68333c2a3fc1011b4f3d13fd6bbf4c96dd2cedb83e488f17d3b9f6d342674f33

Analysis

max time kernel
144s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20220812-en
resource tags

arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
submitted
29-08-2022 10:42

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll
Size

8.2MB
MD5

a5a58fd9d5106e70e4ce55257a9d16cb
SHA1

a6a892da315d0c29e43cff41d2476c9a6f375191
SHA256

400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582
SHA512

2a119fd23ec448a79ac9b6aaca64dd7439bfbd1eeddf8b81017c67af720194220b1537640e129ecb1539c40c123f3f45deef026ddb3db39225c372558e664cd2
SSDEEP

49152:xSFzp+JFY83N1qscUGsiLnQgQTClyapNoDkWkm7qcfaJDJkTKE+9y2zkWS:48J1lxGnQhTirpNW6r9DQH

Score

3^/10

Malware Config

Signatures

Program crash 1 IoCs

pid	pid_target	Process	procid_target
17056	312	WerFault.exe	77

Checks SCSI registry key(s) 3 TTPs 6 IoCs

SCSI information is often read in order to detect sandboxing environments.

Query Registry

T1012

Peripheral Device Discovery

T1120

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_DADY&Prod_DADY_DVD-ROM\4&215468a5&0&010000\ConfigFlags	dwm.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\DISK&VEN_DADY&PROD_HARDDISK\4&215468A5&0&000000	dwm.exe
Key value queried	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\ConfigFlags	dwm.exe
Key value queried	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_DADY&Prod_DADY_DVD-ROM\4&215468a5&0&010000\HardwareID	dwm.exe
Key value queried	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\HardwareID	dwm.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_DADY&PROD_DADY_DVD-ROM\4&215468A5&0&010000	dwm.exe

Enumerates system info in registry 2 TTPs 2 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	dwm.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemSKU	dwm.exe

Modifies data under HKEY_USERS 18 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates	dwm.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates	dwm.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust	dwm.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache	dwm.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA	dwm.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust	dwm.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople	dwm.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing	dwm.exe
Key created	\REGISTRY\USER\.DEFAULT\Software	dwm.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA	dwm.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Policies	dwm.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft	dwm.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root	dwm.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople	dwm.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\1e\52C64B7E	dwm.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Microsoft	dwm.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed	dwm.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed	dwm.exe

Suspicious use of AdjustPrivilegeToken 6 IoCs

description	pid	Process
Token: SeCreateGlobalPrivilege	17100	dwm.exe
Token: SeChangeNotifyPrivilege	17100	dwm.exe
Token: 33	17100	dwm.exe
Token: SeIncBasePriorityPrivilege	17100	dwm.exe
Token: SeShutdownPrivilege	17100	dwm.exe
Token: SeCreatePagefilePrivilege	17100	dwm.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1356 wrote to memory of 1332	1356	rundll32.exe	82
PID 1356 wrote to memory of 1332	1356	rundll32.exe	82
PID 1356 wrote to memory of 1332	1356	rundll32.exe	82
PID 1332 wrote to memory of 440	1332	rundll32.exe	83
PID 1332 wrote to memory of 440	1332	rundll32.exe	83
PID 1332 wrote to memory of 440	1332	rundll32.exe	83
PID 440 wrote to memory of 1464	440	rundll32.exe	84
PID 440 wrote to memory of 1464	440	rundll32.exe	84
PID 440 wrote to memory of 1464	440	rundll32.exe	84
PID 1464 wrote to memory of 2844	1464	rundll32.exe	85
PID 1464 wrote to memory of 2844	1464	rundll32.exe	85
PID 1464 wrote to memory of 2844	1464	rundll32.exe	85
PID 2844 wrote to memory of 4672	2844	rundll32.exe	86
PID 2844 wrote to memory of 4672	2844	rundll32.exe	86
PID 2844 wrote to memory of 4672	2844	rundll32.exe	86
PID 4672 wrote to memory of 4392	4672	rundll32.exe	87
PID 4672 wrote to memory of 4392	4672	rundll32.exe	87
PID 4672 wrote to memory of 4392	4672	rundll32.exe	87
PID 4392 wrote to memory of 5096	4392	rundll32.exe	88
PID 4392 wrote to memory of 5096	4392	rundll32.exe	88
PID 4392 wrote to memory of 5096	4392	rundll32.exe	88
PID 5096 wrote to memory of 5068	5096	rundll32.exe	89
PID 5096 wrote to memory of 5068	5096	rundll32.exe	89
PID 5096 wrote to memory of 5068	5096	rundll32.exe	89
PID 5068 wrote to memory of 5056	5068	rundll32.exe	90
PID 5068 wrote to memory of 5056	5068	rundll32.exe	90
PID 5068 wrote to memory of 5056	5068	rundll32.exe	90
PID 5056 wrote to memory of 4360	5056	rundll32.exe	91
PID 5056 wrote to memory of 4360	5056	rundll32.exe	91
PID 5056 wrote to memory of 4360	5056	rundll32.exe	91
PID 4360 wrote to memory of 1728	4360	rundll32.exe	92
PID 4360 wrote to memory of 1728	4360	rundll32.exe	92
PID 4360 wrote to memory of 1728	4360	rundll32.exe	92
PID 1728 wrote to memory of 3420	1728	rundll32.exe	93
PID 1728 wrote to memory of 3420	1728	rundll32.exe	93
PID 1728 wrote to memory of 3420	1728	rundll32.exe	93
PID 3420 wrote to memory of 2076	3420	rundll32.exe	94
PID 3420 wrote to memory of 2076	3420	rundll32.exe	94
PID 3420 wrote to memory of 2076	3420	rundll32.exe	94
PID 2076 wrote to memory of 3424	2076	rundll32.exe	95
PID 2076 wrote to memory of 3424	2076	rundll32.exe	95
PID 2076 wrote to memory of 3424	2076	rundll32.exe	95
PID 3424 wrote to memory of 1640	3424	rundll32.exe	96
PID 3424 wrote to memory of 1640	3424	rundll32.exe	96
PID 3424 wrote to memory of 1640	3424	rundll32.exe	96
PID 1640 wrote to memory of 1648	1640	rundll32.exe	97
PID 1640 wrote to memory of 1648	1640	rundll32.exe	97
PID 1640 wrote to memory of 1648	1640	rundll32.exe	97
PID 1648 wrote to memory of 2512	1648	rundll32.exe	98
PID 1648 wrote to memory of 2512	1648	rundll32.exe	98
PID 1648 wrote to memory of 2512	1648	rundll32.exe	98
PID 2512 wrote to memory of 1564	2512	rundll32.exe	99
PID 2512 wrote to memory of 1564	2512	rundll32.exe	99
PID 2512 wrote to memory of 1564	2512	rundll32.exe	99
PID 1564 wrote to memory of 1368	1564	rundll32.exe	100
PID 1564 wrote to memory of 1368	1564	rundll32.exe	100
PID 1564 wrote to memory of 1368	1564	rundll32.exe	100
PID 1368 wrote to memory of 1420	1368	rundll32.exe	101
PID 1368 wrote to memory of 1420	1368	rundll32.exe	101
PID 1368 wrote to memory of 1420	1368	rundll32.exe	101
PID 1420 wrote to memory of 1400	1420	rundll32.exe	102
PID 1420 wrote to memory of 1400	1420	rundll32.exe	102
PID 1420 wrote to memory of 1400	1420	rundll32.exe	102
PID 1400 wrote to memory of 2808	1400	rundll32.exe	103

