04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393

Analysis

max time kernel
201s
max time network
211s
platform
windows10-2004_x64
resource
win10v2004-20221111-en
resource tags

arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system
submitted
23-11-2022 23:10

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
Size

272KB
MD5

437b7a9d881f7f6c7733785e86fffff2
SHA1

6e4152947d89d3f2ca8e2b1af822156505fcef4f
SHA256

04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393
SHA512

6f68fa383f18219bb7d51aba843a998ab0c78f1557ef6101739f09c50ed8eefdb8f4884f18675263e97c153c7c9f55f37ab51e017848a8a6755bcae6af6bada0
SSDEEP

3072:Aa6/75GhdsCVf/edPHr8OtOF+O3EmgrKdypb90VrRUw0Sc9n2+1queaHmwdfJ/xt:sFItHeJwCOF+6gr/pb9cVmnwIHmwd6C

Score

1^/10

Malware Config

Signatures

Suspicious behavior: EnumeratesProcesses 64 IoCs

pid	Process
4560	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
4560	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
4560	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
4560	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
4560	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
4560	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
4560	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
4560	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
4560	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
4560	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
4560	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
4560	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
1456	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
1456	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
1456	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
1456	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
1456	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
1456	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
1456	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
1456	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
1456	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
1456	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
1456	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
1456	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
4900	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
4900	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
4900	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
4900	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
4900	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
4900	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
4900	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
4900	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
4900	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
4900	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
4900	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
4900	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
4760	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
4760	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
4760	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
4760	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
4760	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
4760	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
4760	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
4760	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
4760	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
4760	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
4760	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
4760	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
4740	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
4740	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
4740	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
4740	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
4740	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
4740	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
4740	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
4740	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
4740	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
4740	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
4740	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
4740	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
3224	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
3224	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
3224	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
3224	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeDebugPrivilege	4560	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
Token: SeDebugPrivilege	1456	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
Token: SeDebugPrivilege	4900	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
Token: SeDebugPrivilege	4760	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
Token: SeDebugPrivilege	4740	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
Token: SeDebugPrivilege	3224	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
Token: SeDebugPrivilege	1580	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
Token: SeDebugPrivilege	2124	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
Token: SeDebugPrivilege	2224	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
Token: SeDebugPrivilege	1312	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
Token: SeDebugPrivilege	1616	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
Token: SeDebugPrivilege	4036	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
Token: SeDebugPrivilege	1956	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
Token: SeDebugPrivilege	416	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
Token: SeDebugPrivilege	1960	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
Token: SeDebugPrivilege	792	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
Token: SeDebugPrivilege	216	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
Token: SeDebugPrivilege	3532	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
Token: SeDebugPrivilege	3796	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
Token: SeDebugPrivilege	2564	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
Token: SeDebugPrivilege	2060	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
Token: SeDebugPrivilege	4652	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
Token: SeDebugPrivilege	1904	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
Token: SeDebugPrivilege	4984	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
Token: SeDebugPrivilege	3620	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
Token: SeDebugPrivilege	1388	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
Token: SeDebugPrivilege	224	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
Token: SeDebugPrivilege	2004	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
Token: SeDebugPrivilege	912	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
Token: SeDebugPrivilege	4908	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
Token: SeDebugPrivilege	3036	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
Token: SeDebugPrivilege	1656	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
Token: SeDebugPrivilege	1660	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
Token: SeDebugPrivilege	4996	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
Token: SeDebugPrivilege	5008	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
Token: SeDebugPrivilege	4760	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
Token: SeDebugPrivilege	4972	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
Token: SeDebugPrivilege	4100	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
Token: SeDebugPrivilege	3224	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
Token: SeDebugPrivilege	1404	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
Token: SeDebugPrivilege	2124	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
