c243df1a82755fa05aa27fbcead17863a78dee1874b6d575998dc67c60a59c83

Analysis

max time kernel
133s
max time network
140s
platform
windows10-2004_x64
resource
win10v2004-20220812-en
resource tags

arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
submitted
27/12/2022, 21:24

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

1704-57-0x0000000000140000-0x0000000000162000-memory.dll
Size

136KB
MD5

919b138b7d6545735f91ab485bfbde37
SHA1

66de5e28ef0c86cfae6e15f6a21742125286c5fa
SHA256

c243df1a82755fa05aa27fbcead17863a78dee1874b6d575998dc67c60a59c83
SHA512

51e76ac08fa65f900c86d6a27ed42531fa5e72f09aab30203a4feff806e353cc362fa311bc9f341634b7ba28f49fa60ca36265c2541ad4326bc25cf434df1a60
SSDEEP

1536:MCf1pg43ZwsCJ28qerxgmtszKiSMQhABArbMJNq0ecUIOpnToIfp9cegrzst:MCmTqETtsxOgAkJA0L6BTBfpWept

Score

1^/10

Malware Config

Signatures

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4612 wrote to memory of 1388	4612	rundll32.exe	80
PID 4612 wrote to memory of 1388	4612	rundll32.exe	80
PID 4612 wrote to memory of 1388	4612	rundll32.exe	80
PID 1388 wrote to memory of 3500	1388	rundll32.exe	81
PID 1388 wrote to memory of 3500	1388	rundll32.exe	81
PID 1388 wrote to memory of 3500	1388	rundll32.exe	81
PID 3500 wrote to memory of 2176	3500	rundll32.exe	82
PID 3500 wrote to memory of 2176	3500	rundll32.exe	82
PID 3500 wrote to memory of 2176	3500	rundll32.exe	82
PID 2176 wrote to memory of 5024	2176	rundll32.exe	83
PID 2176 wrote to memory of 5024	2176	rundll32.exe	83
PID 2176 wrote to memory of 5024	2176	rundll32.exe	83
PID 5024 wrote to memory of 320	5024	rundll32.exe	84
PID 5024 wrote to memory of 320	5024	rundll32.exe	84
PID 5024 wrote to memory of 320	5024	rundll32.exe	84
PID 320 wrote to memory of 3776	320	rundll32.exe	85
PID 320 wrote to memory of 3776	320	rundll32.exe	85
PID 320 wrote to memory of 3776	320	rundll32.exe	85
PID 3776 wrote to memory of 1432	3776	rundll32.exe	86
PID 3776 wrote to memory of 1432	3776	rundll32.exe	86
PID 3776 wrote to memory of 1432	3776	rundll32.exe	86
PID 1432 wrote to memory of 4396	1432	rundll32.exe	87
PID 1432 wrote to memory of 4396	1432	rundll32.exe	87
PID 1432 wrote to memory of 4396	1432	rundll32.exe	87
PID 4396 wrote to memory of 844	4396	rundll32.exe	88
PID 4396 wrote to memory of 844	4396	rundll32.exe	88
PID 4396 wrote to memory of 844	4396	rundll32.exe	88
PID 844 wrote to memory of 2112	844	rundll32.exe	89
PID 844 wrote to memory of 2112	844	rundll32.exe	89
PID 844 wrote to memory of 2112	844	rundll32.exe	89
PID 2112 wrote to memory of 4616	2112	rundll32.exe	90
PID 2112 wrote to memory of 4616	2112	rundll32.exe	90
PID 2112 wrote to memory of 4616	2112	rundll32.exe	90
PID 4616 wrote to memory of 5076	4616	rundll32.exe	91
PID 4616 wrote to memory of 5076	4616	rundll32.exe	91
PID 4616 wrote to memory of 5076	4616	rundll32.exe	91
PID 5076 wrote to memory of 4300	5076	rundll32.exe	92
PID 5076 wrote to memory of 4300	5076	rundll32.exe	92
PID 5076 wrote to memory of 4300	5076	rundll32.exe	92
PID 4300 wrote to memory of 3572	4300	rundll32.exe	93
PID 4300 wrote to memory of 3572	4300	rundll32.exe	93
PID 4300 wrote to memory of 3572	4300	rundll32.exe	93
PID 3572 wrote to memory of 4984	3572	rundll32.exe	94
PID 3572 wrote to memory of 4984	3572	rundll32.exe	94
PID 3572 wrote to memory of 4984	3572	rundll32.exe	94
PID 4984 wrote to memory of 2360	4984	rundll32.exe	95
PID 4984 wrote to memory of 2360	4984	rundll32.exe	95
PID 4984 wrote to memory of 2360	4984	rundll32.exe	95
PID 2360 wrote to memory of 2292	2360	rundll32.exe	96
PID 2360 wrote to memory of 2292	2360	rundll32.exe	96
PID 2360 wrote to memory of 2292	2360	rundll32.exe	96
PID 2292 wrote to memory of 3348	2292	rundll32.exe	97
PID 2292 wrote to memory of 3348	2292	rundll32.exe	97
PID 2292 wrote to memory of 3348	2292	rundll32.exe	97
PID 3348 wrote to memory of 4620	3348	rundll32.exe	98
PID 3348 wrote to memory of 4620	3348	rundll32.exe	98
PID 3348 wrote to memory of 4620	3348	rundll32.exe	98
PID 4620 wrote to memory of 1112	4620	rundll32.exe	99
PID 4620 wrote to memory of 1112	4620	rundll32.exe	99
PID 4620 wrote to memory of 1112	4620	rundll32.exe	99
PID 1112 wrote to memory of 4608	1112	rundll32.exe	100
PID 1112 wrote to memory of 4608	1112	rundll32.exe	100
PID 1112 wrote to memory of 4608	1112	rundll32.exe	100
PID 4608 wrote to memory of 512	4608	rundll32.exe	101