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:1356
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
  2⤵
  - Suspicious use of WriteProcessMemory
  PID:1332
- - C:\Windows\SysWOW64\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
    3⤵
    - Suspicious use of WriteProcessMemory
    PID:440
  - - C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
      4⤵
      Suspicious use of WriteProcessMemory
      PID:1464
    - - C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        5⤵
        Suspicious use of WriteProcessMemory
        
        PID:2844
      - C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        6⤵
        Suspicious use of WriteProcessMemory
        
        PID:4672
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        7⤵
        Suspicious use of WriteProcessMemory
        
        PID:4392
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        8⤵
        Suspicious use of WriteProcessMemory
        
        PID:5096
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        9⤵
        Suspicious use of WriteProcessMemory
        
        PID:5068
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        10⤵
        Suspicious use of WriteProcessMemory
        
        PID:5056
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        11⤵
        Suspicious use of WriteProcessMemory
        
        PID:4360
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        12⤵
        Suspicious use of WriteProcessMemory
        
        PID:1728
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        13⤵
        Suspicious use of WriteProcessMemory
        
        PID:3420
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        14⤵
        Suspicious use of WriteProcessMemory
        
        PID:2076
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        15⤵
        Suspicious use of WriteProcessMemory
        
        PID:3424
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        16⤵
        Suspicious use of WriteProcessMemory
        
        PID:1640
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        17⤵
        Suspicious use of WriteProcessMemory
        
        PID:1648
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        18⤵
        Suspicious use of WriteProcessMemory
        
        PID:2512
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        19⤵
        Suspicious use of WriteProcessMemory
        
        PID:1564
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        20⤵
        Suspicious use of WriteProcessMemory
        
        PID:1368
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        21⤵
        Suspicious use of WriteProcessMemory
        
        PID:1420
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        22⤵
        Suspicious use of WriteProcessMemory
        