Token: SeDebugPrivilege	4428	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
Token: SeDebugPrivilege	3916	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
Token: SeDebugPrivilege	2768	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
Token: SeDebugPrivilege	2120	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
Token: SeDebugPrivilege	4104	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
Token: SeDebugPrivilege	1264	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
Token: SeDebugPrivilege	1120	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
Token: SeDebugPrivilege	972	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
Token: SeDebugPrivilege	3048	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
Token: SeDebugPrivilege	8	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
Token: SeDebugPrivilege	5032	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
Token: SeDebugPrivilege	2196	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
Token: SeDebugPrivilege	3696	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
Token: SeDebugPrivilege	1668	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
Token: SeDebugPrivilege	2604	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
Token: SeDebugPrivilege	5088	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
Token: SeDebugPrivilege	4480	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
Token: SeDebugPrivilege	1988	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
Token: SeDebugPrivilege	2516	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
Token: SeDebugPrivilege	1160	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
Token: SeDebugPrivilege	716	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
Token: SeDebugPrivilege	4580	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
Token: SeDebugPrivilege	4492	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4560 wrote to memory of 1456	4560	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe	82
PID 4560 wrote to memory of 1456	4560	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe	82
PID 1456 wrote to memory of 4900	1456	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe	83
PID 1456 wrote to memory of 4900	1456	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe	83
PID 4900 wrote to memory of 4760	4900	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe	84
PID 4900 wrote to memory of 4760	4900	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe	84
PID 4760 wrote to memory of 4740	4760	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe	85
PID 4760 wrote to memory of 4740	4760	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe	85
PID 4740 wrote to memory of 3224	4740	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe	86
PID 4740 wrote to memory of 3224	4740	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe	86
PID 3224 wrote to memory of 1580	3224	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe	87
PID 3224 wrote to memory of 1580	3224	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe	87
PID 1580 wrote to memory of 2124	1580	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe	88
PID 1580 wrote to memory of 2124	1580	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe	88
PID 2124 wrote to memory of 2224	2124	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe	89
PID 2124 wrote to memory of 2224	2124	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe	89
PID 2224 wrote to memory of 1312	2224	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe	90
PID 2224 wrote to memory of 1312	2224	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe	90
PID 1312 wrote to memory of 1616	1312	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe	91
PID 1312 wrote to memory of 1616	1312	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe	91
PID 1616 wrote to memory of 4036	1616	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe	92
PID 1616 wrote to memory of 4036	1616	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe	92
PID 4036 wrote to memory of 1956	4036	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe	93
PID 4036 wrote to memory of 1956	4036	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe	93
PID 1956 wrote to memory of 416	1956	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe	94
PID 1956 wrote to memory of 416	1956	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe	94
PID 416 wrote to memory of 1960	416	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe	95
PID 416 wrote to memory of 1960	416	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe	95
PID 1960 wrote to memory of 792	1960	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe	96
PID 1960 wrote to memory of 792	1960	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe	96
PID 792 wrote to memory of 216	792	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe	97
PID 792 wrote to memory of 216	792	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe	97
PID 216 wrote to memory of 3532	216	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe	98
PID 216 wrote to memory of 3532	216	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe	98
PID 3532 wrote to memory of 3796	3532	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe	99
PID 3532 wrote to memory of 3796	3532	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe	99
PID 3796 wrote to memory of 2564	3796	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe	100
PID 3796 wrote to memory of 2564	3796	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe	100
PID 2564 wrote to memory of 2060	2564	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe	101
PID 2564 wrote to memory of 2060	2564	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe	101
PID 2060 wrote to memory of 4652	2060	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe	102
PID 2060 wrote to memory of 4652	2060	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe	102
PID 4652 wrote to memory of 1904	4652	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe	103
PID 4652 wrote to memory of 1904	4652	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe	103
PID 1904 wrote to memory of 4984	1904	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe	104
PID 1904 wrote to memory of 4984	1904	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe	104
PID 4984 wrote to memory of 3620	4984	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe	105
PID 4984 wrote to memory of 3620	4984	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe	105
PID 3620 wrote to memory of 1388	3620	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe	106
PID 3620 wrote to memory of 1388	3620	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe	106
PID 1388 wrote to memory of 224	1388	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe	107
PID 1388 wrote to memory of 224	1388	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe	107
PID 224 wrote to memory of 2004	224	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe	108
PID 224 wrote to memory of 2004	224	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe	108
PID 2004 wrote to memory of 912	2004	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe	109
PID 2004 wrote to memory of 912	2004	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe	109
PID 912 wrote to memory of 4908	912	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe	110
PID 912 wrote to memory of 4908	912	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe	110
PID 4908 wrote to memory of 3036	4908	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe	111
PID 4908 wrote to memory of 3036	4908	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe	111
PID 3036 wrote to memory of 1656	3036	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe	112
PID 3036 wrote to memory of 1656	3036	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe	112
PID 1656 wrote to memory of 1660	1656	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe	113
PID 1656 wrote to memory of 1660	1656	04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe	113

