04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393

Analysis

max time kernel
151s
max time network
34s
platform
windows7_x64
resource
win7-20221111-en
resource tags

arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system
submitted
23-11-2022 23:10

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
Size

272KB
MD5

437b7a9d881f7f6c7733785e86fffff2
SHA1

6e4152947d89d3f2ca8e2b1af822156505fcef4f
SHA256

04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393
SHA512

6f68fa383f18219bb7d51aba843a998ab0c78f1557ef6101739f09c50ed8eefdb8f4884f18675263e97c153c7c9f55f37ab51e017848a8a6755bcae6af6bada0
SSDEEP

3072:Aa6/75GhdsCVf/edPHr8OtOF+O3EmgrKdypb90VrRUw0Sc9n2+1queaHmwdfJ/xt:sFItHeJwCOF+6gr/pb9cVmnwIHmwd6C

Score

1^/10

Malware Config

Signatures

Suspicious behavior: EnumeratesProcesses 64 IoCs

pid	Process
1376	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
1376	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
1376	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
1376	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
1376	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
1376	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
1376	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
1376	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
1376	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
1376	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
1376	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
1376	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
888	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
888	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
888	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
888	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
888	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
888	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
888	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
888	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
888	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
888	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
888	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
888	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
1396	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
1396	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
1396	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
1396	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
1396	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
1396	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
1396	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
1396	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
1396	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
1396	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
1396	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
1396	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
1904	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
1904	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
1904	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
1904	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
1904	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
1904	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
1904	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
1904	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
1904	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
1904	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
1904	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
1904	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
732	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
732	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
732	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
732	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
732	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
732	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
732	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
732	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
732	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
732	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
732	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
732	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
808	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
808	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
808	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
808	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeDebugPrivilege	1376	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
Token: SeDebugPrivilege	888	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
Token: SeDebugPrivilege	1396	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
Token: SeDebugPrivilege	1904	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
Token: SeDebugPrivilege	732	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
Token: SeDebugPrivilege	808	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
Token: SeDebugPrivilege	1644	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
Token: SeDebugPrivilege	1420	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
Token: SeDebugPrivilege	1660	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
Token: SeDebugPrivilege	1352	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
Token: SeDebugPrivilege	1832	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
Token: SeDebugPrivilege	1028	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
Token: SeDebugPrivilege	1432	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
Token: SeDebugPrivilege	1572	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
Token: SeDebugPrivilege	1684	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
Token: SeDebugPrivilege	1176	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
Token: SeDebugPrivilege	1488	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
Token: SeDebugPrivilege	768	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
Token: SeDebugPrivilege	920	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
Token: SeDebugPrivilege	1596	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
Token: SeDebugPrivilege	684	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
Token: SeDebugPrivilege	668	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
Token: SeDebugPrivilege	1564	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
Token: SeDebugPrivilege	1988	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
Token: SeDebugPrivilege	1352	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
Token: SeDebugPrivilege	552	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
Token: SeDebugPrivilege	1028	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
Token: SeDebugPrivilege	1524	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
Token: SeDebugPrivilege	364	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
Token: SeDebugPrivilege	1372	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
Token: SeDebugPrivilege	1476	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
Token: SeDebugPrivilege	1396	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
Token: SeDebugPrivilege	1520	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
Token: SeDebugPrivilege	1516	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
Token: SeDebugPrivilege	912	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
Token: SeDebugPrivilege	1996	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
Token: SeDebugPrivilege	432	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
Token: SeDebugPrivilege	1284	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
Token: SeDebugPrivilege	696	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
Token: SeDebugPrivilege	1508	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
Token: SeDebugPrivilege	1680	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