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:4612
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
  2⤵
  - Suspicious use of WriteProcessMemory
  PID:1388
- - C:\Windows\SysWOW64\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
    3⤵
    - Suspicious use of WriteProcessMemory
    PID:3500
  - - C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
      4⤵
      Suspicious use of WriteProcessMemory
      PID:2176
    - - C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        5⤵
        Suspicious use of WriteProcessMemory
        
        PID:5024
      - C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        6⤵
        Suspicious use of WriteProcessMemory
        
        PID:320
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        7⤵
        Suspicious use of WriteProcessMemory
        
        PID:3776
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        8⤵
        Suspicious use of WriteProcessMemory
        
        PID:1432
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        9⤵
        Suspicious use of WriteProcessMemory
        
        PID:4396
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        10⤵
        Suspicious use of WriteProcessMemory
        
        PID:844
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        11⤵
        Suspicious use of WriteProcessMemory
        
        PID:2112
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        12⤵
        Suspicious use of WriteProcessMemory
        
        PID:4616
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        13⤵
        Suspicious use of WriteProcessMemory
        
        PID:5076
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        14⤵
        Suspicious use of WriteProcessMemory
        
        PID:4300
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        15⤵
        Suspicious use of WriteProcessMemory
        
        PID:3572
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        16⤵
        Suspicious use of WriteProcessMemory
        
        PID:4984
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        17⤵
        Suspicious use of WriteProcessMemory
        
        PID:2360
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        18⤵
        Suspicious use of WriteProcessMemory
        
        PID:2292
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        19⤵
        Suspicious use of WriteProcessMemory
        
        PID:3348
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        20⤵
        Suspicious use of WriteProcessMemory
        
        PID:4620
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        21⤵
        Suspicious use of WriteProcessMemory
        
        PID:1112
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        22⤵
        Suspicious use of WriteProcessMemory
        