        PID:1400
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        23⤵
        
        PID:2808
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        24⤵
        
        PID:364
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        25⤵
        
        PID:228
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        26⤵
        
        PID:216
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        27⤵
        
        PID:1472
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        28⤵
        
        PID:1476
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        29⤵
        
        PID:2732
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        30⤵
        
        PID:3016
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        31⤵
        
        PID:3960
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        32⤵
        
        PID:3148
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        33⤵
        
        PID:3528
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        34⤵
        
        PID:3628
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        35⤵
        
        PID:3484
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        36⤵
        
        PID:4912
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        37⤵
        
        PID:3848
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        38⤵
        
        PID:3064
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        39⤵
        
        PID:3844
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        40⤵
        
        PID:3592
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        41⤵
        
        PID:1172
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        42⤵
        
        PID:2024
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        43⤵
        
        PID:800
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        44⤵
        
        PID:2008
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        45⤵
        
        PID:2420
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        46⤵
        
        PID:3624
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        47⤵
        
        PID:3632
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        48⤵
        
        PID:3924
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        49⤵
        
        PID:4228
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        50⤵
        
        PID:4236
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        51⤵
        
        PID:4648
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        52⤵
        
        PID:3096
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        53⤵
        
        PID:1012
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        54⤵
        
        PID:1144
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        55⤵
        
        PID:1584
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        56⤵
        
        PID:2820
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        57⤵
        
        PID:4628
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        58⤵
        
        PID:4936
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        59⤵
        
        PID:4500
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        60⤵
        
        PID:4400
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        61⤵
        
        PID:4948
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        62⤵
        
        PID:4460
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        63⤵
        
        PID:3164
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        64⤵
        
        PID:3756
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        65⤵
        
        PID:964
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        66⤵
        
        PID:3796
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        67⤵
        
        PID:3084
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        68⤵
        
        PID:2060
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        69⤵
        
        PID:3744
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        70⤵
        
        PID:2440
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        71⤵
        
        PID:4032
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        72⤵
        
        PID:2428
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        73⤵
        
        PID:4332
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        74⤵
        
        PID:2368
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        75⤵
        
        PID:4220
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        76⤵
        
        PID:2000
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        77⤵
        
        PID:1760
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        78⤵
        
        PID:3816
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        79⤵
        
        PID:2980
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        80⤵
        
        PID:1920
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        81⤵
        
        PID:756
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        82⤵
        
        PID:4724
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        83⤵
        
        PID:2544
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        84⤵
        
        PID:536
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        85⤵
        
        PID:3204
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        86⤵
        
        PID:544
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        87⤵
        
        PID:456
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        88⤵
        
        PID:4164
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        89⤵
        
        PID:4896
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        90⤵
        
        PID:764
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        91⤵
        
        PID:4876
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        92⤵
        
        PID:2448
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        93⤵
        
        PID:2456
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        94⤵
        
        PID:3280
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        95⤵
        
        PID:3496
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        96⤵
        
        PID:3172
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        97⤵
        
        PID:372
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        98⤵
        
        PID:4996
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        99⤵
        
        PID:4368
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        100⤵
        
        PID:5048
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        101⤵
        
        PID:792
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        102⤵
        
        PID:2912
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        103⤵
        
        PID:1268
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        104⤵
        
        PID:2188
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        105⤵
        
        PID:2712
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        106⤵
        
        PID:3712
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        107⤵
        
        PID:4580
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        108⤵
        
        PID:4940
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        109⤵
        
        PID:3832
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        110⤵
        
        PID:1560
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        111⤵
        
        PID:1004
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        112⤵
        
        PID:932
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        113⤵
        
        PID:1664
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        114⤵
        
        PID:4248
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        115⤵
        
        PID:396
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        116⤵
        
        PID:3800
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        117⤵
        
        PID:5128
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        118⤵
        
        PID:5144
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        119⤵
        
        PID:5160
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        120⤵
        
        PID:5176
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        121⤵
        
        PID:5192
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        122⤵
        
        PID:5208
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        123⤵
        
        PID:5224
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        124⤵
        
        PID:5240
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        125⤵
        
        PID:5256
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        126⤵
        
        PID:5272
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        127⤵
        
        PID:5288
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        128⤵
        
        PID:5304
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        129⤵
        
        PID:5320
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        130⤵
        
        PID:5336
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        131⤵
        
        PID:5352
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        132⤵
        
        PID:5368
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        133⤵
        
        PID:5384
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        134⤵
        
        PID:5396
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        135⤵
        
        PID:5412
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        136⤵
        
        PID:5428
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        137⤵
        
        PID:5444
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        138⤵
        
        PID:5456
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        139⤵
        
        PID:5476
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        140⤵
        
        PID:5492
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        141⤵
        
        PID:5508
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        142⤵
        
        PID:5520
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        143⤵
        
        PID:5536
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        144⤵
        
        PID:5548
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        145⤵
        
        PID:5564
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        146⤵
        
        PID:5584
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        147⤵
        
        PID:5600
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        148⤵
        
        PID:5612
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        149⤵
        
        PID:5628
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        150⤵
        
        PID:5644
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        151⤵
        
        PID:5660
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        152⤵
        
        PID:5676
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        153⤵
        
        PID:5692
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        154⤵
        
        PID:5708
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        155⤵
        
        PID:5724
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        156⤵
        
        PID:5740
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        157⤵
        
        PID:5756
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        158⤵
        
        PID:5768
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        159⤵
        
        PID:5784
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        160⤵
        
        PID:5800
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        161⤵
        
        PID:5816
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        162⤵
        
        PID:5832
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        163⤵
        
        PID:5848
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        164⤵
        
        PID:5860
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        165⤵
        
        PID:5872
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        166⤵
        
        PID:5888
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        167⤵
        
        PID:5900
