFO: Successfully terminated process with pid 10804.
2025-06-24 21:31:09,062 [lib.api.process] INFO: Successfully terminated process with pid 10812.
2025-06-24 21:31:09,062 [lib.api.process] INFO: Successfully terminated process with pid 10820.
2025-06-24 21:31:09,062 [lib.api.process] INFO: Successfully terminated process with pid 11036.
2025-06-24 21:31:09,062 [lib.api.process] INFO: Successfully terminated process with pid 11028.
2025-06-24 21:31:09,062 [lib.api.process] INFO: Successfully terminated process with pid 11148.
2025-06-24 21:31:09,062 [lib.api.process] INFO: Successfully terminated process with pid 11200.
2025-06-24 21:31:09,062 [lib.api.process] INFO: Successfully terminated process with pid 11192.
2025-06-24 21:31:09,062 [lib.api.process] INFO: Successfully terminated process with pid 11208.
2025-06-24 21:31:09,062 [lib.api.process] INFO: Successfully terminated process with pid 11216.
2025-06-24 21:31:09,062 [lib.api.process] INFO: Successfully terminated process with pid 11240.
2025-06-24 21:31:09,062 [lib.api.process] INFO: Successfully terminated process with pid 11224.
2025-06-24 21:31:09,062 [lib.api.process] INFO: Successfully terminated process with pid 11232.
2025-06-24 21:31:09,062 [lib.api.process] INFO: Successfully terminated process with pid 11248.
2025-06-24 21:31:09,062 [lib.api.process] INFO: Successfully terminated process with pid 10376.
2025-06-24 21:31:09,078 [lib.api.process] INFO: Successfully terminated process with pid 10472.
2025-06-24 21:31:09,078 [lib.api.process] INFO: Successfully terminated process with pid 10588.
2025-06-24 21:31:09,078 [lib.api.process] INFO: Successfully terminated process with pid 10656.
2025-06-24 21:31:09,296 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-55012.exe
2025-06-24 21:31:09,296 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-15609.exe
2025-06-24 21:31:09,296 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-62238.exe
2025-06-24 21:31:09,296 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-47762.exe
2025-06-24 21:31:09,296 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-34493.exe
2025-06-24 21:31:09,296 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-47199.exe
2025-06-24 21:31:09,296 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-42899.exe
2025-06-24 21:31:09,296 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-31947.exe
2025-06-24 21:31:09,296 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-41518.exe
2025-06-24 21:31:09,296 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-43211.exe
2025-06-24 21:31:09,296 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-7026.exe
2025-06-24 21:31:09,296 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-31378.exe
2025-06-24 21:31:09,296 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-43318.exe
2025-06-24 21:31:09,296 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-21371.exe
2025-06-24 21:31:09,296 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-63794.exe
2025-06-24 21:31:09,296 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-48940.exe
2025-06-24 21:31:09,296 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-23213.exe
2025-06-24 21:31:09,296 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-45989.exe
2025-06-24 21:31:09,296 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-24266.exe
2025-06-24 21:31:09,296 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-62120.exe
2025-06-24 21:31:09,296 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-32791.exe
2025-06-24 21:31:09,296 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-9258.exe
2025-06-24 21:31:09,296 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-53472.exe
2025-06-24 21:31:09,296 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-4825.exe
2025-06-24 21:31:09,296 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-5145.exe
2025-06-24 21:31:09,296 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-53688.exe
2025-06-24 21:31:09,296 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-56433.exe
2025-06-24 21:31:09,296 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-8337.exe
2025-06-24 21:31:09,296 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-3654.exe
2025-06-24 21:31:09,296 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-30799.exe
2025-06-24 21:31:09,296 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-13383.exe
2025-06-24 21:31:09,296 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-18123.exe
2025-06-24 21:31:09,296 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-19885.exe
2025-06-24 21:31:09,296 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-64325.exe
2025-06-24 21:31:09,296 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-6048.exe
2025-06-24 21:31:09,296 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-3690.exe
2025-06-24 21:31:09,296 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-4311.exe
2025-06-24 21:31:09,296 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-47852.exe
2025-06-24 21:31:09,296 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-10440.exe
2025-06-24 21:31:09,312 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-24654.exe
2025-06-24 21:31:09,312 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-19688.exe
2025-06-24 21:31:09,312 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-25966.exe
2025-06-24 21:31:09,312 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-45649.exe
2025-06-24 21:31:09,312 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-50584.exe
2025-06-24 21:31:09,312 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-33485.exe
2025-06-24 21:31:09,312 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-26046.exe
2025-06-24 21:31:09,312 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-41967.exe
2025-06-24 21:31:09,312 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-9517.exe
2025-06-24 21:31:09,312 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-39752.exe
2025-06-24 21:31:09,312 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-33573.exe
2025-06-24 21:31:09,312 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-38333.exe
2025-06-24 21:31:09,312 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-57839.exe
2025-06-24 21:31:09,312 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-27738.exe
2025-06-24 21:31:09,312 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-6983.exe
2025-06-24 21:31:09,312 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-59487.exe
2025-06-24 21:31:09,312 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-22046.exe
2025-06-24 21:31:09,312 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-25023.exe
2025-06-24 21:31:09,312 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-43447.exe
2025-06-24 21:31:09,312 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-47298.exe
2025-06-24 21:31:09,312 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-5916.exe
2025-06-24 21:31:09,312 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-52418.exe
2025-06-24 21:31:09,312 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-20246.exe
2025-06-24 21:31:09,312 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-52495.exe
2025-06-24 21:31:09,312 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-32561.exe
2025-06-24 21:31:09,312 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-51147.exe
2025-06-24 21:31:09,312 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-23668.exe
2025-06-24 21:31:09,312 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-42173.exe
2025-06-24 21:31:09,312 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-54382.exe
2025-06-24 21:31:09,312 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-59449.exe
2025-06-24 21:31:09,312 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-57135.exe
2025-06-24 21:31:09,312 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-44225.exe
2025-06-24 21:31:09,312 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-39124.exe
2025-06-24 21:31:09,312 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-4256.exe
2025-06-24 21:31:09,312 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-2168.exe
2025-06-24 21:31:09,312 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-58830.exe
2025-06-24 21:31:09,312 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-16952.exe
2025-06-24 21:31:09,312 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-57531.exe
2025-06-24 21:31:09,312 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-61689.exe
2025-06-24 21:31:09,312 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-22219.exe
2025-06-24 21:31:09,312 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-26652.exe
2025-06-24 21:31:09,328 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-24243.exe
2025-06-24 21:31:09,328 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-126.exe
2025-06-24 21:31:09,328 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-59581.exe
2025-06-24 21:31:09,328 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-54696.exe
2025-06-24 21:31:09,328 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-50892.exe
2025-06-24 21:31:09,328 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-31534.exe
2025-06-24 21:31:09,328 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-16301.exe
2025-06-24 21:31:09,328 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-35834.exe
2025-06-24 21:31:09,328 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-44558.exe
2025-06-24 21:31:09,328 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-29041.exe
2025-06-24 21:31:09,328 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-20742.exe
2025-06-24 21:31:09,328 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-2269.exe
2025-06-24 21:31:09,328 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-33481.exe
2025-06-24 21:31:09,328 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-9911.exe
2025-06-24 21:31:09,328 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-9667.exe
2025-06-24 21:31:09,328 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-14841.exe
2025-06-24 21:31:09,328 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-42151.exe
2025-06-24 21:31:09,328 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-38935.exe
2025-06-24 21:31:09,328 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-1456.exe
2025-06-24 21:31:09,328 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-1684.exe
2025-06-24 21:31:09,328 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-61768.exe
2025-06-24 21:31:09,328 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-38769.exe
2025-06-24 21:31:09,328 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-59608.exe
2025-06-24 21:31:09,328 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-24497.exe
2025-06-24 21:31:09,328 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-12615.exe
2025-06-24 21:31:09,328 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-62654.exe
2025-06-24 21:31:09,328 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-4923.exe
2025-06-24 21:31:09,328 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-31051.exe
2025-06-24 21:31:09,328 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-15445.exe
2025-06-24 21:31:09,328 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-12651.exe
2025-06-24 21:31:09,328 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-56568.exe
2025-06-24 21:31:09,328 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-7636.exe
2025-06-24 21:31:09,328 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-62420.exe
2025-06-24 21:31:09,328 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-38126.exe
2025-06-24 21:31:09,328 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-4686.exe
2025-06-24 21:31:09,328 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-16659.exe
2025-06-24 21:31:09,328 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-8096.exe
2025-06-24 21:31:09,328 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-8166.exe
2025-06-24 21:31:09,328 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-11289.exe
2025-06-24 21:31:09,328 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-58460.exe
2025-06-24 21:31:09,328 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-46837.exe
2025-06-24 21:31:09,342 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-9094.exe
2025-06-24 21:31:09,342 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-10093.exe
2025-06-24 21:31:09,342 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-1385.exe
2025-06-24 21:31:09,342 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-8098.exe
2025-06-24 21:31:09,342 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-45841.exe
2025-06-24 21:31:09,342 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-30440.exe
2025-06-24 21:31:09,342 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-14240.exe
2025-06-24 21:31:09,342 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-46983.exe
2025-06-24 21:31:09,342 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-52172.exe
2025-06-24 21:31:09,342 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-29890.exe
2025-06-24 21:31:09,342 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-54525.exe
2025-06-24 21:31:09,342 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-4404.exe
2025-06-24 21:31:09,342 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-45669.exe
2025-06-24 21:31:09,342 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-35878.exe
2025-06-24 21:31:09,342 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-52292.exe
2025-06-24 21:31:09,342 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-27697.exe
2025-06-24 21:31:09,342 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-402.exe
2025-06-24 21:31:09,342 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-27703.exe
2025-06-24 21:31:09,342 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-4569.exe
2025-06-24 21:31:09,342 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-34995.exe
2025-06-24 21:31:09,342 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-23611.exe
2025-06-24 21:31:09,342 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-46344.exe
2025-06-24 21:31:09,342 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-16361.exe
2025-06-24 21:31:09,342 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-37916.exe
2025-06-24 21:31:09,342 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-47805.exe
2025-06-24 21:31:09,342 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-62005.exe
2025-06-24 21:31:09,342 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-44958.exe
2025-06-24 21:31:09,342 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-6349.exe
2025-06-24 21:31:09,342 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-45461.exe
2025-06-24 21:31:09,342 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-23083.exe
2025-06-24 21:31:09,342 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-65383.exe
2025-06-24 21:31:09,342 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-38318.exe
2025-06-24 21:31:09,342 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-45289.exe
2025-06-24 21:31:09,342 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-32840.exe
2025-06-24 21:31:09,342 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-42763.exe
2025-06-24 21:31:09,342 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-34016.exe
2025-06-24 21:31:09,342 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-6602.exe
2025-06-24 21:31:09,342 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-42631.exe
2025-06-24 21:31:09,342 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-47217.exe
2025-06-24 21:31:09,342 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-9150.exe
2025-06-24 21:31:09,342 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-44299.exe
2025-06-24 21:31:09,358 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-37236.exe
2025-06-24 21:31:09,358 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-13863.exe
2025-06-24 21:31:09,358 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-3209.exe
2025-06-24 21:31:09,358 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-53496.exe
2025-06-24 21:31:09,358 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-24692.exe
2025-06-24 21:31:09,358 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-53041.exe
2025-06-24 21:31:09,358 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-13108.exe
2025-06-24 21:31:09,358 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-43605.exe
2025-06-24 21:31:09,358 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-33320.exe
2025-06-24 21:31:09,358 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-16346.exe
2025-06-24 21:31:09,358 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-59935.exe
2025-06-24 21:31:09,358 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-6877.exe
2025-06-24 21:31:09,358 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-58536.exe
2025-06-24 21:31:09,358 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-37946.exe
2025-06-24 21:31:09,358 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-35918.exe
2025-06-24 21:31:09,358 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-37067.exe
2025-06-24 21:31:09,358 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-5262.exe
2025-06-24 21:31:09,358 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-21425.exe
2025-06-24 21:31:09,358 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-733.exe
2025-06-24 21:31:09,358 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-56569.exe
2025-06-24 21:31:09,358 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-36713.exe
2025-06-24 21:31:09,358 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-5010.exe
2025-06-24 21:31:09,358 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-31653.exe
2025-06-24 21:31:09,358 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-29721.exe
2025-06-24 21:31:09,358 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-11445.exe
2025-06-24 21:31:09,358 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-32715.exe
2025-06-24 21:31:09,358 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-53406.exe
2025-06-24 21:31:09,358 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-4934.exe
2025-06-24 21:31:09,358 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-50955.exe
2025-06-24 21:31:09,358 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-24075.exe
2025-06-24 21:31:09,358 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-10436.exe
2025-06-24 21:31:09,358 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-35865.exe
2025-06-24 21:31:09,358 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-52683.exe
2025-06-24 21:31:09,358 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-3229.exe
2025-06-24 21:31:09,358 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-5850.exe
2025-06-24 21:31:09,358 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-43881.exe
2025-06-24 21:31:09,358 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-33788.exe
2025-06-24 21:31:09,358 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-59721.exe
2025-06-24 21:31:09,358 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-52274.exe
2025-06-24 21:31:09,375 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-48320.exe
2025-06-24 21:31:09,375 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-44476.exe
2025-06-24 21:31:09,375 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-18261.exe
2025-06-24 21:31:09,375 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-36286.exe
2025-06-24 21:31:09,375 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-38428.exe
2025-06-24 21:31:09,375 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-23624.exe
2025-06-24 21:31:09,375 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-59576.exe
2025-06-24 21:31:09,375 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-20811.exe
2025-06-24 21:31:09,375 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-19241.exe
2025-06-24 21:31:09,375 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-39929.exe
2025-06-24 21:31:09,375 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-50090.exe
2025-06-24 21:31:09,375 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-5045.exe
2025-06-24 21:31:09,375 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-54165.exe
2025-06-24 21:31:09,375 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-23481.exe
2025-06-24 21:31:09,375 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-52730.exe
2025-06-24 21:31:09,375 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-64261.exe
2025-06-24 21:31:09,375 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-23455.exe
2025-06-24 21:31:09,375 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-53820.exe
2025-06-24 21:31:09,375 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-23646.exe
2025-06-24 21:31:09,375 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-56638.exe
2025-06-24 21:31:09,375 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-1504.exe
2025-06-24 21:31:09,375 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-5198.exe
2025-06-24 21:31:09,375 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-54324.exe
2025-06-24 21:31:09,375 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-48334.exe
2025-06-24 21:31:09,375 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-5123.exe
2025-06-24 21:31:09,375 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-49221.exe
2025-06-24 21:31:09,375 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-7204.exe
2025-06-24 21:31:09,375 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-30387.exe
2025-06-24 21:31:09,375 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-27304.exe
2025-06-24 21:31:09,375 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-25185.exe
2025-06-24 21:31:09,375 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-452.exe
2025-06-24 21:31:09,375 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-41303.exe
2025-06-24 21:31:09,375 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-13069.exe
2025-06-24 21:31:09,375 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-52975.exe
2025-06-24 21:31:09,375 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-33200.exe
2025-06-24 21:31:09,375 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-42708.exe
2025-06-24 21:31:09,390 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-37306.exe
2025-06-24 21:31:09,390 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-13972.exe
2025-06-24 21:31:09,390 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-48181.exe
2025-06-24 21:31:09,390 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-60779.exe
2025-06-24 21:31:09,390 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-3640.exe
2025-06-24 21:31:09,390 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-54383.exe
2025-06-24 21:31:09,390 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-34484.exe
2025-06-24 21:31:09,390 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-46001.exe
2025-06-24 21:31:09,390 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-61077.exe
2025-06-24 21:31:09,390 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-22385.exe
2025-06-24 21:31:09,390 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-46827.exe
2025-06-24 21:31:09,390 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-37445.exe
2025-06-24 21:31:09,390 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-43269.exe
2025-06-24 21:31:09,390 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-31499.exe
2025-06-24 21:31:09,390 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-28146.exe
2025-06-24 21:31:09,390 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-41268.exe
2025-06-24 21:31:09,390 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-4610.exe
2025-06-24 21:31:09,390 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-12081.exe
2025-06-24 21:31:09,390 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-33078.exe
2025-06-24 21:31:09,390 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-1582.exe
2025-06-24 21:31:09,390 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-8303.exe
2025-06-24 21:31:09,390 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-55004.exe
2025-06-24 21:31:09,390 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-6333.exe
2025-06-24 21:31:09,390 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-36910.exe
2025-06-24 21:31:09,390 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-40599.exe
2025-06-24 21:31:09,390 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-505.exe
2025-06-24 21:31:09,390 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-48530.exe
2025-06-24 21:31:09,390 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-20846.exe
2025-06-24 21:31:09,390 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-36158.exe
2025-06-24 21:31:09,390 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-10366.exe
2025-06-24 21:31:09,390 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-50341.exe
2025-06-24 21:31:09,390 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-44293.exe
2025-06-24 21:31:09,390 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-63411.exe
2025-06-24 21:31:09,390 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-59821.exe
2025-06-24 21:31:09,405 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-12894.exe
2025-06-24 21:31:09,405 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-41532.exe
2025-06-24 21:31:09,405 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-34640.exe
2025-06-24 21:31:09,405 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-53279.exe
2025-06-24 21:31:09,405 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-30716.exe
2025-06-24 21:31:09,405 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-8119.exe
2025-06-24 21:31:09,405 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-62410.exe
2025-06-24 21:31:09,405 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-51037.exe
2025-06-24 21:31:09,405 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-8445.exe
2025-06-24 21:31:09,405 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-3184.exe
2025-06-24 21:31:09,405 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-10247.exe
2025-06-24 21:31:09,405 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-31441.exe
2025-06-24 21:31:09,405 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-54482.exe
2025-06-24 21:31:09,405 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-1868.exe
2025-06-24 21:31:09,405 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-5373.exe
2025-06-24 21:31:09,405 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-14568.exe
2025-06-24 21:31:09,405 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-34638.exe
2025-06-24 21:31:09,405 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-46968.exe
2025-06-24 21:31:09,405 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-52535.exe
2025-06-24 21:31:09,405 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-63606.exe
2025-06-24 21:31:09,405 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-3763.exe
2025-06-24 21:31:09,405 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-57665.exe
2025-06-24 21:31:09,405 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-54386.exe
2025-06-24 21:31:09,405 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-22702.exe
2025-06-24 21:31:09,405 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-18292.exe
2025-06-24 21:31:09,405 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-56501.exe
2025-06-24 21:31:09,405 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-7842.exe
2025-06-24 21:31:09,405 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-35627.exe
2025-06-24 21:31:09,405 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-11373.exe
2025-06-24 21:31:09,405 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-9662.exe
2025-06-24 21:31:09,405 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-9848.exe
2025-06-24 21:31:09,405 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-42036.exe
2025-06-24 21:31:09,405 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-58625.exe
2025-06-24 21:31:09,421 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-30885.exe
2025-06-24 21:31:09,421 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-59413.exe
2025-06-24 21:31:09,421 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-2363.exe
2025-06-24 21:31:09,421 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-10663.exe
2025-06-24 21:31:09,421 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-59051.exe
2025-06-24 21:31:09,421 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-38050.exe
2025-06-24 21:31:09,421 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-15306.exe
2025-06-24 21:31:09,421 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-5126.exe
2025-06-24 21:31:09,421 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-56058.exe
2025-06-24 21:31:09,421 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-49734.exe
2025-06-24 21:31:09,421 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-26843.exe
2025-06-24 21:31:09,421 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-263.exe
2025-06-24 21:31:09,421 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-20826.exe
2025-06-24 21:31:09,421 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-5216.exe
2025-06-24 21:31:09,421 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-37800.exe
2025-06-24 21:31:09,421 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-42006.exe
2025-06-24 21:31:09,421 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-43797.exe
2025-06-24 21:31:09,421 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-54663.exe
2025-06-24 21:31:09,421 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-25140.exe
2025-06-24 21:31:09,421 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-40479.exe
2025-06-24 21:31:09,421 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-47440.exe
2025-06-24 21:31:09,421 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-20070.exe
2025-06-24 21:31:09,421 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-15527.exe
2025-06-24 21:31:09,421 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-39641.exe
2025-06-24 21:31:09,421 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-43922.exe
2025-06-24 21:31:09,421 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-9834.exe
2025-06-24 21:31:09,421 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-1488.exe
2025-06-24 21:31:09,421 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-25787.exe
2025-06-24 21:31:09,421 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-10717.exe
2025-06-24 21:31:09,421 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-3085.exe
2025-06-24 21:31:09,421 [analyzer] INFO: Analysis completed.