        PID:4608
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        23⤵
        
        PID:512
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        24⤵
        
        PID:1720
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        25⤵
        
        PID:4496
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        26⤵
        
        PID:2648
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        27⤵
        
        PID:3180
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        28⤵
        
        PID:368
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        29⤵
        
        PID:4292
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        30⤵
        
        PID:2732
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        31⤵
        
        PID:3412
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        32⤵
        
        PID:4604
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        33⤵
        
        PID:3392
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        34⤵
        
        PID:3368
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        35⤵
        
        PID:112
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        36⤵
        
        PID:228
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        37⤵
        
        PID:2260
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        38⤵
        
        PID:4700
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        39⤵
        
        PID:3296
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        40⤵
        
        PID:3964
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        41⤵
        
        PID:2760
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        42⤵
        
        PID:3932
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        43⤵
        
        PID:3788
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        44⤵
        
        PID:4856
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        45⤵
        
        PID:1344
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        46⤵
        
        PID:1256
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        47⤵
        
        PID:3808
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        48⤵
        
        PID:1904
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        49⤵
        
        PID:340
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        50⤵
        
        PID:992
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        51⤵
        
        PID:4936
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        52⤵
        
        PID:1244
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        53⤵
        
        PID:3208
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        54⤵
        
        PID:3936
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        55⤵
        
        PID:2804
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        56⤵
        
        PID:1308
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        57⤵
        
        PID:3128
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        58⤵
        
        PID:4660
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        59⤵
        
        PID:4540
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        60⤵
        
        PID:3136
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        61⤵
        
        PID:3056
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        62⤵
        
        PID:716
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        63⤵
        
        PID:1580
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        64⤵
        
        PID:2168
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        65⤵
        
        PID:3036
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        66⤵
        
        PID:3592
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        67⤵
        
        PID:3016
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        68⤵
        
        PID:2084
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        69⤵
        
        PID:532
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        70⤵
        
        PID:3856
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        71⤵
        
        PID:4408
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        72⤵
        
        PID:4456
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        73⤵
        
        PID:4672
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        74⤵
        
        PID:1288
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        75⤵
        
        PID:4304
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        76⤵
        
        PID:4696
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        77⤵
        
        PID:2392
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        78⤵
        
        PID:4744
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        79⤵
        
        PID:2240
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        80⤵
        
        PID:3980
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        81⤵
        
        PID:2348
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        82⤵
        
        PID:3704
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        83⤵
        
        PID:980
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        84⤵
        
        PID:3512
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        85⤵
        
        PID:4784
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        86⤵
        
        PID:544
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        87⤵
        
        PID:3120
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        88⤵
        
        PID:1488
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        89⤵
        
        PID:2960
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        90⤵
        
        PID:820
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        91⤵
        
        PID:2628
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        92⤵
        
        PID:4024
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        93⤵
        
        PID:4060
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        94⤵
        
        PID:2252
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        95⤵
        
        PID:1484
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        96⤵
        
        PID:1492
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        97⤵
        
        PID:5032
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        98⤵
        
        PID:5056
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        99⤵
        
        PID:4760
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        100⤵
        
        PID:1704
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        101⤵
        
        PID:3600
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        102⤵
        
        PID:1032
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        103⤵
        
        PID:1316
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        104⤵
        
        PID:1176
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        105⤵
        
        PID:176
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        106⤵
        
        PID:216
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        107⤵
        
        PID:1136
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        108⤵
        
        PID:1128
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        109⤵
        
        PID:4736
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        110⤵
        
        PID:3988
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        111⤵
        
        PID:4632
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        112⤵
        
        PID:1332
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        113⤵
        
        PID:664
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        114⤵
        
        PID:2208
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        115⤵
        
        PID:1712
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        116⤵
        
        PID:4564
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        117⤵
        
        PID:404
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        118⤵
        
        PID:1076
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        119⤵
        
        PID:2276
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        120⤵
        
        PID:4152
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        121⤵
        
        PID:1512
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        122⤵
        
        PID:4492
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        123⤵
        
        PID:3328
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        124⤵
        
        PID:1864
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        125⤵
        
        PID:3192
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        126⤵
        
        PID:3432
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        127⤵
        
        PID:2752
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        128⤵
        
        PID:2056
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        129⤵
        
        PID:3520
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        130⤵
        
        PID:3440
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        131⤵
        
        PID:5132
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        132⤵
        
        PID:5148
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        133⤵
        
        PID:5164
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        134⤵
        
        PID:5180
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        135⤵
        
        PID:5192
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        136⤵
        
        PID:5212
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        137⤵
        
        PID:5228
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        138⤵
        
        PID:5244
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        139⤵
        
        PID:5260
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        140⤵
        
        PID:5276
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        141⤵
        
        PID:5292
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        142⤵
        
        PID:5304
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        143⤵
        
        PID:5320
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        144⤵
        
        PID:5336
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        145⤵
        
        PID:5348
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        146⤵
        
        PID:5364
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        147⤵
        
        PID:5376
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        148⤵
        
        PID:5392
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        149⤵
        
        PID:5408
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        150⤵
        
        PID:5420
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        151⤵
        
        PID:5440
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        152⤵
        
        PID:5456
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        153⤵
        
        PID:5468
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        154⤵
        
        PID:5484
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        155⤵
        
        PID:5500
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        156⤵
        
        PID:5516
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        157⤵
        
        PID:5532
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        158⤵
        
        PID:5544
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        159⤵
        
        PID:5564
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        160⤵
        
        PID:5576
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        161⤵
        
        PID:5592
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        162⤵
        
        PID:5608
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        163⤵
        
        PID:5624
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        164⤵
        
        PID:5640
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        165⤵
        
        PID:5656
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        166⤵
        
        PID:5672
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        167⤵
        
        PID:5684
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        168⤵
        
        PID:5704
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        169⤵
        