C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
"C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe"
1⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of WriteProcessMemory
PID:4560
- C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
  C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  - Suspicious use of AdjustPrivilegeToken
  - Suspicious use of WriteProcessMemory
  PID:1456
- - C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
    C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
    3⤵
    - Suspicious behavior: EnumeratesProcesses
    - Suspicious use of AdjustPrivilegeToken
    - Suspicious use of WriteProcessMemory
    PID:4900
  - - C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
      C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
      4⤵
      Suspicious behavior: EnumeratesProcesses
      Suspicious use of AdjustPrivilegeToken
      Suspicious use of WriteProcessMemory
      PID:4760
    - - C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        5⤵
        Suspicious behavior: EnumeratesProcesses
        Suspicious use of AdjustPrivilegeToken
        Suspicious use of WriteProcessMemory
        
        PID:4740
      - C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        6⤵
        Suspicious behavior: EnumeratesProcesses
        Suspicious use of AdjustPrivilegeToken
        Suspicious use of WriteProcessMemory
        
        PID:3224
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        7⤵
        Suspicious use of AdjustPrivilegeToken
        Suspicious use of WriteProcessMemory
        
        PID:1580
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        8⤵
        Suspicious use of AdjustPrivilegeToken
        Suspicious use of WriteProcessMemory
        
        PID:2124
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        9⤵
        Suspicious use of AdjustPrivilegeToken
        Suspicious use of WriteProcessMemory
        
        PID:2224
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        10⤵
        Suspicious use of AdjustPrivilegeToken
        Suspicious use of WriteProcessMemory
        
        PID:1312
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        11⤵
        Suspicious use of AdjustPrivilegeToken
        Suspicious use of WriteProcessMemory
        
        PID:1616
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        12⤵
        Suspicious use of AdjustPrivilegeToken
        Suspicious use of WriteProcessMemory
        
        PID:4036
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        13⤵
        Suspicious use of AdjustPrivilegeToken
        Suspicious use of WriteProcessMemory
        
        PID:1956
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        14⤵
        Suspicious use of AdjustPrivilegeToken
        Suspicious use of WriteProcessMemory
        
        PID:416
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        15⤵
        Suspicious use of AdjustPrivilegeToken
        Suspicious use of WriteProcessMemory
        
        PID:1960
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        16⤵
        Suspicious use of AdjustPrivilegeToken
        Suspicious use of WriteProcessMemory
        
        PID:792
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        17⤵
        Suspicious use of AdjustPrivilegeToken
        Suspicious use of WriteProcessMemory
        
        PID:216
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        18⤵
        Suspicious use of AdjustPrivilegeToken
        Suspicious use of WriteProcessMemory
        
        PID:3532
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        19⤵
        Suspicious use of AdjustPrivilegeToken
        Suspicious use of WriteProcessMemory
        
        PID:3796
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        20⤵
        Suspicious use of AdjustPrivilegeToken
        Suspicious use of WriteProcessMemory
        
        PID:2564
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        21⤵
        Suspicious use of AdjustPrivilegeToken
        Suspicious use of WriteProcessMemory
        
        PID:2060
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        22⤵
        Suspicious use of AdjustPrivilegeToken
        Suspicious use of WriteProcessMemory
        
        PID:4652
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        23⤵
        Suspicious use of AdjustPrivilegeToken
        Suspicious use of WriteProcessMemory
        
        PID:1904
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        24⤵
        Suspicious use of AdjustPrivilegeToken
        Suspicious use of WriteProcessMemory
        
        PID:4984
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        25⤵
        Suspicious use of AdjustPrivilegeToken
        Suspicious use of WriteProcessMemory
        
        PID:3620
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        26⤵
        Suspicious use of AdjustPrivilegeToken
        Suspicious use of WriteProcessMemory
        
        PID:1388
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        27⤵
        Suspicious use of AdjustPrivilegeToken
        Suspicious use of WriteProcessMemory
        
        PID:224
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        28⤵
        Suspicious use of AdjustPrivilegeToken
        Suspicious use of WriteProcessMemory
        
        PID:2004
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        29⤵
        Suspicious use of AdjustPrivilegeToken
        Suspicious use of WriteProcessMemory
        
        PID:912
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        30⤵
        Suspicious use of AdjustPrivilegeToken
        Suspicious use of WriteProcessMemory
        
        PID:4908
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        31⤵
        Suspicious use of AdjustPrivilegeToken
        Suspicious use of WriteProcessMemory
        
        PID:3036
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        32⤵
        Suspicious use of AdjustPrivilegeToken
        Suspicious use of WriteProcessMemory
        