Cuckoo Log

2025-07-02 12:09:54,061 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:09:55,101 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:09:56,129 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:09:57,306 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:09:58,323 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:09:59,341 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:10:00,357 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:10:01,373 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:10:02,599 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:10:03,643 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:10:04,671 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:10:05,699 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:10:06,732 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:10:07,753 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:10:08,783 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:10:09,817 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:10:10,848 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:10:11,884 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:10:12,922 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:10:13,951 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:10:14,997 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:10:16,052 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:10:17,111 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:10:18,185 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:10:19,401 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:10:20,469 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:10:21,531 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:10:22,613 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:10:23,657 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:10:24,680 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:10:25,702 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:10:26,723 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:10:27,882 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:10:28,916 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:10:29,951 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:10:31,217 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:10:32,324 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:10:33,421 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:10:34,535 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:10:35,616 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:10:36,688 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:10:37,787 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:10:39,201 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:10:40,281 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:10:41,394 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:10:42,658 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:10:43,729 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:10:44,856 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:10:45,945 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:10:47,017 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:10:48,103 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:10:49,178 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:10:50,232 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:10:51,254 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:10:52,276 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:10:53,291 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:10:54,309 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:10:55,334 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:10:56,356 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:10:57,375 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:10:58,395 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:10:59,413 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:11:00,430 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:11:01,448 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:11:02,472 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:11:03,490 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:11:04,515 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:11:05,532 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:11:06,550 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:11:07,566 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:11:08,584 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:11:09,624 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:11:10,648 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:11:11,835 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:11:12,857 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:11:13,900 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:11:14,962 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:11:16,043 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:11:17,271 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:11:18,474 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:11:19,544 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:11:20,563 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:11:21,579 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:11:22,597 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:11:23,622 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:11:24,642 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:11:25,670 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:11:26,917 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:11:27,940 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:11:28,980 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:11:30,003 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:11:31,023 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:11:32,045 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:11:33,064 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:11:34,080 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:11:35,098 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:11:36,125 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:11:37,150 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:11:38,181 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:11:39,211 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:11:40,228 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:11:41,258 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:11:42,306 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:11:43,373 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:11:44,448 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:11:45,845 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:11:46,906 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:11:47,981 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:11:49,404 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:11:50,505 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:11:51,550 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:11:52,601 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:11:53,677 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:11:54,742 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:11:55,802 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:11:56,843 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:11:57,884 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:11:59,046 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:12:00,097 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:12:01,151 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:12:02,194 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:12:03,304 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:12:04,352 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:12:05,423 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:12:06,507 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:12:08,123 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:12:09,164 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:12:10,197 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:12:11,246 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:12:12,295 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:12:13,339 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:12:14,396 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:12:15,447 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:12:16,495 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:12:17,549 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:12:18,807 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:12:19,893 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:12:20,976 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:12:22,201 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:12:23,247 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:12:24,274 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:12:25,300 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:12:26,320 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:12:27,426 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:12:28,447 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:12:29,481 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:12:30,501 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:12:31,521 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:12:32,539 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:12:33,740 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:12:34,838 [cuckoo.core.scheduler] DEBUG: Task #6631122: no machine available yet
2025-07-02 12:12:35,879 [cuckoo.core.scheduler] INFO: Task #6631122: acquired machine win7x6412 (label=win7x6412)
2025-07-02 12:12:35,883 [cuckoo.core.resultserver] DEBUG: Now tracking machine 192.168.168.212 for task #6631122
2025-07-02 12:12:36,310 [cuckoo.auxiliary.sniffer] INFO: Started sniffer with PID 2751286 (interface=vboxnet0, host=192.168.168.212)
2025-07-02 12:12:37,493 [cuckoo.machinery.virtualbox] DEBUG: Starting vm win7x6412
2025-07-02 12:12:38,150 [cuckoo.machinery.virtualbox] DEBUG: Restoring virtual machine win7x6412 to vmcloak
2025-07-02 12:14:03,460 [cuckoo.core.guest] INFO: Starting analysis #6631122 on guest (id=win7x6412, ip=192.168.168.212)
2025-07-02 12:14:04,469 [cuckoo.core.guest] DEBUG: win7x6412: not ready yet
2025-07-02 12:14:09,523 [cuckoo.core.guest] INFO: Guest is running Cuckoo Agent 0.10 (id=win7x6412, ip=192.168.168.212)
2025-07-02 12:14:10,053 [cuckoo.core.guest] DEBUG: Uploading analyzer to guest (id=win7x6412, ip=192.168.168.212, monitor=latest, size=6660546)
2025-07-02 12:14:11,862 [cuckoo.core.resultserver] DEBUG: Task #6631122: live log analysis.log initialized.
2025-07-02 12:14:13,021 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:14:13,227 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:14:14,017 [cuckoo.core.resultserver] DEBUG: Task #6631122: File upload for 'shots/0001.jpg'
2025-07-02 12:14:14,070 [cuckoo.core.resultserver] DEBUG: Task #6631122 uploaded file length: 133480
2025-07-02 12:14:16,501 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:14:20,037 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:14:20,044 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:14:23,439 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:14:23,441 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:14:23,454 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:14:23,483 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:14:26,405 [cuckoo.core.guest] DEBUG: win7x6412: analysis #6631122 still processing
2025-07-02 12:14:28,095 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:14:28,097 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:14:28,239 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:14:28,240 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:14:28,242 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:14:28,248 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:14:28,251 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:14:29,818 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:14:30,254 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:14:30,333 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:14:31,056 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:14:31,068 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:14:31,387 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:14:31,403 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:14:31,420 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:14:31,424 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:14:31,429 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:14:31,431 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:14:31,432 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:14:31,434 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:14:31,717 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:14:31,755 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:14:33,654 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:14:33,660 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:14:33,664 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:14:34,038 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:14:34,056 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:14:34,399 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:14:34,505 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:14:34,647 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:14:34,888 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:14:35,388 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:14:35,427 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:14:35,911 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:14:36,165 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:14:36,294 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:14:36,309 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:14:36,807 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:14:36,868 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:14:36,977 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:14:37,191 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:14:38,126 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:14:38,136 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:14:38,258 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:14:38,263 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:14:39,379 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:14:39,399 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:14:39,417 [cuckoo.core.resultserver] DEBUG: Task #6631122: File upload for 'shots/0002.jpg'
2025-07-02 12:14:39,434 [cuckoo.core.resultserver] DEBUG: Task #6631122 uploaded file length: 63912
2025-07-02 12:14:39,468 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:14:40,587 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:14:40,593 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:14:40,624 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:14:40,708 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:14:40,785 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:14:41,168 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:14:41,192 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:14:41,690 [cuckoo.core.guest] DEBUG: win7x6412: analysis #6631122 still processing
2025-07-02 12:14:41,698 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:14:42,806 [cuckoo.core.resultserver] DEBUG: Task #6631122: File upload for 'shots/0003.jpg'
2025-07-02 12:14:42,847 [cuckoo.core.resultserver] DEBUG: Task #6631122 uploaded file length: 116361
2025-07-02 12:14:43,991 [cuckoo.core.resultserver] DEBUG: Task #6631122: File upload for 'shots/0004.jpg'
2025-07-02 12:14:44,066 [cuckoo.core.resultserver] DEBUG: Task #6631122 uploaded file length: 68074
2025-07-02 12:14:46,192 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:14:46,298 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:14:46,301 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:14:46,722 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:14:46,732 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:14:46,741 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:14:46,931 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:14:47,126 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:14:47,285 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:14:47,411 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:14:47,412 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:14:47,448 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:14:47,478 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:14:47,505 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:14:47,581 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:14:47,676 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:14:47,849 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:14:47,879 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:14:47,900 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:14:48,098 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:14:48,171 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:14:48,319 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:14:48,367 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:14:48,600 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:14:48,988 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:14:49,132 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:14:49,332 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:14:49,444 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:14:49,652 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:14:49,976 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:14:50,082 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:14:50,167 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:14:50,329 [cuckoo.core.resultserver] DEBUG: Task #6631122: File upload for 'shots/0005.jpg'
2025-07-02 12:14:50,353 [cuckoo.core.resultserver] DEBUG: Task #6631122 uploaded file length: 114750
2025-07-02 12:14:51,285 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:14:51,334 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:14:57,280 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:14:57,311 [cuckoo.core.guest] DEBUG: win7x6412: analysis #6631122 still processing
2025-07-02 12:14:57,880 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:14:57,925 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:14:57,926 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:14:57,971 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:14:57,980 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:14:58,017 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:14:58,762 [cuckoo.core.resultserver] DEBUG: Task #6631122: File upload for 'shots/0006.jpg'
2025-07-02 12:14:58,816 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:14:58,826 [cuckoo.core.resultserver] DEBUG: Task #6631122 uploaded file length: 123327
2025-07-02 12:14:59,113 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:14:59,285 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:14:59,991 [cuckoo.core.resultserver] DEBUG: Task #6631122: File upload for 'shots/0007.jpg'
2025-07-02 12:15:00,040 [cuckoo.core.resultserver] DEBUG: Task #6631122 uploaded file length: 134499
2025-07-02 12:15:00,117 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:00,290 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:00,295 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:00,330 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:00,345 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:00,398 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:00,677 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:02,707 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:02,730 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:02,743 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:02,744 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:02,745 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:02,749 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:02,753 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:02,754 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:02,756 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:02,758 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:02,759 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:02,760 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:02,941 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:03,014 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:03,045 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:03,075 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:03,161 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:03,163 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:03,167 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:03,193 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:03,346 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:03,374 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:03,426 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:03,491 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:09,107 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:09,130 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:09,308 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:09,464 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:13,150 [cuckoo.core.guest] DEBUG: win7x6412: analysis #6631122 still processing
2025-07-02 12:15:16,207 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:16,209 [cuckoo.core.resultserver] DEBUG: Task #6631122: File upload for 'shots/0008.jpg'
2025-07-02 12:15:16,211 [cuckoo.core.resultserver] DEBUG: Task #6631122 uploaded file length: 64955