Token: SeDebugPrivilege	1572	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
Token: SeDebugPrivilege	1464	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
Token: SeDebugPrivilege	1672	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
Token: SeDebugPrivilege	1848	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
Token: SeDebugPrivilege	1664	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
Token: SeDebugPrivilege	1648	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
Token: SeDebugPrivilege	856	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
Token: SeDebugPrivilege	948	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
Token: SeDebugPrivilege	1952	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
Token: SeDebugPrivilege	1660	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
Token: SeDebugPrivilege	1920	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
Token: SeDebugPrivilege	1832	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
Token: SeDebugPrivilege	864	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
Token: SeDebugPrivilege	1792	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
Token: SeDebugPrivilege	1524	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
Token: SeDebugPrivilege	1612	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
Token: SeDebugPrivilege	1088	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
Token: SeDebugPrivilege	888	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
Token: SeDebugPrivilege	1004	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
Token: SeDebugPrivilege	684	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
Token: SeDebugPrivilege	1560	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
Token: SeDebugPrivilege	1800	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
Token: SeDebugPrivilege	828	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1376 wrote to memory of 888	1376	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe	28
PID 1376 wrote to memory of 888	1376	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe	28
PID 1376 wrote to memory of 888	1376	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe	28
PID 888 wrote to memory of 1396	888	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe	29
PID 888 wrote to memory of 1396	888	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe	29
PID 888 wrote to memory of 1396	888	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe	29
PID 1396 wrote to memory of 1904	1396	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe	30
PID 1396 wrote to memory of 1904	1396	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe	30
PID 1396 wrote to memory of 1904	1396	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe	30
PID 1904 wrote to memory of 732	1904	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe	31
PID 1904 wrote to memory of 732	1904	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe	31
PID 1904 wrote to memory of 732	1904	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe	31
PID 732 wrote to memory of 808	732	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe	32
PID 732 wrote to memory of 808	732	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe	32
PID 732 wrote to memory of 808	732	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe	32
PID 808 wrote to memory of 1644	808	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe	33
PID 808 wrote to memory of 1644	808	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe	33
PID 808 wrote to memory of 1644	808	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe	33
PID 1644 wrote to memory of 1420	1644	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe	34
PID 1644 wrote to memory of 1420	1644	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe	34
PID 1644 wrote to memory of 1420	1644	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe	34
PID 1420 wrote to memory of 1660	1420	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe	35
PID 1420 wrote to memory of 1660	1420	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe	35
PID 1420 wrote to memory of 1660	1420	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe	35
PID 1660 wrote to memory of 1352	1660	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe	36
PID 1660 wrote to memory of 1352	1660	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe	36
PID 1660 wrote to memory of 1352	1660	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe	36
PID 1352 wrote to memory of 1832	1352	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe	37
PID 1352 wrote to memory of 1832	1352	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe	37
PID 1352 wrote to memory of 1832	1352	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe	37
PID 1832 wrote to memory of 1028	1832	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe	38
PID 1832 wrote to memory of 1028	1832	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe	38
PID 1832 wrote to memory of 1028	1832	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe	38
PID 1028 wrote to memory of 1432	1028	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe	39
PID 1028 wrote to memory of 1432	1028	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe	39
PID 1028 wrote to memory of 1432	1028	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe	39
PID 1432 wrote to memory of 1572	1432	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe	40
PID 1432 wrote to memory of 1572	1432	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe	40
PID 1432 wrote to memory of 1572	1432	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe	40
PID 1572 wrote to memory of 1684	1572	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe	41
PID 1572 wrote to memory of 1684	1572	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe	41
PID 1572 wrote to memory of 1684	1572	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe	41
PID 1684 wrote to memory of 1176	1684	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe	42
PID 1684 wrote to memory of 1176	1684	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe	42
PID 1684 wrote to memory of 1176	1684	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe	42
PID 1176 wrote to memory of 1488	1176	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe	43
PID 1176 wrote to memory of 1488	1176	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe	43
PID 1176 wrote to memory of 1488	1176	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe	43
PID 1488 wrote to memory of 768	1488	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe	44
PID 1488 wrote to memory of 768	1488	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe	44
PID 1488 wrote to memory of 768	1488	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe	44
PID 768 wrote to memory of 920	768	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe	45
PID 768 wrote to memory of 920	768	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe	45
PID 768 wrote to memory of 920	768	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe	45
PID 920 wrote to memory of 1596	920	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe	46
PID 920 wrote to memory of 1596	920	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe	46
PID 920 wrote to memory of 1596	920	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe	46
PID 1596 wrote to memory of 684	1596	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe	47
PID 1596 wrote to memory of 684	1596	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe	47
PID 1596 wrote to memory of 684	1596	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe	47
PID 684 wrote to memory of 668	684	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe	48
PID 684 wrote to memory of 668	684	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe	48
PID 684 wrote to memory of 668	684	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe	48
PID 668 wrote to memory of 1564	668	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe	49