        PID:5716
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        170⤵
        
        PID:5732
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        171⤵
        
        PID:5744
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        172⤵
        
        PID:5764
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        173⤵
        
        PID:5780
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        174⤵
        
        PID:5792
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        175⤵
        
        PID:5808
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        176⤵
        
        PID:5824
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        177⤵
        
        PID:5840
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        178⤵
        
        PID:5856
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        179⤵
        
        PID:5868
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        180⤵
        
        PID:5888
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        181⤵
        
        PID:5904
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        182⤵
        
        PID:5920
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        183⤵
        
        PID:5932
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        184⤵
        
        PID:5948
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        185⤵
        
        PID:5964
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        186⤵
        
        PID:5976
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        187⤵
        
        PID:5996
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        188⤵
        
        PID:6008
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        189⤵
        
        PID:6024
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        190⤵
        
        PID:6040
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        191⤵
        
        PID:6056
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        192⤵
        
        PID:6068
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        193⤵
        
        PID:6084
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        194⤵
        
        PID:6096
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        195⤵
        
        PID:6108
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        196⤵
        
        PID:6124
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        197⤵
        
        PID:6140
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        198⤵
        
        PID:6160
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        199⤵
        
        PID:6172
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        200⤵
        
        PID:6188
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        201⤵
        
        PID:6200
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        202⤵
        
        PID:6216
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        203⤵
        
        PID:6228
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        204⤵
        
        PID:6248
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        205⤵
        
        PID:6260
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        206⤵
        
        PID:6280
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        207⤵
        
        PID:6292
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        208⤵
        
        PID:6304
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        209⤵
        
        PID:6316
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        210⤵
        
        PID:6332
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        211⤵
        
        PID:6348
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        212⤵
        
        PID:6364
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        213⤵
        
        PID:6376
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        214⤵
        
        PID:6392
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        215⤵
        
        PID:6408
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        216⤵
        
        PID:6424
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        217⤵
        
        PID:6440
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        218⤵
        
        PID:6452
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        219⤵
        
        PID:6468
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        220⤵
        
        PID:6484
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        221⤵
        
        PID:6496
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        222⤵
        
        PID:6512
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        223⤵
        
        PID:6528
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        224⤵
        
        PID:6544
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        225⤵
        
        PID:6556
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        226⤵
        
        PID:6576
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        227⤵
        
        PID:6592
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        228⤵
        
        PID:6604
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        229⤵
        
        PID:6616
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        230⤵
        
        PID:6628
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        231⤵
        
        PID:6640
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        232⤵
        
        PID:6660
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        233⤵
        
        PID:6676
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        234⤵
        
        PID:6692
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        235⤵
        
        PID:6704
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        236⤵
        
        PID:6720
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        237⤵
        
        PID:6736
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        238⤵
        
        PID:6752
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        239⤵
        
        PID:6768
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        240⤵
        
        PID:6784
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        241⤵
        
        PID:6796
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        242⤵
        
        PID:6808
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        243⤵
        
        PID:6828
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        244⤵
        
        PID:6844
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        245⤵
        
        PID:6860
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        246⤵
        
        PID:6872
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        247⤵
        
        PID:6884
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        248⤵
        
        PID:6904
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        249⤵
        
        PID:6916
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        250⤵
        
        PID:6932
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        251⤵
        
        PID:6948
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        252⤵
        
        PID:6964
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        253⤵
        
        PID:6980
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        254⤵
        
        PID:6996
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        255⤵
        
        PID:7012
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        256⤵
        
        PID:7024
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        257⤵
        
        PID:7040
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        258⤵
        
        PID:7056
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        259⤵
        
        PID:7072
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        260⤵
        
        PID:7088
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        261⤵
        
        PID:7104
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        262⤵
        
        PID:7116
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        263⤵
        
        PID:7128
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        264⤵
        
        PID:7144
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        265⤵
        
        PID:7160
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        266⤵
        
        PID:7176
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        267⤵
        
        PID:7200
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        268⤵
        
        PID:7216
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        269⤵
        
        PID:7228
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        270⤵
        
        PID:7244
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        271⤵
        
        PID:7260
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        272⤵
        
        PID:7276
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        273⤵
        
        PID:7292
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        274⤵
        
        PID:7308
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        275⤵
        
        PID:7324
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        276⤵
        
        PID:7340
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        277⤵
        
        PID:7356
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        278⤵
        
        PID:7372
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        279⤵
        
        PID:7388
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        280⤵
        
        PID:7408
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        281⤵
        
        PID:7424
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        282⤵
        
        PID:7440
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        283⤵
        
        PID:7468
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        284⤵
        
        PID:7484
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        285⤵
        
        PID:7496
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        286⤵
        
        PID:7508
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        287⤵
        
        PID:7524
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        288⤵
        
        PID:7548
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        289⤵
        
        PID:7564
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        290⤵
        
        PID:7584
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        291⤵
        
        PID:7600
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        292⤵
        
        PID:7616
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        293⤵
        
        PID:7636
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        294⤵
        
        PID:7648
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        295⤵
        
        PID:7664
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        296⤵
        
        PID:7680
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        297⤵
        
        PID:7696
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        298⤵
        
        PID:7712
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        299⤵
        
        PID:7728
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        300⤵
        
        PID:7744
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        301⤵
        
        PID:7760
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        302⤵
        
        PID:7776
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        303⤵
        
        PID:7792
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        304⤵
        
        PID:7808
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        305⤵
        
        PID:7820
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        306⤵
        
        PID:7836
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        307⤵
        
        PID:7860
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        308⤵
        
        PID:7876
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        309⤵
        
        PID:7896
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        310⤵
        
        PID:7908
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        311⤵
        
        PID:7924
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        312⤵
        
        PID:7940
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        313⤵
        
        PID:7956
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        314⤵
        
        PID:7980