        PID:1656
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        33⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:1660
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        34⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:4996
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        35⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:5008
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        36⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:4760
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        37⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:4972
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        38⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:4100
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        39⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:3224
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        40⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:1404
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        41⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:2124
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        42⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:4428
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        43⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:3916
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        44⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:2768
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        45⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:2120
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        46⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:4104
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        47⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:1264
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        48⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:1120
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        49⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:972
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        50⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:3048
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        51⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:8
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        52⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:5032
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        53⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:2196
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        54⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:3696
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        55⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:1668
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        56⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:2604
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        57⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:5088
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        58⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:4480
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        59⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:1988
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        60⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:2516
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        61⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:1160
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        62⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:716
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        63⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:4580
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        64⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:4492
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        65⤵
        
        PID:1192
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        66⤵
        
        PID:2640
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        67⤵
        
        PID:4916
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        68⤵
        
        PID:4856
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        69⤵
        
        PID:2152
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        70⤵
        
        PID:4120
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        71⤵
        
        PID:4460
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        72⤵
        
        PID:4752
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        73⤵
        
        PID:4296
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        74⤵
        
        PID:2624
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        75⤵
        
        PID:4136
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        76⤵
        
        PID:2124
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        77⤵
        
        PID:1616
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        78⤵
        
        PID:480
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        79⤵
        
        PID:4420
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        80⤵
        
        PID:4216
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        81⤵
        
        PID:3580
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        82⤵
        
        PID:852
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        83⤵
        
        PID:1260
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        84⤵
        
        PID:1464
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        85⤵
        
        PID:1284
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        86⤵
        
        PID:2888
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        87⤵
        
        PID:2172
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        88⤵
        
        PID:1624
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        89⤵
        
        PID:3508
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        90⤵
        
        PID:2364
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        91⤵
        
        PID:2664
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        92⤵
        
        PID:1904
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        93⤵
        
        PID:4380
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        94⤵
        
        PID:1256
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        95⤵
        
        PID:4264
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        96⤵
        
        PID:1148
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        97⤵
        
        PID:4908
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        98⤵
        
        PID:4560
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        99⤵
        
        PID:4624
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        100⤵
        
        PID:1660
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        101⤵
        
        PID:1188
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        102⤵
        
        PID:4840
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        103⤵
        
        PID:4916
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        104⤵
        
        PID:4856
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        105⤵
        
        PID:1752
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        106⤵
        
        PID:4120
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        107⤵
        
        PID:4460
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        108⤵
        
        PID:4752
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        109⤵
        
        PID:4296
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        110⤵
        
        PID:2624
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        111⤵
        
        PID:5072
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        112⤵
        
        PID:3320
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        113⤵
        
        PID:4428
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        114⤵
        
        PID:3916
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        115⤵
        
        PID:436
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        116⤵
        
        PID:4980
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        117⤵
        
        PID:2772
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        118⤵
        
        PID:4456
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        119⤵
        
        PID:2536
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        120⤵
        
        PID:792
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        121⤵
        
        PID:2216
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        122⤵
        
        PID:2660
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        123⤵
        
        PID:1032
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        124⤵
        
        PID:4864
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        125⤵
        
        PID:4636
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        126⤵
        
        PID:4732
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        127⤵
        
        PID:4496
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        128⤵
        
        PID:4412
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        129⤵
        
        PID:4920
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        130⤵
        
        PID:896
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        131⤵
        
        PID:1344
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        132⤵
        
        PID:4380
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        133⤵
        
        PID:2740
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        134⤵
        
        PID:2648
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        135⤵
        
        PID:3460
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        136⤵
        
        PID:3464
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        137⤵
        
        PID:4044
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        138⤵
        
        PID:4468
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        139⤵
        
        PID:4112
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        140⤵
        
        PID:3708
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        141⤵
        
        PID:5008
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        142⤵
        
        PID:5012
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        143⤵
        
        PID:4856
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        144⤵
        
        PID:1752
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        145⤵
        
        PID:4120
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        146⤵
        
        PID:4224
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        147⤵
        
        PID:5052
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        148⤵
        
        PID:1652
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        149⤵
        
        PID:4452
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        150⤵
        
        PID:1316
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        151⤵
        
        PID:1864