2025-07-02 12:15:16,223 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:16,551 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:16,589 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:16,592 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:16,733 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:18,598 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:18,660 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:18,693 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:21,698 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:22,400 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:22,403 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:22,405 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:22,408 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:22,410 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:22,426 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:22,428 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:22,645 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:22,936 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:22,940 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:22,943 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:22,955 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:22,961 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:23,021 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:23,048 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:23,050 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:23,052 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:23,072 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:23,074 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:23,075 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:23,081 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:23,084 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:23,092 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:23,100 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:23,106 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:23,133 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:23,188 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:23,203 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:23,225 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:23,273 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:23,317 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:23,328 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:23,330 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:23,363 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:23,399 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:24,185 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:24,614 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:24,689 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:24,989 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:25,184 [cuckoo.core.resultserver] DEBUG: Task #6631122: File upload for 'shots/0009.jpg'
2025-07-02 12:15:25,265 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:25,274 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:25,284 [cuckoo.core.resultserver] DEBUG: Task #6631122 uploaded file length: 134499
2025-07-02 12:15:25,316 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:25,321 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:25,463 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:25,628 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:25,631 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:26,004 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:28,610 [cuckoo.core.guest] DEBUG: win7x6412: analysis #6631122 still processing
2025-07-02 12:15:38,227 [cuckoo.core.resultserver] DEBUG: Task #6631122: File upload for 'shots/0010.jpg'
2025-07-02 12:15:38,235 [cuckoo.core.resultserver] DEBUG: Task #6631122 uploaded file length: 64955
2025-07-02 12:15:42,531 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:42,601 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:43,900 [cuckoo.core.guest] DEBUG: win7x6412: analysis #6631122 still processing
2025-07-02 12:15:43,943 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:44,177 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:44,192 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:44,194 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:44,213 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:44,244 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:44,253 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:44,288 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:44,400 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:44,491 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:44,595 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:44,596 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:44,597 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:44,610 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:44,638 [cuckoo.core.resultserver] DEBUG: Task #6631122: File upload for 'shots/0011.jpg'
2025-07-02 12:15:44,701 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:44,712 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:44,737 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:44,747 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:44,749 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:44,805 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:44,838 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:44,888 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:44,894 [cuckoo.core.resultserver] DEBUG: Task #6631122 uploaded file length: 74322
2025-07-02 12:15:44,902 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:44,931 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:44,959 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:44,974 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:44,990 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:44,993 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:45,006 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:45,022 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:45,033 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:45,086 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:45,088 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:45,090 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:45,091 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:45,101 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:45,102 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:45,114 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:45,131 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:45,160 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:45,198 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:45,221 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:47,087 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:47,091 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:47,107 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:47,120 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:47,190 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:47,191 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:47,193 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:47,286 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:47,340 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:47,342 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:47,344 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:47,347 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:47,349 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:47,378 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:48,516 [cuckoo.core.resultserver] DEBUG: Task #6631122: File upload for 'shots/0012.jpg'
2025-07-02 12:15:48,541 [cuckoo.core.resultserver] DEBUG: Task #6631122 uploaded file length: 134499
2025-07-02 12:15:52,176 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:52,426 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:52,629 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:52,630 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:52,757 [cuckoo.core.resultserver] DEBUG: Task #6631122: File upload for 'shots/0013.jpg'
2025-07-02 12:15:52,782 [cuckoo.core.resultserver] DEBUG: Task #6631122 uploaded file length: 64955
2025-07-02 12:15:57,503 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:15:59,072 [cuckoo.core.guest] DEBUG: win7x6412: analysis #6631122 still processing
2025-07-02 12:16:03,182 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:16:03,731 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:16:05,275 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:16:05,318 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:16:05,322 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:16:05,463 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:16:05,483 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:16:05,485 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:16:05,486 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:16:05,487 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:16:05,501 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:16:05,595 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:16:05,597 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:16:05,608 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:16:05,620 [cuckoo.core.resultserver] DEBUG: Task #6631122: File upload for 'shots/0014.jpg'
2025-07-02 12:16:05,645 [cuckoo.core.resultserver] DEBUG: Task #6631122 uploaded file length: 74322
2025-07-02 12:16:05,665 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:16:05,667 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:16:05,676 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:16:05,703 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:16:05,708 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:16:06,058 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:16:06,069 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:16:06,070 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:16:06,074 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:16:06,075 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:16:06,076 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:16:06,077 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:16:06,080 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:16:06,097 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:16:07,388 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:16:07,392 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:16:07,394 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:16:07,395 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:16:07,396 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:16:07,396 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:16:07,460 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:16:07,461 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:16:07,609 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:16:07,642 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:16:07,645 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:16:07,741 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:16:07,744 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:16:07,751 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:16:07,752 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:16:07,753 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:16:07,757 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:16:07,758 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:16:08,586 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:16:08,590 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:16:08,629 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:16:08,631 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:16:08,632 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:16:08,633 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:16:08,634 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:16:08,654 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:16:08,655 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:16:08,656 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:16:08,925 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:16:10,381 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:16:10,399 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:16:10,434 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:16:13,788 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:16:13,789 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:16:14,314 [cuckoo.core.guest] DEBUG: win7x6412: analysis #6631122 still processing
2025-07-02 12:16:17,834 [cuckoo.core.resultserver] DEBUG: Task #6631122: File upload for 'shots/0015.jpg'
2025-07-02 12:16:17,861 [cuckoo.core.resultserver] DEBUG: Task #6631122 uploaded file length: 64955
2025-07-02 12:16:21,389 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:16:21,390 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:16:22,284 [cuckoo.core.resultserver] DEBUG: Task #6631122: File upload for 'shots/0016.jpg'
2025-07-02 12:16:22,296 [cuckoo.core.resultserver] DEBUG: Task #6631122 uploaded file length: 74322
2025-07-02 12:16:24,673 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:16:25,805 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:16:25,806 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:16:25,807 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:16:25,817 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:16:25,819 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:16:25,820 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:16:25,820 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:16:25,821 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:16:25,822 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:16:25,823 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:16:25,824 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:16:25,824 [cuckoo.core.resultserver] DEBUG: Task #6631122 is sending a BSON stream
2025-07-02 12:16:29,559 [cuckoo.core.guest] DEBUG: win7x6412: analysis #6631122 still processing
2025-07-02 12:16:38,902 [cuckoo.core.resultserver] DEBUG: Task #6631122: File upload for 'shots/0017.jpg'
2025-07-02 12:16:38,908 [cuckoo.core.resultserver] DEBUG: Task #6631122 uploaded file length: 64955
2025-07-02 12:16:44,689 [cuckoo.core.guest] DEBUG: win7x6412: analysis #6631122 still processing
2025-07-02 12:17:00,038 [cuckoo.core.guest] DEBUG: win7x6412: analysis #6631122 still processing
2025-07-02 12:17:15,514 [cuckoo.core.guest] DEBUG: win7x6412: analysis #6631122 still processing
2025-07-02 12:17:30,795 [cuckoo.core.guest] DEBUG: win7x6412: analysis #6631122 still processing
2025-07-02 12:17:36,064 [cuckoo.core.resultserver] DEBUG: Task #6631122: File upload for 'shots/0018.jpg'
2025-07-02 12:17:36,082 [cuckoo.core.resultserver] DEBUG: Task #6631122 uploaded file length: 69633
2025-07-02 12:17:46,331 [cuckoo.core.guest] DEBUG: win7x6412: analysis #6631122 still processing
2025-07-02 12:18:01,872 [cuckoo.core.guest] INFO: win7x6412: end of analysis reached!
2025-07-02 12:18:01,885 [cuckoo.core.plugins] DEBUG: Stopped auxiliary module: Redsocks
2025-07-02 12:18:01,914 [cuckoo.core.plugins] DEBUG: Stopped auxiliary module: Sniffer
2025-07-02 12:18:02,857 [cuckoo.machinery.virtualbox] INFO: Successfully generated memory dump for virtual machine with label win7x6412 to path /srv/cuckoo/cwd/storage/analyses/6631122/memory.dmp
2025-07-02 12:18:02,876 [cuckoo.machinery.virtualbox] DEBUG: Stopping vm win7x6412
2025-07-02 12:18:20,950 [cuckoo.core.resultserver] DEBUG: Task #6631122: File upload for 'curtain/1750793463.53.curtain.log'
2025-07-02 12:18:20,953 [cuckoo.core.resultserver] DEBUG: Task #6631122 uploaded file length: 36
2025-07-02 12:18:25,964 [cuckoo.core.resultserver] DEBUG: Task #6631122: File upload for 'sysmon/1750793466.3.sysmon.xml'
2025-07-02 12:18:26,366 [cuckoo.core.resultserver] DEBUG: Task #6631122 uploaded file length: 17460530
2025-07-02 12:18:26,496 [cuckoo.core.resultserver] DEBUG: Task #6631122: File upload for 'files/68367a9548a51041_unicorn-4403.exe'
2025-07-02 12:18:26,500 [cuckoo.core.resultserver] DEBUG: Task #6631122 uploaded file length: 479331
2025-07-02 12:18:26,503 [cuckoo.core.resultserver] DEBUG: Task #6631122: File upload for 'files/f14008d74c76cc4e_unicorn-65412.exe'
2025-07-02 12:18:26,507 [cuckoo.core.resultserver] DEBUG: Task #6631122 uploaded file length: 479329
2025-07-02 12:18:26,511 [cuckoo.core.resultserver] DEBUG: Task #6631122: File upload for 'files/c068fcaa47fd9a7f_unicorn-7566.exe'
2025-07-02 12:18:26,515 [cuckoo.core.resultserver] DEBUG: Task #6631122 uploaded file length: 479328
2025-07-02 12:18:26,520 [cuckoo.core.resultserver] DEBUG: Task #6631122: File upload for 'files/b9fa36503e49be61_unicorn-30492.exe'
2025-07-02 12:18:26,523 [cuckoo.core.resultserver] DEBUG: Task #6631122: File upload for 'files/a3ed381bf81ea63d_unicorn-2992.exe'
2025-07-02 12:18:26,526 [cuckoo.core.resultserver] DEBUG: Task #6631122 uploaded file length: 479328
2025-07-02 12:18:26,531 [cuckoo.core.resultserver] DEBUG: Task #6631122 uploaded file length: 479328
2025-07-02 12:18:26,535 [cuckoo.core.resultserver] DEBUG: Task #6631122: File upload for 'files/fe457416705acc4c_unicorn-45832.exe'
2025-07-02 12:18:26,538 [cuckoo.core.resultserver] DEBUG: Task #6631122 uploaded file length: 479328
2025-07-02 12:18:26,542 [cuckoo.core.resultserver] DEBUG: Task #6631122: File upload for 'files/8f37accceffbf365_unicorn-41676.exe'
2025-07-02 12:18:26,547 [cuckoo.core.resultserver] DEBUG: Task #6631122 uploaded file length: 479329
2025-07-02 12:18:26,550 [cuckoo.core.resultserver] DEBUG: Task #6631122: File upload for 'files/8da3ff5d59acb8ae_unicorn-2270.exe'
2025-07-02 12:18:26,554 [cuckoo.core.resultserver] DEBUG: Task #6631122 uploaded file length: 479329
2025-07-02 12:18:26,557 [cuckoo.core.resultserver] DEBUG: Task #6631122: File upload for 'files/89219e559e207cdc_unicorn-50823.exe'
2025-07-02 12:18:26,562 [cuckoo.core.resultserver] DEBUG: Task #6631122: File upload for 'files/46d12e06e89140b7_unicorn-61503.exe'
2025-07-02 12:18:26,566 [cuckoo.core.resultserver] DEBUG: Task #6631122 uploaded file length: 479329
2025-07-02 12:18:26,569 [cuckoo.core.resultserver] DEBUG: Task #6631122: File upload for 'files/3ed0928c96907793_unicorn-25256.exe'
2025-07-02 12:18:26,572 [cuckoo.core.resultserver] DEBUG: Task #6631122 uploaded file length: 479326
2025-07-02 12:18:26,576 [cuckoo.core.resultserver] DEBUG: Task #6631122 uploaded file length: 479327
2025-07-02 12:18:26,579 [cuckoo.core.resultserver] DEBUG: Task #6631122: File upload for 'files/5c33ba9542d11a31_unicorn-53714.exe'
2025-07-02 12:18:26,583 [cuckoo.core.resultserver] DEBUG: Task #6631122: File upload for 'files/9f347630e390fb8e_unicorn-2112.exe'
2025-07-02 12:18:26,585 [cuckoo.core.resultserver] DEBUG: Task #6631122 uploaded file length: 479327
2025-07-02 12:18:26,589 [cuckoo.core.resultserver] DEBUG: Task #6631122 uploaded file length: 479327
2025-07-02 12:18:26,591 [cuckoo.core.resultserver] DEBUG: Task #6631122: File upload for 'files/10a1354dd221dde4_unicorn-16950.exe'
2025-07-02 12:18:26,595 [cuckoo.core.resultserver] DEBUG: Task #6631122 uploaded file length: 479328
2025-07-02 12:18:26,598 [cuckoo.core.resultserver] DEBUG: Task #6631122: File upload for 'files/42b5cad61e0ce680_unicorn-13991.exe'
2025-07-02 12:18:26,604 [cuckoo.core.resultserver] DEBUG: Task #6631122 uploaded file length: 479330
2025-07-02 12:18:26,609 [cuckoo.core.resultserver] DEBUG: Task #6631122: File upload for 'files/da4a39339c61f63e_unicorn-55186.exe'
2025-07-02 12:18:26,614 [cuckoo.core.resultserver] DEBUG: Task #6631122 uploaded file length: 479327
2025-07-02 12:18:26,618 [cuckoo.core.resultserver] DEBUG: Task #6631122: File upload for 'files/d65f7651c71fcd8f_unicorn-33943.exe'
2025-07-02 12:18:26,622 [cuckoo.core.resultserver] DEBUG: Task #6631122 uploaded file length: 479327
2025-07-02 12:18:26,628 [cuckoo.core.resultserver] DEBUG: Task #6631122: File upload for 'files/2d61796d8c607ba7_unicorn-48831.exe'
2025-07-02 12:18:26,633 [cuckoo.core.resultserver] DEBUG: Task #6631122 uploaded file length: 479329
2025-07-02 12:18:26,639 [cuckoo.core.resultserver] DEBUG: Task #6631122: File upload for 'files/634af8ef1cfc7d73_unicorn-19635.exe'
2025-07-02 12:18:26,644 [cuckoo.core.resultserver] DEBUG: Task #6631122 uploaded file length: 479331
2025-07-02 12:18:26,648 [cuckoo.core.resultserver] DEBUG: Task #6631122: File upload for 'files/7737b2edfd3d32be_unicorn-541.exe'
2025-07-02 12:18:26,653 [cuckoo.core.resultserver] DEBUG: Task #6631122 uploaded file length: 479327
2025-07-02 12:18:26,660 [cuckoo.core.resultserver] DEBUG: Task #6631122: File upload for 'files/05b87d29d904c620_unicorn-29512.exe'
2025-07-02 12:18:26,665 [cuckoo.core.resultserver] DEBUG: Task #6631122 uploaded file length: 479327
2025-07-02 12:18:26,670 [cuckoo.core.resultserver] DEBUG: Task #6631122: File upload for 'files/3d2dac748ce120e1_unicorn-36065.exe'
2025-07-02 12:18:26,675 [cuckoo.core.resultserver] DEBUG: Task #6631122 uploaded file length: 479326
2025-07-02 12:18:26,678 [cuckoo.core.resultserver] DEBUG: Task #6631122: File upload for 'files/d77e009ab54cc9f8_unicorn-65352.exe'
2025-07-02 12:18:26,682 [cuckoo.core.resultserver] DEBUG: Task #6631122 uploaded file length: 479327
2025-07-02 12:18:26,686 [cuckoo.core.resultserver] DEBUG: Task #6631122: File upload for 'files/345764605a24b51d_unicorn-63468.exe'
2025-07-02 12:18:26,690 [cuckoo.core.resultserver] DEBUG: Task #6631122 uploaded file length: 479329
2025-07-02 12:18:26,695 [cuckoo.core.resultserver] DEBUG: Task #6631122: File upload for 'files/2566d1eeedd01aab_unicorn-48575.exe'
2025-07-02 12:18:26,711 [cuckoo.core.resultserver] DEBUG: Task #6631122 uploaded file length: 479329
2025-07-02 12:18:26,999 [cuckoo.core.resultserver] DEBUG: Task #6631122 had connection reset for <Context for LOG>
2025-07-02 12:20:10,170 [cuckoo.core.resultserver] DEBUG: Stopped tracking machine 192.168.168.212 for task #6631122
2025-07-02 12:20:11,346 [cuckoo.core.scheduler] DEBUG: Released database task #6631122
2025-07-02 12:20:11,368 [cuckoo.core.scheduler] INFO: Task #6631122: analysis procedure completed

Signatures

Yara rule detected for file (1 event)

description

(no description)

rule

SEH__vba

One or more processes crashed (50 out of 1537 events)

Time & API	Arguments	Status
__exception__ June 24, 2025, 10:27 p.m.	stacktrace: IID_IVbaHost+0x236f3 UserDllMain-0x41bc4 msvbvm60+0x51d33 @ 0x72991d33 c1585307df31316a_unicorn-39186+0x297eb @ 0x4297eb IID_IVbaHost+0x239f4 UserDllMain-0x418c3 msvbvm60+0x52034 @ 0x72992034 IID_IVbaHost+0x23e5b UserDllMain-0x4145c msvbvm60+0x5249b @ 0x7299249b IID_IVbaHost+0x24027 UserDllMain-0x41290 msvbvm60+0x52667 @ 0x72992667 DllCanUnloadNow+0x1c1d9 DllRegisterServer-0xa1b8 msvbvm60+0xbbe8b @ 0x729fbe8b IID_IVbaHost+0x2e809 UserDllMain-0x36aae msvbvm60+0x5ce49 @ 0x7299ce49 IID_IVbaHost+0x3133d UserDllMain-0x33f7a msvbvm60+0x5f97d @ 0x7299f97d gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x764662fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x76466d3a CharPrevW+0x138 TranslateMessage-0x45 user32+0x177c4 @ 0x764677c4 DispatchMessageA+0xf GetMessageA-0x9 user32+0x17bca @ 0x76467bca __vbaStrToAnsi+0x2f1 EbGetObjConnectionCounts-0x479 msvbvm60+0xa6c8 @ 0x7294a6c8 __vbaStrToAnsi+0x268 EbGetObjConnectionCounts-0x502 msvbvm60+0xa63f @ 0x7294a63f __vbaStrToAnsi+0x146 EbGetObjConnectionCounts-0x624 msvbvm60+0xa51d @ 0x7294a51d exception.instruction_r: 00 00 75 fb 68 f8 c2 42 00 68 e4 9a 42 00 ff 15 exception.symbol: c1585307df31316a_unicorn-39186+0x2ae48 exception.instruction: add byte ptr [eax], al exception.module: c1585307df31316a_unicorn-39186.exe exception.exception_code: 0xc0000005 exception.offset: 175688 exception.address: 0x42ae48 registers.esp: 1636952 registers.edi: 1637180 registers.eax: 0 registers.ebp: 1637168 registers.edx: 32571765 registers.ebx: 1 registers.esi: 1637388 registers.ecx: 1995520170	1
__exception__ June 24, 2025, 10:27 p.m.	stacktrace: EbGetHandleOfExecutingProject+0x22b3 rtcPackDate-0xba9 msvbvm60+0xd0dcf @ 0x72a10dcf rtcDoEvents+0x131 __vbaError-0x626 msvbvm60+0xce228 @ 0x72a0e228 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xc41f exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xc000008f exception.offset: 50207 exception.address: 0x75a8c41f registers.esp: 1634992 registers.edi: 5640080 registers.eax: 1634992 registers.ebp: 1635072 registers.edx: 0 registers.ebx: 5640080 registers.esi: 5640080 registers.ecx: 2	1
__exception__ June 24, 2025, 10:27 p.m.	stacktrace: IID_IVbaHost+0x236f3 UserDllMain-0x41bc4 msvbvm60+0x51d33 @ 0x72991d33 c1585307df31316a_unicorn-39186+0x297eb @ 0x4297eb IID_IVbaHost+0x239f4 UserDllMain-0x418c3 msvbvm60+0x52034 @ 0x72992034 IID_IVbaHost+0x23e5b UserDllMain-0x4145c msvbvm60+0x5249b @ 0x7299249b IID_IVbaHost+0x24027 UserDllMain-0x41290 msvbvm60+0x52667 @ 0x72992667 DllCanUnloadNow+0x1c1d9 DllRegisterServer-0xa1b8 msvbvm60+0xbbe8b @ 0x729fbe8b IID_IVbaHost+0x2e809 UserDllMain-0x36aae msvbvm60+0x5ce49 @ 0x7299ce49 IID_IVbaHost+0x3133d UserDllMain-0x33f7a msvbvm60+0x5f97d @ 0x7299f97d gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x764662fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x76466d3a CharPrevW+0x138 TranslateMessage-0x45 user32+0x177c4 @ 0x764677c4 DispatchMessageA+0xf GetMessageA-0x9 user32+0x17bca @ 0x76467bca __vbaStrToAnsi+0x2f1 EbGetObjConnectionCounts-0x479 msvbvm60+0xa6c8 @ 0x7294a6c8 __vbaStrToAnsi+0x268 EbGetObjConnectionCounts-0x502 msvbvm60+0xa63f @ 0x7294a63f __vbaStrToAnsi+0x146 EbGetObjConnectionCounts-0x624 msvbvm60+0xa51d @ 0x7294a51d exception.instruction_r: 18 10 40 00 c7 45 f0 00 00 00 00 9b 68 7e b0 42 exception.symbol: c1585307df31316a_unicorn-39186+0x2b01e exception.instruction: sbb byte ptr [eax], dl exception.module: c1585307df31316a_unicorn-39186.exe exception.exception_code: 0xc0000005 exception.offset: 176158 exception.address: 0x42b01e registers.esp: 1636952 registers.edi: 1637135 registers.eax: 4095 registers.ebp: 1637168 registers.edx: 20 registers.ebx: 4370453 registers.esi: 4198912 registers.ecx: 0	1
__exception__ June 24, 2025, 10:27 p.m.	stacktrace: EbGetHandleOfExecutingProject+0x22b3 rtcPackDate-0xba9 msvbvm60+0xd0dcf @ 0x72a10dcf rtcDoEvents+0x131 __vbaError-0x626 msvbvm60+0xce228 @ 0x72a0e228 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xc41f exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xc000008f exception.offset: 50207 exception.address: 0x75a8c41f registers.esp: 1634992 registers.edi: 5640080 registers.eax: 1634992 registers.ebp: 1635072 registers.edx: 0 registers.ebx: 5640080 registers.esi: 5640080 registers.ecx: 2	1
__exception__ June 24, 2025, 10:27 p.m.	stacktrace: IID_IVbaHost+0x236f3 UserDllMain-0x41bc4 msvbvm60+0x51d33 @ 0x72991d33 c1585307df31316a_unicorn-39186+0x297eb @ 0x4297eb IID_IVbaHost+0x239f4 UserDllMain-0x418c3 msvbvm60+0x52034 @ 0x72992034 IID_IVbaHost+0x23e5b UserDllMain-0x4145c msvbvm60+0x5249b @ 0x7299249b IID_IVbaHost+0x24027 UserDllMain-0x41290 msvbvm60+0x52667 @ 0x72992667 DllCanUnloadNow+0x1c1d9 DllRegisterServer-0xa1b8 msvbvm60+0xbbe8b @ 0x729fbe8b IID_IVbaHost+0x2e809 UserDllMain-0x36aae msvbvm60+0x5ce49 @ 0x7299ce49 IID_IVbaHost+0x3133d UserDllMain-0x33f7a msvbvm60+0x5f97d @ 0x7299f97d gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x764662fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x76466d3a CharPrevW+0x138 TranslateMessage-0x45 user32+0x177c4 @ 0x764677c4 DispatchMessageA+0xf GetMessageA-0x9 user32+0x17bca @ 0x76467bca __vbaStrToAnsi+0x2f1 EbGetObjConnectionCounts-0x479 msvbvm60+0xa6c8 @ 0x7294a6c8 __vbaStrToAnsi+0x268 EbGetObjConnectionCounts-0x502 msvbvm60+0xa63f @ 0x7294a63f __vbaStrToAnsi+0x146 EbGetObjConnectionCounts-0x624 msvbvm60+0xa51d @ 0x7294a51d exception.instruction_r: 00 00 75 fb 68 f8 c2 42 00 68 e4 9a 42 00 ff 15 exception.symbol: c1585307df31316a_unicorn-39186+0x2ae48 exception.instruction: add byte ptr [eax], al exception.module: c1585307df31316a_unicorn-39186.exe exception.exception_code: 0xc0000005 exception.offset: 175688 exception.address: 0x42ae48 registers.esp: 1636952 registers.edi: 1637180 registers.eax: 0 registers.ebp: 1637168 registers.edx: 32571765 registers.ebx: 1 registers.esi: 1637388 registers.ecx: 1995520170	1
__exception__ June 24, 2025, 10:27 p.m.	stacktrace: EbGetHandleOfExecutingProject+0x22b3 rtcPackDate-0xba9 msvbvm60+0xd0dcf @ 0x72a10dcf rtcDoEvents+0x131 __vbaError-0x626 msvbvm60+0xce228 @ 0x72a0e228 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xc41f exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xc000008f exception.offset: 50207 exception.address: 0x75a8c41f registers.esp: 1634992 registers.edi: 5640080 registers.eax: 1634992 registers.ebp: 1635072 registers.edx: 0 registers.ebx: 5640080 registers.esi: 5640080 registers.ecx: 2	1
__exception__ June 24, 2025, 10:27 p.m.	stacktrace: IID_IVbaHost+0x236f3 UserDllMain-0x41bc4 msvbvm60+0x51d33 @ 0x72991d33 c1585307df31316a_unicorn-39186+0x297eb @ 0x4297eb IID_IVbaHost+0x239f4 UserDllMain-0x418c3 msvbvm60+0x52034 @ 0x72992034 IID_IVbaHost+0x23e5b UserDllMain-0x4145c msvbvm60+0x5249b @ 0x7299249b IID_IVbaHost+0x24027 UserDllMain-0x41290 msvbvm60+0x52667 @ 0x72992667 DllCanUnloadNow+0x1c1d9 DllRegisterServer-0xa1b8 msvbvm60+0xbbe8b @ 0x729fbe8b IID_IVbaHost+0x2e809 UserDllMain-0x36aae msvbvm60+0x5ce49 @ 0x7299ce49 IID_IVbaHost+0x3133d UserDllMain-0x33f7a msvbvm60+0x5f97d @ 0x7299f97d gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x764662fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x76466d3a CharPrevW+0x138 TranslateMessage-0x45 user32+0x177c4 @ 0x764677c4 DispatchMessageA+0xf GetMessageA-0x9 user32+0x17bca @ 0x76467bca __vbaStrToAnsi+0x2f1 EbGetObjConnectionCounts-0x479 msvbvm60+0xa6c8 @ 0x7294a6c8 __vbaStrToAnsi+0x268 EbGetObjConnectionCounts-0x502 msvbvm60+0xa63f @ 0x7294a63f __vbaStrToAnsi+0x146 EbGetObjConnectionCounts-0x624 msvbvm60+0xa51d @ 0x7294a51d exception.instruction_r: 18 10 40 00 c7 45 f0 00 00 00 00 9b 68 7e b0 42 exception.symbol: c1585307df31316a_unicorn-39186+0x2b01e exception.instruction: sbb byte ptr [eax], dl exception.module: c1585307df31316a_unicorn-39186.exe exception.exception_code: 0xc0000005 exception.offset: 176158 exception.address: 0x42b01e registers.esp: 1636952 registers.edi: 1637135 registers.eax: 4095 registers.ebp: 1637168 registers.edx: 20 registers.ebx: 4370453 registers.esi: 4198912 registers.ecx: 0	1
__exception__ June 24, 2025, 10:27 p.m.	stacktrace: EbGetHandleOfExecutingProject+0x22b3 rtcPackDate-0xba9 msvbvm60+0xd0dcf @ 0x72a10dcf rtcDoEvents+0x131 __vbaError-0x626 msvbvm60+0xce228 @ 0x72a0e228 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xc41f exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xc000008f exception.offset: 50207 exception.address: 0x75a8c41f registers.esp: 1634992 registers.edi: 5640080 registers.eax: 1634992 registers.ebp: 1635072 registers.edx: 0 registers.ebx: 5640080 registers.esi: 5640080 registers.ecx: 2	1
__exception__ June 24, 2025, 10:27 p.m.	stacktrace: IID_IVbaHost+0x236f3 UserDllMain-0x41bc4 msvbvm60+0x51d33 @ 0x72991d33 c1585307df31316a_unicorn-39186+0x297eb @ 0x4297eb IID_IVbaHost+0x239f4 UserDllMain-0x418c3 msvbvm60+0x52034 @ 0x72992034 IID_IVbaHost+0x23e5b UserDllMain-0x4145c msvbvm60+0x5249b @ 0x7299249b IID_IVbaHost+0x24027 UserDllMain-0x41290 msvbvm60+0x52667 @ 0x72992667 DllCanUnloadNow+0x1c1d9 DllRegisterServer-0xa1b8 msvbvm60+0xbbe8b @ 0x729fbe8b IID_IVbaHost+0x2e809 UserDllMain-0x36aae msvbvm60+0x5ce49 @ 0x7299ce49 IID_IVbaHost+0x3133d UserDllMain-0x33f7a msvbvm60+0x5f97d @ 0x7299f97d gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x764662fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x76466d3a CharPrevW+0x138 TranslateMessage-0x45 user32+0x177c4 @ 0x764677c4 DispatchMessageA+0xf GetMessageA-0x9 user32+0x17bca @ 0x76467bca __vbaStrToAnsi+0x2f1 EbGetObjConnectionCounts-0x479 msvbvm60+0xa6c8 @ 0x7294a6c8 __vbaStrToAnsi+0x268 EbGetObjConnectionCounts-0x502 msvbvm60+0xa63f @ 0x7294a63f __vbaStrToAnsi+0x146 EbGetObjConnectionCounts-0x624 msvbvm60+0xa51d @ 0x7294a51d exception.instruction_r: 00 00 75 fb 68 f8 c2 42 00 68 e4 9a 42 00 ff 15 exception.symbol: c1585307df31316a_unicorn-39186+0x2ae48 exception.instruction: add byte ptr [eax], al exception.module: c1585307df31316a_unicorn-39186.exe exception.exception_code: 0xc0000005 exception.offset: 175688 exception.address: 0x42ae48 registers.esp: 1636952 registers.edi: 1637180 registers.eax: 0 registers.ebp: 1637168 registers.edx: 32571765 registers.ebx: 1 registers.esi: 1637388 registers.ecx: 1995520170	1
__exception__ June 24, 2025, 10:27 p.m.	stacktrace: EbGetHandleOfExecutingProject+0x22b3 rtcPackDate-0xba9 msvbvm60+0xd0dcf @ 0x72a10dcf rtcDoEvents+0x131 __vbaError-0x626 msvbvm60+0xce228 @ 0x72a0e228 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xc41f exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xc000008f exception.offset: 50207 exception.address: 0x75a8c41f registers.esp: 1634992 registers.edi: 5640080 registers.eax: 1634992 registers.ebp: 1635072 registers.edx: 0 registers.ebx: 5640080 registers.esi: 5640080 registers.ecx: 2	1
__exception__ June 24, 2025, 10:27 p.m.	stacktrace: IID_IVbaHost+0x236f3 UserDllMain-0x41bc4 msvbvm60+0x51d33 @ 0x72991d33 c1585307df31316a_unicorn-39186+0x297eb @ 0x4297eb IID_IVbaHost+0x239f4 UserDllMain-0x418c3 msvbvm60+0x52034 @ 0x72992034 IID_IVbaHost+0x23e5b UserDllMain-0x4145c msvbvm60+0x5249b @ 0x7299249b IID_IVbaHost+0x24027 UserDllMain-0x41290 msvbvm60+0x52667 @ 0x72992667 DllCanUnloadNow+0x1c1d9 DllRegisterServer-0xa1b8 msvbvm60+0xbbe8b @ 0x729fbe8b IID_IVbaHost+0x2e809 UserDllMain-0x36aae msvbvm60+0x5ce49 @ 0x7299ce49 IID_IVbaHost+0x3133d UserDllMain-0x33f7a msvbvm60+0x5f97d @ 0x7299f97d gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x764662fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x76466d3a CharPrevW+0x138 TranslateMessage-0x45 user32+0x177c4 @ 0x764677c4 DispatchMessageA+0xf GetMessageA-0x9 user32+0x17bca @ 0x76467bca __vbaStrToAnsi+0x2f1 EbGetObjConnectionCounts-0x479 msvbvm60+0xa6c8 @ 0x7294a6c8 __vbaStrToAnsi+0x268 EbGetObjConnectionCounts-0x502 msvbvm60+0xa63f @ 0x7294a63f __vbaStrToAnsi+0x146 EbGetObjConnectionCounts-0x624 msvbvm60+0xa51d @ 0x7294a51d exception.instruction_r: 18 10 40 00 c7 45 f0 00 00 00 00 9b 68 7e b0 42 exception.symbol: c1585307df31316a_unicorn-39186+0x2b01e exception.instruction: sbb byte ptr [eax], dl exception.module: c1585307df31316a_unicorn-39186.exe exception.exception_code: 0xc0000005 exception.offset: 176158 exception.address: 0x42b01e registers.esp: 1636952 registers.edi: 1637135 registers.eax: 4095 registers.ebp: 1637168 registers.edx: 20 registers.ebx: 4370453 registers.esi: 4198912 registers.ecx: 0	1
__exception__ June 24, 2025, 10:27 p.m.	stacktrace: EbGetHandleOfExecutingProject+0x22b3 rtcPackDate-0xba9 msvbvm60+0xd0dcf @ 0x72a10dcf rtcDoEvents+0x131 __vbaError-0x626 msvbvm60+0xce228 @ 0x72a0e228 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xc41f exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xc000008f exception.offset: 50207 exception.address: 0x75a8c41f registers.esp: 1634992 registers.edi: 5640080 registers.eax: 1634992 registers.ebp: 1635072 registers.edx: 0 registers.ebx: 5640080 registers.esi: 5640080 registers.ecx: 2	1
__exception__ June 24, 2025, 10:27 p.m.	stacktrace: IID_IVbaHost+0x236f3 UserDllMain-0x41bc4 msvbvm60+0x51d33 @ 0x72991d33 c1585307df31316a_unicorn-39186+0x297eb @ 0x4297eb IID_IVbaHost+0x239f4 UserDllMain-0x418c3 msvbvm60+0x52034 @ 0x72992034 IID_IVbaHost+0x23e5b UserDllMain-0x4145c msvbvm60+0x5249b @ 0x7299249b IID_IVbaHost+0x24027 UserDllMain-0x41290 msvbvm60+0x52667 @ 0x72992667 DllCanUnloadNow+0x1c1d9 DllRegisterServer-0xa1b8 msvbvm60+0xbbe8b @ 0x729fbe8b IID_IVbaHost+0x2e809 UserDllMain-0x36aae msvbvm60+0x5ce49 @ 0x7299ce49 IID_IVbaHost+0x3133d UserDllMain-0x33f7a msvbvm60+0x5f97d @ 0x7299f97d gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x764662fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x76466d3a CharPrevW+0x138 TranslateMessage-0x45 user32+0x177c4 @ 0x764677c4 DispatchMessageA+0xf GetMessageA-0x9 user32+0x17bca @ 0x76467bca __vbaStrToAnsi+0x2f1 EbGetObjConnectionCounts-0x479 msvbvm60+0xa6c8 @ 0x7294a6c8 __vbaStrToAnsi+0x268 EbGetObjConnectionCounts-0x502 msvbvm60+0xa63f @ 0x7294a63f __vbaStrToAnsi+0x146 EbGetObjConnectionCounts-0x624 msvbvm60+0xa51d @ 0x7294a51d exception.instruction_r: 00 00 75 fb 68 f8 c2 42 00 68 e4 9a 42 00 ff 15 exception.symbol: c1585307df31316a_unicorn-39186+0x2ae48 exception.instruction: add byte ptr [eax], al exception.module: c1585307df31316a_unicorn-39186.exe exception.exception_code: 0xc0000005 exception.offset: 175688 exception.address: 0x42ae48 registers.esp: 1636952 registers.edi: 1637180 registers.eax: 0 registers.ebp: 1637168 registers.edx: 32599541 registers.ebx: 1 registers.esi: 1637388 registers.ecx: 1995520170	1
__exception__ June 24, 2025, 10:27 p.m.	stacktrace: EbGetHandleOfExecutingProject+0x22b3 rtcPackDate-0xba9 msvbvm60+0xd0dcf @ 0x72a10dcf rtcDoEvents+0x131 __vbaError-0x626 msvbvm60+0xce228 @ 0x72a0e228 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xc41f exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xc000008f exception.offset: 50207 exception.address: 0x75a8c41f registers.esp: 1634992 registers.edi: 5640080 registers.eax: 1634992 registers.ebp: 1635072 registers.edx: 0 registers.ebx: 5640080 registers.esi: 5640080 registers.ecx: 2	1
__exception__ June 24, 2025, 10:27 p.m.	stacktrace: IID_IVbaHost+0x236f3 UserDllMain-0x41bc4 msvbvm60+0x51d33 @ 0x72991d33 c1585307df31316a_unicorn-39186+0x297eb @ 0x4297eb IID_IVbaHost+0x239f4 UserDllMain-0x418c3 msvbvm60+0x52034 @ 0x72992034 IID_IVbaHost+0x23e5b UserDllMain-0x4145c msvbvm60+0x5249b @ 0x7299249b IID_IVbaHost+0x24027 UserDllMain-0x41290 msvbvm60+0x52667 @ 0x72992667 DllCanUnloadNow+0x1c1d9 DllRegisterServer-0xa1b8 msvbvm60+0xbbe8b @ 0x729fbe8b IID_IVbaHost+0x2e809 UserDllMain-0x36aae msvbvm60+0x5ce49 @ 0x7299ce49 IID_IVbaHost+0x3133d UserDllMain-0x33f7a msvbvm60+0x5f97d @ 0x7299f97d gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x764662fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x76466d3a CharPrevW+0x138 TranslateMessage-0x45 user32+0x177c4 @ 0x764677c4 DispatchMessageA+0xf GetMessageA-0x9 user32+0x17bca @ 0x76467bca __vbaStrToAnsi+0x2f1 EbGetObjConnectionCounts-0x479 msvbvm60+0xa6c8 @ 0x7294a6c8 __vbaStrToAnsi+0x268 EbGetObjConnectionCounts-0x502 msvbvm60+0xa63f @ 0x7294a63f __vbaStrToAnsi+0x146 EbGetObjConnectionCounts-0x624 msvbvm60+0xa51d @ 0x7294a51d exception.instruction_r: 18 10 40 00 c7 45 f0 00 00 00 00 9b 68 7e b0 42 exception.symbol: c1585307df31316a_unicorn-39186+0x2b01e exception.instruction: sbb byte ptr [eax], dl exception.module: c1585307df31316a_unicorn-39186.exe exception.exception_code: 0xc0000005 exception.offset: 176158 exception.address: 0x42b01e registers.esp: 1636952 registers.edi: 1637135 registers.eax: 4095 registers.ebp: 1637168 registers.edx: 20 registers.ebx: 4370453 registers.esi: 4198912 registers.ecx: 0	1
__exception__ June 24, 2025, 10:27 p.m.	stacktrace: EbGetHandleOfExecutingProject+0x22b3 rtcPackDate-0xba9 msvbvm60+0xd0dcf @ 0x72a10dcf rtcDoEvents+0x131 __vbaError-0x626 msvbvm60+0xce228 @ 0x72a0e228 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xc41f exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xc000008f exception.offset: 50207 exception.address: 0x75a8c41f registers.esp: 1634992 registers.edi: 5640080 registers.eax: 1634992 registers.ebp: 1635072 registers.edx: 0 registers.ebx: 5640080 registers.esi: 5640080 registers.ecx: 2	1
__exception__ June 24, 2025, 10:28 p.m.	stacktrace: IID_IVbaHost+0x236f3 UserDllMain-0x41bc4 msvbvm60+0x51d33 @ 0x72991d33 c1585307df31316a_unicorn-39186+0x297eb @ 0x4297eb IID_IVbaHost+0x239f4 UserDllMain-0x418c3 msvbvm60+0x52034 @ 0x72992034 IID_IVbaHost+0x23e5b UserDllMain-0x4145c msvbvm60+0x5249b @ 0x7299249b IID_IVbaHost+0x24027 UserDllMain-0x41290 msvbvm60+0x52667 @ 0x72992667 DllCanUnloadNow+0x1c1d9 DllRegisterServer-0xa1b8 msvbvm60+0xbbe8b @ 0x729fbe8b IID_IVbaHost+0x2e809 UserDllMain-0x36aae msvbvm60+0x5ce49 @ 0x7299ce49 IID_IVbaHost+0x3133d UserDllMain-0x33f7a msvbvm60+0x5f97d @ 0x7299f97d gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x764662fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x76466d3a CharPrevW+0x138 TranslateMessage-0x45 user32+0x177c4 @ 0x764677c4 DispatchMessageA+0xf GetMessageA-0x9 user32+0x17bca @ 0x76467bca __vbaStrToAnsi+0x2f1 EbGetObjConnectionCounts-0x479 msvbvm60+0xa6c8 @ 0x7294a6c8 __vbaStrToAnsi+0x268 EbGetObjConnectionCounts-0x502 msvbvm60+0xa63f @ 0x7294a63f __vbaStrToAnsi+0x146 EbGetObjConnectionCounts-0x624 msvbvm60+0xa51d @ 0x7294a51d exception.instruction_r: 00 00 75 fb 68 f8 c2 42 00 68 e4 9a 42 00 ff 15 exception.symbol: c1585307df31316a_unicorn-39186+0x2ae48 exception.instruction: add byte ptr [eax], al exception.module: c1585307df31316a_unicorn-39186.exe exception.exception_code: 0xc0000005 exception.offset: 175688 exception.address: 0x42ae48 registers.esp: 1636952 registers.edi: 1637180 registers.eax: 0 registers.ebp: 1637168 registers.edx: 32571765 registers.ebx: 1 registers.esi: 1637388 registers.ecx: 1995520170	1
__exception__ June 24, 2025, 10:28 p.m.	stacktrace: EbGetHandleOfExecutingProject+0x22b3 rtcPackDate-0xba9 msvbvm60+0xd0dcf @ 0x72a10dcf rtcDoEvents+0x131 __vbaError-0x626 msvbvm60+0xce228 @ 0x72a0e228 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xc41f exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xc000008f exception.offset: 50207 exception.address: 0x75a8c41f registers.esp: 1634992 registers.edi: 5640080 registers.eax: 1634992 registers.ebp: 1635072 registers.edx: 0 registers.ebx: 5640080 registers.esi: 5640080 registers.ecx: 2	1
__exception__ June 24, 2025, 10:28 p.m.	stacktrace: IID_IVbaHost+0x236f3 UserDllMain-0x41bc4 msvbvm60+0x51d33 @ 0x72991d33 c1585307df31316a_unicorn-39186+0x297eb @ 0x4297eb IID_IVbaHost+0x239f4 UserDllMain-0x418c3 msvbvm60+0x52034 @ 0x72992034 IID_IVbaHost+0x23e5b UserDllMain-0x4145c msvbvm60+0x5249b @ 0x7299249b IID_IVbaHost+0x24027 UserDllMain-0x41290 msvbvm60+0x52667 @ 0x72992667 DllCanUnloadNow+0x1c1d9 DllRegisterServer-0xa1b8 msvbvm60+0xbbe8b @ 0x729fbe8b IID_IVbaHost+0x2e809 UserDllMain-0x36aae msvbvm60+0x5ce49 @ 0x7299ce49 IID_IVbaHost+0x3133d UserDllMain-0x33f7a msvbvm60+0x5f97d @ 0x7299f97d gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x764662fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x76466d3a CharPrevW+0x138 TranslateMessage-0x45 user32+0x177c4 @ 0x764677c4 DispatchMessageA+0xf GetMessageA-0x9 user32+0x17bca @ 0x76467bca __vbaStrToAnsi+0x2f1 EbGetObjConnectionCounts-0x479 msvbvm60+0xa6c8 @ 0x7294a6c8 __vbaStrToAnsi+0x268 EbGetObjConnectionCounts-0x502 msvbvm60+0xa63f @ 0x7294a63f __vbaStrToAnsi+0x146 EbGetObjConnectionCounts-0x624 msvbvm60+0xa51d @ 0x7294a51d exception.instruction_r: 18 10 40 00 c7 45 f0 00 00 00 00 9b 68 7e b0 42 exception.symbol: c1585307df31316a_unicorn-39186+0x2b01e exception.instruction: sbb byte ptr [eax], dl exception.module: c1585307df31316a_unicorn-39186.exe exception.exception_code: 0xc0000005 exception.offset: 176158 exception.address: 0x42b01e registers.esp: 1636952 registers.edi: 1637135 registers.eax: 4095 registers.ebp: 1637168 registers.edx: 20 registers.ebx: 4370453 registers.esi: 4198912 registers.ecx: 0	1
__exception__ June 24, 2025, 10:28 p.m.	stacktrace: EbGetHandleOfExecutingProject+0x22b3 rtcPackDate-0xba9 msvbvm60+0xd0dcf @ 0x72a10dcf rtcDoEvents+0x131 __vbaError-0x626 msvbvm60+0xce228 @ 0x72a0e228 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xc41f exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xc000008f exception.offset: 50207 exception.address: 0x75a8c41f registers.esp: 1634992 registers.edi: 5640080 registers.eax: 1634992 registers.ebp: 1635072 registers.edx: 0 registers.ebx: 5640080 registers.esi: 5640080 registers.ecx: 2	1
__exception__ June 24, 2025, 10:28 p.m.	stacktrace: IID_IVbaHost+0x236f3 UserDllMain-0x41bc4 msvbvm60+0x51d33 @ 0x72991d33 c1585307df31316a_unicorn-39186+0x297eb @ 0x4297eb IID_IVbaHost+0x239f4 UserDllMain-0x418c3 msvbvm60+0x52034 @ 0x72992034 IID_IVbaHost+0x23e5b UserDllMain-0x4145c msvbvm60+0x5249b @ 0x7299249b IID_IVbaHost+0x24027 UserDllMain-0x41290 msvbvm60+0x52667 @ 0x72992667 DllCanUnloadNow+0x1c1d9 DllRegisterServer-0xa1b8 msvbvm60+0xbbe8b @ 0x729fbe8b IID_IVbaHost+0x2e809 UserDllMain-0x36aae msvbvm60+0x5ce49 @ 0x7299ce49 IID_IVbaHost+0x3133d UserDllMain-0x33f7a msvbvm60+0x5f97d @ 0x7299f97d gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x764662fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x76466d3a CharPrevW+0x138 TranslateMessage-0x45 user32+0x177c4 @ 0x764677c4 DispatchMessageA+0xf GetMessageA-0x9 user32+0x17bca @ 0x76467bca __vbaStrToAnsi+0x2f1 EbGetObjConnectionCounts-0x479 msvbvm60+0xa6c8 @ 0x7294a6c8 __vbaStrToAnsi+0x268 EbGetObjConnectionCounts-0x502 msvbvm60+0xa63f @ 0x7294a63f __vbaStrToAnsi+0x146 EbGetObjConnectionCounts-0x624 msvbvm60+0xa51d @ 0x7294a51d exception.instruction_r: 00 00 75 fb 68 f8 c2 42 00 68 e4 9a 42 00 ff 15 exception.symbol: c1585307df31316a_unicorn-39186+0x2ae48 exception.instruction: add byte ptr [eax], al exception.module: c1585307df31316a_unicorn-39186.exe exception.exception_code: 0xc0000005 exception.offset: 175688 exception.address: 0x42ae48 registers.esp: 1636952 registers.edi: 1637180 registers.eax: 0 registers.ebp: 1637168 registers.edx: 32599541 registers.ebx: 1 registers.esi: 1637388 registers.ecx: 1995520170	1
__exception__ June 24, 2025, 10:28 p.m.	stacktrace: EbGetHandleOfExecutingProject+0x22b3 rtcPackDate-0xba9 msvbvm60+0xd0dcf @ 0x72a10dcf rtcDoEvents+0x131 __vbaError-0x626 msvbvm60+0xce228 @ 0x72a0e228 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xc41f exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xc000008f exception.offset: 50207 exception.address: 0x75a8c41f registers.esp: 1634992 registers.edi: 5640080 registers.eax: 1634992 registers.ebp: 1635072 registers.edx: 0 registers.ebx: 5640080 registers.esi: 5640080 registers.ecx: 2	1
__exception__ June 24, 2025, 10:28 p.m.	stacktrace: IID_IVbaHost+0x236f3 UserDllMain-0x41bc4 msvbvm60+0x51d33 @ 0x72991d33 c1585307df31316a_unicorn-39186+0x297eb @ 0x4297eb IID_IVbaHost+0x239f4 UserDllMain-0x418c3 msvbvm60+0x52034 @ 0x72992034 IID_IVbaHost+0x23e5b UserDllMain-0x4145c msvbvm60+0x5249b @ 0x7299249b IID_IVbaHost+0x24027 UserDllMain-0x41290 msvbvm60+0x52667 @ 0x72992667 DllCanUnloadNow+0x1c1d9 DllRegisterServer-0xa1b8 msvbvm60+0xbbe8b @ 0x729fbe8b IID_IVbaHost+0x2e809 UserDllMain-0x36aae msvbvm60+0x5ce49 @ 0x7299ce49 IID_IVbaHost+0x3133d UserDllMain-0x33f7a msvbvm60+0x5f97d @ 0x7299f97d gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x764662fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x76466d3a CharPrevW+0x138 TranslateMessage-0x45 user32+0x177c4 @ 0x764677c4 DispatchMessageA+0xf GetMessageA-0x9 user32+0x17bca @ 0x76467bca __vbaStrToAnsi+0x2f1 EbGetObjConnectionCounts-0x479 msvbvm60+0xa6c8 @ 0x7294a6c8 __vbaStrToAnsi+0x268 EbGetObjConnectionCounts-0x502 msvbvm60+0xa63f @ 0x7294a63f __vbaStrToAnsi+0x146 EbGetObjConnectionCounts-0x624 msvbvm60+0xa51d @ 0x7294a51d exception.instruction_r: 18 10 40 00 c7 45 f0 00 00 00 00 9b 68 7e b0 42 exception.symbol: c1585307df31316a_unicorn-39186+0x2b01e exception.instruction: sbb byte ptr [eax], dl exception.module: c1585307df31316a_unicorn-39186.exe exception.exception_code: 0xc0000005 exception.offset: 176158 exception.address: 0x42b01e registers.esp: 1636952 registers.edi: 1637135 registers.eax: 4095 registers.ebp: 1637168 registers.edx: 20 registers.ebx: 4370453 registers.esi: 4198912 registers.ecx: 0	1
__exception__ June 24, 2025, 10:28 p.m.	stacktrace: EbGetHandleOfExecutingProject+0x22b3 rtcPackDate-0xba9 msvbvm60+0xd0dcf @ 0x72a10dcf rtcDoEvents+0x131 __vbaError-0x626 msvbvm60+0xce228 @ 0x72a0e228 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xc41f exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xc000008f exception.offset: 50207 exception.address: 0x75a8c41f registers.esp: 1634992 registers.edi: 5640080 registers.eax: 1634992 registers.ebp: 1635072 registers.edx: 0 registers.ebx: 5640080 registers.esi: 5640080 registers.ecx: 2	1
__exception__ June 24, 2025, 10:28 p.m.	stacktrace: EbGetHandleOfExecutingProject+0x22b3 rtcPackDate-0xba9 msvbvm60+0xd0dcf @ 0x72a10dcf rtcDoEvents+0x131 __vbaError-0x626 msvbvm60+0xce228 @ 0x72a0e228 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xc41f exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xc000008f exception.offset: 50207 exception.address: 0x75a8c41f registers.esp: 1633676 registers.edi: 5640080 registers.eax: 1633676 registers.ebp: 1633756 registers.edx: 0 registers.ebx: 5640080 registers.esi: 5640080 registers.ecx: 2	1
__exception__ June 24, 2025, 10:29 p.m.	stacktrace: IID_IVbaHost+0x236f3 UserDllMain-0x41bc4 msvbvm60+0x51d33 @ 0x72991d33 c1585307df31316a_unicorn-39186+0x297eb @ 0x4297eb IID_IVbaHost+0x239f4 UserDllMain-0x418c3 msvbvm60+0x52034 @ 0x72992034 IID_IVbaHost+0x23e5b UserDllMain-0x4145c msvbvm60+0x5249b @ 0x7299249b IID_IVbaHost+0x24027 UserDllMain-0x41290 msvbvm60+0x52667 @ 0x72992667 DllCanUnloadNow+0x1c1d9 DllRegisterServer-0xa1b8 msvbvm60+0xbbe8b @ 0x729fbe8b IID_IVbaHost+0x2e809 UserDllMain-0x36aae msvbvm60+0x5ce49 @ 0x7299ce49 IID_IVbaHost+0x3133d UserDllMain-0x33f7a msvbvm60+0x5f97d @ 0x7299f97d gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x764662fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x76466d3a CharPrevW+0x138 TranslateMessage-0x45 user32+0x177c4 @ 0x764677c4 DispatchMessageA+0xf GetMessageA-0x9 user32+0x17bca @ 0x76467bca __vbaStrToAnsi+0x2f1 EbGetObjConnectionCounts-0x479 msvbvm60+0xa6c8 @ 0x7294a6c8 __vbaStrToAnsi+0x268 EbGetObjConnectionCounts-0x502 msvbvm60+0xa63f @ 0x7294a63f __vbaStrToAnsi+0x146 EbGetObjConnectionCounts-0x624 msvbvm60+0xa51d @ 0x7294a51d exception.instruction_r: 00 00 75 fb 68 f8 c2 42 00 68 e4 9a 42 00 ff 15 exception.symbol: c1585307df31316a_unicorn-39186+0x2ae48 exception.instruction: add byte ptr [eax], al exception.module: c1585307df31316a_unicorn-39186.exe exception.exception_code: 0xc0000005 exception.offset: 175688 exception.address: 0x42ae48 registers.esp: 1636952 registers.edi: 1637180 registers.eax: 0 registers.ebp: 1637168 registers.edx: 32571765 registers.ebx: 1 registers.esi: 1637388 registers.ecx: 1995520170	1
__exception__ June 24, 2025, 10:29 p.m.	stacktrace: EbGetHandleOfExecutingProject+0x22b3 rtcPackDate-0xba9 msvbvm60+0xd0dcf @ 0x72a10dcf rtcDoEvents+0x131 __vbaError-0x626 msvbvm60+0xce228 @ 0x72a0e228 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xc41f exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xc000008f exception.offset: 50207 exception.address: 0x75a8c41f registers.esp: 1634992 registers.edi: 5640080 registers.eax: 1634992 registers.ebp: 1635072 registers.edx: 0 registers.ebx: 5640080 registers.esi: 5640080 registers.ecx: 2	1
__exception__ June 24, 2025, 10:29 p.m.	stacktrace: IID_IVbaHost+0x236f3 UserDllMain-0x41bc4 msvbvm60+0x51d33 @ 0x72991d33 c1585307df31316a_unicorn-39186+0x297eb @ 0x4297eb IID_IVbaHost+0x239f4 UserDllMain-0x418c3 msvbvm60+0x52034 @ 0x72992034 IID_IVbaHost+0x23e5b UserDllMain-0x4145c msvbvm60+0x5249b @ 0x7299249b IID_IVbaHost+0x24027 UserDllMain-0x41290 msvbvm60+0x52667 @ 0x72992667 DllCanUnloadNow+0x1c1d9 DllRegisterServer-0xa1b8 msvbvm60+0xbbe8b @ 0x729fbe8b IID_IVbaHost+0x2e809 UserDllMain-0x36aae msvbvm60+0x5ce49 @ 0x7299ce49 IID_IVbaHost+0x3133d UserDllMain-0x33f7a msvbvm60+0x5f97d @ 0x7299f97d gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x764662fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x76466d3a CharPrevW+0x138 TranslateMessage-0x45 user32+0x177c4 @ 0x764677c4 DispatchMessageA+0xf GetMessageA-0x9 user32+0x17bca @ 0x76467bca __vbaStrToAnsi+0x2f1 EbGetObjConnectionCounts-0x479 msvbvm60+0xa6c8 @ 0x7294a6c8 __vbaStrToAnsi+0x268 EbGetObjConnectionCounts-0x502 msvbvm60+0xa63f @ 0x7294a63f __vbaStrToAnsi+0x146 EbGetObjConnectionCounts-0x624 msvbvm60+0xa51d @ 0x7294a51d exception.instruction_r: 18 10 40 00 c7 45 f0 00 00 00 00 9b 68 7e b0 42 exception.symbol: c1585307df31316a_unicorn-39186+0x2b01e exception.instruction: sbb byte ptr [eax], dl exception.module: c1585307df31316a_unicorn-39186.exe exception.exception_code: 0xc0000005 exception.offset: 176158 exception.address: 0x42b01e registers.esp: 1636952 registers.edi: 1637135 registers.eax: 4095 registers.ebp: 1637168 registers.edx: 20 registers.ebx: 4370453 registers.esi: 4198912 registers.ecx: 0	1
__exception__ June 24, 2025, 10:29 p.m.	stacktrace: EbGetHandleOfExecutingProject+0x22b3 rtcPackDate-0xba9 msvbvm60+0xd0dcf @ 0x72a10dcf rtcDoEvents+0x131 __vbaError-0x626 msvbvm60+0xce228 @ 0x72a0e228 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xc41f exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xc000008f exception.offset: 50207 exception.address: 0x75a8c41f registers.esp: 1634992 registers.edi: 5640080 registers.eax: 1634992 registers.ebp: 1635072 registers.edx: 0 registers.ebx: 5640080 registers.esi: 5640080 registers.ecx: 2	1
__exception__ June 24, 2025, 10:27 p.m.	stacktrace: IID_IVbaHost+0x236f3 UserDllMain-0x41bc4 msvbvm60+0x51d33 @ 0x72991d33 unicorn-15306+0x297eb @ 0x4297eb IID_IVbaHost+0x239f4 UserDllMain-0x418c3 msvbvm60+0x52034 @ 0x72992034 IID_IVbaHost+0x23e5b UserDllMain-0x4145c msvbvm60+0x5249b @ 0x7299249b IID_IVbaHost+0x24027 UserDllMain-0x41290 msvbvm60+0x52667 @ 0x72992667 DllCanUnloadNow+0x1c1d9 DllRegisterServer-0xa1b8 msvbvm60+0xbbe8b @ 0x729fbe8b IID_IVbaHost+0x2e809 UserDllMain-0x36aae msvbvm60+0x5ce49 @ 0x7299ce49 IID_IVbaHost+0x3133d UserDllMain-0x33f7a msvbvm60+0x5f97d @ 0x7299f97d gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x764662fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x76466d3a CharPrevW+0x138 TranslateMessage-0x45 user32+0x177c4 @ 0x764677c4 DispatchMessageA+0xf GetMessageA-0x9 user32+0x17bca @ 0x76467bca __vbaStrToAnsi+0x2f1 EbGetObjConnectionCounts-0x479 msvbvm60+0xa6c8 @ 0x7294a6c8 __vbaStrToAnsi+0x268 EbGetObjConnectionCounts-0x502 msvbvm60+0xa63f @ 0x7294a63f __vbaStrToAnsi+0x146 EbGetObjConnectionCounts-0x624 msvbvm60+0xa51d @ 0x7294a51d exception.instruction_r: 00 00 75 fb 68 f8 c2 42 00 68 e4 9a 42 00 ff 15 exception.symbol: unicorn-15306+0x2ae48 exception.instruction: add byte ptr [eax], al exception.module: Unicorn-15306.exe exception.exception_code: 0xc0000005 exception.offset: 175688 exception.address: 0x42ae48 registers.esp: 1636952 registers.edi: 1637180 registers.eax: 0 registers.ebp: 1637168 registers.edx: 4 registers.ebx: 1 registers.esi: 1637388 registers.ecx: 4	1
__exception__ June 24, 2025, 10:27 p.m.	stacktrace: EbGetHandleOfExecutingProject+0x22b3 rtcPackDate-0xba9 msvbvm60+0xd0dcf @ 0x72a10dcf rtcDoEvents+0x131 __vbaError-0x626 msvbvm60+0xce228 @ 0x72a0e228 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xc41f exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xc000008f exception.offset: 50207 exception.address: 0x75a8c41f registers.esp: 1634992 registers.edi: 5774920 registers.eax: 1634992 registers.ebp: 1635072 registers.edx: 0 registers.ebx: 5774920 registers.esi: 5774920 registers.ecx: 2	1
__exception__ June 24, 2025, 10:27 p.m.	stacktrace: IID_IVbaHost+0x236f3 UserDllMain-0x41bc4 msvbvm60+0x51d33 @ 0x72991d33 unicorn-15306+0x297eb @ 0x4297eb IID_IVbaHost+0x239f4 UserDllMain-0x418c3 msvbvm60+0x52034 @ 0x72992034 IID_IVbaHost+0x23e5b UserDllMain-0x4145c msvbvm60+0x5249b @ 0x7299249b IID_IVbaHost+0x24027 UserDllMain-0x41290 msvbvm60+0x52667 @ 0x72992667 DllCanUnloadNow+0x1c1d9 DllRegisterServer-0xa1b8 msvbvm60+0xbbe8b @ 0x729fbe8b IID_IVbaHost+0x2e809 UserDllMain-0x36aae msvbvm60+0x5ce49 @ 0x7299ce49 IID_IVbaHost+0x3133d UserDllMain-0x33f7a msvbvm60+0x5f97d @ 0x7299f97d gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x764662fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x76466d3a CharPrevW+0x138 TranslateMessage-0x45 user32+0x177c4 @ 0x764677c4 DispatchMessageA+0xf GetMessageA-0x9 user32+0x17bca @ 0x76467bca __vbaStrToAnsi+0x2f1 EbGetObjConnectionCounts-0x479 msvbvm60+0xa6c8 @ 0x7294a6c8 __vbaStrToAnsi+0x268 EbGetObjConnectionCounts-0x502 msvbvm60+0xa63f @ 0x7294a63f __vbaStrToAnsi+0x146 EbGetObjConnectionCounts-0x624 msvbvm60+0xa51d @ 0x7294a51d exception.instruction_r: 18 10 40 00 c7 45 f0 00 00 00 00 9b 68 7e b0 42 exception.symbol: unicorn-15306+0x2b01e exception.instruction: sbb byte ptr [eax], dl exception.module: Unicorn-15306.exe exception.exception_code: 0xc0000005 exception.offset: 176158 exception.address: 0x42b01e registers.esp: 1636952 registers.edi: 1637135 registers.eax: 4095 registers.ebp: 1637168 registers.edx: 20 registers.ebx: 4370453 registers.esi: 4198912 registers.ecx: 0	1
__exception__ June 24, 2025, 10:27 p.m.	stacktrace: EbGetHandleOfExecutingProject+0x22b3 rtcPackDate-0xba9 msvbvm60+0xd0dcf @ 0x72a10dcf rtcDoEvents+0x131 __vbaError-0x626 msvbvm60+0xce228 @ 0x72a0e228 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xc41f exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xc000008f exception.offset: 50207 exception.address: 0x75a8c41f registers.esp: 1634992 registers.edi: 5774920 registers.eax: 1634992 registers.ebp: 1635072 registers.edx: 0 registers.ebx: 5774920 registers.esi: 5774920 registers.ecx: 2	1
__exception__ June 24, 2025, 10:27 p.m.	stacktrace: IID_IVbaHost+0x236f3 UserDllMain-0x41bc4 msvbvm60+0x51d33 @ 0x72991d33 unicorn-15306+0x297eb @ 0x4297eb IID_IVbaHost+0x239f4 UserDllMain-0x418c3 msvbvm60+0x52034 @ 0x72992034 IID_IVbaHost+0x23e5b UserDllMain-0x4145c msvbvm60+0x5249b @ 0x7299249b IID_IVbaHost+0x24027 UserDllMain-0x41290 msvbvm60+0x52667 @ 0x72992667 DllCanUnloadNow+0x1c1d9 DllRegisterServer-0xa1b8 msvbvm60+0xbbe8b @ 0x729fbe8b IID_IVbaHost+0x2e809 UserDllMain-0x36aae msvbvm60+0x5ce49 @ 0x7299ce49 IID_IVbaHost+0x3133d UserDllMain-0x33f7a msvbvm60+0x5f97d @ 0x7299f97d gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x764662fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x76466d3a CharPrevW+0x138 TranslateMessage-0x45 user32+0x177c4 @ 0x764677c4 DispatchMessageA+0xf GetMessageA-0x9 user32+0x17bca @ 0x76467bca __vbaStrToAnsi+0x2f1 EbGetObjConnectionCounts-0x479 msvbvm60+0xa6c8 @ 0x7294a6c8 __vbaStrToAnsi+0x268 EbGetObjConnectionCounts-0x502 msvbvm60+0xa63f @ 0x7294a63f __vbaStrToAnsi+0x146 EbGetObjConnectionCounts-0x624 msvbvm60+0xa51d @ 0x7294a51d exception.instruction_r: 00 00 75 fb 68 f8 c2 42 00 68 e4 9a 42 00 ff 15 exception.symbol: unicorn-15306+0x2ae48 exception.instruction: add byte ptr [eax], al exception.module: Unicorn-15306.exe exception.exception_code: 0xc0000005 exception.offset: 175688 exception.address: 0x42ae48 registers.esp: 1636952 registers.edi: 1637180 registers.eax: 0 registers.ebp: 1637168 registers.edx: 7 registers.ebx: 1 registers.esi: 1637388 registers.ecx: 7	1
__exception__ June 24, 2025, 10:27 p.m.	stacktrace: EbGetHandleOfExecutingProject+0x22b3 rtcPackDate-0xba9 msvbvm60+0xd0dcf @ 0x72a10dcf rtcDoEvents+0x131 __vbaError-0x626 msvbvm60+0xce228 @ 0x72a0e228 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xc41f exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xc000008f exception.offset: 50207 exception.address: 0x75a8c41f registers.esp: 1634992 registers.edi: 5774920 registers.eax: 1634992 registers.ebp: 1635072 registers.edx: 0 registers.ebx: 5774920 registers.esi: 5774920 registers.ecx: 2	1
__exception__ June 24, 2025, 10:27 p.m.	stacktrace: IID_IVbaHost+0x236f3 UserDllMain-0x41bc4 msvbvm60+0x51d33 @ 0x72991d33 unicorn-15306+0x297eb @ 0x4297eb IID_IVbaHost+0x239f4 UserDllMain-0x418c3 msvbvm60+0x52034 @ 0x72992034 IID_IVbaHost+0x23e5b UserDllMain-0x4145c msvbvm60+0x5249b @ 0x7299249b IID_IVbaHost+0x24027 UserDllMain-0x41290 msvbvm60+0x52667 @ 0x72992667 DllCanUnloadNow+0x1c1d9 DllRegisterServer-0xa1b8 msvbvm60+0xbbe8b @ 0x729fbe8b IID_IVbaHost+0x2e809 UserDllMain-0x36aae msvbvm60+0x5ce49 @ 0x7299ce49 IID_IVbaHost+0x3133d UserDllMain-0x33f7a msvbvm60+0x5f97d @ 0x7299f97d gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x764662fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x76466d3a CharPrevW+0x138 TranslateMessage-0x45 user32+0x177c4 @ 0x764677c4 DispatchMessageA+0xf GetMessageA-0x9 user32+0x17bca @ 0x76467bca __vbaStrToAnsi+0x2f1 EbGetObjConnectionCounts-0x479 msvbvm60+0xa6c8 @ 0x7294a6c8 __vbaStrToAnsi+0x268 EbGetObjConnectionCounts-0x502 msvbvm60+0xa63f @ 0x7294a63f __vbaStrToAnsi+0x146 EbGetObjConnectionCounts-0x624 msvbvm60+0xa51d @ 0x7294a51d exception.instruction_r: 18 10 40 00 c7 45 f0 00 00 00 00 9b 68 7e b0 42 exception.symbol: unicorn-15306+0x2b01e exception.instruction: sbb byte ptr [eax], dl exception.module: Unicorn-15306.exe exception.exception_code: 0xc0000005 exception.offset: 176158 exception.address: 0x42b01e registers.esp: 1636952 registers.edi: 1637135 registers.eax: 4095 registers.ebp: 1637168 registers.edx: 20 registers.ebx: 4370453 registers.esi: 4198912 registers.ecx: 0	1
__exception__ June 24, 2025, 10:27 p.m.	stacktrace: EbGetHandleOfExecutingProject+0x22b3 rtcPackDate-0xba9 msvbvm60+0xd0dcf @ 0x72a10dcf rtcDoEvents+0x131 __vbaError-0x626 msvbvm60+0xce228 @ 0x72a0e228 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xc41f exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xc000008f exception.offset: 50207 exception.address: 0x75a8c41f registers.esp: 1634992 registers.edi: 5774920 registers.eax: 1634992 registers.ebp: 1635072 registers.edx: 0 registers.ebx: 5774920 registers.esi: 5774920 registers.ecx: 2	1
__exception__ June 24, 2025, 10:27 p.m.	stacktrace: IID_IVbaHost+0x236f3 UserDllMain-0x41bc4 msvbvm60+0x51d33 @ 0x72991d33 unicorn-15306+0x297eb @ 0x4297eb IID_IVbaHost+0x239f4 UserDllMain-0x418c3 msvbvm60+0x52034 @ 0x72992034 IID_IVbaHost+0x23e5b UserDllMain-0x4145c msvbvm60+0x5249b @ 0x7299249b IID_IVbaHost+0x24027 UserDllMain-0x41290 msvbvm60+0x52667 @ 0x72992667 DllCanUnloadNow+0x1c1d9 DllRegisterServer-0xa1b8 msvbvm60+0xbbe8b @ 0x729fbe8b IID_IVbaHost+0x2e809 UserDllMain-0x36aae msvbvm60+0x5ce49 @ 0x7299ce49 IID_IVbaHost+0x3133d UserDllMain-0x33f7a msvbvm60+0x5f97d @ 0x7299f97d gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x764662fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x76466d3a CharPrevW+0x138 TranslateMessage-0x45 user32+0x177c4 @ 0x764677c4 DispatchMessageA+0xf GetMessageA-0x9 user32+0x17bca @ 0x76467bca __vbaStrToAnsi+0x2f1 EbGetObjConnectionCounts-0x479 msvbvm60+0xa6c8 @ 0x7294a6c8 __vbaStrToAnsi+0x268 EbGetObjConnectionCounts-0x502 msvbvm60+0xa63f @ 0x7294a63f __vbaStrToAnsi+0x146 EbGetObjConnectionCounts-0x624 msvbvm60+0xa51d @ 0x7294a51d exception.instruction_r: 00 00 75 fb 68 f8 c2 42 00 68 e4 9a 42 00 ff 15 exception.symbol: unicorn-15306+0x2ae48 exception.instruction: add byte ptr [eax], al exception.module: Unicorn-15306.exe exception.exception_code: 0xc0000005 exception.offset: 175688 exception.address: 0x42ae48 registers.esp: 1636952 registers.edi: 1637180 registers.eax: 0 registers.ebp: 1637168 registers.edx: 10 registers.ebx: 1 registers.esi: 1637388 registers.ecx: 10	1
__exception__ June 24, 2025, 10:27 p.m.	stacktrace: EbGetHandleOfExecutingProject+0x22b3 rtcPackDate-0xba9 msvbvm60+0xd0dcf @ 0x72a10dcf rtcDoEvents+0x131 __vbaError-0x626 msvbvm60+0xce228 @ 0x72a0e228 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xc41f exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xc000008f exception.offset: 50207 exception.address: 0x75a8c41f registers.esp: 1634992 registers.edi: 5774920 registers.eax: 1634992 registers.ebp: 1635072 registers.edx: 0 registers.ebx: 5774920 registers.esi: 5774920 registers.ecx: 2	1
__exception__ June 24, 2025, 10:27 p.m.	stacktrace: IID_IVbaHost+0x236f3 UserDllMain-0x41bc4 msvbvm60+0x51d33 @ 0x72991d33 unicorn-15306+0x297eb @ 0x4297eb IID_IVbaHost+0x239f4 UserDllMain-0x418c3 msvbvm60+0x52034 @ 0x72992034 IID_IVbaHost+0x23e5b UserDllMain-0x4145c msvbvm60+0x5249b @ 0x7299249b IID_IVbaHost+0x24027 UserDllMain-0x41290 msvbvm60+0x52667 @ 0x72992667 DllCanUnloadNow+0x1c1d9 DllRegisterServer-0xa1b8 msvbvm60+0xbbe8b @ 0x729fbe8b IID_IVbaHost+0x2e809 UserDllMain-0x36aae msvbvm60+0x5ce49 @ 0x7299ce49 IID_IVbaHost+0x3133d UserDllMain-0x33f7a msvbvm60+0x5f97d @ 0x7299f97d gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x764662fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x76466d3a CharPrevW+0x138 TranslateMessage-0x45 user32+0x177c4 @ 0x764677c4 DispatchMessageA+0xf GetMessageA-0x9 user32+0x17bca @ 0x76467bca __vbaStrToAnsi+0x2f1 EbGetObjConnectionCounts-0x479 msvbvm60+0xa6c8 @ 0x7294a6c8 __vbaStrToAnsi+0x268 EbGetObjConnectionCounts-0x502 msvbvm60+0xa63f @ 0x7294a63f __vbaStrToAnsi+0x146 EbGetObjConnectionCounts-0x624 msvbvm60+0xa51d @ 0x7294a51d exception.instruction_r: 18 10 40 00 c7 45 f0 00 00 00 00 9b 68 7e b0 42 exception.symbol: unicorn-15306+0x2b01e exception.instruction: sbb byte ptr [eax], dl exception.module: Unicorn-15306.exe exception.exception_code: 0xc0000005 exception.offset: 176158 exception.address: 0x42b01e registers.esp: 1636952 registers.edi: 1637135 registers.eax: 4095 registers.ebp: 1637168 registers.edx: 20 registers.ebx: 4370453 registers.esi: 4198912 registers.ecx: 0	1
__exception__ June 24, 2025, 10:27 p.m.	stacktrace: EbGetHandleOfExecutingProject+0x22b3 rtcPackDate-0xba9 msvbvm60+0xd0dcf @ 0x72a10dcf rtcDoEvents+0x131 __vbaError-0x626 msvbvm60+0xce228 @ 0x72a0e228 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xc41f exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xc000008f exception.offset: 50207 exception.address: 0x75a8c41f registers.esp: 1634992 registers.edi: 5774920 registers.eax: 1634992 registers.ebp: 1635072 registers.edx: 0 registers.ebx: 5774920 registers.esi: 5774920 registers.ecx: 2	1
__exception__ June 24, 2025, 10:28 p.m.	stacktrace: IID_IVbaHost+0x236f3 UserDllMain-0x41bc4 msvbvm60+0x51d33 @ 0x72991d33 unicorn-15306+0x297eb @ 0x4297eb IID_IVbaHost+0x239f4 UserDllMain-0x418c3 msvbvm60+0x52034 @ 0x72992034 IID_IVbaHost+0x23e5b UserDllMain-0x4145c msvbvm60+0x5249b @ 0x7299249b IID_IVbaHost+0x24027 UserDllMain-0x41290 msvbvm60+0x52667 @ 0x72992667 DllCanUnloadNow+0x1c1d9 DllRegisterServer-0xa1b8 msvbvm60+0xbbe8b @ 0x729fbe8b IID_IVbaHost+0x2e809 UserDllMain-0x36aae msvbvm60+0x5ce49 @ 0x7299ce49 IID_IVbaHost+0x3133d UserDllMain-0x33f7a msvbvm60+0x5f97d @ 0x7299f97d gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x764662fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x76466d3a CharPrevW+0x138 TranslateMessage-0x45 user32+0x177c4 @ 0x764677c4 DispatchMessageA+0xf GetMessageA-0x9 user32+0x17bca @ 0x76467bca __vbaStrToAnsi+0x2f1 EbGetObjConnectionCounts-0x479 msvbvm60+0xa6c8 @ 0x7294a6c8 __vbaStrToAnsi+0x268 EbGetObjConnectionCounts-0x502 msvbvm60+0xa63f @ 0x7294a63f __vbaStrToAnsi+0x146 EbGetObjConnectionCounts-0x624 msvbvm60+0xa51d @ 0x7294a51d exception.instruction_r: 00 00 75 fb 68 f8 c2 42 00 68 e4 9a 42 00 ff 15 exception.symbol: unicorn-15306+0x2ae48 exception.instruction: add byte ptr [eax], al exception.module: Unicorn-15306.exe exception.exception_code: 0xc0000005 exception.offset: 175688 exception.address: 0x42ae48 registers.esp: 1636952 registers.edi: 1637180 registers.eax: 0 registers.ebp: 1637168 registers.edx: 12 registers.ebx: 1 registers.esi: 1637388 registers.ecx: 12	1
__exception__ June 24, 2025, 10:28 p.m.	stacktrace: EbGetHandleOfExecutingProject+0x22b3 rtcPackDate-0xba9 msvbvm60+0xd0dcf @ 0x72a10dcf rtcDoEvents+0x131 __vbaError-0x626 msvbvm60+0xce228 @ 0x72a0e228 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xc41f exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xc000008f exception.offset: 50207 exception.address: 0x75a8c41f registers.esp: 1634992 registers.edi: 5774920 registers.eax: 1634992 registers.ebp: 1635072 registers.edx: 0 registers.ebx: 5774920 registers.esi: 5774920 registers.ecx: 2	1
__exception__ June 24, 2025, 10:28 p.m.	stacktrace: IID_IVbaHost+0x236f3 UserDllMain-0x41bc4 msvbvm60+0x51d33 @ 0x72991d33 unicorn-15306+0x297eb @ 0x4297eb IID_IVbaHost+0x239f4 UserDllMain-0x418c3 msvbvm60+0x52034 @ 0x72992034 IID_IVbaHost+0x23e5b UserDllMain-0x4145c msvbvm60+0x5249b @ 0x7299249b IID_IVbaHost+0x24027 UserDllMain-0x41290 msvbvm60+0x52667 @ 0x72992667 DllCanUnloadNow+0x1c1d9 DllRegisterServer-0xa1b8 msvbvm60+0xbbe8b @ 0x729fbe8b IID_IVbaHost+0x2e809 UserDllMain-0x36aae msvbvm60+0x5ce49 @ 0x7299ce49 IID_IVbaHost+0x3133d UserDllMain-0x33f7a msvbvm60+0x5f97d @ 0x7299f97d gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x764662fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x76466d3a CharPrevW+0x138 TranslateMessage-0x45 user32+0x177c4 @ 0x764677c4 DispatchMessageA+0xf GetMessageA-0x9 user32+0x17bca @ 0x76467bca __vbaStrToAnsi+0x2f1 EbGetObjConnectionCounts-0x479 msvbvm60+0xa6c8 @ 0x7294a6c8 __vbaStrToAnsi+0x268 EbGetObjConnectionCounts-0x502 msvbvm60+0xa63f @ 0x7294a63f __vbaStrToAnsi+0x146 EbGetObjConnectionCounts-0x624 msvbvm60+0xa51d @ 0x7294a51d exception.instruction_r: 18 10 40 00 c7 45 f0 00 00 00 00 9b 68 7e b0 42 exception.symbol: unicorn-15306+0x2b01e exception.instruction: sbb byte ptr [eax], dl exception.module: Unicorn-15306.exe exception.exception_code: 0xc0000005 exception.offset: 176158 exception.address: 0x42b01e registers.esp: 1636952 registers.edi: 1637135 registers.eax: 4095 registers.ebp: 1637168 registers.edx: 20 registers.ebx: 4370453 registers.esi: 4198912 registers.ecx: 0	1
__exception__ June 24, 2025, 10:28 p.m.	stacktrace: EbGetHandleOfExecutingProject+0x22b3 rtcPackDate-0xba9 msvbvm60+0xd0dcf @ 0x72a10dcf rtcDoEvents+0x131 __vbaError-0x626 msvbvm60+0xce228 @ 0x72a0e228 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xc41f exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xc000008f exception.offset: 50207 exception.address: 0x75a8c41f registers.esp: 1634992 registers.edi: 5774920 registers.eax: 1634992 registers.ebp: 1635072 registers.edx: 0 registers.ebx: 5774920 registers.esi: 5774920 registers.ecx: 2	1
__exception__ June 24, 2025, 10:28 p.m.	stacktrace: IID_IVbaHost+0x236f3 UserDllMain-0x41bc4 msvbvm60+0x51d33 @ 0x72991d33 unicorn-15306+0x297eb @ 0x4297eb IID_IVbaHost+0x239f4 UserDllMain-0x418c3 msvbvm60+0x52034 @ 0x72992034 IID_IVbaHost+0x23e5b UserDllMain-0x4145c msvbvm60+0x5249b @ 0x7299249b IID_IVbaHost+0x24027 UserDllMain-0x41290 msvbvm60+0x52667 @ 0x72992667 DllCanUnloadNow+0x1c1d9 DllRegisterServer-0xa1b8 msvbvm60+0xbbe8b @ 0x729fbe8b IID_IVbaHost+0x2e809 UserDllMain-0x36aae msvbvm60+0x5ce49 @ 0x7299ce49 IID_IVbaHost+0x3133d UserDllMain-0x33f7a msvbvm60+0x5f97d @ 0x7299f97d gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x764662fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x76466d3a CharPrevW+0x138 TranslateMessage-0x45 user32+0x177c4 @ 0x764677c4 DispatchMessageA+0xf GetMessageA-0x9 user32+0x17bca @ 0x76467bca __vbaStrToAnsi+0x2f1 EbGetObjConnectionCounts-0x479 msvbvm60+0xa6c8 @ 0x7294a6c8 __vbaStrToAnsi+0x268 EbGetObjConnectionCounts-0x502 msvbvm60+0xa63f @ 0x7294a63f __vbaStrToAnsi+0x146 EbGetObjConnectionCounts-0x624 msvbvm60+0xa51d @ 0x7294a51d exception.instruction_r: 00 00 75 fb 68 f8 c2 42 00 68 e4 9a 42 00 ff 15 exception.symbol: unicorn-15306+0x2ae48 exception.instruction: add byte ptr [eax], al exception.module: Unicorn-15306.exe exception.exception_code: 0xc0000005 exception.offset: 175688 exception.address: 0x42ae48 registers.esp: 1636952 registers.edi: 1637180 registers.eax: 0 registers.ebp: 1637168 registers.edx: 14 registers.ebx: 1 registers.esi: 1637388 registers.ecx: 14	1
__exception__ June 24, 2025, 10:28 p.m.	stacktrace: EbGetHandleOfExecutingProject+0x22b3 rtcPackDate-0xba9 msvbvm60+0xd0dcf @ 0x72a10dcf rtcDoEvents+0x131 __vbaError-0x626 msvbvm60+0xce228 @ 0x72a0e228 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xc41f exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xc000008f exception.offset: 50207 exception.address: 0x75a8c41f registers.esp: 1634992 registers.edi: 5774920 registers.eax: 1634992 registers.ebp: 1635072 registers.edx: 0 registers.ebx: 5774920 registers.esi: 5774920 registers.ecx: 2	1
__exception__ June 24, 2025, 10:28 p.m.	stacktrace: IID_IVbaHost+0x236f3 UserDllMain-0x41bc4 msvbvm60+0x51d33 @ 0x72991d33 unicorn-15306+0x297eb @ 0x4297eb IID_IVbaHost+0x239f4 UserDllMain-0x418c3 msvbvm60+0x52034 @ 0x72992034 IID_IVbaHost+0x23e5b UserDllMain-0x4145c msvbvm60+0x5249b @ 0x7299249b IID_IVbaHost+0x24027 UserDllMain-0x41290 msvbvm60+0x52667 @ 0x72992667 DllCanUnloadNow+0x1c1d9 DllRegisterServer-0xa1b8 msvbvm60+0xbbe8b @ 0x729fbe8b IID_IVbaHost+0x2e809 UserDllMain-0x36aae msvbvm60+0x5ce49 @ 0x7299ce49 IID_IVbaHost+0x3133d UserDllMain-0x33f7a msvbvm60+0x5f97d @ 0x7299f97d gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x764662fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x76466d3a CharPrevW+0x138 TranslateMessage-0x45 user32+0x177c4 @ 0x764677c4 DispatchMessageA+0xf GetMessageA-0x9 user32+0x17bca @ 0x76467bca __vbaStrToAnsi+0x2f1 EbGetObjConnectionCounts-0x479 msvbvm60+0xa6c8 @ 0x7294a6c8 __vbaStrToAnsi+0x268 EbGetObjConnectionCounts-0x502 msvbvm60+0xa63f @ 0x7294a63f __vbaStrToAnsi+0x146 EbGetObjConnectionCounts-0x624 msvbvm60+0xa51d @ 0x7294a51d exception.instruction_r: 18 10 40 00 c7 45 f0 00 00 00 00 9b 68 7e b0 42 exception.symbol: unicorn-15306+0x2b01e exception.instruction: sbb byte ptr [eax], dl exception.module: Unicorn-15306.exe exception.exception_code: 0xc0000005 exception.offset: 176158 exception.address: 0x42b01e registers.esp: 1636952 registers.edi: 1637135 registers.eax: 4095 registers.ebp: 1637168 registers.edx: 20 registers.ebx: 4370453 registers.esi: 4198912 registers.ecx: 0	1
__exception__ June 24, 2025, 10:28 p.m.	stacktrace: EbGetHandleOfExecutingProject+0x22b3 rtcPackDate-0xba9 msvbvm60+0xd0dcf @ 0x72a10dcf rtcDoEvents+0x131 __vbaError-0x626 msvbvm60+0xce228 @ 0x72a0e228 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xc41f exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xc000008f exception.offset: 50207 exception.address: 0x75a8c41f registers.esp: 1634992 registers.edi: 5774920 registers.eax: 1634992 registers.ebp: 1635072 registers.edx: 0 registers.ebx: 5774920 registers.esi: 5774920 registers.ecx: 2	1
__exception__ June 24, 2025, 10:28 p.m.	stacktrace: IID_IVbaHost+0x236f3 UserDllMain-0x41bc4 msvbvm60+0x51d33 @ 0x72991d33 unicorn-15306+0x297eb @ 0x4297eb IID_IVbaHost+0x239f4 UserDllMain-0x418c3 msvbvm60+0x52034 @ 0x72992034 IID_IVbaHost+0x23e5b UserDllMain-0x4145c msvbvm60+0x5249b @ 0x7299249b IID_IVbaHost+0x24027 UserDllMain-0x41290 msvbvm60+0x52667 @ 0x72992667 DllCanUnloadNow+0x1c1d9 DllRegisterServer-0xa1b8 msvbvm60+0xbbe8b @ 0x729fbe8b IID_IVbaHost+0x2e809 UserDllMain-0x36aae msvbvm60+0x5ce49 @ 0x7299ce49 IID_IVbaHost+0x3133d UserDllMain-0x33f7a msvbvm60+0x5f97d @ 0x7299f97d gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x764662fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x76466d3a CharPrevW+0x138 TranslateMessage-0x45 user32+0x177c4 @ 0x764677c4 DispatchMessageA+0xf GetMessageA-0x9 user32+0x17bca @ 0x76467bca __vbaStrToAnsi+0x2f1 EbGetObjConnectionCounts-0x479 msvbvm60+0xa6c8 @ 0x7294a6c8 __vbaStrToAnsi+0x268 EbGetObjConnectionCounts-0x502 msvbvm60+0xa63f @ 0x7294a63f __vbaStrToAnsi+0x146 EbGetObjConnectionCounts-0x624 msvbvm60+0xa51d @ 0x7294a51d exception.instruction_r: 00 00 75 fb 68 f8 c2 42 00 68 e4 9a 42 00 ff 15 exception.symbol: unicorn-15306+0x2ae48 exception.instruction: add byte ptr [eax], al exception.module: Unicorn-15306.exe exception.exception_code: 0xc0000005 exception.offset: 175688 exception.address: 0x42ae48 registers.esp: 1636952 registers.edi: 1637180 registers.eax: 0 registers.ebp: 1637168 registers.edx: 16 registers.ebx: 1 registers.esi: 1637388 registers.ecx: 16	1

Foreign language identified in PE resource (1 event)

name

RT_VERSION

language

LANG_CHINESE

filetype

data

sublanguage

SUBLANG_CHINESE_SIMPLIFIED

offset

0x000747c4

size

0x00000234

Creates executable files on the filesystem (50 out of 359 events)

file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-43269.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-12081.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-58625.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-26652.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-8119.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-50341.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-59413.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-18123.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-541.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-1868.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-36910.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-36065.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-4923.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-48530.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-23455.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-9911.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-3640.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-263.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-51147.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-48575.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-33485.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-54324.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-63411.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-43797.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-41532.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-33481.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-54663.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-10247.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-40479.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-42151.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-22046.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-43922.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-25023.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-25966.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-33078.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-31441.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-31378.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-14568.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-52418.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-20246.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-34640.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-12615.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-60779.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-23213.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-7566.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-22702.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-18292.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-37445.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-5126.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-58460.exe

Drops an executable to the user AppData folder (2 events)

file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-4403.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-65412.exe

Changes read-write memory protection to read-execute (probably to avoid detection when setting all RWX flags at the same time) (1 event)

Time & API	Arguments	Status	Return	Repeated
NtProtectVirtualMemory June 24, 2025, 10:26 p.m.	process_identifier: 2064 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 length: 24576 protection: 32 (PAGE_EXECUTE_READ) base_address: 0x003e0000 process_handle: 0xffffffff	1	0	0

The binary likely contains encrypted or compressed data indicative of a packer (2 events)

section

{u'size_of_data': u'0x0002b000', u'virtual_address': u'0x00001000', u'entropy': 7.571165611142903, u'name': u'.text', u'virtual_size': u'0x0002a5c4'}

entropy

7.57116561114

description

A section with a high entropy has been found

entropy

0.370689655172

description

Overall entropy of this PE file is high

File has been identified by 14 AntiVirus engine on IRMA as malicious (14 events)

G Data Antivirus (Windows)	Virus: Generic.Dacic.94CCEEA9.A.045053DC (Engine A), Win32.Trojan.PSE.1FY1FUT (Engine B)
Avast Core Security (Linux)	Win32:MalwareX-gen [Wrm]
C4S ClamAV (Linux)	Win.Packed.Generic-9967832-0
Trend Micro SProtect (Linux)	Trojan.Win32.FAREIT.SME
Trellix (Linux)	GenericRXTC-TT
WithSecure (Linux)	Trojan.TR/Crypt.XPACK.Gen
eScan Antivirus (Linux)	Generic.Dacic.94CCEEA9.A.045053DC(DB)
ESET Security (Windows)	a variant of Win32/VBClone.E trojan
Sophos Anti-Virus (Linux)	Troj/VB-KCP
DrWeb Antivirus (Linux)	Trojan.Siggen31.13685
ClamAV (Linux)	Win.Packed.Generic-9967832-0
Bitdefender Antivirus (Linux)	Generic.Dacic.94CCEEA9.A.045053DC
Kaspersky Standard (Windows)	Trojan.Win32.VB.dosq
Emsisoft Commandline Scanner (Windows)	Generic.Dacic.94CCEEA9.A.045053DC (B)