C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
"C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe"
1⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of WriteProcessMemory
PID:1376
- C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
  C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  - Suspicious use of AdjustPrivilegeToken
  - Suspicious use of WriteProcessMemory
  PID:888
- - C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
    C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
    3⤵
    - Suspicious behavior: EnumeratesProcesses
    - Suspicious use of AdjustPrivilegeToken
    - Suspicious use of WriteProcessMemory
    PID:1396
  - - C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
      C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
      4⤵
      Suspicious behavior: EnumeratesProcesses
      Suspicious use of AdjustPrivilegeToken
      Suspicious use of WriteProcessMemory
      PID:1904
    - - C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        5⤵
        Suspicious behavior: EnumeratesProcesses
        Suspicious use of AdjustPrivilegeToken
        Suspicious use of WriteProcessMemory
        
        PID:732
      - C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        6⤵
        Suspicious behavior: EnumeratesProcesses
        Suspicious use of AdjustPrivilegeToken
        Suspicious use of WriteProcessMemory
        
        PID:808
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        7⤵
        Suspicious use of AdjustPrivilegeToken
        Suspicious use of WriteProcessMemory
        
        PID:1644
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        8⤵
        Suspicious use of AdjustPrivilegeToken
        Suspicious use of WriteProcessMemory
        
        PID:1420
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        9⤵
        Suspicious use of AdjustPrivilegeToken
        Suspicious use of WriteProcessMemory
        
        PID:1660
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        10⤵
        Suspicious use of AdjustPrivilegeToken
        Suspicious use of WriteProcessMemory
        
        PID:1352
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        11⤵
        Suspicious use of AdjustPrivilegeToken
        Suspicious use of WriteProcessMemory
        
        PID:1832
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        12⤵
        Suspicious use of AdjustPrivilegeToken
        Suspicious use of WriteProcessMemory
        
        PID:1028
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        13⤵
        Suspicious use of AdjustPrivilegeToken
        Suspicious use of WriteProcessMemory
        
        PID:1432
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        14⤵
        Suspicious use of AdjustPrivilegeToken
        Suspicious use of WriteProcessMemory
        
        PID:1572
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        15⤵
        Suspicious use of AdjustPrivilegeToken
        Suspicious use of WriteProcessMemory
        
        PID:1684
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        16⤵
        Suspicious use of AdjustPrivilegeToken
        Suspicious use of WriteProcessMemory
        
        PID:1176
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        17⤵
        Suspicious use of AdjustPrivilegeToken
        Suspicious use of WriteProcessMemory
        
        PID:1488
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        18⤵
        Suspicious use of AdjustPrivilegeToken
        Suspicious use of WriteProcessMemory
        
        PID:768
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        19⤵
        Suspicious use of AdjustPrivilegeToken
        Suspicious use of WriteProcessMemory
        
        PID:920
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        20⤵
        Suspicious use of AdjustPrivilegeToken
        Suspicious use of WriteProcessMemory
        
        PID:1596
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        21⤵
        Suspicious use of AdjustPrivilegeToken
        Suspicious use of WriteProcessMemory
        
        PID:684
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        22⤵
        Suspicious use of AdjustPrivilegeToken
        Suspicious use of WriteProcessMemory
        
        PID:668
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        23⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:1564
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        24⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:1988
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        25⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:1352
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        26⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:552
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        27⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:1028
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        28⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:1524
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        29⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:364
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        30⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:1372
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        31⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:1476
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        32⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:1396
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        33⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:1520
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        34⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:1516
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        35⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:912
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        36⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:1996
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        37⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:432
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        38⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:1284
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        39⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:696
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        40⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:1508
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        41⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:1680
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        42⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:1572
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        43⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:1464
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        44⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:1672
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        45⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:1848
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        46⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:1664
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        47⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:1648
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        48⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:856
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        49⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:948
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        50⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:1952
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        51⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:1660
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        52⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:1920
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        53⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:1832
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        54⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:864
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        55⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:1792
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        56⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:1524
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        57⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:1612
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        58⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:1088
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        59⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:888
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        60⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:1004
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        61⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:684
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        62⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:1560
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        63⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:1800
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        64⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:828
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        65⤵
        
        PID:432
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        66⤵
        
        PID:1296
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        67⤵
        
        PID:696
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        68⤵
        
        PID:1512
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        69⤵
        
        PID:864
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        70⤵
        
        PID:680
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        71⤵
        
        PID:1464
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        72⤵
        
        PID:1208
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        73⤵
        
        PID:1720
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        74⤵
        
        PID:1080
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        75⤵
        
        PID:1020
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        76⤵
        
        PID:808
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        77⤵
        
        PID:592
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        78⤵
        
        PID:1232
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        79⤵
        
        PID:528
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        80⤵
        
        PID:1376
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        81⤵
        
        PID:1552
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        82⤵
        
        PID:1832
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        83⤵
        
        PID:1880
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        84⤵
        
        PID:892
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        85⤵
        
        PID:836
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        86⤵
        
        PID:364
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        87⤵
        
        PID:1468
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        88⤵
        
        PID:1612
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        89⤵
        
        PID:1844
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        90⤵
        
        PID:1596
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        91⤵
        
        PID:1688
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        92⤵
        
        PID:1516
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        93⤵
        
        PID:1780
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        94⤵
        
        PID:1784
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        95⤵
        
        PID:520
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        96⤵
        
        PID:828
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        97⤵
        
        PID:1660
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        98⤵
        
        PID:1296
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        99⤵
        
        PID:1172
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        100⤵
        
        PID:1580
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        101⤵
        
        PID:1488
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        102⤵
        
        PID:1788
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        103⤵
        
        PID:1768
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        104⤵
        
        PID:1612
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        105⤵
        
        PID:1092
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        106⤵
        
        PID:1596
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        107⤵
        
        PID:1996
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        108⤵
        
        PID:1668
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        109⤵
        
        PID:1780
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        110⤵
        
        PID:1784
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        111⤵
        
        PID:1592
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        112⤵
        
        PID:1980
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        113⤵
        
        PID:1684
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        114⤵
        
        PID:1504
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        115⤵
        
        PID:1400
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        116⤵
        
        PID:1332
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        117⤵
        
        PID:612
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        118⤵
        
        PID:888
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        119⤵
        
        PID:1644
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        120⤵
        
        PID:1228
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        121⤵
        
        PID:1932
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        122⤵
        
        PID:292
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        123⤵
        
        PID:380
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        124⤵
        
        PID:528
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        125⤵
        
        PID:1780
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        126⤵
        
        PID:940
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        127⤵
        
        PID:1448
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        128⤵
        
        PID:1184
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        129⤵
        
        PID:1512
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        130⤵
        
        PID:568
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        131⤵
        
        PID:732
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        132⤵
        
        PID:1672
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        133⤵
        
        PID:1208
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        134⤵
        
        PID:1664
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        135⤵
        
        PID:1720
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        136⤵
        
        PID:972
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        137⤵
        
        PID:1548
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        138⤵
        
        PID:744
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        139⤵
        
        PID:1232
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        140⤵
        
        PID:1352
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        141⤵
        
        PID:1608
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        142⤵
        
        PID:560
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        143⤵
        
        PID:1804
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        144⤵
        
        PID:1432
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        145⤵
        
        PID:1684
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        146⤵
        
        PID:1788
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        147⤵
        
        PID:1372
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        148⤵
        
        PID:1332
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        149⤵
        
        PID:1176
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        150⤵
        
        PID:856
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        151⤵
        
        PID:1968
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        152⤵
        
        PID:1420
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        153⤵
        
        PID:1908
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        154⤵
        
        PID:1624
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        155⤵
        
        PID:1988
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        156⤵
        
        PID:1236
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        157⤵
        
        PID:960
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        158⤵
        
        PID:940
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        159⤵
        
        PID:468
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        160⤵
        
        PID:1580
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        161⤵
        
        PID:1504
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        162⤵
        
        PID:1904
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        163⤵
        
        PID:364
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        164⤵
        
        PID:604
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        165⤵
        
        PID:1612
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        166⤵
        
        PID:1096
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        167⤵
        
        PID:1080
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        168⤵
        
        PID:1736
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        169⤵
        
        PID:1548
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        170⤵
        
        PID:1952
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        171⤵
        
        PID:1628
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        172⤵
        
        PID:848
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        173⤵
        
        PID:696
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        174⤵
        
        PID:1792
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        175⤵
        
        PID:1696
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        176⤵
        
        PID:1692
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        177⤵
        
        PID:1524
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        178⤵
        
        PID:1656
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        179⤵
        
        PID:1468
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        180⤵
        
        PID:1648
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        181⤵
        
        PID:1844
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        182⤵
        
        PID:684
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        183⤵
        
        PID:808
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        184⤵
        
        PID:292
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        185⤵
        
        PID:380
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        186⤵
        
        PID:1376
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        187⤵
        
        PID:1608
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        188⤵
        
        PID:1740
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        189⤵
        
        PID:276
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        190⤵
        
        PID:1676
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        191⤵
        
        PID:1616
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        192⤵
        
        PID:1400
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        193⤵
        
        PID:1504
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        194⤵
        
        PID:996
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        195⤵
        
        PID:1604
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        196⤵
        
        PID:1664
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        197⤵
        
        PID:972
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        198⤵
        
        PID:912
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        199⤵
        
        PID:744
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        200⤵
        
        PID:1988
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        201⤵
        
        PID:820
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        202⤵
        
        PID:560
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        203⤵
        
        PID:1064
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        204⤵
        
        PID:1804
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        205⤵
        
        PID:1792
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        206⤵
        
        PID:1488
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        207⤵
        
        PID:1396
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        208⤵
        
        PID:1672
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        209⤵
        
        PID:1904
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        210⤵
        
        PID:612
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        211⤵
        
        PID:1612
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        212⤵
        
        PID:1228
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        213⤵
        
        PID:1640
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        214⤵
        
        PID:1256
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        215⤵
        
        PID:1600
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        216⤵
        
        PID:432
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        217⤵
        
        PID:1236
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        218⤵
        
        PID:1592
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        219⤵
        
        PID:1028
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        220⤵
        
        PID:1512
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        221⤵
        
        PID:1584
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        222⤵
        
        PID:1788
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        223⤵
        
        PID:836
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        224⤵
        
        PID:832
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        225⤵
        
        PID:996
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        226⤵
        
        PID:1844
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        227⤵
        
        PID:1612
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        228⤵
        
        PID:808
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        229⤵
        
        PID:1908
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        230⤵
        
        PID:1256
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        231⤵
        
        PID:828
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        232⤵
        
        PID:432
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        233⤵
        
        PID:1236
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        234⤵
        
        PID:1740
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        235⤵
        
        PID:1296
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        236⤵
        
        PID:1792
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        237⤵
        
        PID:512
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        238⤵
        
        PID:1400
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        239⤵
        
        PID:604
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        240⤵
        
        PID:632
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        241⤵
        
        PID:1796
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        242⤵
        
        PID:612
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        243⤵
        
        PID:1228
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        244⤵
        
        PID:1928
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        245⤵
        
        PID:1596
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        246⤵
        
        PID:1508
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        247⤵
        
        PID:1832
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        248⤵
        
        PID:560
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        249⤵
        
        PID:1660
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        250⤵
        
        PID:1592
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        251⤵
        
        PID:1028
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        252⤵
        
        PID:1768
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        253⤵
        
        PID:1172
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        254⤵
        
        PID:1672
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        255⤵
        
        PID:1156
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        256⤵
        
        PID:1604
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        257⤵
        
        PID:1004
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        258⤵
        
        PID:1664
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        259⤵
        
        PID:520
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        260⤵
        
        PID:528
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        261⤵
        
        PID:1952
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        262⤵
        
        PID:860
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        263⤵
        
        PID:1980
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        264⤵
        
        PID:940
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        265⤵
        
        PID:568
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        266⤵
        
        PID:1692
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        267⤵
        
        PID:1028
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        268⤵
        
        PID:1768
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        269⤵
        
        PID:1172
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        270⤵
        
        PID:1704
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        271⤵
        
        PID:1156
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        272⤵
        
        PID:1796
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        273⤵
        
        PID:1736
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        274⤵
        
        PID:1516
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        275⤵
        
        PID:1908
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        276⤵
        
        PID:1448
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        277⤵
        
        PID:2000
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        278⤵
        
        PID:860
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        279⤵
        
        PID:1980
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        280⤵
        
        PID:1524
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        281⤵
        
        PID:1076
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        282⤵
        
        PID:1788
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        283⤵
        
        PID:1060
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        284⤵
        
        PID:1656
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        285⤵
        
        PID:604
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        286⤵
        
        PID:588
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        287⤵
        
        PID:1092
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        288⤵
        
        PID:292
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        289⤵
        
        PID:1232
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        290⤵
        
        PID:1668
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        291⤵
        
        PID:2040
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        292⤵
        
        PID:732
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        293⤵
        
        PID:1832
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        294⤵
        
        PID:1580
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        295⤵
        
        PID:1488
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        296⤵
        
        PID:512
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        297⤵
        
        PID:1536
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        298⤵
        
        PID:856
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        299⤵
        
        PID:1504
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        300⤵
        
        PID:1560
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        301⤵
        
        PID:604
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        302⤵
        
        PID:588
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        303⤵
        
        PID:1624
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        304⤵
        
        PID:1552
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        305⤵
        
        PID:1284
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        306⤵
        
        PID:960
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        307⤵
        
        PID:1448
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        308⤵
        
        PID:1464
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        309⤵
        
        PID:860
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        310⤵
        
        PID:1072
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        311⤵
        
        PID:1584
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        312⤵
        
        PID:1676
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        313⤵
        
        PID:1028
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        314⤵
        
        PID:1768
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        315⤵
        
        PID:1672
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        316⤵
        
        PID:1556
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        317⤵
        
        PID:2044
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        318⤵
        
        PID:756
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        319⤵
        
        PID:1780
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        320⤵
        
        PID:1608
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        321⤵
        
        PID:1284
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        322⤵
        
        PID:960
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        323⤵
        
        PID:1448
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        324⤵
        
        PID:1660
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        325⤵
        
        PID:860
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        326⤵
        
        PID:1740
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        327⤵
        
        PID:1712
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        328⤵
        
        PID:1572
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        329⤵
        
        PID:1644
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        330⤵
        
        PID:996
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        331⤵
        
        PID:1612
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        332⤵
        
        PID:1156
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        333⤵
        
        PID:1640
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        334⤵
        
        PID:1928
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        335⤵
        
        PID:1784
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        336⤵
        
        PID:1596
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        337⤵
        
        PID:1236
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        338⤵
        
        PID:1620
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        339⤵
        
        PID:892
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        340⤵
        
        PID:1488
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        341⤵
        
        PID:860
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        342⤵
        
        PID:1924
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        343⤵
        
        PID:1936
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        344⤵
        
        PID:1060
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        345⤵
        
        PID:1968
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        346⤵
        
        PID:668
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        347⤵
        
        PID:1004
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        348⤵
        
        PID:1420
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        349⤵
        
        PID:1624
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        350⤵
        
        PID:1908
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        351⤵
        
        PID:528
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        352⤵
        
        PID:276
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        353⤵
        
        PID:1792
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        354⤵
        
        PID:1448
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        355⤵
        
        PID:1660
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        356⤵
        
        PID:512
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        357⤵
        
        PID:632
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        358⤵
        
        PID:1536
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        359⤵
        
        PID:1704
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        360⤵
        
        PID:380
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        361⤵
        
        PID:1092
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        362⤵
        
        PID:744
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        363⤵
        
        PID:828
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        364⤵
        
        PID:1668
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        365⤵
        
        PID:560
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        366⤵
        
        PID:848
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        367⤵
        
        PID:864
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        368⤵
        
        PID:1208
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        369⤵
        
        PID:832
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        370⤵
        
        PID:1176
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        371⤵
        
        PID:1700
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        372⤵
        
        PID:1788
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        373⤵
        
        PID:1028
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        374⤵
        
        PID:1844
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        375⤵
        
        PID:684
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        376⤵
        
        PID:1548
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        377⤵
        
        PID:1736
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        378⤵
        
        PID:1508
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        379⤵
        
        PID:1296
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        380⤵
        
        PID:364
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        381⤵
        
        PID:1692
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        382⤵
        
        PID:1072
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        383⤵
        
        PID:948
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        384⤵
        
        PID:512
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        385⤵
        
        PID:1712
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        386⤵
        
        PID:1644
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        387⤵
        
        PID:1704
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        388⤵
        
        PID:1560
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        389⤵
        
        PID:1612
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        390⤵
        
        PID:1232
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        391⤵
        
        PID:1784
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        392⤵
        
        PID:1668
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        393⤵
        
        PID:188
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        394⤵
        
        PID:1620
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        395⤵
        
        PID:1592

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/364-110-0x000007FEF2BB0000-0x000007FEF35D3000-memory.dmp

Filesize
10.1MB

Download
memory/432-126-0x000007FEF2180000-0x000007FEF2BA3000-memory.dmp

Filesize
10.1MB

Download
memory/552-104-0x000007FEF1CD0000-0x000007FEF26F3000-memory.dmp

Filesize
10.1MB

Download
memory/668-96-0x000007FEF2BB0000-0x000007FEF35D3000-memory.dmp

Filesize
10.1MB

Download
memory/684-94-0x000007FEF2BB0000-0x000007FEF35D3000-memory.dmp

Filesize
10.1MB

Download
memory/684-174-0x000007FEF1CD0000-0x000007FEF26F3000-memory.dmp

Filesize
10.1MB

Download
memory/696-130-0x000007FEF2BB0000-0x000007FEF35D3000-memory.dmp

Filesize
10.1MB

Download
memory/732-62-0x000007FEF3550000-0x000007FEF3F73000-memory.dmp

Filesize
10.1MB

Download
memory/768-88-0x000007FEF3550000-0x000007FEF3F73000-memory.dmp

Filesize
10.1MB

Download
memory/808-64-0x000007FEF4430000-0x000007FEF4E53000-memory.dmp

Filesize
10.1MB

Download
memory/828-180-0x000007FEF3A90000-0x000007FEF44B3000-memory.dmp

Filesize
10.1MB

Download
memory/856-148-0x000007FEF3A90000-0x000007FEF44B3000-memory.dmp

Filesize
10.1MB

Download
memory/864-160-0x000007FEF2180000-0x000007FEF2BA3000-memory.dmp

Filesize
10.1MB

Download
memory/888-170-0x000007FEF3A90000-0x000007FEF44B3000-memory.dmp

Filesize
10.1MB

Download
memory/888-56-0x000007FEF2B20000-0x000007FEF3543000-memory.dmp

Filesize
10.1MB

Download
memory/912-122-0x000007FEF2BB0000-0x000007FEF35D3000-memory.dmp

Filesize
10.1MB

Download
memory/920-90-0x000007FEF3550000-0x000007FEF3F73000-memory.dmp

Filesize
10.1MB

Download
memory/948-150-0x000007FEF2BB0000-0x000007FEF35D3000-memory.dmp

Filesize
10.1MB

Download
memory/1004-172-0x000007FEF1CD0000-0x000007FEF26F3000-memory.dmp

Filesize
10.1MB

Download
memory/1028-106-0x000007FEF1CD0000-0x000007FEF26F3000-memory.dmp

Filesize
10.1MB

Download
memory/1028-76-0x000007FEF2B20000-0x000007FEF3543000-memory.dmp

Filesize
10.1MB

Download
memory/1088-168-0x000007FEF3A90000-0x000007FEF44B3000-memory.dmp

Filesize
10.1MB

Download
memory/1176-84-0x000007FEF3550000-0x000007FEF3F73000-memory.dmp

Filesize
10.1MB

Download
memory/1284-128-0x000007FEF2BB0000-0x000007FEF35D3000-memory.dmp

Filesize
10.1MB

Download
memory/1352-102-0x000007FEF3A90000-0x000007FEF44B3000-memory.dmp

Filesize
10.1MB

Download
memory/1352-72-0x000007FEF3550000-0x000007FEF3F73000-memory.dmp

Filesize
10.1MB

Download
memory/1372-112-0x000007FEF3A90000-0x000007FEF44B3000-memory.dmp

Filesize
10.1MB

Download
memory/1376-54-0x000007FEF3550000-0x000007FEF3F73000-memory.dmp

Filesize
10.1MB

Download
memory/1396-116-0x000007FEF3A90000-0x000007FEF44B3000-memory.dmp

Filesize
10.1MB

Download
memory/1396-58-0x000007FEF2B20000-0x000007FEF3543000-memory.dmp

Filesize
10.1MB

Download
memory/1420-68-0x000007FEF2670000-0x000007FEF3093000-memory.dmp

Filesize
10.1MB

Download
memory/1432-78-0x000007FEF4430000-0x000007FEF4E53000-memory.dmp

Filesize
10.1MB

Download
memory/1464-138-0x000007FEF3A90000-0x000007FEF44B3000-memory.dmp

Filesize
10.1MB

Download
memory/1476-114-0x000007FEF3A90000-0x000007FEF44B3000-memory.dmp

Filesize
10.1MB

Download
memory/1488-86-0x000007FEF3550000-0x000007FEF3F73000-memory.dmp

Filesize
10.1MB

Download
memory/1508-132-0x000007FEF3A90000-0x000007FEF44B3000-memory.dmp

Filesize
10.1MB

Download
memory/1516-120-0x000007FEF2BB0000-0x000007FEF35D3000-memory.dmp

Filesize
10.1MB

Download
memory/1520-118-0x000007FEF3A90000-0x000007FEF44B3000-memory.dmp

Filesize
10.1MB

Download
memory/1524-164-0x000007FEF2BB0000-0x000007FEF35D3000-memory.dmp

Filesize
10.1MB

Download
memory/1524-108-0x000007FEF2BB0000-0x000007FEF35D3000-memory.dmp

Filesize
10.1MB

Download
memory/1564-98-0x000007FEF3A90000-0x000007FEF44B3000-memory.dmp

Filesize
10.1MB

Download
memory/1572-80-0x000007FEF3550000-0x000007FEF3F73000-memory.dmp

Filesize
10.1MB

Download
memory/1572-136-0x000007FEF3A90000-0x000007FEF44B3000-memory.dmp

Filesize
10.1MB

Download
memory/1596-92-0x000007FEF2BB0000-0x000007FEF35D3000-memory.dmp

Filesize
10.1MB

Download
memory/1612-166-0x000007FEF2BB0000-0x000007FEF35D3000-memory.dmp

Filesize
10.1MB

Download
memory/1644-66-0x000007FEF4430000-0x000007FEF4E53000-memory.dmp

Filesize
10.1MB

Download
memory/1648-146-0x000007FEF3A90000-0x000007FEF44B3000-memory.dmp

Filesize
10.1MB

Download
memory/1660-70-0x000007FEF2670000-0x000007FEF3093000-memory.dmp

Filesize
10.1MB

Download
memory/1660-154-0x000007FEF2BB0000-0x000007FEF35D3000-memory.dmp

Filesize
10.1MB

Download
memory/1664-144-0x000007FEF3A90000-0x000007FEF44B3000-memory.dmp

Filesize
10.1MB

Download
memory/1672-140-0x000007FEF1CD0000-0x000007FEF26F3000-memory.dmp

Filesize
10.1MB

Download
memory/1680-134-0x000007FEF3A90000-0x000007FEF44B3000-memory.dmp

Filesize
10.1MB

Download
memory/1684-82-0x000007FEF3550000-0x000007FEF3F73000-memory.dmp

Filesize
10.1MB

Download
memory/1792-162-0x000007FEF2180000-0x000007FEF2BA3000-memory.dmp

Filesize
10.1MB

Download
memory/1800-178-0x000007FEF3A90000-0x000007FEF44B3000-memory.dmp

Filesize
10.1MB

Download
memory/1832-158-0x000007FEF2BB0000-0x000007FEF35D3000-memory.dmp

Filesize
10.1MB

Download
memory/1832-74-0x000007FEF2B20000-0x000007FEF3543000-memory.dmp

Filesize
10.1MB

Download
memory/1848-142-0x000007FEF1CD0000-0x000007FEF26F3000-memory.dmp

Filesize
10.1MB

Download
memory/1904-60-0x000007FEF3550000-0x000007FEF3F73000-memory.dmp

Filesize
10.1MB

Download
memory/1920-156-0x000007FEF2BB0000-0x000007FEF35D3000-memory.dmp

Filesize
10.1MB

Download
memory/1952-152-0x000007FEF2BB0000-0x000007FEF35D3000-memory.dmp

Filesize
10.1MB

Download
memory/1988-100-0x000007FEF3A90000-0x000007FEF44B3000-memory.dmp

Filesize
10.1MB

Download
memory/1996-124-0x000007FEF2BB0000-0x000007FEF35D3000-memory.dmp

Filesize
10.1MB

Download