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        152⤵
        
        PID:1300
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        153⤵
        
        PID:728
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        154⤵
        
        PID:1412
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        155⤵
        
        PID:444
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        156⤵
        
        PID:1120
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        157⤵
        
        PID:176
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        158⤵
        
        PID:3120
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        159⤵
        
        PID:4968
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        160⤵
        
        PID:3544
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        161⤵
        
        PID:3596
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        162⤵
        
        PID:1032
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        163⤵
        
        PID:4828
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        164⤵
        
        PID:4812
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        165⤵
        
        PID:4836
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        166⤵
        
        PID:3684
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        167⤵
        
        PID:2364
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        168⤵
        
        PID:2664
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        169⤵
        
        PID:4084
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        170⤵
        
        PID:4860
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        171⤵
        
        PID:4060
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        172⤵
        
        PID:3080
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        173⤵
        
        PID:1148
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        174⤵
        
        PID:4908
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        175⤵
        
        PID:4560
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        176⤵
        
        PID:560
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        177⤵
        
        PID:1660
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        178⤵
        
        PID:916
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        179⤵
        
        PID:2152
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        180⤵
        
        PID:1748
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        181⤵
        
        PID:4332
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        182⤵
        
        PID:1472
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        183⤵
        
        PID:3432
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        184⤵
        
        PID:1528
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        185⤵
        
        PID:1616
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        186⤵
        
        PID:3400
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        187⤵
        
        PID:3428
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        188⤵
        
        PID:3636
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        189⤵
        
        PID:4132
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        190⤵
        
        PID:1884
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        191⤵
        
        PID:4604
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        192⤵
        
        PID:2644
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        193⤵
        
        PID:176
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        194⤵
        
        PID:3120
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        195⤵
        
        PID:3192
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        196⤵
        
        PID:2888
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        197⤵
        
        PID:3180
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        198⤵
        
        PID:4312
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        199⤵
        
        PID:2396
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        200⤵
        
        PID:4664
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        201⤵
        
        PID:5080
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        202⤵
        
        PID:4540
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        203⤵
        
        PID:4244
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        204⤵
        
        PID:632
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        205⤵
        
        PID:1944
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        206⤵
        
        PID:4092
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        207⤵
        
        PID:2648
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        208⤵
        
        PID:716
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        209⤵
        
        PID:2388
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        210⤵
        
        PID:4468
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        211⤵
        
        PID:4476
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        212⤵
        
        PID:1700
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        213⤵
        
        PID:416
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        214⤵
        
        PID:4368
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        215⤵
        
        PID:4768
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        216⤵
        
        PID:4348
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        217⤵
        
        PID:3016
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        218⤵
        
        PID:1604
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        219⤵
        
        PID:3076
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        220⤵
        
        PID:3428
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        221⤵
        
        PID:396
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        222⤵
        
        PID:2692
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        223⤵
        
        PID:1260
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        224⤵
        
        PID:4608
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        225⤵
        
        PID:176
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        226⤵
        
        PID:1396
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        227⤵
        
        PID:4352
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        228⤵
        
        PID:4636
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        229⤵
        
        PID:3148
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        230⤵
        
        PID:5044
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        231⤵
        
        PID:1744
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        232⤵
        
        PID:3880
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        233⤵
        
        PID:632
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        234⤵
        
        PID:5000
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        235⤵
        
        PID:1400
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        236⤵
        
        PID:4796
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        237⤵
        
        PID:1152
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        238⤵
        
        PID:4924
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        239⤵
        
        PID:4572
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        240⤵
        
        PID:4792
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        241⤵
        
        PID:4660
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        242⤵
        
        PID:560
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        243⤵
        
        PID:1660
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        244⤵
        
        PID:4588
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        245⤵
        
        PID:2152
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        246⤵
        
        PID:1748
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        247⤵
        
        PID:4332
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        248⤵
        
        PID:3000
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        249⤵
        
        PID:4876
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        250⤵
        
        PID:1300
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        251⤵
        
        PID:1264
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        252⤵
        
        PID:1412
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        253⤵
        
        PID:444
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        254⤵
        
        PID:5064
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        255⤵
        
        PID:396
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        256⤵
        
        PID:3608
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        257⤵
        
        PID:4604
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        258⤵
        
        PID:780
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        259⤵
        
        PID:4372
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        260⤵
        
        PID:3120
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        261⤵
        
        PID:3192
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        262⤵
        
        PID:8
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        263⤵
        
        PID:3052
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        264⤵
        
        PID:4640
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        265⤵
        
        PID:4836
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        266⤵
        
        PID:1988
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        267⤵
        
        PID:4052
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        268⤵
        
        PID:5088
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        269⤵
        
        PID:3896
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        270⤵
        
        PID:3576
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        271⤵
        
        PID:4060
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        272⤵
        
        PID:4192
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        273⤵
        
        PID:1656
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        274⤵
        
        PID:1824
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        275⤵
        
        PID:4784
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        276⤵
        
        PID:4528
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        277⤵
        
        PID:4560
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        278⤵
        
        PID:4476
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        279⤵
        
        PID:1416
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        280⤵
        
        PID:4460
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        281⤵
        
        PID:3004
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        282⤵
        
        PID:4024
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        283⤵
        
        PID:3716
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        284⤵
        
        PID:2544
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        285⤵
        
        PID:2276
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        286⤵
        
        PID:4104
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        287⤵
        
        PID:1476
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        288⤵
        
        PID:2340
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        289⤵
        
        PID:4988
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        290⤵
        
        PID:2928
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        291⤵
        
        PID:1292
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        292⤵
        
        PID:3012
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        293⤵
        
        PID:3796
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        294⤵
        
        PID:2564
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        295⤵
        
        PID:3176
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        296⤵
        
        PID:3180
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        297⤵
        
        PID:2956
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        298⤵
        
        PID:4664
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        299⤵
        
        PID:5008
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        300⤵
        
        PID:4732
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        301⤵
        
        PID:3376
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        302⤵
        
        PID:1344
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        303⤵
        
        PID:2364
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        304⤵
        
        PID:1532
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        305⤵
        
        PID:1268
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        306⤵
        
        PID:3460
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        307⤵
        
        PID:3356
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        308⤵
        
        PID:4032
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        309⤵
        
        PID:2332
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        310⤵
        
        PID:2060
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        311⤵
        
        PID:4848
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        312⤵
        
        PID:4208
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        313⤵
        
        PID:3708
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        314⤵
        
        PID:4576
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        315⤵
        
        PID:640
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        316⤵
        
        PID:4768
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        317⤵
        
        PID:828
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        318⤵
        
        PID:4212
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        319⤵
        
        PID:3592
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        320⤵
        
        PID:4136
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        321⤵
        
        PID:4420
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        322⤵
        
        PID:1508
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        323⤵
        
        PID:3076
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        324⤵
        
        PID:4384
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        325⤵
        
        PID:3032
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        326⤵
        
        PID:4456
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        327⤵
        
        PID:1284
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        328⤵
        
        PID:3336
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        329⤵
        
        PID:5040
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        330⤵
        
        PID:4612
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        331⤵
        
        PID:3268
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        332⤵
        
        PID:5004
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        333⤵
        
        PID:4352
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        334⤵
        
        PID:4412
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        335⤵
        
        PID:1456
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        336⤵
        
        PID:3516
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        337⤵
        
        PID:2664
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        338⤵
        
        PID:4092
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        339⤵
        
        PID:4392
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        340⤵
        
        PID:1400
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        341⤵
        
        PID:912
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        342⤵
        
        PID:776
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        343⤵
        
        PID:2604
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        344⤵
        
        PID:1896
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        345⤵
        
        PID:4972
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        346⤵
        
        PID:4256
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        347⤵
        
        PID:3008
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        348⤵
        
        PID:1660
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        349⤵
        
        PID:2624
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        350⤵
        
        PID:376
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        351⤵
        
        PID:4452
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        352⤵
        
        PID:4332
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        353⤵
        
        PID:1912
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        354⤵
        
        PID:3632
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        355⤵
        
        PID:1300
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        356⤵
        
        PID:1264
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        357⤵
        
        PID:3076
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        358⤵
        
        PID:2076
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        359⤵
        
        PID:5064
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        360⤵
        
        PID:396
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        361⤵
        
        PID:1284
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        362⤵
        
        PID:3336
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        363⤵
        
        PID:1840
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        364⤵
        
        PID:3520
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        365⤵
        
        PID:3192
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        366⤵
        
        PID:3316
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        367⤵
        
        PID:4416
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        368⤵
        
        PID:372
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        369⤵
        
        PID:3148
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        370⤵
        
        PID:3516
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        371⤵
        
        PID:3880
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        372⤵
        
        PID:4092
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        373⤵
        
        PID:4392
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        374⤵
        
        PID:3080
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        375⤵
        
        PID:912
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        376⤵
        
        PID:4996
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        377⤵
        
        PID:4632
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        378⤵
        
        PID:560
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        379⤵
        
        PID:1936
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        380⤵
        
        PID:1464
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        381⤵
        
        PID:1196
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        382⤵
        
        PID:1660
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        383⤵
        
        PID:2624
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        384⤵
        
        PID:376
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        385⤵
        
        PID:3016
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        386⤵
        
        PID:3716
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        387⤵
        
        PID:2544
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        388⤵
        
        PID:2560
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        389⤵
        
        PID:1616
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        390⤵
        
        PID:1476
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        391⤵
        
        PID:4988
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        392⤵
        
        PID:2928
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        393⤵
        
        PID:5032
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        394⤵
        
        PID:5020
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        395⤵
        
        PID:396
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        396⤵
        
        PID:4340
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        397⤵
        
        PID:3336
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        398⤵
        
        PID:4812
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        399⤵
        
        PID:3520
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        400⤵
        
        PID:8
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        401⤵
        
        PID:1472
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        402⤵
        
        PID:1668
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        403⤵
        
        PID:360
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        404⤵
        
        PID:1344
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        405⤵
        
        PID:4052
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        406⤵
        
        PID:3896
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        407⤵
        
        PID:2520
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        408⤵
        
        PID:4060
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        409⤵
        
        PID:3536
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        
        C:\Users\Admin\AppData\Local\Temp\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe
        410⤵
        
        PID:4820

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\04b122f2229c4f488d2e7b2ae5b27e19280814bf8205005b8dc476b35962e393.exe.log

Filesize
224B

MD5
1e4f2a29e11dead55e61329942cd2b14

SHA1
4b3ec9b98797d2f734d67b47cc149546f21cf0af

SHA256
28bbb0da12bd69adc9df324c01392655b788115aba7466f02c23e1ba09f789d4

SHA512
2e28227d898486bfe1cea081df486464b214df50500786e30d6ee9e7d6391f3aacd2f1ed1d0eab60d518bbc79f20f32c226f00ffd70abfe9af45a746cb08416c

Download Submit
memory/8-233-0x000000001BE50000-0x000000001C886000-memory.dmp

Filesize
10.2MB

Download
memory/216-165-0x000000001BDA0000-0x000000001C7D6000-memory.dmp

Filesize
10.2MB

Download
memory/224-185-0x000000001B9F0000-0x000000001C426000-memory.dmp

Filesize
10.2MB

Download
memory/416-159-0x000000001B650000-0x000000001C086000-memory.dmp

Filesize
10.2MB

Download
memory/716-255-0x000000001BD30000-0x000000001C766000-memory.dmp

Filesize
10.2MB

Download
memory/792-163-0x000000001BB10000-0x000000001C546000-memory.dmp

Filesize
10.2MB

Download
memory/912-189-0x000000001BA90000-0x000000001C4C6000-memory.dmp

Filesize
10.2MB

Download
memory/972-229-0x000000001B170000-0x000000001BBA6000-memory.dmp

Filesize
10.2MB

Download
memory/1120-227-0x000000001BBB0000-0x000000001C5E6000-memory.dmp

Filesize
10.2MB

Download
memory/1160-253-0x000000001BA20000-0x000000001C456000-memory.dmp

Filesize
10.2MB

Download
memory/1264-225-0x000000001B230000-0x000000001BC66000-memory.dmp

Filesize
10.2MB

Download
memory/1312-151-0x000000001BE50000-0x000000001C886000-memory.dmp

Filesize
10.2MB

Download
memory/1388-183-0x000000001B0A0000-0x000000001BAD6000-memory.dmp

Filesize
10.2MB

Download
memory/1404-211-0x000000001BC90000-0x000000001C6C6000-memory.dmp

Filesize
10.2MB

Download
memory/1456-134-0x000000001B0C0000-0x000000001BAF6000-memory.dmp

Filesize
10.2MB

Download
memory/1580-145-0x000000001BE20000-0x000000001C856000-memory.dmp

Filesize
10.2MB

Download
memory/1616-153-0x000000001AF60000-0x000000001B996000-memory.dmp

Filesize
10.2MB

Download
memory/1656-195-0x000000001B610000-0x000000001C046000-memory.dmp

Filesize
10.2MB

Download
memory/1660-197-0x000000001BEC0000-0x000000001C8F6000-memory.dmp

Filesize
10.2MB

Download
memory/1668-241-0x000000001BE90000-0x000000001C8C6000-memory.dmp

Filesize
10.2MB

Download
memory/1904-177-0x000000001B7B0000-0x000000001C1E6000-memory.dmp

Filesize
10.2MB

Download
memory/1956-157-0x000000001B710000-0x000000001C146000-memory.dmp

Filesize
10.2MB

Download
memory/1960-161-0x000000001BA30000-0x000000001C466000-memory.dmp

Filesize
10.2MB

Download
memory/1988-249-0x000000001BAC0000-0x000000001C4F6000-memory.dmp

Filesize
10.2MB

Download
memory/2004-187-0x000000001BA60000-0x000000001C496000-memory.dmp

Filesize
10.2MB

Download
memory/2060-173-0x000000001B1A0000-0x000000001BBD6000-memory.dmp

Filesize
10.2MB

Download
memory/2120-221-0x000000001B370000-0x000000001BDA6000-memory.dmp

Filesize
10.2MB

Download
memory/2124-213-0x000000001B750000-0x000000001C186000-memory.dmp

Filesize
10.2MB

Download
memory/2124-147-0x000000001B190000-0x000000001BBC6000-memory.dmp

Filesize
10.2MB

Download
memory/2196-237-0x000000001B0A0000-0x000000001BAD6000-memory.dmp

Filesize
10.2MB

Download
memory/2224-149-0x000000001B060000-0x000000001BA96000-memory.dmp

Filesize
10.2MB

Download
memory/2516-251-0x000000001B3D0000-0x000000001BE06000-memory.dmp

Filesize
10.2MB

Download
memory/2564-171-0x000000001B7A0000-0x000000001C1D6000-memory.dmp

Filesize
10.2MB

Download
memory/2604-243-0x000000001AEF0000-0x000000001B926000-memory.dmp

Filesize
10.2MB

Download
memory/2768-219-0x000000001BB50000-0x000000001C586000-memory.dmp

Filesize
10.2MB

Download
memory/3036-193-0x000000001B830000-0x000000001C266000-memory.dmp

Filesize
10.2MB

Download
memory/3048-231-0x000000001B020000-0x000000001BA56000-memory.dmp

Filesize
10.2MB

Download
memory/3224-209-0x000000001BB00000-0x000000001C536000-memory.dmp

Filesize
10.2MB

Download
memory/3224-143-0x000000001B7D0000-0x000000001C206000-memory.dmp

Filesize
10.2MB

Download
memory/3532-167-0x000000001B7A0000-0x000000001C1D6000-memory.dmp

Filesize
10.2MB

Download
memory/3620-181-0x000000001B500000-0x000000001BF36000-memory.dmp

Filesize
10.2MB

Download
memory/3696-239-0x000000001B9E0000-0x000000001C416000-memory.dmp

Filesize
10.2MB

Download
memory/3796-169-0x000000001B390000-0x000000001BDC6000-memory.dmp

Filesize
10.2MB

Download
memory/3916-217-0x000000001B960000-0x000000001C396000-memory.dmp

Filesize
10.2MB

Download
memory/4036-155-0x000000001BDC0000-0x000000001C7F6000-memory.dmp

Filesize
10.2MB

Download
memory/4100-207-0x000000001B260000-0x000000001BC96000-memory.dmp

Filesize
10.2MB

Download
memory/4104-223-0x000000001BD90000-0x000000001C7C6000-memory.dmp

Filesize
10.2MB

Download
memory/4428-215-0x000000001BE90000-0x000000001C8C6000-memory.dmp

Filesize
10.2MB

Download
memory/4480-247-0x000000001B410000-0x000000001BE46000-memory.dmp

Filesize
10.2MB

Download
memory/4492-259-0x000000001B5F0000-0x000000001C026000-memory.dmp

Filesize
10.2MB

Download
memory/4560-132-0x000000001B1F0000-0x000000001BC26000-memory.dmp

Filesize
10.2MB

Download
memory/4580-257-0x000000001B280000-0x000000001BCB6000-memory.dmp

Filesize
10.2MB

Download
memory/4652-175-0x000000001B380000-0x000000001BDB6000-memory.dmp

Filesize
10.2MB

Download
memory/4740-141-0x000000001BC20000-0x000000001C656000-memory.dmp

Filesize
10.2MB

Download
memory/4760-139-0x000000001BAE0000-0x000000001C516000-memory.dmp

Filesize
10.2MB

Download
memory/4760-203-0x000000001B3C0000-0x000000001BDF6000-memory.dmp

Filesize
10.2MB

Download
memory/4900-137-0x000000001B9E0000-0x000000001C416000-memory.dmp

Filesize
10.2MB

Download
memory/4908-191-0x000000001B430000-0x000000001BE66000-memory.dmp

Filesize
10.2MB

Download
memory/4972-205-0x000000001B870000-0x000000001C2A6000-memory.dmp

Filesize
10.2MB

Download
memory/4984-179-0x000000001B5A0000-0x000000001BFD6000-memory.dmp

Filesize
10.2MB

Download
memory/4996-199-0x000000001B9C0000-0x000000001C3F6000-memory.dmp

Filesize
10.2MB

Download
memory/5008-201-0x000000001BE00000-0x000000001C836000-memory.dmp

Filesize
10.2MB

Download
memory/5032-235-0x000000001BE90000-0x000000001C8C6000-memory.dmp

Filesize
10.2MB

Download
memory/5088-245-0x000000001B830000-0x000000001C266000-memory.dmp

Filesize
10.2MB

Download