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        315⤵
        
        PID:7992
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        316⤵
        
        PID:8008
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        317⤵
        
        PID:8024
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        318⤵
        
        PID:8036
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        319⤵
        
        PID:8056
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        320⤵
        
        PID:8068
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        321⤵
        
        PID:8084
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        322⤵
        
        PID:8104
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        323⤵
        
        PID:8124
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        324⤵
        
        PID:8136
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        325⤵
        
        PID:8152
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        326⤵
        
        PID:8168
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        327⤵
        
        PID:8184
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        328⤵
        
        PID:8200
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        329⤵
        
        PID:8216
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        330⤵
        
        PID:8228
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        331⤵
        
        PID:8248
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        332⤵
        
        PID:8264
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        333⤵
        
        PID:8280
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        334⤵
        
        PID:8296
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        335⤵
        
        PID:8312
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        336⤵
        
        PID:8328
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        337⤵
        
        PID:8344
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        338⤵
        
        PID:8360
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        339⤵
        
        PID:8376
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        340⤵
        
        PID:8392
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        341⤵
        
        PID:8408
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        342⤵
        
        PID:8420
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        343⤵
        
        PID:8440
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        344⤵
        
        PID:8456
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        345⤵
        
        PID:8468
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        346⤵
        
        PID:8488
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        347⤵
        
        PID:8504
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        348⤵
        
        PID:8520
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        349⤵
        
        PID:8536
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        350⤵
        
        PID:8548
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        351⤵
        
        PID:8568
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        352⤵
        
        PID:8584
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        353⤵
        
        PID:8600
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        354⤵
        
        PID:8616
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        355⤵
        
        PID:8632
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        356⤵
        
        PID:8648
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        357⤵
        
        PID:8664
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        358⤵
        
        PID:8680
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        359⤵
        
        PID:8696
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        360⤵
        
        PID:8708
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        361⤵
        
        PID:8724
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        362⤵
        
        PID:8740
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        363⤵
        
        PID:8752
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        364⤵
        
        PID:8768
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        365⤵
        
        PID:8784
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        366⤵
        
        PID:8800
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        367⤵
        
        PID:8812
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        368⤵
        
        PID:8832
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        369⤵
        
        PID:8844
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        370⤵
        
        PID:8856
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        371⤵
        
        PID:8872
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        372⤵
        
        PID:8884
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        373⤵
        
        PID:8900
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        374⤵
        
        PID:8916
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        375⤵
        
        PID:8932
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        376⤵
        
        PID:8944
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        377⤵
        
        PID:8956
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        378⤵
        
        PID:8972
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        379⤵
        
        PID:8988
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        380⤵
        
        PID:9000
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        381⤵
        
        PID:9020
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        382⤵
        
        PID:9036
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        383⤵
        
        PID:9052
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        384⤵
        
        PID:9064
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        385⤵
        
        PID:9080
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        386⤵
        
        PID:9092
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        387⤵
        
        PID:9108
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        388⤵
        
        PID:9124
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        389⤵
        
        PID:9140
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        390⤵
        
        PID:9152
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        391⤵
        
        PID:9168
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        392⤵
        
        PID:9184
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        393⤵
        
        PID:9196
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        394⤵
        
        PID:9212
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        395⤵
        
        PID:1736
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        396⤵
        
        PID:9228
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        397⤵
        
        PID:9244
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        398⤵
        
        PID:9260
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        399⤵
        
        PID:9276
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        400⤵
        
        PID:9292
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        401⤵
        
        PID:9308
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        402⤵
        
        PID:9320
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        403⤵
        
        PID:9344
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        404⤵
        
        PID:9372
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        405⤵
        
        PID:9400
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        406⤵
        
        PID:9412
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        407⤵
        
        PID:9432
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        408⤵
        
        PID:9448
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        409⤵
        
        PID:9460
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        410⤵
        
        PID:9480
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        411⤵
        
        PID:9496
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        412⤵
        
        PID:9508
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        413⤵
        
        PID:9524
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        414⤵
        
        PID:9540
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        415⤵
        
        PID:9556
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        416⤵
        
        PID:9572
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        417⤵
        
        PID:9588
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        418⤵
        
        PID:9600
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        419⤵
        
        PID:9616
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        420⤵
        
        PID:9628
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        421⤵
        
        PID:9644
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        422⤵
        
        PID:9656
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        423⤵
        
        PID:9668
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        424⤵
        
        PID:9684
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        425⤵
        
        PID:9696
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        426⤵
        
        PID:9708
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        427⤵
        
        PID:9724
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        428⤵
        
        PID:9736
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        429⤵
        
        PID:9756
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        430⤵
        
        PID:9772
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        431⤵
        
        PID:9784
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        432⤵
        
        PID:9800
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        433⤵
        
        PID:9816
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        434⤵
        
        PID:9832
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        435⤵
        
        PID:9852
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        436⤵
        
        PID:9868
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        437⤵
        
        PID:9880
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        438⤵
        
        PID:9900
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        439⤵
        
        PID:9916
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        440⤵
        
        PID:9932
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        441⤵
        
        PID:9944
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        442⤵
        
        PID:9960
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        443⤵
        
        PID:9972
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        444⤵
        
        PID:9988
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        445⤵
        
        PID:10004
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        446⤵
        
        PID:10020
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        447⤵
        
        PID:10036
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        448⤵
        
        PID:10052
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        449⤵
        
        PID:10068
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        450⤵
        
        PID:10084
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        451⤵
        
        PID:10100
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        452⤵
        
        PID:10116
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        453⤵
        
        PID:10128
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        454⤵
        
        PID:10148
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        455⤵
        
        PID:10160
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        456⤵
        
        PID:10176
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        457⤵
        
        PID:10192
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        458⤵
        
        PID:10208
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        459⤵
        
        PID:10220
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        460⤵
        
        PID:10236
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        461⤵
        
        PID:10244
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        462⤵
        
        PID:10260
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        463⤵
        
        PID:10272
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        464⤵
        
        PID:10292
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        465⤵
        
        PID:10308
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        466⤵
        
        PID:10324
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        467⤵
        
        PID:10336
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        468⤵
        
        PID:10348
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        469⤵
        
        PID:10364
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        470⤵
        
        PID:10380
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        471⤵
        
        PID:10392
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        472⤵
        
        PID:10408
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        473⤵
        
        PID:10420
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        474⤵
        
        PID:10432
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        475⤵
        
        PID:10448
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        476⤵
        
        PID:10464
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        477⤵
        
        PID:10480
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        478⤵
        
        PID:10496
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        479⤵
        
        PID:10512
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        480⤵
        
        PID:10524
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        481⤵
        
        PID:10544
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        482⤵
        
        PID:10556
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        483⤵
        
        PID:10572
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        484⤵
        
        PID:10588
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        485⤵
        
        PID:10604
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        486⤵
        
        PID:10620
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        487⤵
        
        PID:10636
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        488⤵
        
        PID:10648
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        489⤵
        
        PID:10664
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        490⤵
        
        PID:10680
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        491⤵
        
        PID:10692
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        492⤵
        
        PID:10708
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        493⤵
        
        PID:10728
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        494⤵
        
        PID:10744
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        495⤵
        
        PID:10756
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        496⤵
        
        PID:10776
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        497⤵
        
        PID:10792
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        498⤵
        
        PID:10808
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        499⤵
        
        PID:10824
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        500⤵
        
        PID:10840
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        501⤵
        
        PID:10856
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        502⤵
        
        PID:10872
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        503⤵
        
        PID:10888
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        504⤵
        
        PID:10904
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        505⤵
        
        PID:10916
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        506⤵
        
        PID:10932
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        507⤵
        
        PID:10944
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        508⤵
        
        PID:10964
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        509⤵
        
        PID:10980
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        510⤵
        
        PID:10992
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        511⤵
        
        PID:11004
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        512⤵
        
        PID:11020
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        513⤵
        
        PID:11036
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        514⤵
        
        PID:11052
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        515⤵
        
        PID:11064
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        516⤵
        
        PID:11080
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        517⤵
        
        PID:11092
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        518⤵
        
        PID:11112
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        519⤵
        
        PID:11128
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        520⤵
        
        PID:11144
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        521⤵
        
        PID:11156
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        522⤵
        
        PID:11168
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        523⤵
        
        PID:11188
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        524⤵
        
        PID:11204
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        525⤵
        
        PID:11220
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        526⤵
        
        PID:11236
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        527⤵
        
        PID:11252
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        528⤵
        
        PID:11268
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        529⤵
        
        PID:11288
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        530⤵
        
        PID:11304
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        531⤵
        
        PID:11320
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        532⤵
        
        PID:11336
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        533⤵
        
        PID:11352
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        534⤵
        
        PID:11368
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        535⤵
        
        PID:11384
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        536⤵
        
        PID:11396
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        537⤵
        
        PID:11412
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        538⤵
        
        PID:11428
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        539⤵
        
        PID:11440
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        540⤵
        
        PID:11456
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        541⤵
        
        PID:11468
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        542⤵
        
        PID:11484
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        543⤵
        
        PID:11508
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        544⤵
        
        PID:11520
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        545⤵
        
        PID:11536
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        546⤵
        
        PID:11552
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        547⤵
        
        PID:11568
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        548⤵
        
        PID:11580
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        549⤵
        
        PID:11592
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        550⤵
        
        PID:11608
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        551⤵
        
        PID:11624
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        552⤵
        
        PID:11636
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        553⤵
        
        PID:11652
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        554⤵
        
        PID:11668
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        555⤵
        
        PID:11680
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        556⤵
        
        PID:11696
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        557⤵
        
        PID:11712
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        558⤵
        
        PID:11724
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        559⤵
        
        PID:11744
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        560⤵
        
        PID:11756
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        561⤵
        
        PID:11776
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        562⤵
        
        PID:11792
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        563⤵
        
        PID:11808
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        564⤵
        
        PID:11824
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        565⤵
        
        PID:11836
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        566⤵
        
        PID:11852
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        567⤵
        
        PID:11868
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        568⤵
        
        PID:11884
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        569⤵
        
        PID:11900
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        570⤵
        
        PID:11912
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        571⤵
        
        PID:11928
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        572⤵
        
        PID:11944
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        573⤵
        
        PID:11960
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        574⤵
        
        PID:11976
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        575⤵
        
        PID:11992
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        576⤵
        
        PID:12008
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        577⤵
        
        PID:12020
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        578⤵
        
        PID:12036
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        579⤵
        
        PID:12052
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        580⤵
        
        PID:12064
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        581⤵
        
        PID:12084
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        582⤵
        
        PID:12100
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        583⤵
        
        PID:12116
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        584⤵
        
        PID:12132
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        585⤵
        
        PID:12144
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        586⤵
        
        PID:12164
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        587⤵
        
        PID:12180
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        588⤵
        
        PID:12196
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        589⤵
        
        PID:12212
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        590⤵
        
        PID:12224
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        591⤵
        
        PID:12240
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        592⤵
        
        PID:12256
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        593⤵
        
        PID:12268
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        594⤵
        
        PID:4012
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        595⤵
        
        PID:12292
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        596⤵
        
        PID:12308
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        597⤵
        
        PID:12324
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        598⤵
        
        PID:12340
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        599⤵
        
        PID:12352
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        600⤵
        
        PID:12368
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        601⤵
        
        PID:12380
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        602⤵
        
        PID:12396
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        603⤵
        
        PID:12420
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        604⤵
        
        PID:12436
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        605⤵
        
        PID:12448
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        606⤵
        
        PID:12460
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        607⤵
        
        PID:12472
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        608⤵
        
        PID:12488
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        609⤵
        
        PID:12500
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        610⤵
        
        PID:12516
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        611⤵
        
        PID:12532
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        612⤵
        
        PID:12544
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        613⤵
        
        PID:12556
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        614⤵
        
        PID:12572
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        615⤵
        
        PID:12588
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        616⤵
        
        PID:12604
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        617⤵
        
        PID:12620
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        618⤵
        
        PID:12632
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        619⤵
        
        PID:12656
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        620⤵
        
        PID:12672
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        621⤵
        
        PID:12684
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        622⤵
        
        PID:12700
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        623⤵
        
        PID:12720
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        624⤵
        
        PID:12740
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        625⤵
        
        PID:12756
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        626⤵
        
        PID:12768
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        627⤵
        
        PID:12784
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        628⤵
        
        PID:12796
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        629⤵
        
        PID:12816
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        630⤵
        
        PID:12828
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        631⤵
        
        PID:12848
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        632⤵
        
        PID:12864
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        633⤵
        
        PID:12880
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        634⤵
        
        PID:12892
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        635⤵
        
        PID:12908
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        636⤵
        
        PID:12920
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        637⤵
        
        PID:12940
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        638⤵
        
        PID:12952
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        639⤵
        
        PID:12972
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        640⤵
        
        PID:12984
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        641⤵
        
        PID:13000
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        642⤵
        
        PID:13012
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        643⤵
        
        PID:13024
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        644⤵
        
        PID:13036
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        645⤵
        
        PID:13048
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        646⤵
        
        PID:13060
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        647⤵
        
        PID:13076
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        648⤵
        
        PID:13092
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        649⤵
        
        PID:13108
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        650⤵
        
        PID:13124
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        651⤵
        
        PID:13136
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        652⤵
        
        PID:13152
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        653⤵
        
        PID:13164
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        654⤵
        
        PID:13184
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        655⤵
        
        PID:13196
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        656⤵
        
        PID:13212
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        657⤵
        
        PID:13224
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        658⤵
        
        PID:13236
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        659⤵
        
        PID:13252
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        660⤵
        
        PID:13268
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        661⤵
        
        PID:13284
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        662⤵
        
        PID:13300
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        663⤵
        
        PID:2436
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        664⤵
        
        PID:13324
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        665⤵
        
        PID:13340
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        666⤵
        
        PID:13356
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        667⤵
        
        PID:13372
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        668⤵
        
        PID:13388
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        669⤵
        
        PID:13400
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        670⤵
        
        PID:13420
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        671⤵
        
        PID:13436
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        672⤵
        
        PID:13452
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        673⤵
        
        PID:13468
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        674⤵
        
        PID:13480
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        675⤵
        
        PID:13496
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        676⤵
        
        PID:13512
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        677⤵
        
        PID:13528
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        678⤵
        
        PID:13540
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        679⤵
        
        PID:13556
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        680⤵
        
        PID:13568
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        681⤵
        
        PID:13588
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        682⤵
        
        PID:13604
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        683⤵
        
        PID:13616
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        684⤵
        
        PID:13632
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        685⤵
        
        PID:13648
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        686⤵
        
        PID:13664
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        687⤵
        
        PID:13680
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        688⤵
        
        PID:13696
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        689⤵
        
        PID:13712
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        690⤵
        
        PID:13728
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        691⤵
        
        PID:13740
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        692⤵
        
        PID:13760
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        693⤵
        
        PID:13776
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        694⤵
        
        PID:13792
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        695⤵
        
        PID:13808
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        696⤵
        
        PID:13824
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        697⤵
        
        PID:13840
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        698⤵
        
        PID:13852
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        699⤵
        
        PID:13868
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        700⤵
        
        PID:13884
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        701⤵
        
        PID:13900
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        702⤵
        
        PID:13916
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        703⤵
        
        PID:13932
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        704⤵
        
        PID:13948
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        705⤵
        
        PID:13960
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        706⤵
        
        PID:13976
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        707⤵
        
        PID:13992
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        708⤵
        
        PID:14008
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        709⤵
        
        PID:14024
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        710⤵
        
        PID:14036
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        711⤵
        
        PID:14052
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        712⤵
        
        PID:14068
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        713⤵
        
        PID:14084
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        714⤵
        
        PID:14100
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        715⤵
        
        PID:14116
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        716⤵
        
        PID:14132
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        717⤵
        
        PID:14148
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        718⤵
        
        PID:14164
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        719⤵
        
        PID:14180
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        720⤵
        
        PID:14196
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        721⤵
        
        PID:14212
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        722⤵
        
        PID:14228
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        723⤵
        
        PID:14240
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        724⤵
        
        PID:14252
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        725⤵
        
        PID:14268
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        726⤵
        
        PID:14284
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        727⤵
        
        PID:14300
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        728⤵
        
        PID:14316
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        729⤵
        
        PID:14332
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        730⤵
        
        PID:1504
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        731⤵
        
        PID:14344
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        732⤵
        
        PID:14360
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        733⤵
        
        PID:14372
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        734⤵
        
        PID:14388
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        735⤵
        
        PID:14404
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        736⤵
        
        PID:14416
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        737⤵
        
        PID:14432
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        738⤵
        
        PID:14448
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        739⤵
        
        PID:14464
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        740⤵
        
        PID:14480
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        741⤵
        
        PID:14492
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        742⤵
        
        PID:14508
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        743⤵
        
        PID:14520
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        744⤵
        
        PID:14532
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        745⤵
        
        PID:14552
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        746⤵
        
        PID:14564
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        747⤵
        
        PID:14580
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        748⤵
        
        PID:14596
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        749⤵
        
        PID:14612
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        750⤵
        
        PID:14624
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        751⤵
        
        PID:14640
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        752⤵
        
        PID:14656
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        753⤵
        
        PID:14668
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        754⤵
        
        PID:14684
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        755⤵
        
        PID:14700
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        756⤵
        
        PID:14716
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        757⤵
        
        PID:14732
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        758⤵
        
        PID:14748
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        759⤵
        
        PID:14764
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        760⤵
        
        PID:14780
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        761⤵
        
        PID:14796
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        762⤵
        
        PID:14812
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        763⤵
        
        PID:14828
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        764⤵
        
        PID:14844
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        765⤵
        
        PID:14860
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        766⤵
        
        PID:14872
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        767⤵
        
        PID:14888
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        768⤵
        
        PID:14904
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        769⤵
        
        PID:14920
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        770⤵
        
        PID:14936
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        771⤵
        
        PID:14952
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        772⤵
        
        PID:14976
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        773⤵
        
        PID:14988
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        774⤵
        
        PID:15004
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        775⤵
        
        PID:15020
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        776⤵
        
        PID:15036
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        777⤵
        
        PID:15052
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        778⤵
        
        PID:15068
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        779⤵
        
        PID:15084
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        780⤵
        
        PID:15100
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        781⤵
        
        PID:15112
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        782⤵
        
        PID:15128
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        783⤵
        
        PID:15140
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        784⤵
        
        PID:15152
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        785⤵
        
        PID:15168
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        786⤵
        
        PID:15184
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        787⤵
        
        PID:15200
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        788⤵
        
        PID:15212
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        789⤵
        
        PID:15228
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        790⤵
        
        PID:15244
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        791⤵
        
        PID:15260
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        792⤵
        
        PID:15276
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        793⤵
        
        PID:15288
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        794⤵
        
        PID:15304
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        795⤵
        
        PID:15320
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        796⤵
        
        PID:15336
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        797⤵
        
        PID:15348
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        798⤵
        
        PID:15372
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        799⤵
        
        PID:15388
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        800⤵
        
        PID:15404
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        801⤵
        
        PID:15420
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        802⤵
        
        PID:15436
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        803⤵
        
        PID:15452
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        804⤵
        
        PID:15468
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        805⤵
        
        PID:15484
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        806⤵
        
        PID:15500
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        807⤵
        
        PID:15512
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        808⤵
        
        PID:15532
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        809⤵
        
        PID:15548
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        810⤵
        
        PID:15564
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        811⤵
        
        PID:15580
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        812⤵
        
        PID:15596
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        813⤵
        
        PID:15612
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        814⤵
        
        PID:15624
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        815⤵
        
        PID:15640
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        816⤵
        
        PID:15656
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        817⤵
        
        PID:15668
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        818⤵
        
        PID:15684
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        819⤵
        
        PID:15700
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        820⤵
        
        PID:15716
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        821⤵
        
        PID:15728
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        822⤵
        
        PID:15740
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        823⤵
        
        PID:15756
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        824⤵
        
        PID:15772
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        825⤵
        
        PID:15788
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        826⤵
        
        PID:15804
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        827⤵
        
        PID:15816
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        828⤵
        
        PID:15832
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        829⤵
        
        PID:15848
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        830⤵
        
        PID:15864
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        831⤵
        
        PID:15876
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        832⤵
        
        PID:15892
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        833⤵
        
        PID:15908
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        834⤵
        
        PID:15924
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        835⤵
        
        PID:15940
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        836⤵
        
        PID:15960
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        837⤵
        
        PID:15992
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        838⤵
        
        PID:16008
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        839⤵
        
        PID:16024
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        840⤵
        
        PID:16040
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        841⤵
        
        PID:16084
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        842⤵
        
        PID:16100
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        843⤵
        
        PID:16132
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        844⤵
        
        PID:16156
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        845⤵
        
        PID:16168
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        846⤵
        
        PID:16188
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        847⤵
        
        PID:16200
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        848⤵
        
        PID:16212
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        849⤵
        
        PID:16224
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        850⤵
        
        PID:16240
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        851⤵
        
        PID:16256
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        852⤵
        
        PID:16272
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        853⤵
        
        PID:16284
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        854⤵
        
        PID:16296
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        855⤵
        
        PID:16312
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        856⤵
        
        PID:16328
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        857⤵
        
        PID:16340
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        858⤵
        
        PID:16360
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        859⤵
        
        PID:16376
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        860⤵
        
        PID:4076
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        861⤵
        
        PID:4844
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        862⤵
        
        PID:16388
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        863⤵
        
        PID:16404
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        864⤵
        
        PID:16424
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        865⤵
        
        PID:16444
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        866⤵
        
        PID:16460
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        867⤵
        
        PID:16472
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        868⤵
        
        PID:16484
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        869⤵
        
        PID:16496
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        870⤵
        
        PID:16512
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        871⤵
        
        PID:16532
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        872⤵
        
        PID:16548
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        873⤵
        
        PID:16560
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        874⤵
        
        PID:16576
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        875⤵
        
        PID:16588
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        876⤵
        
        PID:16600
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        877⤵
        
        PID:16616
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        878⤵
        
        PID:16632
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        879⤵
        
        PID:16648
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        880⤵
        
        PID:16660
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        881⤵
        
        PID:16676
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        882⤵
        
        PID:16692
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        883⤵
        
        PID:16708
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        884⤵
        
        PID:16720
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        885⤵
        
        PID:16736
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        886⤵
        
        PID:16748
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        887⤵
        
        PID:16764
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        888⤵
        
        PID:16780
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        889⤵
        
        PID:16796
        
        C:\Windows\SysWOW64\rundll32.exe
        
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\1704-57-0x0000000000140000-0x0000000000162000-memory.dll,#1
        890⤵
        
        PID:16812

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads