01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935

Analysis

max time kernel
116s
max time network
166s
platform
windows10-2004_x64
resource
win10v2004-en-20220113
submitted
01-02-2022 10:04

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll
Size

139KB
MD5

622356de1a9bacc3af4c4cd9c3eee62c
SHA1

ffebf3b83c881696ae52f44ec7974f2425f17043
SHA256

01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935
SHA512

6de15ad1bd647d634f41f9c369cf190dd7ec770469593a9023ff339998f87264f78cd4d1ca40196fc1164a2ec8bf2d348b3d221e19d921b483d06c6519f92aa2

Score

8^/10

persistence

Malware Config

Signatures

Sets service image path in registry 2 TTPs
persistence

Registry Run Keys / Startup Folder
T1060

Modify Registry
T1112

Drops file in Windows directory 6 IoCs

description	ioc	Process
File opened for modification	C:\Windows\SoftwareDistribution\DataStore\DataStore.edb	svchost.exe
File opened for modification	C:\Windows\SoftwareDistribution\DataStore\DataStore.jfm	svchost.exe
File opened for modification	C:\Windows\SoftwareDistribution\ReportingEvents.log	svchost.exe
File opened for modification	C:\Windows\WindowsUpdate.log	svchost.exe
File opened for modification	C:\Windows\SoftwareDistribution\DataStore\Logs\edb.chk	svchost.exe
File opened for modification	C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log	svchost.exe

Modifies data under HKEY_USERS 41 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CRLs	WaaSMedicAgent.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CTLs	WaaSMedicAgent.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\Certificates	WaaSMedicAgent.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\Certificates	WaaSMedicAgent.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\Certificates	WaaSMedicAgent.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CTLs	WaaSMedicAgent.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CRLs	WaaSMedicAgent.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CRLs	WaaSMedicAgent.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople	WaaSMedicAgent.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CTLs	WaaSMedicAgent.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA	WaaSMedicAgent.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CTLs	WaaSMedicAgent.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CRLs	WaaSMedicAgent.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust	WaaSMedicAgent.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\Certificates	WaaSMedicAgent.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CRLs	WaaSMedicAgent.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CTLs	WaaSMedicAgent.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed	WaaSMedicAgent.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root	WaaSMedicAgent.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot	WaaSMedicAgent.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CTLs	WaaSMedicAgent.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing	WaaSMedicAgent.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\Certificates	WaaSMedicAgent.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CTLs	WaaSMedicAgent.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CRLs	WaaSMedicAgent.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA	WaaSMedicAgent.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\Certificates	WaaSMedicAgent.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CRLs	WaaSMedicAgent.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust	WaaSMedicAgent.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CRLs	WaaSMedicAgent.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CTLs	WaaSMedicAgent.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CTLs	WaaSMedicAgent.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CRLs	WaaSMedicAgent.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\Certificates	WaaSMedicAgent.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CTLs	WaaSMedicAgent.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CRLs	WaaSMedicAgent.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed	WaaSMedicAgent.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\Certificates	WaaSMedicAgent.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\Certificates	WaaSMedicAgent.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople	WaaSMedicAgent.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\Certificates	WaaSMedicAgent.exe

Suspicious use of AdjustPrivilegeToken 6 IoCs

description	pid	Process
Token: SeShutdownPrivilege	16588	svchost.exe
Token: SeCreatePagefilePrivilege	16588	svchost.exe
Token: SeShutdownPrivilege	16588	svchost.exe
Token: SeCreatePagefilePrivilege	16588	svchost.exe
Token: SeShutdownPrivilege	16588	svchost.exe
Token: SeCreatePagefilePrivilege	16588	svchost.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4472 wrote to memory of 4464	4472	rundll32.exe	82
PID 4472 wrote to memory of 4464	4472	rundll32.exe	82
PID 4472 wrote to memory of 4464	4472	rundll32.exe	82
PID 4464 wrote to memory of 2724	4464	rundll32.exe	83
PID 4464 wrote to memory of 2724	4464	rundll32.exe	83
PID 4464 wrote to memory of 2724	4464	rundll32.exe	83
PID 2724 wrote to memory of 456	2724	rundll32.exe	84
PID 2724 wrote to memory of 456	2724	rundll32.exe	84
PID 2724 wrote to memory of 456	2724	rundll32.exe	84
PID 456 wrote to memory of 1864	456	rundll32.exe	85
PID 456 wrote to memory of 1864	456	rundll32.exe	85
PID 456 wrote to memory of 1864	456	rundll32.exe	85
PID 1864 wrote to memory of 1392	1864	rundll32.exe	86
PID 1864 wrote to memory of 1392	1864	rundll32.exe	86
PID 1864 wrote to memory of 1392	1864	rundll32.exe	86
PID 1392 wrote to memory of 1292	1392	rundll32.exe	87
PID 1392 wrote to memory of 1292	1392	rundll32.exe	87
PID 1392 wrote to memory of 1292	1392	rundll32.exe	87
PID 1292 wrote to memory of 4684	1292	rundll32.exe	88
PID 1292 wrote to memory of 4684	1292	rundll32.exe	88
PID 1292 wrote to memory of 4684	1292	rundll32.exe	88
PID 4684 wrote to memory of 4484	4684	rundll32.exe	89
PID 4684 wrote to memory of 4484	4684	rundll32.exe	89
PID 4684 wrote to memory of 4484	4684	rundll32.exe	89
PID 4484 wrote to memory of 4700	4484	rundll32.exe	90
PID 4484 wrote to memory of 4700	4484	rundll32.exe	90
PID 4484 wrote to memory of 4700	4484	rundll32.exe	90
PID 4700 wrote to memory of 4536	4700	rundll32.exe	91
PID 4700 wrote to memory of 4536	4700	rundll32.exe	91
PID 4700 wrote to memory of 4536	4700	rundll32.exe	91
PID 4536 wrote to memory of 3516	4536	rundll32.exe	92
PID 4536 wrote to memory of 3516	4536	rundll32.exe	92
PID 4536 wrote to memory of 3516	4536	rundll32.exe	92
PID 3516 wrote to memory of 4548	3516	rundll32.exe	93
PID 3516 wrote to memory of 4548	3516	rundll32.exe	93
PID 3516 wrote to memory of 4548	3516	rundll32.exe	93
PID 4548 wrote to memory of 2012	4548	rundll32.exe	94
PID 4548 wrote to memory of 2012	4548	rundll32.exe	94
PID 4548 wrote to memory of 2012	4548	rundll32.exe	94
PID 2012 wrote to memory of 4836	2012	rundll32.exe	95
PID 2012 wrote to memory of 4836	2012	rundll32.exe	95
PID 2012 wrote to memory of 4836	2012	rundll32.exe	95
PID 4836 wrote to memory of 4400	4836	rundll32.exe	96
PID 4836 wrote to memory of 4400	4836	rundll32.exe	96
PID 4836 wrote to memory of 4400	4836	rundll32.exe	96
PID 4400 wrote to memory of 2592	4400	rundll32.exe	97
PID 4400 wrote to memory of 2592	4400	rundll32.exe	97
PID 4400 wrote to memory of 2592	4400	rundll32.exe	97
PID 2592 wrote to memory of 3440	2592	rundll32.exe	98
PID 2592 wrote to memory of 3440	2592	rundll32.exe	98
PID 2592 wrote to memory of 3440	2592	rundll32.exe	98
PID 3440 wrote to memory of 1764	3440	rundll32.exe	99
PID 3440 wrote to memory of 1764	3440	rundll32.exe	99
PID 3440 wrote to memory of 1764	3440	rundll32.exe	99
PID 1764 wrote to memory of 4948	1764	rundll32.exe	100
PID 1764 wrote to memory of 4948	1764	rundll32.exe	100
PID 1764 wrote to memory of 4948	1764	rundll32.exe	100
PID 4948 wrote to memory of 4568	4948	rundll32.exe	101
PID 4948 wrote to memory of 4568	4948	rundll32.exe	101
PID 4948 wrote to memory of 4568	4948	rundll32.exe	101
PID 4568 wrote to memory of 812	4568	rundll32.exe	102
PID 4568 wrote to memory of 812	4568	rundll32.exe	102
PID 4568 wrote to memory of 812	4568	rundll32.exe	102
PID 812 wrote to memory of 984	812	rundll32.exe	103

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:4472
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
  2⤵
  - Suspicious use of WriteProcessMemory
  PID:4464
- - C:\Windows\SysWOW64\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
    3⤵
    - Suspicious use of WriteProcessMemory
    PID:2724
  - - C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
      4⤵
      Suspicious use of WriteProcessMemory
      PID:456
    - - C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        5⤵
        Suspicious use of WriteProcessMemory
        
        PID:1864
      - C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        6⤵
        Suspicious use of WriteProcessMemory
        
        PID:1392
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        7⤵
        Suspicious use of WriteProcessMemory
        
        PID:1292
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        8⤵
        Suspicious use of WriteProcessMemory
        
        PID:4684
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        9⤵
        Suspicious use of WriteProcessMemory
        
        PID:4484
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        10⤵
        Suspicious use of WriteProcessMemory
        
        PID:4700
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        11⤵
        Suspicious use of WriteProcessMemory
        
        PID:4536
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        12⤵
        Suspicious use of WriteProcessMemory
        
        PID:3516
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        13⤵
        Suspicious use of WriteProcessMemory
        
        PID:4548
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        14⤵
        Suspicious use of WriteProcessMemory
        
        PID:2012
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        15⤵
        Suspicious use of WriteProcessMemory
        
        PID:4836
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        16⤵
        Suspicious use of WriteProcessMemory
        
        PID:4400
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        17⤵
        Suspicious use of WriteProcessMemory
        
        PID:2592
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        18⤵
        Suspicious use of WriteProcessMemory
        
        PID:3440
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        19⤵
        Suspicious use of WriteProcessMemory
        
        PID:1764
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        20⤵
        Suspicious use of WriteProcessMemory
        
        PID:4948
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        21⤵
        Suspicious use of WriteProcessMemory
        
        PID:4568
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        22⤵
        Suspicious use of WriteProcessMemory
        
        PID:812
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        23⤵
        
        PID:984
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        24⤵
        
        PID:4320
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        25⤵
        
        PID:4316
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        26⤵
        
        PID:1412
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        27⤵
        
        PID:1320
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        28⤵
        
        PID:1484
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        29⤵
        
        PID:1512
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        30⤵
        
        PID:1540
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        31⤵
        
        PID:2284
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        32⤵
        
        PID:3076
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        33⤵
        
        PID:3012
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        34⤵
        
        PID:4052
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        35⤵
        
        PID:5016
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        36⤵
        
        PID:5052
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        37⤵
        
        PID:2308
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        38⤵
        
        PID:2472
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        39⤵
        
        PID:2876
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        40⤵
        
        PID:3024
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        41⤵
        
        PID:3272
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        42⤵
        
        PID:3132
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        43⤵
        
        PID:3924
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        44⤵
        
        PID:3196
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        45⤵
        
        PID:4148
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        46⤵
        
        PID:3500
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        47⤵
        
        PID:4648
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        48⤵
        
        PID:4956
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        49⤵
        
        PID:220
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        50⤵
        
        PID:2476
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        51⤵
        
        PID:3592
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        52⤵
        
        PID:2040
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        53⤵
        
        PID:3852
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        54⤵
        
        PID:4888
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        55⤵
        
        PID:3996
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        56⤵
        
        PID:3788
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        57⤵
        
        PID:4216
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        58⤵
        
        PID:4252
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        59⤵
        
        PID:4408
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        60⤵
        
        PID:4396
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        61⤵
        
        PID:1728
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        62⤵
        
        PID:2044
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        63⤵
        
        PID:4844
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        64⤵
        
        PID:4676
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        65⤵
        
        PID:4716
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        66⤵
        
        PID:4816
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        67⤵
        
        PID:4208
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        68⤵
        
        PID:2728
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        69⤵
        
        PID:4232
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        70⤵
        
        PID:3472
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        71⤵
        
        PID:2148
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        72⤵
        
        PID:3848
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        73⤵
        
        PID:1748
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        74⤵
        
        PID:652
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        75⤵
        
        PID:956
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        76⤵
        
        PID:1120
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        77⤵
        
        PID:1128
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        78⤵
        
        PID:1300
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        79⤵
        
        PID:2124
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        80⤵
        
        PID:1932
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        81⤵
        
        PID:3084
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        82⤵
        
        PID:3364
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        83⤵
        
        PID:4008
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        84⤵
        
        PID:2100
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        85⤵
        
        PID:2436
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        86⤵
        
        PID:2256
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        87⤵
        
        PID:2188
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        88⤵
        
        PID:3264
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        89⤵
        
        PID:2636
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        90⤵
        
        PID:4140
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        91⤵
        
        PID:2864
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        92⤵
        
        PID:1616
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        93⤵
        
        PID:3224
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        94⤵
        
        PID:4120
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        95⤵
        
        PID:4932
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        96⤵
        
        PID:5024
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        97⤵
        
        PID:4028
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        98⤵
        
        PID:5108
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        99⤵
        
        PID:3384
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        100⤵
        
        PID:2788
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        101⤵
        
        PID:1116
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        102⤵
        
        PID:480
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        103⤵
        
        PID:972
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        104⤵
        
        PID:2744
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        105⤵
        
        PID:2772
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        106⤵
        
        PID:2776
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        107⤵
        
        PID:2564
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        108⤵
        
        PID:556
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        109⤵
        
        PID:4156
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        110⤵
        
        PID:4272
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        111⤵
        
        PID:3980
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        112⤵
        
        PID:3984
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        113⤵
        
        PID:1068
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        114⤵
        
        PID:1248
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        115⤵
        
        PID:1736
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        116⤵
        
        PID:1860
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        117⤵
        
        PID:3304
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        118⤵
        
        PID:4724
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        119⤵
        
        PID:1836
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        120⤵
        
        PID:3912
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        121⤵
        
        PID:5132
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        122⤵
        
        PID:5148
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        123⤵
        
        PID:5164
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        124⤵
        
        PID:5176
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        125⤵
        
        PID:5196
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        126⤵
        
        PID:5208
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        127⤵
        
        PID:5220
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        128⤵
        
        PID:5232
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        129⤵
        
        PID:5248
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        130⤵
        
        PID:5264
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        131⤵
        
        PID:5280
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        132⤵
        
        PID:5292
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        133⤵
        
        PID:5308
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        134⤵
        
        PID:5324
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        135⤵
        
        PID:5340
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        136⤵
        
        PID:5352
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        137⤵
        
        PID:5364
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        138⤵
        
        PID:5380
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        139⤵
        
        PID:5396
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        140⤵
        
        PID:5412
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        141⤵
        
        PID:5428
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        142⤵
        
        PID:5440
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        143⤵
        
        PID:5456
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        144⤵
        
        PID:5468
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        145⤵
        
        PID:5484
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        146⤵
        
        PID:5496
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        147⤵
        
        PID:5508
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        148⤵
        
        PID:5524
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        149⤵
        
        PID:5540
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        150⤵
        
        PID:5556
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        151⤵
        
        PID:5572
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        152⤵
        
        PID:5588
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        153⤵
        
        PID:5600
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        154⤵
        
        PID:5612
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        155⤵
        
        PID:5628
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        156⤵
        
        PID:5644
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        157⤵
        
        PID:5656
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        158⤵
        
        PID:5668
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        159⤵
        
        PID:5680
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        160⤵
        
        PID:5692
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        161⤵
        
        PID:5704
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        162⤵
        
        PID:5716
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        163⤵
        
        PID:5728
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        164⤵
        
        PID:5740
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        165⤵
        
        PID:5752
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        166⤵
        
        PID:5764
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        167⤵
        
        PID:5776
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        168⤵
        
        PID:5788
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        169⤵
        
        PID:5800
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        170⤵
        
        PID:5812
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        171⤵
        
        PID:5824
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        172⤵
        
        PID:5836
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        173⤵
        
        PID:5848
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        174⤵
        
        PID:5860
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        175⤵
        
        PID:5880
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        176⤵
        
        PID:5892
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        177⤵
        
        PID:5904
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        178⤵
        
        PID:5916
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        179⤵
        
        PID:5928
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        180⤵
        
        PID:5940
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        181⤵
        
        PID:5952
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        182⤵
        
        PID:5968
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        183⤵
        
        PID:5984
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        184⤵
        
        PID:6000
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        185⤵
        
        PID:6016
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        186⤵
        
        PID:6032
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        187⤵
        
        PID:6044
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        188⤵
        
        PID:6056
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        189⤵
        
        PID:6072
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        190⤵
        
        PID:6084
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        191⤵
        
        PID:6096
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        192⤵
        
        PID:6108
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        193⤵
        
        PID:6124
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        194⤵
        
        PID:6136
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        195⤵
        
        PID:6156
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        196⤵
        
        PID:6172
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        197⤵
        
        PID:6188
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        198⤵
        
        PID:6200
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        199⤵
        
        PID:6212
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        200⤵
        
        PID:6228
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        201⤵
        
        PID:6244
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        202⤵
        
        PID:6260
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        203⤵
        
        PID:6272
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        204⤵
        
        PID:6288
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        205⤵
        
        PID:6304
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        206⤵
        
        PID:6320
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        207⤵
        
        PID:6336
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        208⤵
        
        PID:6352
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        209⤵
        
        PID:6368
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        210⤵
        
        PID:6384
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        211⤵
        
        PID:6396
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        212⤵
        
        PID:6408
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        213⤵
        
        PID:6420
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        214⤵
        
        PID:6436
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        215⤵
        
        PID:6448
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        216⤵
        
        PID:6460
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        217⤵
        
        PID:6476
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        218⤵
        
        PID:6488
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        219⤵
        
        PID:6504
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        220⤵
        
        PID:6516
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        221⤵
        
        PID:6536
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        222⤵
        
        PID:6552
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        223⤵
        
        PID:6568
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        224⤵
        
        PID:6580
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        225⤵
        
        PID:6600
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        226⤵
        
        PID:6616
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        227⤵
        
        PID:6632
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        228⤵
        
        PID:6648
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        229⤵
        
        PID:6664
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        230⤵
        
        PID:6680
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        231⤵
        
        PID:6696
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        232⤵
        
        PID:6712
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        233⤵
        
        PID:6728
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        234⤵
        
        PID:6744
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        235⤵
        
        PID:6756
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        236⤵
        
        PID:6772
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        237⤵
        
        PID:6788
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        238⤵
        
        PID:6804
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        239⤵
        
        PID:6816
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        240⤵
        
        PID:6832
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        241⤵
        
        PID:6844
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        242⤵
        
        PID:6864
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        243⤵
        
        PID:6880
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        244⤵
        
        PID:6896
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        245⤵
        
        PID:6912
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        246⤵
        
        PID:6928
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        247⤵
        
        PID:6944
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        248⤵
        
        PID:6960
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        249⤵
        
        PID:6976
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        250⤵
        
        PID:6992
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        251⤵
        
        PID:7004
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        252⤵
        
        PID:7024
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        253⤵
        
        PID:7040
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        254⤵
        
        PID:7056
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        255⤵
        
        PID:7072
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        256⤵
        
        PID:7088
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        257⤵
        
        PID:7100
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        258⤵
        
        PID:7120
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        259⤵
        
        PID:7132
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        260⤵
        
        PID:7152
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        261⤵
        
        PID:3444
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        262⤵
        
        PID:7184
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        263⤵
        
        PID:7200
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        264⤵
        
        PID:7216
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        265⤵
        
        PID:7232
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        266⤵
        
        PID:7248
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        267⤵
        
        PID:7264
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        268⤵
        
        PID:7280
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        269⤵
        
        PID:7296
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        270⤵
        
        PID:7312
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        271⤵
        
        PID:7328
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        272⤵
        
        PID:7344
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        273⤵
        
        PID:7356
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        274⤵
        
        PID:7372
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        275⤵
        
        PID:7384
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        276⤵
        
        PID:7396
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        277⤵
        
        PID:7408
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        278⤵
        
        PID:7420
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        279⤵
        
        PID:7436
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        280⤵
        
        PID:7448
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        281⤵
        
        PID:7464
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        282⤵
        
        PID:7476
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        283⤵
        
        PID:7488
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        284⤵
        
        PID:7504
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        285⤵
        
        PID:7520
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        286⤵
        
        PID:7536
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        287⤵
        
        PID:7548
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        288⤵
        
        PID:7568
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        289⤵
        
        PID:7584
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        290⤵
        
        PID:7596
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        291⤵
        
        PID:7612
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        292⤵
        
        PID:7628
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        293⤵
        
        PID:7640
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        294⤵
        
        PID:7656
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        295⤵
        
        PID:7672
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        296⤵
        
        PID:7688
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        297⤵
        
        PID:7704
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        298⤵
        
        PID:7720
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        299⤵
        
        PID:7736
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        300⤵
        
        PID:7752
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        301⤵
        
        PID:7768
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        302⤵
        
        PID:7784
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        303⤵
        
        PID:7800
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        304⤵
        
        PID:7812
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        305⤵
        
        PID:7828
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        306⤵
        
        PID:7844
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        307⤵
        
        PID:7864
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        308⤵
        
        PID:7880
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        309⤵
        
        PID:7896
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        310⤵
        
        PID:7908
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        311⤵
        
        PID:7924
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        312⤵
        
        PID:7940
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        313⤵
        
        PID:7956
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        314⤵
        
        PID:7968
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        315⤵
        
        PID:7984
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        316⤵
        
        PID:8000
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        317⤵
        
        PID:8016
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        318⤵
        
        PID:8032
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        319⤵
        
        PID:8048
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        320⤵
        
        PID:8064
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        321⤵
        
        PID:8080
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        322⤵
        
        PID:8096
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        323⤵
        
        PID:8108
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        324⤵
        
        PID:8124
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        325⤵
        
        PID:8140
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        326⤵
        
        PID:8156
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        327⤵
        
        PID:8172
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        328⤵
        
        PID:8188
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        329⤵
        
        PID:8208
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        330⤵
        
        PID:8224
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        331⤵
        
        PID:8236
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        332⤵
        
        PID:8252
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        333⤵
        
        PID:8264
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        334⤵
        
        PID:8276
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        335⤵
        
        PID:8292
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        336⤵
        
        PID:8308
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        337⤵
        
        PID:8320
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        338⤵
        
        PID:8336
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        339⤵
        
        PID:8348
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        340⤵
        
        PID:8360
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        341⤵
        
        PID:8372
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        342⤵
        
        PID:8384
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        343⤵
        
        PID:8396
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        344⤵
        
        PID:8412
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        345⤵
        
        PID:8428
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        346⤵
        
        PID:8444
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        347⤵
        
        PID:8460
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        348⤵
        
        PID:8472
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        349⤵
        
        PID:8488
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        350⤵
        
        PID:8508
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        351⤵
        
        PID:8524
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        352⤵
        
        PID:8536
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        353⤵
        
        PID:8548
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        354⤵
        
        PID:8564
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        355⤵
        
        PID:8584
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        356⤵
        
        PID:8600
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        357⤵
        
        PID:8624
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        358⤵
        
        PID:8660
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        359⤵
        
        PID:8688
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        360⤵
        
        PID:8704
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        361⤵
        
        PID:8724
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        362⤵
        
        PID:8740
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        363⤵
        
        PID:8756
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        364⤵
        
        PID:8768
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        365⤵
        
        PID:8780
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        366⤵
        
        PID:8792
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        367⤵
        
        PID:8808
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        368⤵
        
        PID:8824
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        369⤵
        
        PID:8836
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        370⤵
        
        PID:8860
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        371⤵
        
        PID:8900
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        372⤵
        
        PID:8932
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        373⤵
        
        PID:8948
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        374⤵
        
        PID:8964
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        375⤵
        
        PID:8976
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        376⤵
        
        PID:8992
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        377⤵
        
        PID:9008
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        378⤵
        
        PID:9024
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        379⤵
        
        PID:9040
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        380⤵
        
        PID:9056
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        381⤵
        
        PID:9068
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        382⤵
        
        PID:9084
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        383⤵
        
        PID:9100
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        384⤵
        
        PID:9116
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        385⤵
        
        PID:9136
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        386⤵
        
        PID:9152
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        387⤵
        
        PID:9164
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        388⤵
        
        PID:9184
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        389⤵
        
        PID:9200
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        390⤵
        
        PID:9220
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        391⤵
        
        PID:9236
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        392⤵
        
        PID:9252
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        393⤵
        
        PID:9268
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        394⤵
        
        PID:9288
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        395⤵
        
        PID:9304
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        396⤵
        
        PID:9320
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        397⤵
        
        PID:9336
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        398⤵
        
        PID:9352
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        399⤵
        
        PID:9368
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        400⤵
        
        PID:9396
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        401⤵
        
        PID:9412
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        402⤵
        
        PID:9424
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        403⤵
        
        PID:9436
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        404⤵
        
        PID:9448
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        405⤵
        
        PID:9464
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        406⤵
        
        PID:9476
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        407⤵
        
        PID:9488
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        408⤵
        
        PID:9500
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        409⤵
        
        PID:9520
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        410⤵
        
        PID:9536
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        411⤵
        
        PID:9552
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        412⤵
        
        PID:9568
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        413⤵
        
        PID:9584
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        414⤵
        
        PID:9600
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        415⤵
        
        PID:9616
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        416⤵
        
        PID:9628
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        417⤵
        
        PID:9644
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        418⤵
        
        PID:9660
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        419⤵
        
        PID:9676
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        420⤵
        
        PID:9692
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        421⤵
        
        PID:9704
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        422⤵
        
        PID:9716
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        423⤵
        
        PID:9728
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        424⤵
        
        PID:9744
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        425⤵
        
        PID:9760
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        426⤵
        
        PID:9772
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        427⤵
        
        PID:9784
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        428⤵
        
        PID:9796
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        429⤵
        
        PID:9812
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        430⤵
        
        PID:9828
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        431⤵
        
        PID:9840
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        432⤵
        
        PID:9852
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        433⤵
        
        PID:9864
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        434⤵
        
        PID:9876
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        435⤵
        
        PID:9888
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        436⤵
        
        PID:9904
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        437⤵
        
        PID:9916
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        438⤵
        
        PID:9928
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        439⤵
        
        PID:9940
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        440⤵
        
        PID:9952
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        441⤵
        
        PID:9964
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        442⤵
        
        PID:9976
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        443⤵
        
        PID:9992
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        444⤵
        
        PID:10004
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        445⤵
        
        PID:10020
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        446⤵
        
        PID:10032
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        447⤵
        
        PID:10044
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        448⤵
        
        PID:10056
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        449⤵
        
        PID:10072
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        450⤵
        
        PID:10084
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        451⤵
        
        PID:10100
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        452⤵
        
        PID:10112
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        453⤵
        
        PID:10124
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        454⤵
        
        PID:10140
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        455⤵
        
        PID:10152
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        456⤵
        
        PID:10168
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        457⤵
        
        PID:10180
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        458⤵
        
        PID:10196
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        459⤵
        
        PID:10208
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        460⤵
        
        PID:10224
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        461⤵
        
        PID:4352
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        462⤵
        
        PID:1800
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        463⤵
        
        PID:10256
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        464⤵
        
        PID:10268
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        465⤵
        
        PID:10280
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        466⤵
        
        PID:10296
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        467⤵
        
        PID:10312
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        468⤵
        
        PID:10324
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        469⤵
        
        PID:10340
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        470⤵
        
        PID:10356
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        471⤵
        
        PID:10372
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        472⤵
        
        PID:10388
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        473⤵
        
        PID:10404
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        474⤵
        
        PID:10420
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        475⤵
        
        PID:10436
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        476⤵
        
        PID:10448
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        477⤵
        
        PID:10464
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        478⤵
        
        PID:10480
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        479⤵
        
        PID:10496
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        480⤵
        
        PID:10512
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        481⤵
        
        PID:10524
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        482⤵
        
        PID:10544
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        483⤵
        
        PID:10560
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        484⤵
        
        PID:10576
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        485⤵
        
        PID:10592
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        486⤵
        
        PID:10608
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        487⤵
        
        PID:10620
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        488⤵
        
        PID:10636
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        489⤵
        
        PID:10652
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        490⤵
        
        PID:10668
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        491⤵
        
        PID:10684
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        492⤵
        
        PID:10700
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        493⤵
        
        PID:10716
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        494⤵
        
        PID:10732
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        495⤵
        
        PID:10748
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        496⤵
        
        PID:10764
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        497⤵
        
        PID:10780
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        498⤵
        
        PID:10796
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        499⤵
        
        PID:10812
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        500⤵
        
        PID:10828
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        501⤵
        
        PID:10844
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        502⤵
        
        PID:10860
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        503⤵
        
        PID:10876
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        504⤵
        
        PID:10892
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        505⤵
        
        PID:10908
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        506⤵
        
        PID:10924
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        507⤵
        
        PID:10940
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        508⤵
        
        PID:10952
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        509⤵
        
        PID:10968
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        510⤵
        
        PID:10992
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        511⤵
        
        PID:11020
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        512⤵
        
        PID:11036
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        513⤵
        
        PID:11052
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        514⤵
        
        PID:11064
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        515⤵
        
        PID:11080
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        516⤵
        
        PID:11096
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        517⤵
        
        PID:11108
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        518⤵
        
        PID:11124
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        519⤵
        
        PID:11140
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        520⤵
        
        PID:11160
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        521⤵
        
        PID:11176
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        522⤵
        
        PID:11192
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        523⤵
        
        PID:11208
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        524⤵
        
        PID:11224
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        525⤵
        
        PID:11240
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        526⤵
        
        PID:11252
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        527⤵
        
        PID:3696
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        528⤵
        
        PID:484
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        529⤵
        
        PID:4864
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        530⤵
        
        PID:11268
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        531⤵
        
        PID:11284
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        532⤵
        
        PID:11300
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        533⤵
        
        PID:11316
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        534⤵
        
        PID:11332
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        535⤵
        
        PID:11348
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        536⤵
        
        PID:11364
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        537⤵
        
        PID:11376
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        538⤵
        
        PID:11396
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        539⤵
        
        PID:11412
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        540⤵
        
        PID:11428
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        541⤵
        
        PID:11444
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        542⤵
        
        PID:11456
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        543⤵
        
        PID:11472
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        544⤵
        
        PID:11488
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        545⤵
        
        PID:11504
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        546⤵
        
        PID:11520
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        547⤵
        
        PID:11536
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        548⤵
        
        PID:11548
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        549⤵
        
        PID:11560
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        550⤵
        
        PID:11580
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        551⤵
        
        PID:11592
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        552⤵
        
        PID:11604
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        553⤵
        
        PID:11616
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        554⤵
        
        PID:11628
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        555⤵
        
        PID:11644
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        556⤵
        
        PID:11664
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        557⤵
        
        PID:11680
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        558⤵
        
        PID:11692
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        559⤵
        
        PID:11704
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        560⤵
        
        PID:11716
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        561⤵
        
        PID:11728
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        562⤵
        
        PID:11744
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        563⤵
        
        PID:11756
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        564⤵
        
        PID:11780
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        565⤵
        
        PID:11804
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        566⤵
        
        PID:11820
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        567⤵
        
        PID:11836
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        568⤵
        
        PID:11852
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        569⤵
        
        PID:11868
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        570⤵
        
        PID:11888
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        571⤵
        
        PID:11916
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        572⤵
        
        PID:11944
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        573⤵
        
        PID:11964
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        574⤵
        
        PID:11980
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        575⤵
        
        PID:11992
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        576⤵
        
        PID:12008
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        577⤵
        
        PID:12024
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        578⤵
        
        PID:12036
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        579⤵
        
        PID:12052
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        580⤵
        
        PID:12068
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        581⤵
        
        PID:12084
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        582⤵
        
        PID:12096
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        583⤵
        
        PID:12108
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        584⤵
        
        PID:12128
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        585⤵
        
        PID:12140
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        586⤵
        
        PID:12152
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        587⤵
        
        PID:12164
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        588⤵
        
        PID:12176
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        589⤵
        
        PID:12188
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        590⤵
        
        PID:12204
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        591⤵
        
        PID:12228
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        592⤵
        
        PID:12244
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        593⤵
        
        PID:12256
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        594⤵
        
        PID:12276
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        595⤵
        
        PID:10980
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        596⤵
        
        PID:4792
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        597⤵
        
        PID:4728
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        598⤵
        
        PID:4736
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        599⤵
        
        PID:4780
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        600⤵
        
        PID:4136
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        601⤵
        
        PID:632
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        602⤵
        
        PID:3372
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        603⤵
        
        PID:1912
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        604⤵
        
        PID:12292
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        605⤵
        
        PID:12308
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        606⤵
        
        PID:12324
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        607⤵
        
        PID:12340
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        608⤵
        
        PID:12356
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        609⤵
        
        PID:12372
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        610⤵
        
        PID:12392
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        611⤵
        
        PID:12408
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        612⤵
        
        PID:12424
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        613⤵
        
        PID:12436
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        614⤵
        
        PID:12452
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        615⤵
        
        PID:12464
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        616⤵
        
        PID:12480
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        617⤵
        
        PID:12496
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        618⤵
        
        PID:12512
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        619⤵
        
        PID:12528
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        620⤵
        
        PID:12544
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        621⤵
        
        PID:12560
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        622⤵
        
        PID:12576
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        623⤵
        
        PID:12592
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        624⤵
        
        PID:12608
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        625⤵
        
        PID:12620
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        626⤵
        
        PID:12632
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        627⤵
        
        PID:12644
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        628⤵
        
        PID:12656
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        629⤵
        
        PID:12672
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        630⤵
        
        PID:12684
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        631⤵
        
        PID:12696
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        632⤵
        
        PID:12708
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        633⤵
        
        PID:12720
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        634⤵
        
        PID:12732
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        635⤵
        
        PID:12744
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        636⤵
        
        PID:12756
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        637⤵
        
        PID:12772
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        638⤵
        
        PID:12784
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        639⤵
        
        PID:12796
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        640⤵
        
        PID:12812
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        641⤵
        
        PID:12828
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        642⤵
        
        PID:12844
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        643⤵
        
        PID:12856
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        644⤵
        
        PID:12872
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        645⤵
        
        PID:12888
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        646⤵
        
        PID:12900
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        647⤵
        
        PID:12912
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        648⤵
        
        PID:12928
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        649⤵
        
        PID:12940
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        650⤵
        
        PID:12956
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        651⤵
        
        PID:12972
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        652⤵
        
        PID:12984
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        653⤵
        
        PID:13000
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        654⤵
        
        PID:13012
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        655⤵
        
        PID:13024
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        656⤵
        
        PID:13036
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        657⤵
        
        PID:13048
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        658⤵
        
        PID:13060
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        659⤵
        
        PID:13072
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        660⤵
        
        PID:13084
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        661⤵
        
        PID:13096
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        662⤵
        
        PID:13108
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        663⤵
        
        PID:13120
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        664⤵
        
        PID:13132
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        665⤵
        
        PID:13144
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        666⤵
        
        PID:13164
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        667⤵
        
        PID:13176
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        668⤵
        
        PID:13192
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        669⤵
        
        PID:13208
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        670⤵
        
        PID:13220
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        671⤵
        
        PID:13236
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        672⤵
        
        PID:13252
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        673⤵
        
        PID:13268
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        674⤵
        
        PID:13284
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        675⤵
        
        PID:13300
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        676⤵
        
        PID:13320
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        677⤵
        
        PID:13332
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        678⤵
        
        PID:13344
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        679⤵
        
        PID:13356
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        680⤵
        
        PID:13372
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        681⤵
        
        PID:13384
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        682⤵
        
        PID:13400
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        683⤵
        
        PID:13416
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        684⤵
        
        PID:13428
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        685⤵
        
        PID:13448
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        686⤵
        
        PID:13464
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        687⤵
        
        PID:13480
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        688⤵
        
        PID:13496
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        689⤵
        
        PID:13508
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        690⤵
        
        PID:13520
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        691⤵
        
        PID:13536
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        692⤵
        
        PID:13548
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        693⤵
        
        PID:13560
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        694⤵
        
        PID:13580
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        695⤵
        
        PID:13608
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        696⤵
        
        PID:13660
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        697⤵
        
        PID:13684
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        698⤵
        
        PID:13700
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        699⤵
        
        PID:13728
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        700⤵
        
        PID:13744
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        701⤵
        
        PID:13760
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        702⤵
        
        PID:13772
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        703⤵
        
        PID:13788
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        704⤵
        
        PID:13804
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        705⤵
        
        PID:13816
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        706⤵
        
        PID:13832
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        707⤵
        
        PID:13852
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        708⤵
        
        PID:13864
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        709⤵
        
        PID:13876
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        710⤵
        
        PID:13892
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        711⤵
        
        PID:13912
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        712⤵
        
        PID:13924
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        713⤵
        
        PID:13940
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        714⤵
        
        PID:13964
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        715⤵
        
        PID:13976
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        716⤵
        
        PID:13988
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        717⤵
        
        PID:14000
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        718⤵
        
        PID:14012
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        719⤵
        
        PID:14024
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        720⤵
        
        PID:14036
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        721⤵
        
        PID:14048
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        722⤵
        
        PID:14060
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        723⤵
        
        PID:14072
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        724⤵
        
        PID:14084
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        725⤵
        
        PID:14096
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        726⤵
        
        PID:14108
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        727⤵
        
        PID:14120
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        728⤵
        
        PID:14132
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        729⤵
        
        PID:14144
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        730⤵
        
        PID:14156
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        731⤵
        
        PID:14172
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        732⤵
        
        PID:14188
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        733⤵
        
        PID:14204
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        734⤵
        
        PID:14220
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        735⤵
        
        PID:14236
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        736⤵
        
        PID:14252
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        737⤵
        
        PID:14268
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        738⤵
        
        PID:14284
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        739⤵
        
        PID:14300
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        740⤵
        
        PID:14312
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        741⤵
        
        PID:14324
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        742⤵
        
        PID:14340
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        743⤵
        
        PID:14356
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        744⤵
        
        PID:14372
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        745⤵
        
        PID:14388
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        746⤵
        
        PID:14400
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        747⤵
        
        PID:14416
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        748⤵
        
        PID:14432
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        749⤵
        
        PID:14452
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        750⤵
        
        PID:14468
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        751⤵
        
        PID:14480
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        752⤵
        
        PID:14492
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        753⤵
        
        PID:14504
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        754⤵
        
        PID:14516
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        755⤵
        
        PID:14540
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        756⤵
        
        PID:14552
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        757⤵
        
        PID:14564
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        758⤵
        
        PID:14580
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        759⤵
        
        PID:14596
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        760⤵
        
        PID:14612
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        761⤵
        
        PID:14628
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        762⤵
        
        PID:14644
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        763⤵
        
        PID:14656
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        764⤵
        
        PID:14672
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        765⤵
        
        PID:14688
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        766⤵
        
        PID:14704
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        767⤵
        
        PID:14720
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        768⤵
        
        PID:14736
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        769⤵
        
        PID:14752
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        770⤵
        
        PID:14768
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        771⤵
        
        PID:14780
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        772⤵
        
        PID:14792
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        773⤵
        
        PID:14808
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        774⤵
        
        PID:14824
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        775⤵
        
        PID:14840
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        776⤵
        
        PID:14856
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        777⤵
        
        PID:14872
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        778⤵
        
        PID:14884
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        779⤵
        
        PID:14900
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        780⤵
        
        PID:14912
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        781⤵
        
        PID:14928
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        782⤵
        
        PID:14944
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        783⤵
        
        PID:14960
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        784⤵
        
        PID:14980
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        785⤵
        
        PID:15000
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        786⤵
        
        PID:15020
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        787⤵
        
        PID:15048
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        788⤵
        
        PID:15064
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        789⤵
        
        PID:15076
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        790⤵
        
        PID:15096
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        791⤵
        
        PID:15116
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        792⤵
        
        PID:15128
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        793⤵
        
        PID:15148
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        794⤵
        
        PID:15164
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        795⤵
        
        PID:15180
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        796⤵
        
        PID:15196
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        797⤵
        
        PID:15212
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        798⤵
        
        PID:15228
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        799⤵
        
        PID:15244
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        800⤵
        
        PID:15260
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        801⤵
        
        PID:15276
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        802⤵
        
        PID:15288
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        803⤵
        
        PID:15304
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        804⤵
        
        PID:15320
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        805⤵
        
        PID:15332
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        806⤵
        
        PID:15344
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        807⤵
        
        PID:15356
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        808⤵
        
        PID:13568
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        809⤵
        
        PID:13156
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        810⤵
        
        PID:11788
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        811⤵
        
        PID:11928
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        812⤵
        
        PID:11952
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        813⤵
        
        PID:11956
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        814⤵
        
        PID:12264
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        815⤵
        
        PID:11884
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        816⤵
        
        PID:11880
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        817⤵
        
        PID:1364
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        818⤵
        
        PID:924
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        819⤵
        
        PID:1500
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        820⤵
        
        PID:3380
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        821⤵
        
        PID:3524
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        822⤵
        
        PID:15368
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        823⤵
        
        PID:15380
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        824⤵
        
        PID:15396
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        825⤵
        
        PID:15412
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        826⤵
        
        PID:15428
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        827⤵
        
        PID:15440
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        828⤵
        
        PID:15452
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        829⤵
        
        PID:15468
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        830⤵
        
        PID:15484
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        831⤵
        
        PID:15496
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        832⤵
        
        PID:15512
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        833⤵
        
        PID:15528
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        834⤵
        
        PID:15544
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        835⤵
        
        PID:15556
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        836⤵
        
        PID:15568
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        837⤵
        
        PID:15580
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        838⤵
        
        PID:15596
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        839⤵
        
        PID:15608
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        840⤵
        
        PID:15620
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        841⤵
        
        PID:15632
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        842⤵
        
        PID:15648
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        843⤵
        
        PID:15664
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        844⤵
        
        PID:15680
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        845⤵
        
        PID:15692
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        846⤵
        
        PID:15712
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        847⤵
        
        PID:15724
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        848⤵
        
        PID:15736
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        849⤵
        
        PID:15748
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        850⤵
        
        PID:15760
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        851⤵
        
        PID:15772
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        852⤵
        
        PID:15788
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        853⤵
        
        PID:15800
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        854⤵
        
        PID:15812
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        855⤵
        
        PID:15828
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        856⤵
        
        PID:15840
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        857⤵
        
        PID:15860
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        858⤵
        
        PID:15876
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        859⤵
        
        PID:15892
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        860⤵
        
        PID:15908
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        861⤵
        
        PID:15920
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        862⤵
        
        PID:15932
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        863⤵
        
        PID:15952
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        864⤵
        
        PID:15964
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        865⤵
        
        PID:15976
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        866⤵
        
        PID:15988
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        867⤵
        
        PID:16000
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        868⤵
        
        PID:16016
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        869⤵
        
        PID:16032
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        870⤵
        
        PID:16044
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        871⤵
        
        PID:16060
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        872⤵
        
        PID:16072
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        873⤵
        
        PID:16088
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        874⤵
        
        PID:16104
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        875⤵
        
        PID:16116
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        876⤵
        
        PID:16128
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        877⤵
        
        PID:16140
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        878⤵
        
        PID:16152
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        879⤵
        
        PID:16164
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        880⤵
        
        PID:16176
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        881⤵
        
        PID:16192
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        882⤵
        
        PID:16208
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        883⤵
        
        PID:16224
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        884⤵
        
        PID:16236
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        885⤵
        
        PID:16252
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        886⤵
        
        PID:16264
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        887⤵
        
        PID:16280
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        888⤵
        
        PID:16292
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        889⤵
        
        PID:16304
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        890⤵
        
        PID:16320
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        891⤵
        
        PID:16332
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        892⤵
        
        PID:16348
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        893⤵
        
        PID:16360
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        894⤵
        
        PID:16376
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        895⤵
        
        PID:4908
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        896⤵
        
        PID:3156
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        897⤵
        
        PID:16396
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        898⤵
        
        PID:16412
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        899⤵
        
        PID:16424
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        900⤵
        
        PID:16436
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        901⤵
        
        PID:16452
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        902⤵
        
        PID:16468
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        903⤵
        
        PID:16480
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\01872bda431e527154fcb97c2272920e21b8ae9d5262dab969ee22d924d64935.dll,#1
        904⤵
        
        PID:16496

C:\Windows\System32\WaaSMedicAgent.exe
C:\Windows\System32\WaaSMedicAgent.exe 5f6d74ba88ca435195f3bc7fd11052bf dE3toBmkfUO0wN3s4bCA9Q.0.1.0.0.0
1⤵
- Modifies data under HKEY_USERS
PID:16516

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k netsvcs -p -s wuauserv
1⤵
- Drops file in Windows directory
- Suspicious use of AdjustPrivilegeToken
PID:16588

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

T1060

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

memory/16588-142-0x00000219C59A0000-0x00000219C59A4000-memory.dmp

Filesize
16KB

Download