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        168⤵
        
        PID:5916
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        169⤵
        
        PID:5928
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        170⤵
        
        PID:5944
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        171⤵
        
        PID:5960
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        172⤵
        
        PID:5976
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        173⤵
        
        PID:5992
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        174⤵
        
        PID:6008
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        175⤵
        
        PID:6024
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        176⤵
        
        PID:6036
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        177⤵
        
        PID:6052
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        178⤵
        
        PID:6064
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        179⤵
        
        PID:6076
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        180⤵
        
        PID:6096
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        181⤵
        
        PID:6112
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        182⤵
        
        PID:6128
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        183⤵
        
        PID:6140
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        184⤵
        
        PID:6156
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        185⤵
        
        PID:6168
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        186⤵
        
        PID:6180
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        187⤵
        
        PID:6196
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        188⤵
        
        PID:6208
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        189⤵
        
        PID:6228
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        190⤵
        
        PID:6240
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        191⤵
        
        PID:6252
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        192⤵
        
        PID:6264
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        193⤵
        
        PID:6280
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        194⤵
        
        PID:6296
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        195⤵
        
        PID:6308
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        196⤵
        
        PID:6328
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        197⤵
        
        PID:6344
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        198⤵
        
        PID:6360
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        199⤵
        
        PID:6376
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        200⤵
        
        PID:6388
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        201⤵
        
        PID:6400
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        202⤵
        
        PID:6412
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        203⤵
        
        PID:6424
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        204⤵
        
        PID:6444
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        205⤵
        
        PID:6456
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        206⤵
        
        PID:6476
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        207⤵
        
        PID:6492
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        208⤵
        
        PID:6504
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        209⤵
        
        PID:6520
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        210⤵
        
        PID:6536
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        211⤵
        
        PID:6548
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        212⤵
        
        PID:6564
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        213⤵
        
        PID:6580
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        214⤵
        
        PID:6596
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        215⤵
        
        PID:6608
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        216⤵
        
        PID:6624
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        217⤵
        
        PID:6636
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        218⤵
        
        PID:6652
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        219⤵
        
        PID:6664
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        220⤵
        
        PID:6680
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        221⤵
        
        PID:6696
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        222⤵
        
        PID:6712
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        223⤵
        
        PID:6724
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        224⤵
        
        PID:6736
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        225⤵
        
        PID:6752
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        226⤵
        
        PID:6768
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        227⤵
        
        PID:6780
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        228⤵
        
        PID:6792
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        229⤵
        
        PID:6812
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        230⤵
        
        PID:6828
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        231⤵
        
        PID:6844
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        232⤵
        
        PID:6860
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        233⤵
        
        PID:6872
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        234⤵
        
        PID:6884
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        235⤵
        
        PID:6900
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        236⤵
        
        PID:6916
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        237⤵
        
        PID:6932
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        238⤵
        
        PID:6948
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        239⤵
        
        PID:6960
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        240⤵
        
        PID:6984
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        241⤵
        
        PID:7004
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        242⤵
        
        PID:7020
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        243⤵
        
        PID:7040
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        244⤵
        
        PID:7056
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        245⤵
        
        PID:7072
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        246⤵
        
        PID:7088
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        247⤵
        
        PID:7104
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        248⤵
        
        PID:7116
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        249⤵
        
        PID:7136
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        250⤵
        
        PID:7156
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        251⤵
        
        PID:3932
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        252⤵
        
        PID:7180
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        253⤵
        
        PID:7196
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        254⤵
        
        PID:7212
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        255⤵
        
        PID:7228
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        256⤵
        
        PID:7240
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        257⤵
        
        PID:7252
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        258⤵
        
        PID:7268
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        259⤵
        
        PID:7280
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        260⤵
        
        PID:7300
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        261⤵
        
        PID:7316
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        262⤵
        
        PID:7332
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        263⤵
        
        PID:7344
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        264⤵
        
        PID:7360
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        265⤵
        
        PID:7376
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        266⤵
        
        PID:7392
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        267⤵
        
        PID:7408
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        268⤵
        
        PID:7420
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        269⤵
        
        PID:7436
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        270⤵
        
        PID:7452
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        271⤵
        
        PID:7464
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        272⤵
        
        PID:7476
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        273⤵
        
        PID:7488
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        274⤵
        
        PID:7508
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        275⤵
        
        PID:7520
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        276⤵
        
        PID:7536
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        277⤵
        
        PID:7548
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        278⤵
        
        PID:7560
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        279⤵
        
        PID:7576
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        280⤵
        
        PID:7588
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        281⤵
        
        PID:7604
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        282⤵
        
        PID:7616
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        283⤵
        
        PID:7632
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        284⤵
        
        PID:7648
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        285⤵
        
        PID:7664
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        286⤵
        
        PID:7680
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        287⤵
        
        PID:7696
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        288⤵
        
        PID:7712
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        289⤵
        
        PID:7724
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        290⤵
        
        PID:7744
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        291⤵
        
        PID:7760
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        292⤵
        
        PID:7776
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        293⤵
        
        PID:7792
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        294⤵
        
        PID:7804
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        295⤵
        
        PID:7820
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        296⤵
        
        PID:7836
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        297⤵
        
        PID:7848
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        298⤵
        
        PID:7868
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        299⤵
        
        PID:7880
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        300⤵
        
        PID:7896
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        301⤵
        
        PID:7912
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        302⤵
        
        PID:7928
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        303⤵
        
        PID:7944
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        304⤵
        
        PID:7960
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        305⤵
        
        PID:7976
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        306⤵
        
        PID:7988
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        307⤵
        
        PID:8004
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        308⤵
        
        PID:8020
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        309⤵
        
        PID:8032
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        310⤵
        
        PID:8048
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        311⤵
        
        PID:8060
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        312⤵
        
        PID:8076
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        313⤵
        
        PID:8092
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        314⤵
        
        PID:8104
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        315⤵
        
        PID:8120
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        316⤵
        
        PID:8136
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        317⤵
        
        PID:8152
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        318⤵
        
        PID:8164
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        319⤵
        
        PID:8180
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        320⤵
        
        PID:8200
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        321⤵
        
        PID:8212
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        322⤵
        
        PID:8228
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        323⤵
        
        PID:8244
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        324⤵
        
        PID:8260
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        325⤵
        
        PID:8276
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        326⤵
        
        PID:8292
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        327⤵
        
        PID:8304
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        328⤵
        
        PID:8324
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        329⤵
        
        PID:8340
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        330⤵
        
        PID:8352
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        331⤵
        
        PID:8372
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        332⤵
        
        PID:8388
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        333⤵
        
        PID:8400
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        334⤵
        
        PID:8416
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        335⤵
        
        PID:8428
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        336⤵
        
        PID:8448
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        337⤵
        
        PID:8464
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        338⤵
        
        PID:8480
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        339⤵
        
        PID:8492
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        340⤵
        
        PID:8504
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        341⤵
        
        PID:8516
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        342⤵
        
        PID:8536
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        343⤵
        
        PID:8552
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        344⤵
        
        PID:8564
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        345⤵
        
        PID:8580
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        346⤵
        
        PID:8592
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        347⤵
        
        PID:8608
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        348⤵
        
        PID:8620
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        349⤵
        
        PID:8636
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        350⤵
        
        PID:8652
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        351⤵
        
        PID:8664
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        352⤵
        
        PID:8684
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        353⤵
        
        PID:8700
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        354⤵
        
        PID:8712
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        355⤵
        
        PID:8724
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        356⤵
        
        PID:8740
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        357⤵
        
        PID:8760
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        358⤵
        
        PID:8772
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        359⤵
        
        PID:8792
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        360⤵
        
        PID:8808
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        361⤵
        
        PID:8824
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        362⤵
        
        PID:8840
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        363⤵
        
        PID:8852
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        364⤵
        
        PID:8868
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        365⤵
        
        PID:8880
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        366⤵
        
        PID:8896
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        367⤵
        
        PID:8908
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        368⤵
        
        PID:8924
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        369⤵
        
        PID:8940
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        370⤵
        
        PID:8956
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        371⤵
        
        PID:8968
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        372⤵
        
        PID:8984
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        373⤵
        
        PID:9000
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        374⤵
        
        PID:9012
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        375⤵
        
        PID:9028
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        376⤵
        
        PID:9048
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        377⤵
        
        PID:9060
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        378⤵
        
        PID:9076
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        379⤵
        
        PID:9092
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        380⤵
        
        PID:9108
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        381⤵
        
        PID:9120
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        382⤵
        
        PID:9136
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        383⤵
        
        PID:9152
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        384⤵
        
        PID:9168
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        385⤵
        
        PID:9180
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        386⤵
        
        PID:9200
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        387⤵
        
        PID:9220
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        388⤵
        
        PID:9248
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        389⤵
        
        PID:9264
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        390⤵
        
        PID:9276
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        391⤵
        
        PID:9292
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        392⤵
        
        PID:9308
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        393⤵
        
        PID:9324
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        394⤵
        
        PID:9336
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        395⤵
        
        PID:9348
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        396⤵
        
        PID:9368
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        397⤵
        
        PID:9384
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        398⤵
        
        PID:9396
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        399⤵
        
        PID:9416
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        400⤵
        
        PID:9432
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        401⤵
        
        PID:9448
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        402⤵
        
        PID:9464
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        403⤵
        
        PID:9480
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        404⤵
        
        PID:9496
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        405⤵
        
        PID:9508
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        406⤵
        
        PID:9524
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        407⤵
        
        PID:9540
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        408⤵
        
        PID:9556
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        409⤵
        
        PID:9568
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        410⤵
        
        PID:9580
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        411⤵
        
        PID:9596
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        412⤵
        
        PID:9612
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        413⤵
        
        PID:9632
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        414⤵
        
        PID:9652
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        415⤵
        
        PID:9668
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        416⤵
        
        PID:9684
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        417⤵
        
        PID:9700
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        418⤵
        
        PID:9716
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        419⤵
        
        PID:9732
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        420⤵
        
        PID:9748
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        421⤵
        
        PID:9760
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        422⤵
        
        PID:9776
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        423⤵
        
        PID:9788
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        424⤵
        
        PID:9804
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        425⤵
        
        PID:9820
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        426⤵
        
        PID:9832
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        427⤵
        
        PID:9844
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        428⤵
        
        PID:9856
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        429⤵
        
        PID:9872
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        430⤵
        
        PID:9884
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        431⤵
        
        PID:9900
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        432⤵
        
        PID:9916
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        433⤵
        
        PID:9928
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        434⤵
        
        PID:9948
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        435⤵
        
        PID:9964
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        436⤵
        
        PID:9976
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        437⤵
        
        PID:9992
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        438⤵
        
        PID:10004
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        439⤵
        
        PID:10024
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        440⤵
        
        PID:10040
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        441⤵
        
        PID:10056
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        442⤵
        
        PID:10072
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        443⤵
        
        PID:10088
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        444⤵
        
        PID:10104
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        445⤵
        
        PID:10116
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        446⤵
        
        PID:10132
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        447⤵
        
        PID:10148
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        448⤵
        
        PID:10164
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        449⤵
        
        PID:10180
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        450⤵
        
        PID:10196
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        451⤵
        
        PID:10208
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        452⤵
        
        PID:10224
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        453⤵
        
        PID:10236
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        454⤵
        
        PID:10248
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        455⤵
        
        PID:10260
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        456⤵
        
        PID:10276
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        457⤵
        
        PID:10292
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        458⤵
        
        PID:10304
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        459⤵
        
        PID:10324
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        460⤵
        
        PID:10336
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        461⤵
        
        PID:10352
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        462⤵
        
        PID:10364
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        463⤵
        
        PID:10376
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        464⤵
        
        PID:10392
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        465⤵
        
        PID:10408
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        466⤵
        
        PID:10424
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        467⤵
        
        PID:10440
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        468⤵
        
        PID:10456
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        469⤵
        
        PID:10472
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        470⤵
        
        PID:10488
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        471⤵
        
        PID:10504
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        472⤵
        
        PID:10516
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        473⤵
        
        PID:10532
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        474⤵
        
        PID:10548
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        475⤵
        
        PID:10564
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        476⤵
        
        PID:10580
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        477⤵
        
        PID:10596
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        478⤵
        
        PID:10612
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        479⤵
        
        PID:10628
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        480⤵
        
        PID:10644
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        481⤵
        
        PID:10660
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        482⤵
        
        PID:10672
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        483⤵
        
        PID:10692
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        484⤵
        
        PID:10708
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        485⤵
        
        PID:10724
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        486⤵
        
        PID:10740
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        487⤵
        
        PID:10752
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        488⤵
        
        PID:10768
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        489⤵
        
        PID:10784
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        490⤵
        
        PID:10800
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        491⤵
        
        PID:10816
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        492⤵
        
        PID:10832
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        493⤵
        
        PID:10844
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        494⤵
        
        PID:10864
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        495⤵
        
        PID:10876
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        496⤵
        
        PID:10888
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        497⤵
        
        PID:10904
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        498⤵
        
        PID:10916
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        499⤵
        
        PID:10936
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        500⤵
        
        PID:10952
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        501⤵
        
        PID:10968
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        502⤵
        
        PID:10984
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        503⤵
        
        PID:10996
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        504⤵
        
        PID:11012
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        505⤵
        
        PID:11028
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        506⤵
        
        PID:11044
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        507⤵
        
        PID:11060
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        508⤵
        
        PID:11072
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        509⤵
        
        PID:11084
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        510⤵
        
        PID:11100
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        511⤵
        
        PID:11112
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        512⤵
        
        PID:11128
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        513⤵
        
        PID:11140
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        514⤵
        
        PID:11156
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        515⤵
        
        PID:11172
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        516⤵
        
        PID:11188
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        517⤵
        
        PID:11200
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        518⤵
        
        PID:11216
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        519⤵
        
        PID:11228
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        520⤵
        
        PID:11244
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        521⤵
        
        PID:11260
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        522⤵
        
        PID:11272
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        523⤵
        
        PID:11288
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        524⤵
        
        PID:11304
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        525⤵
        
        PID:11316
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        526⤵
        
        PID:11332
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        527⤵
        
        PID:11348
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        528⤵
        
        PID:11364
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        529⤵
        
        PID:11380
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        530⤵
        
        PID:11396
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        531⤵
        
        PID:11408
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        532⤵
        
        PID:11424
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        533⤵
        
        PID:11436
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        534⤵
        
        PID:11452
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        535⤵
        
        PID:11464
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        536⤵
        
        PID:11480
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        537⤵
        
        PID:11496
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        538⤵
        
        PID:11512
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        539⤵
        
        PID:11528
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        540⤵
        
        PID:11544
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        541⤵
        
        PID:11560
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        542⤵
        
        PID:11576
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        543⤵
        
        PID:11592
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        544⤵
        
        PID:11604
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        545⤵
        
        PID:11620
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        546⤵
        
        PID:11636
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        547⤵
        
        PID:11652
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        548⤵
        
        PID:11664
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        549⤵
        
        PID:11680
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        550⤵
        
        PID:11696
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        551⤵
        
        PID:11712
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        552⤵
        
        PID:11728
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        553⤵
        
        PID:11744
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        554⤵
        
        PID:11764
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        555⤵
        
        PID:11780
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        556⤵
        
        PID:11792
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        557⤵
        
        PID:11812
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        558⤵
        
        PID:11828
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        559⤵
        
        PID:11844
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        560⤵
        
        PID:11856
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        561⤵
        
        PID:11872
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        562⤵
        
        PID:11888
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        563⤵
        
        PID:11904
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        564⤵
        
        PID:11916
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        565⤵
        
        PID:11932
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        566⤵
        
        PID:11944
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        567⤵
        
        PID:11956
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        568⤵
        
        PID:11972
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        569⤵
        
        PID:11984
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        570⤵
        
        PID:12000
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        571⤵
        
        PID:12016
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        572⤵
        
        PID:12032
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        573⤵
        
        PID:12048
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        574⤵
        
        PID:12060
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        575⤵
        
        PID:12080
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        576⤵
        
        PID:12096
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        577⤵
        
        PID:12112
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        578⤵
        
        PID:12124
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        579⤵
        
        PID:12136
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        580⤵
        
        PID:12148
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        581⤵
        
        PID:12164
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        582⤵
        
        PID:12180
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        583⤵
        
        PID:12192
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        584⤵
        
        PID:12208
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        585⤵
        
        PID:12220
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        586⤵
        
        PID:12236
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        587⤵
        
        PID:12252
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        588⤵
        
        PID:12264
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        589⤵
        
        PID:12280
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        590⤵
        
        PID:3436
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        591⤵
        
        PID:12300
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        592⤵
        
        PID:12316
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        593⤵
        
        PID:12332
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        594⤵
        
        PID:12348
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        595⤵
        
        PID:12360
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        596⤵
        
        PID:12376
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        597⤵
        
        PID:12388
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        598⤵
        
        PID:12400
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        599⤵
        
        PID:12416
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        600⤵
        
        PID:12436
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        601⤵
        
        PID:12452
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        602⤵
        
        PID:12468
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        603⤵
        
        PID:12480
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        604⤵
        
        PID:12492
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        605⤵
        
        PID:12504
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        606⤵
        
        PID:12524
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        607⤵
        
        PID:12536
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        608⤵
        
        PID:12556
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        609⤵
        
        PID:12572
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        610⤵
        
        PID:12588
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        611⤵
        
        PID:12604
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        612⤵
        
        PID:12620
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        613⤵
        
        PID:12636
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        614⤵
        
        PID:12648
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        615⤵
        
        PID:12664
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        616⤵
        
        PID:12680
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        617⤵
        
        PID:12696
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        618⤵
        
        PID:12708
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        619⤵
        
        PID:12720
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        620⤵
        
        PID:12732
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        621⤵
        
        PID:12744
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        622⤵
        
        PID:12760
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        623⤵
        
        PID:12772
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        624⤵
        
        PID:12784
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        625⤵
        
        PID:12800
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        626⤵
        
        PID:12816
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        627⤵
        
        PID:12832
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        628⤵
        
        PID:12848
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        629⤵
        
        PID:12864
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        630⤵
        
        PID:12876
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        631⤵
        
        PID:12892
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        632⤵
        
        PID:12904
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        633⤵
        
        PID:12920
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        634⤵
        
        PID:12940
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        635⤵
        
        PID:12956
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        636⤵
        
        PID:12968
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        637⤵
        
        PID:12988
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        638⤵
        
        PID:13004
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        639⤵
        
        PID:13020
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        640⤵
        
        PID:13036
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        641⤵
        
        PID:13052
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        642⤵
        
        PID:13068
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        643⤵
        
        PID:13084
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        644⤵
        
        PID:13096
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        645⤵
        
        PID:13112
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        646⤵
        
        PID:13124
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        647⤵
        
        PID:13140
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        648⤵
        
        PID:13156
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        649⤵
        
        PID:13172
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        650⤵
        
        PID:13184
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        651⤵
        
        PID:13196
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        652⤵
        
        PID:13208
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        653⤵
        
        PID:13220
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        654⤵
        
        PID:13236
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        655⤵
        
        PID:13252
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        656⤵
        
        PID:13268
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        657⤵
        
        PID:13284
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        658⤵
        
        PID:13300
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        659⤵
        
        PID:13316
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        660⤵
        
        PID:13332
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        661⤵
        
        PID:13348
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        662⤵
        
        PID:13360
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        663⤵
        
        PID:13376
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        664⤵
        
        PID:13396
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        665⤵
        
        PID:13412
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        666⤵
        
        PID:13428
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        667⤵
        
        PID:13444
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        668⤵
        
        PID:13460
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        669⤵
        
        PID:13476
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        670⤵
        
        PID:13488
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        671⤵
        
        PID:13512
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        672⤵
        
        PID:13528
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        673⤵
        
        PID:13548
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        674⤵
        
        PID:13564
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        675⤵
        
        PID:13576
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        676⤵
        
        PID:13592
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        677⤵
        
        PID:13608
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        678⤵
        
        PID:13620
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        679⤵
        
        PID:13636
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        680⤵
        
        PID:13652
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        681⤵
        
        PID:13668
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        682⤵
        
        PID:13680
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        683⤵
        
        PID:13700
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        684⤵
        
        PID:13716
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        685⤵
        
        PID:13728
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        686⤵
        
        PID:13744
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        687⤵
        
        PID:13780
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        688⤵
        
        PID:13792
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        689⤵
        
        PID:13812
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        690⤵
        
        PID:13828
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        691⤵
        
        PID:13848
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        692⤵
        
        PID:13864
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        693⤵
        
        PID:13876
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        694⤵
        
        PID:13896
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        695⤵
        
        PID:13908
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        696⤵
        
        PID:13920
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        697⤵
        
        PID:13936
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        698⤵
        
        PID:13948
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        699⤵
        
        PID:13968
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        700⤵
        
        PID:13984
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        701⤵
        
        PID:13996
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        702⤵
        
        PID:14008
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        703⤵
        
        PID:14028
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        704⤵
        
        PID:14044
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        705⤵
        
        PID:14056
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        706⤵
        
        PID:14072
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        707⤵
        
        PID:14088
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        708⤵
        
        PID:14104
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        709⤵
        
        PID:14116
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        710⤵
        
        PID:14136
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        711⤵
        
        PID:14156
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        712⤵
        
        PID:14168
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        713⤵
        
        PID:14192
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        714⤵
        
        PID:14224
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        715⤵
        
        PID:14252
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        716⤵
        
        PID:14268
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        717⤵
        
        PID:14292
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        718⤵
        
        PID:14304
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        719⤵
        
        PID:14332
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        720⤵
        
        PID:14284
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        721⤵
        
        PID:14340
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        722⤵
        
        PID:14360
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        723⤵
        
        PID:14384
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        724⤵
        
        PID:14396
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        725⤵
        
        PID:14416
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        726⤵
        
        PID:14440
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        727⤵
        
        PID:14456
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        728⤵
        
        PID:14476
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        729⤵
        
        PID:14496
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        730⤵
        
        PID:14516
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        731⤵
        
        PID:14536
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        732⤵
        
        PID:14552
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        733⤵
        
        PID:14572
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        734⤵
        
        PID:14592
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        735⤵
        
        PID:14612
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        736⤵
        
        PID:14632
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        737⤵
        
        PID:14648
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        738⤵
        
        PID:14664
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        739⤵
        
        PID:14684
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        740⤵
        
        PID:14704
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        741⤵
        
        PID:14724
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        742⤵
        
        PID:14748
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        743⤵
        
        PID:14768
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        744⤵
        
        PID:14788
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        745⤵
        
        PID:14804
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        746⤵
        
        PID:14824
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        747⤵
        
        PID:14848
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        748⤵
        
        PID:14872
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        749⤵
        
        PID:14896
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        750⤵
        
        PID:14924
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        751⤵
        
        PID:14936
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        752⤵
        
        PID:14960
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        753⤵
        
        PID:14980
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        754⤵
        
        PID:14996
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        755⤵
        
        PID:15016
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        756⤵
        
        PID:15036
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        757⤵
        
        PID:15060
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        758⤵
        
        PID:15080
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        759⤵
        
        PID:15092
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        760⤵
        
        PID:15108
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        761⤵
        
        PID:15128
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        762⤵
        
        PID:15144
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        763⤵
        
        PID:15156
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        764⤵
        
        PID:15172
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        765⤵
        
        PID:15188
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        766⤵
        
        PID:15204
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        767⤵
        
        PID:15220
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        768⤵
        
        PID:15240
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        769⤵
        
        PID:15252
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        770⤵
        
        PID:15268
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        771⤵
        
        PID:15288
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        772⤵
        
        PID:15304
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        773⤵
        
        PID:15316
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        774⤵
        
        PID:15332
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        775⤵
        
        PID:15348
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        776⤵
        
        PID:14620
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        777⤵
        
        PID:14912
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        778⤵
        
        PID:15044
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        779⤵
        
        PID:14240
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        780⤵
        
        PID:15376
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        781⤵
        
        PID:15396
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        782⤵
        
        PID:15428
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        783⤵
        
        PID:15444
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        784⤵
        
        PID:15456
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        785⤵
        
        PID:15472
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        786⤵
        
        PID:15492
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        787⤵
        
        PID:15508
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        788⤵
        
        PID:15524
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        789⤵
        
        PID:15536
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        790⤵
        
        PID:15556
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        791⤵
        
        PID:15572
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        792⤵
        
        PID:15592
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        793⤵
        
        PID:15608
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        794⤵
        
        PID:15636
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        795⤵
        
        PID:15652
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        796⤵
        
        PID:15664
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        797⤵
        
        PID:15684
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        798⤵
        
        PID:15700
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        799⤵
        
        PID:15716
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        800⤵
        
        PID:15740
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        801⤵
        
        PID:15760
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        802⤵
        
        PID:15772
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        803⤵
        
        PID:15792
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        804⤵
        
        PID:15804
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        805⤵
        
        PID:15820
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        806⤵
        
        PID:15840
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        807⤵
        
        PID:15852
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        808⤵
        
        PID:15872
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        809⤵
        
        PID:15888
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        810⤵
        
        PID:15904
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        811⤵
        
        PID:15920
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        812⤵
        
        PID:15936
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        813⤵
        
        PID:15956
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        814⤵
        
        PID:15968
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        815⤵
        
        PID:15988
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        816⤵
        
        PID:16000
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        817⤵
        
        PID:16012
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        818⤵
        
        PID:16028
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        819⤵
        
        PID:16044
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        820⤵
        
        PID:16060
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        821⤵
        
        PID:16076
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        822⤵
        
        PID:16092
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        823⤵
        
        PID:16104
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        824⤵
        
        PID:16124
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        825⤵
        
        PID:16136
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        826⤵
        
        PID:16156
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        827⤵
        
        PID:16168
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        828⤵
        
        PID:16180
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        829⤵
        
        PID:16196
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        830⤵
        
        PID:16212
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        831⤵
        
        PID:16228
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        832⤵
        
        PID:16268
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        833⤵
        
        PID:16284
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        834⤵
        
        PID:16296
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        835⤵
        
        PID:16308
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        836⤵
        
        PID:16368
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        837⤵
        
        PID:4168
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        838⤵
        
        PID:1436
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        839⤵
        
        PID:4224
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        840⤵
        
        PID:4756
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        841⤵
        
        PID:16396
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        842⤵
        
        PID:16412
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        843⤵
        
        PID:16424
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        844⤵
        
        PID:16436
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        845⤵
        
        PID:16448
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        846⤵
        
        PID:16464
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        847⤵
        
        PID:16480
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        848⤵
        
        PID:16496
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        849⤵
        
        PID:16508
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        850⤵
        
        PID:16524
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        851⤵
        
        PID:16536
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        852⤵
        
        PID:16556
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        853⤵
        
        PID:16572
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        854⤵
        
        PID:16592
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        855⤵
        
        PID:16604
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        856⤵
        
        PID:16624
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        857⤵
        
        PID:16640
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        858⤵
        
        PID:16652
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        859⤵
        
        PID:16668
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        860⤵
        
        PID:16684
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        861⤵
        
        PID:16700
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        862⤵
        
        PID:16716
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        863⤵
        
        PID:16732
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        864⤵
        
        PID:16748
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        865⤵
        
        PID:16764
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        866⤵
        
        PID:16776
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        867⤵
        
        PID:16792
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        868⤵
        
        PID:16804
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        869⤵
        
        PID:16820
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        870⤵
        
        PID:16840
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        871⤵
        
        PID:16856
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        872⤵
        
        PID:16876
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        873⤵
        
        PID:16892
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        874⤵
        
        PID:16904
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        875⤵
        
        PID:16920
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        876⤵
        
        PID:16936
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        877⤵
        
        PID:16948
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        878⤵
        
        PID:16968
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\400c498959fce30434b980ce660ba2ca6711a91b991d61426f7dcf524bd73582.dll,#1
        879⤵
        
        PID:16984

C:\Windows\system32\WerFault.exe
C:\Windows\system32\WerFault.exe -pss -s 460 -p 312 -ip 312
1⤵
PID:17036

C:\Windows\system32\WerFault.exe
C:\Windows\system32\WerFault.exe -u -p 312 -s 4028
1⤵
- Program crash
PID:17056

C:\Windows\system32\dwm.exe
"dwm.exe"
1⤵
- Checks SCSI registry key(s)
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious use of AdjustPrivilegeToken
PID:17100

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

T1120

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads